AutoSSL for many RewriteRules?

ValeryVK · Jul 30, 2018

Hello,

I have many RewriteRule in my .htaccess file. According to the documentation, I have to add the following code before each RewriteRule:
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt$
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$

For me, it looks duplications. Can I set AutoSSL off, remove all code above before each RewriteRule and add the following code after "RewriteBase /" ? :
RewriteCond %{REQUEST_URI} ^/[A-F0-9]{32}\.txt$ [OR]
RewriteCond %{REQUEST_URI} ^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteRule .* - [L]

Pay attentions, I removed ! (NOT), added [OR] and RewriteRule.

Am I missing something? Or my idea will work without any problems?

Regards,
Valery.

cPanelMichael · Aug 1, 2018

Hello Valery,

The better approach is to simply enable the following option under the Domains tab in WHM >> Tweak Settings:

Use a Global DCV Passthrough instead of .htaccess modification (requires EA4)

This allows you to avoid the .htaccess modification step during the AutoSSL validation process. Do you have root access to the server to enable this option? If not, can you check with your web hosting provider to see if they can enable it on the server?

Thank you.

David Colter · Aug 29, 2019

@cPanelMichael

Thank you for this answer. I don't really understand it though.

When you say "The better approach is to simply enable ...", are you suggesting that these 2 lines can be commented or removed if Global DCV Passthrough is enabled? Or, are you simply answering Valery's question "Pay attentions, I removed ! (NOT), added [OR] and RewriteRule" ?

I have these 2 lines strewn through public_html .htaccess files (up to 3 places) in a few domains to block junk sites and certain country referrers . This makes me wonder if the 2 lines are preventing the intended block. ??

cPanelMichael · Sep 10, 2019

Hello @David Colter,

Here's the full description of the Use a Global DCV Passthrough instead of .htaccess modification (requires EA4) option found under the Domains tab in WHM >> Tweak Settings:

When you enable this option, Apache adds global rewrite rules to the webserver configuration so that the system does not process additional rewrite rules for DCV filenames. These global rules make it unnecessary for cPanel & WHM to modify each virtual host’s .htaccess file. Note: When you enable this option, the system receives a trivial performance penalty because all of the HTTP requests must be matched against the DCV filename regular expressions.

Thus, if you're using this option, you should not have to add entries to the .htaccess files under your accounts in order for the AutoSSL domain validation process to succeed.

Thank you.

Thread starter	Similar threads	Forum	Replies	Date
P	Certificate for a delegated subdomain (AutoSSL + Let's Encrypt).	Security	2	Feb 16, 2023
M	Sectigo AutoSSL doesn't renew domain	Security	3	Feb 11, 2023
S	AutoSSL cron run time(s)	Security	13	Feb 5, 2023
A	AutoSSL - Switch from Sectigo to Let's Encrypt	Security	3	Jan 31, 2023
W	problem with certificate parent cpanel - run autossl no work	Security	3	Jan 12, 2023

Search

Search

AutoSSL for many RewriteRules?

ValeryVK

Registered

cPanelMichael

Administrator

David Colter

Active Member

cPanelMichael

Administrator