Excluding Data from Web Shield Scanning - What Is the Correct Method?

Hello. I recently began using avast! version 4.8.1356 Home Edition on a machine running 64-bit Windows XP (6GB RAM, i7 2.67GHz processor) and I’m really enjoying the program so far, both for its own sake and for never having to deal with McAfee—the worst company on Earth—again!

I’m a stock trader and want to exclude my real-time stock data from being scanned by Web Shield as it arrives on my system. The specific URLs that I want to exclude from scanning are 66.112.148.* and 66.112.156.*, because these are the URLs from which my data originates. In case it matters, I connect to the internet via cable with a DSL backup and am running a workgroup (i.e., not a domain model) network behind a Linksys router.

Here’s my question: should I enter the URLs I just mentioned in…

a) the “Ignored addresses:” box on the “Basic” tab of the Web Shield “Resident task settings” OR

b) should I enter them in “URLs to exclude:” box on the “Exceptions” tab?

Also, as a general matter, what is the difference, in terms of its effect on scanning, between entering URLs in these two different locations?

Many thanks in advance for any assistance that anyone may be able to provide here…

Regards,

cwb1014 8)

Hi cwb1014, welcome to the forum :slight_smile:

It would be the exclusion list in the Web Shield settings (so No.1)

The other option you have described, (b) are you referring to the exclusions found here:
right click avast! tray icon → program settings -->exclusions tab.

If so, then this is referring to the exclusions for On-Demand scanning, i.e. Files that will be excluded when you scan from the UI, not the resident protection.

How to use the exclusions lists (obviously you want the webshield, not standard shield ;)):

-Scott-

@ Scott,

There are both Ignored addresses (Basic tab) and Exceptions, not exclusions (Exceptions tab) in the Web Shield, so I don’t believe cwb1014 is talking about on-demand scan exceptions.

@ cwb1014
Both the options would probably work, though the Exceptions URLs to exclude: would require the use of wildcards if there were multiple sub-domains/folders or pages that would need to be excluded from scanning, see image example.

Where using the Ignored addresses IP addresses covers all at that IP, so I believe this would be the better bet.

So the difference is probably apparent now you can exclude individual pages or use wildcards to exclude multiple pages of folders, etc.

Thanks for your reply, Scott, but I’m still a little confused, because there is no “exclusion list in the Web Shield settings” except at “b)” and yet you’ve directed me in your response to “No. 1”, by which I assume you meant “a)”, as there is no “No. 1” in my original post.

To try to remove the confusion here, let me tell everyone how I’m getting to points a) and b) in my original post, below.

To get to either “a)” or “b)”, first left-click on the avast! On-Access Scanner icon in the system tray. This brings up the avast! On-Access Scanner interface. Click on Web Shield in the “Installed providers:” column and then click on the “Customize” button to the right-hand side on the “Sensitivity” slider. This will bring up the “Resident task settings” interface.

Then, to see the “Ignored addresses:” box described in “a)”, below, click on the Basic tab. To see the “URLs to exclude:” box described in “b)”, below, click on the Exceptions tab. Now that everyone hopefully sees the difference between the 2 very different areas I’m describing in “a)” and “b)”, and knows how to get to them, please let me know where I need to enter the URLs in question: at a), at b), or perhaps at both.

Again, many thanks in advance for any help that anyone may be able to offer here…

Regards,

cwb1014

DavidR,

Thanks for your reply; you’ve hit the nail on the head in terms of what is where and most likely on what’s best to use, although I do have one last question: when using the Ignored Addresses box on the Basic tab, can one use wildcards or does one instead have to provide the full IP address(es)?

Thanks again for your help and look forward to hearing from you on this…

Regards,

cwb1014

Ok, My mistake. I was working from memory, and completely mis-read it…currently an a machine with McAfee…that’ll teach me… ::slight_smile:

cwb1014,

Sorry, I caused the confusion…

DavidR has it right, follow his suggestions.

-Scott-

You’re welcome.

I don’t believe you can use wildcards in the Ignored addresses, as a) you have to enter an IP and the range of exclusions could be huge, b) technically, since the IP address excludes all at that IP it is a bit like using a wildcard.

You need to enter the four, groups of up to three digits of the normal IP (255.1.23.123, etc.), you don’t have to enter anything else, if you have multiple IPs you need to separate them with a comma.

DavidR,

Thank you for the additional information. One question your response gives rise to is whether one can use IP addresses on the Exceptions tab. Presently, on that tab I have the following entered in the “URLs to exclude” box:

http://66.112.148.*
http://66.112.156.*

because these are the IP addresses of the servers from which I receive my real-time stock quotes. Is the way I’ve specified these “URLs to exclude:” actually allowed in avast!?

Please let me know about this when you have a chance and many thanks in advance for your help here…

Regards,

cwb1014

I think that you should stick to specific IP addresses related to your stock trading and not use wildcards as that just leaves a huge hole in your security as the Web Shield really is an essential means of protection.

I don’t know if you can use IP addresses in the Exceptions tab (nothing stopping you from trying it), but by putting a domain name there, that would cover the range of IPs assigned to that domain. So I think it would be kind of pointless to use IPs that would restrict the exception entry unless you used wildcards in the IP and I think you know my feeling on that one.

The use of wildcards should be restricted so as not to effectively drive a coach and horses through your protection. Especially in these days where web sites are hacked at an amazing rate:

– Every 3.6 seconds a website is infected http://forum.avast.com/index.php?topic=47096.msg396648#msg396648.