From 6d87311394356f2f072c55338673d6ebc865eede Mon Sep 17 00:00:00 2001
From: zotlabs <mike@macgirvin.com>
Date: Thu, 31 Aug 2017 17:47:32 -0700
Subject: now letsencrypt is creating a .htaccess file with re-write rules
 which kills most of our .well-known routes

---
 Zotlabs/Web/Router.php | 12 ++++++++++++
 1 file changed, 12 insertions(+)

(limited to 'Zotlabs/Web/Router.php')

diff --git a/Zotlabs/Web/Router.php b/Zotlabs/Web/Router.php
index 3190369c8..710aa2844 100644
--- a/Zotlabs/Web/Router.php
+++ b/Zotlabs/Web/Router.php
@@ -119,6 +119,18 @@ class Router {
 
 			if(! (\App::$module_loaded)) {
 
+				// undo the setting of a letsencrypt acme-challenge rewrite rule
+				// which blocks access to our .well-known routes.
+				// Also provide a config setting for sites that have a legitimate need
+				// for a custom .htaccess in the .well-known directory; but they should
+				// make the file read-only so letsencrypt doesn't modify it
+
+				if(strpos($_SERVER['REQUEST_URI'],'/.well-known/') === 0) {
+					if(file_exists('.well-known/.htaccess') && get_config('system','fix_apache_acme',true)) {
+						rename('.well-known/.htaccess','.well-known/.htaccess.old');
+					}
+				}
+
 				$x = [ 
 					'module' => $module, 
 					'installed' => \App::$module_loaded, 
-- 
cgit v1.2.3