FollowSymLinks feature

the configuration template

Options -Indexes +IncludesNOEXEC +FollowSymLinks +ExecCGI allow from all AllowOverride All

In this way, but after the update Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch adds the configuration itself.

I do not want to add the line like "Options = ExecCGI, Includes, IncludesNOEXEC, Indexes, MultiViews, SymLinksIfOwnerMatch". Because it adds a lot of himself in the form of script we + FollowSymLinks. Each time it needs to change. I know that vulnerability.

/usr/share/webmin/virtual-server/ file {

return "Options=ExecCGI,Includes,IncludesNOEXEC,". "Indexes,MultiViews,SymLinksIfOwnerMatch";


But also on every update is in the form of writing in the way I want when I do it this way does not make sense to me.

intensely configuration, a different solution

Be placed in the general configuration or template configuration is not compelling?



There is an option you can add to the Webmin/Virtualmin config that prevents Virtualmin from performing that symlink fix.

I unfortunately can't seem to find the name of it, but Jamie can give us the option whenever he's available shortly.

That fix prevents a user form being able to read any file in /home, but if you're aware of that, and trust the users on your system, then the parameter that Jamie will share should solve the problem you're having at the moment.

You can turn off this fix for new domains by editing the file /etc/webmin/virtual-server/config and adding the line allow_symlinks=1 to the end of the file.