added let's encrypt challenge as an exception in RedirectMatch

2025-04-19 14:42:08 +02:00 · 2016-09-20 21:04:57 +02:00 · 2016-09-20 21:04:57 +02:00 · 0007cb6280
commit 0007cb6280
parent 1bb209791b
1 changed files with 2 additions and 2 deletions
--- a/.htaccess.dist
+++ b/.htaccess.dist
@ -1,7 +1,7 @@
 RewriteEngine on

-# prevent httpd from serving dotfiles (.htaccess, .svn, .git, etc.)
-RedirectMatch 403 /\..*$
+# prevent httpd from serving dotfiles (.htaccess, .svn, .git, etc.) - except let's encrypt challenge
+RedirectMatch 403 ^/?\.(?!/well-known/acme-challenge/[\w-]{43}$)

 # RewriteBase is required in some hosting environments (Amazon EC2, ...)
 #RewriteBase /