Jump to content

Problems Allowing "suspicious top level domain".

CCV

By CCV
in Chrome

Recommended Posts

CCV

CCV

Posted
Posted

After some fiddling with it,  I find the main problem (in Chrome) is getting the option to not block this site again to stick. I keep clicking on it, but the check mark disappears as quickly as it appears. 😕 Oddly enough, on the page illustrated in attachment, I clicked the back button a few times and found the box actually checked. No idea how or why it was checked in that case, but after 'going to the site anyway' with it checked I've had no problem. Not yet, anyway.... 
 

Tested it out on Firefox and found "Paste & Go" to the site worked ok, but Reloading the page triggered MBG to block it. There was something similar happening in Chrome, but the details escape me now. And again, it took a few tries to get the not block this site option to stay put. Better than Chrome, it would seem, in that respect.
BUT:
Whether the box was checked or not, 'go to site anyway' crashed Firefox!
After a few episodes of that, UAC requires permission to run "Firefox Updater" or some such. Never seen that before, but it seems to have fixed the problem. Apart from a temporary regsvr32.exe - Application Error (0x000012d) apparently associated with the slide show on the home page, that is.

I've had MBG for only a few days. So it's Version2.1.1, in case you might want to know. 👍

MBG_TLD.jpg

Link to post
gonzo

gonzo

Posted
Posted

Adding an exclusion in the Malwarebytes program (bottom part of your screenshot) would not clear the block message that you showed in the top part of your screenshot.  That is from Browser Guard, which runs independently from the Malwarebytes program.  In this case, Browser Guard blocks many ".info" domains due to their abuse by bad guys.  I have just added a whitelist entry for this site, which may take as much as an hour from now to propagate out to all users.  You should be able to get to the site then.  If not, please let us know.

For reference, a block by our main program would appear in the lower right corner of your screen.  Browser Guard replaces your whole browser window with its message.  Let us know if you have any more problems.

Link to post
CCV

CCV

Posted
  • Author
Posted

Hi gonzo, thanks for the speedy response and the explanation. 
I thought I read something about adding the site to 'exclusions' or some such. Turns out, it must've meant Browser Guard's own "Allow list".

For the time being, there's still a problem when Duplicating tab or, what's more troublesome, linking to the site from an interest group with which I am involved. I'll let you know if that persists.

Hmm.. I wonder how iNaturalist.org comes to be on that list as well.

MBG_Al.jpg

Link to post
gonzo

gonzo

Posted
Posted

Malwarebytes has an exclusion list and Browser Guard has an allow list.  They both accomplish the same goal, but each depends on the type of block message you received. The issue becomes confusing because Malwarebytes users will see a Malwarebytes block ONLY if they are a premium user or using the program in a premium trial.  Browser Guard users are not limited by a subscription, so they will be affected at any time.

Browser Guard also blocks certain top level domains.  ".info" is one of those because of how often it is abused.

Others are blocked for other reasons which I sometimes have issues with myself.  I am doing some research on breweries, and found more than one whose sites are blocked because of phishing.  It turns out that is only because the websites ask for your birthdate to assure that you are not an underage user.  (It would be really difficult to get high looking at a picture of a beer bottle, but that's another issue entirely).

The last two reasons for blocks are ones that we are battling with currently.  First is a block that only happens under certain circumstances, which I believe is the path to be followed to get you to the destination you requested.  We are looking for ways to get better intelligence so that we can make better decisions.  The second reason is that Browser Guard is in its first release, and while it has already evolved into  a product which we can share with the world, it (and we) are still learning how to make it better.  That is sometimes irritating, and sometimes painful.  It is getting better.

By the way, I just checked both websites you showed on the screenshot.  I can get to both, and I did not see any reference to inaturalist.org on the whitelist.

Link to post
CCV

CCV

Posted
  • Author
Posted

I can get to both sites too. I'm having no problem with iNaturalist so far, even after removing it from Allowed list in Chrome and where it never was there in Firefox.
However, MBG blocks http://www.tasmanianspiders.info in Chrome after the tab has been open but left idle for some time - which is according to my usual habit - and even tho the site is still on the Allowed list exactly as in previous screenshot.

FYI also, please see attachment.

MBG_Exclusions.jpg

Link to post
CCV

CCV

Posted
  • Author
Posted

P.S.
Can't see how to edit the above, but anyhow...
Getting high by looking at some pictures of beer might save me some trouble, but that's another story too. I'm reminded now there is something (falsely) identifies phishing on one of my oft visited sites as well. Can't remember which site or program now, but your observation might give me a clue why. 👍🍺

Link to post
  • 2 weeks later...
CCV

CCV

Posted
  • Author
Posted

https://www.ellura.info/ is another one might be worth adding to the whitelist. Still can't get the "Do not block this site again for scam" check-box to work. :/

On another topic tho:
The Customer Login (Coming Soon?) setup available for Support via the MBG app (Chrome extension, in my case) isn't working. It doesn't accept the credentials which work perfectly well when used from an email link - i.e., to this topic.

 

Link to post
CCV

CCV

Posted
  • Author
Posted

Thank you.

Btw:

On 11/3/2019 at 10:30 AM, CCV said:

The Customer Login (Coming Soon?) setup available for Support via the MBG app (Chrome extension, in my case) isn't working. It doesn't accept the credentials which work perfectly well when used from an email link - i.e., to this topic.

Well.. That's the login options immediately presented. If I first select Browser Guard forum, then login is no problem.

Link to post
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

The main Support forum has an entry for login but it is not needed, or used.

https://support.malwarebytes.com/community/browserextension

It says the following on the top of the link, which you should just ignore:
  

Log in to follow, share, and participate in this community.

The forum here where you are posting now is the only forum for support. The main link has documentation and one can submit a ticket to support to work on an issue via email or chat if available.

If there is something else or I've not addressed your issue please let me know @CCV

Thank you

Ron

 

Link to post
  • 2 weeks later...
  • 7 months later...
  • 1 month later...
CCV

CCV

Posted
  • Author
Posted
On 7/4/2020 at 4:22 AM, Gt-truth said:

hello @gatortail

has this been really fixed yet ? the problem still hasn’t really fixed even with more most recent version of the Malwarebytes Browser Guard .

I wouldn't say so, even now with version 2.2.9.

@gonzo, et al, Could we please have www.polydesmida.info whitelisted as well?

Nothing I do with Browser Guard seems to help - even having it disabled, for some time I discover!

Link to post
CCV

CCV

Posted
  • Author
Posted
1 minute ago, CCV said:

 

 

1 minute ago, CCV said:

Nothing I do with Browser Guard seems to help - even having it disabled, for some time I discover!

Even removing Browser Guard and reloading Chrome doesn't help. "DNS_PROBE_FINISHED_NXDOMAIN", whatever that means...

Link to post
gonzo

gonzo

Posted
Posted (edited)

I whitelisted www.polydesmida.com.

It was a TLD block, because .info domains are often misused.  Please allow 15-30 minutes for changes to take effect.  I also checked the other two sites which you have referred to in this thread.  They are both accessible.  I hope this takes care of it.  As far as your DNS_PROBE issue, that would have nothing to do with Browser Guard.  You could try clearing cache, or try using a different browser for testing purposes.  There may be other issues at play.

Edited by gonzo
wrong URL shown
Link to post
CCV

CCV

Posted
  • Author
Posted
8 hours ago, gonzo said:

I whitelisted www.polydesmida.com.

It was a TLD block, because .info domains are often misused.

Thank you, gonzo. Browser Guard no longer blocks attempted access to the polydesmida site. However, although it's not really important, I might point out that the link you posted goes to the spider site instead.

"NXDOMAIN" seems to mean the site doesn't exist. Hmm..

Link to post
  • gonzo locked this topic
Guest
This topic is now closed to further replies.
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.