AutoSSL for many RewriteRules?

ValeryVK

Registered
Jul 30, 2018
1
0
1
Belarus
cPanel Access Level
Website Owner
Hello,

I have many RewriteRule in my .htaccess file. According to the documentation, I have to add the following code before each RewriteRule:
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt$
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$

For me, it looks duplications. Can I set AutoSSL off, remove all code above before each RewriteRule and add the following code after "RewriteBase /" ? :
RewriteCond %{REQUEST_URI} ^/[A-F0-9]{32}\.txt$ [OR]
RewriteCond %{REQUEST_URI} ^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteRule .* - [L]

Pay attentions, I removed ! (NOT), added [OR] and RewriteRule.

Am I missing something? Or my idea will work without any problems?

Regards,
Valery.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,908
2,218
463
Hello Valery,

The better approach is to simply enable the following option under the Domains tab in WHM >> Tweak Settings:

Use a Global DCV Passthrough instead of .htaccess modification (requires EA4)

This allows you to avoid the .htaccess modification step during the AutoSSL validation process. Do you have root access to the server to enable this option? If not, can you check with your web hosting provider to see if they can enable it on the server?

Thank you.
 

David Colter

Active Member
Jun 30, 2016
40
10
8
USA
cPanel Access Level
Root Administrator
@cPanelMichael

Thank you for this answer. I don't really understand it though.

When you say "The better approach is to simply enable ...", are you suggesting that these 2 lines can be commented or removed if Global DCV Passthrough is enabled? Or, are you simply answering Valery's question "Pay attentions, I removed ! (NOT), added [OR] and RewriteRule" ?

I have these 2 lines strewn through public_html .htaccess files (up to 3 places) in a few domains to block junk sites and certain country referrers . This makes me wonder if the 2 lines are preventing the intended block. ??
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,908
2,218
463
Hello @David Colter,

Here's the full description of the Use a Global DCV Passthrough instead of .htaccess modification (requires EA4) option found under the Domains tab in WHM >> Tweak Settings:

When you enable this option, Apache adds global rewrite rules to the webserver configuration so that the system does not process additional rewrite rules for DCV filenames. These global rules make it unnecessary for cPanel & WHM to modify each virtual host’s .htaccess file. Note: When you enable this option, the system receives a trivial performance penalty because all of the HTTP requests must be matched against the DCV filename regular expressions.
Thus, if you're using this option, you should not have to add entries to the .htaccess files under your accounts in order for the AutoSSL domain validation process to succeed.

Thank you.