Hello everyone,
I have recently upgraded Roundcube from release-1.2 to release-1.3.
Roundcube is running behind HA-Proxy with SSL-Termination, which means that the traffic is encrypted between the client and haproxy but not between haproxy and roundcube(served by nginx).
It seems that after the upgrade, the variable $_SERVER['HTTPS'] is not being set to 'on', and some plugins that use this variable are serving resources over http, which causes the browser to complain about Mixed Content and connection not fully secure.
Not all domains are set to redirect to SSL port, so I can't force https, but the ones who use it are set up in nginx like this:
server { listen 80; server_name webmail.domain_name; return 301 https://$server_name/; }
server { listen 443; root /var/www; index index.php; server_name webmail.domain_name; access_log off;
location / { try_files $uri $uri/ =404; }
location ~ .php$ { root /var/www; fastcgi_pass php; fastcgi_read_timeout 120; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; }
}
the port 443 here is just a different port but traffic is not encrypted because the HA-Proxy does the encryption with the client.
Any suggestions to fix this? Thanks!
Regards,
Webert Lima DevOps Engineer at MAV Tecnologia *Belo Horizonte - Brasil* *IRC NICK - WebertRLZ*