OMG. I don’t remember the last time that I disagreed with you on a matter of fact. As a rule, when I see your avatar in a topic that I’ve commented on, I know that I’m going to learn something!
That’s true. They claim, though, that they switched to a standard install. I don’t believe them.
For several years now (but I think since let’s encrypt was available), on a standard install if you access it via any other hostname it’ll do a redirect (you can easily check by using the IP number and I just did another by setting forum.bigmouth.bass in /etc/hosts to a standard install and it redirected as expected. If you access it via https, which most browsers do by default now, you’ll get a certificate error.
If all that was required to access your site via some other hostname was DNS then anyone could hijack your site by creating a DNS record pointing to your site.
I think this is the magic:
My guess is that the app.yml still has something like this: