May 13, 2023
Papua New Guinea
cPanel Access Level
Reseller Owner
I am hosting my simple html web page files on an account sold by a re-seller hosting package. I would like my my email users to go to the website and go to the login page fill in username and password information click on the login button so that it takes them direct to roundcube webmail inbox. After they logout they are re-directed to my website rather than cPanel logout page.

I would like to avoid cPanel Login and Logout Pages. How can I do that?


Feb 16, 2023
cPanel Access Level
Root Administrator
So, you'd be able to accomplish one of these two objectives without too much fuss. Details below:

You would likely want to use the API's create_webmail_session (after whatever you need to do to authenticate your users). Then to jump directly into Roundcube you'd want to replace the bits for the cpsession, etc. in the link to roundcube to what you got from that call, with whatever login page you have simply redirecting there as its' last action. The logout is more complex, as it would require an additional plugin file and directly editing one of roundcube's files (to alter the hyperlink the logout button links to). The additional plugin file would be what you edit the link in roundcube's files to point to, and all it would ultimately do is expire the session (thankfully, the link for that is what the link in roundcube you'd be editing is, so the plugin can simply do an http request to that page then redirect back to your site). I have an example webmail plugin here if you need something like that to tinker with. One last concern is regarding the file you would have needed to edit to insert whatever link to your "logout to my website instead of cPanel" plugin you whip up -- this is controlled by RPM/DEB package management, so will be replaced on upgrade/maintenance runs. You'd need a post maintenance hook to re-edit the file every time that happens (which is somewhat of a pain, but possible. See our documentation on standardized hooks).

One more thing you might be interested in is preventing "easy" access to other webmail applications. For that you'd want to do the following:
Remove the `return_to_webmail` plugin within roundcube itself, which would require editing roundcube's configuration in `/usr/local/cpanel/base/3rdparty/roundcube/config/`. We use an include to add that to the plugins list if it doesn't exist down at the bottom of the file, so you'd want to do that after we include that file so that you can remove that from the $config['plugins'] array. If you aren't familiar with how to do that in PHP, I would suggest familiarizing yourself with array_filter.

Hopefully that helps. If that sounds too hard, my apologies, but that was the most straightforward way I could think of getting this done.

Note: Edited after reread to utilize create_webmail_session instead of create_user_session, as we aren't in the WHM context per user's question.
Last edited:
  • Like
Reactions: cPRex