Search found 16 matches
- 2019-04-13 18:18
- Forum: General discussions
- Topic: Invalid CSRF token error when logging in to PHPWebAdmin
- Replies: 37
- Views: 14401
Re: Invalid CSRF token error when logging in to PHPWebAdmin
The issue has been resolved after doing some investigating via Process Monitor. I found that an error was logged to the "php-errors.log" file with entries like below. [13-Apr-2019 18:00:35] PHP Warning: session_start(): open(D:\path\to\PHPsessions\sess_aojhpmm6ahe2qe0p3ker1u4j06, O_RDWR) failed: Per...
- 2019-04-10 22:25
- Forum: General discussions
- Topic: Invalid CSRF token error when logging in to PHPWebAdmin
- Replies: 37
- Views: 14401
Re: Invalid CSRF token error when logging in to PHPWebAdmin
What webserver do you run phpWebAdmin from? Is this the same machine that runs hMailserver? I'm using IIS10 that comes with Windows Server 2016 and everything (web and mail) is on the same server. It used to work fine for a long time, but it stopped working at one point. I unfortunately don't know ...
- 2019-04-08 22:34
- Forum: General discussions
- Topic: Invalid CSRF token error when logging in to PHPWebAdmin
- Replies: 37
- Views: 14401
- 2019-04-07 18:52
- Forum: General discussions
- Topic: Invalid CSRF token error when logging in to PHPWebAdmin
- Replies: 37
- Views: 14401
Invalid CSRF token error when logging in to PHPWebAdmin
Hello. I've been unable to use PHPWebAdmin/hMailAdmin for a while now because I get an "Invalid CSRF token." error when I try to log in. I've tried multiple browsers from multiple devices (including the server), but it's the same error every time. I've verified that the "rooturl" value in the config...
- 2019-04-07 18:48
- Forum: Development & alpha discussions
- Topic: hMailServer web-interface redesign
- Replies: 176
- Views: 264779
Re: hMailServer web-interface redesign
I get the same error with the default PHPWebAdmin.
I'll try asking the question in the general forum then.
Thanks.
- 2019-04-05 22:25
- Forum: Development & alpha discussions
- Topic: hMailServer web-interface redesign
- Replies: 176
- Views: 264779
Re: hMailServer web-interface redesign
They match. I've even tried to copy/paste the URL from the config file directly into the browser to be completely sure.
- 2019-04-03 19:18
- Forum: Development & alpha discussions
- Topic: hMailServer web-interface redesign
- Replies: 176
- Views: 264779
Re: hMailServer web-interface redesign
Hello. I've been using your fantastic redesign for a long time, but I've been unable to use it for a while now because I get an "Invalid CSRF token." error when I try to log in. I've tried multiple browsers from multiple devices (including the server), but it's the same error every time. I suspect t...
- 2018-07-19 21:27
- Forum: General discussions
- Topic: Understanding the SSL/TLS ciphers list
- Replies: 27
- Views: 16294
- 2018-07-19 21:26
- Forum: General discussions
- Topic: Understanding the SSL/TLS ciphers list
- Replies: 27
- Views: 16294
Re: Understanding the SSL/TLS ciphers list
Here's my stats from my relatively small mail server. This is just raw data without much formatting, so hope it makes sense
- 2018-07-17 09:43
- Forum: General discussions
- Topic: Understanding the SSL/TLS ciphers list
- Replies: 27
- Views: 16294
Re: Understanding the SSL/TLS ciphers list
Here's my current cipher list - it should be the default one as I've never changed it. ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECD...
- 2018-07-16 17:42
- Forum: General discussions
- Topic: Understanding the SSL/TLS ciphers list
- Replies: 27
- Views: 16294
Understanding the SSL/TLS ciphers list
Hello. I was curious to know which SSL/TLS ciphers that are actually being used by my mail server as I had the idea, that I could remove the unused and unsafe ones to tighten security a bit. To do that, I've made my own PowerShell script that analyzes the hMailServer log files to gather some statist...
- 2018-03-23 19:44
- Forum: Development & alpha discussions
- Topic: hMailServer web-interface redesign
- Replies: 176
- Views: 264779
- 2018-03-23 00:17
- Forum: Development & alpha discussions
- Topic: hMailServer web-interface redesign
- Replies: 176
- Views: 264779
Re: hMailServer web-interface redesign
Hi. I've just added HTTPS support to my hMailServer admin site, but there seems to be an issue with the login form. Could you perhaps have a look at the login page to deal with the following "complaint" from Google Chrome? ------------- Resources - non-secure form This page includes a form with a no...
- 2017-11-27 00:51
- Forum: User-submitted tutorials
- Topic: HOW TO: Ready-To-Go Backup and Cleardown script
- Replies: 185
- Views: 266763
Re: HOW TO: Ready-To-Go Backup and Cleardown script
Hi :) First of all, thanks a lot for the script. Looks great. I'm currently building a new server and intend to use this method for backup on the new server, so I wanted to test it a bit before using it in production. Based on my testing, I'd like to suggest the 2 following changes to the batch scri...
- 2017-01-29 23:49
- Forum: General discussions
- Topic: ClamAV service fails periodically
- Replies: 16
- Views: 9591
Re: ClamAV service fails periodically
The only thing I could suggest is strip back your definitions back to using the defaults and apply them one-by-one starting with just the default, test, then add Sane Defs (as recommended in my original post), test, and then add securiteinfo defs and test again. (FWIW I dont think you need securite...
- 2017-01-29 22:41
- Forum: General discussions
- Topic: ClamAV service fails periodically
- Replies: 16
- Views: 9591
ClamAV service fails periodically
Hello. I've set up ClamAV as a service as described in https://www.hmailserver.com/forum/viewtopic.php?f=21&t=26829 and it's generally speaking working quite well. However, I'm periodically seeing what seems to be ClamAV having an issue with loading the AV definitions. This results in the service fa...