.htaccess file + force https

[vvenet]

Dear support team,

 

I would like to achieve two things:
a. use “force https” in cPanel for the domains hosted in my account
b. and that Comodo SSL certificates get renewd automatically by using cPanels's feature autoSSL .

In order to enable autoSSL renewal, I understand that I should enable http access to the “well-known” folder by making an exemption-rule in the .htaccess file.
                                  

Now I read the following postings:

- February 2018 regarding autorenewal of autoSSL from Comodo in combination with cPanel’s “forced https" feature: https://www.helionet...ewing-for-site/

 

- May 2021 too: https://www.helionet...tossl-on-tommy/ : make sure you're not forcing an SSL redirect in .htaccess, or that the .well-known folder is excluded from it. To get certs successfully, the .well-known folder on your domain must be reachable over plain HTTP

 

- September 2018 https://www.helionet...tossl-question/

a script to be added in the .htaccess file:

<quote>

RewriteEngine On

RewriteCond %{HTTPS} off

RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$

RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$

RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$

RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

<end of quote>

I added the rules of this script in each of  the existing .htaccess files.

- home/'userprofile'/public_html/.htaccess

- home/'userprofile'/public_html/anydomain1/.htaccess

- home/'userprofile'/public_html/anydomain2/.htaccess

- home/'userprofile'/public_html/anydomain3/.htaccess

- home/'userprofile'/public_html/anydomain4/.htaccess

 

 

 

My questions:
 
1. Is the above mentioned script good that I added in each of the the .htaccess files?

(So all the .htaccess files contain the same script that is stated above.)

2. Only the .htaccess file in the public_html directory of my account, contains a default rule “RewriteOptions inherit”. This rule is not (by default) in the other .htaccess files.

A.) Does this rule has to be at the start or at the end of the .htaccess file? Or does that not matter?

B.) Do the other .htaccess files also need this “RewriteOptions inherit” rule?

 

3. Please have a look at the following 302-redirects that can be setup in cPanel:

- ‘userprofile.heliohost.us’ ==> ‘anydomain.com’

- ‘userprofile.heliohost.us/exampledomain.com’ ==> ‘anydomain.com’

- ‘exampledomain.com.userprofile.heliohost.us’ ==> ‘anydomain.com’

Will autoSSL renewal work properly, even when these ‘302’-redirects are enabled in my account?

 

Thank you and kindly awaiting your reply. :-) 

Edited May 31, 2021 by vvenet