Country blocking, blocks the issuance of certificates, although there is a rule allowing access by known bots. Please, if anyone knows how to deal with this, please write. I issue certificates in the Hestia panel, and until I disable the country restriction rule, I get a 403 error. As you can see I have already added the rules , taken from the locked log, access /.well-known/acme-challenge/ and Mozilla/5.0 (compatible; Let’s Encrypt validation server; +https://www.letsencrypt.org), but it did not help.
(not ip.geoip.country in {“RU”} and not cf.client.bot and http.request.uri.path ne " /.well-known/acme-challenge/" and ip.src ne 3a06:6f00:9::6aa and ip.src ne 192.168.1.1 and http.user_agent ne " Mozilla/5.0 (compatible; Let’s Encrypt validation server; +https://www.letsencrypt.org)") or (http.request.version eq “HTTP/1.0”) or (not ssl)