Firefox NoScript Blocking the Trend Micro Malicious Site Message in RT-AC88U

[marklang]

I have a new Asus RT-88U router. I engaged the Trend Micro protection features, and I had the first website link blocked today by that software. However, rather than get the replacement malicious site message, the NoScript plugin in my Firefox browser blocked that screen. I assume it is because the router is replacing the browser link with a link to the internal warning screen, which is 192.168.1.1/xxxxx.

I already have the router address 192.168.1.1 whitelisted in NoScript. The feature giving me the problem is called Application Boundaries Enforcer. There is a place to create user rules for this feature, but it requires program-like commands I have a hard time following. Has anyone already dealt with this issue, and perhaps could provide me the specific language for rules that will allow this behavior by the router? Obviously, if my browser link was replaced by any site other than the router I would want that blocked, so I want to leave the feature engaged but allow the router to make the substitution.

Thanks.

 

[SoCalReviews]

I don't know about how to solve the script blocking message you are getting related to the TrendMicro protection but I did lose functionality with my HP networked Laserjet printer when I had all the protection features enabled. My network printer worked perfectly before enabling all the Asus router protection and then it would completely lose connection with it when the printer went into sleep mode after enabling full protection. I determined the main culprit causing glitches and problems with my network printer to be the disabling of UPnP (using an RT-ac68p).

When I re-enabled UPnP then the printer sleep issue wasn't the problem but I started running into other issues related to printing over my local nework from my virtual machine software. I didn't want to deal with intermittent network related issues from the network protection so I ended up restoring the router to regular default with all network protection off. I determined the networking protection to be too much of a glitch generator for my liking so I don't use it anymore.

What you could do is re-enable each part of the protection manually to narrow down which protection feature is causing the problem. With the UPnP... I had to manually re-enable it under the router settings... it wasn't automatically re-enabled when I turned network protection off. You might have to do this as well with individual features that were changed automatically from the network protection main admin menu. However, I am not sure about how to solve the specific script problem that you are having with your browser.

 

[marklang]

Thanks, SoCalReviews. In my case it is not the Asus protection that is causing the problem. I have two networked printers on my network with fixed IP addresses, and they both work fine. I have also not noticed any other issues with all the Trend Micro protection features enabled. I am not sure how my setup is different. However, I do have UPnP enabled. I understood that was a protocol for showing media files, not printer discovery, but perhaps I am wrong.

What I am getting is that Trend Micro identifies what it believes is a malicious website. Instead of showing that website, the router then sends me an internal router generated page suggesting this is a dangerous website. When the router makes that substitution in the fetched IP address, the NoScipt pluging in my Firefox browser notes that the page being returned is not the address it requested, and it flags this as a problem, as it should -- so I don't see the Trend Micro error page. Now that I know what is happening, I can live with this. I am just hoping someone else might have run into this and can suggest the user instructions for me to insert into NoScript to allow the router at 192.168.1.1 to substitute pages without blocking them.

The only problem I have seen with protection is that you cannot override when Trend Micro says a page is dangerous. Their message page gives a web link to their website where you can report a site as being OK, but that does not necessarily cause them to stop blocking it. I also have Web of Trust plugin as well as Kaspersky Internet Security that both flag web pages as malicious. However, both of them have a checkoff option to view the page anyway if you are sure it is OK.

 

[fax]

I would also try to contact noscript support (forum), they may be already aware of a workaround.

 

[marklang]

Thanks for the suggestion, fax. I tried the NoScript Forum, and I got an answer right away. For those who might have the issue, the fix is to open the options of NoScript, go to the Advanced Tab. Under the rules for SYSTEM, go into the box and add the following two lines at the top:

Site ^https?://192\.168\.1\.1/blocking\.asp\?
Accept

The address of the router is 192.168.1.1, and the page my router is substituting is 192.168.1.1/blocking.asp?cat_id=79. If other routers are different, you can see how that information is embedded in the suggested rules.

Mark