Skip to main content

AutoSSL provider could not renew the SSL certificate

Comments

8 comments

  • cPanelMichael
    Hello, Could you let us know the contents of the .htaccess file if it exists under the public_html directory? Ensure to replace any real domain names with examples. Thank you.
    0
  • Steve8
    I clicked on file manager and searched for .htaccess and got (Search Results for: .htaccess Double click on a file or folder to open the folder (or the folder it is contained in if it is a file). /public_html/.htaccess) There's two files in that folder, Index.html(the pointer) and a google file I put there to prove my ownership. Can the file be invisible? I clicked on /public_html/.htaccess and it brought me to my folder with the two files I stated.
    0
  • cPanelMichael
    Hello, In the upper-right of the File Manager interface, click on "Settings" and enable "Show Hidden Files" to see the .htaccess file. Additionally, it's also possible the required DNS entries for the proxy subdomains are missing from the DNS zones associated with your domain name. I recommend reaching out to your hosting provider to see if they can check this for you, as if that's the case, they should be able to automatically add the required DNS records with a command like this: /usr/local/cpanel/scripts/proxydomains --domain=domain.tld add
    Otherwise, you can add any missing subdomain records using "cPanel >> Zone Editor >> Add Record >> Add "A" Record". EX: cpanel 14400 IN A $IP
    Thank you.
    0
  • Steve8
    I can see the htaccess.dms file with show invisible. When click on it, it downloads. I view it with TextWrangler. order allow,deny allow from all Below that are 43 ip addresses that I blocked because they looked suspicious, I viewed these through "Visitors" and "Awstats". When I googled, some results showed phishing activity. Looks like the traffic is reducing. Reporting Period: 1/19/18, 7:03 AM " 1/20/18, 1:31 AM Total Data Sent: 13.54 KB 507 records match. Here's some samples /login.php.tar.bz2 /home/login.php/home.zip /editor/home/login.php?cmd=login_submit /(long list of numbers and letters)/login.php When google these my domain comes up on phishing registries like urlscan. I see other domains with the same numbers. I mention this just in case you see a connection. Received another email from cPanel.
    0
  • Steve8
    I figured out to view and edit the htaccess.dms file within cPanel. Taking into account my previous post is order allow,deny allow from all OK
    0
  • cPanelMichael
    Hello, That entry alone shouldn't prevent the AutoSSL domain control validation from succeeding. I recommend reaching out to your hosting provider so they can take a closer look at the AutoSSL logs to determine why it's failing. Thank you.
    0
  • Steve8
    You were right it was the .htaccess file. I inadvertently blocked the IP address for pki validation. My first warning email arrived on Dec.18 (below) and did not include a 404 error. It must have been caused by the hack. My next email arrived on Jan.14 and almost every day after because of a 404 error. because of an error: Timed out while waiting for socket to become ready for reading I changed my password Jan.10 and blocked a bunch of ip addresses which included the IP for pki validation. I corrected this on the 23rd and the emails stopped. My question is the fact that cpanel.example.com and webdisk.example.com cannot get certified, will this cause me a problem? Can I ignore this considering this a pointer to my site? Example.com is my main email address though. To comment on the hack, I was able to remove my site from blacklists buy asking them on their web pages. Kaspersky was the last to lift their block with my request. I joined Search Console on google and proving ownership of my site so hopefully when google see's hacking signs it will email me. I was removed from google search but now I'm back. All browsers no longer block the site.
    0
  • cPanelMichael
    My question is the fact that cpanel.example.com and webdisk.example.com cannot get certified, will this cause me a problem? Can I ignore this considering this a pointer to my site? Example.com is my main email address though.

    Hi Steve, You can actually exclude domains that you don't want included as part of the AutoSSL feature using the "SSL TLS Status" option in cPanel: SSL TLS Status - Version 70 Documentation - cPanel Documentation It's a good idea to exclude the domain names you don't want certificates for, or to resolve any issues that prevent the validation from succeeding. Thank you.
    0

Please sign in to leave a comment.