We are studying discrete logarithms and how they are used in cryptography. When working in $\mathbb{Z}_{p}^*$ I understand the importance of using a safe prime as the modulus so as to avoid being able to break the discrete logarithm into smaller sub groups that are solvable. But is having your generator be in a subgroup of large prime order sufficient for security? Why then does it seem like all the problems make sure to explicitly state the use of a prime modulus? Is it just because it's easy to find a primitive root or to keep the size of the transmitted information smaller as you aren't using some artificially large composite modulus, or is there a way you could go wrong with a composite modulus even if you made sure to use a generator whose order is a large prime?
edit: I've been reading a bunch of papers and looking for info, and I haven't found anything that indicates a discrete log with a large prime order generator could be insecure, but I also haven't found anything that definitively states it's not nor that a prime modulus should be used or why it is that the modulii seem to always be prime. Would love if someone could tell me definitively, because then I can either rest easy knowing that my understanding is in order, or learn what it is I am missing and help further my understanding. Thanks