Skip to main content

Handling Sites Excluded from Inspection

Overview

Some websites or web applications may not support HTTPS inspection.
This is often due to the implementation or security specifications on the service side.
This page explains how to approach such cases and how to solve them by configuring exclusions.

info

For details on the HTTPS inspection feature, see here.

Common Examples of Excluded Sites

  • Online banking or financial institution sites
    Strict certificate pinning may prevent them from passing through inspection.
  • Some cloud services
    May fail when using proprietary encryption handshakes or app-specific clients.
  • Business systems with strict certificate validation
    Some systems are designed not to allow certificate replacement.

How to Handle

For sites that need to be excluded from inspection, you can configure exclusions from the PromoProxy console.
Excluded traffic is forwarded directly without going through inspection, and the Inspection column in the access log will show No.

Tips

If it’s difficult to decide which URLs should be excluded, checking the access log may help identify them.
Traffic to the target site that shows errors such as Status 403 may indicate URLs that should be excluded.