Enforce SSL/HTTPS on frontend

Make it possible to enforce https on the control-panel.

One possibility is through a .htaccess file (Apache-only):

RewriteEngine On RewriteCond %{SERVER_PORT} 80 RewriteRule ^(.*)$ https://ispconfig.domain.de/$1 [R,L]

A more elegant implementation might be through php. The implementation of Roundcube 0.8 beta in the index.php (force_https is set in config.inc.php):

// check if https is required (for login) and redirect if necessary if (empty($_SESSION['user_id']) && ($force_https = $RCMAIL->config->get('force_https', false))) { https_port = is_bool(force_https) ? 443 : $force_https; if (!rcube_https_check($https_port)) { host = preg_replace('/:[0-9]+/', '', $_SERVER['HTTP_HOST']); host .= (https_port != 443 ? ':' . $https_port : ''); header('Location: https://' . $host . $_SERVER['REQUEST_URI']); exit; } }

Edited Mar 06, 2022 by Thom