SSL only?

phil phil at cryer.us
Thu Apr 6 17:19:04 CEST 2006



On Thu, 06 Apr 2006 08:43:27 +0200, Thomas Bruederli <roundcube at gmail.com> wrote:
> You should do this redirection with your webserver configuration. With
> Apache you can use the RewriteRules to achieve this. I don't thinks it's
>  something that RoundCube needs to handle but more a task for the
> webserver environment.
> 

I'll second that emotion, there's plenty of ways to do it, but here's how I did it with Apache2 - edit http.conf and add something like this (change the roundcube path to your own):


<Directory /usr/local/www/data-dist/roundcubemail-cvs>
         RewriteEngine on
         RewriteBase /
         RewriteRule ^.*$ https://%{HTTP_HOST}%{REQUEST_URI} [R=permanent]
</Directory>

You need to have that mod_rewrite vodoo running on Apache for this to work, but work it does.

P


> Regards,
> Thomas
> 
> 
> Alan Briolat wrote:
>> I just did a new install of RoundCube Mail, and definitely some huge
>> improvements since i tried it a few months ago...
>>
>> I was wondering if it was planned to have a SSL option in the config?
>> At the moment i want all my webmail stuff to go over SSL, so i just
>> added the following lines at the top of index.php:
>>
>> ----------------------
>> if (empty($_SERVER['HTTPS'])) {
>>     header('Location:
> https://'.$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI'].'?'.$_SERVER['QUERY_STRING']);
>> }
>> ----------------------
>>
>> I'm sure there is a much more convenient place to put this, but I think
> it would
>> definitely be a good idea to at least have an option to make logins go
> over SSL.
>>
>> --
>> Alan Briolat <alan at dotphp.org>
-- 
http://fak3r.com - you dont have to kick it





More information about the Dev mailing list