Secure Plesk Webmail with SSL

Plesk 12.5 (together with the Let’s Encrypt plugin) is a convenient tool that comes with batteries included for most cases. However, webmail is only accessible via SSL with the self-signed certificate by default. Some people suggest patching the config files (which potentially gives problems after updates), but here is a different approach that works with the frontend functionality only.

Imagine, we have the website example.com in plesk 12.5 with webmail enabled. In this case, the default webmail address is webmail.example.com. To offer SSL-protected webmail, follow these steps:
1. Add a new subdomain, e.g. mail.example.com, to plesk.
2. Set its SSL certificate as usual (or using the Let’s encrypt plugin)
3. Enable mod_proxy and proxy_http as apache modules.
4. Set the directives for Apache as follows for HTTP (not HTTPS!):

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule "^/.well-known/acme-challenge/.*" - [L]
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]

5. Set the directives for Apache as follows for HTTPS:

ProxyRequests Off
ProxyPass / http://webmail.example.com/

Leave a comment

Your email address will not be published.

One thought on “Secure Plesk Webmail with SSL”