Been reading some of the posts about boxtrapper. Frankly, I think it's bad news and the quickest way to get a server blacklisted due to misdirected challenge responses. But that's just my opinion.
Here's my problem: I enabled boxtrapper on a server, played with it and then disabled it. Seems that by doing that, the thing is still enabled because the links to it are still available form the webmail login with the X and X2 themes even though is is switched off in the feature list.
Short of doing a rm -fr /usr/local/cpanel/base/frontend/xcontroller/boxtrapper or editing the skins to make the links go away, does anyone know how to kill this thing for good so customers can't use it?