Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Default .htaccess blocks Let's Encrypt bot #413

Closed
billux opened this issue Mar 18, 2019 · 1 comment

Comments

Projects
None yet
2 participants
@billux
Copy link
Contributor

commented Mar 18, 2019

Hi,

The .htaccess file .htaccess.disabled that you provide as an example blocks Let's Encrypt's validation bot, because the rule matches the https:// part of the link in the User-Agent string:

2600:3000:2710:200::1d - - [17/Mar/2019:12:26:46 -0400] "GET /.well-known/acme-challenge/ptL1HJuzHrPkBkCc9FGl97s5sO3lIGdW_lckg6U3okQ HTTP/1.1" 403 169 "http://extrait.facil.services/.well-known/acme-challenge/ptL1HJuzHrPkBkCc9FGl97s5sO3lIGdW_lckg6U3okQ" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)"

I suggest adding an exception for Let's Encrypt bot:

RewriteEngine on
RewriteCond !%{HTTP_USER_AGENT} "Let's Encrypt validation server" [NC]
RewriteCond %{HTTP_USER_AGENT} ^.*(bot|spider|crawl|https?://|WhatsApp|SkypeUriPreview|facebookexternalhit) [NC]
RewriteRule .* - [R=403,L]
@rugk

This comment has been minimized.

Copy link
Member

commented Mar 18, 2019

Fair enough.

Feel free to submit a PR. 😃

@rugk rugk added the bug label Mar 18, 2019

billux added a commit to billux/PrivateBin that referenced this issue Mar 24, 2019

@elrido elrido closed this in #415 Mar 25, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.