Upload Restriction Policy Configuration Guide
The Upload Restriction Policy in Ulaa Enterprise helps organizations prevent unauthorized or risky file uploads by enforcing restrictions based on:
- File Size
- Website URL/Upload URL
- MIME Type (File Type)
Using this policy, administrators can block uploads from specific websites, restrict certain file types, or prevent uploads that exceed a specified file size.
Prerequisites
- Ulaa Enterprise Admin access.
- Ulaa v2.44.1 or higher.
Navigate to Upload Restrictions
- Sign in to your Ulaa Enterprise Admin Console.
- Click Switch to the Organization in the top-right corner (skip this step if you are already in the Organization view).
- Go to: Policies → Data Leak Prevention (DLP) → Upload Restrictions. You will see the Upload Restrictions policy page. This page allows administrators to manage blocked and exception upload rules.
Create a Upload Restriction Configuration
Before applying a policy to users or devices, you must first create a upload restriction rule. An upload restriction rule defines the conditions under which file uploads should be blocked. You can create rules based on file size, website URL, and file type (MIME type), and then apply those rules to specific device or user groups.
To open configure Upload Rules,
- Click the Configure Upload Rules button.
- The Configure Upload Rules panel will appear, displaying all existing upload restriction rules.
- Click the Add Rule button located in the top-right corner.
- Enter a Rule Name that describes the purpose of the restriction.For example:
- Block Social Media Uploads
- Restrict Large File Uploads
- Block Image Uploads from External Sites
- Prevent Video Uploads
Add Restriction Conditions
You can configure one or more conditions depending on your requirements. Each condition consists of:
A Rule Type
An Operator
A Value
Click the condition dropdown and choose the required rule type.
Restrict by File Size
Use this option to block uploads based on their file size.
Example:
Block files larger than 10 MB.
| Field | Value |
|---|---|
| Rule Type | File Size |
| Operator | GREATER THAN |
| Value | 10 MB |
Supported Operators:
- GREATER THAN
- LESS THAN
- EQUALS
- NOT EQUALS
Restrict by Website URL
Use this option to block uploads originating from specific websites or domains.
Examples:
To block uploads from: facebook.com and instagram.com
| Field | Value |
|---|---|
| Rule Type | URL |
| Operator | MATCHES |
| Value | facebook.com, instagram.com |
Supported Operators:
- MATCHES
- NOT MATCHES
You may specify multiple domains or URL patterns within the same condition.
Restrict by File Type (MIME Type)
Use this option to block uploads of specific file types.
Examples:
image/*
video/*
audio/*
application/*
text/*
Specific MIME types can also be configured:
image/png
application/pdf
video/mp4
text/plain
| Field | Value |
|---|---|
| Rule Type | MIME |
| Operator | CONTAINS |
| Value | image/* |
Supported Operators:
- CONTAINS
- NOT CONTAINS
Define Rule Logic (AND / OR)
When multiple conditions are added, choose how they should be evaluated.
AND
All configured conditions must be satisfied before the upload is blocked.
Example:
File Size > 10 MB
AND
URL = facebook.com
AND
MIME = image/*
The upload will be blocked only if all three conditions match.
OR
Any one of the configured conditions can trigger the restriction.
Example:
File Size > 10 MB
OR
URL = facebook.com
OR
MIME = image/*
The upload will be blocked if any one condition matches.
Review the Configuration
Before saving, verify:
✅ Rule name is correct
✅ Required conditions have been added
✅ AND/OR logic is configured properly
✅ File size, URL patterns, and MIME types are entered correctly
Save the Rule
Click the Save button located at the bottom-right corner of the window.
The newly created configuration will now appear in the Rules List under Configure Upload Rules.
The configuration is now ready to be assigned to device groups or user groups from the Upload Restrictions page.
Note: Creating a Upload Restriction Configuration only defines the rule. The configuration will not take effect until it is assigned to one or more device/user groups using the Add button on the Upload Restrictions page.
Apply the Upload Restriction Policy
- After creating the configuration: Return to: Policies → Data Leak Prevention (DLP) → Upload Restrictions
- Click the Add button.
- Assign Rule to Device/User Groups. You will be prompted to:
- Select one or more Device/User Groups
- Select the previously created Upload Restriction Configuration
- Click Save. The policy will now be enforced for the selected groups.
Policy Precedence and Exceptions
When a user belongs to multiple groups, all applicable upload restriction policies from those groups are evaluated together.
For example:
- Group A blocks uploads from facebook.com
- Group B blocks uploads from instagram.com
- A user belonging to both groups will have uploads from both websites blocked.
If an Exception Policy is later configured to allow uploads from facebook.com and assigned to another group that the same user belongs to, the exception will take precedence.
As a result:
- Uploads from facebook.com will be allowed.
- Uploads from instagram.com will continue to be blocked.
Exception policies always override matching block rules. Any block rules that do not have a corresponding exception will continue to be enforced.
Best Practices
- Use AND conditions for precise restrictions.
- Use OR conditions for broader protection.
- Apply policies initially to a test group before organization-wide deployment.
- Regularly review blocked uploads and adjust rules as needed.
- Use MIME-based restrictions to prevent uploads of potentially malicious types.
For any additional questions or assistance with Ulaa Enterprise policies, please contact: enterprisesupport@ulaabrowser.com
Related Articles
Download Restriction Policy Configuration Guide
The Download Restriction Policy in Ulaa Enterprise helps organizations prevent unauthorized or risky file downloads by enforcing restrictions based on: File Size Website URL/Download URL MIME Type (File Type) Using this policy, administrators can ...Watermark Policy Configuration and Deployment Guide
The Watermark Policy in Ulaa Enterprise helps organizations protect sensitive information by displaying customizable text or image-based watermarks on specified websites. Dynamic placeholders can be used to automatically display user, device, ...Field Value Validation Examples in Proxy Settings Policy
The following are valid and invalid field value examples for ProxyBypassList, ProxyServer, and ProxyPacUrl in the ProxySettings policy. Proxy Bypass List Valid: *.example.com Matches all subdomains of example.com localhost Matches local hostname ...How to add sites to the Exceptions List in Watermark Policy?
You can use the Exception List to exclude certain websites from showing the watermark, even if the Apply List includes them. To add sites to the exception list, follow the steps given below: Sign in to your Ulaa Admin Console. Click Switch to the ...How to add sites to the Apply List in Watermark Policy?
You can use the Apply List to define which websites should display the watermark when printed through the Ulaa browser. To do so, follow the steps given below: Sign in to your Ulaa Admin Console. Click Switch to the Organization on the top right ...