Jump to content

Allowing Updates from Malwarebytes Servers


Recommended Posts

Hello. I'm trying to determine either IPs or domains that issue the Malwarebytes updates. I'm assuming like other AV programs that push updates out that the domain is not necessarily going to be something simple like malwarebytes.org for example. Unless it is for Malwarebytes. :) I'm hoping there might be some docs somewhere that can give me a list, so that I can allow updates for Malwarebytes through a firewall rule that only allows certain sites etc. Also, this firewall is not a software based firewall. Thanks for any info!

Link to post
Share on other sites

Welcome to the forums nheimler :)

You need to add the following exclusion for firewalls:

*.mbamupdates.com

Link to post
Share on other sites

:welcome:

Malwarebytes is not an antivirus. It is antimalware and focuses on high rate malware and ones commonly missed by antiviruses. It does not have same functionality an antivirus has and should not be used as a replacement.

Yes, I realize that it is not an "antivirus" program, but it is a good point to bring up in case someone else stumbles across this topic. I've been doing tech work for over 18 years. I was mainly referencing how antivirus programs tend not to use their main domain as their update service domain. Didn't mean to misquote that MBAM was an AV product in general. :) This is all I was meaning when I mentioned that. I'm just to the point of setting up a customer's site with a new firewall (not an el-cheapo) and for the first time that I've run into someone that runs Malwarebytes along side another AV product and I needed to make an exclusion for some departments that are only allows to go to specific sites along with doing updates. I run this myself in addition to AV products, but never had to set an exclusion. I've searched around and wasn't finding anything specifically to firewall exclusions other than what's in the FAQ for excluding the services etc.

Link to post
Share on other sites

Welcome to the forums nheimler :)

You need to add the following exclusion for firewalls:

*.mbamupdates.com

If you do an NSLOOKUP on this address it will give you the current IP. Best to use a DNS entry though instead of an IP if possible as the IP can change. We use a Content Delivery Network to deploy updates.

data-cdn.mbamupdates.com

Thanks for the info guys that's exactly what I was looking for!

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.