Get this font in here!
This Article Applies to:
- Avast Business Hub
Real Site (aka Secure DNS) is an Antivirus component designed to protect against Domain Name System hijacking. DNS hijacking (or DNS redirection) is a type of malicious attack that redirects you from the site you want to visit to one that may look just like it, but that can steal information such as usernames, passwords, and credit card details. This type of attack is especially dangerous when used with banking and shopping websites. In some cases, DNS hijacking may be recognized only after your sensitive data has been compromised.
How Real Site Works
Every time you enter the URL of a website into the address bar of your browser, the URL is translated to the IP address of the web server where the web page that you want to access is stored. Real Site provides an encrypted connection between your web browser and Avast's own DNS server to prevent hijacking. In other words, Real Site ensures that the displayed website is the authentic one.
The component will connect to Avast backend to query the list of our DNS servers and select the best one based on the connection/load.
- UDP 443 - Encrypted communication
- UDP 53 - Secure DNS services
If the firewall blocks these ports, Real Site tries to connect to them by TCP protocol.
Supporting Encrypted DNS in Browsers
In the Business Hub's policies, Real Site will be located under the Antivirus Protection section in Settings > Antivirus, and it will be disabled by default. When you enable it, you can choose whether Real Site will also support encrypted DNS in browsers.
We recommend keeping the default setting (enabled), as this extends Real Site's protection to browsers that use the DoH (DNS over HTTPS) protocol to encrypt DNS traffic.
Real Site Exclusions (Windows Only)
For Windows devices, it's possible to exclude sites from Real Site. This will mean that the DNS resolution will not be verified through the secure connection to Avast servers, and will default to the device's DNS settings.
To add Real Site exclusions:
- Open the Policies page
- Click the desired policy to open its Detail drawer
- Select the Exclusions tab
- Expand the Antivirus exclusions section
- Within the All Scans and Shields tab, scroll down to URL Addresses
- Click + Add new exclusion
- In the dialog, enter the website(s) you want to exclude using the dns://domain.com/* format
- Once done, click Add new exclusion
Overriding Policy Settings
Via the Services tab of a device, you can override its policy configuration for Real Site by ticking the Manually customize settings inherited from policy checkbox under Antivirus and then toggling the component on/off.
To learn more about policy overrides, see
Verifying Real Site Status
You can check Real Site's status
If not, this will be displayed instead:
Other Articles In This Section: