cPanel Addon Domain Management

In this article I discuss cPanel addon domain management and what you need to do to prevent your website being accessible by multiple different domain names when you run more than one site using cPanel (known as add-on domains). You don’t want a site to be accessible by multiple different domain names as you’ll suffer a duplicate content penalty in search engine listings.  

Background

For the first time I’ve started hosting websites like everyone else in the world e.g. paying money to a company to run a server that hosts sites. I’ve been running one or more sites since about 1998 and back then the only real option was to run your own server and, in my case, write my own content management system. I never really stopped hosting my own sites because it was an interesting break from the day job of software development and I was running a server for that anyway. Over the last few years though I’ve found myself with less and less free time though so I’ve now, finally, taken the plunge and bought into commercial site hosting.

The Problem – cPanel Addon Domain Management

The default in cPanel is to put an add-on domain in the ~/public_html/addon.com directory. This results in your new add-on site being accessible by three different routes:

  • www.main.com/addon.com
  • addon.main.com and www.addon.main.com
  • addon.com

Obviously you only want your add-on to be accessible by addon.com as this is the route most people expect. Unfortunately search engines will, eventually, find the other options and index your site using those URL’s as well resulting in a penalty for your content. Not only that it doesn’t look very professional if your main site suddenly morphs into your add-on site because the user found an forgotten link.

The Fix – cPanel Addon Domain Management

First you want to stop access to your domain by the subdomain route (e.g. addon.main.com). There are a couple of different ways your can do this but the simplest is to just remove the DNS entries that cPanel will have added to your main domain. There will be entries for addon.main.com and www.addon.main.com as well as a few others depending on how cPanel is configured. You don’t want any entries of the form addon.main.com. If you look in at the DNS entries for your addon domain you’ll find an entry for addon.com and all the others that you should delete from your main domains DNS records..

If for some reason you can’t or don’t want to modify your DNS entries then you can use the Apache rewrite plugin to re-route requests to addon.main.com to addon.com like this:

<IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteCond %{HTTP_HOST} ^addon\.main\.com$ [OR] 
    RewriteCond %{HTTP_HOST} ^www\.addon\.main\.com$ 
    RewriteRule ^(.*)$ "http\:\/\/www\.addon\.com\/$1" [R=301,L]
</IfModule>

What this does is direct anyone coming to the site at addon.main.com and www.addon.main.com to www.addon.com using a 301 (moved permanently) response. This should be placed in the .htaccess file in the root of your addon domain. Note that cPanel might automatically create a .htaccess file when it installs WordPress in which case you can modify it, since this is a dot file it might also be hidden.

For a slightly more catch all rewrite you could instead use this:

<IfModule mod_rewrite.c>
    RewriteEngine on
    RewriteCond %{HTTP_HOST} !^www\.addon\.com$ [NC]
    RewriteRule ^(.*)$ http://www.addon.com/$1 [L,R=301]
</IfModule>

This says redirect to www.addon.com if the domain the user reached the page on isn’t www.addon.com. Either will work, the first is more targeted and so to my mind the safer solution.

The second route to stop access thorough is the subdirectory of your main domain (e.g. www.main.com/addon.com). As with the subdomain problem this can be stopped in a couple of different ways. The problem is caused by the fact that when cPanel installs subdomains they are, by default, placed in directories within the public_html directory. Since cPanel assigns the public_html directory to the main domain all the subdomains are reachable simply by crafting an appropriate URL. I’m guessing this behaviour is a legacy of when cPanel only managed a single domain but I find it irritating. When I host multiple domains on a machine I give each their own directory on the server, there is no main domain controlling public_html.

One way to stop this is to install addon domains into a directory that isn’t under public_html. cPanel has been able to do this for a while but not all hosts seem to offer the feature. If your host does offer this feature then you’ll have an addon domain creation form that looks like this:

cPanel Addon Domain Management

By default the document root will be populated with public_html/addon.com but you can change that to something like addons/addon.com which will prevent anyone from accessing your addon domain through the newly created folder.

Another solution is to use the Apache rewrite module again although these aren’t as effective. You can place something like this in the addon domains .htaccess file.

<IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteCond %{HTTP_HOST} !addon\.com$
    RewriteRule [addon]?(.*) http://www.addon.com/$1 [R=301,L]
</IfModule>

Alternatively you can use something like this to issue a 404 error if they try to access the addon domain. A 404 is perhaps more appropriate here since the user is actually trying to access a page using the wrong domain.

<IfModule mod_rewrite.c>
    RewriteEngine On 
    RewriteCond %{HTTP_HOST} ^(www.)?main.com$ [NC] 
    RewriteCond %{REQUEST_URI} ^/addon.com/(.*)$ [OR] 
    RewriteCond %{REQUEST_URI} ^/addon2.com/(.*)$ [OR] 
    RewriteRule ^(.*)$ - [L,R=404]
</IfModule>

This has to be placed in the .htaccess file in the root of the main domain. As you can see you can cover multiple addon domains by using the [OR] function.

Resources