SSL Logins redirect to host server - Possible?

V

Vibe

Verified User
Joined
Aug 3, 2005
Messages
120
SSL Logins redirect to host server - Working Now

Hello everyone,

I am trying to force all user logins for the following to be redirected to an SSL connection through my host server's domain. I have been playing with this for quite a while, but cannot get things working properly:

http://www.clientdomains.com/webmail ---> https://server.hostdomain.com/webmail

http://www.clientdomains.com/squirrelmail ---> https://server.hostdomain.com/squirrelmail

http://www.clientdomains.com/phpmyadmin --> https://server.hostdomain.com/phpmyadmin

I found Jeff's excellent post at This Link.

I would think this is a basic redirect, either in httpd.conf or .htacess, but I get errors that the page will not load due to "redirection" errors.

I recognize the easiest thing would be to simply tell clients to use the https://server.hostdomain.com/*** from the get-go, but many like having the convenience of simply appending the alias to their domain name.

Other than the Alias in the server httpd.conf file, the redirect.php script in /var/www/html/ - what other files may be responsible for redirection?

I realize security is still non-existant for pop mail clients that login, but hey...for webmail and phpmyadmin it is a start. Any ideas? THANK YOU for any help - definitely appreciated!

Michael
 
Last edited:
Since you haven't given us your real domain information there's no checking I can do from here.

Jeff
 
Hi Jeff - Thank you for the quick reply!

I decided to use squirrelmail as my redirect "test" as users are currently using "webmail" until I get the bugs ironed out with spamassassin (another post of mine). What I first tried to do was to create a redirect2.php (as in /var/www/html/redirect.php for DA logins) but I believe the hardcoded host server domain (in redirect2.php) does not work with the sym link "squirrelmail --> squirrelmail_1.4.5" in the host server html directory.

The other option that I have tried is creating a .htaccess file in the host servers html directory to redirect any alias (e.g. "/squirrelmail") to the host server, with the alias appended to the URL request through mod rewrite. This is my .htaccess file:

RewriteEngine on
RewriteRule ^ https://server.hostserver.com%{REQUEST_URI} [NS,R,L]

The correct URL appears in the address bar for Mozilla 1.5, however the only error I receive is the following message (I.E. just hangs indefinitely):

"The page isn't redirecting properly

Firefox has detected that the server is redirecting the request for this address in a way that will never complete.

* This problem can sometimes be caused by disabling or refusing to accept cookies."

:(

I was hoping that somewhere between DA templates, httpd.conf adjustments, additional "redirect.php" pages or mod rewrite directives there would be an easy (ah ha ha ha :) ) way to redirect all domains on the server from http://www.clients.com/squirrelmail to https://server.hostserver.com/squirrelmail. Do you think I am on the right track?

Thanks again Jeff for your dedication to helping everyone in the forum!

Michael
 
I'm not an http expert, so I'm going to have to give up on this one. Hopefully someone else will have some comments.

Jeff
 
Hey thanks Jeff...I just had a minor brain storm and believe I have an infinite loop of sorts going on...hence IE hanging and the message through Mozilla/Firefox.

Hopefully I have "seen the light" so to speak. Thanks again and best wishes!

Michael
 
Solved!

John (DA) has given me a solution that works PERFECTLY (Thanks John!).

For example, If you would like to redirect all requests for webmail (e.g. userdomain.com/webmail) to be redirected through server.hostdomain.com/webmail over https, add the following PHP code to the appropriate landing page for the Alias you are using:

<?
if ($_SERVER["SERVER_PORT"] != 443)
{
header("Location: https://".$_SERVER["HTTP_HOST"].$_SERVER["REQUEST_URI"]);
exit(0);
}

So for /webmail requests you would add the above to the top of /var/www/html/webmail/index.php

The reason I want to do this is to add some security for all web based logins. Realize that this WILL NOT add security for logins with local POP email clients.

This works for SquirrelMail and PHPMyAdmin as well. Used with an SSL certificate for server.hostdomain.com and you are set.

Thanks again John!

Michael
 
You must log in or register to reply here.
Back
Top