Since I am not sure what the docs about FQDN is trying telling me, I hope someone can help me:
I made a fresh Virtualmin install on Ubuntu 24.04 with FQDN: virtualmin.mydomain. com
When I create the first virtual server with the domain mydomain. com a second pair of servers is being created by Virtualmin with the home directory = /._default_hostname/ and the Server Name = virtualmin.mydomain. com
If I connect to virtualmin.mydomain:80 or virtualmin.mydomain. com:443 I get the host default page mentioned in the docs.
Is this an expected behaviour when creating a server with my main domain mydomain. com which is also beeing used by the Virtualmin server as a subdomain virtualmin.mydomain. com.
Is it unsafe to host the same domain name which is beeing used as subdomain by Virtualmin in a production system?
Default hostname creation is a feature that was added by @Ilia sometime ago. It represents the “hostname” of the server itself and if enabled is created automatically.
The purpose was to have a resolvable hostname out of the box, so people didn’t see those “Warning” screens when an SSL certificate is not signed.
However, it’s important that before you setup the domain, that the default hostname is resolvable otherwise it cannot create a signed certificate through “Lets Encrypt”.
While I understand the reason why this feature was created, I’ve never been fan of it personally so I disable the feature which in turns gets rid of the “/home/._default_hostname” virtual server.
If you’d like to disable, please follow these instructions:
Navigate to “Virtualmin > System Settings > Virtualmin Configuration”
From the dropdown box select “SSL settings”
Adjust “Setup SSL certificate from provider for hostname” and toggle to “No”
Click “Save”
Navigate to “Virtualmin > System Settings > Re-Check Configuration”
This should effectively turn off the feature and update your system.
This is why I don’t like the automatic virtual server. It’s confusing and seemingly conflicts with the documentation.
The automatic domain only exists to get a Let’s Encrypt certificate so you won’t get a browser warning when you try to log in to Virtualmin. That’s it. It doesn’t have mail (and it should never have mail, because you should not virtual host mail for a name that is already able to receive mail on the system…you’d have two things with the same name, confusing Postfix and leading to a variety of confusing failure modes), you don’t need to host any websites on that name (though you could and it would be harmless to do so), and once you have other domains configured in Virtualmin you never need to use that name for anything ever again. At that point you can log in to Virtualmin/Webmin using any domain that has TLS configured.
The “don’t name your system the same name as a name you’ll be hosting in Virtualmin” is mostly about mail and the conflict of repeating the hostname in the virtual map. That’s why we tell you not to do that. The “automatic” domain doesn’t have virtual mail configured and should try pretty hard to prevent you from turning on mail.
Your instruction worked! It deleted the automatically created virtualmin servers. Thank you for the help.
I always enable the option “Setup SSL certificate from provider for hostname” before I create my first domain/virtual server.
I would like to share my thoughts with the automatic creation of the default hostname servers:
The virtualmin apache server is not configurable in virtualmin → So it is not possible to enalbe SSL redirection since the virtualmin server is not showing up in configuration. I did not check yet if the port 80 server can be manualy edited within “edit directives”.
An external request on :80 and :443 to the servers ip address (e.g.: http://123.45.67.89) or a request to any subomain (if this subdomain is dyndns redirected to your servers ip) will show the host default page with the virtual.mydomain.com url in the webpage → possbile solution: block any request made by unknown FQDN?
What is this ? Virtualmin is not served via apache it’s served via its own server so any configuration changes have to be made via webmin as virtualmin is a module/add on of webmin or did you mean something else?
First of all. Thank you to for all your help! You created an awesome and powerful program, which I am playing around with since a couple weeks now.
Just for the comprehension:
The Default_hostname server is beeing created when the domain, that virtualmin server/subdomain is using in its FQDN, is beeing created.
The “don’t name your system the same name as a name you’ll be hosting in Virtualmin” means DO NOT create virtual server with the same FQDN(virtualmin.mydomain.com). But it is okay to create the virtual server for your main domain (mydomain.com)?
I mean the two virtual servers which have been automatically created. They were not showing up in the Virtualmin Administration Tab.
BUT if you change the “Setup SSL certificate from provider for hostname” to “Yes, and have it configurable” it actually shows up and I was able to enable the “Redirect all requests to SSL site” in SSL options and now all http:// requests to the Virtualmin server redirect to https://.
BUT this working setup looks really weird, with the creation of the “_default_hostname”, which also created the contact email _default_hostname@.
I mean one apache server for port 80 and another apache server for port 443 is being created.
FYI: In the end none of the configuration with enabled “Setup SSL certificate from provider for hostname” and the creation of the Default_hostname servers left a good feeling, so I decided to disable it.
Then I requested a new SSL Certificate for my main domain and added the virtualmin FQDN, which gives me a valid SSL cert for Virtualmin.
That’s just two VirtualHosts, but only one virtual server in Virtualmin (a Virtual Server is a collection of services…it’s always a bunch of things).