I've seen the same issue present when a site is .htaccess password protected - this stops validation as the file cannot be accessed and so is one scenario to consider
Hello @PenguinInternet,
I've moved this post to it's own thread. I'm not sure that temporarily excluding a file name from the password protection feature is a good option from a security perspective. What are your thoughts on that? Note that you can find further discussion of this topic, and a workaround to this issue at:
AutoSSL - htaccess whitelist
Thank you.
I've moved this post to it's own thread. I'm not sure that temporarily excluding a file name from the password protection feature is a good option from a security perspective. What are your thoughts on that? Note that you can find further discussion of this topic, and a workaround to this issue at:
AutoSSL - htaccess whitelist
Thank you.
What about simply moving the application to a new folder like, /public_html/secure/ instead of just /public_html and adding a wildcard redirect excluding lets encrypt/comodo verifications. This won't work for everyone but might help in some cases.
This might work as a user-submitted workaround in some cases, but moving a directory could open up the potential for additional problems if something goes wrong (e.g. the server stops responding in the middle of the move).
Thank you.
| Thread starter | Similar threads | Forum | Replies | Date |
|---|---|---|---|---|
| L | AutoSSL polls for days with no result | Security | 4 | |
| P | AutoSSL Issuing Expired Certificates | Security | 2 | |
| C | AutoSSL for smtp | Security | 1 | |
| C | AutoSSL failing for addon domain | Security | 3 | |
| M | AutoSSL and password protected domains | Security | 3 |