Kaspersky
Solved

Web AV url exclusion does not include heuristic analysis [Closed]

  • 26 April 2019
  • 3 replies
  • 711 views

Userlevel 2
Badge
Since yesterday, Kaspersky is blocking the request my webmail does to refresh the mailbox. It says there could be a data loss, even though it's under https and the certificate is ok. The interface is Roundcube.
The blocked url is like this:

https://wmail4.sion.com/?_task=mail&_action=list&_refresh=1&_mbox=INBOX&_remote=1&_unlock=loading1556301415877&_=1556298403553
And the response status is "499 Request has been forbidden by antivirus".

Under the advanced Web AV configuration, I've added "https://wmail4.sion.com/*", but the problem persists. If I uncheck the heuristic analysis, then the page works again.

Can I disable heuristic analysis just for this url? Or can I send something to Kaspersky for analysis so they no longer detect this as risky?

Using the Developer Toolbar, I see that the request's response is Kaspersky's page explaining this and with a link to inform a false positive. I clicked it several times but it doesn't fix it. Maybe because it whitelists the entire url, which of course changes every time?

Thanks in advance!
icon

Best answer by AndrewL 26 April 2019, 20:31

View original

This topic has been closed for comments

3 replies

Userlevel 7
Badge +9
Please contact Technical Support https://center.kaspersky.com
Userlevel 2
Badge
Well, I was about to do it but when explaining the steps I noticed that there's this other setting, "trusted URLs", and that one worked. The one that didn't is the one above, "Manage exclusions", which apparently only affects the URL Advisor.

Thanks!
Userlevel 7
Badge +9
Your best option in this issue is the Technical Support.