Not Found from browser side with .well-known/ [Manual FTP Verification]

Luke

Verified User
Joined
Feb 15, 2014
Messages
46
I have uploaded file on FTP and unable to manually verificate, that I'm owner. How to do it?

P4r9IrhxRP2ZBBrRAuakmg.png
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
13,854
Location
GMT +7.00
Hello,

Are you sure that .well-known is not alias for /var/www/html/.well-known/ ?

And why do you upload files manually? They should be created by a directadmin script.
 

Luke

Verified User
Joined
Feb 15, 2014
Messages
46
Hi,

I'm pretty sure, almost found issue, just need help to join dots together! My issue is complex, while trying to balance load I host couple applications on different VPS.

http://prntscr.com/gu47lk
http://prntscr.com/gu48xh

Something, somewhere blocks acme-challenge folder access globally from browser, I need to find that rule and disable.
 
Last edited:

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
13,854
Location
GMT +7.00
Luke,

Screenshots show different locations of your test files, I guess it's from the same server, and display the issue with accessing acme-challenge.

I don't know your setup, but can it be so that you access different servers from your browser with and without acme-challenge?
ModSecurity in apache/nginx enabled? What if to disable?
 

Luke

Verified User
Joined
Feb 15, 2014
Messages
46
Luke,

Screenshots show different locations of your test files, I guess it's from the same server, and display the issue with accessing acme-challenge.

I don't know your setup, but can it be so that you access different servers from your browser with and without acme-challenge?
ModSecurity in apache/nginx enabled? What if to disable?
In apache2, ModSecurity seems isn't installed at all:

Code:
[root@323876 ~]# find / -name mod_security
[root@323876 ~]#
Returns nothing.

I managed to understand, that accessing to folder acme-challenge from outside browser something/somewhere blocks. Accessing to any other named folder allows except acme-challenge!

Tried putting .htaccess with information inside:
Code:
<IfModule mod_security.c>
  SecFilterEngine Off
  SecFilterScanPOST Off
</IfModule>
Didn't help :/. I'm not sure who and where is blocking access.
 

Luke

Verified User
Joined
Feb 15, 2014
Messages
46
Anything useful in Apache logs?
[Sun Oct 08 09:37:00.956734 2017] [core:crit] [pid 753] (13)Permission denied: [client censored:51378] AH00529: /home/censored/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable and that '/home/censored/' is executable

Only this one.

Could it be, that Let's Encrypt module is blocking access from browser to all folders named acme-challenge ? How to temporary disable it in order to test?
 
Last edited:

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
13,854
Location
GMT +7.00
Luke,

though the error:

Code:
[COLOR=#333333]unable to check htaccess file, ensure it is readable and that '/home/censored/' is executable
[/COLOR]

does not necessary point to the issue with acme-challenge it potentially might be the reason if you have letsencrypt=2 set in directadmin.

There is actually nothing in let's encrypt that can block your browser (a least nothing particular comes to my mind) at this point.
 
Top