F
ForgottenSeer 100397
In CF, try excluding the game in the "Don't detect shellcode injections" setting.
ErzCrz Security Config 2026
- Thread starter ErzCrz
- Start date
Re-evaluating UBO rules. Something is slowing my browsing down by 5mbps. I think it's something to do with my dynamic rules but need to look into it and maybe simplified medium mode or something.
Dynamic rules and Static attached but a lot of those rules are allowing pop-ups and some white listing. Anyway, something to delve into at the weekend
Dynamic rules and Static attached but a lot of those rules are allowing pop-ups and some white listing. Anyway, something to delve into at the weekend
Took a quick look at your rules but don't see a solution for you. Looks like you're using some version of easy medium mode now. Have you tried straight medium mode? I find it's easier to troubleshoot issues. Just couldn't get comfortable with easy medium as troubleshooting involves deciphering filter list issues. My advice is to backup your rules and filters and use default lists to see the speed difference. Classic advanced mode should be faster than everything else.
I'm not much of a rule writer but check if this is the cultprit.
Code:
! Block beacons, plugins and websockets everywhere
||*$ping,object,websocket
Last edited:
Thank mate
Yeah, time to make things a bit simpler for a bit and start fresh .
F
ForgottenSeer 97327
Straight medium mode blocks more than easy medium mode, so that can't be the solution.
@ErzCrz I suggest you change the line @oldschool pointed out to
|HTTP://*$ping,object,websocket
This limits those blocks to unsecure websites. As a last resort, you could entirely remove the websocket parameter.
@ErzCrz I suggest you change the line @oldschool pointed out to
|HTTP://*$ping,object,websocket
This limits those blocks to unsecure websites. As a last resort, you could entirely remove the websocket parameter.
Thanks @Max90 swapping that rule out seems to have done the trick.
So basic static rules now:
! Block beacons, plugins and websockets everywhere
|HTTP://*$ping,object,websocket
! Block potentially unsafe third-party content to unencrypted websites
|HTTP://*$third-party,~document,~stylesheet,~image,~media
! Block opening webpages on top level domains and countries I never visit
||*$document,domain=~com|~info|~io|~eu|~net|~org|~uk|~ms|~leg.wa.gov
What would you change from these dynamic rules? or keep them as they are?
* * 3p block
* * 3p-frame block
* * 3p-script block
* com * noop
* eu * noop
* info * noop
* io * noop
* net * noop
* org * noop
* uk * noop
F
ForgottenSeer 97327
Well, I sort of adopted the tips of Jan Willy, with some changes, first you would need to go to SETTINGS and click on the WHEELS behind the option "I am advanced user" You will be presented a screen with a lot of options. Look for the option " filterAuthorMode" (on my screenprompt it is at line #26) and change false to true and click the apply changes button.
Now we check whether this change from advanced user to expert user was successful and open a website and check whether you see a GREEN allow option in the uBO control panel (besides the GREY noop and RED block option). See picture below.
When that is all good you can remove the MyRules below
* * 3p block
* * 3p-frame block
* * 3p-script block
* com * noop
* eu * noop
* info * noop
* io * noop
* net * noop
* org * noop
* uk * noop
And add the rules below in the MyFiles
! Block beacons, obsolete plugins and websocket biderectional data connections on insecure websites
|HTTP://*$ping,object,websocket,important
! Block potentially unsafe third-party content linking to unsafe unencrypted websites
|HTTP://*$third-party,~document,~stylesheet,~image,~media,important
! Warn when opening webpages on top level domains and countries I never visit
||*$document,domain=~com|~info|~io|~eu|~net|~org|~uk|~ms|~gov
! Block third-party scripts and frames linking to top level domains and countries I never visit
||*$third-party,script,frame,to=~com|~info|~io|~eu|~net|~org|~uk|~ms|~gov
That is it. now you have easy medium mode applied in My Filters with an option to overrule it with dynamic filtering by simply choosing allow (GREEN) as show here with SMARTOCTO.com (just as example) which was blocked by a filter list i use.
Benefits of JanWilly's easy medium mode over Kees1958 easy medium mode
1. You still got the power of dynamic filtering. With Kees1958 generic rules overrule specific rules so you can' t weed-out a specific website from third-party annoyances nor upgrade security temporarily by going into hardmode when playing with malware links. With JanWill's approach you still can apply hard mode (for a specific website) and NOOP only a few third-party domains (weeding out a website)
2. You have the ALLOW option to overrule the easy medium mode filtering you setup in MY Files (in fact with green you override any filter).
IMPORTANT: you must understand the difference between grey-NOOP (ignore dymanic filtering only) and green-ALLOW (overrule ALL filters), hence only use ALLOW for the second (third-party) column on a specific website.
Now we check whether this change from advanced user to expert user was successful and open a website and check whether you see a GREEN allow option in the uBO control panel (besides the GREY noop and RED block option). See picture below.
When that is all good you can remove the MyRules below
* * 3p-frame block
* * 3p-script block
* com * noop
* eu * noop
* info * noop
* io * noop
* net * noop
* org * noop
* uk * noop
And add the rules below in the MyFiles
! Block beacons, obsolete plugins and websocket biderectional data connections on insecure websites
|HTTP://*$ping,object,websocket,important
! Block potentially unsafe third-party content linking to unsafe unencrypted websites
|HTTP://*$third-party,~document,~stylesheet,~image,~media,important
! Warn when opening webpages on top level domains and countries I never visit
||*$document,domain=~com|~info|~io|~eu|~net|~org|~uk|~ms|~gov
! Block third-party scripts and frames linking to top level domains and countries I never visit
||*$third-party,script,frame,to=~com|~info|~io|~eu|~net|~org|~uk|~ms|~gov
That is it. now you have easy medium mode applied in My Filters with an option to overrule it with dynamic filtering by simply choosing allow (GREEN) as show here with SMARTOCTO.com (just as example) which was blocked by a filter list i use.
Benefits of JanWilly's easy medium mode over Kees1958 easy medium mode
1. You still got the power of dynamic filtering. With Kees1958 generic rules overrule specific rules so you can' t weed-out a specific website from third-party annoyances nor upgrade security temporarily by going into hardmode when playing with malware links. With JanWill's approach you still can apply hard mode (for a specific website) and NOOP only a few third-party domains (weeding out a website)
2. You have the ALLOW option to overrule the easy medium mode filtering you setup in MY Files (in fact with green you override any filter).
IMPORTANT: you must understand the difference between grey-NOOP (ignore dymanic filtering only) and green-ALLOW (overrule ALL filters), hence only use ALLOW for the second (third-party) column on a specific website.
Last edited by a moderator:
Yes, it's your interpretation. Nothing wrong with that, but I try to stay as close as possible to the intentions of the uBO-developer and of my inspirers, Kees1958 and Lenny_Fox.
So the basis of my tracker blocking will always be dynamic filtering, without using the allow option.
You allowed smartocto.com. It means that no blocking rule will be applied. At default uBO blocks three third party scripts, without breaking the site. So why allowing everything? Or is there still some blocking on DNS level?
With this rule you block opening sites with uncommon TLD's. So all content (included third party content) will be blocked. No need for your rule ||*$script,frame,to=~com|~info|~io|~eu|~net|~org|~uk|~ms|~gov
In fact this rule reminds of a conversion of a dynamic rule in a static rule (with whitelisting regular TLD's).
Which is why @gorhill removed the allow option from default setup. Too many users misunderstood and/or abused the "allow" feature. I don't even know why it's still available as a hidden switch.
I have been following scam site wich is identyfying itselfs as banking site, not single antivirus will flag it and it has TLD of .info
Should i make rules on adguard, install malwarebytes with TLD blocking or third option that is?
Should i make rules on adguard, install malwarebytes with TLD blocking or third option that is?
F
ForgottenSeer 97327
Yes, error that rule misses third-party . Also document rule throws a warning, which csn be bypassed, so technically not a block
Also allow rule is third-party for that specific website only as I explained. And it was only an example.
Last edited by a moderator:
F
ForgottenSeer 97327
I made an error see original post again, add third-party, see belowNice one thanks
||*$third-party,script,frame,to=~com|~info|~io|~eu|~net|~org|~uk|~ms|~gov
F
ForgottenSeer 97327
Duhh, what did I explain at the bottom?
Your remark makes sense for average users, but I don't think you nor Jan Willy would be making such mistakes
Last edited by a moderator:
Ah, I see, I treated that site as first party. Nevertheless I would have nooped (in medium mode) instead of allowed.
Last edited:
F
ForgottenSeer 97327
Thanks for giving feedback, otherwise I had not noticed my mistake/error
F
ForgottenSeer 97327
With Kees1958 approach you sacrifice dynamic filtering for the implementation of easy medium mode. What I thought to be a brilliant idea of Jan Willy to move it to static filtering you still have the option to apply medium or hard mode for certain websites or use synamic filtering to weed-out a website (block third-party rubbish). Seems that I made a misinterpretation, but I use "my interpretation of Jan Willy's tip" for nearly over a year now and it works perfectly. See for instance picture below where I weed-out (block) some third-party stuff not adding any usefull content to ESPN.nl.
To be clear: I wrote about uBO medium mode simulation in AG browser extension. Of course I would never use it in uBO itself. View:
uBO medium mode in Adguard browser extension
IMHO is a great advantage of uBO the use of dynamic rules besides static rules. It makes it possible to use uBO in so called Medium Mode (MM) or Hard Mode (HM). View Blocking mode · gorhill/uBlock Wiki When Google Manifest 3 (MV3) enters into force next year, most probably the dynamic rules...
malwaretips.com
Thanks Jan, given that chrome removing all MV2 extensions in January 2024 An update to the transition of Chrome extensions to Manifest V3 I am keeping an eye out on the uBO lite and Adguard experimental. Did use AG for a period of time but found it slowed browsing when I tried it.To be clear: I wrote about uBO medium mode simulation in AG browser extension. Of course I would never use it in uBO itself. View:
uBO medium mode in Adguard browser extension
IMHO is a great advantage of uBO the use of dynamic rules besides static rules. It makes it possible to use uBO in so called Medium Mode (MM) or Hard Mode (HM). View Blocking mode · gorhill/uBlock Wiki When Google Manifest 3 (MV3) enters into force next year, most probably the dynamic rules...
You may also like...
-
-
uBlock0rigin in Medium mode for Lighter and Stronger Protection, with Less websites breakage and hassle- Started by Windows_Security
- Replies: 129
-
4
-
-
Announcing Windows 10 Insider Preview Build 16288 for PC & Build 15250 for Mobile- Started by Bot
- Replies: 0