Defender block automatic SSL updates in Cpanel

cPanel's auto-ssl feature places a random file name with a .txt extension in the webroot of the domains it is validating. The prevent information disclosure tweak in Defender stops txt files from being viewed in the webroot.

The system queried for a temporary file at “http://om***studio.si/.well-known/pki-validation/F35D1285D0E0D94BEC70E35995C8F881.txt”, but the web server responded with the following error: 403 (Forbidden). A DNS (Domain Name System) or web server misconfiguration may exist.

And from SSL/TLS status

The system queried for a temporary file at “http://om***studio.si/.well-known/pki-validation/F35D1285D0E0D94BEC70E35995C8F881.txt”, but the web server responded with the following error: 403 (Forbidden). A DNS (Domain Name System) or web server misconfiguration may exist.

Removing this tweak should allow the verification to complete. But can you imagine that I will have to monitor every client website date of SSL updates to perform this? This is really not good a practice to deal with in the future. I think a patch should consider for the future version or any feedback or suggestions on this.

  • Ash

    Hello David

    Would you please check your htaccess and replace the following:

    ## WP Defender - Prevent information disclosure ##
    <FilesMatch "\.(txt|md|exe|sh|bak|inc|pot|po|mo|log|sql)$">
    Order allow,deny
    Deny from all
    </FilesMatch>
    <Files robots.txt>
    Allow from all
    </Files>
    <Files ads.txt>
    Allow from all
    </Files>
    ## WP Defender - End ##

    with this:

    ## WP Defender - Prevent information disclosure ##
    <FilesMatch "\.(md|exe|sh|bak|inc|pot|po|mo|log|sql)$">
    Order allow,deny
    Deny from all
    </FilesMatch>
    <Files robots.txt>
    Allow from all
    </Files>
    <Files ads.txt>
    Allow from all
    </Files>
    ## WP Defender - End ##

    Let us know if it works for you. Have a nice day!

    Cheers,
    Ash

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.