Email message to send upon server creation

SYSTEM INFORMATION
OS type and version Almalinux 9
Virtualmin version 7.20.2

Hi, i’d like to send an automated email upon server creation that will also include the wordpress credentials and URL if Wordpress has been installed automatically with server creation. Is this possible? I assume it must be added on server template → Mail for domain.

Check the template variables.

I did. I haven’t found anything related to wordpres.

There nothing like that. But you should be able to create it.

What you get by default in Virtualmin is this:

  1. at the time of creating the virtual server, if you enter your email address as owner of the virtual server then Virtualmin sends you an email with credentials to the virtual server
  2. at the time of one click install of WordPress script, Virtualmin sends an email with credentials of Wordpress

I didn’t know that :slight_smile:

Regarding wordpress credentials, i remember for password it says “the password you chose during setup”, but it was done using automatic installation.

You are right, @stefan1959 and @chrisk . Upon Wordpress automatic installation, the credentials are not shared via the email notification that is sent via Virtualmin. I stand corrected.

The notification is in this format:

Your new WordPress site has been successfully set up at:

https://vps16.indiax.com/home/vps16/public_html/wordpress

You can log in to the administrator account with the following information:

Username: vps16
Password: The password you chose during installation.
Log in here: https://vps16.indiax.com/home/vps16/public_html/wordpress/wp-login.php

We hope you enjoy your new site. Thanks!

--The WordPress Team
https://wordpress.org/

There must be a template for that

Is it possible to change the template to send the wordpress password in plain text?

I hope not. No-one should ever do this.

Password goes to domain owner as is

If you create wordpress if the web is enabled then you can add to the standard template under
${IF-WEB} can’t you?

If this is not configurable, it needs removing immediately This is such security flaw.

Its not transmitted, its a mailbox on the server. If someone can see that then the servers in trouble,

But when the email is picked up is when the security issue is, not everyone forces pop/IMAP encyption

Your not going to agree with whatever I say so please take it up with someone at staff.

Thats something the sysadmin is responsible for. This is not a cyber security thread. We only want to know how we can implement wordpress credentials in that template, if possible.

If passwords are not stored in plain text then I don’t think they are sent in the sign-up email.

Not 100% but this should be checked.

Also has the option for storing passwords in plaintext been removed recently?

I always choose to store password in hashed form; the signup email contains the password, if memory serves.

Why should we not do this explain ?