Jump to content

Exclusion of a potentially unsafe application, but only for a specific site or URL


Go to solution Solved by itman,

Recommended Posts

Posted

Hi,

I received an alert like the following:

"

Module HTTP filter - Threat Alert triggered on computer PCNAME:  https://beacon.riskified.com/?shop=wolt.com contains JS/Fingerprint.B potentially unsafe application.

"

I wish to have this potentially unsafe application stay enabled in general, but excluded for the relevant full URL, domain or sub-domain - but I didn't find a way to do it. Is there a way to do it?

  • Administrators
Posted
11 hours ago, itman said:

Refer to this recent posting on the issue: https://forum.eset.com/topic/41524-jsriskwarefingerprintb-riskified/ . Appears there still isn't a way to exclude the detection.

 

The detection can be excluded for a specific url via detection exclusions in the advanced setup. However, in ESET PROTECT it not possible to edit the path when creating a detection exclusion so it would not work for urls that change.

Posted
On 8/4/2024 at 11:19 AM, Marcos said:

The detection can be excluded for a specific url via detection exclusions in the advanced setup. However, in ESET PROTECT it not possible to edit the path when creating a detection exclusion so it would not work for urls that change.

Hi @Marcos, the advanced setup of the latest NOD32 > Detect Engine > Detection Exclusions > Add - allows a "path" value of only local drive path (e.g. c:\folder\file), not URLs, per its help page, https://help.eset.com/eav/17/en-US/idh_detection_exclusion.html

  • Administrators
Posted

I didn't find any mention of that url could not be used in the path in the help. It should work.

  • Solution
Posted
30 minutes ago, Marcos said:

I didn't find any mention of that url could not be used in the path in the help. It should work.

I just tried to do so. Eset allow entry of URL w/o issue;

Eset_Exclusion.png.209753a852c4ec1656714fc45f57c1c5.png

 

Posted
11 minutes ago, itman said:

I just tried to do so. Eset allow entry of URL w/o issue;

Eset_Exclusion.png.209753a852c4ec1656714fc45f57c1c5.png

 

Thank you @itman, cool! I tested it now, even by using a path of https://beacon.riskified.com/* and it works as expected.

But, as I noted, if you click the question mark in this windows, you get to a help page, URL added above, about this window, that doesn't mention anything about the ability to use URL and wildcards in the path field, and it is a shame - you have the ability in the product but you don't guide customers to use it, so customers cannot get more precise protection and you do not get good reviews from customers. Better enhance this help page.

  • Administrators
Posted
11 hours ago, eitanc said:

Better enhance this help page.

Appreciate the feedback. Noted and reported to the documentation team.

P_DOC-14762

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...