Author Topic: Web Shield>HTTPS Scanning - blocking most websites "This site can’t be reached"  (Read 1861 times)

0 Members and 1 Guest are viewing this topic.

Offline drewski22785

  • Newbie
  • *
  • Posts: 4
Hello,

This has probably been posted before because I saw someone suggesting to disable HTTPS Scanning as a test for websites being blocked with "This site can’t be reached" errors.

Is there a reason this feature blocks over half of the websites I come across? Disabling it instantly fixes the issues. Most major websites aren't effected but basically any smaller mom-and-pop type sites are unusable with this enabled. How much protection do I lose by leaving this off permanently? Thanks!

Offline InvisibleMan

  • Full Member
  • ***
  • Posts: 133
Hello,

This has probably been posted before because I saw someone suggesting to disable HTTPS Scanning as a test for websites being blocked with "This site can’t be reached" errors.

Is there a reason this feature blocks over half of the websites I come across? Disabling it instantly fixes the issues. Most major websites aren't effected but basically any smaller mom-and-pop type sites are unusable with this enabled. How much protection do I lose by leaving this off permanently? Thanks!
I'm gonna reply in a more reasonable way, without fear-mongering you might get from people who tend to maximize all the features and recommend it to everyone.

I always had this feature disabled for as long as it was there. And for the last 10 years or so my PC never got infected, even though I'm an advanced internet user and like to get adventurous.

As long as you have at least Web Shield and File Shield operational, there's no real big danger from disabling HTTPS scans.

There are also other features that people often disable due to them causing various issues (but your protection won't decrease by any noticeable margin): Behavior Shield, Anti-Rootkit Shield (it's hidden in settings of core shields) and a Hardened mode. Those can really over-protect you by causing issues you don't expect.

But it's your own choice what level of protection or over-protection you wish to have.

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Is there a reason this feature blocks over half of the websites I come across? Disabling it instantly fixes the issues. Most major websites aren't effected but basically any smaller mom-and-pop type sites are unusable with this enabled. How much protection do I lose by leaving this off permanently? Thanks!
- Which Avast..? (Free/Premium/One)
- Which version/build of Avast..?
- OS..? (32/64 Bit..? - which SP/Build..?)
- Other security related software installed..?
- Which AV(s) did you use before Avast..?
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline drewski22785

  • Newbie
  • *
  • Posts: 4
Avast Free
22.4.6011 (build 22.4.7175.725)
Edition   Windows 10 Home
Version   21H1
OS build   19043.1706
Experience   Windows Feature Experience Pack 120.2212.4170.0
I switched from Malwarbytes to Avast

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
First, be sure to get rid of all remnants of any prior installed AV(s)..!!
-> https://support.avast.com/en-ww/article/11/

Then:
1. Download Avast Free Antivirus: https://files.avast.com/iavs9x/avast_free_antivirus_setup_offline.exe
2. Follow instructions: https://www.avast.com/uninstall-utility (Run this tool for all prior installed Avast versions..!!)
3. Reinstall Avast with the downloaded installer from point 1.
4. Reboot.
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline drewski22785

  • Newbie
  • *
  • Posts: 4
Hello,

The issue still occurs when enabled. Can you explain what this feature does and why it might be breaking sites? All of the sites are listed as secure and having a valid certificate yet avast does not like them...! Thanks!

Offline InvisibleMan

  • Full Member
  • ***
  • Posts: 133
Hello,

The issue still occurs when enabled. Can you explain what this feature does and why it might be breaking sites? All of the sites are listed as secure and having a valid certificate yet avast does not like them...! Thanks!
I already gave you an answer above.

Nobody ever explains it in detail why it occurs, on these forums. It's just a well-known thing. It's just the way this feature is implemented. It's incompatible with some sites. It always was.
You can search in Google for similar issues with avast and you'll find them.

So it's safe to disable it. Your computer won't really get any noticeable increase in chance of getting infected because of it.

In addition I want to say that majority of the components that cluttered Avast over the past years are superflous and mostly exist to make you, as a user, believe that you're getting a lot of various protections, and to try to convince you to get even more compoments by getting a paid version of the program.

In reality, File and Web Shields are quite enough to keep being proteced, and without HTTPS scans enabled.
Everything else is simply a drain of your PC resources. Especialy if it's not a super fast PC.
« Last Edit: May 31, 2022, 08:53:05 PM by InvisibleMan »

Offline drewski22785

  • Newbie
  • *
  • Posts: 4
Hi Inivisible,

I saw your post, I was okay with your answer, and was planning/assumed as much as you described.

Since Asyn was responding though, I thought I might get an actual technical explanation about what is going on. If not I am okay with that as well. As you said I found several posts regarding it an disabling it to fix it etc.. Thanks!

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Hello,

The issue still occurs when enabled. Can you explain what this feature does and why it might be breaking sites? All of the sites are listed as secure and having a valid certificate yet avast does not like them...! Thanks!
Hi, could you provide an example..!?
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline InvisibleMan

  • Full Member
  • ***
  • Posts: 133
Hi Inivisible,

I saw your post, I was okay with your answer, and was planning/assumed as much as you described.
An additional information from the official Avast page I just found:

https://support.avast.com/en-ww/article/Troubleshoot-Antivirus-Web-Shield

There in the section "Are there any workarounds to improve web performance when using Web Shield?"
there is this:

Quote
When enabled, the HTTPS scan protects your system against the malware delivered over HTTPS connections. When disabled, File Shield still scans all downloaded content before running any files.
So it confirms the fact that having HTTPS disabled doesn't decrease your overall protection (but as a bonus, I think, it will prevent Avast from possibly gathering your encrypted data somewhere, which is possible in theory). So it's fine to disable.