How to disable autodiscover/autodiscover.xml?
Hello,
Sorry in advance if this is the wrong section for this, I thank in advance if it gets moved.
From my understanding if we set "Remote Mail Exchanger" under "Email Routing", it's supposed to stop autodiscover/autodiscover.xml from being active. I could be wrong though, I read this
Can anyone help me here?
-
The instructions are for WHM only and that's server-wide. There are multiple accounts in the server. Sorry if I'm missing something here. 0 -
Hi @cPRex, thank you for answering. Disabling the option server-wide would keep the DNS records from being created in the future. If you don't want the DNS records for a certain domain, using the DNS Zone Manager tool inside of cPanel to remove the specific records from the domain is the easiest per-domain way to remove those records.
What DNS records would that be though? Please note I'm trying to get rid of domain.com/autodiscover/autodiscover.xml and not autodiscover.domain.com0 -
Thanks for that clarification. Since that is the case, you don't want to make any DNS changes as that would disrupt the autodiscover subdomain. cPanel includes the following entries by default in the Apache configuration file, which is why you found that editing .htaccess wasn't sufficient to make the change, but only an Apache include would partially take care of it. ScriptAliasMatch ^/?controlpanel/?$ /usr/local/cpanel/cgi-sys/redirect.cgi ScriptAliasMatch ^/?cpanel/?$ /usr/local/cpanel/cgi-sys/redirect.cgi ScriptAliasMatch ^/?kpanel/?$ /usr/local/cpanel/cgi-sys/redirect.cgi ScriptAliasMatch ^/?securecontrolpanel/?$ /usr/local/cpanel/cgi-sys/sredirect.cgi ScriptAliasMatch ^/?securecpanel/?$ /usr/local/cpanel/cgi-sys/sredirect.cgi ScriptAliasMatch ^/?securewhm/?$ /usr/local/cpanel/cgi-sys/swhmredirect.cgi ScriptAliasMatch ^/?webmail$ /usr/local/cpanel/cgi-sys/wredirect.cgi ScriptAliasMatch ^/?webmail/ /usr/local/cpanel/cgi-sys/wredirect.cgi ScriptAliasMatch ^/?whm/?$ /usr/local/cpanel/cgi-sys/whmredirect.cgi ScriptAliasMatch ^/Autodiscover/Autodiscover.xml /usr/local/cpanel/cgi-sys/autodiscover.cgi ScriptAliasMatch ^/autodiscover/autodiscover.xml /usr/local/cpanel/cgi-sys/autodiscover.cgi Alias /bandwidth /usr/local/bandmin/htdocs/ Alias /img-sys /usr/local/cpanel/img-sys/ Alias /java-sys /usr/local/cpanel/java-sys/ Alias /mailman/archives /usr/local/cpanel/3rdparty/mailman/archives/public/ Alias /pipermail /usr/local/cpanel/3rdparty/mailman/archives/public/ Alias /sys_cpanel /usr/local/cpanel/sys_cpanel/ ScriptAlias /cgi-sys /usr/local/cpanel/cgi-sys/ ScriptAlias /mailman /usr/local/cpanel/3rdparty/mailman/cgi-bin/
There's a good discussion about this at the following link:0 -
Hi, I have managed to disable autodiscover.xml link for a domain via mod_security rules. Below are the steps which I have followed. added the below rule to WHM Home " Security Center " ModSecurity" Tools " Rules List " Add new rule [QUOTE]## block specific exchange requests example.org SecRule REQUEST_URI "autodiscover/autodiscover.xml" "id:9990001,nolog,status:404,chain" SecRule SERVER_NAME "example\.org" "t:lowercase" 0
Please sign in to leave a comment.
Comments
6 comments