This site is for Avast Business products only. For articles on AVG Business products, see AVG Business Help. If you are in the right place but cannot find what you are looking for, please contact Avast Business Support for further assistance.

Real Site

This Article Applies to:

  • Avast Small Business Solutions
  • Avast Small Office Protection


Real Site (aka Secure DNS) is an Antivirus component designed to protect against Domain Name System hijacking. DNS hijacking (or DNS redirection) is a type of malicious attack that redirects you from the site you want to visit to one that may look just like it, but that can steal information such as usernames, passwords, and credit card details. This type of attack is especially dangerous when used with banking and shopping websites. In some cases, DNS hijacking may be recognized only after your sensitive data has been compromised.

To access Real Site, go to the Protection section of the client UI, then select Real Site.

From here, you can enable or disable the component using the toggle.

How Real Site Works

Every time you enter the URL of a website into the address bar of your browser, the URL is translated to the IP address of the web server where the web page that you want to access is stored. Real Site provides an encrypted connection between your web browser and Avast's own DNS server to prevent hijacking. In other words, Real Site ensures that the displayed website is the authentic one.

The component will connect to Avast backend to query the list of our DNS servers and select the best one based on the connection/load.

Firewall Requirements

  • UDP 443 - Encrypted communication
  • UDP 53 - Secure DNS services

If the firewall blocks these ports, Real Site tries to connect to them by TCP protocol.

Supporting Encrypted DNS in Browsers

In the Real Site section of the client's advanced settings (accessible by either clicking the gear icon on the Real Site screen or going to Menu > Settings > Protection > Real Site), you can choose whether Real Site will also support encrypted DNS in browsers.

We recommend keeping the default setting (enabled), as this extends Real Site's protection to browsers that use the DoH (DNS over HTTPS) protocol to encrypt DNS traffic.

Real Site Exceptions

For Windows devices, it's possible to exclude sites from Real Site. This will mean that the DNS resolution will not be verified through the secure connection to Avast servers, and will default to the device's DNS settings.

To add Real Site exclusions:

  1. Go to Menu > Settings > General > Exceptions
  2. Click Add exception
  1. In the dialog, enter the website(s) you want to exclude using the dns://* format
  2. Click Add Exception

The added exception will be displayed under Website.

You can also use the Add advanced exception dialog to select Website/Domain directly and enter the site in the same format.

For more information on exceptions, see Configuring Antivirus Exceptions.

Verifying Real Site Status

You can check Real Site's status by going to If the component is active, the following message will be displayed:

If not, this will be displayed instead: