Webmail logo

bitpt

• August 29, 2024 23:04
• Edited

In last days many emails accounts receive a email to change email with webmail logo.

Some users change, thinking is a legite email from server operation. Put old password and new, it's a fake page they want current password to hack email account.

Because of this, i need replace webmail orange logo, trying customization...

/var/cpanel/webmail is empty

/var/cpanel/customizations/brand and only see a json file, cpanel_jupiter.json no sucess,

this file only have brand customization, same we can acess in whm/customization

"{"default":{"brand":{"logo":{"forLightBackground" ...."

Trying find roundcube webmail-logo.svg, without success.

https://domain.com:2096/cPanel_magic_revision_1716584589/unprotected/cpanel/images/webmail-logo.svg

Can, someone, help me to solve this,

Thanks In Advance!!!

Rui

PS: Over an hour trying to resolve a simple image change with security implications for the server... WHM seems to need a process to customize not just the branding.

I have all accounts webmail access disable to avoid issues in the next hours.

 

• 

  bitpt

  • August 29, 2024 23:37

  Found it... a symlink in image webmail-logo.svg for webmail-RGB-v42015.svg in

  /usr/local/cpanel/img-sys

  Solved!!!

  Let me ask you why Cpanel has these complications to change a simple image? Could be a simple methods for admins to change own brand, and protect CPANEL and others at the same time. Seems CPANEL loves  server administrators' waste time. Nobody remembered that they could create fake login pages, but they remembered to create this complication with a simple image that differs from the way the logo is changed on the roundcube, in other words, wasted time on this instead of creating something useful for the customer(me and the others). Wrong way to do something...
  

  0
• 

  ffeingol

  • August 30, 2024 14:09

  It's just a guess, but my guess is your "fix" won't last.  The next upcp that does anything with roundcube / webmail will simply replace your logo with the one in the package.

  0
• 

  cPRex Jurassic Moderator

  • August 30, 2024 15:22

  Are the details at https://docs.cpanel.net/whm/cpanel/customization/ not working for the webmail logo?

  0
• 

  joe breath

  • February 04, 2026 19:36
  • Edited

  This phishing attack is common, and replacing the Webmail logo helps users recognize a legitimate login page. Since /var/cpanel/webmail is empty, check /usr/local/cpanel/base/unprotected/cpanel/images/ for webmail-logo.svg.

  For Roundcube, try /usr/local/cpanel/base/3rdparty/roundcube/skins/elastic/images/.

  I had the same issue and found a useful guide on this platform https://busimulatorindonesia.com/ .

  0
• 

  bitpt

  • February 15, 2025 13:03

  I posted a message containing paths for all images (which was later deleted by the administrators). However, during an update, cPanel reverted the images to their default settings. This seemingly simple issue has significant security implications, yet cPanel has not prioritized resolving it. We are paying a high price for this oversight.

  Solution:

  1. Install Roundcube and bypass cPanel's Roundcube.

  2. Add a personal logo.

  3. Protect uploaded images from server-side changes.

  4. Implement a security image page rule.

  But wait...
  Could someone copy and replicate a similar page? No, they can't. There are countless ways to protect users and ensure they are accessing a trusted, secure page.

  Thank you, cPanel, for addressing this issue... We pay for your service, but when we need simple security measures, you either deliver or leave us hanging.

  0
• 

  cPRex Jurassic Moderator

  • February 17, 2025 07:11

  bitpt - can you please explain the security issue you're seeing?

  0
• 

  bitpt

  • February 17, 2025 09:04
  • Edited

  You're kidding!! Cpanel has the same page for millions of websites with nothing to distinguish it from a legitimate site or a site of a gang of criminals. Anyone can copy the HTML and send it, most users (common users don't need to have a degree in IT... they just use it) well... since it's the same, they put their data in (the password security flaw... "it's not our fault for being stupid")... it's the same thing as having a Rolex and a copy of the Rolex (I can't tell the difference... can you cPRex?). And Cpanel allows this and, in addition to allowing abusive use, tries to inhibit any attempt to alleviate the problem. Leave the front door open and prevent anyone from closing the door. Someone once put a box next to the night deposit bank, wrote a paper, broken... put money in the box next to it... it's not a bank security breach, it's a system security breach. When you make security only for sophisticated methods and forget the base..... ahhhhh it's not a security flaw... yes i learn something today...

  0
• 

  cPRex Jurassic Moderator

  • February 17, 2025 16:07

  I still don't understand what the security issue is that you're seeing.  How would our webmail page be different than Gmail or Outlook or any other webmail tools where the login page always looks the same?  I'm not sure what you're specifically trying to fix or what the complaint is here, but I'm happy to try and recommend a solution if I can better understand the issue.

  0
• 

  bitpt

  • February 17, 2025 17:03
  • Edited

  How can you compare Gmail or Outlook authentication with a webmail authentication page?
  When you access Gmail or Hotmail, you don’t actually see their login pages being sent to you. Instead, the authentication happens in second wind. These companies, like Google and Microsoft, fully control their servers and can implement whatever security measures they want. Try send a login like page. For sure you never try. How many email do you receive with gmail or outlook pages ... zero. But with webmail there thousands, why? No... it’s a well-thought-out procedure just the way it is.

  In our case, however, we are bound by cPanel's policies, even when using open-source webmail clients like Roundcube. Despite paying for the server every month, server is not a cPanel hardware, we can't mitigate or do whatever we want in our server because CPANEL revert for own proposes. Branding copyright in footer for example when use Rouncube etc etc. 

  Time usually puts these commercial behaviors in the right place (because technically it is easy to solve, if there is a will to protect and mitigate the problems instead of having something just to propagate the brand and create confusion... I don't see any other reason for this to be happening). Someday websites need to be like cpanel want... 

         

  0
• 

  cPRex Jurassic Moderator

  • February 17, 2025 17:31

  I'm still not sure what issue you're seeing with the tools.  If you have found a security problem with the software please email security@cpanel.net and our team will review that.  Otherwise, I'm sorry but I just don't understand what you're trying to explain.

  0
• 

  bitpt

  • February 17, 2025 22:16

  I speak bad English. no one understood the comparison between webmail login and gmail and outlook. No one realized that they are sending thousands of emails with the webmail login to steal access... and I have to read someone connected to cpanel saying that it is not a security flaw to send an email to security... maybe they are speaking some other language that is imperceptible and no one realized what is going on. CPANEL does not allow customization of the email page, this causes fictitious emails to be sent with exactly the same appearance... to solve the problem I had to install additional software. CPANEL KNOW THIS AND DON'T MAKE PROTECTS CUSTOMER.... don't wast my time to read answers like that... because of these arrogant commercial attitudes, out of 20 servers we had two years ago, we only have 1 with cpanel. 

  0
• 

  cPRex Jurassic Moderator

  • April 30, 2025 13:55

  Details on how to change logos can be found here: https://support.cpanel.net/hc/en-us/articles/4403549809303-How-To-Upload-Custom-Logos-For-Branding

  0

Please sign in to leave a comment.