Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

The domain failed domain control validation

Discussion in 'Security' started by dmitry.vd, Jul 11, 2017.

Tags:
  1. dmitry.vd

    dmitry.vd Registered

    Joined:
    Jul 11, 2017
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Ukraine
    cPanel Access Level:
    Root Administrator
    The domain “example.com.ua” failed domain control validation:
    Code:
    The system failed to fetch the <abbr title="Domain Control Validation">DCV</abbr> file at “<a href="http://example.com.ua/407D228033AC6C61F5DB99193E2E544C.txt">http://example.com.ua/407D228033AC6C61F5DB99193E2E544C.txt</a>” because of an error: The system failed to send an <abbr title="Hypertext Transfer Protocol">HTTP</abbr> “GET” request to “http://example.com.ua/407D228033AC6C61F5DB99193E2E544C.txt” because of an error: Size of response body exceeds the maximum allowed of 16384 .
    
    File 407D228033AC6C61F5DB99193E2E544C.txt does not exist 
     
    #1 dmitry.vd, Jul 11, 2017
    Last edited by a moderator: Jul 11, 2017
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,386
    Likes Received:
    1,857
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello @dmitry.vd,

    Do you have any redirect rules configured for this domain name? The error message suggests the request for the .TXT DCV file was redirected to another file, and the request was blocked because the size of the response body exceeded the 16-KiB limit.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. Thiago Ortega

    Thiago Ortega Registered

    Joined:
    Feb 12, 2016
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Brasil
    cPanel Access Level:
    Root Administrator
    How was it solved? See error that occurs when I make an AutoSSL
    Code:
    OPENSSL_VERIFY:0:18:DEPTH_ZERO_SELF_SIGNED_CERT NOT_ALL_DOMAINS). AutoSSL will attempt to replace this certificate.
    10:55:50 AM WARN The domain “exemplo.com.br” failed domain control validation: The system failed to fetch the <abbr title="Domain Control Validation">DCV</abbr> file at “<a href="http://exemplo.com.br/.well-known/pki-validation/440951B1C5C2C1F62676B2D227FC6D7A.txt">http://exemplo.com.br/.well-known/pki-validation/440951B1C5C2C1F62676B2D227FC6D7A.txt</a>” because of an error: The system failed to send an <abbr title="Hypertext Transfer Protocol">HTTP</abbr> “GET” request to “http://exemplo.com.br/.well-known/pki-validation/440951B1C5C2C1F62676B2D227FC6D7A.txt” because of an error: Size of response body exceeds the maximum allowed of 16384 . 
     
    #3 Thiago Ortega, Jul 19, 2017
    Last edited by a moderator: Jul 19, 2017
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,386
    Likes Received:
    1,857
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. keywaystab

    keywaystab Member

    Joined:
    May 26, 2005
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    151
    We are also seeing this error for proxy subdomains only; cpanel, webmail webdisk, autodiscover, . No third party applications are loaded.

    [
    Code:
    1:28:27 PM WARN The domain “cpanel.example.com” failed domain control validation: The system failed to fetch the <abbr title="Domain Control Validation">DCV</abbr> file at “<a href="http://cpanel.example.com/.well-known/acme-challenge/CRDKH7HU3GXHCVCL6A-V9B78RHX9U8J2">http://cpanel.example.com/.well-known/acme-challenge/CRDKH7HU3GXHCVCL6A-V9B78RHX9U8J2</a>” because of an error: The system failed to send an <abbr title="Hypertext Transfer Protocol">HTTP</abbr> “GET” request to “http://cpanel.example.com/.well-known/acme-challenge/CRDKH7HU3GXHCVCL6A-V9B78RHX9U8J2” because of an error: Size of response body exceeds the maximum allowed of 16384 .
    
     
    #5 keywaystab, Jul 20, 2017
    Last edited by a moderator: Jul 20, 2017
  6. keywaystab

    keywaystab Member

    Joined:
    May 26, 2005
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    151

    Digging deeper, there is a different error for autodiscover, "400 (Bad Request)":
    Code:
    6:14:16 PM WARN The domain “cpanel.example.com” failed domain control validation: The system failed to fetch the <abbr title="Domain Control Validation">DCV</abbr> file at “<a href="http://cpanel.example.com/.well-known/acme-challenge/SS4T-NC_516GJC8K4NG705N61H3X0B-E">http://cpanel.example.com/.well-known/acme-challenge/SS4T-NC_516GJC8K4NG705N61H3X0B-E</a>” because of an error: The system failed to send an <abbr title="Hypertext Transfer Protocol">HTTP</abbr> “GET” request to “http://cpanel.example.com/.well-known/acme-challenge/SS4T-NC_516GJC8K4NG705N61H3X0B-E” because of an error: Size of response body exceeds the maximum allowed of 16384 .
    6:14:17 PM WARN The domain “webmail.example.com” failed domain control validation: The system failed to fetch the <abbr title="Domain Control Validation">DCV</abbr> file at “<a href="http://webmail.example.com/.well-known/acme-challenge/2CH5TATG9-PRI7_DCDQJ6X66-HF7VHKA">http://webmail.example.com/.well-known/acme-challenge/2CH5TATG9-PRI7_DCDQJ6X66-HF7VHKA</a>” because of an error: The system failed to send an <abbr title="Hypertext Transfer Protocol">HTTP</abbr> “GET” request to “http://webmail.example.com/.well-known/acme-challenge/2CH5TATG9-PRI7_DCDQJ6X66-HF7VHKA” because of an error: Size of response body exceeds the maximum allowed of 16384 .
    6:14:17 PM WARN The domain “webdisk.example.com” failed domain control validation: The system queried for a temporary file at “<a href="http://webdisk.example.com/.well-known/acme-challenge/2LOZFVSA0NLBFB2T2Q9WPF23PXJL80G1">http://webdisk.example.com/.well-known/acme-challenge/2LOZFVSA0NLBFB2T2Q9WPF23PXJL80G1</a>”, but the web server responded with the following error: 401 (Unauthorized). A <abbr title="Domain Name System">DNS</abbr> or web server misconfiguration may exist.
    6:14:18 PM WARN The domain “autodiscover.example.com” failed domain control validation: The system queried for a temporary file at “<a href="https://cpanelemaildiscovery.cpanel.net/autodiscover/autodiscover.xml">https://cpanelemaildiscovery.cpanel.net/autodiscover/autodiscover.xml</a>”, which was redirected from “<a href="http://autodiscover.example.com/.well-known/acme-challenge/FQZY6HSMVBEPSFOSL8O5FIXZSVB5DJ6D">http://autodiscover.example.com/.well-known/acme-challenge/FQZY6HSMVBEPSFOSL8O5FIXZSVB5DJ6D</a>”. The web server responded with the following error: 400 (Bad Request). A <abbr title="Domain Name System">DNS</abbr> or web server misconfiguration may exist.
    
    It looks like it's probably related to the rewriting of the URL? Possibly in the .htaccess file?

    Note: I've opened a ticket # 8733879
     
    #6 keywaystab, Jul 20, 2017
    Last edited: Jul 20, 2017
  7. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,386
    Likes Received:
    1,857
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    To update, it looks like this issue stemmed from the use of a custom Apache template file at:

    /var/cpanel/templates/apache2/main.local

    Disabling the custom template, and removing the manually created "cpanel" subdomain from the account appears to have fixed the issue.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  8. 4u123

    4u123 Well-Known Member
    PartnerNOC

    Joined:
    Jan 2, 2006
    Messages:
    841
    Likes Received:
    14
    Trophy Points:
    168
    Just started getting this today with a few customers receiving notifications. We are not using custom templates. So far three clients have contacted us with this problem today - each time so far the issue has been only with the cpanel subdomain, of which there is no vhost entry, manual subdomain creation or other configuration than the standard DNS entry for the cpanel subdomain.

    Code:
    The system failed to fetch the DCV (Domain Control Validation) file at “http://cpanel.domain.com/.well-known/pki-validation/599B4DA8EBBE60B19BAF0ACBE61C0281.txt” because of an error: The system failed to send an HTTP (Hypertext Transfer Protocol) “GET” request to “http://cpanel.domain.com/.well-known/pki-validation/599B4DA8EBBE60B19BAF0ACBE61C0281.txt” because of an error: Size of response body exceeds the maximum allowed of 16384
    Checking the user's htaccess file shows nothing that would redirect these requests.
     
  9. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,386
    Likes Received:
    1,857
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hi @4u123,

    Could you open a support ticket using the link in my signature so we can take a closer look?

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  10. 4u123

    4u123 Well-Known Member
    PartnerNOC

    Joined:
    Jan 2, 2006
    Messages:
    841
    Likes Received:
    14
    Trophy Points:
    168
    Many more reports of this issue happening over the last few days. This can't be something unique to our servers.

    Is there a way to disable AutoSSL notifications to the end user? I wasn't aware these validation messages were getting sent to them anyway. We only want to receive these at the server admin level.
     
  11. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,386
    Likes Received:
    1,857
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    There's a thread on this topic at:

    SSL Notifications in cPanel 68

    As far as the actual failures, we can take a closer look via a support ticket if you'd like help troubleshooting why the failures are occurring.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice