This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
31
Updates / Re: Roundcube vulnerability
« on: April 09, 2026, 03:09:47 PM »
I believe the error happens with the install line, using the default RC install script:Code: [Select]yes | "$src_dir/bin/installto.sh" "$INSTALL_DIR"
Put:
Code: [Select]
set -euo pipefailright after:Code: [Select]
#!/usr/bin/env bashand:Code: [Select]
if [[ $? -ne 0 ]]; then
echo "Install script failed!"
send_email "Update FAILED" "Server: $(hostname)\nStatus: installto.sh failed\nBackup: $backup_dir\nTime: $(date)"
exit 6
fi
right after:
Code: [Select]
echo "Running install script..."
yes | "$src_dir/bin/installto.sh" "$INSTALL_DIR"32
Updates / Re: Roundcube vulnerability
« on: April 08, 2026, 10:38:27 PM »
I had a problem with it.
Seems CWP is running php-7.2.30 without php-intl extension.
Roundcube needs this extension to detect Spoofing.
Seems "roundcube" running on my system doesn't require intl. Anyway, if your roundcube requires it you can compile the extension from sources:
As root:
Code: [Select]
cd /usr/local/src/
wget https://www.php.net/distributions/php-7.2.30.tar.gz
tar -xvzf php-7.2.30.tar.gz
cd php-7.2.30/ext/intl
/usr/local/cwp/php71/bin/phpize
./configure --with-php-config=/usr/local/cwp/php71/bin/php-config
make
cp modules/intl.so /usr/local/cwp/php71/lib/php/extensions/no-debug-non-zts-20170718/
open the file /usr/local/cwp/php71/php.ini for editing and add the line:Code: [Select]
extension = intl.so
right before:Code: [Select]
zend_extension = /usr/local/ioncube/ioncube_loader_lin_7.2.so
remove sources and extracted files
Code: [Select]
rm -rf /usr/local/src/php-*
33
Updates / Re: Roundcube vulnerability
« on: April 08, 2026, 09:34:54 PM »Just used your script to update to 1.5.15 LTS -- on one server it worked fine, but on another server it errored out due to the system() function being disabled in that version of PHP
Hi,
Sorry for the delayed reply. I’ve been away from home for a while and only have occasional access to my PC.
Anyway, the script doesn't use the function like system() or exec(). Do you run the script from PHP using system() ?
34
MySQL / Re: Allow Remote Access to MariaDB Database
« on: March 30, 2026, 10:22:42 PM »
If you want to provide remote access to MariaDB/MySQL from some specific IP then:
1. Configure MySQL/MariaDB listening the public IP address of your server or local IP address if the connection come from the local users. Look at "bind-address" it mysql/mariadb config
2. Disable or comment "skip-networking" in mysql/mariadb config
3. Open the port 3306 in CSF/firewall for specific IP address only
tcp|in|d=3306|s=put_remote_ip_here
4. Restart CSF/Firewall
5. Make the user allowed to connect to the database from the remote IP.
I recommend you to look at the docs https://mariadb.com/docs/server/mariadb-quickstart-guides/mariadb-remote-connection-guide
1. Configure MySQL/MariaDB listening the public IP address of your server or local IP address if the connection come from the local users. Look at "bind-address" it mysql/mariadb config
2. Disable or comment "skip-networking" in mysql/mariadb config
3. Open the port 3306 in CSF/firewall for specific IP address only
tcp|in|d=3306|s=put_remote_ip_here
4. Restart CSF/Firewall
5. Make the user allowed to connect to the database from the remote IP.
I recommend you to look at the docs https://mariadb.com/docs/server/mariadb-quickstart-guides/mariadb-remote-connection-guide
35
PHP / Re: When will PHP 8.4 be released in CWP?
« on: March 08, 2026, 07:49:33 PM »
@cHAp, I can provide instructions on how to build PHP 8.4 for PHP version switcher. The method is semi-manual: some steps are provided by CWP itself, and some must be done manually.
Let me know if you are interested.
Let me know if you are interested.
36
PHP / Re: When will PHP 8.4 be released in CWP?
« on: March 08, 2026, 10:38:34 AM »
Do you use PHP Version Switcher, PHP Selector or PHP-FPM selector ?
Additionally, I recommend you to ignore djprmf. His/her messages have no sense.
Additionally, I recommend you to ignore djprmf. His/her messages have no sense.
37
Updates / Re: Roundcube vulnerability
« on: March 07, 2026, 06:21:53 PM »
If you aren't satisfied with CWP then I don't understand why you are here.
Don't waste your time. I wish you luck finding another modern all-in-one control panel that meets your requirements.
Don't waste your time. I wish you luck finding another modern all-in-one control panel that meets your requirements.
38
CentOS 7 Problems / Re: Unable to Access CWP Panel : 500 Error
« on: March 04, 2026, 02:41:46 PM »
EXT4 supports the attribute "immutable".
Run:
and show output again.
Run:
Code: [Select]
rpm -qa | grep cwpphp
ls -l /usr/local/cwp/php71/bin/php
yum search cwpphpand show output again.
39
CentOS 7 Problems / Re: Unable to Access CWP Panel : 500 Error
« on: February 28, 2026, 09:53:31 AM »40
Other / Re: Goodbye CWP — I’m done for good
« on: February 23, 2026, 10:49:12 PM »
My time costs money, and I'm afraid I don't have free time to prove anything.
Anyway, CWP meets my requirements and customization options. If any problems with CWP arise, I’m able to solve them on my own. My CWP servers work with newest php versions and are connected to a custom DNS cluster with live DNS zone updates. It requires technical skills but CWP allows to do it.
If you’ve made the decision to leave CWP, then you’re just wasting your time by posting here. Sad but true.
Anyway, CWP meets my requirements and customization options. If any problems with CWP arise, I’m able to solve them on my own. My CWP servers work with newest php versions and are connected to a custom DNS cluster with live DNS zone updates. It requires technical skills but CWP allows to do it.
If you’ve made the decision to leave CWP, then you’re just wasting your time by posting here. Sad but true.
41
Other / Re: Goodbye CWP — I’m done for good
« on: February 23, 2026, 09:28:45 AM »
I like this:
The usual reply: “Go buy a paid panel then.” Cool. That’s exactly what I did because when clients are paying me, I need reliability and support, not forum drama.
It sound like:
Users pay me to get reliability and support but I don't pay. However I require reliability and support )
or... I missed something.
The usual reply: “Go buy a paid panel then.” Cool. That’s exactly what I did because when clients are paying me, I need reliability and support, not forum drama.
It sound like:
Users pay me to get reliability and support but I don't pay. However I require reliability and support )
or... I missed something.
42
CentOS 9 Problems / Re: mysql update
« on: February 23, 2026, 09:08:16 AM »
If you followed all instructions and there were no errors during the upgrade then MySQL should be updared. Where do you see MySQL 10.5 ?
Can you connect to the server over SSH, run one by one:
Can you connect to the server over SSH, run one by one:
Code: [Select]
# rpm -qa | egrep -i '(mysql|mariadb)'
# mysql
select version();
and show output ?
43
Updates / Re: Roundcube vulnerability
« on: February 22, 2026, 03:10:42 PM »
Update to the script listed here:
http://forum.centos-webpanel.com/updates/roundcube-vulnerability/msg53064/#msg53064
Changelog:
Added the option to enable/disable email notifications
http://forum.centos-webpanel.com/updates/roundcube-vulnerability/msg53064/#msg53064
Changelog:
Added the option to enable/disable email notifications
Code: [Select]
ENABLE_NOTIFICATIONS=true # true/false to enable/disable notificationsThanks @overseer for the ideaCode: [Select]
#!/usr/bin/env bash
####################################################################################
# #
# The MIT License (MIT) #
# #
# Copyright (c) 2026 BeinHost.com #
# #
# Permission is hereby granted, free of charge, to any person obtaining a copy #
# of this software and associated documentation files (the "Software"), to deal #
# in the Software without restriction, including without limitation the rights #
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell #
# copies of the Software, and to permit persons to whom the Software is #
# furnished to do so, subject to the following conditions: #
# #
# The above copyright notice and this permission notice shall be included in all #
# copies or substantial portions of the Software. #
# #
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR #
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, #
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE #
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER #
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, #
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE #
# SOFTWARE. #
# #
####################################################################################
########################################
# CONFIG
########################################
BASE_DIR="/usr/local/cwpsrv/var/services"
INSTALL_DIR="$BASE_DIR/roundcube"
PAGE_URL="https://roundcube.net/download/"
OWNER="cwpsvc:cwpsvc"
EMAIL="address@domain.com" # set your email address here
ENABLE_NOTIFICATIONS=true # true/false to enable/disable notifications
SUBJECT_PREFIX="[Roundcube Updater]"
cd "$BASE_DIR"
########################################
# Send notofication
########################################
send_email() {
if [ "$ENABLE_NOTIFICATIONS" = true ]; then
local subject="$1"
local body="$2"
# use mail command
echo -e "$body" | mail -s "$SUBJECT_PREFIX $subject" "$EMAIL"
fi
}
########################################
# Detect installed version
########################################
INI_FILE="$INSTALL_DIR/program/include/iniset.php"
if [[ ! -f "$INI_FILE" ]]; then
echo "Cannot detect installed version (iniset.php missing)."
exit 2
fi
installed_version=$(grep -oE "RCMAIL_VERSION',[[:space:]]*'[^']+'" \
"$INI_FILE" | sed -E "s/.*'([^']+)'.*/\1/")
installed_version=$(echo "$installed_version" | tr -d '\r\n[:space:]')
echo "Installed version: $installed_version"
########################################
# Detect latest LTS version + checksum
########################################
lts_block=$(curl -fsSL "$PAGE_URL" \
| awk '/<h2 id="lts">/,/<\/table>/')
download_url=$(echo "$lts_block" \
| grep -oE 'https://[^"]+-complete\.tar\.gz' \
| head -n1)
latest_version=$(echo "$download_url" \
| sed -E 's/.*roundcubemail-([0-9]+\.[0-9]+\.[0-9]+)-complete\.tar\.gz/\1/')
latest_version=$(echo "$latest_version" | tr -d '\r\n[:space:]')
sha256_expected=$(echo "$lts_block" \
| grep -oE '[a-f0-9]{64}' \
| head -n1)
if [[ -z "$download_url" || -z "$latest_version" || -z "$sha256_expected" ]]; then
echo "Failed to detect latest LTS release."
send_email "Update failed" "Server: `hostname`\nFailed to detect latest LTS release.\nTime: $(date)"
exit 3
fi
########################################
# Compare versions
########################################
version_gt() {
[ "$1" = "$2" ] && return 1
local IFS=.
local i ver1=($1) ver2=($2)
for ((i=${#ver1[@]}; i<${#ver2[@]}; i++)); do ver1[i]=0; done
for ((i=${#ver2[@]}; i<${#ver1[@]}; i++)); do ver2[i]=0; done
for ((i=0; i<${#ver1[@]}; i++)); do
if ((10#${ver1[i]} > 10#${ver2[i]})); then return 0; fi
if ((10#${ver1[i]} < 10#${ver2[i]})); then return 1; fi
done
return 1
}
#echo "Installed: [$installed_version]"
#echo "Latest: [$latest_version]"
if version_gt "$latest_version" "$installed_version"; then
echo "Update available."
send_email "Update successful" "Server: `hostname`\nStatus: Roundcube updated successfully!\nPrevious version: $installed_version\nNew version: $latest_version\nBackup directory: $backup_dir\nTime: $(date)"
elif version_gt "$installed_version" "$latest_version"; then
echo "Installed version is newer than LTS."
send_email "Installed version newer than LTS" "Server: `hostname`\nStatus: Installed Roundcube version ($installed_version) is newer than latest LTS ($latest_version).\nNo update performed.\nTime: $(date)"
else
echo "Latest LTS version:" "$latest_version"
echo "Already up to date."
send_email "No update needed" "Server: `hostname`\nStatus: Roundcube is already up to date.\nInstalled version: $installed_version\nLatest LTS: $latest_version\nTime: $(date)"
exit 0
fi
########################################
# Backup current installation
########################################
backup_dir="roundcube_backup_v${installed_version}_$(date +%F_%H%M%S)"
echo "Creating backup: $backup_dir"
cp -a roundcube "$backup_dir"
########################################
# Download release
########################################
filename=$(basename "$download_url")
echo "Downloading $filename"
curl -fL -o "$filename" "$download_url"
########################################
# Verify SHA256
########################################
echo "Verifying checksum..."
sha256_actual=$(sha256sum "$filename" | awk '{print $1}')
if [[ "$sha256_actual" != "$sha256_expected" ]]; then
echo "Checksum verification FAILED!"
rm -f "$filename"
send_email "Server: `hostname`\nUpdate FAILED" "Status: Roundcube update failed!\nInstalled version: $installed_version\nLatest version: $latest_version\nBackup: $backup_dir\nReason: SHA256 mismatch or extraction failure\nTime: $(date)"
exit 4
fi
echo "Checksum OK."
########################################
# Extract + Install
########################################
echo "Extracting..."
tar -xzf "$filename"
src_dir="roundcubemail-$latest_version"
if [[ ! -d "$src_dir" ]]; then
echo "Extraction failed. Directory $src_dir not found."
exit 5
fi
echo "Running install script..."
yes | "$src_dir/bin/installto.sh" "$INSTALL_DIR"
########################################
# Fix permissions
########################################
chown -R "$OWNER" roundcube
########################################
# Cleanup
########################################
rm -rf "$src_dir" "$filename"
echo "Update completed successfully!"
echo "Now running version: $latest_version"
send_email "Update successful.\nStatus: Roundcube updated: $installed_version -> $latest_version\nBackup: $backup_dir"
44
Updates / Re: Roundcube vulnerability
« on: February 22, 2026, 10:41:34 AM »
I just set the permissions on the script like:
I should probably have written these instructions in my previous message.
Code: [Select]
chown admin:admin /script/update_roundcube.sh # replace "admin:admin" with your admin username and group.
chmod 700 /script/update_roundcube.sh
so no one except "admin" would be allowed to run the script.I should probably have written these instructions in my previous message.
45
Updates / Re: Roundcube vulnerability
« on: February 21, 2026, 10:40:13 PM »
Hi guys,
I've developed a script to update Roundcube for CWP to the latest LTS version.
What does the script do ?
1. I parses the page:
https://roundcube.net/download/
to identify the latest LTS version of Roundcub and URL to .tag.gz file.
2. Compares the versions (installed and available at the website)
3. If the installed version is older than available then:
3a. Makes backup of the currently installed Roundcube
3b. Downloads the .tar.gz file from the website
3c. Checks the checksum to make sure the downloaded file isn't corrupted
3d. Updates Roundcube
3e. Sends a notification to the user (address is specified in the script)
If the versions are the same or installed version is never then just sends an simple notification like "no update needed".
I tested the script some time and it worked fine for me. However, please note, you use the script on your own risk (MIT License) )
I've developed a script to update Roundcube for CWP to the latest LTS version.
What does the script do ?
1. I parses the page:
https://roundcube.net/download/
to identify the latest LTS version of Roundcub and URL to .tag.gz file.
2. Compares the versions (installed and available at the website)
3. If the installed version is older than available then:
3a. Makes backup of the currently installed Roundcube
3b. Downloads the .tar.gz file from the website
3c. Checks the checksum to make sure the downloaded file isn't corrupted
3d. Updates Roundcube
3e. Sends a notification to the user (address is specified in the script)
If the versions are the same or installed version is never then just sends an simple notification like "no update needed".
Code: [Select]
#!/usr/bin/env bash
####################################################################################
# #
# The MIT License (MIT) #
# #
# Copyright (c) 2026 BeinHost.com #
# #
# Permission is hereby granted, free of charge, to any person obtaining a copy #
# of this software and associated documentation files (the "Software"), to deal #
# in the Software without restriction, including without limitation the rights #
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell #
# copies of the Software, and to permit persons to whom the Software is #
# furnished to do so, subject to the following conditions: #
# #
# The above copyright notice and this permission notice shall be included in all #
# copies or substantial portions of the Software. #
# #
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR #
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, #
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE #
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER #
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, #
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE #
# SOFTWARE. #
# #
####################################################################################
########################################
# CONFIG
########################################
BASE_DIR="/usr/local/cwpsrv/var/services"
INSTALL_DIR="$BASE_DIR/roundcube"
PAGE_URL="https://roundcube.net/download/"
OWNER="cwpsvc:cwpsvc"
EMAIL="support@beinhost.com"
SUBJECT_PREFIX="[Roundcube Updater]"
cd "$BASE_DIR"
########################################
# Send notofication
########################################
send_email() {
local subject="$1"
local body="$2"
# use mail command
echo -e "$body" | mail -s "$SUBJECT_PREFIX $subject" "$EMAIL"
}
########################################
# Detect installed version
########################################
INI_FILE="$INSTALL_DIR/program/include/iniset.php"
if [[ ! -f "$INI_FILE" ]]; then
echo "Cannot detect installed version (iniset.php missing)."
exit 2
fi
installed_version=$(grep -oE "RCMAIL_VERSION',[[:space:]]*'[^']+'" \
"$INI_FILE" | sed -E "s/.*'([^']+)'.*/\1/")
installed_version=$(echo "$installed_version" | tr -d '\r\n[:space:]')
echo "Installed version: $installed_version"
########################################
# Detect latest LTS version + checksum
########################################
lts_block=$(curl -fsSL "$PAGE_URL" \
| awk '/<h2 id="lts">/,/<\/table>/')
download_url=$(echo "$lts_block" \
| grep -oE 'https://[^"]+-complete\.tar\.gz' \
| head -n1)
latest_version=$(echo "$download_url" \
| sed -E 's/.*roundcubemail-([0-9]+\.[0-9]+\.[0-9]+)-complete\.tar\.gz/\1/')
latest_version=$(echo "$latest_version" | tr -d '\r\n[:space:]')
sha256_expected=$(echo "$lts_block" \
| grep -oE '[a-f0-9]{64}' \
| head -n1)
if [[ -z "$download_url" || -z "$latest_version" || -z "$sha256_expected" ]]; then
echo "Failed to detect latest LTS release."
send_email "Update failed" "Server: `hostname`\nFailed to detect latest LTS release.\nTime: $(date)"
exit 3
fi
########################################
# Compare versions
########################################
version_gt() {
[ "$1" = "$2" ] && return 1
local IFS=.
local i ver1=($1) ver2=($2)
for ((i=${#ver1[@]}; i<${#ver2[@]}; i++)); do ver1[i]=0; done
for ((i=${#ver2[@]}; i<${#ver1[@]}; i++)); do ver2[i]=0; done
for ((i=0; i<${#ver1[@]}; i++)); do
if ((10#${ver1[i]} > 10#${ver2[i]})); then return 0; fi
if ((10#${ver1[i]} < 10#${ver2[i]})); then return 1; fi
done
return 1
}
#echo "Installed: [$installed_version]"
#echo "Latest: [$latest_version]"
if version_gt "$latest_version" "$installed_version"; then
echo "Update available."
send_email "Update successful" "Server: `hostname`\nStatus: Roundcube updated successfully!\nPrevious version: $installed_version\nNew version: $latest_version\nBackup directory: $backup_dir\nTime: $(date)"
elif version_gt "$installed_version" "$latest_version"; then
echo "Installed version is newer than LTS."
send_email "Installed version newer than LTS" "Server: `hostname`\nStatus: Installed Roundcube version ($installed_version) is newer than latest LTS ($latest_version).\nNo update performed.\nTime: $(date)"
else
echo "Latest LTS version:" "$latest_version"
echo "Already up to date."
send_email "No update needed" "Server: `hostname`\nStatus: Roundcube is already up to date.\nInstalled version: $installed_version\nLatest LTS: $latest_version\nTime: $(date)"
exit 0
fi
########################################
# Backup current installation
########################################
backup_dir="roundcube_backup_v${installed_version}_$(date +%F_%H%M%S)"
echo "Creating backup: $backup_dir"
cp -a roundcube "$backup_dir"
########################################
# Download release
########################################
filename=$(basename "$download_url")
echo "Downloading $filename"
curl -fL -o "$filename" "$download_url"
########################################
# Verify SHA256
########################################
echo "Verifying checksum..."
sha256_actual=$(sha256sum "$filename" | awk '{print $1}')
if [[ "$sha256_actual" != "$sha256_expected" ]]; then
echo "Checksum verification FAILED!"
rm -f "$filename"
send_email "Server: `hostname`\nUpdate FAILED" "Status: Roundcube update failed!\nInstalled version: $installed_version\nLatest version: $latest_version\nBackup: $backup_dir\nReason: SHA256 mismatch or extraction failure\nTime: $(date)"
exit 4
fi
echo "Checksum OK."
########################################
# Extract + Install
########################################
echo "Extracting..."
tar -xzf "$filename"
src_dir="roundcubemail-$latest_version"
if [[ ! -d "$src_dir" ]]; then
echo "Extraction failed. Directory $src_dir not found."
exit 5
fi
echo "Running install script..."
yes | "$src_dir/bin/installto.sh" "$INSTALL_DIR"
########################################
# Fix permissions
########################################
chown -R "$OWNER" roundcube
########################################
# Cleanup
########################################
rm -rf "$src_dir" "$filename"
echo "Update completed successfully!"
echo "Now running version: $latest_version"
send_email "Update successful.\nStatus: Roundcube updated: $installed_version -> $latest_version\nBackup: $backup_dir"
I tested the script some time and it worked fine for me. However, please note, you use the script on your own risk (MIT License) )
