Suddenly getting 403 forbidden error for web login and admin console
-
- Posts: 3
- Joined: Fri Sep 12, 2014 11:29 pm
Suddenly getting 403 forbidden error for web login and admin console
I have a client that has been running a zimbra community edition for some time, and it has been working until today. When they try and log into the web console, or the admin console, both sites show a 403 forbidden error. No changes were made on the server, and if I try to connect to either page from the server directly using curl, I can verify it is getting the same error. Has anyone run into this issue or something similar, or is there anything I can do to fix this?
- Attachments
-
- 403 forbidden error message
- zimbra error.png (10.94 KiB) Viewed 5449 times
Re: Suddenly getting 403 forbidden error for web login and admin console
I just got the same problem on one of my mailbox server.
The problem was with jetty.
Some files went missing in /opt/zimbra/jetty/webapps/zimbra/public/
I was able to fix it by bringing back these files from a previous backup.
I also had jsp files that weren't supposed to be here. I deleted all those unwanted files by comparing with another server I have at the same version.
Make sure you check all /opt/zimbra/jetty/. I had these bad files at various places in the jetty sub folders.
Also don't forget to run a /opt/zimbra/libexec/zmfixperms as root when you are done with the files.
I quickly updated to the last patch available.
Look like someone exploited a vulnerability to me.
The problem was with jetty.
Some files went missing in /opt/zimbra/jetty/webapps/zimbra/public/
I was able to fix it by bringing back these files from a previous backup.
I also had jsp files that weren't supposed to be here. I deleted all those unwanted files by comparing with another server I have at the same version.
Make sure you check all /opt/zimbra/jetty/. I had these bad files at various places in the jetty sub folders.
Also don't forget to run a /opt/zimbra/libexec/zmfixperms as root when you are done with the files.
I quickly updated to the last patch available.
Look like someone exploited a vulnerability to me.
-
- Posts: 2
- Joined: Fri Sep 12, 2014 10:43 pm
Re: Suddenly getting 403 forbidden error for web login and admin console
Hi,
same error today in ZIMBRA ZCS 8.6.0_1240 Patch12.
Some file were modified.
Solved restoring /opt/zimbra/jetty from a previus backup and running a /opt/zimbra/libexec/zmfixperms as root.
I will install Patch14 shortly.
same error today in ZIMBRA ZCS 8.6.0_1240 Patch12.
Some file were modified.
Solved restoring /opt/zimbra/jetty from a previus backup and running a /opt/zimbra/libexec/zmfixperms as root.
I will install Patch14 shortly.