Jump to content

Website Protection, Feature Request


Recommended Posts

I am requesting a way to prompt rather than default block sites that malwarebytes thinks are bad.  The way in which this feature works requires me to disable the protection then completly restart my web browser, chrome.   This is not acceptable for me and i have permantently disabled that feature.  

 

I feel strongly this needs to be changed, I recieved 1-2 false positives a day and have only received valid blocks 3 times in the last 8 months.   I personally consider this feature to be broken and is no better than a simple ip address blocklist, which often block legit address.

 

This is on top of the fact i had to completly disable notifications because it flagged skype about 15-20 times a day.  If you are unfamilar with that issue, skype is a "peer to peer" messaging backend.  Some users, like myself, get flagged as a super node, which we CANT disable or control.  As such a lot of traffic gets routed through our systems. on average 70 concurrent connections.   I would love to NOT have to deal with that issue but have yet to find a lawyer who understands the technical details enough to realize a nice lawsuit against Microsoft would fix this problem.

 

Enough about my skype ranting, it is too critical for me to not use as much as I would like to use any alternative.

 

 

Link to post
Share on other sites

Hi:

 

In addition to @David H Lipman's expert and excellent advice, here is an explanation of why MBAM blocks certain IPs in Skype: Why does Malwarebytes Anti-Malware block Skype?

 

The notifications (and this IP blocks themselves) are an important part of MBAM Premium.

 

In Version 2, the user can add the Skype P2P PROCESS to the WEB EXCLUSIONS:

 

 

Web Exclusion - Add Process

Clicking the Add Process button allows you to exclude a process which would otherwise be blocked from accessing an internet address. Please note that this option is only functional on Windows Vista Service Pack 2, Windows 7, and Windows 8.x. This is typically of value to users who need to access filesharing and/or peer-to-peer applications. On occasion, IP addresses used by these applications may be blacklisted, so that Malwarebytes Website Protection blocks access to the website as a whole. Excluding the IP address makes the user more vulnerable, as would exclusion of the domain (if the website uses a domain name). Excluding the process — providing that the process is not an internet browser — would allow the P2P application to function without increasing risk.

http://www.malwarebytes.org/support/guides/mbam/

 

Having said that, notifications in version 2 are currently "all or none" (enabled or disabled).

The developers have promised more granular user control of notifications in a future release.

 

And, having said that, as David pointed out, the "Suggestions" forum is here. :)

 

Cheers,

Link to post
Share on other sites

Thanks guys.  I appreciate the feedback. Does MBAM cull or purge the IP blocklist over time?  While i understand its an important feature IP addresses are inherantly dynamic and what may have been a legit block in the past days/weeks/months changes over time.  

 

I personally dont believe that IP blocking is an effective strategy except in extreame short term use, less than 7 days.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.