Recent Posts

1

E-Mail / Re: RoundCube 1.5.12 Released

« Last post by bradleygb on March 06, 2026, 09:50:25 AM »

I found the solution for the "Internal Server Error" after logging into roundcube after the upgrade:

disable the spoof check
Edit the file:

Code: [Select]

nano /usr/local/cwpsrv/var/services/roundcube/program/lib/Roundcube/rcube_spoofchecker.phpAround line 50, you'll see something like:

Code: [Select]

PHP// Spoofchecker is part of ext-intl (requires ICU >= 4.2)
$checker = new Spoofchecker();Insert this line right before the $checker = ... line:

Code: [Select]

return false;So it looks like:

Code: [Select]

return false;
// Spoofchecker is part of ext-intl (requires ICU >= 4.2)
$checker = new Spoofchecker();Save and exit.
Then restart:

Code: [Select]

sh /scripts/restart_cwpsrv

2

Updates / Re: Roundcube vulnerability

« Last post by djprmf on March 06, 2026, 12:37:49 AM »

Excessive hyperbole. There's nothing wrong with LTS versions.

And i didnt say that there is...
LTS is great... to support old tech. So is a bandage, not a fix.

3

Updates / Re: Roundcube vulnerability

« Last post by overseer on March 06, 2026, 12:12:13 AM »

Excessive hyperbole. There's nothing wrong with LTS versions.

4

Updates / Re: Roundcube vulnerability

« Last post by djprmf on March 05, 2026, 07:34:14 PM »

You can update to the latest 1.5 LTS version, which is 1.5.13

That takes care of the issue.

That is the same as apply a bandage to a bullet hole. The core issue is still there and will bleed out eventually...

5

Updates / Re: Roundcube vulnerability

« Last post by Starburst on March 05, 2026, 07:13:30 PM »

You can update to the latest 1.5 LTS version, which is 1.5.13

That takes care of the issue.

6

Updates / Re: [SECURITY ALERT] Unauthorized port / [SECURITY ALERT] Unknown/Untrusted file..

« Last post by overseer on March 05, 2026, 03:48:00 AM »

False positives. Just ignore. See Sandeep's confirmation here:
https://www.alphagnu.com/topic/621-getting-a-critical-alert-ghost-files-deleted-but-running-found-in-new-cwp-install/

7

CentOS 7 Problems / Re: Unable to Access CWP Panel : 500 Error

« Last post by cyberspace on March 04, 2026, 02:41:46 PM »

EXT4 supports the attribute "immutable".

Run:

Code: [Select]

rpm -qa | grep cwpphp

ls -l  /usr/local/cwp/php71/bin/php

yum search cwpphp
and show output again.

8

CentOS 7 Problems / Re: Unable to Access CWP Panel : 500 Error

« Last post by koala04 on March 04, 2026, 02:24:35 PM »

[root@srv1 htdocs]# df -T /usr/local/cwpsrv/htdocs/admin/admin/design
Filesystem     Type  1K-blocks      Used Available Use% Mounted on
/dev/sda3      ext4 1441774144 694852724 673609628  51% /

9

Updates / Re: Roundcube vulnerability

« Last post by djprmf on March 04, 2026, 01:14:59 PM »

(...) due to CWP limited to PHP 7.4 (!!!!) Roundcube can't be updated beyond 1.6.11 (...)

"everything is fine, CWP have received updates X days ago"


Thank you for your script and alert.

10

Updates / Re: [SECURITY ALERT] Unauthorized port / [SECURITY ALERT] Unknown/Untrusted file..

« Last post by venty on March 04, 2026, 12:52:24 PM »

Hi,

The installation is AL 9.7, and CWP...

Please, I had until now two messages:

[SECURITY ALERT] Unknown/Untrusted file: /usr/lib64/gconv/gconv-modules.cache

and

[SECURITY ALERT] Unauthorized port, for more info run: sh /scripts/cwp_security_audit

Today, after I entered the CWP panel, I have old and one new message:

[!!! CRITICAL ALERT !!!] Ghost files (deleted but running) found, for more info run: sh /scripts/cwp_security_audit

Thanks in advance, and have a nice day!

BR
Venty