Results 1 to 5 of 5

Thread: Zimbra + mod_proxy

  1. #1
    greybrimstone is offline New Member
    Join Date
    Mar 2009
    Posts
    3
    Rep Power
    6

    Default Zimbra + mod_proxy

    Hi Guys,
    First I wanted to say awesome product! Second, I need help so I'm here to get it. I have Zimbra installed and working perfectly but I want to put it behind a reverse proxy server. The server is running ubuntu linux with apache and mod_proxy. Once I get it working I am going to enable mod_security and we'll be ready to rumble.

    That said, the reverse proxy doesn't work properly. When I attempt to read email from a proxied connection I get communications errors upon clicking on the email. Then when I take a look at the log files I see:

    172.16.15.82 - - [04/Mar/2009:20:20:02 -0500] "POST /service/soap/ModifyPrefsRequest HTTP/1.1" 503 437 "http://suck.netragard.com/" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_5_6; en-us)
    AppleWebKit/525.27.1 (KHTML, like Gecko) Version/3.2.1 Safari/525.27.1"

    So, every time there is a post, the error is generated. Can anyone give me any help on how to solve this? Does anyone have a working mod_proxy + Apache2 config that they could show me? Thanks much in advace!

  2. #2
    Klug's Avatar
    Klug is online now Moderator
    Join Date
    Mar 2006
    Location
    Beaucaire, France
    Posts
    2,322
    Rep Power
    13

    Default

    Welcome to the forum.

    Everything is in the wiki...
    Zimbra with Apache using mod jk - mod proxy - mod proxy ajp - Zimbra :: Wiki

  3. #3
    greybrimstone is offline New Member
    Join Date
    Mar 2009
    Posts
    3
    Rep Power
    6

    Default Thank you!

    Also, is there a list of vulnerabilities anywhere out there for Zimbra? Or some sort of advisory database or maling list that we can monitor?

  4. #4
    Klug's Avatar
    Klug is online now Moderator
    Join Date
    Mar 2006
    Location
    Beaucaire, France
    Posts
    2,322
    Rep Power
    13

    Default

    Any vulnerability found is posted to the forum (in the "Announcements").

  5. #5
    greybrimstone is offline New Member
    Join Date
    Mar 2009
    Posts
    3
    Rep Power
    6

    Default Security Questions Now

    Ok thats good. Thanks much for the quick responses. Does Zimbra use parameterized stored proceedures for its queries? Have there ever been any SQL Injection vulnerabilities or XSS issues discovered? Whats done to keep it safe? Do you follow the OWASP standards?

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 8
    Last Post: 01-12-2012, 02:20 AM
  2. slapd message error
    By smoke in forum Administrators
    Replies: 7
    Last Post: 04-27-2008, 03:23 PM
  3. admin consol blank after 5.0.3 upgarde
    By maumar in forum Administrators
    Replies: 6
    Last Post: 03-21-2008, 05:16 AM
  4. Replies: 12
    Last Post: 02-25-2008, 07:28 PM
  5. Zimbra shutdowns every n hours.
    By Andrewb in forum Administrators
    Replies: 13
    Last Post: 08-14-2007, 08:55 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •