Hi, I am trying to login to www.notoverthehill.com/accounts/ but Avast stops me from accessing this site. Notoverthehill is not a malicious website and I need to access it urgently. I note that others have suddenly problems with accessing certain safe websites too. Any quick help would be greatly appreciated. This is the message that I get in the Log: 26.12.2008 09:56:18 Network Shield: blocked access to malicious site notoverthehill.com/account/ [ C:\Program Files\Mozilla Firefox\firefox.exe ] Avast lets me access www.notoverthehill.com but not my account for logging in.
Is there any way I can place this in exceptions? I tried but it does not work. It only seems to accept file paths.
Hallo Noordzee,
Er is manueel al een fix gemaakt voor de algemene generator fout, met de volgende update schijnt het weer geregeld te zijn, aldus één der moderatoren. Voor je actie even Netword Shield uitzetten of via Pauzeer Dienst, en dan weer aanzetten en wachten op de eerstvolgende update,
groetjes en een goede Jaarwisseling,
polonus
Polonus, hartelijk dank voor Uw antwoord. Dragonbird, thank you very much for your response.
Like many others, I am now awaiting the next Avast update that should contain the fix.
It was already released. Just update.
I run Avast! home edition on XP-SP2 32 bit. Also use the old V4.22 Kerio firewall, Firefox browser and Thunderbird. The ‘Blocking’ behaviour began in the days before Xmas.
I had Firefox in/outgoing blocked by Kerio, and it used to work fine via the Avast! web scanner. It still works fine EXCEPT FOR SECURED WEB PAGES.
Now I can’t access any secured site without circumventing Avast! by unblocking Firefox from Kerio. I can’t be sure exactly when this problem first occured- I think it began with update to Firefox 3.4, but that might be 3.3.
I note there is a fix for paid versions of Avast!/Kerio, but I don’t know if it addresses this problem. In any case I’m a freeware user so it can’t help me.
WebShield does not scan https pages (secured ones), only http.
If Firefox is blocked, how are you expecting to reach the site?
Disable the Kerio privacy features if they are turned on, and test.
When Firefox is blocked from the net by Kerio it’s perfectly happy to open pages via AshWebSvc. Three weeks ago it opened all pages including secured ones. Now it opens unsecured pages only via AshWebSvc- to open a secured page Kerio must allow it. Something has changed in the last three weeks. Firefox has been updated 2 or 3 times and Avast! has automatically updated also. Therefore one of these changes has caused this undocumented feature to change its behaviour.
On Which browser?
Which is your operational system?
The SP2 is updated to the last MS update prior to SP3 [ and it will stay that way:{) ]. Firefox version is 3.0.5. The changed behaviour began (I think) with Firefox V3.0.2 or 3.0.3. I install all Firefox updates immediately, and Avast! typically updates itself twice a day. The current installation is on an HDD which was TOTALLY wiped 2 weeks ago, and the last MS update was installed about 7 hours ago.
With Firefox blocked by Kerio I have just confirmed a) Firefox can download unsecured web pages using the Avast! web scanner, and b) Firefox will NOT download secured pages with identical Kerio settings.
I understand that the whole point of the Web scanner is that ALL incoming traffic arrives through it thereby providing an additional layer of realtime protection. This is the main reason that I switched to Avast!. I would prefer it to continue behaving as it did a couple of weeks ago, when it handled both secure and insecure pages.
Into the WebShield settings, which is the redirected ports?
Into Kerio, which ports are Firefox with access blocked?
Not all, only HTTP. Not HTTPS.
With Firefox blocked by Kerio I have just confirmed a) Firefox can download unsecured web pages using the Avast! web scanner, and b) Firefox will NOT download secured pages with identical Kerio settings.
That is exactly what would be expected.
When a browser (does not matter whether it is Firefox or IE or Opera) makes an unsecured http call then the access is actually performed by ashwebSv.exe (the WebShield) on behalf of the browser. You have permitted that in your firewall and so it goes through.
When a browser makes a secured https call then avast steps aside and the access is really performed by the browser which you had blocked in your firewall.
This is why both the browser and the WebShield both need to be enabled in a firewall.
This is the way the avast WebShield has worked ever since it was first introduced.
I have checked logs and agree with you about the distinction between HTTP and HTTPS handling. I don’t know where I got the idea from that both went through AshWebSvc. One of the reasons (but not the only one) for the HDD rebuild was suspicion that the Kerio Rules file had become overburdened in the 3+ years I’d been running it. If this was the case then it may well have been reporting or behaving falsely.
I joined this thread because it seemed closest to my mystification. Thanks to Tech and alanrf for de-mystifying me. Let’s hope that our discussion may help others with what may be similar problems firewall setting errors.
pawsoz, you’re welcome.
Feel free to come back any time you need help or just to change experiences 8)
And thank for posting your mystification 