#WP Engine SSL Cert Renewal Blocked as Definite Bot

8 messages · Page 1 of 1 (latest)

ripe lark
#

Hello, my host, wp engine, is having trouble renewing my SSL cert because their bot for checking the site before passing the request to let's encrypt is getting blocked. See the 403 response codes there.

I don't think it's being blocked by the firewall. I think it's being blocked by "Security -> Bots"

I see it in security/WAF logs, being logged as a "definite bot" despite my rule to turn off apps for this user agent.

I have a rule to disable apps for their user agent, but it does not seem to be helping. Any suggestions?

Screenshot_2025-03-03_at_1.29.41_PM.png Screenshot_2025-03-03_at_1.24.42_PM.png Screenshot_2025-03-03_at_1.24.06_PM.png Screenshot_2025-03-03_at_1.20.27_PM.png
small oriole
#

Do you actually have a WAF rule to allow that request? I only see a configuration rule in your screenshots.

ripe lark
#

okay, let me check.

#

yes, I have this rule in my WAF rules:

Screenshot_2025-03-03_at_1.58.14_PM.png
small oriole
#

Please create a WAF custom rule. Your exception is under managed rules, and I don't think that would work.

ripe lark
#

Oh

#

Okay, I created this custom rule. I try to renew the cert again.

Screenshot_2025-03-03_at_2.01.24_PM.png
#

Wow, I see my cert has renewed. I guess that fixed it! Do you know of a handy way to deploy this to all domains in an account? I have hundreds.