I have the following in my .htaccess:
# "-Indexes" will have Apache block users from browsing folders without a # default document Usually you should leave this activated, because you # shouldn't allow everybody to surf through every folder on your server (which # includes rather private places like CMS system folders). <IfModule mod_autoindex.c> Options -Indexes </IfModule>
However, this blocks access to the .well-known/acme-challenge directory (because it does not have an index file), which LetsEncrypt needs access to when using --webroot option. Does anyone know how I can exclude this .well-known/acme-challenge directory from the above code?
If I add in an index.html file to the .well-known/acme-challenge directory, then this solves the problem. However, this doesn’t seem like the ideal way to do it. What happens if letsencrypt deletes files from this directory, now or in the future, when I renew the certificate?