Jump to content
MDDHosting Forums

LetsEncrypt and automatic insertion of rewrite conditions in .htaccess


Recommended Posts

Hey guys,

Regarding the following lines inserted into my .htaccess files multiple times:

RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/.+$
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$

The AutoSSL / LetsEncrypt process needs to be able to verify the domain, and cpanel is just making sure that there aren't any rewrites going on that would break that process, right?

Is there any reason why all this clutter couldn't be fixed by simply adding the following, once near the top (before any of the other rewrites are listed):

RewriteRule ^/[0-9]+\..+\.cpaneldcv$ - [L]
RewriteRule ^.well-known - [L]

I'm just asking because if the .htaccess file has more than just a couple things going on, this automatic insertion of rewrite conditions makes such a mess that it can hardly be read.

Link to comment
Share on other sites

As for the why, it is done that way as part of good security practices. You always want to permit the absolute minimum and not have rules so broad they would cover more then the software needs. This is why the rules are specifically added to each section.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...