Where are the F-Secure's Browsing Protection settings?

Baka94

I've been trying to find these settings because apparently it has blocked a part of a safe site causing all the images to be broken. I've heard people talking about the settings, but they never explain exactly how you get there. I'm using Google Chrome as my browser (if that matters).

Simon

Assuming this is SAFE, open the main screen by double clicking the icon by your clock. Along the bottom of that screen, you should see a link to the Browsing Protection module.

Baka94

That's odd. The site is not listed on the blocked sites list, but there is a notification in the notification history about it begin blocked.

Ukko

 

Spoiler

Hello,

 

It's should not be under blacklist - if you not add this URL for block-list (as deny-list).

?! Because it's work as "user-choose".

 

If it's have under notification history.

Most likely.. that you have experience about page/link/urls/resources, which marked as "malicious" under Security Cloud (reputation/rating by F-Secure).

It's can be a false-positive. you can to use next link for check this:

 

https://analysis.f-secure.com/

 

You able to create account there and will be response to your mail-address.

Or just "transfer" a link with "using" category about transfer (such as.. if it's can be false positive -> safe pages marked as malicious).

 

Or you able just use Browsing Protection settings and add "current URL" to white-list (allow-list). If you sure.. that it's safe.. and does not want to wait (when it's happened) response about re-rate page.

 

Does notification history have same URL with page.. which you visited?! Such as.. it's can be subpages, resources.

Or there another domain or something third-party. With that variant.. just need to be sure.. that all OK with URLs.

 

Sorry for reply.

 

 

Simon

Yes, you should be able to Allow it from the screen where it's listed as blocked, if you're sure it's safe.

Another way to check quickly would be to copy the url into here: https://www.virustotal.com/cs/

You could send the url to F-Secure for analysis, but the above is instant.

Baka94

I managed to get to the actual site so that the message is displayed on browser (not as a pop up at the bottom right). There was a button to allow the site, but it did nothing. The site still remains blocked. According to virustotal, the site is 1/62 rated it as not safe. I have been on the site for a long time and this thing where it blocks the image storage part of the site to be blocked (and all images to be broken) is only a recent issue.

Simon

Just out of curiosity, have you tried it with any other browsers? It could be, though, that something on the site, such as an advert, is being detected as malicious. If that is the case, then I'm not sure F-Secure would allow it, even if you tell it to.

Baka94

The site doesn't have any ads on it. The part of the site that's begin blocked is just supposed to display images users have uploaded to the forum's server (such as avatars).

Simon

Odd. Are you able to Allow it from the Blocked list? Sorry to be a bit vague - I'm not on my computer at the moment so am working from memory with regards the settings.

If nothing seems to work, then I suggest you follow Ukko's suggestion and submit the site to F-Secure for analysis. If you desperately need to use the site, then I guess you could try disabling Browsing Protection in the meantime.

Ukko

 

Spoiler

Hello,

 

There have next points (or can be - I mean):

-> If you able to get proper link for "blocking-action". And during visit this.. you able to get "blockpage" by F-Secure. And use there a button for "allow it", but nothing happened:

 --> probably.. you should to manually add same link (or enough this one), but with "www." before other URL-name.

 

-> Such as.. Browsing Protection settings -> List of denied/allowed lists (available from Banking Protection section, Content Blocker and Protection against harmful websites). Can be that your original URL have something as "www.othernamekeysspecificsubpages.com/someprofiles/somepictures.png", but whitelisted/allowed there just "othernamekeysspecificsubspages.com";

 

-> Notification history should be with full link about blocked URL.

-> Maybe also... it's mean that your browser have disabled settings for Javascript or something same. So.. button will be not work.

Or URL have some of specific-characters, which goes to prevent button too.

Also.. you should be worry about next:

 

-> On current days.. it's most likely can be troubles from pictures, avatars and other.

Just because:

 

--> There have vulnerabilities about "addition data" under pictures (because it's can be used as "get"/"post"-actions and other "variants to use for malicious actions).

--> It's can be not a real-picture... and simply website's form does not check.. that there was uploaded "picture" in fact.

 

Such as.. website can be vulnerable against some of attacks or exploits, which can be work .... with "avatars"-mechanism or other "pictures"-forms. And "picture" comes with malicious payloads or will be "in use" for malicious reasons. Such as scripts... or other.

It's mean.. link can be under "block list as known malicious" - because some of users (specially or not) was with "malicious" design around avatar-picture or other variants.

And direct link "or load this link" (as picture loading during visit a page) - work as drive-by or other variants for exploits.. or stealing cookies or other.

 

It's just my dreams about. I not really friendly with technologies or web-troubles. So.. maybe it's can not be in fact.

-

Also forget to add.

You can to create private letter for me (as example) - I can to check how it will be with my device. If there will be normal steps for not blocking it. If it's will be still with troubles about your experience.

 

 

Baka94

I tried allowing the site again today and it worked. I did send the link to F-Secure's analyzis, so I don't know if that fixed it or if my pc just derped.

Simon

They may have whitelisted it.