Is this still valid as of Webmin 1.881?
if you go to Webmin/Webmin Configuration/SSL Encryption
there is an option to select “Only strong ciphers with perfect forward secrecy”
In addition, the test at https://whatsmychaincert.com/ returns a valid certificate with FF
That said, it appears Webmin 1.881 has some problem with PFS. The version of Net:::SSleavy (1.55) installed by default doesn’t support PFS and updating the module is not a straight forward process.