Possibility to force SSL on Webmail
Some users don't know why they should enter https:// if they have to access webmail, they use http://
http is insecure. Easpecially in combination with unencrypted wireless connections.
Actually you have to go into the plesk code to set this function somewhere. Why does plesk provide the webmail-login insecure by default?
If you have setup an Domain Certificate, at least then plesk should offer the option to force ssl on accessing webmail.mydomain.??
The functionality is now available:
1. Linux: in the SSL It! Plesk Extension: https://ext.plesk.com/packages/3c4117f6-c05c-4d3b-9173-60f10096a9c4-sslit
2. Windows: in Plesk Obsidian (by default if SSL is turned on for the domain)
How to find it in SSL It! Extension:
1. install SSL It! Extension (it’s available for Plesk 17.8+)
2. go to > SSL/TLS Certificates
3. if there is no SSL Certificate installed on the domain – issue one (using, for example, free Let’s Encrypt SSL Certificate)
4. if an SSL Certificate is installed on the domain, there is a switcher “HTTP→HTTPS redirect”, this switcher has an option “Webmail”, turn it on.
5. Additionally, you can setup HSTS (for webmail too)
We would appreciate hearing your feedback on the implementation of this functionality. Thanks in advance!
MD Rizwanur Rahman commented
I want a option in plesk to redirect my webmail from http to https
+1 on this isue
+1 Seems odd to have option to encrypt but not the option to force use of encryption..
+1 (forced SSL as described in the workaround posted by Alexander Yamshanov is not useful in a shared hosting environment because SSL feature is optional)
Alexander Yamshanov commented