HTTPS scanning blocking most sites (inc avast forum)

After 4 hours wondering why I was unable to log in to our website, view my homepage (https://www.google.co.uk/) or view this forum, I tracked it to avast’s web shield. Specifically the https scanning.

So, my question is, what on earth is avast up to?

HTTPS scanning was one thing several of us wanted. It enhances HTTPS security.
Before v2015 avast was not able to scan HTTPS connections.

To disable HTTPS scanning…GUI>Settings>Active Protection>Web Shield>click on “customize”>untick the box :slight_smile:

It is the extremely poor implementation I was talking about; blocking nearly all https connections (Google, my website, this forum, my bank etc. This was all in Firefox. Did they even test it?

On a side note, why does the site require a captcha for every post, when I am logged in (with HTTPS ironically)? The captcha takes 5 or 6 tries before I guess the correct characters (and each time i’m incorrect I lose what I’ve typed (unless I copy to clipboard first. The audio even has too much noise to be discernible. All very sloppy and unprofessional.

The captcha is for the first three posts.
HTTPS works fine here in both Firefox and Chrome.

What other security software do you have now or ever had?
If uninstalled how was it removed?

Verified the same: “Page Cannot Be Displayed”. No warning from Avast 2015 that this is as a result from HTTPS Scanning. Turning this feature off and site is good; again this is not for all HTTPS sites.

Also Avast 2015 Free is keeping this PC from entering Sleep Mode (S3).

Had to revert to V 2014 and all is well.

Please start your own topic. Your set-up is not the same as the OP.

I want to add some information about this isse from my side:

I am an employee of Electronic Arts, and I maintain the EA browser game “Command and Conquer - Tiberium Alliances”.
Recently, we deactivated the SSLv3 protocol on all of our game hosts to avoid any security breaches by the POODLE attack, setting TLS 1.0 as the minimum SSL protocol.
After that, several users reported that they could not reach the game with any browser anymore, with the same error as the OP describes. It turned out, that this is caused by the Scan SSL feature in Avast (ESET has the same problem, btw). As soon as this feature is deactivated, the users can reach our game with every browser normally.

For reproduction, try to access the fowllowing URL with activated Scan SSL feature in Avast 2015.10.0.2206: https://prodgame07.alliances.commandandconquer.com/ with any browser.

Again, please start your own topic. Every system is different.

For reproduction, try to access the fowllowing URL with activated Scan SSL feature in Avast 2015.10.0.2206: https://prodgame07.alliances.commandandconquer.com/ with any browser.
Works on windows 8.1, IE11 AIS 2015 all bells and whistles on :) But I have disabled SSL 2.0 and SSL 3.0 in internet options

Well, I have no problem, some of our users have. I am merely adding information and experience for this issue which seems to have the same root cause hoping that it can help to resolve the issue for everybody. If you can provide me with a way to contact the Avast developers directly, I would be happy to use it.
Apart from that, yes you are of course right: The relatively low number of complaining users tells me that there seems to be more factors involved to cause this problem. As soon as I know a perfect reproduction, I am more than happy to share my knowledge.

Would you mind to give it a try with enabled SSLv3 in the Internet Options?

THIS IS THE TOPIC !

HTTPS Blocking: Should be relevant to all compatible hardware/software. Should not need a new thread for every system difference .

From the german forum: The Scan SSL problem seems to be known, they are working on it: https://forum.avast.com/index.php?topic=158498.msg1144934#msg1144934

Would you mind to give it a try with enabled SSLv3 in the Internet Options?
Still works, but as I only use IE I do not have any of the multitude of Firefox addons that other users have

All sites work for me with https scanning enabled.

I am using Firefox 33.1 now but all sites worked when I was using 33.0.2 as well.

Only issue I had was Firefox crashing on exit which has been resolved.

May come down to some plugin issue.

I got user reports using Firefox 33 and Internet Explorer, so I doubt that this is a browser addon problem.

Sorry for the basic question, but where does one find the “Scan SSL” option?

I’ve just been through a few dozen panels in Avast and I don’t see it. Is it part of Broswer Protection, which I don’t run?

FYI, the https://prodgame07.alliances.commandandconquer.com/ link works fine for me.

-Noel

It is part of the Web Shield and not the browser AOS add-on.

Settings > Active Protection > Web Shield > Customise > Main Settings - Enable HTTPS scanning.

Those with XP (and possibly Vista) won’t see that option as it doesn’t have the APIs required to perform this action.

FWIW, even though it was suggested, and would also be a good idea to start your own topic, I just wanted to let you know you’re not alone with this problem and that I too noticed this with my laptop. But for me it started back with v2014. But it happened so much, even with the lid closed, my laptop was turning on and I got to the point and said screw it and now just turn it off all the time rather then let it go into sleep mode just so it can turn back on without my wanting it to.

Okay, so “Enable HTTPS scanning” and “Scan SSL” as mentioned earlier in this thread are one and the same. Thanks. I knew about HTTPS scanning, but thought maybe there was a separate setting named specifically “Scan SSL”. You have to admit, there are a lot of panels to look through.

For what it’s worth, I’m having absolutely zero problems with https: sites with that setting enabled (on Win 8.1 Pro x64). As I mentioned above, the link provided to the “IIS Welcome graphic” (in many languages) works fine here.

-Noel