• We value your experience with Plesk during 2024
    Plesk strives to perform even better in 2025. To help us improve further, please answer a few questions about your experience with Plesk Obsidian 2024.
    Please take this short survey:

    https://pt-research.typeform.com/to/AmZvSXkx
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Issue individual domain can't use HTTPS for webmail if webmail.forceHttp=true

enduser

Basic Pleskian
Server operating system version
Windows 2022
Plesk version and microupdate number
18.0.48
Hi,

Since Plesk for Windows auto redirect webmail HTTP to HTTPS by default even no SSL is installed, so we use webmail.forceHttp=true to disable such redirect.

However, if one domain customer install and set SSL for their webmail, the webmail is still HTTP. It seems that it won't update IIS when webmail.forceHttp=true .

We don't want auto redirect HTTP to HTTPS because webmail with HTTPS always shows invalid SSL error until customer install valid SSL. However using webmail.forceHttp=true that prevent any customer who want to use valid SSL for their webmail.

Can Plesk add a feature to allow individual domain to use SSL for its webmail even webmail.forceHttp=true? Or simply remove such redirect by default?

How to duplicate:
1. Fresh install Plesk for Windows
2. add webmail.forceHttp=true in panel.ini
3. create a subscription
4. in the subscription, install SSL & apply it to "SSL/TLS certificate for webmail"
5. IIS > MailEnable WebMail > Bindings > it is still http but not https
 
From the Plesk release notes:

[mail]
webmail.forceHttp = true

On Plesk for Windows, to disable automatic HTTP > HTTPS webmail redirection for existing domains, run the plesk repair web -webmail command.

Does this help?
 
Kaspar,

Thank you for your info. I did read that before, but I think you misunderstood my problem.

Currently I can get all HTTP redirect disabled successfully (because no valid SSL is installed by default), so all customers access their webmail via http://webmail.customer-abc.com

However some customers install a valid SSL for their webmail, they would expect they can use https://webmail.customer-xyz.com , but there is no way to set it via Plesk.
 
Isn't that a bit of unusual use case? With let's encrypt webmail can be secured for any domain.

However some customers install a valid SSL for their webmail, they would expect they can use https://webmail.customer-xyz.com , but there is no way to set it via Plesk.
I am not sure if I understand correctly. So isn't webmail accessible via https at all for domains who do have a valid SSL cert set for their webmail? Or is webmail accessible via https on those domains, but do like to forward http > https specifically for those domains?
 
Kaspar,

Isn't that a bit of unusual use case? With let's encrypt webmail can be secured for any domain.
Because not every customers install let's encrypt SSL on their webmail. (maybe somehow they cannot get the validation done before DNS pointing)

I am not sure if I understand correctly. So isn't webmail accessible via https at all for domains who do have a valid SSL cert set for their webmail? Or is webmail accessible via https on those domains, but do like to forward http > https specifically for those domains?
For example there are 3 domains in Plesk with setting webmail.forceHttp = true in panel.ini:

domain1.com, no SSL installed for webmail - webmail is accessible via http, but isn't accessible via https, this is expected because of forceHttp
domain2.com, no SSL installed for webmail - webmail is accessible via http, but isn't accessible via https, this is expected because of forceHttp
domain3.com, no SSL installed for webmail - webmail is accessible via http, but isn't accessible via https, this is expected because of forceHttp

Then customer domain3.com install a SSL for webmail, it will become result as below:

domain3.com, webmail is accessible via http, but isn't accessible via https, this is NOT expected because customer expects to access webmail via https://webmail.domain3.com after they install a SSL certificate
 
Plesk should abandon this stupid "webmail.forceHttp=true" switch and un-bundle the automatic http --> https redirect for webmail, from the webhosting settings.
Then either create a separate "Permanent SEO-safe 301 redirect from HTTP to HTTPS" checkbox for the webmail or just simply make the https redirect for webmail dependent on presence of the "SSL/TLS certificate for webmail" settings. (I vote for second option, because nobody in their right mind would want to set an SSL certificate for webmail and then not use it...)
 
Yes, I totally agree with ChristophRo.

Just like Plesk for Linux, webmail is HTTP by default, but webmail in Plesk for Windows is HTTPS by default (even no valid SSL). It is really weird.
 
@IgorG Could you check about this? Do you think it is a bug for webmail.forceHttp? Or Plesk should not use or should change the way to handle webmail HTTPS by default?

If it is treated as a bug, then I will fire a report, thank you.
 
Yes, it looks like a problem worth showing the developers. Therefore, please fill out the report.
 
Back
Top