We see lot's of troubles when configuring access to the ./well-known/acme-challenge is left to end-users through .htaccess file of their applications. So since Let's Encrypt is quickly becoming a web-standard and since allow access to the ./well-known/acme-challenge directory would not hurt even if other types (eg. commercial or self-signed) of SSL certificate is used, I suggest to configure proper access in at Apache configuration level when a virtual server is first created.
In other words, let's configure proper access to ./well-known/acme-challenge regardless if end-user overrides it in .htaccess file or regardless if Let's Encrypt is used or not. I believe writing such allow directive in Apache configuration file when a virtual server is initially created would safe lot's of possible issues for the end-users and also would unload Virtualmin.com forum and issue sections from massive number of questions with regard to troubles about providing access to ./well-known/acme-challenge directory.