Not Found from browser side with .well-known/ [Manual FTP Verification]

Luke

Verified User
I have uploaded file on FTP and unable to manually verificate, that I'm owner. How to do it?

P4r9IrhxRP2ZBBrRAuakmg.png
 

zEitEr

Super Moderator
Hello,

Are you sure that .well-known is not alias for /var/www/html/.well-known/ ?

And why do you upload files manually? They should be created by a directadmin script.
 

Luke

Verified User
Hi,

I'm pretty sure, almost found issue, just need help to join dots together! My issue is complex, while trying to balance load I host couple applications on different VPS.

http://prntscr.com/gu47lk
http://prntscr.com/gu48xh

Something, somewhere blocks acme-challenge folder access globally from browser, I need to find that rule and disable.
 
Last edited:

zEitEr

Super Moderator
Luke,

Screenshots show different locations of your test files, I guess it's from the same server, and display the issue with accessing acme-challenge.

I don't know your setup, but can it be so that you access different servers from your browser with and without acme-challenge?
ModSecurity in apache/nginx enabled? What if to disable?
 

Luke

Verified User
Luke,

Screenshots show different locations of your test files, I guess it's from the same server, and display the issue with accessing acme-challenge.

I don't know your setup, but can it be so that you access different servers from your browser with and without acme-challenge?
ModSecurity in apache/nginx enabled? What if to disable?
In apache2, ModSecurity seems isn't installed at all:

Code:
[root@323876 ~]# find / -name mod_security
[root@323876 ~]#
Returns nothing.

I managed to understand, that accessing to folder acme-challenge from outside browser something/somewhere blocks. Accessing to any other named folder allows except acme-challenge!

Tried putting .htaccess with information inside:
Code:
<IfModule mod_security.c>
  SecFilterEngine Off
  SecFilterScanPOST Off
</IfModule>
Didn't help :/. I'm not sure who and where is blocking access.
 

Luke

Verified User
Anything useful in Apache logs?
[Sun Oct 08 09:37:00.956734 2017] [core:crit] [pid 753] (13)Permission denied: [client censored:51378] AH00529: /home/censored/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable and that '/home/censored/' is executable

Only this one.

Could it be, that Let's Encrypt module is blocking access from browser to all folders named acme-challenge ? How to temporary disable it in order to test?
 
Last edited:

zEitEr

Super Moderator
Luke,

though the error:

Code:
[COLOR=#333333]unable to check htaccess file, ensure it is readable and that '/home/censored/' is executable
[/COLOR]

does not necessary point to the issue with acme-challenge it potentially might be the reason if you have letsencrypt=2 set in directadmin.

There is actually nothing in let's encrypt that can block your browser (a least nothing particular comes to my mind) at this point.
 
Top