G'morning!
I ran into an issue where AutoSSL wouldn't renew itself -- often throwing the following error in WHM:
TI:ME:STAMP WARN The domain “COMICDOMAINNAME” failed domain control validation: The content “<!-- Get the site-wide header. --><!doctype html><!-- GRAWLIX TEMPLATE: This comes from snippet.header --><html> <head> <meta c” of the <abbr title="Domain Control Validation">DCV</abbr> file, as accessed at “<a href="http://COMICDOMAINNAME/.well-known/pki-validation/BE14648B436D376F343BC3B9A6F7DA12.txt">http://COMICDOMAINNAME/.well-known/pki-validation/BE14648B436D376F343BC3B9A6F7DA12.txt</a>”, did not match the expected value.
I believe I've found a solution after a good bit of fiddling around. I've tested it on a couple different domains with great success.
In your .htaccess file, add the following two lines immediately after the code block with all the RewriteCond, but BEFORE the line that says RewriteRule.
RewriteCond %{REQUEST_FILENAME} !^.*\.txt$
RewriteCond %{REQUEST_FILENAME} !^.*\.tmp$
Why? Because the autossl generates a txt file to validate the domain. The txt file is a unique key for the SSL request as far as I know. The current rewrite rules don't account for this, so I had to add a couple. Also added a tmp file for good measure as sometimes LetsEncrypt does some goofy things. (I'm using Comodo though.)
SSL and IntenseDebate:
This was a little easier to find and fix. In your theme files, look for a line that looks like this:
<div><script type="text/javascript" src="http://www.intensedebate.com/js/genericCommentWrapperV2.js"></script></div>
Change the http:// to https:// and save the file.
Disqus seems largely unaffected, so you shouldn't have to tweak anything there.
Why do you want SSL anyway?
Because Chrome and Firefox are pushing for it. :'D But realistically, encryption is good, and prevents folks from snooping on your traffic -- especially things like usernames and passwords.
https://www.eff.org/https-everywhere
Anyway, otherwise, Grawlix works well over SSL, IMO.
I ran into an issue where AutoSSL wouldn't renew itself -- often throwing the following error in WHM:
TI:ME:STAMP WARN The domain “COMICDOMAINNAME” failed domain control validation: The content “<!-- Get the site-wide header. --><!doctype html><!-- GRAWLIX TEMPLATE: This comes from snippet.header --><html> <head> <meta c” of the <abbr title="Domain Control Validation">DCV</abbr> file, as accessed at “<a href="http://COMICDOMAINNAME/.well-known/pki-validation/BE14648B436D376F343BC3B9A6F7DA12.txt">http://COMICDOMAINNAME/.well-known/pki-validation/BE14648B436D376F343BC3B9A6F7DA12.txt</a>”, did not match the expected value.
I believe I've found a solution after a good bit of fiddling around. I've tested it on a couple different domains with great success.
In your .htaccess file, add the following two lines immediately after the code block with all the RewriteCond, but BEFORE the line that says RewriteRule.
RewriteCond %{REQUEST_FILENAME} !^.*\.txt$
RewriteCond %{REQUEST_FILENAME} !^.*\.tmp$
Why? Because the autossl generates a txt file to validate the domain. The txt file is a unique key for the SSL request as far as I know. The current rewrite rules don't account for this, so I had to add a couple. Also added a tmp file for good measure as sometimes LetsEncrypt does some goofy things. (I'm using Comodo though.)
SSL and IntenseDebate:
This was a little easier to find and fix. In your theme files, look for a line that looks like this:
<div><script type="text/javascript" src="http://www.intensedebate.com/js/genericCommentWrapperV2.js"></script></div>
Change the http:// to https:// and save the file.
Disqus seems largely unaffected, so you shouldn't have to tweak anything there.
Why do you want SSL anyway?
Because Chrome and Firefox are pushing for it. :'D But realistically, encryption is good, and prevents folks from snooping on your traffic -- especially things like usernames and passwords.
https://www.eff.org/https-everywhere
Anyway, otherwise, Grawlix works well over SSL, IMO.