- Posts: 25
- Thank you received: 3
Welcome to the LimeSurvey Community Forum
Ask the community, share ideas, and connect with other LimeSurvey users!
Recent .htaccess Update Blocking Let's Encrypt SSL Renewal
- nh905
- Topic Author
- Offline
- Junior Member
Less
More
5 years 7 months ago #173585
by nh905
Recent .htaccess Update Blocking Let's Encrypt SSL Renewal was created by nh905
Let's Encrypt requires web access to the hidden directory .well-known/acme-challenge to renew SSL certifications. Limesurvey recently added .htaccess rules blocking access to hidden directories, blocking Let's Encrypt access. I temporarily removed the rule.
Drupal had a similar issue and modified the RewriteRule to read:
I am a rewrite newbie, so I have not tried to update the Limesurvey .htaccess rule.
Regards, Norbert
Drupal had a similar issue and modified the RewriteRule to read:
Code:
RewriteRule "(^|/)\.(?!well-known)"
Regards, Norbert
The topic has been locked.
- DenisChenu
- Away
- LimeSurvey Community Team
Less
More
- Posts: 13643
- Thank you received: 2491
5 years 7 months ago #173603
by DenisChenu
Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member, professional service on demand , plugin development .
I don't answer to private message.
Replied by DenisChenu on topic Recent .htaccess Update Blocking Let's Encrypt SSL Renewal
Yes, this need to be fixed …
Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member, professional service on demand , plugin development .
I don't answer to private message.
The topic has been locked.
- jelo
- Offline
- Platinum Member
Less
More
- Posts: 5033
- Thank you received: 1257
5 years 7 months ago #173605
by jelo
github.com/LimeSurvey/LimeSurvey/commit/...2b8ebf88c296104c5d2c
More and more provider and controlpanels are already applying the exceptions for .well-known on the webserver level. Beside Let's Encrypt there are other ones (e.g. Comodo SSL). Still make sense for LimeSurvey to allow access to subdirectories of .well-known
Perhaps adding this:
More about .well-known can be found here: tools.ietf.org/html/rfc5785
The meaning of the word "stable" for users
www.limesurvey.org/forum/development/117...ord-stable-for-users
Replied by jelo on topic Recent .htaccess Update Blocking Let's Encrypt SSL Renewal
You already spoted the issue and posted a remark here:DenisChenu wrote: Yes, this need to be fixed …
github.com/LimeSurvey/LimeSurvey/commit/...2b8ebf88c296104c5d2c
More and more provider and controlpanels are already applying the exceptions for .well-known on the webserver level. Beside Let's Encrypt there are other ones (e.g. Comodo SSL). Still make sense for LimeSurvey to allow access to subdirectories of .well-known
Perhaps adding this:
Code:
RewriteRule "/\.|^\.(?!well-known/)" - [F]
More about .well-known can be found here: tools.ietf.org/html/rfc5785
The meaning of the word "stable" for users
www.limesurvey.org/forum/development/117...ord-stable-for-users
The topic has been locked.
- DenisChenu
- Away
- LimeSurvey Community Team
Less
More
- Posts: 13643
- Thank you received: 2491
5 years 7 months ago #173607
by DenisChenu
Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member, professional service on demand , plugin development .
I don't answer to private message.
Replied by DenisChenu on topic Recent .htaccess Update Blocking Let's Encrypt SSL Renewal
github.com/LimeSurvey/LimeSurvey/commit/...eb399b469f33d81e31ae
and
github.com/LimeSurvey/LimeSurvey/commit/...f10a063b29485cb9d2e5
and
github.com/LimeSurvey/LimeSurvey/commit/...f10a063b29485cb9d2e5
Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member, professional service on demand , plugin development .
I don't answer to private message.
The topic has been locked.
- nh905
- Topic Author
- Offline
- Junior Member
Less
More
- Posts: 25
- Thank you received: 3
5 years 7 months ago #173610
by nh905
Replied by nh905 on topic Recent .htaccess Update Blocking Let's Encrypt SSL Renewal
Denis, two updates applied and successfully tested. Let's Encrypt is working, but access to folders like .gitignore remain blocked.
Thanks, Norbert
Thanks, Norbert
The topic has been locked.