So I have docker-compose that runs roundcube and a postgres db. Then on my host machine I have a nginx that serves the page. Everything works fine until some russian ip starts probing the site and I start getting the error:
[error] 3631#3631: *277 FastCGI sent in stderr: "PHP message: PHP Warning: ini_set(): Headers already sent. You cannot change the session module's ini settings at this time in /var/www/html/program/lib/Roundcube/rcube.php.
Then it repeats itself for some other lines and other files.
Is there some misconfiguration in my roundcube or nginx? Because after this "attack" when I try to login to my roundcube it just says "Invalid input no data saved" and some token, username and password get printed on the site.
Best Regards, hopeful for solution