Jump to content

Blocking certain urls for all programs using Kaspersky premium?


Go to solution Solved by harlan4096,

Recommended Posts

lightof7ustice
Posted

Hi all.

I don't know why,  but recently Adobe Acrobat Reader (probably, according to the file and link) has been trying to download 2 demo PDFs from its website through the links below. Since I have Internet Download Manager, the links always toggle the IDM, then it pops out the download task window. This happens almost once every day, so quite annoying. Is there a way to block those links for all the programs with Kaspersky's firewall or Intrusion prevention, so that Acrobat will not try to download those files and IDM will not jump out to help with that? I tried to use the Packet rules of the firewall but it was not quite intuitive.

P.S. I thought Acrobat was not supposed to behave like this.

The links:

https://acrobat.adobe.com/dc-home2-dropin/demo-files/en-US/demo.pdf
https://acrobat.adobe.com/dc-home2-dropin/demo-files/en-US/demo/verb-compress-pdf/demo-compressed-high.pdf

2024-05-15205129.thumb.png.e06ade7d0d247cad22ba214ff3e7213d.png2024-05-15205144.thumb.png.1a4acc170e368700ee47f21f92e5d898.png

 

lightof7ustice
Posted

Thank you @harlan4096 for the reply,

May I ask one more question about the hosts approach?

So basically,

If I use

127.0.0.1 acrobat.adobe.com

it could block the files but it also blocks the official website for Acrobat.

If I use

127.0.0.1 acrobat.adobe.com/*
127.0.0.1 acrobat.adobe.com/dc-home2-dropin/demo-files/en-US/demo.pdf
0.0.0.0 https://acrobat.adobe.com/dc-home2-dropin/demo-files/en-US/demo.pdf
127.0.0.1 acrobat.adobe.com/dc-home2-dropin/demo-files/en-US/demo/verb-compress-pdf/demo-compressed-high.pdf
0.0.0.0 https://acrobat.adobe.com/dc-home2-dropin/demo-files/en-US/demo/verb-compress-pdf/demo-compressed-high.pdf

it's not blocking anything.

Is it possible to block the 2 files or download attempts but not Acrobat official website?

harlan4096
Posted

Try removing the 1st line:

 

127.0.0.1 acrobat.adobe.com

 

Also, You may add a packet rule in Kaspersky FireWall:

 

image.thumb.png.b871f3f67c7ba8bd180e0ce8b5d61b75.png

 

Here "harswaretimes.in" it's the URL example... but not sure if it can block only specific levels of a dominion, as You are requesting, in Your case: adobe.com, just try...

  • Like 2
harlan4096
Posted

I forgot to mention that You have to move to the top of the list, the new custom packet rules.

  • Like 2
lightof7ustice
Posted (edited)
6 hours ago, harlan4096 said:

Try removing the 1st line:

 

127.0.0.1 acrobat.adobe.com

 

Also, You may add a packet rule in Kaspersky FireWall:

 

image.thumb.png.b871f3f67c7ba8bd180e0ce8b5d61b75.png

 

Here "harswaretimes.in" it's the URL example... but not sure if it can block only specific levels of a dominion, as You are requesting, in Your case: adobe.com, just try...

Thank you for the answer.

I tried both "*.adobe.com" and "adobe.com", but the rule is not working, I can still visit adobe.com, the same after reboot. Did I do something wrong?2024-05-16153347.thumb.png.431f920afd71daa5c8508c2fbe2549c6.png2024-05-16153443.thumb.png.25db64f2fad465403abcce41cc48ed87.png

Edited by lightof7ustice
  • Like 1
harlan4096
Posted

Did You move the packet to the top of the list?

lightof7ustice
Posted
23 minutes ago, harlan4096 said:

Did You move the packet to the top of the list?

Yes. If I understand correctly, that refers to this? (For the Block URL rule)

2024-05-16153443.thumb.png.25db64f2fad465403abcce41cc48ed87.png

  • Like 1
  • Solution
harlan4096
Posted

My rule:

 

image.thumb.png.cc11ca9b841042860dc525ddd9c717f0.png

 

And my results:

 

image.thumb.png.61a3ac59f33cc353a745dbdb00f0460e.png

  • Like 3
lightof7ustice
Posted
17 minutes ago, harlan4096 said:

My rule:

 

image.thumb.png.cc11ca9b841042860dc525ddd9c717f0.png

 

And my results:

 

image.thumb.png.61a3ac59f33cc353a745dbdb00f0460e.png

I change to www.adobe.com. The outcome is as followed:

The block history is logged in the Reports-Firewall now, which is different from the previous time (I suppose the Packet rule probably only records the exact URL matching the rule, just my guess though). But I can still visit the website www.adobe.com, maybe it's designed like this?

2024-05-16173556.thumb.png.417a262cfd5e7c7b14abfae05fd5e644.png2024-05-16173604.thumb.png.afbe702b338fd7a87c6f6b589645122c.png2024-05-16173626.thumb.png.2104cc977a7b79aa26720c2636189d3d.png2024-05-16173747.thumb.png.8eadd0540aea097c5b3676a18faf760b.png

  • Like 2
harlan4096
Posted

Clean up browser adobe cookies/history/cache, close and open the browser and try again...

 

User @Flood and Flood's wifetried it, and it seems blocking is working after doing so...

  • Like 2
Flood and Flood's wife
Posted
8 minutes ago, harlan4096 said:

Clean up browser adobe cookies/history/cache and try again...

User @Flood and Flood's wifetried it, and it seems blocking is working after doing so...

Hi @harlan4096 & @lightof7ustice

Confirming!

But it was very stubborn, it took many tries, we also exited the browser & tried again & then it worked:

image.thumb.png.99e209832cc3bbd75d10c7557d19a021.png

Thank you🙏
Flood🐳+🐋

  • Like 3
lightof7ustice
Posted

Thank you for the help @harlan4096 & @Flood and Flood's wife,

Well, I must say it's very strange that after I clear not only Adobe but the whole cache/cookie/history, it's still not blocked. 

But anyway, I'm still very grateful for the assistance of both of you. Maybe it's due to other programs like Adguard or the DNS. As long as it's not a big problem for the firewall itself or other functions, I guess I can stop trying for now.

Shall I report this bug to the developers, and how if possible?

2024-05-16183042.thumb.png.c0b877d99d5857c7e6170e4acbffc500.png

  • Like 2
Flood and Flood's wife
Posted
15 minutes ago, lightof7ustice said:

Shall I report this bug to the developers, and how if possible?

Hello @lightof7ustice

There's something very odd about it - for the last 20 minutes - the block stopped working & now it's working again 

  • Please do as @harlan4096 guides you, if you do need to escalate, follow on below: 

Kaspersky Customer Service, https://support.kaspersky.com/b2c#contacts  - select Chat or Email, then fill in the template as shown:

 image.thumb.png.b3b2c85819649891de5e51d053ef2747.png

Thank you🙏
Flood🐳+🐋

  • Like 3

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now


×
×
  • Create New...