CPanel SSL Renew on password protected site
We have a site where we host demo websites that we do for our customers. We don’t want search engines to index these sites or strangers to see them. So it is password protected. The problem is Cpanel Auto SSL needs to access URI like /.well-known/ for SSL domain validation. With password protection, SSL domain verification fails and you won’t be able to renew the SSL certificate.
In this post, I am doing it for domain demo.hostonnet.com with Cpanel username hostond.
Redirect HTTP to HTTPS
I want to force all buy SSL verification requests to get redirected to HTTPS. For this, i created a folder
1 |
mkdir -p /etc/apache2/conf.d/userdata/std/2_4/hostond/demo.hostonnet.com/ |
Now create a file
1 |
vi /etc/apache2/conf.d/userdata/std/2_4/hostond/demo.hostonnet.com/force-ssl.conf |
Add following content to it.
1 2 3 |
RewriteEngine On RewriteCond %{REQUEST_URI} !^/\.well-known/ RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L] |
This will redirect all requests that do not start with URI .well-known to HTTPS.
Password Protect site
Since HTTP only allows domain validation (pages inside folder .well-known) and redirects all other requests to HTTPS, we only need to password protect the HTTPS side of the website.
First, create a directory
1 |
mkdir -p /etc/apache2/conf.d/userdata/ssl/2_4/hostond/demo.hostonnet.com/ |
Create file
1 |
vi /etc/apache2/conf.d/userdata/ssl/2_4/hostond/demo.hostonnet.com/password.conf |
Add following content
1 2 3 4 5 6 |
<Directory "/home/hostond/public_html/"> AuthType Basic AuthName "Restricted Content" AuthUserFile /etc/apache2/demo-hon-htpaswd Require valid-user </Directory> |
Setting Password
HTTP Basic authentication password is stored in file /etc/apache2/demo-hon-htpaswd. To set password, use htpasswd command.
To create a user, use
1 |
htpasswd -c /etc/apache2/demo-hon-htpaswd admin |
This will create a user with the username “admin”. You will be asked to enter a password.
Now restart apache
1 |
systemctl restart httpd |
See Cpanel Server