Completely remove webmail access

[Tom Risager]

Is it possible to completely remove webmail access from a cPanel server?

I am using a separate server for email, and I would like to remove the webmail login from the servers that do not host email (so users will know instantly if they have navigated to the wrong location).

 

[cPanelMichael]

Hello

You can disable the three webmail applications available in cPanel under the "Mail" tab via:

"WHM Home » Server Configuration » Tweak Settings"

You can also disable "Webmail" in your feature lists via:

"WHM Home » Packages » Feature Manager"

Thank you.

 

[Tom Risager]

Thanks for your response, Michael.

However, my goal is to prevent the webmail login screen from showing up at all. As far as I can tell, disabling the webmail applications and removing webmail from the feature list does not accomplish this.

 

[cPanelMichael]

You could create a custom login page that is presented to users when they attempt to access Webmail:

Custom Branded Login Pages

However, there are no native features that will disable the Webmail login page completely. Feel free to open a feature request for this via:

Submit A Feature Request

Thank you.

 

[Tom Risager]

As far as I can tell, the best I can do is to replace the "Webmail" image through the branding method. The actual login box is still displayed.

I understand there is no feature to do this - but if anyone with a similar setup has come up with a solution of some kind I'd be very interested in the details.

Thanks,
Tom

 

[cPanelMichael]

You could block access to the Webmail ports on your system (2095,2096). This would prevent access to those ports. Assuming proxy subdomains are not enabled, users would then have no way of accessing the Webmail login page.

Thank you.

 

[Tom Risager]

Good suggestion - thanks. That should do it.

 

[Gauravk]

Thanks Michael, for lovely suggestion. I encountered an attack and after few hours now i removed these two 2095,2096 ports from CSF to stop the LFD attack thru webmail.