The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Permanently remove cPanel redirects

Discussion in 'EasyApache' started by DanH42, Sep 12, 2016.

  1. DanH42

    DanH42 Active Member

    Joined:
    Sep 11, 2011
    Messages:
    35
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Bloomington, IL
    cPanel Access Level:
    Root Administrator
    We keep all our cPanel services on a dedicated IP, and don't allow connections on non-HTTP ports on any of our other IPs. With this redirection in place, bots will hit example.com/cpanel, get redirected to our management IP, and then start brute-forcing. We obviously have brute force protections in place, but the number of brute force attempts we see always dramatically increases whenever these redirects exist.

    This is the section of httpd.conf I'm talking about:

    Code:
    <IfModule alias_module>
        ScriptAliasMatch ^/?controlpanel/?$ /usr/local/cpanel/cgi-sys/redirect.cgi
        ScriptAliasMatch ^/?cpanel/?$ /usr/local/cpanel/cgi-sys/redirect.cgi
        ScriptAliasMatch ^/?kpanel/?$ /usr/local/cpanel/cgi-sys/redirect.cgi
        ScriptAliasMatch ^/?securecontrolpanel/?$ /usr/local/cpanel/cgi-sys/sredirect.cgi
        ScriptAliasMatch ^/?securecpanel/?$ /usr/local/cpanel/cgi-sys/sredirect.cgi
        ScriptAliasMatch ^/?securewhm/?$ /usr/local/cpanel/cgi-sys/swhmredirect.cgi
        ScriptAliasMatch ^/?webmail$ /usr/local/cpanel/cgi-sys/wredirect.cgi
        ScriptAliasMatch ^/?webmail/ /usr/local/cpanel/cgi-sys/wredirect.cgi
        ScriptAliasMatch ^/?whm/?$ /usr/local/cpanel/cgi-sys/whmredirect.cgi
    
        Alias /bandwidth /usr/local/bandmin/htdocs/
        Alias /img-sys /usr/local/cpanel/img-sys/
        Alias /java-sys /usr/local/cpanel/java-sys/
        Alias /mailman/archives /usr/local/cpanel/3rdparty/mailman/archives/public/
        Alias /pipermail /usr/local/cpanel/3rdparty/mailman/archives/public/
        Alias /sys_cpanel /usr/local/cpanel/sys_cpanel/
    
        ScriptAlias /cgi-sys /usr/local/cpanel/cgi-sys/
        ScriptAlias /mailman /usr/local/cpanel/3rdparty/mailman/cgi-bin/
        ScriptAlias /scgi-bin /usr/local/cpanel/cgi-sys/scgiwrap
    </IfModule>
    This doesn't seem to be something that could be overridden from one of the
    pre/post_virtualhost_global.conf includes. In the past, I've been able to run apache_conf_distiller --update and see my changes stick after running /scripts/rebuildhttpdconf. However, time passes, and at some point it ends up back in there again anyway. As of today, the rebuildhttpdconf script puts the redirects back in no matter what I do first.

    Where are these original redirects located, and how can I kill them once and for all?
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,765
    Likes Received:
    662
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello,

    You can complete the following steps to remove or modify these entries:

    1. Copy the Apache 2.4 template for EasyApache 4 to allow for customization:

    Code:
    cp -a /var/cpanel/templates/apache2_4/ea4_main.default /var/cpanel/templates/apache2_4/ea4_main.local
    2. Edit /var/cpanel/templates/apache2_4/ea4_main.local to remove the alias entries:

    Code:
    vi /var/cpanel/templates/apache2_4/ea4_main.local
    3. Save the changes, and then run:

    Code:
    /scripts/rebuildhttpdconf
    Thank you.
     
Loading...

Share This Page