Vesta Control Panel - Forum

Community Forum
https://forum.vestacp.com/

How to force Webmail ssl?

https://forum.vestacp.com/viewtopic.php?f=12&t=10054

Page 1 of 1

How to force Webmail ssl?

Posted: Thu Dec 17, 2015 11:18 am
by rasheid
How do i force webmail to use https, instead of http . I tried .htaccess in the domain root but it did not work, i think this is because yourdomain.com/webmail is an alias instead of an actual folder. I just realized that both Phpmyadmin & PhpPGAdmin can be accessed with regular http. Please help

Re: How to force Webmail ssl?

Posted: Thu Dec 17, 2015 12:10 pm
by AdamiPL
Log in to VestaCP, go to:
SERVER > Configure > Mail > Webmail URL

Image

there you can set up new URLs for phpmyadmin as well.

Re: How to force Webmail ssl?

Posted: Fri Dec 18, 2015 2:02 am
by rasheid
Thank you so much. With this information i was able to edit both webmail and phpmyadmin. However postgre was not showing in url settings for phppgamdin. I know it is installed because i created postger db already. The option for postgre support is un-editable (greyed out) with the option [no] selected. Im using VestaCP 0.9.8-15

Re: How to force Webmail ssl?

Posted: Wed Jan 06, 2016 8:01 am
by arafatx
doesn't force SSL after following the step.

Re: How to force Webmail ssl?

Posted: Fri Jan 08, 2016 5:18 pm
by rasheid
Arafatx is correct

Re: How to force Webmail ssl?

Posted: Sat Jan 09, 2016 7:01 am
by joem
Before I start I am using centos 7 with nginx and phpfpm.

To force webmail to use ssl you need to do the follow,

Edit /etc/roundcubemail/main.inc.php

Find

Code: Select all

$rcmail_config['force_https'] = false;
$rcmail_config['use_https'] = false;
Change To

Code: Select all

$rcmail_config['force_https'] = true;
$rcmail_config['use_https'] = true;
This will not allow users to login unless they are using a https url round cube will display "Invalid request! no data was saved" ever time you try and login without https. Now you need to setup a redirect in apache or nginx webmail.inc file.

Edit /etc/nginx/conf.d/webmail.inc

Find

Code: Select all

location ~ /(config|temp|logs) {
Add Above

Code: Select all

    if ($scheme = http) {
        return 301 https://$server_name$request_uri;
    }
Now restart nginx

Code: Select all

service nginx restart
The option for postgre support is un-editable (greyed out) with the option [no] selected.
Are you able to login to phppgadmin? I just noticed on my fresh install of vestacp phppgadmin is not configured right. The reason I asked is before the vesta team had that greyed out not sure if its that way still in the new release.

Re: How to force Webmail ssl?

Posted: Wed Jan 13, 2016 6:18 am
by Aliraza521
My server is sending thousands of unauthorized emails. And what I realized some robot takes advantage of exim's relay is open.????


Ali

Re: How to force Webmail ssl?

Posted: Thu Jan 14, 2016 11:45 am
by tjebbeke
Aliraza521 wrote:My server is sending thousands of unauthorized emails. And what I realized some robot takes advantage of exim's relay is open.????


Ali
Check email message header. Maybe someone has placed a script on your server to send the mails.

Re: How to force Webmail ssl?

Posted: Fri Apr 06, 2018 2:46 pm
by shiruken
Didn't work for me. Instead I added this to /var/lib/roundcube/.htaccess in the RewriteRule section:

Code: Select all

#force SSL usage
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
joem wrote:
Sat Jan 09, 2016 7:01 am
 Before I start I am using centos 7 with nginx and phpfpm.

To force webmail to use ssl you need to do the follow,

Edit /etc/roundcubemail/main.inc.php

Find

Code: Select all

$rcmail_config['force_https'] = false;
$rcmail_config['use_https'] = false;
Change To

Code: Select all

$rcmail_config['force_https'] = true;
$rcmail_config['use_https'] = true;
This will not allow users to login unless they are using a https url round cube will display "Invalid request! no data was saved" ever time you try and login without https. Now you need to setup a redirect in apache or nginx webmail.inc file.

Edit /etc/nginx/conf.d/webmail.inc

Find

Code: Select all

location ~ /(config|temp|logs) {
Add Above

Code: Select all

    if ($scheme = http) {
        return 301 https://$server_name$request_uri;
    }
Now restart nginx

Code: Select all

service nginx restart
The option for postgre support is un-editable (greyed out) with the option [no] selected.
Are you able to login to phppgadmin? I just noticed on my fresh install of vestacp phppgadmin is not configured right. The reason I asked is before the vesta team had that greyed out not sure if its that way still in the new release.

Re: How to force Webmail ssl?

Posted: Fri Jul 17, 2020 5:08 pm
by disc_over
Hello,

In case anyone needs to solve this in 2020 [vesta 0.9.8] using apache httpd:

1) Create a .htaccess file at webmail root folder (located in CentOS at /usr/share/roundcubemail/, maybe path is different in other distros) with:

Code: Select all

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [QSA,L,R=301]
2) Modify /etc/httpd/conf.d/roundcubemail.conf in order to allow loading of .htaccess in that directory by using directive override:

Code: Select all

#
# Round Cube Webmail is a browser-based multilingual IMAP client
#

Alias /roundcubemail /usr/share/roundcubemail
Alias /webmail /usr/share/roundcubemail

<Directory /usr/share/roundcubemail/>
# allow htaccess in folder
        AllowOverride All
        Order Deny,Allow
        Deny from all
        Allow from all
</Directory>
Restart httpd and every attempt to load webmail in any domain should redirect to HTTPS version. Hope it helps.
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/