: Why do empty .well-known directory keep appearing? One of my servers is used to serve multiple domains and some subdomains of those. It is using a standard LAMP stack with cPanel for people
One of my servers is used to serve multiple domains and some subdomains of those. It is using a standard LAMP stack with cPanel for people to configure and monitor their domains. On that server only, a directory called .well-known keep appearing in each and every folder used as root of a domain or subdomain, so I have now dozens of .well-known subdirectories in the tree and they are all empty! Deleting them only removes them for a short while, they only appear at some later time, usually a few hours later according to the file timestamp.
Why do these .well-known directories keep appearing?
What can I do to prevent them from appearing in the future? I found another question saying that they have some use but I have no use for them and they are empty in any case.
More posts by @Frith620
1 Comments
Sorted by latest first Latest Oldest Best
The .well-known directory is the new place where URL paths should be created when such paths are expected to be on many (or even all) websites. Traditionally, such URLs have been created in the root path of the domain for things like:
robots.txt
favorite icons
verification files
cross domain configuration
This leads to lots of configuration needed for front-controllers that have to special case each of these. There has also been no central place for documentation about what each of the URLs actually does.
The well-known RFC attempts to address this by requiring that all future such URLs be created in the .well-known directory. There is now a registry of uses of .well-known.
The upshot of this is that you have some software running on your website that creates the .well-known directory. The probable cause of this is that you are using LetsEncrypt to get SSL certificates. CertBot puts temporary files into .well-known as part of the verification process that you actually control your website.
You could:
Just leave the directories alone -- they don't hurt anything
Run certbot less often so they don't re-appear as frequently
Put something into your script to clean up more after certbot. However, you shouldn't just delete the .well-known directory if something else is using it as well.
Configure certbot to use a central directory for its verification files. I have the instructions for doing so here: blog.ostermiller.org/letsencrypt-migration
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.