Support Requests Should Probably Default to Private

4 posts / 0 new
Last post
#1 Sun, 04/02/2017 - 19:52

Support Requests Should Probably Default to Private

I have noticed that many people probably don't mark their support requests as private. This seems rather odd for any company because I noticed that some users are posting sensitive server information in their support request and I'm sure they don't want that to be indexed on search engines or in some cases I suspect they are not aware its even public to other registered users.

Recently Microsoft had a big backslash because people where not aware their documents on where public, even when its very clear that the service is for sharing documents, the amount of data from employment contracts and other sensitive data that was send is rather impressive. This was reported in several news outlet and some people are outraged.

Most people understand the forums is for public support, this is why they edit data before posting like domains or IP's it but not on the support requests. Some people probably assume the request is private because most support tickets in companies are private by nature. The feature request and bug tracker is another story, those things tend to be public.

I think that it should be made more clear that support requests are not private by default. I have read some tickets where I don't think the info should be available for everyone when its exposing server IP's, logs and other stuff.

Also, I had the impression support was only open to licensed users but it seems everyone is able to post support requests if I'm not mistaken.

Just my 2 cents.

Sun, 04/02/2017 - 21:16


Thanks for your comments! I'll pass your thoughts along to Joe, who sets all that up. You're right that some sensitive information has appeared there.

We provide premium support through the support tracker to Virtualmin Pro and Cloudmin Pro customers, along with anyone who's purchased a support incident.

But it's also possible for GPL users to post bug reports there. We love getting bugs fixed up, and if anyone has found a bug we'll gladly work with them to get it sorted out.

If a GPL user posts a general support request in the support tracker, we'll redirect them back to the Forums.

Thanks again,


Sat, 04/08/2017 - 23:22
Joe's picture

We've been talking about this, and it's a conversation we've had in passing every couple of years since the very beginning of Virtualmin becoming a company 10+ years ago, and every time we've migrated the issue tracker. I believe we're kinda leaning toward agreeing with you these days, for a couple of reasons.

One reason this might be a good time to do so, is that we now have all of our Open Source projects (well, nearly all) out in the open on github. So, there's now a way for people to make bug reports and feature requests about the OSS stuff, without using our tracker here. That's a really new situation (much of Virtualmin was developed in private repositories until just a few weeks ago).

Another reason is that we're lately trying to differentiate a bit more clearly about what buying a Pro subscription provides, and support is part of that value.

The reason it's even up for discussion is that the tracker here does still get used for feature requests and bug reports, and we welcome that kind of input (especially good, reproducible, bug reports!), and the module we use to allow tickets to be private does not allow us to default some categories of ticket to private while leaving others public by default. It is either all or nothing; either every ticket defaults to private, or no tickets default to private.

We're neck deep in Virtualmin 6 work at the moment (and a month or so behind schedule on getting it launched, though we pushed out beta support for PHP-FPM in the 5.x series to give us some more breathing room on the big VM6 release without making people wait on one of the big new features), so I'm not going to poke at anything on the website right now. But, I think we'll probably revisit it once VM6 is out.

So, I think I agree with you at this point, but we probably need to make it more obvious how people can continue to contribute bug reports, feature requests, security reports, and patches, before flipping the switch...we'll start directing them to our github, instead of the tracker here. (Go star our repos and such! )


Check out the forum guidelines!

Topic locked