【AiProtection Bug】Malicious Sites Blocking Remains Enabled Despite Turning Off "Enable AiProtection"

[YumeHatsuyuki]

Firmware: 3006_102.5
RT-BE88U

---

I’ve encountered some confusing behavior with the Malicious Sites Blocking feature. For example, even after disabling the Enabled AiProtection option, the Malicious Sites Blocking still operates. It completely blocks all websites on its blacklist.

Here are my test results for unlocking cdn.sinacloud.net with AiProtection:

---

Test 1: Disabled Enabled AiProtection and all associated options:

nslookup cdn.sinacloud.net

Server:    RT-BE88U-B020.lan
Address:  192.168.50.1

Name:      cdn.sinacloud.net
Address 1: 3.114.78.198

It hijacked the DNS traffic to blocking.asus.hns.tm.

---

Test 2: Disabled Enabled AiProtection but enabled all associated options:

nslookup cdn.sinacloud.net

Server:    RT-BE88U-B020.lan
Address:  192.168.50.1

Name:      cdn.sinacloud.net
Address 1: 3.114.78.198

It still hijacked the DNS traffic to blocking.asus.hns.tm.

---

Test 3: Enabled Enabled AiProtection but disabled all associated options:

nslookup cdn.sinacloud.net

Server:    RT-BE88U-B020.lan
Address:  192.168.50.1

Name:      cdn.sinacloud.net
Address 1: 3.114.78.198

The DNS traffic was hijacked to blocking.asus.hns.tm again.

---

Test 4: Enabled Enabled AiProtection and enabled all associated options:

nslookup cdn.sinacloud.net

Server:    RT-BE88U-B020.lan
Address:  192.168.50.1

Name:      cdn.sinacloud.net
Address 1: xxx.xxx.xxx.xxx
Address 2: xxx.xxx.xxx.xxx
Address 3: xxx.xxx.xxx.xxx
Address 4: xxx.xxx.xxx.xxx

Only with this configuration did it resolve all the correct IPs.

---

Question:

Aside from adding websites to the whitelist, is it possible to either disable the Malicious Sites Blocking feature individually or turn off AiProtection completely? I don't want to revoke the privacy settings in system management because I need to keep other related features (such as QoS). Is there a better solution?

 

[bennor]

Note that when disabling AiProtection (or the Trend Micro features) you need to go into Administration > Policy section and click the Withdraw button for it in order to fully shut down the feature.

 

[YumeHatsuyuki]

Note that when disabling AiProtection (or the Trend Micro features) you need to go into Administration > Policy section and click the Withdraw button for it in order to fully shut down the feature.

Yes, I've seen this solution mentioned in other forum posts. However, if I disable it completely, other related features (such as QoS and traffic statistics) also become unavailable. I need all functionalities except for the web filtering feature, yet currently the only way to bypass the blocking seems to be adding sites to the whitelist, which is quite frustrating.

 

[YumeHatsuyuki]

I’ve identified the issue with the AiProtection settings not taking effect. According to my tests, the problem consistently occurs when Web History is enabled—it automatically enables and overrides all security options of AiProtection by default. However, after turning off Web History, the AiProtection behavior becomes fully consistent with the configuration shown in the WEB UI.

 

[Tech9]

other related features (such as QoS and traffic statistics)

Adaptive QoS doesn't work on this router anyway.