LetsEncrypt weekly domain rate limits

Version 1.62.0

Bugfix
Finished

LetsEncrypt has a rate limit of 50 requests per week, per main domain. https://letsencrypt.org/docs/rate-limits/ DirectAdmin already had this directadmin.conf option: letsencrypt_max_requests_per_week=100 but it's now been changed to 200, and will now enforce the limit: letsencrypt_max_requests_per_week=200 The 50 LE limit is only requests that make it that far. The le.sh script has some prechecks which could fail before the LE limit, so the 200 limit is now used to err on the side of caution to reach the actual LE 50 limits. In effect, the letsencrypt_max_requests_per_week=200 value is mainly for a last-resort limit on "far too many requests", vs trying to predict the true LE 50 limit. ================== DISABLE You can fully disable the DA limit enforcement by setting: /usr/local/directadmin/directadmin set letsencrypt_max_requests_per_week 0 service directadmin restart ================== FILES /usr/local/directadmin/data/admin/letsencrypt_rate_limits/DOMAIN.COM/weekly_domain_count which will be a JSON file, storing each request attempt. Future requests will read, reduce old entries, and add new ones as needed. If there are 200 or more entries after reduction, the request will not happen, and the new request will not be added to the file. ================== NIGHTLY TALLY Each tally will see if the age of the weekly_domain_count for each main domain is older than 1 week and will fully remove the domain.com directory if it is. ================== USERS These are cross-User files, meaning, if - User bob has domain.com - User fred has sub.domain.com both Users will have their counts stored in the same domain.com/weekly_domain_count file. If you run many subdomains on the system, it would be highly advisable to request a wildcard for domain.com, so that sub.domain.com does not need to create any requests, as the limit would be reached quite quickly.

Interested to try DirectAdmin? Get a 30-day Free Trial!