• Welcome
• Installation and setup
  • Learning Mode
  • Accessing Settings
  • Configuration
  • Banking Mode
  • RunSafer
• Using Online Armor
  • Status
  • Firewall
    • Creating Firewall Rules
    • Ports and Protocols
    • Firewall Status Screen
    • Firewall Logs
  • Domains
  • Programs
  • Files and Registry
    • Creating File Rules
    • Creating Registry Rules
  • Autoruns
  • Anti-Keylogger
  • Hosts file
  • History
  • Options
  • Debug
• Customer Support

Creating File Rules

The File Shield comes pre-configured with two example rules for the root of C:\ and "My Documents", to familiarize you with rule creation so you can configure your own rules to protect your important or sensitive personal files that may reside in other locations.

To create a new rule, open the Online Armor Control Panel, select Files and Registry from the list on the left, then select the Files tab and and click the Add rule button.

To assist you in filling out the File Rule Editor, any fields or checkboxes that are yet to be correctly completed will be flagged with a red bullet, placed to the left of their name. Placing your mouse pointer over these bullets will display a tooltip with hints on how to complete the flagged section.

General Tab

The following options are available on the General tab:

• Group – Allows you to select which group the rule should be assigned to.
• Rule name – Allows you to choose a descriptive name for the rule.
• Active – Unticking this option deactivates the rule so that it is not currently in effect.
• File mask – Allows you to define the files you want to protect. You can either browse for a folder and have the standard mask (all files in the root of that folder) applied or manually enter a path and custom mask. Use an asterisk (*) to define "any string" and a (?) to define "any character".
  Examples:
  • Entering C:\MySafe\*.txt means that your rule will monitor all .txt files in the MySafe folder.
  • Entering C:\MySafe\secret.txt means that your rule will monitor only the secret.txt file in the MySafe folder.
  • Entering C:\MySafe\secret.??? means that your rule will monitor every file that has exactly 3 letters as part of it's extension (ie. "secret.exe" or "secret.doc" but not "secret.jpeg").
• Include sub-directories – Allows you choose whether sub-directories of the file mask should be included in the rule. This option will become available after browsing and selecting a folder. If you manually enter a path and mask, this option will only be available if you use the standard mask format (all files in the root of a target folder).
• Rule scope
  • Rule type: Create, Delete, Modify or Read – Allows you to choose whether your rule will apply to creation, deletion, modification or reading of files. You can select as many or as few of these options as you wish.
  • For unknown programs: Ask, Allow, or Block – Allows you to set which action the rule should take for Unknown programs.
    Note: These settings will not be enforced on Unknown programs that have been manually marked as Installers by the user.
  • For trusted programs: Ask, Allow, or Block – Allows you to set which action the rule should take for Trusted programs.
    Note: These settings will not be enforced on Trusted programs that have been automatically detected as Installers.
  • For Not Trusted programs: Ask, Allow, or Block – Allows you to set which action the rule should take for Not Trusted programs.
• Message – Allows you to customize the message that is displayed on the File Shield pop-ups

Programs List

The Programs list is organized using a table with the following columns:

• Program – Shows the name of the program.
• File – Shows the name of the file. If this action is allowed for all files, an asterisk (*) will be displayed.
• Action – Shows the action the program was configured to take for this file.

Each row is color coded to indicate whether the program is Allowed to take this action for this file (green), or is Blocked from taking this action for this file (red).

A legend showing the colors and their corresponding status can be displayed by clicking on the Legend link above the table.

Programs List context menu

You can right-click in the Programs list to access the following option:

• Delete – Removes the item from the list. Deleting the item will cause Online Armor to pop up if this program tries to take this action on this file in the future.

Special considerations

• Online Armor's processes and critical Windows processes are exempt from any file rules. This is to ensure that it isn't possible to unintentionally create file rules that would render your system unbootable.