[RCU] Apache 403 Forbidden issues in 0.8.1?
warden at geneseo.edu
Mon Oct 1 20:16:18 CEST 2012
I've actually been seeing the same thing in 0.8.0 and was wondering if 0.8.1 fixes the issue. I guess not.
I (also) haven't been able to dig too far in to it but I can usually get the client to stop flooding us with requests by deleting the session for that client's IP address in the sessions table in the roundcube database. Anecdotally it seems like there's a lot of repeat offenders: a small number of users/client IPs generating most of the 403s. I personally suspect something strange on their machines but I haven't been able to recreate the problem myself to really investigate well.
We're RHEL6.3, Lighttpd 1.4.31, php 5.3.3 (fastcgi), dovecot 2.1.9. Plugins: 'login_info', 'newmail_notifier', 'quickrules', 'cas_authn_opt', 'messagesize', 'sieverules', 'listcommands', 'contextmenu', 'copymessage', 'emoticons', 'vcard_attachments', 'new_user_dialog', 'dovecot_impersonate', 'help', 'vcard_attach'.
On Oct 1, 2012, at 11:47 AM, Arne Berglund <aberglund at lesd.k12.or.us> wrote:
> I've been running 0.8.1 in production since shortly after its release. Ever since moving from 0.7.2, my Apache logs are being flooded with "403 Forbidden" errors. A typical example is:
> 2xx.xx.xxx.xx - - [01/Oct/2012:06:24:22 -0700] "GET /webmail/?_task=mail&_action=keep-alive&_remote=1&_unlock=0&_=1349097860835 HTTP/1.1" 403 15
> Any ideas what might be going on here? Of how to deal with it?
> Environment: RHEL5, Apache 2.2.3, PHP 5.3
> Arne Berglund
> System Administrator, Internet Services
> Lane Education Service District
> Eugene, OR
> Roundcube Users mailing list
> users at lists.roundcube.net
More information about the users