[Case 46364] Problem with "Require SSL for all remote logins to cPanel ..."

[FreedomBI]

I have come across a problem with the security setting "Require SSL for all remote logins to cPanel, WHM and Webmail. This setting is recommended." With webmail, it always tries to redirect to port 2096. Eg, if you have example.com and go to https://webmail.example.com, it will try to redirect you to https://webmail.example.com:2096 even though it's already using SSL. This results in users behind a firewall being unable to access webmail. Turning off this option restores normal functionality.

I have only tried this with webmail. I haven't tried cpanel or whm.

 

[thewebhosting]

If you wish to disable this feature then you can disable it from WHM -> Tweak settings -> Redirection -> Unselect the option "Always redirect users to the ssl/tls ports when visiting /cpanel, /webmail, etc."

 

[FreedomBI]

"Always redirect users to the ssl/tls ports when visiting /cpanel, /webmail, etc." has no effect on this. With this disabled and "Require SSL for all remote logins..." enabled, the problem still occurs. It does not occur with "Always redirect" on and "Require SSL" off.

 

[cPanelDon]

I believe the intended behavior is that of redirecting to the SSL port; however, I see the noted scenario is when using an SSL virtual host in Apache with the proxy sub-domains feature. Please consider submitting a support request so we may inspect and verify the specific circumstances and assist with investigating the issue; when available, please PM me the ticket ID number so I may follow-up internally.

 

[tomi1122]

Was there ever a resolution for this problem?

Tom

 

[cPanelDon]

Was there ever a resolution for this problem?

Tom

To the best of my knowledge the difficulty that was initially described should be fully alleviated. Upon testing, using cPanel version 11.25.1-EDGE_47010 and Apache version 2.2.15, I was unable to reproduce a scenario where SSL access to the webmail proxy sub-domain triggered a visible redirect to SSL port 2096 for webmail. I tested with "Always redirect to SSL" both enabled (On) and disabled (Off), each time with "Require SSL" enabled (On).

Are you currently seeing behavior different than what I've described above or are you experiencing any difficulty accessing services via the applicable proxy sub-domain?

 

[cPanelDon]

Friendly Moderator Note

Was there ever a resolution for this problem?

Tom

Are you currently seeing behavior different than what I've described above or are you experiencing any difficulty accessing services via the applicable proxy sub-domain?

Before posting I did not yet see the separate thread that you started; however, after reviewing the information posted there I believe it may be a different issue at the root of the symptoms. Please refer to my reply posted within your new thread. To prevent confusion with the older inquiry please continue applicable discussion in the newer thread that is dedicated to your unique circumstances. Thank you for your understanding.

 

[Infopro]

Important cPanel/WHM Version Number Designation Change

Please Note: Important cPanel/WHM Version Number Designation Change

As of July 28, 2010 the cPanel/WHM version number designations have been officially changed.

Version 11.25.1 is now designated 11.28 and version 11.25.2 is now designated 11.30.

These new changes were explained in some detail recently at the July 2010 - Quarterly Road map - Webinar direct from cPanel's PodCast Studio in Houston, Texas with speakers David Grega and Mario Rodriguez.

An official press release about these changes is forthcoming and can be accessed at this link as soon as it's made available to the Forum Team:
Important cPanel/WHM Version Number Designation Change (To be updated)

This post serves to update users who are subscribed to threads (where this message is posted) looking forward to upcoming enhancements in future versions of cPanel.

 

[equens]

re: [Case 46364] Problem with "Require SSL for all remote logins to cPanel ..."

Hello FreedomBI, how do you solved this problem? I can´t turn "Require SSL" On, because http://webmail.example.com shows a text with a link to redirect the user to https://webmail.example.com:2096.

 

[JaredR.]

re: [Case 46364] Problem with "Require SSL for all remote logins to cPanel ..."

The only method to avoid this, at this time, is to disable Require SSL in Main >> Server Configuration >> Tweak Settings. This setting is under the Security tab.

A request to change this behavior and cause proxy subdomains to work through the SSL ports has already been filed with our developers. There is no estimated time for when this will be changed, but it is being considered for a future version. The case number is 46364, and the case number will be mentioned in the changelog when a change affecting this behavior is published in a public build.

 

[cPanelDavidG]

Case 46364 was resolved in the early builds of 11.30. To see if 11.30 has reached your update tier yet, visit Downloads - cPanel Inc.

 

[SoftDux]

Re: [Case 46364] Problem with "Require SSL for all remote logins to cPanel

David,

can you please 46364, I don't see it on the changelog website.

 

[cPanelDavidG]

Re: [Case 46364] Problem with "Require SSL for all remote logins to cPanel

David,

can you please 46364, I don't see it on the changelog website.

On the 11.30 changelog, you will see this case listed for version 11.29.0.11 (a pre-production version of 11.30).

 

[manokiss]

Re: [Case 46364] Problem with "Require SSL for all remote logins to cPanel

Im on WHM 11.30.3 (build 5) and im having this problem yet. I have:

Always redirect to SSL: On
Non-SSL redirect destination: hostname
SSL redirect destination: SSL Certificate Name

It continue showing the "Log in using SSL" link when i go to webmail.dom.com. When i click on it it redirecting to the port 2096 (for webmail for example).

I did tes in one domain running /scripts/proxydomains for that domain specifically, nothing has changed.

Any idea? I have the same problem in all the servers i have.

Thanx in advance!