Press "Enter" to skip to content

Resolve .well-known Access in WordPress for Apple Pay and Stripe on an Apache Web Server

You might see an error message related to Apple Pay in WPForms, Woocommerce or other WordPress plugins when you try to connect to Stripe. The Stripe instructions tell you to upload a validation file to https://yourwebsite.com/.well-known/apple-developer-merchantid-domain-association. Yet when you do, you get a 404 error because the file is not readable.

This happened to me with a shared DreamHost webhosting account. I searched the interwebs and found several solutions but none of them worked. It turned out to be a file permissions issue. Here’s how to validate your Apple Pay certificate to remove the WordPress error for Stripe.

1. Edit .htaccess

Edit your .htaccess file in the root of your domain. You should see it in the same directory as /.well-known, and other subdirectories like /wp-content and /wp-admin. The original file should look something like this:

# BEGIN WordPress

RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]

# END WordPress

You will add the highlighted line below, at the location specified:

# BEGIN WordPress

RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteRule ^/\.well-known/.+ - [END]
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]

# END WordPress

2. Set Permissions for /.well-known

Next, using chmod or your web host’s file editor, set owner/group/public read/write/execute permissions as follows:

  • Set the directory /.well-known to 755 (drwxr-xr-x)
  • Set the file permissions on /.well-known/apple-developer-merchantid-domain-association to 644 (-rw-r–r–)

3. Test the URL

Finally, test the below URL, replacing “yourwebsite.com” with your full domain name (with or without www as appropriate):

https://yourwebsite.com/.well-known/apple-developer-merchantid-domain-association

Results

If this solution worked, then you should see a very long text string fill your browser window, and you can finalize validation.

If you still get a 404 error, then try changing permissions on the file from 644 to 777 temporarily. If that resolves the problem, then try reducing permissions as much as possible to reduce security issues.

You’re done!

DISCLAIMER: We are not responsible for any harm you do to your website using this information. It is your responsibility to back up your files before making any changes, and to validate any information provided.

Facebook Comments

Dennis Consorte
Dennis Consorte

I work at Consorte Marketing as a fulltime content strategist, digital marketing and operations consultant for a handful of clients. I am also a digital marketing expert at Digital.com. I often build teams to execute on these strategies, and agile frameworks for workflows, inspired by Scrum. I work to improve my leadership and communication skills, including periodically re-centering myself, and helping others to find purpose in their work. Dennis Consorte

View all posts