Error cpanel + afterlogic + csf

Question

Error cpanel + afterlogic + csf

andersonosn opened this issue 3 years ago · comments

Hello,

We use Afterlogic Webmail installed inside the cPanel server (domain.com:2096)

The server operates with Configserver's CSF Firewall.

We've been facing this problem for months, even updating Afterlogic versions and it's something that happens even in the Pro version.

The firewall is blocking the user's IP while he is normally using Webmail, and generating the logs below, we've already reviewed everything and we can't understand how to solve it.

[2021-09-16 13:41:22 -0300] info [webmaild] 000.000.000.000 - - "POST /cpsess0123456789/3rdparty/afterlogic/webmail/?/Api/ HTTP/1.1" FAILED LOGIN webmaild: Authorization: type not known
[2021-09-16 13:41:33 -0300] info [webmaild] 000.000.000.000 - - "POST /cpsess0123456789/3rdparty/afterlogic/webmail/?/Api/ HTTP/1.1" FAILED LOGIN webmaild: Authorization: type not known
[2021-09-16 13:41:43 -0300] info [webmaild] 000.000.000.000 - - "POST /cpsess0123456789/3rdparty/afterlogic/webmail/?/Api/ HTTP/1.1" FAILED LOGIN webmaild: Authorization: type not known

Can you help? Does any other user experience this?
Our CSF follows the standard for cPanel even though it is a shared web hosting server.

Thanks!

AfterLogic Support · Answer 1 · Fri Sep 17 2021 14:55:10 GMT+0800 (China Standard Time)

Hello,

A while back, one of our users has reported a very similar issue, it occurred when user logged out of cPanel yet was logged into WebMail (in another tab, for example) and the developers have provided a workaround, there's a chance it'll help you as well; the installation files are located under /usr/local/cpanel/base/3rdparty/afterlogic/webmail.

In static/js/app.js file, locate the following code:

CAjax.prototype.always = function (oRequest, oXhr, sType)
{
	this.filterRequests(oRequest);
};

and modify it as follows:

CAjax.prototype.always = function (oRequest, oXhr, sType)
{
	this.filterRequests(oRequest);
	if (oXhr.status === 401)
	{
		App.logoutAndGotoLogin();
	}
};

In `data/settings/config.json file, locate the following entry:

"UseAppMinJs": [
	false,
	"bool"
],

and set the value to true.

As a result, whenever user gets Error 401 ("Access denied"), they will be instantly logged out of WebMail and redirected to cPanel login screen.

Hope it helps.

AfterLogic Support · Answer 2 · Fri Mar 18 2022 19:05:15 GMT+0800 (China Standard Time)

Thread closed due to inactivity. Feel free to reopen should the issue occur with the latest version.

andersonosn · Answer 3 · Thu Dec 08 2022 23:36:23 GMT+0800 (China Standard Time)

Hello,

I followed these steps, changing the static/js/app.js file and setting "True" to UseAppMinJs

But the problem remains. I'm using Afterlogic 8.

Would you help me?

AfterLogic Support · Answer 4 · Fri Dec 09 2022 14:49:07 GMT+0800 (China Standard Time)

We can only assist with the latest version of the product?
Does the issue occur in current 9.6.1?