Enabling SSL for one domain reset default IP for all domains on port 80

Operating system: Ubuntu Linux 16.04.1
Webmin version: 1.890
Virtualmin version: 6.04.gpl

Having enabled SSL for a virtual server (via “Edit Virtual Server”) for example.com, which appeared to go successfully I noticed immediately that the domain had set itself as the default site for the IP (alphabetically). This was not accurate as the domain was preceded alphabetically by many others.

It quickly became obvious that all domains using port 80 were now using “Any” address rather than the server IP. Accessing any domain using http loaded example.com. Looking more closely it became apparent that the apache conf for all domains was now beginning with: <VirtualHost *:80>.

I confirmed that the System Settings/Virtual Configuration/Network Settings: Default virtual server IPv4 address value was the correct IP but restarting apache, undoing the SSL status of example.com and even rebooting did nothing

The only solution I could think of was to manually correct the conf for each domain. This worked.

Two questions:

1 - WTF - did I do something wrong in the beginning or is this a known issue?
2 - Is there a mire efficient means to replace the wildcard for port 80 across the entire server?

Many thanks

Looks like this update: https://www.virtualmin.com/comment/803214#comment-803214 was the cause of my troubles.

This sounds like it is the opposite of the new behavior! It should have gone the other way, if it was going to do anything, I think (it should be preferring IP over * unless explicitly told otherwise). So…that’s confusing.

I’m not sure how to reproduce it, as in my testing it always did go the other way (but didn’t change existing hosts regardless of their original configuration, so that’s problematic/confusing in and of itself). So, there’s two confusing things about this, I guess. First, that it changed VirtualHosts unrelated to the one you were creating or editing, and second that it changed them in the opposite way it’s supposed to in 6.04 (it would have preferred * in all prior versions, though, so maybe this happened before the update?).

There is an option to force VirtualHosts to be on *, which is separate from that default IP setting, called “Address format for Apache virtual hosts” in “Defaults for new domains” in Virtualmin configuration. Make sure it’s set to IP or detect automatically (based on what you actually want to use). It defaults to “detect automatically”, which is where this detection logic comes into play, and where having a mix-and-match approach in the VirtualHost sections can lead to confusing results, depending on what you expect to happen.

Sorry this update bit you! I should have given more warning about it, but the change was far enough back to where I’d forgotten about it, until we started getting reports about it. It’s such a small change, code-wise, but can have far-reaching and scary/confusing effects. Hopefully this is a one-time pain and it will, in the long run, reduce the amount of confusion folks have about this (it’s been such a long-running problem that we had a sort of learned helplessness about it…I don’t know why we didn’t change it ten years ago, as it was always probably wrong to prefer *, since there’s so many ways to accidentally end up with a VirtualHost that uses *, and very few people understand the implications of that).

Thanks for taking the time to reply in such detail Joe and of course I understand the benefits this update brings.
My experience was definitely the opposite of your intention!
Note that the exact cause in my case was enabling SSL which may add another variable to consider or which may simply have involved an apache restart… thus causing our woes.

I’ve checked “Address format for Apache virtual hosts” and it was previously set to “Decide Automatically”. I’ve switched this to “Always use IP” now :slight_smile: