On 04/27/2011 12:34 PM, J4K wrote:
On 04/22/2011 08:02 PM, Thomas Bruederli wrote:
Dear Roundcube users and lovers,
We're happy to announce another release of the Roundcube webmail
suite. This service update brings some more bug fixes and stability
improvements and it includes an updated
On 04/27/2011 12:42 PM, J4K wrote:
On 04/27/2011 12:34 PM, J4K wrote:
On 04/22/2011 08:02 PM, Thomas Bruederli wrote:
Dear Roundcube users and lovers,
We're happy to announce another release of the Roundcube webmail
suite. This service update brings some more bug fixes and stability
Hi
I strongly recommend yo create the .htaccess files to secure your
installation from unsavoury access.
R e g a r d s
M i c h a e l L G r i f f i n
Please consider the environment before printing this email
He who play in root,
eventually kill tree.
On 27 April 2011 12:42,
No, I disagree. Why do I need an .htaccess?
All files are either 644 400, and all dirs are either 700 or 755 where
applicable.
All files owned by root.
Please elaborate?
On 04/27/2011 08:01 PM, Michael wrote:
Hi
I strongly recommend yo create the .htaccess files to secure your
For example for PHP settings, as these can be adjusted for Roundcube in the
.htaccess.
If you have a dedicated server for Roundcube then you could also set it all
in your php.ini.
What about the log dirs? They must be writable by the web server or do you
use syslog?
(sorry jkl for sending this
hello,
On 04/21/2011 02:29 PM, Jim Pazarena wrote:
Incidentally, I found a SECOND roundcube 'hack'. Hundreds more
spam sent out thru roundcube.
yes I did see it on one of my installations too, but they used a few
account with weak password to send spam;
after my monitoring system rasised
But what about your mailbox users?
It's important to know if Roundcube was hacked or if a privileged user was
used to send automatic e-mails.
It already happened to me that I received an e-mail from BSI (German Federal
Office for Information Security) warning me about an online list which
I had the same situation several times... The problem was in the weak
passwords where the username and the password was the same or almost the
same.
Later I made a small changes in the password policy so the stupid users
can't choose weak passwords (8chr min, at least one uppercase, one
Platform: Debian 6.0 Squeeze i386
RC rev:0.3.1-6
Symptom: Immediately after RC login and seeing the mailbox view I am
instantly redirected back to the login page. This occurs via http and
https, with or without https redirection enabled. I did not have this
problem immediately after the
My guess is that the older version of RC you are running is not
happy with the upgraded PHP version - hence the deprecated warning.
Since the current stable version is 0.5.2, it might be time for an
upgrade in RC as well.
---
Arne Berglund
System Administrator,
Internet Services
Lane
On 04/27/2011 08:34 PM, Stan Hoeppner wrote:
Platform: Debian 6.0 Squeeze i386
RC rev:0.3.1-6
Symptom: Immediately after RC login and seeing the mailbox view I am
instantly redirected back to the login page. This occurs via http and
https, with or without https redirection enabled.
Michael Orlitzky put forth on 4/27/2011 8:00 PM:
On 04/27/2011 08:34 PM, Stan Hoeppner wrote:
Platform: Debian 6.0 Squeeze i386
RC rev:0.3.1-6
Symptom: Immediately after RC login and seeing the mailbox view I am
instantly redirected back to the login page. This occurs via http and
12 matches
Mail list logo