diff --git a/daemon.py b/daemon.py
index 91721dcc4..6bcbee8d5 100644
--- a/daemon.py
+++ b/daemon.py
@@ -205,6 +205,7 @@ from shares import addShare
 from shares import removeShare
 from shares import expireShares
 from categories import setHashtagCategory
+from utils import permittedDir
 from utils import isAccountDir
 from utils import getOccupationSkills
 from utils import getOccupationName
@@ -1020,16 +1021,6 @@ class PubServer(BaseHTTPRequestHandler):
             self._404()
         return True
 
-    def _permittedDir(self, path: str) -> bool:
-        """These are special paths which should not be accessible
-        directly via GET or POST
-        """
-        if path.startswith('/wfendpoints') or \
-           path.startswith('/keys') or \
-           path.startswith('/accounts'):
-            return False
-        return True
-
     def _postToOutbox(self, messageJson: {}, version: str,
                       postToNickname=None) -> bool:
         """post is received by the outbox
@@ -11727,7 +11718,7 @@ class PubServer(BaseHTTPRequestHandler):
                                   'avatar background shown done',
                                   'GET busy time')
 
-        if not self._permittedDir(self.path):
+        if not permittedDir(self.path):
             if self.server.debug:
                 print('DEBUG: GET Not permitted')
             self._404()
diff --git a/utils.py b/utils.py
index cb731bfd7..512b81708 100644
--- a/utils.py
+++ b/utils.py
@@ -2410,3 +2410,14 @@ def isAccountDir(dirName: str) -> bool:
     if 'inbox@' in dirName or 'news@' in dirName:
         return False
     return True
+
+
+def permittedDir(path: str) -> bool:
+    """These are special paths which should not be accessible
+       directly via GET or POST
+    """
+    if path.startswith('/wfendpoints') or \
+       path.startswith('/keys') or \
+       path.startswith('/accounts'):
+        return False
+    return True