Web Shield - Stream scanning multiple ports

[kvikings]

I've got avast!Prof.

Info:Regarding the Web Shield and Resident task settings Basic
(Enable Web scann. and "Use intelligent stream scann".)
- I've got sev. ports, gen. web-browsing(80), Apache:90 and Proxypass to Tomcat(8080),
Bull.FTP-Serv.(21) - everthing unfort. running on the same machine(up 4Mbit/down 8 Mbit).
Q1: Are scanning by priority or are streams haltet(waiting) to ensure that "unwanted" traffic
are not going through the ports on high volumne traffic?
Q2: Should a have a specific sort order for the ports: "21,1024,90,80"?
Q3: Should I ignore Apache Proxypass addresses in addition to locahost if I move
the webserver(to a new machine(and soon hopefully))?

By the way - you've got a great product   

thnx.

[Lisandro]

Q1: Are scanning by priority or are streams haltet (waiting) to ensure that "unwanted" traffic are not going through the ports on high volumne traffic?

All HTTP traffic is scanned. Not other protocols (traffic) are scanned by WebShield.

Q2: Should a have a specific sort order for the ports: "21,1024,90,80"?

No. Any order will work (as far I know).

Q3: Should I ignore Apache Proxypass addresses in addition to locahost if I move the webserver(to a new machine(and soon hopefully))?

If you ignore any address it won't be scanned. So it's up to you, if you are confident in the cleaning of that address...

Welcome to avast! forums.

[lukor]

Kvikings,

as Tech already noted, only HTTP is scanned (understood by webshield). So scanning the port 21 (FTP) is definitely a very bad idea!

To the rest, well, if you want to be protected from viruses coming from your Apache server which is running on port 90 and serving HTTP there, then you might include that port in the scanned (redirected) port list. Everytime when you'll try to connect to the port 90, the traffic will be intercepted by WebShield.