light bulb

Did You Know?

New Idea

Have noticed  in the Fora that there have been a number of users reporting dissatisfaction at the way that the Personalised Security Report is notified and the control that they have over how it interacts with their systems/themselves, etc.


As a result I am starting a feature request to try to capture this centrally as this is really the place for such views to reside if change is to have a chance of being achieved IMHO.


So common issues that users feel that they need rectified are:


1. Seeing the notification message on every login.  


Suggested that that the frequency should be much more limited (maybe only show the message once per month and that the prompt should disappear by itself if not interacted with by the user after so many seconds.  As it is, the prompt only goes away if you click on "Learn More" (which opens the web page with the stats) or the "X" in the upper right (which closes the window).


So extrapolating from this the conclusion to draw here is the provision of user definable parameters for (i) number of prompts to be shown & interval (in secs) before stopping & (ii) time after which prompt/notification will auto disappear if not responded too.


2. Ability to turn off notification


User defined setting that allows the user to decide whether they are interested in even receiving sucha report, and therefore associated notification (not that I can understand why one would not want too...Smiley Wink)


3. Control to be provided via My Account/Web Console


And one of my own, given the above:


Provision of the above above suggested settings to be handled as another option in the Web Console, very much in the same way as control of the Advanced Settings can be handled that way.  Believe that as the deployment of the report "is controlled by the backend rather than the agent" to quote JoeJ, it makes sense for any new user settings that may be provided to also effectively reside at the backend rather than the client.


Well, I hope that provides a suitable starter for further comments by those who want to make them so that we can see if the feature (which I personally like) can be enhanced.


So please post & comment away, folks...Smiley Very Happy


EDIT: To add point 4. (from David's comments below)


Provision of the ability to be able to view the latest/last Report published "On Demand".  Suggestion is the addition of a permanent tool or option, to access this, under the Utilities, Reports tab.  Thanks, David...a very good one!






Status: Under Consideration
Just heard back that this one is under consideration by the product management team. I'll update when they've made a determination.

I'd like to suggest the addition of the ability to exclude certain files/folders from being scanned. I know the Detection Configuration on the Quarantine tab allows one to manually block or allow specific programs, but the broader exclusion options being suggested here is a bit more in depth than that.

Block All Bundled Software

Status: Under Consideration
by Silver VIP ‎10-07-2014 11:48 AM - edited ‎10-07-2014 11:55 AM

We get a lot of questions/issues/complaints around PUA's.  They are one of the most irritating things.  WSA blocks many of them, but for a variety of reasons not all.  Specifically PUA's that are bundled with other software, are not hidden, have an opt out ability, are not currently blocked by Webroot.


Would it be possible to add a feature that the end user can choose when installing new software to block ALL bundled software?  That would:


1) Be an active choice by the user to block the bundles


2) Reduce vastly the number of PUA issues that we see


3) Keep things quite legal.


4) Help keep Webroot above and beyone the competition.  Smiley Happy


Status: Under Consideration

I've had some conversations with folks internally about this, and it's a thorny issue.  Having a separate category for "technically legal but still unwanted" would require massive infrastructure changes, and categorizing them as bad would open up a legal can of worms.  I'm still pushing for the latter, and I'll update you guys when I have some news.

Polish localization

Status: Under Consideration
by Frequent Voice on ‎04-30-2012 12:01 AM

I would like to see WSA available in my mother language: Polish.

I think it could be a nice idea since WSA is getting more popular in Poland.

Status: Under Consideration
Hey pablozi - We are working hard on creating localized versions of WSA right now in many languages. A date for a Polish product has not yet been released, but we'll update this Idea with a status of "In Process" when we are working on it.

Identity Shield Enhancements

Status: Under Consideration
by Gold VIP on ‎01-27-2015 08:16 AM

Can we have two separate lists, Protect and Allow/Deny, to the Identity Shield as some have said that they would like to Protect an App but they also want to be able to Allow or Deny an App from seeing Protected Data. I can see the benefit of this option myself and other Advanced users.




Daniel Smiley Wink

Hi there


I know that the WP7 community is small (and in some circles WP7 is derided as not a serious mobile OS) but I believe that its acceptance is on the raise and therefore I was wondering if anyone knows of any plans by Webroot to include support for OS via the Mobile Security application.


One of the reasons I went for Essentials 2012 rather than Complete 2012 is the lack of this support.


Personally I hope that there are plans afoot and that the omission (IMHP) is rectified soon.


Any thoughts or observations about the inclusion in the Webroot apps (not about which mobile O/S is best) welcome.






Request serious consideration to incorporate the remaining (all) functions from original Window Washer into Webroot Essentials, including free space space washing & clean complete computer function downlaod to start-up disc.


Status: Under Consideration
We've been making some progress on this in a piecemeal fashion by returning the ability to schedule cleanups, which had been one of the missing features from Window Washer. So parts of the request may happen, while other parts might not. Which feature do you want to see the most? It would be great to get a sense of priority on which of these features are the most important to everyone. Thanks Smiley Happy

Reset Button for the Firewall

Status: Under Consideration
by Gold VIP ‎01-04-2013 09:29 PM - edited ‎01-04-2013 09:33 PM

I would like to see a reset button for the Firewall Network Applications to remove all of the listed connections.


Reason: To remove them now it's so hard if you have many in the case before v8.0.2.96 when there was a glich it added many processes that didn't need internet access.


04-01-2013 11-23-49 PM.png

Status: Under Consideration
Although we are unable to fulfill this request right away, the idea will be deferred for future re-evaluation. Thanks for the suggestion!



I have just tried your new Webroot Secure Anywhere System Analyzer. I have found it quite nice  but I suggest that in future versions it should tell more about the detected problem with just one click on the warning icon instead of diving into the log file, it would be perfect Smiley Happy.

**Edit for subject line searchability

Status: Under Consideration
GREAT feedback. After reviewing this with some of the Webroot team, we agree and are working on a solution.

[Using Google Chrome on Windows 7 and Windows 8]


When we use Google Chrome to visit an HTTPS website, Chrome shows us a padlock to the left of the URL.


Usually we see a Green Padlock, like on the websites for facebook, gmail, twitter, and this one (  The green padlock is a native part of Chrome.  You see that icon when you go to a website where every element on the webpage (images, javascript, etc) is local to the secured SSL server.


Sometimes, though we see a gray-padlock-with-yellow-triangle.  The gray-padlock-with-yellow-triangle is also a native part of Chrome.  You can see that icon when you go to a website that is SSL secure, but, say, embeds an image or banner or something from another server that isn't SSL secure.



The issue is that users never see any green padlocks when Webroot Filtering Extension is enabled.  The extension acts as "something on the page that's embedded from another server".  Thus, a user can never tell the difference between a 100% secured website and once that's only partially secure.  In other words, the extension reports a false-negative for every legit HTTPS website.


Padlock Issue


Since I own and run an insurance website, I would very much like users to see the green padlock on my site.  But if they have Webroot Filtering enabled, they'll only see the partially-secure gay-and-yellow icon... and it looks like it's my company's fault that we're not 100% secure.


I want to be clear about this, the issue is not how secure the extension really is... but how secure my website appears to Webroot users.  Right now, this extension makes my website appear untrustworthy.



What I'd like to see from Webroot:

- fix the problem, or...

- add a note to the gray padlock for safe sites (like mine) explaining that the website is actually safe, or...

- upon the extension being enabled (and whenever a browser is launched) make a splash page that educates the user about how they will never see green padlocks again and why (user can disable the splash page in preferences), or...

- take down the extension and do an update that force-disables the extension until it's repaired, or...

- remove the part of the extension that is causing the problem (perhaps put that part into a second, separate extension that can be optionally enabled)



If it cannot be fixed, Webroot at least needs to do something to educate its users about why they never see green padlocks anymore.



Some ideas on what to investigate in fixing this bug:

page 1

page 2





There is more on this issue on the forum here:


Also, I had previously filed a support ticket regarding this issue on Oct 25, 2013 18:04.



Kind regards,


Status: Under Consideration
I checked in with our support escalation team and they're looking into it.

I think that it would be a good thing to include the option to add user-based rules to the firewall. It's like this:

At the moment, if we want to block an application from being executed, we can manually add it using the following steps: PC Security -> Quarantine -> (Detection Configuration) Configure.

However, we cannot (at the moment) do the same thing if we want to block an application's access to the Internet. We just can't manually block it from using the Internet BEFORE it is executed. In order to block an application, we would have to go the PC Security -> Firewall -> (Select) Warn if any process connects to the Internet unless explicitly allowed -> [Access the application] -> See it in the Firewall table (accessed from PC Security -> Firewall -> View Network Applications) -> Block that application -> Then revert the Firewall heuristics to their previous settings.

As you can see, the process is more complicated than it should be. I think that an "Add/Remove Rule" button should be added to the Firewall table (accessed from PC Security -> Firewall -> View Network Applications), so we could make a choice about a certain application before it is executed. Thus, there would be no need to fiddle with the Firewall heuristics every single time you want to block a certain something.

I also think it is worth mentioning that other vendors (that I shall not name) who offer similar overall protection solutions already have this feature included in their products.

In my opinion, this shouldn't be a complicated thing to do, because the code from the Detection Configuration table [PC Security -> Quarantine -> (Detection Configuration) Configure] could be reused to accomplish this.

Thank you for your time and please tell me your opinion about this.

Status: Under Consideration
This idea has prompted some interesting discussions. We're going to flesh out the idea a bit more with our development and product management teams and give the idea some well-deserved consideration. Thanks for the idea!

Just thinking, especially in the wake of all the enquiries, etc., about the rollout of the new Web Threat Shield functionality, whether it would not be useful to indicate in the main GUI when an update has taken place.  I appreciate that one can see this by howevering over the sys tray icon but this can be missed.


I was thinking along the lines of a simple indicator advising of an update (with possibly a small amount of text information, i.e., 'Updated to v8.0.4. 27' or 'Web Threat Shield upgraded')  either just under 'Scan My Computer' in the main GUI, or if that is too distracting then changing the colour of the text 'My Account', to yellow or the like, to prompt the user to look at the details.  The indicator would only remain visible until after the first access of the main GUI, after the update activity.


And if wanting to go the whole hog here then a link to the appropriate web page holding the change log info cmight also be provided...all in the interests of keeping users updated.


Just a thought for the Communities consideration. Smiley Wink



I know Chrome is now popular and there is a good chance the next version (2013) of WSA will support it, but I would also like to see in that future release support for Opera browser as well. It is my favourite browser and apparently the favourite (or browser of choice by useage) of  5.24% of other people on the internet (taken from Feb 2012 statistics on . I am only using Firefox because your toolbar doesnt support Opera. Check these statistics out (they are approximate but will still give you an idea) 5.24% (of people using Opera browser) X (multiplied by) Webroots 14 million users (taken from, and you have potentially 733600 webroot customers who would value your toolbar supporting Opera browser.....


Food for thought!

Status: Under Consideration

While we will still consider creating a toolbar for Opera, we'd also like to make you aware of the often-overlooked ability to install bookmarklets into Opera, which will allow you to use Webroot's password protection features in Opera in a different way. To activate the bookmarklets, sign into your online console at and go to Passwords. On the right side, in "MyIdentity Actions," click "Install Bookmarklets." If this suits your needs, please let us know. Smiley Happy Bookmarklets are also available for Safari and Konqueror.





As I understand it, the Web Threat Shield blocks sites based on a reputation score, and sites that are believed to be new are automatically given a low reputation score -- so any new site is automatically blocked. The problem is that in the user interface, when a site is blocked, the user is not told whether it is blocked because there is actual evidence of real threats or simply because the site is believed to be new. The result is that users will be frightened away from any relatively new site, even if they have personal knowledge of its reputation (i.e., they might assume that evidence of an actual threat has been detected on the site). This problem is exaccerbated by the fact that Webroot apparently has no reliable way of determining the age of a site, so a site that has been around a long time but simply isn't yet in the Webroot database will be considered new and therefore a threat.

Instead, why not give users more information and let them decide? Rather than giving a new site a low reputation score and scaring users into thinking it is likely to contain threats, instead provide a message like the following:

Webroot does not have any information about the reputation of this website. It may be a relatively new website or an older website that is not popular enough for us to have encountered it before. You may be comfortable using this website if you have personal knowledge of its reputation, but otherwise we suggest you proceed with caution.

A message like that would provide a sufficient warning without misleading users into thinking an actual threat has been identified on a site with which they are already comfortable. If several users choose to unblock the site and proceed, you might then use that information to bump up the site's reputation and stop blocking the site altogether.

Note, this request is motivated by a recent negative Webroot experience with a site that I maintain. The site is for a small local church, so it is not widely popular and was therefore not known to Webroot. One of our church members recently reported that the site was blocked by Webroot and showed me the message indicating that the site was deemed to have a high likelihood of containing threats. Despite the fact that she knows the site and has been to it many times before, she assumed a real threat had been detected. And despite the fact that I am the creator and maintainer of the site, when I saw the warning message, I too thought perhaps some real threat had been detected. Upon further investigation, I learned that no specific threats had been detected, and that Webroot was blocking the site merely because it thought the site was new. The problem is that the site is not new -- it has been up for a full three years.

I believe Webroot is doing its customers a disservice by misleading them into thinking sites they already know and trust have been determined to have real threats, when in reality Webroot simply has zero information about the site. If you have no information about a site, simply tell the user that, and let the user decide what to do based on their personal knowledge of the site.

Status: Under Consideration

Good suggestion - we've entered into our database for dev's consideration.

In response to this post:



MikeR wrote:

 Your ticket is being handled by one of our threat research members and was responded to yesterday. The support system brings your ticket to the top of the queue when you post a new response. The reason you did not get a hastier response when you re-opened your ticket is because you posted 7 times in a row. When you do this, the ticket shows up as a new request and it actually works against you. Tickets are handled in the order they come in and when you post 7 times in a row, it looks like the 7th post was the most recent one and it becomes a "newer" response.




There should be a Warning or Note on All Support Tickets from the Member letting the Member know that this will happen if the Member keeps posting without a response from Support.

Maybe it should also have a time limit say 24 hrs or so. If you don't have a response from Support ask about it on the Forum. That way the members Support Ticket will stay in queue and not be taken as a new request.

Status: Under Consideration
Support is investigating ways they can go about facilitating this request. Thanks for the suggestion Smiley Happy

I know that the new Web Threat Shield is under a slow rollout, and that not everything is 'set in stone' so to speak.  One thing that has been noticed by several users is a lack of usable User Interface with the new 2014 versions.  I am only human, so I make mistakes, we all do.  In the situation that a user clicks to Allow (WhiteList) a URL, and then realizes that was not the right decision, there is currently no way other than uninstalling/re-installing WSA to correct that.


Would it be possible to provide us with an interface on which locally WhiteListed URL's are shown and allow us to edit/remove listings in the event a wrong button is pushed?

Status: Under Consideration
It looks like there will be usability enhancements to the web filtering capabilities added and a UI for managing white lists is one of the enhancements we will be making, but there's not a timeframe for rolling it out yet. In the meantime, a manual editing of the whitelist.txt is the best workaround.

Hello Webroot Staff.


I'm posting this for consideration as a few have asked about it from Wilders Security Forums about the possibility of a Blackberry Mobile Security app for the current OS and the new version that comes out in 2013.


Blackberry Phone and Tablet.





Status: Under Consideration
I talked to product management about this idea, and they agree that we can consider this idea if there is a significant user-base that would benefit from Blackberry coverage. It's possible the market share isn't representative of how many of those Blackberry users are in our user-base, so we'll leave the door open to it. So if you have a Blackberry, and you want to see Webroot on it, kudo this idea. We'll be keeping track.

Windows 8 Custom Firewall Settings/options in WSA Products

Status: Under Consideration
by Community Guide dtouch ‎02-06-2013 04:04 PM - edited ‎02-07-2013 12:16 AM

The wsa firewall semm to have lost its flexibility in windows 8. I would like to have control over my firewall and thats why I chose to have a complete security suite and dont want to install a third party firewall nor i am not so comfortable with windows firewall settings. The wsa firewall was smooth and comfortable in custom allowing applications to connect or not in windows 7. I would like to have have the feature back in windows 8.


Status: Under Consideration
Windows 8 presents limitations to our current firewall implementation and we are currently considering our options in light of those limitations.

Add Czech language localization

Status: Under Consideration
by Sr. Community Expert Advisor on ‎07-12-2012 02:17 AM

I am having some issues with WSA ... malfunctioning Web Shield, Identity Shield, no padlock at all etc.


Webroot tech gurus have concluded that all my problems stem from the fact that my OS language is not supported by WSA.


So I have no other chance than to require inclusion of Czech language into WSA.


I may understand that our market is not as big and thus good as others but I have very strong argument which stands by me ... All other major players in the field of PC security have their products fully localized in Czech language. Just to name a few ... Norton, ESET, Avira, Avast, Kaspersky etc. etc.


Thanks & regards,


Status: Under Consideration
We are working hard on creating localized versions of WSA right now in many languages. A date for a Czech product has not yet been released, but we'll update this Idea with a status of "In Process" when we are working on it.

Backup Speed / Bandwidth Usage

Status: Under Consideration
by Sr. Community Leader on ‎05-06-2013 06:56 AM

I would like to see the abaility to adjust the amount of bandwidth that the backup and sync function uses. By being able to set a low, medium, or high usage, the backup feature can still run but the internet upload speed can be adjusted so it does not slow down regular usage so much.

Status: Under Consideration
While this is still an idea that interests us, we'd like to know if anyone is seeing any network slowdowns in actual use with the current setup before we take action on this. If it's not broke, don't fix it, so is your network traffic slow during uploads? Notably, sync will already pause itself when a full screen application is active or when on battery power.
Share your ideas - big and small!

Remember to VOTE for your favorite ideas because we're listening. Not all will be implemented, but the ones will the most votes will definitely get discussed. :)

If you are a business customer, please submit your ideas in the Feature Requests area instead.
Idea Categories
Idea Statuses
Top Kudoed Authors