diff --git a/Rakefile b/Rakefile
index fd84ad30..fd2c0254 100644
--- a/Rakefile
+++ b/Rakefile
@@ -383,11 +383,11 @@ end
 
 desc 'regenerate_ssl_certs'
 task :regenerate_ssl_certs => [:environment] do
-  sites = DB[%{select username,ssl_key,ssl_cert,domain from sites where (domain is not null or domain != '') and is_banned != 't' and is_deleted != 't'}].all
+  sites = DB[%{select id from sites where ((domain is not null or domain != '') and is_banned != 't' and is_deleted != 't' and plan_type is not null and plan_type != 'free') or parent_site_id is not null}].all
 
   seconds = 2
 
-  site.seach do |site|
+  sites.each do |site|
     LetsEncryptWorker.perform_in seconds, site[:id]
     seconds += 10
   end
diff --git a/workers/lets_encrypt_worker.rb b/workers/lets_encrypt_worker.rb
index d042164e..b14709a3 100644
--- a/workers/lets_encrypt_worker.rb
+++ b/workers/lets_encrypt_worker.rb
@@ -3,10 +3,10 @@ class LetsEncryptWorker
   class VerificationTimeoutError < StandardError; end
   class VerifyNotFoundWithDomain < StandardError; end
   include Sidekiq::Worker
-  sidekiq_options queue: :lets_encrypt_worker, retry: 100, backtrace: true
+  sidekiq_options queue: :lets_encrypt_worker, retry: 5, backtrace: true
 
   sidekiq_retry_in do |count|
-    180
+    1.hour.to_i
   end
 
   def letsencrypt
@@ -53,14 +53,16 @@ class LetsEncryptWorker
 
       begin
         puts "WAITING FOR #{domain} VALIDATION"
-        raise VerificationTimeoutError if attempts == 5
+
+        raise VerificationTimeoutError if attempts == 60
         raise NotAuthorizedYetError if challenge.verify_status != 'valid'
       rescue NotAuthorizedYetError
-        sleep 5
+        sleep 20
         attempts += 1
         retry
+      ensure
+        clean_wellknown_turds site
       end
-
       puts "DONE!"
     end
 
@@ -69,9 +71,17 @@ class LetsEncryptWorker
     site.ssl_key = certificate.request.private_key.to_pem
     site.ssl_cert = certificate.fullchain_to_pem
     site.save_changes validate: false
-    FileUtils.rm_rf File.join(site.base_files_path, '.well-known')
+    clean_wellknown_turds site
 
     # Refresh the cert periodically, current expire time is 90 days
     LetsEncryptWorker.perform_in 60.days, site.id
   end
+
+  def clean_wellknown_turds(site)
+    wellknown_path = File.join(site.base_files_path, '.well-known')
+
+    if File.exist?(wellknown_path)
+      FileUtils.rm_rf wellknown_path
+    end
+  end
 end