In Progress [CPANEL-30925] /webmail redirect

Biggyalecs

Registered
Dec 16, 2019
3
2
3
Romania
cPanel Access Level
Root Administrator
Hello,
I have a little problem with my whm/cpanel.
When i'm trying to use domain.com/webmail it takes about 5-10 sec to redirect.
in the left corner i have Cpanel is connecting and in the right corner i have some messeges : first it says preferred, then proxy, then nonsecure, then nonsecure proxy and after that force preferred and redirects me to domain.com:2096

How can i set up whm so it will redirect faster when a user type domain.com/webmail?
 

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,296
1,263
313
Houston
Hello,

There shouldn't be any base configuration of cPanel/WHM that causes this to load slowly. What this may indicate is that there may be a firewall issue. Are you using CSF or iptables on its own?
 

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,296
1,263
313
Houston
Hi @Biggyalecs

It might appear that I spoke too soon when I responded, if you have root access to the server canyou please go to WHM>>Server Configuration>>Tweak Settings and let me know what you have set for:
=======================================================================
Use X-Frame-Options and X-Content-Type-Options headers with cpsrvd

Use the X-Frame-Options HTTP response header to indicate whether a browser can render a page in a <frame>, <iframe> or <object> tag. This allows websites to ensure that their contents are not embedded into other sites, to avoid clickjacking attacks.
The server uses the X-Content-Type-Options response HTTP header to indicate that the MIME types in the Content-Type headers should not be changed or followed.
When you enable this option, the system adds the X-Frame-Options header, with a value of SAMEORIGIN, and the X-Content-Type-Options header, with a value of nosniff, to cpsrvd responses.
=======================================================================

I just saw that one of our analysts opened a case last night indicating that this being enabled (which it is by default) has been causing delayed /cpanel redirects which would include redirects to /webmail
 

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,296
1,263
313
Houston
This issue is not resolved as of now. The internal case for it is still open CPANEL-30925 but as soon as it is updated I'll note the changes here. This being a security feature @hiredgeek there is some risk with having this disabled as the purpose is to avoid clickjacking attacks as noted in the description.

Currently, the only workaround for this is to disable the x-frame option though.
 

hiredgeek

Member
Jul 9, 2014
12
1
53
cPanel Access Level
Root Administrator
Thanks Lauren,

I'd also like to note that webmail.domain.com works fine.
Only domain.com/webmail has the loading problem.

For now, I can direct my new users to to webmai.domain.com because this is a new server that I'm having the issue on.
 
  • Like
Reactions: cPanelLauren