/forbidden.html visits by Digicert DCVDigicert

My domain is: https://www.wizonemail.com/

I ran this command: none

It produced this output: forbidden.html 404 error

My web server is (include version): Apache

The operating system my web server runs on is (include version): Ubuntu 14

My hosting provider, if applicable, is: DreamHost

I can login to a root shell on my machine (yes or no, or I don’t know): I don’t know

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): DreamHost control panel

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

Hi, Digicert confirmed the link concerning the 404 error “doesn’t looks like Digicert file auth path”. I only have Let’s Encrypt on the site. Please advise if this is from Let’s Encrypt and how do I make this 404 visits disappear completely.

Screenshots are taken from WordPress SEO Plugin – Rank Math’s 404 Monitor and All In One WP Security & Firewall’s 404 Event Logs.


.well-known/pki-validation is indeed not Let’s Encrypt path. Dreamhost offers both Let’s Encrypt and Sectigo certificates by the look of it, and the path is what Sectigo is using.

It’s unclear though what is your concern regarding 404 - anyone can request any missing pages on your site as long as it is publicly accessible, as well as anyone might try to issue a certificate against your domain name, which might trigger requests you are observing.

The concern is to filter out unnecessary and mostly botted crawling that I know where from so I don’t need to keep a long list of blacklist IPs, and to keep my 404 logs more related to my user searches. I will forward the information about Sectigo to DreamHost support and ask for confirmation because when I asked them they didn’t seem to have a clue where it was coming from. Thanks for your assistance.

Change your .htaccess to not forward /.well-known/* requests to index.php, and you won’t see them in your logs.

It is a fool’s errand to try shut these requests down, as any person whatsoever can ask any CA to generate them.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.