SafeOnline Configuration

Discussion in 'Prevx Releases' started by pling_man, May 8, 2010.

Thread Status:
Not open for further replies.
  1. pling_man

    pling_man Registered Member

    Joined:
    Feb 11, 2010
    Posts:
    463
    Location:
    UK
    I am going to change the default configuration for my HTTP sites from Low to Medium as I would like the extra protection this gives me all of the time.

    Before I do this, I have a question on the Pre-Configured domains supplied with Prevx and the use of * wildcards.

    Consider the two domains:

    (1) http://prevx.com
    (2) http://www.prevx.com

    and the Pre-Configured domain:

    *.prevx.com -> MAXIMUM settings

    When I browse to (2) protection is MAXIMUM. However, when I browse to (1) protection is LOW. So domain (1) is not picked up by the Pre-configured domain string.

    Should the Pre-configured domain be *prevx.com instead?

    I have a similar issue with the following Pre-configured domain

    *.amazon/*

    This doesn't give MAXIMUM protection when I browse to www.amazon.co.uk nor to www.amazon.com

    Should the domain be *.amazon.*/* ?

    I found if I add a user configured domain with this string it works except SafeOnline pre-pends *.// to the front of the string entered.

    I suspect the strings for prevx and amazon are incorrect !
     
    Last edited: May 8, 2010
  2. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    You are indeed correct and I ran into this last week and was confused as to why protection wasn't working! I've recommended that we change the protection mask to:

    http*://prevx.com and *.prevx.com

    The reason why we simply can't have *prevx or *amazon is that it would allow a phishing attack to take place if someone had a domain like notamazon.com

    Thanks for the heads up! :thumb:
     
  3. pling_man

    pling_man Registered Member

    Joined:
    Feb 11, 2010
    Posts:
    463
    Location:
    UK
    Thanks for confirming this. I've upped my settings to medium for HTTP sites now. It works good, but I miss the blue tick. :)
     
Thread Status:
Not open for further replies.