Applies to: Sophos Home Premium (macOS)
You receive a Sophos Home notification on your Mac stating “Malicious Traffic Blocked”
Cause
This alert is displayed because the Sophos Malicious Traffic Detection (MTD) has detected and blocked a malicious HTTP traffic. MTD is the Sophos component responsible for monitoring HTTP traffic that shows signs of connectivity to known bad URLs.
For more information about MTD, see Sophos Malicious Traffic Detection FAQs.
Next steps
If you believe this a false positive, you may add an exclusion at your own discretion/risk by following the below listed steps. Please keep in mind that MTD exclusions will also apply globally to Real-Time Protection, PUA protection and Scans.
(See Related information section for additional options regarding false positives).
Excluding via a specific Dashboard detection
Locate the detection on your dashboard
Click on Show more options
Under Did we get this wrong? click on Allow an Unblock
Note: This adds an exclusion to Malicious Traffic Detection, PUA, Real Time Protection and Scans
Excluding by manually entering the file path on the dashboard
Exclusions can be made by adding in the file (typically the file making the network call) or folder you wish to exclude. Exclusions cannot be made based on the URL or based on drives.
For more information regarding exclusions, please see Setting scan exceptions
Additionally, users may disable the feature for testing purposes (however, not recommended): Disable Malicious Traffic Detection