AutoSSL override htaccess

Nirjonadda

Well-Known Member
May 8, 2013
736
27
78
cPanel Access Level
Root Administrator
Does cPanel AutoSSL override htaccess ? Can i remove this rules from htaccess? Please let me know that can i still use this my

My original htaccess is :

Code:
RewriteEngine On

# Force SSL:
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

# Force www:
RewriteCond %{HTTP_HOST} !^$
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteCond %{HTTPS}s ^on(s)|
RewriteRule ^ http%1://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
cPanel added:

Code:
RewriteEngine On

RewriteCond %{HTTP_HOST} !^www\.example\.com
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteRule (.*) http://www.example.com/$1 [R=301,L]

RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$

RewriteCond %{QUERY_STRING} (^|\?|&)p=([0-9]+)($|&)
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteRule ^showthread\.php$ /posts/%2/? [R=301,L]
RewriteCond %{QUERY_STRING} (^|\?)([0-9]+)-[^/]+/page([0-9]+)$
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteRule ^showthread\.php$ /threads/%2/page-%3? [R=301,L]
RewriteCond %{QUERY_STRING} (^|\?)([0-9]+)-.*$
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteRule ^showthread\.php$ /threads/%2/? [R=301,L]
 
Last edited by a moderator:

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,909
2,228
463
Hello,

The following entries are automatically added before each RewriteRule in the .htaccess file when AutoSSL is enabled to ensure certificates validate successfully:

Code:
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}.txt(?:\ Comodo\ DCV)?$
RewriteCond %{REQUEST_URI} !^[0-9]+\..+\.cpaneldcv$
These rules create exceptions (note the preceding !) so that matching REQUEST_URIs do not get rewritten, and should not prevent the existing rules from working.

Are the rule additions causing any problems on the website?

Thanks!
 

Nahoo

Member
Oct 7, 2004
23
1
153
London, UK
cPanel Access Level
Root Administrator
Twitter
Just use this as the first rule in the .htaccess, then you don't need subsequent conditions....

Code:
RewriteCond %{REQUEST_URI} ^/(?:[0-9]+\..+\.cpaneldcv|[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?|\.well-known/acme-challenge/[0-9a-zA-Z_-]+)$
RewriteRule .* - [L]
 

garconcn

Well-Known Member
Oct 29, 2009
159
14
68
Hello,

The following entries are automatically added before each RewriteRule in the .htaccess file when AutoSSL is enabled to ensure certificates validate successfully:

Code:
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}.txt(?:\ Comodo\ DCV)?$
RewriteCond %{REQUEST_URI} !^[0-9]+\..+\.cpaneldcv$
These rules create exceptions (note the preceding !) so that matching REQUEST_URIs do not get rewritten, and should not prevent the existing rules from working.

Are the rule additions causing any problems on the website?

Thanks!
Our server has AutoSSL disabled, but still found the .htaccess was modified with this rewrite rule when client install the self-signed ssl in cpanel. This did cause a wordpress site down with error:

xxxxx.com didn’t send any data.
ERR_EMPTY_RESPONSE

Here's the .htaccess file:

Code:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteRule . /index.php [L]
</IfModule>

# END WordPress
RewriteCond %{HTTP_HOST} ^domainname\.com$ [OR]
RewriteCond %{HTTP_HOST} ^www\.domainname\.com$
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteRule ^/?$ "http\:\/\/domainname\.com\/wp" [R=301,L]
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,909
2,228
463
Hello,

As of cPanel version 64, you can remove those entries in favor of the following option under the "Domains" tab in "WHM >> Tweak Settings" if you prefer:

Use a Global DCV rewrite exclude instead of .htaccess modification (requires Apache 2.4+, EA4)

Here's the description for this option:

When you enable this option, Apache adds global rewrite rules to the webserver configuration so that the system does not process additional rewrite rules for DCV filenames. These global rules make it unnecessary for cPanel & WHM to modify each account’s .htaccess file. Note: When you enable this option, the system receives a trivial performance penalty because all of the HTTP requests must be matched against the DCV filename regular expressions.

Thank you.
 
  • Like
Reactions: linux4me2

Nirjonadda

Well-Known Member
May 8, 2013
736
27
78
cPanel Access Level
Root Administrator
Hello,

As of cPanel version 64, you can remove those entries in favor of the following option under the "Domains" tab in "WHM >> Tweak Settings" if you prefer:

Use a Global DCV rewrite exclude instead of .htaccess modification (requires Apache 2.4+, EA4)

Here's the description for this option:

When you enable this option, Apache adds global rewrite rules to the webserver configuration so that the system does not process additional rewrite rules for DCV filenames. These global rules make it unnecessary for cPanel & WHM to modify each account’s .htaccess file. Note: When you enable this option, the system receives a trivial performance penalty because all of the HTTP requests must be matched against the DCV filename regular expressions.

Thank you.
If we enable this option then will automatically remove this rules from htaccess? Where are create the Global DCV rewrite files? Still are using cPanel-generated handler and cPanel-generated php ini directives rules? Why not Global option for this rules?

Code:
# BEGIN cPanel-generated php ini directives, do not edit
<IfModule php7_module>
   php_flag display_errors On
   php_value max_execution_time 360
   php_value max_input_time 240
   php_value max_input_vars 100000
   php_value memory_limit 4095M
   php_value session.gc_maxlifetime 1440
   php_value session.save_path "/var/cpanel/php/sessions/ea-php71"
   php_value upload_max_filesize 128M
</IfModule>
# END cPanel-generated php ini directives, do not edit

# php -- BEGIN cPanel-generated handler, do not edit
# Set the “ea-php71” package as the default “PHP” programming language.
<IfModule mime_module>
  AddType application/x-httpd-php .php .php7 .phtml
</IfModule>
# php -- END cPanel-generated handler, do not edit
 
  • Like
Reactions: linux4me2

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,909
2,228
463
If we enable this option then will automatically remove this rules from htaccess? Where are create the Global DCV rewrite files? Still are using cPanel-generated handler and cPanel-generated php ini directives rules? Why not Global option for this rules?
The rewrite rules are added to the Apache configuration file (/etc/apache2/conf/httpd.conf) when the option is enabled. EX:

Code:
<IfModule rewrite_module>
# Global DCV Exclude
RewriteEngine on
RewriteCond %{REQUEST_URI} ^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$ [OR]
RewriteCond %{REQUEST_URI} ^/[0-9]+\..+\.cpaneldcv$

# Exclude proxy subdomains as we need rewrites to capture the DCV requests
RewriteCond %{HTTP_HOST} !^(?:autoconfig|autodiscover|cpanel|cpcalendars|cpcontacts|webdisk|webmail|whm)\.
RewriteRule ^ - [END]
</IfModule>
This is unrelated to the PHP configuration values in the .htaccess file. Please open a new thread if you'd like to inquire about those entries, as they relate to the MultiPHP INI Editor and not the AutoSSL rewrite rules.

Thank you.
 
  • Like
Reactions: linux4me2

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,909
2,228
463
If we enable this option then will automatically remove this rules from htaccess?
No, the existing DCV exclusion rules in .htaccess files are not automatically removed.

Thank you.
 
  • Like
Reactions: linux4me2

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,909
2,228
463
If we disable this option then does auto remove this code and added to via htaccess?
Disabling "Use a Global DCV rewrite exclude instead of .htaccess modification (requires Apache 2.4+, EA4)" automatically removes those rules in the Apache configuration file. The AutoSSL functionality would then add rules to the .htaccess files as needed during the domain validation process.

Thank you.
 
  • Like
Reactions: linux4me2

Nirjonadda

Well-Known Member
May 8, 2013
736
27
78
cPanel Access Level
Root Administrator
"Use a Global DCV rewrite exclude instead of .htaccess modification (requires Apache 2.4+, EA4)"
I have enabled "Use a Global DCV rewrite exclude instead of .htaccess modification (requires Apache 2.4+, EA4)" but still adding rules to the .htaccess files with Create a New Account.

Code:
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,909
2,228
463
I have enabled "Use a Global DCV rewrite exclude instead of .htaccess modification (requires Apache 2.4+, EA4)" but still adding rules to the .htaccess files with Create a New Account.
Hello,

I'm unable to reproduce this behavior. Could you open a support ticket using the link in my signature so we can take a closer look at the affected system?

Thank you.