if I comment out "RewriteRule (^\.|/\.) - [F]" then i am able to access the .well-known/acme-challenge folder but I think this will leave other folder like .git open for exploits.​

Any permanent solution?

I think this should also be included in core as letsencrypt is gaining popularity day by day and I am sure soon all of us will be using it.

2nd Question:

How to achieve the following:

• redirect all http://domain.com to https://www.domain.com
• redirect all http://www.domain.com to https://www.domain.com
• redirect all https://domain.com to https://www.domain.com

So basically, all my traffic be it non-www or www will be redirected to SSL www domain.

Additionally, I have 2 subdomain that works on http, so I want to achieve the above and also keep the 2 subdomain free from the above redirect rule.

RewriteEngine on
#Http to https
#Exclude subdomains
RewriteCond %{HTTP_HOST} !^(sub1|sub2)
RewriteCond %{HTTP_HOST} ^(www\.)?example.com$ [NC]
RewriteCond %{HTTPS} off
RewriteRule ^ https://www.example.com%{REQUEST_URI} [NC,L,R]
#add www on ssl
RewriteCond %{HTTPS} on
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^ https://www.%{HTTP_HOST}%{REQUEST_URI} [NC,L,R]

This is a silly requirement for LetsEncrypt. It's unwise to serve files/dirs starting with "."

Looks like it's a standard location. Made a ticket to make it easier.