Blocking file uploads to all sites, unless safelisted

Brandon_Tuck Its not resolved like still files are getting uploaded on few site i.e chatgpt and other

The737 

How did you solve this issue? I'm having the exact same problem, exact same policy made and for some reason blocking the file upload isn't working. 

Thanks!

The737 

Happy to hear it is working for you! Glad I could help. Just finished building the policy too, will still give it a test. Thanks for running through all of this with me!

Btw, if you block Chrome or Firefox from handling sensitive data (endpoint DLP settings) the Microsoft Purview Extension will override that block BUT specific blocks like this should still work. 

miller34mike, it WORKED. It finally WORKED. Thanks a mill for your help. 

The737 

I'm going to duplicate your policy and blocked domains to see what my test results in.

The MDE status is because you're managing it with Intune versus using Microsoft Defender for Endpoint Security Configuration Management.

miller34mike , nope, the upload isn't even visible in the Activity Explorer. In terms of the extensions, I entered them with the "." yet it got removed.
Interesting thing though... if I go on the onboarded devices page and look at the overview of the machine, the MDE Enrolment status is N/A. This gives me something to dig into....

The737 

do you see the cloud upload activities within Activity Explorer?

also, I do usually recommend including the “.” In the extension, like .docx

on the onboarded devices page, you should be able to select a device and see what policies are active on it. Can you confirm this policy appears for the test device?

miller34mike, only the file extensions are set.