How to Disable cPanel, Webmail, WHM shortcut URLs

Posted on December 26th, 2018

How to Disable cPanel, Webmail, WHM shortcut URLs

 

We can access our WHM, cPanel and Webmail in different URLs. cPanel servers are usually configured by default to allow you to access in easy methods such us:

http://yourdomain.com/cpanel

http://yourdomain.com/whm

http://yourdomain.com/webmail

For security reasons it’s not a safe method to access your control panels in such an easy way. You can remove such redirections by following the below methods.

 

1) Edit cPanel Configuration File

We can edit the configuration file of cPanel for changing the cPanel redirections, this redirection is due to the aliases set in the server, we can edit the aliases from the cPanel configuration file.

Before making changes please take a backup copy, then you need to open the configuration file.

# vi /var/cpanel/conf/apache/main

Search for specified redirection under alias, scriptaliasmatch and scriptalias sections and you can remove the redirection from the specified file.

After making the changes you need to rebuild apache configuration file and restart apachec to reflect the changes.

 

2) Edit cPanel Template Files

We can edit template files to remove the redirection.  Make a backup copy of the template file before modifying it.  You need to comment out  the ScriptAliasMatch, Alias, and ScriptAlias like the below:

 

[% FOREACH dir IN main.scriptaliasmatch.items -%]

#ScriptAliasMatch [% dir.regex %] [% dir.path %]

[% END -%]

 

[% FOREACH dir IN main.alias.items -%]

#Alias [% dir.url %] [% dir.path %]

[% END -%]

 

[% FOREACH dir IN main.scriptalias.items -%]

#ScriptAlias [% dir.url %] [% dir.path %]

[% END -%]

 

Once your changes are saved, please rebuild the apache configuration file and restart the apache service to reflect the changes.

 

3) Edit apache configuration file

You can also disable the redirection by editing the main apache configuration file, it is the most simpler and common method, but whenever we rebuild apache configuration file, in future those change may get override. You can also use apache_conf_distiller to have the changes saved for future. To edit the apache configuration file just follow the steps.

Open apache configuration file.

# vi /usr/local/apache/conf/httpd.conf

First make a backup copy before doing any changes. Then you need to comment out or remove any reference to ScriptAliasMatch, Alias, or ScriptAlias that you do not want to function anymore. Once you saved the file, make sure to restart apache to reflect the changes you made.

You can use apache_conf_distiller to save the changes for a future rebuild. apache_conf_distiller is a function that prevents overwritten of httpd.conf file after cPanel update or httpd rebuild. It is most likely any changes made on httpd.conf will revert after an automatic WHM cPanel updates.  To prevent your httpd.conf file being overwritten, you must make use of the cPanel Distiller. After making the changes run the distiller with the below command.

/usr/local/cpanel/bin/apache_conf_distiller –update

This will keep the changes made in cPanel after the rebuild.

Using the above methods, you can protect your WHM, cPanel and webmail more secure.

 

If you need any further help please do reach our support department.

Leave a Reply