AutoSSL for many RewriteRules?

ValeryVK

• July 30, 2018 08:13

Hello, I have many RewriteRule in my .htaccess file. According to the documentation, I have to add the following code before each RewriteRule: RewriteCond %{REQUEST_URI} !^/[A-F0-9]{32}\.txt$ RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$ For me, it looks duplications. Can I set AutoSSL off, remove all code above before each RewriteRule and add the following code after "RewriteBase /" ? : RewriteCond %{REQUEST_URI} ^/[A-F0-9]{32}\.txt$ [OR] RewriteCond %{REQUEST_URI} ^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$ RewriteRule .* - [L] Pay attentions, I removed ! (NOT), added [OR] and RewriteRule. Am I missing something? Or my idea will work without any problems? Regards, Valery.

• 

  cPanelMichael

  • August 01, 2018 15:46

  Hello Valery, The better approach is to simply enable the following option under the Domains tab in WHM >> Tweak Settings: Use a Global DCV Passthrough instead of .htaccess modification (requires EA4) This allows you to avoid the .htaccess modification step during the AutoSSL validation process. Do you have root access to the server to enable this option? If not, can you check with your web hosting provider to see if they can enable it on the server? Thank you.

  0
• 

  David Colter

  • August 29, 2019 23:50

  @cPanelMichael Thank you for this answer. I don't really understand it though. When you say "The better approach is to simply enable ...", are you suggesting that these 2 lines can be commented or removed if Global DCV Passthrough is enabled? Or, are you simply answering Valery's question "Pay attentions, I removed ! (NOT), added [OR] and RewriteRule" ? I have these 2 lines strewn through public_html .htaccess files (up to 3 places) in a few domains to block junk sites and certain country referrers . This makes me wonder if the 2 lines are preventing the intended block. ??

  0
• 

  cPanelMichael

  • September 10, 2019 16:14

  Hello @David Colter, Here's the full description of the Use a Global DCV Passthrough instead of .htaccess modification (requires EA4) option found under the Domains tab in WHM >> Tweak Settings: [QUOTE]When you enable this option, Apache adds global rewrite rules to the webserver configuration so that the system does not process additional rewrite rules for DCV filenames. These global rules make it unnecessary for cPanel & WHM to modify each virtual host"s .htaccess file. Note: When you enable this option, the system receives a trivial performance penalty because all of the HTTP requests must be matched against the DCV filename regular expressions.
  Thus, if you're using this option, you should not have to add entries to the .htaccess files under your accounts in order for the AutoSSL domain validation process to succeed. Thank you.

  0

Please sign in to leave a comment.