Hello, I would like to secure the webmail, my server is on Debian Buster with Nginx. Firstly, it looks like in the mail list, the webmail link is on port 8080 instead of 8081 but it is another topic What is the best approach to have a webmail secured with https? I don't realy like to access it using non-https on port 8081. For the moment, I use the server main domain name which is set as a reverse proxy to localhost:8081 In this way I also have mailman for example, which is useful. But would it be possible to set https://server.example.com/webmail to access webmail? When I create a location in nginx options tab: Code: location /squirrelmail { proxy_pass http://127.0.0.1:8081/squirrelmail/; include proxy_params; allow all; } location /webmail { proxy_pass http://127.0.0.1:8081/squirrelmail/; include proxy_params; allow all; } Every CSS and JS are not found (404). If I remove the slash after webmail/squirrelmail in proxy_pass the proxy is only a 301 redirection, so the same as I wouldn't use https. I tried to copy the Nginx directives from apps.vhost but the Roundcube config file is not found (in fact permission denied). I though creating webmail.example.com could be a good solution but proxy I think would cause the same issues, and I would have to change virtual host user to www-data, which doesn't look good for me (may is it a mistake)? Is my first approach (which works) is good? Which other solution could be good? I looked for a solution on this forum but didn't find, sorry if I didn't search right. Hop I gave enough information.
Use Internet Search Engines with Code: site:howtoforge.com securing ispconfig let's encrypt That finds https://www.howtoforge.com/tutorial/securing-ispconfig-3-with-a-free-lets-encrypt-ssl-certificate/ Using that fine tutorial, you can secure all services on your host. Then you can use server.example.com with httpS and access webmail.
Hi, @Taleman Thanks for your answer. This tutorial show how to secure port 8080 but 8081, where the webmail is, is not secured. I read it before posting and applied it to secure ISPConfig. At the beginning I modified the virtual host file in conf-custom folder but because port 8081 is not specific for one host, I prefer to find another solution. Thanks
Why have you put your webmail on port 8089? On my ISPConfig setups webmail is just maihost.domain.tld/webmail. No port needed in URL. But I assume it is possible to secure also port 8089 if you want to use that. But I have no idea how to do that.
Hello, I haven't changed anything, by default webmail is on port 8081 If I type http://mydomain.com/webmail I have a 404 by default. What did I do wrong?
I use Apache. The nginx perfect server guide indeed sets webmail to use port 8081, I now know after just reading that guide. Unfortunately I know nothing about nginx setup.
OK, so no solution without adding custom-conf file? And not possible to add subdomain webmail.domain.com with nginx? Thanks
conf-custom is the feature in ISPConfig for exact such a case where you want to have a custom configuration that differs from ISPConfigs defaults. Of course that's possible, just add a website webmail.domain.com in ISPConfig and install a webmail application of your choice in that website.
I know, I wanted to be sure there was no alternative OK I re-formulate, I wanted to be sure it was not possible to use the same webmail. Thanks for these clarifications.
It does not make sense to use the same webmail installation as all files are owned by a wrong user and all files are in a wrong location. But you can use the same application of course.
