The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Issue with AutoSSL on WHM Domain has failed domain control validation

Discussion in 'Security' started by MichaelCropper, Aug 22, 2016.

Tags:
  1. MichaelCropper

    MichaelCropper Registered

    Joined:
    Aug 22, 2016
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Manchester
    cPanel Access Level:
    Root Administrator
    I've just tried setting up AutoSSL in WHM and this was successful. At the end of the process AutoSSL ran by default and generated SSL certificates for some domains but not others. There are around 50-75 domains I imagine in total.

    On one of the domains that failed, I tried to update this manually using AutoSSL but this isn't working. I'm getting the following errors in the AutoSSL Log File (domain & cPanel user blanked out)

    Any ideas what's causing this and/or how to resolve? Thought it may be something to do with Sucuri being installed, so I've just disabled that and this didn't seem to solve the problem. Also tested removing any security plugins in WordPress in case that was causing any issues, still didn't solve the issue.

    Error log;

    Code:
    Log for the AutoSSL run for “xxx”: Monday, August 22, 2016 5:34:12 PM GMT+0100 (Let’s Encrypt™)
    5:34:12 PM This system has AutoSSL set to use “Let’s Encrypt™”.
    5:34:12 PM Checking websites for “xxx” …
    5:34:12 PM The website “xxx.co.uk”, owned by “xxx”, has no SSL certificate. AutoSSL will attempt to obtain a new certificate and install it.
    5:34:12 PM WARN The domain “xxx.co.uk” has failed domain control validation (The system queried for a temporary file at “<a href="http://xxx.co.uk/893.BIN_AUTOSSL_CHECK_PL__.WivMnRXme0dGMGW6.tmp">”" target="_blank" class="externalLink ProxyLink" data-proxy-href="http://xxx.co.uk/893.BIN_AUTOSSL_CHECK_PL__.WivMnRXme0dGMGW6.tmp”" rel="nofollow">http://xxx.co.uk/893.BIN_AUTOSSL_CHECK_PL__.WivMnRXme0dGMGW6.tmp</a>”, but the web server responded with the following error: 403 (Forbidden). A <abbr title="Domain Name System">DNS</abbr> or web server misconfiguration may exist.). at bin/autossl_check.pl line 449.
    5:34:12 PM WARN The domain “www.xxx.co.uk” has failed domain control validation (The system queried for a temporary file at “<a href="http://www.xxx.co.uk/893.BIN_AUTOSSL_CHECK_PL__.t_i6Vsd0dwCAxbpF.tmp">”" target="_blank" class="externalLink ProxyLink" data-proxy-href="http://www.xxx.co.uk/893.BIN_AUTOSSL_CHECK_PL__.t_i6Vsd0dwCAxbpF.tmp”" rel="nofollow">http://www.xxx.co.uk/893.BIN_AUTOSSL_CHECK_PL__.t_i6Vsd0dwCAxbpF.tmp</a>”, but the web server responded with the following error: 403 (Forbidden). A <abbr title="Domain Name System">DNS</abbr> or web server misconfiguration may exist.). at bin/autossl_check.pl line 449.
    5:34:12 PM The system has completed the AutoSSL check for “xxx”.
    5:34:12 PM The system has finished checking 1 user.
    
    
     
    #1 MichaelCropper, Aug 22, 2016
    Last edited by a moderator: Aug 22, 2016
  2. MichaelCropper

    MichaelCropper Registered

    Joined:
    Aug 22, 2016
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Manchester
    cPanel Access Level:
    Root Administrator
    Never mind.... Typical when posting a thread after spending the last couple of hours trying to debug this, I found the problem straight away.

    For anyone in future who experiences this. Disable Sucuri and make sure that you don't have their whitelist in your .htaccess file which only allows website traffic from their IPs. Deleted this and it worked.

    Time to turn Sucuri back on now :)
     
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello,

    I'm happy to see you were able to address the issue. Note that additional discussion on this topic is found at:

    AutoSSL - htaccess whitelist

    Thank you.
     
Loading...

Share This Page