PROXIMANOVA-LIGHT.OTF PROXIMANOVA-LIGHTIT.OTF PROXIMANOVA-EXTRABLD.OTF PROXIMANOVA-BOLD.OTFPROXIMANOVA-BLACK.OTF
Get this font in here!
Real Site
This Article Applies to:
- Avast Business Hub
Real Site (aka Secure DNS) is an Antivirus component designed to protect against Domain Name System hijacking. DNS hijacking (or DNS redirection) is a type of malicious attack that redirects you from the site you want to visit to one that may look just like it, but that can steal information such as usernames, passwords, and credit card details. This type of attack is especially dangerous when used with banking and shopping websites. In some cases, DNS hijacking may be recognized only after your sensitive data has been compromised.
Real Site is available for Windows
How Real Site Works
Every time you enter the URL of a website into the address bar of your browser, the URL is translated to the IP address of the web server where the web page that you want to access is stored. Real Site provides an encrypted connection between your web browser and Avast's own DNS server with the aim of preventing DNS hijacking. In other words, Real Site is meant to ensure that the displayed website is the authentic one.
The component will connect to Avast backend to query the list of our DNS servers and select the best one based on the connection/load.
Firewall Requirements
- UDP 443 - Encrypted communication
- UDP 53 - Secure DNS services
If the firewall blocks these ports, Real Site tries to connect to them by TCP protocol.
Configuring Real Site Settings
In the Business Hub's policies, Real Site will be located under the Antivirus Protection section in Settings > Antivirus, and it will be disabled by default. Once the component is enabled, you can choose which level of protection will be applied to trusted and untrusted networks, and whether Real Site will support encrypted DNS in browsers.
The available protection levels are:
- Maximum protection (default for untrusted networks): All DNS traffic, including encrypted DNS, will be re-routed via our secured DNS servers.
- Smart routing (default for trusted networks): Unprotected DNS traffic will be re-routed via our secured DNS. This option provides best balance of security and performance.
- Disabled: No traffic will be re-routed via our secured DNS.
As for the encrypted DNS support, we recommend keeping the default setting (enabled), as this extends Real Site's protection to browsers that use the DoH (DNS over HTTPS) protocol to encrypt DNS traffic.
Adding Real Site Exclusions (Windows Only)
For Windows devices, it's possible to exclude sites from Real Site checks. This will mean that the DNS resolution will not be verified through the secure connection to Avast servers, and will default to the device's DNS settings.
To add Real Site exclusions:
- Open the Policies page
- Click the desired policy to open its Detail drawer
- Select the Exclusions tab
- Expand the Antivirus exclusions section
- Within the All Scans and Shields tab, scroll down to URL Addresses
- Click + Add new exclusion
- In the dialog, enter the website(s) you want to exclude using the dns://domain.com/* format
- Once done, click Add new exclusion
Overriding Policy Settings
Via the Services tab of a device, you can override its policy configuration for Real Site by ticking the Manually customize settings inherited from policy checkbox under Antivirus and then toggling the component on/off.
To learn more about policy overrides, see
Verifying Real Site Status
You can check Real Site's status
If not, this will be displayed instead:
Other Articles In This Section:
Services and Components Without Customization Options in Business Hub
Related Articles: