Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 1 subscriber
  • Views 405 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

A/V is detecting a web page as infected - how to override?

linuxchimp
Hi,

Our astaro (using single or double-pass) is detecting "HTML/Crypted.Gen" in this web page:  Forest Highlands Golf Club, Flagstaff Arizona - www.fhgc.com

At the bottom of the source code for that page, they are using some encrypted HTML (why do people still use this?) which is triggering the false positive.

Is there a way to "whitelist" or tell the a/v to ignore this domain?  

Thanks!


This thread was automatically locked due to age.
Parents
  • 0
    Hi, linuxchimp, and welcome to the User BB!

    On the 'Exceptions' tab of 'HTTP/S Proxy', create an exception for anti-virus for a URL matching:

    ^http://fhgc.com/$


    That regex won't match any other pages on that site.

    Cheers - Bob
    PS If you want the entire domain skipped for A-V, just use //fhgc.com/
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    Hi, linuxchimp, and welcome to the User BB!

    On the 'Exceptions' tab of 'HTTP/S Proxy', create an exception for anti-virus for a URL matching:

    ^http://fhgc.com/$


    That regex won't match any other pages on that site.

    Cheers - Bob
    PS If you want the entire domain skipped for A-V, just use //fhgc.com/
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
  • 0 in reply to BAlfson
    Hi, linuxchimp, and welcome to the User BB!

    On the 'Exceptions' tab of 'HTTP/S Proxy', create an exception for anti-virus for a URL matching:

    ^http://fhgc.com/$


    That regex won't match any other pages on that site.

    Cheers - Bob
    PS If you want the entire domain skipped for A-V, just use //fhgc.com/


    Thanks Bob!  I completely overlooked that option within exceptions.  That was totally painless!!