Skip to main content

Mail Subdomain added as alias to main domain in httpd.conf

Comments

30 comments

  • cPanelMichael
    Hello, This behavior is by-design as of
    0
  • megahost
    Hi, i get the same problem, mail.mydomain.com is showing the contect of mydomain.com and my SEO guy asked me to fix that. Is there any way to fix that? thanks.
    0
  • cPanelMichael
    i get the same problem, mail.mydomain.com is showing the contect of mydomain.com and my SEO guy asked me to fix that.

    Hello, You can manual remove the "mail" entry from the "serveralias" line in the following configuration files under the /var/cpanel/userdata/$username directory: /var/cpanel/userdata/$username/$domain.com /var/cpanel/userdata/$username/$domain.com_SSL Then, remove the .cache files for these domain names: /var/cpanel/userdata/$username/$domain.com.cache /var/cpanel/userdata/$username/$domain.com_SSL.cache Next, rebuild the Apache configuration file:
    /scripts/rebuildhttpdconf
    However, keep in mind this is part of what allows SSL certificate validation for mail.domain.tld as part of the Domain TLS functionality: What is Domain TLS - cPanel Knowledge Base - cPanel Documentation Thank you.
    0
  • 4u123
    This is causing a problem with the mail subdomain showing up in search engine results, even though the mail subdomain has never been linked to from anywhere. I'm sorry guys, but a subdomain that is not used for web content has no right being included in the Apache configuration, especially when it is a CNAME. This can cause all sorts of problems with SEO. We need an option to disable this in tweak settings please. ASAP You said... We made this change in order to simplify Mail SNI and SSL certificate management and reduce unnecessary mail client warnings. There are no "unnecessary" mail client warnings. Those warnings are legitimate This functionality is outdated anyway. Why use the mail subdomain at all when the main domain is already configured and will most likely be covered by an SSL cert anyway? Moving forward, you should be looking at dropping the mail and FTP subdomains completely, rather than trying to find a workaround that is impractical and could cause damage. This is completely unwanted and unnecessary.
    0
  • MaxFein
    ...We need an option to disable this in tweak settings please. ASAP...

    +1 for sure this is a big pita - don't use my web server for mail services, these are taking a third of the SSL SAN limit :( thanks for the workaround, simple option to disable would be great
    0
  • cPanelMichael
    thanks for the workaround, simple option to disable would be great

    Hi, I'm glad to see the workaround helped. I encourage you to open a feature request if you'd like to see an option for this included in WHM: Submit A Feature Request Thank you.
    0
  • TAugustine
    Hello Support, I am also facing the similar issue, mail.mydomain.com is showing the exact same contents of mydomain.com This is a big-time issue as google search console is flagging all the pages as duplicate content 'Duplicate without user-selected canonical' Kindly advice as a website owner how can I fix this? Should the workaround provided by you to be done by the hosting provider? Thanks in Advance.
    0
  • 4u123
    This has come up again with a customer today - they are really not happy about it. I honestly don't know what you guys were thinking with this. At the very least you need to globally change the DNS records for the mail subdomain to an A record instead of a CNAME so it can have its own separate vhost entry and point it to some default page instead! It has to be done. Come on guys pull your socks up! It's painful to see this kind of thing happening.
    0
  • wintech2003
    Had a customer complain about it today too. His WordPress site would show up under domain.com / www.domain.com / mail.domain.com Had to create an .htaccess rule to redirect mail. requests to www.
    RewriteEngine On RewriteCond %{HTTP_HOST} ^mail.domain.com [NC] RewriteRule ^(.*)$ http://www.domain.com/$1 [R,L]
    I didn't redirect to https to avoid breaking AutoSSL for mail.domain.com, but maybe I'll need to add the Comodo / .well-known exceptions too.
    0
  • cPRex Jurassic Moderator
    So maybe a better question would be, what would you like to see changed with this behavior? Are you thinking the "mail" subdomain should just be completely removed from Apache as previous posters mentioned?
    0
  • wintech2003
    I understand this was added to be able to create SSL certificates for the mail. subdomain for use with Exim and Dovecot. I don't want this to stop working, as offering the customer to use mail.their_domain.com as incoming/outgoing mailserver with SSL if very convenient, but maybe there could be a rule in the httpd.conf level that will only allow traffic for DVC to pass through to public_html/.well-known/... and either block anything else, or redirect it to the root domain.
    0
  • cPRex Jurassic Moderator
    I spoke with several different people about this issue and there currently aren't plans to change this behavior. The best thing to do for this would be to open a feature request as any change mentioned in this thread so far would require significant changes to the system.
    0
  • slim
    What is the status of this? I was just informed of this by a client after their SEO mob discovered their entire site loads via
    0
  • Markif
    @slim Is your mail.theirdomain.com a namebased site or a IPbased site ? (so has a dedicated IP or not ?)
    0
  • slim
    @slim Is your mail.theirdomain.com a namebased site or a IPbased site ? (so has a dedicated IP or not ?)

    Name based site. No dedicated IP
    0
  • Markif
    @slim and their users use mail ? And if so, have they configured their mailclient to use mail.theirdomain.com as well for SMTP as IMAP/POP (as is the automatic configuration) ?
    0
  • slim
    @slim and their users use mail ? And if so, have they configured their mailclient to use mail.theirdomain.com as well for SMTP as IMAP/POP (as is the automatic configuration) ?

    they use office 365 - but I use mail. For smtp for their photocopier. regardless - mail. Should never produce duplicate content. This decision is madness
    0
  • Spirogg
    they use office 365 - but I use mail. For smtp for their photocopier. regardless - mail. Should never produce duplicate content. This decision is madness

    do you / they have wp toolkit installed or just wordpress via cli installation? just wondering thanks
    0
  • Markif
    @slim it should be possible to workaround, but it will not be panel-supported, and is not via WHM/CPANEL, and will be overwritten at every update / config change etc (but that can be solved if you have scripts that re-change the config-files after every CPANEL-reset...). I only tested it on 102.0.15 So 1/ first backup 2/ first try on a test-domain, certainly if mail is involved. A way could be to create subdomains for smtp.theirdomain.com, mail.theirdomain.com, pop.theirdomain.com and imap.theirdomain.com Some WHM/CPANEL settings can block this, but it can be allowed. WHM/CPANEL can create then a redirection from say smtp.theirdomain.com to theirdomain.com/smtp, etc... AutoSSL can then generate an ssl keypair as it can create the verification files it needs in say (for imap) /home/UNIXUSERNAME/public_html/imap/.well-known/pki-validation/ it will generate the keypair. Now the DoveCot (IMAP, POP) has to be updated /etc/dovecot/sni.conf at the end add a comment with a unique ID so you can test on it with grep or so to see if it is still there or has been overwritten by WHM/CPANEL scripts. after that comment add --- local_name "imap.theirdomain.com" { ssl_cert = .smtp you can put there what you want, or do a 301 redirect (permanent redirect, but *exclude* /home/UNIXUSERNAME/public_html/imap/.well-known/pki-validation etc so the DCV validation of autossl can continue to work. mail.theirdomain.com is automaticly added in the httpd.conf file by WHM/CPANEL. Sed can remove it, but it will be put back on every system-change. But your script can test on it and rewrite it and restart Apache again.... So, to sum up, it is possible I think, but need some change, and some cronned adjustment scripts to put the change back after each reset.... to not create certificate problems in the mail-clients. Doable, but only if you have the scripts to put back the modifications after resets. Don't know what @cPRex will think of this all.... And as it is not cpanel-supported, no garantee that it will continue to work in next cpanel versions...
    0
  • slim
    Toolkit is installed
    0
  • Spirogg
    Toolkit is installed

    has anyone ever checked with the forums at plesk, where toolkit came from. this I agree is weird especially when they offer toolkit and support it. I do not use WordPress but saw the responses and was not happy for you all. ;( thanks for your reply
    0
  • slim
    Thanks for the long post, but I"m not after complex, non supported work around a - I"m after a fix for what I consider a rather large flaw in cPanel design.
    0
  • Spirogg
    Thanks for the long post, but I"m not after complex, non supported work around a - I"m after a fix for what I consider a rather large flaw in cPanel design.

    is this all cpanel accounts that have WordPress installed, so everyone who has mail.domain.com available for emails and SSL will get duplicate content if they install WP ? or is this a wsmall amount of cases depending on the cpanel version and wordpress version really weird that they said they will not fix this? this seems to me to be broken. then?? you offer a product and features then one of the programs you offer create this issue should be looked into as a bug amd fixed, you cant take away a feature customers pay for and say use one or the other. mail.domain.com was part of cPanel for years and then you added toolkit and now this issue with WP sites? something is wrong. just my 2 cents. I would not be happy either cant use mail but can use WP cant use WP but can use mail this is bad SEO as well.
    0
  • slim
    I don"t believe it has anything to do with WapToolkit. I believe it"s due to auto ssl.
    0
  • Markif
    To complete this complex and unsupported solution ;)
    Must be done also for exim for the SMTP service so exim serves the right key-pair as expected by the HELO command in the SMTP exchange. (have to find again with file does this, will update)

    For exim : it is searching his keypairs annonced in the SMTP HELO in /var/cpanel/ssl/domain_tls/ So the missing (sub)domains can be simply copied there with a script from /var/cpanel/ssl/apache_tls/ where autossl has created them.
    0
  • Markif
    PS : by the way autoSSL actually works, it *needs* a web access on the hostname for witch it is creating a certificate : that the way it does the (minimum) verification. So at least at the moment that the autoSSL script runs, this web access must be someway available.... But if web access must be completely be avoided at all, it is still possible to pay for a DV-certificate, and validate it by with the third party provider via email or DNS entries.
    0
  • Markif
    and there is probably still the (old) solution from @cPanelMichael to remove the "mail" host from the apache configuration here
    0
  • cPRex Jurassic Moderator
    Do many customers even use "mail.domain.com" anymore? The mail client doesn't care what domain you're connecting to as long as there is an SSL in place. Just so I'm clear on what we're looking for - we want mail.domain.com to get secured with AutoSSL in dovecot and other mail tools, but *don't* want there to be an Apache alias/vhost/entry of any kind to ensure it doesn't load from a browser. Is that correct?
    0
  • tss
    @cPRex: Nobody answered, but I will. Yes! Finally saw this in action when using httrack to download a CMS domain so that I could make it static. Of course I've been using the "mail" subdomain for almost 20 years because it's always been part of the cPanel docs, and of course I'm using using it for SNI with AutoSSL with Sectigo certs. cPanel STILL lists it in the configuration email sent to clients. Email is as large a part of my hosting business as web sites; for small business they're quite connected. Having the main domain visible at "mail.domain.com" IS bad news. So the solution now is to just make a single MX on the main domain and drop the "mail" subdomain completely? That's fine for new domains, but not for clients you''ve had for 10 years or more with a slew of email accounts...
    0
  • pendias
    Hello, Donno if it helps, but you can simply add the following code to the .htaccess of the main website. This will stop the subdomain showing the main website content, and instead will show the cpanel default page. =============== RewriteEngine On RewriteCond %{HTTP_HOST} ^mail\.yourdomain\.com$ [NC] RewriteRule ^$ /cgi-sys/defaultwebpage.cgi [L] ===============
    0

Please sign in to leave a comment.