I have mailman setup to use SSL (As it should be) however when you login to the admin you can't submit anything because the value of web_page_url is http:// instead of https://. I tried to update it manually and it worked, but when I return a few days later the value has been automatically updated without my permission. How do I force the change to web_page_url of mailman to stay unchanged?
Hello,
Would you mind sharing the specific steps you are taking to change the Mailman URL so we are reproducing the issue the same way as you?
Thank you.
I am having the same problem, I changed the url this way
1) Login to the server via SSH and go to
/usr/local/cpanel/3rdparty/mailman/bin
2) Execute command
./withlist -l -r fix_url list_name --urlhost=host2.example.com
1) Login to the server via SSH and go to
/usr/local/cpanel/3rdparty/mailman/bin
2) Execute command
./withlist -l -r fix_url list_name --urlhost=host2.example.com
Would you mind opening a support ticket using the link in my signature so we can take a closer look? You can post the ticket number here so we can update this thread with the outcome.
Thank you.
Thank you.
I run this command and it shows the current config:
/usr/local/cpanel/3rdparty/mailman/bin/dumpdb /usr/local/cpanel/3rdparty/mailman/lists/alerts_domainofaccount.com/config.pck | grep web
I create a file named tmp with this contents:
mlist.web_page_url = 'https://hostnameof.cpanelserver.com/mailman/'
Then I run this command:
/usr/local/cpanel/3rdparty/mailman/bin/config_list -i tmp alerts_domainofaccount.com
And it works. But eventually this gets reveted back. So the question is what in Cpanel is changing it and how to force it to use https and hostname of cpanel server instead of http hostname of account?
/usr/local/cpanel/3rdparty/mailman/bin/dumpdb /usr/local/cpanel/3rdparty/mailman/lists/alerts_domainofaccount.com/config.pck | grep web
I create a file named tmp with this contents:
mlist.web_page_url = 'https://hostnameof.cpanelserver.com/mailman/'
Then I run this command:
/usr/local/cpanel/3rdparty/mailman/bin/config_list -i tmp alerts_domainofaccount.com
And it works. But eventually this gets reveted back. So the question is what in Cpanel is changing it and how to force it to use https and hostname of cpanel server instead of http hostname of account?
Hello,
While it's possible to change the mailman URL, it's important to note that no native feature exists to preserve these types of changes. cPanel updates call "/scripts/resetmailmanurls", which reverts the custom changes. I suggest voting and adding feedback to the following feature request if you want to see a change in this behavior:
MailMan - Make it configurable on a site basis, not server wide ( PCI-DSS Compliance )
In the meantime, you can use hooks to disable "/scripts/resetmailmanurls" during the cPanel update process. Here's one example of doing this:
Then, edit these files to match the following contents (Note the vi command is in code tags, but not part of the actual script):
Next, run the following commands to enable these scripts:
Keep in mind this will result in an error message during the upcp process when it tries to run "/scripts/resetmailmanurls", but the update itself will still proceed.
Thank you.
While it's possible to change the mailman URL, it's important to note that no native feature exists to preserve these types of changes. cPanel updates call "/scripts/resetmailmanurls", which reverts the custom changes. I suggest voting and adding feedback to the following feature request if you want to see a change in this behavior:
MailMan - Make it configurable on a site basis, not server wide ( PCI-DSS Compliance )
In the meantime, you can use hooks to disable "/scripts/resetmailmanurls" during the cPanel update process. Here's one example of doing this:
Code:
touch /root/preupcpscript.sh
touch /root/postupcpscript.sh
chmod 0755 /root/preupcpscript.sh
chmod 0755 /root/postupcpscript.sh
Code:
vi /root/preupcpscript.sh
#!/bin/sh
chmod 0000 /usr/local/cpanel/scripts/resetmailmanurls
chattr +i /usr/local/cpanel/scripts/resetmailmanurls
Code:
vi /root/postupcpscript.sh
#!/bin/sh
chattr -i /usr/local/cpanel/scripts/resetmailmanurls
chmod 0755 /usr/local/cpanel/scripts/resetmailmanurls
Code:
/usr/local/cpanel/bin/manage_hooks add script /root/preupcpscript.sh --manual --category System --event upcp --stage pre
/usr/local/cpanel/bin/manage_hooks add script /root/postupcpscript.sh --manual --category System --event upcp --stage postThank you.
3 years and 2 votes.. that's never getting implemented.
Let me know when Cpanel plans to take security seriously. Anything other than HTTPS by default isn't.
Let me know when Cpanel plans to take security seriously. Anything other than HTTPS by default isn't.
We've recently made some changes to how we handle feature requests to help address concerns like this:
Please dedicate more cPanel staff to discuss things here in the Feature Request system
Hi. I’m benny. How can I help? | cPanel Blog
Thank you.
I found the Mailman option in cPanel is properly secured, is there any way to turn off the insecure mailman access?
Could you provide an example of how you are accessing Mailman over the insecure URL? For instance, is it directly through the cPanel interface over port 2082?
Thank you.
| Thread starter | Similar threads | Forum | Replies | Date |
|---|---|---|---|---|
| D | Forwarded Email - Change Subject | 1 | ||
|
Migration of e-mails from Exchange using ADFS + OpenID | 1 | ||
| J | SOLVED Change parked domain to primary without losing email accounts on parked domain | 4 | ||
| J | Roundcube timezone won't change | 3 | ||
| J | Using Sucuri Firewall the mx record must be changed. | 7 |