Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 28 replies
  • Subscribers 36 subscribers
  • Views 5255 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG is contacting whatfix.com when I change firewall rules

EdmundSackbauer

I noticed that when using the GUI, and do some changes to rules or policies, that in bottom left corner of my browser there is "waiting for whatfix.com".

So it seems the XG is sending information to that website. Why is it doing this? What data is transferred? And how can I disable that?

Running Browser Inspections this is shown:

<script type="text/javascript" charset="utf-8" integrity="sha384-Ri1cUxmQGTk6k9rHS1TVx4oxxxxxxxxxxxxxxxxxxxxxp5yiG53soWAwGA4pxnnd" crossorigin="anonymous" src="">cdn.whatfix.com/.../script>

Even Javascript is downloaded! Why?



This thread was automatically locked due to age.

Top Replies

  • in reply to Wayne Folta +5

    "But the XG is not in contact with the server, your web browser is."
    That is true, however the problem is that I am logged in as admin with my browser. There is javascript downloaded from an external URL. And I guess Cross-Site-Scripting is enabled for Whatfix.com, or the assistent wouldn't be able to work.

    So somebody using DNS cache poisoning or even hacking whatfix.com could potentially take over your firewall (open GUI to WAN, reset passwords etc).

    Jump to answer
Parents Reply
  • 0 in reply to LHerzog

    As I said above, adding whatfix to a TLS/SSL block rule disables all access.
    After logout/log in to the Webadmin the Sophos Assistant sidebar does not show up anymore.

     
    SFVH (SFOS 19.5.1 MR-1-Build278)  - Last (re)boot on Februari 20 2023
    Asus H410i-plus - Pentium 6605 Gold - 250GB M.2 PCIe NVMe SSD - 8GB - 3 ports
    [If any of my posts are helpful to you please use the 'Verify Answer' link]
Children
No Data