Problems with DNS in latest 7.40.0 version

Ilia · September 21, 2025, 9:04pm

Which hosting provider are you using? I’ll try to reproduce the issue you’re describing!

agusdiaz · September 22, 2025, 2:17am

Sure: Linode.com The server is: 1 CPU Core, 50 GB Storage, 2 GB RAM.

Plan: Linode 2 GB. Region: US, Atlanta, GA. Created: 2015-02-27 02:41

I have Virtualmin installed on it since its creation.

If you need it, I can share an ssh access to it to your e-mail.

Thanks!

calport · September 22, 2025, 4:33am

The same problem also occurs on Contabo, new install of Virtualmin 7.40.x with Debian 11… but this is from yesterday, before you issued the patch. I have not had a chance to apply the patch.

A good option for the Virtualmin team would be to let us install (via an option in the Virtualmin automated installer or in some other manner) the earlier stable release of Virtualmin 7.38.x till the glitches in 7.40.x are sorted out.

Ilia · September 22, 2025, 10:16am

Created 2015, is that right?

Ilia · September 22, 2025, 3:32pm

What the same problem exactly??

I just did a clean install on Linode with the exact same instance plan, Linode 2G — Apache’s ports.conf is fine (fixed in Virtualmin Config 7.0.23), and the SSL cert request worked.

What exactly isn’t working for you—exactly?

Did you try on the new clean instance?

calport · September 22, 2025, 3:46pm

Yesterday on a fresh install of Virtualmin, all websites were showing the default website and Dovecot was crashing after virtual server creation due to extra lines in its config file. On Debian 11.

Edit: in case it is related

[Mon Sep 22 17:08:43.380058 2025] [ssl:error] [pid 310994:tid 311045] [client 23.105.144.9:63161] AH02032: Hostname amitpetro.in (default host as no SNI was provided) and hostname www.svpwiki.com provided via HTTP have no compatible SSL setup, referer: https://www.svpwiki.com/

Errors of this kind in the logs - amitpetro is the default domain and its SSL certificate was used for the website of some other virtual server - svpwiki

Ilia · September 22, 2025, 4:11pm

I did another clean install and made sure this time that the LE SSL certificate request fails. When it happened, the issue with adding incorrect values to /etc/apache/ports.conf happened again, for example:

root@localhost:~# cat /etc/apache2/ports.conf 
# If you just change the port or add more ports here, you will likely also
# have to change the VirtualHost statement in
# /etc/apache2/sites-enabled/000-default.conf

Listen 80
Listen 1.2.3.4:443
Listen [2600:3c02::2000:0000:0000:0000]:443

<IfModule ssl_module>
    Listen 443
</IfModule>

<IfModule mod_gnutls.c>
    Listen 443
</IfModule>

@Jamie, do you remember when I fixed this issue before by clearing the Apache cache before deleting the domain in the same call, you undid my change, saying you’d fix it another way. Well, it’s still not fixed!

Ilia · September 22, 2025, 8:42pm

@Jamie, I’ve tested it more, and I don’t think clearing the cache helps fix this issue. I’m seeing this problem persistently, where /etc/apache2/ports.conf is getting messed up.

I haven’t looked into it deeply, but I think there’s a problem in the Apache library somewhere. I will email you with details.

Ilia · September 22, 2025, 9:51pm

It’s really confusing and puzzling to see that my local Debian 12 clean install works while it fails on clean Debian 12 Linode. It’s beyond confusing!

Jamie · September 25, 2025, 5:10am

What is the difference between the configs?

dimitrist · September 25, 2025, 6:05am

maybe this is related to the no ‘[ip6]:443’ option in apache vhost. when i faced this problem, new virtual server was redirecting to default virtual server for ipv6 visitors.

calport · September 25, 2025, 9:24am

I think so too

Ilia · September 25, 2025, 11:39am

Configs are supposed to be the same, as it’s both a clean Debian 12 install!

The tricky part is that I can’t reproduce it on my local system anymore. To be clear, I did, and then managed to fix it for the Virtualmin Config 7.0.23 release. However this is a new one, and now suddenly I can reproduce it on some cloud services like Linode.

What’s strange is that rebooting a newly set up Linode and then installing Virtualmin works, but installing it immediately after setting up or rebuilding doesn’t. To me, right now, this seems as some odd network-related issue.

I will have to take a much deeper look at all this later today after I finish wrapping up the things I wanted to for Webmin, Virtualmin fixes, and PR.

No, it doesn’t seem likely given the behavior I described earlier, since rebooting a newly spun instance fixes the issue.

There’s something else going on…

Ilia · September 28, 2025, 10:31pm

The issue with broken Apache ports.conf file is now fully resolved!

@Joe, please roll out the new Virtualmin-Config 7.0.24.

calport · September 29, 2025, 4:59am

Wow, thanks @Ilia and the Virtualmin team!

deepakdhingra · October 7, 2025, 7:33pm

Since we are talking about DNS, it seems there is still one file giving trouble. Atleast to me. I tried installation on Ubuntu 22 and Debian 12. It was the same issue in both cases.

In /etc/bind/named.conf.options, there should have been these 2 lines -

listen-on port 53 { any; };
listen-on-v6 port 53 { any; };

Then, the entire section should look like this -

options {
directory “/var/cache/bind”;

// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk.  See http://www.kb.cert.org/vuls/id/800113

// If your ISP provided one or more IP addresses for stable 
// nameservers, you probably want to use them as forwarders.  
// Uncomment the following block, and insert the addresses replacing 
// the all-0's placeholder.

// forwarders {
// 	0.0.0.0;
// };

//========================================================================
// If BIND logs error messages about the root key being expired,
// you will need to update your keys.  See https://www.isc.org/bind-keys
//========================================================================
dnssec-validation auto;



listen-on port 53 { any; };
listen-on-v6 port 53 { any; };

listen-on-v6 { any; };
listen-on port 853 tls srv1048001_hstgr_cloud {
	any;
	};
listen-on-v6 port 853 tls srv1048001_hstgr_cloud {
	any;
	};

};

I spent several hours trying to figure out why my server was not reachable from the Internet. It was because by default there was no reference to port 53 in this file.

Hope this helps someone who still has issues with DNS and Nameservers after a fresh install.

There are other issues after a fresh install such as SSL but since this topic is not about errors after a fresh install, I am not posting those issues here. But I do hope the new version would address these issues.

I have replied to another OP here - Sites-enabled/anydomain.com.conf file error after Debian and Virtualmin and Webmin update - #2 by deepakdhingra

calport · October 8, 2025, 5:02am

Thanks Deepak bhai.

deepakdhingra · October 8, 2025, 5:26pm

Thank you. It is because of the hardworking people here @Ilia, @Joe , @Jamie and others whom I do not know and community members like you that people like me are able to make a living.

I see you are from Kolkata. Let me narrate what I heard Raju Srivastava saying to Amitabh Bachchan on a TV show. He said “Aapki nakal karke mein apna ghar chalata hoon.”

And in this context here - Because of free and open-source software, alongwith the sincerity and dedication of the admins and other people and the entire community, people like me are able to do much which otherwise would have been almost impossible.

My gratitude to everyone.