Suddenly getting 403 forbidden error for web login and admin console

[rwilkinson]

I have a client that has been running a zimbra community edition for some time, and it has been working until today. When they try and log into the web console, or the admin console, both sites show a 403 forbidden error. No changes were made on the server, and if I try to connect to either page from the server directly using curl, I can verify it is getting the same error. Has anyone run into this issue or something similar, or is there anything I can do to fix this?

[jimorin]

I just got the same problem on one of my mailbox server.

The problem was with jetty.
Some files went missing in /opt/zimbra/jetty/webapps/zimbra/public/

I was able to fix it by bringing back these files from a previous backup.
I also had jsp files that weren't supposed to be here. I deleted all those unwanted files by comparing with another server I have at the same version.
Make sure you check all /opt/zimbra/jetty/. I had these bad files at various places in the jetty sub folders.

Also don't forget to run a /opt/zimbra/libexec/zmfixperms as root when you are done with the files.

I quickly updated to the last patch available.

Look like someone exploited a vulnerability to me.

[mirkoguidolin]

Hi,
same error today in ZIMBRA ZCS 8.6.0_1240 Patch12.
Some file were modified.
Solved restoring /opt/zimbra/jetty from a previus backup and running a /opt/zimbra/libexec/zmfixperms as root.
I will install Patch14 shortly.