Submitted by jorgecardenas1 on Thu, 05/29/2014 - 20:30 Pro Licensee
There is quite easy to add a redirect from http to https website in order to assure let's say webmail over SSL. But it is time consuming trying and error prone (to forgot it) to add one redirect per each app that has a login page, then per each domain in the server, i.e. access to virtualmin/usermin/webmail must be on https. But also any script installed like drupal, joomla, etc. It would be nice that a redirects is created when the script is installed and removed when uninstalled.
Status:
Active
Comments
Submitted by JamieCameron on Thu, 05/29/2014 - 22:38 Comment #1
We aren't likely to implement per-app login-page only SSL redirects, since there is no way of knowing what the login page URL is for each version of each app. Also, SSL for just login pages isn't that secure, as it means the cookie issued after logging in isn't protected.
You'd be better off just redirecting the whole domain to SSL when accessed via plain HTTP.