Hello dear, The Cpanel Company cant show 1 solution to block cpanel forward on specific account (hackers hijack LOGIN/PASSWORD MAIL) and with block WEBMAILS even so grant access to MAIL ACCOUNT settings (with Mail Forward Interface). Hackers add an account mail to receive messages (criminal). Even so block domain.tld/webmail (roundcube), account will be logged into domain.tld:2095/2096 ports and estabilish connection with Mail Account Icons (Mailforward).
To Disable this interface for mail accounts (AND NOT DISABLE TO CPANEL ACCOUNT)
To block this follow steps:
vim /usr/local/cpanel/base/webmail/jupiter/index.ttvim (or another editor)…
(Cpanel use Template Toolkit language)… on top file add:
[%-
# Existing code ...
# Get the domain from the request
SET domain = execute('Domain', 'get_current_domain').data;
# Check if the domain contains the term "DOMAINTERM"
IF domain =~ /DOMAINTERM/;
# Terminate the script or redirect
SET terminate_script = 1;
ELSE;
SET terminate_script = 0;
END;
# Check if we need to terminate the script
IF terminate_script;
# You can use an appropriate method to stop execution or redirect
# This is a placeholder. Adjust according to your needs.
SET mail_client_url = "";
END;
# Continue with existing logic...
# Existing code ...
-%]
Change line:
IF domain =~ /DOMAINTERM/; to IF domain =~ /PARTOFMYDMOAIN.TLD OR NOT TLD/;
After this, save if you need change this permanently use chattr +ai /usr/local/cpanel/base/webmail/jupiter/index.tt
OBS:
If your sintax appear crashed, try this:
(open file index.auto.tmpl) in same folder into this replace all content for:
ty <3.