(Solved) VestaCP and Cloudflare -> Error: Let’s Encrypt new auth status 429, rate limit

(FIX at the end)

Hi evreyone! Another rate limit in VESTACP here.

But I can’t find the problem, sorry. I have been actively searching for it aroung 1 week ago, and now I am desperate.

My domain is: mywebsite.com (change it to fit your needs).

I ran this command: Add a new domain to VESTACP as usual, and never gets a SSL certificate.

It produced this output:
Error: Let’s Encrypt new auth status 429

My web server is (include version):
vesta 0.9.8
Ubuntu 18.04 (64 Bit)

I use CloudFlare as DNS.

I can login to a root shell on my machine (yes or no, or I don’t know):
YES

I have already seen these websites, but I can’t still find why I got to the rate limit:

https://check-your-website.server-daten.de/?q=mywebsite.com
https://tools.letsdebug.net/cert-search?m=domain&q=mywebsite.com
https://www.ssllabs.com/ssltest/analyze.html?d=mywebsite.comhideResults=on

Any help is really appreciated!!

Cheers!


FIX :grinning:

It was a rate limit of max 3 errors in 1 hour with Let’s Encrypt.

To fix the issue, I edited

/usr/local/vesta/bin/v-add-letsencrypt-domain

Found this line:

well_known="$HOMEDIR/$user/web/$domain/public_html/.well-known"

And changed to:

well_known="$HOMEDIR/$user/web/$rdomain/public_html/.well-known"

(I changed $domain to $rdomain)

Also, in CloudFlare, I disabled:

"force HTTPS"

And in the SSL tab, I changed from “FULL” to "Flexible"

Everything OK now :slight_smile:


Some people said that typing:

sudo apt-get install --reinstall vesta

Also helped with the same issue. When you reinstall VestaCP no data is lost. I didn’t reinstall it, but could help if my solution doesn’t work for you.

That means that Cloudflare is using insecure HTTP to connect to your server. :grimacing: Your Let’s Encrypt certificate wouldn’t even be used.

No, I changed it after to “FULL” again. It was temporary.

But, as far as I know, if you force HTTPS with htaccess or config files at Nginx , your site will always be https.

Cheers!

The only way the connection between Cloudflare and your origin servers will be secure is if you use “Full (secure)”.

Even if the connection between users and Cloudflare is using HTTPS, it’s not good if the backend connections crossing the world are unencrypted or unauthenticated.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.