Roundcube - force https button - has no effect

force https button - has no effect - still http is accessible and do not redirects to https

can you demonstrate with curl please

when I test it

╰─➤  curl -v roundcubemail2.rocky9-pve4.org     
* processing: roundcubemail2.rocky9-pve4.org
*   Trying 192.168.12.119:80...
* Connected to roundcubemail2.rocky9-pve4.org (192.168.12.119) port 80
> GET / HTTP/1.1
> Host: roundcubemail2.rocky9-pve4.org
> User-Agent: curl/8.2.1
> Accept: */*
> 
< HTTP/1.1 301 Moved Permanently
< Location: https://roundcubemail2.rocky9-pve4.org/
< Date: Tue, 19 Mar 2024 17:49:45 GMT
< Content-Length: 17
< Content-Type: text/plain; charset=utf-8
< 
* Connection #0 to host roundcubemail2.rocky9-pve4.org left intact
Moved Permanently%

my curl results same … but you forget the roundcube is on other address … webmail.domain.xxx … and then curl gives the login page of roundcube …

I cannot reproduce sorry like you can see curl show me that the url is forced to https

1 Like

what cant u get again … roundcube has a setting for a fqdn which is different from the domain - like domain is: domain.com - when u make http request to domain.com
it redirects to https domain.com - but as u set as i do in roundcube settings fqdn to the webmail.domain.com - it works ok - but http webmail.domain.com - DOES NOT
redirects to https webmail.domain.com - and just loads insecure … htpps webmail.domain.com also works ok - conclusion: redirect works only for domain.com - but NOT for any xxx.domain.com
now u got it ???

I’m seeing the same thing as Stephane:

 dan@Dan-MBP-2019  ~  curl -v http://webmail.db5.us
*   Trying 5.189.163.122:80...
* Connected to webmail.db5.us (5.189.163.122) port 80
> GET / HTTP/1.1
> Host: webmail.db5.us
> User-Agent: curl/8.4.0
> Accept: */*
>
< HTTP/1.1 301 Moved Permanently
< Location: https://webmail.db5.us/
< Date: Tue, 19 Mar 2024 21:55:22 GMT
< Content-Length: 17
< Content-Type: text/plain; charset=utf-8
<
* Connection #0 to host webmail.db5.us left intact
Moved Permanently%

Maybe you can drop the attitude?

4 Likes

Sorry if I missed something, but with ns8-roundcubemail Version 2.0.0, I also see the same as Dan and Stéphane, tested with webmail.domain.com, differentdomain.com, anything.differentdomain.com, a.b.c.d.e.f.test … tested with curl, firefox and brave (although some browsers and browser plugins can force redirection to https, but then there’s curl test).

1 Like

Sorry, im bad … the button does its job - its traefik which does not redirects behind other redirector …

2 Likes

cc/ @davidep

Sorry Ivelin I know we have the barrier of the language to share between us, since I am not also a native english speaker but can you reformulate what you want to achieve and what you do, can you share a drawn if needed, because I think that we do not really/fully understand what you are saying

No offense from me

well i just like the project and try to help a little
in my case i have a nginx proxy in front of all vm’s and containers on the server and ns8 is one of many vm’s (i try to install it on lxc but it does not work) so i redirect in front of it with nginx proxy and if i dont force https there the traefic inside ns8 vm does not redirects http login of roundcube and i can login insecure but if i force https on nginx proxy all works as expected and traefic needs button to dowload certs cose now front nginx proxy uses own also from letsencrypt but can use same from inside vm noneed to duplicate

1 Like

@Ivelin_Topalov few hints.
1: use commas. These tiny small characthers, that helps separate phrases and helps to imagine a bit better how you’re trying to… “speak”, even using written words
2: nginx is a wonderful tool, however… redirection can be handled or on nginx, or on host (NS8/Roundcube). It’s a spoken dialog between two deaf persons, because NS8 cannot know what nginx is doing, and viceversa
3: AFAIK both 80 and 443 ports need to be reachable from NS8 containers/modules, for allowing renewal of letsencrypt certificate.

read this carefully and u will understand what i mean:
https://www.eigenmagic.com/2021/09/20/nginx-as-a-reverse-stream-proxy/