PFSense: Website Timeout Issue

I tried searching around and could not find someone else with my particular issue. I'm running PFSense (with Snort) and within the last month or two, particular websites timeout and I can't connect to them, sometimes it begins to load them and then errors out. The only three sites I know this is happening in is store.steampower.com, geekandsundry.com, and di.fm.

A friend of mine was trying to help me figure out the cause and we can only think of either DNS or NAT. I've tried turning on and off things in settings and have found nothing that continues to work. Only restarting the entire routers works, but only a little while later do those sites stop working.

I tried doing a traceroute from both WAN and LAN and got this repeating:

1 traceroute: wrote www.geekandsundry.com 40 chars, ret=-1
*traceroute: wrote www.geekandsundry.com 40 chars, ret=-1
*traceroute: wrote www.geekandsundry.com 40 chars, ret=-1
*
2 traceroute: wrote www.geekandsundry.com 40 chars, ret=-1
*traceroute: wrote www.geekandsundry.com 40 chars, ret=-1
*traceroute: wrote www.geekandsundry.com 40 chars, ret=-1

Anyone seen this issue before or have a good idea as to what it is?

Thanks in advance...

This is probably the problem. Clear the snort blocks and have a look at the alerts page, if you're getting alerts fo http, ssl or other flow/stream stuff then click the + button to suppress them. You have to do this to stop false positives, a lot of these rules are meant as information only but snort blocks anything that generates an alert. If it's a priority 3 alert then generally it's safe to disable or suppress.

Thank you sir... You are 100% right. I guess I had some other issue that was resolved after restarting the server when I was testing turning off Snort to see if that isolated the issue to it. I know Wendell and Ryan did that video about Suricata. Do you have much a preference between the two?

Well I can tell you that snort detects port scans a lot better than suricatta does. Does suricatta is probably more feature rich (mulrithreaded, inline filtering etc.)

Good to know. Thanks again! You saved me a big headache.