Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

How to force login when accessing webmail via cPanel

Discussion in 'E-mail Discussion' started by ramystyle, Mar 8, 2019.

  1. ramystyle

    ramystyle Well-Known Member

    Joined:
    Feb 9, 2004
    Messages:
    67
    Likes Received:
    0
    Trophy Points:
    156
    Location:
    Montreal
    Hi,

    A user of mine accessed his cPanel and told me that he can access all email accounts via webmail once he is logged in to cPanel. He is not asked to enter a password for each email account.

    I tried changing "Mail authentication via domain owner password" in whm to on and off but nothing changed.

    I would like to force a logged in user in cPanel to enter the password for an email account before viewing its inbox.

    Thanks for your help.
     
  2. ramystyle

    ramystyle Well-Known Member

    Joined:
    Feb 9, 2004
    Messages:
    67
    Likes Received:
    0
    Trophy Points:
    156
    Location:
    Montreal
    The title should read « via cpanel ».
     
  3. cPanelLauren

    cPanelLauren Forums Analyst II Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    5,734
    Likes Received:
    436
    Trophy Points:
    233
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi @ramystyle


    I'm a bit confused here, you should most definitely be asked for a password when logging into an email account unless you're logged in as the cPanel user, in which case you can access other email accounts from the cPanel UI.

    Would it be possible to provide screenshots/more information on how the user is accessing?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. ramystyle

    ramystyle Well-Known Member

    Joined:
    Feb 9, 2004
    Messages:
    67
    Likes Received:
    0
    Trophy Points:
    156
    Location:
    Montreal
    Don’t be confused.
    Your understanding is correct. If user tried to access webmail, he is asked for a username and password.

    If user is logged into Cpanel, the he has access to all emails inboxes without the need to enter a password. I would like to for that user to enter a password because I don’t want him to go read other users emails. He needs cpanel access to add remove emails but I would like to limit him to not view the inboxes of all email accounts within Cpanel..

    Let me know if I’m not clear.
     
  5. cPanelLauren

    cPanelLauren Forums Analyst II Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    5,734
    Likes Received:
    436
    Trophy Points:
    233
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hello @ramystyle

    This isn't possible as the cPanel user is meant to be an administrative user - they have access to all emails on the account through file manager as well. The only method to restrict access to email accounts would be through the package's feature list by removing the "Email Accounts" feature but this would also restrict them from managing, creating or removing email accounts as well.

    Our reasoning behind this decision is detailed here: Remove 'Access Webmail' from Email Accounts

    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice