WordPress + ActivityPub in a Subdirectory

The ActivityPub plugin for WordPress enables your blog to work as a Fediverse instance. People can follow you and reply to your posts from Mastodon, Akkoma, GoToSocial, etc. To do that, it has to provide some endpoints in a well-known folder, and the plugin can manage that…if you’re running WordPress at the top level of your site.

That’s not always the case. I’ve got static pages at the top and some subfolders, Eleventy generating other folders like this one, and WordPress running my blog at /journal.

To complicate matters, Let’s Encrypt also looks in /.well-known to verify that your certificate request or renewal is valid.

So, to deal with the combination of Let’s Encrypt, ActivityPub, and using WordPress in a subdirectory, I’m using this rule in my .htaccess file at the top level of the site:

RewriteRule ^.well-known/(host-meta|webfinger|nodeinfo|x-nodeinfo) /journal/.well-known/$1 [L]

This is to ensure that only the webfinger and nodeinfo endpoints are forwarded to the blog where the ActivityPub plugin picks them up, and Let’s Encrypt will find .acme-challenge and be able to renew my TLS cert when the time comes.