Firewall kaspersky/avast blocked messages when I'm using a websocket server (socket.io on node.
What can be done?
44 Answers
I can tell you 100% that Avast for example blocks not only websockets, but from what I see from my Socket.IO app also xhr-polling and other stuff.
This is unacceptable, I've even tested on port 80 and it doesn't work. What an awful piece of software.
Edit: this is a list of blocked ports by antiviruses (Dead 2017-07-20)
First rule of Firewall: it can't block what it can't sense.
Does the firewall allow TLS? If so, serve content over WSS instead of WS.
A usual WSS client will open a TLS connection to you (source) and send you this:
GET /demo HTTP/1.1 Upgrade: WebSocket Connection: Upgrade Host: example.com Origin: WebSocket-Protocol: sampleThe firewall can't detect it because it is over TLS.
A HTTP-CONNECT-WSS client will send you this:
CONNECT example.com:443 HTTP/1.1 Host: example.comThe firewall sees it as yet another HTTP-CONNECT-TLS connection. (source)
Sidenote: websockets can fail due to websocket-unaware intermediary proxies buffering connections even if the firewall doesn't block it. The same is true of HTTP "comet" streaming. 2
You can try to use port 443 (which is used for https) if it's possible in your case.
Many ISP companies block the port 80 to prevent their customers of hosting a web servers on their home computers.
It might beyond your power to unblock the port 80 from your ISP.
Also, as far as I am concerned, Avast is not a firewall.
