search

plesk / letsencrypt-plesk

Let’s Encrypt extension for Plesk gives all Plesk users the power to get a free Let’s Encrypt certificate with just a couple of clicks.
https://www.plesk.com/extensions/letsencrypt/
180 stars 25 forks source link

Possible removal of .htaccess from document root #119

Closed nfauchelle closed 7 years ago

nfauchelle commented 8 years ago

I think I have ran into a bit of an edge case.

We had an issue where the .htaccess from two of our domains (out of 60~) where removed yesterday. After much searching and hunting I believe the issue was caused by this module updating the certificates. I checked the crontab and it contained two entries to run the renew-certificates.php at exactly the same time [1]. The sites stopped working shortly after due to the missing .htaccess files.

I didn't think it was possible, until I saw in the module code that this script will create and remove a .htaccess file as part of the challenge. I believe that there is some race condition / edge case (eg .well-known exists or the whole challenge html file exists already or the .well-known exists but is removed by first instance before second instance can write its challenge, etc) then some function returns false in which case the self.verify_path is empty so instead of /.well-known/.htaccess it was just /.htaccess.

The crons ran at the same time due to the duplicates in the crontab. Given that, is this possible?

[1] We had the MAILTO in the crontab set. For some reason this module (maybe it's a plesk thing) added an entry under an empty MAILTO and then again under the defined MAILTO. This caused the renew-certificates.php to run twice.

xgin commented 7 years ago

In version 2.0 we reworked the codebase. There is no chance that the issue occurs again.

nfauchelle commented 7 years ago

Thank you for the reply and very useful module.

Since it's a new major version will Plesk automatically pickup and install it? Any timeframe?

xgin commented 7 years ago

Yes, Plesk updates extensions on weekly basis. On Fri, 31 Mar 2017 at 02:01, Nick notifications@github.com wrote:

Thank you for the reply and very useful module.

Since it's a new major version will Plesk automatically pickup and install it? Any timeframe?

— You are receiving this because you modified the open/close state.

Reply to this email directly, view it on GitHub https://github.com/plesk/letsencrypt-plesk/issues/119#issuecomment-290512005, or mute the thread https://github.com/notifications/unsubscribe-auth/AFIQLQimMic2Z1wCjB-Jv5F1P3E_wi27ks5rq_whgaJpZM4J5-cX .

-- Eugene Kazakov

nfauchelle commented 7 years ago

Is there a known timeframe work v2 release?