Debian 13 installation files

Update vesta_compile.sh to set NGINX version to 1.29.1 and PHP version to 8.4.11
v-commander: disabling ClamAV
2025-08-21 05:44:08 -07:00 · 2025-08-18 15:43:59 +02:00 · 2025-08-18 15:24:54 +02:00 · 2025-08-18 15:06:17 +02:00 · 2025-08-18 15:01:25 +02:00 · 2025-08-18 14:57:07 +02:00
761 changed files with 39374 additions and 3231 deletions
--- a/.gitignore
+++ b/.gitignore
@ -4,3 +4,6 @@
 *.gz
 .vscode
 .DS_Store
 data
 conf
 log
--- a/Changelog.md
+++ b/Changelog.md
@ -1,79 +1,202 @@
-Version 0.9.8-26-58 [12-Jul-2022]
+Version 0.9.9-0-13 [2025-08-15]
 ==================================================
 * Improvement: Activating FileManager licence for all users (credits to Official VestaCP)
 * Introducing a malware cleaning set of tools: v-install-wordfence-cli, v-desinfect-wordpress, v-fix-wordpress-core, v-change-database-password-for-wordpress, v-change-wordpress-admin-passwords, v-delete-inactive-wordpress-plugins-and-themes, v-delete-wordpress-uploads-php-files) (credits to isscbta)
 * Improvement: Added support for PHP 8.3 and 8.4
 * SRS support for Exim4 (v-add-srs-support-to-exim) (credits to HestiaCP)
 * Security: Ensuring that PHP files are visible only to the account they belong to - setting chmod 600 for all .php and .env files (also added as admin cronjob - v-fix-website-permissions-for-all-websites-only-php)
 * Added cronjob for disk usage snapshot (size of each folder) to see what folder is growing every day (v-df-snapshot-make, v-df-snapshot-diff [some-day-snapshot] [some-other-day-snapshot])
 * Bugfix: SSL fix for Apache 2.4.65+ (fix for '421 Misdirected Request')
 * Bugfix: vst-install-debian.sh: ability to install MySQL 8 on Debian 12
 * Improvement: Update nginx block-firewall.conf when user blocks 80,443 ports for some IPv4 address in the Firewall section of the admin panel
 * Improvement: v-install-wordpress: Support for IDN format domains
 * Security: Adding ProFTPD jail rule to Fail2Ban
 * Introducing: v-make-main-apache-log - making one log file for PHP requests for all websites
 * Security: Introducing a new command: v-fix-php-ini-disable-functions
 * Improvement: Introducing myVesta rules for SpamAssassin (enhancing spam filtering)
 * Improvement: When deleting a domain, also delete the database if the domain has a database
 * Bugfix: Removing temporary Docker container network interfaces from RRD
 * Introducing v-run-wp-cli-myvesta that knows the correct terminal width
 * Introducing a new command: v-cd-www alias for v-change-dir-www
 * Introducing a new command: v-clear-fail2ban
 * Introducing a new command: v-get-dns-config (to print zone file in bind9 format)
 * Introducing a DISABLE_IP_CHECK as vesta.conf variable (if logged-in user is getting a new IPv4 address every minute)
 * Security: Introducing a parse_object_kv_list_non_eval() function in main.sh, to avoid the evil eval command
 * Security: Enhance package validation, in v-change-user-package 'eval' replaced with 'parse_object_kv_list_non_eval'
 * Improvement: Replacing all WordPress scripts to use 'v-run-wp-cli' instead of 'wp'
 * Improvement: v-install-wordpress: Almost always use https
 * Improvement: Skip the prompt to continue during myVesta installation if the administrator has set all required variables  in the command line
 * Security: Jailing v-run-wp-cli (running WP-CLI as user, added open_basedir, disabling shell_exec() and other dangerous PHP functions)
 * Security: v-commander: removing the ability to set a root password
 * Bugfix: DKIM record deletion command in v-delete-mail-domain-dkim script
 * Adding FTP / SFTP port for Remote Backup (credits to ikheetjeff)
 * Introducing a new command: v-delete-mails - delete emails older than N days (credits to isscbta)
 * Introducing new commands: v-blacklist-email-domain, v-blacklist-email-account, v-whitelist-email-domain, v-whitelist-email-account (credits to isscbta)
 * Bugfix: v-move-folder-and-make-symlink: use 'mv' instead of 'rsync'
 * Improvement: Calculate the size of directories on /hdd too
 * Bugfix: v-move-domain-and-database-to-account: Update wordfence-waf.php
 * Bugfix: v-add-letsencrypt-domain: Detecting valid status on wildcard variant
 * Bugfix: db.sh and v-clone-website: mysqldump --max_allowed_packet=1024M
 * Bugfix: web/index.php: Prevent recreation of token by shitty browser add-ons
 * Bugfix: v-restore-user: permissions fix while restoring backup
 * Bugfix: Add some loops due to 403 errors during LE request in some random cases
 * Improvement: v-clone-website: adding --EXCLUDE_UPLOADS parameter
 * Bugfix: vst-install-debian.sh - removing phppgadmin
 * Bugfix: v-update-firewall: $FIREWALL_STATEFUL conf variable (for Infomaniak VPS servers)
 * Bugfix: Awstats template for all systems does not have a closed bracket in line 27 (credits to gkirde)
 * Bugfix: Update v-import-cpanel-backup - removing /*!999999\- enable the sandbox mode */
 * Bugfix: Small PHP syntax fixes in the admin panel
 * Introducing nginx template 'wprocket-webp-express-force-https' (credits to Luka Paunovic)
 * Improvement: Added functions to check if a domain or user is unsuspended in main.sh
 * Introducing a new command: v-update-document-errors-files
 * Improvement: new v-backup-user-now command does backup even if the system Load Average is above the limit, or the administrator configured backups to perform only at night
 * Improvement: v-install-wp-cli and v-install-wp-cli-myvesta - automatically updates if wp-cli is 30 days old
 * Bugfix: Check for SSL certificate existence before deleting web domain SSL in v-install-unsigned-ssl
 * Improvement: v-install-wordpress: avoid changing nginx proxy template in apache-less variant
 * Added to .gitignore excludes for 'data', 'conf', and 'log' folders
 * And many other minor bugfixes and improvements...
 Version 0.9.9-0-12 [2025-02-28]
 ==================================================
 * SpamHaus DNSBL removed from exim4
 * A lot of small bugs fixed
 Version 0.9.9-0-11 [2024-05-30]
 ==================================================
 * Introducing v-run-wp-cli command ( @isscbta )
 * Introducing v-add-wordpress-admin command ( @isscbta )
 * Few bugs fixed
 Version 0.9.9-0-10 [2024-04-11]
 ==================================================
 * Introducing v-edit-php-ini command ( @isscbta )
 * Introducing v-edit-domain-php-ini command ( @isscbta )
 Version 0.9.9-0-9 [2024-04-05]
 ==================================================
 * Get quick info about a banned IP (Host, Banlist, Location) (many thanks to @VasilisParaschos )
 * Few bugs fixed
 Version 0.9.9-0-5 to 0.9.9-0-8
 ==================================================
 * Few bugs fixed
 Version 0.9.9-0-4 [2023-06-27]
 ==================================================
 * Support for Debian 12 ( in mutual cooperation with @HestiaCP )
 Version 0.9.9-0-2 [2023-06-12]
 ==================================================
 * Hosting panel UI perfomance fix
 Version 0.9.9-0 [2023-06-05]
 ==================================================
 * Redesign of hosting panel
 * Fix for WP_CACHE_KEY_SALTs in v-clone-website command
 * Fix for "Helo name contains a ip address" in Exim4
 * Fix for Exim4 for punycode domains (in collaboration with @HestiaCP )
 Version 0.9.8-26-62 [2023-04-05]
 ==================================================
 * Fix for LetsEncrypt Asynchronous Order Finalization (in collaboration with @HestiaCP )
 Version 0.9.8-26-61 [2023-04-04]
 ==================================================
 * Many bugfixes
 * Hotfix for LetsEncrypt to prevent Apache falling 
 Version 0.9.8-26-60 [2023-02-12]
 ==================================================
 * New script: v-commander (useful for maintaining the server)
 * New script: v-activate-rocket-nginx (serve WP-Rocket cache directly from nginx)
 * New script: v-update-myvesta (get the very latest build of myVesta)
 * v-clone-website: By default cloning to database: user_domain_com (instead of cloning to database: user_old_db_migrated)
 * Many minor bugfixes
 Version 0.9.8-26-59 [2023-02-01]
 ==================================================
 * Support for PHP 8.2
 * New script: v-move-folder-and-make-symlink
 * New script: v-lock-wordpress (to prevent PHP malware) and v-unlock-wordpress
 * v-install-wordpress: Installing WordPress to user_domain_com database instead of installing to user_wp database
 * Many minor bugfixes
 Version 0.9.8-26-58 [2022-07-12]
 ==================================================
 * [Security] hash_equals() in /reset/mail/ (credits to @divinity76 )
 * Avoid out-of-memory while downloading large log files from panel (credits to @divinity76 )
 * Fix for an boring PHP Notice in vesta-php
-Version 0.9.8-26-57 [06-Jul-2022]
+Version 0.9.8-26-57 [2022-07-06]
 ==================================================
 * Fix for GMail SMTP timeouts on Debian11
 * [Security] Fix for Local Sed Injection Vulnerability ( credits to @cleemy-desu-wayo )
-Version 0.9.8-26-56 [28-May-2022]
+Version 0.9.8-26-56 [2022-05-28]
 ==================================================
 * Adding Barracuda RBL to SpamAssassin
 * Fixing insane HTML form bug in List backup items page
 * Script for easy adding second IP address for SMTP authenticated users only (v-make-separated-ip-for-email)
-Version 0.9.8-26-55 [26-Apr-2022]
+Version 0.9.8-26-55 [2022-04-26]
 ==================================================
 * Support for MySQL 8
 * [Security] Preventing brute-force resetting password  (thanks to HestiaCP @hestiacp for fix)
 * Many minor bugfixes
-Version 0.9.8-26-54 [17-Dec-2021]
+Version 0.9.8-26-54 [2021-12-17]
 ==================================================
 * Checking if FreshClam is started after installation
-Version 0.9.8-26-53 [12-Dec-2021]
+Version 0.9.8-26-53 [2021-12-12]
 ==================================================
 * Support for PHP 8.1
 * Function to ensure that pool.d folders are not empty
-Version 0.9.8-26-52 [23-Nov-2021]
+Version 0.9.8-26-52 [2021-11-23]
 ==================================================
 * Fix for not to match wildcard "*domains" and "databases*" while restoring
 * Added memcached to v-list-sys-services
-Version 0.9.8-26-51 [14-Nov-2021]
+Version 0.9.8-26-51 [2021-11-14]
 ==================================================
 * Many fixes for "List services" page (v-list-sys-services function)
-Version 0.9.8-26-50 [07-Nov-2021]
+Version 0.9.8-26-50 [2021-11-07]
 ==================================================
 * Many small bugfixes and CSRF fixes
-Version 0.9.8-26-49 [17-Jul-2021]
+Version 0.9.8-26-49 [2021-07-17]
 ==================================================
 * Support for Debian 11
-Version 0.9.8-26-48 [11-Jul-2021]
+Version 0.9.8-26-48 [2021-07-11]
 ==================================================
 * Fixed two bugs in LetsEncrypt generating process
-Version 0.9.8-26-47 [30-May-2021]
+Version 0.9.8-26-47 [2021-05-30]
 ==================================================
 * Enabling TLS for ProFTPD FTPS
 * More logical "Restore backup" template
-Version 0.9.8-26-46 [17-Apr-2021]
+Version 0.9.8-26-46 [2021-04-17]
 ==================================================
 * [Feature] Updating CloudFlare IP addresses
-Version 0.9.8-26-45 [13-Apr-2021]
+Version 0.9.8-26-45 [2021-04-13]
 ==================================================
 * [Feature] Logging whole LetsEncrypt process to /usr/local/vesta/log/letsencrypt.log and /usr/local/vesta/log/letsencrypt_cron.log
 * [Feature] Warn admin once (by sending email) if LetsEncrypt renewing failed for server hostname
 * [Bugfix] Correct truncating of CA LetsEncrypt certificate (thanks to HestiaCP @hestiacp for fix)
-Version 0.9.8-26-44 [04-Apr-2021]
+Version 0.9.8-26-44 [2021-04-04]
 ==================================================
 * [Security] Preventing denial-of-service in openssl library in vesta-nginx service (CVE-2021-3449)
 * [Security] Preventing admin to install non-vesta packages from vesta admin panel user interface (Credits to: Numan Türle @numanturle)
 * [Bugfix] Preventing multiple execution of v-backup-users
 * [UserInterface] CSS fix for Apache status table (Credits to: Milos Spasic)
-Version 0.9.8-26-43 [15-Mar-2021]
+Version 0.9.8-26-43 [2021-03-15]
 ==================================================
 * [Security] fix for: CSRF remote code execution in UploadHandler.php - CVE-2021-28379 (Credits to: Fady Osman @fady_othman)
 * [Security] fix for: Local privilege escalation from user account to admin account via v-add-web-domain (Credits to: Two independent security researchers, Marti Guasch Jiménez and Francisco Andreu Sanz, working with the SSD Secure Disclosure program) (and also thanks to HestiaCP @hestiacp for fix)
@ -83,62 +206,62 @@ Version 0.9.8-26-43 [15-Mar-2021]
 * [Security] fix for: Admin to root escalation in v-activate-vesta-license (Credits to: Numan Türle @numanturle)
 * [Security] Ensure HTML will not be displayed in list log page (Credits to: Kristan Kenney @kristankenney, thanks to HestiaCP @hestiacp for fix)
-Version 0.9.8-26-42 [26-Feb-2021]
+Version 0.9.8-26-42 [2021-02-26]
 ==================================================
 * [Feature] Support for PHP 8.0, see: https://forum.myvestacp.com/viewtopic.php?f=18&t=52
 * [Bugfix] Making sure Apache is in mpm_event mode
-Version 0.9.8-26-41 [11-Feb-2021]
+Version 0.9.8-26-41 [2021-02-11]
 ==================================================
 * Few bugfixes
-Version 0.9.8-26-40 [08-Feb-2021]
+Version 0.9.8-26-40 [2021-02-08]
 ==================================================
 * Few bugfixes
-Version 0.9.8-26-39 [12-Dec-2020]
+Version 0.9.8-26-39 [2020-12-12]
 ==================================================
 * [Security] Fixing useless issue with tokens in "download backup" and "loginas" functions (thanks to HestiaCP for fixes)
 * [Security] Fixing XSS in /list/rrd/?period= value
-Version 0.9.8-26-38 [05-Dec-2020]
+Version 0.9.8-26-38 [2020-12-05]
 ==================================================
 * [Security] Fixing Apache status public access (thanks to HestiaCP for letting us know)
-Version 0.9.8-26-37 [26-Oct-2020]
+Version 0.9.8-26-37 [2020-10-26]
 ==================================================
 * [Bugfix] Fixing LetsEncrypt deprecated GET method for ACME v2 (thanks to @moucho)
 * [Bugfix] Fixing Roundcube to send via authenticated SMTP user instead via php
-Version 0.9.8-26-36 [10-Sep-2020]
+Version 0.9.8-26-36 [2020-09-10]
 ==================================================
 * [Bugfix] Checking necessary available disk space before doing backup
 * [Security] Disabling login with 'root'
-Version 0.9.8-26-35 [23-Aug-2020]
+Version 0.9.8-26-35 [2020-08-23]
 ==================================================
 * [Feature] Limiting max recipients per email to 15, in order to prevent mass spamming
 * [Bugfix] While restoring backup, only exclude logs folder from root, not in public_html
-Version 0.9.8-26-34 [19-Aug-2020]
+Version 0.9.8-26-34 [2020-08-19]
 ==================================================
 * [Bugfix] Split long DNS TXT entries into 255 chunks
-Version 0.9.8-26-33 [16-Aug-2020]
+Version 0.9.8-26-33 [2020-08-16]
 ==================================================
 * [Feature] Ability to set some domain to send emails from another IP (command: v-make-separated-ip-for-email-domain)
-Version 0.9.8-26-32 [02-Aug-2020]
+Version 0.9.8-26-32 [2020-08-02]
 ==================================================
 * [Feature] v-replace-in-file command introduced
 * [Security] Making sure new myVesta commands can be called only by root
-Version 0.9.8-26-31 [30-Jul-2020]
+Version 0.9.8-26-31 [2020-07-30]
 ==================================================
 * [Feature] v-import-cpanel-backup command moved to vesta-bin folder (becoming standard myVesta command)
 * Starting to log auto-update output
-Version 0.9.8-26-30 [26-Jul-2020]
+Version 0.9.8-26-30 [2020-07-26]
 ==================================================
 * New ASCII logo in installer
 * Deleted favicon when user don't know secret-url of hosting panel
@ -146,14 +269,14 @@ Version 0.9.8-26-30 [26-Jul-2020]
 * [bugfix] Minor fix of URL for templates in v-update-dns-templates
 * [bugfix] Minor fixes in installer
-Version 0.9.8-26-29 [21-Jul-2020]
+Version 0.9.8-26-29 [2020-07-21]
 ==================================================
 * [Feature] v-clone-website command moved to vesta-bin folder (becoming standard myVesta command)
 * [Feature] v-migrate-site-to-https command moved to vesta-bin folder (becoming standard myVesta command)
 * [Bugfix] Fix for ClamAV socket
 * Changing Vesta to myVesta in title of hosting panel pages
-Version 0.9.8-26-28 [15-Jul-2020]
+Version 0.9.8-26-28 [2020-07-15]
 ==================================================
 * [Feature] v-install-wordpress command introduced
 * [Feature] v-move-domain-and-database-to-account command introduced
@ -161,37 +284,37 @@ Version 0.9.8-26-28 [15-Jul-2020]
 * [Bugfix] Fix for LetsEncrypt issuing in apache-less variant (nginx + php-fpm variant)
 * [Bugfix] Fix for configuring phpMyAdmin DB in apache-less variant (nginx + php-fpm variant)
-Version 0.9.8-26-27 [05-Jul-2020]
+Version 0.9.8-26-27 [2020-07-05]
 ==================================================
 * [Feature] Admins now see changelog when they open myVesta panel after myVesta get updated (changelog will dissapear on next refresh)
 * [Bugfix] Better control of opened SMTP concurrent connections (preventing denial-of-service of SMTP) on fresh installed servers - https://github.com/myvesta/vesta/commit/c57b15b5daca2a0ea88ee6a89a2ff5a4ef47d2a3
 * Second tuning of php-fpm pool.d config files (perfomances and limits)
-Version 0.9.8-26-26 [27-Jun-2020]
+Version 0.9.8-26-26 [2020-06-27]
 ==================================================
 * [Feature] Self-signed SSL will be automaticaly added when you add new domain (CloudFlare is fine with that, you don't need LetsEncrypt anymore if you use CloudFlare as reverse-proxy(CDN+Firewall), just set "Full" in SSL section on CloudFlare)
 * [Feature] Script for adding self-signed SSL to desired domain [v-install-unsigned-ssl]
 * From now, on fresh installed server, default backup cron goes at Saturday at 01 AM (instead of everyday at 05 AM)
 * New favicon for hosting panel
-Version 0.9.8-26-25 [23-Jun-2020]
+Version 0.9.8-26-25 [2020-06-23]
 ==================================================
 * [Security] Fixing unnecessary slash in nginx configs for phpmyadmin and roundcube (Credits to Bernardo Berg @bberg1984 for finding this issue!)
 * [Security] Adding escapeshellarg on few more places in php code (Credits to Talha Günay and @Lupul for finding these places)
-Version 0.9.8-26-24 [22-Jun-2020]
+Version 0.9.8-26-24 [2020-06-22]
 ==================================================
 * [Bugfix] nginx + php-fpm installer variant now finally works
-Version 0.9.8-26-23 [14-Jun-2020]
+Version 0.9.8-26-23 [2020-06-14]
 ==================================================
 * Adding label that LetsEncrypt can be added when you Edit domain
-Version 0.9.8-26-22 [13-Jun-2020]
+Version 0.9.8-26-22 [2020-06-13]
 ==================================================
 * [Bugfix] Checking (in order to delete) php7.4 pool config file while deleting domain
-Version 0.9.8-26-21 [13-Jun-2020]
+Version 0.9.8-26-21 [2020-06-13]
 ==================================================
 * [Feature] Blocking executable files inside archives in received emails (ClamAV)
 * [Bugfix] Removing ability to schedule LetsEncrypt issuing while adding new domain (because it can fall in infinite loop whole day)
@ -200,82 +323,82 @@ Version 0.9.8-26-21 [13-Jun-2020]
 * [Bugfix] Script that removes depricated 'ssl on;' in nginx templates
 * [Security] Ensure UPDATE_SSL_SCRIPT is not set in some config files
-Version 0.9.8-26-20 [01-Jun-2020]
+Version 0.9.8-26-20 [2020-06-01]
 ==================================================
 * [Bugfix] Script that will ensure that Apache2 will always stay in mpm_event mode
 * [Bugfix] Ensure config files will not be overwritten while updating vesta-nginx package
 * [Bugfix] Fixing URL in v-update-web-templates script
 * [Feature] Additional rates for nginx anti-denial-of-service templates
-Version 0.9.8-26-19 [15-May-2020]
+Version 0.9.8-26-19 [2020-05-15]
 ==================================================
 * [Bugfix] Do not match subdomains while restoring domain [v-restore-user]
-Version 0.9.8-26-18 [15-May-2020]
+Version 0.9.8-26-18 [2020-05-15]
 ==================================================
 * [Bugfix] Fixing NS parameters in v-add-dns-on-web-alias
-Version 0.9.8-26-17 [15-May-2020]
+Version 0.9.8-26-17 [2020-05-15]
 ==================================================
 * [Bugfix] Reverting default clamav socket path 
 * [Bugfix] Put mail_max_userip_connections = 50 in dovecot
-Version 0.9.8-26-16 [15-May-2020]
+Version 0.9.8-26-16 [2020-05-15]
 ==================================================
 * [Bugfix] Allow quick restarting of nginx if acme-challenge should be added many times
 * [Bugfix] Enabling email notification to fresh installed servers about backup success status
 * [Bugfix] Timeout 10 sec for apache2 status
-Version 0.9.8-26-15 [09-May-2020]
+Version 0.9.8-26-15 [2020-05-09]
 ==================================================
 * [Feature] nginx templates that can prevent denial-of-service on your server
 * First tuning php-fpm pool.d config files (perfomances and limits)
 * New logo
-Version 0.9.8-26-14 [08-May-2020]
+Version 0.9.8-26-14 [2020-05-08]
 ==================================================
 * v-clone-website script switched to parameters
 * Display new version in console while updating myVesta
-Version 0.9.8-26-13 [07-May-2020]
+Version 0.9.8-26-13 [2020-05-07]
 ==================================================
 * [Feature] Put build date and version in right-bottom corner of control panel
-Version 0.9.8-26-12 [07-May-2020]
+Version 0.9.8-26-12 [2020-05-07]
 ==================================================
 * [Feature] Put build date and version while compiling myVesta
 * [Feature] Office365 DNS template
 * [Feature] Yandex DNS template
 * ProFTPD MaxIstances = 100 for fresh installed servers
-Version 0.9.8-26-11 [01-May-2020]
+Version 0.9.8-26-11 [2020-05-01]
 ==================================================
 * [Feature] Skipping LE renewing after 7 failed attempts
 * [Bugfix] Keep conf files during auto-update
 * [Bugfix] Do not restart apache while preparing letsencrypt acme challenge
 * [Bugfix] Set ALLOW_BACKUP_ANYTIME='yes' for fresh installed servers
-Version 0.9.8-26-10 [11-Apr-2020]
+Version 0.9.8-26-10 [2020-04-11]
 ==================================================
 * [Feature] Creating v-normalize-restored-user script (normalize NS1, NS2 and IP of account that is backuped on other server and restored on this server)
 * Tweak for hostname FPM conf
 * [Security] Forbid changing root password (Credits to Alexandre ZANNI, Orange Cyberdefense, https://cyberdefense.orange.com)
 * [Security] Importing system enviroment in v-change-user-password (Credits to Alexandre ZANNI, Orange Cyberdefense, https://cyberdefense.orange.com)
-Version 0.9.8-26-9 [23-Mar-2020]
+Version 0.9.8-26-9 [2020-03-23]
 ==================================================
 * [Security] Preventing manipulation with $SERVER['HTTP_HOST'] (Credits to @mdisec - Managing Partner of PRODAFT / INVICTUS A.Ş. Master ninja at pentest.blog)
-Version 0.9.8-26-8 [23-Mar-2020]
+Version 0.9.8-26-8 [2020-03-23]
 ==================================================
 * [Security] Temporary fix for parsing backup conf (Credits to @dreiggy - https://pentest.blog/vesta-control-panel-second-order-remote-code-execution-0day-step-by-step-analysis/)
-Version 0.9.8-26-7 [18-Mar-2020]
+Version 0.9.8-26-7 [2020-03-18]
 ==================================================
 * [Bugfix] Fix that avoid LetsEncrypt domain validation timeout
 * [Bugfix] Set timeout in v-list-sys-web-status script
-Version 0.9.8-26-6 [21-Feb-2020]
+Version 0.9.8-26-6 [2020-02-21]
 ==================================================
 * [Bugfix] mail-wrapper.php from now works
 * [Feature] Introducing NOTIFY_ADMIN_FULL_BACKUP, email notification about backup success status
@ -283,7 +406,7 @@ Version 0.9.8-26-6 [21-Feb-2020]
 * [Feature] Introducing force-https-webmail-phpmyadmin nginx template
 * [Feature] Trigger for /root/update_firewall_custom.sh
-Version 0.9.8-26-5 [10-Feb-2020]
+Version 0.9.8-26-5 [2020-02-10]
 ==================================================
 * [Security] sudoers fix for Debian10
 * [Feature] [Script that will migrate your site from http to https, replacing http to https URLs in database](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/v-migrate-site-to-https)
@ -292,7 +415,7 @@ Version 0.9.8-26-5 [10-Feb-2020]
 * [Bugfix] Roundcube force https
 * [Bugfix] Exim compatibility with Loopia for Debian10
-Version 0.9.8-26-4 [07-Jan-2020]
+Version 0.9.8-26-4 [2020-01-07]
 ==================================================
 * [Feature] Allow whitelisting specific IP for /api/
 * [Feature] Allow whitelisting specific IP to avoid secret_url
@ -300,11 +423,11 @@ Version 0.9.8-26-4 [07-Jan-2020]
 * [Bugfix] apparmor install fix again
 * [Bugfix] Turning off MariaDB SQL strict mode
-Version 0.9.8-26-3 [26-Nov-2019]
+Version 0.9.8-26-3 [2019-11-26]
 ==================================================
 * [Bugfix] Better check if session cron already added
-Version 0.9.8-26-2 [15-Nov-2019]
+Version 0.9.8-26-2 [2019-11-15]
 ==================================================
 * [Feature] Support for sub-sub-sub-sub versions :))
 * [Bugfix] Support for longer username of email accounts
@ -312,7 +435,7 @@ Version 0.9.8-26-2 [15-Nov-2019]
 * [Bugfix] Trying to fix ClamAV broken socket
 * Moving to myvestacp.com
-Version 0.9.8-26 [28-Sep-2019]
+Version 0.9.8-26 [2019-09-28]
 ==================================================
 * [Bugfix] Let's Encrypt HTTP/2 support (by @serghey-rodin)
 * [Bugfix] Fixing broken autoreply output
--- a/README.md
+++ b/README.md
@ -1,14 +1,95 @@
 myVesta
 ==================================================
-Visit our homepage:
+<h1 align="center"><a href="https://myvestacp.com">myVesta</a></h1>
 - https://www.myvestacp.com/
-Forum:
+<div style="text-align:center">
- https://forum.myvestacp.com/
+
 [![Screenshot of myVesta](https://www.myvestacp.com/screenshot1.png)](https://www.myvestacp.com/)
 </div>
 <h1 align="center">About</h1>
 <p align="center">myVesta is a security and stability-focused fork of VestaCP, exclusively supporting Debian in order to maintain a streamlined ecosystem. Boasting a clean, clutter-free interface and the latest innovative technologies, our project is committed to staying synchronized with official VestaCP commits. We work independently to enhance security and develop new features, driven by our passion for contributing to the open-source community rather than monetary gain. As such, we will offer all features built for myVesta to the official VestaCP project through pull requests, without interfering with their development milestones.</p>
 <p align="center"><b><a href="https://github.com/myvesta/vesta/blob/master/Changelog.md">View Changelog</a>
 </b></p>
 <h1>Links</h1>
 <ul>
  <li><a href="https://www.myvestacp.com/">Visit our homepage.</a></li>
  <li><a href="https://forum.myvestacp.com/">Check out our forum for discussions and support.</a></li>
  <li><a href="https://wiki.myvestacp.com/">For more information, take a look at our knowledge base.</a></li>
 </ul>
 <h1>Features of myVesta</h1>
 <ul>
    <li>Support for Debian 11 and 12 (Debian 12 is recommended, but previous Debian releases are also supported)</li>
    <li>Support for MySQL 8</li>
    <li><a href="https://forum.myvestacp.com/viewtopic.php?f=20&t=51">nginx templates</a> that can prevent denial-of-service on your server</li>
    <li><a href="https://forum.myvestacp.com/viewtopic.php?f=18&t=52">Support for multi-PHP versions</a></li>
    <li>You can <a href="https://forum.myvestacp.com/viewtopic.php?f=20&t=350">host NodeJS apps</a></li>
    <li>You can limit the maximum number of sent emails (per hour) <a href="https://github.com/myvesta/vesta/blob/master/install/debian/10/exim/exim4.conf.template#L112-L113">per mail account</a> and <a href="https://github.com/myvesta/vesta/blob/master/install/debian/10/exim/exim4.conf.template#L72-L73">per hosting account</a>, preventing hijacking of email accounts and preventing PHP malware scripts to send spam.</li>
    <li>
      You can completely "lock" myVesta so it can be accessed only via secret URL, for example https://serverhost:8083/?MY-SECRET-URL
      <ul>
        <li>During installation you will be asked to choose a secret URL for your hosting panel</li>
        <li>Literally no PHP scripts will be alive on your hosting panel (won't be able to get executed), unless you access the hosting panel with secret URL parameter. Thus, when it happens that, let's say, some zero-day exploit pops up - attackers won't be able to access it without knowing your secret URL - PHP scripts from VestaCP will be simply dead - no one will be able to interact with your panel unless they have the secret URL.</li>
        <li>You can see for yourself how this mechanism was built by looking at:</li>
        <ul>
          <li><a href="https://github.com/myvesta/vesta/blob/master/src/deb/for-download/php/php.ini#L496">src/deb/for-download/php/php.ini</a></li>
          <li><a href="https://github.com/myvesta/vesta/blob/master/web/inc/secure_login.php">web/inc/secure_login.php</a></li>
        </ul>
        <li>If you didn't set the secret URL during installation, you can do it anytime. Just execute in shell: <code>echo "&lt;?php \$login_url='MY-SECRET-URL';" > /usr/local/vesta/web/inc/login_url.php</code></li>
      </ul>
    </li>
  <li>We <a href="https://github.com/myvesta/vesta/blob/master/install/debian/10/php/php7.3-dedi.patch#L9">disabled dangerous PHP functions</a> in php.ini, so even if, for example, your customer's CMS gets compromised, hacker will not be able to execute shell scripts from within PHP.</li>
  <li>Apache is fully switched to mpm_event mode, while PHP is running in PHP-FPM mode, which is the most stable PHP-stack solution
    <ul><li>OPCache is turned on by default</li></ul>
    <li>Auto-generating LetsEncrypt SSL for server hostname (signed SSL for Vesta 8083 port, for dovecot (IMAP & POP3) and for Exim (SMTP))</li>
    <li>You can change Vesta port during installation or later using one command line: v-change-vesta-port [number]</li>
    <li>ClamAV is configured to block zip/rar/7z archives that contains executable files (just like GMail)</li>
    <li>Backup will run with lowest priority (to avoid load on server), and can be configured to run only by night (and to stop on the morning and continue next night) </li>
    <ul>
    <li>You can compile Vesta binaries by yourself - <a href="https://github.com/myvesta/vesta/blob/master/src/deb/vesta_compile.sh">src/deb/vesta_compile.sh</a></li>
 <li>You can even create your own APT repository in a minute</li>
 <li>We are using latest nginx version for vesta-nginx package</li>
 <li>With your own APT infrastructure you can take security of Vesta-installer infrastructure in your own hands. You will have full control of your Vesta code (this way you can rest assured that there's 0% chance that you'll install malicious packages from repositories that may get hacked)</li>
 <li>Binaries that you compile are 100% compatible with official VestaCP from vestacp.com, so you can run official VestaCP code with your own binaries (in case you don't want the source code from this fork)</li>
 </ul>
  </li>
  </ul>
 <h1>How to install</h1>
 Download the installation script:
 ```shell
 curl -O http://c.myvestacp.com/vst-install-debian.sh
 ```
 Then run it:
 ```shell
 bash vst-install-debian.sh
 ```
 Or use our <a href="https://www.myvestacp.com/install_generator.html">installer generator</a>.
 <h1>Useful scripts</h1>
 <ul>
  <li><a href="https://forum.myvestacp.com/viewtopic.php?f=24&t=50">How to move accounts from one (my)Vesta server to another myVesta server</a></li>
  <li><a href="https://forum.myvestacp.com/viewtopic.php?f=17&t=386">WordPress installer in one second </a></li>(v-install-wordpress)
  <li><a href="https://forum.myvestacp.com/viewtopic.php?f=17&t=385">Cloning script that will copy the whole site from one (sub)domain to another (sub)domain </a></li>(v-clone-website)
  <li><a href="https://forum.myvestacp.com/viewtopic.php?f=17&t=382">Script that will migrate your site from http to https, replacing http to https URLs in database </a></li>(v-migrate-site-to-https)
  <li><a href="https://forum.myvestacp.com/viewtopic.php?f=24&t=63">Script for importing cPanel backups to Vesta (thanks to Maks Usmanov - Skamasle) </a></li> (v-import-cpanel-backup)
  <li><a href="https://forum.myvestacp.com/viewtopic.php?f=18&t=52">Script that will install multiple PHP versions on your server</a></li>
  <li><a href="https://forum.myvestacp.com/viewtopic.php?f=20&t=350">How to host NodeJS apps</a></li>
  <li><a href="https://forum.myvestacp.com/viewtopic.php?f=20&t=51">Script that will install nginx templates that can prevent denial-of-service on your server</a></li>
  <li><a href="https://forum.myvestacp.com/viewtopic.php?f=15&t=47">Official VestaCP Softaculous installer</a></li>
 </ul>
 <h1>Licence</h1>
 myVesta is licensed under <a href="https://github.com/serghey-rodin/vesta/blob/master/LICENSE">GPL v3</a> license.
 Knowledge base:
 - https://wiki.myvestacp.com/
 Changelog:
 - https://github.com/myvesta/vesta/blob/master/Changelog.md
--- a/bin/v-activate-rocket-nginx
+++ b/bin/v-activate-rocket-nginx
@ -0,0 +1,144 @@
 #!/bin/bash
 # info: Install rocket-nginx extension for certain domain
 # options: DOMAIN 
 #----------------------------------------------------------#
 #                    Variable&Function                     #
 #----------------------------------------------------------#
 whoami=$(whoami)
 if [ "$whoami" != "root" ]; then
    echo "You must be root to execute this script"
    exit 1
 fi
 # Importing system environment
 source /etc/profile
 # Argument definition
 domain=$1
 user=$(/usr/local/vesta/bin/v-search-domain-owner $domain)
 USER=$user
 # Includes
 source /usr/local/vesta/func/main.sh
 source /usr/local/vesta/func/domain.sh
 if [ -z "$user" ]; then
    check_result $E_NOTEXIST "domain $domain doesn't exist"
 fi
 #----------------------------------------------------------#
 #                    Verifications                         #
 #----------------------------------------------------------#
 check_args '1' "$#" 'DOMAIN'
 is_format_valid 'domain'
 is_object_valid 'user' 'USER' "$user"
 is_object_unsuspended 'user' 'USER' "$user"
 if [ ! -d "/home/$user" ]; then
    echo "User doesn't exist";
    exit 1;
 fi
 if [ ! -d "/home/$user/web/$domain/public_html" ]; then
    echo "Domain doesn't exist";
    exit 1;
 fi
 if [ ! -f "/home/$user/web/$domain/public_html/wp-config.php" ]; then
    echo 'Please install WordPress first.'
    exit 1;
 fi
 if [ ! -d "/etc/nginx/rocket-nginx" ]; then
    echo "rocket-nginx is not installed";
    echo "Do you want to install it now (y/n)?"
    read answer
    if [ "$answer" == "y" ]; then
        echo "Installing rocket-nginx..."
        curl -sL https://c.myvestacp.com/tools/install-rocket-nginx.sh | bash -
    else
        echo "Exiting script"
        exit 1;
    fi
 fi
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
 # Changing Proxy Template
 # Check if the proxy template is already set correctly
 current_template=$(/usr/local/vesta/bin/v-list-web-domain $user $domain | grep 'PROXY:' | awk '{print $2}')
 if [ "$current_template" == "wprocket-force-https" ] || [ "$current_template" == "wprocket-hosting" ] || [ "$current_template" == "wprocket-webp-express-force-https" ]; then
    echo "Proxy Template is already set up correctly"
 else
    # Prompt the user to choose whether to force HTTPS or not
    echo "Do you want to use wprocket-hosting template, wprocket-force-https template or wprocket-webp-express-force-https template (h/f/w):"
    read answer
    # Change the proxy template based on the user's choice
    if [ "$answer" == "h" ]; then
        /usr/local/vesta/bin/v-change-web-domain-proxy-tpl "$user" "$domain" "wprocket-hosting"
    elif [ "$answer" == "f" ]; then
        /usr/local/vesta/bin/v-change-web-domain-proxy-tpl "$user" "$domain" "wprocket-force-https"
    elif [ "$answer" == "w" ]; then
        /usr/local/vesta/bin/v-change-web-domain-proxy-tpl "$user" "$domain" "wprocket-webp-express-force-https"
    fi
    echo "Proxy Template is ready"
 fi
 # Disabling wp-cron in wp-config.php
 cd /home/$user/web/$domain/public_html
 checkstring_disable="define('DISABLE_WP_CRON', true)"
 checkstring_enable="define('DISABLE_WP_CRON', false)"
 string_disable="define( 'DISABLE_WP_CRON', true );"
 line="<?php"
 file="wp-config.php"
 if grep -q -w -i -F "$checkstring_disable" "$file"; then
  echo "WP-Cron is already disabled in your wp-config.php"
 elif grep -q -w -i -F "$checkstring_enable" "$file"; then
  echo "Disabling WP-Cron in your wp-config.php..."
  sed -i "/$checkstring_enable/d" "$file"
  sed -i "/$line/Ia $string_disable" "$file"
 else
  echo "Disabling WP-Cron in your wp-config.php..."
  sed -i "/$line/Ia $string_disable" "$file"
 fi
 # Adding cron job
 # Check if a cron job already exists for any of the specified PHP-FPM versions
 existing_cron=$(crontab -l -u $user | grep -o "wp-cron.php >/home/$user/web/$domain/cron.log" | grep -v "grep")
 if [ ! -z "$existing_cron" ]; then
    echo "There is already a cron job added for user $user and domain $domain."
 else
    echo "Adding cron job..."
    # Add the cron job
    fpm_ver=$(/usr/local/vesta/bin/v-get-php-version-of-domain "$domain")
    touch /home/$user/web/$domain/cron.log
    chown $user:$user /home/$user/web/$domain/cron.log
    case $fpm_ver in
        5.6 | 7.0 | 7.1 | 7.2 | 7.3 | 7.4 | 8.0 | 8.1 | 8.2 | 8.3) 
            /usr/local/vesta/bin/v-add-cron-job "$user" "*/15" "*" "*" "*" "*" "cd /home/$user/web/$domain/public_html; /usr/bin/php$fpm_ver wp-cron.php >/home/$user/web/$domain/cron.log 2>&1"
            ;;
    esac
 fi
 #----------------------------------------------------------#
 #                       Vesta                              #
 #----------------------------------------------------------#
 echo "Installation is completed."
 echo "Checking RESPONSE HEADERS (You should see x-rocket-nginx-serving-static if the WP Rocket plugin is activated):"
 curl -I https://$domain
 exit
--- a/bin/v-add-firewall-ban
+++ b/bin/v-add-firewall-ban
@ -72,6 +72,13 @@ $iptables -I fail2ban-$chain 1 -s $ip \
 # Changing permissions
 chmod 660 $conf
 # nginx deny rules conf
 if [ "$chain" = "WEB" ] && [ -f "/etc/nginx/conf.d/block.conf" ]; then
    if ! grep -q  "deny $ip;" /etc/nginx/conf.d/block.conf; then
        echo "deny $ip;" >> /etc/nginx/conf.d/block.conf
        systemctl reload nginx
   fi
 fi
 #----------------------------------------------------------#
 #                       Vesta                              #
--- a/bin/v-add-firewall-rule
+++ b/bin/v-add-firewall-rule
@ -83,6 +83,16 @@ sort_fw_rules
 # Updating system firewall
 $BIN/v-update-firewall
 if [ "$WEB_SYSTEM" == 'nginx' ] || [ "$PROXY_SYSTEM" == 'nginx' ]; then
    if [ "$port_ext" == "80,443" ] && [ "$action" == "DROP" ]; then
        touch /etc/nginx/conf.d/block-firewall.conf
        if ! grep -q "deny $ip;" /etc/nginx/conf.d/block-firewall.conf; then
            echo "deny $ip;" >> /etc/nginx/conf.d/block-firewall.conf
            systemctl restart nginx
        fi
    fi
 fi
 #----------------------------------------------------------#
 #                       Vesta                              #
--- a/bin/v-add-letsencrypt-domain
+++ b/bin/v-add-letsencrypt-domain
@ -17,6 +17,12 @@ aliases=$3
 # LE API
 API='https://acme-v02.api.letsencrypt.org'
 if [[ "$LE_STAGING" = 'yes' ]]; then
 	API='https://acme-staging-v02.api.letsencrypt.org'
 fi
 deb_release=$(cat /etc/debian_version | tr "." "\n" | head -n1)
 # Includes
 source $VESTA/func/main.sh
 source $VESTA/func/domain.sh
@ -56,7 +62,11 @@ query_le_v2() {
    # Save http response to file passed as "$4" arg or print to stdout if not provided
    # http response headers are always sent to stdout
    local save_to_file=${4:-"/dev/stdout"}
-    curl --silent --dump-header /dev/stdout --data "$post_data" "$1" --header "$content" --output "$save_to_file"
+    if [ "$deb_release" -gt 8 ]; then
        curl --location --user-agent "myVesta" --insecure --retry 5 --retry-connrefused --silent --dump-header /dev/stdout --data "$post_data" "$1" --header "$content" --output "$save_to_file"
    else
        curl --location --user-agent "myVesta" --insecure --retry 5 --silent --dump-header /dev/stdout --data "$post_data" "$1" --header "$content" --output "$save_to_file"
    fi
 }
@ -123,7 +133,7 @@ fi
 # Requesting nonce / STEP 1
 echo "[$(date)] : --- Requesting nonce / STEP 1 ---" >> /usr/local/vesta/log/letsencrypt.log
 echo "[$(date)] : curl -s -I \"$API/directory\"" >> /usr/local/vesta/log/letsencrypt.log
-answer=$(curl -s -I "$API/directory")
+answer=$(curl --user-agent "myVesta" -s -I "$API/directory")
 echo "[$(date)] : answer=$answer" >> /usr/local/vesta/log/letsencrypt.log
 nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n')
 echo "[$(date)] : nonce=$nonce" >> /usr/local/vesta/log/letsencrypt.log
@ -144,6 +154,11 @@ for identifier in $(echo $domain,$aliases |tr ',' '\n' |sort -u); do
 done
 payload=$(echo "$payload"|sed "s/,$//")
 payload=$payload']}'
 # validation='pending'
 # # Start counter to avoid infinite loop
 # i=0
 # while [ "$validation" = 'pending' ]; do
 # echo "[$(date)] : ----------------------- step 2 loop, counter \$i=$i -----------------------" >> /usr/local/vesta/log/letsencrypt.log
 echo "[$(date)] : payload=$payload" >> /usr/local/vesta/log/letsencrypt.log
 echo "[$(date)] : query_le_v2 \"$url\" \"$payload\" \"$nonce\"" >> /usr/local/vesta/log/letsencrypt.log
 answer=$(query_le_v2 "$url" "$payload" "$nonce")
@ -154,12 +169,23 @@ authz=$(echo "$answer" |grep "acme/authz" |cut -f2 -d '"')
 echo "[$(date)] : authz=$authz" >> /usr/local/vesta/log/letsencrypt.log
 finalize=$(echo "$answer" |grep 'finalize":' |cut -f4 -d '"')
 echo "[$(date)] : finalize=$finalize" >> /usr/local/vesta/log/letsencrypt.log
 order=$(echo -e "$answer" | grep -i location | cut -f2 -d \  | tr -d '\r\n')
 echo "[$(date)] : order=$order" >> /usr/local/vesta/log/letsencrypt.log
 status=$(echo "$answer" |grep HTTP/ |tail -n1 |cut -f2 -d ' ')
 echo "[$(date)] : status=$status" >> /usr/local/vesta/log/letsencrypt.log
 validation=$(echo "$answer" | grep 'status":' | cut -f4 -d '"')
 echo "[$(date)] : validation=$validation" >> /usr/local/vesta/log/letsencrypt.log
 if [[ "$status" -ne 201 ]]; then
    echo "[$(date)] : EXIT=Let's Encrypt new auth status $status" >> /usr/local/vesta/log/letsencrypt.log
    check_result $E_CONNECT "Let's Encrypt new auth status $status"
 fi
 # # Exit the loop after 5 attempts
 # i=$((i + 1))
 # if [ $i -gt 5 ]; then
 #     break
 # fi
 # sleep 2
 # done
 # Requesting authorization token / STEP 3
 echo "[$(date)] : --- Requesting authorization token / STEP 3 ---" >> /usr/local/vesta/log/letsencrypt.log
@ -200,6 +226,7 @@ for auth in $authz; do
            echo "[$(date)] : EXIT=DNS _acme-challenge record wasn't created" >> /usr/local/vesta/log/letsencrypt.log
        fi
        check_result $exitstatus "DNS _acme-challenge record wasn't created"
        systemctl restart bind9
    else
        if [ "$WEB_SYSTEM" = 'nginx' ] || [ ! -z "$PROXY_SYSTEM" ]; then
            if [ -f "/usr/local/vesta/web/inc/nginx_proxy" ]; then
@ -263,7 +290,9 @@ for auth in $authz; do
    # Doing pol check on status
    i=1
    while [ "$validation" = 'pending' ]; do
-        echo "[$(date)] : - Doing pol check on status" >> /usr/local/vesta/log/letsencrypt.log
+        i=0
        while true; do
            echo "[$(date)] : ----------------------- Doing pol check on status, counter \$i=$i -----------------------" >> /usr/local/vesta/log/letsencrypt.log
            payload='{}'
            echo "[$(date)] : query_le_v2 \"$url\" \"$payload\" \"$nonce\"" >> /usr/local/vesta/log/letsencrypt.log
            answer=$(query_le_v2 "$url" "$payload" "$nonce")
@ -276,6 +305,20 @@ for auth in $authz; do
            echo "[$(date)] : nonce=$nonce" >> /usr/local/vesta/log/letsencrypt.log
            status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ')
            echo "[$(date)] : status=$status" >> /usr/local/vesta/log/letsencrypt.log
            if [[ $(echo "$answer" | grep 'addressesResolved') != "" ]]; then
                break
            fi
            if [ "$wildcard" = 'yes'  ]; then
                if [[ $(echo "$answer" | grep '"status": "valid"') != "" ]]; then
                    break
                fi                
            fi
            i=$((i + 1))
            if ((i > 30)); then
                break
            fi
            sleep 2
        done
        if [[ "$status" -ne 200 ]]; then
            echo "[$(date)] : EXIT=Let's Encrypt validation status $status" >> /usr/local/vesta/log/letsencrypt.log
            check_result $E_CONNECT "Let's Encrypt validation status $status"
@ -287,7 +330,7 @@ for auth in $authz; do
            check_result $E_CONNECT "Let's Encrypt domain validation timeout"
        fi
        echo "[$(date)] : curl: $url2 :" >> /usr/local/vesta/log/letsencrypt.log
-        get_answer=$(curl --silent -S "$url2")
+        get_answer=$(curl --user-agent "myVesta" --silent -S "$url2")
        echo "[$(date)] : get_answer=$get_answer" >> /usr/local/vesta/log/letsencrypt.log
        sleeping=$((i*2))
        echo "[$(date)] : sleep $sleeping (i=$i)" >> /usr/local/vesta/log/letsencrypt.log
@ -323,8 +366,41 @@ if [[ "$status" -ne 200 ]]; then
    check_result $E_CONNECT "Let's Encrypt finalize bad status $status"
 fi
-# Downloading signed certificate / STEP 7
+if [ "$nonce" = "" ]; then
-echo "[$(date)] : --- Downloading signed certificate / STEP 7 ---" >> /usr/local/vesta/log/letsencrypt.log
+    echo "[$(date)] : EXIT=Let's Encrypt 'nonce' is empty after step 6" >> /usr/local/vesta/log/letsencrypt.log
    check_result $E_CONNECT "Let's Encrypt 'nonce' is empty after step 6"
 fi
 if [ "$certificate" = "" ]; then
    validation="processing"
 	i=1
 	while [ "$validation" = "processing" ]; do
        echo "[$(date)] : --- Polling server waiting for Certificate / STEP 7 ---" >> /usr/local/vesta/log/letsencrypt.log
 		answer=$(query_le_v2 "$order" "" "$nonce")
 		i=$((i + 1))
 		nonce=$(echo "$answer" | grep -i nonce | cut -f2 -d \  | tr -d '\r\n')
        echo "[$(date)] : answer=$answer" >> /usr/local/vesta/log/letsencrypt.log
 		status=$(echo "$answer" | grep HTTP/ | tail -n1 | cut -f 2 -d ' ')
        echo "[$(date)] : status=$status" >> /usr/local/vesta/log/letsencrypt.log
 		validation=$(echo "$answer" | grep 'status":' | cut -f4 -d '"')
        echo "[$(date)] : validation=$validation" >> /usr/local/vesta/log/letsencrypt.log
 		certificate=$(echo "$answer" | grep 'certificate":' | cut -f4 -d '"')
        echo "[$(date)] : certificate=$certificate" >> /usr/local/vesta/log/letsencrypt.log
 		sleep $((i * 2)) # Sleep for 2s, 4s, 6s, 8s
 		if [ $i -gt 10 ]; then
 			check_result "$E_CONNECT" "Certificate processing timeout ($domain)"
 		fi
 	done
 fi
 if [ "$certificate" = "" ]; then
    echo "[$(date)] : EXIT=Let's Encrypt 'certificate' is empty after step 7" >> /usr/local/vesta/log/letsencrypt.log
    check_result $E_CONNECT "Let's Encrypt 'certificate' is empty after step 7"
 fi
 # Downloading signed certificate / STEP 8
 echo "[$(date)] : --- Downloading signed certificate / STEP 8 ---" >> /usr/local/vesta/log/letsencrypt.log
 echo "[$(date)] : query_le_v2 \"$certificate\" \"\" \"$nonce\"" >> /usr/local/vesta/log/letsencrypt.log
 answer=$(query_le_v2 "$certificate" "" "$nonce" "$ssl_dir/$domain.pem")
 echo "[$(date)] : answer=$answer" >> /usr/local/vesta/log/letsencrypt.log
--- a/bin/v-add-letsencrypt-user
+++ b/bin/v-add-letsencrypt-user
@ -15,6 +15,10 @@ user=$1
 # LE API
 API='https://acme-v02.api.letsencrypt.org'
 if [[ "$LE_STAGING" = 'yes' ]]; then
 	API='https://acme-staging-v02.api.letsencrypt.org'
 fi
 # Includes
 source $VESTA/func/main.sh
 source $VESTA/conf/vesta.conf
@ -41,7 +45,7 @@ query_le_v2() {
    post_data=$post_data'"payload":"'"$payload_"'",'
    post_data=$post_data'"signature":"'"$signature_"'"}'
-    curl -s -i -d "$post_data" "$1" -H "$content"
+    curl --user-agent "myVesta" -s -i -d "$post_data" "$1" -H "$content"
 }
--- a/bin/v-add-srs-support-to-exim
+++ b/bin/v-add-srs-support-to-exim
@ -0,0 +1,77 @@
 #!/bin/bash
 gen_pass() {
    MATRIX='0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'
    if [ -z "$1" ]; then
        LENGTH=32
    else
        LENGTH=$1
    fi
    while [ ${n:=1} -le $LENGTH ]; do
        PASS="$PASS${MATRIX:$(($RANDOM%${#MATRIX})):1}"
        let n+=1
    done
    echo "$PASS"
 }
 eximversion=$(exim4 --version | grep '^Exim version ' | awk '{print $3}')
 if (( $(echo "$eximversion < 4.96" | bc -l) )); then
    echo "= ERROR: Exim SRS support requires Exim 4.96 or higher."
    echo "You have Exim $eximversion"
    exit 1;
 fi
 echo "=== Addind SRS support to Exim4 ==="
 # SRS support is taken from HestiaCP
 if [ ! -f "/etc/exim4/srs.conf" ]; then
    echo "= Generating SRS KEY"
    srs=$(gen_pass 16) 
    echo $srs > /etc/exim4/srs.conf
    chmod 640 /etc/exim4/srs.conf
    chown root:Debian-exim /etc/exim4/srs.conf
 fi
 if [ ! -f "/etc/exim4/exim4.conf.template.backup-without-srs" ]; then
    echo "= Backing up /etc/exim4/exim4.conf.template"
    cp /etc/exim4/exim4.conf.template /etc/exim4/exim4.conf.template.backup-without-srs
 fi
 if ! /usr/local/vesta/bin/v-grep 'SRS_SECRET = ' '/etc/exim4/exim4.conf.template' '-q'; then
    echo "= Adding: SRS_SECRET = readfile /etc/exim4/srs.conf"
    v-sed 'smtputf8_advertise_hosts =' 'smtputf8_advertise_hosts =\n\nSRS_SECRET = ${readfile{/etc/exim4/srs.conf}}' '/etc/exim4/exim4.conf.template'
 fi
 if ! /usr/local/vesta/bin/v-grep 'if outbound, and forwarding has been done, use an alternate transport' '/etc/exim4/exim4.conf.template' '-q'; then
    echo "= Patching \"dnslookup:\" block"
    /usr/local/vesta/bin/v-php-func "replace_in_file_once_between_including_borders" "/etc/exim4/exim4.conf.template" 'dnslookup:' '  no_more' 'dnslookup:\n  driver = dnslookup\n  # if outbound, and forwarding has been done, use an alternate transport\n  domains = ! +local_domains\n  transport = ${if eq {$local_part@$domain} \\n                      {$original_local_part@$original_domain} \\n                      {remote_smtp} {remote_forwarded_smtp}}\n  no_more'
 fi
 if ! /usr/local/vesta/bin/v-grep 'inbound_srs:' '/etc/exim4/exim4.conf.template' '-q'; then
    echo "= Adding \"inbound_srs\" and \"inbound_srs_failure\" blocks"
    v-sed 'aliases:' 'inbound_srs:\n    driver = redirect\n    senders = :\n    domains = +local_domains\n    # detect inbound bounces which are converted to SRS, and decode them\n    condition = ${if inbound_srs {$local_part} {SRS_SECRET}}\n    data = $srs_recipient\n\ninbound_srs_failure:\n    driver = redirect\n    senders = :\n    domains = +local_domains\n    # detect inbound bounces which look converted to SRS but are invalid\n    condition = ${if inbound_srs {$local_part} {}}\n    allow_fail\n    data = :fail: Invalid SRS recipient address\n\naliases:' '/etc/exim4/exim4.conf.template'
 fi
 if ! /usr/local/vesta/bin/v-grep 'remote_forwarded_smtp:' '/etc/exim4/exim4.conf.template' '-q'; then
    echo "= Adding \"remote_forwarded_smtp:\" block"
    v-sed 'procmail:\n  driver = pipe' 'remote_forwarded_smtp:\n  driver = smtp\n  dkim_domain = DKIM_DOMAIN\n  dkim_selector = mail\n  dkim_private_key = DKIM_PRIVATE_KEY\n  dkim_canon = relaxed\n  dkim_strict = 0\n  hosts_try_fastopen = \n  hosts_try_chunking = !93.188.3.0/24\n  message_linelength_limit = 1G\n  # modify the envelope from, for mails that we forward\n  max_rcpt = 1\n  return_path = ${srs_encode {SRS_SECRET} {$return_path} {$original_domain}}\n\nprocmail:\n  driver = pipe' '/etc/exim4/exim4.conf.template'
 fi
 touch /etc/exim4/limit_per_email_account_max_sent_emails_per_hour
 touch /etc/exim4/limit_per_email_account_max_recipients
 touch /etc/exim4/limit_per_hosting_account_max_sent_emails_per_hour
 touch /etc/exim4/limit_per_hosting_account_max_recipients
 echo "= Restarting exim4 service"
 systemctl restart exim4
 if [ $? -ne 0 ]; then
    systemctl status exim4
    cp /etc/exim4/exim4.conf.template.backup-without-srs /etc/exim4/exim4.conf.template
    systemctl restart exim4
    echo "=== Patching failed, old exim conf returned, exim4 restarted again."
    exit 1
 fi
 echo "=== SRS support was added successfully. ==="
 exit 0
--- a/bin/v-add-user-package
+++ b/bin/v-add-user-package
@ -28,7 +28,7 @@ is_package_new() {
 }
 is_package_consistent() {
-    source $pkg_dir/$package.pkg
+    parse_object_kv_list_non_eval $(cat $pkg_dir/$package.pkg)
    if [ "$WEB_DOMAINS" != 'unlimited' ]; then
        is_int_format_valid $WEB_DOMAINS 'WEB_DOMAINS'
    fi
@ -63,6 +63,9 @@ is_package_consistent() {
        is_int_format_valid $BACKUPS 'BACKUPS'
    fi
    is_format_valid_shell $SHELL
    is_web_template_valid $WEB_TEMPLATE
    is_dns_template_valid $DNS_TEMPLATE
    is_proxy_template_valid $PROXY_TEMPLATE
 }
--- a/bin/v-add-wordpress-admin
+++ b/bin/v-add-wordpress-admin
@ -0,0 +1,76 @@
 #!/bin/bash
 # info: Add a WordPress admin user to a specific domain
 # options: DOMAIN USERNAME PASSWORD EMAIL
 #----------------------------------------------------------#
 #                    Variable&Function                     #
 #----------------------------------------------------------#
 whoami=$(whoami)
 if [ "$whoami" != "root" ]; then
    echo "You must be root to execute this script"
    exit 1
 fi
 if [ "$#" -lt 4 ]; then
    echo "Usage: v-add-wordpress-admin [DOMAIN] [USERNAME] [PASSWORD] [EMAIL]"
    exit 1
 fi
 # Importing system environment
 source /etc/profile
 SILENT_MODE=1
 # Argument definition
 domain=$1
 username=$2
 password=$3
 email=$4
 user=$(/usr/local/vesta/bin/v-search-domain-owner $domain)
 USER=$user
 # Includes
 source /usr/local/vesta/func/main.sh
 source /usr/local/vesta/func/domain.sh
 if [ -z "$user" ]; then
    check_result $E_NOTEXIST "domain $domain doesn't exist"
 fi
 #----------------------------------------------------------#
 #                    Verifications                         #
 #----------------------------------------------------------#
 check_args '4' "$#" 'DOMAIN USERNAME PASSWORD EMAIL'
 is_format_valid 'domain'
 is_object_valid 'user' 'USER' "$user"
 is_object_unsuspended 'user' 'USER' "$user"
 if [ ! -d "/home/$user" ]; then
    echo "User doesn't exist";
    exit 1;
 fi
 if [ ! -d "/home/$user/web/$domain/public_html" ]; then
    echo "Domain doesn't exist";
    exit 1;
 fi
 if [ ! -f "/home/$user/web/$domain/public_html/wp-config.php" ]; then
    echo 'Please install WordPress first.'
    exit 1;
 fi
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
 /usr/local/vesta/bin/v-run-wp-cli $domain user create $username $email --role=administrator --user_pass="$password" --skip-plugins --skip-themes;
 #----------------------------------------------------------#
 #                       Vesta                              #
 #----------------------------------------------------------#
 exit 0;
--- a/bin/v-backup-user
+++ b/bin/v-backup-user
@ -22,6 +22,9 @@ source $VESTA/func/domain.sh
 source $VESTA/func/db.sh
 source $VESTA/conf/vesta.conf
 if [ ! -z "$NOW" ]; then
    BACKUP_LA_LIMIT=50
 fi
 #----------------------------------------------------------#
 #                    Verifications                         #
@ -251,6 +254,11 @@ if [ ! -z "$WEB_SYSTEM" ] && [ "$WEB" != '*' ]; then
        if [ ! -z "$exlusion" ]; then
            xdirs="$(echo -e "$exlusion" |tr ':' '\n' |grep -v $domain)"
            for xpath in $xdirs; do
                # Add ./ at the beginning of the path if the path is in old pattern
                if [[ $xpath != ./* ]]; then
                    xpath=(./$xpath)
                fi
                if [ -d "$xpath" ]; then
                    fargs+=(--exclude=$xpath/*)
                    echo "$(date "+%F %T") excluding directory $xpath"
@ -265,7 +273,7 @@ if [ ! -z "$WEB_SYSTEM" ] && [ "$WEB" != '*' ]; then
        set +f
        # Backup files
-        tar --anchored -cpf- ${fargs[@]} * |gzip -$BACKUP_GZIP - > $tmpdir/web/$domain/domain_data.tar.gz
+        tar --anchored -cpf- ${fargs[@]} --exclude={'./','../'} . |gzip -$BACKUP_GZIP - > $tmpdir/web/$domain/domain_data.tar.gz
    done
    # Print total
--- a/bin/v-backup-user-now
+++ b/bin/v-backup-user-now
@ -0,0 +1,6 @@
 #!/bin/bash
 export ALLOW_BACKUP_ANYTIME='yes'
 export NOW='yes'
 nice -n 19 ionice -c 3 /usr/local/vesta/bin/v-backup-user $1
--- a/bin/v-backup-users
+++ b/bin/v-backup-users
@ -37,7 +37,7 @@ fi
 log=$VESTA/log/backup.log
-$BIN/v-check-vesta-license >/dev/null
+# $BIN/v-check-vesta-license >/dev/null
 touch $log
 if [ ! -z "$NOTIFY_ADMIN_FULL_BACKUP" ]; then
--- a/bin/v-blacklist-email-account
+++ b/bin/v-blacklist-email-account
@ -0,0 +1,102 @@
 #!/bin/bash
 # info: Add a specific email address to exim4 and spamassassin blacklist
 # usage: v-blacklist-email-account EMAIL
 #----------------------------------------------------------#
 #                    Variable&Function                     #
 #----------------------------------------------------------#
 whoami=$(whoami)
 if [ "$whoami" != "root" ]; then
    echo "You must be root to execute this script"
    exit 1
 fi
 # Importing system environment
 source /etc/profile
 # Determine Debian version and set SpamAssassin service name
 release=$(cat /etc/debian_version | tr "." "\n" | head -n1)
 if [ "$release" -lt 12 ]; then
    SPAMD_SERVICE="spamassassin.service"
 else
    SPAMD_SERVICE="spamd.service"
 fi
 DENY_SENDERS_FILE="/etc/exim4/deny_senders"
 SPAMASSASSIN_FILE="/etc/spamassassin/local.cf"
 # Flags to track changes
 SPAMASSASSIN_CHANGED=false
 # Function to check if an entry already exists in a file
 check_entry_exists() {
    local entry=$1
    local file=$2
    grep -qF "$entry" "$file"
 }
 # Function to add an entry to a file
 add_entry_to_file() {
    local entry=$1
    local file=$2
    echo "$entry" >> "$file"
 }
 # Display usage if no arguments are provided
 if [ $# -lt 1 ]; then
    echo "Usage: v-blacklist-email EMAIL"
    exit 1
 fi
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
 EMAIL=$1
 # Validate email format
 if [[ ! "$EMAIL" =~ ^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$ ]]; then
    echo "Invalid email address format."
    exit 1
 fi
 # Prepare entries for Exim4 and SpamAssassin
 EXIM_ENTRY="$EMAIL"
 SPAMASSASSIN_ENTRY="blacklist_from $EMAIL"
 #----------------------------------------------------------#
 #                   Exim4 Blacklist                        #
 #----------------------------------------------------------#
 echo "Updating $DENY_SENDERS_FILE..."
 if ! check_entry_exists "$EXIM_ENTRY" "$DENY_SENDERS_FILE"; then
    add_entry_to_file "$EXIM_ENTRY" "$DENY_SENDERS_FILE"
    echo "Added $EXIM_ENTRY to $DENY_SENDERS_FILE."
 else
    echo "$EXIM_ENTRY already exists in $DENY_SENDERS_FILE."
 fi
 #----------------------------------------------------------#
 #                SpamAssassin Blacklist                    #
 #----------------------------------------------------------#
 echo "Updating $SPAMASSASSIN_FILE..."
 if ! check_entry_exists "$SPAMASSASSIN_ENTRY" "$SPAMASSASSIN_FILE"; then
    add_entry_to_file "$SPAMASSASSIN_ENTRY" "$SPAMASSASSIN_FILE"
    echo "Added $SPAMASSASSIN_ENTRY to $SPAMASSASSIN_FILE."
    SPAMASSASSIN_CHANGED=true
 else
    echo "$SPAMASSASSIN_ENTRY already exists in $SPAMASSASSIN_FILE."
 fi
 if [ "$SPAMASSASSIN_CHANGED" == "true" ]; then
    systemctl restart "$SPAMD_SERVICE"
    echo "SpamAssassin service ($SPAMD_SERVICE) restarted."
 fi
 #----------------------------------------------------------#
 #                       Done                               #
 #----------------------------------------------------------#
 exit 0
--- a/bin/v-blacklist-email-domain
+++ b/bin/v-blacklist-email-domain
@ -0,0 +1,133 @@
 #!/bin/bash
 # info: Add a domain to exim4 and spamassassin blacklist
 # usage: v-blacklist-email-domain DOMAIN SUBDOMAIN(YES/NO)
 #----------------------------------------------------------#
 #                    Variable&Function                     #
 #----------------------------------------------------------#
 whoami=$(whoami)
 if [ "$whoami" != "root" ]; then
    echo "You must be root to execute this script"
    exit 1
 fi
 # Importing system environment
 source /etc/profile
 # Determine Debian version and set SpamAssassin service name
 release=$(cat /etc/debian_version | tr "." "\n" | head -n1)
 if [ "$release" -lt 12 ]; then
    SPAMD_SERVICE="spamassassin.service"
 else
    SPAMD_SERVICE="spamd.service"
 fi
 DENY_SENDERS_FILE="/etc/exim4/deny_senders"
 SPAMASSASSIN_FILE="/etc/spamassassin/local.cf"
 # Flags to track changes
 SPAMASSASSIN_CHANGED=false
 # Function to check if a domain already exists in a file
 check_domain_exists() {
    local domain=$1
    local file=$2
    grep -qE "^${domain}$" "$file"
 }
 # Function to check if a SpamAssassin entry already exists
 check_spamassassin_exists() {
    local entry=$1
    local file=$2
    grep -qF "$entry" "$file"
 }
 # Function to add domain to file
 add_domain_to_file() {
    local domain=$1
    local file=$2
    echo "$domain" >> "$file"
 }
 # Display usage if no arguments are provided
 if [ $# -lt 2 ]; then
    echo "Usage: v-blacklist-domain DOMAIN SUBDOMAIN(YES/NO)"
    exit 1
 fi
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
 DOMAIN=$1
 SUBDOMAIN=${2^^} # Convert to uppercase for consistency (YES/NO)
 # Validate SUBDOMAIN parameter
 if [[ "$SUBDOMAIN" != "YES" && "$SUBDOMAIN" != "NO" ]]; then
    echo "Invalid parameter for SUBDOMAIN. Use YES or NO."
    exit 1
 fi
 # Prepare entries for Exim4
 EXIM_ENTRY_MAIN="$DOMAIN"
 EXIM_ENTRY_SUB="*.$DOMAIN"
 # Prepare entries for SpamAssassin
 SPAMASSASSIN_ENTRY_MAIN="blacklist_from *@${DOMAIN}"
 SPAMASSASSIN_ENTRY_SUB="blacklist_from *.$DOMAIN"
 #----------------------------------------------------------#
 #                   Exim4 Blacklist                        #
 #----------------------------------------------------------#
 echo "Updating $DENY_SENDERS_FILE..."
 if ! check_domain_exists "$EXIM_ENTRY_MAIN" "$DENY_SENDERS_FILE"; then
    add_domain_to_file "$EXIM_ENTRY_MAIN" "$DENY_SENDERS_FILE"
    echo "Added $EXIM_ENTRY_MAIN to $DENY_SENDERS_FILE."
 else
    echo "$EXIM_ENTRY_MAIN already exists in $DENY_SENDERS_FILE."
 fi
 if [ "$SUBDOMAIN" == "YES" ]; then
    if ! check_domain_exists "$EXIM_ENTRY_SUB" "$DENY_SENDERS_FILE"; then
        add_domain_to_file "$EXIM_ENTRY_SUB" "$DENY_SENDERS_FILE"
        echo "Added $EXIM_ENTRY_SUB to $DENY_SENDERS_FILE."
    else
        echo "$EXIM_ENTRY_SUB already exists in $DENY_SENDERS_FILE."
    fi
 fi
 #----------------------------------------------------------#
 #                SpamAssassin Blacklist                    #
 #----------------------------------------------------------#
 echo "Updating $SPAMASSASSIN_FILE..."
 if ! check_spamassassin_exists "$SPAMASSASSIN_ENTRY_MAIN" "$SPAMASSASSIN_FILE"; then
    add_domain_to_file "$SPAMASSASSIN_ENTRY_MAIN" "$SPAMASSASSIN_FILE"
    echo "Added $SPAMASSASSIN_ENTRY_MAIN to $SPAMASSASSIN_FILE."
    SPAMASSASSIN_CHANGED=true
 else
    echo "$SPAMASSASSIN_ENTRY_MAIN already exists in $SPAMASSASSIN_FILE."
 fi
 if [ "$SUBDOMAIN" == "YES" ]; then
    if ! check_spamassassin_exists "$SPAMASSASSIN_ENTRY_SUB" "$SPAMASSASSIN_FILE"; then
        add_domain_to_file "$SPAMASSASSIN_ENTRY_SUB" "$SPAMASSASSIN_FILE"
        echo "Added $SPAMASSASSIN_ENTRY_SUB to $SPAMASSASSIN_FILE."
        SPAMASSASSIN_CHANGED=true
    else
        echo "$SPAMASSASSIN_ENTRY_SUB already exists in $SPAMASSASSIN_FILE."
    fi
 fi
 if [ "$SPAMASSASSIN_CHANGED" == "true" ]; then
    systemctl restart "$SPAMD_SERVICE"
    echo "SpamAssassin service ($SPAMD_SERVICE) restarted."
 fi
 #----------------------------------------------------------#
 #                       Done                               #
 #----------------------------------------------------------#
 exit 0
--- a/bin/v-change-database-owner
+++ b/bin/v-change-database-owner
@ -60,6 +60,10 @@ if [ ! -z "$check_db" ]; then
    exit $E_EXISTS
 fi
 if [ ! -d "/backup" ]; then
  echo "There is no /backup folder, creating it now..."
  mkdir /backup
 fi
 #----------------------------------------------------------#
 #                       Action                             #
--- a/bin/v-change-database-password-for-all-wordpress
+++ b/bin/v-change-database-password-for-all-wordpress
@ -0,0 +1,65 @@
 #!/bin/bash
 # info: change db password to all wordpress databases
 # options:
 #
 # The command is used for changing db password to all wordpress databases on the server.
 #----------------------------------------------------------#
 #                    Variable&Function                     #
 #----------------------------------------------------------#
 # Importing system variables
 source /etc/profile
 # Includes
 source $VESTA/func/main.sh
 only_user='';
 if [ ! -z "$1" ]; then
    only_user=$1
 fi
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
 touch /root/remember-db-user-pass.txt
 for user in $(grep '@' /etc/passwd |cut -f1 -d:); do
    if [ ! -f "/usr/local/vesta/data/users/$user/user.conf" ]; then
        continue;
    fi
    if [ ! -z "$only_user" ]; then
        if [ "$only_user" != "$user" ]; then
            continue;
        fi
    fi
    for domain in $(/usr/local/vesta/bin/v-list-web-domains $user plain |cut -f 1); do
        if [ -f "/home/$user/web/$domain/public_html/wp-config.php" ]; then
            /usr/local/vesta/bin/v-change-database-password-for-wordpress $domain $user
            echo "--------------------------------"
        fi
    done
    if [ ! -z "$only_user" ]; then
        break;
    fi
 done
 # cat /root/remember-db-user-pass.txt
 if [ -f "/root/remember-db-user-pass.txt" ]; then
    rm /root/remember-db-user-pass.txt
 fi
 #----------------------------------------------------------#
 #                       Vesta                              #
 #----------------------------------------------------------#
 # Logging
 log_event "$OK" "$ARGUMENTS"
 exit
--- a/bin/v-change-database-password-for-wordpress
+++ b/bin/v-change-database-password-for-wordpress
@ -0,0 +1,132 @@
 #!/bin/bash
 # info: change database password for wordpress
 # options:
 #
 # The command is used for changing database password for wordpress.
 #----------------------------------------------------------#
 #                    Variable&Function                     #
 #----------------------------------------------------------#
 whoami=$(whoami)
 if [ "$whoami" != "root" ]; then
    echo "You must be root to execute this script"
    exit 1
 fi
 # Importing system environment
 source /etc/profile
 # Argument definition
 domain=$1
 # Check if number of arguments is 2
 if [ $# -eq 2 ]; then
    user=$2
 else
    user=$(/usr/local/vesta/bin/v-search-domain-owner $domain)
 fi
 USER=$user
 if [ -z "$user" ]; then
    echo "ERROR: Domain $domain not found"
    exit 1;
 fi
 if [ ! -d "/home/$user" ]; then
    echo "ERROR: User $user doesn't exist";
    exit 1;
 fi
 # Includes
 source /usr/local/vesta/func/main.sh
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
 check_args '1' "$#" 'DOMAIN'
 is_format_valid 'domain'
 is_object_valid 'user' 'USER' "$user"
 is_object_unsuspended 'user' 'USER' "$user"
 if [ ! -d "/home/$user/web/$domain/public_html" ]; then
    echo "ERROR: Domain doesn't exist";
    exit 1;
 fi
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
 if [ -f "/home/$user/web/$domain/public_html/wp-config.php" ]; then
    echo "=== Domain: $domain"
    wp_config_path="/home/$user/web/$domain/public_html/wp-config.php"
    if grep -q $'\r' $wp_config_path; then
        echo "=== removing CRLF from wp-config.php"
        tr -d '\r' < $wp_config_path > /tmp/wp-config.php && mv /tmp/wp-config.php $wp_config_path
        chown $user:$user $wp_config_path
    fi
    db_name=$(grep "DB_NAME" $wp_config_path | grep -oP "define\s*\(\s*'DB_NAME'\s*,\s*'\K[^']+")
    db_user=$(grep "DB_USER" $wp_config_path | grep -oP "define\s*\(\s*'DB_USER'\s*,\s*'\K[^']+")
    if [ -z "$db_name" ]; then
        db_name=$(grep "DB_NAME" $wp_config_path | grep -oP "define\s*\(\s*'DB_NAME'\s*,\s*\"\K[^\"]+")
    fi
    if [ -z "$db_user" ]; then
        db_user=$(grep "DB_USER" $wp_config_path | grep -oP "define\s*\(\s*'DB_USER'\s*,\s*\"\K[^\"]+")
    fi
    new_password=''
    found_existing_password=0
    if [ -f "/root/remember-db-user-pass.txt" ]; then
        db_user_pass=$(grep "$db_user:" /root/remember-db-user-pass.txt)
        if [ -n "$db_user_pass" ]; then
            new_password=$(echo "$db_user_pass" | cut -d':' -f2)
            echo "= Using existing password for $db_user"
            found_existing_password=1
        fi
    fi
    if [ -z "$new_password" ]; then
        new_password=$(generate_password)
    fi
    echo "DB name: $db_name"
    echo "DB user: $db_user"
    echo "New DB password: $new_password"
    if [ $found_existing_password -eq 0 ]; then
        touch /root/remember-db-user-pass.txt
        echo "$db_user:$new_password" >> /root/remember-db-user-pass.txt
        chown root:root /root/remember-db-user-pass.txt
        chmod 600 /root/remember-db-user-pass.txt
    fi
    /usr/local/vesta/bin/v-change-database-password "$user" "$db_name" "$new_password"
    if [ $? -ne 0 ]; then
        echo "*************** ERROR: Failed to change database password ***************"
        exit 1;
    fi
    line="define('DB_PASSWORD', '$new_password');"
    chattr -i $wp_config_path
    sed -i "s/.*define(.*DB_PASSWORD'.*/$line/" $wp_config_path
    new_password_line=$(grep "DB_PASSWORD" $wp_config_path)
    echo "New DB password line: $new_password_line"
    if [ "$new_password_line" != "$line" ]; then
        echo "*************** ERROR: line in wp-config.php is not what we expected ***************"
        echo "Expected: $line"
        echo "Actual  : $new_password_line"
        echo "*************** ERROR: Please check wp-config.php manually ***************"
        exit 1;
    fi
 else
    echo "ERROR: WP-config.php not found"
    exit 1;
 fi
 #----------------------------------------------------------#
 #                       Vesta                              #
 #----------------------------------------------------------#
 # Logging
 log_event "$OK" "$ARGUMENTS"
 exit 0;
--- a/bin/v-change-dir-www
+++ b/bin/v-change-dir-www
@ -0,0 +1,71 @@
 #!/bin/bash
 # info: Change directory to the public_html folder of a domain
 # usage: source v-cd-www DOMAIN
 #----------------------------------------------------------#
 #                    Variable&Function                     #
 #----------------------------------------------------------#
 if [[ "${BASH_SOURCE[0]}" == "${0}" ]]; then
    echo "This script must be sourced to change the current directory."
    echo "Usage: source v-cd-www DOMAIN"
    exit 1
 fi
 whoami=$(whoami)
 if [ "$whoami" != "root" ]; then
    echo "You must be root to execute this script"
    return 1
 fi
 # Importing system environment
 source /etc/profile
 PATH=$PATH:/usr/local/vesta/bin && export PATH
 SILENT_MODE=1
 # Argument definition
 domain=$1
 user=$(/usr/local/vesta/bin/v-search-domain-owner $domain)
 if [ -z "$user" ]; then
    echo "Domain $domain doesn't exist"
    return 1
 fi
 USER=$user
 # Includes
 source /usr/local/vesta/func/main.sh
 source /usr/local/vesta/func/domain.sh
 #----------------------------------------------------------#
 #                    Verifications                         #
 #----------------------------------------------------------#
 check_args '1' "$#" 'DOMAIN'
 is_format_valid 'domain'
 is_object_valid 'user' 'USER' "$user"
 if [ ! -d "/home/$user" ]; then
    echo "User $user doesn't exist"
    return 1
 fi
 if [ ! -d "/home/$user/web/$domain/public_html" ]; then
    echo "Domain $domain doesn't have a public_html directory"
    return 1
 fi
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
 cd "/home/$user/web/$domain/public_html"
 #----------------------------------------------------------#
 #                       Vesta                              #
 #----------------------------------------------------------#
 return 0
--- a/bin/v-change-domain-owner
+++ b/bin/v-change-domain-owner
@ -35,6 +35,9 @@ if [ "$owner" = "$user" ]; then
    exit
 fi
 USER_DATA=$VESTA/data/users/$owner
 is_object_unsuspended 'user' 'USER' "$owner"
 USER_DATA=$VESTA/data/users/$user
 #----------------------------------------------------------#
 #                       Action                             #
@ -57,11 +60,11 @@ if [ ! -z "$web_data" ]; then
        ssl_key=$VESTA/data/users/$owner/ssl/$domain.key
        ssl_ca=$VESTA/data/users/$owner/ssl/$domain.ca
        ssl_pem=$VESTA/data/users/$owner/ssl/$domain.pem
-        mv $ssl_crt $VESTA/data/users/$user/ssl/
+        cp $ssl_crt $VESTA/data/users/$user/ssl/
-        mv $ssl_key $VESTA/data/users/$user/ssl/
+        cp $ssl_key $VESTA/data/users/$user/ssl/
-        mv $ssl_ca $VESTA/data/users/$user/ssl/ >> /dev/null 2>&1
+        cp $ssl_ca $VESTA/data/users/$user/ssl/ > /dev/null 2>&1
-        mv $ssl_pem $VESTA/data/users/$user/ssl/ >> /dev/null 2>&1
+        cp $ssl_pem $VESTA/data/users/$user/ssl/ > /dev/null 2>&1
-        rm -f $HOMEDIR/$owner/conf/web/ssl.$domain.*
+        # rm -f $HOMEDIR/$owner/conf/web/ssl.$domain.*
    fi
    # Check ftp user account
@ -79,10 +82,23 @@ if [ ! -z "$web_data" ]; then
    # Move data
    mv $HOMEDIR/$owner/web/$domain $HOMEDIR/$user/web/
    if [ -d "/hdd/home/$owner/web/$domain" ]; then
        $BIN/v-move-folder-and-make-symlink /hdd/home/$owner/web/$domain /hdd/home/$user/web/$domain
    fi
    # Change ownership
    find $HOMEDIR/$user/web/$domain -user $owner \
        -exec chown -h $user:$user {} \;
    if [ "$SSL" = 'yes' ]; then
        sleep 10
        rm $ssl_crt
        rm $ssl_key
        rm $ssl_ca > /dev/null 2>&1
        rm $ssl_pem > /dev/null 2>&1
        rm -f $HOMEDIR/$owner/conf/web/ssl.$domain.*
    fi
    # Rebuild config
    $BIN/v-unsuspend-web-domain $user $domain no >> /dev/null 2>&1
    $BIN/v-rebuild-web-domains $owner no
@ -140,6 +156,10 @@ if [ ! -z "$mail_data" ]; then
    # Move data
    mv $HOMEDIR/$owner/mail/$domain $HOMEDIR/$user/mail/
    if [ -d "/hdd/home/$owner/mail/$domain" ]; then
        $BIN/v-move-folder-and-make-symlink /hdd/home/$owner/mail/$domain /hdd/home/$user/mail/$domain
    fi
    # Change ownership
    find $HOMEDIR/$user/mail/$domain -user $owner \
        -exec chown -h $user {} \;
--- a/bin/v-change-firewall-rule
+++ b/bin/v-change-firewall-rule
@ -62,6 +62,8 @@ str="RULE='$rule' ACTION='$action' PROTOCOL='$protocol' PORT='$port_ext'"
 str="$str IP='$ip' COMMENT='$comment' SUSPENDED='no'"
 str="$str TIME='$time' DATE='$date'"
 oldvalues=$(grep "RULE='$rule'" $VESTA/data/firewall/rules.conf)
 # Deleting old rule
 sed -i "/RULE='$rule' /d" $VESTA/data/firewall/rules.conf
@ -74,6 +76,14 @@ sort_fw_rules
 # Updating system firewall
 $BIN/v-update-firewall
 if [ "$WEB_SYSTEM" == 'nginx' ] || [ "$PROXY_SYSTEM" == 'nginx' ]; then
    if [ "$port_ext" == "80,443" ] && [ "$action" == "DROP" ]; then
        NEWIP=$ip
        parse_object_kv_list_non_eval "$oldvalues"
        sed -i "s|$IP|$NEWIP|g" /etc/nginx/conf.d/block-firewall.conf
        systemctl restart nginx
    fi
 fi
 #----------------------------------------------------------#
 #                       Vesta                              #
--- a/bin/v-change-user-package
+++ b/bin/v-change-user-package
@ -16,6 +16,7 @@ force=$3
 # Includes
 source $VESTA/func/main.sh
 source $VESTA/func/domain.sh
 source $VESTA/conf/vesta.conf
 is_package_avalable() {
@ -23,7 +24,7 @@ is_package_avalable() {
    usr_data=$(cat $USER_DATA/user.conf)
    IFS=$'\n'
    for key in $usr_data; do
-        eval ${key%%=*}=${key#*=}
+        parse_object_kv_list_non_eval $key
    done
    WEB_DOMAINS='0'
@ -35,7 +36,7 @@ is_package_avalable() {
    pkg_data=$(cat $VESTA/data/packages/$package.pkg |grep -v TIME |\
        grep -v DATE)
-    eval $pkg_data
+    parse_object_kv_list_non_eval $pkg_data
    # Checking usage agains package limits
    if [ "$WEB_DOMAINS" != 'unlimited' ]; then
@ -73,11 +74,15 @@ is_package_avalable() {
            check_result $E_LIMIT "Package doesn't cover BANDWIDTH usage"
        fi
    fi
    is_web_template_valid $WEB_TEMPLATE
    is_dns_template_valid $DNS_TEMPLATE
    is_proxy_template_valid $PROXY_TEMPLATE
 }
 change_user_package() {
-    eval $(cat $USER_DATA/user.conf)
+    parse_object_kv_list_non_eval $(cat $USER_DATA/user.conf)
-    eval $(cat $VESTA/data/packages/$package.pkg |egrep -v "TIME|DATE")
+    parse_object_kv_list_non_eval $(cat $VESTA/data/packages/$package.pkg |egrep -v "TIME|DATE")
    echo "FNAME='$FNAME'
 LNAME='$LNAME'
 PACKAGE='$package'
--- a/bin/v-change-vesta-port
+++ b/bin/v-change-vesta-port
@ -41,6 +41,7 @@ is_int_format_valid "$port" 'port number'
 #----------------------------------------------------------#
 sed -i "s|$oldport;|$port;|g" $VESTA/nginx/conf/nginx.conf
 sed -i "s|$oldport ssl;|$port ssl;|g" $VESTA/nginx/conf/nginx.conf
 if [ -f "/etc/roundcube/plugins/password/config.inc.php" ]; then
    sed -i "s|'$oldport'|'$port'|g" /etc/roundcube/plugins/password/config.inc.php
 fi
--- a/bin/v-change-wordpress-admin-passwords
+++ b/bin/v-change-wordpress-admin-passwords
@ -0,0 +1,201 @@
 #!/bin/bash
 # info: interactively delete or change WordPress admin passwords for a given domain
 # options: DOMAIN
 #
 # d  → delete user  (with content reassignment)
 # c  → change password (random 10-char alnum)
 # s  → skip
 # x  → exit
 #----------------------------------------------------------#
 #                    Variable & Function                   #
 #----------------------------------------------------------#
 [ "$(whoami)" != "root" ] && { echo "You must be root to run this command."; exit 1; }
 source /etc/profile
 DOMAIN="$1"
 [ -z "$DOMAIN" ] && { echo "Usage: v-change-wp-admins-pass DOMAIN"; exit 1; }
 USER="$(/usr/local/vesta/bin/v-search-domain-owner "$DOMAIN")"
 [ -z "$USER" ] && { echo "Domain $DOMAIN does not exist."; exit 1; }
 WP_PATH="/home/$USER/web/$DOMAIN/public_html"
 [ ! -f "$WP_PATH/wp-config.php" ] && { echo "WordPress is not installed on this domain."; exit 1; }
 # WP-CLI wrapper
 if [ ! -z "$PHP" ]; then
    WP_RUN="PHP=$PHP /usr/local/vesta/bin/v-run-wp-cli $DOMAIN --skip-plugins --skip-themes"
 else
    WP_RUN="/usr/local/vesta/bin/v-run-wp-cli $DOMAIN --skip-plugins --skip-themes"
 fi
 # random 10-char password
 gen_pass() { tr -dc 'A-Za-z0-9' </dev/urandom | head -c 10; }
 #----------------------------------------------------------#
 #                         Action                           #
 #----------------------------------------------------------#
 cd "$WP_PATH" || exit 1
 echo
 echo "WordPress administrators for $DOMAIN:"
 echo "-------------------------------------"
 if [ -f /home/$USER/web/$DOMAIN/wp-admin-password-change.txt ]; then
    rm /home/$USER/web/$DOMAIN/wp-admin-password-change.txt
 fi
 RUN="$WP_RUN user list --role=administrator --fields=ID,user_login,user_email --format=csv --skip-plugins --skip-themes"
 ADMIN_LIST_CSV=$(eval "$RUN")
 return_code=$?
 if [ $return_code -ne 0 ]; then
    echo "WP-CLI error:"
    echo "return code: $return_code"
    cat /home/$USER/web/$DOMAIN/wp-cli-error.log
    exit $return_code
 fi
 ADMIN_LIST_CSV=$(echo "$ADMIN_LIST_CSV" | tail -n +2)
 [ -z "$ADMIN_LIST_CSV" ] && { echo "No administrator accounts found."; exit 0; }
 DEFAULT_USER=""
 printf "%-6s %-20s %s\n" "ID" "Username" "Email"
 while IFS=',' read -r PID PLOGIN PEMAIL; do
    printf "%-6s %-20s %s\n" "$PID" "$PLOGIN" "$PEMAIL"
    if [ "$PID" = "1" ]; then
        DEFAULT_USER="$PLOGIN"
    fi
 done <<< "$ADMIN_LIST_CSV"
 echo
 echo "For each admin choose: (d) delete, (c) change password, (s) skip, (x) exit."
 # interactive loop
 while IFS=',' read -r ID LOGIN EMAIL; do
    [ -n "$EMAIL" ] && TARGET="$LOGIN <$EMAIL>" || TARGET="$LOGIN"
    while true; do
        echo "-------------------------------------"
        read -r -p "Action for \"$TARGET\" [d/c/s/x]? " ACT < /dev/tty
        skip=0;
        case "$ACT" in
            [Dd]* )
                # read -r -p "Really DELETE \"$TARGET\" ?   (y/n, default: y) " CONF < /dev/tty
                CONF="y"
                if [[ ! "$CONF" =~ ^[Nn]$ ]]; then
                    # build an array of OTHER admin usernames
                    mapfile -t OTHER_USERS < <(echo "$ADMIN_LIST_CSV" | awk -F',' -v cur="$ID" '$1!=cur {print $2}')
                    if [ "${#OTHER_USERS[@]}" -eq 0 ]; then
                        echo "Cannot delete the only administrator account."
                        break
                    fi
                    if [ "$DEFAULT_USER" = "" ]; then
                        DEFAULT_USER="${OTHER_USERS[0]}"
                    fi
                    echo "Available admin usernames for reassignment: ${OTHER_USERS[*]}"
                    while true; do
                        read -r -p "Reassign content to which username? [default: $DEFAULT_USER, s: skip] " REASSIGN < /dev/tty
                        REASSIGN=${REASSIGN:-$DEFAULT_USER}
                        DEFAULT_USER=$REASSIGN
                        if printf '%s\n' "${OTHER_USERS[@]}" | grep -qx "$REASSIGN"; then
                            break
                        fi
                        if [[ "$REASSIGN" =~ ^[Ss]$ ]]; then
                            echo "Skipping reassignment."
                            skip=1;
                            break
                        fi
                        if [[ "$REASSIGN" =~ ^[0-9]+$ ]]; then
                            break
                        fi
                        echo "Invalid username. Please choose one of: ${OTHER_USERS[*]}"
                    done
                    if [ $skip -eq 1 ]; then
                        break
                    fi
                    # delete by username, reassign by username
                    RUN="$WP_RUN user delete $ID --reassign=$REASSIGN --yes --skip-plugins --skip-themes"
                    eval "$RUN"
                    if [ $? -eq 0 ]; then
                        echo "$TARGET deleted (content reassigned to $REASSIGN)."
                    else
                        cat /home/$USER/web/$DOMAIN/wp-cli-error.log
                        echo "Failed to delete $TARGET."
                    fi
                else
                    echo "Deletion cancelled."
                fi
                break
                ;;
            [Cc]* )
                NEW_PASS=$(gen_pass)
                RUN="$WP_RUN user update $ID --user_pass=$NEW_PASS --skip-plugins --skip-themes"
                eval "$RUN"
                if [ $? -eq 0 ]; then
                    echo "Password for username '$TARGET' changed to: $NEW_PASS"
                    echo "Password for username '$TARGET' changed to: $NEW_PASS" >> /home/$USER/web/$DOMAIN/wp-admin-password-change.txt
                    chown $USER:$USER /home/$USER/web/$DOMAIN/wp-admin-password-change.txt
                    chmod 600 /home/$USER/web/$DOMAIN/wp-admin-password-change.txt
                else
                    cat /home/$USER/web/$DOMAIN/wp-cli-error.log
                    echo "Failed to change password for $TARGET."
                fi
                break
                ;;
            [Ss]* )
                echo "Skipping $TARGET."
                break
                ;;
            [Xx]* )
                echo "Exiting."
                exit 0
                ;;
            * ) echo "Please answer d, c, s, or x." ;;
        esac
    done
 done <<< "$ADMIN_LIST_CSV"
 if [ -f /home/$USER/web/$DOMAIN/wp-admin-password-change.txt ]; then
    echo ""
    echo ""
    echo "-------------------------------------"
    echo "For website $DOMAIN - new wp-admin passwords have been set."
    echo "-------------------------------------"
    cat /home/$USER/web/$DOMAIN/wp-admin-password-change.txt
    echo "-------------------------------------"
    echo ""
    echo ""
    read -r -p "Do you want to save the new passwords to a file /home/$USER/web/$DOMAIN/wp-admin-password-change.txt ? (y/n, default: n) " SAVE_PASSWORDS < /dev/tty
    if [ -z "$SAVE_PASSWORDS" ]; then
        SAVE_PASSWORDS="n"
    fi
    if [[ $SAVE_PASSWORDS =~ ^[Nn]$ ]]; then
        rm /home/$USER/web/$DOMAIN/wp-admin-password-change.txt
    fi
 fi
 #----------------------------------------------------------#
 #        flush cache and refresh all security salts        #
 #----------------------------------------------------------#
 echo "-------------------------------------"
 echo
 echo "Flushing cache and refreshing salts..."
 RUN="$WP_RUN cache flush"
 eval "$RUN"
 RUN="$WP_RUN config shuffle-salts WP_CACHE_KEY_SALT --force"
 eval "$RUN"
 RUN="$WP_RUN config shuffle-salts"
 eval "$RUN"
 echo "Cache flushed and salts refreshed."
 echo
 echo "Done."
 exit 0
--- a/bin/v-clean-garbage
+++ b/bin/v-clean-garbage
@ -1,10 +1,41 @@
 #!/bin/bash
 # info: Clean all unnecessary files like logs
 # options: NONE
 #
 # The function is cleaning all unnecessary files like logs
-nice -n 19 ionice -c 3 find /home/*/tmp/ -type f -delete
+#----------------------------------------------------------#
-find /home/ -name '.wp-cli' -type d -exec rm -rf {} \;
+#           Verifications & Variable & Function            #
 #----------------------------------------------------------#
-rm /var/backups/*
+whoami=$(whoami)
-rm /var/cache/apt/archives/*
+if [ "$whoami" != "root" ]; then
    echo "You must be root to execute this script"
    exit 1
 fi
 echo "===== Before cleaning ====="
 df -h
 echo "==========================="
 # Includes
 source /usr/local/vesta/func/main.sh
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
 # turn off tailf watcher process
 if [ -f "/usr/local/bin/tailf_apache_error.php" ]; then
    kill $(ps aux | grep 'tailf_apache_error' | grep -v "grep tailf_apache_error" | awk '{print $2}')
 fi
 if [ -f "/usr/local/bin/tailf_exim.php" ]; then
    kill $(ps aux | grep 'tailf_exim' | grep -v "grep tailf_exim" | awk '{print $2}')
 fi
 find /tmp/ -type f -mtime +7 -delete
 rm /var/backups/* > /dev/null 2>&1
 rm /var/cache/apt/archives/* > /dev/null 2>&1
 cd /var/log
 truncate -s 0 xferlog lastlog faillog btmp syslog;
 find /var/log/ -name "*.log" -not -path "/var/log/apt/*" -type f -exec truncate -s 0 {} \;
@ -19,18 +50,84 @@ find /var/log/ -type f -name "*.4" -delete
 find /var/log/ -type f -name "*.5" -delete
 find /var/log/ -type f -name "*.6" -delete
 find /var/log/ -type f -name "*.7" -delete
 find /var/log/ -type f -name "*.8" -delete
 find /var/log/ -type f -name "*.9" -delete
 find /var/log/ -name "*.gz" -type f -delete
 find /usr/local/vesta/log/ -type f -name "*.log" -exec truncate -s 0 {} \;
 find /usr/local/vesta/log/ -type f -not -name "*.log" -delete
 find /var/log/exim4/ -type f -exec truncate -s 0 {} \;
 truncate -s 0 /*.log > /dev/null 2>&1
 rm /panic-*.log > /dev/null 2>&1
 rm /var/log/panic-*.log > /dev/null 2>&1
-find /home/*/web/*/public_html/wp-content/aiowps_backups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
+clean_home() {
-find /home/*/web/*/public_html/wp-content/envato-backups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
+    nice -n 19 ionice -c 3 find $1/*/tmp/ -type f -delete > /dev/null 2>&1
-find /home/*/web/*/public_html/wp-content/ai1wm-backups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
+    find $1/ -name '.wp-cli' -type d -exec rm -rf {} \; > /dev/null 2>&1
-find /home/*/web/*/public_html/wp-content/wpvividbackups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
+    find $1/*/web/*/public_html/wp-content/aiowps_backups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete > /dev/null 2>&1
-find /home/*/web/*/public_html/wp-content/updraft/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
+    find $1/*/web/*/public_html/wp-content/envato-backups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete > /dev/null 2>&1
-find /home/*/web/*/public_html/ -type f -name "error_log" -exec truncate -s 0 {} \;
+    find $1/*/web/*/public_html/wp-content/ai1wm-backups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete > /dev/null 2>&1
-find /home/*/web/*/public_html/ -type f -name "error_log.txt" -exec truncate -s 0 {} \;
+    find $1/*/web/*/public_html/wp-content/wpvividbackups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete > /dev/null 2>&1
-find /home/ -type f -name "*.log" -exec truncate -s 0 {} \;
+    find $1/*/web/*/public_html/wp-content/updraft/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete > /dev/null 2>&1
    find $1/*/web/*/public_html/wp-content/plugins/ezpz-one-click-backup/backups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete > /dev/null 2>&1
    find $1/*/web/*/public_html/wp-content/backups-dup-lite/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete > /dev/null 2>&1
    find $1/*/web/*/public_html/wp-content/cache/ -type f -not -name ".htaccess" -delete > /dev/null 2>&1
    find $1/*/web/*/public_html/ -type f -name "*.wpress" -delete > /dev/null 2>&1
    nice -n 19 ionice -c 3 find $1/*/tmp/ -type f -mtime +1 -delete > /dev/null 2>&1
    nice -n 19 ionice -c 3 find $1/*/web/*/public_html/ -type f -name "error_log" -exec truncate -s 0 {} \;
    nice -n 19 ionice -c 3 find $1/*/web/*/public_html/ -type f -name "error_log.txt" -exec truncate -s 0 {} \;
    nice -n 19 ionice -c 3 find $1/ -type f -name "*.log" -exec truncate -s 0 {} \;
 }
-echo "=== Garbage cleaned ==="
+clean_home "/home"
 if [ -d "/hdd/home" ]; then
    clean_home "/hdd/home"
 fi
 # Cleaning fail2ban database
 fail2ban_running=$(/usr/local/vesta/bin/v-list-sys-services | grep 'fail2ban' | grep -c 'running')
 if [ $fail2ban_running -eq 1 ]; then
    systemctl stop fail2ban
 fi
 if [ -f "/var/lib/fail2ban/fail2ban.sqlite3" ]; then
    rm /var/lib/fail2ban/fail2ban.sqlite3
    if [ -f "/etc/nginx/conf.d/block.conf" ]; then
        truncate -s 0 /etc/nginx/conf.d/block.conf
        nginx_running=$(/usr/local/vesta/bin/v-list-sys-services | grep 'nginx' | grep -c 'running')
        if [ $nginx_running -eq 1 ]; then
            systemctl restart nginx
        fi
    fi
 fi
 if [ $fail2ban_running -eq 1 ]; then
    systemctl start fail2ban
 fi
 # turn on tailf watcher process
 if [ -f "/usr/local/bin/tailf_apache_error.php" ]; then
    nohup php /usr/local/bin/tailf_apache_error.php > /var/log/tailf_apache_error.log 2>&1 &
 fi
 if [ -f "/usr/local/bin/tailf_exim.php" ]; then
    nohup php /usr/local/bin/tailf_exim.php > /var/log/tailf_exim.log 2>&1 &
 fi
 exim_installed=$(/usr/local/vesta/bin/v-list-sys-services | grep -c 'exim')
 if [ $exim_installed -gt 0 ]; then
    systemctl restart exim4
 fi
 #----------------------------------------------------------#
 #                       Vesta                              #
 #----------------------------------------------------------#
 echo ""
 echo "***** Garbage cleaned *****"
 echo ""
 echo "===== After cleaning ======"
 df -h
 echo "==========================="
 log_event "$OK" "$ARGUMENTS"
 exit
--- a/bin/v-clear-fail2ban
+++ b/bin/v-clear-fail2ban
@ -0,0 +1,59 @@
 #!/bin/bash
 # info: Clean fail2ban database
 # options: NONE
 #
 # The function is cleaning fail2ban database
 #----------------------------------------------------------#
 #           Verifications & Variable & Function            #
 #----------------------------------------------------------#
 whoami=$(whoami)
 if [ "$whoami" != "root" ]; then
    echo "You must be root to execute this script"
    exit 1
 fi
 # check if fail2ban is installed
 fail2ban_installed=$(/usr/local/vesta/bin/v-list-sys-services | grep -c 'fail2ban')
 if [ $fail2ban_installed -eq 0 ]; then
    echo "Fail2ban is not installed"
    exit 1
 fi
 # Includes
 source /usr/local/vesta/func/main.sh
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
 # Cleaning fail2ban database
 fail2ban_running=$(/usr/local/vesta/bin/v-list-sys-services | grep 'fail2ban' | grep -c 'running')
 if [ $fail2ban_running -eq 1 ]; then
    echo "== Stopping fail2ban"
    systemctl stop fail2ban
 fi
 if [ -f "/var/lib/fail2ban/fail2ban.sqlite3" ]; then
    echo "== Cleaning fail2ban database"
    rm /var/lib/fail2ban/fail2ban.sqlite3
    if [ -f "/etc/nginx/conf.d/block.conf" ]; then
        echo "== Cleaning nginx block.conf"
        truncate -s 0 /etc/nginx/conf.d/block.conf
        nginx_running=$(/usr/local/vesta/bin/v-list-sys-services | grep 'nginx' | grep -c 'running')
        if [ $nginx_running -eq 1 ]; then
            echo "== Restarting nginx"
            systemctl restart nginx
        fi
    fi
 fi
 if [ $fail2ban_running -eq 1 ]; then
    echo "== Starting fail2ban"
    systemctl start fail2ban
 fi
 echo "== Done, fail2ban database cleaned"
 log_event "$OK" "$ARGUMENTS"
 exit
--- a/bin/v-clone-website
+++ b/bin/v-clone-website
@ -9,7 +9,7 @@
 if [ $# -lt 2 ]; then
    echo "USAGE: v-clone-website FROM_DOMAIN TO_DOMAIN"
    echo "Available parameters:"
-    echo "--DATABASE_SUFIX=... (default is '_migrated')"
+    echo "--DATABASE_SUFIX=... (will be added to database name)"
    echo "--TO_DATABASE=... (this will override --TO_DATABASE_NAME, --TO_DATABASE_USERNAME and --DATABASE_SUFIX)"
    echo "--FROM_DATABASE_NAME=..."
    echo "--FROM_DATABASE_USERNAME=..."
@ -20,6 +20,7 @@ if [ $# -lt 2 ]; then
    echo "--TO_DATABASE_USERNAME=..."
    echo "--TO_DATABASE_PASSWORD=..."
    echo "--SITE_SUBFOLDER=..."
    echo "--EXCLUDE_UPLOADS=1 (or do not set it)"
    exit 1
 fi
@ -42,6 +43,7 @@ source /etc/profile
 # Includes
 source /usr/local/vesta/func/main.sh
 source /usr/local/vesta/func/db.sh
 source /usr/local/vesta/conf/vesta.conf
 FROM_DATABASE_NAME=''
 FROM_DATABASE_USERNAME=''
@ -55,6 +57,10 @@ SITE_SUBFOLDER=''
 SEARCH_FOR_CONFIGS_DATABASE_NAME=''
 SEARCH_FOR_CONFIGS_DATABASE_USERNAME=''
 if [ ! -z "$MAX_DBUSER_LEN" ] && [ "$MAX_DBUSER_LEN" -ge 80  ]; then
    DATABASE_SUFIX=''
 fi
 #----------------------------------------------------------#
 #                    Verifications                         #
 #----------------------------------------------------------#
@ -174,6 +180,11 @@ fi
 TO_CONFIG_FILE_FULL_PATH="$TO_FOLDER/$FROM_CONFIG_FILE"
 if [ ! -z "$MAX_DBUSER_LEN" ] && [ "$MAX_DBUSER_LEN" -ge 80  ] && [ -z "$DATABASE_SUFIX" ]; then
    TO_DATABASE_NAME=$(echo "$TO_DOMAIN" | sed 's#\.#_#g')
    TO_DATABASE_NAME="${TO_USER}_$TO_DATABASE_NAME"
    TO_DATABASE_USERNAME=$TO_DATABASE_NAME
 else
    LENGTH_OF_DATABASE_SUFIX=${#DATABASE_SUFIX}
    if [ -z "$TO_DATABASE_NAME" ]; then
        LENGTH_OF_TO_DATABASE_NAME=${#FROM_DATABASE_NAME}
@ -201,6 +212,8 @@ if [ -z "$TO_DATABASE_USERNAME" ]; then
            TO_DATABASE_USERNAME="${TO_USER}_${FROM_DATABASE_USERNAME_WITHOUT_PREFIX}${DATABASE_SUFIX}"
        fi
    fi
 fi
 if [ ! -z "$TO_DATABASE" ]; then
    TO_DATABASE_USERNAME=$TO_DATABASE
    TO_DATABASE_NAME=$TO_DATABASE
@ -251,12 +264,12 @@ if [ $IT_IS_WP -eq 0 ]; then
        cd /root
        git clone https://github.com/interconnectit/Search-Replace-DB.git
    fi
 else
    if [ ! -f "/usr/local/bin/wp" ]; then
        echo "=== Downloading latest wp-cli"
        wget -nv https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar -O /usr/local/bin/wp
        chmod +x /usr/local/bin/wp
 fi
 CREATE_TO_DATABASE=0
 object=$(grep "DB='$TO_DATABASE_NAME'" $VESTA/data/users/$TO_USER/db.conf)
 if [ -z "$object" ]; then
    CREATE_TO_DATABASE=1
 fi
 # ----------- PRINT -------------
@ -287,6 +300,7 @@ echo "TO_DATABASE_USERNAME_WITHOUT_PREFIX   = $TO_DATABASE_USERNAME_WITHOUT_PREF
 echo "DATABASE_SUFIX        = $DATABASE_SUFIX"
 echo "CREATE_TO_USER        = $CREATE_TO_USER"
 echo "CREATE_TO_DOMAIN      = $CREATE_TO_DOMAIN"
 echo "CREATE_TO_DATABASE    = $CREATE_TO_DATABASE"
 echo "SHOULD_INSTALL_SSL    = $SHOULD_INSTALL_SSL"
 echo "FROM_DOMAIN_TPL       = $FROM_DOMAIN_TPL"
 echo "FROM_FPM_VER          = $FROM_FPM_VER"
@ -294,6 +308,7 @@ echo "FROM_DOMAIN_PROXY_TPL = $FROM_DOMAIN_PROXY_TPL"
 echo "FROM_DOMAIN_PROXY_EXT = $FROM_DOMAIN_PROXY_EXT"
 echo "SEARCH_FOR_CONFIGS_DATABASE_NAME     = $SEARCH_FOR_CONFIGS_DATABASE_NAME"
 echo "SEARCH_FOR_CONFIGS_DATABASE_USERNAME = $SEARCH_FOR_CONFIGS_DATABASE_USERNAME"
 echo "EXCLUDE_UPLOADS = $EXCLUDE_UPLOADS"
 echo "==============================================================================="
 read -p "=== Press Enter to continue ==="
@ -304,7 +319,7 @@ read -p "=== Press Enter to continue ==="
 if [ $CREATE_TO_USER -eq 1 ]; then
    pass=$(vesta_generate_pass 10)
    echo "=== Create user $TO_USER, pass=$pass"
-    /usr/local/vesta/bin/v-add-user "$TO_USER" "$pass" "info@$TO_DOMAIN" "default" "Migrated" "site"
+    /usr/local/vesta/bin/v-add-user "$TO_USER" "$pass" "info@$TO_DOMAIN" "default" "Cloned" "site"
 fi
 if [ $CREATE_TO_DOMAIN -eq 1 ]; then
@ -340,8 +355,7 @@ if [ ! -z "$FROM_DOMAIN_PROXY_TPL" ]; then
    /usr/local/vesta/bin/v-change-web-domain-proxy-tpl "$TO_USER" "$TO_DOMAIN" "$FROM_DOMAIN_PROXY_TPL" "$FROM_DOMAIN_PROXY_EXT" "yes"
 fi
-object=$(grep "DB='$TO_DATABASE_NAME'" $VESTA/data/users/$TO_USER/db.conf)
+if [ $CREATE_TO_DATABASE -eq 1 ]; then
 if [ -z "$object" ]; then
    echo "=== Create database $TO_DATABASE_NAME"
    /usr/local/vesta/bin/v-add-database "$TO_USER" "$TO_DATABASE_NAME_WITHOUT_PREFIX" "$TO_DATABASE_USERNAME_WITHOUT_PREFIX" "$TO_DATABASE_PASSWORD" 'mysql' 'localhost' 'utf8'
 fi
@ -352,17 +366,25 @@ if [ -d "/root/temp" ]; then
 fi
 mkdir -p /root/temp
 cd /root/temp
-mysqldump $FROM_DATABASE_NAME > $FROM_DATABASE_NAME.sql
+mysqldump --max_allowed_packet=1024M $FROM_DATABASE_NAME > $FROM_DATABASE_NAME.sql
 echo "=== Importing to database $TO_DATABASE_NAME"
 mysql $TO_DATABASE_NAME < $FROM_DATABASE_NAME.sql
 rm $FROM_DATABASE_NAME.sql
 EXCLUDE=''
 if [ ! -z "$EXCLUDE_UPLOADS" ]; then
    EXCLUDE="--exclude '/wp-content/uploads/*'"
 fi
 echo "=== Copying files from $FROM_FOLDER to folder $TO_FOLDER"
 if [ "$SITE_SUBFOLDER" != ".." ]; then
-    echo "====== Executing: rsync -a --delete $FROM_FOLDER/ $TO_FOLDER/"
+    run="rsync -a --delete $EXCLUDE $FROM_FOLDER/ $TO_FOLDER/"
-    rsync -a --delete $FROM_FOLDER/ $TO_FOLDER/
+    echo "====== Executing: $run"
    eval $run
 else
-    echo "====== Executing: rsync -a --delete --exclude 'logs/*' $FROM_FOLDER/ $TO_FOLDER/"
+    run="rsync -a --delete $EXCLUDE --exclude 'logs/*' $FROM_FOLDER/ $TO_FOLDER/"
-    rsync -a --delete --exclude 'logs/*' $FROM_FOLDER/ $TO_FOLDER/
+    echo "====== Executing: $run"
    eval $run
 fi
 echo "=== Chowning to $TO_USER:$TO_USER in folder $TO_FOLDER"
 chown -R $TO_USER:$TO_USER $TO_FOLDER
@ -401,21 +423,35 @@ if [ $IT_IS_WP -eq 0 ]; then
        php /root/Search-Replace-DB/srdb.cli.php -h localhost -n "$TO_DATABASE_NAME" -u "$TO_DATABASE_USERNAME" -p "$TO_DATABASE_PASSWORD" -s "/home/$FROM_USER/" -r "/home/$TO_USER/"
    fi
 else
    cd $TO_FOLDER
    if [ -d "wp-content/plugins/w3-total-cache" ]; then
        rm -f wp-content/object-cache.php
        rm -f wp-content/db.php
        rm -f wp-content/advanced-cache.php
        rm -rf wp-content/w3tc-config
        rm -rf wp-content/plugins/w3-total-cache
    fi
    echo "=== Replacing $FROM_DOMAIN to $TO_DOMAIN in database $TO_DATABASE_NAME"
-    sudo -H -u$TO_USER wp search-replace "$FROM_DOMAIN" "$TO_DOMAIN" --precise --all-tables --skip-columns=guid
+    /usr/local/vesta/bin/v-run-wp-cli $TO_DOMAIN search-replace "$FROM_DOMAIN" "$TO_DOMAIN" --precise --all-tables --skip-columns=guid --skip-plugins --skip-themes;
    if [ "$FROM_USER" != "$TO_USER" ]; then
        echo "=== Replacing /home/$FROM_USER/ to /home/$TO_USER/ in database $TO_DATABASE_NAME"
-        sudo -H -u$TO_USER wp search-replace "/home/$FROM_USER/" "/home/$TO_USER/" --precise --all-tables --skip-columns=guid
+        /usr/local/vesta/bin/v-run-wp-cli $TO_DOMAIN search-replace "/home/$FROM_USER/" "/home/$TO_USER/" --precise --all-tables --skip-columns=guid --skip-plugins --skip-themes;
    fi
    /usr/local/vesta/bin/v-run-wp-cli $TO_DOMAIN cache flush --skip-plugins --skip-themes;
    /usr/local/vesta/bin/v-run-wp-cli $TO_DOMAIN config shuffle-salts WP_CACHE_KEY_SALT --force --skip-plugins --skip-themes;
    /usr/local/vesta/bin/v-run-wp-cli $TO_DOMAIN config shuffle-salts --skip-plugins --skip-themes;
 fi
 # ----------- Update Wordfence WAF Path -------------
 # Path to .user.ini file in the new domain directory
 user_ini="/home/$TO_USER/web/$TO_DOMAIN/public_html/.user.ini"
 # Check if .user.ini exists
 if [ -f "$user_ini" ]; then
    echo "Updating .user.ini with new path..."
    # Change path from old domain to new domain
    sed -i "s|/home/.*/public_html|/home/$TO_USER/web/$TO_DOMAIN/public_html|g" $user_ini
    # Check if replacement was successful and update .user.ini
    if [ $? -eq 0 ]; then
        echo ".user.ini updated successfully."
    else
        echo "Failed to update .user.ini file."
    fi
    sudo -H -u$TO_USER wp cache flush
 fi
 echo "===== DONE ===="
--- a/bin/v-commander
+++ b/bin/v-commander
@ -0,0 +1,634 @@
 #!/bin/bash
 numargs=$#
 SHOWHEADER=0
 if [ $numargs -eq 0 ]; then
    SHOWHEADER=1
 fi
 if [ $numargs -eq 1 ] && [ "$1" = "q" ]; then
    SHOWHEADER=1
 fi
 source /etc/profile
 PATH=$PATH:/usr/local/vesta/bin && export PATH
 if [ $SHOWHEADER -eq 1 ]; then
    echo "======================= mvVesta-commander ================================"
 fi
 if [ -f /root/kernelupdate ]; then
    rm /root/kernelupdate
 fi
 apt_updated=0
 apt_upgraded=0
 quit_on_empty=0
 if [ $SHOWHEADER -eq 1 ]; then
    hostname
    if [ -f "/root/current-status.txt" ]; then
        echo "------------------ WAS LONG TIME AGO ------------------"
        cat /root/current-status.txt
        truncate -s 0 /root/current-status.txt
    fi
    echo -n 'Debian ' >> /root/current-status.txt && cat /etc/debian_version >> /root/current-status.txt
    php -v | grep '^PHP' >> /root/current-status.txt
    /usr/local/vesta/bin/v-list-sys-services >> /root/current-status.txt
    /usr/local/vesta/bin/v-list-sys-web-status | grep "Server MPM:" >> /root/current-status.txt
    w | grep 'load average' >> /root/current-status.txt
    df -h | grep "/$" >> /root/current-status.txt
    echo "------------------------ NOW ------------------------"
    cat /root/current-status.txt
    echo "-----------------------------------------------------"
    echo "(press 'h' for help)"
    echo ""
 fi
 check_status() {
    echo "=============================================================="
    hostname
    echo "------------------------ WAS ------------------------"
    cat /root/current-status.txt
    echo "------------------------ NOW ------------------------"
    hostname
    echo -n 'Debian ' && cat /etc/debian_version
    php -v | grep '^PHP'
    /usr/local/vesta/bin/v-list-sys-services
    /usr/local/vesta/bin/v-list-sys-web-status | grep "Server MPM:"
    w | grep 'load average'
    df -h | grep "/$"
    echo "-----------------------------------------------------"
 }
 myhelp() {
    echo "---------- Press: -----------"
    echo "a  = Activate Email rate limit"
    echo "b  = bash"
    echo "c  = check status"
    echo "d  = df -h"
    echo "e  = make sure Apache is in mpm_event"
    echo "f  = free -h"
    echo "g  = apt-get upgrade"
    echo "h  = help"
    echo "m  = install php-memcached"
    echo "p  = set version of php as default"
    echo "q  = quit"
    echo "r  = reboot"
    echo "s  = download sury.org apt-get key"
    echo "n  = download nginx gpg key"
    echo "freexian = add Freexian repository"
    echo "t  = clean the trash"
    echo "u  = apt-get update"
    echo "v  = update myVesta"
    echo "vo = update myVesta without 'apt-get update'"
    echo "w  = w"
    echo "-----------------------------"
    echo "inst v                = install myVesta"
    echo "inst p                = install multi-php"
    echo "inst pgw              = install php-gate"
    echo "inst r                = install new Roundcube"
    echo "inst memcached        = install memcached"
    echo "inst redis            = install Redis"
    echo "inst nginx-rate-limit = install nginx-rate-limit templates"
    echo "dis fb   = stop and disable fail2ban"
    echo "dis dove = stop and disable dovecot"
    echo "dis spam = stop and disable spamassassin"
    echo "dis clam = stop and disable ClamAV"
    echo "p 7.0    = set default php 7.0"
    echo "p 7.3    = set default php 7.3"
    echo "p 7.4    = set default php 7.4"
    echo "p def    = set proper default php"
    echo "e def    = set mpm_event if needed"
    echo "m def    = install php-memcached if needed"
    echo "check fc = check if FreshClam is up"
    echo "-----------------------------"
    echo "enable-ssh-root-password-login = Allow root password authentication via SSH"
    echo "id_rsa = generate id_rsa and id_rsa.pub if it does not exist and show id_rsa.pub"
    echo "-----------------------------"
 }
 apt_update() {
    echo "============================="
    echo "== running: apt-get update"
    release=$(cat /etc/debian_version | tr "." "\n" | head -n1)
    if [ "$release" -lt 10 ]; then
        apt-get update
    else
        apt-get update --allow-releaseinfo-change
    fi
    apt_updated=1
 }
 COUNTER=0
 HAS_PARAMETERS=0
 while true
 do
    COUNTER=$((COUNTER + 1))
    if [ $COUNTER -le $numargs ]; then
        HAS_PARAMETERS=1
        answer=$1
        shift
    else
        if [ $HAS_PARAMETERS -eq 1 ]; then
            exit;
        fi
        read -p 'What to do: ' answer
    fi
    if [ "$answer" = 'prompt' ] || [ "$answer" = 'PROMPT' ]; then
        echo "============================="
        echo "hostname: $HOSTNAME"
        read -p 'What to do [or press Enter to continue]: ' answer
    fi
    if [ "$answer" = '' ] && [ $quit_on_empty -eq 1 ]; then
        answer='q'
    fi
    if [ "$answer" = 'quit-on-empty' ]; then
        echo "== the script will quit on next enter"
        quit_on_empty=1
        HAS_PARAMETERS=0
    fi
    if [ "$answer" = 'a' ] || [ "$answer" = 'A' ]; then
    mv /etc/exim4/exim4.conf.template /etc/exim4/exim4.conf.template-backup
    cp /usr/local/vesta/install/debian/12/exim/exim4.conf.template /etc/exim4/exim4.conf.template
    touch /etc/exim4/limit_per_email_account_max_sent_emails_per_hour
    touch /etc/exim4/limit_per_email_account_max_recipients
    touch /etc/exim4/limit_per_hosting_account_max_sent_emails_per_hour
    touch /etc/exim4/limit_per_hosting_account_max_recipients
    check_grep=$(grep -c '#SPAMASSASSIN' /etc/exim4/exim4.conf.template-backup)
    if [ "$check_grep" -eq 0 ]; then
        sed -i "s|#SPAMASSASSIN|SPAMASSASSIN|g" /etc/exim4/exim4.conf.template
    fi
    check_grep=$(grep -c '#SPAM_SCORE' /etc/exim4/exim4.conf.template-backup)
    if [ "$check_grep" -eq 0 ]; then
        sed -i "s|#SPAM_SCORE|SPAM_SCORE|g" /etc/exim4/exim4.conf.template
    fi
    check_grep=$(grep -c '#CLAMD' /etc/exim4/exim4.conf.template-backup)
    if [ "$check_grep" -eq 0 ]; then
        sed -i "s|#CLAMD|CLAMD|g" /etc/exim4/exim4.conf.template
    fi
    systemctl restart exim4
    echo "Email rate limit activated."
    fi
    if [ "$answer" = 'u' ] || [ "$answer" = 'U' ]; then
        apt_update
    fi
    if [ "$answer" = 'g' ] || [ "$answer" = 'G' ]; then
        echo "============================="
        echo "== running: apt-get upgrade"
        if [ $apt_upgraded -eq 0 ]; then
            cp /var/log/apt/history.log /var/log/apt/history-`date +"%Y%m%d%H%M%S"`.log
            truncate -s 0 /var/log/apt/history.log
        fi
        apt-get -y --with-new-pkgs upgrade
        apt-get -y dist-upgrade
        apt_upgraded=1
        kernelupdate=$(grep -c 'linux-image-' /var/log/apt/history.log)
        dbusupdate=$(grep -c ' dbus:a' /var/log/apt/history.log)
        if [ $kernelupdate -gt 0 ] || [ $dbusupdate -gt 0 ] || [ -f "/run/reboot-required" ] || [ -f "/var/run/reboot-required" ]; then
            touch /root/kernelupdate
            echo "== kernel is updated, reboot is required!"
        fi
    fi
    if [ "$answer" = 'c' ] || [ "$answer" = 'C' ]; then
        check_status
    fi
    if [ "$answer" = 's' ] || [ "$answer" = 'S' ]; then
        if [ -f "/etc/apt/trusted.gpg.d/php.gpg" ]; then
            echo "============================="
            echo "== renewing sury.org gpg key"
            wget -nv -O /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg
        fi
    fi
    if [ "$answer" = 'n' ] || [ "$answer" = 'N' ]; then
        if [ -f "/etc/apt/sources.list.d/nginx.list" ]; then
            echo "============================="
            echo "== renewing nginx gpg key"
            apt-get update
            apt-get -y install curl gnupg2 ca-certificates lsb-release debian-archive-keyring
            curl https://nginx.org/keys/nginx_signing.key | gpg --dearmor | tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null
            echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] http://nginx.org/packages/debian `lsb_release -cs` nginx" | tee /etc/apt/sources.list.d/nginx.list
        fi
    fi
    if [ "$answer" = 'freexian' ] || [ "$answer" = 'FREEXIAN' ]; then
        if [ "$release" -lt 11 ]; then
            echo "============================="
            echo "== adding Freexian repository"
            apt-get update
            apt-get install lsb-release
            wget https://deb.freexian.com/extended-lts/pool/main/f/freexian-archive-keyring/freexian-archive-keyring_2022.06.08_all.deb && sudo dpkg -i freexian-archive-keyring_2022.06.08_all.deb
            cat /etc/apt/sources.list
            mv /etc/apt/sources.list /etc/apt/sources.list.old
            echo "deb http://deb.freexian.com/extended-lts `lsb_release -cs` main contrib non-free" > /etc/apt/sources.list
            rm /etc/apt/sources.list.d/hetzner*
        else
            echo "== Freexian is not supported on Debian 11 or higher"
        fi
    fi
    if [ "$answer" = 'e def' ] || [ "$answer" = 'E DEF' ]; then
        release=$(cat /etc/debian_version | tr "." "\n" | head -n1)
        echo "============================="
        echo "== checking if we need mpm_event mode"
        echo "== detected Debian $release"
        if [ "$release" -eq 10 ] || [ "$release" -eq 11 ] || [ -f "/root/switch-apache-to-event-mode.sh" ]; then
            isevent=$(/usr/local/vesta/bin/v-list-sys-web-status | grep -c "Server MPM: event")
            if [ $isevent -eq 0 ]; then
                echo "== Apache should be switched to mpm_event mode"
                answer='e'
            else
                echo "== Apache is already in mpm_event mode"
            fi
        fi
    fi
    if [ "$answer" = 'e' ] || [ "$answer" = 'E' ]; then
        echo "============================="
        echo "== switching to mpm_event mode"
        apt-get -y remove libapache2-mod-php*
        a2dismod ruid2
        a2dismod suexec
        a2dismod php5.6
        a2dismod php7.0
        a2dismod php7.1
        a2dismod php7.2
        a2dismod php7.3
        a2dismod php7.4
        a2dismod php8.0
        a2dismod php8.1
        a2dismod php8.2
        a2dismod mpm_prefork
        a2enmod mpm_event
        systemctl restart apache2
    fi
    if [ "$answer" = 'dis fb' ] || [ "$answer" = 'DIS FB' ]; then
        echo "============================="
        echo "== disabling fail2ban"
        systemctl stop fail2ban
        systemctl disable fail2ban
        systemctl status fail2ban
    fi
    if [ "$answer" = 'dis dove' ] || [ "$answer" = 'DIS DOVE' ]; then
        echo "============================="
        echo "== disabling dovecot"
        systemctl stop dovecot.service
        systemctl stop dovecot.socket
        systemctl disable dovecot.service
    fi
    if [ "$answer" = 'dis clam' ] || [ "$answer" = 'DIS CLAM' ]; then
        echo "============================="
        echo "== disabling ClamAV"
        systemctl stop clamav-daemon.service
        systemctl disable clamav-daemon.service
        systemctl stop clamav-daemon.socket
        systemctl disable clamav-daemon.socket
        systemctl stop clamav-freshclam.service
        systemctl disable clamav-freshclam.service
        sed -i "s/^CLAMD =/#CLAMD =/g" /etc/exim4/exim4.conf.template
        systemctl restart exim4
    fi
    if [ "$answer" = 'dis spam' ] || [ "$answer" = 'DIS SPAM' ]; then
        echo "============================="
        echo "== disabling SpamAssassin"
        release=$(cat /etc/debian_version | tr "." "\n" | head -n1)
        if [ "$release" -lt 12 ]; then
            systemctl stop spamassassin.service
            systemctl disable spamassassin.service
        else
            systemctl stop spamd.service
            systemctl disable spamd.service
        fi
        sed -i "s/^SPAMASSASSIN =/#SPAMASSASSIN =/g" /etc/exim4/exim4.conf.template
        sed -i "s/^SPAM_SCORE =/#SPAM_SCORE =/g" /etc/exim4/exim4.conf.template
        systemctl restart exim4
    fi
    if [ "$answer" = 'p' ] || [ "$answer" = 'P' ]; then
        echo "============================="
        echo "== changing default php version"
        update-alternatives --config php
        echo "--- NEW ---"
        php -v | grep '^PHP'
    fi
    if [ "$answer" = 'p 7.0' ] || [ "$answer" = 'P 7.0' ]; then
        echo "============================="
        echo "== changing default php version to 7.0"
        update-alternatives --set php /usr/bin/php7.0
        echo "--- NEW ---"
        php -v | grep '^PHP'
    fi
    if [ "$answer" = 'p 7.3' ] || [ "$answer" = 'P 7.3' ]; then
        echo "============================="
        echo "== changing default php version to 7.3"
        update-alternatives --set php /usr/bin/php7.3
        echo "--- NEW ---"
        php -v | grep '^PHP'
    fi
    if [ "$answer" = 'p 7.4' ] || [ "$answer" = 'P 7.4' ]; then
        echo "============================="
        echo "== changing default php version to 7.4"
        update-alternatives --set php /usr/bin/php7.4
        echo "--- NEW ---"
        php -v | grep '^PHP'
    fi
    if [ "$answer" = 'p def' ] || [ "$answer" = 'P DEF' ]; then
        echo "============================="
        echo "== checking if we need to change default php version"
        automode=$(update-alternatives --display php | grep -c 'auto mode')
        echo "============================="
        if [ $automode -ge 1 ]; then
            echo "=== php auto mode detected"
            release=$(cat /etc/debian_version | tr "." "\n" | head -n1)
            echo "== detected Debian $release"
            if [ "$release" -eq 8 ]; then
                echo "== set default php 5"
                update-alternatives --set php /usr/bin/php5
            fi
            if [ "$release" -eq 9 ]; then
                echo "== set default php 7.0"
                update-alternatives --set php /usr/bin/php7.0
            fi
            if [ "$release" -eq 10 ]; then
                echo "== set default php 7.3"
                update-alternatives --set php /usr/bin/php7.3
            fi
            if [ "$release" -eq 11 ]; then
                echo "== set default php 7.4"
                update-alternatives --set php /usr/bin/php7.4
            fi
            echo "--- NEW ---"
            php -v | grep '^PHP'
        else
            echo "== php is already in manual mode"
            php -v | grep '^PHP'
        fi
    fi
    if [ "$answer" = 'v' ] || [ "$answer" = 'V' ]; then
        echo "============================="
        echo "== updating myVesta"
        if [ -f "/usr/local/vesta/bin/v-update-myvesta" ]; then
            /usr/local/vesta/bin/v-update-myvesta
        else
            number_of_files=$(ls /var/cache/apt/archives/vesta_.* 2>/dev/null | wc -l)
            if [ $number_of_files -gt 0 ]; then
                rm /var/cache/apt/archives/vesta_* > /dev/null 2>&1
            fi
            apt-get update -o Dir::Etc::sourcelist="sources.list.d/vesta.list" -o Dir::Etc::sourceparts="-" -o APT::Get::List-Cleanup="0"  > /usr/local/vesta/log/update-$package.log 2>&1
            apt-get install --reinstall vesta
        fi
    fi
    if [ "$answer" = 'vo' ] || [ "$answer" = 'VO' ]; then
        echo "============================="
        echo "== updating myVesta (without 'apt-get update')"
        number_of_files=$(ls /var/cache/apt/archives/vesta_.* 2>/dev/null | wc -l)
        if [ $number_of_files -gt 0 ]; then
            rm /var/cache/apt/archives/vesta_* > /dev/null 2>&1
        fi
        apt-get install --reinstall vesta
    fi
    if [ "$answer" = 'vor' ] || [ "$answer" = 'VOR' ]; then
        echo "============================="
        echo "== updating myVesta (without apt-get update and without reinstall)"
        number_of_files=$(ls /var/cache/apt/archives/vesta_.* 2>/dev/null | wc -l)
        if [ $number_of_files -gt 0 ]; then
            rm /var/cache/apt/archives/vesta_* > /dev/null 2>&1
        fi
        apt-get install vesta
    fi
    if [ "$answer" = 't' ] || [ "$answer" = 'T' ]; then
        echo "============================="
        echo "== cleaning trash"
        df -m
        echo "------"
        ps -Af | grep tailf | grep -v "grep tailf"
        echo "------"
        /usr/local/vesta/bin/v-clean-garbage
        echo "--------------"
        df -m
        echo "--------------"
        ps -Af | grep tailf | grep -v "grep tailf"
    fi
    if [ "$answer" = 'm def' ] || [ "$answer" = 'M DEF' ]; then
        phpupdate=$(grep -c 'php' /var/log/apt/history.log)
        if [ $phpupdate -gt 0 ]; then
            answer='m'
        fi
    fi
    if [ "$answer" = 'm' ] || [ "$answer" = 'M' ]; then
        echo "============================="
        echo "== installing php-memcache modules"
        apt-get install -y $(systemctl --full --type service --all | grep "php...-fpm" | sed 's#●##g' | awk '{print $1}' | cut -c1-6 | xargs -n 1 printf "%s-memcache ")
        apt-get install -y $(systemctl --full --type service --all | grep "php...-fpm" | sed 's#●##g' | awk '{print $1}' | cut -c1-6 | xargs -n 1 printf "%s-memcached ")
    fi
    if [ "$answer" = 'd' ] || [ "$answer" = 'D' ]; then
        echo "============================="
        echo "== running: df -h"
        df -h
    fi
    if [ "$answer" = 'f' ] || [ "$answer" = 'F' ]; then
        echo "============================="
        echo "== running: free -h"
        free -h
    fi
    if [ "$answer" = 'w' ] || [ "$answer" = 'W' ]; then
        echo "== running: free -h"
        w
    fi
    if [ "$answer" = 'inst p' ] || [ "$answer" = 'INST P' ]; then
        echo "============================="
        echo "== installing new PHP versions"
        cd /root
        wget -nv -O /root/vesta-inst-php.sh https://c.myvestacp.com/tools/multi-php-install.sh
        chmod u+x ./vesta-inst-php.sh
        mcedit ./vesta-inst-php.sh
        sudo ./vesta-inst-php.sh
    fi
    if [ "$answer" = 'inst pgw' ] || [ "$answer" = 'INST PGW' ]; then
        echo "============================="
        echo "== Installing phpgate"
        wget -nv http://dl.myvestacp.com/vesta/install-phpgate.sh -O /root/install-phpgate.sh
        chmod u+x /root/install-phpgate.sh
        /root/install-phpgate.sh
    fi
    if [ "$answer" = 'inst memcache' ] || [ "$answer" = 'inst memcached' ] || [ "$answer" = 'INST MEMCACHE' ] || [ "$answer" = 'INST MEMCACHED' ]; then
        echo "============================="
        echo "== Installing memcached"
        memory=$(grep 'MemTotal' /proc/meminfo |tr ' ' '\n' |grep [0-9])
        apt-get update
        apt-get -y install memcached 
        apt-get -y install $(systemctl --full --type service --all | grep "php...-fpm" | sed 's#●##g' | awk '{print $1}' | cut -c1-6 | xargs -n 1 printf "%s-memcache ")
        apt-get -y install $(systemctl --full --type service --all | grep "php...-fpm" | sed 's#●##g' | awk '{print $1}' | cut -c1-6 | xargs -n 1 printf "%s-memcached ")
        if [ $memory -lt 15000000 ]; then
            sed -i "s/-m 64/-m 256/" /etc/memcached.conf
        else
            sed -i "s/-m 64/-m 1024/" /etc/memcached.conf
        fi
        systemctl restart memcached
        echo "== memcached installed."
        echo "-----------------------"
    fi
    if [ "$answer" = 'inst redis' ] || [ "$answer" = 'INST REDIS' ]; then
        echo "============================="
        echo "== Installing Redis"
        memory=$(grep 'MemTotal' /proc/meminfo |tr ' ' '\n' |grep [0-9])
        apt-get update
        apt-get install -y redis-server
        apt-get install $(systemctl --full --type service --all | grep "php...-fpm" | sed 's#●##g' | awk '{print $1}' | cut -c1-6 | xargs -n 1 printf "%s-redis ")
        sed -i "s|^supervised no|supervised systemd|g" /etc/redis/redis.conf
        sed -i "s|^save |# save |g" /etc/redis/redis.conf
        sed -i 's|^# save ""|save ""|g' /etc/redis/redis.conf
        if [ $memory -lt 15000000 ]; then
            sed -i "s|^# maxmemory .*|maxmemory 256m|g" /etc/redis/redis.conf
        else
            sed -i "s|^# maxmemory .*|maxmemory 1g|g" /etc/redis/redis.conf
        fi
        sed -i "s|^# maxmemory-policy .*|maxmemory-policy allkeys-lru|g" /etc/redis/redis.conf
        systemctl restart redis
        redis-cli info memory
        echo "== Redis installed."
        echo "-------------------"
    fi
    if [ "$answer" = 'inst nginx-rate-limit' ] || [ "$answer" = 'INST NGINX-RATE-LIMIT' ]; then
        echo "============================="
        echo "== Installing inst nginx-rate-limit templates"
        curl -O https://c.myvestacp.com/tools/rate-limit-tpl/install_rate_limit_tpl.sh
        bash install_rate_limit_tpl.sh
        echo "== nginx-rate-limit templates installed."
        echo "-------------------"
    fi
    if [ "$answer" = 'check fc' ] || [ "$answer" = 'CHECK FC' ]; then
        echo "== Checking if FreshClam is up"
        clamavup=$(/usr/local/vesta/bin/v-list-sys-services | grep 'clamav-daemon' | grep -c 'running')
        freshclamdown=$(/usr/local/vesta/bin/v-list-sys-services | grep 'clamav-freshclam' | grep -c 'off')
        if [ $clamavup -eq 1 ] && [ $freshclamdown -eq 1 ]; then
            echo "== Starting FreshClam"
            systemctl enable clamav-freshclam.service
            systemctl start clamav-freshclam.service
        fi
    fi
    if [ "$answer" = 'enable-ssh-root-password-login' ] || [ "$answer" = 'ENABLE-SSH-ROOT-PASSWORD-LOGIN' ]; then
        sed -i "s|^PermitRootLogin .*|PermitRootLogin yes|g" /etc/ssh/sshd_config
        sed -i "s|^#PermitRootLogin .*|PermitRootLogin yes|g" /etc/ssh/sshd_config
        systemctl restart sshd
        echo "--- New settings ---"
        grep '^PermitRoot' /etc/ssh/sshd_config
        echo "--------------------"
        echo "Port 22 opened in Firewall for all IP addresses."
        /usr/local/vesta/bin/v-unsuspend-firewall-rule "11"
        echo "--------------------"
        echo "Type 'passwd' in the terminal to set the root password."
        echo "--------------------"
    fi
    if [ "$answer" = 'r' ] || [ "$answer" = 'R' ]; then
        echo "============================="
        echo "== Rebooting the server"
        reboot
    fi
    if [ "$answer" = 'b' ] || [ "$answer" = 'B' ]; then
        echo "============================="
        echo "== Running bash"
        bash
    fi
    if [ "$answer" = 'q' ] || [ "$answer" = 'Q' ]; then
        echo "============================="
        echo "== Exiting... bye bye :)"
        exit 0
    fi
    if [ "$answer" = 'h' ] || [ "$answer" = 'H' ]; then
        myhelp
    fi
    if [ "$answer" = 'inst v' ] || [ "$answer" = 'INST V' ]; then
        echo "============================="
        echo "== installing myVesta"
        release=$(cat /etc/debian_version | tr "." "\n" | head -n1)
        if [ "$release" -lt 10 ]; then
            apt-get update
        else
            apt-get update --allow-releaseinfo-change
        fi
        apt-get -y --with-new-pkgs upgrade && apt-get -y dist-upgrade
        apt-get -y install curl wget mc git sudo dnsutils screen
        cd ~
        curl -O http://c.myvestacp.com/vst-install-debian.sh
        sudo bash vst-install-debian.sh
        source /etc/profile
        PATH=$PATH:/usr/local/vesta/bin && export PATH
    fi
    if [ "$answer" = 'inst r' ] || [ "$answer" = 'INST R' ]; then
        echo "============================="
        echo "== Installing new Roundcube"
        wget -nv https://c.myvestacp.com/tools/install-new-roundcube.sh -O /root/install-new-roundcube.sh
        chmod u+x /root/install-new-roundcube.sh
        mcedit /root/install-new-roundcube.sh
        /root/install-new-roundcube.sh
    fi
    if [ "$answer" = 'id_rsa' ] || [ "$answer" = 'ID_RSA' ]; then
        if [ ! -f "/root/.ssh/id_rsa.pub" ]; then
            ssh-keygen -q -t rsa -N '' -C "$HOSTNAME" -b 4096 -f /root/.ssh/id_rsa 2>/dev/null <<< y >/dev/null
        fi
        echo "=== YOUR id_rsa.pub IS BELOW ==="
        cat /root/.ssh/id_rsa.pub
        echo "======"
    fi
 done
--- a/bin/v-delete-database-of-domain
+++ b/bin/v-delete-database-of-domain
@ -0,0 +1,69 @@
 #!/bin/bash
 # info: delete database if domain has database
 # options: DOMAIN
 #
 # The function for deleting database if domain has database
 #----------------------------------------------------------#
 #                    Variable&Function                     #
 #----------------------------------------------------------#
 whoami=$(whoami)
 if [ "$whoami" != "root" ]; then
    echo "You must be root to execute this script"
    exit 1
 fi
 # Importing system environment
 source /etc/profile
 # Argument definition
 domain=$1
 user=$(/usr/local/vesta/bin/v-search-domain-owner $domain)
 USER=$user
 # Includes
 source /usr/local/vesta/func/main.sh
 if [ -z "$user" ]; then
    check_result $E_NOTEXIST "domain $domain doesn't exist"
 fi
 #----------------------------------------------------------#
 #                    Verifications                         #
 #----------------------------------------------------------#
 check_args '1' "$#" 'DOMAIN'
 is_format_valid 'domain'
 is_object_valid 'user' 'USER' "$user"
 is_object_unsuspended 'user' 'USER' "$user"
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
 RET=$OK
 # echo "================================="
 r=$(/usr/local/vesta/bin/v-get-database-credentials-of-domain $domain)
 # echo $r
 eval $r
 # echo "================================="
 if [ ! -z "$DATABASE_NAME" ]; then
    echo "=== v-delete-database $USER $DATABASE_NAME"
    /usr/local/vesta/bin/v-delete-database $USER $DATABASE_NAME
    if [ $? -ne 0 ]; then
        echo "=== v-delete-database failed"
        RET=$E_NOTEXIST
    fi
 fi
 #----------------------------------------------------------#
 #                       Vesta                              #
 #----------------------------------------------------------#
 log_event "$RET" "$ARGUMENTS"
 exit
--- a/bin/v-delete-domain
+++ b/bin/v-delete-domain
@ -37,9 +37,10 @@ is_object_unsuspended 'user' 'USER' "$user"
 if [ ! -z "$WEB_SYSTEM" ]; then
    str=$(grep "DOMAIN='$domain'" $USER_DATA/web.conf)
    if [  ! -z "$str" ]; then
        $BIN/v-delete-database-of-domain $domain
        domain_found='yes'
        $BIN/v-delete-web-domain $user $domain 'no'
-        check_result $? "can't suspend web" > /dev/null
+        check_result $? "can't delete web" > /dev/null
    fi
 fi
@ -49,7 +50,7 @@ if [ ! -z "$DNS_SYSTEM" ]; then
    if [  ! -z "$str" ]; then
        domain_found='yes'
        $BIN/v-delete-dns-domain $user $domain 'no'
-        check_result $? "can't suspend dns" > /dev/null
+        check_result $? "can't delete dns" > /dev/null
    fi
 fi
@ -59,7 +60,7 @@ if [ ! -z "$MAIL_SYSTEM" ]; then
    if [  ! -z "$str" ]; then
        domain_found='yes'
        $BIN/v-delete-mail-domain $user $domain
-        check_result $? "can't suspend mail" > /dev/null
+        check_result $? "can't delete mail" > /dev/null
    fi
 fi
--- a/bin/v-delete-firewall-ban
+++ b/bin/v-delete-firewall-ban
@ -53,6 +53,11 @@ $iptables -D fail2ban-$chain $b 2>/dev/null
 # Changing permissions
 chmod 660 $conf
 # nginx deny rules conf
 if [ "$chain" = "WEB" ] && [ -f "/etc/nginx/conf.d/block.conf" ]; then
    sed -i "/deny $ip;/d" /etc/nginx/conf.d/block.conf
    systemctl reload nginx
 fi
 #----------------------------------------------------------#
 #                       Vesta                              #
--- a/bin/v-delete-firewall-rule
+++ b/bin/v-delete-firewall-rule
@ -34,12 +34,21 @@ is_object_valid '../../data/firewall/rules' 'RULE' "$rule"
 #                       Action                             #
 #----------------------------------------------------------#
 oldvalues=$(grep "RULE='$rule'" $VESTA/data/firewall/rules.conf)
 # Deleting rule
 sed -i "/RULE='$rule' /d" $VESTA/data/firewall/rules.conf
 # Updating system firewall
 $BIN/v-update-firewall
 if [ "$WEB_SYSTEM" == 'nginx' ] || [ "$PROXY_SYSTEM" == 'nginx' ]; then
    parse_object_kv_list_non_eval "$oldvalues"
    if [ "$PORT" == "80,443" ] && [ "$ACTION" == "DROP" ]; then
        sed -i "\#$IP#d" /etc/nginx/conf.d/block-firewall.conf
        systemctl restart nginx
    fi
 fi
 #----------------------------------------------------------#
 #                       Vesta                              #
--- a/bin/v-delete-inactive-wordpress-plugins-and-themes
+++ b/bin/v-delete-inactive-wordpress-plugins-and-themes
@ -0,0 +1,165 @@
 #!/bin/bash
 # info: delete inactive WordPress plugins and themes
 # options: DOMAIN
 #----------------------------------------------------------#
 #                    Variable & Function                   #
 #----------------------------------------------------------#
 [ "$(whoami)" != "root" ] && { echo "You must be root to run this command."; exit 1; }
 source /etc/profile
 DOMAIN="$1"
 [ -z "$DOMAIN" ] && { echo "Usage: v-delete-inactive-wordpress-plugins-and-themes DOMAIN"; exit 1; }
 USER="$(/usr/local/vesta/bin/v-search-domain-owner "$DOMAIN")"
 [ -z "$USER" ] && { echo "Domain $DOMAIN does not exist."; exit 1; }
 WP_PATH="/home/$USER/web/$DOMAIN/public_html"
 [ ! -f "$WP_PATH/wp-config.php" ] && { echo "WordPress is not installed on this domain."; exit 1; }
 # WP-CLI wrapper
 if [ ! -z "$PHP" ]; then
    WP_RUN="PHP=$PHP /usr/local/vesta/bin/v-run-wp-cli $DOMAIN --skip-plugins --skip-themes"
 else
    WP_RUN="/usr/local/vesta/bin/v-run-wp-cli $DOMAIN --skip-plugins --skip-themes"
 fi
 quarantined=0;
 #----------------------------------------------------------#
 #                         Action                           #
 #----------------------------------------------------------#
 cd "$WP_PATH" || exit 1
 echo "Inactive WordPress plugins for $DOMAIN:"
 echo "-------------------------------------"
 RUN="$WP_RUN plugin list --format=csv --skip-plugins --skip-themes"
 PLUGINS_LIST_CSV=$(eval "$RUN")
 return_code=$?
 if [ $return_code -ne 0 ]; then
    echo "WP-CLI error:"
    echo "return code: $return_code"
    cat /home/$USER/web/$DOMAIN/wp-cli-error.log
    exit $return_code
 fi
 PLUGINS_LIST_CSV=$(echo "$PLUGINS_LIST_CSV" | tail -n +2)
 DEACTIVATED_PLUGINS_LIST_CSV=""
 if [ ! -z "$PLUGINS_LIST_CSV" ]; then
    printf "%-30s %-20s %-20s %-20s %-20s %-20s\n" "name" "status" "update" "version" "update_version" "auto_update"
    while IFS=',' read -r NAME STATUS UPDATE VERSION UPDATE_VERSION AUTO_UPDATE; do
        if [ "$STATUS" = "inactive" ]; then
            printf "%-30s %-20s %-20s %-20s %-20s %-20s\n" "$NAME" "$STATUS" "$UPDATE" "$VERSION" "$UPDATE_VERSION" "$AUTO_UPDATE"
            DEACTIVATED_PLUGINS_LIST_CSV="$DEACTIVATED_PLUGINS_LIST_CSV\n$NAME"
        fi
    done <<< "$PLUGINS_LIST_CSV"
 else
    echo "No plugins found."
 fi
 if [ ! -z "$DEACTIVATED_PLUGINS_LIST_CSV" ]; then
    echo ""
    read -r -p "Do you want to move inactive plugins to quarantine? (y/n, default: y): " RESPONSE < /dev/tty
    if [ "$RESPONSE" == "y" ] || [ "$RESPONSE" == "Y" ] || [ -z "$RESPONSE" ]; then
        while IFS=',' read -r NAME STATUS UPDATE VERSION UPDATE_VERSION AUTO_UPDATE; do
            if [ "$STATUS" = "inactive" ]; then
                folder="/home/$USER/web/$DOMAIN/public_html/wp-content/plugins/$NAME"
                file="/home/$USER/web/$DOMAIN/public_html/wp-content/plugins/$NAME.php"
                if [ -d "$folder" ] || [ -f "$file" ]; then
                    destination_base_folder="/srv/wp-deactivated-plugins/$DOMAIN"
                    if [ -d "$folder" ]; then
                        source_path="$folder"
                        destination_path="$destination_base_folder/$NAME"
                    elif [ -f "$file" ]; then
                        source_path="$file"
                        destination_path="$destination_base_folder/$NAME.php"
                    fi
                    mkdir -p $destination_base_folder
                    chown $USER:$USER $destination_base_folder
                    mv $source_path $destination_path
                    if [ -d "$destination_path" ]; then
                        echo "= Folder $source_path moved to $destination_path"
                        quarantined=1;
                    fi
                    if [ -f "$destination_path" ]; then
                        echo "= File $source_path moved to $destination_path"
                        quarantined=1;
                    fi
                else
                    echo "=== ERROR: Folder $folder or file $file not found - it does not exist?"
                fi
            fi
        done <<< "$PLUGINS_LIST_CSV"
    fi
 fi
 echo ""
 echo "Inactive WordPress themes for $DOMAIN:"
 echo "-------------------------------------"
 RUN="$WP_RUN theme list --format=csv --skip-plugins --skip-themes"
 THEMES_LIST_CSV=$(eval "$RUN")
 return_code=$?
 if [ $return_code -ne 0 ]; then
    echo "WP-CLI error:"
    echo "return code: $return_code"
    cat /home/$USER/web/$DOMAIN/wp-cli-error.log
    exit $return_code
 fi
 THEMES_LIST_CSV=$(echo "$THEMES_LIST_CSV" | tail -n +2)
 DEACTIVATED_THEMES_LIST_CSV=""
 if [ ! -z "$THEMES_LIST_CSV" ]; then
    printf "%-30s %-20s %-20s %-20s %-20s %-20s\n" "name" "status" "update" "version" "update_version" "auto_update"
    while IFS=',' read -r NAME STATUS UPDATE VERSION UPDATE_VERSION AUTO_UPDATE; do
        if [ "$STATUS" = "inactive" ]; then
            printf "%-30s %-20s %-20s %-20s %-20s %-20s\n" "$NAME" "$STATUS" "$UPDATE" "$VERSION" "$UPDATE_VERSION" "$AUTO_UPDATE"
            DEACTIVATED_THEMES_LIST_CSV="$DEACTIVATED_THEMES_LIST_CSV\n$NAME"
        fi
    done <<< "$THEMES_LIST_CSV"
 else
    echo "No themes found."
 fi
 if [ ! -z "$DEACTIVATED_THEMES_LIST_CSV" ]; then
    echo ""
    read -r -p "Do you want to move inactive themes to quarantine? (y/n, default: y): " RESPONSE < /dev/tty
    if [ "$RESPONSE" == "y" ] || [ "$RESPONSE" == "Y" ] || [ -z "$RESPONSE" ]; then
        while IFS=',' read -r NAME STATUS UPDATE VERSION UPDATE_VERSION AUTO_UPDATE; do
            if [ "$STATUS" = "inactive" ]; then
                folder="/home/$USER/web/$DOMAIN/public_html/wp-content/themes/$NAME"
                if [ -d "$folder" ]; then
                    destination_base_folder="/srv/wp-deactivated-themes/$DOMAIN"
                    source_path="$folder"
                    destination_path="$destination_base_folder/$NAME"
                    mkdir -p $destination_base_folder
                    chown $USER:$USER $destination_base_folder
                    mv $source_path $destination_path
                    if [ -d "$destination_path" ]; then
                        echo "= Folder $source_path moved to $destination_path"
                        quarantined=1;
                    fi
                else
                    echo "=== ERROR: Folder $folder not found - it does not exist?"
                fi
            fi
        done <<< "$THEMES_LIST_CSV"
    fi
 fi
 echo ""
 if [ $quarantined -eq 1 ]; then
    echo "= All deactivated plugins and themes moved to quarantine."
    echo "= You can find them in /srv/wp-deactivated-plugins/$DOMAIN and /srv/wp-deactivated-themes/$DOMAIN"
 else
    echo "= No deactivated plugins or themes found."
 fi
 exit 0;
--- a/bin/v-delete-mail-domain
+++ b/bin/v-delete-mail-domain
@ -51,6 +51,9 @@ if [[ "$MAIL_SYSTEM" =~ exim ]]; then
    rm -f /etc/$MAIL_SYSTEM/domains/$domain_idn
    rm -rf $HOMEDIR/$user/conf/mail/$domain
    rm -rf $HOMEDIR/$user/mail/$domain_idn
    if [ -d "/hdd/home/$user/mail/$domain_idn" ]; then
        rm -rf /hdd/home/$user/mail/$domain_idn
    fi
 fi
 # Deleting dkim dns record
--- a/bin/v-delete-mail-domain-dkim
+++ b/bin/v-delete-mail-domain-dkim
@ -48,7 +48,7 @@ fi
 # Deleting dns record
 if [ ! -z "$DNS_SYSTEM" ] && [ -e "$USER_DATA/dns/$domain.conf" ]; then
    records=$($BIN/v-list-dns-records $user $domain plain)
-    dkim_records=$(echo "$records" |grep -w '_domainkey' | cut -f 1 -d ' ')
+    dkim_records=$(echo "$records" |grep -w '_domainkey' | awk '{print $1}')
    for id in $dkim_records; do
        $BIN/v-delete-dns-record $user $domain $id
    done
--- a/bin/v-delete-mails
+++ b/bin/v-delete-mails
@ -0,0 +1,127 @@
 #!/bin/bash
 # info: delete old emails (by mtime) for user/domain/account, with optional scope
 # usage:   v-delete-mails USER DOMAIN ACCOUNT MTIME_DAYS|all SCOPE
 # SCOPE:   all    – clean every Maildir folder (cur, new, tmp, custom subfolders)
 #          trash  – clean only Trash/Junk/Spam folders
 # load Vesta functions & config
 source "$VESTA/func/main.sh"
 source "$VESTA/conf/vesta.conf"
 # read arguments
 user="$1"
 domain="$2"
 account="$3"
 mtime="$4"
 scope="$5"
 # verify argument count
 check_args '5' "$#" 'USER DOMAIN ACCOUNT MTIME_DAYS|all SCOPE'
 # validate scope
 if [[ "$scope" != "all" && "$scope" != "trash" ]]; then
  echo "ERROR: SCOPE must be 'all' or 'trash'."
  exit 1
 fi
 # validate logical combinations
 if [[ "$user" == "all" ]]; then
  if [[ "$domain" != "all" || "$account" != "all" ]]; then
    echo "ERROR: When USER is 'all', both DOMAIN and ACCOUNT must be 'all'."
    exit 1
  fi
 elif [[ "$domain" == "all" && "$account" != "all" ]]; then
  echo "ERROR: When DOMAIN is 'all', ACCOUNT must also be 'all'."
  exit 1
 fi
 # build a detailed summary for the warning
 declare -a summary_parts
 if [[ "$user" == "all" ]]; then
  summary_parts+=("all users")
 else
  summary_parts+=("user '$user'")
 fi
 if [[ "$domain" == "all" ]]; then
  summary_parts+=("all domains")
 else
  summary_parts+=("domain '$domain'")
 fi
 if [[ "$account" == "all" ]]; then
  summary_parts+=("all accounts")
 else
  summary_parts+=("account '$account'")
 fi
 # join with commas
 summary=$(printf ", %s" "${summary_parts[@]}")
 summary=${summary:2}
 # only warn if any of them is 'all' or if mtime is 'all'
 if [[ "$mtime" == "all" || "$user" == "all" || "$domain" == "all" || "$account" == "all" ]]; then
  echo "WARNING: This will delete emails older than '$mtime' days for ${summary}."
  read -p "Are you sure? (yes/no): " confirm
  [[ "$confirm" != "yes" ]] && { echo "Aborted."; exit 1; }
 fi
 # function to delete emails
 delete_emails() {
  local u="$1" d="$2" a="$3"
  local maildir="/home/$u/mail/$d/$a"
  [[ ! -d "$maildir" ]] && return
  echo "→ Cleaning '$a@$d' (user: $u), scope: $scope, mtime: $mtime"
  # build find predicates
  if [[ "$scope" == "all" ]]; then
    folder_expr=( -path "*/cur/*" -o -path "*/new/*" -o -path "*/tmp/*" )
  else
    folder_expr=( -ipath "*/trash/*" -o -ipath "*/junk/*" -o -ipath "*/spam/*" )
  fi
  # assemble and run find
  if [[ "$mtime" == "all" ]]; then
    find "$maildir" -type f \( "${folder_expr[@]}" \) -print -delete 2>/dev/null
  else
    find "$maildir" -type f \( "${folder_expr[@]}" \) -mtime +"$mtime" -print -delete 2>/dev/null
  fi
 }
 # collect users
 if [[ "$user" == "all" ]]; then
  users=$(v-list-users plain | awk '{print $1}')
 else
  users="$user"
 fi
 # iterate through users, domains, accounts
 for u in $users; do
  if [[ "$domain" == "all" ]]; then
    domains=$(v-list-mail-domains "$u" plain | awk '{print $1}')
  else
    domains="$domain"
  fi
  for d in $domains; do
    if [[ "$account" == "all" ]]; then
      accounts=$(v-list-mail-accounts "$u" "$d" plain | awk '{print $1}')
    else
      accounts="$account"
    fi
    for a in $accounts; do
      delete_emails "$u" "$d" "$a"
    done
  done
 done
 # restart dovecot to refresh mailbox state
 systemctl restart dovecot
 # log the action (status first, then message)
 log_event "$OK" "Deleted emails (>$mtime days, scope=$scope) for $user $domain $account"
 exit 0
--- a/bin/v-delete-user
+++ b/bin/v-delete-user
@ -94,6 +94,9 @@ fi
 # Deleting user directories
 chattr -i $HOMEDIR/$user/conf
 rm -rf $HOMEDIR/$user
 if [ -d "/hdd/home/$user" ]; then
    rm -rf /hdd/home/$user
 fi
 rm -f /var/spool/mail/$user
 rm -f /var/spool/cron/$user
 rm -f /var/spool/cron/crontabs/$user
--- a/bin/v-delete-web-domain
+++ b/bin/v-delete-web-domain
@ -62,36 +62,24 @@ if [ -f "$fpmconf" ]; then
    rm $fpmconf
    echo "Deleted: $fpmconf" >> /usr/local/vesta/log/system.log
 fi
-fpmconf="/etc/php/5.6/fpm/pool.d/$domain.conf"
+
 for PHPV in /etc/php/*; do
    if [ -d "${PHPV}" ]; then
        # PHPVER=$(basename ${PHPV})
        POOLD="${PHPV}/fpm/pool.d"
        fpmconf="$POOLD/$domain.conf"
        if [ -f "$fpmconf" ]; then
            rm $fpmconf
            echo "Deleted: $fpmconf" >> /usr/local/vesta/log/system.log
        fi
-fpmconf="/etc/php/7.0/fpm/pool.d/$domain.conf"
+        POOLD="${PHPV}/fpm/pool.d-ioncube"
        fpmconf="$POOLD/$domain.conf"
        if [ -f "$fpmconf" ]; then
            rm $fpmconf
            echo "Deleted: $fpmconf" >> /usr/local/vesta/log/system.log
        fi
 fpmconf="/etc/php/7.1/fpm/pool.d/$domain.conf"
 if [ -f "$fpmconf" ]; then
    rm $fpmconf
    echo "Deleted: $fpmconf" >> /usr/local/vesta/log/system.log
 fi
 fpmconf="/etc/php/7.2/fpm/pool.d/$domain.conf"
 if [ -f "$fpmconf" ]; then
    rm $fpmconf
    echo "Deleted: $fpmconf" >> /usr/local/vesta/log/system.log
 fi
 fpmconf="/etc/php/7.3/fpm/pool.d/$domain.conf"
 if [ -f "$fpmconf" ]; then
    rm $fpmconf
    echo "Deleted: $fpmconf" >> /usr/local/vesta/log/system.log
 fi
 fpmconf="/etc/php/7.4/fpm/pool.d/$domain.conf"
 if [ -f "$fpmconf" ]; then
    rm $fpmconf
    echo "Deleted: $fpmconf" >> /usr/local/vesta/log/system.log
    fi
 done
 # Deleting domain from web.conf
 sed -i "/DOMAIN='$domain'/ d" $USER_DATA/web.conf
@ -142,6 +130,9 @@ rm -f /var/log/$WEB_SYSTEM/domains/$domain.error*
 # Deleting directory
 rm -rf $HOMEDIR/$user/web/$domain
 if [ -d "/hdd/home/$user/web/$domain" ]; then
    rm -rf /hdd/home/$user/web/$domain
 fi
 #----------------------------------------------------------#
--- a/bin/v-delete-web-domain-ssl
+++ b/bin/v-delete-web-domain-ssl
@ -57,8 +57,14 @@ fi
 # Deleting old certificate
 tmpdir=$(mktemp -p $HOMEDIR/$user/web/$domain/private -d)
-rm -f $HOMEDIR/$user/conf/web/ssl.$domain.*
+rm -f $HOMEDIR/$user/conf/web/ssl.$domain.ca
-mv $USER_DATA/ssl/$domain.* $tmpdir
+rm -f $HOMEDIR/$user/conf/web/ssl.$domain.crt
 rm -f $HOMEDIR/$user/conf/web/ssl.$domain.key
 rm -f $HOMEDIR/$user/conf/web/ssl.$domain.pem
 mv $USER_DATA/ssl/$domain.ca $tmpdir
 mv $USER_DATA/ssl/$domain.crt $tmpdir
 mv $USER_DATA/ssl/$domain.key $tmpdir
 mv $USER_DATA/ssl/$domain.pem $tmpdir
 chown -R $user:$user $tmpdir
--- a/bin/v-delete-wordpress-uploads-php-files
+++ b/bin/v-delete-wordpress-uploads-php-files
@ -0,0 +1,64 @@
 #!/bin/bash
 # info: delete PHP files from WordPress uploads folder
 # options: DOMAIN
 #----------------------------------------------------------#
 #                    Variable & Function                   #
 #----------------------------------------------------------#
 [ "$(whoami)" != "root" ] && { echo "You must be root to run this command."; exit 1; }
 source /etc/profile
 DOMAIN="$1"
 [ -z "$DOMAIN" ] && { echo "Usage: v-delete-wordpress-uploads-php-files DOMAIN"; exit 1; }
 USER="$(/usr/local/vesta/bin/v-search-domain-owner "$DOMAIN")"
 [ -z "$USER" ] && { echo "Domain $DOMAIN does not exist."; exit 1; }
 WP_PATH="/home/$USER/web/$DOMAIN/public_html"
 [ ! -f "$WP_PATH/wp-config.php" ] && { echo "WordPress is not installed on this domain."; exit 1; }
 quarantined=0;
 #----------------------------------------------------------#
 #                         Action                           #
 #----------------------------------------------------------#
 cd "$WP_PATH" || exit 1
 files=$(find wp-content/uploads/ -type f -name "*.php")
 if [ -z "$files" ]; then
    echo "= No PHP files found in WordPress uploads folder."
    exit 0;
 fi
 echo "= Found PHP files in WordPress uploads folder for domain $DOMAIN :"
 echo "-------------------------------------"
 echo "$files"
 echo "-------------------------------------"
 read -r -p "Do you want to move these files to quarantine? (y/n, default: y): " RESPONSE < /dev/tty
 if [ "$RESPONSE" == "y" ] || [ "$RESPONSE" == "Y" ] || [ -z "$RESPONSE" ]; then
    for file in $files; do
        source_file="/home/$USER/web/$DOMAIN/public_html/$file"
        destination_file="/srv/wp-uploads-php-files-quarantine/$DOMAIN/$file"
        destination_folder=$(dirname "$destination_file")
        mkdir -p "$destination_folder"
        chown $USER:$USER "$destination_folder"
        mv "$source_file" "$destination_file"
        echo "= File $source_file moved to $destination_file"
        quarantined=1;
    done
    chown -R $USER:$USER "/srv/wp-uploads-php-files-quarantine/$DOMAIN"
 fi
 echo ""
 if [ $quarantined -eq 1 ]; then
    echo "= All PHP files moved to quarantine."
    echo "= You can find them in /srv/wp-uploads-php-files-quarantine/$DOMAIN"
 else
    echo "= No PHP files found in WordPress uploads folder."
 fi
 exit 0;
--- a/bin/v-desinfect-wordpress
+++ b/bin/v-desinfect-wordpress
@ -0,0 +1,86 @@
 #!/bin/bash
 # info: disinfect a WordPress site with several maintenance commands
 # options: DOMAIN
 # -------------------------------------------------------- #
 #                    variables and checks                  #
 # -------------------------------------------------------- #
 if [ "$(whoami)" != "root" ]; then
    echo "You must be root to run this command."
    exit 1
 fi
 # make sure all Vesta helper scripts are reachable
 export PATH="/usr/local/vesta/bin:$PATH"
 source /etc/profile
 domain="$1"
 if [ -z "$domain" ]; then
    echo "Usage: v-desinfect-wp DOMAIN"
    exit 1
 fi
 user=$(/usr/local/vesta/bin/v-search-domain-owner "$domain")
 if [ -z "$user" ]; then
    echo "Domain $domain does not exist."
    exit 1
 fi
 if [ ! -f "/usr/local/vesta/bin/v-wf-malware-hyperscan-with-remediate" ]; then
    echo "= WordFence CLI is not installed. Installing..."
    /usr/local/vesta/bin/v-install-wordfence-cli
 fi
 # absolute paths to maintenance scripts, in desired order
 declare -a tasks=(
    "/usr/local/vesta/bin/v-change-database-password-for-wordpress"
    "/usr/local/vesta/bin/v-change-wordpress-admin-passwords"
    "/usr/local/vesta/bin/v-fix-wordpress-core"
    "/usr/local/vesta/bin/v-delete-inactive-wordpress-plugins-and-themes"
    "/usr/local/vesta/bin/v-delete-wordpress-uploads-php-files"
    "/usr/local/vesta/bin/v-wf-malware-hyperscan-with-remediate"
    "INTERACTIVE=1 /usr/local/vesta/bin/v-wf-malware-hyperscan-with-remediate"
 )
 # -------------------------------------------------------- #
 #                    execution strategy                    #
 # -------------------------------------------------------- #
 echo
 read -r -p "Run all maintenance steps automatically? (y/n) " run_all < /dev/tty
 if [[ "$run_all" =~ ^[Yy]$ ]]; then
    echo "Running all maintenance steps for $domain"
    automatic=true
 else
    echo
    echo "Selective mode. You will be asked for each step."
    automatic=false
 fi
 for cmd in "${tasks[@]}"; do
    if [ ! -x "$cmd" ]; then
        echo "Command $cmd not found or not executable, skipping."
        continue
    fi
    if [ "$automatic" = false ]; then
        while true; do
            read -r -p "Run $(basename "$cmd") for $domain? (y/n) " yn < /dev/tty
            case "$yn" in
                [Yy]* ) break ;;
                [Nn]* ) echo "Skipping $(basename "$cmd")."; continue 2 ;;
                * )     echo "Please answer y or n." ;;
            esac
        done
    fi
    echo
    echo "=== $(basename "$cmd") $domain ==="
    "$cmd" "$domain"
 done
 echo
 echo "Done."
 exit 0
--- a/bin/v-df-snapshot-diff
+++ b/bin/v-df-snapshot-diff
@ -0,0 +1,102 @@
 #!/bin/bash
 # info: Make a diff between two snapshots of the disk usage
 # options: FILE1 FILE2
 whoami=$(whoami)
 if [ "$whoami" != "root" ]; then
    echo "You must be root to execute this script"
    exit 1
 fi
 # Let's declare three associative arrays
 declare -A FILE1
 declare -A FILE2
 declare -A FILED
 file1=$1
 file2=$2
 if [[ ! "$file1" =~ ^/usr/local/vesta/data/df/snapshot-.*\.txt$ ]]; then
    file1="/usr/local/vesta/data/df/$file1"
 fi
 if [[ ! "$file2" =~ ^/usr/local/vesta/data/df/snapshot-.*\.txt$ ]]; then
    file2="/usr/local/vesta/data/df/$file2"
 fi
 if [ ! -f "$file1" ]; then
    echo "File $file1 not found"
    exit 1
 fi
 if [ ! -f "$file2" ]; then
    echo "File $file2 not found"
    exit 1
 fi
 timestamp=$(date +%Y-%m-%d-%H-%M-%S)
 mkdir -p /usr/local/vesta/data/df-diff
 file0="/usr/local/vesta/data/df-diff/diff-$timestamp.txt"
 file0s="/usr/local/vesta/data/df-diff/diff-size-sorted-$timestamp.txt"
 file0f="/usr/local/vesta/data/df-diff/diff-folder-sorted-$timestamp.txt"
 touch $file0
 # Let's load the first file and fill the array FILE1
 while IFS=$'\t' read SIZE DIRECTORY; do
    # Skip blank lines or lines that are not in the correct format
    [[ -z "$DIRECTORY" ]] && continue
    [[ "$DIRECTORY" = "total" ]] && continue
    # Insert values into the array
    FILE1["$DIRECTORY"]="$SIZE"
 done < "$file1"
 # Let's load the second file and fill the array FILE2
 while IFS=$'\t' read SIZE DIRECTORY; do
    # Skip blank lines or lines that are not in the correct format
    [[ -z "$DIRECTORY" ]] && continue
    [[ "$DIRECTORY" = "total" ]] && continue
    # Insert values into the array
    FILE2["$DIRECTORY"]="$SIZE"
 done < "$file2"
 # We iterate through FILE1 and look for the matching key in FILE2
 for k in "${!FILE1[@]}"; do
    if [[ -v FILE2["$k"] ]]; then
        # If there is the same folder (KEY) in FILE2
        DIFF=$(( ${FILE2[$k]} - ${FILE1[$k]} ))
        FILED["$k"]=$DIFF
        echo -e "${DIFF}\t${k}" >> $file0
    else
        # If the folder (KEY) is not found in FILE2
        FILED["$k"]=${FILE1["$k"]}
        echo -e "${FILE1["$k"]}\t${k}" >> $file0
    fi
 done
 # sorted by size
 sort -nr -k1,1 $file0 > $file0s
 # sorted by folders
 while IFS=$'\t' read SIZE DIRECTORY; do
    [[ -z "$DIRECTORY" ]] && continue
    [[ "$DIRECTORY" = "total" ]] && continue
    echo -e "$DIRECTORY\t${FILED["$DIRECTORY"]}" >> $file0f
 done < "$file2"
 chmod 600 $file0 $file0s $file0f
 chown root:root $file0 $file0s $file0f
 echo "Done."
 echo "You can do:"
 echo "mcview $file0"
 echo "mcview $file0s"
 echo "mcview $file0f"
 echo "--------------------------------"
 echo "Here is the first 30 lines of the diff, sorted by size (descending, in MB):"
 head -n 30 $file0s
 echo "--------------------------------"
 echo "Here is the first 30 lines of the diff, sorted by folders (in MB):"
 head -n 30 $file0f
 echo "--------------------------------"
 exit 0
--- a/bin/v-df-snapshot-logs-cleaner
+++ b/bin/v-df-snapshot-logs-cleaner
@ -0,0 +1,11 @@
 #!/bin/bash
 # info: Clean up old snapshots of the disk usage
 # options: NONE
 folder="/usr/local/vesta/data/df"
 mkdir -p $folder
 find $folder -type f -mtime +30 -delete
 folder="/usr/local/vesta/data/df-diff"
 mkdir -p $folder
 find $folder -type f -mtime +30 -delete
--- a/bin/v-df-snapshot-make
+++ b/bin/v-df-snapshot-make
@ -0,0 +1,52 @@
 #!/bin/bash
 # info: Make a snapshot of the disk usage
 # options: NONE
 folder="/usr/local/vesta/data/df"
 mkdir -p $folder
 timestamp=$(date +%Y-%m-%d-%H-%M-%S)
 du --max-depth=1 -m -x / > $folder/snapshot-$timestamp.txt
 du --max-depth=6 -m -x /home > $folder/snapshot-temp.txt
 for i in {2..7}; do
    while IFS= read -r line; do
        count=0
        for (( j=0; j<${#line}; j++ )); do
            if [[ ${line:j:1} == "/" ]]; then
                ((count++))
            fi
        done
        if [ $count -eq $i ]; then
            printf '%s\n' "$line" >> $folder/snapshot-$timestamp.txt
        fi
    done < $folder/snapshot-temp.txt
 done
 rm $folder/snapshot-temp.txt
 if [ -d "/hdd" ]; then
    du --max-depth=7 -m -x /hdd > $folder/snapshot-temp.txt
    for i in {1..8}; do
        while IFS= read -r line; do
            count=0
            for (( j=0; j<${#line}; j++ )); do
                if [[ ${line:j:1} == "/" ]]; then
                    ((count++))
                fi
            done
            if [ $count -eq $i ]; then
                printf '%s\n' "$line" >> $folder/snapshot-$timestamp.txt
            fi
        done < $folder/snapshot-temp.txt
    done
    rm $folder/snapshot-temp.txt
 fi
 du --max-depth=1 -m -x /var/lib/mysql >> $folder/snapshot-$timestamp.txt
 du --max-depth=1 -m -x /var/log >> $folder/snapshot-$timestamp.txt
 chmod 600 $folder/snapshot-$timestamp.txt
 chown root:root $folder/snapshot-$timestamp.txt
 exit 0
--- a/bin/v-edit-domain-php-ini
+++ b/bin/v-edit-domain-php-ini
@ -0,0 +1,90 @@
 #!/bin/bash
 # info: Edit php.ini for certain domain
 # options: DOMAIN 
 #----------------------------------------------------------#
 #                    Variable&Function                     #
 #----------------------------------------------------------#
 whoami=$(whoami)
 if [ "$whoami" != "root" ]; then
    echo "You must be root to execute this script"
    exit 1
 fi
 # Importing system environment
 source /etc/profile
 SILENT_MODE=1
 # Argument definition
 domain=$1
 user=$(/usr/local/vesta/bin/v-search-domain-owner $domain)
 USER=$user
 # Includes
 source /usr/local/vesta/func/main.sh
 source /usr/local/vesta/func/domain.sh
 if [ -z "$user" ]; then
    check_result $E_NOTEXIST "domain $domain doesn't exist"
 fi
 #----------------------------------------------------------#
 #                    Verifications                         #
 #----------------------------------------------------------#
 check_args '1' "$#" 'DOMAIN'
 is_format_valid 'domain'
 is_object_valid 'user' 'USER' "$user"
 is_object_unsuspended 'user' 'USER' "$user"
 if [ ! -d "/home/$user" ]; then
    # echo "User doesn't exist";
    exit 1;
 fi
 if [ ! -d "/home/$user/web/$domain/public_html" ]; then
    # echo "Domain doesn't exist";
    exit 1;
 fi
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
 fpm_ver=$(/usr/local/vesta/bin/v-get-php-version-of-domain $domain)
 if [ -z "$fpm_ver" ]; then
    echo "PHP version for domain $domain could not be determined."
    exit 1
 fi
 config_file="/etc/php/${fpm_ver}/fpm/pool.d/${domain}.conf"
 if command -v mcedit >/dev/null; then
    mcedit "$config_file"
 else
    nano "$config_file"
 fi
 echo "Restarting PHP-FPM service for PHP version ${fpm_ver}"
 systemctl restart php${fpm_ver}-fpm
 if [ $? -ne 0 ]; then
    systemctl status php${fpm_ver}-fpm
    echo "========================="
    echo ""
    echo "ERROR: php${fpm_ver}-fpm restart failed - please re-run the command and fix the problem !!!"
    echo ""
    exit $E_RESTART;
 else
    echo "The PHP-FPM service for PHP version ${fpm_ver} has been restarted successfully."
 fi
 echo ""
 #----------------------------------------------------------#
 #                       Vesta                              #
 #----------------------------------------------------------#
 exit 0;
--- a/bin/v-edit-php-ini
+++ b/bin/v-edit-php-ini
@ -0,0 +1,70 @@
 #!/bin/bash
 # info: Edit php.ini for a specific PHP version
 #----------------------------------------------------------#
 #                    Variable&Function                     #
 #----------------------------------------------------------#
 # Includes
 source $VESTA/func/main.sh
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
 # List available PHP versions and store them into an array
 mapfile -t php_versions < <(/usr/local/vesta/bin/v-list-php)
 echo "Available PHP versions:"
 PS3="Please select the PHP version you want to edit php.ini for: "
 select php_version in "${php_versions[@]}"; do
    if [[ -n $php_version ]]; then
        break
    else
        echo "Invalid choice. Please try again."
    fi
 done
 # Define path to the php.ini file
 php_ini_path="/etc/php/${php_version}/fpm/php.ini"
 # Check if php.ini exists for the selected version
 if [[ ! -f "$php_ini_path" ]]; then
    echo "The php.ini file for the selected PHP version ($php_version) does not exist."
    exit 1
 fi
 # Determine the text editor to use
 if command -v mcedit >/dev/null 2>&1; then
    editor_cmd="mcedit"
 elif command -v nano >/dev/null 2>&1; then
    editor_cmd="nano"
 else
    echo "No supported text editor found. Please install 'mcedit' or 'nano'."
    exit 1
 fi
 # Open php.ini for the chosen PHP version in the selected editor
 echo "Opening $php_ini_path in editor $editor_cmd..."
 $editor_cmd "$php_ini_path"
 # Restart the PHP-FPM service for the selected version
 echo "Restarting the PHP-FPM service for PHP version $php_version..."
 systemctl restart php${php_version}-fpm
 if [ $? -ne 0 ]; then
    systemctl status php${php_version}-fpm
    echo "========================="
    echo ""
    echo "ERROR: php${php_version}-fpm restart failed - please re-run the command and fix the problem !!!"
    echo ""
    exit $E_RESTART;
 else
    echo "The PHP-FPM service for PHP version ${php_version} has been restarted successfully."
 fi
 #----------------------------------------------------------#
 #                       Exit                               #
 #----------------------------------------------------------#
 exit 0;
--- a/bin/v-fix-php-ini-disable-functions
+++ b/bin/v-fix-php-ini-disable-functions
@ -0,0 +1,35 @@
 #!/bin/bash
 whoami=$(whoami)
 if [ "$whoami" != "root" ]; then
    echo "You must be root to execute this script"
    exit 1;
 fi
 if [ -f "/tmp/patched" ]; then rm /tmp/patched; fi;
 echo "=== Fixing php.ini files to have the correct disable_functions line"
 export NOTFOUNDVAL="exec,system,passthru,shell_exec"
 export LINEBEGINSWITH="disable_functions ="
 export NEWVAL="disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,exec,system,passthru,shell_exec,proc_open,popen"
 find /etc/php/*/fpm/ -type f -name "php.ini" -exec grep -L "$NOTFOUNDVAL" {} \; | xargs sh -c 'found=0; for arg do if [ ! -f "$arg.disable_patching" ]; then if [ $found -eq 0 ]; then echo "== Fixing existing lines"; found=1; touch /tmp/patched; fi; echo "= Patching $arg"; sed -i "s|^$LINEBEGINSWITH.*|$NEWVAL|g" $arg; fi; done' _
 export NOTFOUNDVAL2="^$LINEBEGINSWITH"
 export REMOVELINETHATCONTAINS=$LINEBEGINSWITH
 find /etc/php/*/fpm/ -type f -name "php.ini" -exec grep -L "$NOTFOUNDVAL2" {} \; | xargs sh -c 'found=0; for arg do if [ ! -f "$arg.disable_patching" ]; then if [ $found -eq 0 ]; then echo "== Adding missing lines"; found=1; touch /tmp/patched; fi; echo "= Patching $arg"; sed -i "s|.*$REMOVELINETHATCONTAINS.*||g" $arg; echo "$NEWVAL" >> $arg; fi; done' _
 if [ -f "/tmp/patched" ]; then
    rm /tmp/patched
    echo "== Restarting all PHP-FPM services"
    systemctl --full --type service --all | grep "php...-fpm" | sed 's#●##g' | awk '{print $1}' | xargs systemctl restart
    echo "=== Everything done."
 else
    echo "=== Everything is already correct."
 fi
 exit 0;
--- a/bin/v-fix-user-permissions
+++ b/bin/v-fix-user-permissions
@ -0,0 +1,62 @@
 #!/bin/bash
 # info:
 # This script will fix files permissions for desired user (if ownership is lost or files have wrong chmod)
 # options: user
 #----------------------------------------------------------#
 #                    Variable&Function                     #
 #----------------------------------------------------------#
 whoami=$(whoami)
 if [ "$whoami" != "root" ] && [ "$whoami" != "admin" ] ; then
    echo "You must be root or admin to execute this script";
    exit 1;
 fi
 # Argument definition
 user=$1
 # Includes
 source $VESTA/func/main.sh
 #----------------------------------------------------------#
 #                    Verifications                         #
 #----------------------------------------------------------#
 check_args '1' "$#" 'USER'
 is_format_valid 'user'
 is_object_valid 'user' 'USER' "$user"
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
 find /home/$user/conf/mail/ -type d -exec chown Debian-exim:mail {} \;
 find /home/$user/conf/mail/*/ -type f -exec chown Debian-exim:mail {} \;
 find /home/$user/conf/mail/*/ -name "passwd" -type f -exec chown dovecot:mail {} \;
 find /home/$user/mail/ -type d -exec chown $user:mail {} \;
 find /home/$user/mail/*/ -type d -exec chown $user:mail {} \;
 find /home/$user/mail/*/ -type f -exec chown $user:mail {} \;
 find /home/$user/mail/*/ -type d -exec chmod u+rwx {} \;
 find /home/$user/mail/*/ -type d -exec chmod g+rwx {} \;
 find /home/$user/mail/*/ -type f -exec chmod u+rw {} \;
 find /home/$user/mail/*/ -type f -exec chmod g+rw {} \;
 find /home/$user/mail/*/ -maxdepth 1 -type d -exec chmod g-rwx {} \;
 find /home/$user/conf/dns/ -type f -exec chown root:bind {} \;
 find /home/$user/conf/ -type d -exec chown root:root {} \;
 for domain in $(/usr/local/vesta/bin/v-list-web-domains $user plain |cut -f 1); do
    /usr/local/vesta/bin/v-fix-website-permissions $domain $user
    echo "--------------------------------"
 done
 echo "Done, permissions fixed for user: $user"
 # Logging
 log_event "$OK" "$ARGUMENTS"
 exit
--- a/bin/v-fix-website-permissions
+++ b/bin/v-fix-website-permissions
@ -0,0 +1,161 @@
 #!/bin/bash
 # info: Fixing chown and chmod permissions for a website
 # options: DOMAIN [USER]
 #----------------------------------------------------------#
 #                    Variable&Function                     #
 #----------------------------------------------------------#
 whoami=$(whoami)
 if [ "$whoami" != "root" ]; then
    echo "You must be root to execute this script"
    exit 1
 fi
 # Importing system environment
 source /etc/profile
 # Argument definition
 domain=$1
 # Check if number of arguments is 2
 if [ $# -eq 2 ]; then
    user=$2
 else
    user=$(/usr/local/vesta/bin/v-search-domain-owner $domain)
 fi
 USER=$user
 # Includes
 source /usr/local/vesta/func/main.sh
 source /usr/local/vesta/conf/vesta.conf
 if [ -z "$user" ]; then
    check_result $E_NOTEXIST "domain $domain doesn't exist"
 fi
 #----------------------------------------------------------#
 #                    Verifications                         #
 #----------------------------------------------------------#
 check_args '1' "$#" 'DOMAIN'
 is_format_valid 'domain'
 is_object_valid 'user' 'USER' "$user"
 if [ ! -d "/home/$user" ]; then
    echo "Error: Folder /home/$user doesn't exist";
    exit 1;
 fi
 if [ ! -d "/home/$user/web/$domain/public_html" ]; then
    echo "Error: Folder /home/$user/web/$domain/public_html doesn't exist";
    exit 1;
 fi
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
 # Going to domain directory
 cd /home/$USER/web/$domain
 # Ownership check
 if [ -z "$SKIP_OWNERSHIP_CHECK" ] && [ -f "public_html/index.php" ]; then
    owner=$(stat -c '%U' "public_html/index.php")
    if [ "$owner" = "root" ] || [ "$owner" = "www-data" ]; then
        echo "Skipping permission fix for $domain, because v-lock-wordpress is used (index.php is owned by $owner)"
        exit 1
    fi
 fi
 echo "Updating permissions and ownership for /home/$USER/web/$domain/"
 php_chmod_allowed=1
 if [ -f "/home/php_chmod_disabled" ]; then
    php_chmod_allowed=0
 fi
 if [ -f "/home/$USER/php_chmod_disabled" ]; then
    php_chmod_allowed=0
 fi
 if [ -f "/home/$USER/web/php_chmod_disabled" ]; then
    php_chmod_allowed=0
 fi
 if [ -f "/home/$USER/web/$domain/php_chmod_disabled" ]; then
    php_chmod_allowed=0
 fi
 # === General files and directories permissions ===
 if [ "$php_chmod_allowed" -eq 1 ]; then
    # New way of fixing permissions
    # Fixing permissions
    find public_html/ -type d ! -perm 755 -exec chmod 755 {} +
    find public_html/ -type f ! \( -name "*.php" -o -name "*.env" \) ! -perm 644 -exec chmod 644 {} +
    # Fixing ownership
    find public_html/ -type d ! -user $USER -exec chown $USER:$USER {} +
    find public_html/ -type f ! \( -name "*.php" -o -name "*.env" \) ! -user $USER -exec chown $USER:$USER {} +
 else
    # Old way of fixing permissions
    # Fixing permissions
    find public_html/ -type d ! -perm 755 -exec chmod 755 {} +
    find public_html/ -type f ! -perm 644 -exec chmod 644 {} +
    # Fixing ownership
    find public_html/ -type d ! -user $USER -exec chown $USER:$USER {} +
    find public_html/ -type f ! -user $USER -exec chown $USER:$USER {} +
 fi
 # === PHP and .env permissions ===
 if [ "$php_chmod_allowed" -eq 1 ]; then
    php_chmod="600"
    if [ "$WEB_SYSTEM" = 'nginx' ]; then
        php_chmod="644"
    fi
    if [ -f "/home/php_chmod" ]; then
        php_chmod=$(cat /home/php_chmod)
    fi
    if [ -f "/home/$USER/php_chmod" ]; then
        php_chmod=$(cat /home/$USER/php_chmod)
    fi
    if [ -f "/home/$USER/web/php_chmod" ]; then
        php_chmod=$(cat /home/$USER/web/php_chmod)
    fi
    if [ -f "/home/$USER/web/$domain/php_chmod" ]; then
        php_chmod=$(cat /home/$USER/web/$domain/php_chmod)
    fi
    # Setting chmod 600 for all .php and .env files
    echo "= Setting chmod $php_chmod for all .php and .env files"
    # Fixing permissions
    find -type f \( -name "*.php" -o -name "*.env" \) ! -perm $php_chmod -exec chmod $php_chmod {} +
    # Fixing ownership
    find -type f \( -name "*.php" -o -name "*.env" \) ! -user $USER -exec chown $USER:$USER {} +
 fi
 # === Symlinks ownership ===
 symlink_chown_allowed=1
 if [ -f "/home/symlink_chown_disabled" ]; then
    symlink_chown_allowed=0
 fi
 if [ -f "/home/$USER/symlink_chown_disabled" ]; then
    symlink_chown_allowed=0
 fi
 if [ -f "/home/$USER/web/symlink_chown_disabled" ]; then
    symlink_chown_allowed=0
 fi
 if [ -f "/home/$USER/web/$domain/symlink_chown_disabled" ]; then
    symlink_chown_allowed=0
 fi
 if [ "$symlink_chown_allowed" -eq 1 ]; then
    find -type l ! -user $USER -exec chown -h $USER:$USER {} +
 fi
 #----------------------------------------------------------#
 #                       Vesta                              #
 #----------------------------------------------------------#
 echo "Permissions for $domain have been successfully updated."
 exit 0
--- a/bin/v-fix-website-permissions-for-all-websites
+++ b/bin/v-fix-website-permissions-for-all-websites
@ -0,0 +1,41 @@
 #!/bin/bash
 # info: fix website permissions for all websites
 # options:
 #
 # The command is used for fixing website permissions for all websites on the server.
 #----------------------------------------------------------#
 #                    Variable&Function                     #
 #----------------------------------------------------------#
 # Importing system variables
 source /etc/profile
 # Includes
 source $VESTA/func/main.sh
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
 for user in $(grep '@' /etc/passwd |cut -f1 -d:); do
    if [ ! -f "/usr/local/vesta/data/users/$user/user.conf" ]; then
        continue;
    fi
    for domain in $(/usr/local/vesta/bin/v-list-web-domains $user plain |cut -f 1); do
        /usr/local/vesta/bin/v-fix-website-permissions $domain $user
        echo "--------------------------------"
    done
 done
 #----------------------------------------------------------#
 #                       Vesta                              #
 #----------------------------------------------------------#
 # Logging
 log_event "$OK" "$ARGUMENTS"
 exit
--- a/bin/v-fix-website-permissions-for-all-websites-only-php
+++ b/bin/v-fix-website-permissions-for-all-websites-only-php
@ -0,0 +1,44 @@
 #!/bin/bash
 # info: fix website permissions for all websites
 # options:
 #
 # The command is used for fixing website permissions for all websites on the server.
 #----------------------------------------------------------#
 #                    Variable&Function                     #
 #----------------------------------------------------------#
 # Importing system variables
 source /etc/profile
 # Includes
 source $VESTA/func/main.sh
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
 touch /usr/local/vesta/log/fix-website-permissions-for-all-websites-only-php.log
 truncate -s 0 /usr/local/vesta/log/fix-website-permissions-for-all-websites-only-php.log
 for user in $(grep '@' /etc/passwd |cut -f1 -d:); do
    if [ ! -f "/usr/local/vesta/data/users/$user/user.conf" ]; then
        continue;
    fi
    for domain in $(/usr/local/vesta/bin/v-list-web-domains $user plain |cut -f 1); do
        /usr/local/vesta/bin/v-fix-website-permissions-only-php $domain $user >> /usr/local/vesta/log/fix-website-permissions-for-all-websites-only-php.log 2>&1
        echo "--------------------------------" >> /usr/local/vesta/log/fix-website-permissions-for-all-websites-only-php.log
    done
 done
 #----------------------------------------------------------#
 #                       Vesta                              #
 #----------------------------------------------------------#
 # Logging
 log_event "$OK" "$ARGUMENTS"
 exit
--- a/bin/v-fix-website-permissions-only-php
+++ b/bin/v-fix-website-permissions-only-php
@ -0,0 +1,121 @@
 #!/bin/bash
 # info: Fixing PHP and .env permissions and ownership for a website
 # options: DOMAIN [USER]
 #----------------------------------------------------------#
 #                    Variable&Function                     #
 #----------------------------------------------------------#
 whoami=$(whoami)
 if [ "$whoami" != "root" ]; then
    echo "You must be root to execute this script"
    exit 1
 fi
 # Importing system environment
 source /etc/profile
 # Argument definition
 domain=$1
 # Check if number of arguments is 2
 if [ $# -eq 2 ]; then
    user=$2
 else
    user=$(/usr/local/vesta/bin/v-search-domain-owner $domain)
 fi
 USER=$user
 # Includes
 source /usr/local/vesta/func/main.sh
 source /usr/local/vesta/conf/vesta.conf
 if [ -z "$user" ]; then
    check_result $E_NOTEXIST "domain $domain doesn't exist"
 fi
 #----------------------------------------------------------#
 #                    Verifications                         #
 #----------------------------------------------------------#
 check_args '1' "$#" 'DOMAIN'
 is_format_valid 'domain'
 is_object_valid 'user' 'USER' "$user"
 if [ ! -d "/home/$user" ]; then
    echo "Error: Folder /home/$user doesn't exist";
    exit 1;
 fi
 if [ ! -d "/home/$user/web/$domain/public_html" ]; then
    echo "Error: Folder /home/$user/web/$domain/public_html doesn't exist";
    exit 1;
 fi
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
 # Going to domain directory
 cd /home/$USER/web/$domain
 # Ownership check
 if [ -z "$SKIP_OWNERSHIP_CHECK" ] && [ -f "public_html/index.php" ]; then
    owner=$(stat -c '%U' "public_html/index.php")
    if [ "$owner" = "root" ] || [ "$owner" = "www-data" ]; then
        echo "Skipping permission fix for $domain, because v-lock-wordpress is used (index.php is owned by $owner)"
        exit 1
    fi
 fi
 echo "Updating PHP and .env permissions and ownership for /home/$USER/web/$domain/"
 php_chmod_allowed=1
 if [ -f "/home/php_chmod_disabled" ]; then
    php_chmod_allowed=0
 fi
 if [ -f "/home/$USER/php_chmod_disabled" ]; then
    php_chmod_allowed=0
 fi
 if [ -f "/home/$USER/web/php_chmod_disabled" ]; then
    php_chmod_allowed=0
 fi
 if [ -f "/home/$USER/web/$domain/php_chmod_disabled" ]; then
    php_chmod_allowed=0
 fi
 # === PHP and .env permissions ===
 if [ "$php_chmod_allowed" -eq 1 ]; then
    php_chmod="600"
    if [ "$WEB_SYSTEM" = 'nginx' ]; then
        php_chmod="644"
    fi
    if [ -f "/home/php_chmod" ]; then
        php_chmod=$(cat /home/php_chmod)
    fi
    if [ -f "/home/$USER/php_chmod" ]; then
        php_chmod=$(cat /home/$USER/php_chmod)
    fi
    if [ -f "/home/$USER/web/php_chmod" ]; then
        php_chmod=$(cat /home/$USER/web/php_chmod)
    fi
    if [ -f "/home/$USER/web/$domain/php_chmod" ]; then
        php_chmod=$(cat /home/$USER/web/$domain/php_chmod)
    fi
    # Setting chmod 600 for all .php and .env files
    echo "= Setting chmod $php_chmod for all .php and .env files"
    # Fixing permissions
    find -type f \( -name "*.php" -o -name "*.env" \) ! -perm $php_chmod -exec chmod $php_chmod {} +
    # Fixing ownership
    find -type f \( -name "*.php" -o -name "*.env" \) ! -user $USER -exec chown $USER:$USER {} +
 fi
 #----------------------------------------------------------#
 #                       Vesta                              #
 #----------------------------------------------------------#
 echo "PHP and .env permissions and ownership for $domain have been successfully updated."
 exit 0
--- a/bin/v-fix-wordpress-core
+++ b/bin/v-fix-wordpress-core
@ -0,0 +1,115 @@
 #!/bin/bash
 # info: fix compromised wp-admin and wp-includes
 # options: DOMAIN [CACHE_DIR]
 #
 # Replaces wp-admin and wp-includes with clean copies that match
 # the WordPress core version detected on the site.
 #
 # Example:
 #   v-fix-wp-core example.com
 #   v-fix-wp-core example.com /srv/wp-cache
 #----------------------------------------------------------#
 #                    Variable & Function                   #
 #----------------------------------------------------------#
 # Arguments
 DOMAIN="$1"
 CACHE_DIR="${2-/srv/wp-cache}"       # default cache location
 QUARANTINE_DIR="/srv/wp-quarantine"
 # Includes
 source $VESTA/func/main.sh
 source $VESTA/conf/vesta.conf
 #----------------------------------------------------------#
 #                    Verifications                         #
 #----------------------------------------------------------#
 check_args '1' "$#" 'DOMAIN [CACHE_DIR]'
 is_format_valid 'domain'
 #----------------------------------------------------------#
 #                         Action                           #
 #----------------------------------------------------------#
 TMP_DIR="$(mktemp -d /tmp/wpfix.XXXXXX)"  # temp workspace
 trap 'rm -rf "$TMP_DIR"' EXIT
 # 1etermine WP version
 if [ -z "$PHP" ]; then
    WP_VERSION="$(/usr/local/vesta/bin/v-run-wp-cli "$DOMAIN" core version | tr -d '[:space:]')"
 else
    WP_VERSION="$(PHP=$PHP /usr/local/vesta/bin/v-run-wp-cli "$DOMAIN" core version | tr -d '[:space:]')"
 fi
 check_result $? "cannot detect WP version" > /dev/null
 if [ -z "$WP_VERSION" ]; then
    check_result 1 "empty WP version string"
 fi
 echo "Detected WordPress version $WP_VERSION"
 # 2ind site owner and path
 USER="$(/usr/local/vesta/bin/v-search-domain-owner "$DOMAIN")"
 check_result $? "cannot find domain owner" > /dev/null
 SITE_PATH="/home/$USER/web/$DOMAIN/public_html"
 if [ ! -d "$SITE_PATH" ]; then
    check_result 1 "site path $SITE_PATH does not exist"
 fi
 # ensure cached core is present
 CACHE_PATH="$CACHE_DIR/$WP_VERSION"
 if [ ! -d "$CACHE_PATH/wp-admin" ] || [ ! -d "$CACHE_PATH/wp-includes" ]; then
    echo "Cache for $WP_VERSION missing, downloading ZIP..."
    mkdir -p "$CACHE_PATH"
    ZIP_URL="https://wordpress.org/wordpress-${WP_VERSION}.zip"
    ZIP_FILE="$TMP_DIR/wp.zip"
    curl -fSL "$ZIP_URL" -o "$ZIP_FILE"
    check_result $? "download failed" > /dev/null
    unzip -q "$ZIP_FILE" -d "$TMP_DIR"
    check_result $? "unzip failed" > /dev/null
    mv "$TMP_DIR/wordpress/wp-admin"    "$CACHE_PATH/"
    mv "$TMP_DIR/wordpress/wp-includes" "$CACHE_PATH/"
    cp "$TMP_DIR/wordpress"/*.php "$CACHE_PATH/"
 fi
 # backup current core folders
 TIMESTAMP="$(date +%Y%m%d%H%M%S)"
 BACKUP_DIR="$QUARANTINE_DIR/$DOMAIN/backup-core-$TIMESTAMP"
 mkdir -p "$BACKUP_DIR"
 mv "$SITE_PATH/wp-admin"    "$BACKUP_DIR/"
 mv "$SITE_PATH/wp-includes" "$BACKUP_DIR/"
 for f in "$SITE_PATH"/*.php; do
    [[ $(basename "$f") == "wp-config.php" ]] && continue
    mv "$f" "$BACKUP_DIR/"
 done
 if [ -f "$SITE_PATH/.user.ini" ]; then
    mv "$SITE_PATH/.user.ini" "$BACKUP_DIR/"
 fi
 # chown -R www-data:www-data "$BACKUP_DIR"
 check_result $? "backup failed" > /dev/null
 echo "Old core folders moved to $BACKUP_DIR"
 # deploy clean core
 rsync -a --delete "$CACHE_PATH/wp-admin/"    "$SITE_PATH/wp-admin/"
 rsync -a --delete "$CACHE_PATH/wp-includes/" "$SITE_PATH/wp-includes/"
 check_result $? "rsync failed" > /dev/null
 for corephp in "$CACHE_PATH"/*.php; do
    base=$(basename "$corephp")
    [ "$base" = "wp-config.php" ] && continue
    rsync -a "$corephp" "$SITE_PATH/$base"
 done
 # fix permissions
 SKIP_OWNERSHIP_CHECK=1 /usr/local/vesta/bin/v-fix-website-permissions $DOMAIN
 # chown -R www-data:www-data "$BACKUP_DIR"
 echo "Done, core WP files, wp-admin and wp-includes replaced for $DOMAIN"
 exit
--- a/bin/v-get-dns-config
+++ b/bin/v-get-dns-config
@ -0,0 +1,70 @@
 #!/bin/bash
 # info: Get domain DNS config.db file content
 # options: DOMAIN 
 #----------------------------------------------------------#
 #                    Variable&Function                     #
 #----------------------------------------------------------#
 whoami=$(whoami)
 if [ "$whoami" != "root" ]; then
    echo "You must be root to execute this script"
    exit 1
 fi
 # Importing system environment
 source /etc/profile
 SILENT_MODE=1
 # Argument definition
 domain=$1
 user=$(/usr/local/vesta/bin/v-search-domain-owner $domain)
 USER=$user
 # Includes
 source /usr/local/vesta/func/main.sh
 source /usr/local/vesta/func/domain.sh
 if [ -z "$user" ]; then
    check_result $E_NOTEXIST "domain $domain doesn't exist"
 fi
 #----------------------------------------------------------#
 #                    Verifications                         #
 #----------------------------------------------------------#
 check_args '1' "$#" 'DOMAIN'
 is_format_valid 'domain'
 is_object_valid 'user' 'USER' "$user"
 is_object_unsuspended 'user' 'USER' "$user"
 if [ ! -d "/home/$user" ]; then
    # echo "User doesn't exist";
    exit 1;
 fi
 if [ ! -d "/home/$user/web/$domain/public_html" ]; then
    # echo "Domain doesn't exist";
    exit 1;
 fi
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
 DNS_FILE="/home/$user/conf/dns/$domain.db"
 if [ -f "$DNS_FILE" ]; then
    cat "$DNS_FILE"
 else
    echo "DNS configuration file for $domain does not exist."
    exit 1
 fi
 #----------------------------------------------------------#
 #                       Vesta                              #
 #----------------------------------------------------------#
 exit 0;
--- a/bin/v-get-php-version-of-domain
+++ b/bin/v-get-php-version-of-domain
@ -0,0 +1,72 @@
 #!/bin/bash
 # info: Check PHP version used for certain domain
 # options: DOMAIN 
 #----------------------------------------------------------#
 #                    Variable&Function                     #
 #----------------------------------------------------------#
 whoami=$(whoami)
 if [ "$whoami" != "root" ]; then
    echo "You must be root to execute this script"
    exit 1
 fi
 # Importing system environment
 source /etc/profile
 SILENT_MODE=1
 # Argument definition
 domain=$1
 user=$(/usr/local/vesta/bin/v-search-domain-owner $domain)
 USER=$user
 # Includes
 source /usr/local/vesta/func/main.sh
 source /usr/local/vesta/func/domain.sh
 if [ -z "$user" ]; then
    check_result $E_NOTEXIST "domain $domain doesn't exist"
 fi
 #----------------------------------------------------------#
 #                    Verifications                         #
 #----------------------------------------------------------#
 check_args '1' "$#" 'DOMAIN'
 is_format_valid 'domain'
 is_object_valid 'user' 'USER' "$user"
 is_object_unsuspended 'user' 'USER' "$user"
 if [ ! -d "/home/$user" ]; then
    # echo "User doesn't exist";
    exit 1;
 fi
 if [ ! -d "/home/$user/web/$domain/public_html" ]; then
    # echo "Domain doesn't exist";
    exit 1;
 fi
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
 TPL=$(/usr/local/vesta/bin/v-list-web-domain $user $domain shell | grep 'TEMPLATE:' | awk '{print $2}')
 if [[ $TPL == "PHP-FPM-"* ]]; then
    fpm_tpl_ver=${TPL:8:2}
    fpm_ver="${TPL:8:1}.${TPL:9:1}"
    echo "$fpm_ver"
    exit 0;
 fi
 #----------------------------------------------------------#
 #                       Vesta                              #
 #----------------------------------------------------------#
 exit 1;
--- a/bin/v-grep
+++ b/bin/v-grep
@ -0,0 +1,27 @@
 #!/bin/bash
 # info: calling myvesta_grep PHP function
 # options: PARAMETERS
 #
 # The function is calling myVesta PHP replacement for GNU 'grep' command (but without regular expression)
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
 if [ "$1" == "--stdin" ] && [ -p /dev/stdin ]; then
    STDIN=$(cat -)
    if [ ! -z "$STDIN" ]; then
        shift;
        echo "$STDIN" | php /usr/local/vesta/func/bash-to-php-interpreter.php '--stdin' 'myvesta_grep' "$@"
        exit $?
    fi
 fi
 if [ "$1" == "--stdin" ]; then
    shift;
    php /usr/local/vesta/func/bash-to-php-interpreter.php '--stdin' 'myvesta_grep' "$@"
 else
    php /usr/local/vesta/func/bash-to-php-interpreter.php 'myvesta_grep' "$@"
 fi
 exit $?
--- a/bin/v-import-cpanel-backup
+++ b/bin/v-import-cpanel-backup
@ -155,8 +155,17 @@ for sk_dbr in $sk_db_list
 		grep -w $sk_dbr server_dbs	
 		if [ $? == "1" ]; then
 			echo " Create and restore ${sk_dbr} "
 			sed -i "s/utf8mb4_unicode_520_ci/utf8mb4_unicode_ci/g" mysql/${sk_dbr}.create
 			sed -i "s/utf8mb4_0900_ai_ci/utf8mb4_unicode_ci/g" mysql/${sk_dbr}.create
 			if grep -q ' enable the sandbox mode ' mysql/${sk_dbr}.create; then
 				v-sed '/*!999999\- enable the sandbox mode */' '' mysql/${sk_dbr}.create
 			fi
 			mysql < mysql/${sk_dbr}.create
 			sed -i "s/utf8mb4_unicode_520_ci/utf8mb4_unicode_ci/g" mysql/${sk_dbr}.sql
 			sed -i "s/utf8mb4_0900_ai_ci/utf8mb4_unicode_ci/g" mysql/${sk_dbr}.sql
 			if grep -q ' enable the sandbox mode ' mysql/${sk_dbr}.sql; then
 				v-sed '/*!999999\- enable the sandbox mode */' '' mysql/${sk_dbr}.sql
 			fi
 			mysql ${sk_dbr} < mysql/${sk_dbr}.sql
 		else
 			echo "Error: Cant restore database $sk_dbr alredy exists in mysql server"
@ -269,23 +278,24 @@ if [[ "$sk_maild" != "cur" && "$sk_maild" != "new" && "$sk_maild" != "tmp"  ]];
    if [ -d "$sk_maild" ]; then
        for sk_mail_account in $(ls $sk_maild/)
        do
            echo "Create and restore mail account: $sk_mail_account@$sk_maild"
            sk_mail_pass1=$(generate_password)        
            /usr/local/vesta/bin/v-add-mail-account $sk_cp_user $sk_maild $sk_mail_account $sk_mail_pass1
            mv ${sk_maild}/${sk_mail_account} /home/${sk_cp_user}/mail/${sk_maild}
            chown ${sk_cp_user}:mail -R /home/${sk_cp_user}/mail/${sk_maild}
            find /home/${sk_cp_user}/mail/${sk_maild} -type f -name 'dovecot*' -delete
-					# echo "${sk_mail_account}@${sk_maild} | $sk_mail_pass1"	>> /root/sk_mail_password_${sk_cp_user}-${sk_cod}
+            if [ -f "${sk_importer_in}/homedir/etc/${sk_maild}/shadow" ]; then
                echo "Set password for ${sk_mail_account}@${sk_maild}"
                pass=$(grep "^${sk_mail_account}:" ${sk_importer_in}/homedir/etc/${sk_maild}/shadow | awk -F  ":" '{print $2}')
                newline="${sk_mail_account}:{SHA512-CRYPT}$pass:${sk_cp_user}:mail::/home/${sk_cp_user}:0"
                newline2="ACCOUNT='${sk_mail_account}' ALIAS='' AUTOREPLY='no' FWD='' FWD_ONLY='' MD5='{SHA512-CRYPT}$pass' QUOTA='unlimited' U_DISK='0' SUSPENDED='no' TIME='$time' DATE='$date'"
 					# echo $newline
                escaped=$(printf '%s\n' "$newline" | sed -e 's/[\/&]/\\&/g')
                escaped2=$(printf '%s\n' "$newline2" | sed -e 's/[\/&]/\\&/g')
                sed -i "s/^${sk_mail_account}:.*/$escaped/g" /home/${sk_cp_user}/conf/mail/${sk_maild}/passwd
                sed -i "s/^ACCOUNT='${sk_mail_account}.*/$escaped2/g" /usr/local/vesta/data/users/${sk_cp_user}/mail/${sk_maild}.conf
            else
                echo "${sk_mail_account}@${sk_maild} | $sk_mail_pass1"    >> /root/sk_mail_password_${sk_cp_user}-${sk_cod}
            fi
        done
    fi
 #else
@ -364,7 +374,9 @@ tput setaf 4
 echo "##############################"
 echo "cPanel Backup restored"
 echo "Review your content and report any fail"
-# echo "I reset mail password not posible restore it yet."
+if [ -f "/root/sk_mail_password_${sk_cp_user}-${sk_cod}" ]; then
-# echo "Check your new passwords runing: cat /root/sk_mail_password_${sk_cp_user}-${sk_cod}"
+    echo "I reset mail password not posible restore it yet."
    echo "Check your new passwords runing: cat /root/sk_mail_password_${sk_cp_user}-${sk_cod}"
 fi
 echo "##############################"
 tput sgr0
--- a/bin/v-install-unsigned-ssl
+++ b/bin/v-install-unsigned-ssl
@ -52,6 +52,12 @@ fi
 #                       Action                             #
 #----------------------------------------------------------#
 if [ -f "/home/$user/conf/web/ssl.$domain.crt" ]; then
    /usr/local/vesta/bin/v-delete-web-domain-ssl "$user" "$domain"
 fi
 release=$(cat /etc/debian_version | tr "." "\n" | head -n1)
 email="info@$domain"
 TMPLOC="/home/$user/tmp/$domain"
@ -62,8 +68,13 @@ mkdir $TMPLOC
 # Parsing certificate file
 crt_end=$(grep -n "END CERTIFICATE-" $TMPLOC/vst.pem |cut -f 1 -d:)
 if [ "$release" -lt 12 ]; then
    key_start=$(grep -n "BEGIN RSA" $TMPLOC/vst.pem |cut -f 1 -d:)
    key_end=$(grep -n  "END RSA" $TMPLOC/vst.pem |cut -f 1 -d:)
 else
    key_start=$(grep -n "BEGIN PRIVATE KEY" $TMPLOC/vst.pem |cut -f 1 -d:)
    key_end=$(grep -n  "END PRIVATE KEY" $TMPLOC/vst.pem |cut -f 1 -d:)
 fi
 # Adding SSL certificate
 cd $TMPLOC
--- a/bin/v-install-wordfence-cli
+++ b/bin/v-install-wordfence-cli
@ -0,0 +1,37 @@
 #!/bin/bash
 # info: Script for installing WordFence CLI
 # options: NONE
 if ! command -v git &> /dev/null; then
    echo "= Git is not installed. Installing..."
    apt-get update > /dev/null 2>&1
    apt-get install -y git
 fi
 cd /root
 if [ ! -d "myvesta-wordfence-cli" ]; then
    git clone https://github.com/isscbta/myvesta-wordfence-cli.git
    cd ~/myvesta-wordfence-cli/
 else
    cd ~/myvesta-wordfence-cli/
    git pull
 fi
 echo ""
 echo "----------------------------------------------------------------"
 echo ""
 echo "Which Docker container do you want to install for WordFence CLI?"
 echo "1. WordFence CLI official Docker container"
 echo "2. WordFence CLI Docker container maintained by myVesta"
 read -r -p "Enter your choice: " choice < /dev/tty
 if [ "$choice" == "1" ]; then
    bash wf-cli-install.sh
 fi
 if [ "$choice" == "2" ]; then
    bash wf-cli-install-our-image.sh
 fi
 exit 0;
--- a/bin/v-install-wordpress
+++ b/bin/v-install-wordpress
@ -1,6 +1,6 @@
 #!/bin/bash
 # info: WordPress installer in one command line
-# options: DOMAIN USER
+# options: DOMAIN [DB_NAME] [EMAIL]
 #
 # Credits to Luka Paunović for wp-cli implememtation
@ -14,21 +14,23 @@ if [ "$whoami" != "root" ]; then
    exit 1
 fi
 # Importing system environment
 source /etc/profile
 # Argument definition
 domain=$1
 user=$(/usr/local/vesta/bin/v-search-domain-owner $domain)
-if [ -z "$user" ]; then
+USER=$user
    check_result $E_NOTEXIST "domain $domain doesn't exist"
 fi
 # Importing system environment
 source /etc/profile
 # Includes
 source /usr/local/vesta/func/main.sh
 source /usr/local/vesta/func/db.sh
 source /usr/local/vesta/conf/vesta.conf
 if [ -z "$user" ]; then
    check_result $E_NOTEXIST "domain $domain doesn't exist"
 fi
 if [[ $(is_package_full 'DATABASES') = *reached* ]]; then
        echo "Database limit is reached. Delete database or upgrade user package."
@ -48,20 +50,33 @@ is_object_unsuspended 'user' 'USER' "$user"
 source /usr/local/vesta/func/handle_parameters.sh
 if [ -z "$database" ]; then
    if [ ! -z "$MAX_DBUSER_LEN" ] && [ "$MAX_DBUSER_LEN" -ge 80  ]; then
        database=$(echo "$domain" | sed 's#\.#_#g')
    else
       database="wp"
    fi
 fi
-if [ -z "$emil" ]; then
+# Convert domain to IDN if available
-    email="info@$domain";
+if command -v idn2 >/dev/null 2>&1; then
    database=$(idn2 "$database")
    idn_domain=$(idn2 "$domain")
 elif command -v idn >/dev/null 2>&1; then
    database=$(idn "$database")
    idn_domain=$(idn "$domain")
 fi
 if [ -z "$email" ]; then
    email="info@$idn_domain";
 fi
 if [ ! -d "/home/$user" ]; then
-    echo "User doesn't exist";
+    echo "= Error: Folder /home/$user doesn't exist";
    exit 1;
 fi
 if [ ! -d "/home/$user/web/$domain/public_html" ]; then
-    echo "Domain doesn't exist";
+    echo "= Error: Folder /home/$user/web/$domain/public_html doesn't exist";
    exit 1;
 fi
@ -89,50 +104,73 @@ PASSWDDB=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 8 | head -n 1)
 #                       Action                             #
 #----------------------------------------------------------#
-PROTOCOL='http'
+PROTOCOL='https'
-if [ -z "$SKIP_LE" ]; then
+
 if [ ! -f "/home/$user/conf/web/ssl.$domain.ca" ]; then
    echo "== Trying to install LetsEncrypt for domain $domain"
    /usr/local/vesta/bin/v-add-letsencrypt-domain "$user" "$domain" "www.$domain" "yes"
 fi
-else
+
-    PROTOCOL='https'
+if [ ! -z "$FORCE_HTTP" ]; then
    # Switch to http:// only if --FORCE_HTTP parameter is set
    echo "== Force http://"
    PROTOCOL='http'
 fi
-if [ -f "/home/$user/conf/web/ssl.$domain.ca" ] || [ ! -z "$SKIP_LE" ]; then
+TPL_CHANGED=0;
-    PROTOCOL='https'
+
-    if [ -f "/usr/local/vesta/data/templates/web/nginx/force-https.stpl" ]; then
+if [ "$WEB_SYSTEM" != 'nginx' ]; then
    if [ "$PROTOCOL" = "https" ]; then
        if [ -f "/usr/local/vesta/data/templates/web/nginx/force-https-firewall-wordpress.stpl" ] && [ $TPL_CHANGED -eq 0 ]; then
            TPL_CHANGED=1;
            /usr/local/vesta/bin/v-change-web-domain-proxy-tpl  "$user" "$domain" "force-https-firewall-wordpress" "jpeg,jpg,png,gif,bmp,ico,svg,tif,tiff,css,js,ttf,otf,webp,txt,csv,rtf,doc,docx,xls,xlsx,ppt,pptx,odf,odp,ods,odt,pdf,psd,ai,eot,eps,ps,zip,tar,tgz,gz,rar,bz2,7z,aac,m4a,mp3,mp4,ogg,wav,wma,3gp,avi,flv,m4v,mkv,mov,mpeg,mpg,wmv,exe,iso,dmg,swf,woff,woff2" "yes"
        fi
        if [ -f "/usr/local/vesta/data/templates/web/nginx/force-https.stpl" ] && [ $TPL_CHANGED -eq 0 ]; then
            TPL_CHANGED=1;
            /usr/local/vesta/bin/v-change-web-domain-proxy-tpl  "$user" "$domain" "force-https" "jpeg,jpg,png,gif,bmp,ico,svg,tif,tiff,css,js,ttf,otf,webp,txt,csv,rtf,doc,docx,xls,xlsx,ppt,pptx,odf,odp,ods,odt,pdf,psd,ai,eot,eps,ps,zip,tar,tgz,gz,rar,bz2,7z,aac,m4a,mp3,mp4,ogg,wav,wma,3gp,avi,flv,m4v,mkv,mov,mpeg,mpg,wmv,exe,iso,dmg,swf,woff,woff2" "yes"
        fi
    fi
    if [ "$PROTOCOL" = "http" ]; then
        if [ -f "/usr/local/vesta/data/templates/web/nginx/hosting-firewall-wordpress.stpl" ] && [ $TPL_CHANGED -eq 0 ]; then
            TPL_CHANGED=1;
            /usr/local/vesta/bin/v-change-web-domain-proxy-tpl  "$user" "$domain" "hosting-firewall-wordpress" "jpeg,jpg,png,gif,bmp,ico,svg,tif,tiff,css,js,ttf,otf,webp,txt,csv,rtf,doc,docx,xls,xlsx,ppt,pptx,odf,odp,ods,odt,pdf,psd,ai,eot,eps,ps,zip,tar,tgz,gz,rar,bz2,7z,aac,m4a,mp3,mp4,ogg,wav,wma,3gp,avi,flv,m4v,mkv,mov,mpeg,mpg,wmv,exe,iso,dmg,swf,woff,woff2" "yes"
        fi
    fi
 fi
 /usr/local/vesta/bin/v-add-database "$user" "$DBUSERSUF" "$DBUSERSUF" "$PASSWDDB" "mysql"
 if [ ! -f "/usr/local/bin/wp" ]; then
    echo "=== Downloading latest wp-cli"
    wget -nv https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar -O /usr/local/bin/wp
    chmod +x /usr/local/bin/wp
 fi
 WORKINGDIR="/home/$user/web/$domain/public_html"
 rm -rf $WORKINGDIR/*
 cd $WORKINGDIR
-sudo -H -u$user wp core download
+/usr/local/vesta/bin/v-run-wp-cli $domain core download
-sudo -H -u$user wp core config --dbname=$DBUSER --dbuser=$DBUSER --dbpass=$PASSWDDB
+if [ ! -f "$WORKINGDIR/index.php" ]; then
    echo "= WordPress installation failed: WordPress core download failed."
    exit 1;
 fi
 /usr/local/vesta/bin/v-run-wp-cli $domain core config --dbname=$DBUSER --dbuser=$DBUSER --dbpass=$PASSWDDB
 if [ ! -f "$WORKINGDIR/wp-config.php" ]; then
    echo "= WordPress installation failed: WordPress core config failed, wp-config.php not found."
    exit 1;
 fi
 password=$(LC_CTYPE=C tr -dc A-Za-z0-9_\!\@\#\$\%\^\&\*\(\)-+= < /dev/urandom | head -c 12)
-sudo -H -u$user wp core install --url="$domain" --title="$domain" --admin_user="admin" --admin_password="$password" --admin_email="$email" --path=$WORKINGDIR
+wpadmin=$(echo "$domain" | sed 's#\.#_#g')_4dm1n
 /usr/local/vesta/bin/v-run-wp-cli $domain core install --url="$domain" --title="$domain" --admin_user="$wpadmin" --admin_password="$password" --admin_email="$email" --path=$WORKINGDIR
 mysql -u$DBUSER -p$PASSWDDB -e "USE $DBUSER; update wp_options set option_value = '$PROTOCOL://$domain' where option_name = 'siteurl'; update wp_options set option_value = '$PROTOCOL://$domain' where option_name = 'home';"
 echo "================================================================="
-echo "Installation is complete. Your username/password is listed below."
+echo "Your WordPress installation is complete."
 echo ""
-echo "Site: $PROTOCOL://$domain/"
+echo "Website URL: $PROTOCOL://$domain/"
 echo ""
-echo "Login: $PROTOCOL://$domain/wp-admin/"
+echo "WordPress admin login: $PROTOCOL://$domain/wp-admin/"
-echo "Username: admin"
+echo "Username: $wpadmin"
 echo "Password: $password"
 echo ""
 echo "================================================================="
--- a/bin/v-install-wp-cli
+++ b/bin/v-install-wp-cli
@ -0,0 +1,27 @@
 #!/bin/bash
 # info: Download WP CLI
 # options: NONE
 #----------------------------------------------------------#
 #                    Variable&Function                     #
 #----------------------------------------------------------#
 whoami=$(whoami)
 if [ "$whoami" != "root" ]; then
    echo "You must be root to execute this script"
    exit 1
 fi
 echo "= Installing WP CLI by downloading phar file..."
 wget -nv https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar -O /usr/local/bin/wp
 chmod +x /usr/local/bin/wp
 if [ -f "/usr/local/bin/wp" ]; then
    echo "= WP CLI installed successfully."
    echo "= Usage: v-run-wp-cli DOMAIN WP_CLI_COMMAND"
    exit 0;
 else
    echo "= WP CLI installation failed."
    echo "= Please install it manually."
    exit 1;
 fi
--- a/bin/v-install-wp-cli-myvesta
+++ b/bin/v-install-wp-cli-myvesta
@ -0,0 +1,79 @@
 #!/bin/bash
 # info: Download myVesta WP CLI
 # options: NONE
 #----------------------------------------------------------#
 #                    Variable&Function                     #
 #----------------------------------------------------------#
 whoami=$(whoami)
 if [ "$whoami" != "root" ]; then
    echo "You must be root to execute this script"
    exit 1
 fi
 # Importing system environment
 source /etc/profile
 if [ ! -f "/usr/local/bin/composer" ]; then
    echo "= Composer is not installed. Installing..."
    php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
    php composer-setup.php --install-dir=/usr/local/bin --filename=composer
    php -r "unlink('composer-setup.php');"
    echo "= Composer installed successfully."
 fi
 if [ -d "/usr/local/bin/wp-cli" ]; then
    echo "= Removing old myVesta WP CLI..."
    rm -rf /usr/local/bin/wp-cli
 fi
 echo "= Installing myVesta WP CLI..."
 cd /usr/local/bin
 git clone https://github.com/wp-cli/wp-cli.git
 chown -R www-data:www-data wp-cli
 ver_ge() {
    # usage: ver_ge 7.2 5.6   --> returns true if $1 is greater than or equal to $2
    [ "$(printf '%s\n' "$1" "$2" | sort -V | head -n1)" = "$2" ]
 }
 current_php_version=$(readlink -f /usr/bin/php | grep -oP 'php\K[0-9]+\.[0-9]+')
 php_versions=$(/usr/local/vesta/bin/v-list-php)
 for php_version in $php_versions; do
    if ver_ge "$php_version" "7.2"; then
        oldest_allowed_php_version=$php_version
        break
    fi
 done
 echo "= Setting PHP version to $oldest_allowed_php_version"
 update-alternatives --set php /usr/bin/php$oldest_allowed_php_version
 cd wp-cli/
 sudo -H -u www-data composer install
 echo "= Installing search-replace-command package..."
 sudo -H -u www-data WP_CLI_PACKAGES_DIR=/usr/local/bin/wp-cli/packages php /usr/local/bin/wp-cli/php/boot-fs.php package install wp-cli/search-replace-command
 echo "= Setting PHP version to $current_php_version"
 update-alternatives --set php /usr/bin/php$current_php_version
 # Fix terminal columns issue for WP CLI
 echo "= Fixing terminal columns issue for WP CLI..."
 /usr/local/vesta/bin/v-sed '$columns = 80;' "if (file_exists('/usr/local/bin/wp-cli/COLUMNS')) \$columns=intval(file_get_contents('/usr/local/bin/wp-cli/COLUMNS')); else \$columns = 80;" '/usr/local/bin/wp-cli/vendor/wp-cli/php-cli-tools/lib/cli/Shell.php'
 echo ""
 if [ -f "/usr/local/bin/wp-cli/php/boot-fs.php" ]; then
    echo "= myVesta WP CLI installed successfully."
    echo "= Usage: v-run-wp-cli-myvesta DOMAIN WP_CLI_COMMAND"
    exit 0;
 else
    echo "= myVesta WP CLI installation failed."
    echo "= Please install it manually."
    exit 1;
 fi
--- a/bin/v-list-php
+++ b/bin/v-list-php
@ -0,0 +1,76 @@
 #!/bin/bash
 # info: list of installed php versions
 # options: [FORMAT]
 #
 # The function for obtaining the list of installed PHP versions.
 #----------------------------------------------------------#
 #                    Variable&Function                     #
 #----------------------------------------------------------#
 # Argument definition
 format=${1-shell}
 # Includes
 source $VESTA/func/main.sh
 # JSON list function
 json_list() {
    counter=$(echo "$phpversions" | wc -l)
    i=1
    echo '['
    for phpversion in $phpversions; do
        if [ "$i" -lt "$counter" ]; then
            echo -e  "\t\"$phpversion\","
        else
            echo -e  "\t\"$phpversion\""
        fi
        (( ++i))
    done
    echo "]"
 }
 # shell list function
 shell_list() {
    for phpversion in $phpversions; do
        echo "$phpversion"
    done
 }
 # PLAIN list function
 plain_list() {
    for phpversion in $phpversions; do
        echo "$phpversion"
    done
 }
 # CSV list function
 csv_list() {
    for phpversion in $phpversions; do
        echo "$phpversion"
    done
 }
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
 # Obtaining the list of installed PHP-FPM versions
 phpversions=$(find /etc/php/ -type d -name 'fpm' | sed "s|/etc/php/||" | sed "s|/fpm||" | sort)
 # Listing data
 case $format in
    json)   json_list ;;
    plain)  plain_list ;;
    csv)    csv_list ;;
    shell)  shell_list ;;
 esac
 #----------------------------------------------------------#
 #                       Vesta                              #
 #----------------------------------------------------------#
 exit
--- a/bin/v-list-php-apache
+++ b/bin/v-list-php-apache
@ -0,0 +1,91 @@
 #!/bin/bash
 # info: list of installed php versions that have Apache template.
 # options: [FORMAT]
 #
 # The function obtains the list of installed PHP versions that have Apache template.
 #----------------------------------------------------------#
 #                    Variable&Function                     #
 #----------------------------------------------------------#
 # Argument definition
 format=${1-shell}
 # Includes
 source $VESTA/func/main.sh
 # JSON list function
 json_list() {
    counter=$(echo "$phpversions" | wc -l)
    i=1
    echo '['
    for phpversion in $phpversions; do
        if [ "$i" -lt "$counter" ]; then
            echo -e  "\t\"$phpversion\","
        else
            echo -e  "\t\"$phpversion\""
        fi
        (( ++i))
    done
    echo "]"
 }
 # shell list function
 shell_list() {
    for phpversion in $phpversions; do
        echo "$phpversion"
    done
 }
 # PLAIN list function
 plain_list() {
    for phpversion in $phpversions; do
        echo "$phpversion"
    done
 }
 # CSV list function
 csv_list() {
    for phpversion in $phpversions; do
        echo "$phpversion"
    done
 }
 echo_phpversions_list() {
    for element in "${phpversions_list[@]}"; do
        echo "$element"
    done
 }
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
 # Obtaining the list of installed PHP-FPM versions
 fpmphpversions=$(/usr/local/vesta/bin/v-list-php)
 for phpversion in $fpmphpversions; do
    phpversiontpl=${phpversion//./}
    tpl="/usr/local/vesta/data/templates/web/apache2/PHP-FPM-$phpversiontpl.tpl"
    if [ -f "$tpl" ]; then
        phpversions_list+=("$phpversion")
    fi
 done
 phpversions=$(echo_phpversions_list)
 # Listing data
 case $format in
    json)   json_list ;;
    plain)  plain_list ;;
    csv)    csv_list ;;
    shell)  shell_list ;;
 esac
 #----------------------------------------------------------#
 #                       Vesta                              #
 #----------------------------------------------------------#
 exit
--- a/bin/v-list-sys-config
+++ b/bin/v-list-sys-config
@ -54,7 +54,8 @@ json_list() {
        "SOFTACULOUS": "'$SOFTACULOUS'",
        "MAX_DBUSER_LEN": "'$MAX_DBUSER_LEN'",
        "MAIL_CERTIFICATE": "'$MAIL_CERTIFICATE'",
-        "VESTA_CERTIFICATE": "'$VESTA_CERTIFICATE'"
+        "VESTA_CERTIFICATE": "'$VESTA_CERTIFICATE'",
        "DISABLE_IP_CHECK": "'$DISABLE_IP_CHECK'"
    }
 }'
 }
--- a/bin/v-list-sys-services
+++ b/bin/v-list-sys-services
@ -297,7 +297,11 @@ if [ ! -z "$DB_SYSTEM" ] && [ "$DB_SYSTEM" != 'remote' ]; then
        if [ "$service" = 'mysql' ]; then
            proc_name='mysqld'
            release=$(cat /etc/debian_version | tr "." "\n" | head -n1)
-            if [ "$release" -eq 11 ] && [ ! -f "/etc/apt/sources.list.d/mysql.list" ]; then
+            if [ "$release" -gt 10 ] && [ ! -f "/etc/apt/sources.list.d/mysql.list" ]; then
                service='mariadb'
                proc_name='mariadbd'
            fi
            if [ -f "/etc/apt/sources.list.d/mariadb.list" ]; then
                service='mariadb'
                proc_name='mariadbd'
            fi
--- a/bin/v-list-user-log
+++ b/bin/v-list-user-log
@ -12,6 +12,7 @@
 # Argument definition
 user=$1
 format=${2-shell}
 limit=${3-300}
 # Includes
 source $VESTA/func/main.sh
@ -34,6 +35,9 @@ json_list() {
        "TIME": "'$TIME'",
        "DATE": "'$DATE'"
    }'
        if [ "$limit" -gt 0 ] && [ "$i" = "$limit" ]; then
            break;
        fi
        if [ "$i" -lt "$objects" ]; then
            echo ','
        else
@ -83,7 +87,7 @@ csv_list() {
 #                    Verifications                         #
 #----------------------------------------------------------#
-check_args '1' "$#" 'USER [FORMAT]'
+check_args '1' "$#" 'USER [FORMAT] [LIMIT]'
 is_format_valid 'user'
 is_object_valid 'user' 'USER' "$user"
@ -93,7 +97,7 @@ is_object_valid 'user' 'USER' "$user"
 #----------------------------------------------------------#
 # Parsing history log
-logs=$(tail -n 300 $USER_DATA/history.log 2>/dev/null)
+logs=$(tail -n $limit $USER_DATA/history.log | tac)
 case $format in
    json)   json_list ;;
--- a/bin/v-lock-wordpress
+++ b/bin/v-lock-wordpress
@ -0,0 +1,93 @@
 #!/bin/bash
 # info: Lock WordPress files if they are potentially infected (somewhere) by PHP malware, in order to stop further infection
 # options: DOMAIN
 #----------------------------------------------------------#
 #                    Variable&Function                     #
 #----------------------------------------------------------#
 whoami=$(whoami)
 if [ "$whoami" != "root" ]; then
    echo "You must be root to execute this script"
    exit 1
 fi
 # Importing system environment
 source /etc/profile
 # Argument definition
 domain=$1
 user=$(/usr/local/vesta/bin/v-search-domain-owner $domain)
 USER=$user
 # Includes
 source /usr/local/vesta/func/main.sh
 if [ -z "$user" ]; then
    check_result $E_NOTEXIST "domain $domain doesn't exist"
 fi
 unlock_folder() {
    chown -R $user:$user $1/
    # block .php execution inside folder
    cat <<EOF >$1/.htaccess
 RewriteEngine on
 RewriteRule ^.*\.(?:php[1-6]?|pht|phtml?)$ - [NC,F]
 EOF
    chown root:root $1/.htaccess
 }
 #----------------------------------------------------------#
 #                    Verifications                         #
 #----------------------------------------------------------#
 check_args '1' "$#" 'DOMAIN'
 is_format_valid 'domain'
 is_object_valid 'user' 'USER' "$user"
 is_object_unsuspended 'user' 'USER' "$user"
 if [ ! -d "/home/$user" ]; then
    echo "User doesn't exist";
    exit 1;
 fi
 if [ ! -d "/home/$user/web/$domain/public_html" ]; then
    echo "Domain doesn't exist";
    exit 1;
 fi
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
 cd /home/$user/web/$domain
 # lock files
 chown -R www-data:www-data public_html/
 # set correct chmod just in case
 find public_html/ -type d -exec chmod 755 {} +
 find public_html/ -type f -exec chmod 644 {} +
 # unlock /wp-content/uploads/ for uploading
 if [ -d "/home/$user/web/$domain/public_html/wp-content/uploads" ]; then
    unlock_folder "public_html/wp-content/uploads"
 fi
 # unlock /wp-content/cache/ for caching
 if [ -d "/home/$user/web/$domain/public_html/wp-content/cache" ]; then
    unlock_folder "public_html/wp-content/cache"
 fi
 #----------------------------------------------------------#
 #                       Vesta                              #
 #----------------------------------------------------------#
 echo "v-lock-wordpress: Done."
 log_event "$OK" "$ARGUMENTS"
 exit
--- a/bin/v-make-main-apache-log
+++ b/bin/v-make-main-apache-log
@ -0,0 +1,14 @@
 #!/bin/bash
 touch /var/log/apache2/time.log
 # truncate -s 0 /var/log/apache2/time.log
 chmod 0640 /var/log/apache2/time.log
 chown root:adm /var/log/apache2/time.log
 find /home/*/conf/web/ -type f \( -name "apache2.conf" -or -name "sapache2.conf" -or -name "*.apache2.conf" -or -name "*.apache2.ssl.conf" \) -exec grep -L "time\.log" {} \; | xargs sed -i 's|ServerName |CustomLog /var/log/apache2/time.log time\n    ServerName |g'
 find /usr/local/vesta/data/templates/web/apache2 -type f \( -name "*.tpl" -or -name "*.stpl" \) -exec grep -L "time\.log" {} \; | xargs sed -i 's|ServerName |CustomLog /var/log/apache2/time.log time\n    ServerName |g'
 if ! /usr/local/vesta/bin/v-grep 'LogFormat "%t %v %a %D %r %>s \"%{User-Agent}i\"" time' '/etc/apache2/apache2.conf' '-q'; then
    sed -i 's|LogFormat "%b" bytes|LogFormat "%b" bytes\nLogFormat "%t %v %a %D %r %>s \\\"%{User-Agent}i\\\" pid=%P" time|g' /etc/apache2/apache2.conf
 fi
 systemctl restart apache2
 wget -nv http://dl.myvestacp.com/vesta/apache_requests_analyzer/analyze-traffic.php -O /root/analyze-traffic.php
--- a/bin/v-make-separated-ip-for-email
+++ b/bin/v-make-separated-ip-for-email
@ -138,7 +138,18 @@ check_grep=$(grep -c 'smtp_active_hostname' /etc/exim4/exim4.conf.template)
 if [ "$check_grep" -eq 0 ]; then
    echo "=== patching exim4.conf.template"
    mv /etc/exim4/exim4.conf.template /etc/exim4/exim4.conf.template-backup
-    cp /usr/local/vesta/install/debian/11/exim/exim4.conf.template-RC /etc/exim4/exim4.conf.template
+    cp /usr/local/vesta/install/debian/12/exim/exim4.conf.template /etc/exim4/exim4.conf.template
    eximversion=$(exim4 --version | grep '^Exim version ' | awk '{print $3}')
    if (( $(echo "$eximversion < 4.96" | bc -l) )); then
        cp /usr/local/vesta/install/debian/12/exim/exim4.conf.template.without-srs /etc/exim4/exim4.conf.template
        sed -i "s|message_linelength_limit|#message_linelength_limit|g" /etc/exim4/exim4.conf.template
    fi
    if (( $(echo "$eximversion < 4.94" | bc -l) )); then
        sed -i "s|smtputf8_advertise_hosts|#smtputf8_advertise_hosts|g" /etc/exim4/exim4.conf.template
    fi
    sed -i "s|FIRSTIP|$HOST_IP|g" /etc/exim4/exim4.conf.template
    sed -i "s|SECONDIP|$MAIL_IP|g" /etc/exim4/exim4.conf.template
    sed -i "s|FIRSTHOST|$HOSTNAME|g" /etc/exim4/exim4.conf.template
@ -148,6 +159,8 @@ if [ "$check_grep" -eq 0 ]; then
    sed -i "s|#smtp_banner|smtp_banner|g" /etc/exim4/exim4.conf.template
    sed -i "s|#interface =|interface =|g" /etc/exim4/exim4.conf.template
    sed -i "s|#helo_data =|helo_data =|g" /etc/exim4/exim4.conf.template
    /usr/local/vesta/bin/v-sed 'tls_certificate = /usr/local/vesta/ssl/certificate.crt' 'tls_certificate = /usr/local/vesta/ssl/$received_ip_address.crt' '/etc/exim4/exim4.conf.template'
    /usr/local/vesta/bin/v-sed 'tls_privatekey = /usr/local/vesta/ssl/certificate.key' 'tls_privatekey = /usr/local/vesta/ssl/$received_ip_address.key' '/etc/exim4/exim4.conf.template'
    touch /etc/exim4/limit_per_email_account_max_sent_emails_per_hour
    touch /etc/exim4/limit_per_email_account_max_recipients
    touch /etc/exim4/limit_per_hosting_account_max_sent_emails_per_hour
@ -166,9 +179,10 @@ if [ "$check_grep" -eq 0 ]; then
    fi
    systemctl restart exim4
    if [ $? -ne 0 ]; then
        systemctl status exim4
        cp /etc/exim4/exim4.conf.template-backup /etc/exim4/exim4.conf.template
        systemctl restart exim4
-        echo "=== Patching failed, aborting"
+        echo "=== Patching failed, old exim conf returned, exim4 restarted again."
        exit 1
    fi
    echo "=== Patching successful"
--- a/bin/v-migrate-site-to-https
+++ b/bin/v-migrate-site-to-https
@ -40,6 +40,7 @@ is_format_valid 'domain' 'user'
 is_object_valid 'user' 'USER' "$user"
 is_object_unsuspended 'user' 'USER' "$user"
 FROM_DATABASE_NAME=''
 FROM_DATABASE_USERNAME=''
 FROM_DATABASE_PASSWORD=''
@ -94,6 +95,8 @@ if [ "$DB_EXISTS" = "no" ]; then
    exit 6
 fi
 phpver=$(/usr/local/vesta/bin/v-get-php-version-of-domain "$FROM_DOMAIN")
 # ----------- CHECK -------------
 FROM_REPLACE1="http://$FROM_DOMAIN"
@ -102,19 +105,13 @@ FROM_REPLACE2="http://www.$FROM_DOMAIN"
 TO_REPLACE2="https://www.$FROM_DOMAIN"
 if [ $IT_IS_WP -eq 0 ]; then
-    if [ ! -f "/root/Search-Replace-DB-master/srdb.cli.php" ]; then
+    if [ ! -f "/root/Search-Replace-DB/srdb.cli.php" ]; then
-        echo "Please download https://interconnectit.com/products/search-and-replace-for-wordpress-databases/ and extract to /root/Search-Replace-DB-master/"
+        if [ ! -f "/usr/bin/git" ]; then
-        exit 7
+            apt-get update > /dev/null 2>&1
            apt-get -y install git > /dev/null 2>&1
        fi
-    if [ ! -f "/usr/bin/php7.0" ]; then
+        cd /root
-        echo "Please download https://c.myvestacp.com/tools/multi-php-install.sh and install php 7.0"
+        git clone https://github.com/interconnectit/Search-Replace-DB.git
        exit 8
    fi
 else
    if [ ! -f "/usr/local/bin/wp" ]; then
        echo "=== Downloading latest wp-cli"
        wget -nv https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar -O /usr/local/bin/wp
        chmod +x /usr/local/bin/wp
    fi
 fi
@ -164,15 +161,15 @@ grep -rl "$FROM_DOMAIN" $SITE_FOLDER | xargs sed -i "s#$FROM_REPLACE2#$TO_REPLAC
 if [ $IT_IS_WP -eq 0 ]; then
    echo "=== Replacing $FROM_REPLACE1 to $TO_REPLACE1 in database $FROM_DATABASE_NAME"
-    php7.0 /root/Search-Replace-DB-master/srdb.cli.php -h localhost -n "$FROM_DATABASE_NAME" -u "$FROM_DATABASE_USERNAME" -p "$FROM_DATABASE_PASSWORD" -s "$FROM_REPLACE1" -r "$TO_REPLACE1"
+    php /root/Search-Replace-DB/srdb.cli.php -h localhost -n "$FROM_DATABASE_NAME" -u "$FROM_DATABASE_USERNAME" -p "$FROM_DATABASE_PASSWORD" -s "$FROM_REPLACE1" -r "$TO_REPLACE1"
    echo "=== Replacing $FROM_REPLACE2 to $TO_REPLACE2 in database $FROM_DATABASE_NAME"
-    php7.0 /root/Search-Replace-DB-master/srdb.cli.php -h localhost -n "$FROM_DATABASE_NAME" -u "$FROM_DATABASE_USERNAME" -p "$FROM_DATABASE_PASSWORD" -s "$FROM_REPLACE2" -r "$TO_REPLACE2"
+    php /root/Search-Replace-DB/srdb.cli.php -h localhost -n "$FROM_DATABASE_NAME" -u "$FROM_DATABASE_USERNAME" -p "$FROM_DATABASE_PASSWORD" -s "$FROM_REPLACE2" -r "$TO_REPLACE2"
 else
    cd $SITE_FOLDER
    echo "=== Replacing $FROM_REPLACE1 to $TO_REPLACE1 in database $FROM_DATABASE_NAME"
-    sudo -H -u$FROM_USER wp search-replace "$FROM_REPLACE1" "$TO_REPLACE1" --precise --all-tables --skip-columns=guid
+    /usr/local/vesta/bin/v-run-wp-cli $FROM_DOMAIN search-replace "$FROM_REPLACE1" "$TO_REPLACE1" --precise --all-tables --skip-columns=guid --skip-plugins --skip-themes;
    echo "=== Replacing $FROM_REPLACE2 to $TO_REPLACE2 in database $FROM_DATABASE_NAME"
-    sudo -H -u$FROM_USER wp search-replace "$FROM_REPLACE2" "$TO_REPLACE2" --precise --all-tables --skip-columns=guid
+    /usr/local/vesta/bin/v-run-wp-cli $FROM_DOMAIN search-replace "$FROM_REPLACE2" "$TO_REPLACE2" --precise --all-tables --skip-columns=guid --skip-plugins --skip-themes;
 fi
 echo "===== DONE ===="
--- a/bin/v-move-domain-and-database-to-account
+++ b/bin/v-move-domain-and-database-to-account
@ -40,6 +40,10 @@ if [ "$owner" = "$user" ]; then
    exit
 fi
 USER_DATA=$VESTA/data/users/$owner
 is_object_unsuspended 'user' 'USER' "$owner"
 USER_DATA=$VESTA/data/users/$user
 USER_TO=$user
 #----------------------------------------------------------#
@ -84,6 +88,56 @@ if [ $? -ne 0 ]; then
    RET=$E_NOTEXIST
 fi
 #----------------------------------------------------------#
 #               Update Wordfence WAF Path                  #
 #----------------------------------------------------------#
 filepath="/home/USER_TO/web/$domain/public_html/.user.ini"
 filename=$(basename $filepath)
 # Check if file exists
 if [ -f "$filepath" ]; then
    echo "Updating $filename with new user path..."
    # Temporary file for modification
    tmp_file=$(mktemp)
    # Change path from old USER to new USER_TO
    sed "s|/home/$owner/public_html|/home/$USER_TO/public_html|g" "$filepath" > "$tmp_file"
    # Check if replacement was successful and update file
    if [ $? -eq 0 ]; then
        mv "$tmp_file" "$filepath"
        echo "$filename updated successfully."
    else
        echo "Failed to update $filename file."
        rm "$tmp_file"  # Deletes temporary file
    fi
 fi
 filepath="/home/USER_TO/web/$domain/public_html/wordfence-waf.php"
 filename=$(basename $filepath)
 # Check if file exists
 if [ -f "$filepath" ]; then
    echo "Updating $filename with new user path..."
    # Temporary file for modification
    tmp_file=$(mktemp)
    # Change path from old USER to new USER_TO
    sed "s|/home/$owner/public_html|/home/$USER_TO/public_html|g" "$filepath" > "$tmp_file"
    # Check if replacement was successful and update file
    if [ $? -eq 0 ]; then
        mv "$tmp_file" "$filepath"
        echo "$filename updated successfully."
    else
        echo "Failed to update $filename file."
        rm "$tmp_file"  # Deletes temporary file
    fi
 fi
 #----------------------------------------------------------#
 #                       Vesta                              #
 #----------------------------------------------------------#
--- a/bin/v-move-folder-and-make-symlink
+++ b/bin/v-move-folder-and-make-symlink
@ -0,0 +1,114 @@
 #!/bin/bash
 # info:
 # This script will move a folder to the new destination and make a symlink from the old path to the new destination
 # options: FROMFOLDER TOFOLDER
 #----------------------------------------------------------#
 #                    Variable&Function                     #
 #----------------------------------------------------------#
 whoami=$(whoami)
 if [ "$whoami" != "root" ] && [ "$whoami" != "admin" ] ; then
    echo "You must be root or admin to execute this script";
    exit 1;
 fi
 # Argument definition
 FROMFOLDER=$1
 TOFOLDER=$2
 echo "Executing: v-move-folder-and-make-symlink $1 $2"
 # Includes
 source $VESTA/func/main.sh
 #----------------------------------------------------------#
 #                    Verifications                         #
 #----------------------------------------------------------#
 if [ -z "$FROMFOLDER" ]; then
    echo "First parameter is empty, aborting"
    exit 1
 fi
 if [ -z "$TOFOLDER" ]; then
    echo "Second parameter is empty, aborting"
    exit 1
 fi
 # Trimming the ending slash, just in case
 FROMFOLDER=$(echo "$FROMFOLDER" | sed 's:/*$::')
 TOFOLDER=$(echo "$TOFOLDER" | sed 's:/*$::')
 if [ ! -d "$FROMFOLDER" ]; then
    echo "Folder $FROMFOLDER does not exists, aborting"
    exit 1
 fi
 if [ -L "$FROMFOLDER" ]; then
    echo "Folder $FROMFOLDER is already symlink, aborting"
    exit 1
 fi
 if [ -d "$TOFOLDER" ]; then
    echo "Folder $TOFOLDER already exists, aborting"
    exit 1
 fi
 if [ -L "$TOFOLDER" ]; then
    echo "Folder $TOFOLDER already exists (as symlink), aborting"
    exit 1
 fi
 USER=$(stat -c '%U' "$FROMFOLDER")
 GROUP=$(stat -c '%G' "$FROMFOLDER")
 PARENTFOLDER=$(dirname "$TOFOLDER")
 if [ ! -d "$PARENTFOLDER" ]; then
    PUSER=$(stat -c '%U' "$PARENTFOLDER")
    PGROUP=$(stat -c '%G' "$PARENTFOLDER")
    echo "= Creating parent folder..."
    mkdir -p "$PARENTFOLDER"
    chown $PUSER:$PGROUP "$PARENTFOLDER"
 fi
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
 if [ "$FROMFOLDER" = "/home/$USER" ] && [ -d "$FROMFOLDER/conf" ]; then
    # if we are moving myVesta home folder, we must remove immutable attribute from conf/ files
    chattr -R -i "$FROMFOLDER/conf/" > /dev/null 2>&1
    # with slashes on the end of the path of the folder
 fi
 # rsync -a "$FROMFOLDER/" "$TOFOLDER/"
 # with slashes on the end of the path of both folders
 mv "$FROMFOLDER" "$TOFOLDER"
 if [ "$?" -ne 0 ]; then
    echo "Error happened, aborting"
    exit 1
 fi
 rm -rf "$FROMFOLDER"
 # without slash on the end of the path of the folder
 ln -s "$TOFOLDER" "$FROMFOLDER"
 # without slashes on the end of the path of both folders
 chown -h $USER:$GROUP $FROMFOLDER
 # without slash on the end of the path of the folder
 #----------------------------------------------------------#
 #             Log and print result                         #
 #----------------------------------------------------------#
 echo "Done, folder $FROMFOLDER moved to $TOFOLDER and symlinked"
 # Logging
 log_event "$OK" "$ARGUMENTS"
 exit
--- a/bin/v-php-func
+++ b/bin/v-php-func
@ -0,0 +1,21 @@
 #!/bin/bash
 # info: calling myVesta PHP functions
 # options: FUNCTION
 #
 # The function is calling myVesta or standard PHP functions directly from bash
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
 if [ "$1" == "--stdin" ] && [ -p /dev/stdin ]; then
    STDIN=$(cat -)
    if [ ! -z "$STDIN" ]; then
        echo "$STDIN" | php /usr/local/vesta/func/bash-to-php-interpreter.php "$@"
        exit $?
    fi
 fi
 php /usr/local/vesta/func/bash-to-php-interpreter.php "$@"
 exit $?
--- a/bin/v-restart-dns
+++ b/bin/v-restart-dns
@ -55,9 +55,10 @@ if [ -z "$DNS_SYSTEM" ] || [ "$DNS_SYSTEM" = 'remote' ] ; then
 fi
 # Restart system
-service $DNS_SYSTEM reload >/dev/null 2>&1
+systemctl reset-failed $DNS_SYSTEM
 systemctl reload $DNS_SYSTEM >/dev/null 2>&1
 if [ $? -ne 0 ]; then
-    service $DNS_SYSTEM restart >/dev/null 2>&1
+    systemctl restart $DNS_SYSTEM >/dev/null 2>&1
    if [ $? -ne 0 ]; then
        send_email_report
        check_result $E_RESTART "$DNS_SYSTEM restart failed"
--- a/bin/v-restart-web
+++ b/bin/v-restart-web
@ -64,7 +64,9 @@ fi
 # Resart web system if reload didn't work
 if [ "$rc" -ne 0 ]; then
-    service $WEB_SYSTEM restart >/dev/null 2>&1
+    # service $WEB_SYSTEM restart >/dev/null 2>&1
    systemctl reset-failed $WEB_SYSTEM
    systemctl restart $WEB_SYSTEM >/dev/null 2>&1
    if [ $? -ne 0 ]; then
        send_email_report
        check_result $E_RESTART "$WEB_SYSTEM restart failed"
--- a/bin/v-restore-user
+++ b/bin/v-restore-user
@ -417,6 +417,7 @@ if [ "$web" != 'no' ] && [ ! -z "$WEB_SYSTEM" ]; then
        # Restoring web domain data
        chown $user $tmpdir
        chmod u+w $HOMEDIR/$user/web/$domain
        chmod 0755 $tmpdir/web/$domain
        sudo -u $user tar -xzpf $tmpdir/web/$domain/domain_data.tar.gz \
            -C $HOMEDIR/$user/web/$domain/ --exclude=./logs/* \
            2> $HOMEDIR/$user/web/$domain/restore_errors.log
@ -618,6 +619,7 @@ if [ "$mail" != 'no' ] && [ ! -z "$MAIL_SYSTEM" ]; then
        if [ -e "$tmpdir/mail/$domain/accounts.tar.gz" ]; then
            chown $user $tmpdir
            chmod u+w $HOMEDIR/$user/mail/$domain_idn
            chmod 0755 $tmpdir/mail/$domain
            sudo -u $user tar -xzpf $tmpdir/mail/$domain/accounts.tar.gz \
                -C $HOMEDIR/$user/mail/$domain_idn/
            if [ "$?" -ne 0 ]; then
--- a/bin/v-run-wp-cli
+++ b/bin/v-run-wp-cli
@ -0,0 +1,146 @@
 #!/bin/bash
 # info: Run WP CLI command for a specific domain
 # options: DOMAIN WP_CLI_COMMAND
 #----------------------------------------------------------#
 #                    Variable&Function                     #
 #----------------------------------------------------------#
 whoami=$(whoami)
 if [ "$whoami" != "root" ]; then
    echo "You must be root to execute this script"
    exit 1
 fi
 # Importing system environment
 source /etc/profile
 SILENT_MODE=1
 # Argument definition
 domain=$1
 wp_command=${@:2} 
 user=$(/usr/local/vesta/bin/v-search-domain-owner $domain)
 USER=$user
 # Includes
 source /usr/local/vesta/func/main.sh
 source /usr/local/vesta/func/domain.sh
 if [ -z "$user" ]; then
    check_result $E_NOTEXIST "domain $domain doesn't exist"
 fi
 #----------------------------------------------------------#
 #                    Verifications                         #
 #----------------------------------------------------------#
 VERBOSE_MODE=1
 check_args '2' "$#" 'DOMAIN WP_CLI_COMMAND'
 is_format_valid 'domain'
 is_object_valid 'user' 'USER' "$user"
 is_object_unsuspended 'user' 'USER' "$user"
 is_object_unsuspended 'web' 'DOMAIN' "$domain"
 if [ ! -d "/home/$user" ]; then
    echo "= User doesn't exist";
    exit 1;
 fi
 if [[ "$wp_command" != core\ download* ]] && [[ "$wp_command" != core\ config* ]] && [ ! -f "/home/$user/web/$domain/public_html/wp-config.php" ]; then
    echo '= Please install WordPress first.'
    exit 1;
 fi
 wpcli=""
 if [ ! -f "/usr/local/bin/wp" ]; then
    echo "= WP CLI is not installed. Installing..."
    /usr/local/vesta/bin/v-install-wp-cli
 fi
 if [ -z "$USE_WP_CLI_MYVESTA" ]; then
    if [ -f "/usr/local/bin/wp" ]; then
        # Get current time and file ctime in seconds since epoch
        current_time=$(date +%s)
        file_ctime=$(stat -c %Z /usr/local/bin/wp)
        # Calculate age in days
        age_days=$(( (current_time - file_ctime) / 86400 ))
        if [ "$age_days" -gt 30 ]; then
            echo "= The /usr/local/bin/wp file is older than 30 days (based on CTime)."
            echo "= Updating WP CLI..."
            /usr/local/vesta/bin/v-install-wp-cli
        fi
    fi
 fi
 if [ -t 1 ]; then
    output='terminal'
 else
    output='file'
 fi
 if [ -f "/usr/local/bin/wp" ]; then
    wpcli="/usr/local/bin/wp"
    WP_CLI_PACKAGES_DIR=""
 fi
 if [ ! -z "$USE_WP_CLI_MYVESTA" ] && [ -f "/usr/local/bin/wp-cli/php/boot-fs.php" ] && [ -d "/usr/local/bin/wp-cli/packages/vendor/wp-cli/search-replace-command" ] && [ "$output" == "terminal" ]; then
    wpcli="/usr/local/bin/wp-cli/php/boot-fs.php"
    COLUMNS=$(/usr/bin/env stty size 2>/dev/null | awk '{print $2}')
    echo $COLUMNS > /usr/local/bin/wp-cli/COLUMNS
    WP_CLI_PACKAGES_DIR="WP_CLI_PACKAGES_DIR=/usr/local/bin/wp-cli/packages"
 fi
 if [ -z "$wpcli" ]; then
    echo "= WP CLI is not installed. Please install it manually."
    exit 1;
 fi
 mkdir -p /home/$user/.wp-cli
 chown $user:$user /home/$user/.wp-cli
 if [ -z "$PHP" ]; then
    phpver=$(/usr/local/vesta/bin/v-get-php-version-of-domain "$domain")
 else
    phpver=$PHP
 fi
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
 cd /home/$USER/web/$domain/public_html
 if [ -z "$OPEN_BASEDIR" ]; then
    OPEN_BASEDIR="/home/$user/web/$domain:/home/$user/.wp-cli:/home/$user/tmp:/usr/local/bin:/tmp"
 fi
 if [ -z "$DISABLE_FUNCTIONS" ]; then
    DISABLE_FUNCTIONS="pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,exec,system,passthru,shell_exec,proc_open,popen"
 fi
 if [ -z "$SHOW_ERRORS" ]; then
    sudo -u $USER $WP_CLI_PACKAGES_DIR /usr/bin/php$phpver -d disable_functions=$DISABLE_FUNCTIONS -d open_basedir=$OPEN_BASEDIR $wpcli --path=/home/$user/web/$domain/public_html/ $wp_command 2>/home/$user/web/$domain/wp-cli-error.log
 else
    sudo -u $USER $WP_CLI_PACKAGES_DIR /usr/bin/php$phpver -d disable_functions=$DISABLE_FUNCTIONS -d open_basedir=$OPEN_BASEDIR $wpcli --path=/home/$user/web/$domain/public_html/ $wp_command
 fi
 return_code=$?
 if [ -f "/usr/local/bin/wp-cli/COLUMNS" ]; then
    rm /usr/local/bin/wp-cli/COLUMNS
 fi
 if [ -z "$SHOW_ERRORS" ]; then
    if grep -q "PHP Fatal error" /home/$user/web/$domain/wp-cli-error.log || [ $return_code -ne 0 ]; then
        cat /home/$user/web/$domain/wp-cli-error.log
    fi
 fi
 #----------------------------------------------------------#
 #                       Vesta                              #
 #----------------------------------------------------------#
 exit $return_code;
--- a/bin/v-run-wp-cli-myvesta
+++ b/bin/v-run-wp-cli-myvesta
@ -0,0 +1,21 @@
 #!/bin/bash
 if [ ! -f "/usr/local/bin/wp-cli/php/boot-fs.php" ]; then
    echo "= myVesta WP CLI is not installed. Installing..."
    /usr/local/vesta/bin/v-install-wp-cli-myvesta
 fi
 if [ -f "/usr/local/bin/wp-cli/php/boot-fs.php" ]; then
    # Get current time and file ctime in seconds since epoch
    current_time=$(date +%s)
    file_ctime=$(stat -c %Z /usr/local/bin/wp-cli/php/boot-fs.php)
    # Calculate age in days
    age_days=$(( (current_time - file_ctime) / 86400 ))
    if [ "$age_days" -gt 30 ]; then
        echo "= The /usr/local/bin/wp-cli/php/boot-fs.php file is older than 30 days (based on CTime)."
        echo "= Updating myVesta WP CLI..."
        /usr/local/vesta/bin/v-install-wp-cli-myvesta
    fi
 fi
 USE_WP_CLI_MYVESTA=1 /usr/local/vesta/bin/v-run-wp-cli "$@"
--- a/bin/v-search-domain-owner
+++ b/bin/v-search-domain-owner
@ -9,6 +9,8 @@
 #                    Variable&Function                     #
 #----------------------------------------------------------#
 SILENT_MODE=1
 # Argument definition
 domain=$(idn -t --quiet -u "$1" )
 type=${2-any}
--- a/bin/v-sed
+++ b/bin/v-sed
@ -0,0 +1,27 @@
 #!/bin/bash
 # info: calling myvesta_sed PHP function
 # options: PARAMETERS
 #
 # The function is calling myVesta PHP replacement for GNU 'sed' command (but without regular expression)
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
 if [ "$1" == "--stdin" ] && [ -p /dev/stdin ]; then
    STDIN=$(cat -)
    if [ ! -z "$STDIN" ]; then
        shift;
        echo "$STDIN" | php /usr/local/vesta/func/bash-to-php-interpreter.php '--stdin' 'myvesta_sed' "$@"
        exit $?
    fi
 fi
 if [ "$1" == "--stdin" ]; then
    shift;
    php /usr/local/vesta/func/bash-to-php-interpreter.php '--stdin' 'myvesta_sed' "$@"
 else
    php /usr/local/vesta/func/bash-to-php-interpreter.php 'myvesta_sed' "$@"
 fi
 exit $?
--- a/bin/v-suspend-firewall-rule
+++ b/bin/v-suspend-firewall-rule
@ -32,12 +32,21 @@ is_object_unsuspended '../../data/firewall/rules' 'RULE' "$rule"
 #                       Action                             #
 #----------------------------------------------------------#
 oldvalues=$(grep "RULE='$rule'" $VESTA/data/firewall/rules.conf)
 # Suspending rule
 update_object_value ../../data/firewall/rules RULE $rule '$SUSPENDED' yes
 # Updating system firewall
 $BIN/v-update-firewall
 if [ "$WEB_SYSTEM" == 'nginx' ] || [ "$PROXY_SYSTEM" == 'nginx' ]; then
    parse_object_kv_list_non_eval "$oldvalues"
    if [ "$PORT" == "80,443" ] && [ "$ACTION" == "DROP" ]; then
        sed -i "\#$IP#d" /etc/nginx/conf.d/block-firewall.conf
        systemctl restart nginx
    fi
 fi
 #----------------------------------------------------------#
 #                       Vesta                              #
--- a/bin/v-suspend-web-domain
+++ b/bin/v-suspend-web-domain
@ -17,6 +17,10 @@ domain=$2
 domain_idn=$2
 restart=$3
 if [ -z "$restart" ]; then
    restart='yes'
 fi
 # Includes
 source $VESTA/func/main.sh
 source $VESTA/func/domain.sh
@ -80,12 +84,14 @@ fi
 update_object_value 'web' 'DOMAIN' "$domain" '$SUSPENDED' 'yes'
 increase_user_value "$user" '$SUSPENDED_WEB'
 if [ "$restart" = "yes" ]; then
    # Restarting web server
    $BIN/v-restart-web $restart
    check_result $? "Web restart failed" >/dev/null
    $BIN/v-restart-proxy $restart
    check_result $? "Proxy restart failed" >/dev/null
 fi
 # Logging
 log_event "$OK" "$ARGUMENTS"
--- a/bin/v-unlock-wordpress
+++ b/bin/v-unlock-wordpress
@ -0,0 +1,71 @@
 #!/bin/bash
 # info: Unlock previously locked WordPress files if they were potentially infected (somewhere) by PHP malware
 # options: DOMAIN
 #----------------------------------------------------------#
 #                    Variable&Function                     #
 #----------------------------------------------------------#
 whoami=$(whoami)
 if [ "$whoami" != "root" ]; then
    echo "You must be root to execute this script"
    exit 1
 fi
 # Importing system environment
 source /etc/profile
 # Argument definition
 domain=$1
 user=$(/usr/local/vesta/bin/v-search-domain-owner $domain)
 USER=$user
 # Includes
 source /usr/local/vesta/func/main.sh
 if [ -z "$user" ]; then
    check_result $E_NOTEXIST "domain $domain doesn't exist"
 fi
 #----------------------------------------------------------#
 #                    Verifications                         #
 #----------------------------------------------------------#
 check_args '1' "$#" 'DOMAIN'
 is_format_valid 'domain'
 is_object_valid 'user' 'USER' "$user"
 is_object_unsuspended 'user' 'USER' "$user"
 if [ ! -d "/home/$user" ]; then
    echo "User doesn't exist";
    exit 1;
 fi
 if [ ! -d "/home/$user/web/$domain/public_html" ]; then
    echo "Domain doesn't exist";
    exit 1;
 fi
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
 cd /home/$user/web/$domain
 # lock files
 chown -R $user:$user public_html/
 rm public_html/wp-content/uploads/.htaccess
 /usr/local/vesta/bin/v-fix-website-permissions $domain
 #----------------------------------------------------------#
 #                       Vesta                              #
 #----------------------------------------------------------#
 echo "v-unlock-wordpress: Done."
 log_event "$OK" "$ARGUMENTS"
 exit
--- a/bin/v-unsuspend-firewall-rule
+++ b/bin/v-unsuspend-firewall-rule
@ -32,12 +32,25 @@ is_object_suspended '../../data/firewall/rules' 'RULE' "$rule"
 #                       Action                             #
 #----------------------------------------------------------#
 oldvalues=$(grep "RULE='$rule'" $VESTA/data/firewall/rules.conf)
 # Suspending rule
 update_object_value ../../data/firewall/rules RULE $rule '$SUSPENDED' no
 # Updating system firewall
 $BIN/v-update-firewall
 if [ "$WEB_SYSTEM" == 'nginx' ] || [ "$PROXY_SYSTEM" == 'nginx' ]; then
    parse_object_kv_list_non_eval "$oldvalues"
    if [ "$PORT" == "80,443" ] && [ "$ACTION" == "DROP" ]; then
        touch /etc/nginx/conf.d/block-firewall.conf
        if ! grep -q "deny $IP;" /etc/nginx/conf.d/block-firewall.conf; then
            echo "deny $IP;" >> /etc/nginx/conf.d/block-firewall.conf
            systemctl restart nginx
        fi
    fi
 fi
 #----------------------------------------------------------#
 #                       Vesta                              #
--- a/bin/v-update-document-errors-files
+++ b/bin/v-update-document-errors-files
@ -0,0 +1,48 @@
 #!/bin/bash
 # info: fix website permissions for all websites
 # options:
 #
 # The command is used for fixing website permissions for all websites on the server.
 #----------------------------------------------------------#
 #                    Variable&Function                     #
 #----------------------------------------------------------#
 # Importing system variables
 source /etc/profile
 # Includes
 source $VESTA/func/main.sh
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
 for user in $(grep '@' /etc/passwd |cut -f1 -d:); do
    if [ ! -f "/usr/local/vesta/data/users/$user/user.conf" ]; then
        continue;
    fi
    for domain in $(/usr/local/vesta/bin/v-list-web-domains $user plain |cut -f 1); do
        cp /usr/local/vesta/data/templates/web/skel/document_errors/403.html /home/$user/web/$domain/document_errors/403.html
        cp /usr/local/vesta/data/templates/web/skel/document_errors/404.html /home/$user/web/$domain/document_errors/404.html
        cp /usr/local/vesta/data/templates/web/skel/document_errors/50x.html /home/$user/web/$domain/document_errors/50x.html
        sed -i "s/%domain%/$domain/g" /home/$user/web/$domain/document_errors/403.html
        sed -i "s/%domain%/$domain/g" /home/$user/web/$domain/document_errors/404.html
        sed -i "s/%domain%/$domain/g" /home/$user/web/$domain/document_errors/50x.html
        chown $user:$user /home/$user/web/$domain/document_errors/*
        chmod 644 /home/$user/web/$domain/document_errors/*
    done
 done
 #----------------------------------------------------------#
 #                       Vesta                              #
 #----------------------------------------------------------#
 # Logging
 log_event "$OK" "$ARGUMENTS"
 exit
--- a/bin/v-update-firewall
+++ b/bin/v-update-firewall
@ -67,7 +67,7 @@ echo "$iptables -P INPUT ACCEPT" >> $tmp
 echo "$iptables -F INPUT" >> $tmp
 # Enabling stateful support
-if [ "$conntrack" != 'no' ] || grep --quiet container=lxc /proc/1/environ; then
+if [ "$FIREWALL_STATEFUL" == "yes" ] || [ "$conntrack" != 'no' ] || grep --quiet container=lxc /proc/1/environ; then
    str="$iptables -A INPUT -m state"
    str="$str --state ESTABLISHED,RELATED -j ACCEPT"
    echo "$str" >> $tmp
@ -164,12 +164,12 @@ if [ ! -z "$FIREWALL_EXTENSION" ]; then
 fi
 # Saving rules to the master iptables file
-if [ -d "/etc/sysconfig" ]; then
+# if [ -d "/etc/sysconfig" ]; then
-    /sbin/iptables-save > /etc/sysconfig/iptables
+#     /sbin/iptables-save > /etc/sysconfig/iptables
-    if [ -z "$(ls /etc/rc3.d/S*iptables 2>/dev/null)" ]; then
+#     if [ -z "$(ls /etc/rc3.d/S*iptables 2>/dev/null)" ]; then
-        /sbin/chkconfig iptables on
+#         /sbin/chkconfig iptables on
-    fi
+#     fi
-else
+# else
    /sbin/iptables-save > /etc/iptables.rules
    preup="/etc/network/if-pre-up.d/iptables"
    if [ ! -e "$preup" ]; then
@ -178,7 +178,7 @@ else
        echo "exit 0" >> $preup
        chmod +x $preup
    fi
-fi
+# fi
 # Worarkound for OpenVZ
 if [ -e "/proc/vz/veinfo" ]; then
--- a/bin/v-update-letsencrypt-ssl
+++ b/bin/v-update-letsencrypt-ssl
@ -36,6 +36,12 @@ for user in $($BIN/v-list-users plain |cut -f 1); do
        limit_check=1
        fail_counter=$(get_web_counter "$user" "$domain" 'LETSENCRYPT_FAIL_COUNT')
        # proxy_tpl=$(/usr/local/vesta/bin/v-list-web-domain "$user" "$domain" "shell" | grep 'PROXY:' | cut -d ' ' -f11-)
        # if [ "$proxy_tpl" = "forward" ]; then
        #     echo "[$(date)] : $domain is using forward proxy, skipping" >> /usr/local/vesta/log/letsencrypt_cron.log
        #     continue;
        # fi
        if [[ "$hostname" = "$domain" ]]; then
            if [[ "$fail_counter" -eq 7 ]]; then
                limit_check=0
--- a/bin/v-update-mail-domain-disk
+++ b/bin/v-update-mail-domain-disk
@ -49,7 +49,8 @@ dom_diks=0
 for account in $(search_objects "mail/$domain" 'SUSPENDED' "no" 'ACCOUNT'); do
    home_dir=$HOMEDIR/$user/mail/$domain/$account
    if [ -e "$home_dir" ]; then
-        udisk=$(nice -n 19 du -shm $home_dir | cut -f 1 )
+        cd $home_dir
        udisk=$(nice -n 19 du -shm ./ | cut -f 1 )
    else
        udisk=0
    fi
--- a/bin/v-update-mail-domains-disk
+++ b/bin/v-update-mail-domains-disk
@ -35,13 +35,14 @@ fi
 #----------------------------------------------------------#
 # Starting loop
-for domain in $(search_objects 'mail' 'SUSPENDED' "no" 'DOMAIN'); do
+for domain in $(list_objects 'mail' 'DOMAIN'); do
    dom_diks=0
-    accounts=$(search_objects "mail/$domain" 'SUSPENDED' "no" 'ACCOUNT')
+    accounts=$(list_objects "mail/$domain" 'ACCOUNT')
    for account in $accounts; do
        home_dir=$HOMEDIR/$user/mail/$domain/$account
        if [ -e "$home_dir" ]; then
-            udisk=$(nice -n 19 du -shm $home_dir | cut -f 1 )
+            cd $home_dir
            udisk=$(nice -n 19 du -shm ./ | cut -f 1 )
        else
            udisk=0
        fi
--- a/bin/v-update-myvesta
+++ b/bin/v-update-myvesta
@ -0,0 +1,36 @@
 #!/bin/bash
 # info: Get the very latest build of myVesta
 # options: NONE
 #
 # The function is downloading the very latest build of myVesta
 #----------------------------------------------------------#
 #           Verifications & Variable & Function            #
 #----------------------------------------------------------#
 whoami=$(whoami)
 if [ "$whoami" != "root" ]; then
    echo "You must be root to execute this script"
    exit 1
 fi
 # Includes
 source /usr/local/vesta/func/main.sh
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
 rm /var/cache/apt/archives/vesta_* > /dev/null 2>&1
 apt-get update -o Dir::Etc::sourcelist="sources.list.d/vesta.list" -o Dir::Etc::sourceparts="-" -o APT::Get::List-Cleanup="0"  > /usr/local/vesta/log/update-$package.log 2>&1
 apt-get install --reinstall vesta
 #----------------------------------------------------------#
 #                       Vesta                              #
 #----------------------------------------------------------#
 echo "=== myVesta updated ==="
 log_event "$OK" "$ARGUMENTS"
 exit
--- a/bin/v-update-sys-rrd-la
+++ b/bin/v-update-sys-rrd-la
@ -74,7 +74,7 @@ rrdtool graph $RRD/la/$period-la.png \
    -c "SHADEA#ffffff" \
    -c "SHADEB#ffffff" \
    -c "FONT#555555" \
-    -c "CANVAS#302c2d" \
+    -c "CANVAS#F2F2F2" \
    -c "GRID#666666" \
    -c "MGRID#AAAAAA" \
    -c "FRAME#777777" \
@ -82,7 +82,7 @@ rrdtool graph $RRD/la/$period-la.png \
    DEF:la=$RRD/la/la.rrd:LA:AVERAGE \
    DEF:pr=$RRD/la/la.rrd:PR:AVERAGE \
    COMMENT:'\r' \
-    AREA:la#C8EA2E:"LA * 100"\
+    AREA:la#00CD2E:"LA * 100"\
    GPRINT:la:'LAST: Current\:''%8.0lf'  \
    GPRINT:la:'MIN: Min\:''%8.0lf'  \
    GPRINT:la:'MAX: Max\:''%8.0lf\j'  \
--- a/bin/v-update-sys-rrd-net
+++ b/bin/v-update-sys-rrd-net
@ -35,13 +35,15 @@ if [ ! -d "$RRD/net" ]; then
    mkdir $RRD/net
 fi
 find $RRD/net -name "veth*" -delete
 # Parsing network interfaces
 ndev=$(cat /proc/net/dev)
 ifaces=$(echo "$ndev" |grep : |cut -f 1 -d : | sed "s/ //g")
 # Parsing excludes
 if [ -z "$RRD_IFACE_EXCLUDE" ]; then
-    RRD_IFACE_EXCLUDE='lo'
+    RRD_IFACE_EXCLUDE='lo,'
 fi
 for exclude in $(echo ${RRD_IFACE_EXCLUDE//,/ }); do
    ifaces=$(echo "$ifaces" |grep -vw "$exclude" )
@ -62,6 +64,8 @@ for iface in $ifaces; do
            RRA:MAX:0.5:6:700 \
            RRA:MAX:0.5:24:775 \
            RRA:MAX:0.5:288:797
    else
        touch $RRD/net/$iface.rrd
    fi
    # Parsing device stats
@ -112,6 +116,8 @@ for iface in $ifaces; do
 done
 find $RRD/net -name "*.png" -mtime +1 -delete
 find $RRD/net -name "*.rrd" -mtime +1 -delete
 #----------------------------------------------------------#
 #                       Vesta                              #
--- a/bin/v-update-web-domain-disk
+++ b/bin/v-update-web-domain-disk
@ -50,6 +50,14 @@ if [ -e "$home_dir" ]; then
    disk_usage=$(nice -n 19 du -shm $home_dir | cut -f 1 )
 fi
 # Defining hdd home directory
 home_dir="/hdd$HOMEDIR/$user/web/$domain/"
 # Checking home directory exist
 if [ -e "$home_dir" ] && [[ ! -L "$home_dir" ]]; then
    disk_usage2=$(nice -n 19 du -shm $home_dir | cut -f 1 )
    disk_usage=$(( disk_usage + disk_usage2 ))
 fi
 #----------------------------------------------------------#
 #                       Vesta                              #
--- a/bin/v-update-web-domains-disk
+++ b/bin/v-update-web-domains-disk
@ -32,11 +32,16 @@ is_object_valid 'user' 'USER' "$user"
 #----------------------------------------------------------#
 # Domain loop
-for domain in $(search_objects 'web' 'SUSPENDED' "no" 'DOMAIN'); do
+for domain in $(list_objects 'web' 'DOMAIN'); do
    home_dir="$HOMEDIR/$user/web/$domain/"
    if [ -e "$home_dir" ]; then
        disk_usage=$(nice -n 19 du -shm $home_dir | cut -f 1 )
    fi
    home_dir="/hdd$HOMEDIR/$user/web/$domain/"
    if [ -e "$home_dir" ] && [[ ! -L "$home_dir" ]]; then
        disk_usage2=$(nice -n 19 du -shm $home_dir | cut -f 1 )
        disk_usage=$(( disk_usage + disk_usage2 ))
    fi
    update_object_value 'web' 'DOMAIN' "$domain" '$U_DISK' "$disk_usage"
 done
--- a/bin/v-whitelist-email-account
+++ b/bin/v-whitelist-email-account
@ -0,0 +1,119 @@
 #!/bin/bash
 # info: Add a specific email address to SpamAssassin whitelist
 # usage: v-whitelist-email-account EMAIL
 #----------------------------------------------------------#
 #                    Variable&Function                     #
 #----------------------------------------------------------#
 whoami=$(whoami)
 if [ "$whoami" != "root" ]; then
    echo "You must be root to execute this script"
    exit 1
 fi
 # Importing system environment
 source /etc/profile
 # Determine Debian version and set SpamAssassin service name
 release=$(cat /etc/debian_version | tr "." "\n" | head -n1)
 if [ "$release" -lt 12 ]; then
    SPAMD_SERVICE="spamassassin.service"
 else
    SPAMD_SERVICE="spamd.service"
 fi
 SPAMASSASSIN_FILE="/etc/spamassassin/local.cf"
 # Flags to track changes
 SPAMASSASSIN_CHANGED=false
 # Function to check if an entry already exists in a file
 check_entry_exists() {
    local entry=$1
    local file=$2
    grep -qF "$entry" "$file"
 }
 # Function to check if a domain/email is already blacklisted
 check_blacklisted() {
    local pattern=$1
    local file=$2
    grep -qE "blacklist_from.*${pattern}" "$file"
 }
 # Function to add an entry to a file
 add_entry_to_file() {
    local entry=$1
    local file=$2
    echo "$entry" >> "$file"
 }
 # Display usage if no arguments are provided
 if [ $# -lt 1 ]; then
    echo "Usage: v-whitelist-email-account EMAIL"
    exit 1
 fi
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
 EMAIL=$1
 # Validate email format
 if [[ ! "$EMAIL" =~ ^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$ ]]; then
    echo "Invalid email address format."
    exit 1
 fi
 # Extract the domain from the email address
 DOMAIN=$(echo "$EMAIL" | awk -F '@' '{print $2}')
 # Prepare entries for SpamAssassin
 WHITELIST_ENTRY="whitelist_from $EMAIL"
 BLACKLIST_ENTRY_MAIN="*@${DOMAIN}"
 BLACKLIST_ENTRY_SUB="*.$DOMAIN"
 #----------------------------------------------------------#
 #                SpamAssassin Whitelist                    #
 #----------------------------------------------------------#
 echo "Updating $SPAMASSASSIN_FILE..."
 # Check if the email address or its domain is already blacklisted
 if check_blacklisted "$EMAIL" "$SPAMASSASSIN_FILE"; then
    echo "Cannot whitelist $EMAIL. It is already blacklisted."
    exit 1
 fi
 if check_blacklisted "$BLACKLIST_ENTRY_MAIN" "$SPAMASSASSIN_FILE"; then
    echo "Cannot whitelist $EMAIL. The domain $DOMAIN is already blacklisted."
    exit 1
 fi
 if check_blacklisted "$BLACKLIST_ENTRY_SUB" "$SPAMASSASSIN_FILE"; then
    echo "Cannot whitelist $EMAIL. The subdomain of $DOMAIN is already blacklisted."
    exit 1
 fi
 # Add the email to whitelist if not already present
 if ! check_entry_exists "$WHITELIST_ENTRY" "$SPAMASSASSIN_FILE"; then
    add_entry_to_file "$WHITELIST_ENTRY" "$SPAMASSASSIN_FILE"
    echo "Added $WHITELIST_ENTRY to $SPAMASSASSIN_FILE."
    SPAMASSASSIN_CHANGED=true
 else
    echo "$WHITELIST_ENTRY already exists in $SPAMASSASSIN_FILE."
 fi
 # Restart SpamAssassin only if changes were made
 if [ "$SPAMASSASSIN_CHANGED" == "true" ]; then
    systemctl restart "$SPAMD_SERVICE"
    echo "SpamAssassin service ($SPAMD_SERVICE) restarted."
 fi
 #----------------------------------------------------------#
 #                       Done                               #
 #----------------------------------------------------------#
 exit 0
--- a/bin/v-whitelist-email-domain
+++ b/bin/v-whitelist-email-domain
@ -0,0 +1,119 @@
 #!/bin/bash
 # info: Add a domain to SpamAssassin whitelist
 # usage: v-whitelist-email-domain DOMAIN SUBDOMAIN(YES/NO)
 #----------------------------------------------------------#
 #                    Variable&Function                     #
 #----------------------------------------------------------#
 whoami=$(whoami)
 if [ "$whoami" != "root" ]; then
    echo "You must be root to execute this script"
    exit 1
 fi
 # Importing system environment
 source /etc/profile
 # Determine Debian version and set SpamAssassin service name
 release=$(cat /etc/debian_version | tr "." "\n" | head -n1)
 if [ "$release" -lt 12 ]; then
    SPAMD_SERVICE="spamassassin.service"
 else
    SPAMD_SERVICE="spamd.service"
 fi
 SPAMASSASSIN_FILE="/etc/spamassassin/local.cf"
 # Flags to track changes
 SPAMASSASSIN_CHANGED=false
 # Function to check if a SpamAssassin whitelist entry already exists
 check_whitelist_exists() {
    local entry=$1
    local file=$2
    grep -qF "whitelist_from $entry" "$file"
 }
 # Function to check if a domain/email is already blacklisted
 check_blacklist_exists() {
    local domain=$1
    local file=$2
    grep -qE "blacklist_from.*${domain}$" "$file"
 }
 # Function to add whitelist entry to file
 add_whitelist_to_file() {
    local entry=$1
    local file=$2
    echo "whitelist_from $entry" >> "$file"
 }
 # Display usage if no arguments are provided
 if [ $# -lt 2 ]; then
    echo "Usage: v-whitelist-email-domain DOMAIN SUBDOMAIN(YES/NO)"
    exit 1
 fi
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
 DOMAIN=$1
 SUBDOMAIN=${2^^} # Convert to uppercase for consistency (YES/NO)
 # Validate SUBDOMAIN parameter
 if [[ "$SUBDOMAIN" != "YES" && "$SUBDOMAIN" != "NO" ]]; then
    echo "Invalid parameter for SUBDOMAIN. Use YES or NO."
    exit 1
 fi
 # Prepare entries for SpamAssassin
 WHITELIST_ENTRY_MAIN="*@${DOMAIN}"
 WHITELIST_ENTRY_SUB="*.$DOMAIN"
 BLACKLIST_ENTRY_MAIN="*@${DOMAIN}"
 BLACKLIST_ENTRY_SUB="*.$DOMAIN"
 #----------------------------------------------------------#
 #                SpamAssassin Whitelist                    #
 #----------------------------------------------------------#
 echo "Updating $SPAMASSASSIN_FILE..."
 # Check if the domain is already blacklisted
 if check_blacklist_exists "$DOMAIN" "$SPAMASSASSIN_FILE"; then
    echo "Cannot whitelist $DOMAIN. It is already blacklisted."
    exit 1
 fi
 # Add the main entry
 if ! check_whitelist_exists "$WHITELIST_ENTRY_MAIN" "$SPAMASSASSIN_FILE"; then
    add_whitelist_to_file "$WHITELIST_ENTRY_MAIN" "$SPAMASSASSIN_FILE"
    echo "Added whitelist_from $WHITELIST_ENTRY_MAIN to $SPAMASSASSIN_FILE."
    SPAMASSASSIN_CHANGED=true
 else
    echo "whitelist_from $WHITELIST_ENTRY_MAIN already exists in $SPAMASSASSIN_FILE."
 fi
 # Add the subdomain entry if needed
 if [ "$SUBDOMAIN" == "YES" ]; then
    if ! check_whitelist_exists "$WHITELIST_ENTRY_SUB" "$SPAMASSASSIN_FILE"; then
        add_whitelist_to_file "$WHITELIST_ENTRY_SUB" "$SPAMASSASSIN_FILE"
        echo "Added whitelist_from $WHITELIST_ENTRY_SUB to $SPAMASSASSIN_FILE."
        SPAMASSASSIN_CHANGED=true
    else
        echo "whitelist_from $WHITELIST_ENTRY_SUB already exists in $SPAMASSASSIN_FILE."
    fi
 fi
 # Restart SpamAssassin only if changes were made
 if [ "$SPAMASSASSIN_CHANGED" == "true" ]; then
    systemctl restart "$SPAMD_SERVICE"
    echo "SpamAssassin service ($SPAMD_SERVICE) restarted."
 fi
 #----------------------------------------------------------#
 #                       Done                               #
 #----------------------------------------------------------#
 exit 0
--- a/func/bash-to-php-interpreter.php
+++ b/func/bash-to-php-interpreter.php
@ -0,0 +1,88 @@
 <?php
 $myvesta_echo_done=false;
 if (isset($_SERVER['SHLVL'])) $SHLVL=intval($_SERVER['SHLVL']);
 else $SHLVL=3;
 if (!isset($argv)) exit(5);
 $argv_start=1;
 $STDIN_ENABLED=false;
 if ($argv[1]=='--stdin') {
    $STDIN_ENABLED=true;
    $argv_start++;
 }
 $myvesta_stdin='';
 if ($STDIN_ENABLED==true) {
    stream_set_blocking(STDIN, false);
    $myvesta_f = fopen( 'php://stdin', 'r' );
    while( $myvesta_line = fgets( $myvesta_f ) ) {
        $myvesta_stdin .= $myvesta_line;
    }
    fclose( $myvesta_f );
 }
 include ("/usr/local/vesta/func/main.php");
 include ("/usr/local/vesta/func/string.php");
 $counter=count($argv);
 if ($counter<2) myvesta_throw_error(2, 'Function is missing');
 $func=$argv[$argv_start];
 if (!function_exists($func)) {
    $func="myvesta_".$argv[$argv_start];    
    if (!function_exists($func)) myvesta_throw_error(2, 'Function does not exists');
 }
 $insert_stdin_at_position=false;
 if ($func=="myvesta_grep") $insert_stdin_at_position=1;
 if ($func=="myvesta_sed") $insert_stdin_at_position=2;
 $params=array();
 $added=0;
 $stdin_content='';
 $myvesta_stdin_from_file='';
 $myvesta_stdin_return_not_found=false;
 if ($myvesta_stdin!='' && $insert_stdin_at_position===false) {$params[]=$myvesta_stdin; $added++;}
 $argv_start++;
 for ($i=$argv_start; $i<$counter; $i++) {
    $argv[$i]=myvesta_fix_backslashes($argv[$i]);
    //if ($insert_stdin_at_position!==false && $myvesta_stdin=='') if ($insert_stdin_at_position==$added) {$stdin_content=$argv[$i]; $added++; continue;}
    $params[]=$argv[$i];
    $added++;
 }
 //print_r($params); exit;
 if ($insert_stdin_at_position!=false) {
    if ($myvesta_stdin=='' && isset($params[$insert_stdin_at_position])) {
        $file_or_stdin=$params[$insert_stdin_at_position];
        if (!file_exists($file_or_stdin)) {
            $myvesta_stdin_return_not_found=true;
            $myvesta_stdin='';
        } else {
            $myvesta_stdin=file_get_contents($file_or_stdin);
            $myvesta_stdin_from_file=$file_or_stdin;
        }
        $params[$insert_stdin_at_position]=$myvesta_stdin;
    } else {
        array_splice($params, $insert_stdin_at_position, 0, array($myvesta_stdin));
    }
 }
 //print_r($params); exit;
 $r=call_user_func_array($func, $params);
 if (is_bool($r)) {
    if ($r) {
        myvesta_exit (0);
    } else {
        myvesta_exit (MYVESTA_ERROR_GENERAL);
    }
 } else {
    myvesta_echo ($r);
    myvesta_exit (0);
 }
--- a/func/db.sh
+++ b/func/db.sh
@ -29,6 +29,9 @@ mysql_connect() {
    mysql --defaults-file=$mycnf -e 'SELECT VERSION()' > $mysql_out 2>&1
    if [ '0' -ne "$?" ]; then
        if [ "$notify" != 'no' ]; then
            subj="Error: Connection to $HOST failed"
            email=$($BIN/v-get-user-value admin CONTACT)
            echo -e "Can't connect to MySQL $HOST\n$(cat $mysql_out)" |\
                $SENDMAIL -s "$subj" $email
        fi
@ -55,10 +58,13 @@ mysql_query() {
 mysql_dump() {
    err="/tmp/e.mysql"
-    mysqldump --defaults-file=$mycnf --single-transaction --max_allowed_packet=100M -r $1 $2 2> $err
+    mysqldump --defaults-file=$mycnf --complete-insert --force --quick --single-transaction --max-allowed-packet=1024MB -r $1 $2 2> $err
    if [ '0' -ne "$?" ]; then
        rm -rf $tmpdir
        if [ "$notify" != 'no' ]; then
            subj="Error: dump $database failed"
            email=$($BIN/v-get-user-value admin CONTACT)
            echo -e "Can't dump database $database\n$(cat $err)" |\
                $SENDMAIL -s "$subj" $email
        fi
@ -82,6 +88,9 @@ psql_connect() {
    psql -h $HOST -U $USER -c "SELECT VERSION()" > /dev/null 2>/tmp/e.psql
    if [ '0' -ne "$?" ]; then
        if [ "$notify" != 'no' ]; then
            subj="Error: Connection to $HOST failed"
            email=$($BIN/v-get-user-value admin CONTACT)
            echo -e "Can't connect to PostgreSQL $HOST\n$(cat /tmp/e.psql)" |\
                $SENDMAIL -s "$subj" $email
        fi
@ -103,6 +112,9 @@ psql_dump() {
    if [ '0' -ne "$?" ]; then
        rm -rf $tmpdir
        if [ "$notify" != 'no' ]; then
            subj="Error: dump $database failed"
            email=$($BIN/v-get-user-value admin CONTACT)
            echo -e "Can't dump database $database\n$(cat /tmp/e.psql)" |\
                $SENDMAIL -s "$subj" $email
        fi
@ -468,7 +480,7 @@ suspend_pgsql_database() {
 # Unsuspend MySQL database
 unsuspend_mysql_database() {
    mysql_connect $HOST
-    query="GRANT ALL ON \`$database\`.* FROM \`$DBUSER\`@\`%\`"
+    query="GRANT ALL ON \`$database\`.* TO \`$DBUSER\`@\`%\`"
    mysql_query "$query" > /dev/null
    query="GRANT ALL ON \`$database\`.* TO \`$DBUSER\`@localhost"
    mysql_query "$query" > /dev/null
--- a/Show more
+++ b/Show more