oh, just saw in your example that the Directory command may need to be updated as well - I don't think I saw/did that previously.  will try that as well.

this was the error I got while configuring 1.7 the same as 1.6 was configured (fresh install, not an upgrade) using the afore mentioned Alias commands
Please, configure your HTTP server to point to the /public_html directory (with fallback to /public_html/index.php).it was a manual download and install of Roundcube - nothing automatically installed with ISPConfig.
I thought I tried adding /public_html to the Alias commands, but I'll try again.
I've already reverted to 1.6.15, so I'll have to uninstall and try again
Thanks for the response

We just published security updates to the 1.6 LTS and 1.7 versions of Roundcube Webmail. They both contain fixes for recently reported security vulnerabilities.

Security fixes

• Fix stored XSS/HTML/CSS injection in subject field of the draft restore dialog, reported by zazy
• Fix CSS injection bypass in HTML sanitizer via SVG <animate attributeName="style">, reported by wooseokdotkim
• Fix pre-auth SQL injection in virtuser_query plugin via preg_replace backslash escape bypass, reported by skull
• Fix SSRF bypass via specific local address URLs
• Fix local/private URL fetch bypass when remote resources were not allowed, reported by Orange Cyberdefense Vulnerability Disclosure Team
• Fix bypass of remote image blocking via CSS var(), reported by Geame
• Fix pre-auth arbitrary file delete via redis/memcache session poisoning bypass, reported by valent1
• Fix code injection vulnerability - remove support for code evaluation in LDAP autovalues option, reported by Glendaenri

See the full changelogs in the release notes on the Github download pages for the updated versions 1.6.16 and 1.7.1.

Source: https://roundcube.net/news/2026/05/24/security-updates-1.6.16-and-1.7.1
Get it Now: https://roundcube.net/download

I don't know ISPConfig but I guess your upgraded Roundcube install is still in /usr/share/roundcubemail. Is it an upgrade you got through ISPConfig or did you do it manually?

A major change with Roundcube 1.7 is that the public_html dir became the web root. So may be this works?

Alias /roundcubemail /usr/share/roundcubemailpublic_html
Alias /webmail /usr/share/roundcubemail/public_html

<Directory /usr/share/roundcubemail/public_html/>
...

Assuming the above does not solve your issue, can you describe what the specific problem is you are facing?

I've had an ISPConfig / Roundcube v1.x /Apache (CentOS/Rocky) server for years - I really like the fact that one installation of RC could be used on all domains by default by just including one httpd/rc.conf file that contained
Alias /roundcubemail /usr/share/roundcubemail
Alias /webmail /usr/share/roundcubemail

# Define who can access the Webmail
# You can enlarge permissions once configured

<Directory /usr/share/roundcubemail/>
        Options none
        AllowOverride Limit
        Require all granted
</Directory>zero other configuration needed for any domain (100's) added to the server, it was instantly available as a mail client to all domains.  also, it was not the default webpage for a domain, and clients only knew it was available if I informed them.
I haven't found a configuration for v1.7 that does the same thing - it appears I need to define a unique site in Apache for roundcube, with a defined DocumentRoot.
<VirtualHost *:80>
     DocumentRoot /var/www/roundcubeemail
     ServerName anydomain.netOr something like that - it's not clear to me how roundcube could be set up like before and have it be fully integrated and seemless (never leaving the customers domain).
Did I miss a discussion that covered this, or an example that does this?
Thanks.

There is definitely something odd about this hotel.
I opened the server firewall for this IP then tried using K9Email.
I could receive but not send.
Then I fired up a VPN connection to my server and K9 could send (but not roundcube).
I'm home next week so will live with that for now.
Thanks for your help.

Thanks again for the great program.

Hi SKaereo, thanks for your reply. Yes, the tables were corrupted. I couldn't find a way to repair them—it didn't lead anywhere for me. I created a new database using the installer script instead. I did lose a bit of data, but nothing major.

It should since Roundcube is sending the email from the server its hosted on so the IP shouldn't be changing.

It seems that my mailserver cannot reverse DNS lookup my hotel and that the hotel does not have a valid SPF record.
Could either of these affect roundcube?