Recent Posts

1

Information / Re: Roundcube big security issue.

« Last post by cyberspace on Today at 05:54:41 PM »

The extra step is necessary to close the breach. In other case the logs can be accessed over the URLs like:

https://webmail.DOMAIN.COM/logs/errors.log
https://webmail.DOMAIN.COM:2096/logs/errors.log

Add the following "location":

Code: [Select]

    location ~ \.log$ {
        deny all;
    }

into the both "server" sections of the file /usr/local/cwpsrv/conf.d/webmail.conf.

Example:

Code: [Select]

    location ~ \.log$ {
        deny all;
    }
    location / {

then restart cwpsrv:

Code: [Select]

service cwpsrv restart

2

CentOS 8 Problems / Re: Problem with webmail roundcube

« Last post by cfreire on Today at 05:06:04 PM »

Hi my friends, oh thank you by your replies.... The close session process helped to me... I will intend upgrade the version too and the tls certs. Thank you very much. Rgards. =D

3

Suggestions / Re: :):):) Comodo WAF rules update required :):):)

« Last post by Starburst on Today at 01:04:19 AM »

The other never auto updated either for some reason, but this manually update won't.

Path names would all change to the new version, so I'm not sure how a script might do this or not.

4

Information / Re: Roundcube big security issue.

« Last post by Starburst on Today at 12:58:34 AM »

All of our CWP installation didn't have this issue.

Logs where not accessible, the screen up up with the generic permission denied screen.

But a working ModSecurity properly configured seems to block it, along with updating to RoundCube 1.5.9, which is a LTS version.

5

CentOS-WebPanel GUI / Re: Admin panel: left side menu not responsive

« Last post by overseer on Today at 12:56:35 AM »

What browser are you using to access? Any potentially interfering extensions (ad blocking, cookies, tracker blocking)?
Try a Private/Incognito window and connect to your server. See if you get the same behavior.

6

CentOS-WebPanel GUI / Admin panel: left side menu not responsive

« Last post by JM_Stoorvogel on February 20, 2025, 10:20:08 PM »

Very pleased with CWP, coming from cPanel.

But: almost always, the CWP7pro.admin left menu is not responsive to clicking. Only a refresh (F5) of dashboard click (only item that works) will make the menu responsive again.

Sometimes expanded menu's are also collapsed. This behaviour is driving me nuts...

Howto disable or fix it??

Using: AlmaLinux 8 in an lxc container on Proxmox.

7

Information / Re: Roundcube big security issue.

« Last post by rcschaff on February 20, 2025, 07:22:13 PM »

Won't this get overwritten on CWP updates?

Most likely.  But it's a solution that the coders can implement when they see it on the forum

8

CentOS-WebPanel Bugs / Re: Cronjob not added from user panel

« Last post by Jamshed Datori on February 20, 2025, 04:28:02 PM »

and no one from CWP support bothers fixing this issue.

9

Problems on other RedHat linux servers / Re: I can send and receive messages via the web, but it doesn't work through the...

« Last post by overseer on February 20, 2025, 01:56:00 PM »

I would suggest you look here:
https://www.awsmonster.com/how-to-secure-postfixdovecot-on-cwp

10

Suggestions / Re: :):):) Comodo WAF rules update required :):):)

« Last post by venty on February 20, 2025, 10:10:04 AM »

The only thing left is to:

nano crs-setup.conf

Code: [Select]

# SecDefaultAction "phase:1,log,auditlog,pass"
# SecDefaultAction "phase:2,log,auditlog,pass"

Uncomment:

Code: [Select]

SecDefaultAction "phase:1,log,auditlog,deny,status:403"
SecDefaultAction "phase:2,log,auditlog,deny,status:403"

Hi,

thank you very much....

and that's all, will they update?

BR
Venty