websites archive.today / archive.is / archive.fo /archive.li / archive.md / archive.vn / archive.ph not reachable with ESET Internet Security

[User 13]

For several weeks now I cannot use the websites

archive.today archive.fo archive.is archive.li archive.md archive.ph archive.vn

with ESET Internet Security installed. Regardless if I use Firefox, Chrome or Edge on Windows 11, Windows 10 and also Windows 7.

The sites just don't load.

 

The sites are fully working if I completely uninstall ESET Internet security.

A temporary deactivation of the firewall and/or virus protection in ESET has no effect.

 

What is the solution to this problem?

[cofer123 14]

So that's why I've not been able to use these sites recently? I remember searching for something there about a month ago, but the connection would just timeout. I figured the sites were having trouble since they would simply timeout without any errors.

I can confirm I'm still unable to open these sites on a machine with EIS installed. I've just tried on another computer with just defender and my phone, both using the same ISP, it those sites load up instantly.

Edited December 18, 2023 by cofer123

[itman 1,659]

https://news.ycombinator.com/item?id=38063548

Might have something to do with Eset's heavy reCaptcha use.

 

[arcanum 0]

Go to settings and disable SSL/TLS scanning. It's not the first time that ESET SSL/TLS scanning "breaks" some websites. The same happened to me on some sites too.

Edited December 18, 2023 by arcanum

[User 13]

18 minutes ago, arcanum said:

Go to settings and disable SSL/TLS scanning.

Thanks, that does indeed work.

[Marcos 5,074]

4 hours ago, User said:

Thanks, that does indeed work.

I'd strongly recommend re-enabling SSL/TLS filtering, otherwise you expose the computer to Internet-borne threats. Nowadays most malware originates from HTTPS sites so without SSL/TLS filtering downloaded files are not scanned and malicious web pages may not be blocked.

The issue with the said sites has been reported to developers for investigation.

[100 2]

5 hours ago, arcanum said:

Go to settings and disable SSL/TLS scanning. It's not the first time that ESET SSL/TLS scanning "breaks" some websites. The same happened to me on some sites too.

5 hours ago, User said:

Thanks, that does indeed work.

1 hour ago, Marcos said:

I'd strongly recommend re-enabling SSL/TLS filtering, otherwise you expose the computer to Internet-borne threats. Nowadays most malware originates from HTTPS sites so without SSL/TLS filtering downloaded files are not scanned and malicious web pages may not be blocked.

The issue with the said sites has been reported to developers for investigation.

Marcos is right! The post by arcanum marked as a "solution" is not a solution!  You should unmark the solution and wait for Eset's solution.

Edited December 18, 2023 by 100

[arcanum 0]

6 hours ago, 100 said:

Marcos is right! The post by arcanum marked as a "solution" is not a solution!  You should unmark the solution and wait for Eset's solution.

It's not a solution, but temporary solution while waiting ESET engineers to fix it out. 🙂

And everyone should know that never ever permanently disable any security components.

[Marcos 5,074]

Excluding just the IP address is a much safer workaround:

[User 13]

Excluding the IP address is not trivial in this case, because the sites use a lot of different IP addresses and once you enter for example archive.today that IP address is forwarded to another IP address.

As linked in posting 3:
 

Quote

 

The operator wants to ensure that all archives occur across a country boundary, so that any takedowns have to be an international affair.

And as such cloudflare DNS doesn’t work with it for some reason

 

So is it possible to exclude the domain names instead of IP-addresses?

[arcanum 0]

There's about 1% of websites that does not work with SSL/TLS scanning enabled. They just timeouts. I'm interested what might be a reason for that. Does SSL/TLS scanner do something (handshake) that prevents the website to load? 

 

[Marcos 5,074]

Information from developers:

This server is unable to cooperate with any of the commonly used software that we've tried, even with TLS filtering disabled (curl, openssl command line tool, Qualys server test: https://www.ssllabs.com/ssltest/analyze.html?d=archive.today). Our  guess is it has a poor TLS implementation. Please report this issue to the website owner, there's nothing we can do about it.

[User 13]

Users of Kaspersky had the same problem with these domains and they provided a solution: 

add the domain names (archive.today / archive.is / ...) in the "Encryted Connections Examination" as "Trusted Addresses"

See last posting in this German forum:

https://forum.kaspersky.com/topic/probleme-mit-archiveis-oder-archiveph-35965/

So is this not possible in EIS?

[Marcos 5,074]

It appears that setting scan to Ignore for both cert. used by archive.ph and archive.today did the trick too:

[User 13]

Thanks, that seems to work so far.

[User 13]

Since today the workaround above doesn't work anymore.

What now?

[itman 1,659]

44 minutes ago, User said:

Since today the workaround above doesn't work anymore.

What now?

One distinct possibility is the archive web site certificates have changed. You could try deleting and re-adding certs. associated with the web sites.

[User 13]

23 minutes ago, itman said:

One distinct possibility is the archive web site certificates have changed. You could try deleting and re-adding certs. associated with the web sites.

Thank you very much.

Now it works again.