This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

A cookie will be stored in your browser regardless of choice to prevent you being asked this question again. You will be able to change your cookie settings at any time using the link in the footer.

FORCE ROUNDCUBE TO USE SSL
#1
FORCE ROUNDCUBE TO USE SSL
Hi,

I tried to set defaults.ing.php

Code:
$config['force_https'] = true;
$config['use_https'] = true;

But unfortunately it's not working, any ideas what else I can use ?

Thanks !
Reply
Thanks given by:
#2
RE: FORCE ROUNDCUBE TO USE SSL
Huh 
The domain you use for roundcube needs to be https... you can't just make roundcube https.
-TGates - Project Council

SEARCH the Forums or read the DOCUMENTATION before posting!
Support Sentora and Donate: HERE

Find my support or modules useful? Donate to TGates HERE
Developers and code testers needed!
Contact TGates for more information
Reply
Thanks given by:
#3
RE: FORCE ROUNDCUBE TO USE SSL
Thank you for your reply !
I already set up https on the domain, so I wanted to block the usage if http://ip//etc/apps/webmail/ and automatically force it to https.
My approach might not be the best therefore I am open to suggestions Smile
Reply
Thanks given by:
#4
RE: FORCE ROUNDCUBE TO USE SSL
http://forums.sentora.org/showthread.php?tid=1259
Cool
-TGates - Project Council

SEARCH the Forums or read the DOCUMENTATION before posting!
Support Sentora and Donate: HERE

Find my support or modules useful? Donate to TGates HERE
Developers and code testers needed!
Contact TGates for more information
Reply
Thanks given by:
#5
RE: FORCE ROUNDCUBE TO USE SSL
Well, I tried that but then when I do https://panel.domain/etc/apps/webmail/ I get 403.
I tried also the /wembmail configuration described here http://forums.sentora.org/showthread.php?tid=495 but with the same results.
Reply
Thanks given by:
#6
RE: FORCE ROUNDCUBE TO USE SSL
Let play a game...
Have you read this post?
Or don't you read before you do something?

My Sentora DemoMy GithubAuxio Github
Zentora themeS-Type themeCstyleX theme
flat-color-iconssmall-n-flat-icons

Sentora's development takes way too long, so i'm transitioning to HestiaCP.
Reply
Thanks given by:
#7
RE: FORCE ROUNDCUBE TO USE SSL
Thank you Ron-e, indeed I didn't read that, will try and get back with the results.
Reply
Thanks given by:
#8
RE: FORCE ROUNDCUBE TO USE SSL
Thanks again, it worked with the following configuration:

Code:
</VirtualHost>

# Configuration for WebMail
<VirtualHost *:443>
   ServerAdmin mail@domain.com
   DocumentRoot "/etc/sentora/panel/etc/apps/webmail/"
   php_admin_value suhosin.executor.func.blacklist "passthru, show_source, shell_exec, system, pcntl_exec, popen, pclose, proc_open, proc_nice, proc_terminate, proc_get_status, proc_close, leak, apache_child_terminate, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, escapeshellcmd, escapeshellarg, exec"
   ServerName webmail.domain.com
   AddType application/x-httpd-php .php3 .php
   <Directory />
       Options FollowSymLinks Indexes
       AllowOverride All
        Require all granted
   </Directory>

Now this works fine on https://webmail.domain.com, but in http://webmail.domain.com I'm getting redirected to the panel.domain.com, any idea how can I avoid that ?


Also, for the https certificate, should I add the following after the code above?

Code:
SSLEngine on
SSLProtocol ALL -SSLv2 -SSLv3
SSLHonorCipherOrder On
SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
SSLCertificateFile /etc/letsencrypt/live/webmail.domain.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/webmail.domain.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/webmail.domain.com/chain.pem
SSLCompression off
Reply
Thanks given by:
#9
RE: FORCE ROUNDCUBE TO USE SSL
(09-05-2017, 06:31 AM)zanga Wrote: Now this works fine on https://webmail.domain.com, but in http://webmail.domain.com I'm getting redirected to the panel.domain.com, any idea how can I avoid that ?

Do you want to have both?
Did not test it myself but recenly found this:
Code:
<VirtualHost *:80 *:443>
Or if it does not work at the same with a virtualhost :80.

Or want to block undefined domains/ports at all?
You could try this:
http://forums.sentora.org/showthread.php?tid=1064

My Sentora DemoMy GithubAuxio Github
Zentora themeS-Type themeCstyleX theme
flat-color-iconssmall-n-flat-icons

Sentora's development takes way too long, so i'm transitioning to HestiaCP.
Reply
Thanks given by:
#10
RE: FORCE ROUNDCUBE TO USE SSL
I wanted to have only https.

I saw also that thread, but any idea how to add exceptions on that block ?
Reply
Thanks given by:


Possibly Related Threads…
Thread Author Replies Views Last Post
Problem with roundcube pgh2011 0 2 ,228 01-30-2021, 12:48 AM
Last Post: pgh2011
how to update quota in roundcube? oliviagreene 1 4 ,147 09-18-2019, 11:23 PM
Last Post: Ron-e
Roundcube problem cfreire 7 22 ,497 05-02-2019, 06:59 AM
Last Post: jim@jimcorkery.com

Forum Jump:


Users browsing this thread: 1 Guest(s)