It’s the stuff of nightmares, a random folder has appeared on your web space and you don’t remember putting it there.

Panic sets in!

You begin to wonder if you’ve been hacked so you send a support ticket to your web host frantic to find out what’s been going on with your hosting account.

Thankfully your web host is on the ball (*cough* D9 Hosting *cough*) and knows exactly where this rogue “.well-known” directory has come from.

The “.well-known” directory will appear on all cPanel servers that are using the Comodo AutoSSL feature. The directory will contain one or more .txt files that Comodo will use to validate the domain name before it will issue an SSL Certificate for it.

So if you’d like your web host to continue to provide you with free Comodo SSL certificates you should leave the “.well-known” directory alone. If you remove the directory and the files within it, Comodo will no longer be able to provide you with the free SSL certificates.