Hi all, I am trying to stop my staff from download EXE files from the internet. The problem is that I have come across a couple of sites that are legit that have EXE in the URL. Here is an example: http://www.ht.com.au/scripts/xworks.exe?M I have the following ACLs: acl ITStaff src IP1 IP2 IP3 etc acl POST method post acl EXE urlpath_regex \.[eE][xX][eE] And here is the rule: http_access deny EXE !POST !ITStaff Shouldn't that allow the URL with the EXE to display? Can anyone think of a way to get around this (other than creating a URL exception list)? Thanks, Justin
