> Because of this alias, http://192.168.1.8/webmail/ or > https://192.168.1.8/webmail/ will bring up the login page. I'm > working on getting this to be ONLY accessable by https, but have not > done that yet. On my RH7.3 machine, I put squirel mail in the ssl > document tree so that was the only way in. I might do that here > again. > However, as you point out, it's probably only the login page that > needs to go SSL. If all of SM is in the SSL tree, everything goes > through SSL, which is slower. I have not as yet figured out how to put > just the login page on SSL and everything else on http.
That is what the secure login plugin is for. It forces users who go to http://blah.blah.blah/webmail to be redirected to https://blah.blah.blah/webmail and also gives you the option to keep your entire SM session in SSL or only the login event. In my experience, it's not only slower, but SM misbehaves somewhat when running under SSL. Here's the plugin: http://squirrelmail.org/plugin_view.php?id=61 -paul. ------------------------------------------------------- This sf.net email is sponsored by: Are you worried about your web server security? Click here for a FREE Thawte Apache SSL Guide and answer your Apache SSL security needs: http://www.gothawte.com/rd523.html -- squirrelmail-users mailing list List Address: [EMAIL PROTECTED] List Archives: http://sourceforge.net/mailarchive/forum.php?forum_id)95 List Info: https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
