Xcitium web filter for phishing links needs to be improved

1807 · March 5, 2023, 11:12am

Comodo Internet Security Premium Tested 2.23.23 - YouTube Xcitium web filter needs to be improved for phishing links

liosant · March 5, 2023, 11:38am

comodo internet security is excellent antilogger and firewall…
updates helps to promote and popularize…

C.O.M.O.D.O_RT · March 6, 2023, 8:14am

Hi 1807,

Thank you for testing.
Video at 1:43m seems like you haven’t turn ‘ON’ the website filtering in the setting that’s y it didn’t block the phishing sites.

Thanks
C.O.M.O.D.O RT

1807 · March 6, 2023, 1:01pm

@C.O.M.O.D.O_RT it was activated but it missed all of them for Phishing Links so the web filter needs major improvement

C.O.M.O.D.O_RT · March 6, 2023, 1:50pm

Hi 1807,

Ok, we will test this and update you.

Thanks
C.O.M.O.D.O RT

C.O.M.O.D.O_RT · March 7, 2023, 8:55am

Hi 1807,

Make sure that the blocked sites option in website filtering have “Phishing Sites” category added so that the phishing sites will get blocked or doesn’t reach. (Refer the attached pic.)
Kindly check and let us know your feedback.

Thanks
C.O.M.O.D.O RT

megaherz33 · March 8, 2023, 9:33am

I can’t find such an option.

lckecomodo · March 8, 2023, 11:09am

click on “website filtering” ; the last line…

megaherz33 · March 8, 2023, 11:12am

Thanks, inattentive. Woke up not too long ago)))

neonov · April 7, 2023, 4:38pm

This is not the point, because he had all the settings by default, and, consequently, the category of phishing sites was included in the “Blocked sites” rules. Here the matter is altogether different. Even if all tested links to phishing sites were in your “CIS” database, the test would still fail on “Chrome” and “Edge” browsers. I also tested “Website Filtering” on “CIS 12.2.4.8032” on “Windows 7x86” the other day and came to the following conclusions:

“CIS” cannot block sites with the new “https” protocol on browsers with “Chromium” engines: “Vivaldi”, “Opera”, “Chrome” and “Brave”. On these browsers, it can only block sites with the old “http” protocol. The log shows that “CIS” sees and blocks only requests to sites with the old “http” protocol, but to sites with the new “https” protocol - silence, it simply does not see them;
“CIS” is able to block sites with the new “https” protocol only on “IE 11” and “Firefox 54” browsers.

Judging by the test video, all the phishing links were to sites with the new “https” protocol. Therefore, on browsers with the “Chromium” engine: “Chrome” and “Edge” - “CIS” by definition could not block these links. “CIS” could normally block phishing links only on the “Firefox” browser, but could not do it))). Most likely, there were no tested links to phishing sites in the “CIS” database of sites, or “CIS” does not know how to work with new versions of “Firefox”, I tested on the old version v.54 with the “Gecko” engine, and new versions they already come with the “Quantum” engine, maybe because of this “CIS” cannot intercept sites. In general, let’s hope that in the new version of “CIS” browsers with the “Chromium” engine will be able to intercept the “https” protocol. These browsers are used by 95% of users in the world. There are practically no sites that use the old “http” protocol anymore, because everyone is switching to “https” en masse.

Pictures with my tests are presented below (large pictures are not loaded on this forum, so the link to an external site), although the pictures are in Russian (I made them for another site), but the meaning is quite visible and understandable that “Website Filtering” ignores “https” protocol.

test 1:
link to the picture with the main tests

test 2:

test 3:

test results:

C.O.M.O.D.O_RT · April 10, 2023, 7:17am

Hi neonov,

Thank you for reporting with detailed information.
We will check and report this to the team.

Thanks
C.O.M.O.D.O RT