Avast 2016: HTTPS scanning in Web Shield - FAQs

Frequently Asked Questions


What is HTTPS scanning in Avast Antivirus?

HTTPS scanning is a component of WebShield in Avast Antivirus 2016 that is automatically enabled after Avast is installed. This feature decrypts and scans encrypted traffic to detect malware in HTTPS connections. Encrypted connections that use HTTPS do not guarantee protection from malware and infected websites. Avast detects an average of 30,000 infected and blocked unique HTTPS URLs every day. Currently Avast prevents nearly 2 million users from downloading malware, or accessing malware distribution sites using HTTPS every month. The fact is that anyone can create a HTTPS page, obtain a free security certificate, and distribute malicious code to every visitor over their "secured" HTTPS connection. This is why scanning HTTPS connections is needed to assure your computer is protected from threats.

What is HTTPS and how does it work?

HTTPS is a secure version of standard HTTP communication that adds encryption to prevent others from reading your communications and helps assure that you are actually connected to the intended server. HTTPS was originally used primarily the most sensitive communications such as logins and banking. However today an increasing number of ordinary web sites are serving their content via encrypted HTTPS.

An overview what HTTPS is and how it works is at:

In short:

  • HTTPS is a secure communication protocol for computer networks. Encryption and authentication are provided by security protocols known as TLS and SSL.
  • TLS and SSL verify that you are connected to the intended server by verifying the certificate provided upon connection.
  • HTTPS encryption ensures that nobody can eavesdrop on the communication.
  • The handshake is the first part of HTTPS communication where the browser and the server negotiate the cipher suite to use for the connection. The server, and in some cases the client, provide a certificate that allows the computer to determine if the connection should be trusted or not.
  • Usually every certificate is digitally signed by a trusted Certificate Authority (CA). For the connection to succeed, the signing authority must be known to the browser, otherwise the browser displays a warning or error, and may deny access to the page.

How does Avast scan encrypted pages?

Avast is tightly integrated with the operating system. It can see when the browser is about to make a connection to a HTTPS server. When this happens, Avast Web Shield takes over the handshake and connects itself to the server. When the server sends its certificates, Web Shield verifies them against the Windows System Certificate Store – the same list of trusted certificates that Internet Explorer, Chrome, Opera and other programs use. Web Shield scans the flow of the data connection, and after verifying that the communication is secure, hands over the connection to the browser.

What is the benefit of scanning encrypted HTTPS pages?

The encrypted connection ensures that the connection cannot be modified by anyone else. However it does not guarantee that the actual content being downloaded is safe. Just as with plain HTTP, if a legitimate web site is hacked, malware scripts and binaries can be placed into the HTTPS page that appears to be safe. Downloading the malware script from an encrypted connection does not prevent your computer from being infected at all. At Avast we see about 30.000 infected and blocked unique URLS every day that would otherwise be delivered via HTTPS. We protect almost two million users from HTTPS-delivered malware infections every month.

Is the connection still encrypted and secure when Avast scans it?

Your internet communications are encrypted just as they always were without Avast scanning them. Anyone monitoring your network traffic would see the same data with or without Avast Web Shield. The difference is that the WebShield scanner and your browser are on the same computer using an encrypted connection to communicate.

Can I turn off HTTPS traffic scanning?

While we do not recommend turning off HTTPS scanning, we understand that some users may wish to disable the feature for various reasons. Step-by-step instructions to disable HTTPS scanning are available in the following article:

Why does Avast scan these secure connections? I don’t want Avast, or anyone, to scan my confidential web activity.

When implementing HTTPS scanning, protecting user privacy is our primary concern. When communicating with a bank, the user wants to be absolutely sure the connection is private and secure. Therefore we have a way for whitelisting, or ignoring, connections when users access a banking site. Our current list has over banks from all over the world and we are constantly adding new, verified banking sites. You can, and should, verify your bank’s security certificate when using online banking sites. Once verified, you can submit the banking or other web site to our whitelist by sending an email: banks‑whitelist@avast.com. We are happy to add new banks to the list.

Is all my web traffic being sent to the Avast servers?

No, all the scanning is done locally between your PC and the HTTPS server and the connection in encrypted with ciphers. Furthermore, the method we use to communicate between the browser and WebShield never leave your PC.

  • Avast Premier 2016
  • Avast Internet Security 2016
  • Avast Pro Antivirus 2016
  • Avast Free Antivirus 2016
  • Avast for Business 2016
  • Avast Mac Security 2016
  • Microsoft Windows 10 Home / Pro / Enterprise / Education
  • Microsoft Windows 8.1 / Pro / Enterprise
  • Microsoft Windows 8 / Pro / Enterprise
  • Microsoft Windows 7 Home Basic / Home Premium / Professional / Enterprise / Ultimate
  • Apple Mac OS X 10.10.x (Yosemite, Intel-based)
  • Apple Mac OS X 10.9.x (Mavericks, Intel-based)
  • Apple Mac OS X 10.8.x (Mountain Lion, Intel-based)
  • Apple Mac OS X 10.7.x (Lion, Intel-based)
  • Apple macOS 10.12.x (Sierra)

We are sorry, unfortunately this article is not available in the selected language. Would you like to continue reading the article in the current language or go to our home page in the language you have just selected?

Continue reading Go to Home page