Cancel Rate Limiting

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: many domains...

I ran this command: autossl renew

It produced this output: A rate limit prevents DCV

My web server is (include version): Apache/2.4.49 (cPanel)

The operating system my web server runs on is (include version): Centos 7

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): Yes, cPanel

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): Not certbot, cPanel's AutoSSL with Let's Encrypt provider in it.

The AutoSSL probably caused a rate limiting issue with Let's Encrypt due to the expiration of the root certificate.

Is it possible to remove the rate limit for now? A lot of sites are down right now because of it, I'm talking multiple servers. Hundreds, maybe thousands of websites are currently because of that error.

Thank You!

According to a recent post:

.. there currently is no specific temporary rate limit for cPanel at the moment.

All other regular rate limits are there to prevent an overload on the Let's Encrypt systems. I'm sure you're not the only cPanel user out there having issues. Relaxing the regular rate limits could cause such a load spike with all kinds of repercussions for everyone.

Could you perhaps elaborate on why your sites are down? Have the end leaf certificates expired and do you require a renewal? Or is this a certificate chain issue?

Also, perhaps https://forums.cpanel.net/threads/cpanel-33077-letsencrypt-transition-to-isrgs-root-important.673981/ has information which could be helpful.

5 Likes

Sounds like you can expect more load as older cPanel versions won't get the fixes.

Since Autofixer does not work correctly, requests are constantly sent to Let's Encrypt APIs and cause us to hang on rate limits. Can you start a case on this?

versions of cPanel older than the LTS version of 94.0.16 are not supported, so I would not expect the autofixer to work in those cases.

Ah, the perils of running unsupported, ancient software versions...

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.