Disallow visting sites as add-on domains example: https://maindomain.com/addondomain.co.uk

inteldigital

Well-Known Member
Apr 5, 2018
87
15
8
England
cPanel Access Level
Root Administrator
Twitter
Hi,

I have my cPanel set up as having addon domains within public_html, but I have my main website in the root of public_html. Problem is, anybody with knowledge can access anything in that directory as trailing slash URL from my main website.

For example https://one.uk/two.co.uk/ one.uk is my main domain and two.co.uk is an add-on domain. If I visit this URL, it will take me to two.co.uk, but have one.uk in the URL, I don't want this behaviour. How can I stop it?

Thanks
 

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,296
1,261
313
Houston
Hello @inteldigital

It wouldn't be feasible to block access to a subfolder within the public_html as most sites use this structure as well. Technically, you're just accessing one.uk/folder/ which is a perfectly reasonable and action and in most cases necessary.

The solution for this would be to place the addon and/or subdomain folders in /home rather than public_html