How can you add Roundcube (or any other PHP webmail client script) to the WordPress backend? Can this be done so that the webmail client can be accessed only from inside wp-admin? It should not be accessible from any URL outside of wp-admin.
Where must the webmail client be installed on the webserver? If it’s installed for example at /webmail it could also be accessed through https://server.com/webmail, which is something I’d like to avoid.
Please note that single sign on/off is not needed. The only thing that’s required is to hide the webmail script behind WordPress admin.
How would you do this? Your advise is highly appreciated. Thank you.
Edit:
Would it be valid to:
- create a folder at
/wp-content/plugins/webmail/roundcubeand install roundcube into it? - have a script to add a menu item to wp-admin, to display roundcube inside an iframe
Theoretically, this should hide Roundcube behind WordPress admin. But would that work? Or would that cause problems? How to tell WordPress to ignore the scripts at /wp-content/plugins/webmail/roundcube and ensure they are handled by PHP without WordPress interfering?
1
You could register a custom menu page and then use an iframe for the webmail as an output for this.
To secure your /webmail URL you can set access-controls within your .htaccess file to only allow your website address to access the path.
