Redirect automatically created subdomains to the real addon domains dynamically
When creating an addon domain in cPanel (e.g., mydomain.com), the system automatically creates a subdomain based on the main domain (e.g., mydomain.com.maindomain.net). I understand that this subdomain is necessary for the functionality of addon domains in cPanel.
However, I want these automatically created subdomains to either not load any website or redirect visitors to the correct addon domain. The challenge is that I am managing a WHM server hosting multiple cPanel accounts, each containing various domains. Ideally, I am looking for a dynamic .htaccess
solution that can be deployed across all web roots for all accounts without requiring domain-specific hardcoding.
Here is the closest solution I have found so far:
RewriteEngine On
# Extract the base domain dynamically
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.*)\.[^\.]+\.[^\.]+$ [NC]
RewriteRule ^ - [E=TARGET_DOMAIN:%1]
# Redirect unwanted subdomains to the primary addon domain
RewriteCond %{HTTP_HOST} !^www\.%{ENV:TARGET_DOMAIN}$ [NC]
RewriteCond %{HTTP_HOST} !^%{ENV:TARGET_DOMAIN}$ [NC]
RewriteRule ^ https://%{ENV:TARGET_DOMAIN}/ [R=301,L]
This approach partially works but has its limitations, because even main domains can be subdomains, and addon domains can be subdomains too.
I tried using DOCUMENT_ROOT
to derive the target domain, but since users can customize DOCUMENT_ROOT
, this method isn’t reliable either:
RewriteCond %{DOCUMENT_ROOT} ^.*/([^/]+)/public_html$ [NC]
Does anyone have a fully dynamic and universal solution that avoids hardcoding the main or addon domain and works seamlessly across various cPanel accounts and domains?
-
Hey there! Unfortunately no, there isn't going to be a global way to redirect these. As you've found, you need to know both the source and destination domains and those document roots will change depending on how the domain is configured.
Are you getting abnormal traffic to these domains on the system? Unless a bot is crawling things, a user would need to manually type in "addon.domain.com" instead of "addondomain.com" in order to visit that page, which seems to be uncommon.
0 -
Hey cPRex,
Yes, I was indeed receiving some traffic on a cPanel-related subdomain. While it wasn’t anything serious or disruptive, I like to keep things clean, this is why I was wondering if there’s a quick and universal solution I can apply across all accounts and domains to prevent any unexpected issues.
0 -
Update - one of our developers has been looking into a solution for this so we've created case CPANEL-46168 to see if there is a good way to workaround this behavior.
If I hear any updates on my end I'll be sure to post them here.
0 -
Wow, that sounds great, thanks for caring about this issue too!
In the meantime - as most of our websites are custom WordPress sites developed by us and all contains our "core" plugin, - I've implemented a (WordPress only) solution with PHP in our plugin. This way, we don't have to manually edit any server/cPanel/account settings or files, just update our core plugin in all our customers' websites (which we do regularly anyways).
If anyone finds this topic in the future and uses WordPress, here is the code:
$server_name = $_SERVER['SERVER_NAME'];
$server_host = explode( ':', $server_name )[0] ?? '';
$wp_home_parsed = wp_parse_url( home_url() );
if ( $server_host
&& $server_host !== $wp_home_parsed['host']
&& $server_host !== 'www.' . $wp_home_parsed['host']
) {
header('HTTP/1.0 403 Forbidden');
exit;
}0 -
Thanks for sharing!
0
Please sign in to leave a comment.
Comments
5 comments