Strange behavior with the IPS on

Hi Everyone,

one way of the other the IPS is blocking a website that is a normal website, its a normal website that I buy things at.
Even with no rules selected, it’s still get blocked, it only reachable if the IPS is off.
My setting is like this:

  • IPS is on

  • no rules selected

  • only the (in this case) RED is selected

I was searching on the community for some one with this problem that have a solution but can’t find any solution.

I follow all suggestions form here but still I can’t find a fix.

Access to the website is only able if IPS is off totally even wit monitor traffic I am not able to go to the website.

I dont know if it is a bug or so but maybe i am missing something.

BTW this came up because I am folowing Peter Muller post’s.

Best Regards


Some update and insight;

my IPfire is setup with DNS in Recursor Mode
Protocol is on TLS
and I switch from standard to strict QNAME Minimisation (on both setting still did not change anything with the website).
Guardian is on and working.

I add the website that is getting block in the white list ( by searching for the ip address of the website ) but I still did not have a success.

Doing the last setting help me for only (around)3 hour after that the website got block again.
I do not see any thing in the ips-log (on the wui).

I will keep checking what I can find.

Best regards


I took a time and check my orders placed on the website that get blocked, and I noticed that I ordered things there without any problem before core 147 and I remember I had the IPS on because I was reading ways to use it.
Till now what I can find, it looks like something in the core 147?
As the ips will check the package before geoblock and the firewall, would be the only way to grand access to the website by white list the website, but even then the ips don’t seem to honor that, even in monitor mode.
@arne_f am I missing something here?(above)