WebApp improvement suggestion for users running php-fpm instead of Apache internal mod_php

micro

Hello devs,

Kopano-WebApp by default is shipped with following .htaccess file on its root.

/usr/share/kopano-webapp/.htaccess"

# some apache settings
Options -Indexes

# The maximum POST limit. To upload large files, this value must be larger than upload_max_filesize.
php_value post_max_size 31M
php_value upload_max_filesize 30M

# Deny access to config.php, config.php.dist, debug.php, debug.php.dist, defaults.php
# because they could become a security vulnerability when accessible
# Better safe then sorry
<FilesMatch "^(config|debug|defaults|init)\.php">
        <IfVersion < 2.4>
                    Deny from all
        </IfVersion>

        <IfVersion >= 2.4>
                   <RequireAll>
                       Require all denied
                   </RequireAll>
        </IfVersion>
</FilesMatch>

Anyone who is using php-fpm instead of Apaches mod_php will get into trouble, because you cannot access Kopano-WebApp. The error produced in the log clearly states, that the lines “php_value” are unknown to php-fpm and cannot be processed. Thus you get an error page with Internal Server Error when trying to access Kopano-Webapp through your browser.

That’s nothing new and certainly known to most of us. You have to remove (or disable by commenting) all php_value lines from that .htaccess file and put them into the php-fpm configuration so they can correctly be processed by php-fpm. I am using separate php-configuration for my Apache2 web server running which are defined under /etc/php5/fpm/pool.d For the sake of completeness, the corresponding configuration file for php-fpm is:

/etc/php5/fpm/pool.d/kopano-webapp.conf

[...]
php_value[post_max_size] = 31M
php_value[upload_max_filesize] = 30M
[...]

I have following simple suggestion to the developers, maybe they can look into it and implement it in future version?

In /usr/share/kopano-webapp/.htaccess change the corresponding lines:

# The maximum POST limit. To upload large files, this value must be larger than upload_max_filesize.
php_value post_max_size 31M
php_value upload_max_filesize 30M

to:

<IfModule mod_php5.c>
   # php-fpm users should consider putting these settings into their appropriate php-fpm configuration
   php_value post_max_size 31M
   php_value upload_max_filesize 30M
</IfModule>

<IfModule mod_php7.c>
   # php-fpm users should consider putting these settings into their appropriate php-fpm configuration
   php_value post_max_size 31M
   php_value upload_max_filesize 30M
</IfModule>

As result, these php definitions will only be effective in Apache in case the internal php module is in use (either version 5 or even the latest version 7).

Why I am suggesting this? Because just some minutes ago I stumbled again over this. I upgraded Kopano-WebApp to the latest version and after the upgrade the webpage Kopano-WebApp was not accessible any more with “Internal Server Error”. The default .htaccess settings did overwrite my old .htaccess file, where I had removed those two lines.

HTH

Kind regards
micro

jengelh

https://jira.kopano.io/browse/KW-2520?

micro

yes, that’s it