Symptoms
When running AutoSSL, you may receive the following error:
Local HTTP DCV error (domain.tld): The system queried for a temporary file
at “http://domain.tld/.well-known/pki-validation/temporaryfile.txt”,
but the web server responded with the following error: 403 (Forbidden).
A DNS (Domain Name System) or web server misconfiguration may exist.
Description
The system will perform the local HTTP DCV (Domain Control Validation) check by sending a GET request for a temporary file at http://domain.tld/.well-known/pki-validation/temporaryfile.txt. The temporary file must be accessible for AutoSSL to complete the local HTTP DCV check successfully.
Workaround
Ensure files in the /DocumentRoot/.well-known/pki-validation/ directory are accessible, where "/DocumentRoot/" is the document root of your domain (example: /home/user/public_html/.well-known/pki-validation/) .
To test this, you can create a file in /DocumentRoot/.well-known/pki-validation/ via SSH as the cPanel user or in cPanel >> File Manager. Once you have created the file can use the curl command to test if the file is accessible. If the file is accessible, you should receive an HTTP/1.1 200 OK response in the output of the curl command.
Example:
$ curl -IL http://domain.tld/.well-known/pki-validation/test.txt
HTTP/1.1 200 OK
Date: Fri, 07 Aug 2020 00:18:45 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Content-Type: text/html
If you do not receive an HTTP/1.1 200 OK response, and receive a 403 instead, you may find further information on addressing common 403 errors here: How to address common 403 errors on your website