diff --git a/phpBB/phpbb/manifest.php b/phpBB/phpbb/manifest.php
index 880db6a444..6b48138517 100644
--- a/phpBB/phpbb/manifest.php
+++ b/phpBB/phpbb/manifest.php
@@ -15,9 +15,7 @@ namespace phpbb;
 
 use phpbb\config\config;
 use phpbb\event\dispatcher_interface;
-use phpbb\exception\http_exception;
 use Symfony\Component\HttpFoundation\JsonResponse;
-use Symfony\Component\HttpFoundation\Response;
 
 class manifest
 {
@@ -56,11 +54,6 @@ class manifest
 	 */
 	public function handle(): JsonResponse
 	{
-		if ($this->user->data['is_bot'])
-		{
-			throw new http_exception(Response::HTTP_FORBIDDEN, 'NO_AUTH_OPERATION');
-		}
-
 		$board_path = $this->config['force_server_vars'] ? $this->config['script_path'] : $this->path_helper->get_web_root_path();
 
 		$sitename = html_entity_decode($this->config['sitename'], ENT_QUOTES, 'UTF-8');
@@ -92,6 +85,13 @@ class manifest
 		$response->setPublic();
 		$response->setMaxAge(3600);
 		$response->headers->addCacheControlDirective('must-revalidate', true);
+
+		if (!empty($this->user->data['is_bot']))
+		{
+			// Let reverse proxies know we detected a bot.
+			$response->headers->set('X-PHPBB-IS-BOT', 'yes');
+		}
+
 		return $response;
 	}
 }