How to enable/disable HTTPS redirection for webmail in Plesk for Linux

Anton Kuznetsov

Updated January 13, 2026 18:59

kb: how-to Plesk for Linux ext: kolab ABT: Group A

Applicable to:

Plesk for Linux

Question

How to enable/disable HTTPS redirection (force webmail to use SSL) for webmail in Plesk for Linux?

Answer

A redirection in Webmail from HTTP to HTTPS on a Plesk for Linux server can be configured either via SSL It! extension, by creating a Plesk custom configuration template, modifying the webmail native configuration file or modifying the webmail .htaccess file:

Solution 1:

Using SSL It! extension for a single domain

Install the SSL It! extension.
Secure webmail with an SSL certificate.
Go to Domains > example.com > SSL/TLS Certificates >
Under the Options, enable Redirect from HTTP to HTTPS > click Configure > select/deselect Apply to webmail > click on Update to apply the changes.

Solution 2:

Disabling redirection to HTTPS via panel.ini for all domains

The HTTPS redirection for webmail can be disabled via Plesk configuration file panel.ini for all domains:

Connect to a Plesk server via SSH.
Open the file in an editor:

# plesk conf panel.ini

Add the following lines at the end of the file:

CONFIG_TEXT: [mail]
webmail.forceHttp = true
Save the changes and close the file.

Solution 3:

Creating a Plesk custom configuration template

Connect to a Plesk server via SSH.
Create a directory for custom configuration templates:

# mkdir -p /usr/local/psa/admin/conf/templates/custom/webmail
Copy the original file webmail.php to the created directory:

# cp -p /usr/local/psa/admin/conf/templates/default/webmail/webmail.php /usr/local/psa/admin/conf/templates/custom/webmail/
Open the file /usr/local/psa/admin/conf/templates/custom/webmail/webmail.php in a text editor (for example, vi editor) and insert the records below right before the first </VirtualHost> string:

CONFIG_TEXT: RewriteEngine On
RewriteCond %{REQUEST_URI} !^/\.well\-known/acme\-challenge/
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,QSA]
Save the changes and close the file.
Regenerate configuration files for all domains:

Note: During this operation, the websites will be unavailable for a short period of time. The execution time of this command depends on the number of domains on the server.

# plesk sbin httpdmng --reconfigure-all

To disable this redirect, remove the /usr/local/psa/admin/conf/templates/custom/webmail/webmail.php file and repeat step 6.

Creating a Plesk custom configuration template with Plesk Premium Email

Connect to a Plesk server via SSH.
Edit the custom configuration template /usr/local/psa/admin/conf/templates/custom/webmail/roundcube.php created by Plesk Premium Email and locate the following text:

CONFIG_TEXT: RewriteEngine On
RewriteRule ^/[a-zA-Z0-9]{16}/(.*) /$1 [PT,L]
Add the following lines after the text block identified in the previous step:

CONFIG_TEXT: RewriteEngine On
RewriteRule ^/[a-zA-Z0-9]{16}/(.*) /$1 [PT,L]
# Redirect Kolab from HTTP to HTTPS
RewriteCond %{REQUEST_URI} !^/\.well\-known/acme\-challenge/
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,QSA]
Save the changes and close the file.
Regenerate configuration files for all domains:

Note: During this operation, the websites will be unavailable for a short period of time. The execution time of this command depends on the number of domains on the server.

# plesk sbin httpdmng --reconfigure-all

To disable this redirect, remove the lines in bold added on step 3 and repeat step 5.

Solution 4:

Modifying the native configuration file of Roundcube webmail

Connect to a Plesk server via SSH.
Open the file /usr/share/psa-roundcube/config/config.inc.php in a text editor (for example, "vi" editor) and add the following line at the end of the file:

CONFIG_TEXT: $config['force_https'] = true;
Save the changes and close the file.

To disable this redirect, set 'force_https' to 'false':

CONFIG_TEXT: $config['force_https'] = false;

Modifying the native configuration file of Horde webmail

Connect to a Plesk server via SSH.
Open the file /etc/psa-webmail/horde/horde/conf.php in a text editor (for example, "vi" editor) and change the value of $conf['use_ssl'] to 1:

CONFIG_TEXT: $conf['use_ssl'] = 1;
Save the changes and close the file.

To disable this redirect, set 'force_https' to 2:

CONFIG_TEXT: $conf['use_ssl'] = 2;

Solution 5:

Modifying the .htaccess file of Roundcube webmail

Connect to a Plesk server via SSH.
Open the file roundcube.htaccess.inc in a text editor (for example, vi editor). The location of this file is:
- for CentOS/RHEL-based distributions:
  
  MYSQL_LIN: /etc/httpd/conf/plesk.conf.d/roundcube.htaccess.inc
- for Debian/Ubuntu-based distributions:
  
  MYSQL_LIN: /etc/apache2/plesk.conf.d/roundcube.htaccess.inc
Insert the text below in the <IfModule mod_rewrite.c> section:

CONFIG_TEXT: <IfModule mod_rewrite.c>
...
RewriteCond %{REQUEST_URI} !^/\.well\-known/acme\-challenge/
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,QSA]
</IfModule>
Save the changes and close the file.
Restart Apache:
- for CentOS/RHEL-based distributions:# service httpd restart
- for Debian/Ubuntu-based distributions:# service apache2 restart
  
  To disable this redirect, remove the lines added on step 3 and restart Apache.

Modifying the .htaccess file of Horde webmail

Connect to a Plesk server via SSH.
Create a directory for custom configuration templates:# mkdir -p /usr/local/psa/admin/conf/templates/custom/webmail
Copy the original file horde.php to the created directory:# cp -p /usr/local/psa/admin/conf/templates/default/webmail/horde.php /usr/local/psa/admin/conf/templates/custom/webmail/
Open the created file /usr/local/psa/admin/conf/templates/custom/webmail/horde.php in a text editor (for example, "vi" editor) and:
- Add the $hordeHtaccess record (line 6):CONFIG_TEXT: <?php
  /** @var Template_VariableAccessor $VAR */
  $hordeDocroot = $VAR->server->webserver->horde->docroot;
  $hordeSysUser = "horde_sysuser";
  $hordeSysGroup = "horde_sysgroup";
  $hordeHtaccess = $VAR->server->webserver->httpConfDir . "/plesk.conf.d/horde.htaccess.inc";
  $hordePhpIni = $VAR->server->webserver->horde->confD . "/horde/php.ini";
  ?>
- Add the Include record right before </Directory> (line 33):CONFIG_TEXT: <?php endif; ?>
  Include "<?php echo $hordeHtaccess ?>"
  </Directory>
  </IfModule>
Create the file horde.htaccess.inc:
- for CentOS/RHEL-based distributions:# touch /etc/httpd/conf/plesk.conf.d/horde.htaccess.inc
- for Debian/Ubuntu-based distributions:# touch /etc/apache2/plesk.conf.d/roundcube.htaccess.inc
Regenerate configuration files for all domains (required once):Note: During this operation websites will be unavailable for a short period of time. The execution time of this command depends on the number of domains on the server.# /usr/local/psa/admin/sbin/httpdmng --reconfigure-all
Open the created file horde.htaccess.inc and add rewrite rules:

CONFIG_TEXT: <IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_URI} !^/\.well\-known/acme\-challenge/
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,QSA]
</IfModule>
Save the changes and close the file.
Restart Apache:
- for CentOS/RHEL-based distributions:
  
  # service httpd restart
- for Debian/Ubuntu-based distributions:
  
  # service apache2 restart
  
  To disable this redirect, remove the lines added on step 7 and restart Apache.

mceclip0.png
(90 KB)
mceclip0.png
(90 KB)