AutoSSL and Password Protection

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,884
2,243
463
Hello @PenguinInternet,

I've moved this post to it's own thread. I'm not sure that temporarily excluding a file name from the password protection feature is a good option from a security perspective. What are your thoughts on that? Note that you can find further discussion of this topic, and a workaround to this issue at:

AutoSSL - htaccess whitelist

Thank you.
 

monarobase

Well-Known Member
PartnerNOC
Jan 26, 2010
523
16
68
France
cPanel Access Level
Root Administrator
What about simply moving the application to a new folder like, /public_html/secure/ instead of just /public_html and adding a wildcard redirect excluding lets encrypt/comodo verifications. This won't work for everyone but might help in some cases.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,884
2,243
463
What about simply moving the application to a new folder like, /public_html/secure/ instead of just /public_html and adding a wildcard redirect excluding lets encrypt/comodo verifications. This won't work for everyone but might help in some cases.
This might work as a user-submitted workaround in some cases, but moving a directory could open up the potential for additional problems if something goes wrong (e.g. the server stops responding in the middle of the move).

Thank you.