mailman redirects

[darklord1]

I got aggravated when a user went to : http://domain.com/mailman/, I setup a redirect, to prevent the forbidden error and other issues.

Here's what I did:

I added this line, right above the Cpanel line in my httpd.conf:

ScriptAliasMatch ^/?mailman/?$ /usr/local/cpanel/3rdparty/mailman/cgi-bin/index.cgi


This forces the execution of index.cgi if they access mailman alone.

Then I created the file:
/usr/local/cpanel/3rdparty/mailman/cgi-bin/index.cgi


In that file, here are the contents:

Code:

#!/usr/bin/perl -T


use strict;
use warnings;


my $URL = "/mailman/admin/";

print "Status: 302 Moved\nLocation: $URL\n\n";

I chmod 0755 /usr/local/cpanel/3rdparty/mailman/cgi-bin/index.cgi so it could be used by everyone(WITHOUT SUID, or the hostname will break).

So now, no matter what they access, hostname, ip, domain name, it will redirect to mailman/admin/ without changing the base domain.

It's a small annoyance, but It helps with the redirect there for new users. Also, I've tested everything I can think of on mailman, I dont really see an issue as far as anything breaking, if anyone finds anything, please let me know.

If everything pans out, I would like to see this added to the next release, it looks so much better when a user access /mailman, it doesnt give out any errors.

Also, I was thinking, admin might not be the best file to redirect to, but the code is easily changed.

[darklord1]

I also did the same thing with the create page. I couldnt remove it from the content of the admin page in mailman(making users think they could use it to create lists and such), so I moved the create file and replaced it with a file with the following content:

Code:

#!/usr/bin/perl -T
#


use strict;
use warnings;


my $URL = "/mailman/admin/";
print "Content-type: text/html\nrefresh: 5; $URL\n\n";
#print "refresh: 5; $URL\n\n";
#print "Status: 302 Moved\nLocation: $URL\n\n";

print '<center><h1>This page has been disabled for Security reasons</h1><BR><BR> Please click <a href="/cpanel/"> here </a> to goto the control panel, where you can create a new mailing list. <BR>Otherwise, you will be redirected to the admin panel in 5 seconds.'

The create file is: /usr/local/cpanel/3rdparty/mailman/cgi-bin/create

This is an alternative to the forbidden or error page you get when you click on the link in the mailman admin panel.

I'm almost certain all my efforts will be destroyed with the next cpanel update, so I've made sure I've edited the right apache configuration file:
I copied the /var/cpanel/templates/apache2/main.default to /var/cpanel/templates/apache2/main.local, then edited both files(local is supposed to be used first, but just incase, I edited default as well.
I made this edit:

Code:

ScriptAliasMatch ^/?mailman/?$ /usr/local/cpanel/3rdparty/mailman/cgi-bin/index.cgi
[% FOREACH dir IN main.scriptaliasmatch.items -%]
ScriptAliasMatch [% dir.regex %] [% dir.path %]
[% END -%]

And then I created runme.sh in /etc/cron.hourly/, the contents of runme.sh are:

Code:

#!/bin/bash

if [ -f /usr/local/cpanel/3rdparty/mailman/cgi-bin/index.cgi ]; then
echo mailman redirect exists
else
cp /root/crons/index.cgi /usr/local/cpanel/3rdparty/mailman/cgi-bin/index.cgi
chmod 0755 /usr/local/cpanel/3rdparty/mailman/cgi-bin/index.cgi
chown mailman:mailman /usr/local/cpanel/3rdparty/mailman/cgi-bin/index.cgi
echo Replaced index.cgi
fi


if [ `grep -c refresh /usr/local/cpanel/3rdparty/mailman/cgi-bin/create` -gt 0 ]; then
echo Create does not need to be replaced.
else
mv /usr/local/cpanel/3rdparty/mailman/cgi-bin/create /usr/local/cpanel/3rdparty/mailman/cgi-bin/create_old
cp /root/crons/create /usr/local/cpanel/3rdparty/mailman/cgi-bin/create
chown mailman:mailman /usr/local/cpanel/3rdparty/mailman/cgi-bin/create
chmod 0755 /usr/local/cpanel/3rdparty/mailman/cgi-bin/create
echo Replaced Create in mailman
fi

I had to copy the files to /root/crons/(made the directory too).

This means that if index.cgi doesnt exist, move my copy in place, and if create isnt my code, move it, and copy the right file.


This is until/if cpanel makes this a permanent solution.