Disable Webmail Login Presentation Username and Password
AnsweredHi, 6 years ago i wanted to disable webmail login and i did so by editing the template for the login page. If the login was for webmail rather than username and password i displayed "Sorry Not Authorized" But i looked at the file and it appears the code has changed.
Here is that old post...
So i wanted to ask first, is there a way to disable webmail login. Again im not talking about blocking ports, im talking about an option that if someone goes to domain.com:2096 that it will not allow them to log in by removing the login and password fields.
I still want to use webmail but i dont want a public login available.
Is that a feature option (config value) in the new cpanel version?
Thanks so much :)
-
Hey there! There isn't an option to configure this in cPanel. If someone were to visit 2096, what would you expect them to see in this scenario?
0 -
Since that login file is used as a generic dynamic login presentation page i believe for everything login then if it is a webmail login request, i just want them to see "This feature is disabled" or something to that effect, rather than username and password fields.
As long as this is false, then other login request should work as normal showing username and password without effecting them at all, this would just effect webmail login requests.
But if its true then the code below show the disabled text.
(fyi, i also updated the title of this post to be more specific) I also understand that every cpanel update ill have to do it again.
IF app_name=="webmaild"
locale.maketext('Login Feature For Webmail Disabled!')0 -
Do you also want those users to not have access to webmail inside their cPanel? If so, you could create a package/feature list that doesn't include webmail.
0 -
Hi,
No, i will be the only user on this VPS, but in general yes webmail is still available inside cpanel, and webmail can still be gotten via a third party mail client ie outlook. I only want the login page display for webmail via the browser to be disabled. I will never user the webmail login, and i will never have anyone else but me on the VPS. Even if that changes and i add someone down the line, they will also never use the webmail login via browser. It is another access point i am attempting to close down by both port and display.
My feeling is the less options i give for access the better off i am. :)
0 -
In that case, I'd just recommend blocking the port and removing the Webmail service from the default feature list. That will keep any users that try :2096 or /webmail from getting anything in response, and the button will no longer be present in cPanel.
-1 -
Blocking the port i see, but removing the feature will not allow my to use the mail service in dpanel as i do have domain email addresses so i dont want to take that away. Are you saying that removing the webmail feature from the feature list will still allow me to use email in cpanel?
Maybe im thinking that webmail and domain email are the same thing.
0 -
Yes - removing the Webmail feature just removes the "access webmail" button next to the email account. You'll still be able to create and manage email accounts normally.
1 -
Interesting, i never knew that. When people suggested removing the webmail option, i always thought that meant disabling all email functionality. I was afraid to test it because i did not want to lose all my email data. Wow, ok ill try that, thanks for sharing that tidbit of info. :)
0 -
Sure thing!
0 -
Well i guess i was on the wrong planet and totally misunderstood what you were talking about. I had important emails to reply to and i never got my emails in the account, and that is because i removed it from the feature list. I thought that removing it from the feature list would still allow me to check, get, and send mail from the server but it would just disable the webmail (not email) service.
I was wrong, and now i have to eat crow and humbly ask for the people to resend their email. If it even works now. I just sent a test email 20 min ago and still have not received it. So i guess i broke the email.
Please understand i am upset with myself not you. But to explain why i wanted the original request.
In my brain to harden a server you dont just block the port and leave a login form available. You lock the port AND remove access to the login form. If by permission or hard removal, I do not want the webmail login input form to show.
I could just set it as display:none in the css but i cant do that because the same page is used for whm and cpanel logins as well.
So i also tried to add and IF statement to the template file and it did not work. Then i moved my IF statement to control the whole login fields div, that didnt work either.
All i want to do is if they go to port 2096, they see the logo for WEBMAIL but no login form, i cant possibly be the first person to ever want this.
I have to get cracken to fix my email if i can..
If you have an idea please share...... thanks :)
This is what i want when someone goes to https:// example dot com:2096
Update: mail is working again, i dont except non ssl ports but that is ok.
i think i might have this done..... see below
update, resolved
Just FYI for anyone that wants to do this... Here is how... cpanel has a built in interface called theme manager. :)
0
Please sign in to leave a comment.
Comments
10 comments