virtualmin-signup webmin module highly insecure.

It seems when installed anyone can locate it via google and signup an email account meaning spammers can use it. Anyway to secure this besides manually making at htaccess login?