i have 2 apache instances behind HAProxy, where HAProxy is running the HTTPS and load balancing to RCM in the clear. i have set the 'use_https' option to true, and it works in most cases. i have found an exception and i wanted to see if this has been fixed in more recent versions.
if i browse to https://host.domain.tld/roundcubemail (note https, with no trailing slash), i am redirected to http://host.domain.tld/roundcubemail/ (note not https, with trailing slash).
if i correct the http:// to https:// everything works and all pages are secured. it seems that only the redirect to the URI with the trailing slash is where this comes up. i am running RCM 1.1.1-2 on fedora20. i will be upgrading in the near future, but wanted to see if this was already fixed.
thank you,
brendan
On Mon, Jan 18, 2016 at 1:55 AM, Brendan Kearney bpk678@gmail.com wrote:
i have 2 apache instances behind HAProxy, where HAProxy is running the HTTPS and load balancing to RCM in the clear. i have set the 'use_https' option to true, and it works in most cases. i have found an exception and i wanted to see if this has been fixed in more recent versions.
if i browse to https://host.domain.tld/roundcubemail (note https, with no trailing slash), i am redirected to http://host.domain.tld/roundcubemail/ (note not https, with trailing slash).
if i correct the http:// to https:// everything works and all pages are secured. it seems that only the redirect to the URI with the trailing slash is where this comes up.
The redirect from /roundcubemail to /roundcubemail/ is done by Apache and doesn't yet hit Roundcube and its use_https logic. Thus not a Roundcube issue and nothing we could fix on our side. You need to teach Apache to redirect to https.
~Thomas
I am not understanding this. Apache is doing nothing with https. The https is being handled on the load balancer and everything apache sees is http only.
Does that mean the load balancing needs to be changed? On Jan 18, 2016 4:45 AM, "Thomas Bruederli" thomas@roundcube.net wrote:
On Mon, Jan 18, 2016 at 1:55 AM, Brendan Kearney bpk678@gmail.com wrote:
i have 2 apache instances behind HAProxy, where HAProxy is running the
HTTPS
and load balancing to RCM in the clear. i have set the 'use_https'
option
to true, and it works in most cases. i have found an exception and i
wanted
to see if this has been fixed in more recent versions.
if i browse to https://host.domain.tld/roundcubemail (note https, with
no
trailing slash), i am redirected to http://host.domain.tld/roundcubemail/ (note not https, with trailing
slash).
if i correct the http:// to https:// everything works and all pages are secured. it seems that only the redirect to the URI with the trailing
slash
is where this comes up.
The redirect from /roundcubemail to /roundcubemail/ is done by Apache and doesn't yet hit Roundcube and its use_https logic. Thus not a Roundcube issue and nothing we could fix on our side. You need to teach Apache to redirect to https.
~Thomas _______________________________________________ Roundcube Users mailing list users@lists.roundcube.net http://lists.roundcube.net/mailman/listinfo/users
(Sorry for top posting, my MUA does not somehow allow posting properly in *this* message)
It is the Apache that does the redirection request for browser. This has nothing to do with the fact that it only handles http sockets. If Apache does not do it, nothing does.
br. jarif
brendan kearney kirjoitti 18.1.2016 15:29:
I am not understanding this. Apache is doing nothing with https. The https is being handled on the load balancer and everything apache sees is http only.
Does that mean the load balancing needs to be changed? On Jan 18, 2016 4:45 AM, "Thomas Bruederli" thomas@roundcube.net wrote:
On Mon, Jan 18, 2016 at 1:55 AM, Brendan Kearney bpk678@gmail.com wrote:
i have 2 apache instances behind HAProxy, where HAProxy is running the HTTPS and load balancing to RCM in the clear. i have set the 'use_https' option to true, and it works in most cases. i have found an exception and i wanted to see if this has been fixed in more recent versions.
if i browse to https://host.domain.tld/roundcubemail [1] (note https, with no trailing slash), i am redirected to http://host.domain.tld/roundcubemail/ [2] (note not https, with trailing slash).
if i correct the http:// to https:// everything works and all pages are secured. it seems that only the redirect to the URI with the trailing slash is where this comes up.
The redirect from /roundcubemail to /roundcubemail/ is done by Apache and doesn't yet hit Roundcube and its use_https logic. Thus not a Roundcube issue and nothing we could fix on our side. You need to teach Apache to redirect to https.
~Thomas _______________________________________________ Roundcube Users mailing list users@lists.roundcube.net http://lists.roundcube.net/mailman/listinfo/users [3]
Roundcube Users mailing list users@lists.roundcube.net http://lists.roundcube.net/mailman/listinfo/users [3]
On Jan 18, 2016 6:30 AM, "brendan kearney" wrote:
I am not understanding this. Apache is doing nothing with https. The
https is being handled on the load balancer and everything apache sees is http only.
Does that mean the load balancing needs to be changed?
In some default configs, Apache will implement that redirect (append trailing /). If so, your load balancer/proxy should rewrite them; alternately the Apache config can do it.
Investigate the configuration in HAProxy to only redirect using https for all rewritten urls under that location. Stack Overflow has many examples.
Good luck.
If no one can answer my question then Please take me off this
Sent from my iPhone
On 19 Jan 2016, at 8:04 AM, Gnul Char nullchar@gmail.com wrote:
On Jan 18, 2016 6:30 AM, "brendan kearney" wrote:
I am not understanding this. Apache is doing nothing with https. The https is being handled on the load balancer and everything apache sees is http only.
Does that mean the load balancing needs to be changed?
In some default configs, Apache will implement that redirect (append trailing /). If so, your load balancer/proxy should rewrite them; alternately the Apache config can do it.
Investigate the configuration in HAProxy to only redirect using https for all rewritten urls under that location. Stack Overflow has many examples.
Good luck.
Roundcube Users mailing list users@lists.roundcube.net http://lists.roundcube.net/mailman/listinfo/users
So what is your question?
Or are you posting from a ghost account as I suspect, since you did not ask this question, nor have you commented in this thread.
Either way you have been given the answer already, I suggest you subscribe to apache httpd users list ( users-subscribe@httpd.apache.org ) and ask their if you can not understand google's responses on how to configure httpd. But I warn you, the patience their for helping people who wont help themselves is like everywhere, rather thin.
AS to your request to leave this list, you may do so on your own accord any time you want by following the footer link.
On 19/01/2016 07:28, emma mulkearns wrote:
If no one can answer my question then Please take me off this
Sent from my iPhone
On 19 Jan 2016, at 8:04 AM, Gnul Char nullchar@gmail.com wrote:
On Jan 18, 2016 6:30 AM, "brendan kearney" wrote:
I am not understanding this. Apache is doing nothing with https. The https is being handled on the load balancer and everything apache sees is http only.
Does that mean the load balancing needs to be changed?
In some default configs, Apache will implement that redirect (append trailing /). If so, your load balancer/proxy should rewrite them; alternately the Apache config can do it.
Investigate the configuration in HAProxy to only redirect using https for all rewritten urls under that location. Stack Overflow has many examples.
Good luck.
-
Brendan Kearney -
brendan kearney
-
emma mulkearns -
Gnul Char -
Jari Fredriksson -
Noel Butler -
Thomas Bruederli