Skip to main content

Roundcube Webmail - HTTP 502 Bad Gateway Error after updating to WHM 136.0.20

CompWebStudio

After updating WHM to version 136.0.20, the functioning of the webmail service is degraded. The webmail landing page fails to load most of the time. If it loads, logging in rarely succeeds, as does the loading of any subsequent pages and data (including email messages). The user is presented with an HTTP 502 Bad Gateway error when loading fails with the following message: "The server received an invalid answer while works like a proxy".

Connecting to the webmail domain directly over port 2096 always succeeds.

The webmail service sits behind an NGINX proxy. Other services proxied by the NGINX proxy are unaffected.

Attempted:
- restarting Apache Web Server
- restarting NGINX, rebuilding the configuration, clearing cache for all users through NGINX® Manager
- disabling caching through NGINX® Manager

 

Nothing specific stands out in the error logs for Apache and NGINX immediately after updating, but hours later the following messages start to repeatedly appear in `/var/log/apache2/error_log`:

[Thu Jun 11 05:50:53.950999 2026] [proxy_http:error] [pid 846561:tid 846561] (20014)Internal error (specific information not available): [client XXX.XXX.XXX.XXX:0] AH01102: error reading status line from remote server 127.0.0.1:2095, referer: https://webmail.[domain].[TLD]/cpsess1715668630/3rdparty/roundcube/?_task=mail&_token=[token]
[Thu Jun 11 05:50:53.951032 2026] [proxy:error] [pid 846561:tid 846561] [client XXX.XXX.XXX.XXX:0] AH00898: Error reading from remote server returned by /___proxy_subdomain_webmail/cpsess1715668630/3rdparty/roundcube/, referer: https://webmail.[domain].[TLD]/cpsess1715668630/3rdparty/roundcube/?_task=mail&_token=[token]
[Thu Jun 11 11:05:47.829878 2026] [proxy_http:error] [pid 932671:tid 932671] (20014)Internal error (specific information not available): [client XXX.XXX.XXX.XXX:0] AH01102: error reading status line from remote server 127.0.0.1:2095, referer: https://webmail.[domain].[TLD]/cpsess3382837457/3rdparty/roundcube/?_task=mail&_mbox=INBOX
[Thu Jun 11 11:05:47.829901 2026] [proxy:error] [pid 932671:tid 932671] [client XXX.XXX.XXX.XXX:0] AH00898: Error reading from remote server returned by /___proxy_subdomain_webmail/cpsess3382837457/3rdparty/roundcube/, referer: https://webmail.[domain].[TLD]/cpsess3382837457/3rdparty/roundcube/?_task=mail&_mbox=INBOX


Software versions:
- cpanel+WHM version: 11.136.0.20
- AlmaLinux v9.8.0 STANDARD standard
- Apache Server version:  Apache/2.4.68 (cPanel) OpenSSL/3.5.5 mod_bwlimited/1.4
- Nginx version: 1.31.1-1.1.1.cpanel
- Roundecube Webmail version: 1.6.16


I was able to find a related thread on the cpanel community support forum, albeit for an older version of cpanel (https://support.cpanel.net/hc/en-us/community/posts/23150240197399-Roundcube-Not-Loading).

Comments

13 comments

Date Votes
  • yvespires

    Same issue here

    HTTP error 502

    The server received a bad response while acting as a proxy.

    ---------

    Ubuntu v22.04.5 STANDARD hyper-v
    cPanel Version
    134.0.37


    [Thu Jun 11 09:13:14.874096 2026] [proxy_http:error] [pid 17212:tid 17212] (20014)Internal error (specific information not available): [client 187.105.14.81:0] AH01102: error reading status line from remote server 127.0.0.1:2095, referer: https://webmail.domain.com/cpsess8782999591/3rdparty/roundcube/?_task=mail&_mbox=INBOX
    [Thu Jun 11 09:13:14.874112 2026] [proxy:error] [pid 17212:tid 17212] [client 187.105.14.81:0] AH00898: Error reading from remote server returned by /___proxy_subdomain_webmail/cpsess8782999591/3rdparty/roundcube/, referer: https://webmail.domain.com/cpsess8782999591/3rdparty/roundcube/?_task=mail&_mbox=INBOX
    0
  • Julio López

    It happens to me too.

    • cpanel+WHM version: 134.0.37
    • Ubuntu v22.04.5 STANDARD kvm
    • Apache/2.4.67 (cPanel) OpenSSL/3.0.2 mod_bwlimited/1.4
    • Nginx -> off
    • Roundecube Webmail version: 1.6.16

    https://webmail.dominio.com generates cookies with port=2095 even though it's accessed via HTTPS/443.Firefox completes the login and redirects to Roundcube.
    Safari completes POST /login but doesn't proceed to Roundcube.
    https://hostname:2096 works correctly.

    0
  • Imre Simon
    • Edited

    Same problem our almalinux 9 server. cpanel 134 and 136, 2096 port works.

    OS AlmaLinux v9.8.0 STANDARD standard
    cPanel Version 136.0.20
    Apache/2.4.68 (cPanel) OpenSSL/3.5.5 mod_bwlimited/1.4Server MPM: preforkServer Built: Jun 9 2026 00:00:00
    Roundcube Webmail 1.6.16
    0
  • Laura Gordon

    It happens to me too.

    • cpanel+WHM version: 136.0.20
    • AlmaLinux 9.7
    • Apache/2.4.67 (cPanel)
    • Nginx -> off
    • Roundecube Webmail version: 1.6.16
    0
  • Laura Gordon

    Hi,

    This is the feedback provided by the cPanel AI Support Assistant. I tested the proposed solution, and it worked for me.

    Yes — this is a known issue after updating to WHM/cPanel 136.0.20 where service subdomains like webmail can return HTTP 502 when ea-nginx is being used as a reverse proxy.

    To apply the workaround:
    Log in to WHM as root.
    Go to Home → Service Configuration → Apache Configuration → Include Editor.
    Under Pre VirtualHost Include, select All Apache versions.
    Add:
    SetEnvIf Host "^(webmail|cpanel|whm|webdisk)." proxy-nokeepalive=1
    SetEnvIf Host "^(webmail|cpanel|whm|webdisk)." proxy-initial-not-pooled=1
    Click Update.
    Click Restart Apache.

    1
  • José Carlos Varella
    • Edited

    It worked for me.Good job

    • cpanel+WHM version: 136.0.20
    • AlmaLinux 8.10
    • Apache/2.4.68
    • Nginx -> on
    • Roundecube:1.6.16.1.132-1
    0
  • Julio López

    thanks Laura

    To apply the workaround:
    Log in to WHM as root.
    Go to Home → Service Configuration → Apache Configuration → Include Editor.
    Under Pre VirtualHost Include, select All Apache versions.
    Add:
    SetEnvIf Host "^(webmail|cpanel|whm|webdisk)." proxy-nokeepalive=1
    SetEnvIf Host "^(webmail|cpanel|whm|webdisk)." proxy-initial-not-pooled=1
    Click Update.
    Click Restart Apache.

    not work for me on 

    • cpanel+WHM version: 136.0.20
    • AlmaLinux 9.7
    • Apache/2.4.67 (cPanel)
    • Nginx -> off
    • Roundecube Webmail version: 1.6.1

     

    0
  • yvespires

    As pointed by Laura, AI suggested based on this KB:https://support.cpanel.net/hc/en-us/articles/41138720552087-Service-subdomains-webmail-cpanel-webdisk-whm-return-error-502-when-using-ea-nginx-as-reverse-proxy

    Seems fixed for me.

    0
  • Daanial Farrukh

    getting 502 errors on webmail but can still login via port 2096, then most probably you have been upgraded to v136.0.20. It's a bug where the webmail service subdomain returns a 502 bad gateway error.

    This is because the web server (Apache) was reusing the same connection for multiple users. In the new build, cPanel's backend treats that as a security issue and blocks the user from reaching the backend, which shows up as the 502. The setting that prevents this, disablereuse=on, went missing after the upgrade.

    My customers got errors today and I didn't understand what was going on until I came across this log:

    reset_connection("Session does not match first request: <user>@<domain>...")

    Here's the fix.

    Step 1 - Immediate test (temporary, but proves it):

    cp /etc/apache2/conf/httpd.conf /root/httpd.conf.bak
    sed -i '/___proxy_subdomain_webmail/ s/max=1 retry=0/max=1 retry=0 disablereuse=on/' /etc/apache2/conf/httpd.conf
    grep -n '___proxy_subdomain_webmail"' /etc/apache2/conf/httpd.conf
    /usr/local/cpanel/scripts/restartsrv_httpd

    Just note this edit gets wiped whenever Apache rebuilds its config, so you may have to reapply it.

    Step 2 is to make it permanent through a template override, but honestly I would wait for cPanel to fix it in the next upgrade.

     

    0
  • cPRex Jurassic Moderator

    As always, if you've applied the workaround to the server but are still seeing problems, it's best to create a ticket so we can do some additional investigation.

    0
  • Julio López

    cPanel Version 134.0.39

    MacOS
    chrome Versión 149.0.7827.102 (Build oficial) (arm64) -> ok
    firefox 151.0.4 (aarch64) -> ok
    safari Versión 26.4 (21624.1.16.11.4) -> not login loop
    safari Versión 26.5 (21624.2.5.11.4) -> not login loop
    safari ios 26.5 -> not login loop
    safari Versión 17.6 (17618.3.11.11.7, 17618) -> not login loop

    windows
    chrome Versión 149.0.7827.55 (Build oficial) (64 bits)  -> ok
    edge Versión 146.0.3856.109 (Compilación oficial) (arm64) -> ok
    firefox version 151.0.4 (aarch64) -> ok

    0
  • cPRex Jurassic Moderator

    I am expecting last night's release to resolve this, but let me know if that isn't the case for you!

    0
  • Julio López

    same problem with cPanel Version 134.0.40

    MacOS
    chrome Versión 149.0.7827.102 (Build oficial) (arm64) -> ok
    firefox 151.0.4 (aarch64) -> ok
    safari Versión 26.4 (21624.1.16.11.4) -> not login loop
    safari Versión 26.5 (21624.2.5.11.4) -> not login loop
    safari ios 26.5 -> not login loop
    safari Versión 17.6 (17618.3.11.11.7, 17618) -> not login loop

    0

Please sign in to leave a comment.

Didn't find what you were looking for?

New post