diff --git a/src/plugins/SSLPlugin/ssl_plugin.c b/src/plugins/SSLPlugin/ssl_plugin.c
index 3152cc0..0ba95bf 100644
--- a/src/plugins/SSLPlugin/ssl_plugin.c
+++ b/src/plugins/SSLPlugin/ssl_plugin.c
@@ -261,7 +261,9 @@ int dossl(struct clientparam* param, SSL_CONN* ServerConnp, SSL_CONN* ClientConn
 	ssl_conn_free(ServerConn);
 	return 2;
  }
+
  ClientConn = ssl_handshake_to_client(param->clisock, FakeCert, &errSSL);
+ 
  if ( ClientConn == NULL ) {
 	param->res = 8012;
 	param->srv->logfunc(param, (unsigned char *)"Handshake to client failed");
@@ -313,7 +315,7 @@ static FILTER_ACTION ssl_filter_predata(void *fo, struct clientparam * param){
 		return REJECT;
 	}
 	param->redirectfunc = proxyfunc;
-	return PASS;
+	return CONTINUE;
 }
 
 
diff --git a/src/proxy.c b/src/proxy.c
index 3dcc581..8bc7a38 100644
--- a/src/proxy.c
+++ b/src/proxy.c
@@ -526,6 +526,20 @@ for(;;){
  reqsize = (int)strlen((char *)req);
  reqbufsize = reqsize + 1;
 
+
+ if(param->srv->needuser > 1 && !param->username) {RETURN(4);}
+ if((res = (*param->srv->authfunc)(param))) {
+	if (res <= 10 || haveconnection || param->transparent) RETURN(res);
+	so._closesocket(param->remsock);
+	param->remsock = INVALID_SOCKET;
+	param->redirected = 0;
+	param->redirtype = 0;
+	memset(&param->sinsl, 0, sizeof(param->sinsl));
+	memset(&param->sinsr, 0, sizeof(param->sinsr));
+	if((res = (*param->srv->authfunc)(param))) RETURN(res);
+ }
+
+
 #ifndef WITHMAIN
 
  action = handlereqfilters(param, &req, &reqbufsize, 0, &reqsize);
@@ -540,6 +554,10 @@ for(;;){
  if(action != PASS) RETURN(517);
  param->nolongdatfilter = 0;
 
+ if(isconnect && param->redirtype != R_HTTP) {
+	socksend(param->clisock, (unsigned char *)proxy_stringtable[8], (int)strlen(proxy_stringtable[8]), conf.timeouts[STRING_S]);
+ }
+
  if (param->npredatfilters){
 	action = handlepredatflt(param);
 	if(action == HANDLED){
@@ -568,17 +586,6 @@ for(;;){
 
 #endif
 
- if(param->srv->needuser > 1 && !param->username) {RETURN(4);}
- if((res = (*param->srv->authfunc)(param))) {
-	if (res <= 10 || haveconnection || param->transparent) RETURN(res);
-	so._closesocket(param->remsock);
-	param->remsock = INVALID_SOCKET;
-	param->redirected = 0;
-	param->redirtype = 0;
-	memset(&param->sinsl, 0, sizeof(param->sinsl));
-	memset(&param->sinsr, 0, sizeof(param->sinsr));
-	if((res = (*param->srv->authfunc)(param))) RETURN(res);
- }
 
  if(ftp && param->redirtype != R_HTTP){
 	SOCKET s;
@@ -826,7 +833,6 @@ for(;;){
  }
 
  if(isconnect && param->redirtype != R_HTTP) {
-	socksend(param->clisock, (unsigned char *)proxy_stringtable[8], (int)strlen(proxy_stringtable[8]), conf.timeouts[STRING_S]);
 	if(param->redirectfunc) {
 		if(req)myfree(req);
 		if(buf)myfree(buf);