Block EXE file download over WhatsApp

qsosan · ‎02-20-2025

Hello experts,

Am trying to find a way to block download exe files over whatsapp using fortigate f70, i have applied the file policy along with ssl deep inspection, also applied application control polciy to block file upload and file downlod from whatsapp as per below document :

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Block-WhatsApp-file-uploads-action-by-usin...

After that we have tested, all files have been blocked over whatsapp, however we only require to block exe files over whatsapp, how we can achive that?

qsosan · ‎02-23-2025

Hello Kaman ,

Thanks for your reply ,

I already configured that as i mentioned in my initial post , however it was not blocking EXE over WhatsApp ,

I already figured out the root cause , i will mention it for others who may face same issue ,

WhatsApp using QUIC which is not being inspected by SSL deep inspection for versions less than 7.4.1 ,

As a workaround i will disable QUIC from browser to force it using HTTPS instead ,

View solution in original post

kaman · ‎02-23-2025

Hi qsosan,

you can only configure the signatures WhatsApp_Web_File.Upload and WhatsApp_Web_File.Download so this will block any file that a user wants to download using the same application control profile.

For blocking .exe file, you can use file filter, and then also need to enable deep inspection, and then in the file filter you can choose to protocol http, traffic both, and the file types *.exe

Please refer to the below document for more information:

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Block-all-exe-files-but-allow-specific-URL...

Regards,

qsosan · ‎02-23-2025