Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

AutoSSL entries added to htaccess

Discussion in 'Security' started by Phil Hitchman, Sep 12, 2017.

Tags:
  1. Phil Hitchman

    Phil Hitchman Member

    Joined:
    May 17, 2016
    Messages:
    6
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    I have had this crash several of my websites. Each time it has been because the Auto SSL routine has added lines to the htaccess file which caused an internal server error.

    We haven't had a problem with it for a couple of months now, however last night one of our websites crashed at exactly the same time the Auto SSL routine ran. When I looked at the htaccess file there was a letter "e" right at the end, on a line of its own, which was not there before. The file edit date was exactly the same as the time the Auto SSL ran, and was out of our working hours so no one here did this manually. It could only have been Auto SSL editing the file.

    Could you not build in a fail safe, whereby, after editing the htaccess file you run a check on the website - if you get a 500 code revert it back to the old file?

    This is causing us problems. As I say, we've had several instances where it has randomly crashed websites by putting invalid stuff in the file.

    Here are the last few lines of our htaccess files after it had been edited by cPanel (note the "e" at the end)...

    # caching - make static images cache
    <IfModule mod_expires.c>
    ExpiresActive On
    ExpiresByType image/jpg "access plus 1 month"
    ExpiresByType image/jpeg "access plus 1 month"
    ExpiresByType image/gif "access plus 1 month"
    ExpiresByType image/png "access plus 1 month"
    ExpiresByType application/x-font-ttf "access plus 1 month"
    ExpiresByType font/opentype "access plus 1 month"
    ExpiresByType application/x-font-woff "access plus 1 month"
    ExpiresByType image/svg+xml "access plus 1 month"
    ExpiresByType application/vnd.ms-fontobject "access plus 1 month"
    ExpiresByType application/javascript "access plus 1 month"
    ExpiresByType text/css "access plus 1 week"
    </IfModule>

    # end mod_rewrite
    e
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,165
    Likes Received:
    1,372
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    The "Use a Global DCV Passthrough instead of .htaccess modification (requires EA4)" option is available under the "Domains" tab in "WHM >> Tweak Settings". Per it's description:

    You can enable this option to avoid direct .htaccess modifications. Otherwise, feel free to open a support ticket using the link in my signature so we can take a closer look at the affected account/server.

    Thank you.
     
Loading...

Share This Page