Q&A WFC Pop-up Message Confusion

SearchLight

Level 13
Thread author
Verified
Top poster
Well-known
Jul 3, 2017
614
I had a paid license for WFC pre-Malwarebytes. I stopped using it because Allow Once, Always Allow, and Block Once, and Block Always are within the same popup boxes next to each other. Never know which rule was applied after clicking since there is no acknowledgement.

Imo these choices should be uniquely separated with a confirmation dialogue.

Anyone experience or feel the same?
 
  • Like
Reactions: AtlBo

Zorro

Level 8
Well-known
Jun 11, 2019
369
I agree. It would be better if each option was of a certain color: Always allow — dark green, Always block — red, block once — orange. I would also introduce such an option as “Resolve once” and make it light green. Such an option would be useful when the installer of the program is running, which once goes to the network, downloads files, then deletes, and the rule for it "always allow" remains and clutters up the list of rules.
 

Bill K

Level 5
Jul 25, 2018
227
I agree. It would be better if each option was of a certain color: Always allow — dark green, Always block — red, block once — orange. I would also introduce such an option as “Resolve once” and make it light green. Such an option would be useful when the installer of the program is running, which once goes to the network, downloads files, then deletes, and the rule for it "always allow" remains and clutters up the list of rules.
Sounds to me like you'd be a good designer of a security software interface... Maybe there's an opportunity for you out there.
 
  • Like
Reactions: Zorro

SearchLight

Level 13
Thread author
Verified
Top poster
Well-known
Jul 3, 2017
614
I agree. It would be better if each option was of a certain color: Always allow — dark green, Always block — red, block once — orange. I would also introduce such an option as “Resolve once” and make it light green. Such an option would be useful when the installer of the program is running, which once goes to the network, downloads files, then deletes, and the rule for it "always allow" remains and clutters up the list of rules.
Wonder if Glasswire would be more message specific, and reliable but it is not as simplistic, and is larger program.

The way WFC is designed you don't know if it is creating a one time or an always action rule in Windows Firewall unless you look at the rulesets by the way the options are grouped right next to one another. Could lead to making an erroneous choice.
 

Zorro

Level 8
Well-known
Jun 11, 2019
369
Wonder if Glasswire would be more message specific, and reliable but it is not as simplistic, and is larger program.

The way WFC is designed you don't know if it is creating a one time or an always action rule in Windows Firewall unless you look at the rulesets by the way the options are grouped right next to one another. Could lead to making an erroneous choice.
WFC is just an add-on that simplifies the management of Windows Firewall. In other words, you do not need to manually dig into the advanced settings of the firewall, creating your own rule, you just need to select the option in the dialog box and the script specified in the add-in will write this rule for you. What else is there to understand? One dialog box with a color indication of the choices is more than understandable to the average user, since associations with one or another color are the same for all people: red is a ban, green is a resolution, everything else is intermediate options that are not hard to remember either. The principle of traffic lights. It is simple and clear. Regarding the rules, to allow the program access to the network, the user can now create only a PERMANENT rule, and in case of removal of the program / installer, it will be marked in Red in the Rule Set (that is, the rule for the remote / non-existing program). And then you will have a lot of such rules, you must delete them manually. I do not know whether it is possible in principle to create a temporary rule in the Windows firewall (the rule for a single exit to the network with its subsequent automatic deletion), or it is not at all possible due to the nature of the Windows firewall.

Sounds to me like you'd be a good designer of a security software interface... Maybe there's an opportunity for you out there.
I do not know. I did not think about such things :)
 

Roadjet

New Member
Jul 28, 2019
4
Generally I watch for reaction from VS and make sure that WFC designates that program is 'signed' b4 allowing rule creation, even installers. Yes you must go in and remove 'invalid' rules, just put it on a weekly schedule and think of it in same terms as an 'oil change', don't forget to remove duplicates also.