ispconfig_setup icon indicating copy to clipboard operation
ispconfig_setup copied to clipboard
verified publisher icon servisys

User/passwd on Roundcube config.inc.php

Open calbasi opened this issue 6 years ago • 2 comments

Hi, after an succesful install (Debian 10, apache2), I get these messages:

The default ISPConfig Username is: admin and the Password is: admin Warning: This is a security risk. Please change the default password after your first login.

You will need to edit the username and password in /var/lib/roundcube/plugins/ispconfig3_account/config/config.inc.php of the roundcube user, as the one you set in ISPconfig

I wonder:

  1. First, does it mean I should use "admin" user and my ispconfig passwd in this roundcube file?
  2. Second, it's insecure, isn't it? Because any user can access to this file... And password is configured in plain text...

calbasi avatar Sep 26 '19 15:09 calbasi

Hi, I was wrong about this password, because it's not the ispconfig admin password but a new roundcube password you should create. From here:

Roundcube does not use the ispconfig admin user login. Roundcube uses a remote user with limited permissions that you have to add in ispconfig under System > remote users.

I think this notice should be more clear.

calbasi avatar Oct 08 '19 15:10 calbasi

I've did a pull request #316 Could you check it, @servisys ?

calbasi avatar Oct 08 '19 16:10 calbasi

The pull request was merged on 2020. Closing this issue.

calbasi avatar May 04 '23 15:05 calbasi