diff --git a/daemon_get.py b/daemon_get.py
index d91003fe7..8ddafd1c2 100644
--- a/daemon_get.py
+++ b/daemon_get.py
@@ -263,6 +263,10 @@ def daemon_http_get(self) -> None:
         http_402(self)
         return
 
+    # replace invalid .well-known path, prior to checking for suspicious paths
+    if self.path.startswith('/users/.well-known/'):
+        self.path = self.path.replace('/users/.well-known/', '/.well-known/')
+
     # suspicious headers
     if contains_suspicious_headers(self.headers):
         print('GET HTTP suspicious headers ' + str(self.headers))