• Hi, Pleskians! We are running a UX testing of our upcoming product intended for server management and monitoring.
    We would like to invite you to have a call with us and have some fun checking our prototype. The agenda is pretty simple - we bring new design and some scenarios that you need to walk through and succeed. We will be watching and taking insights for further development of the design.
    If you would like to participate, please use this link to book a meeting. We will sent the link to the clickable prototype at the meeting.
  • Our UX team believes in the in the power of direct feedback and would like to invite you to participate in interviews, tests, and surveys.
    To stay in the loop and never miss an opportunity to share your thoughts, please subscribe to our UX research program. If you were previously part of the Plesk UX research program, please re-subscribe to continue receiving our invitations.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.

Forwarded to devs individual domain can't use HTTPS for webmail if webmail.forceHttp=true

enduser

Basic Pleskian
Username:

TITLE

individual domain can't use HTTPS for webmail if webmail.forceHttp=true

PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE

Plesk Obsidian 18.0.48
CentOS 7

PROBLEM DESCRIPTION

Since Plesk for Windows auto redirect webmail HTTP to HTTPS by default even no SSL is installed, so we use webmail.forceHttp=true to disable such redirect.

However, if one domain customer install and set SSL for their webmail, the webmail is still HTTP. It seems that it won't update IIS when webmail.forceHttp=true .

We don't want auto redirect HTTP to HTTPS because webmail with HTTPS always shows invalid SSL error until customer install valid SSL. However using webmail.forceHttp=true that prevent any customer who want to use valid SSL for their webmail.

STEPS TO REPRODUCE

  1. Fresh install Plesk for Windows
  2. add webmail.forceHttp=true in panel.ini
  3. create a subscription
  4. in the subscription, install SSL & apply it to "SSL/TLS certificate for webmail"
  5. IIS > MailEnable WebMail > Bindings > it is still http but not https

ACTUAL RESULT

IIS bindings is still http but not https

EXPECTED RESULT

IIS bindings is https

Alternatively, referring to ChristophRo in the discussion, Plesk may abandon "webmail.forceHttp=true" and un-bundle the automatic http --> https redirect for webmail

ANY ADDITIONAL INFORMATION

Issue - individual domain can't use HTTPS for webmail if webmail.forceHttp=true

YOUR EXPECTATIONS FROM PLESK SERVICE TEAM

Confirm bug
 
Actually, this is expected behaviour. Forcing is forcing. There are no exclusions.

We would suggest either managing redirects manually or creating the corresponding feature request on Plesk UserVoice.

Note: Nowadays, it is highly recommended to use secured connections. That's why force redirection to HTTPS was implemented. Moreover, Plesk provides the possibility to issue free Let's Encrypt certificates so all domains might be secured.
 
Back
Top