We have a site where we host demo websites that we do for our customers. We don’t want search engines to index these sites or strangers to see them. So it is password protected. The problem is Cpanel Auto SSL needs to access URI like /.well-known/ for SSL domain validation. With password protection, SSL domain verification fails and you won’t be able to renew the SSL certificate.
In this post, I am doing it for domain demo.hostonnet.com with Cpanel username hostond.
Redirect HTTP to HTTPS
I want to force all buy SSL verification requests to get redirected to HTTPS. For this, i created a folder
mkdir -p /etc/apache2/conf.d/userdata/std/2_4/hostond/demo.hostonnet.com/
Now create a file
vi /etc/apache2/conf.d/userdata/std/2_4/hostond/demo.hostonnet.com/force-ssl.conf
Add following content to it.
RewriteEngine On
RewriteCond %{REQUEST_URI} !^/\.well-known/
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
This will redirect all requests that do not start with URI .well-known to HTTPS.
Password Protect site
Since HTTP only allows domain validation (pages inside folder .well-known) and redirects all other requests to HTTPS, we only need to password protect the HTTPS side of the website.
First, create a directory
mkdir -p /etc/apache2/conf.d/userdata/ssl/2_4/hostond/demo.hostonnet.com/
Create file
vi /etc/apache2/conf.d/userdata/ssl/2_4/hostond/demo.hostonnet.com/password.conf
Add following content
AuthType Basic AuthName "Restricted Content" AuthUserFile /etc/apache2/demo-hon-htpaswd Require valid-user
Setting Password
HTTP Basic authentication password is stored in file /etc/apache2/demo-hon-htpaswd. To set password, use htpasswd command.
To create a user, use
htpasswd -c /etc/apache2/demo-hon-htpaswd admin
This will create a user with the username “admin”. You will be asked to enter a password.
Now restart apache
systemctl restart httpd
See Cpanel Server
Leave a Reply