roundcubemail update broke nginx setup

Henning laclaro at mail.com
Thu Apr 30 08:23:32 CEST 2015 

Is there anyone, who is able to clearify this new behavior of 
roundcubemail? How to tackle the problem?

This applies to the new feature of secure URLs of 1.1.

http://trac.roundcube.net/wiki/Howto_Config/Secure_URLs

Best regards
Henning

Am 19.04.2015 um 20:23 schrieb Henning:
> Hello,
>
> I just upgraded my kolab 3.3->3.4 server, which is now running
> roundcubemail 1:1.1.0-0~kolab7 with a nginx server. Unfortunately this
> broke my nginx setup. In the apache config (functional), there are some
> new rewrite and expire directives, which I tried to include in my setup
> (below). Please help me out with this.
>
> After login, which is successful, I get a "not found" error message on
> https://example.com/roundcubemail/dfe61d12a0cf0a0d/?_task=mail.
>
> If I try to access manually
> https://example.com/roundcubemail/?_task=mail, the error message is
> ----------------------
> REQUEST CHECK FAILED
>
> Access to this service was denied due to failing security checks!
>
> Click here to try again. <<--
> https://example.com/roundcubemail/dfe61d12a0cf0a0d/?_task=mail
> ----------------------
>
> The config section for roundcubemail and nginx is this:
>
>     ##
>      ## Kolab Webclient
>      ##
>      location /roundcubemail {
>          index index.php;
>          alias //usr/share/roundcubemail;
>
>          client_max_body_size 30M; # set maximum upload size for mail
> attachments
>          # NEW
>          location /roundcubemail/public_html {
>              if ($query_string ~ "^/(roundcubemail|webmail)"){
>                  rewrite "^[a-f0-9]{16}/(.*)" /%/$1 break;
>              }
>          }
>
>          location /roundcubemail/assets {
>              expires 50h;
>              gzip off;
>          }
>          # END OF NEW
>
>          # Deny all attempts to access hidden files such as .htaccess,
> .htpasswd, .DS_Store (Mac).
>          location ~
> ^/roundcubemail/(README(.md)?|INSTALL|LICENSE|CHANGELOG|UPGRADING)$ {
>              deny all;
>          }
>
>          location ~ ^/roundcubemail/(bin|SQL|config|logs)/ {
>              deny all;
>          }
>
>          location ~
> ^/roundcubemail/program/(include|lib|localization|steps)/ {
>              deny all;
>          }
>
>          # enable php
>          location ~ \.php$ {
>                  fastcgi_split_path_info ^(.+\.php)(/.+)$;
>                  fastcgi_pass unix:/var/run/php5-fpm.sock;
>                  fastcgi_index index.php;
>                  include fastcgi_params;
>                  fastcgi_param PHP_ADMIN_VALUE "session.gc_probability=1";
>          }
>      }
>
> Best regards,
> Henning

More information about the users mailing list