Skip to content

Antivirus MITM proxy

You might experience issues getting to a protected website if you’re using Kaspersky or ESET NOD32 antivirus software. In this case, your visit in Event log will be recognized under Bots Emulating Humans category, with Not a web browser, fingerprint mismatch in Trigger details.

It might happen due to usage of built-in MITM (Man-In-The-Middle) proxy, which is used to decrypt HTTPS websites traffic. Such practice is questionable because on contrary in some scenarios and implementations it actually might lower your web traffic security, but it’s the only way for antivirus software to take a look into your encrypted web traffic.

Note

Please consider enabling CAPTCHA mitigation for Bots Emulating Humans category. This way, the users that are able to solve CAPTCHA challenge would be granted with access to your website

MITM proxies implemented by Kaspersky and ESET are known to modify your web browser digital fingerprints. And your web request might look to be made by non-original software, and it would be detected as bot by our request analysis engine.

There might be various workarounds for the issue.

Kaspersky

Whitelist your protected website for Kaspersky

  1. Open Kaspersky and go to Security tab step1.png

  2. Click this gear icon to open settings step2.png

  3. Click Network setting in Advanced settings section step3.png

  4. Click Trusted addresses in Encrypted connection scan section step4.png

  5. Click Add step5.png

  6. Enter your website URL, select Active radio button and save changes step6.png

  7. Save (1) changes to website exclusions list step7.png

  8. Save (2) new Kaspersky settings (it will show a prompt to confirm if you really want to change settings)

  9. Visit protected website again

Disable Kaspersky MITM proxy

  1. Perform the steps 1-3 from the whitelisting guide above to get into MITM proxy settings

  2. Choose Do not scan encrypted connections in “Encrypted Connections Scan” sections disable-mitm.png

  3. Read about the consequences of your decision and click Save to apply new settings

  4. Visit protected website again

ESET NOD32

Whitelist your protected website for ESET NOD32

  1. Open ESET window and navigate to Setup tab step1.png

  2. Click Internet protection step2.png

  3. Click gear icon in Web access protection row step3.png

  4. Navigate to SSL/TLS in sidebar step4.png

  5. Edit Certificate rules step5.png

  6. Add new rule step6.png

  7. Click URL to fetch website certificate using built-in function. Alternatively, you could upload the certificate file manually step7.png

  8. Enter website URL and click "OK" step8.png

  9. Set Access Action to Auto or Allow, set Scan Action to Ignore and click OK to save settings. Then click OK few more times to apply new settings. step9.png

  10. Visit the website again

Disable ESET NOD32 MITM proxy

  1. Perform the steps 1-4 from the whitelisting guide above to get into MITM proxy settings

  2. Switch off Enable SSL/TLS toggle and confirm changes pressing OK button disable-mitm.png

  3. Visit protected website again

Avast (OS X)

  1. Open Avast dashboard and click Core Shields step1.png

  2. Click gear icon to open Preferences step2.png

  3. Select Core Shields from top menu, then open Web Shield tab, and click Add Exceptions in the bottom. step3.png

  4. Enter your domain here and click Add step4.png

  5. Optional. Optionally, you could enable HTTP3 (QUIC) protocol for better web surfing experience (1) or completely prevent Avast from scanning your encrypted traffic (2). step5.png

  6. Visit protected website again