diff --git a/web/download/web-log/index.php b/web/download/web-log/index.php
index 35ebc335..b9859c6f 100644
--- a/web/download/web-log/index.php
+++ b/web/download/web-log/index.php
@@ -10,8 +10,6 @@ if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
     exit();
 }
 
-$v_domain = $_GET['domain'];
-$v_domain = escapeshellarg($_GET['domain']);
 if ($_GET['type'] == 'access') $type = 'access';
 if ($_GET['type'] == 'error') $type = 'error';
 
@@ -21,15 +19,32 @@ header("Content-Disposition: attachment; filename=".$_GET['domain'].".".$type."-
 header("Content-Type: application/octet-stream; "); 
 header("Content-Transfer-Encoding: binary");
 
-$v_domain = escapeshellarg($_GET['domain']);
+$v_domain = $_GET['domain'];
 if ($_GET['type'] == 'access') $type = 'access';
 if ($_GET['type'] == 'error') $type = 'error';
 
-exec (VESTA_CMD."v-list-web-domain-".$type."log $user ".$v_domain." 5000", $output, $return_var);
-if ($return_var == 0 ) {
-    foreach($output as $file) {
-        echo $file . "\n";
-    }
+
+$cmd = implode(" ", array(
+    VESTA_CMD . "v-list-web-domain-" . $type . "log",
+    escapeshellarg($user),
+    escapeshellarg($v_domain),
+    "5000",
+));
+
+if(is_callable("passthru")){
+    passthru($cmd, $return_var);
+} else{
+    // passthru is disabled, workaround it by writing the output to a file then reading the file. 
+    // this is slower than passthru, but avoids running out of RAM...
+    $passthru_is_disabled_workaround_handle = tmpfile();
+    $passthru_is_disabled_workaround_file = stream_get_meta_data($passthru_is_disabled_workaround_handle)['uri'];
+    exec ($cmd . " > " . escapeshellarg($passthru_is_disabled_workaround_file), $output, $return_var);
+    readfile($passthru_is_disabled_workaround_file);
+    fclose($passthru_is_disabled_workaround_handle); // fclose(tmpfile()) automatically deletes the file, unlink is not required :)
+}
+if ($return_var != 0) {
+    $errstr = "Internal server error: command returned non-zero: {$return_var}: {$cmd}";
+    echo $errstr;
+    throw new Exception($errstr); // make sure it ends up in an errorlog somewhere
 }
 
-?>