diff --git a/.github/workflows/call_invalid_helper.yml b/.github/workflows/call_invalid_helper.yml
new file mode 100644
index 0000000..773767c
--- /dev/null
+++ b/.github/workflows/call_invalid_helper.yml
@@ -0,0 +1,12 @@
+name: Comment on invalid interaction
+on:
+  issues:
+    types:
+      - labeled
+jobs:
+  add-comment-on-invalid:
+    if: github.event.label.name == 'invalid'
+    permissions:
+      issues: write
+    uses: linuxserver/github-workflows/.github/workflows/invalid-interaction-helper.yml@v1
+    secrets: inherit
diff --git a/Dockerfile b/Dockerfile
index a513d9b..5e39bde 100755
--- a/Dockerfile
+++ b/Dockerfile
@@ -107,7 +107,6 @@ RUN \
     certbot-dns-aliyun \
     certbot-dns-azure \
     certbot-dns-cloudflare \
-    certbot-dns-cloudxns \
     certbot-dns-cpanel \
     certbot-dns-desec \
     certbot-dns-digitalocean \
diff --git a/Dockerfile.aarch64 b/Dockerfile.aarch64
index 10f626c..b861b4d 100755
--- a/Dockerfile.aarch64
+++ b/Dockerfile.aarch64
@@ -107,7 +107,6 @@ RUN \
     certbot-dns-aliyun \
     certbot-dns-azure \
     certbot-dns-cloudflare \
-    certbot-dns-cloudxns \
     certbot-dns-cpanel \
     certbot-dns-desec \
     certbot-dns-digitalocean \
diff --git a/Dockerfile.armhf b/Dockerfile.armhf
index a33bdab..839c8bd 100755
--- a/Dockerfile.armhf
+++ b/Dockerfile.armhf
@@ -107,7 +107,6 @@ RUN \
     certbot-dns-aliyun \
     certbot-dns-azure \
     certbot-dns-cloudflare \
-    certbot-dns-cloudxns \
     certbot-dns-cpanel \
     certbot-dns-desec \
     certbot-dns-digitalocean \
diff --git a/README.md b/README.md
index d6ab8c3..4615612 100755
--- a/README.md
+++ b/README.md
@@ -214,7 +214,7 @@ Container images are configured using parameters passed at runtime (such as thos
 | `-e VALIDATION=http` | Certbot validation method to use, options are `http` or `dns` (`dns` method also requires `DNSPLUGIN` variable set). |
 | `-e SUBDOMAINS=www,` | Subdomains you'd like the cert to cover (comma separated, no spaces) ie. `www,ftp,cloud`. For a wildcard cert, set this *exactly* to `wildcard` (wildcard cert is available via `dns` validation only) |
 | `-e CERTPROVIDER=` | Optionally define the cert provider. Set to `zerossl` for ZeroSSL certs (requires existing [ZeroSSL account](https://app.zerossl.com/signup) and the e-mail address entered in `EMAIL` env var). Otherwise defaults to Let's Encrypt. |
-| `-e DNSPLUGIN=cloudflare` | Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `cloudflare`, `cloudxns`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `duckdns`, `dynu`, `gandi`, `gehirn`, `godaddy`, `google`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`. |
+| `-e DNSPLUGIN=cloudflare` | Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `duckdns`, `dynu`, `gandi`, `gehirn`, `godaddy`, `google`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`. |
 | `-e PROPAGATION=` | Optionally override (in seconds) the default propagation time for the dns plugins. |
 | `-e EMAIL=` | Optional e-mail address used for cert expiration notifications (Required for ZeroSSL). |
 | `-e ONLY_SUBDOMAINS=false` | If you wish to get certs only for certain subdomains, but not the main domain (main domain may be hosted on another machine and cannot be validated), set this to `true` |
@@ -335,6 +335,7 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
 
 ## Versions
 
+* **03.12.22:** - Remove defunct cloudxns plugin.
 * **22.11.22:** - Pin acme to the same version as certbot.
 * **22.11.22:** - Pin certbot to 1.32.0 until plugin compatibility improves.
 * **05.11.22:** - Update acmedns plugin handling.
diff --git a/readme-vars.yml b/readme-vars.yml
index f665c70..a1325b3 100755
--- a/readme-vars.yml
+++ b/readme-vars.yml
@@ -51,7 +51,7 @@ opt_param_usage_include_env: true
 opt_param_env_vars:
   - { env_var: "SUBDOMAINS", env_value: "www,", desc: "Subdomains you'd like the cert to cover (comma separated, no spaces) ie. `www,ftp,cloud`. For a wildcard cert, set this *exactly* to `wildcard` (wildcard cert is available via `dns` validation only)" }
   - { env_var: "CERTPROVIDER", env_value: "", desc: "Optionally define the cert provider. Set to `zerossl` for ZeroSSL certs (requires existing [ZeroSSL account](https://app.zerossl.com/signup) and the e-mail address entered in `EMAIL` env var). Otherwise defaults to Let's Encrypt." }
-  - { env_var: "DNSPLUGIN", env_value: "cloudflare", desc: "Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `cloudflare`, `cloudxns`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `duckdns`, `dynu`, `gandi`, `gehirn`, `godaddy`, `google`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`." }
+  - { env_var: "DNSPLUGIN", env_value: "cloudflare", desc: "Required if `VALIDATION` is set to `dns`. Options are `acmedns`, `aliyun`, `azure`, `cloudflare`, `cpanel`, `desec`, `digitalocean`, `directadmin`, `dnsimple`, `dnsmadeeasy`, `dnspod`, `do`, `domeneshop`, `duckdns`, `dynu`, `gandi`, `gehirn`, `godaddy`, `google`, `he`, `hetzner`, `infomaniak`, `inwx`, `ionos`, `linode`, `loopia`, `luadns`, `netcup`, `njalla`, `nsone`, `ovh`, `porkbun`, `rfc2136`, `route53`, `sakuracloud`, `standalone`, `transip`, and `vultr`. Also need to enter the credentials into the corresponding ini (or json for some plugins) file under `/config/dns-conf`." }
   - { env_var: "PROPAGATION", env_value: "", desc: "Optionally override (in seconds) the default propagation time for the dns plugins." }
   - { env_var: "EMAIL", env_value: "", desc: "Optional e-mail address used for cert expiration notifications (Required for ZeroSSL)." }
   - { env_var: "ONLY_SUBDOMAINS", env_value: "false", desc: "If you wish to get certs only for certain subdomains, but not the main domain (main domain may be hosted on another machine and cannot be validated), set this to `true`" }
@@ -157,6 +157,7 @@ app_setup_nginx_reverse_proxy_block: ""
 
 # changelog
 changelogs:
+  - { date: "03.12.22:", desc: "Remove defunct cloudxns plugin."}
   - { date: "22.11.22:", desc: "Pin acme to the same version as certbot."}
   - { date: "22.11.22:", desc: "Pin certbot to 1.32.0 until plugin compatibility improves."}
   - { date: "05.11.22:", desc: "Update acmedns plugin handling."}
diff --git a/root/defaults/dns-conf/cloudxns.ini b/root/defaults/dns-conf/cloudxns.ini
deleted file mode 100644
index a86f7d7..0000000
--- a/root/defaults/dns-conf/cloudxns.ini
+++ /dev/null
@@ -1,4 +0,0 @@
-# Instructions: https://github.com/certbot/certbot/blob/master/certbot-dns-cloudxns/certbot_dns_cloudxns/__init__.py#L20
-# Replace with your values
-dns_cloudxns_api_key = 1234567890abcdef1234567890abcdef
-dns_cloudxns_secret_key = 1122334455667788
diff --git a/root/etc/cont-init.d/50-certbot b/root/etc/cont-init.d/50-certbot
index 395a6d8..4704700 100644
--- a/root/etc/cont-init.d/50-certbot
+++ b/root/etc/cont-init.d/50-certbot
@@ -24,7 +24,7 @@ for i in "${SANED_VARS[@]}"; do
 done
 
 # check to make sure DNSPLUGIN is selected if dns validation is used
-if [[ "${VALIDATION}" = "dns" ]] && [[ ! "${DNSPLUGIN}" =~ ^(acmedns|aliyun|azure|cloudflare|cloudxns|cpanel|desec|digitalocean|directadmin|dnsimple|dnsmadeeasy|dnspod|do|domeneshop|duckdns|dynu|gandi|gehirn|godaddy|google|he|hetzner|infomaniak|inwx|ionos|linode|loopia|luadns|netcup|njalla|nsone|ovh|porkbun|rfc2136|route53|sakuracloud|standalone|transip|vultr)$ ]]; then
+if [[ "${VALIDATION}" = "dns" ]] && [[ ! "${DNSPLUGIN}" =~ ^(acmedns|aliyun|azure|cloudflare|cpanel|desec|digitalocean|directadmin|dnsimple|dnsmadeeasy|dnspod|do|domeneshop|duckdns|dynu|gandi|gehirn|godaddy|google|he|hetzner|infomaniak|inwx|ionos|linode|loopia|luadns|netcup|njalla|nsone|ovh|porkbun|rfc2136|route53|sakuracloud|standalone|transip|vultr)$ ]]; then
     echo "Please set the DNSPLUGIN variable to a valid plugin name. See docker info for more details."
     sleep infinity
 fi