As far I know, Web Shield should not filter HTTPS traffic.
I use an ISP that when checking the mail passes from HTTP to HTTPS and returns to HTTP.
Similar to GMail logon.
I tested avast! in three different configurations:
Local proxy + only SP2 Internal firewall + avast! + Maxthon (or IE)
Removing the local proxy did not help in any case.
I can’t logon into my webmail if I do not disable the WebShield.
In 3, I test it with Firefox. Everything is ok with WebShield on and off.
In the others, the page appears as ‘Loaded’ but blank… Not an error message, nothing…
A blank screen in the browser. Refresh does not help. Copying the link, opening a new browser window neither…
Disabling WebShield and everything works again
Could be Internet settings (or Maxthon) but can’t it be a problem in WebShield while changing from HTTPS to HTTP and viceversa?
https traffic is encrypted in the browser and webshield can’t read it or scan it. Sort of like SSL email, but without control of the in-browser encryption option.
If it hadn’t worked with Outpost and Firefox in test 3, I would have to agree that Web Shield was the culprit.
But given that it doesn’t work with IE and IE based Maxthon, perhaps you are right that it may have something to do with your Internet settings or possibly the interface between web shield and IE.
If you tried the tests (1 & 2) again with firefox as the browser with those different firewalls. If those tests then succeeded it would show that the firewalls aren’t a part of the problem but either the IE settings or web shield/IE interface.
I would have hopped that web shield would ignore the https element of this flip flop between http, https and back.
There was something along a similar line in another thread about the GET being sent and a response coming back but the original http page still waiting. This at the time seemed to have been resolved when they switched to the pre-release 4.6.635 now we have gone further, .639 and .647 is it possible that this has reverted to the original problem in 4.6.623?
Have you set up webshield to redirect port 443? Or entered 127.0.0.1:12080 under secure in the proxy setup in IE? Unless you have done one of these, or your particular ISP uses https:80 to access this particular web page, webshield won’t see the traffic. Several similar logins I use are no problem with the current webshield version–yahoo mail, hotmail, … Check your webshield redirect and IE proxy settings again-maybe there is something left over from an experiment.
Any time your browser uses https: it sets up an SSL connection. The only options are things like the key size used. What it is usually doing is first a standard web connection on port 80, then spawns an SSL connection (normally on port 443) for the login, then back to a regular web connection on port 80. gmail will actually read email using http on port 80 (not secure) or https on port 443 (SSL) once you login-don’t understand why they have this feature? :o
I put a picture above of the actual Yahoo mail login sequence using IE. Are you using a firewall that can log the internet traffic? (Sygate is good). That would make it easy to see what is happening. Or look for a :80 on the URL for the https command. It is not impossible that your ISP is doing SSL on port 80 for this particular site, and probably the only thing to do is to exclude the URL from Webshield if this is the case. If you are not having either webshield or an IE proxy look at port 443, don’t have another suggestion.
You need to exclude the URL for the https site it is diverted to, not the one you start at. And may be hard to see if it just flashes. You could try using Sygate Firewall Free to see what is happening-it logs all the internet traffic. If you do it with Webshield off, should tell you what to exclude with webshield on. Or if you have another internet traffic logging tool, use it. If you want to PM me the name of your mail site, I can see if I can tell anything without being a legal login.
I think it isn’t a firewall setting problem. Just try to open (on IE and other IE-based browsers) Internet Settings->Protection->select the default value (in Italian= Medium).
Maxthon and Avant browser uses both their dedicated additional settings and in the past I had problems as you have now.
Took a look at how IE did the secure login vs Opera, since that is what I use. Opera does a conventional login via port 443 for https to your mail site. FF probably does too. IE does something on port 80 instead. Unless you can exclude https://mail.terra.com.br/* (remember the s) I don’t see a way to use this site with Webshield and IE. But try excluding the site with https-I can’t tell from the help file whether that will work or not. Good luck; Ed.
What about using “ignored addresses” in webshield to not redirect for the IP of the secure server used? I can’t tell which one it is, but it is probably a different IP for the authentication server than for the regular mail server. In other words, redirect the www address IP as usual, don’t redirect traffic to the other IPs.