The operating system my web server runs on is (include version): Ubuntu 14
My hosting provider, if applicable, is: DreamHost
I can login to a root shell on my machine (yes or no, or I don’t know): I don’t know
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): DreamHost control panel
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
Hi, Digicert confirmed the link concerning the 404 error “doesn’t looks like Digicert file auth path”. I only have Let’s Encrypt on the site. Please advise if this is from Let’s Encrypt and how do I make this 404 visits disappear completely.
.well-known/pki-validation is indeed not Let’s Encrypt path. Dreamhost offers both Let’s Encrypt and Sectigo certificates by the look of it, and the path is what Sectigo is using.
It’s unclear though what is your concern regarding 404 - anyone can request any missing pages on your site as long as it is publicly accessible, as well as anyone might try to issue a certificate against your domain name, which might trigger requests you are observing.
The concern is to filter out unnecessary and mostly botted crawling that I know where from so I don’t need to keep a long list of blacklist IPs, and to keep my 404 logs more related to my user searches. I will forward the information about Sectigo to DreamHost support and ask for confirmation because when I asked them they didn’t seem to have a clue where it was coming from. Thanks for your assistance.
