Kaseya Community

Blacklisted File Extensions (SaaS)

  • Did Kaseya recently implement a whitelist or blacklist for files that can be uploaded in their SaaS environment? I first noticed that I could no longer upload .PY, .PS1, or .LOG files on 4/13/2021. On further investigation, it looks like .SH and .REG files have also been excluded from the whitelist. After making a support request, they've lifted the restriction on some of the extensions.

    I'm not sure if it's just our server or the whole SaaS environment. Has anyone else seen this behavior? Also, does anyone have a full list of the extensions that are whitelisted/blacklisted?

    Finally, was this somewhere in change logs? It's not ideal that the functionality would just stop working one day without notice.

  • Latest release notes has it:

    A security enhancement has been added - "Whitelist Attachment Uploads" enabled whitelisting attachments in Service Desk and Ticketing.  This whitelist now applies to any file uploads to VSA (not just attachments).  If you cannot upload your files on the Kaseya Server, navigate to Server Management > Default Settings and edit the tab "Whitelist Attachment Uploads" to manage the list of extensions.

  • Thanks, Jo. Unfortunately that isn't available for the SaaS offering (at least not in our instance). Luckily support has been fairly flexible in making the adjustment on our behalf.