Redirecting to unprotected url

[its_joy]

Hello,

When trying to login cpanel.
We are getting redirected to unprotected url.
For eg: If we try to access cpanels by http://domain.com/cpanel or http://domain.com:2082
We get redirected to http://www.domain.com:2082/unprotected/redirect.html
It says detecting your internet connection.

Please let us know if any solution.

Thanks in advance.

[thewebhosting]

Are you getting this error for particular one domain or all the domains belongs to your server are facing the same kind of issues?

[its_joy]

Hello

We are getting this error for all the domains on our server

Regards!
Its_joy

[cPanelDavidG]

I know we recently did an update to 11.23 to resolve these issues. Try updating cPanel and see if this issue persists.

[jdlightsey]

The http://www.domain.com:2082/unprotected/redirect.html is an iframe that attempts to meta-refresh the browser into http://www.domain.com:2082/. If that fails the browser will try to load http://cpanel.domain.com.

The /unprotected/redirect.html URL doesn't really have anything to do with the security of the connection itself. Files in /unprotected/ are served by cpsrvd without requiring a login (which is essential to get the iframe before a login takes place.)

If you'd rather that http://domain.com/cpanel sends users to https://www.domain.com:2083 you need to turn on the relevant option in TweakSettings ... "Always redirect users to the ssl/tls ports when visiting /cpanel, /webmail, etc."

Whether or not SSL is used with the secondary redirect to http://cpanel.domain.com depends on the existence of a SSL VirtualHost on the same IP address.

This secondary redirect is only attempted if Proxy VirtualHost support is enabled in TweakSettings. When Proxy VirtualHosts are not enabled, the /cpanel redirect script will just issue a HTTP redirect as it did in the past without any iframe/javascript/etc.

There are a few fixes related to this flow of redirect logic that are currently only in Edge, but they should be in the other 11.23 branches soon.

[BigLebowski]

Hi there

All users on one server are seeing this message. Many have called thinking the server hacked. Is there any way to brand this page so it looks more genuine? I am running on:

WHM 11.23.2 cPanel 11.23.3-R25946
TRUSTIX Enterprise 2 i686 on standard - WHM X v3.1.0

Please could you confirm that the page was produced by Cpanel (ie has not been placed by hackers) and how to proceed to remove it?

Thanks
Dude

[cPanelDavidG]

Hi there

All users on one server are seeing this message. Many have called thinking the server hacked. Is there any way to brand this page so it looks more genuine? I am running on:

WHM 11.23.2 cPanel 11.23.3-R25946
TRUSTIX Enterprise 2 i686 on standard - WHM X v3.1.0

Please could you confirm that the page was produced by Cpanel (ie has not been placed by hackers) and how to proceed to remove it?

Thanks
Dude

This page is placed there by cPanel/WHM and is described in the post immediately above yours.

[webstyler]

Hello

If I have read right the page "detecting your internet connection" is already useful where user in under firewall or other system that filter port.. right ?

Is possible to switch off the page "detecting your.." ?

Thanks

[cPanelDavidG]

Hello

If I have read right the page "detecting your internet connection" is already useful where user in under firewall or other system that filter port.. right ?

Is possible to switch off the page "detecting your.." ?

Thanks

The purpose of the page is to attempt to connect the user to port 2082. If that does not work (presumably because their firewall blocks port 2082), then they are routed through the reverse proxy to view cPanel over port 80 automatically. This allows example.com/cpanel to serve those both behind a firewall as those not behind such an aggressively configured firewall.

[webstyler]

The purpose of the page is to attempt to connect the user to port 2082. If that does not work (presumably because their firewall blocks port 2082), then they are routed through the reverse proxy to view cPanel over port 80 automatically. This allows example.com/cpanel to serve those both behind a firewall as those not behind such an aggressively configured firewall.

ok

it's a way to disable this ?

Thanks

[jdlightsey]

Yes, turn off proxydomains in TweakSettings.

[webstyler]

Yes, turn off proxydomains in TweakSettings.

I have disable this

Automatically create cpanel, webmail, webdisk and whm proxy subdomain DNS entries for new accounts. When this is initially enabled it will add appropriate proxy subdomain DNS entries to all existing accounts. (Use /scripts/proxydomains to reconfigure the DNS entries manually)

But when go to http://www.mysite.com/webmail (that i redirect to https) appear page "Detecting your internet connection ..."

:/

[myusername]

Why not direct everyone via reverse proxy instead of using 2082? That eliminates the firewall issue...

Question 2 that BigLebowski asked above, please brand this page or at the very least use some cPanel color schemes. Seafoam Green does not resemble cPanel at all and its causing a lot of tickets I feel would be avoided if it at least looked like it was supposed to be part of cpanel's login system.

[lutronik]

In my cPanel this beginning to happen today.. just in 1 server this happens..

The cpanel needs to correct this!! I was afraid this morning when I saw this!!


[]'s Luiz Passarelli

[cPanelDavidG]

Why not direct everyone via reverse proxy instead of using 2082? That eliminates the firewall issue...

Because only ~95% of functionality works behind the reverse proxy. If you want full 100% functionality, it's best to still use port 2083 (or 2082 for those on plain-text connections)