Jump to content

Allow access to hosts file for one program in Windows 10


Axthorpe

Recommended Posts

Yes, I get and error when the program tries to modify C:\Windows\System32\drivers\etc\hosts

 

I am using “Local by Flywheel” and it works fine, it is a tools for creating and running WordPress sites locally and the publishing to their hosting platform. So they need to edit the hosts file when setting up new sites locally.
This program works fine and I have not needed to anything to get it to work, Kaspersky does nothing.


But Flywheel has recently released a new version in beta and that program is being blocked when it tries to add something in the hosts-file .

So the stable version is grouped as “Trusted” and the beta is grouped in “Low restricted”, but even when I manually put it in “Trusted” I still get the “write block”.

So what I had to do to get the beta working is to turn off program monitoring for that exe; “Do not monitor application activity”, in Program Rules/Exclusions Tab. 
This feels like a very temporary solution…

 

What i really would like is to add a rule that allows the beta to edit the hosts-file, which feels like a better solution than turning off all monitoring for the program (a program that runs php-code from WordPress, plugins etc).



I have found two differences, that may or may not affect the “write block”
3.3.0 - the stable working release
https://whitelisting.kaspersky.com/advisor?lang=en-US#search/65649B07BA77BF632C21AA0BEC1BABC2
5.0.7 - the new beta
https://whitelisting.kaspersky.com/advisor?lang=en-US#search/4A1A5AC0E20C56C3A008AE99D1D2FAD2

 

 

Link to comment
Share on other sites

(ops forgot a bit)

I have found two differences, that may or may not affect the “write block”

...and the beta does not have a valid certificate.

Link to comment
Share on other sites

Beta or no beta, my initial question still stands.

 

How can I allow access for a program to edit the hosts file (C:\Windows\System32\drivers\etc\hosts)?
 

Is this something that can be done?

Link to comment
Share on other sites

Flood and Flood's wife

Hello @Axthorpe,

Can you show (images) the errors? 

  1. KTS Reports, export All Events, select 24 hours or 7 days, save as a text file, attach to your post please?
  2. If there’s a certificate issue, have you checked with the Software Developers/Support? 
  3. Have you “manually” trusted the dodgy certificate?
  4. How often are the host file mods required? 
  5. Have you added a “do not scan encrypted connection” exclusion for FW5.0.7?
  6. The “beta” advice is very relevant, bc, any problems, support (for Kaspersky software) will be voided. 

Thank you. 

General information: Certificate problem notification(s) 

Link to comment
Share on other sites

Ok, apparently I was a bit unclear above ;)

And I thank you for your will to investigate this 👌


This has become two issues, but for me it is one that matters the most.

  1. Is there a possibility to allow access for one program to a specific file?
    I want to allow the beta to be able to write to the hosts-file.
    I do not know if this is possible with Kaspersky Total Security.
     
  2. The beta is getting installed with “Low restrict”, possibly have a bad certificate and do not have write access to the hosts file (see image below).
    This is not the main issue.
    I wrote this hoping to get some information to send back to Flywheel, the maker of programs.
    I have been able to get it running by setting “Do not monitor application activity” (see image below).
    I understand that this is not Kasperskys problem.
    I do no expect Kaspersky to handle beta software correctly.
    The reason I sen the two links above about the certificate differences was that I hoped that that would be a clue to why Kaspersky handled the programs differently.
    I am fine with this temporary solution, but it is for me a temporary solution until:
    • Flywheel fixes their program
    • or I can set file access to the hosts fil (point 1 above)

And I also have a ticket and some forumposts going with Flywheel about this, because it is really their problem to get their program to work as good as the first one ;)

 

--- write block history ---

 

--- image on how I got the beta to work ---

 

Link to comment
Share on other sites

Flood and Flood's wife

Hello @Axthorpe

You’re very welcome!

Thank you for posting back, the links and additional information🙏

Please export the (KTS)  Report, select ALL EVENTS, select 24hrs, save as a text file, attach to your post please? 

Have you added a “do not scan encrypted connections” exclusion for FW5.0.7 (it doesn’t appear so)?

Thank you.

Link to comment
Share on other sites

Before we do anything else, can you answer my main issue/questions:

  • Is there a possibility to allow access for one program to a specific file?
  • Does it in Kaspersky Total Security exist an option/function/tab/…, where I can:
    • Select one program
    • Allow this program to edit a specific file
  • Can I in Kaspersky Total Security select one file and give a specific program full acces to that file?
Link to comment
Share on other sites

Can you please answer my questions?

I only want to know the feature I look for exists in Kaspersky Total Security for me as a user.

 

  • Is there a possibility to allow access for one program to a specific file?
  • Does it in Kaspersky Total Security exist an option/function/tab/…, where I can:
    • Select one program
    • Allow this program to edit a specific file
  • Can I in Kaspersky Total Security select one file and give a specific program full acces to that file?
Link to comment
Share on other sites

Ok, so it is not possible to assign write access on one specific file for one specific program.

 

“let c:\programs\my.exe have read/write on the file c:\filename.txt”

This can not be done with Kaspersky Total Security, correct?

Link to comment
Share on other sites

Well I added one more “checkbox” in exclusion and got it working :)

I checked these three:

  • Do not monitor application activity
  • Do not inherit restrictions from the (application’s) parent process
  • Do not monitor the activity of child applications

The boxed that I left out was “inherit parent”, which I don’t really understand. But the beta is working, and it is a beta so I can live with it for now.

 

The reason I asked about giving one program access to one file, was that I had som other AV-software years ago that could do that.

But otherwise quite happy with Kaspersky, so keep up the good work.

And thank you for quick response here in the forum. 👍

 

Kind regards
 Håkan

Link to comment
Share on other sites

  • 1 year later...

thanks this feed helped me with the same problem. i only checked the “Do not inherit restrictions from the (application’s) parent process”. By checking this my error went away. 

 

Link to comment
Share on other sites

  • 1 year later...

@Axthorpe 

2yrs later and your solution to also check “Do not inherit restrictions from the (application’s) parent process” worked a treat. Thank you!

I needed to get DevKinsta to be able to update my hosts file. Tried so many different suggestions and finally your one worked.

I might also add for anyone experiencing the same issue:
When ticking “Do not monitor the activity of child applications”, make sure to also tick the sub-option, “Apply exclusion recursively”.

Not sure why, but I also needed that selected.

Link to comment
Share on other sites

Hello @Jumzoid, Welcome.

Thank you for your addition.

But there is now also the possibility to allow a program to access the hosts directly.
‘Do not monitor activity' is too global and not recommended.

You can create a specific exception via the Application control (see my example 'dummy.exe'):

 

 

Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now


×
×
  • Create New...