From 23971375789b48c41c3eefa7fa0495279774e387 Mon Sep 17 00:00:00 2001 From: "Made I.T" Date: Mon, 27 Nov 2017 11:16:52 +0100 Subject: [PATCH 0001/2300] Add CAA record to is_dns_type_format_valid --- func/main.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/func/main.sh b/func/main.sh index f0041778..d005f2d3 100644 --- a/func/main.sh +++ b/func/main.sh @@ -628,7 +628,7 @@ is_dbuser_format_valid() { # DNS record type validator is_dns_type_format_valid() { - known_dnstype='A,AAAA,NS,CNAME,MX,TXT,SRV,DNSKEY,KEY,IPSECKEY,PTR,SPF,TLSA' + known_dnstype='A,AAAA,NS,CNAME,MX,TXT,SRV,DNSKEY,KEY,IPSECKEY,PTR,SPF,TLSA,CAA' if [ -z "$(echo $known_dnstype |grep -w $1)" ]; then check_result $E_INVALID "invalid dns record type format :: $1" fi From d9686a59f2cdd72b1d0b9d0c70e04eb4d1a3238c Mon Sep 17 00:00:00 2001 From: "Made I.T" Date: Mon, 27 Nov 2017 11:17:47 +0100 Subject: [PATCH 0002/2300] Add CAA record to web template --- web/templates/admin/add_dns_rec.html | 1 + 1 file changed, 1 insertion(+) diff --git a/web/templates/admin/add_dns_rec.html b/web/templates/admin/add_dns_rec.html index 2c8bebd7..33b4a9be 100644 --- a/web/templates/admin/add_dns_rec.html +++ b/web/templates/admin/add_dns_rec.html @@ -82,6 +82,7 @@ + From 3d6eb2c8eab992b560e6452e0f3a465bcaebe10b Mon Sep 17 00:00:00 2001 From: "Made I.T" Date: Mon, 27 Nov 2017 11:42:49 +0100 Subject: [PATCH 0003/2300] Update v-add-dns-record --- bin/v-add-dns-record | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/bin/v-add-dns-record b/bin/v-add-dns-record index 2b4c52ca..bbf8edd8 100755 --- a/bin/v-add-dns-record +++ b/bin/v-add-dns-record @@ -45,10 +45,12 @@ if [[ $rtype =~ NS|CNAME|MX|PTR|SRV ]]; then fi fi -dvalue=${dvalue//\"/} +if [ $rtype != "CAA" ]; then + dvalue=${dvalue//\"/} -if [[ "$dvalue" =~ [\;[:space:]] ]]; then - dvalue='"'"$dvalue"'"' + if [[ "$dvalue" =~ [\;[:space:]] ]]; then + dvalue='"'"$dvalue"'"' + fi fi # Additional argument formatting From 02afaffa7353368f97413a7e6e4a67c1a8b0a1ea Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Fri, 29 Dec 2017 22:02:01 +0200 Subject: [PATCH 0004/2300] Debian 9 Support --- install/vst-install-debian.sh | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) mode change 100755 => 100644 install/vst-install-debian.sh diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh old mode 100755 new mode 100644 index 259b8ab0..41ab0063 --- a/install/vst-install-debian.sh +++ b/install/vst-install-debian.sh @@ -18,7 +18,19 @@ release=$(cat /etc/debian_version|grep -o [0-9]|head -n1) codename="$(cat /etc/os-release |grep VERSION= |cut -f 2 -d \(|cut -f 1 -d \))" vestacp="http://$CHOST/$VERSION/$release" -if [ "$release" -eq 8 ]; then +if [ "$release" -eq 9 ]; then + software="nginx apache2 apache2-utils apache2-suexec-custom + libapache2-mod-ruid2 libapache2-mod-fcgid libapache2-mod-php php + php-common php-cgi php-mysql php-curl php-fpm php-pgsql awstats + webalizer vsftpd proftpd-basic bind9 exim4 exim4-daemon-heavy + clamav-daemon spamassassin dovecot-imapd dovecot-pop3d roundcube-core + roundcube-mysql roundcube-plugins mysql-server mysql-common + mysql-client postgresql postgresql-contrib phppgadmin phpmyadmin mc + flex whois rssh git idn zip sudo bc ftp lsof ntpdate rrdtool quota + e2fslibs bsdutils e2fsprogs curl imagemagick fail2ban dnsutils + bsdmainutils cron vesta vesta-nginx vesta-php expect libmail-dkim-perl + unrar-free vim-common vesta-ioncube vesta-softaculous" +elif [ "$release" -eq 8 ]; then software="nginx apache2 apache2-utils apache2.2-common apache2-suexec-custom libapache2-mod-ruid2 libapache2-mod-fcgid libapache2-mod-php5 php5 php5-common php5-cgi From 80f65d54debc998fe4cb55283032a4d1f3fab368 Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Sat, 30 Dec 2017 11:19:25 +0200 Subject: [PATCH 0005/2300] oldstyle config for dovecot --- install/rhel/6/dovecot/conf.d/20-imap.conf | 34 ++++++++-------------- install/rhel/7/dovecot/conf.d/20-imap.conf | 34 ++++++++-------------- 2 files changed, 24 insertions(+), 44 deletions(-) diff --git a/install/rhel/6/dovecot/conf.d/20-imap.conf b/install/rhel/6/dovecot/conf.d/20-imap.conf index 2e740d49..fe1d2d75 100644 --- a/install/rhel/6/dovecot/conf.d/20-imap.conf +++ b/install/rhel/6/dovecot/conf.d/20-imap.conf @@ -2,25 +2,15 @@ ## IMAP specific settings ## -protocol imap { - namespace inbox { - inbox = yes - - mailbox Trash { - auto = subscribe #Autocreate/subscribe mailbox? no, create or subscribe values - special_use = \Trash - } - mailbox Sent { - auto = subscribe #Autocreate/subscribe mailbox? no, create or subscribe values - special_use = \Sent - } - mailbox Spam { - auto = subscribe #Autocreate/subscribe mailbox? no, create or subscribe values - special_use = \Junk - } - mailbox Drafts { - auto = subscribe #Autocreate/subscribe mailbox? no, create or subscribe values - special_use = \Drafts - } - } -} \ No newline at end of file +plugin { + autocreate = Trash + autocreate2 = Spam + autocreate3 = Sent + autocreate4 = Drafts + #autocreate5 = Custom + autosubscribe = Trash + autosubscribe2 = Spam + autosubscribe3 = Sent + autosubscribe4 = Drafts + #autosubscribe5 = Custom +} diff --git a/install/rhel/7/dovecot/conf.d/20-imap.conf b/install/rhel/7/dovecot/conf.d/20-imap.conf index 2e740d49..fe1d2d75 100644 --- a/install/rhel/7/dovecot/conf.d/20-imap.conf +++ b/install/rhel/7/dovecot/conf.d/20-imap.conf @@ -2,25 +2,15 @@ ## IMAP specific settings ## -protocol imap { - namespace inbox { - inbox = yes - - mailbox Trash { - auto = subscribe #Autocreate/subscribe mailbox? no, create or subscribe values - special_use = \Trash - } - mailbox Sent { - auto = subscribe #Autocreate/subscribe mailbox? no, create or subscribe values - special_use = \Sent - } - mailbox Spam { - auto = subscribe #Autocreate/subscribe mailbox? no, create or subscribe values - special_use = \Junk - } - mailbox Drafts { - auto = subscribe #Autocreate/subscribe mailbox? no, create or subscribe values - special_use = \Drafts - } - } -} \ No newline at end of file +plugin { + autocreate = Trash + autocreate2 = Spam + autocreate3 = Sent + autocreate4 = Drafts + #autocreate5 = Custom + autosubscribe = Trash + autosubscribe2 = Spam + autosubscribe3 = Sent + autosubscribe4 = Drafts + #autosubscribe5 = Custom +} From 6da6d38cfdc17b1b8d085ab9d9cac78434cfa6f8 Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Sat, 30 Dec 2017 12:01:58 +0200 Subject: [PATCH 0006/2300] install configs for debian 9 --- install/debian/9/apache2/apache2.conf | 94 ++ install/debian/9/apache2/status.conf | 8 + install/debian/9/bind/named.conf | 12 + install/debian/9/clamav/clamd.conf | 61 ++ install/debian/9/deb_signing.key | 30 + install/debian/9/dovecot/conf.d/10-auth.conf | 4 + .../debian/9/dovecot/conf.d/10-logging.conf | 1 + install/debian/9/dovecot/conf.d/10-mail.conf | 4 + .../debian/9/dovecot/conf.d/10-master.conf | 29 + install/debian/9/dovecot/conf.d/10-ssl.conf | 3 + install/debian/9/dovecot/conf.d/20-imap.conf | 58 ++ install/debian/9/dovecot/conf.d/20-pop3.conf | 91 ++ .../9/dovecot/conf.d/auth-passwdfile.conf.ext | 9 + install/debian/9/dovecot/dovecot.conf | 4 + install/debian/9/exim/dnsbl.conf | 2 + install/debian/9/exim/exim4.conf.template | 382 ++++++++ install/debian/9/exim/spam-blocks.conf | 0 install/debian/9/fail2ban/action.d/vesta.conf | 9 + install/debian/9/fail2ban/filter.d/vesta.conf | 10 + install/debian/9/fail2ban/jail.local | 39 + install/debian/9/firewall/ports.conf | 17 + install/debian/9/firewall/rules.conf | 11 + install/debian/9/logrotate/apache2 | 19 + install/debian/9/logrotate/dovecot | 12 + install/debian/9/logrotate/nginx | 13 + install/debian/9/logrotate/vesta | 7 + install/debian/9/mysql/my-large.cnf | 42 + install/debian/9/mysql/my-medium.cnf | 40 + install/debian/9/mysql/my-small.cnf | 40 + install/debian/9/nginx/nginx.conf | 137 +++ install/debian/9/nginx/phpmyadmin.inc | 18 + install/debian/9/nginx/phppgadmin.inc | 11 + install/debian/9/nginx/status.conf | 9 + install/debian/9/nginx/webmail.inc | 15 + install/debian/9/packages/default.pkg | 18 + install/debian/9/packages/gainsboro.pkg | 18 + install/debian/9/packages/palegreen.pkg | 18 + install/debian/9/packages/slategrey.pkg | 18 + install/debian/9/pga/config.inc.php | 159 ++++ install/debian/9/pga/phppgadmin.conf | 31 + install/debian/9/php5-fpm/www.conf | 11 + install/debian/9/pma/apache.conf | 42 + install/debian/9/pma/config.inc.php | 146 +++ install/debian/9/postgresql/pg_hba.conf | 11 + install/debian/9/proftpd/proftpd.conf | 32 + install/debian/9/roundcube/apache.conf | 40 + install/debian/9/roundcube/config.inc.php | 33 + install/debian/9/roundcube/db.inc.php | 66 ++ install/debian/9/roundcube/main.inc.php | 850 ++++++++++++++++++ install/debian/9/roundcube/vesta.php | 73 ++ install/debian/9/sudo/admin | 8 + install/debian/9/templates/dns/child-ns.tpl | 14 + install/debian/9/templates/dns/default.tpl | 18 + install/debian/9/templates/dns/gmail.tpl | 12 + .../9/templates/web/apache2/basedir.stpl | 44 + .../9/templates/web/apache2/basedir.tpl | 38 + .../9/templates/web/apache2/default.stpl | 43 + .../9/templates/web/apache2/default.tpl | 37 + .../9/templates/web/apache2/hosting.stpl | 49 + .../9/templates/web/apache2/hosting.tpl | 43 + .../debian/9/templates/web/apache2/phpcgi.sh | 16 + .../9/templates/web/apache2/phpcgi.stpl | 38 + .../debian/9/templates/web/apache2/phpcgi.tpl | 31 + .../9/templates/web/apache2/phpfcgid.sh | 22 + .../9/templates/web/apache2/phpfcgid.stpl | 39 + .../9/templates/web/apache2/phpfcgid.tpl | 31 + .../9/templates/web/awstats/awstats.tpl | 133 +++ .../debian/9/templates/web/awstats/index.tpl | 10 + .../debian/9/templates/web/awstats/nav.tpl | 23 + .../debian/9/templates/web/nginx/caching.sh | 19 + .../debian/9/templates/web/nginx/caching.stpl | 44 + .../debian/9/templates/web/nginx/caching.tpl | 41 + .../debian/9/templates/web/nginx/default.stpl | 36 + .../debian/9/templates/web/nginx/default.tpl | 33 + .../debian/9/templates/web/nginx/hosting.sh | 11 + .../debian/9/templates/web/nginx/hosting.stpl | 38 + .../debian/9/templates/web/nginx/hosting.tpl | 35 + .../debian/9/templates/web/nginx/http2.stpl | 36 + .../debian/9/templates/web/nginx/http2.tpl | 33 + .../web/nginx/php-fpm/cms_made_simple.stpl | 56 ++ .../web/nginx/php-fpm/cms_made_simple.tpl | 52 ++ .../web/nginx/php-fpm/codeigniter2.stpl | 61 ++ .../web/nginx/php-fpm/codeigniter2.tpl | 57 ++ .../web/nginx/php-fpm/codeigniter3.stpl | 56 ++ .../web/nginx/php-fpm/codeigniter3.tpl | 52 ++ .../web/nginx/php-fpm/datalife_engine.stpl | 127 +++ .../web/nginx/php-fpm/datalife_engine.tpl | 123 +++ .../templates/web/nginx/php-fpm/default.stpl | 55 ++ .../9/templates/web/nginx/php-fpm/default.tpl | 51 ++ .../templates/web/nginx/php-fpm/dokuwiki.stpl | 72 ++ .../templates/web/nginx/php-fpm/dokuwiki.tpl | 67 ++ .../templates/web/nginx/php-fpm/drupal6.stpl | 101 +++ .../9/templates/web/nginx/php-fpm/drupal6.tpl | 98 ++ .../templates/web/nginx/php-fpm/drupal7.stpl | 101 +++ .../9/templates/web/nginx/php-fpm/drupal7.tpl | 98 ++ .../templates/web/nginx/php-fpm/drupal8.stpl | 102 +++ .../9/templates/web/nginx/php-fpm/drupal8.tpl | 99 ++ .../9/templates/web/nginx/php-fpm/joomla.stpl | 63 ++ .../9/templates/web/nginx/php-fpm/joomla.tpl | 59 ++ .../templates/web/nginx/php-fpm/laravel.stpl | 56 ++ .../9/templates/web/nginx/php-fpm/laravel.tpl | 50 ++ .../templates/web/nginx/php-fpm/magento.stpl | 198 ++++ .../9/templates/web/nginx/php-fpm/magento.tpl | 194 ++++ .../9/templates/web/nginx/php-fpm/modx.stpl | 69 ++ .../9/templates/web/nginx/php-fpm/modx.tpl | 65 ++ .../9/templates/web/nginx/php-fpm/moodle.stpl | 90 ++ .../9/templates/web/nginx/php-fpm/moodle.tpl | 87 ++ .../9/templates/web/nginx/php-fpm/no-php.stpl | 47 + .../9/templates/web/nginx/php-fpm/no-php.tpl | 43 + .../9/templates/web/nginx/php-fpm/odoo.stpl | 70 ++ .../9/templates/web/nginx/php-fpm/odoo.tpl | 66 ++ .../templates/web/nginx/php-fpm/opencart.stpl | 59 ++ .../templates/web/nginx/php-fpm/opencart.tpl | 54 ++ .../templates/web/nginx/php-fpm/owncloud.stpl | 85 ++ .../templates/web/nginx/php-fpm/owncloud.tpl | 81 ++ .../9/templates/web/nginx/php-fpm/piwik.stpl | 73 ++ .../9/templates/web/nginx/php-fpm/piwik.tpl | 69 ++ .../templates/web/nginx/php-fpm/pyrocms.stpl | 66 ++ .../9/templates/web/nginx/php-fpm/pyrocms.tpl | 62 ++ .../9/templates/web/nginx/php-fpm/sendy.stpl | 88 ++ .../9/templates/web/nginx/php-fpm/sendy.tpl | 86 ++ .../web/nginx/php-fpm/wordpress.stpl | 55 ++ .../templates/web/nginx/php-fpm/wordpress.tpl | 51 ++ .../web/nginx/php-fpm/wordpress2.stpl | 67 ++ .../web/nginx/php-fpm/wordpress2.tpl | 63 ++ .../web/nginx/php-fpm/wordpress2_rewrite.stpl | 72 ++ .../web/nginx/php-fpm/wordpress2_rewrite.tpl | 67 ++ .../debian/9/templates/web/nginx/proxy_ip.tpl | 9 + .../9/templates/web/php5-fpm/default.tpl | 21 + .../9/templates/web/php5-fpm/no-php.tpl | 20 + .../9/templates/web/php5-fpm/socket.tpl | 24 + .../web/skel/document_errors/403.html | 29 + .../web/skel/document_errors/404.html | 28 + .../web/skel/document_errors/50x.html | 29 + .../templates/web/skel/public_html/index.html | 26 + .../templates/web/skel/public_html/robots.txt | 3 + .../web/skel/public_shtml/index.html | 26 + .../web/skel/public_shtml/robots.txt | 3 + .../debian/9/templates/web/suspend/.htaccess | 2 + .../debian/9/templates/web/suspend/index.html | 25 + .../9/templates/web/webalizer/webalizer.tpl | 110 +++ install/debian/9/vsftpd/vsftpd.conf | 26 + 142 files changed, 7846 insertions(+) create mode 100644 install/debian/9/apache2/apache2.conf create mode 100644 install/debian/9/apache2/status.conf create mode 100644 install/debian/9/bind/named.conf create mode 100644 install/debian/9/clamav/clamd.conf create mode 100644 install/debian/9/deb_signing.key create mode 100644 install/debian/9/dovecot/conf.d/10-auth.conf create mode 100644 install/debian/9/dovecot/conf.d/10-logging.conf create mode 100644 install/debian/9/dovecot/conf.d/10-mail.conf create mode 100644 install/debian/9/dovecot/conf.d/10-master.conf create mode 100644 install/debian/9/dovecot/conf.d/10-ssl.conf create mode 100644 install/debian/9/dovecot/conf.d/20-imap.conf create mode 100644 install/debian/9/dovecot/conf.d/20-pop3.conf create mode 100644 install/debian/9/dovecot/conf.d/auth-passwdfile.conf.ext create mode 100644 install/debian/9/dovecot/dovecot.conf create mode 100644 install/debian/9/exim/dnsbl.conf create mode 100644 install/debian/9/exim/exim4.conf.template create mode 100644 install/debian/9/exim/spam-blocks.conf create mode 100644 install/debian/9/fail2ban/action.d/vesta.conf create mode 100644 install/debian/9/fail2ban/filter.d/vesta.conf create mode 100644 install/debian/9/fail2ban/jail.local create mode 100644 install/debian/9/firewall/ports.conf create mode 100644 install/debian/9/firewall/rules.conf create mode 100644 install/debian/9/logrotate/apache2 create mode 100644 install/debian/9/logrotate/dovecot create mode 100644 install/debian/9/logrotate/nginx create mode 100644 install/debian/9/logrotate/vesta create mode 100644 install/debian/9/mysql/my-large.cnf create mode 100644 install/debian/9/mysql/my-medium.cnf create mode 100644 install/debian/9/mysql/my-small.cnf create mode 100644 install/debian/9/nginx/nginx.conf create mode 100644 install/debian/9/nginx/phpmyadmin.inc create mode 100644 install/debian/9/nginx/phppgadmin.inc create mode 100644 install/debian/9/nginx/status.conf create mode 100644 install/debian/9/nginx/webmail.inc create mode 100644 install/debian/9/packages/default.pkg create mode 100644 install/debian/9/packages/gainsboro.pkg create mode 100644 install/debian/9/packages/palegreen.pkg create mode 100644 install/debian/9/packages/slategrey.pkg create mode 100644 install/debian/9/pga/config.inc.php create mode 100644 install/debian/9/pga/phppgadmin.conf create mode 100644 install/debian/9/php5-fpm/www.conf create mode 100644 install/debian/9/pma/apache.conf create mode 100644 install/debian/9/pma/config.inc.php create mode 100644 install/debian/9/postgresql/pg_hba.conf create mode 100644 install/debian/9/proftpd/proftpd.conf create mode 100644 install/debian/9/roundcube/apache.conf create mode 100644 install/debian/9/roundcube/config.inc.php create mode 100644 install/debian/9/roundcube/db.inc.php create mode 100644 install/debian/9/roundcube/main.inc.php create mode 100644 install/debian/9/roundcube/vesta.php create mode 100644 install/debian/9/sudo/admin create mode 100755 install/debian/9/templates/dns/child-ns.tpl create mode 100755 install/debian/9/templates/dns/default.tpl create mode 100755 install/debian/9/templates/dns/gmail.tpl create mode 100644 install/debian/9/templates/web/apache2/basedir.stpl create mode 100644 install/debian/9/templates/web/apache2/basedir.tpl create mode 100644 install/debian/9/templates/web/apache2/default.stpl create mode 100644 install/debian/9/templates/web/apache2/default.tpl create mode 100644 install/debian/9/templates/web/apache2/hosting.stpl create mode 100644 install/debian/9/templates/web/apache2/hosting.tpl create mode 100755 install/debian/9/templates/web/apache2/phpcgi.sh create mode 100644 install/debian/9/templates/web/apache2/phpcgi.stpl create mode 100644 install/debian/9/templates/web/apache2/phpcgi.tpl create mode 100755 install/debian/9/templates/web/apache2/phpfcgid.sh create mode 100644 install/debian/9/templates/web/apache2/phpfcgid.stpl create mode 100644 install/debian/9/templates/web/apache2/phpfcgid.tpl create mode 100755 install/debian/9/templates/web/awstats/awstats.tpl create mode 100755 install/debian/9/templates/web/awstats/index.tpl create mode 100755 install/debian/9/templates/web/awstats/nav.tpl create mode 100755 install/debian/9/templates/web/nginx/caching.sh create mode 100755 install/debian/9/templates/web/nginx/caching.stpl create mode 100755 install/debian/9/templates/web/nginx/caching.tpl create mode 100755 install/debian/9/templates/web/nginx/default.stpl create mode 100755 install/debian/9/templates/web/nginx/default.tpl create mode 100755 install/debian/9/templates/web/nginx/hosting.sh create mode 100755 install/debian/9/templates/web/nginx/hosting.stpl create mode 100755 install/debian/9/templates/web/nginx/hosting.tpl create mode 100644 install/debian/9/templates/web/nginx/http2.stpl create mode 100644 install/debian/9/templates/web/nginx/http2.tpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/cms_made_simple.stpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/cms_made_simple.tpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/codeigniter2.stpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/codeigniter2.tpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/codeigniter3.stpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/codeigniter3.tpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/datalife_engine.stpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/datalife_engine.tpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/default.stpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/default.tpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/dokuwiki.stpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/dokuwiki.tpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/drupal6.stpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/drupal6.tpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/drupal7.stpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/drupal7.tpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/drupal8.stpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/drupal8.tpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/joomla.stpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/joomla.tpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/laravel.stpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/laravel.tpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/magento.stpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/magento.tpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/modx.stpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/modx.tpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/moodle.stpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/moodle.tpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/no-php.stpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/no-php.tpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/odoo.stpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/odoo.tpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/opencart.stpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/opencart.tpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/owncloud.stpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/owncloud.tpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/piwik.stpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/piwik.tpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/pyrocms.stpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/pyrocms.tpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/sendy.stpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/sendy.tpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/wordpress.stpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/wordpress.tpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/wordpress2.stpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/wordpress2.tpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl create mode 100755 install/debian/9/templates/web/nginx/proxy_ip.tpl create mode 100644 install/debian/9/templates/web/php5-fpm/default.tpl create mode 100644 install/debian/9/templates/web/php5-fpm/no-php.tpl create mode 100644 install/debian/9/templates/web/php5-fpm/socket.tpl create mode 100755 install/debian/9/templates/web/skel/document_errors/403.html create mode 100755 install/debian/9/templates/web/skel/document_errors/404.html create mode 100755 install/debian/9/templates/web/skel/document_errors/50x.html create mode 100755 install/debian/9/templates/web/skel/public_html/index.html create mode 100755 install/debian/9/templates/web/skel/public_html/robots.txt create mode 100755 install/debian/9/templates/web/skel/public_shtml/index.html create mode 100755 install/debian/9/templates/web/skel/public_shtml/robots.txt create mode 100755 install/debian/9/templates/web/suspend/.htaccess create mode 100755 install/debian/9/templates/web/suspend/index.html create mode 100755 install/debian/9/templates/web/webalizer/webalizer.tpl create mode 100644 install/debian/9/vsftpd/vsftpd.conf diff --git a/install/debian/9/apache2/apache2.conf b/install/debian/9/apache2/apache2.conf new file mode 100644 index 00000000..2756132a --- /dev/null +++ b/install/debian/9/apache2/apache2.conf @@ -0,0 +1,94 @@ +# It is split into several files forming the configuration hierarchy outlined +# below, all located in the /etc/apache2/ directory: +# +# /etc/apache2/ +# |-- apache2.conf +# | `-- ports.conf +# |-- mods-enabled +# | |-- *.load +# | `-- *.conf +# |-- conf.d +# | `-- * + +# Global configuration +PidFile ${APACHE_PID_FILE} +Timeout 30 +KeepAlive Off +MaxKeepAliveRequests 100 +KeepAliveTimeout 10 + + + StartServers 8 + MinSpareServers 5 + MaxSpareServers 20 + ServerLimit 256 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + +# These need to be set in /etc/apache2/envvars +User ${APACHE_RUN_USER} +Group ${APACHE_RUN_GROUP} +#User www-data +#Group www-data + +AccessFileName .htaccess + + + Order allow,deny + Deny from all + Satisfy all + + +DefaultType None +HostnameLookups Off + +ErrorLog ${APACHE_LOG_DIR}/error.log +LogLevel warn + +# Include module configuration: +Include mods-enabled/*.load +Include mods-enabled/*.conf + +# Include list of ports to listen on and which to use for name based vhosts +Include ports.conf + +LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined +LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %O" common +LogFormat "%{Referer}i -> %U" referer +LogFormat "%{User-agent}i" agent +LogFormat "%b" bytes + +Include conf.d/ + +# Include the virtual host configurations: +#Include sites-enabled/ + +ErrorDocument 403 /error/403.html +ErrorDocument 404 /error/404.html +ErrorDocument 500 /error/50x.html +ErrorDocument 501 /error/50x.html +ErrorDocument 502 /error/50x.html +ErrorDocument 503 /error/50x.html +ErrorDocument 506 /error/50x.html diff --git a/install/debian/9/apache2/status.conf b/install/debian/9/apache2/status.conf new file mode 100644 index 00000000..da9d9633 --- /dev/null +++ b/install/debian/9/apache2/status.conf @@ -0,0 +1,8 @@ +Listen 127.0.0.1:8081 + + SetHandler server-status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + Allow from all + diff --git a/install/debian/9/bind/named.conf b/install/debian/9/bind/named.conf new file mode 100644 index 00000000..ed6ece88 --- /dev/null +++ b/install/debian/9/bind/named.conf @@ -0,0 +1,12 @@ +// This is the primary configuration file for the BIND DNS server named. +// +// Please read /usr/share/doc/bind9/README.Debian.gz for information on the +// structure of BIND configuration files in Debian, *BEFORE* you customize +// this configuration file. +// +// If you are just adding zones, please do that in /etc/bind/named.conf.local + +include "/etc/bind/named.conf.options"; +include "/etc/bind/named.conf.local"; +include "/etc/bind/named.conf.default-zones"; + diff --git a/install/debian/9/clamav/clamd.conf b/install/debian/9/clamav/clamd.conf new file mode 100644 index 00000000..4e04356e --- /dev/null +++ b/install/debian/9/clamav/clamd.conf @@ -0,0 +1,61 @@ +#Automatically Generated by clamav-base postinst +#To reconfigure clamd run #dpkg-reconfigure clamav-base +#Please read /usr/share/doc/clamav-base/README.Debian.gz for details +LocalSocket /var/run/clamav/clamd.ctl +FixStaleSocket true +LocalSocketGroup clamav +LocalSocketMode 666 +# TemporaryDirectory is not set to its default /tmp here to make overriding +# the default with environment variables TMPDIR/TMP/TEMP possible +User clamav +# AllowSupplementaryGroups true +ScanMail true +ScanArchive true +ArchiveBlockEncrypted false +MaxDirectoryRecursion 15 +FollowDirectorySymlinks false +FollowFileSymlinks false +ReadTimeout 180 +MaxThreads 12 +MaxConnectionQueueLength 15 +LogSyslog false +LogFacility LOG_LOCAL6 +LogClean false +LogVerbose true +PidFile /var/run/clamav/clamd.pid +DatabaseDirectory /var/lib/clamav +SelfCheck 3600 +Foreground false +Debug false +ScanPE true +ScanOLE2 true +ScanHTML true +DetectBrokenExecutables false +ExitOnOOM false +LeaveTemporaryFiles false +AlgorithmicDetection true +ScanELF true +IdleTimeout 30 +PhishingSignatures true +PhishingScanURLs true +PhishingAlwaysBlockSSLMismatch false +PhishingAlwaysBlockCloak false +DetectPUA false +ScanPartialMessages false +HeuristicScanPrecedence false +StructuredDataDetection false +CommandReadTimeout 5 +SendBufTimeout 200 +MaxQueue 100 +ExtendedDetectionInfo true +OLE2BlockMacros false +StreamMaxLength 25M +LogFile /var/log/clamav/clamav.log +LogTime true +LogFileUnlock false +LogFileMaxSize 0 +Bytecode true +BytecodeSecurity TrustSigned +BytecodeTimeout 60000 +OfficialDatabaseOnly false +CrossFilesystems true diff --git a/install/debian/9/deb_signing.key b/install/debian/9/deb_signing.key new file mode 100644 index 00000000..2ad2db8b --- /dev/null +++ b/install/debian/9/deb_signing.key @@ -0,0 +1,30 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.12 (GNU/Linux) + +mQENBFJIGbEBCAC8SHOOFo7iDTbnC2GhNZ+uBGCh226Dn1QPoFZNFM/DNakHZ6rD +G3wzr8++eKz4fJual/VLllE2N9XDPuxbozb3LLkcyY1WzJqtIXbXhFGQ/SuIeT+x +QY90XU6t2Ckze2c+zUniAWmJ8GSyVmXOoc9JxAQ1u47wvGXLzrjWXc8u8PNRYXuf +fZplTL+dFu9P0d6lP8FGsV+r9wXvvazpRTz3+H8PKrGCYT55ZQIEdG9Jgamylto2 +oVPFXkwGML+TLw6oeCIBuz2y2vtivphW4MJ3ifQjDj7k3n+DTIxfDFs8lB6VRhhY +2nMHCrcZC6U2mhmXmr6O4s1fu6irBVx05ejPABEBAAG0IFNlcmdoZXkgUm9kaW4g +PHNraWRAdmVzdGFjcC5jb20+iQE4BBMBAgAiBQJSSBmxAhsDBgsJCAcDAgYVCAIJ +CgsEFgIDAQIeAQIXgAAKCRBCxbITCh93FPdqB/93GjV9g+wBfeZYLHQK9MDU2wBb +VloYOJJae6IvYKYQVAJayD3PbHdpxrF8s9e23vdnmb9jKu6jX6oV54EIyqP2HPiN +QYc8wcea+eSHerznBixCtoQh8mtdWGFeN71zU/ig7L5qlOVF/EmxDVZTFUeivFxh +IV6qyBnktQKktE45585yKZyyLtfGoXA54DGK69OtJFh+wdkKEMmUXocMl7wUrxW6 +Cx2CuKeEXEgvwu8mRHQi3S3T9XP456qWEn5dWyMVcP660IzEuZfSJApZusNK7zG3 +WMy0/EuX7xHNY3mcNxTOUN1LsO7iHnhHD9+iKWJo9parGkMZzc92MpjDK/g7uQEN +BFJIGbEBCAC7k5QEA9WQM7E3ceNaeLMrA9lXfuzaNCcySq7ONdVAa5PxzbSKdHvz +QFoL1VFqBTYQ038lbil1XqnoM0zvIfAI3LcpS8sq92El/vPxp6jZh2Ari9Uw7x95 +k2cZMgI67g+zQMGdjVRA155nFQRCgg000xU4F7JA6+WsuLlVUmccsDv7YWJExMtC +YPxiuz5DFu8RALnw4Ckts+dbwsrcvUHhkm9b6RAsdCKjjRpUZjLgdltjH83gUVvt +i1YmdjjsVpt95dtsaG+ad852g/Rk8EdxNMkjPF6HLA67CLADP9wYaj80yPcPtylS +ycvPtcclVeHkFBRVM8xZpQd4iD19MWI1ABEBAAGJAR8EGAECAAkFAlJIGbECGwwA +CgkQQsWyEwofdxQ7tQgAhB0FwTs7L8Qr63DHC2yAnXVxgtTAY1/36CccNXVculyR ++EkLcwahms9AKhz7eQb+Mud+5vH0GRohLp2npgO38CjVUfIP5d+Y6dsthmrkF6p8 +XdV1dVK9vWX+i/YZSw/Mded30Cq4P2Yhq9EaemMT0rtli8lz2NnkZ9dFJZk1lzJC +CZmRpbjSNWqRU4f7qyh21lYk/OC/0XE8fh8CaO23TZ+6gBionoCztwb7NyC9OArN +qYlNnbmh9iNqdblykPS3bkjf34n2xyMgnIehNrM89tk8PY4UfNPhgT1TMD9W3Svq +ynNZvLuF/FIDwDeC1qcfjGbfDn9fXO/lMIIRooQYKQ== +=J2HJ +-----END PGP PUBLIC KEY BLOCK----- diff --git a/install/debian/9/dovecot/conf.d/10-auth.conf b/install/debian/9/dovecot/conf.d/10-auth.conf new file mode 100644 index 00000000..dfcc8311 --- /dev/null +++ b/install/debian/9/dovecot/conf.d/10-auth.conf @@ -0,0 +1,4 @@ +disable_plaintext_auth = no +auth_verbose = yes +auth_mechanisms = plain login +!include auth-passwdfile.conf.ext diff --git a/install/debian/9/dovecot/conf.d/10-logging.conf b/install/debian/9/dovecot/conf.d/10-logging.conf new file mode 100644 index 00000000..a5f207d5 --- /dev/null +++ b/install/debian/9/dovecot/conf.d/10-logging.conf @@ -0,0 +1 @@ +log_path = /var/log/dovecot.log diff --git a/install/debian/9/dovecot/conf.d/10-mail.conf b/install/debian/9/dovecot/conf.d/10-mail.conf new file mode 100644 index 00000000..55313419 --- /dev/null +++ b/install/debian/9/dovecot/conf.d/10-mail.conf @@ -0,0 +1,4 @@ +mail_privileged_group = mail +mail_access_groups = mail +mail_location = maildir:%h/mail/%d/%n +pop3_uidl_format = %08Xu%08Xv diff --git a/install/debian/9/dovecot/conf.d/10-master.conf b/install/debian/9/dovecot/conf.d/10-master.conf new file mode 100644 index 00000000..a75a9aaa --- /dev/null +++ b/install/debian/9/dovecot/conf.d/10-master.conf @@ -0,0 +1,29 @@ +service imap-login { + inet_listener imap { + } + inet_listener imaps { + } +} + +service pop3-login { + inet_listener pop3 { + } + inet_listener pop3s { + } +} + + +service imap { +} + +service pop3 { +} + +service auth { + unix_listener auth-client { + group = mail + mode = 0660 + user = dovecot + } + user = dovecot +} diff --git a/install/debian/9/dovecot/conf.d/10-ssl.conf b/install/debian/9/dovecot/conf.d/10-ssl.conf new file mode 100644 index 00000000..3aaff6ee --- /dev/null +++ b/install/debian/9/dovecot/conf.d/10-ssl.conf @@ -0,0 +1,3 @@ +ssl = yes +ssl_cert = = 2.1.4) : %v.%u + # Dovecot v0.99.x : %v.%u + # tpop3d : %Mf + # + # Note that Outlook 2003 seems to have problems with %v.%u format which was + # Dovecot's default, so if you're building a new server it would be a good + # idea to change this. %08Xu%08Xv should be pretty fail-safe. + # + #pop3_uidl_format = %08Xu%08Xv + + # Permanently save UIDLs sent to POP3 clients, so pop3_uidl_format changes + # won't change those UIDLs. Currently this works only with Maildir. + #pop3_save_uidl = no + + # What to do about duplicate UIDLs if they exist? + # allow: Show duplicates to clients. + # rename: Append a temporary -2, -3, etc. counter after the UIDL. + #pop3_uidl_duplicates = allow + + # POP3 logout format string: + # %i - total number of bytes read from client + # %o - total number of bytes sent to client + # %t - number of TOP commands + # %p - number of bytes sent to client as a result of TOP command + # %r - number of RETR commands + # %b - number of bytes sent to client as a result of RETR command + # %d - number of deleted messages + # %m - number of messages (before deletion) + # %s - mailbox size in bytes (before deletion) + # %u - old/new UIDL hash. may help finding out if UIDLs changed unexpectedly + #pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s + + # Maximum number of POP3 connections allowed for a user from each IP address. + # NOTE: The username is compared case-sensitively. + #mail_max_userip_connections = 10 + + # Space separated list of plugins to load (default is global mail_plugins). + #mail_plugins = $mail_plugins + + # Workarounds for various client bugs: + # outlook-no-nuls: + # Outlook and Outlook Express hang if mails contain NUL characters. + # This setting replaces them with 0x80 character. + # oe-ns-eoh: + # Outlook Express and Netscape Mail breaks if end of headers-line is + # missing. This option simply sends it if it's missing. + # The list is space-separated. + #pop3_client_workarounds = +} diff --git a/install/debian/9/dovecot/conf.d/auth-passwdfile.conf.ext b/install/debian/9/dovecot/conf.d/auth-passwdfile.conf.ext new file mode 100644 index 00000000..75e6e115 --- /dev/null +++ b/install/debian/9/dovecot/conf.d/auth-passwdfile.conf.ext @@ -0,0 +1,9 @@ +passdb { + driver = passwd-file + args = scheme=MD5-CRYPT username_format=%n /etc/exim4/domains/%d/passwd +} + +userdb { + driver = passwd-file + args = username_format=%n /etc/exim4/domains/%d/passwd +} diff --git a/install/debian/9/dovecot/dovecot.conf b/install/debian/9/dovecot/dovecot.conf new file mode 100644 index 00000000..0a855351 --- /dev/null +++ b/install/debian/9/dovecot/dovecot.conf @@ -0,0 +1,4 @@ +protocols = imap pop3 +listen = *, :: +base_dir = /var/run/dovecot/ +!include conf.d/*.conf diff --git a/install/debian/9/exim/dnsbl.conf b/install/debian/9/exim/dnsbl.conf new file mode 100644 index 00000000..5166b255 --- /dev/null +++ b/install/debian/9/exim/dnsbl.conf @@ -0,0 +1,2 @@ +bl.spamcop.net +zen.spamhaus.org diff --git a/install/debian/9/exim/exim4.conf.template b/install/debian/9/exim/exim4.conf.template new file mode 100644 index 00000000..bfb98e0b --- /dev/null +++ b/install/debian/9/exim/exim4.conf.template @@ -0,0 +1,382 @@ +###################################################################### +# # +# Exim configuration file for Vesta Control Panel # +# # +###################################################################### + +#SPAMASSASSIN = yes +#SPAM_SCORE = 50 +#CLAMD = yes + +disable_ipv6=true +add_environment=<; PATH=/bin:/usr/bin +keep_environment= + +domainlist local_domains = dsearch;/etc/exim4/domains/ +domainlist relay_to_domains = dsearch;/etc/exim4/domains/ +hostlist relay_from_hosts = 127.0.0.1 +hostlist whitelist = net-iplsearch;/etc/exim4/white-blocks.conf +hostlist spammers = net-iplsearch;/etc/exim4/spam-blocks.conf +no_local_from_check +untrusted_set_sender = * +acl_smtp_connect = acl_check_spammers +acl_smtp_mail = acl_check_mail +acl_smtp_rcpt = acl_check_rcpt +acl_smtp_data = acl_check_data +acl_smtp_mime = acl_check_mime + +.ifdef SPAMASSASSIN +spamd_address = 127.0.0.1 783 +.endif + +.ifdef CLAMD +av_scanner = clamd: /var/run/clamav/clamd.ctl +.endif + +tls_advertise_hosts = * +tls_certificate = /usr/local/vesta/ssl/certificate.crt +tls_privatekey = /usr/local/vesta/ssl/certificate.key + +daemon_smtp_ports = 25 : 465 : 587 : 2525 +tls_on_connect_ports = 465 +never_users = root +host_lookup = * +rfc1413_hosts = * +rfc1413_query_timeout = 5s +ignore_bounce_errors_after = 2d +timeout_frozen_after = 7d + +DKIM_DOMAIN = ${lc:${domain:$h_from:}} +DKIM_FILE = /etc/exim4/domains/${lc:${domain:$h_from:}}/dkim.pem +DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}} + + + +###################################################################### +# ACL CONFIGURATION # +# Specifies access control lists for incoming SMTP mail # +###################################################################### +begin acl + +acl_check_spammers: + accept hosts = +whitelist + + drop message = Your host in blacklist on this server. + log_message = Host in blacklist + hosts = +spammers + + accept + + +acl_check_mail: + deny condition = ${if eq{$sender_helo_name}{}} + message = HELO required before MAIL + + drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid + condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}} + condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}} + delay = 45s + + drop condition = ${if isip{$sender_helo_name}} + message = Access denied - Invalid HELO name (See RFC2821 4.1.3) + + drop condition = ${if eq{[$interface_address]}{$sender_helo_name}} + message = $interface_address is _my_ address + + accept + + +acl_check_rcpt: + accept hosts = : + + deny message = Restricted characters in address + domains = +local_domains + local_parts = ^[.] : ^.*[@%!/|] + + deny message = Restricted characters in address + domains = !+local_domains + local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ + + require verify = sender + + accept hosts = +relay_from_hosts + control = submission + + accept authenticated = * + control = submission/domain= + + deny message = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text + hosts = !+whitelist + dnslists = ${readfile {/etc/exim4/dnsbl.conf}{:}} + + require message = relay not permitted + domains = +local_domains : +relay_to_domains + + deny message = smtp auth requried + sender_domains = +local_domains + !authenticated = * + + require verify = recipient + +.ifdef CLAMD + warn set acl_m0 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antivirus}{yes}{no}} + set acl_m0 = yes +.endif + +.ifdef SPAMASSASSIN + warn set acl_m1 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}} + set acl_m1 = yes +.endif + + accept + + +acl_check_data: +.ifdef CLAMD + deny message = Message contains a virus ($malware_name) and has been rejected + malware = * + condition = ${if eq{$acl_m0}{yes}{yes}{no}} +.endif + +.ifdef SPAMASSASSIN + warn !authenticated = * + hosts = !+relay_from_hosts + condition = ${if < {$message_size}{100K}} + condition = ${if eq{$acl_m1}{yes}{yes}{no}} + spam = nobody:true/defer_ok + add_header = X-Spam-Score: $spam_score_int + add_header = X-Spam-Bar: $spam_bar + add_header = X-Spam-Report: $spam_report + set acl_m2 = $spam_score_int + + warn condition = ${if !eq{$acl_m2}{} {yes}{no}} + condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}} + add_header = X-Spam-Status: Yes + message = SpamAssassin detected spam (from $sender_address to $recipients). +.endif + + accept + + +acl_check_mime: + deny message = Blacklisted file extension detected + condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}} + + accept + + + +###################################################################### +# AUTHENTICATION CONFIGURATION # +###################################################################### +begin authenticators + +dovecot_plain: + driver = dovecot + public_name = PLAIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + +dovecot_login: + driver = dovecot + public_name = LOGIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + + + +###################################################################### +# ROUTERS CONFIGURATION # +# Specifies how addresses are handled # +###################################################################### +begin routers + +#smarthost: +# driver = manualroute +# domains = ! +local_domains +# transport = remote_smtp +# route_list = * smartrelay.vestacp.com +# no_more +# no_verify + +dnslookup: + driver = dnslookup + domains = !+local_domains + transport = remote_smtp + no_more + +userforward: + driver = redirect + check_local_user + file = $home/.forward + allow_filter + no_verify + no_expn + check_ancestor + file_transport = address_file + pipe_transport = address_pipe + reply_transport = address_reply + +procmail: + driver = accept + check_local_user + require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail + transport = procmail + no_verify + +autoreplay: + driver = accept + require_files = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + condition = ${if exists{/etc/exim4/domains/$domain/autoreply.${local_part}.msg}{yes}{no}} + retry_use_local_part + transport = userautoreply + unseen + +aliases: + driver = redirect + headers_add = X-redirected: yes + data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + require_files = /etc/exim4/domains/$domain/aliases + redirect_router = dnslookup + pipe_transport = address_pipe + unseen + +localuser_fwd_only: + driver = accept + transport = devnull + condition = ${if exists{/etc/exim4/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/fwd_only}{true}{false}}}} + +localuser_spam: + driver = accept + transport = local_spam_delivery + condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{yes}{no_such_user}}}} + +localuser: + driver = accept + transport = local_delivery + condition = ${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{true}{false}} + +catchall: + driver = redirect + headers_add = X-redirected: yes + require_files = /etc/exim4/domains/$domain/aliases + data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + file_transport = local_delivery + redirect_router = dnslookup + +terminate_alias: + driver = accept + transport = devnull + condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}{true}{false}} + + + +###################################################################### +# TRANSPORTS CONFIGURATION # +###################################################################### +begin transports + +remote_smtp: + driver = smtp + #helo_data = $sender_address_domain + dkim_domain = DKIM_DOMAIN + dkim_selector = mail + dkim_private_key = DKIM_PRIVATE_KEY + dkim_canon = relaxed + dkim_strict = 0 + +procmail: + driver = pipe + command = "/usr/bin/procmail -d $local_part" + return_path_add + delivery_date_add + envelope_to_add + user = $local_part + initgroups + return_output + +local_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_warn_threshold = 75% + +local_spam_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota_warn_threshold = 75% + +address_pipe: + driver = pipe + return_output + +address_file: + driver = appendfile + delivery_date_add + envelope_to_add + return_path_add + +address_reply: + driver = autoreply + +userautoreply: + driver = autoreply + file = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + from = "${local_part}@${domain}" + headers = Content-Type: text/plain; charset=utf-8;\nContent-Transfer-Encoding: 8bit + subject = "${if def:h_Subject: {Autoreply: \"${rfc2047:$h_Subject:}\"} {Autoreply Message}}" + to = "${sender_address}" + +devnull: + driver = appendfile + file = /dev/null + + + +###################################################################### +# RETRY CONFIGURATION # +###################################################################### +begin retry + +# Address or Domain Error Retries +# ----------------- ----- ------- +* * F,2h,15m; G,16h,1h,1.5; F,4d,6h + + + +###################################################################### +# REWRITE CONFIGURATION # +###################################################################### +begin rewrite + + + +###################################################################### diff --git a/install/debian/9/exim/spam-blocks.conf b/install/debian/9/exim/spam-blocks.conf new file mode 100644 index 00000000..e69de29b diff --git a/install/debian/9/fail2ban/action.d/vesta.conf b/install/debian/9/fail2ban/action.d/vesta.conf new file mode 100644 index 00000000..0edfc349 --- /dev/null +++ b/install/debian/9/fail2ban/action.d/vesta.conf @@ -0,0 +1,9 @@ +# Fail2Ban configuration file for vesta + +[Definition] + +actionstart = /usr/local/vesta/bin/v-add-firewall-chain +actionstop = /usr/local/vesta/bin/v-delete-firewall-chain +actioncheck = iptables -n -L INPUT | grep -q 'fail2ban-[ \t]' +actionban = /usr/local/vesta/bin/v-add-firewall-ban +actionunban = /usr/local/vesta/bin/v-delete-firewall-ban diff --git a/install/debian/9/fail2ban/filter.d/vesta.conf b/install/debian/9/fail2ban/filter.d/vesta.conf new file mode 100644 index 00000000..36ec1001 --- /dev/null +++ b/install/debian/9/fail2ban/filter.d/vesta.conf @@ -0,0 +1,10 @@ +# Fail2Ban filter for unsuccessful Vesta authentication attempts +# + +[INCLUDES] +before = common.conf + +[Definition] +failregex = .* failed to login +ignoreregex = + diff --git a/install/debian/9/fail2ban/jail.local b/install/debian/9/fail2ban/jail.local new file mode 100644 index 00000000..eccea068 --- /dev/null +++ b/install/debian/9/fail2ban/jail.local @@ -0,0 +1,39 @@ +[ssh-iptables] +enabled = true +filter = sshd +action = vesta[name=SSH] +logpath = /var/log/auth.log +maxretry = 5 + +[vsftpd-iptables] +enabled = false +filter = vsftpd +action = vesta[name=FTP] +logpath = /var/log/vsftpd.log +maxretry = 5 + +[exim-iptables] +enabled = true +filter = exim +action = vesta[name=MAIL] +logpath = /var/log/exim4/mainlog + +[dovecot-iptables] +enabled = true +filter = dovecot +action = vesta[name=MAIL] +logpath = /var/log/dovecot.log + +[mysqld-iptables] +enabled = false +filter = mysqld-auth +action = vesta[name=DB] +logpath = /var/log/mysql.log +maxretry = 5 + +[vesta-iptables] +enabled = true +filter = vesta +action = vesta[name=VESTA] +logpath = /var/log/vesta/auth.log +maxretry = 5 diff --git a/install/debian/9/firewall/ports.conf b/install/debian/9/firewall/ports.conf new file mode 100644 index 00000000..b730d012 --- /dev/null +++ b/install/debian/9/firewall/ports.conf @@ -0,0 +1,17 @@ +PROTOCOL='TCP' PORT='20' +PROTOCOL='TCP' PORT='21' +PROTOCOL='TCP' PORT='22' +PROTOCOL='TCP' PORT='25' +PROTOCOL='TCP' PORT='53' +PROTOCOL='UDP' PORT='53' +PROTOCOL='TCP' PORT='80' +PROTOCOL='TCP' PORT='443' +PROTOCOL='TCP' PORT='110' +PROTOCOL='UDP' PORT='123' +PROTOCOL='TCP' PORT='143' +PROTOCOL='TCP' PORT='3306' +PROTOCOL='TCP' PORT='5432' +PROTOCOL='TCP' PORT='8080' +PROTOCOL='TCP' PORT='8433' +PROTOCOL='TCP' PORT='8083' +PROTOCOL='TCP' PORT='12000:12100' diff --git a/install/debian/9/firewall/rules.conf b/install/debian/9/firewall/rules.conf new file mode 100644 index 00000000..fba98e1e --- /dev/null +++ b/install/debian/9/firewall/rules.conf @@ -0,0 +1,11 @@ +RULE='1' ACTION='ACCEPT' PROTOCOL='ICMP' PORT='0' IP='0.0.0.0/0' COMMENT='PING' SUSPENDED='no' TIME='17:13:48' DATE='2014-09-16' +RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='0.0.0.0/0' COMMENT='VESTA' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='7' ACTION='ACCEPT' PROTOCOL='TCP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='8' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP='0.0.0.0/0' COMMENT='FTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='17:04:27' DATE='2014-09-24' +RULE='11' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='0.0.0.0/0' COMMENT='SSH' SUSPENDED='no' TIME='17:14:41' DATE='2014-09-16' diff --git a/install/debian/9/logrotate/apache2 b/install/debian/9/logrotate/apache2 new file mode 100644 index 00000000..27629d0d --- /dev/null +++ b/install/debian/9/logrotate/apache2 @@ -0,0 +1,19 @@ +/var/log/apache2/*.log /var/log/apache2/domains/*log { + weekly + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 root adm + sharedscripts + postrotate + /etc/init.d/apache2 reload > /dev/null || true + [ ! -f /var/run/nginx.pid ] || kill -USR1 `cat /var/run/nginx.pid` + endscript + prerotate + if [ -d /etc/logrotate.d/httpd-prerotate ]; then \ + run-parts /etc/logrotate.d/httpd-prerotate; \ + fi; \ + endscript +} diff --git a/install/debian/9/logrotate/dovecot b/install/debian/9/logrotate/dovecot new file mode 100644 index 00000000..ac4fd6e9 --- /dev/null +++ b/install/debian/9/logrotate/dovecot @@ -0,0 +1,12 @@ +/var/log/dovecot*.log { + weekly + rotate 4 + missingok + notifempty + compress + delaycompress + sharedscripts + postrotate + doveadm log reopen + endscript +} diff --git a/install/debian/9/logrotate/nginx b/install/debian/9/logrotate/nginx new file mode 100644 index 00000000..d667f213 --- /dev/null +++ b/install/debian/9/logrotate/nginx @@ -0,0 +1,13 @@ +/var/log/nginx/*log /var/log/nginx/domains/*log { + daily + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 nginx adm + sharedscripts + postrotate + [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid` + endscript +} diff --git a/install/debian/9/logrotate/vesta b/install/debian/9/logrotate/vesta new file mode 100644 index 00000000..027a3439 --- /dev/null +++ b/install/debian/9/logrotate/vesta @@ -0,0 +1,7 @@ +/usr/local/vesta/log/*.log { + missingok + notifempty + size 30k + yearly + create 0600 root root +} diff --git a/install/debian/9/mysql/my-large.cnf b/install/debian/9/mysql/my-large.cnf new file mode 100644 index 00000000..d0bab390 --- /dev/null +++ b/install/debian/9/mysql/my-large.cnf @@ -0,0 +1,42 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 256M +max_allowed_packet = 32M +table_open_cache = 256 +sort_buffer_size = 1M +read_buffer_size = 1M +read_rnd_buffer_size = 4M +myisam_sort_buffer_size = 64M +thread_cache_size = 8 +query_cache_size= 16M +thread_concurrency = 8 + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=200 +max_user_connections=50 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/debian/9/mysql/my-medium.cnf b/install/debian/9/mysql/my-medium.cnf new file mode 100644 index 00000000..1c10ab9a --- /dev/null +++ b/install/debian/9/mysql/my-medium.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16M +max_allowed_packet = 16M +table_open_cache = 64 +sort_buffer_size = 512K +net_buffer_length = 8K +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=70 +max_user_connections=30 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/debian/9/mysql/my-small.cnf b/install/debian/9/mysql/my-small.cnf new file mode 100644 index 00000000..26a80478 --- /dev/null +++ b/install/debian/9/mysql/my-small.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16K +max_allowed_packet = 1M +table_open_cache = 4 +sort_buffer_size = 64K +read_buffer_size = 256K +read_rnd_buffer_size = 256K +net_buffer_length = 2K +thread_stack = 240K + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=30 +max_user_connections=20 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/debian/9/nginx/nginx.conf b/install/debian/9/nginx/nginx.conf new file mode 100644 index 00000000..1eef1672 --- /dev/null +++ b/install/debian/9/nginx/nginx.conf @@ -0,0 +1,137 @@ +# Server globals +user www-data; +worker_processes auto; +worker_rlimit_nofile 65535; +timer_resolution 50ms; #In order to free some CPU cycles +error_log /var/log/nginx/error.log crit; +pid /var/run/nginx.pid; + + +# Worker config +events { + worker_connections 1024; + use epoll; + multi_accept on; +} + + +http { + # Main settings + sendfile on; + tcp_nopush on; + tcp_nodelay on; + client_header_timeout 1m; + client_body_timeout 1m; + client_header_buffer_size 2k; + client_body_buffer_size 256k; + client_max_body_size 256m; + large_client_header_buffers 4 8k; + send_timeout 30; + keepalive_timeout 60 60; + reset_timedout_connection on; + server_tokens off; + server_name_in_redirect off; + server_names_hash_max_size 512; + server_names_hash_bucket_size 512; + + + # Log format + log_format main '$remote_addr - $remote_user [$time_local] $request ' + '"$status" $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + log_format bytes '$body_bytes_sent'; + #access_log /var/log/nginx/access.log main; + access_log off; + + + # Mime settings + include /etc/nginx/mime.types; + default_type application/octet-stream; + + + # Compression + gzip on; + gzip_comp_level 9; + gzip_min_length 512; + gzip_buffers 8 64k; + gzip_types text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype; + gzip_proxied any; + gzip_disable "MSIE [1-6]\."; + + # Proxy settings + proxy_redirect off; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass_header Set-Cookie; + proxy_connect_timeout 90; + proxy_send_timeout 90; + proxy_read_timeout 90; + proxy_buffers 32 4k; + + + # Cloudflare https://www.cloudflare.com/ips + set_real_ip_from 103.21.244.0/22; + set_real_ip_from 103.22.200.0/22; + set_real_ip_from 103.31.4.0/22; + set_real_ip_from 104.16.0.0/12; + set_real_ip_from 108.162.192.0/18; + set_real_ip_from 131.0.72.0/22; + set_real_ip_from 141.101.64.0/18; + set_real_ip_from 162.158.0.0/15; + set_real_ip_from 172.64.0.0/13; + set_real_ip_from 173.245.48.0/20; + set_real_ip_from 188.114.96.0/20; + set_real_ip_from 190.93.240.0/20; + set_real_ip_from 197.234.240.0/22; + set_real_ip_from 198.41.128.0/17; + set_real_ip_from 2400:cb00::/32; + set_real_ip_from 2606:4700::/32; + set_real_ip_from 2803:f800::/32; + set_real_ip_from 2405:b500::/32; + set_real_ip_from 2405:8100::/32; + set_real_ip_from 2c0f:f248::/32; + set_real_ip_from 2a06:98c0::/29; + real_ip_header CF-Connecting-IP; + + + # SSL PCI Compliance + ssl_session_cache shared:SSL:10m; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; + + + # Error pages + error_page 403 /error/403.html; + error_page 404 /error/404.html; + error_page 502 503 504 /error/50x.html; + + + # Cache settings + proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m; + proxy_cache_key "$host$request_uri $cookie_user"; + proxy_temp_path /var/cache/nginx/temp; + proxy_ignore_headers Expires Cache-Control; + proxy_cache_use_stale error timeout invalid_header http_502; + proxy_cache_valid any 1d; + + + # Cache bypass + map $http_cookie $no_cache { + default 0; + ~SESS 1; + ~wordpress_logged_in 1; + } + + + # File cache settings + open_file_cache max=10000 inactive=30s; + open_file_cache_valid 60s; + open_file_cache_min_uses 2; + open_file_cache_errors off; + + + # Wildcard include + include /etc/nginx/conf.d/*.conf; +} diff --git a/install/debian/9/nginx/phpmyadmin.inc b/install/debian/9/nginx/phpmyadmin.inc new file mode 100644 index 00000000..1feb8546 --- /dev/null +++ b/install/debian/9/nginx/phpmyadmin.inc @@ -0,0 +1,18 @@ +location /phpmyadmin { + alias /usr/share/phpmyadmin/; + + location ~ /(libraries|setup) { + return 404; + } + + location ~ ^/phpmyadmin/(.*\.php)$ { + alias /usr/share/phpmyadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } + location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ { + root /usr/share/; + } +} diff --git a/install/debian/9/nginx/phppgadmin.inc b/install/debian/9/nginx/phppgadmin.inc new file mode 100644 index 00000000..cd1e5806 --- /dev/null +++ b/install/debian/9/nginx/phppgadmin.inc @@ -0,0 +1,11 @@ +location /phppgadmin { + alias /usr/share/phppgadmin/; + + location ~ ^/phppgadmin/(.*\.php)$ { + alias /usr/share/phppgadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/debian/9/nginx/status.conf b/install/debian/9/nginx/status.conf new file mode 100644 index 00000000..c0bcd069 --- /dev/null +++ b/install/debian/9/nginx/status.conf @@ -0,0 +1,9 @@ +server { + listen 127.0.0.1:8084 default; + server_name _; + server_name_in_redirect off; + location / { + stub_status on; + access_log off; + } +} diff --git a/install/debian/9/nginx/webmail.inc b/install/debian/9/nginx/webmail.inc new file mode 100644 index 00000000..ad66895b --- /dev/null +++ b/install/debian/9/nginx/webmail.inc @@ -0,0 +1,15 @@ +location /webmail { + alias /var/lib/roundcube/; + + location ~ /(config|temp|logs) { + return 404; + } + + location ~ ^/webmail/(.*\.php)$ { + alias /var/lib/roundcube/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/debian/9/packages/default.pkg b/install/debian/9/packages/default.pkg new file mode 100644 index 00000000..c2a93574 --- /dev/null +++ b/install/debian/9/packages/default.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='unlimited' +BANDWIDTH='100000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='3' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/debian/9/packages/gainsboro.pkg b/install/debian/9/packages/gainsboro.pkg new file mode 100644 index 00000000..76d7dae2 --- /dev/null +++ b/install/debian/9/packages/gainsboro.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='10' +WEB_ALIASES='10' +DNS_DOMAINS='10' +DNS_RECORDS='10' +MAIL_DOMAINS='10' +MAIL_ACCOUNTS='10' +DATABASES='10' +CRON_JOBS='10' +DISK_QUOTA='10000' +BANDWIDTH='10000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='1' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/debian/9/packages/palegreen.pkg b/install/debian/9/packages/palegreen.pkg new file mode 100644 index 00000000..3db5fe57 --- /dev/null +++ b/install/debian/9/packages/palegreen.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='hosting' +PROXY_TEMPLATE='hosting' +DNS_TEMPLATE='default' +WEB_DOMAINS='50' +WEB_ALIASES='50' +DNS_DOMAINS='50' +DNS_RECORDS='50' +MAIL_DOMAINS='50' +MAIL_ACCOUNTS='50' +DATABASES='50' +CRON_JOBS='50' +DISK_QUOTA='50000' +BANDWIDTH='50000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='5' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/debian/9/packages/slategrey.pkg b/install/debian/9/packages/slategrey.pkg new file mode 100644 index 00000000..d89e796f --- /dev/null +++ b/install/debian/9/packages/slategrey.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='10000' +BANDWIDTH='100000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='3' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/debian/9/pga/config.inc.php b/install/debian/9/pga/config.inc.php new file mode 100644 index 00000000..1eec9776 --- /dev/null +++ b/install/debian/9/pga/config.inc.php @@ -0,0 +1,159 @@ + diff --git a/install/debian/9/pga/phppgadmin.conf b/install/debian/9/pga/phppgadmin.conf new file mode 100644 index 00000000..f39247d6 --- /dev/null +++ b/install/debian/9/pga/phppgadmin.conf @@ -0,0 +1,31 @@ +Alias /phppgadmin /usr/share/phppgadmin + + + +DirectoryIndex index.php +AllowOverride None + +order deny,allow +deny from all +allow from 127.0.0.0/255.0.0.0 ::1/128 +allow from all + + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_value include_path . + + + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + + + diff --git a/install/debian/9/php5-fpm/www.conf b/install/debian/9/php5-fpm/www.conf new file mode 100644 index 00000000..3c87f33c --- /dev/null +++ b/install/debian/9/php5-fpm/www.conf @@ -0,0 +1,11 @@ +[www] +listen = 127.0.0.1:9000 +listen.allowed_clients = 127.0.0.1 + +user = www-data +group = www-data + +pm = ondemand +pm.max_children = 2 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s diff --git a/install/debian/9/pma/apache.conf b/install/debian/9/pma/apache.conf new file mode 100644 index 00000000..2a8f69e2 --- /dev/null +++ b/install/debian/9/pma/apache.conf @@ -0,0 +1,42 @@ +# phpMyAdmin default Apache configuration + +Alias /phpmyadmin /usr/share/phpmyadmin + + + Options FollowSymLinks + DirectoryIndex index.php + + + AddType application/x-httpd-php .php + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_flag register_globals Off + php_admin_flag allow_url_fopen Off + php_value include_path . + php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp + php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext + + + + +# Authorize for setup + + + AuthType Basic + AuthName "phpMyAdmin Setup" + AuthUserFile /etc/phpmyadmin/htpasswd.setup + + Require valid-user + + +# Disallow web access to directories that don't need it + + Order Deny,Allow + Deny from All + + + Order Deny,Allow + Deny from All + + diff --git a/install/debian/9/pma/config.inc.php b/install/debian/9/pma/config.inc.php new file mode 100644 index 00000000..eafc6d67 --- /dev/null +++ b/install/debian/9/pma/config.inc.php @@ -0,0 +1,146 @@ + + VRootEngine on + VRootAlias /etc/security/pam_env.conf etc/security/pam_env.conf + + +AuthPAMConfig proftpd +AuthOrder mod_auth_pam.c* mod_auth_unix.c +UseReverseDNS off +User proftpd +Group nogroup +MaxInstances 20 +UseSendfile off +LogFormat default "%h %l %u %t \"%r\" %s %b" +LogFormat auth "%v [%P] %h %t \"%r\" %s" +ListOptions -a +RequireValidShell off +PassivePorts 12000 12100 + + + Umask 002 + IdentLookups off + AllowOverwrite yes + + AllowAll + + diff --git a/install/debian/9/roundcube/apache.conf b/install/debian/9/roundcube/apache.conf new file mode 100644 index 00000000..a0c87bcc --- /dev/null +++ b/install/debian/9/roundcube/apache.conf @@ -0,0 +1,40 @@ +Alias /roundcube/program/js/tiny_mce/ /usr/share/tinymce/www/ +Alias /roundcube /var/lib/roundcube +Alias /webmail /var/lib/roundcube + +# Access to tinymce files + + Options Indexes MultiViews FollowSymLinks + AllowOverride None + Order allow,deny + allow from all + + + + Options +FollowSymLinks + # This is needed to parse /var/lib/roundcube/.htaccess. See its + # content before setting AllowOverride to None. + AllowOverride All + order allow,deny + allow from all + + +# Protecting basic directories: + + Options -FollowSymLinks + AllowOverride None + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + diff --git a/install/debian/9/roundcube/config.inc.php b/install/debian/9/roundcube/config.inc.php new file mode 100644 index 00000000..0c82b1bc --- /dev/null +++ b/install/debian/9/roundcube/config.inc.php @@ -0,0 +1,33 @@ + diff --git a/install/debian/9/roundcube/main.inc.php b/install/debian/9/roundcube/main.inc.php new file mode 100644 index 00000000..97cdbf2d --- /dev/null +++ b/install/debian/9/roundcube/main.inc.php @@ -0,0 +1,850 @@ +/sendmail or to syslog +$rcmail_config['smtp_log'] = true; + +// Log successful logins to /userlogins or to syslog +$rcmail_config['log_logins'] = false; + +// Log session authentication errors to /session or to syslog +$rcmail_config['log_session'] = false; + +// Log SQL queries to /sql or to syslog +$rcmail_config['sql_debug'] = false; + +// Log IMAP conversation to /imap or to syslog +$rcmail_config['imap_debug'] = false; + +// Log LDAP conversation to /ldap or to syslog +$rcmail_config['ldap_debug'] = false; + +// Log SMTP conversation to /smtp or to syslog +$rcmail_config['smtp_debug'] = false; + +// ---------------------------------- +// IMAP +// ---------------------------------- + +// the mail host chosen to perform the log-in +// leave blank to show a textbox at login, give a list of hosts +// to display a pulldown menu or set one host as string. +// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// +// Supported replacement variables: +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %s - domain name after the '@' from e-mail address provided at login screen +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['default_host'] = 'localhost'; + +// TCP port used for IMAP connections +$rcmail_config['default_port'] = 143; + +// IMAP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use +// best server supported one) +$rcmail_config['imap_auth_type'] = null; + +// If you know your imap's folder delimiter, you can specify it here. +// Otherwise it will be determined automatically +$rcmail_config['imap_delimiter'] = null; + +// If IMAP server doesn't support NAMESPACE extension, but you're +// using shared folders or personal root folder is non-empty, you'll need to +// set these options. All can be strings or arrays of strings. +// Folders need to be ended with directory separator, e.g. "INBOX." +// (special directory "~" is an exception to this rule) +// These can be used also to overwrite server's namespaces +$rcmail_config['imap_ns_personal'] = null; +$rcmail_config['imap_ns_other'] = null; +$rcmail_config['imap_ns_shared'] = null; + +// By default IMAP capabilities are readed after connection to IMAP server +// In some cases, e.g. when using IMAP proxy, there's a need to refresh the list +// after login. Set to True if you've got this case. +$rcmail_config['imap_force_caps'] = false; + +// By default list of subscribed folders is determined using LIST-EXTENDED +// extension if available. Some servers (dovecot 1.x) returns wrong results +// for shared namespaces in this case. http://trac.roundcube.net/ticket/1486225 +// Enable this option to force LSUB command usage instead. +$rcmail_config['imap_force_lsub'] = false; + +// Some server configurations (e.g. Courier) doesn't list folders in all namespaces +// Enable this option to force listing of folders in all namespaces +$rcmail_config['imap_force_ns'] = false; + +// IMAP connection timeout, in seconds. Default: 0 (no limit) +$rcmail_config['imap_timeout'] = 0; + +// Optional IMAP authentication identifier to be used as authorization proxy +$rcmail_config['imap_auth_cid'] = null; + +// Optional IMAP authentication password to be used for imap_auth_cid +$rcmail_config['imap_auth_pw'] = null; + +// Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'. +$rcmail_config['imap_cache'] = null; + +// Enables messages cache. Only 'db' cache is supported. +$rcmail_config['messages_cache'] = false; + + +// ---------------------------------- +// SMTP +// ---------------------------------- + +// SMTP server host (for sending mails). +// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// +// If left blank, the PHP mail() function is used +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['smtp_server'] = ''; + +// SMTP port (default is 25; use 587 for STARTTLS or 465 for the +// deprecated SSL over SMTP (aka SMTPS)) +$rcmail_config['smtp_port'] = 25; + +// SMTP username (if required) if you use %u as the username Roundcube +// will use the current username for login +$rcmail_config['smtp_user'] = ''; + +// SMTP password (if required) if you use %p as the password Roundcube +// will use the current user's password for login +$rcmail_config['smtp_pass'] = ''; + +// SMTP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use +// best server supported one) +$rcmail_config['smtp_auth_type'] = ''; + +// Optional SMTP authentication identifier to be used as authorization proxy +$rcmail_config['smtp_auth_cid'] = null; + +// Optional SMTP authentication password to be used for smtp_auth_cid +$rcmail_config['smtp_auth_pw'] = null; + +// SMTP HELO host +// Hostname to give to the remote server for SMTP 'HELO' or 'EHLO' messages +// Leave this blank and you will get the server variable 'server_name' or +// localhost if that isn't defined. +$rcmail_config['smtp_helo_host'] = ''; + +// SMTP connection timeout, in seconds. Default: 0 (no limit) +$rcmail_config['smtp_timeout'] = 0; + +// ---------------------------------- +// SYSTEM +// ---------------------------------- +include_once("/etc/roundcube/debian-db-roundcube.php"); + + +// THIS OPTION WILL ALLOW THE INSTALLER TO RUN AND CAN EXPOSE SENSITIVE CONFIG DATA. +// ONLY ENABLE IT IF YOU'RE REALLY SURE WHAT YOU'RE DOING! +$rcmail_config['enable_installer'] = false; + +// provide an URL where a user can get support for this Roundcube installation +// PLEASE DO NOT LINK TO THE ROUNDCUBE.NET WEBSITE HERE! +$rcmail_config['support_url'] = ''; + +// replace Roundcube logo with this image +// specify an URL relative to the document root of this Roundcube installation +$rcmail_config['skin_logo'] = null; + +// automatically create a new Roundcube user when log-in the first time. +// a new user will be created once the IMAP login succeeds. +// set to false if only registered users can use this service +$rcmail_config['auto_create_user'] = true; + +// use this folder to store log files (must be writeable for apache user) +// This is used by the 'file' log driver. +$rcmail_config['log_dir'] = '/var/log/roundcubemail/'; + +// use this folder to store temp files (must be writeable for apache user) +$rcmail_config['temp_dir'] = '/tmp'; + +// lifetime of message cache +// possible units: s, m, h, d, w +$rcmail_config['message_cache_lifetime'] = '10d'; + +// enforce connections over https +// with this option enabled, all non-secure connections will be redirected. +// set the port for the ssl connection as value of this option if it differs from the default 443 +$rcmail_config['force_https'] = false; + +// tell PHP that it should work as under secure connection +// even if it doesn't recognize it as secure ($_SERVER['HTTPS'] is not set) +// e.g. when you're running Roundcube behind a https proxy +// this option is mutually exclusive to 'force_https' and only either one of them should be set to true. +$rcmail_config['use_https'] = false; + +// Allow browser-autocompletion on login form. +// 0 - disabled, 1 - username and host only, 2 - username, host, password +$rcmail_config['login_autocomplete'] = 0; + +// Forces conversion of logins to lower case. +// 0 - disabled, 1 - only domain part, 2 - domain and local part. +// If users authentication is not case-sensitive this must be enabled. +// After enabling it all user records need to be updated, e.g. with query: +// UPDATE users SET username = LOWER(username); +$rcmail_config['login_lc'] = 0; + +// Includes should be interpreted as PHP files +$rcmail_config['skin_include_php'] = false; + +// display software version on login screen +$rcmail_config['display_version'] = false; + +// Session lifetime in minutes +// must be greater than 'keep_alive'/60 +$rcmail_config['session_lifetime'] = 10; + +// session domain: .example.org +$rcmail_config['session_domain'] = ''; + +// session name. Default: 'roundcube_sessid' +$rcmail_config['session_name'] = null; + +// Backend to use for session storage. Can either be 'db' (default) or 'memcache' +// If set to memcache, a list of servers need to be specified in 'memcache_hosts' +// Make sure the Memcache extension (http://pecl.php.net/package/memcache) version >= 2.0.0 is installed +$rcmail_config['session_storage'] = 'db'; + +// Use these hosts for accessing memcached +// Define any number of hosts in the form of hostname:port or unix:///path/to/sock.file +$rcmail_config['memcache_hosts'] = null; // e.g. array( 'localhost:11211', '192.168.1.12:11211', 'unix:///var/tmp/memcached.sock' ); + +// check client IP in session athorization +$rcmail_config['ip_check'] = false; + +// check referer of incoming requests +$rcmail_config['referer_check'] = false; + +// X-Frame-Options HTTP header value sent to prevent from Clickjacking. +// Possible values: sameorigin|deny. Set to false in order to disable sending them +$rcmail_config['x_frame_options'] = 'sameorigin'; + +// this key is used to encrypt the users imap password which is stored +// in the session record (and the client cookie if remember password is enabled). +// please provide a string of exactly 24 chars. +$rcmail_config['des_key'] = 'vtIOjLZo9kffJoqzpSbm5r1r'; + +// Automatically add this domain to user names for login +// Only for IMAP servers that require full e-mail addresses for login +// Specify an array with 'host' => 'domain' values to support multiple hosts +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['username_domain'] = ''; + +// This domain will be used to form e-mail addresses of new users +// Specify an array with 'host' => 'domain' values to support multiple hosts +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['mail_domain'] = ''; + +// Password charset. +// Use it if your authentication backend doesn't support UTF-8. +// Defaults to ISO-8859-1 for backward compatibility +$rcmail_config['password_charset'] = 'ISO-8859-1'; + +// How many seconds must pass between emails sent by a user +$rcmail_config['sendmail_delay'] = 0; + +// Maximum number of recipients per message. Default: 0 (no limit) +$rcmail_config['max_recipients'] = 0; + +// Maximum allowednumber of members of an address group. Default: 0 (no limit) +// If 'max_recipients' is set this value should be less or equal +$rcmail_config['max_group_members'] = 0; + +// add this user-agent to message headers when sending +$rcmail_config['useragent'] = 'Roundcube Webmail/'.RCMAIL_VERSION; + +// use this name to compose page titles +$rcmail_config['product_name'] = 'Roundcube Webmail'; + +// try to load host-specific configuration +// see http://trac.roundcube.net/wiki/Howto_Config for more details +$rcmail_config['include_host_config'] = false; + +// path to a text file which will be added to each sent message +// paths are relative to the Roundcube root folder +$rcmail_config['generic_message_footer'] = ''; + +// path to a text file which will be added to each sent HTML message +// paths are relative to the Roundcube root folder +$rcmail_config['generic_message_footer_html'] = ''; + +// add a received header to outgoing mails containing the creators IP and hostname +$rcmail_config['http_received_header'] = false; + +// Whether or not to encrypt the IP address and the host name +// these could, in some circles, be considered as sensitive information; +// however, for the administrator, these could be invaluable help +// when tracking down issues. +$rcmail_config['http_received_header_encrypt'] = false; + +// This string is used as a delimiter for message headers when sending +// a message via mail() function. Leave empty for auto-detection +$rcmail_config['mail_header_delimiter'] = NULL; + +// number of chars allowed for line when wrapping text. +// text wrapping is done when composing/sending messages +$rcmail_config['line_length'] = 72; + +// send plaintext messages as format=flowed +$rcmail_config['send_format_flowed'] = true; + +// don't allow these settings to be overriden by the user +$rcmail_config['dont_override'] = array(); + +// Set identities access level: +// 0 - many identities with possibility to edit all params +// 1 - many identities with possibility to edit all params but not email address +// 2 - one identity with possibility to edit all params +// 3 - one identity with possibility to edit all params but not email address +$rcmail_config['identities_level'] = 0; + +// Mimetypes supported by the browser. +// attachments of these types will open in a preview window +// either a comma-separated list or an array: 'text/plain,text/html,text/xml,image/jpeg,image/gif,image/png,application/pdf' +$rcmail_config['client_mimetypes'] = null; # null == default + +// mime magic database +$rcmail_config['mime_magic'] = null; + +// path to imagemagick identify binary +$rcmail_config['im_identify_path'] = null; + +// path to imagemagick convert binary +$rcmail_config['im_convert_path'] = null; + +// maximum size of uploaded contact photos in pixel +$rcmail_config['contact_photo_size'] = 160; + +// Enable DNS checking for e-mail address validation +$rcmail_config['email_dns_check'] = false; + +// ---------------------------------- +// PLUGINS +// ---------------------------------- + +// List of active plugins (in plugins/ directory) +$rcmail_config['plugins'] = array('password'); + +// ---------------------------------- +// USER INTERFACE +// ---------------------------------- + +// default messages sort column. Use empty value for default server's sorting, +// or 'arrival', 'date', 'subject', 'from', 'to', 'fromto', 'size', 'cc' +$rcmail_config['message_sort_col'] = ''; + +// default messages sort order +$rcmail_config['message_sort_order'] = 'DESC'; + +// These cols are shown in the message list. Available cols are: +// subject, from, to, fromto, cc, replyto, date, size, status, flag, attachment, 'priority' +$rcmail_config['list_cols'] = array('subject', 'status', 'fromto', 'date', 'size', 'flag', 'attachment'); + +// the default locale setting (leave empty for auto-detection) +// RFC1766 formatted language name like en_US, de_DE, de_CH, fr_FR, pt_BR +$rcmail_config['language'] = null; + +// use this format for date display (date or strftime format) +$rcmail_config['date_format'] = 'Y-m-d'; + +// give this choice of date formats to the user to select from +$rcmail_config['date_formats'] = array('Y-m-d', 'd-m-Y', 'Y/m/d', 'm/d/Y', 'd/m/Y', 'd.m.Y', 'j.n.Y'); + +// use this format for time display (date or strftime format) +$rcmail_config['time_format'] = 'H:i'; + +// give this choice of time formats to the user to select from +$rcmail_config['time_formats'] = array('G:i', 'H:i', 'g:i a', 'h:i A'); + +// use this format for short date display (derived from date_format and time_format) +$rcmail_config['date_short'] = 'D H:i'; + +// use this format for detailed date/time formatting (derived from date_format and time_format) +$rcmail_config['date_long'] = 'Y-m-d H:i'; + +// store draft message is this mailbox +// leave blank if draft messages should not be stored +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['drafts_mbox'] = 'Drafts'; + +// store spam messages in this mailbox +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['junk_mbox'] = 'Spam'; + +// store sent message is this mailbox +// leave blank if sent messages should not be stored +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['sent_mbox'] = 'Sent'; + +// move messages to this folder when deleting them +// leave blank if they should be deleted directly +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['trash_mbox'] = 'Trash'; + +// display these folders separately in the mailbox list. +// these folders will also be displayed with localized names +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['default_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); +$rcmail_config['default_imap_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); + +// automatically create the above listed default folders on first login +$rcmail_config['create_default_folders'] = true; + +// protect the default folders from renames, deletes, and subscription changes +$rcmail_config['protect_default_folders'] = true; + +// if in your system 0 quota means no limit set this option to true +$rcmail_config['quota_zero_as_unlimited'] = false; + +// Make use of the built-in spell checker. It is based on GoogieSpell. +// Since Google only accepts connections over https your PHP installatation +// requires to be compiled with Open SSL support +$rcmail_config['enable_spellcheck'] = true; + +// Enables spellchecker exceptions dictionary. +// Setting it to 'shared' will make the dictionary shared by all users. +$rcmail_config['spellcheck_dictionary'] = false; + +// Set the spell checking engine. 'googie' is the default. 'pspell' is also available, +// but requires the Pspell extensions. When using Nox Spell Server, also set 'googie' here. +$rcmail_config['spellcheck_engine'] = 'googie'; + +// For a locally installed Nox Spell Server, please specify the URI to call it. +// Get Nox Spell Server from http://orangoo.com/labs/?page_id=72 +// Leave empty to use the Google spell checking service, what means +// that the message content will be sent to Google in order to check spelling +$rcmail_config['spellcheck_uri'] = ''; + +// These languages can be selected for spell checking. +// Configure as a PHP style hash array: array('en'=>'English', 'de'=>'Deutsch'); +// Leave empty for default set of available language. +$rcmail_config['spellcheck_languages'] = NULL; + +// Makes that words with all letters capitalized will be ignored (e.g. GOOGLE) +$rcmail_config['spellcheck_ignore_caps'] = false; + +// Makes that words with numbers will be ignored (e.g. g00gle) +$rcmail_config['spellcheck_ignore_nums'] = false; + +// Makes that words with symbols will be ignored (e.g. g@@gle) +$rcmail_config['spellcheck_ignore_syms'] = false; + +// Use this char/string to separate recipients when composing a new message +$rcmail_config['recipients_separator'] = ','; + +// don't let users set pagesize to more than this value if set +$rcmail_config['max_pagesize'] = 200; + +// Minimal value of user's 'keep_alive' setting (in seconds) +// Must be less than 'session_lifetime' +$rcmail_config['min_keep_alive'] = 60; + +// Enables files upload indicator. Requires APC installed and enabled apc.rfc1867 option. +// By default refresh time is set to 1 second. You can set this value to true +// or any integer value indicating number of seconds. +$rcmail_config['upload_progress'] = false; + +// Specifies for how many seconds the Undo button will be available +// after object delete action. Currently used with supporting address book sources. +// Setting it to 0, disables the feature. +$rcmail_config['undo_timeout'] = 0; + +// ---------------------------------- +// ADDRESSBOOK SETTINGS +// ---------------------------------- + +// This indicates which type of address book to use. Possible choises: +// 'sql' (default) and 'ldap'. +// If set to 'ldap' then it will look at using the first writable LDAP +// address book as the primary address book and it will not display the +// SQL address book in the 'Address Book' view. +$rcmail_config['address_book_type'] = 'sql'; + +// In order to enable public ldap search, configure an array like the Verisign +// example further below. if you would like to test, simply uncomment the example. +// Array key must contain only safe characters, ie. a-zA-Z0-9_ +$rcmail_config['ldap_public'] = array(); + +// If you are going to use LDAP for individual address books, you will need to +// set 'user_specific' to true and use the variables to generate the appropriate DNs to access it. +// +// The recommended directory structure for LDAP is to store all the address book entries +// under the users main entry, e.g.: +// +// o=root +// ou=people +// uid=user@domain +// mail=contact@contactdomain +// +// So the base_dn would be uid=%fu,ou=people,o=root +// The bind_dn would be the same as based_dn or some super user login. +/* + * example config for Verisign directory + * +$rcmail_config['ldap_public']['Verisign'] = array( + 'name' => 'Verisign.com', + // Replacement variables supported in host names: + // %h - user's IMAP hostname + // %n - http hostname ($_SERVER['SERVER_NAME']) + // %d - domain (http hostname without the first part) + // %z - IMAP domain (IMAP hostname without the first part) + // For example %n = mail.domain.tld, %d = domain.tld + 'hosts' => array('directory.verisign.com'), + 'port' => 389, + 'use_tls' => false, + 'ldap_version' => 3, // using LDAPv3 + 'user_specific' => false, // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login. + // %fu - The full username provided, assumes the username is an email + // address, uses the username_domain value if not an email address. + // %u - The username prior to the '@'. + // %d - The domain name after the '@'. + // %dc - The domain name hierarchal string e.g. "dc=test,dc=domain,dc=com" + // %dn - DN found by ldap search when search_filter/search_base_dn are used + 'base_dn' => '', + 'bind_dn' => '', + 'bind_pass' => '', + // It's possible to bind for an individual address book + // The login name is used to search for the DN to bind with + 'search_base_dn' => '', + 'search_filter' => '', // e.g. '(&(objectClass=posixAccount)(uid=%u))' + // DN and password to bind as before searching for bind DN, if anonymous search is not allowed + 'search_bind_dn' => '', + 'search_bind_pw' => '', + // Default for %dn variable if search doesn't return DN value + 'search_dn_default' => '', + // Optional authentication identifier to be used as SASL authorization proxy + // bind_dn need to be empty + 'auth_cid' => '', + // SASL authentication method (for proxy auth), e.g. DIGEST-MD5 + 'auth_method' => '', + // Indicates if the addressbook shall be hidden from the list. + // With this option enabled you can still search/view contacts. + 'hidden' => false, + // Indicates if the addressbook shall not list contacts but only allows searching. + 'searchonly' => false, + // Indicates if we can write to the LDAP directory or not. + // If writable is true then these fields need to be populated: + // LDAP_Object_Classes, required_fields, LDAP_rdn + 'writable' => false, + // To create a new contact these are the object classes to specify + // (or any other classes you wish to use). + 'LDAP_Object_Classes' => array('top', 'inetOrgPerson'), + // The RDN field that is used for new entries, this field needs + // to be one of the search_fields, the base of base_dn is appended + // to the RDN to insert into the LDAP directory. + 'LDAP_rdn' => 'cn', + // The required fields needed to build a new contact as required by + // the object classes (can include additional fields not required by the object classes). + 'required_fields' => array('cn', 'sn', 'mail'), + 'search_fields' => array('mail', 'cn'), // fields to search in + // mapping of contact fields to directory attributes + // for every attribute one can specify the number of values (limit) allowed. + // default is 1, a wildcard * means unlimited + 'fieldmap' => array( + // Roundcube => LDAP:limit + 'name' => 'cn', + 'surname' => 'sn', + 'firstname' => 'givenName', + 'title' => 'title', + 'email' => 'mail:*', + 'phone:home' => 'homePhone', + 'phone:work' => 'telephoneNumber', + 'phone:mobile' => 'mobile', + 'phone:pager' => 'pager', + 'street' => 'street', + 'zipcode' => 'postalCode', + 'region' => 'st', + 'locality' => 'l', +// if you uncomment country, you need to modify 'sub_fields' above +// 'country' => 'c', + 'department' => 'departmentNumber', + 'notes' => 'description', +// these currently don't work: +// 'phone:workfax' => 'facsimileTelephoneNumber', +// 'photo' => 'jpegPhoto', +// 'organization' => 'o', +// 'manager' => 'manager', +// 'assistant' => 'secretary', + ), + // Map of contact sub-objects (attribute name => objectClass(es)), e.g. 'c' => 'country' + 'sub_fields' => array(), + 'sort' => 'cn', // The field to sort the listing by. + 'scope' => 'sub', // search mode: sub|base|list + 'filter' => '(objectClass=inetOrgPerson)', // used for basic listing (if not empty) and will be &'d with search queries. example: status=act + 'fuzzy_search' => true, // server allows wildcard search + 'vlv' => false, // Enable Virtual List View to more efficiently fetch paginated data (if server supports it) + 'numsub_filter' => '(objectClass=organizationalUnit)', // with VLV, we also use numSubOrdinates to query the total number of records. Set this filter to get all numSubOrdinates attributes for counting + 'sizelimit' => '0', // Enables you to limit the count of entries fetched. Setting this to 0 means no limit. + 'timelimit' => '0', // Sets the number of seconds how long is spend on the search. Setting this to 0 means no limit. + 'referrals' => true|false, // Sets the LDAP_OPT_REFERRALS option. Mostly used in multi-domain Active Directory setups + + // definition for contact groups (uncomment if no groups are supported) + // for the groups base_dn, the user replacements %fu, %u, $d and %dc work as for base_dn (see above) + // if the groups base_dn is empty, the contact base_dn is used for the groups as well + // -> in this case, assure that groups and contacts are separated due to the concernig filters! + 'groups' => array( + 'base_dn' => '', + 'scope' => 'sub', // search mode: sub|base|list + 'filter' => '(objectClass=groupOfNames)', + 'object_classes' => array("top", "groupOfNames"), + 'member_attr' => 'member', // name of the member attribute, e.g. uniqueMember + 'name_attr' => 'cn', // attribute to be used as group name + ), +); +*/ + +// An ordered array of the ids of the addressbooks that should be searched +// when populating address autocomplete fields server-side. ex: array('sql','Verisign'); +$rcmail_config['autocomplete_addressbooks'] = array('sql'); + +// The minimum number of characters required to be typed in an autocomplete field +// before address books will be searched. Most useful for LDAP directories that +// may need to do lengthy results building given overly-broad searches +$rcmail_config['autocomplete_min_length'] = 1; + +// Number of parallel autocomplete requests. +// If there's more than one address book, n parallel (async) requests will be created, +// where each request will search in one address book. By default (0), all address +// books are searched in one request. +$rcmail_config['autocomplete_threads'] = 0; + +// Max. numer of entries in autocomplete popup. Default: 15. +$rcmail_config['autocomplete_max'] = 15; + +// show address fields in this order +// available placeholders: {street}, {locality}, {zipcode}, {country}, {region} +$rcmail_config['address_template'] = '{street}
{locality} {zipcode}
{country} {region}'; + +// Matching mode for addressbook search (including autocompletion) +// 0 - partial (*abc*), default +// 1 - strict (abc) +// 2 - prefix (abc*) +// Note: For LDAP sources fuzzy_search must be enabled to use 'partial' or 'prefix' mode +$rcmail_config['addressbook_search_mode'] = 0; + +// ---------------------------------- +// USER PREFERENCES +// ---------------------------------- + +// Use this charset as fallback for message decoding +//$rcmail_config['default_charset'] = 'ISO-8859-1'; +$rcmail_config['default_charset'] = 'UTF-8'; + +// skin name: folder from skins/ +$rcmail_config['skin'] = 'larry'; + +// show up to X items in messages list view +$rcmail_config['mail_pagesize'] = 50; + +// show up to X items in contacts list view +$rcmail_config['addressbook_pagesize'] = 50; + +// sort contacts by this col (preferably either one of name, firstname, surname) +$rcmail_config['addressbook_sort_col'] = 'surname'; + +// the way how contact names are displayed in the list +// 0: display name +// 1: (prefix) firstname middlename surname (suffix) +// 2: (prefix) surname firstname middlename (suffix) +// 3: (prefix) surname, firstname middlename (suffix) +$rcmail_config['addressbook_name_listing'] = 0; + +// use this timezone to display date/time +// valid timezone identifers are listed here: php.net/manual/en/timezones.php +// 'auto' will use the browser's timezone settings +$rcmail_config['timezone'] = 'auto'; + +// prefer displaying HTML messages +$rcmail_config['prefer_html'] = true; + +// display remote inline images +// 0 - Never, always ask +// 1 - Ask if sender is not in address book +// 2 - Always show inline images +$rcmail_config['show_images'] = 0; + +// compose html formatted messages by default +// 0 - never, 1 - always, 2 - on reply to HTML message only +$rcmail_config['htmleditor'] = 0; + +// show pretty dates as standard +$rcmail_config['prettydate'] = true; + +// save compose message every 300 seconds (5min) +$rcmail_config['draft_autosave'] = 300; + +// default setting if preview pane is enabled +$rcmail_config['preview_pane'] = false; + +// Mark as read when viewed in preview pane (delay in seconds) +// Set to -1 if messages in preview pane should not be marked as read +$rcmail_config['preview_pane_mark_read'] = 0; + +// Clear Trash on logout +$rcmail_config['logout_purge'] = false; + +// Compact INBOX on logout +$rcmail_config['logout_expunge'] = false; + +// Display attached images below the message body +$rcmail_config['inline_images'] = true; + +// Encoding of long/non-ascii attachment names: +// 0 - Full RFC 2231 compatible +// 1 - RFC 2047 for 'name' and RFC 2231 for 'filename' parameter (Thunderbird's default) +// 2 - Full 2047 compatible +$rcmail_config['mime_param_folding'] = 1; + +// Set true if deleted messages should not be displayed +// This will make the application run slower +$rcmail_config['skip_deleted'] = false; + +// Set true to Mark deleted messages as read as well as deleted +// False means that a message's read status is not affected by marking it as deleted +$rcmail_config['read_when_deleted'] = true; + +// Set to true to never delete messages immediately +// Use 'Purge' to remove messages marked as deleted +$rcmail_config['flag_for_deletion'] = false; + +// Default interval for keep-alive/check-recent requests (in seconds) +// Must be greater than or equal to 'min_keep_alive' and less than 'session_lifetime' +$rcmail_config['keep_alive'] = 60; + +// If true all folders will be checked for recent messages +$rcmail_config['check_all_folders'] = false; + +// If true, after message delete/move, the next message will be displayed +$rcmail_config['display_next'] = false; + +// 0 - Do not expand threads +// 1 - Expand all threads automatically +// 2 - Expand only threads with unread messages +$rcmail_config['autoexpand_threads'] = 0; + +// When replying place cursor above original message (top posting) +$rcmail_config['top_posting'] = false; + +// When replying strip original signature from message +$rcmail_config['strip_existing_sig'] = true; + +// Show signature: +// 0 - Never +// 1 - Always +// 2 - New messages only +// 3 - Forwards and Replies only +$rcmail_config['show_sig'] = 1; + +// When replying or forwarding place sender's signature above existing message +$rcmail_config['sig_above'] = false; + +// Use MIME encoding (quoted-printable) for 8bit characters in message body +$rcmail_config['force_7bit'] = false; + +// Defaults of the search field configuration. +// The array can contain a per-folder list of header fields which should be considered when searching +// The entry with key '*' stands for all folders which do not have a specific list set. +// Please note that folder names should to be in sync with $rcmail_config['default_folders'] +$rcmail_config['search_mods'] = null; // Example: array('*' => array('subject'=>1, 'from'=>1), 'Sent' => array('subject'=>1, 'to'=>1)); + +// Defaults of the addressbook search field configuration. +$rcmail_config['addressbook_search_mods'] = null; // Example: array('name'=>1, 'firstname'=>1, 'surname'=>1, 'email'=>1, '*'=>1); + +// 'Delete always' +// This setting reflects if mail should be always deleted +// when moving to Trash fails. This is necessary in some setups +// when user is over quota and Trash is included in the quota. +$rcmail_config['delete_always'] = false; + +// Directly delete messages in Junk instead of moving to Trash +$rcmail_config['delete_junk'] = true; + +// Behavior if a received message requests a message delivery notification (read receipt) +// 0 = ask the user, 1 = send automatically, 2 = ignore (never send or ask) +// 3 = send automatically if sender is in addressbook, otherwise ask the user +// 4 = send automatically if sender is in addressbook, otherwise ignore +$rcmail_config['mdn_requests'] = 0; + +// Return receipt checkbox default state +$rcmail_config['mdn_default'] = 0; + +// Delivery Status Notification checkbox default state +$rcmail_config['dsn_default'] = 0; + +// Place replies in the folder of the message being replied to +$rcmail_config['reply_same_folder'] = false; + +// Sets default mode of Forward feature to "forward as attachment" +$rcmail_config['forward_attachment'] = false; + +// Defines address book (internal index) to which new contacts will be added +// By default it is the first writeable addressbook. +// Note: Use '0' for built-in address book. +$rcmail_config['default_addressbook'] = null; + +// Enables spell checking before sending a message. +$rcmail_config['spellcheck_before_send'] = false; + +// Skip alternative email addresses in autocompletion (show one address per contact) +$rcmail_config['autocomplete_single'] = false; + +// Default font for composed HTML message. +// Supported values: Andale Mono, Arial, Arial Black, Book Antiqua, Courier New, +// Georgia, Helvetica, Impact, Tahoma, Terminal, Times New Roman, Trebuchet MS, Verdana +$rcmail_config['default_font'] = ''; + +// end of config file diff --git a/install/debian/9/roundcube/vesta.php b/install/debian/9/roundcube/vesta.php new file mode 100644 index 00000000..b3dd167f --- /dev/null +++ b/install/debian/9/roundcube/vesta.php @@ -0,0 +1,73 @@ + + */ +class rcube_vesta_password { + function save($curpass, $passwd) + { + $rcmail = rcmail::get_instance(); + $vesta_host = $rcmail->config->get('password_vesta_host'); + + if (empty($vesta_host)) + { + $vesta_host = 'localhost'; + } + + $vesta_port = $rcmail->config->get('password_vesta_port'); + if (empty($vesta_port)) + { + $vesta_port = '8083'; + } + + $postvars = array( + 'email' => $_SESSION['username'], + 'password' => $curpass, + 'new' => $passwd + ); + + $postdata = http_build_query($postvars); + + $send = 'POST /reset/mail/ HTTP/1.1' . PHP_EOL; + $send .= 'Host: ' . $vesta_host . PHP_EOL; + $send .= 'User-Agent: PHP Script' . PHP_EOL; + $send .= 'Content-length: ' . strlen($postdata) . PHP_EOL; + $send .= 'Content-type: application/x-www-form-urlencoded' . PHP_EOL; + $send .= 'Connection: close' . PHP_EOL; + $send .= PHP_EOL; + $send .= $postdata . PHP_EOL . PHP_EOL; + + //$fp = fsockopen('ssl://' . $vesta_host, $vesta_port); + $errno = ""; + $errstr = ""; + $context = stream_context_create(); + + $result = stream_context_set_option($context, 'ssl', 'verify_peer', false); + $result = stream_context_set_option($context, 'ssl', 'verify_peer_name', false); + $result = stream_context_set_option($context, 'ssl', 'verify_host', false); + $result = stream_context_set_option($context, 'ssl', 'allow_self_signed', true); + + $fp = stream_socket_client('ssl://' . $vesta_host . ':'.$vesta_port, $errno, $errstr, 60, STREAM_CLIENT_CONNECT, $context); + fputs($fp, $send); + $result = fread($fp, 2048); + fclose($fp); + + $fp = fopen("/tmp/roundcube.log", 'w'); + fwrite($fp, "test ok"); + fwrite($fp, "\n"); + fclose($fp); + + + if(strpos($result, 'ok') && !strpos($result, 'error')) + { + return PASSWORD_SUCCESS; + } + else { + return PASSWORD_ERROR; + } + + } +} diff --git a/install/debian/9/sudo/admin b/install/debian/9/sudo/admin new file mode 100644 index 00000000..4226bdd4 --- /dev/null +++ b/install/debian/9/sudo/admin @@ -0,0 +1,8 @@ +# Created by vesta installer +Defaults env_keep="VESTA" +Defaults:admin !syslog +Defaults:admin !requiretty +Defaults:root !requiretty + +admin ALL=(ALL) ALL +admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/debian/9/templates/dns/child-ns.tpl b/install/debian/9/templates/dns/child-ns.tpl new file mode 100755 index 00000000..42c046e4 --- /dev/null +++ b/install/debian/9/templates/dns/child-ns.tpl @@ -0,0 +1,14 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns1.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns2.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='ns1' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='ns2' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='13' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='14' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/debian/9/templates/dns/default.tpl b/install/debian/9/templates/dns/default.tpl new file mode 100755 index 00000000..e0a37e62 --- /dev/null +++ b/install/debian/9/templates/dns/default.tpl @@ -0,0 +1,18 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns3%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns4%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns5%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns6%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns7%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns8%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='13' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='14' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='15' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='16' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='17' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='18' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/debian/9/templates/dns/gmail.tpl b/install/debian/9/templates/dns/gmail.tpl new file mode 100755 index 00000000..219c9d24 --- /dev/null +++ b/install/debian/9/templates/dns/gmail.tpl @@ -0,0 +1,12 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='localhost' TYPE='A' PRIORITY='' VALUE='127.0.0.1' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='@' TYPE='MX' PRIORITY='1' VALUE='ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT1.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT2.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT3.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT4.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% include:_spf.google.com ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/debian/9/templates/web/apache2/basedir.stpl b/install/debian/9/templates/web/apache2/basedir.stpl new file mode 100644 index 00000000..d978d4c4 --- /dev/null +++ b/install/debian/9/templates/web/apache2/basedir.stpl @@ -0,0 +1,44 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/debian/9/templates/web/apache2/basedir.tpl b/install/debian/9/templates/web/apache2/basedir.tpl new file mode 100644 index 00000000..96c94a1b --- /dev/null +++ b/install/debian/9/templates/web/apache2/basedir.tpl @@ -0,0 +1,38 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/debian/9/templates/web/apache2/default.stpl b/install/debian/9/templates/web/apache2/default.stpl new file mode 100644 index 00000000..ec34c279 --- /dev/null +++ b/install/debian/9/templates/web/apache2/default.stpl @@ -0,0 +1,43 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/debian/9/templates/web/apache2/default.tpl b/install/debian/9/templates/web/apache2/default.tpl new file mode 100644 index 00000000..3a227015 --- /dev/null +++ b/install/debian/9/templates/web/apache2/default.tpl @@ -0,0 +1,37 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/debian/9/templates/web/apache2/hosting.stpl b/install/debian/9/templates/web/apache2/hosting.stpl new file mode 100644 index 00000000..8892072b --- /dev/null +++ b/install/debian/9/templates/web/apache2/hosting.stpl @@ -0,0 +1,49 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/debian/9/templates/web/apache2/hosting.tpl b/install/debian/9/templates/web/apache2/hosting.tpl new file mode 100644 index 00000000..1eb26910 --- /dev/null +++ b/install/debian/9/templates/web/apache2/hosting.tpl @@ -0,0 +1,43 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/debian/9/templates/web/apache2/phpcgi.sh b/install/debian/9/templates/web/apache2/phpcgi.sh new file mode 100755 index 00000000..6565e103 --- /dev/null +++ b/install/debian/9/templates/web/apache2/phpcgi.sh @@ -0,0 +1,16 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script='#!/usr/bin/php-cgi -cphp5-cgi.ini' +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/php" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/debian/9/templates/web/apache2/phpcgi.stpl b/install/debian/9/templates/web/apache2/phpcgi.stpl new file mode 100644 index 00000000..731355bc --- /dev/null +++ b/install/debian/9/templates/web/apache2/phpcgi.stpl @@ -0,0 +1,38 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/debian/9/templates/web/apache2/phpcgi.tpl b/install/debian/9/templates/web/apache2/phpcgi.tpl new file mode 100644 index 00000000..c6796d29 --- /dev/null +++ b/install/debian/9/templates/web/apache2/phpcgi.tpl @@ -0,0 +1,31 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/debian/9/templates/web/apache2/phpfcgid.sh b/install/debian/9/templates/web/apache2/phpfcgid.sh new file mode 100755 index 00000000..e8058249 --- /dev/null +++ b/install/debian/9/templates/web/apache2/phpfcgid.sh @@ -0,0 +1,22 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script="#!/bin/sh +PHPRC=/usr/local/lib +export PHPRC +export PHP_FCGI_MAX_REQUESTS=1000 +export PHP_FCGI_CHILDREN=20 +exec /usr/bin/php-cgi +" +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/fcgi-starter" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/debian/9/templates/web/apache2/phpfcgid.stpl b/install/debian/9/templates/web/apache2/phpfcgid.stpl new file mode 100644 index 00000000..156c8a91 --- /dev/null +++ b/install/debian/9/templates/web/apache2/phpfcgid.stpl @@ -0,0 +1,39 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + php_admin_value open_basedir none + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/debian/9/templates/web/apache2/phpfcgid.tpl b/install/debian/9/templates/web/apache2/phpfcgid.tpl new file mode 100644 index 00000000..a4c01269 --- /dev/null +++ b/install/debian/9/templates/web/apache2/phpfcgid.tpl @@ -0,0 +1,31 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/debian/9/templates/web/awstats/awstats.tpl b/install/debian/9/templates/web/awstats/awstats.tpl new file mode 100755 index 00000000..9a92e0fd --- /dev/null +++ b/install/debian/9/templates/web/awstats/awstats.tpl @@ -0,0 +1,133 @@ +LogFile="/var/log/%web_system%/domains/%domain%.log" +LogType=W +LogFormat=1 +LogSeparator=" " +SiteDomain="%domain_idn%" +HostAliases="%alias_idn%" +DirData="%home%/%user%/web/%domain%/stats" +DirCgi="/vstats" +DirIcons="/vstats/icon" +AllowToUpdateStatsFromBrowser=0 +AllowFullYearView=2 +EnableLockForUpdate=1 +DNSStaticCacheFile="dnscache.txt" +DNSLastUpdateCacheFile="dnscachelastupdate.txt" +SkipDNSLookupFor="" +AllowAccessFromWebToAuthenticatedUsersOnly=0 +AllowAccessFromWebToFollowingAuthenticatedUsers="" +AllowAccessFromWebToFollowingIPAddresses="" +CreateDirDataIfNotExists=0 +BuildHistoryFormat=text +BuildReportFormat=html +SaveDatabaseFilesWithPermissionsForEveryone=0 +PurgeLogFile=0 +ArchiveLogRecords=0 +KeepBackupOfHistoricFiles=1 +DefaultFile="index.php index.html" +SkipHosts="127.0.0.1 +SkipUserAgents="" +SkipFiles="" +SkipReferrersBlackList="" +OnlyHosts="" +OnlyUserAgents="" +OnlyUsers="" +OnlyFiles="" +NotPageList="css js class gif jpg jpeg png bmp ico rss xml swf" +ValidHTTPCodes="200 304" +ValidSMTPCodes="1 250" +AuthenticatedUsersNotCaseSensitive=0 +URLNotCaseSensitive=0 +URLWithAnchor=0 +URLQuerySeparators="?;" +URLWithQuery=0 +URLWithQueryWithOnlyFollowingParameters="" +URLWithQueryWithoutFollowingParameters="" +URLReferrerWithQuery=0 +WarningMessages=1 +ErrorMessages="" +DebugMessages=0 +NbOfLinesForCorruptedLog=50 +WrapperScript="" +DecodeUA=0 +MiscTrackerUrl="/js/awstats_misc_tracker.js" +UseFramesWhenCGI=1 +DetailedReportsOnNewWindows=1 +Expires=3600 +MaxRowsInHTMLOutput=1000 +Lang="auto" +DirLang="./lang" +ShowMenu=1 +ShowSummary=UVPHB +ShowMonthStats=UVPHB +ShowDaysOfMonthStats=VPHB +ShowDaysOfWeekStats=PHB +ShowHoursStats=PHB +ShowDomainsStats=PHB +ShowHostsStats=PHBL +ShowAuthenticatedUsers=0 +ShowRobotsStats=HBL +ShowWormsStats=0 +ShowEMailSenders=0 +ShowEMailReceivers=0 +ShowSessionsStats=1 +ShowPagesStats=PBEX +ShowFileTypesStats=HB +ShowFileSizesStats=0 +ShowDownloadsStats=HB +ShowOSStats=1 +ShowBrowsersStats=1 +ShowScreenSizeStats=0 +ShowOriginStats=PH +ShowKeyphrasesStats=1 +ShowKeywordsStats=1 +ShowMiscStats=a +ShowHTTPErrorsStats=1 +ShowSMTPErrorsStats=0 +ShowClusterStats=0 +AddDataArrayMonthStats=1 +AddDataArrayShowDaysOfMonthStats=1 +AddDataArrayShowDaysOfWeekStats=1 +AddDataArrayShowHoursStats=1 +IncludeInternalLinksInOriginSection=0 +MaxNbOfDomain = 10 +MinHitDomain = 1 +MaxNbOfHostsShown = 10 +MinHitHost = 1 +MaxNbOfLoginShown = 10 +MinHitLogin = 1 +MaxNbOfRobotShown = 10 +MinHitRobot = 1 +MaxNbOfDownloadsShown = 10 +MinHitDownloads = 1 +MaxNbOfPageShown = 10 +MinHitFile = 1 +MaxNbOfOsShown = 10 +MinHitOs = 1 +MaxNbOfBrowsersShown = 10 +MinHitBrowser = 1 +MaxNbOfScreenSizesShown = 5 +MinHitScreenSize = 1 +MaxNbOfWindowSizesShown = 5 +MinHitWindowSize = 1 +MaxNbOfRefererShown = 10 +MinHitRefer = 1 +MaxNbOfKeyphrasesShown = 10 +MinHitKeyphrase = 1 +MaxNbOfKeywordsShown = 10 +MinHitKeyword = 1 +MaxNbOfEMailsShown = 20 +MinHitEMail = 1 +FirstDayOfWeek=0 +ShowFlagLinks="" +ShowLinksOnUrl=1 +UseHTTPSLinkForUrl="" +MaxLengthOfShownURL=64 +HTMLHeadSection="" +HTMLEndSection="" +MetaRobot=0 +Logo="awstats_logo6.png" +LogoLink="http://awstats.sourceforge.net" +BarWidth = 260 +BarHeight = 90 +StyleSheet="" +ExtraTrackedRowsLimit=500 diff --git a/install/debian/9/templates/web/awstats/index.tpl b/install/debian/9/templates/web/awstats/index.tpl new file mode 100755 index 00000000..9df9bb5c --- /dev/null +++ b/install/debian/9/templates/web/awstats/index.tpl @@ -0,0 +1,10 @@ + + + + Awstats log analyzer + + + + + + diff --git a/install/debian/9/templates/web/awstats/nav.tpl b/install/debian/9/templates/web/awstats/nav.tpl new file mode 100755 index 00000000..f29bed68 --- /dev/null +++ b/install/debian/9/templates/web/awstats/nav.tpl @@ -0,0 +1,23 @@ + + + Awstats navigation + + + + + + + + +

+

+ + diff --git a/install/debian/9/templates/web/nginx/caching.sh b/install/debian/9/templates/web/nginx/caching.sh new file mode 100755 index 00000000..09d8efe7 --- /dev/null +++ b/install/debian/9/templates/web/nginx/caching.sh @@ -0,0 +1,19 @@ +#!/bin/bash + +user=$1 +domain=$2 +ip=$3 +home=$4 +docroot=$5 + +str="proxy_cache_path /var/cache/nginx/$domain levels=2" +str="$str keys_zone=$domain:10m inactive=60m max_size=512m;" +conf='/etc/nginx/conf.d/01_caching_pool.conf' +if [ -e "$conf" ]; then + if [ -z "$(grep "=${domain}:" $conf)" ]; then + echo "$str" >> $conf + fi +else + echo "$str" >> $conf +fi + diff --git a/install/debian/9/templates/web/nginx/caching.stpl b/install/debian/9/templates/web/nginx/caching.stpl new file mode 100755 index 00000000..52641dbe --- /dev/null +++ b/install/debian/9/templates/web/nginx/caching.stpl @@ -0,0 +1,44 @@ +server { + listen %ip%:%proxy_ssl_port%; + server_name %domain_idn% %alias_idn%; + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + + proxy_cache cache; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/caching.tpl b/install/debian/9/templates/web/nginx/caching.tpl new file mode 100755 index 00000000..36761b65 --- /dev/null +++ b/install/debian/9/templates/web/nginx/caching.tpl @@ -0,0 +1,41 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + + proxy_cache cache; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/default.stpl b/install/debian/9/templates/web/nginx/default.stpl new file mode 100755 index 00000000..fa538060 --- /dev/null +++ b/install/debian/9/templates/web/nginx/default.stpl @@ -0,0 +1,36 @@ +server { + listen %ip%:%proxy_ssl_port%; + server_name %domain_idn% %alias_idn%; + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/debian/9/templates/web/nginx/default.tpl b/install/debian/9/templates/web/nginx/default.tpl new file mode 100755 index 00000000..4d5c774b --- /dev/null +++ b/install/debian/9/templates/web/nginx/default.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/debian/9/templates/web/nginx/hosting.sh b/install/debian/9/templates/web/nginx/hosting.sh new file mode 100755 index 00000000..eeed37ef --- /dev/null +++ b/install/debian/9/templates/web/nginx/hosting.sh @@ -0,0 +1,11 @@ +#!/bin/bash +# Changing public_html permission +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +chmod 755 $docroot + +exit 0 diff --git a/install/debian/9/templates/web/nginx/hosting.stpl b/install/debian/9/templates/web/nginx/hosting.stpl new file mode 100755 index 00000000..d778d633 --- /dev/null +++ b/install/debian/9/templates/web/nginx/hosting.stpl @@ -0,0 +1,38 @@ +server { + listen %ip%:%proxy_ssl_port%; + server_name %domain_idn% %alias_idn%; + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%docroot%; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/debian/9/templates/web/nginx/hosting.tpl b/install/debian/9/templates/web/nginx/hosting.tpl new file mode 100755 index 00000000..15961c95 --- /dev/null +++ b/install/debian/9/templates/web/nginx/hosting.tpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%docroot%; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/debian/9/templates/web/nginx/http2.stpl b/install/debian/9/templates/web/nginx/http2.stpl new file mode 100644 index 00000000..76dd2f8e --- /dev/null +++ b/install/debian/9/templates/web/nginx/http2.stpl @@ -0,0 +1,36 @@ +server { + listen %ip%:%proxy_ssl_port% http2; + server_name %domain_idn% %alias_idn%; + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/httpd/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/httpd/domains/%domain%.log combined; + access_log /var/log/httpd/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/debian/9/templates/web/nginx/http2.tpl b/install/debian/9/templates/web/nginx/http2.tpl new file mode 100644 index 00000000..c1fec114 --- /dev/null +++ b/install/debian/9/templates/web/nginx/http2.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/httpd/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/httpd/domains/%domain%.log combined; + access_log /var/log/httpd/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/debian/9/templates/web/nginx/php-fpm/cms_made_simple.stpl b/install/debian/9/templates/web/nginx/php-fpm/cms_made_simple.stpl new file mode 100644 index 00000000..d85bcce3 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/cms_made_simple.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/cms_made_simple.tpl b/install/debian/9/templates/web/nginx/php-fpm/cms_made_simple.tpl new file mode 100644 index 00000000..f9e90393 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/cms_made_simple.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/codeigniter2.stpl b/install/debian/9/templates/web/nginx/php-fpm/codeigniter2.stpl new file mode 100644 index 00000000..9c24c3ea --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/codeigniter2.stpl @@ -0,0 +1,61 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/codeigniter2.tpl b/install/debian/9/templates/web/nginx/php-fpm/codeigniter2.tpl new file mode 100644 index 00000000..d2422be2 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/codeigniter2.tpl @@ -0,0 +1,57 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/codeigniter3.stpl b/install/debian/9/templates/web/nginx/php-fpm/codeigniter3.stpl new file mode 100644 index 00000000..d7186314 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/codeigniter3.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/codeigniter3.tpl b/install/debian/9/templates/web/nginx/php-fpm/codeigniter3.tpl new file mode 100644 index 00000000..54f81b99 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/codeigniter3.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/datalife_engine.stpl b/install/debian/9/templates/web/nginx/php-fpm/datalife_engine.stpl new file mode 100644 index 00000000..4f0b9ec7 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/datalife_engine.stpl @@ -0,0 +1,127 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/datalife_engine.tpl b/install/debian/9/templates/web/nginx/php-fpm/datalife_engine.tpl new file mode 100644 index 00000000..3ea45347 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/datalife_engine.tpl @@ -0,0 +1,123 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/default.stpl b/install/debian/9/templates/web/nginx/php-fpm/default.stpl new file mode 100644 index 00000000..5cb55311 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/default.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/default.tpl b/install/debian/9/templates/web/nginx/php-fpm/default.tpl new file mode 100644 index 00000000..a8909efb --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/default.tpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/dokuwiki.stpl b/install/debian/9/templates/web/nginx/php-fpm/dokuwiki.stpl new file mode 100644 index 00000000..f85032ba --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/dokuwiki.stpl @@ -0,0 +1,72 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ ^/lib.*\.(gif|png|ico|jpg)$ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/dokuwiki.tpl b/install/debian/9/templates/web/nginx/php-fpm/dokuwiki.tpl new file mode 100644 index 00000000..0a9a75ed --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/dokuwiki.tpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ ^/lib.*\.(gif|png|ico|jpg)$ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/drupal6.stpl b/install/debian/9/templates/web/nginx/php-fpm/drupal6.stpl new file mode 100644 index 00000000..91a70936 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/drupal6.stpl @@ -0,0 +1,101 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + location @rewrite { + # For Drupal 6 and bwlow: + # Some modules enforce no slash (/) at the end of the URL + # Else this rewrite block wouldn't be needed (GlobalRedirect) + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/drupal6.tpl b/install/debian/9/templates/web/nginx/php-fpm/drupal6.tpl new file mode 100644 index 00000000..ac32dcd9 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/drupal6.tpl @@ -0,0 +1,98 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # Very rarely should these ever be accessed outside of your lan + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + location @rewrite { + # For Drupal 6 and bwlow: + # Some modules enforce no slash (/) at the end of the URL + # Else this rewrite block wouldn't be needed (GlobalRedirect) + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/drupal7.stpl b/install/debian/9/templates/web/nginx/php-fpm/drupal7.stpl new file mode 100644 index 00000000..3b9dabf5 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/drupal7.stpl @@ -0,0 +1,101 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + location @rewrite { + # You have 2 options here + # For D7 and above: + # Clean URLs are handled in drupal_environment_initialize(). + rewrite ^ /index.php; + } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/drupal7.tpl b/install/debian/9/templates/web/nginx/php-fpm/drupal7.tpl new file mode 100644 index 00000000..1b979475 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/drupal7.tpl @@ -0,0 +1,98 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # Very rarely should these ever be accessed outside of your lan + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + location @rewrite { + # You have 2 options here + # For D7 and above: + # Clean URLs are handled in drupal_environment_initialize(). + rewrite ^ /index.php; + } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/drupal8.stpl b/install/debian/9/templates/web/nginx/php-fpm/drupal8.stpl new file mode 100644 index 00000000..50d85b68 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/drupal8.stpl @@ -0,0 +1,102 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$)|^/update.php { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + location @rewrite { + # You have 2 options here + # For D7 and above: + # Clean URLs are handled in drupal_environment_initialize(). + rewrite ^ /index.php; + } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/drupal8.tpl b/install/debian/9/templates/web/nginx/php-fpm/drupal8.tpl new file mode 100644 index 00000000..71b538bf --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/drupal8.tpl @@ -0,0 +1,99 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # Very rarely should these ever be accessed outside of your lan + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$)|^/update.php { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + location @rewrite { + # You have 2 options here + # For D7 and above: + # Clean URLs are handled in drupal_environment_initialize(). + rewrite ^ /index.php; + } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/joomla.stpl b/install/debian/9/templates/web/nginx/php-fpm/joomla.stpl new file mode 100644 index 00000000..704405f3 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/joomla.stpl @@ -0,0 +1,63 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/joomla.tpl b/install/debian/9/templates/web/nginx/php-fpm/joomla.tpl new file mode 100644 index 00000000..91b7a8f1 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/joomla.tpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/laravel.stpl b/install/debian/9/templates/web/nginx/php-fpm/laravel.stpl new file mode 100644 index 00000000..477f6f01 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/laravel.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$query_string; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/laravel.tpl b/install/debian/9/templates/web/nginx/php-fpm/laravel.tpl new file mode 100644 index 00000000..d14b0173 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/laravel.tpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location / { + try_files $uri $uri/ /index.php?$query_string; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/magento.stpl b/install/debian/9/templates/web/nginx/php-fpm/magento.stpl new file mode 100644 index 00000000..fdab43aa --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/magento.stpl @@ -0,0 +1,198 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + + root %sdocroot%/pub; + index index.php; + autoindex off; + charset UTF-8; + error_page 404 403 = /errors/404.php; + add_header "X-UA-Compatible" "IE=Edge"; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + # PHP entry point for setup application + location ~* ^/setup($|/) { + root %sdocroot%; + + location ~ ^/setup/index.php { + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + location ~ ^/setup/(?!pub/). { + deny all; + } + + location ~ ^/setup/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + # PHP entry point for update application + location ~* ^/update($|/) { + root %sdocroot%; + + location ~ ^/update/index.php { + fastcgi_split_path_info ^(/update/index.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + } + + # Deny everything but index.php + location ~ ^/update/(?!pub/). { + deny all; + } + + location ~ ^/update/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location /pub/ { + location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) { + deny all; + } + + alias %sdocroot%/pub/; + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /static/ { + # Uncomment the following line in production mode + # expires max; + + # Remove signature of the static files that is used to overcome the browser cache + location ~ ^/static/version { + rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/ { + try_files $uri $uri/ /get.php?$args; + + location ~ ^/media/theme_customization/.*\.xml { + deny all; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + try_files $uri $uri/ /get.php?$args; + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + try_files $uri $uri/ /get.php?$args; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/customer/ { + deny all; + } + + location /media/downloadable/ { + deny all; + } + + location /media/import/ { + deny all; + } + + # PHP entry point for main application + location ~ (index|get|static|report|404|503)\.php$ { + try_files $uri =404; + + fastcgi_pass %backend_lsnr%; + fastcgi_buffers 1024 4k; + fastcgi_read_timeout 600s; + fastcgi_connect_timeout 600s; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + gzip on; + gzip_disable "msie6"; + + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types + text/plain + text/css + text/js + text/xml + text/javascript + application/javascript + application/x-javascript + application/json + application/xml + application/xml+rss + image/svg+xml; + gzip_vary on; + + # Banned locations (only reached if the earlier PHP entry point regexes don't match) + location ~* (\.php$|\.htaccess$|\.git) { + deny all; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/magento.tpl b/install/debian/9/templates/web/nginx/php-fpm/magento.tpl new file mode 100644 index 00000000..3f292fff --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/magento.tpl @@ -0,0 +1,194 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + + root %docroot%/pub; + index index.php; + autoindex off; + charset UTF-8; + error_page 404 403 = /errors/404.php; + add_header "X-UA-Compatible" "IE=Edge"; + + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + # PHP entry point for setup application + location ~* ^/setup($|/) { + root %docroot%; + + location ~ ^/setup/index.php { + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + location ~ ^/setup/(?!pub/). { + deny all; + } + + location ~ ^/setup/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + # PHP entry point for update application + location ~* ^/update($|/) { + root %docroot%; + + location ~ ^/update/index.php { + fastcgi_split_path_info ^(/update/index.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + } + + # Deny everything but index.php + location ~ ^/update/(?!pub/). { + deny all; + } + + location ~ ^/update/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location /pub/ { + location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) { + deny all; + } + + alias %docroot%/pub/; + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /static/ { + # Uncomment the following line in production mode + # expires max; + + # Remove signature of the static files that is used to overcome the browser cache + location ~ ^/static/version { + rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/ { + try_files $uri $uri/ /get.php?$args; + + location ~ ^/media/theme_customization/.*\.xml { + deny all; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + try_files $uri $uri/ /get.php?$args; + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + try_files $uri $uri/ /get.php?$args; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/customer/ { + deny all; + } + + location /media/downloadable/ { + deny all; + } + + location /media/import/ { + deny all; + } + + # PHP entry point for main application + location ~ (index|get|static|report|404|503)\.php$ { + try_files $uri =404; + + fastcgi_pass %backend_lsnr%; + fastcgi_buffers 1024 4k; + fastcgi_read_timeout 600s; + fastcgi_connect_timeout 600s; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + gzip on; + gzip_disable "msie6"; + + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types + text/plain + text/css + text/js + text/xml + text/javascript + application/javascript + application/x-javascript + application/json + application/xml + application/xml+rss + image/svg+xml; + gzip_vary on; + + # Banned locations (only reached if the earlier PHP entry point regexes don't match) + location ~* (\.php$|\.htaccess$|\.git) { + deny all; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/modx.stpl b/install/debian/9/templates/web/nginx/php-fpm/modx.stpl new file mode 100644 index 00000000..f410ab77 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/modx.stpl @@ -0,0 +1,69 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; +# if you need to rewrite www to non-www uncomment bellow +# if ($host != '%domain%' ) { +# rewrite ^/(.*)$ https://%domain%/$1 permanent; +# } + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ @rewrite; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/modx.tpl b/install/debian/9/templates/web/nginx/php-fpm/modx.tpl new file mode 100644 index 00000000..342d3ecf --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/modx.tpl @@ -0,0 +1,65 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; +# if you need to rewrite www to non-www uncomment bellow +# if ($host != '%domain%' ) { +# rewrite ^/(.*)$ http://%domain%/$1 permanent; +# } + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ @rewrite; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/moodle.stpl b/install/debian/9/templates/web/nginx/php-fpm/moodle.stpl new file mode 100644 index 00000000..f15a68c5 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/moodle.stpl @@ -0,0 +1,90 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/moodle.tpl b/install/debian/9/templates/web/nginx/php-fpm/moodle.tpl new file mode 100644 index 00000000..c20ba648 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/moodle.tpl @@ -0,0 +1,87 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # Very rarely should these ever be accessed outside of your lan + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/no-php.stpl b/install/debian/9/templates/web/nginx/php-fpm/no-php.stpl new file mode 100644 index 00000000..bc8b53a3 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/no-php.stpl @@ -0,0 +1,47 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + types { + text/html html htm shtml php php5; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/no-php.tpl b/install/debian/9/templates/web/nginx/php-fpm/no-php.tpl new file mode 100644 index 00000000..7ff8aa1d --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/no-php.tpl @@ -0,0 +1,43 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + types { + text/html html htm shtml php php5; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/odoo.stpl b/install/debian/9/templates/web/nginx/php-fpm/odoo.stpl new file mode 100644 index 00000000..d6697d7a --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/odoo.stpl @@ -0,0 +1,70 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; + proxy_redirect off; + + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + + proxy_connect_timeout 720; + proxy_send_timeout 720; + proxy_read_timeout 720; + send_timeout 720; + + # Allow "Well-Known URIs" as per RFC 5785 + location ~* ^/.well-known/ { + allow all; + } + + location / { + proxy_pass http://127.0.0.1:8069; + } + + location /longpolling { + proxy_pass http://127.0.0.1:8072; + } + + location ~* /web/static/ { + proxy_cache_valid 200 60m; + proxy_buffering on; + expires 864000; + proxy_pass http://127.0.0.1:8069; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/odoo.tpl b/install/debian/9/templates/web/nginx/php-fpm/odoo.tpl new file mode 100644 index 00000000..b1240aae --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/odoo.tpl @@ -0,0 +1,66 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; + proxy_redirect off; + + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + + proxy_connect_timeout 720; + proxy_send_timeout 720; + proxy_read_timeout 720; + send_timeout 720; + + # Allow "Well-Known URIs" as per RFC 5785 + location ~* ^/.well-known/ { + allow all; + } + + location / { + proxy_pass http://127.0.0.1:8069; + } + + location /longpolling { + proxy_pass http://127.0.0.1:8072; + } + + location ~* /web/static/ { + proxy_cache_valid 200 60m; + proxy_buffering on; + expires 864000; + proxy_pass http://127.0.0.1:8069; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/opencart.stpl b/install/debian/9/templates/web/nginx/php-fpm/opencart.stpl new file mode 100644 index 00000000..908b9aeb --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/opencart.stpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ @opencart; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + location @opencart { + rewrite ^/(.+)$ /index.php?_route_=$1 last; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/opencart.tpl b/install/debian/9/templates/web/nginx/php-fpm/opencart.tpl new file mode 100644 index 00000000..d0a9060b --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/opencart.tpl @@ -0,0 +1,54 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location / { + try_files $uri $uri/ @opencart; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + location @opencart { + rewrite ^/(.+)$ /index.php?_route_=$1 last; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/owncloud.stpl b/install/debian/9/templates/web/nginx/php-fpm/owncloud.stpl new file mode 100644 index 00000000..891566b9 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/owncloud.stpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/owncloud.tpl b/install/debian/9/templates/web/nginx/php-fpm/owncloud.tpl new file mode 100644 index 00000000..e3ec31de --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/owncloud.tpl @@ -0,0 +1,81 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/piwik.stpl b/install/debian/9/templates/web/nginx/php-fpm/piwik.stpl new file mode 100644 index 00000000..78c1bb78 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/piwik.stpl @@ -0,0 +1,73 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/piwik.tpl b/install/debian/9/templates/web/nginx/php-fpm/piwik.tpl new file mode 100644 index 00000000..f94fb7de --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/piwik.tpl @@ -0,0 +1,69 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/pyrocms.stpl b/install/debian/9/templates/web/nginx/php-fpm/pyrocms.stpl new file mode 100644 index 00000000..5ffc9ed5 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/pyrocms.stpl @@ -0,0 +1,66 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location /installer { + try_files $uri $uri/ /installer/index.php?$query_string; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/pyrocms.tpl b/install/debian/9/templates/web/nginx/php-fpm/pyrocms.tpl new file mode 100644 index 00000000..297fe0e8 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/pyrocms.tpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location /installer { + try_files $uri $uri/ /installer/index.php?$query_string; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/sendy.stpl b/install/debian/9/templates/web/nginx/php-fpm/sendy.stpl new file mode 100644 index 00000000..0b351000 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/sendy.stpl @@ -0,0 +1,88 @@ +server { + listen %ip%:%web_ssl_port% ssl http2; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" { + deny all; + } + + location ~ /(readme.html|license.txt) { + deny all; + } + + if (!-f $request_filename){ + rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last; + } + + location / { + try_files $uri $uri/ /index.php?$args; + location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ { + expires 1d; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + + location /l/ { + rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last; + } + + location /t/ { + rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last; + } + + location /w/ { + rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last; + } + + location /unsubscribe/ { + rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last; + } + + location /subscribe/ { + rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/sendy.tpl b/install/debian/9/templates/web/nginx/php-fpm/sendy.tpl new file mode 100644 index 00000000..b27b427d --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/sendy.tpl @@ -0,0 +1,86 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" { + deny all; + } + + location ~ /(readme.html|license.txt) { + deny all; + } + + if (!-f $request_filename){ + rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last; + } + + location / { + try_files $uri $uri/ /index.php?$args; + location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ { + expires 1d; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + + location /l/ { + rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last; + } + + location /t/ { + rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last; + } + + location /w/ { + rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last; + } + + location /unsubscribe/ { + rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last; + } + + location /subscribe/ { + rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/wordpress.stpl b/install/debian/9/templates/web/nginx/php-fpm/wordpress.stpl new file mode 100644 index 00000000..5cb55311 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/wordpress.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/wordpress.tpl b/install/debian/9/templates/web/nginx/php-fpm/wordpress.tpl new file mode 100644 index 00000000..a8909efb --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/wordpress.tpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/wordpress2.stpl b/install/debian/9/templates/web/nginx/php-fpm/wordpress2.stpl new file mode 100644 index 00000000..e0aeb524 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/wordpress2.stpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/wordpress2.tpl b/install/debian/9/templates/web/nginx/php-fpm/wordpress2.tpl new file mode 100644 index 00000000..bccb8b3d --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/wordpress2.tpl @@ -0,0 +1,63 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/debian/9/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl new file mode 100644 index 00000000..0d933b30 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -0,0 +1,72 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + if (!-e $request_filename) + { + rewrite ^(.+)$ /index.php?q=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl b/install/debian/9/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl new file mode 100644 index 00000000..39e366b7 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + if (!-e $request_filename) + { + rewrite ^(.+)$ /index.php?q=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/proxy_ip.tpl b/install/debian/9/templates/web/nginx/proxy_ip.tpl new file mode 100755 index 00000000..ae195617 --- /dev/null +++ b/install/debian/9/templates/web/nginx/proxy_ip.tpl @@ -0,0 +1,9 @@ +server { + listen %ip%:%proxy_port% default; + server_name _; + #access_log /var/log/nginx/%ip%.log main; + location / { + proxy_pass http://%ip%:%web_port%; + } +} + diff --git a/install/debian/9/templates/web/php5-fpm/default.tpl b/install/debian/9/templates/web/php5-fpm/default.tpl new file mode 100644 index 00000000..209e1e43 --- /dev/null +++ b/install/debian/9/templates/web/php5-fpm/default.tpl @@ -0,0 +1,21 @@ +[%backend%] +listen = 127.0.0.1:%backend_port% +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +pm = ondemand +pm.max_children = 4 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s +pm.status_path = /status + +php_admin_value[upload_tmp_dir] = /home/%user%/tmp +php_admin_value[session.save_path] = /home/%user%/tmp + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /home/%user%/tmp +env[TMPDIR] = /home/%user%/tmp +env[TEMP] = /home/%user%/tmp diff --git a/install/debian/9/templates/web/php5-fpm/no-php.tpl b/install/debian/9/templates/web/php5-fpm/no-php.tpl new file mode 100644 index 00000000..047c33ed --- /dev/null +++ b/install/debian/9/templates/web/php5-fpm/no-php.tpl @@ -0,0 +1,20 @@ +;[%backend%] +;listen = /dev/null + +;user = %user% +;group = %user% + +;listen.owner = %user% +;listen.group = www-data + +;pm = ondemand +;pm.max_children = 4 +;pm.max_requests = 4000 +;pm.process_idle_timeout = 10s +;pm.status_path = /status + +;env[HOSTNAME] = $HOSTNAME +;env[PATH] = /usr/local/bin:/usr/bin:/bin +;env[TMP] = /home/%user%/tmp +;env[TMPDIR] = /home/%user%/tmp +;env[TEMP] = /home/%user%/tmp diff --git a/install/debian/9/templates/web/php5-fpm/socket.tpl b/install/debian/9/templates/web/php5-fpm/socket.tpl new file mode 100644 index 00000000..a0151084 --- /dev/null +++ b/install/debian/9/templates/web/php5-fpm/socket.tpl @@ -0,0 +1,24 @@ +[%backend%] +listen = /var/run/php/%backend%.sock +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +listen.owner = %user% +listen.group = www-data + +pm = ondemand +pm.max_children = 4 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s +pm.status_path = /status + +php_admin_value[upload_tmp_dir] = /home/%user%/tmp +php_admin_value[session.save_path] = /home/%user%/tmp + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /home/%user%/tmp +env[TMPDIR] = /home/%user%/tmp +env[TEMP] = /home/%user%/tmp diff --git a/install/debian/9/templates/web/skel/document_errors/403.html b/install/debian/9/templates/web/skel/document_errors/403.html new file mode 100755 index 00000000..9c3f6baa --- /dev/null +++ b/install/debian/9/templates/web/skel/document_errors/403.html @@ -0,0 +1,29 @@ + + + 403 — Forbidden + + + + + + +

+ +

403

+

Forbidden

+

+ Unfortunately, you do not have permission to view this +

+ + + diff --git a/install/debian/9/templates/web/skel/document_errors/404.html b/install/debian/9/templates/web/skel/document_errors/404.html new file mode 100755 index 00000000..2cee7708 --- /dev/null +++ b/install/debian/9/templates/web/skel/document_errors/404.html @@ -0,0 +1,28 @@ + + + 404 — Not Found + + + + + + +

+

404

+

Page Not Found

+

+ It seems that the page you were trying to reach does not exist anymore, or maybe it has just moved. + You can start again from the home or go back to previous page. +

+ + diff --git a/install/debian/9/templates/web/skel/document_errors/50x.html b/install/debian/9/templates/web/skel/document_errors/50x.html new file mode 100755 index 00000000..85ba648b --- /dev/null +++ b/install/debian/9/templates/web/skel/document_errors/50x.html @@ -0,0 +1,29 @@ + + + 500 — Internal Sever Error + + + + + + +

+ +

500

+

Internal Server Error

+

+ Sorry, something went wrong :( +

+ + + diff --git a/install/debian/9/templates/web/skel/public_html/index.html b/install/debian/9/templates/web/skel/public_html/index.html new file mode 100755 index 00000000..4f5bb724 --- /dev/null +++ b/install/debian/9/templates/web/skel/public_html/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+

+ Powered by VESTA +

+ + + + diff --git a/install/debian/9/templates/web/skel/public_html/robots.txt b/install/debian/9/templates/web/skel/public_html/robots.txt new file mode 100755 index 00000000..00ee83dc --- /dev/null +++ b/install/debian/9/templates/web/skel/public_html/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/debian/9/templates/web/skel/public_shtml/index.html b/install/debian/9/templates/web/skel/public_shtml/index.html new file mode 100755 index 00000000..4f5bb724 --- /dev/null +++ b/install/debian/9/templates/web/skel/public_shtml/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+

+ Powered by VESTA +

+ + + + diff --git a/install/debian/9/templates/web/skel/public_shtml/robots.txt b/install/debian/9/templates/web/skel/public_shtml/robots.txt new file mode 100755 index 00000000..00ee83dc --- /dev/null +++ b/install/debian/9/templates/web/skel/public_shtml/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/debian/9/templates/web/suspend/.htaccess b/install/debian/9/templates/web/suspend/.htaccess new file mode 100755 index 00000000..5a6df83f --- /dev/null +++ b/install/debian/9/templates/web/suspend/.htaccess @@ -0,0 +1,2 @@ +ErrorDocument 403 /index.html +ErrorDocument 404 /index.html diff --git a/install/debian/9/templates/web/suspend/index.html b/install/debian/9/templates/web/suspend/index.html new file mode 100755 index 00000000..f2d04e1f --- /dev/null +++ b/install/debian/9/templates/web/suspend/index.html @@ -0,0 +1,25 @@ + + + Website Suspended + + + + + +

SUSPENDED

+

This website has been suspended.

+

+ Please contact the technical support department. +

+ + diff --git a/install/debian/9/templates/web/webalizer/webalizer.tpl b/install/debian/9/templates/web/webalizer/webalizer.tpl new file mode 100755 index 00000000..068adcfb --- /dev/null +++ b/install/debian/9/templates/web/webalizer/webalizer.tpl @@ -0,0 +1,110 @@ +HostName %domain_idn% +LogFile /var/log/%web_system%/domains/%domain%.log +OutputDir %home%/%user%/web/%domain%/stats +HistoryName %home%/%user%/web/%domain%/stats/%domain%.hist +Incremental yes +IncrementalName %home%/%user%/web/%domain%/stats/%domain%.current +PageType htm* +PageType cgi +PageType php +PageType shtml +DNSCache /var/lib/webalizer/dns_cache.db +DNSChildren 10 +Quiet yes +FoldSeqErr yes +IndexAlias index.php +HideURL *.gif +HideURL *.GIF +HideURL *.jpg +HideURL *.JPG +HideURL *.png +HideURL *.PNG +HideURL *.ra +SearchEngine abcsearch. terms= +SearchEngine alexa. q= +SearchEngine alltheweb. q= +SearchEngine alltheweb. query= +SearchEngine alot. q= +SearchEngine altavista. q= +SearchEngine aolsearch. query= +SearchEngine aport.ru r= +SearchEngine ask. q= +SearchEngine atlas.cz q= +SearchEngine bbc. q= +SearchEngine bing. q= +SearchEngine blingo. q= +SearchEngine blogs.yandex.ru text= +SearchEngine btopenworld query= +SearchEngine buscador.ya.com q= +SearchEngine busca. q= +SearchEngine business. query= +SearchEngine centrum.cz q= +SearchEngine chiff. q= +SearchEngine clusty. query= +SearchEngine comcast. q= +SearchEngine crawler. q= +SearchEngine cuil. q= +SearchEngine dmoz. search= +SearchEngine dogpile.com q= +SearchEngine dpxml qkw= +SearchEngine eureka. searchword= +SearchEngine euroseek. string= +SearchEngine exalead. q= +SearchEngine excite search= +SearchEngine ezilon. q= +SearchEngine fastbrowsersearch. q= +SearchEngine feedster.com q= +SearchEngine fireball.de q= +SearchEngine fireball. keyword= +SearchEngine freeserve. q= +SearchEngine gigablast. q= +SearchEngine gogo.ru q= +SearchEngine go.mail.ru q= +SearchEngine google. q= +SearchEngine hakia. q= +SearchEngine hotbot. query= +SearchEngine infoseek. qt= +SearchEngine iwon searchfor= +SearchEngine ixquick.com query= +SearchEngine joeant. keywords= +SearchEngine jyxo.cz s= +SearchEngine looksmart. key= +SearchEngine lycos. query= +SearchEngine mamma. q= +SearchEngine metacrawler q= +SearchEngine msn. MT= +SearchEngine msxml qkw= +SearchEngine mysearch. searchfor= +SearchEngine mywebsearch. searchfor= +SearchEngine netscape. q= +SearchEngine nigma.ru q= +SearchEngine northernlight. qr= +SearchEngine ntlworld. q= +SearchEngine orange. q= +SearchEngine overture. Keywords= +SearchEngine punto.ru text= +SearchEngine rambler. keyword= +SearchEngine search.aol. q= +SearchEngine search.babylon. q= +SearchEngine search.centrum. phrase= +SearchEngine search.conduit. q= +SearchEngine search.earthlink q= +SearchEngine search.icq. q= +SearchEngine search.live.com q= +SearchEngine search.rambler.ru words= +SearchEngine search.winamp. q= +SearchEngine searchy. q= +SearchEngine seznam.cz w= +SearchEngine snap. query= +SearchEngine teoma. q= +SearchEngine teradex.com q= +SearchEngine ukplus key= +SearchEngine verizon. q= +SearchEngine virginmedia. q= +SearchEngine voila. rdata= +SearchEngine webcrawler searchText= +SearchEngine web.search.naver. query= +SearchEngine wisenut q= +SearchEngine yahoo. p= +SearchEngine yandex. text= +SearchEngine yodao. q= diff --git a/install/debian/9/vsftpd/vsftpd.conf b/install/debian/9/vsftpd/vsftpd.conf new file mode 100644 index 00000000..1ca1a992 --- /dev/null +++ b/install/debian/9/vsftpd/vsftpd.conf @@ -0,0 +1,26 @@ +anonymous_enable=NO +local_enable=YES +write_enable=YES +local_umask=022 +anon_umask=022 +anon_upload_enable=NO +dirmessage_enable=YES +xferlog_enable=YES +connect_from_port_20=YES +xferlog_std_format=YES +dual_log_enable=YES +chroot_local_user=YES +listen=YES +pam_service_name=vsftpd +userlist_enable=NO +tcp_wrappers=YES +force_dot_files=YES +ascii_upload_enable=YES +ascii_download_enable=YES +#allow_writable_chroot=YES +allow_writeable_chroot=YES +seccomp_sandbox=NO +pasv_enable=YES +pasv_max_port=12100 +pasv_min_port=12000 +use_localtime=YES From d7eb12defa542117db6f74a4b4ead58230518141 Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Sat, 30 Dec 2017 12:51:37 +0200 Subject: [PATCH 0007/2300] fix for multiple php-fpm init scripts --- bin/v-restart-web-backend | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/v-restart-web-backend b/bin/v-restart-web-backend index b18f6abc..e1d8ebe9 100755 --- a/bin/v-restart-web-backend +++ b/bin/v-restart-web-backend @@ -50,7 +50,7 @@ if [ -z "$WEB_BACKEND" ] || [ "$WEB_BACKEND" = 'remote' ]; then fi # Restart system -php_fpm=$(ls /etc/init.d/php*-fpm* 2>/dev/null |cut -f 4 -d /) +php_fpm=$(ls /etc/init.d/php*-fpm* 2>/dev/null |cut -f 4 -d / |head -n 1) if [ -z "$php_fpm" ]; then service $WEB_BACKEND restart >/dev/null 2>&1 else From 5b834dc8c1efcf4e89eb5b62a98296f51e5bc09d Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Sun, 31 Dec 2017 11:45:21 +0200 Subject: [PATCH 0008/2300] fixes for php-fpm on debian 9 --- .../debian/9/{php5-fpm => php-fpm}/www.conf | 0 install/vst-install-debian.sh | 31 ++++++++++++++----- 2 files changed, 24 insertions(+), 7 deletions(-) rename install/debian/9/{php5-fpm => php-fpm}/www.conf (100%) diff --git a/install/debian/9/php5-fpm/www.conf b/install/debian/9/php-fpm/www.conf similarity index 100% rename from install/debian/9/php5-fpm/www.conf rename to install/debian/9/php-fpm/www.conf diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh index 41ab0063..f897ea4f 100644 --- a/install/vst-install-debian.sh +++ b/install/vst-install-debian.sh @@ -486,7 +486,7 @@ apt-key add deb_signing.key # Creating backup directory tree mkdir -p $vst_backups cd $vst_backups -mkdir nginx apache2 php5 php5-fpm vsftpd proftpd bind exim4 dovecot clamd +mkdir nginx apache2 php php5 php5-fpm vsftpd proftpd bind exim4 dovecot clamd mkdir spamassassin mysql postgresql mongodb vesta # Backing up Nginx configuration @@ -567,9 +567,11 @@ if [ "$apache" = 'no' ]; then software=$(echo "$software" | sed -e "s/libapache2-mod-ruid2//") software=$(echo "$software" | sed -e "s/libapache2-mod-fcgid//") software=$(echo "$software" | sed -e "s/libapache2-mod-php5//") + software=$(echo "$software" | sed -e "s/libapache2-mod-php//") fi if [ "$phpfpm" = 'no' ]; then software=$(echo "$software" | sed -e "s/php5-fpm//") + software=$(echo "$software" | sed -e "s/php-fpm//") fi if [ "$vsftpd" = 'no' ]; then software=$(echo "$software" | sed -e "s/vsftpd//") @@ -605,12 +607,14 @@ if [ "$mysql" = 'no' ]; then software=$(echo "$software" | sed -e 's/mysql-client//') software=$(echo "$software" | sed -e 's/mysql-common//') software=$(echo "$software" | sed -e 's/php5-mysql//') + software=$(echo "$software" | sed -e 's/php-mysql//') software=$(echo "$software" | sed -e 's/phpMyAdmin//') fi if [ "$postgresql" = 'no' ]; then software=$(echo "$software" | sed -e 's/postgresql-contrib//') software=$(echo "$software" | sed -e 's/postgresql//') software=$(echo "$software" | sed -e 's/php5-pgsql//') + software=$(echo "$software" | sed -e 's/php-pgsql//') software=$(echo "$software" | sed -e 's/phppgadmin//') fi if [ "$softaculous" = 'no' ]; then @@ -740,8 +744,14 @@ if [ "$apache" = 'no' ] && [ "$nginx" = 'yes' ]; then echo "WEB_PORT='80'" >> $VESTA/conf/vesta.conf echo "WEB_SSL_PORT='443'" >> $VESTA/conf/vesta.conf echo "WEB_SSL='openssl'" >> $VESTA/conf/vesta.conf - if [ "$phpfpm" = 'yes' ]; then - echo "WEB_BACKEND='php5-fpm'" >> $VESTA/conf/vesta.conf + if [ "$release" -eq 9 ]; then + if [ "$phpfpm" = 'yes' ]; then + echo "WEB_BACKEND='php-fpm'" >> $VESTA/conf/vesta.conf + fi + else + if [ "$phpfpm" = 'yes' ]; then + echo "WEB_BACKEND='php5-fpm'" >> $VESTA/conf/vesta.conf + fi fi echo "STATS_SYSTEM='webalizer,awstats'" >> $VESTA/conf/vesta.conf fi @@ -898,10 +908,17 @@ fi #----------------------------------------------------------# if [ "$phpfpm" = 'yes' ]; then - wget $vestacp/php5-fpm/www.conf -O /etc/php5/fpm/pool.d/www.conf - update-rc.d php5-fpm defaults - service php5-fpm start - check_result $? "php-fpm start failed" + if [ "$release" -eq 9 ]; then + wget $vestacp/php-fpm/www.conf -O /etc/php/7.0/fpm/pool.d/www.conf + update-rc.d php7.0-fpm defaults + service php7.0-fpm start + check_result $? "php-fpm start failed" + else + wget $vestacp/php5-fpm/www.conf -O /etc/php5/fpm/pool.d/www.conf + update-rc.d php5-fpm defaults + service php5-fpm start + check_result $? "php-fpm start failed" + fi fi From e986e48baf3db4f8ef8c8518bc19044ebf6cf060 Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Tue, 2 Jan 2018 11:52:57 +0200 Subject: [PATCH 0009/2300] added missing ; --- upd/fix_nginx_auth.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/upd/fix_nginx_auth.sh b/upd/fix_nginx_auth.sh index 5bed5790..2579e693 100755 --- a/upd/fix_nginx_auth.sh +++ b/upd/fix_nginx_auth.sh @@ -3,7 +3,7 @@ source /etc/profile.d/vesta.sh source /usr/local/vesta/conf/vesta.conf -sed -i "s|web/%domain%/stats/auth.*|conf/web/%domain%.auth|" \ +sed -i "s|web/%domain%/stats/auth.*|conf/web/%domain%.auth;|" \ $VESTA/data/templates/web/nginx/*/*tpl >/dev/null 2>&1 if [ "$WEB_SYSTEM" != 'nginx' ]; then From 351d2a78cf9b67355ad6cf2da44f1b6325495cc5 Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Tue, 2 Jan 2018 16:39:05 +0200 Subject: [PATCH 0010/2300] small fixes for softaculous plugin enable/disable --- bin/v-add-vesta-softaculous | 10 +++++++--- bin/v-delete-vesta-softaculous | 3 ++- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/bin/v-add-vesta-softaculous b/bin/v-add-vesta-softaculous index be96196c..2eb31635 100755 --- a/bin/v-add-vesta-softaculous +++ b/bin/v-add-vesta-softaculous @@ -98,6 +98,8 @@ fi # Installing softaculous if [ ! -e "$VESTA/softaculous/vst_installed" ]; then + mkdir -p /var/softaculous + chown -R admin:admin /var/softaculous cd $VESTA/softaculous wget -q http://c.vestacp.com/3rdparty/softaculous_install.inc $VESTA/php/bin/php softaculous_install.inc @@ -105,9 +107,11 @@ if [ ! -e "$VESTA/softaculous/vst_installed" ]; then touch $VESTA/softaculous/vst_installed fi -# Adding symlink -if [ ! -e "$VESTA/web/softaculous" ]; then - ln -s $VESTA/softaculous/vesta $VESTA/web/softaculous +# Enabling symlink +if [ -e "$VESTA/disabled_plugins/softaculous" ]; then + if [ ! -e "$VESTA/web/softaculous" ]; then + mv $VESTA/disabled_plugins/softaculous $VESTA/web/softaculous + fi fi # Updating SOFTACULOUS value diff --git a/bin/v-delete-vesta-softaculous b/bin/v-delete-vesta-softaculous index cff7d2b8..c15d68c1 100755 --- a/bin/v-delete-vesta-softaculous +++ b/bin/v-delete-vesta-softaculous @@ -29,7 +29,8 @@ fi # Deleting symlink if [ -e "$VESTA/web/softaculous" ]; then - rm -f $VESTA/web/softaculous + mkdir -p $VESTA/disabled_plugins + mv $VESTA/web/softaculous $VESTA/disabled_plugins fi # Updating SOFTACULOUS value From 9059167db77eee0c731c75357c66bdb4eea26373 Mon Sep 17 00:00:00 2001 From: "Made I.T" Date: Tue, 2 Jan 2018 21:05:31 +0100 Subject: [PATCH 0011/2300] #1421 - Fix Backup retention Fix #1421 --- bin/v-backup-user | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/v-backup-user b/bin/v-backup-user index 2d545d71..f48803d0 100755 --- a/bin/v-backup-user +++ b/bin/v-backup-user @@ -499,7 +499,7 @@ local_backup(){ backup_list=$(ls -lrt $BACKUP/ |awk '{print $9}' |grep "^$user\." | grep ".tar") backups_count=$(echo "$backup_list" |wc -l) if [ "$BACKUPS" -le "$backups_count" ]; then - backups_rm_number=$((backups_count - BACKUPS)) + backups_rm_number=$((backups_count - BACKUPS + 1)) # Removing old backup for backup in $(echo "$backup_list" |head -n $backups_rm_number); do From a7333684a299a72835dfbf82242eaa2221753c61 Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Thu, 4 Jan 2018 22:16:49 +0200 Subject: [PATCH 0012/2300] proper template location for debian 9 --- install/debian/9/templates/web/{php5-fpm => php-fpm}/default.tpl | 0 install/debian/9/templates/web/{php5-fpm => php-fpm}/no-php.tpl | 0 install/debian/9/templates/web/{php5-fpm => php-fpm}/socket.tpl | 0 3 files changed, 0 insertions(+), 0 deletions(-) rename install/debian/9/templates/web/{php5-fpm => php-fpm}/default.tpl (100%) rename install/debian/9/templates/web/{php5-fpm => php-fpm}/no-php.tpl (100%) rename install/debian/9/templates/web/{php5-fpm => php-fpm}/socket.tpl (100%) diff --git a/install/debian/9/templates/web/php5-fpm/default.tpl b/install/debian/9/templates/web/php-fpm/default.tpl similarity index 100% rename from install/debian/9/templates/web/php5-fpm/default.tpl rename to install/debian/9/templates/web/php-fpm/default.tpl diff --git a/install/debian/9/templates/web/php5-fpm/no-php.tpl b/install/debian/9/templates/web/php-fpm/no-php.tpl similarity index 100% rename from install/debian/9/templates/web/php5-fpm/no-php.tpl rename to install/debian/9/templates/web/php-fpm/no-php.tpl diff --git a/install/debian/9/templates/web/php5-fpm/socket.tpl b/install/debian/9/templates/web/php-fpm/socket.tpl similarity index 100% rename from install/debian/9/templates/web/php5-fpm/socket.tpl rename to install/debian/9/templates/web/php-fpm/socket.tpl From 8c9c4116b0ac0f68603a826b5f7c1cf38e90f054 Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Fri, 5 Jan 2018 18:32:22 +0200 Subject: [PATCH 0013/2300] added net-tools --- install/vst-install-debian.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh index f897ea4f..1ae6d422 100644 --- a/install/vst-install-debian.sh +++ b/install/vst-install-debian.sh @@ -29,7 +29,7 @@ if [ "$release" -eq 9 ]; then flex whois rssh git idn zip sudo bc ftp lsof ntpdate rrdtool quota e2fslibs bsdutils e2fsprogs curl imagemagick fail2ban dnsutils bsdmainutils cron vesta vesta-nginx vesta-php expect libmail-dkim-perl - unrar-free vim-common vesta-ioncube vesta-softaculous" + unrar-free vim-common vesta-ioncube vesta-softaculous net-tools" elif [ "$release" -eq 8 ]; then software="nginx apache2 apache2-utils apache2.2-common apache2-suexec-custom libapache2-mod-ruid2 @@ -42,7 +42,7 @@ elif [ "$release" -eq 8 ]; then flex whois rssh git idn zip sudo bc ftp lsof ntpdate rrdtool quota e2fslibs bsdutils e2fsprogs curl imagemagick fail2ban dnsutils bsdmainutils cron vesta vesta-nginx vesta-php expect libmail-dkim-perl - unrar-free vim-common vesta-ioncube vesta-softaculous" + unrar-free vim-common vesta-ioncube vesta-softaculous net-tools" else software="nginx apache2 apache2-utils apache2.2-common apache2-suexec-custom libapache2-mod-ruid2 @@ -55,7 +55,7 @@ else flex whois rssh git idn zip sudo bc ftp lsof ntpdate rrdtool quota e2fslibs bsdutils e2fsprogs curl imagemagick fail2ban dnsutils bsdmainutils cron vesta vesta-nginx vesta-php expect unrar-free - vim-common vesta-ioncube vesta-softaculous" + vim-common vesta-ioncube vesta-softaculous net-tools" fi # Defining help function From c28dcc1037b416210447973267a4ee8dbde18e81 Mon Sep 17 00:00:00 2001 From: Somthanat Wongsa Date: Sat, 6 Jan 2018 13:20:16 +0700 Subject: [PATCH 0014/2300] fix php open_basedir error when using public_shtml as a document root --- install/debian/7/templates/web/apache2/basedir.stpl | 2 +- install/debian/7/templates/web/apache2/hosting.stpl | 2 +- install/debian/7/templates/web/apache2/phpcgi.stpl | 2 +- install/debian/7/templates/web/apache2/phpfcgid.stpl | 2 +- install/debian/7/templates/web/nginx/hosting.stpl | 2 +- install/debian/7/templates/web/nginx/php5-fpm/sendy.stpl | 2 +- .../7/templates/web/nginx/php5-fpm/wordpress2_rewrite.stpl | 2 +- install/debian/8/templates/web/apache2/basedir.stpl | 2 +- install/debian/8/templates/web/apache2/hosting.stpl | 2 +- install/debian/8/templates/web/apache2/phpcgi.stpl | 2 +- install/debian/8/templates/web/apache2/phpfcgid.stpl | 2 +- install/debian/8/templates/web/nginx/hosting.stpl | 2 +- install/debian/8/templates/web/nginx/php5-fpm/sendy.stpl | 2 +- .../8/templates/web/nginx/php5-fpm/wordpress2_rewrite.stpl | 2 +- install/debian/9/templates/web/apache2/basedir.stpl | 2 +- install/debian/9/templates/web/apache2/hosting.stpl | 2 +- install/debian/9/templates/web/apache2/phpcgi.stpl | 2 +- install/debian/9/templates/web/apache2/phpfcgid.stpl | 2 +- install/debian/9/templates/web/nginx/hosting.stpl | 2 +- install/debian/9/templates/web/nginx/php-fpm/sendy.stpl | 2 +- .../9/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl | 2 +- install/rhel/5/templates/web/httpd/basedir.stpl | 2 +- install/rhel/5/templates/web/httpd/hosting.stpl | 2 +- install/rhel/5/templates/web/httpd/phpcgi.stpl | 2 +- install/rhel/5/templates/web/httpd/phpfcgid.stpl | 2 +- install/rhel/5/templates/web/nginx/hosting.stpl | 2 +- install/rhel/5/templates/web/nginx/php-fpm/sendy.stpl | 2 +- .../rhel/5/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl | 2 +- install/rhel/6/templates/web/httpd/basedir.stpl | 2 +- install/rhel/6/templates/web/httpd/hosting.stpl | 2 +- install/rhel/6/templates/web/httpd/phpcgi.stpl | 2 +- install/rhel/6/templates/web/httpd/phpfcgid.stpl | 2 +- install/rhel/6/templates/web/nginx/hosting.stpl | 2 +- install/rhel/6/templates/web/nginx/php-fpm/sendy.stpl | 2 +- .../rhel/6/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl | 2 +- install/rhel/7/templates/web/httpd/basedir.stpl | 2 +- install/rhel/7/templates/web/httpd/hosting.stpl | 2 +- install/rhel/7/templates/web/httpd/phpcgi.stpl | 2 +- install/rhel/7/templates/web/httpd/phpfcgid.stpl | 2 +- install/rhel/7/templates/web/nginx/hosting.stpl | 2 +- install/rhel/7/templates/web/nginx/php-fpm/sendy.stpl | 2 +- .../rhel/7/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl | 2 +- install/ubuntu/12.04/templates/web/apache2/basedir.stpl | 2 +- install/ubuntu/12.04/templates/web/apache2/hosting.stpl | 2 +- install/ubuntu/12.04/templates/web/apache2/phpcgi.stpl | 2 +- install/ubuntu/12.04/templates/web/apache2/phpfcgid.stpl | 2 +- install/ubuntu/12.04/templates/web/nginx/hosting.stpl | 2 +- install/ubuntu/12.04/templates/web/nginx/php-fpm/sendy.stpl | 2 +- .../12.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl | 2 +- install/ubuntu/12.10/templates/web/apache2/basedir.stpl | 2 +- install/ubuntu/12.10/templates/web/apache2/hosting.stpl | 2 +- install/ubuntu/12.10/templates/web/apache2/phpcgi.stpl | 2 +- install/ubuntu/12.10/templates/web/apache2/phpfcgid.stpl | 2 +- install/ubuntu/12.10/templates/web/nginx/hosting.stpl | 2 +- install/ubuntu/12.10/templates/web/nginx/php-fpm/sendy.stpl | 2 +- .../12.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl | 2 +- install/ubuntu/13.04/templates/web/apache2/basedir.stpl | 2 +- install/ubuntu/13.04/templates/web/apache2/hosting.stpl | 2 +- install/ubuntu/13.04/templates/web/apache2/phpcgi.stpl | 2 +- install/ubuntu/13.04/templates/web/apache2/phpfcgid.stpl | 2 +- install/ubuntu/13.04/templates/web/nginx/hosting.stpl | 2 +- install/ubuntu/13.04/templates/web/nginx/php-fpm/sendy.stpl | 2 +- .../13.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl | 2 +- install/ubuntu/13.10/templates/web/apache2/basedir.stpl | 2 +- install/ubuntu/13.10/templates/web/apache2/hosting.stpl | 2 +- install/ubuntu/13.10/templates/web/apache2/phpcgi.stpl | 2 +- install/ubuntu/13.10/templates/web/apache2/phpfcgid.stpl | 2 +- install/ubuntu/13.10/templates/web/nginx/hosting.stpl | 2 +- install/ubuntu/13.10/templates/web/nginx/php-fpm/sendy.stpl | 2 +- .../13.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl | 2 +- install/ubuntu/14.04/templates/web/apache2/basedir.stpl | 2 +- install/ubuntu/14.04/templates/web/apache2/hosting.stpl | 2 +- install/ubuntu/14.04/templates/web/apache2/phpcgi.stpl | 2 +- install/ubuntu/14.04/templates/web/apache2/phpfcgid.stpl | 2 +- install/ubuntu/14.04/templates/web/nginx/hosting.stpl | 2 +- install/ubuntu/14.04/templates/web/nginx/php-fpm/sendy.stpl | 2 +- .../14.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl | 2 +- install/ubuntu/14.10/templates/web/apache2/basedir.stpl | 2 +- install/ubuntu/14.10/templates/web/apache2/hosting.stpl | 2 +- install/ubuntu/14.10/templates/web/apache2/phpcgi.stpl | 2 +- install/ubuntu/14.10/templates/web/apache2/phpfcgid.stpl | 2 +- install/ubuntu/14.10/templates/web/nginx/hosting.stpl | 2 +- install/ubuntu/14.10/templates/web/nginx/php-fpm/sendy.stpl | 2 +- .../14.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl | 2 +- install/ubuntu/15.04/templates/web/apache2/basedir.stpl | 2 +- install/ubuntu/15.04/templates/web/apache2/hosting.stpl | 2 +- install/ubuntu/15.04/templates/web/apache2/phpcgi.stpl | 2 +- install/ubuntu/15.04/templates/web/apache2/phpfcgid.stpl | 2 +- install/ubuntu/15.04/templates/web/nginx/hosting.stpl | 2 +- install/ubuntu/15.04/templates/web/nginx/php-fpm/sendy.stpl | 2 +- .../15.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl | 2 +- install/ubuntu/15.10/templates/web/apache2/basedir.stpl | 2 +- install/ubuntu/15.10/templates/web/apache2/hosting.stpl | 2 +- install/ubuntu/15.10/templates/web/apache2/phpcgi.stpl | 2 +- install/ubuntu/15.10/templates/web/apache2/phpfcgid.stpl | 2 +- install/ubuntu/15.10/templates/web/nginx/hosting.stpl | 2 +- install/ubuntu/15.10/templates/web/nginx/php-fpm/sendy.stpl | 2 +- .../15.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl | 2 +- install/ubuntu/16.04/templates/web/apache2/basedir.stpl | 2 +- install/ubuntu/16.04/templates/web/apache2/hosting.stpl | 2 +- install/ubuntu/16.04/templates/web/apache2/phpcgi.stpl | 2 +- install/ubuntu/16.04/templates/web/apache2/phpfcgid.stpl | 2 +- install/ubuntu/16.04/templates/web/nginx/hosting.stpl | 2 +- install/ubuntu/16.04/templates/web/nginx/php-fpm/sendy.stpl | 2 +- .../16.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl | 2 +- install/ubuntu/16.10/templates/web/apache2/basedir.stpl | 2 +- install/ubuntu/16.10/templates/web/apache2/hosting.stpl | 2 +- install/ubuntu/16.10/templates/web/apache2/phpcgi.stpl | 2 +- install/ubuntu/16.10/templates/web/apache2/phpfcgid.stpl | 2 +- install/ubuntu/16.10/templates/web/nginx/hosting.stpl | 2 +- install/ubuntu/16.10/templates/web/nginx/php-fpm/sendy.stpl | 2 +- .../16.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl | 2 +- 112 files changed, 112 insertions(+), 112 deletions(-) diff --git a/install/debian/7/templates/web/apache2/basedir.stpl b/install/debian/7/templates/web/apache2/basedir.stpl index dda3aa76..fe0b5b40 100644 --- a/install/debian/7/templates/web/apache2/basedir.stpl +++ b/install/debian/7/templates/web/apache2/basedir.stpl @@ -15,7 +15,7 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" diff --git a/install/debian/7/templates/web/apache2/hosting.stpl b/install/debian/7/templates/web/apache2/hosting.stpl index 627325e0..e1442ce2 100644 --- a/install/debian/7/templates/web/apache2/hosting.stpl +++ b/install/debian/7/templates/web/apache2/hosting.stpl @@ -22,7 +22,7 @@ php_admin_flag mysql.allow_persistent off php_admin_flag safe_mode off php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" - php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/debian/7/templates/web/apache2/phpcgi.stpl b/install/debian/7/templates/web/apache2/phpcgi.stpl index aa807091..40ce5fb2 100644 --- a/install/debian/7/templates/web/apache2/phpcgi.stpl +++ b/install/debian/7/templates/web/apache2/phpcgi.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp Action phpcgi-script /cgi-bin/php diff --git a/install/debian/7/templates/web/apache2/phpfcgid.stpl b/install/debian/7/templates/web/apache2/phpfcgid.stpl index 88cea0e6..5d27efcd 100644 --- a/install/debian/7/templates/web/apache2/phpfcgid.stpl +++ b/install/debian/7/templates/web/apache2/phpfcgid.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/debian/7/templates/web/nginx/hosting.stpl b/install/debian/7/templates/web/nginx/hosting.stpl index d778d633..31774a08 100755 --- a/install/debian/7/templates/web/nginx/hosting.stpl +++ b/install/debian/7/templates/web/nginx/hosting.stpl @@ -31,7 +31,7 @@ server { location ~ /\.hg/ {return 404;} location ~ /\.bzr/ {return 404;} - disable_symlinks if_not_owner from=%docroot%; + disable_symlinks if_not_owner from=%sdocroot%; include %home%/%user%/conf/web/snginx.%domain%.conf*; } diff --git a/install/debian/7/templates/web/nginx/php5-fpm/sendy.stpl b/install/debian/7/templates/web/nginx/php5-fpm/sendy.stpl index 0b351000..e7f3dcc6 100644 --- a/install/debian/7/templates/web/nginx/php5-fpm/sendy.stpl +++ b/install/debian/7/templates/web/nginx/php5-fpm/sendy.stpl @@ -3,7 +3,7 @@ server { server_name %domain_idn% %alias_idn%; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/debian/7/templates/web/nginx/php5-fpm/wordpress2_rewrite.stpl b/install/debian/7/templates/web/nginx/php5-fpm/wordpress2_rewrite.stpl index 0d933b30..0d9793ae 100644 --- a/install/debian/7/templates/web/nginx/php5-fpm/wordpress2_rewrite.stpl +++ b/install/debian/7/templates/web/nginx/php5-fpm/wordpress2_rewrite.stpl @@ -1,7 +1,7 @@ server { listen %ip%:%web_ssl_port%; server_name %domain_idn% %alias_idn%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/debian/8/templates/web/apache2/basedir.stpl b/install/debian/8/templates/web/apache2/basedir.stpl index d978d4c4..2db1d52c 100644 --- a/install/debian/8/templates/web/apache2/basedir.stpl +++ b/install/debian/8/templates/web/apache2/basedir.stpl @@ -15,7 +15,7 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" diff --git a/install/debian/8/templates/web/apache2/hosting.stpl b/install/debian/8/templates/web/apache2/hosting.stpl index 8892072b..c9c19512 100644 --- a/install/debian/8/templates/web/apache2/hosting.stpl +++ b/install/debian/8/templates/web/apache2/hosting.stpl @@ -22,7 +22,7 @@ php_admin_flag mysql.allow_persistent off php_admin_flag safe_mode off php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" - php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/debian/8/templates/web/apache2/phpcgi.stpl b/install/debian/8/templates/web/apache2/phpcgi.stpl index 731355bc..ae560dbe 100644 --- a/install/debian/8/templates/web/apache2/phpcgi.stpl +++ b/install/debian/8/templates/web/apache2/phpcgi.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp Action phpcgi-script /cgi-bin/php diff --git a/install/debian/8/templates/web/apache2/phpfcgid.stpl b/install/debian/8/templates/web/apache2/phpfcgid.stpl index 156c8a91..bc3688d9 100644 --- a/install/debian/8/templates/web/apache2/phpfcgid.stpl +++ b/install/debian/8/templates/web/apache2/phpfcgid.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/debian/8/templates/web/nginx/hosting.stpl b/install/debian/8/templates/web/nginx/hosting.stpl index d778d633..31774a08 100755 --- a/install/debian/8/templates/web/nginx/hosting.stpl +++ b/install/debian/8/templates/web/nginx/hosting.stpl @@ -31,7 +31,7 @@ server { location ~ /\.hg/ {return 404;} location ~ /\.bzr/ {return 404;} - disable_symlinks if_not_owner from=%docroot%; + disable_symlinks if_not_owner from=%sdocroot%; include %home%/%user%/conf/web/snginx.%domain%.conf*; } diff --git a/install/debian/8/templates/web/nginx/php5-fpm/sendy.stpl b/install/debian/8/templates/web/nginx/php5-fpm/sendy.stpl index 0b351000..e7f3dcc6 100644 --- a/install/debian/8/templates/web/nginx/php5-fpm/sendy.stpl +++ b/install/debian/8/templates/web/nginx/php5-fpm/sendy.stpl @@ -3,7 +3,7 @@ server { server_name %domain_idn% %alias_idn%; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/debian/8/templates/web/nginx/php5-fpm/wordpress2_rewrite.stpl b/install/debian/8/templates/web/nginx/php5-fpm/wordpress2_rewrite.stpl index 0d933b30..0d9793ae 100644 --- a/install/debian/8/templates/web/nginx/php5-fpm/wordpress2_rewrite.stpl +++ b/install/debian/8/templates/web/nginx/php5-fpm/wordpress2_rewrite.stpl @@ -1,7 +1,7 @@ server { listen %ip%:%web_ssl_port%; server_name %domain_idn% %alias_idn%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/debian/9/templates/web/apache2/basedir.stpl b/install/debian/9/templates/web/apache2/basedir.stpl index d978d4c4..2db1d52c 100644 --- a/install/debian/9/templates/web/apache2/basedir.stpl +++ b/install/debian/9/templates/web/apache2/basedir.stpl @@ -15,7 +15,7 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" diff --git a/install/debian/9/templates/web/apache2/hosting.stpl b/install/debian/9/templates/web/apache2/hosting.stpl index 8892072b..c9c19512 100644 --- a/install/debian/9/templates/web/apache2/hosting.stpl +++ b/install/debian/9/templates/web/apache2/hosting.stpl @@ -22,7 +22,7 @@ php_admin_flag mysql.allow_persistent off php_admin_flag safe_mode off php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" - php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/debian/9/templates/web/apache2/phpcgi.stpl b/install/debian/9/templates/web/apache2/phpcgi.stpl index 731355bc..ae560dbe 100644 --- a/install/debian/9/templates/web/apache2/phpcgi.stpl +++ b/install/debian/9/templates/web/apache2/phpcgi.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp Action phpcgi-script /cgi-bin/php diff --git a/install/debian/9/templates/web/apache2/phpfcgid.stpl b/install/debian/9/templates/web/apache2/phpfcgid.stpl index 156c8a91..bc3688d9 100644 --- a/install/debian/9/templates/web/apache2/phpfcgid.stpl +++ b/install/debian/9/templates/web/apache2/phpfcgid.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/debian/9/templates/web/nginx/hosting.stpl b/install/debian/9/templates/web/nginx/hosting.stpl index d778d633..31774a08 100755 --- a/install/debian/9/templates/web/nginx/hosting.stpl +++ b/install/debian/9/templates/web/nginx/hosting.stpl @@ -31,7 +31,7 @@ server { location ~ /\.hg/ {return 404;} location ~ /\.bzr/ {return 404;} - disable_symlinks if_not_owner from=%docroot%; + disable_symlinks if_not_owner from=%sdocroot%; include %home%/%user%/conf/web/snginx.%domain%.conf*; } diff --git a/install/debian/9/templates/web/nginx/php-fpm/sendy.stpl b/install/debian/9/templates/web/nginx/php-fpm/sendy.stpl index 0b351000..e7f3dcc6 100644 --- a/install/debian/9/templates/web/nginx/php-fpm/sendy.stpl +++ b/install/debian/9/templates/web/nginx/php-fpm/sendy.stpl @@ -3,7 +3,7 @@ server { server_name %domain_idn% %alias_idn%; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/debian/9/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/debian/9/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl index 0d933b30..0d9793ae 100644 --- a/install/debian/9/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl +++ b/install/debian/9/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -1,7 +1,7 @@ server { listen %ip%:%web_ssl_port%; server_name %domain_idn% %alias_idn%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/rhel/5/templates/web/httpd/basedir.stpl b/install/rhel/5/templates/web/httpd/basedir.stpl index 4ced9f38..2a3f9fbd 100644 --- a/install/rhel/5/templates/web/httpd/basedir.stpl +++ b/install/rhel/5/templates/web/httpd/basedir.stpl @@ -15,7 +15,7 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" diff --git a/install/rhel/5/templates/web/httpd/hosting.stpl b/install/rhel/5/templates/web/httpd/hosting.stpl index f94ba186..f94fdb64 100644 --- a/install/rhel/5/templates/web/httpd/hosting.stpl +++ b/install/rhel/5/templates/web/httpd/hosting.stpl @@ -22,7 +22,7 @@ php_admin_flag mysql.allow_persistent off php_admin_flag safe_mode off php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" - php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/rhel/5/templates/web/httpd/phpcgi.stpl b/install/rhel/5/templates/web/httpd/phpcgi.stpl index 591693a4..d544411c 100644 --- a/install/rhel/5/templates/web/httpd/phpcgi.stpl +++ b/install/rhel/5/templates/web/httpd/phpcgi.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp Action phpcgi-script /cgi-bin/php diff --git a/install/rhel/5/templates/web/httpd/phpfcgid.stpl b/install/rhel/5/templates/web/httpd/phpfcgid.stpl index 3bb82cca..38c5dd17 100644 --- a/install/rhel/5/templates/web/httpd/phpfcgid.stpl +++ b/install/rhel/5/templates/web/httpd/phpfcgid.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/rhel/5/templates/web/nginx/hosting.stpl b/install/rhel/5/templates/web/nginx/hosting.stpl index aca458a4..59c24af4 100755 --- a/install/rhel/5/templates/web/nginx/hosting.stpl +++ b/install/rhel/5/templates/web/nginx/hosting.stpl @@ -31,7 +31,7 @@ server { location ~ /\.hg/ {return 404;} location ~ /\.bzr/ {return 404;} - disable_symlinks if_not_owner from=%docroot%; + disable_symlinks if_not_owner from=%sdocroot%; include %home%/%user%/conf/web/snginx.%domain%.conf*; } diff --git a/install/rhel/5/templates/web/nginx/php-fpm/sendy.stpl b/install/rhel/5/templates/web/nginx/php-fpm/sendy.stpl index 0b351000..e7f3dcc6 100644 --- a/install/rhel/5/templates/web/nginx/php-fpm/sendy.stpl +++ b/install/rhel/5/templates/web/nginx/php-fpm/sendy.stpl @@ -3,7 +3,7 @@ server { server_name %domain_idn% %alias_idn%; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/rhel/5/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/rhel/5/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl index 0d933b30..0d9793ae 100644 --- a/install/rhel/5/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl +++ b/install/rhel/5/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -1,7 +1,7 @@ server { listen %ip%:%web_ssl_port%; server_name %domain_idn% %alias_idn%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/rhel/6/templates/web/httpd/basedir.stpl b/install/rhel/6/templates/web/httpd/basedir.stpl index 4ced9f38..2a3f9fbd 100644 --- a/install/rhel/6/templates/web/httpd/basedir.stpl +++ b/install/rhel/6/templates/web/httpd/basedir.stpl @@ -15,7 +15,7 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" diff --git a/install/rhel/6/templates/web/httpd/hosting.stpl b/install/rhel/6/templates/web/httpd/hosting.stpl index f1c1c111..06bd6183 100644 --- a/install/rhel/6/templates/web/httpd/hosting.stpl +++ b/install/rhel/6/templates/web/httpd/hosting.stpl @@ -22,7 +22,7 @@ php_admin_flag mysql.allow_persistent off php_admin_flag safe_mode off php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" - php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/rhel/6/templates/web/httpd/phpcgi.stpl b/install/rhel/6/templates/web/httpd/phpcgi.stpl index 591693a4..d544411c 100644 --- a/install/rhel/6/templates/web/httpd/phpcgi.stpl +++ b/install/rhel/6/templates/web/httpd/phpcgi.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp Action phpcgi-script /cgi-bin/php diff --git a/install/rhel/6/templates/web/httpd/phpfcgid.stpl b/install/rhel/6/templates/web/httpd/phpfcgid.stpl index 3bb82cca..38c5dd17 100644 --- a/install/rhel/6/templates/web/httpd/phpfcgid.stpl +++ b/install/rhel/6/templates/web/httpd/phpfcgid.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/rhel/6/templates/web/nginx/hosting.stpl b/install/rhel/6/templates/web/nginx/hosting.stpl index aca458a4..59c24af4 100755 --- a/install/rhel/6/templates/web/nginx/hosting.stpl +++ b/install/rhel/6/templates/web/nginx/hosting.stpl @@ -31,7 +31,7 @@ server { location ~ /\.hg/ {return 404;} location ~ /\.bzr/ {return 404;} - disable_symlinks if_not_owner from=%docroot%; + disable_symlinks if_not_owner from=%sdocroot%; include %home%/%user%/conf/web/snginx.%domain%.conf*; } diff --git a/install/rhel/6/templates/web/nginx/php-fpm/sendy.stpl b/install/rhel/6/templates/web/nginx/php-fpm/sendy.stpl index 0b351000..e7f3dcc6 100644 --- a/install/rhel/6/templates/web/nginx/php-fpm/sendy.stpl +++ b/install/rhel/6/templates/web/nginx/php-fpm/sendy.stpl @@ -3,7 +3,7 @@ server { server_name %domain_idn% %alias_idn%; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/rhel/6/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/rhel/6/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl index 0d933b30..0d9793ae 100644 --- a/install/rhel/6/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl +++ b/install/rhel/6/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -1,7 +1,7 @@ server { listen %ip%:%web_ssl_port%; server_name %domain_idn% %alias_idn%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/rhel/7/templates/web/httpd/basedir.stpl b/install/rhel/7/templates/web/httpd/basedir.stpl index 95221539..210edc13 100644 --- a/install/rhel/7/templates/web/httpd/basedir.stpl +++ b/install/rhel/7/templates/web/httpd/basedir.stpl @@ -15,7 +15,7 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" diff --git a/install/rhel/7/templates/web/httpd/hosting.stpl b/install/rhel/7/templates/web/httpd/hosting.stpl index 673c9c01..699c413b 100644 --- a/install/rhel/7/templates/web/httpd/hosting.stpl +++ b/install/rhel/7/templates/web/httpd/hosting.stpl @@ -22,7 +22,7 @@ php_admin_flag mysql.allow_persistent off php_admin_flag safe_mode off php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" - php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/rhel/7/templates/web/httpd/phpcgi.stpl b/install/rhel/7/templates/web/httpd/phpcgi.stpl index 1f7b3547..1eb39e0a 100644 --- a/install/rhel/7/templates/web/httpd/phpcgi.stpl +++ b/install/rhel/7/templates/web/httpd/phpcgi.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp Action phpcgi-script /cgi-bin/php diff --git a/install/rhel/7/templates/web/httpd/phpfcgid.stpl b/install/rhel/7/templates/web/httpd/phpfcgid.stpl index 6d7e81df..31f09bc1 100644 --- a/install/rhel/7/templates/web/httpd/phpfcgid.stpl +++ b/install/rhel/7/templates/web/httpd/phpfcgid.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/rhel/7/templates/web/nginx/hosting.stpl b/install/rhel/7/templates/web/nginx/hosting.stpl index aca458a4..59c24af4 100755 --- a/install/rhel/7/templates/web/nginx/hosting.stpl +++ b/install/rhel/7/templates/web/nginx/hosting.stpl @@ -31,7 +31,7 @@ server { location ~ /\.hg/ {return 404;} location ~ /\.bzr/ {return 404;} - disable_symlinks if_not_owner from=%docroot%; + disable_symlinks if_not_owner from=%sdocroot%; include %home%/%user%/conf/web/snginx.%domain%.conf*; } diff --git a/install/rhel/7/templates/web/nginx/php-fpm/sendy.stpl b/install/rhel/7/templates/web/nginx/php-fpm/sendy.stpl index 0b351000..e7f3dcc6 100644 --- a/install/rhel/7/templates/web/nginx/php-fpm/sendy.stpl +++ b/install/rhel/7/templates/web/nginx/php-fpm/sendy.stpl @@ -3,7 +3,7 @@ server { server_name %domain_idn% %alias_idn%; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/rhel/7/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/rhel/7/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl index 0d933b30..0d9793ae 100644 --- a/install/rhel/7/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl +++ b/install/rhel/7/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -1,7 +1,7 @@ server { listen %ip%:%web_ssl_port%; server_name %domain_idn% %alias_idn%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/ubuntu/12.04/templates/web/apache2/basedir.stpl b/install/ubuntu/12.04/templates/web/apache2/basedir.stpl index dda3aa76..fe0b5b40 100644 --- a/install/ubuntu/12.04/templates/web/apache2/basedir.stpl +++ b/install/ubuntu/12.04/templates/web/apache2/basedir.stpl @@ -15,7 +15,7 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" diff --git a/install/ubuntu/12.04/templates/web/apache2/hosting.stpl b/install/ubuntu/12.04/templates/web/apache2/hosting.stpl index 627325e0..e1442ce2 100644 --- a/install/ubuntu/12.04/templates/web/apache2/hosting.stpl +++ b/install/ubuntu/12.04/templates/web/apache2/hosting.stpl @@ -22,7 +22,7 @@ php_admin_flag mysql.allow_persistent off php_admin_flag safe_mode off php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" - php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/ubuntu/12.04/templates/web/apache2/phpcgi.stpl b/install/ubuntu/12.04/templates/web/apache2/phpcgi.stpl index aa807091..40ce5fb2 100644 --- a/install/ubuntu/12.04/templates/web/apache2/phpcgi.stpl +++ b/install/ubuntu/12.04/templates/web/apache2/phpcgi.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp Action phpcgi-script /cgi-bin/php diff --git a/install/ubuntu/12.04/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/12.04/templates/web/apache2/phpfcgid.stpl index 88cea0e6..5d27efcd 100644 --- a/install/ubuntu/12.04/templates/web/apache2/phpfcgid.stpl +++ b/install/ubuntu/12.04/templates/web/apache2/phpfcgid.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/ubuntu/12.04/templates/web/nginx/hosting.stpl b/install/ubuntu/12.04/templates/web/nginx/hosting.stpl index d778d633..31774a08 100755 --- a/install/ubuntu/12.04/templates/web/nginx/hosting.stpl +++ b/install/ubuntu/12.04/templates/web/nginx/hosting.stpl @@ -31,7 +31,7 @@ server { location ~ /\.hg/ {return 404;} location ~ /\.bzr/ {return 404;} - disable_symlinks if_not_owner from=%docroot%; + disable_symlinks if_not_owner from=%sdocroot%; include %home%/%user%/conf/web/snginx.%domain%.conf*; } diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/sendy.stpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/sendy.stpl index 0b351000..e7f3dcc6 100644 --- a/install/ubuntu/12.04/templates/web/nginx/php-fpm/sendy.stpl +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/sendy.stpl @@ -3,7 +3,7 @@ server { server_name %domain_idn% %alias_idn%; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl index 0d933b30..0d9793ae 100644 --- a/install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -1,7 +1,7 @@ server { listen %ip%:%web_ssl_port%; server_name %domain_idn% %alias_idn%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/ubuntu/12.10/templates/web/apache2/basedir.stpl b/install/ubuntu/12.10/templates/web/apache2/basedir.stpl index dda3aa76..fe0b5b40 100644 --- a/install/ubuntu/12.10/templates/web/apache2/basedir.stpl +++ b/install/ubuntu/12.10/templates/web/apache2/basedir.stpl @@ -15,7 +15,7 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" diff --git a/install/ubuntu/12.10/templates/web/apache2/hosting.stpl b/install/ubuntu/12.10/templates/web/apache2/hosting.stpl index 627325e0..e1442ce2 100644 --- a/install/ubuntu/12.10/templates/web/apache2/hosting.stpl +++ b/install/ubuntu/12.10/templates/web/apache2/hosting.stpl @@ -22,7 +22,7 @@ php_admin_flag mysql.allow_persistent off php_admin_flag safe_mode off php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" - php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/ubuntu/12.10/templates/web/apache2/phpcgi.stpl b/install/ubuntu/12.10/templates/web/apache2/phpcgi.stpl index aa807091..40ce5fb2 100644 --- a/install/ubuntu/12.10/templates/web/apache2/phpcgi.stpl +++ b/install/ubuntu/12.10/templates/web/apache2/phpcgi.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp Action phpcgi-script /cgi-bin/php diff --git a/install/ubuntu/12.10/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/12.10/templates/web/apache2/phpfcgid.stpl index 88cea0e6..5d27efcd 100644 --- a/install/ubuntu/12.10/templates/web/apache2/phpfcgid.stpl +++ b/install/ubuntu/12.10/templates/web/apache2/phpfcgid.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/ubuntu/12.10/templates/web/nginx/hosting.stpl b/install/ubuntu/12.10/templates/web/nginx/hosting.stpl index d778d633..31774a08 100755 --- a/install/ubuntu/12.10/templates/web/nginx/hosting.stpl +++ b/install/ubuntu/12.10/templates/web/nginx/hosting.stpl @@ -31,7 +31,7 @@ server { location ~ /\.hg/ {return 404;} location ~ /\.bzr/ {return 404;} - disable_symlinks if_not_owner from=%docroot%; + disable_symlinks if_not_owner from=%sdocroot%; include %home%/%user%/conf/web/snginx.%domain%.conf*; } diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/sendy.stpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/sendy.stpl index 0b351000..e7f3dcc6 100644 --- a/install/ubuntu/12.10/templates/web/nginx/php-fpm/sendy.stpl +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/sendy.stpl @@ -3,7 +3,7 @@ server { server_name %domain_idn% %alias_idn%; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl index 0d933b30..0d9793ae 100644 --- a/install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -1,7 +1,7 @@ server { listen %ip%:%web_ssl_port%; server_name %domain_idn% %alias_idn%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/ubuntu/13.04/templates/web/apache2/basedir.stpl b/install/ubuntu/13.04/templates/web/apache2/basedir.stpl index dda3aa76..fe0b5b40 100644 --- a/install/ubuntu/13.04/templates/web/apache2/basedir.stpl +++ b/install/ubuntu/13.04/templates/web/apache2/basedir.stpl @@ -15,7 +15,7 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" diff --git a/install/ubuntu/13.04/templates/web/apache2/hosting.stpl b/install/ubuntu/13.04/templates/web/apache2/hosting.stpl index ce0763ae..be7ef310 100644 --- a/install/ubuntu/13.04/templates/web/apache2/hosting.stpl +++ b/install/ubuntu/13.04/templates/web/apache2/hosting.stpl @@ -22,7 +22,7 @@ php_admin_flag mysql.allow_persistent off php_admin_flag safe_mode off php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" - php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/ubuntu/13.04/templates/web/apache2/phpcgi.stpl b/install/ubuntu/13.04/templates/web/apache2/phpcgi.stpl index aa807091..40ce5fb2 100644 --- a/install/ubuntu/13.04/templates/web/apache2/phpcgi.stpl +++ b/install/ubuntu/13.04/templates/web/apache2/phpcgi.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp Action phpcgi-script /cgi-bin/php diff --git a/install/ubuntu/13.04/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/13.04/templates/web/apache2/phpfcgid.stpl index 88cea0e6..5d27efcd 100644 --- a/install/ubuntu/13.04/templates/web/apache2/phpfcgid.stpl +++ b/install/ubuntu/13.04/templates/web/apache2/phpfcgid.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/ubuntu/13.04/templates/web/nginx/hosting.stpl b/install/ubuntu/13.04/templates/web/nginx/hosting.stpl index d778d633..31774a08 100755 --- a/install/ubuntu/13.04/templates/web/nginx/hosting.stpl +++ b/install/ubuntu/13.04/templates/web/nginx/hosting.stpl @@ -31,7 +31,7 @@ server { location ~ /\.hg/ {return 404;} location ~ /\.bzr/ {return 404;} - disable_symlinks if_not_owner from=%docroot%; + disable_symlinks if_not_owner from=%sdocroot%; include %home%/%user%/conf/web/snginx.%domain%.conf*; } diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/sendy.stpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/sendy.stpl index 0b351000..e7f3dcc6 100644 --- a/install/ubuntu/13.04/templates/web/nginx/php-fpm/sendy.stpl +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/sendy.stpl @@ -3,7 +3,7 @@ server { server_name %domain_idn% %alias_idn%; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl index 0d933b30..0d9793ae 100644 --- a/install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -1,7 +1,7 @@ server { listen %ip%:%web_ssl_port%; server_name %domain_idn% %alias_idn%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/ubuntu/13.10/templates/web/apache2/basedir.stpl b/install/ubuntu/13.10/templates/web/apache2/basedir.stpl index d978d4c4..2db1d52c 100644 --- a/install/ubuntu/13.10/templates/web/apache2/basedir.stpl +++ b/install/ubuntu/13.10/templates/web/apache2/basedir.stpl @@ -15,7 +15,7 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" diff --git a/install/ubuntu/13.10/templates/web/apache2/hosting.stpl b/install/ubuntu/13.10/templates/web/apache2/hosting.stpl index 8892072b..c9c19512 100644 --- a/install/ubuntu/13.10/templates/web/apache2/hosting.stpl +++ b/install/ubuntu/13.10/templates/web/apache2/hosting.stpl @@ -22,7 +22,7 @@ php_admin_flag mysql.allow_persistent off php_admin_flag safe_mode off php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" - php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/ubuntu/13.10/templates/web/apache2/phpcgi.stpl b/install/ubuntu/13.10/templates/web/apache2/phpcgi.stpl index 731355bc..ae560dbe 100644 --- a/install/ubuntu/13.10/templates/web/apache2/phpcgi.stpl +++ b/install/ubuntu/13.10/templates/web/apache2/phpcgi.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp Action phpcgi-script /cgi-bin/php diff --git a/install/ubuntu/13.10/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/13.10/templates/web/apache2/phpfcgid.stpl index 156c8a91..bc3688d9 100644 --- a/install/ubuntu/13.10/templates/web/apache2/phpfcgid.stpl +++ b/install/ubuntu/13.10/templates/web/apache2/phpfcgid.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/ubuntu/13.10/templates/web/nginx/hosting.stpl b/install/ubuntu/13.10/templates/web/nginx/hosting.stpl index d778d633..31774a08 100755 --- a/install/ubuntu/13.10/templates/web/nginx/hosting.stpl +++ b/install/ubuntu/13.10/templates/web/nginx/hosting.stpl @@ -31,7 +31,7 @@ server { location ~ /\.hg/ {return 404;} location ~ /\.bzr/ {return 404;} - disable_symlinks if_not_owner from=%docroot%; + disable_symlinks if_not_owner from=%sdocroot%; include %home%/%user%/conf/web/snginx.%domain%.conf*; } diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/sendy.stpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/sendy.stpl index 0b351000..e7f3dcc6 100644 --- a/install/ubuntu/13.10/templates/web/nginx/php-fpm/sendy.stpl +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/sendy.stpl @@ -3,7 +3,7 @@ server { server_name %domain_idn% %alias_idn%; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl index 0d933b30..0d9793ae 100644 --- a/install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -1,7 +1,7 @@ server { listen %ip%:%web_ssl_port%; server_name %domain_idn% %alias_idn%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/ubuntu/14.04/templates/web/apache2/basedir.stpl b/install/ubuntu/14.04/templates/web/apache2/basedir.stpl index d978d4c4..2db1d52c 100644 --- a/install/ubuntu/14.04/templates/web/apache2/basedir.stpl +++ b/install/ubuntu/14.04/templates/web/apache2/basedir.stpl @@ -15,7 +15,7 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" diff --git a/install/ubuntu/14.04/templates/web/apache2/hosting.stpl b/install/ubuntu/14.04/templates/web/apache2/hosting.stpl index 8892072b..c9c19512 100644 --- a/install/ubuntu/14.04/templates/web/apache2/hosting.stpl +++ b/install/ubuntu/14.04/templates/web/apache2/hosting.stpl @@ -22,7 +22,7 @@ php_admin_flag mysql.allow_persistent off php_admin_flag safe_mode off php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" - php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/ubuntu/14.04/templates/web/apache2/phpcgi.stpl b/install/ubuntu/14.04/templates/web/apache2/phpcgi.stpl index 731355bc..ae560dbe 100644 --- a/install/ubuntu/14.04/templates/web/apache2/phpcgi.stpl +++ b/install/ubuntu/14.04/templates/web/apache2/phpcgi.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp Action phpcgi-script /cgi-bin/php diff --git a/install/ubuntu/14.04/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/14.04/templates/web/apache2/phpfcgid.stpl index 156c8a91..bc3688d9 100644 --- a/install/ubuntu/14.04/templates/web/apache2/phpfcgid.stpl +++ b/install/ubuntu/14.04/templates/web/apache2/phpfcgid.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/ubuntu/14.04/templates/web/nginx/hosting.stpl b/install/ubuntu/14.04/templates/web/nginx/hosting.stpl index d778d633..31774a08 100755 --- a/install/ubuntu/14.04/templates/web/nginx/hosting.stpl +++ b/install/ubuntu/14.04/templates/web/nginx/hosting.stpl @@ -31,7 +31,7 @@ server { location ~ /\.hg/ {return 404;} location ~ /\.bzr/ {return 404;} - disable_symlinks if_not_owner from=%docroot%; + disable_symlinks if_not_owner from=%sdocroot%; include %home%/%user%/conf/web/snginx.%domain%.conf*; } diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/sendy.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/sendy.stpl index 0b351000..e7f3dcc6 100644 --- a/install/ubuntu/14.04/templates/web/nginx/php-fpm/sendy.stpl +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/sendy.stpl @@ -3,7 +3,7 @@ server { server_name %domain_idn% %alias_idn%; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl index 0d933b30..0d9793ae 100644 --- a/install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -1,7 +1,7 @@ server { listen %ip%:%web_ssl_port%; server_name %domain_idn% %alias_idn%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/ubuntu/14.10/templates/web/apache2/basedir.stpl b/install/ubuntu/14.10/templates/web/apache2/basedir.stpl index d978d4c4..2db1d52c 100644 --- a/install/ubuntu/14.10/templates/web/apache2/basedir.stpl +++ b/install/ubuntu/14.10/templates/web/apache2/basedir.stpl @@ -15,7 +15,7 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" diff --git a/install/ubuntu/14.10/templates/web/apache2/hosting.stpl b/install/ubuntu/14.10/templates/web/apache2/hosting.stpl index 8892072b..c9c19512 100644 --- a/install/ubuntu/14.10/templates/web/apache2/hosting.stpl +++ b/install/ubuntu/14.10/templates/web/apache2/hosting.stpl @@ -22,7 +22,7 @@ php_admin_flag mysql.allow_persistent off php_admin_flag safe_mode off php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" - php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/ubuntu/14.10/templates/web/apache2/phpcgi.stpl b/install/ubuntu/14.10/templates/web/apache2/phpcgi.stpl index 731355bc..ae560dbe 100644 --- a/install/ubuntu/14.10/templates/web/apache2/phpcgi.stpl +++ b/install/ubuntu/14.10/templates/web/apache2/phpcgi.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp Action phpcgi-script /cgi-bin/php diff --git a/install/ubuntu/14.10/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/14.10/templates/web/apache2/phpfcgid.stpl index 156c8a91..bc3688d9 100644 --- a/install/ubuntu/14.10/templates/web/apache2/phpfcgid.stpl +++ b/install/ubuntu/14.10/templates/web/apache2/phpfcgid.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/ubuntu/14.10/templates/web/nginx/hosting.stpl b/install/ubuntu/14.10/templates/web/nginx/hosting.stpl index d778d633..31774a08 100755 --- a/install/ubuntu/14.10/templates/web/nginx/hosting.stpl +++ b/install/ubuntu/14.10/templates/web/nginx/hosting.stpl @@ -31,7 +31,7 @@ server { location ~ /\.hg/ {return 404;} location ~ /\.bzr/ {return 404;} - disable_symlinks if_not_owner from=%docroot%; + disable_symlinks if_not_owner from=%sdocroot%; include %home%/%user%/conf/web/snginx.%domain%.conf*; } diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/sendy.stpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/sendy.stpl index 0b351000..e7f3dcc6 100644 --- a/install/ubuntu/14.10/templates/web/nginx/php-fpm/sendy.stpl +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/sendy.stpl @@ -3,7 +3,7 @@ server { server_name %domain_idn% %alias_idn%; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl index 0d933b30..0d9793ae 100644 --- a/install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -1,7 +1,7 @@ server { listen %ip%:%web_ssl_port%; server_name %domain_idn% %alias_idn%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/ubuntu/15.04/templates/web/apache2/basedir.stpl b/install/ubuntu/15.04/templates/web/apache2/basedir.stpl index d978d4c4..2db1d52c 100644 --- a/install/ubuntu/15.04/templates/web/apache2/basedir.stpl +++ b/install/ubuntu/15.04/templates/web/apache2/basedir.stpl @@ -15,7 +15,7 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" diff --git a/install/ubuntu/15.04/templates/web/apache2/hosting.stpl b/install/ubuntu/15.04/templates/web/apache2/hosting.stpl index 8892072b..c9c19512 100644 --- a/install/ubuntu/15.04/templates/web/apache2/hosting.stpl +++ b/install/ubuntu/15.04/templates/web/apache2/hosting.stpl @@ -22,7 +22,7 @@ php_admin_flag mysql.allow_persistent off php_admin_flag safe_mode off php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" - php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/ubuntu/15.04/templates/web/apache2/phpcgi.stpl b/install/ubuntu/15.04/templates/web/apache2/phpcgi.stpl index 731355bc..ae560dbe 100644 --- a/install/ubuntu/15.04/templates/web/apache2/phpcgi.stpl +++ b/install/ubuntu/15.04/templates/web/apache2/phpcgi.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp Action phpcgi-script /cgi-bin/php diff --git a/install/ubuntu/15.04/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/15.04/templates/web/apache2/phpfcgid.stpl index 156c8a91..bc3688d9 100644 --- a/install/ubuntu/15.04/templates/web/apache2/phpfcgid.stpl +++ b/install/ubuntu/15.04/templates/web/apache2/phpfcgid.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/ubuntu/15.04/templates/web/nginx/hosting.stpl b/install/ubuntu/15.04/templates/web/nginx/hosting.stpl index d778d633..31774a08 100755 --- a/install/ubuntu/15.04/templates/web/nginx/hosting.stpl +++ b/install/ubuntu/15.04/templates/web/nginx/hosting.stpl @@ -31,7 +31,7 @@ server { location ~ /\.hg/ {return 404;} location ~ /\.bzr/ {return 404;} - disable_symlinks if_not_owner from=%docroot%; + disable_symlinks if_not_owner from=%sdocroot%; include %home%/%user%/conf/web/snginx.%domain%.conf*; } diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/sendy.stpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/sendy.stpl index 0b351000..e7f3dcc6 100644 --- a/install/ubuntu/15.04/templates/web/nginx/php-fpm/sendy.stpl +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/sendy.stpl @@ -3,7 +3,7 @@ server { server_name %domain_idn% %alias_idn%; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl index 0d933b30..0d9793ae 100644 --- a/install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -1,7 +1,7 @@ server { listen %ip%:%web_ssl_port%; server_name %domain_idn% %alias_idn%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/ubuntu/15.10/templates/web/apache2/basedir.stpl b/install/ubuntu/15.10/templates/web/apache2/basedir.stpl index d978d4c4..2db1d52c 100644 --- a/install/ubuntu/15.10/templates/web/apache2/basedir.stpl +++ b/install/ubuntu/15.10/templates/web/apache2/basedir.stpl @@ -15,7 +15,7 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" diff --git a/install/ubuntu/15.10/templates/web/apache2/hosting.stpl b/install/ubuntu/15.10/templates/web/apache2/hosting.stpl index 8892072b..c9c19512 100644 --- a/install/ubuntu/15.10/templates/web/apache2/hosting.stpl +++ b/install/ubuntu/15.10/templates/web/apache2/hosting.stpl @@ -22,7 +22,7 @@ php_admin_flag mysql.allow_persistent off php_admin_flag safe_mode off php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" - php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/ubuntu/15.10/templates/web/apache2/phpcgi.stpl b/install/ubuntu/15.10/templates/web/apache2/phpcgi.stpl index 731355bc..ae560dbe 100644 --- a/install/ubuntu/15.10/templates/web/apache2/phpcgi.stpl +++ b/install/ubuntu/15.10/templates/web/apache2/phpcgi.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp Action phpcgi-script /cgi-bin/php diff --git a/install/ubuntu/15.10/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/15.10/templates/web/apache2/phpfcgid.stpl index 156c8a91..bc3688d9 100644 --- a/install/ubuntu/15.10/templates/web/apache2/phpfcgid.stpl +++ b/install/ubuntu/15.10/templates/web/apache2/phpfcgid.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/ubuntu/15.10/templates/web/nginx/hosting.stpl b/install/ubuntu/15.10/templates/web/nginx/hosting.stpl index d778d633..31774a08 100755 --- a/install/ubuntu/15.10/templates/web/nginx/hosting.stpl +++ b/install/ubuntu/15.10/templates/web/nginx/hosting.stpl @@ -31,7 +31,7 @@ server { location ~ /\.hg/ {return 404;} location ~ /\.bzr/ {return 404;} - disable_symlinks if_not_owner from=%docroot%; + disable_symlinks if_not_owner from=%sdocroot%; include %home%/%user%/conf/web/snginx.%domain%.conf*; } diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/sendy.stpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/sendy.stpl index 0b351000..e7f3dcc6 100644 --- a/install/ubuntu/15.10/templates/web/nginx/php-fpm/sendy.stpl +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/sendy.stpl @@ -3,7 +3,7 @@ server { server_name %domain_idn% %alias_idn%; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl index 0d933b30..0d9793ae 100644 --- a/install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -1,7 +1,7 @@ server { listen %ip%:%web_ssl_port%; server_name %domain_idn% %alias_idn%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/ubuntu/16.04/templates/web/apache2/basedir.stpl b/install/ubuntu/16.04/templates/web/apache2/basedir.stpl index d978d4c4..2db1d52c 100644 --- a/install/ubuntu/16.04/templates/web/apache2/basedir.stpl +++ b/install/ubuntu/16.04/templates/web/apache2/basedir.stpl @@ -15,7 +15,7 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" diff --git a/install/ubuntu/16.04/templates/web/apache2/hosting.stpl b/install/ubuntu/16.04/templates/web/apache2/hosting.stpl index 8892072b..c9c19512 100644 --- a/install/ubuntu/16.04/templates/web/apache2/hosting.stpl +++ b/install/ubuntu/16.04/templates/web/apache2/hosting.stpl @@ -22,7 +22,7 @@ php_admin_flag mysql.allow_persistent off php_admin_flag safe_mode off php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" - php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/ubuntu/16.04/templates/web/apache2/phpcgi.stpl b/install/ubuntu/16.04/templates/web/apache2/phpcgi.stpl index 731355bc..ae560dbe 100644 --- a/install/ubuntu/16.04/templates/web/apache2/phpcgi.stpl +++ b/install/ubuntu/16.04/templates/web/apache2/phpcgi.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp Action phpcgi-script /cgi-bin/php diff --git a/install/ubuntu/16.04/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/16.04/templates/web/apache2/phpfcgid.stpl index 156c8a91..bc3688d9 100644 --- a/install/ubuntu/16.04/templates/web/apache2/phpfcgid.stpl +++ b/install/ubuntu/16.04/templates/web/apache2/phpfcgid.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/ubuntu/16.04/templates/web/nginx/hosting.stpl b/install/ubuntu/16.04/templates/web/nginx/hosting.stpl index d778d633..31774a08 100755 --- a/install/ubuntu/16.04/templates/web/nginx/hosting.stpl +++ b/install/ubuntu/16.04/templates/web/nginx/hosting.stpl @@ -31,7 +31,7 @@ server { location ~ /\.hg/ {return 404;} location ~ /\.bzr/ {return 404;} - disable_symlinks if_not_owner from=%docroot%; + disable_symlinks if_not_owner from=%sdocroot%; include %home%/%user%/conf/web/snginx.%domain%.conf*; } diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/sendy.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/sendy.stpl index 0b351000..e7f3dcc6 100644 --- a/install/ubuntu/16.04/templates/web/nginx/php-fpm/sendy.stpl +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/sendy.stpl @@ -3,7 +3,7 @@ server { server_name %domain_idn% %alias_idn%; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl index 0d933b30..0d9793ae 100644 --- a/install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -1,7 +1,7 @@ server { listen %ip%:%web_ssl_port%; server_name %domain_idn% %alias_idn%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/ubuntu/16.10/templates/web/apache2/basedir.stpl b/install/ubuntu/16.10/templates/web/apache2/basedir.stpl index d978d4c4..2db1d52c 100644 --- a/install/ubuntu/16.10/templates/web/apache2/basedir.stpl +++ b/install/ubuntu/16.10/templates/web/apache2/basedir.stpl @@ -15,7 +15,7 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" diff --git a/install/ubuntu/16.10/templates/web/apache2/hosting.stpl b/install/ubuntu/16.10/templates/web/apache2/hosting.stpl index 8892072b..c9c19512 100644 --- a/install/ubuntu/16.10/templates/web/apache2/hosting.stpl +++ b/install/ubuntu/16.10/templates/web/apache2/hosting.stpl @@ -22,7 +22,7 @@ php_admin_flag mysql.allow_persistent off php_admin_flag safe_mode off php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" - php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/ubuntu/16.10/templates/web/apache2/phpcgi.stpl b/install/ubuntu/16.10/templates/web/apache2/phpcgi.stpl index 731355bc..ae560dbe 100644 --- a/install/ubuntu/16.10/templates/web/apache2/phpcgi.stpl +++ b/install/ubuntu/16.10/templates/web/apache2/phpcgi.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp Action phpcgi-script /cgi-bin/php diff --git a/install/ubuntu/16.10/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/16.10/templates/web/apache2/phpfcgid.stpl index 156c8a91..bc3688d9 100644 --- a/install/ubuntu/16.10/templates/web/apache2/phpfcgid.stpl +++ b/install/ubuntu/16.10/templates/web/apache2/phpfcgid.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/ubuntu/16.10/templates/web/nginx/hosting.stpl b/install/ubuntu/16.10/templates/web/nginx/hosting.stpl index d778d633..31774a08 100755 --- a/install/ubuntu/16.10/templates/web/nginx/hosting.stpl +++ b/install/ubuntu/16.10/templates/web/nginx/hosting.stpl @@ -31,7 +31,7 @@ server { location ~ /\.hg/ {return 404;} location ~ /\.bzr/ {return 404;} - disable_symlinks if_not_owner from=%docroot%; + disable_symlinks if_not_owner from=%sdocroot%; include %home%/%user%/conf/web/snginx.%domain%.conf*; } diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/sendy.stpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/sendy.stpl index 0b351000..e7f3dcc6 100644 --- a/install/ubuntu/16.10/templates/web/nginx/php-fpm/sendy.stpl +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/sendy.stpl @@ -3,7 +3,7 @@ server { server_name %domain_idn% %alias_idn%; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl index 0d933b30..0d9793ae 100644 --- a/install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -1,7 +1,7 @@ server { listen %ip%:%web_ssl_port%; server_name %domain_idn% %alias_idn%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; From 9585a2a369815a63181c91fd9cbf8a349e5bc05b Mon Sep 17 00:00:00 2001 From: dpeca Date: Sun, 7 Jan 2018 19:08:51 +0100 Subject: [PATCH 0015/2300] Debian9 Roundcube mysql password fix --- install/vst-install-debian.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh index 1ae6d422..2b567dfb 100644 --- a/install/vst-install-debian.sh +++ b/install/vst-install-debian.sh @@ -1165,13 +1165,15 @@ if [ "$exim" = 'yes' ] && [ "$mysql" = 'yes' ]; then /etc/roundcube/plugins/password/config.inc.php mysql roundcube < /usr/share/dbconfig-common/data/roundcube/install/mysql chmod a+r /etc/roundcube/main.inc.php - if [ "$release" -eq 8 ]; then + if [ "$release" -eq 8 ] || [ "$release" -eq 9 ]; then mv -f /etc/roundcube/main.inc.php /etc/roundcube/config.inc.php mv -f /etc/roundcube/db.inc.php /etc/roundcube/debian-db-roundcube.php chmod 640 /etc/roundcube/debian-db-roundcube.php chmod 640 /etc/roundcube/config.inc.php chown root:www-data /etc/roundcube/debian-db-roundcube.php chown root:www-data /etc/roundcube/config.inc.php + fi + if [ "$release" -eq 8 ]; then # RoundCube tinyMCE fix tinymceFixArchiveURL=$vestacp/roundcube/roundcube-tinymce.tar.gz tinymceParentFolder=/usr/share/roundcube/program/js From 3021abecb6690be9e1e4952e779bf79d72441fd1 Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Wed, 10 Jan 2018 14:06:11 +0200 Subject: [PATCH 0016/2300] Fixed backup restore function --- func/main.sh | 2 +- src/rpm/specs/vesta.spec | 14 +++++++++++++- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/func/main.sh b/func/main.sh index 964610cd..11486a5b 100644 --- a/func/main.sh +++ b/func/main.sh @@ -794,7 +794,7 @@ is_format_valid() { antispam) is_boolean_format_valid "$arg" 'antispam' ;; antivirus) is_boolean_format_valid "$arg" 'antivirus' ;; autoreply) is_autoreply_format_valid "$arg" ;; - backup) is_user_format_valid "$arg" 'backup' ;; + backup) is_object_format_valid "$arg" 'backup' ;; charset) is_object_format_valid "$arg" "$arg_name" ;; charsets) is_common_format_valid "$arg" 'charsets' ;; comment) is_object_format_valid "$arg" 'comment' ;; diff --git a/src/rpm/specs/vesta.spec b/src/rpm/specs/vesta.spec index 6be72e16..1aca2549 100644 --- a/src/rpm/specs/vesta.spec +++ b/src/rpm/specs/vesta.spec @@ -1,6 +1,6 @@ Name: vesta Version: 0.9.8 -Release: 18 +Release: 19 Summary: Vesta Control Panel Group: System Environment/Base License: GPL @@ -56,6 +56,18 @@ fi %config(noreplace) %{_vestadir}/web/css/uploadify.css %changelog +* Wed Jan 10 2018 Serghey Rodin - 0.9.8-19 +- Fixed backup restore function + +* Fri Dec 29 2017 Serghey Rodin - 0.9.8-18 +- Let's Encrypt for internationalized domains (IDN) +- Softaculous Application Installer +- Debian 9 support sponsored by isicore.com +- Ubuntu 16.10 and 17.04 support +- Korean, Urdu, Thai, Brazilian Portuguese, Serbian and Bulgarian language support +- We've made 1478 commits +- 29 bugs closed / 141 pull requests merged + * Mon Nov 14 2016 Serghey Rodin - 0.9.8-17 - System Config Editor - Let's Encrypt GUI From 8773ac20718e9d7f7fc461d7778341d39ce2688d Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Wed, 10 Jan 2018 14:07:03 +0200 Subject: [PATCH 0017/2300] Updated notification release number --- upd/add_notifications.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/upd/add_notifications.sh b/upd/add_notifications.sh index 5c98c950..14b8590e 100755 --- a/upd/add_notifications.sh +++ b/upd/add_notifications.sh @@ -5,5 +5,5 @@ rm -f /usr/local/vesta/data/users/admin/notifications.conf /usr/local/vesta/bin/v-add-user-notification admin "File Manager" "Browse, copy, edit, view, and retrieve all your web domain files using a fully featured File Manager. Plugin is available for purchase." 'filemanager' /usr/local/vesta/bin/v-add-user-notification admin "Chroot SFTP" "If you want to have SFTP accounts that will be used only to transfer files (and not to SSH), you can purchase and enable SFTP Chroot" /usr/local/vesta/bin/v-add-user-notification admin "Softaculous" "Softaculous is one of the best Auto Installers and it is finally available" -/usr/local/vesta/bin/v-add-user-notification admin "Release 0.9.8-18" "We've made 1478 commits, fixed 29 bugs and merged 141 pull request. As always for more information please read release notes" +/usr/local/vesta/bin/v-add-user-notification admin "Release 0.9.8-19" "We've made 1478 commits, fixed 29 bugs and merged 141 pull request. As always for more information please read release notes" From a65fb3c2ee1daab7b342ede104e520335a7f00d0 Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Wed, 10 Jan 2018 14:10:01 +0200 Subject: [PATCH 0018/2300] release 0.9.8-19 hotfix for backup restore --- src/deb/ioncube/control | 2 +- src/deb/nginx/control | 2 +- src/deb/php/control | 2 +- src/deb/softaculous/control | 2 +- src/deb/vesta/control | 2 +- src/rpm/specs/vesta-ioncube.spec | 2 +- src/rpm/specs/vesta-nginx.spec | 2 +- src/rpm/specs/vesta-php.spec | 2 +- src/rpm/specs/vesta-softaculous.spec | 2 +- 9 files changed, 9 insertions(+), 9 deletions(-) diff --git a/src/deb/ioncube/control b/src/deb/ioncube/control index 34daf4aa..13e08831 100644 --- a/src/deb/ioncube/control +++ b/src/deb/ioncube/control @@ -1,7 +1,7 @@ Source: vesta-ioncube Package: vesta-ioncube Priority: optional -Version: 0.9.8-18 +Version: 0.9.8-19 Section: admin Maintainer: Serghey Rodin Homepage: https://www.ioncube.com diff --git a/src/deb/nginx/control b/src/deb/nginx/control index 841161e7..ae0e9102 100644 --- a/src/deb/nginx/control +++ b/src/deb/nginx/control @@ -1,7 +1,7 @@ Source: vesta-nginx Package: vesta-nginx Priority: optional -Version: 0.9.8-18 +Version: 0.9.8-19 Section: admin Maintainer: Serghey Rodin Homepage: http://vestacp.com diff --git a/src/deb/php/control b/src/deb/php/control index fd5a660c..0ce789dc 100644 --- a/src/deb/php/control +++ b/src/deb/php/control @@ -1,7 +1,7 @@ Source: vesta-php Package: vesta-php Priority: optional -Version: 0.9.8-18 +Version: 0.9.8-19 Section: admin Maintainer: Serghey Rodin Homepage: http://vestacp.com diff --git a/src/deb/softaculous/control b/src/deb/softaculous/control index a51d87be..f92a9545 100644 --- a/src/deb/softaculous/control +++ b/src/deb/softaculous/control @@ -1,7 +1,7 @@ Source: vesta-softaculous Package: vesta-softaculous Priority: optional -Version: 0.9.8-18 +Version: 0.9.8-19 Section: admin Maintainer: Serghey Rodin Homepage: https://www.softaculous.com diff --git a/src/deb/vesta/control b/src/deb/vesta/control index 7d395433..93d944f6 100644 --- a/src/deb/vesta/control +++ b/src/deb/vesta/control @@ -1,7 +1,7 @@ Source: vesta Package: vesta Priority: optional -Version: 0.9.8-18 +Version: 0.9.8-19 Section: admin Maintainer: Serghey Rodin Homepage: http://vestacp.com diff --git a/src/rpm/specs/vesta-ioncube.spec b/src/rpm/specs/vesta-ioncube.spec index ed079abe..cf183262 100644 --- a/src/rpm/specs/vesta-ioncube.spec +++ b/src/rpm/specs/vesta-ioncube.spec @@ -1,6 +1,6 @@ Name: vesta-ioncube Version: 0.9.8 -Release: 18 +Release: 19 Summary: ionCube Loader Group: System Environment/Base License: "Freely redistributable without restriction" diff --git a/src/rpm/specs/vesta-nginx.spec b/src/rpm/specs/vesta-nginx.spec index d562df15..4546f506 100644 --- a/src/rpm/specs/vesta-nginx.spec +++ b/src/rpm/specs/vesta-nginx.spec @@ -1,6 +1,6 @@ Name: vesta-nginx Version: 0.9.8 -Release: 18 +Release: 19 Summary: Vesta Control Panel Group: System Environment/Base License: BSD-like diff --git a/src/rpm/specs/vesta-php.spec b/src/rpm/specs/vesta-php.spec index aa99a59b..289dc50b 100644 --- a/src/rpm/specs/vesta-php.spec +++ b/src/rpm/specs/vesta-php.spec @@ -1,6 +1,6 @@ Name: vesta-php Version: 0.9.8 -Release: 18 +Release: 19 Summary: Vesta Control Panel Group: System Environment/Base License: GPL diff --git a/src/rpm/specs/vesta-softaculous.spec b/src/rpm/specs/vesta-softaculous.spec index 428d352b..f7a315bf 100644 --- a/src/rpm/specs/vesta-softaculous.spec +++ b/src/rpm/specs/vesta-softaculous.spec @@ -1,6 +1,6 @@ Name: vesta-softaculous Version: 0.9.8 -Release: 18 +Release: 19 Summary: Vesta Control Panel Group: System Environment/Base License: Softaculous License From bea7ccd25e967909b0cb08eab07865cb94bcdc01 Mon Sep 17 00:00:00 2001 From: Alexandr Loskutov Date: Thu, 18 Jan 2018 14:32:25 +0200 Subject: [PATCH 0019/2300] Fix backup restore --- bin/v-restore-user | 4 ++-- func/main.sh | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/bin/v-restore-user b/bin/v-restore-user index accad1d4..b5df6321 100755 --- a/bin/v-restore-user +++ b/bin/v-restore-user @@ -374,8 +374,8 @@ if [ "$web" != 'no' ] && [ ! -z "$WEB_SYSTEM" ]; then # Copying ssl certificates if [ "$SSL" = 'yes' ]; then for crt in $(ls $tmpdir/web/$domain/conf |grep ssl); do - crt=$(echo "$crt" |sed "s/ssl.//") - cp -f $tmpdir/web/$domain/conf/ssl.$crt $USER_DATA/ssl/$crt + crt=$(echo $crt|sed -e "s/ssl.//") + cp -f $tmpdir/web/$domain/conf/$crt $USER_DATA/ssl/$crt done fi diff --git a/func/main.sh b/func/main.sh index 11486a5b..4d48293d 100644 --- a/func/main.sh +++ b/func/main.sh @@ -634,8 +634,8 @@ is_date_format_valid() { is_dbuser_format_valid() { exclude="[!|@|#|$|^|&|*|(|)|+|=|{|}|:|,|<|>|?|/|\|\"|'|;|%|\`| ]" if [ 17 -le ${#1} ]; then - check_result $E_INVALID "mysql username can be up to 16 characters long" - fi + check_result $E_INVALID "mysql username can be up to 16 characters long" + fi if [[ "$1" =~ $exclude ]]; then check_result $E_INVALID "invalid $2 format :: $1" fi @@ -770,7 +770,7 @@ is_name_format_valid() { # Object validator is_object_format_valid() { - if ! [[ "$1" =~ ^[[:alnum:]][-|\.|_[:alnum:]]{0,28}[[:alnum:]]$ ]]; then + if ! [[ "$1" =~ ^[[:alnum:]][-|\.|_[:alnum:]]{0,64}[[:alnum:]]$ ]]; then check_result $E_INVALID "invalid $2 format :: $1" fi } From c042fa2689b3997f9e145ebb2b20aa3e11858073 Mon Sep 17 00:00:00 2001 From: Alexandr Loskutov Date: Thu, 18 Jan 2018 15:40:50 +0200 Subject: [PATCH 0020/2300] Fix backup restore --- bin/v-restore-user | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/v-restore-user b/bin/v-restore-user index b5df6321..b3941208 100755 --- a/bin/v-restore-user +++ b/bin/v-restore-user @@ -375,7 +375,7 @@ if [ "$web" != 'no' ] && [ ! -z "$WEB_SYSTEM" ]; then if [ "$SSL" = 'yes' ]; then for crt in $(ls $tmpdir/web/$domain/conf |grep ssl); do crt=$(echo $crt|sed -e "s/ssl.//") - cp -f $tmpdir/web/$domain/conf/$crt $USER_DATA/ssl/$crt + cp -f $tmpdir/web/$domain/conf/ssl.$crt $USER_DATA/ssl/$crt done fi From 9a9dabb0c9ab48aa4560bb73ef47b8c4d53d2e26 Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Thu, 18 Jan 2018 18:20:22 +0200 Subject: [PATCH 0021/2300] reverting back chunked upload feature --- web/templates/file_manager/main.php | 1 - web/upload/UploadHandler.php | 32 +++++++++++++++++++++++++---- 2 files changed, 28 insertions(+), 5 deletions(-) diff --git a/web/templates/file_manager/main.php b/web/templates/file_manager/main.php index 82565393..e3427bb7 100644 --- a/web/templates/file_manager/main.php +++ b/web/templates/file_manager/main.php @@ -147,7 +147,6 @@ var url = '/upload/'; $('#file_upload_' + letter).fileupload({ singleFileUploads: false, - maxChunkSize: 10000000, // ~10 MB add: function (e, data) { FM.setTabActive(FM['TAB_'+letter]); diff --git a/web/upload/UploadHandler.php b/web/upload/UploadHandler.php index cc575156..2c9de8af 100755 --- a/web/upload/UploadHandler.php +++ b/web/upload/UploadHandler.php @@ -469,7 +469,7 @@ class UploadHandler 1 ); } - + protected function sanitizeFileName($file) { // (|\\?*<\":>+[]/') // \|\\\?\*\<\"\'\:\>\+\[\] @@ -560,6 +560,25 @@ class UploadHandler ); } + protected function get_current_file_name($file_path, $name, $size, $type, $error, + $index, $content_range) { + + $name = $this->trim_file_name($file_path, $name, $size, $type, $error, $index, $content_range); + + + return $this->get_unique_filename( + $file_path, + $this->fix_file_extension($file_path, $name, $size, $type, $error, + $index, $content_range), + $size, + $type, + $error, + $index, + $content_range + ); + } + + protected function handle_form_data($file, $index) { // Handle form data, e.g. $_REQUEST['description'][$index] } @@ -1079,8 +1098,13 @@ class UploadHandler $index = null, $content_range = null) { $file = new \stdClass(); - $file->name = $this->get_file_name($uploaded_file, $name, $size, $type, $error, - $index, $content_range); +// $file->name = $this->get_file_name($uploaded_file, $name, $size, $type, $error, +// $index, $content_range); + + $file->name = $this->trim_file_name($uploaded_path, $name, $size, $type, $error, $index, $content_range); + $file->name = $this->fix_file_extension($uploaded_path, $name, $size, $type, $error, $index, $content_range); + + $file->size = $this->fix_integer_overflow(intval($size)); $file->type = $type; if ($this->validate($uploaded_file, $file, $error, $index)) { @@ -1103,7 +1127,7 @@ class UploadHandler } else { chmod($uploaded_file, 0644); // move_uploaded_file($uploaded_file, $file_path); - exec (VESTA_CMD . "v-copy-fs-file ". USERNAME ." {$uploaded_file} {$file_path}", $output, $return_var); + exec (VESTA_CMD . "v-copy-fs-file ". USERNAME ." {$uploaded_file} '{$file_path}'", $output, $return_var); $error = check_return_code($return_var, $output); if ($return_var != 0) { From 8a217352fe541ca22894262f4a4c84c50b6e22f2 Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Fri, 19 Jan 2018 18:10:54 +0200 Subject: [PATCH 0022/2300] fix ssl backup restore --- bin/v-restore-user | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/bin/v-restore-user b/bin/v-restore-user index b3941208..79e1e28c 100755 --- a/bin/v-restore-user +++ b/bin/v-restore-user @@ -373,7 +373,9 @@ if [ "$web" != 'no' ] && [ ! -z "$WEB_SYSTEM" ]; then # Copying ssl certificates if [ "$SSL" = 'yes' ]; then - for crt in $(ls $tmpdir/web/$domain/conf |grep ssl); do + certificates=$(ls $tmpdir/web/$domain/conf| grep ssl) + certificates=$(echo "$certificates" |grep $domain) + for crt in $certificates; do crt=$(echo $crt|sed -e "s/ssl.//") cp -f $tmpdir/web/$domain/conf/ssl.$crt $USER_DATA/ssl/$crt done From 5a108be182619da1f7fbda3d61a8401ee79f0bbd Mon Sep 17 00:00:00 2001 From: Maksim Usmanov | Maks Date: Tue, 23 Jan 2018 23:53:27 +0100 Subject: [PATCH 0023/2300] Fix cron validation New vesta cron generator not works if you have some format ranges like: 1,2 2 * 5,2,4,1 or 1-10 * * * * --- func/main.sh | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/func/main.sh b/func/main.sh index 4d48293d..2d0ca1f1 100644 --- a/func/main.sh +++ b/func/main.sh @@ -753,9 +753,13 @@ is_cron_format_valid() { fi done fi - if [[ "$1" =~ ^[0-9]+$ ]] && [ "$1" -le $limit ]; then - check_format='ok' - fi + crn_values=$(echo $1 |tr "," " " | tr "-" " ") + for crn_vl in $crn_values + do + if [[ "$crn_vl" =~ ^[0-9]+$ ]] && [ "$crn_vl" -le $limit ]; then + check_format='ok' + fi + done if [ "$check_format" != 'ok' ]; then check_result $E_INVALID "invalid $2 format :: $1" fi From 2e03b516f8ea117442fe82996ca31f9ad2db5bf1 Mon Sep 17 00:00:00 2001 From: Maksim Usmanov | Maks Date: Wed, 24 Jan 2018 00:29:03 +0100 Subject: [PATCH 0024/2300] Fix Min and hour limit in cron validation --- func/main.sh | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/func/main.sh b/func/main.sh index 4d48293d..1d3148c9 100644 --- a/func/main.sh +++ b/func/main.sh @@ -723,8 +723,12 @@ is_ip_status_format_valid() { # Cron validator is_cron_format_valid() { - limit=60 + limit=59 check_format='' + if [ "$2" = 'hour' ]; then + limit=23 + fi + if [ "$2" = 'day' ]; then limit=31 fi From 4b1b1e3299c924c821f8cc184c872e2a76b25fce Mon Sep 17 00:00:00 2001 From: Emmanuel Higgins Date: Thu, 25 Jan 2018 19:30:38 +1100 Subject: [PATCH 0025/2300] 644 chmod should only apply to files --- bin/v-add-web-domain | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/v-add-web-domain b/bin/v-add-web-domain index 018adcb4..f4243f33 100755 --- a/bin/v-add-web-domain +++ b/bin/v-add-web-domain @@ -90,7 +90,7 @@ chown root:$user /var/log/$WEB_SYSTEM/domains/$domain.* $conf chmod 640 /var/log/$WEB_SYSTEM/domains/$domain.* chmod 751 $HOMEDIR/$user/web/$domain $HOMEDIR/$user/web/$domain/* chmod 551 $HOMEDIR/$user/web/$domain/stats $HOMEDIR/$user/web/$domain/logs -chmod 644 $HOMEDIR/$user/web/$domain/public_*html/* +chmod 644 $HOMEDIR/$user/web/$domain/public_*html/*.* # Addding PHP-FPM backend if [ ! -z "$WEB_BACKEND" ]; then From 421ecfa62c16f13a8ec8b67ae2cbc4becee7cc57 Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Fri, 26 Jan 2018 16:08:55 +0200 Subject: [PATCH 0026/2300] install apparmor-utils --- install/vst-install-ubuntu.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/install/vst-install-ubuntu.sh b/install/vst-install-ubuntu.sh index 440503dc..223f9d11 100755 --- a/install/vst-install-ubuntu.sh +++ b/install/vst-install-ubuntu.sh @@ -30,7 +30,7 @@ if [ "$release" = '16.04' ]; then flex whois rssh git idn zip sudo bc ftp lsof ntpdate rrdtool quota e2fslibs bsdutils e2fsprogs curl imagemagick fail2ban dnsutils bsdmainutils cron vesta vesta-nginx vesta-php expect vim-common - vesta-ioncube vesta-softaculous" + vesta-ioncube vesta-softaculous apparmor-utils" elif [ "$release" = '16.10' ]; then software="nginx apache2 apache2-utils apache2.2-common apache2-suexec-custom libapache2-mod-ruid2 libapache2-mod-rpaf @@ -43,7 +43,7 @@ elif [ "$release" = '16.10' ]; then flex whois rssh git idn zip sudo bc ftp lsof ntpdate rrdtool quota e2fslibs bsdutils e2fsprogs curl imagemagick fail2ban dnsutils bsdmainutils cron vesta vesta-nginx vesta-php expect vim-common - vesta-ioncube vesta-softaculous" + vesta-ioncube vesta-softaculous apparmor-utils" else software="nginx apache2 apache2-utils apache2.2-common apache2-suexec-custom libapache2-mod-ruid2 libapache2-mod-rpaf From 40011f8f751015a233264e8120a0554b9dbe2404 Mon Sep 17 00:00:00 2001 From: "info@madeit.be" Date: Wed, 31 Jan 2018 10:46:18 +0000 Subject: [PATCH 0027/2300] #1462 --- install/debian/7/templates/web/nginx/http2.stpl | 6 +++--- install/debian/7/templates/web/nginx/http2.tpl | 6 +++--- install/debian/8/templates/web/nginx/http2.stpl | 6 +++--- install/debian/8/templates/web/nginx/http2.tpl | 6 +++--- install/debian/9/templates/web/nginx/http2.stpl | 6 +++--- install/debian/9/templates/web/nginx/http2.tpl | 6 +++--- install/rhel/5/templates/web/nginx/http2.stpl | 6 +++--- install/rhel/5/templates/web/nginx/http2.tpl | 6 +++--- install/rhel/6/templates/web/nginx/http2.stpl | 6 +++--- install/rhel/6/templates/web/nginx/http2.tpl | 6 +++--- install/rhel/7/templates/web/nginx/http2.stpl | 6 +++--- install/rhel/7/templates/web/nginx/http2.tpl | 6 +++--- install/ubuntu/12.04/templates/web/nginx/http2.stpl | 6 +++--- install/ubuntu/12.04/templates/web/nginx/http2.tpl | 6 +++--- install/ubuntu/12.10/templates/web/nginx/http2.stpl | 6 +++--- install/ubuntu/12.10/templates/web/nginx/http2.tpl | 6 +++--- install/ubuntu/13.04/templates/web/nginx/http2.stpl | 6 +++--- install/ubuntu/13.04/templates/web/nginx/http2.tpl | 6 +++--- install/ubuntu/13.10/templates/web/nginx/http2.stpl | 6 +++--- install/ubuntu/13.10/templates/web/nginx/http2.tpl | 6 +++--- install/ubuntu/14.04/templates/web/nginx/http2.stpl | 6 +++--- install/ubuntu/14.04/templates/web/nginx/http2.tpl | 6 +++--- install/ubuntu/14.10/templates/web/nginx/http2.stpl | 6 +++--- install/ubuntu/14.10/templates/web/nginx/http2.tpl | 6 +++--- install/ubuntu/15.04/templates/web/nginx/http2.stpl | 6 +++--- install/ubuntu/15.04/templates/web/nginx/http2.tpl | 6 +++--- install/ubuntu/15.10/templates/web/nginx/http2.stpl | 6 +++--- install/ubuntu/15.10/templates/web/nginx/http2.tpl | 6 +++--- install/ubuntu/16.04/templates/web/nginx/http2.stpl | 6 +++--- install/ubuntu/16.04/templates/web/nginx/http2.tpl | 6 +++--- install/ubuntu/16.10/templates/web/nginx/http2.stpl | 6 +++--- install/ubuntu/16.10/templates/web/nginx/http2.tpl | 6 +++--- 32 files changed, 96 insertions(+), 96 deletions(-) diff --git a/install/debian/7/templates/web/nginx/http2.stpl b/install/debian/7/templates/web/nginx/http2.stpl index 76dd2f8e..72e72a90 100644 --- a/install/debian/7/templates/web/nginx/http2.stpl +++ b/install/debian/7/templates/web/nginx/http2.stpl @@ -4,14 +4,14 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass https://%ip%:%web_ssl_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %sdocroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/debian/7/templates/web/nginx/http2.tpl b/install/debian/7/templates/web/nginx/http2.tpl index c1fec114..4d5c774b 100644 --- a/install/debian/7/templates/web/nginx/http2.tpl +++ b/install/debian/7/templates/web/nginx/http2.tpl @@ -1,14 +1,14 @@ server { listen %ip%:%proxy_port%; server_name %domain_idn% %alias_idn%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass http://%ip%:%web_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %docroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/debian/8/templates/web/nginx/http2.stpl b/install/debian/8/templates/web/nginx/http2.stpl index 76dd2f8e..72e72a90 100644 --- a/install/debian/8/templates/web/nginx/http2.stpl +++ b/install/debian/8/templates/web/nginx/http2.stpl @@ -4,14 +4,14 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass https://%ip%:%web_ssl_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %sdocroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/debian/8/templates/web/nginx/http2.tpl b/install/debian/8/templates/web/nginx/http2.tpl index c1fec114..4d5c774b 100644 --- a/install/debian/8/templates/web/nginx/http2.tpl +++ b/install/debian/8/templates/web/nginx/http2.tpl @@ -1,14 +1,14 @@ server { listen %ip%:%proxy_port%; server_name %domain_idn% %alias_idn%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass http://%ip%:%web_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %docroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/debian/9/templates/web/nginx/http2.stpl b/install/debian/9/templates/web/nginx/http2.stpl index 76dd2f8e..72e72a90 100644 --- a/install/debian/9/templates/web/nginx/http2.stpl +++ b/install/debian/9/templates/web/nginx/http2.stpl @@ -4,14 +4,14 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass https://%ip%:%web_ssl_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %sdocroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/debian/9/templates/web/nginx/http2.tpl b/install/debian/9/templates/web/nginx/http2.tpl index c1fec114..4d5c774b 100644 --- a/install/debian/9/templates/web/nginx/http2.tpl +++ b/install/debian/9/templates/web/nginx/http2.tpl @@ -1,14 +1,14 @@ server { listen %ip%:%proxy_port%; server_name %domain_idn% %alias_idn%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass http://%ip%:%web_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %docroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/rhel/5/templates/web/nginx/http2.stpl b/install/rhel/5/templates/web/nginx/http2.stpl index 76dd2f8e..72e72a90 100644 --- a/install/rhel/5/templates/web/nginx/http2.stpl +++ b/install/rhel/5/templates/web/nginx/http2.stpl @@ -4,14 +4,14 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass https://%ip%:%web_ssl_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %sdocroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/rhel/5/templates/web/nginx/http2.tpl b/install/rhel/5/templates/web/nginx/http2.tpl index c1fec114..4d5c774b 100644 --- a/install/rhel/5/templates/web/nginx/http2.tpl +++ b/install/rhel/5/templates/web/nginx/http2.tpl @@ -1,14 +1,14 @@ server { listen %ip%:%proxy_port%; server_name %domain_idn% %alias_idn%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass http://%ip%:%web_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %docroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/rhel/6/templates/web/nginx/http2.stpl b/install/rhel/6/templates/web/nginx/http2.stpl index 40e79aef..af55e7e5 100644 --- a/install/rhel/6/templates/web/nginx/http2.stpl +++ b/install/rhel/6/templates/web/nginx/http2.stpl @@ -4,14 +4,14 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass https://%ip%:%web_ssl_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %sdocroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/rhel/6/templates/web/nginx/http2.tpl b/install/rhel/6/templates/web/nginx/http2.tpl index 826276bd..b20e2922 100644 --- a/install/rhel/6/templates/web/nginx/http2.tpl +++ b/install/rhel/6/templates/web/nginx/http2.tpl @@ -1,14 +1,14 @@ server { listen %ip%:%proxy_port%; server_name %domain_idn% %alias_idn%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass http://%ip%:%web_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %docroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/rhel/7/templates/web/nginx/http2.stpl b/install/rhel/7/templates/web/nginx/http2.stpl index 76dd2f8e..72e72a90 100644 --- a/install/rhel/7/templates/web/nginx/http2.stpl +++ b/install/rhel/7/templates/web/nginx/http2.stpl @@ -4,14 +4,14 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass https://%ip%:%web_ssl_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %sdocroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/rhel/7/templates/web/nginx/http2.tpl b/install/rhel/7/templates/web/nginx/http2.tpl index c1fec114..4d5c774b 100644 --- a/install/rhel/7/templates/web/nginx/http2.tpl +++ b/install/rhel/7/templates/web/nginx/http2.tpl @@ -1,14 +1,14 @@ server { listen %ip%:%proxy_port%; server_name %domain_idn% %alias_idn%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass http://%ip%:%web_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %docroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/ubuntu/12.04/templates/web/nginx/http2.stpl b/install/ubuntu/12.04/templates/web/nginx/http2.stpl index 76dd2f8e..72e72a90 100644 --- a/install/ubuntu/12.04/templates/web/nginx/http2.stpl +++ b/install/ubuntu/12.04/templates/web/nginx/http2.stpl @@ -4,14 +4,14 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass https://%ip%:%web_ssl_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %sdocroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/ubuntu/12.04/templates/web/nginx/http2.tpl b/install/ubuntu/12.04/templates/web/nginx/http2.tpl index c1fec114..4d5c774b 100644 --- a/install/ubuntu/12.04/templates/web/nginx/http2.tpl +++ b/install/ubuntu/12.04/templates/web/nginx/http2.tpl @@ -1,14 +1,14 @@ server { listen %ip%:%proxy_port%; server_name %domain_idn% %alias_idn%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass http://%ip%:%web_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %docroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/ubuntu/12.10/templates/web/nginx/http2.stpl b/install/ubuntu/12.10/templates/web/nginx/http2.stpl index 76dd2f8e..72e72a90 100644 --- a/install/ubuntu/12.10/templates/web/nginx/http2.stpl +++ b/install/ubuntu/12.10/templates/web/nginx/http2.stpl @@ -4,14 +4,14 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass https://%ip%:%web_ssl_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %sdocroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/ubuntu/12.10/templates/web/nginx/http2.tpl b/install/ubuntu/12.10/templates/web/nginx/http2.tpl index c1fec114..4d5c774b 100644 --- a/install/ubuntu/12.10/templates/web/nginx/http2.tpl +++ b/install/ubuntu/12.10/templates/web/nginx/http2.tpl @@ -1,14 +1,14 @@ server { listen %ip%:%proxy_port%; server_name %domain_idn% %alias_idn%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass http://%ip%:%web_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %docroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/ubuntu/13.04/templates/web/nginx/http2.stpl b/install/ubuntu/13.04/templates/web/nginx/http2.stpl index 76dd2f8e..72e72a90 100644 --- a/install/ubuntu/13.04/templates/web/nginx/http2.stpl +++ b/install/ubuntu/13.04/templates/web/nginx/http2.stpl @@ -4,14 +4,14 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass https://%ip%:%web_ssl_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %sdocroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/ubuntu/13.04/templates/web/nginx/http2.tpl b/install/ubuntu/13.04/templates/web/nginx/http2.tpl index c1fec114..4d5c774b 100644 --- a/install/ubuntu/13.04/templates/web/nginx/http2.tpl +++ b/install/ubuntu/13.04/templates/web/nginx/http2.tpl @@ -1,14 +1,14 @@ server { listen %ip%:%proxy_port%; server_name %domain_idn% %alias_idn%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass http://%ip%:%web_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %docroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/ubuntu/13.10/templates/web/nginx/http2.stpl b/install/ubuntu/13.10/templates/web/nginx/http2.stpl index 76dd2f8e..72e72a90 100644 --- a/install/ubuntu/13.10/templates/web/nginx/http2.stpl +++ b/install/ubuntu/13.10/templates/web/nginx/http2.stpl @@ -4,14 +4,14 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass https://%ip%:%web_ssl_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %sdocroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/ubuntu/13.10/templates/web/nginx/http2.tpl b/install/ubuntu/13.10/templates/web/nginx/http2.tpl index c1fec114..4d5c774b 100644 --- a/install/ubuntu/13.10/templates/web/nginx/http2.tpl +++ b/install/ubuntu/13.10/templates/web/nginx/http2.tpl @@ -1,14 +1,14 @@ server { listen %ip%:%proxy_port%; server_name %domain_idn% %alias_idn%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass http://%ip%:%web_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %docroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/ubuntu/14.04/templates/web/nginx/http2.stpl b/install/ubuntu/14.04/templates/web/nginx/http2.stpl index 76dd2f8e..72e72a90 100644 --- a/install/ubuntu/14.04/templates/web/nginx/http2.stpl +++ b/install/ubuntu/14.04/templates/web/nginx/http2.stpl @@ -4,14 +4,14 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass https://%ip%:%web_ssl_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %sdocroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/ubuntu/14.04/templates/web/nginx/http2.tpl b/install/ubuntu/14.04/templates/web/nginx/http2.tpl index c1fec114..4d5c774b 100644 --- a/install/ubuntu/14.04/templates/web/nginx/http2.tpl +++ b/install/ubuntu/14.04/templates/web/nginx/http2.tpl @@ -1,14 +1,14 @@ server { listen %ip%:%proxy_port%; server_name %domain_idn% %alias_idn%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass http://%ip%:%web_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %docroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/ubuntu/14.10/templates/web/nginx/http2.stpl b/install/ubuntu/14.10/templates/web/nginx/http2.stpl index 76dd2f8e..72e72a90 100644 --- a/install/ubuntu/14.10/templates/web/nginx/http2.stpl +++ b/install/ubuntu/14.10/templates/web/nginx/http2.stpl @@ -4,14 +4,14 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass https://%ip%:%web_ssl_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %sdocroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/ubuntu/14.10/templates/web/nginx/http2.tpl b/install/ubuntu/14.10/templates/web/nginx/http2.tpl index c1fec114..4d5c774b 100644 --- a/install/ubuntu/14.10/templates/web/nginx/http2.tpl +++ b/install/ubuntu/14.10/templates/web/nginx/http2.tpl @@ -1,14 +1,14 @@ server { listen %ip%:%proxy_port%; server_name %domain_idn% %alias_idn%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass http://%ip%:%web_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %docroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/ubuntu/15.04/templates/web/nginx/http2.stpl b/install/ubuntu/15.04/templates/web/nginx/http2.stpl index 76dd2f8e..72e72a90 100644 --- a/install/ubuntu/15.04/templates/web/nginx/http2.stpl +++ b/install/ubuntu/15.04/templates/web/nginx/http2.stpl @@ -4,14 +4,14 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass https://%ip%:%web_ssl_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %sdocroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/ubuntu/15.04/templates/web/nginx/http2.tpl b/install/ubuntu/15.04/templates/web/nginx/http2.tpl index c1fec114..4d5c774b 100644 --- a/install/ubuntu/15.04/templates/web/nginx/http2.tpl +++ b/install/ubuntu/15.04/templates/web/nginx/http2.tpl @@ -1,14 +1,14 @@ server { listen %ip%:%proxy_port%; server_name %domain_idn% %alias_idn%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass http://%ip%:%web_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %docroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/ubuntu/15.10/templates/web/nginx/http2.stpl b/install/ubuntu/15.10/templates/web/nginx/http2.stpl index 76dd2f8e..72e72a90 100644 --- a/install/ubuntu/15.10/templates/web/nginx/http2.stpl +++ b/install/ubuntu/15.10/templates/web/nginx/http2.stpl @@ -4,14 +4,14 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass https://%ip%:%web_ssl_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %sdocroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/ubuntu/15.10/templates/web/nginx/http2.tpl b/install/ubuntu/15.10/templates/web/nginx/http2.tpl index c1fec114..4d5c774b 100644 --- a/install/ubuntu/15.10/templates/web/nginx/http2.tpl +++ b/install/ubuntu/15.10/templates/web/nginx/http2.tpl @@ -1,14 +1,14 @@ server { listen %ip%:%proxy_port%; server_name %domain_idn% %alias_idn%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass http://%ip%:%web_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %docroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/ubuntu/16.04/templates/web/nginx/http2.stpl b/install/ubuntu/16.04/templates/web/nginx/http2.stpl index 76dd2f8e..72e72a90 100644 --- a/install/ubuntu/16.04/templates/web/nginx/http2.stpl +++ b/install/ubuntu/16.04/templates/web/nginx/http2.stpl @@ -4,14 +4,14 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass https://%ip%:%web_ssl_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %sdocroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/ubuntu/16.04/templates/web/nginx/http2.tpl b/install/ubuntu/16.04/templates/web/nginx/http2.tpl index c1fec114..4d5c774b 100644 --- a/install/ubuntu/16.04/templates/web/nginx/http2.tpl +++ b/install/ubuntu/16.04/templates/web/nginx/http2.tpl @@ -1,14 +1,14 @@ server { listen %ip%:%proxy_port%; server_name %domain_idn% %alias_idn%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass http://%ip%:%web_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %docroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/ubuntu/16.10/templates/web/nginx/http2.stpl b/install/ubuntu/16.10/templates/web/nginx/http2.stpl index 76dd2f8e..72e72a90 100644 --- a/install/ubuntu/16.10/templates/web/nginx/http2.stpl +++ b/install/ubuntu/16.10/templates/web/nginx/http2.stpl @@ -4,14 +4,14 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass https://%ip%:%web_ssl_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %sdocroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/ubuntu/16.10/templates/web/nginx/http2.tpl b/install/ubuntu/16.10/templates/web/nginx/http2.tpl index c1fec114..4d5c774b 100644 --- a/install/ubuntu/16.10/templates/web/nginx/http2.tpl +++ b/install/ubuntu/16.10/templates/web/nginx/http2.tpl @@ -1,14 +1,14 @@ server { listen %ip%:%proxy_port%; server_name %domain_idn% %alias_idn%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass http://%ip%:%web_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %docroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } From a217391565cef1d1e9feff9d7f658157ae9e18ff Mon Sep 17 00:00:00 2001 From: dpeca Date: Wed, 7 Feb 2018 21:02:53 +0100 Subject: [PATCH 0028/2300] Debian: Tolerate error in systemd/clamav-daemon.service if dir already exists --- install/vst-install-debian.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh index 2b567dfb..4b5d293d 100644 --- a/install/vst-install-debian.sh +++ b/install/vst-install-debian.sh @@ -1110,8 +1110,8 @@ if [ "$clamd" = 'yes' ]; then fi chown -R clamav:clamav /var/run/clamav if [ -e "/lib/systemd/system/clamav-daemon.service" ]; then - exec_pre1='ExecStartPre=/bin/mkdir -p /var/run/clamav' - exec_pre2='ExecStartPre=/bin/chown -R clamav:clamav /var/run/clamav' + exec_pre1='ExecStartPre=-/bin/mkdir -p /var/run/clamav' + exec_pre2='ExecStartPre=-/bin/chown -R clamav:clamav /var/run/clamav' sed -i "s|\[Service\]/|[Service]\n$exec_pre1\n$exec_pre2|g" \ /lib/systemd/system/clamav-daemon.service systemctl daemon-reload From da5bcbe624ee7d5cbc460f552071a48d4f18289b Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 8 Feb 2018 12:10:23 +0300 Subject: [PATCH 0029/2300] Fix backup rotate for ftp/sftp mode --- bin/v-backup-user | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/bin/v-backup-user b/bin/v-backup-user index f48803d0..cc28a1c8 100755 --- a/bin/v-backup-user +++ b/bin/v-backup-user @@ -615,7 +615,7 @@ ftp_backup() { fi backups_count=$(echo "$backup_list" |wc -l) if [ "$backups_count" -ge "$BACKUPS" ]; then - backups_rm_number=$((backups_count - BACKUPS)) + backups_rm_number=$((backups_count - BACKUPS + 1)) for backup in $(echo "$backup_list" |head -n $backups_rm_number); do backup_date=$(echo $backup |sed -e "s/$user.//" -e "s/.tar$//") echo -e "$(date "+%F %T") Rotated ftp backup: $backup_date" |\ @@ -770,7 +770,7 @@ sftp_backup() { fi backups_count=$(echo "$backup_list" |wc -l) if [ "$backups_count" -ge "$BACKUPS" ]; then - backups_rm_number=$((backups_count - BACKUPS)) + backups_rm_number=$((backups_count - BACKUPS + 1)) for backup in $(echo "$backup_list" |head -n $backups_rm_number); do backup_date=$(echo $backup |sed -e "s/$user.//" -e "s/.tar.*$//") echo -e "$(date "+%F %T") Rotated sftp backup: $backup_date" |\ From 74fa6d5b0ce78cbb85ea657d16f8f2c3dba93c6c Mon Sep 17 00:00:00 2001 From: Maksim Usmanov | Maks Date: Tue, 13 Feb 2018 22:54:34 +0100 Subject: [PATCH 0030/2300] Fix default alias This grep -v www.$domain make imposible to add default alias or some order alias if contain www. wwww. hiwww. so if you delete your default alias you cant add it any more. I check this and not know why is excluded, for me there is no reason for that grep --- func/main.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/func/main.sh b/func/main.sh index cec97888..dbd1970d 100644 --- a/func/main.sh +++ b/func/main.sh @@ -906,7 +906,7 @@ format_aliases() { aliases=$(echo "$aliases" |tr -s '.') aliases=$(echo "$aliases" |sed -e "s/[.]*$//g") aliases=$(echo "$aliases" |sed -e "s/^[.]*//") - aliases=$(echo "$aliases" |grep -v www.$domain |sed -e "/^$/d") + aliases=$(echo "$aliases" |sed -e "/^$/d") aliases=$(echo "$aliases" |tr '\n' ',' |sed -e "s/,$//") fi } From 26c311b7738d7d19299e7c96028db93135d87f80 Mon Sep 17 00:00:00 2001 From: "info@madeit.be" Date: Tue, 13 Feb 2018 22:17:33 +0000 Subject: [PATCH 0031/2300] Revert "Fix default alias" This reverts commit 74fa6d5b0ce78cbb85ea657d16f8f2c3dba93c6c. --- func/main.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/func/main.sh b/func/main.sh index dbd1970d..cec97888 100644 --- a/func/main.sh +++ b/func/main.sh @@ -906,7 +906,7 @@ format_aliases() { aliases=$(echo "$aliases" |tr -s '.') aliases=$(echo "$aliases" |sed -e "s/[.]*$//g") aliases=$(echo "$aliases" |sed -e "s/^[.]*//") - aliases=$(echo "$aliases" |sed -e "/^$/d") + aliases=$(echo "$aliases" |grep -v www.$domain |sed -e "/^$/d") aliases=$(echo "$aliases" |tr '\n' ',' |sed -e "s/,$//") fi } From 4cc3c1d287058be0bd06fdd7038854fffb63b1e1 Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Wed, 14 Feb 2018 17:10:14 +0200 Subject: [PATCH 0032/2300] Amazon linux support --- bin/v-add-sys-ip | 4 ++-- bin/v-add-sys-quota | 2 +- bin/v-add-vesta-softaculous | 8 ++++---- bin/v-change-sys-hostname | 10 ++++------ bin/v-list-sys-info | 11 ++++++----- bin/v-list-sys-services | 6 +++--- bin/v-list-sys-vesta-updates | 10 +++++----- bin/v-stop-firewall | 2 +- bin/v-update-firewall | 2 +- bin/v-update-sys-vesta | 2 +- bin/v-update-web-domain-stat | 2 +- bin/v-update-web-templates | 6 +++++- 12 files changed, 34 insertions(+), 31 deletions(-) diff --git a/bin/v-add-sys-ip b/bin/v-add-sys-ip index f278763b..54245bcc 100755 --- a/bin/v-add-sys-ip +++ b/bin/v-add-sys-ip @@ -60,8 +60,8 @@ if [ -z "$sys_ip_check" ]; then /sbin/ip addr add $ip/$cidr dev $interface \ broadcast $broadcast label $iface - # Adding RHEL/CentOS/Fedora startup script - if [ -e "/etc/redhat-release" ]; then + # Adding RHEL/CentOS/Fedora/Amazon startup script + if [ -d "/etc/sysconfig" ]; then sys_ip="# Added by vesta" sys_ip="$sys_ip\nDEVICE=$iface" sys_ip="$sys_ip\nBOOTPROTO=static" diff --git a/bin/v-add-sys-quota b/bin/v-add-sys-quota index 35423a5d..93687e9c 100755 --- a/bin/v-add-sys-quota +++ b/bin/v-add-sys-quota @@ -21,7 +21,7 @@ source $VESTA/conf/vesta.conf # Checking quota package quota=$(which --skip-alias --skip-functions quota 2>/dev/null) if [ $? -ne 0 ]; then - if [ -e "/etc/redhat-release" ]; then + if [ -d "/etc/sysconfig" ]; then yum -y install quota >/dev/null 2>&1 check_result $? "quota package installation failed" $E_UPDATE else diff --git a/bin/v-add-vesta-softaculous b/bin/v-add-vesta-softaculous index 2eb31635..b0cca53a 100755 --- a/bin/v-add-vesta-softaculous +++ b/bin/v-add-vesta-softaculous @@ -46,7 +46,7 @@ fi #----------------------------------------------------------# # Cleaning yum cache -if [ -e "/etc/redhat-release" ]; then +if [ -d "/etc/sysconfig" ]; then yum -q clean all yum="yum -q -y --noplugins --disablerepo=* --enablerepo=vesta" else @@ -57,7 +57,7 @@ fi # Updating php pacakge if [ -z "$($VESTA/php/bin/php -v|grep 'PHP 5.6')" ]; then - if [ -e "/etc/redhat-release" ]; then + if [ -d "/etc/sysconfig" ]; then $yum -y update vesta-php check_result $? "vesta-php package upgrade failed" $E_UPDATE else @@ -67,7 +67,7 @@ if [ -z "$($VESTA/php/bin/php -v|grep 'PHP 5.6')" ]; then fi # Adding vesta-ioncube package -if [ -e "/etc/redhat-release" ]; then +if [ -d "/etc/sysconfig" ]; then rpm -q vesta-ioncube >/dev/null 2>&1 if [ $? -ne 0 ]; then $yum -y install vesta-ioncube >/dev/null 2>&1 @@ -82,7 +82,7 @@ else fi # Adding vesta-softaculous package -if [ -e "/etc/redhat-release" ]; then +if [ -d "/etc/sysconfig" ]; then rpm -q vesta-softaculous >/dev/null 2>&1 if [ $? -ne 0 ]; then $yum -y install vesta-softaculous >/dev/null 2>&1 diff --git a/bin/v-change-sys-hostname b/bin/v-change-sys-hostname index bf1e8bae..c5a6adb1 100755 --- a/bin/v-change-sys-hostname +++ b/bin/v-change-sys-hostname @@ -31,18 +31,16 @@ is_format_valid 'domain' hostname $domain -# RHEL/CentOS -if [ -e "/etc/redhat-release" ]; then +if [ -d "/etc/sysconfig" ]; then + # RHEL/CentOS/Amazon touch /etc/sysconfig/network if [ -z "$(grep HOSTNAME /etc/sysconfig/network)" ]; then echo "HOSTNAME='$domain'" >> /etc/sysconfig/network else sed -i "s/HOSTNAME=.*/HOSTNAME='$domain'/" /etc/sysconfig/network fi -fi - -# Debian/Ubuntu -if [ ! -e "/etc/redhat-release" ]; then +else + # Debian/Ubuntu echo "$domain" > /etc/hostname fi diff --git a/bin/v-list-sys-info b/bin/v-list-sys-info index dabd3160..0072b82b 100755 --- a/bin/v-list-sys-info +++ b/bin/v-list-sys-info @@ -56,17 +56,18 @@ csv_list() { HOSTNAME=$(hostname) # Check OS/Release -if [ -e '/etc/redhat-release' ]; then - if [ ! -z "$(grep CentOS /etc/redhat-release)" ]; then +if [ -d '/etc/sysconfig' ]; then + if [ -e '/etc/redhat-release' ]; then OS='CentOS' + VERSION=$(cat /etc/redhat-release |tr ' ' '\n' |grep [0-9]) else - OS="RHEL" + OS="Amazon" + VERSION=$(cat /etc/issue |tr ' ' '\n' |grep [0-9]) fi - VERSION=$(cat /etc/redhat-release| tr ' ' '\n' |grep [0-9]) else if [ "$(lsb_release -si)" == "Ubuntu" ] && [ -e '/etc/debian_version' ]; then OS="Ubuntu" - VERSION=$(grep DISTRIB_RELEASE /etc/lsb-release| cut -f 2 -d '=') + VERSION=$(grep DISTRIB_RELEASE /etc/lsb-release |cut -f 2 -d '=') else distro=$(head -n1 /etc/issue |cut -f 1 -d ' ') if [ "$distro" = 'Debian' ]; then diff --git a/bin/v-list-sys-services b/bin/v-list-sys-services index f2622795..3718c171 100755 --- a/bin/v-list-sys-services +++ b/bin/v-list-sys-services @@ -191,7 +191,7 @@ fi # Checking MAIL ANTIVIRUS if [ ! -z "$ANTIVIRUS_SYSTEM" ] && [ "$ANTIVIRUS_SYSTEM" != 'remote' ]; then - if [ -e "/etc/redhat-release" ]; then + if [ -d "/etc/sysconfig" ]; then if [ "$ANTIVIRUS_SYSTEM" == 'clamav' ];then ANTIVIRUS_SYSTEM='clamd' fi @@ -220,7 +220,7 @@ if [ ! -z "$DB_SYSTEM" ] && [ "$DB_SYSTEM" != 'remote' ]; then proc_name='' service="$db" if [ "$service" = 'mysql' ]; then - if [ -e "/etc/redhat-release" ]; then + if [ -d "/etc/sysconfig" ]; then service='mysqld' proc_name='mysqld' if [ -e "/usr/lib/systemd/system/mariadb.service" ]; then @@ -231,7 +231,7 @@ if [ ! -z "$DB_SYSTEM" ] && [ "$DB_SYSTEM" != 'remote' ]; then if [ "$service" == 'pgsql' ]; then service='postgresql' proc_name='postmaster' - if [ ! -e "/etc/redhat-release" ]; then + if [ ! -d "/etc/sysconfig" ]; then proc_name='postgres' fi if [ ! -e '/etc/init.d/postgresql' ]; then diff --git a/bin/v-list-sys-vesta-updates b/bin/v-list-sys-vesta-updates index dcd40990..adcd6a1a 100755 --- a/bin/v-list-sys-vesta-updates +++ b/bin/v-list-sys-vesta-updates @@ -64,7 +64,7 @@ shell_list() { latest=$(wget -q -T 1 -t 1 http://c.vestacp.com/latest.txt -O -) # Checking installed vesta version -if [ -e "/etc/redhat-release" ]; then +if [ -d "/etc/sysconfig" ]; then rpm_format="VERSION='%{VERSION}'" rpm_format="$rpm_format RELEASE='%{RELEASE}'" rpm_format="$rpm_format ARCH='%{ARCH}'" @@ -89,7 +89,7 @@ data="NAME='vesta' VERSION='$VERSION' RELEASE='$RELEASE' ARCH='$ARCH'" data="$data UPDATED='$UPDATED' DESCR='core package' TIME='$TIME' DATE='$DATE'" # Checking installed vesta-php version -if [ -e "/etc/redhat-release" ]; then +if [ -d "/etc/sysconfig" ]; then eval $(rpm --queryformat="$rpm_format" -q vesta-php) DATE=$(date -d @$UTIME +%F) TIME=$(date -d @$UTIME +%T) @@ -107,7 +107,7 @@ data="$data ARCH='$ARCH' UPDATED='$UPDATED' DESCR='php interpreter'" data="$data TIME='$TIME' DATE='$DATE'" # Checking installed vesta-nginx version -if [ -e "/etc/redhat-release" ]; then +if [ -d "/etc/sysconfig" ]; then eval $(rpm --queryformat="$rpm_format" -q vesta-nginx) DATE=$(date -d @$UTIME +%F) TIME=$(date -d @$UTIME +%T) @@ -126,7 +126,7 @@ data="$data TIME='$TIME' DATE='$DATE'" # Checking installed vesta-ioncube version if [ "$SOFTACULOUS" = 'yes' ]; then - if [ -e "/etc/redhat-release" ]; then + if [ -d "/etc/sysconfig" ]; then eval $(rpm --queryformat="$rpm_format" -q vesta-ioncube) DATE=$(date -d @$UTIME +%F) TIME=$(date -d @$UTIME +%T) @@ -146,7 +146,7 @@ fi # Checking installed vesta-softaculous version if [ "$SOFTACULOUS" = 'yes' ]; then - if [ -e "/etc/redhat-release" ]; then + if [ -d "/etc/sysconfig" ]; then eval $(rpm --queryformat="$rpm_format" -q vesta-softaculous) DATE=$(date -d @$UTIME +%F) TIME=$(date -d @$UTIME +%T) diff --git a/bin/v-stop-firewall b/bin/v-stop-firewall index 4087190d..2cd653a6 100755 --- a/bin/v-stop-firewall +++ b/bin/v-stop-firewall @@ -56,7 +56,7 @@ bash $tmp 2>/dev/null rm -f $tmp # Saving rules to the master iptables file -if [ -e "/etc/redhat-release" ]; then +if [ -d "/etc/sysconfig" ]; then /sbin/iptables-save > /etc/sysconfig/iptables if [ -z "$(ls /etc/rc3.d/S*iptables 2>/dev/null)" ]; then /sbin/chkconfig iptables off diff --git a/bin/v-update-firewall b/bin/v-update-firewall index ccea7f3f..da91acc8 100755 --- a/bin/v-update-firewall +++ b/bin/v-update-firewall @@ -157,7 +157,7 @@ if [ ! -z "$FIREWALL_EXTENSION" ]; then fi # Saving rules to the master iptables file -if [ -e "/etc/redhat-release" ]; then +if [ -d "/etc/sysconfig" ]; then /sbin/iptables-save > /etc/sysconfig/iptables if [ -z "$(ls /etc/rc3.d/S*iptables 2>/dev/null)" ]; then /sbin/chkconfig iptables on diff --git a/bin/v-update-sys-vesta b/bin/v-update-sys-vesta index a42e4d71..39cd33a2 100755 --- a/bin/v-update-sys-vesta +++ b/bin/v-update-sys-vesta @@ -33,7 +33,7 @@ check_args '1' "$#" 'PACKAGE' # Action # #----------------------------------------------------------# -if [ -e "/etc/redhat-release" ]; then +if [ -d "/etc/sysconfig" ]; then # Clean yum chache yum -q clean all diff --git a/bin/v-update-web-domain-stat b/bin/v-update-web-domain-stat index c77b750b..c2c793e3 100755 --- a/bin/v-update-web-domain-stat +++ b/bin/v-update-web-domain-stat @@ -62,7 +62,7 @@ build_webalizer() { } build_awstats() { - if [ -e "/etc/redhat-release" ]; then + if [ -d "/etc/sysconfig" ]; then awstats="/usr/share/awstats/wwwroot/cgi-bin/awstats.pl" wwwroot="/usr/share/awstats/wwwroot" if [ ! -e "$awstats" ]; then diff --git a/bin/v-update-web-templates b/bin/v-update-web-templates index 3196c8b4..df882dd7 100755 --- a/bin/v-update-web-templates +++ b/bin/v-update-web-templates @@ -33,7 +33,11 @@ esac # Detecting release if [ "$version" = 'rhel' ]; then - release=$(grep -o "[0-9]" /etc/redhat-release |head -n1) + if [ -e '/etc/redhat-release' ]; then + release=$(grep -o "[0-9]" /etc/redhat-release |head -n1) + else + release=6 + fi fi if [ "$version" = 'ubuntu' ]; then release=$(lsb_release -r |awk '{print $2}') From 4c1a67a9b19a5381f5f40d68b8fb629155c40006 Mon Sep 17 00:00:00 2001 From: nothinux Date: Tue, 6 Mar 2018 12:36:32 +0700 Subject: [PATCH 0033/2300] fix indonesian translation --- web/inc/i18n/id.php | 510 ++++++++++++++++++++++---------------------- 1 file changed, 254 insertions(+), 256 deletions(-) diff --git a/web/inc/i18n/id.php b/web/inc/i18n/id.php index ad3c18eb..1a55af74 100644 --- a/web/inc/i18n/id.php +++ b/web/inc/i18n/id.php @@ -1,22 +1,20 @@ 'Paket', 'IP' => 'IP', 'Graphs' => 'Grafik', - 'Statistics' => 'Statisktik', + 'Statistics' => 'Statistik', 'Log' => 'Log', 'Server' => 'Server', 'Services' => 'Layanan', 'Firewall' => 'Firewall', - 'Updates' => 'Updates', + 'Updates' => 'Perbarui', 'Log in' => 'Masuk', 'Log out' => 'Keluar', @@ -28,22 +26,22 @@ $LANG['id'] = array( 'CRON' => 'CRON', 'BACKUP' => 'CADANGAN', - 'LOGIN' => 'LOGIN', - 'RESET PASSWORD' => 'RESET PASSWORD', - 'SEARCH' => 'SEARCH', - 'PACKAGE' => 'PACKAGE', + 'LOGIN' => 'MASUK', + 'RESET PASSWORD' => 'RESET KATA SANDI', + 'SEARCH' => 'CARI', + 'PACKAGE' => 'PAKET', 'RRD' => 'RRD', 'STATS' => 'STATS', 'LOG' => 'LOG', - 'UPDATES' => 'UPDATES', + 'UPDATES' => 'PERBARUI', 'FIREWALL' => 'FIREWALL', 'SERVER' => 'SERVER', - 'MEMORY' => 'MEMORY', - 'DISK' => 'DISK', - 'NETWORK' => 'NETWORK', + 'MEMORY' => 'MEMORI', + 'DISK' => 'DISKA', + 'NETWORK' => 'JARINGAN', 'Web Log Manager' => 'Web Log Manager', - 'no notifications' => 'no notifications', + 'no notifications' => 'tidak ada notifikasi', 'Add User' => 'Tambah Pengguna', 'Add Domain' => 'Tambah Domain', @@ -60,7 +58,7 @@ $LANG['id'] = array( 'Add Package' => 'Tambah Paket', 'Add IP' => 'Tambah IP', 'Add Rule' => 'Tambah Aturan', - 'Ban IP Address' => 'Memblokir IP', + 'Ban IP Address' => 'Blokir Alamat IP', 'Search' => 'Cari', 'Add one more FTP Account' => 'Tambah satu lagi Pengguna FTP', 'Overall Statistics' => 'Seluruh Statistik', @@ -71,16 +69,16 @@ $LANG['id'] = array( 'Add' => 'Tambah', 'Back' => 'Kembali', 'Save' => 'Simpan', - 'Submit' => 'Masukkan', + 'Submit' => 'Submit', 'toggle all' => 'alihkan semua', - 'apply to selected' => 'terapkan yg dipilih', - 'rebuild' => 'rancang ulang', - 'rebuild web' => 'rancang ulang web', - 'rebuild dns' => 'rancang ulang dns', - 'rebuild mail' => 'rancang ulang mail', - 'rebuild db' => 'rancang ulang db', - 'rebuild cron' => 'rancang ulang cron', + 'apply to selected' => 'terapkan yang dipilih', + 'rebuild' => 'bangun kembali', + 'rebuild web' => 'bangun kembali web', + 'rebuild dns' => 'bangun kembali dns', + 'rebuild mail' => 'bangun kembali mail', + 'rebuild db' => 'bangun kembali db', + 'rebuild cron' => 'bangun kembali cron', 'update counters' => 'perbarui penghitung', 'suspend' => 'tangguhkan', 'unsuspend' => 'batalkan penangguhan', @@ -90,7 +88,7 @@ $LANG['id'] = array( 'logout' => 'keluar', 'edit' => 'sunting', 'open webstats' => 'buka webstats', - 'view logs' => 'lihat catatan', + 'view logs' => 'lihat log', 'list records' => 'daftar %s records', 'add record' => 'tambah record', 'list accounts' => 'daftar %s akun', @@ -110,12 +108,12 @@ $LANG['id'] = array( 'reread IP' => 'baca ulang IP', 'enable autoupdate' => 'mengaktifkan autoupdate', 'disable autoupdate' => 'menonaktifkan autoupdate', - 'turn on notifications' => 'mengaktifkan notifik.', - 'turn off notifications' => 'menonaktifkan notifik.', - 'configure' => 'configure', + 'turn on notifications' => 'mengaktifkan notifikasi.', + 'turn off notifications' => 'menonaktifkan notifikasi.', + 'configure' => 'konfigurasi', - 'Adding User' => 'Menambah User', - 'Editing User' => 'Menyunting User', + 'Adding User' => 'Menambah Pengguna', + 'Editing User' => 'Menyunting Pengguna', 'Adding Domain' => 'Menambah Domain', 'Editing Domain' => 'Menyunting Domain', 'Adding DNS Domain' => 'Menambah DNS Domain', @@ -147,7 +145,7 @@ $LANG['id'] = array( 'suspended' => 'ditangguhkan', 'running' => 'berjalan', 'stopped' => 'berhenti', - 'outdated' => 'kadarluasa', + 'outdated' => 'kadaluarsa', 'updated' => 'perbarui', 'yes' => 'ya', @@ -162,20 +160,20 @@ $LANG['id'] = array( 'day' => 'hari', 'days' => ' hari', 'hours' => ' jam', - 'minutes' => ' jam', - 'month' => ' month', + 'minutes' => ' menit', + 'month' => ' bulan', 'package' => 'paket', 'Bandwidth' => 'Bandwidth', - 'Disk' => 'Cakram', + 'Disk' => 'Diska', 'Web' => 'Web', 'Mail' => 'Mail', 'Databases' => 'Basis Data', 'User Directories' => 'Direktori Pengguna', - 'Template' => 'Contoh', - 'Web Template' => 'Contoh Web', - 'Backend Template' => 'Contoh Backend', - 'Proxy Template' =>'Contoh Proxy', - 'DNS Template' => 'Contoh DNS', + 'Template' => 'Template', + 'Web Template' => 'Template Web', + 'Backend Template' => 'Template Backend', + 'Proxy Template' =>'Template Proxy', + 'DNS Template' => 'Template DNS', 'Web Domains' => 'Web Domains', 'SSL Domains' => 'SSL Domains', 'Web Aliases' => 'Web Aliases', @@ -185,20 +183,20 @@ $LANG['id'] = array( 'DNS records' => 'DNS records', 'Name Servers' => 'Name Servers', 'Mail Domains' => 'Mail Domains', - 'Mail Accounts' => 'Para Pengguna Mail', + 'Mail Accounts' => 'Akun mail', 'Cron Jobs' => 'Cron Jobs', 'SSH Access' => 'Akses SSH', - 'IP Address' => 'IP Address', + 'IP Address' => 'Alamat IP', 'IP Addresses' => 'Alamat IP', 'Backups' => 'Cadangkan', - 'Backup System' => 'Cadangkan System', - 'backup exclusions' => 'pengecualian', - 'template' => 'kerangka', + 'Backup System' => 'Cadangkan Sistem', + 'backup exclusions' => 'pengecualian Cadangan', + 'template' => 'template', 'SSL Support' => 'Dukungan SSL', - 'SSL Home Directory' => 'Direktori SSL Home', - 'Lets Encrypt Support' => 'Lets Encrypt Support', + 'SSL Home Directory' => 'Direktori Home SSL', + 'Lets Encrypt Support' => 'Dukungan Lets Encrypt', 'Lets Encrypt' => 'Lets Encrypt', - 'Your certificate will be automatically issued in 5 minutes' => 'Your certificate will be automatically issued in 5 minutes', + 'Your certificate will be automatically issued in 5 minutes' => 'Sertifikat anda akan otomatis didapat dalam 5 menit', 'Proxy Support' => 'Dukungan Proxy', 'Proxy Extensions' => 'Ekstensi Proxy', 'Web Statistics' => 'Statistik Web', @@ -206,7 +204,7 @@ $LANG['id'] = array( 'Path' => 'Path', 'SOA' => 'SOA', 'TTL' => 'TTL', - 'Expire' => 'Kadarluasa', + 'Expire' => 'Expire', 'Records' => 'Records', 'Serial' => 'Serial', 'Catchall email' => 'Catchall email', @@ -217,18 +215,18 @@ $LANG['id'] = array( 'Quota' => 'Kuota', 'Autoreply' => 'Balasan Otomatis', 'Forward to' => 'Teruskan ke', - 'Do not store forwarded mail' => 'Email terusan-nya jangan disimpan', - 'IMAP hostname' => 'IMAP hostname', - 'IMAP port' => 'IMAP port', - 'IMAP security' => 'IMAP security', - 'IMAP auth method' => 'IMAP auth method', - 'SMTP hostname' => 'SMTP hostname', - 'SMTP port' => 'SMTP port', - 'SMTP security' => 'SMTP security', - 'SMTP auth method' => 'SMTP auth method', + 'Do not store forwarded mail' => 'Jangan simpan terusan surel', + 'IMAP hostname' => 'hostname IMAP', + 'IMAP port' => 'port IMAP', + 'IMAP security' => 'keamanan IMAP', + 'IMAP auth method' => 'metode autentikasi IMAP', + 'SMTP hostname' => 'hostname SMTP', + 'SMTP port' => 'port SMTP', + 'SMTP security' => 'keamanan SMTP', + 'SMTP auth method' => 'metode autentikasi SMTP', 'STARTTLS' => 'STARTTLS', - 'Normal password' => 'Normal password', - 'database' => 'basisdata', + 'Normal password' => 'kata sandi', + 'database' => 'basis data', 'User' => 'Pengguna', 'Host' => 'Host', 'Charset' => 'Charset', @@ -249,14 +247,14 @@ $LANG['id'] = array( 'Users' => 'Para Pengguna', 'Load Average' => 'Rata2 Pemuatan', 'Memory Usage' => 'Penggunaan Memori', - 'APACHE2 Usage' => 'APACHE2 Usage', + 'APACHE2 Usage' => 'Penggunaan APACHE2', 'HTTPD Usage' => 'Penggunaan HTTPD', 'NGINX Usage' => 'Penggunaan NGINX', 'MySQL Usage on localhost' => 'Penggunaan MySQL di localhost', 'PostgreSQL Usage on localhost' => 'Penggunaan PostgreSQL di localhost', 'Bandwidth Usage eth0' => 'Penggunaan Bandwidth eth0', 'Bandwidth Usage eth1' => 'Penggunaan Bandwidth eth1', - 'Exim Usage' => 'Exim Usage', + 'Exim Usage' => 'Penggunaan Exim', 'FTP Usage' => 'Penggunaan FTP', 'SSH Usage' => 'Penggunaan SSH', 'reverse proxy' => 'reverse proxy', @@ -266,7 +264,7 @@ $LANG['id'] = array( 'pop/imap server' => 'server pop/imap', 'email antivirus' => 'email antivirus', 'email antispam' => 'email antispam', - 'database server' => 'server basisdata', + 'database server' => 'server basis data', 'ftp server' => 'server ftp', 'job scheduler' => 'jadwal pekerjaan', 'firewall' => 'firewall', @@ -282,20 +280,20 @@ $LANG['id'] = array( 'Architecture' => 'Arsitektur', 'Object' => 'Objek', 'Username' => 'Nama Pengguna', - 'Password' => 'Katakunci', + 'Password' => 'Kata sandi', 'Email' => 'Email', 'Package' => 'Paket', 'Language' => 'Bahasa', 'First Name' => 'Nama Depan', 'Last Name' => 'Nama Belakang', - 'Send login credentials to email address' => 'Kirim mandat login ke alamat email', - 'Default Template' => 'Contoh Standar', - 'Default Name Servers' => 'Standar Name Servers', + 'Send login credentials to email address' => 'Kirim kredensial login ke alamat email', + 'Default Template' => 'Template Standar', + 'Default Name Servers' => 'Name Servers Standar', 'Domain' => 'Domain', 'DNS Support' => 'Dukungan DNS', 'Mail Support' => 'Dukungan Mail', 'Advanced options' => 'Opsi lanjutan', - 'Basic options' => 'Basic options', + 'Basic options' => 'Opsi Dasar', 'Aliases' => 'Alias', 'SSL Certificate' => 'Sertifikat SSL', 'SSL Key' => 'Kunci SSL', @@ -306,20 +304,20 @@ $LANG['id'] = array( 'Statistics Authorization' => 'Statistik Otoritas', 'Statistics Auth' => 'Statistik Otoritas', 'Account' => 'Pengguna', - 'Prefix will be automaticaly added to username' => 'Awalan % s nantinya ditambahin otomatis ke nama pengguna', - 'Send FTP credentials to email' => 'Kirim mandat FTP ke email', - 'Expiration Date' => 'Tanggal Kadarluasa', + 'Prefix will be automaticaly added to username' => 'Prefix %s nantinya ditambahin otomatis ke nama pengguna', + 'Send FTP credentials to email' => 'Kirim kredensial FTP ke email', + 'Expiration Date' => 'Tanggal Kadaluarsa', 'YYYY-MM-DD' => 'YYYY-MM-DD', - 'Name servers' => 'Name servers', + 'Name servers' => 'Name server', 'Record' => 'Record', - 'IP or Value' => 'IP or Nilai', + 'IP or Value' => 'Alamat IP atau Nilai', 'Priority' => 'Prioritas', - 'Record Number' => 'Nomer Record', + 'Record Number' => 'Nomor Record', 'in megabytes' => 'dalam megabytes', - 'Message' => 'PEsan', - 'use local-part' => 'gunakan local-part', + 'Message' => 'Pesan', + 'use local-part' => 'gunakan part lokal', 'one or more email addresses' => 'satu atau lebih alamat email', - 'Prefix will be automaticaly added to database name and database user' => 'Awalan %s nantinya ditambahin otomatis ke nama dan pengguna basisdata', + 'Prefix will be automaticaly added to database name and database user' => 'Prefix %s akan otomatis ditambahkan ke nama basis data dan pengguna basis data', 'Database' => 'Basis Data', 'Type' => 'Jenis', 'Minute' => 'Menit', @@ -338,19 +336,19 @@ $LANG['id'] = array( 'mail domains' => 'mail domains', 'mail accounts' => 'mail accounts', 'accounts' => 'akun-akun', - 'databases' => 'basisdata', + 'databases' => 'basis data', 'cron jobs' => 'cron jobs', - 'backups' => 'cadangan-cadangan', + 'backups' => 'cadangan', 'quota' => 'kuota', 'day of week' => 'hari dalam seminggu', 'cmd' => 'cmd', - 'users' => 'pengguna-pengguna', + 'users' => 'pengguna', 'domains' => 'domains', 'aliases' => 'aliases', 'records' => 'records', 'jobs' => 'jobs', - 'username' => 'namapengguna', - 'password' => 'katakunci', + 'username' => 'nama pengguna', + 'password' => 'kata sandi', 'type' => 'tipe', 'charset' => 'charset', 'domain' => 'domain', @@ -362,17 +360,17 @@ $LANG['id'] = array( 'assigned user' => 'pengguna yg ditetapkan', 'ns1' => 'ns1', 'ns2' => 'ns2', - 'user' => 'user', + 'user' => 'pengguna', 'email' => 'email', 'first name' => 'nama depan', 'last name' => 'nama belakang', 'account' => 'akun', 'ssl certificate' => 'sertifikat ssl', 'ssl key' => 'kunci ssl', - 'stats user password' => 'stats namapengguna katakunci', - 'stats username' => 'stats namapengguna', - 'stats password' => 'stats katakunci', - 'ftp user password' => 'ftp namapengguna katakunci', + 'stats user password' => 'stats nama pengguna kata sandi', + 'stats username' => 'stats nama pengguna', + 'stats password' => 'stats kata sandi', + 'ftp user password' => 'ftp nama pengguna kata sandi', 'ftp user' => 'ftp pengguna', 'Last 70 lines of %s.%s.log' => '70 baris terakhir dari %s.%s.log', 'AccessLog' => 'AccessLog', @@ -380,26 +378,26 @@ $LANG['id'] = array( 'Download AccessLog' => 'Unduh AccessLog', 'Download ErrorLog' => 'Unduh ErrorLog', 'Country' => 'Negara', - '2 letter code' => '2 kode surat', - 'State / Province' => 'Propinsi', + '2 letter code' => '2 kode negara', + 'State / Province' => 'Provinsi', 'City / Locality' => 'Kota', 'Organization' => 'Organisasi', - 'Action' => 'Action', + 'Action' => 'Aksi', 'Protocol' => 'Protokol', 'Port' => 'Port', 'Comment' => 'Komentar', - 'Banlist' => 'Banlist', + 'Banlist' => 'list blokir', 'ranges are acceptable' => 'rentang yang diperbolehkan', - 'CIDR format is supported' => 'Format CIDR didukung', - 'ACCEPT' => 'ACCEPT', - 'DROP' => 'DROP', + 'CIDR format is supported' => 'Format CIDR yang didukung', + 'ACCEPT' => 'TERIMA', + 'DROP' => 'BLOKIR', 'TCP' => 'TCP', 'UDP' => 'UDP', 'ICMP' => 'ICMP', 'SSH' => 'SSH', 'FTP' => 'FTP', 'VESTA' => 'VESTA', - 'Add one more Name Server' => 'Add one more Name Server', + 'Add one more Name Server' => 'Tambah satu atau lebih Name Server', 'web domain' => 'web domain', 'dns domain' => 'dns domain', @@ -409,7 +407,7 @@ $LANG['id'] = array( 'cron job' => 'cron job', 'cron' => 'cron', - 'user dir' => 'user dir', + 'user dir' => 'dir pengguna', 'unlimited' => 'tidak terbatas', '1 account' => '1 pengguna', @@ -441,75 +439,75 @@ $LANG['id'] = array( 'no exclusions' => 'tidak ada pengecualian', '1 rule' => '1 aturan', '%s rules' => '%s aturan', - 'There are no currently banned IP' => 'Tidak dilarang IP', + 'There are no currently banned IP' => 'Saat ini tidak ada IP yang diblokir', - 'USER_CREATED_OK' => 'Pengguna %s udah berhasil dibikin', - 'WEB_DOMAIN_CREATED_OK' => 'Domain %s udah berhasil dibikin.', - 'DNS_DOMAIN_CREATED_OK' => 'Domain DNS%s udah berhasil dibikin.', - 'DNS_RECORD_CREATED_OK' => 'Record %s.%s udah berhasil dibikin.', - 'MAIL_DOMAIN_CREATED_OK' => 'Domain Mail %s udah berhasil dibikin.', - 'MAIL_ACCOUNT_CREATED_OK' => 'Akun Mail %s@%s udah berhasil dibikin', - 'DATABASE_CREATED_OK' => 'Database %s udah berhasil dibikin', - 'CRON_CREATED_OK' => 'Cron job udah berhasil dibuat.', - 'IP_CREATED_OK' => 'Alamat IP %s udah berhasil dibikin.', - 'PACKAGE_CREATED_OK' => 'Paket %s udah berhasil dibikin.', - 'SSL_GENERATED_OK' => 'Sertifikat udah berhasil dihasilkan.', - 'RULE_CREATED_OK' => 'Aturan udah berhasil dibikin.', - 'BANLIST_CREATED_OK' => 'IP address has been banned successfully', - 'Autoupdate has been successfully enabled' => 'Autoupdate sukses diaktifkan', + 'USER_CREATED_OK' => 'Pengguna %s telah berhasil dibuat', + 'WEB_DOMAIN_CREATED_OK' => 'Domain %s telah berhasil dibuat.', + 'DNS_DOMAIN_CREATED_OK' => 'Domain DNS%s telah berhasil dibuat.', + 'DNS_RECORD_CREATED_OK' => 'Record %s.%s telah berhasil dibuat.', + 'MAIL_DOMAIN_CREATED_OK' => 'Domain Mail %s telah berhasil dibuat.', + 'MAIL_ACCOUNT_CREATED_OK' => 'Akun Mail %s@%s telah berhasil dibuat', + 'DATABASE_CREATED_OK' => 'Basis data %s telah berhasi dibuat', + 'CRON_CREATED_OK' => 'Cron job telah berhasil dibuat.', + 'IP_CREATED_OK' => 'Alamat IP %s telah berhasil dibuat.', + 'PACKAGE_CREATED_OK' => 'Paket %s telah berhasil dibuat.', + 'SSL_GENERATED_OK' => 'Sertifikat telah berhasil didapatkan.', + 'RULE_CREATED_OK' => 'Aturan Telah berhasil dibuat.', + 'BANLIST_CREATED_OK' => 'Alamat IP telah berhasil diblokir', + 'Autoupdate has been successfully enabled' => 'Autoupdate telah diaktifkan', 'Autoupdate has been successfully disabled' => 'Autoupdate telah dinonaktifkan', 'Cronjob email reporting has been successfully enabled' => 'Pelaporan cronjob telah berhasil diaktifkan', 'Cronjob email reporting has been successfully disabled' => 'Pelaporan cronjob telah berhasil dinonaktifkan', - 'Changes has been saved.' => 'Perubahan udah disimpan.', + 'Changes has been saved.' => 'Perubahan telah disimpan.', 'Confirmation' => 'Konfirmasi', - 'DELETE_USER_CONFIRMATION' => 'Yakin pengguna %s mau dihapus nih?', - 'SUSPEND_USER_CONFIRMATION' => 'Yakin pengguna %s mau ditangguhkan nih?', - 'UNSUSPEND_USER_CONFIRMATION' => 'Yakin mau batalin penangguhan pengguna %s?', - 'DELETE_DOMAIN_CONFIRMATION' => 'Domain %s beneran mau dihapus?', - 'SUSPEND_DOMAIN_CONFIRMATION' => 'Domain %s beneran mau ditangguhin?', - 'UNSUSPEND_DOMAIN_CONFIRMATION' => 'Penangguhan Domain %s mau dibatalin. Yakin?', - 'DELETE_RECORD_CONFIRMATION' => 'Record %s mau dihapus?', - 'SUSPEND_RECORD_CONFIRMATION' => 'Record %s mau ditangguhin?', - 'UNSUSPEND_RECORD_CONFIRMATION' => 'Batalin penagguhan record %s. Yakin?', - 'DELETE_MAIL_ACCOUNT_CONFIRMATION' => 'Beneran mau ngapus %s?', - 'SUSPEND_MAIL_ACCOUNT_CONFIRMATION' => '%s mau ditangguhkan nih?', - 'UNSUSPEND_MAIL_ACCOUNT_CONFIRMATION' => 'Yakin mau batalin penangguhan %s?', - 'DELETE_DATABASE_CONFIRMATION' => 'Basisdata mau dihhapus %s, Beneran?', - 'SUSPEND_DATABASE_CONFIRMATION' => 'Basisdata %s beneran mau ditangguhin?', - 'UNSUSPEND_DATABASE_CONFIRMATION' => 'Penangguhan Basisdata %s mau dibatalin. Yakin?', - 'DELETE_CRON_CONFIRMATION' => 'Yakin mau dihapus?', - 'SUSPEND_CRON_CONFIRMATION' => 'Yakin mau ditangguhin?', - 'UNSUSPEND_CRON_CONFIRMATION' => 'Yakin mau batalin penangguhan?', - 'DELETE_BACKUP_CONFIRMATION' => 'Cadangan %s mau dihapus, serius?', - 'DELETE_EXCLUSION_CONFIRMATION' => 'Pengecualian %s mau dihapus?', - 'DELETE_PACKAGE_CONFIRMATION' => 'Paket %s mau dihapus?', - 'DELETE_IP_CONFIRMATION' => 'Alamat IP %s beneran mau dihapus?', - 'DELETE_RULE_CONFIRMATION' => 'Aturan #%s beneran mau dihapus?', - 'SUSPEND_RULE_CONFIRMATION' => 'Aturan #%s beneran mau ditangguhin?', - 'UNSUSPEND_RULE_CONFIRMATION' => 'Penangguhan aturan #%s mau dibatalin. Yakin?', - 'LEAVE_PAGE_CONFIRMATION' => 'Leave Page?', - 'RESTART_CONFIRMATION' => '%s mau me-restart?', + 'DELETE_USER_CONFIRMATION' => 'Apakah anda yakin akan menghapus pengguna %s ?', + 'SUSPEND_USER_CONFIRMATION' => 'Apakah anda yakin akan menangguhkan pengguna %s ?', + 'UNSUSPEND_USER_CONFIRMATION' => 'Apakah anda yakin akan membatalkan penangguhan pengguna %s?', + 'DELETE_DOMAIN_CONFIRMATION' => 'Apakah anda yakin akan menghapus Domain %s ?', + 'SUSPEND_DOMAIN_CONFIRMATION' => 'Apakah anda yakin akan menangguhkan domain %s ?', + 'UNSUSPEND_DOMAIN_CONFIRMATION' => 'Apakah anda yakin akan membatalkan penangguhan domain %s ?', + 'DELETE_RECORD_CONFIRMATION' => 'Apakah anda yakin akan menghapus record %s ?', + 'SUSPEND_RECORD_CONFIRMATION' => 'Apakah anda yakin akan menangguhkan record %s ?', + 'UNSUSPEND_RECORD_CONFIRMATION' => 'Apakah anda yakin akan membatalkan penangguhan record %s ?', + 'DELETE_MAIL_ACCOUNT_CONFIRMATION' => 'Apakah anda yakin akan menghapus surel %s?', + 'SUSPEND_MAIL_ACCOUNT_CONFIRMATION' => 'Apakah anda yakin akan menangguhkan surel %s ?', + 'UNSUSPEND_MAIL_ACCOUNT_CONFIRMATION' => 'Apakah anda yakin akan membatalkan penangguhan surel %s?', + 'DELETE_DATABASE_CONFIRMATION' => 'Apakah anda yakin akan menghapus basis data %s ?', + 'SUSPEND_DATABASE_CONFIRMATION' => 'Apakah anda yakin akan menangguhkan basis data %s ?', + 'UNSUSPEND_DATABASE_CONFIRMATION' => 'Apakah anda yakin akan membatalkan penangguhan basis data %s ?', + 'DELETE_CRON_CONFIRMATION' => 'Apakah anda yakin akan menghapus cron ?', + 'SUSPEND_CRON_CONFIRMATION' => 'Apakah anda yakin akan menangguhkan cron ?', + 'UNSUSPEND_CRON_CONFIRMATION' => 'Apakah anda yakin akan membatalkan penangguhan cron ?', + 'DELETE_BACKUP_CONFIRMATION' => 'Apakah anda yakin akan menghapus Cadangan %s ?', + 'DELETE_EXCLUSION_CONFIRMATION' => 'Apakah anda yakin akan menghapus Pengecualian %s ?', + 'DELETE_PACKAGE_CONFIRMATION' => 'Apakah anda yakin akan menghapus Paket %s ?', + 'DELETE_IP_CONFIRMATION' => 'Apakah anda yakin akan menghapus Alamat IP %s ?', + 'DELETE_RULE_CONFIRMATION' => 'Apakah anda yakin akan menghapus Aturan #%s ?', + 'SUSPEND_RULE_CONFIRMATION' => 'Apakah anda yakin akan menangguhkan Aturan #%s ?', + 'UNSUSPEND_RULE_CONFIRMATION' => 'Apakah anda yakin akan membatalkan penangguhan aturan #%s ?', + 'LEAVE_PAGE_CONFIRMATION' => 'Tinggalkan halaman?', + 'RESTART_CONFIRMATION' => 'Apakah anda yakin ingin me-restart %s?', 'Welcome' => 'Selamat Datang', 'LOGGED_IN_AS' => 'Masuk sebagai pengguna %s', 'Error' => 'Kesalahan', - 'Invalid username or password' => 'Nama pengguna atau katakunci salah', + 'Invalid username or password' => 'Nama pengguna atau kata sandi salah', 'Invalid username or code' => 'Kode atau nama pengguna salah', - 'Passwords not match' => 'Katakunci ngga sama', - 'Please enter valid email address.' => 'Masukkan alamat email yg valid.', - 'Field "%s" can not be blank.' => 'Field "%s" ga boleh kosong.', - 'Password is too short.' => 'Katakunci kependekan (paling dikit 6 huruf)', + 'Passwords not match' => 'Kata sandi tidak sama', + 'Please enter valid email address.' => 'Masukkan alamat surel yang valid.', + 'Field "%s" can not be blank.' => 'Field "%s" tidak boleh kosong.', + 'Password is too short.' => 'Kata sandi terlalu pendek (minimal 6 karakter)', 'Error code:' => 'Kode kesalahan: %s', 'SERVICE_ACTION_FAILED' => '"%s" "%s" gagal', - 'IP address is in use' => 'Alamat IP udah ada yang pake', - 'BACKUP_SCHEDULED' => 'Tugas udah ditambahin ke antrian. Nanti email pemberitahuan dikirim kalo backup-an sudah siap di unduh.', - 'BACKUP_EXISTS' => 'Backup lagi berjalan. Tunggu dulu sampe selesai.', - 'RESTORE_SCHEDULED' => 'Tugas udah ditambahin ke antrian. Nanti email pemberitahuan dikirim kalo backup-an sudah siap di unduh.', - 'RESTORE_EXISTS' => 'Tugas pengembalian lagi jalan. Tunggu ampe selesai baru jalanin lagi.', + 'IP address is in use' => 'Alamat IP sudah digunakan', + 'BACKUP_SCHEDULED' => 'Tugas sudah ditambahkan ke antrian. email pemberitahuan akan dikirim ketika cadangan telah siap diunduh.', + 'BACKUP_EXISTS' => 'Proses mencadangkan sedang berjalan. silahkan tunggu hingga selesai.', + 'RESTORE_SCHEDULED' => 'Tugas sudah ditambahkan ke antrian. email pemberitahuan akan dikirim ketika cadangan telah siap diunduh.', + 'RESTORE_EXISTS' => 'Tugas pengembalian sedang berjalan. Silahkan tunggu hingga selesai.', 'WEB_EXCLUSIONS' => 'Ketik nama domain, satu domain perbaris. Untuk pengecualian semua domain gunakan karakter *. Untuk pengecualian spesifik direktori gunakan format : domain.com:public_html/cache:public_html/tmp', 'DNS_EXCLUSIONS' => 'Ketik nama domain, satu domain perbaris. Untuk pengecualian semua domain gunakan karakter *.', 'MAIL_EXCLUSIONS' => 'Ketik nama domain, satu domain perbaris. Untuk pengecualian semua domain gunakan karakter *. Untuk pengecualian spesifik direktori gunakan format : domain.com:info:support:postmaster', - 'DB_EXCLUSIONS' => 'Ketik nama database, satu database per baris. Untuk pengecualian semua databases gunakan *', + 'DB_EXCLUSIONS' => 'Ketik nama basis data, satu basis data per baris. Untuk pengecualian semua databases gunakan *', 'CRON_EXCLUSIONS' => 'Untuk pengecualian semua JOBS gunakan *', 'USER_EXCLUSIONS' => 'Ketik nama direktori, satu direktori per baris. Untuk pengecualian semua direktori gunakan karakter *', @@ -517,37 +515,37 @@ $LANG['id'] = array( 'MAIL_FROM' => 'Panel Kontrol Vesta ', 'GREETINGS_GORDON_FREEMAN' => "Hai, %s %s,\n", 'GREETINGS' => "Hai,\n", - 'ACCOUNT_READY' => "Akun kamu sudah dibuat dan siap dipakai.\n\nhttps://%s/login/\nNamapengguna: %s\nKatakunci: %s\n\n--\nPanel Kontrol Vesta\n", + 'ACCOUNT_READY' => "Akun telah dibuat dan siap digunakan.\n\nhttps://%s/login/\nNama pengguna: %s\nKata sandi: %s\n\n--\nPanel Kontrol Vesta\n", - 'FTP login credentials' => 'Mandat untuk masuk FTP', - 'FTP_ACCOUNT_READY' => "Akun FTP kamu sudah dibuat dan siap dipakai.\n\nHostname: %s\nNamapengguna: %s_%s\nKatakunci: %s\n\n--\nPanel Kontrol Vesta\n", + 'FTP login credentials' => 'Kredensial untuk masuk FTP', + 'FTP_ACCOUNT_READY' => "Akun FTP telah dibuat dan siap digunakan.\n\nHostname: %s\nNama pengguna: %s_%s\nKata sandi: %s\n\n--\nPanel Kontrol Vesta\n", - 'Database Credentials' => 'Database Credentials', - 'DATABASE_READY' => "Basisdata udah berhasil dibikinin.\n\nDatabase: %s\nPengguna: %s\nKatakunci: %s\n%s\n\n--\nPanel Kontrol Vesta\n", + 'Database Credentials' => 'Kredensial Basis Data', + 'DATABASE_READY' => "Basis data telah berhasil dibuat.\n\nBasis data: %s\nNama pengguna: %s\nKata sandi: %s\n%s\n\n--\nPanel Kontrol Vesta\n", - 'forgot password' => 'lupa katakunci', + 'forgot password' => 'lupa kata sandi', 'Confirm' => 'Konfirmasi', - 'New Password' => 'Katakunci', - 'Confirm Password' => 'Konfirmasi Katakunci', + 'New Password' => 'Kata Sandi Baru', + 'Confirm Password' => 'Konfirmasi Kata Sandi', 'Reset' => 'Reset', 'Reset Code' => 'Reset Kode', 'RESET_NOTICE' => '', - 'RESET_CODE_SENT' => 'Kode katakunci buat me-reset udah dikirim ke email
', - 'MAIL_RESET_SUBJECT' => 'Katakunci di-reset pada %s', - 'PASSWORD_RESET_REQUEST' => "Kalo mau reset katakunci panel kontrol, klik aja tautan ini:\nhttps://%s/reset/?action=confirm&user=%s&code=%s\n\nAlternatively, kalo ngga ke https://%s/reset/?action=code&user=%s terus masukin kode reset-nya:\n%s\n\nKalau emang kamu ga minta reset katakunci pesan ini abaikan aja, dan maaf ya....\n\n--\nPanel Kontrol Vesta\n", + 'RESET_CODE_SENT' => 'Kode kata sandi untuk me-reset sudah dikirim ke surel
', + 'MAIL_RESET_SUBJECT' => 'Kata sandi di-reset pada %s', + 'PASSWORD_RESET_REQUEST' => "Untuk me-reset kata sandi, silahkan klik tautan ini:\nhttps://%s/reset/?action=confirm&user=%s&code=%s\n\natau ke https://%s/reset/?action=code&user=%s lalu masukan kode reset-nya:\n%s\n\nJika anda tidak meminta untuk me-reset kata sandi, silahkan abaikan pesan ini.\n\n--\nPanel Kontrol Vesta\n", 'Jan' => 'Jan', 'Feb' => 'Feb', 'Mar' => 'Mar', 'Apr' => 'Apr', - 'May' => 'May', + 'May' => 'Mei', 'Jun' => 'Jun', 'Jul' => 'Jul', - 'Aug' => 'Aug', + 'Aug' => 'Agu', 'Sep' => 'Sep', - 'Oct' => 'Oct', + 'Oct' => 'Okt', 'Nov' => 'Nov', - 'Dec' => 'Dec', + 'Dec' => 'Des', 'Configuring Server' => 'Konfigurasi Server', 'Hostname' => 'Nama Host', @@ -556,7 +554,7 @@ $LANG['id'] = array( 'Proxy Server' => 'Proxy Server', 'Web Server' => 'Web Server', 'Backend Server' => 'Backend Server', - 'Backend Pool Mode' => 'Backend Pool Mode', + 'Backend Pool Mode' => 'Mode Backend Pool', 'DNS Server' => 'DNS Server', 'DNS Cluster' => 'DNS Cluster', 'MAIL Server' => 'MAIL Server', @@ -567,16 +565,16 @@ $LANG['id'] = array( 'phpMyAdmin URL' => 'phpMyAdmin URL', 'PostgreSQL Support' => 'PostgreSQL Support', 'phpPgAdmin URL' => 'phpPgAdmin URL', - 'Maximum Number Of Databases' => 'Maximum Number Of Databases', - 'Current Number Of Databases' => 'Current Number Of Databases', - 'Local backup' => 'Local backup', - 'Compression level' => 'Compression level', - 'Directory' => 'Directory', + 'Maximum Number Of Databases' => 'Jumlah maximal basis data', + 'Current Number Of Databases' => 'Jumlah database saat ini', + 'Local backup' => 'Cadangan lokal', + 'Compression level' => 'Tingkat Kompresi', + 'Directory' => 'Direktori', 'Remote backup' => 'Remote backup', 'ftp' => 'FTP', 'sftp' => 'SFTP', 'SFTP Chroot' => 'SFTP Chroot', - 'FileSystem Disk Quota' => 'FileSystem Disk Quota', + 'FileSystem Disk Quota' => 'Kuota Diska FileSystem', 'Vesta Control Panel Plugins' => 'Vesta Control Panel Plugins', 'preview' => 'pratinjau', 'Reseller Role' => 'Aturan Reseller', @@ -584,14 +582,14 @@ $LANG['id'] = array( 'Template Manager' => 'Template Manager', 'Backup Migration Manager' => 'Backup Migration Manager', 'FileManager' => 'FileManager', - 'show: CPU / MEM / NET / DISK' => 'show: CPU / MEM / NET / DISK', + 'show: CPU / MEM / NET / DISK' => 'tampilkan: CPU / MEM / NET / DISK', 'sort by' => 'sortir', 'Date' => 'Tanggal', 'Starred' => 'Bintangi', 'Name' => 'Nama', - 'save to favorites' => 'save to favorites', + 'save to favorites' => 'simpan ke favorit', 'File Manager' => 'File Manager', 'size' => 'ukuran', @@ -603,60 +601,60 @@ $LANG['id'] = array( 'NEW DIR' => 'DIREKTORI BARU', 'DELETE' => 'HAPUS', 'RENAME' => 'GANTI', - 'MOVE' => 'MOVE', - 'RIGHTS' => 'RIGHTS', + 'MOVE' => 'PINDAH', + 'RIGHTS' => 'HAK', 'COPY' => 'SALIN', 'ARCHIVE' => 'ARSIP', 'EXTRACT' => 'EKSTRAK', 'DOWNLOAD' => 'UNDUH', - 'Are you sure?' => 'Are you sure?', + 'Are you sure?' => 'Apakah anda yakin ?', 'Hit' => 'Hit', 'to reload the page' => 'untuk memuat ulang halaman', - 'Directory name cannot be empty' => 'Nama Directory ga boleh kosong', - 'File name cannot be empty' => 'Nama File ga boleh kosong', - 'No file selected' => 'Ga ada file yg dipilih', - 'No file or folder selected' => 'Ga ada file atau folder yg dipilih', - 'File type not supported' => 'Tipe file ga didukung', - 'Directory download not available in current version' => 'Unduh direktori ga tersedia di versi ini', - 'Directory not available' => 'Direktori ga tersedia', - 'Done' => 'Sudah Selesai', + 'Directory name cannot be empty' => 'Nama Direktori tidak boleh kosong', + 'File name cannot be empty' => 'Nama File tidak boleh kosong', + 'No file selected' => 'Tidak ada file yang dipilih', + 'No file or folder selected' => 'Tidak ada file atau folder yg dipilih', + 'File type not supported' => 'Tipe file tidak didukung', + 'Directory download not available in current version' => 'Direktori Unduh tidak tersedia di versi ini', + 'Directory not available' => 'Direktori tidak tersedia', + 'Done' => 'Selesai', 'Close' => 'Tutup', 'Copy' => 'Salin', 'Cancel' => 'Batal', 'Rename' => 'Ganti nama', - 'Move' => 'Move', - 'Change Rights' => 'Change Rights', + 'Move' => 'Pindah', + 'Change Rights' => 'Ganti Hak', 'Delete' => 'Hapus', 'Extract' => 'Ekstrak', 'Create' => 'Buat', 'Compress' => 'Kompres', 'OK' => 'OK', - 'YOU ARE COPYING' => 'YOU ARE COPYING', - 'YOU ARE REMOVING' => 'YOU ARE REMOVING', - 'Delete items' => 'Delete items', - 'Copy files' => 'Copy files', - 'Move files' => 'Move files', - 'Are you sure you want to copy' => 'Yakin mau disalin', - 'Are you sure you want to move' => 'Are you sure you want to move', - 'Are you sure you want to delete' => 'Yakin mau dihapus', + 'YOU ARE COPYING' => 'ANDA MENYALIN', + 'YOU ARE REMOVING' => 'ANDA MENGHAPUS', + 'Delete items' => 'Hapus item', + 'Copy files' => 'Salin file', + 'Move files' => 'Pindah file', + 'Are you sure you want to copy' => 'Apakah anda yakin ingin menyalin', + 'Are you sure you want to move' => 'Apakah anda yakin ingin memindahkan', + 'Are you sure you want to delete' => 'Aapakah anda Yakin ingin menghapus', 'into' => 'ke', - 'existing files will be replaced' => 'file yg sudah ada akan diganti', - 'Original name' => 'Nama original', + 'existing files will be replaced' => 'file yang sudah ada akan diganti', + 'Original name' => 'Nama orisinal', 'File' => 'File', 'already exists' => 'sudah ada', - 'Create file' => 'Bikin file', - 'Create directory' => 'Bikin direktori', - 'read by owner' => 'read by owner', - 'write by owner' => 'write by owner', - 'execute/search by owner' => 'execute/search by owner', - 'read by group' => 'read by group', - 'write by group' => 'write by group', - 'execute/search by group' => 'execute/search by group', - 'read by others' => 'read by others', - 'write by others' => 'write by others', - 'execute/search by others' => 'execute/search by others', + 'Create file' => 'Buat file', + 'Create directory' => 'Buat direktori', + 'read by owner' => 'dibaca oleh owner', + 'write by owner' => 'ditulis oleh owner', + 'execute/search by owner' => 'eksekusi/cari oleh owner', + 'read by group' => 'dibaca oleh grup', + 'write by group' => 'ditulis oleh grup', + 'execute/search by group' => 'ekseskusi/cari oleh grup', + 'read by others' => 'dibaca oleh lainnya', + 'write by others' => 'ditulis oleh lainnya', + 'execute/search by others' => 'ekseskusi/cari oleh lainnya', - 'Shortcuts' => 'Shortcuts', + 'Shortcuts' => 'Pintasan', 'Add New object' => 'Tambah objek baru', 'Save Form' => 'Simpan Formulir', 'Cancel saving form' => 'Batalkan penyimpanan form', @@ -682,58 +680,58 @@ $LANG['id'] = array( 'Archive' => 'Arsip', 'Save File (in text editor)' => 'Simpan File (di text editor)', 'Close Popup / Cancel' => 'Tutup Popup / Batal', - 'Move Cursor Up' => 'Pindahkan kursur keatas', - 'Move Cursor Down' => 'Pindahkan kursur kebawah', + 'Move Cursor Up' => 'Pindahkan kursor keatas', + 'Move Cursor Down' => 'Pindahkan kursor kebawah', 'Switch to Left Tab' => 'Pindah ke tab kiri', 'Switch to Right Tab' => 'Pindah ke tab kanan', 'Switch Tab' => 'Pindah Tab', 'Go to the Top of the File List' => 'Pindah Ke atas dari Daftar File', 'Go to the Last File' => 'Pindah File terakhir', - 'Open File / Enter Directory' => 'Buka File/Masuk ke Directory', - 'Edit File' => 'Edit File', - 'Go to Parent Directory' => 'Ke Parent Directory', + 'Open File / Enter Directory' => 'Buka File/Masuk ke Direktori', + 'Edit File' => 'Sunting File', + 'Go to Parent Directory' => 'Ke Direktori Induk', 'Select Current File' => 'Pilih File ini', 'Select Bunch of Files' => 'Pilih Bunch of Files', 'Add File to the Current Selection' => 'Tambahkan File di Seleksi ini', 'Select All Files' => 'Pilih semua file', 'shortcuts are inspired by magnificent GNU Midnight Commander file manager' => - 'jalan pintas terinspirasi oleh magnificent GNU Midnight Commander file manager', + 'pintasan terinspirasi oleh magnificent GNU Midnight Commander file manager', - 'Licence Key' => 'Licence Key', - 'Enter License Key' => 'Enter License Key', - 'Buy Licence' => 'Buy Licence', - 'Buy Lifetime License' => 'Buy Lifetime License', - 'Disable and Cancel Licence' => 'Disable and Cancel Licence', - 'Licence Activated' => 'Licence Activated', - 'Licence Deactivated' => 'Licence Deactivated', - 'Restrict users so that they cannot use SSH and access only their home directory.' => 'Restrict users so that they cannot use SSH and access only their home directory.', - 'Browse, copy, edit, view, and retrieve all of your web domain files using fully featured File Manager.' => 'Browse, copy, edit, view, and retrieve all of your web domain files using fully featured File Manager.', - 'This is a commercial module, you would need to purchace license key to enable it.' => 'This is a commercial module, you would need to purchace license key to enable it.', + 'Licence Key' => 'Lisensi', + 'Enter License Key' => 'Masukan Lisensi', + 'Buy Licence' => 'Beli lisensi', + 'Buy Lifetime License' => 'Beli Lisensi seumur hidup', + 'Disable and Cancel Licence' => 'Nonaktifkan dan batalkan lisensi', + 'Licence Activated' => 'Lisensi telah aktif', + 'Licence Deactivated' => 'Lisensi telah di nonaktifkan', + 'Restrict users so that they cannot use SSH and access only their home directory.' => 'Batasi pengguna agar tidak dapat menggunakan SSH dan hanya dapat mengakses direktori home.', + 'Browse, copy, edit, view, and retrieve all of your web domain files using fully featured File Manager.' => 'Jelajahi, salin, sunting, lihat dan dapatkan semua file web anda menggunakan File Manager.', + 'This is a commercial module, you would need to purchace license key to enable it.' => 'Ini modul komersial, anda perlu membayar lisensi untuk mengaktifkannya.', - 'Minutes' => 'Minutes', - 'Hourly' => 'Hourly', - 'Run Command' => 'Run Command', - 'every month' => 'every month', - 'every odd month' => 'every odd month', - 'every even month' => 'every even month', - 'every day' => 'every day', - 'every odd day' => 'every odd day', - 'every even day' => 'every even day', - 'weekdays (5 days)' => 'weekdays (5 days)', - 'weekend (2 days)' => 'weekend (2 days)', - 'Monday' => 'Monday', - 'Tuesday' => 'Tuesday', - 'Wednesday' => 'Wednesday', - 'Thursday' => 'Thursday', - 'Friday' => 'Friday', - 'Saturday' => 'Saturday', - 'Sunday' => 'Sunday', - 'every hour' => 'every hour', - 'every two hours' => 'every two hours', - 'every minute' => 'every minute', - 'every two minutes' => 'every two minutes', - 'every' => 'every', - 'Generate' => 'Generate', + 'Minutes' => 'Permenit', + 'Hourly' => 'Perhari', + 'Run Command' => 'Jalankan Perintah', + 'every month' => 'setiap bulan', + 'every odd month' => 'setiap bulan ganjil', + 'every even month' => 'setiap bulan sekali', + 'every day' => 'setiap hari', + 'every odd day' => 'setiap hari ganjil', + 'every even day' => 'setiap hari sekali', + 'weekdays (5 days)' => 'hari kerja (5 hari)', + 'weekend (2 days)' => 'akhir pekan (2 hari)', + 'Monday' => 'Senin', + 'Tuesday' => 'Selasa', + 'Wednesday' => 'Rabu', + 'Thursday' => 'Kamis', + 'Friday' => 'Jumat', + 'Saturday' => 'Sabtu', + 'Sunday' => 'Minggu', + 'every hour' => 'setiap jam', + 'every two hours' => 'setiap dua jam', + 'every minute' => 'setiap menit', + 'every two minutes' => 'setiap dua menit', + 'every' => 'setiap', + 'Generate' => 'Hasilkan', 'webalizer' => 'webalizer', 'awstats' => 'awstats', @@ -747,14 +745,14 @@ $LANG['id'] = array( 'PUB_KEY' => 'PUB_KEY', 'ISSUER' => 'ISSUER', - 'Use server hostname' => 'Use server hostname', - 'Use domain hostname' => 'Use domain hostname', - 'Use STARTTLS' => 'Use STARTTLS', - 'Use SSL / TLS' => 'Use SSL / TLS', - 'No encryption' => 'No encryption', - 'Do not use encryption' => 'Do not use encryption', + 'Use server hostname' => 'Gunakan hostname server', + 'Use domain hostname' => 'Gunakan hostname domain', + 'Use STARTTLS' => 'Gunakan STARTTLS', + 'Use SSL / TLS' => 'Gunakan SSL / TLS', + 'No encryption' => 'tidak ada enkripsi', + 'Do not use encryption' => 'Jangan gunakan enkripsi', - 'maximum characters length, including prefix' => 'maximum %s characters length, including prefix', + 'maximum characters length, including prefix' => 'maksimal jumlah karakter %s, termasuk prefix', - 'Email Credentials' => 'Email Credentials', + 'Email Credentials' => 'Kredensial surel', ); From 4ef71310651dfd9df091a01cc4c87b2af3dada30 Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Thu, 29 Mar 2018 16:35:31 +0300 Subject: [PATCH 0034/2300] few fixes for aws linux support --- bin/v-change-user-password | 4 ++++ bin/v-update-sys-ip | 10 ++++++++++ 2 files changed, 14 insertions(+) diff --git a/bin/v-change-user-password b/bin/v-change-user-password index a420502a..22a3d78f 100755 --- a/bin/v-change-user-password +++ b/bin/v-change-user-password @@ -37,6 +37,10 @@ is_password_valid echo "$user:$password" | /usr/sbin/chpasswd md5=$(awk -v user=$user -F : 'user == $1 {print $2}' /etc/shadow) +if [ "$user" = 'admin' ] && [ -e "$VESTA/web/reset.admin" ]; then + rm -f $VESTA/web/reset.admin +fi + #----------------------------------------------------------# # Vesta # diff --git a/bin/v-update-sys-ip b/bin/v-update-sys-ip index ab7bc129..ce91ce96 100755 --- a/bin/v-update-sys-ip +++ b/bin/v-update-sys-ip @@ -114,6 +114,16 @@ for ip in $ip_list; do fi done +# Checking NAT +pub_ip=$(curl -s vestacp.com/what-is-my-ip/) +if [ ! -z "$pub_ip" ] && [ ! -e "$VESTA/data/ips/$pub_ip" ]; then + check_nat=$(grep -R "$pub_ip" $VESTA/data/ips/) + if [ -z "$check_nat" ]; then + ip=$(ls -t $VESTA/data/ips/|head -n1) + $BIN/v-change-sys-ip-nat $ip $pub_ip + fi +fi + #----------------------------------------------------------# # Vesta # From 6b97f7394c746229edda6dc356aae0bb64086ac8 Mon Sep 17 00:00:00 2001 From: dpeca Date: Thu, 5 Apr 2018 21:55:39 +0200 Subject: [PATCH 0035/2300] Determining is it MySQL or MariaDB in mysql_connect() func --- func/db.sh | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/func/db.sh b/func/db.sh index c42677a2..d9c43031 100644 --- a/func/db.sh +++ b/func/db.sh @@ -38,6 +38,11 @@ mysql_connect() { exit $E_CONNECT fi mysql_ver=$(cat $mysql_out |tail -n1 |cut -f 1 -d -) + mysql_fork="mysql" + check_mysql_fork=$(grep "MariaDB" $mysql_out) + if [ ! -z "$check_mysql_fork" ]; then + mysql_fork="mariadb" + fi rm -f $mysql_out } From eb7e6d2fba27e5ebbf1284ec924941073094a985 Mon Sep 17 00:00:00 2001 From: dpeca Date: Thu, 5 Apr 2018 22:07:36 +0200 Subject: [PATCH 0036/2300] Fixing MySQL restore user privileges (MariaDB) Fix #1523 --- func/rebuild.sh | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/func/rebuild.sh b/func/rebuild.sh index e5ab182a..eda48552 100644 --- a/func/rebuild.sh +++ b/func/rebuild.sh @@ -535,11 +535,15 @@ rebuild_mail_domain_conf() { rebuild_mysql_database() { mysql_connect $HOST mysql_query "CREATE DATABASE \`$DB\` CHARACTER SET $CHARSET" >/dev/null - if [ "$(echo $mysql_ver |cut -d '.' -f2)" -ge 7 ]; then - mysql_query "CREATE USER IF NOT EXISTS \`$DBUSER\`" >/dev/null - mysql_query "CREATE USER IF NOT EXISTS \`$DBUSER\`@localhost" >/dev/null - query="UPDATE mysql.user SET authentication_string='$MD5'" - query="$query WHERE User='$DBUSER'" + if [ "$(echo $mysql_ver |cut -d '.' -f2)" -ge 7 ] || [ "$mysql_fork" = "mariadb" ]; then + mysql_query "CREATE USER IF NOT EXISTS \`$DBUSER\`" + mysql_query "CREATE USER IF NOT EXISTS \`$DBUSER\`@localhost" + if [ "$mysql_fork" = "mariadb" ]; then + query="UPDATE mysql.user SET Password='$MD5' WHERE User='$DBUSER'" + else + query="UPDATE mysql.user SET authentication_string='$MD5'" + query="$query WHERE User='$DBUSER'" + fi else query="UPDATE mysql.user SET Password='$MD5' WHERE User='$DBUSER'" fi From 69f01fb22777c04566df310b8eac50194d325394 Mon Sep 17 00:00:00 2001 From: dpeca Date: Thu, 5 Apr 2018 23:12:42 +0200 Subject: [PATCH 0037/2300] Adding missing >/dev/null in rebuild_mysql_database() func --- func/rebuild.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/func/rebuild.sh b/func/rebuild.sh index eda48552..7f63acf1 100644 --- a/func/rebuild.sh +++ b/func/rebuild.sh @@ -536,8 +536,8 @@ rebuild_mysql_database() { mysql_connect $HOST mysql_query "CREATE DATABASE \`$DB\` CHARACTER SET $CHARSET" >/dev/null if [ "$(echo $mysql_ver |cut -d '.' -f2)" -ge 7 ] || [ "$mysql_fork" = "mariadb" ]; then - mysql_query "CREATE USER IF NOT EXISTS \`$DBUSER\`" - mysql_query "CREATE USER IF NOT EXISTS \`$DBUSER\`@localhost" + mysql_query "CREATE USER IF NOT EXISTS \`$DBUSER\`" > /dev/null + mysql_query "CREATE USER IF NOT EXISTS \`$DBUSER\`@localhost" > /dev/null if [ "$mysql_fork" = "mariadb" ]; then query="UPDATE mysql.user SET Password='$MD5' WHERE User='$DBUSER'" else From b3d78bbfdb1d9642abb2e5efc5ff056b5fe2703b Mon Sep 17 00:00:00 2001 From: dpeca Date: Thu, 5 Apr 2018 23:58:47 +0200 Subject: [PATCH 0038/2300] Avoiding IF NOT EXISTS for MariaDB 5.x in rebuild_mysql_database() --- func/rebuild.sh | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/func/rebuild.sh b/func/rebuild.sh index 7f63acf1..8cdc29f0 100644 --- a/func/rebuild.sh +++ b/func/rebuild.sh @@ -536,8 +536,13 @@ rebuild_mysql_database() { mysql_connect $HOST mysql_query "CREATE DATABASE \`$DB\` CHARACTER SET $CHARSET" >/dev/null if [ "$(echo $mysql_ver |cut -d '.' -f2)" -ge 7 ] || [ "$mysql_fork" = "mariadb" ]; then - mysql_query "CREATE USER IF NOT EXISTS \`$DBUSER\`" > /dev/null - mysql_query "CREATE USER IF NOT EXISTS \`$DBUSER\`@localhost" > /dev/null + if [ "$mysql_fork" = "mariadb" ] && [ "$(echo $mysql_ver |cut -d '.' -f1)" -eq 5 ]; then + mysql_query "CREATE USER \`$DBUSER\`" > /dev/null + mysql_query "CREATE USER \`$DBUSER\`@localhost" > /dev/null + else + mysql_query "CREATE USER IF NOT EXISTS \`$DBUSER\`" > /dev/null + mysql_query "CREATE USER IF NOT EXISTS \`$DBUSER\`@localhost" > /dev/null + fi if [ "$mysql_fork" = "mariadb" ]; then query="UPDATE mysql.user SET Password='$MD5' WHERE User='$DBUSER'" else From 7ec123a861852671589c7fa9dadcee203dd165a3 Mon Sep 17 00:00:00 2001 From: dpeca Date: Fri, 6 Apr 2018 14:50:42 +0200 Subject: [PATCH 0039/2300] Refactoring rebuild_mysql_database() func Fix #1523 --- func/rebuild.sh | 27 ++++++++++++++++++--------- 1 file changed, 18 insertions(+), 9 deletions(-) diff --git a/func/rebuild.sh b/func/rebuild.sh index 8cdc29f0..a6025928 100644 --- a/func/rebuild.sh +++ b/func/rebuild.sh @@ -535,21 +535,30 @@ rebuild_mail_domain_conf() { rebuild_mysql_database() { mysql_connect $HOST mysql_query "CREATE DATABASE \`$DB\` CHARACTER SET $CHARSET" >/dev/null - if [ "$(echo $mysql_ver |cut -d '.' -f2)" -ge 7 ] || [ "$mysql_fork" = "mariadb" ]; then - if [ "$mysql_fork" = "mariadb" ] && [ "$(echo $mysql_ver |cut -d '.' -f1)" -eq 5 ]; then + if [ "$mysql_fork" = "mysql" ]; then + # mysql + if [ "$(echo $mysql_ver |cut -d '.' -f2)" -ge 7 ]; then + # mysql >= 5.7 + mysql_query "CREATE USER IF NOT EXISTS \`$DBUSER\`" > /dev/null + mysql_query "CREATE USER IF NOT EXISTS \`$DBUSER\`@localhost" > /dev/null + query="UPDATE mysql.user SET authentication_string='$MD5'" + query="$query WHERE User='$DBUSER'" + else + # mysql < 5.7 + query="UPDATE mysql.user SET Password='$MD5' WHERE User='$DBUSER'" + fi + else + # mariadb + if [ "$(echo $mysql_ver |cut -d '.' -f1)" -eq 5 ]; then + # mariadb = 5 mysql_query "CREATE USER \`$DBUSER\`" > /dev/null mysql_query "CREATE USER \`$DBUSER\`@localhost" > /dev/null else + # mariadb = 10 mysql_query "CREATE USER IF NOT EXISTS \`$DBUSER\`" > /dev/null mysql_query "CREATE USER IF NOT EXISTS \`$DBUSER\`@localhost" > /dev/null fi - if [ "$mysql_fork" = "mariadb" ]; then - query="UPDATE mysql.user SET Password='$MD5' WHERE User='$DBUSER'" - else - query="UPDATE mysql.user SET authentication_string='$MD5'" - query="$query WHERE User='$DBUSER'" - fi - else + # mariadb any version query="UPDATE mysql.user SET Password='$MD5' WHERE User='$DBUSER'" fi mysql_query "GRANT ALL ON \`$DB\`.* TO \`$DBUSER\`@\`%\`" >/dev/null From d942f85d319911d897dac2bab309e469405e6e73 Mon Sep 17 00:00:00 2001 From: dpeca Date: Fri, 6 Apr 2018 18:20:35 +0200 Subject: [PATCH 0040/2300] Clean-up for both config styles if there is no more domains Fix #1458 --- func/domain.sh | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/func/domain.sh b/func/domain.sh index 1d4b5479..c21a38a6 100644 --- a/func/domain.sh +++ b/func/domain.sh @@ -287,10 +287,12 @@ del_web_config() { fi get_web_config_lines $WEBTPL/$1/$WEB_BACKEND/$2 $conf sed -i "$top_line,$bottom_line d" $conf - - web_domain=$(grep DOMAIN $USER_DATA/web.conf |wc -l) - if [ "$web_domain" -eq '0' ]; then - sed -i "/.*\/$user\/.*$1.conf/d" /etc/$1/conf.d/vesta.conf + fi + # clean-up for both config styles if there is no more domains + web_domain=$(grep DOMAIN $USER_DATA/web.conf |wc -l) + if [ "$web_domain" -eq '0' ]; then + sed -i "/.*\/$user\/.*/d" /etc/$1/conf.d/vesta.conf + if [ -f "$conf" ]; then rm -f $conf fi fi From 082095b164171c07d6b8d105c031493eb81d5fc1 Mon Sep 17 00:00:00 2001 From: dpeca Date: Sat, 7 Apr 2018 00:20:35 +0200 Subject: [PATCH 0041/2300] Better way to restart services in v-update-host-certificate --- bin/v-update-host-certificate | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/bin/v-update-host-certificate b/bin/v-update-host-certificate index 0f3324b9..e777afbd 100755 --- a/bin/v-update-host-certificate +++ b/bin/v-update-host-certificate @@ -72,11 +72,13 @@ chown $exim_user:mail $VESTA/ssl/certificate.crt chown $exim_user:mail $VESTA/ssl/certificate.key # Restart exim, dovecot & vesta -v-restart-mail -v-restart-service dovecot -v-restart-service vesta - - +$BIN/v-restart-mail +if [ ! -z "$IMAP_SYSTEM" ]; then + $BIN/v-restart-service "$IMAP_SYSTEM" +fi +if [ -f "/var/run/vesta-nginx.pid" ]; then + kill -HUP $(cat /var/run/vesta-nginx.pid) +fi #----------------------------------------------------------# # Vesta # From b2e75d89b763cc82d12696bceceda20199b22716 Mon Sep 17 00:00:00 2001 From: dpeca Date: Sat, 7 Apr 2018 00:38:55 +0200 Subject: [PATCH 0042/2300] Making Vesta able to update hostname SSL automatically This feature will allow VestaCP to automatically update system SSL when you add SSL to your domain (that is also hostname) through VestaCP panel. For example, if your server hostname is my.server.net and you add SSL to that domain (as you usually do via VestaCP panel), that SSL will be also installed to Vesta nginx (on 8083 port), to Exim and to devocot. This will work if you use LetsEncrypt, and it will also automatically apply renewed certificate when Vesta renew letsencrypt certificate. --- IMPORTANT --- This feature will work only if you have UPDATE_HOSTNAME_SSL='yes' in /usr/local/vesta/conf/vesta.conf Why? Because I'm not sure that Serghey want to use this mechanism for installing system SSL. So, this way it's only OPTIONAL feature, not enabled by default. On all servers nothing will happen. If Sergey likes this idea, he will easily make it enabled by default. Cheers. --- bin/v-add-web-domain-ssl | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/bin/v-add-web-domain-ssl b/bin/v-add-web-domain-ssl index 4f1e83c0..55c4ce41 100755 --- a/bin/v-add-web-domain-ssl +++ b/bin/v-add-web-domain-ssl @@ -120,6 +120,13 @@ check_result $? "Web restart failed" >/dev/null $BIN/v-restart-proxy $restart check_result $? "Proxy restart failed" >/dev/null +if [ ! -z "$UPDATE_HOSTNAME_SSL" ] && [ "$UPDATE_HOSTNAME_SSL" = "yes" ]; then + hostname=$(hostname) + if [ "$hostname" = "$domain" ]; then + $BIN/v-update-host-certificate $user $domain + fi +fi + # Logging log_history "enabled ssl support for $domain" log_event "$OK" "$ARGUMENTS" From 6d0e4efe2e381c947a7b90d9c1fb06cb94b34bac Mon Sep 17 00:00:00 2001 From: Airat Halitov Date: Sun, 8 Apr 2018 02:34:48 +0500 Subject: [PATCH 0043/2300] Update ru.php MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Обновил переводы графиков --- web/inc/i18n/ru.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/web/inc/i18n/ru.php b/web/inc/i18n/ru.php index 22a9b645..a109056c 100644 --- a/web/inc/i18n/ru.php +++ b/web/inc/i18n/ru.php @@ -63,10 +63,10 @@ $LANG['ru'] = array( 'Search' => 'Поиск', 'Add one more FTP Account' => 'Добавить еще один FTP аккаунт', 'Overall Statistics' => 'Сводная статистика', - 'Daily' => 'Ежедневно', - 'Weekly' => 'Еженедельно', - 'Monthly' => 'Ежемесячно', - 'Yearly' => 'Ежегодно', + 'Daily' => 'День', + 'Weekly' => 'Неделя', + 'Monthly' => 'Месяц', + 'Yearly' => 'Год', 'Add' => 'Добавить', 'Back' => 'Назад', 'Save' => 'Сохранить', From 3fdee2975db0c80419a0dfefff3c10a2c4de6410 Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Sun, 8 Apr 2018 21:50:32 +0300 Subject: [PATCH 0044/2300] Hardening password checks --- bin/v-check-user-password | 2 +- func/main.sh | 2 +- web/api/index.php | 4 +++- web/login/index.php | 2 +- 4 files changed, 6 insertions(+), 4 deletions(-) diff --git a/bin/v-check-user-password b/bin/v-check-user-password index 6d829c3a..57e59da3 100755 --- a/bin/v-check-user-password +++ b/bin/v-check-user-password @@ -82,7 +82,7 @@ if [ -z "$salt" ]; then fi # Generating hash -hash=$($BIN/v-generate-password-hash $method $salt <<< $password) +hash=$($BIN/v-generate-password-hash $method $salt <<< "$password") if [[ -z "$hash" ]]; then echo "Error: password missmatch" echo "$date $time $user $ip failed to login" >> $VESTA/log/auth.log diff --git a/func/main.sh b/func/main.sh index cec97888..3b04d250 100644 --- a/func/main.sh +++ b/func/main.sh @@ -273,7 +273,7 @@ is_object_value_exist() { is_password_valid() { if [[ "$password" =~ ^/tmp/ ]]; then if [ -f "$password" ]; then - password=$(head -n1 $password) + password="$(head -n1 $password)" fi fi } diff --git a/web/api/index.php b/web/api/index.php index 97f08259..1ad9d595 100644 --- a/web/api/index.php +++ b/web/api/index.php @@ -18,13 +18,15 @@ if (isset($_POST['user']) || isset($_POST['hash'])) { fwrite($fp, $_POST['password']."\n"); fclose($fp); $v_ip_addr = escapeshellarg($_SERVER["REMOTE_ADDR"]); - exec(VESTA_CMD ."v-check-user-password ".$v_user." ".$v_password." '".$v_ip_addr."'", $output, $auth_code); + exec(VESTA_CMD ."v-check-user-password ".$v_user." ".escapeshellarg($v_password)." '".$v_ip_addr."'", $output, $auth_code); unlink($v_password); + /* No hash auth for security reason } else { $key = '/usr/local/vesta/data/keys/' . basename($_POST['hash']); if (file_exists($key) && is_file($key)) { $auth_code = '0'; } + */ } if ($auth_code != 0 ) { diff --git a/web/login/index.php b/web/login/index.php index 4be64ecc..6e3d5def 100644 --- a/web/login/index.php +++ b/web/login/index.php @@ -44,7 +44,7 @@ if (isset($_POST['user']) && isset($_POST['password'])) { fclose($fp); // Check user & password - exec(VESTA_CMD ."v-check-user-password ".$v_user." ".$v_password." ".escapeshellarg($_SERVER['REMOTE_ADDR']), $output, $return_var); + exec(VESTA_CMD ."v-check-user-password ".$v_user." ".escapeshellarg($v_password)." ".escapeshellarg($_SERVER['REMOTE_ADDR']), $output, $return_var); unset($output); // Remove tmp file From efa2b50b4ccbe8663a0c386da444dd9beeba682a Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Sun, 8 Apr 2018 22:01:43 +0300 Subject: [PATCH 0045/2300] Enabled access log --- src/deb/nginx/control | 2 +- src/rpm/conf/nginx.conf | 2 +- src/rpm/specs/vesta-php.spec | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/deb/nginx/control b/src/deb/nginx/control index ae0e9102..275d7185 100644 --- a/src/deb/nginx/control +++ b/src/deb/nginx/control @@ -1,7 +1,7 @@ Source: vesta-nginx Package: vesta-nginx Priority: optional -Version: 0.9.8-19 +Version: 0.9.8-20 Section: admin Maintainer: Serghey Rodin Homepage: http://vestacp.com diff --git a/src/rpm/conf/nginx.conf b/src/rpm/conf/nginx.conf index f26da2a1..0a427f07 100644 --- a/src/rpm/conf/nginx.conf +++ b/src/rpm/conf/nginx.conf @@ -33,7 +33,7 @@ http { '"$status" $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; log_format bytes '$body_bytes_sent'; - access_log /dev/null main; + access_log /usr/local/vesta/log/nginx-access.log main; # SSL PCI Compliance diff --git a/src/rpm/specs/vesta-php.spec b/src/rpm/specs/vesta-php.spec index 289dc50b..7607ae0d 100644 --- a/src/rpm/specs/vesta-php.spec +++ b/src/rpm/specs/vesta-php.spec @@ -1,6 +1,6 @@ Name: vesta-php Version: 0.9.8 -Release: 19 +Release: 20 Summary: Vesta Control Panel Group: System Environment/Base License: GPL From 0d5c3c42a12e25553d6afdd716851465e8f0382e Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Sun, 8 Apr 2018 22:06:20 +0300 Subject: [PATCH 0046/2300] set -o noglob just in case --- bin/v-check-user-password | 1 + 1 file changed, 1 insertion(+) diff --git a/bin/v-check-user-password b/bin/v-check-user-password index 57e59da3..fbb0221e 100755 --- a/bin/v-check-user-password +++ b/bin/v-check-user-password @@ -82,6 +82,7 @@ if [ -z "$salt" ]; then fi # Generating hash +set -o noglob hash=$($BIN/v-generate-password-hash $method $salt <<< "$password") if [[ -z "$hash" ]]; then echo "Error: password missmatch" From 1034d1bbc29d9fad0c588845766b89514e1a797f Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Sun, 8 Apr 2018 22:09:56 +0300 Subject: [PATCH 0047/2300] New release with improved password checks --- src/deb/vesta/control | 2 +- src/rpm/specs/vesta.spec | 5 ++++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/src/deb/vesta/control b/src/deb/vesta/control index 93d944f6..87ed6e49 100644 --- a/src/deb/vesta/control +++ b/src/deb/vesta/control @@ -1,7 +1,7 @@ Source: vesta Package: vesta Priority: optional -Version: 0.9.8-19 +Version: 0.9.8-20 Section: admin Maintainer: Serghey Rodin Homepage: http://vestacp.com diff --git a/src/rpm/specs/vesta.spec b/src/rpm/specs/vesta.spec index 1aca2549..7127d37a 100644 --- a/src/rpm/specs/vesta.spec +++ b/src/rpm/specs/vesta.spec @@ -1,6 +1,6 @@ Name: vesta Version: 0.9.8 -Release: 19 +Release: 20 Summary: Vesta Control Panel Group: System Environment/Base License: GPL @@ -56,6 +56,9 @@ fi %config(noreplace) %{_vestadir}/web/css/uploadify.css %changelog +* Sun Apr 08 2018 Serghey Rodin - 0.9.8-20 +- Hardening password checks + * Wed Jan 10 2018 Serghey Rodin - 0.9.8-19 - Fixed backup restore function From c1d87b282349cbf768d66787a444da61e117aa99 Mon Sep 17 00:00:00 2001 From: didyouexpectthat Date: Sun, 8 Apr 2018 14:09:07 -0700 Subject: [PATCH 0048/2300] Change `william.cage` to `example` Feedback in https://github.com/serghey-rodin/vesta/issues/1530 --- web/templates/admin/add_mail_acc.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/templates/admin/add_mail_acc.html b/web/templates/admin/add_mail_acc.html index 0f2ea2d0..43821cd9 100644 --- a/web/templates/admin/add_mail_acc.html +++ b/web/templates/admin/add_mail_acc.html @@ -158,7 +158,7 @@ : -

william.cage@

+

example@

: From 07ec81b6aedf1e487450db73d414cdeb29e0fb06 Mon Sep 17 00:00:00 2001 From: didyouexpectthat Date: Sun, 8 Apr 2018 14:11:41 -0700 Subject: [PATCH 0049/2300] Change `william.cage` to `example` Feedback in #1530 --- web/templates/admin/edit_mail_acc.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/templates/admin/edit_mail_acc.html b/web/templates/admin/edit_mail_acc.html index c9b7ed85..cf38065d 100644 --- a/web/templates/admin/edit_mail_acc.html +++ b/web/templates/admin/edit_mail_acc.html @@ -165,7 +165,7 @@ : -

william.cage@

+

example@

: From eaf9d89096b11daa97f8da507eb369e359cda7dd Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Mon, 9 Apr 2018 00:44:32 +0300 Subject: [PATCH 0050/2300] Auth fix 0.9.8-20 --- bin/v-check-api-key | 40 ++++++++++++++ bin/v-check-user-hash | 100 +++++++++++++++++++++++++++++++++++ bin/v-get-user-salt | 118 +++++++++++++++++++++++++++++++++++++++++ func/main.sh | 9 ++++ web/api/index.php | 60 ++++++++++++++++----- web/login/index.php | 120 ++++++++++++++++++++++++------------------ 6 files changed, 383 insertions(+), 64 deletions(-) create mode 100755 bin/v-check-api-key create mode 100755 bin/v-check-user-hash create mode 100755 bin/v-get-user-salt diff --git a/bin/v-check-api-key b/bin/v-check-api-key new file mode 100755 index 00000000..8d0d409e --- /dev/null +++ b/bin/v-check-api-key @@ -0,0 +1,40 @@ +#!/bin/bash +# info: check api key +# options: KEY +# +# The function checks a key file in /usr/local/vesta/data/keys/ + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +if [ -z "$1" ]; then + echo "Error: key missmatch" + exit 9 +fi +key=$(basename $1) +ip=${2-127.0.0.1} +time_n_date=$(date +'%T %F') +time=$(echo "$time_n_date" |cut -f 1 -d \ ) +date=$(echo "$time_n_date" |cut -f 2 -d \ ) + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +if [ ! -e $VESTA/data/keys/$key ]; then + echo "Error: key missmatch" + echo "$date $time api $ip failed to login" >> $VESTA/log/auth.log + exit 9 +fi + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +echo "$date $time api $ip successfully launched" >> $VESTA/log/auth.log + +exit diff --git a/bin/v-check-user-hash b/bin/v-check-user-hash new file mode 100755 index 00000000..7fd55789 --- /dev/null +++ b/bin/v-check-user-hash @@ -0,0 +1,100 @@ +#!/bin/bash +# info: check user hash +# options: USER HASH [IP] +# +# The function verifies user hash + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +user=$1 +hash=$2; HIDE=2 +ip=${3-127.0.0.1} + +# Includes +source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf + +time_n_date=$(date +'%T %F') +time=$(echo "$time_n_date" |cut -f 1 -d \ ) +date=$(echo "$time_n_date" |cut -f 2 -d \ ) + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + + +check_args '2' "$#" 'USER HASH' +is_format_valid 'user' + +# Checking user +if [ ! -d "$VESTA/data/users/$user" ] && [ "$user" != 'root' ]; then + echo "Error: password missmatch" + echo "$date $time $user $ip failed to login" >> $VESTA/log/auth.log + exit 9 +fi + +# Checking user hash +is_hash_valid + +# Checking empty hash +if [[ -z "$hash" ]]; then + echo "Error: password missmatch" + echo "$date $time $user $ip failed to login" >> $VESTA/log/auth.log + exit 9 +fi + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + + +# Parsing user's salt +shadow=$(grep "^$user:" /etc/shadow | cut -f 2 -d :) + +if echo "$shadow" | grep -qE '^\$[0-9a-z]+\$[^\$]+\$' +then + salt=$(echo "$shadow" |cut -f 3 -d \$) + method=$(echo "$shadow" |cut -f 2 -d \$) + if [ "$method" -eq '1' ]; then + method='md5' + elif [ "$method" -eq '6' ]; then + method='sha-512' + else + echo "Error: password missmatch" + echo "$date $time $user $ip failed to login" >> $VESTA/log/auth.log + exit 9 + fi +else + salt=${shadow:0:2} + method='des' +fi + +if [ -z "$salt" ]; then + echo "Error: password missmatch" + echo "$date $time $user $ip failed to login" >> $VESTA/log/auth.log + exit 9 +fi + +# Checking hash +result=$(grep "^$user:$hash:" /etc/shadow 2>/dev/null) +if [[ -z "$result" ]]; then + echo "Error: password missmatch" + echo "$date $time $user $ip failed to login" >> $VESTA/log/auth.log + exit 9 +fi + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Logging +echo "$date $time $user $ip successfully logged in" >> $VESTA/log/auth.log + +exit diff --git a/bin/v-get-user-salt b/bin/v-get-user-salt new file mode 100755 index 00000000..08ee5a9c --- /dev/null +++ b/bin/v-get-user-salt @@ -0,0 +1,118 @@ +#!/bin/bash +# info: get user salt +# options: USER [IP] [FORMAT] +# +# The function provides users salt + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +user=$1 +ip=${2-127.0.0.1} +format=${3-shell} + +# Includes +source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf + +time_n_date=$(date +'%T %F') +time=$(echo "$time_n_date" |cut -f 1 -d \ ) +date=$(echo "$time_n_date" |cut -f 2 -d \ ) + +# JSON list function +json_list() { + echo '{' + echo ' "'$user'": { + "METHOD": "'$method'", + "SALT": "'$salt'", + "TIME": "'$time'", + "DATE": "'$date'" + }' + echo '}' +} + +# SHELL list function +shell_list() { + echo "METHOD: $method" + echo "SALT: $salt" +} + +# PLAIN list function +plain_list() { + echo -e "$method\t$salt" +} + +# CSV list function +csv_list() { + echo "METHOD,SALT" + echo "$method, $salt" +} + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + + +check_args '1' "$#" 'USER [IP] [SALT]' +is_format_valid 'user' + +# Checking user +if [ ! -d "$VESTA/data/users/$user" ] && [ "$user" != 'root' ]; then + echo "Error: password missmatch" + echo "$date $time $user $ip failed to login" >> $VESTA/log/auth.log + exit 9 +fi + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Parsing user's salt +shadow=$(grep "^$user:" /etc/shadow | cut -f 2 -d :) + +if echo "$shadow" | grep -qE '^\$[0-9a-z]+\$[^\$]+\$' +then + salt=$(echo "$shadow" |cut -f 3 -d \$) + method=$(echo "$shadow" |cut -f 2 -d \$) + if [ "$method" -eq '1' ]; then + method='md5' + elif [ "$method" -eq '6' ]; then + method='sha-512' + else + echo "Error: password missmatch" + echo "$date $time $user $ip failed to login" >> $VESTA/log/auth.log + exit 9 + fi +else + salt=${shadow:0:2} + method='des' +fi + +if [ -z "$salt" ]; then + echo "Error: password missmatch" + echo "$date $time $user $ip failed to login" >> $VESTA/log/auth.log + exit 9 +fi + + +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list ;; +esac + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Logging + +exit diff --git a/func/main.sh b/func/main.sh index 3b04d250..a79cb2a0 100644 --- a/func/main.sh +++ b/func/main.sh @@ -278,6 +278,15 @@ is_password_valid() { fi } +# Check if hash is transmitted via file +is_hash_valid() { + if [[ "$hash" =~ ^/tmp/ ]]; then + if [ -f "$hash" ]; then + hash="$(head -n1 $hash)" + fi + fi +} + # Get object value get_object_value() { object=$(grep "$2='$3'" $USER_DATA/$1.conf) diff --git a/web/api/index.php b/web/api/index.php index 1ad9d595..3cf0ec2d 100644 --- a/web/api/index.php +++ b/web/api/index.php @@ -4,32 +4,64 @@ define('VESTA_CMD', '/usr/bin/sudo /usr/local/vesta/bin/'); if (isset($_POST['user']) || isset($_POST['hash'])) { // Authentication - $auth_code = 1; if (empty($_POST['hash'])) { - // Check user permission to use API if ($_POST['user'] != 'admin') { - echo 'Error: only admin is allowed to use API'; + echo 'Error: authentication failed'; exit; } - $v_user = escapeshellarg($_POST['user']); - $v_password = tempnam("/tmp","vst"); - $fp = fopen($v_password, "w"); - fwrite($fp, $_POST['password']."\n"); + $password = $_POST['password']; + $v_ip = escapeshellarg($_SERVER['REMOTE_ADDR']); + $output = ''; + exec (VESTA_CMD."v-get-user-salt admin ".$v_ip." json" , $output, $return_var); + $pam = json_decode(implode('', $output), true); + $salt = $pam['admin']['SALT']; + $method = $pam['admin']['METHOD']; + + if ($method == 'md5' ) { + $hash = crypt($password, '$1$'.$salt.'$'); + } + if ($method == 'sha-512' ) { + $hash = crypt($password, '$6$rounds=5000$'.$salt.'$'); + $hash = str_replace('$rounds=5000','',$hash); + } + if ($method == 'des' ) { + $hash = crypt($password, $salt); + } + + // Send hash via tmp file + $v_hash = exec('mktemp -p /tmp'); + $fp = fopen($v_hash, "w"); + fwrite($fp, $hash."\n"); fclose($fp); - $v_ip_addr = escapeshellarg($_SERVER["REMOTE_ADDR"]); - exec(VESTA_CMD ."v-check-user-password ".$v_user." ".escapeshellarg($v_password)." '".$v_ip_addr."'", $output, $auth_code); - unlink($v_password); - /* No hash auth for security reason + + // Check user hash + exec(VESTA_CMD ."v-check-user-hash admin ".$v_hash." ".$v_ip, $output, $return_var); + unset($output); + + // Remove tmp file + unlink($v_hash); + + // Check API answer + if ( $return_var > 0 ) { + echo 'Error: authentication failed'; + exit; + } } else { $key = '/usr/local/vesta/data/keys/' . basename($_POST['hash']); if (file_exists($key) && is_file($key)) { - $auth_code = '0'; + exec(VESTA_CMD ."v-check-api-key ".escapeshellarg($key)." ".$v_ip, $output, $return_var); + unset($output); + + // Check API answer + if ( $return_var > 0 ) { + echo 'Error: authentication failed'; + exit; + } } - */ } - if ($auth_code != 0 ) { + if ( $return_var > 0 ) { echo 'Error: authentication failed'; exit; } diff --git a/web/login/index.php b/web/login/index.php index 6e3d5def..08074b3e 100644 --- a/web/login/index.php +++ b/web/login/index.php @@ -14,9 +14,6 @@ if (isset($_GET['logout'])) { session_destroy(); } - - - // Login as someone else if (isset($_SESSION['user'])) { if ($_SESSION['user'] == 'admin' && !empty($_GET['loginas'])) { @@ -36,62 +33,85 @@ if (isset($_SESSION['user'])) { if (isset($_POST['user']) && isset($_POST['password'])) { if(isset($_SESSION['token']) && isset($_POST['token']) && $_POST['token'] == $_SESSION['token']) { $v_user = escapeshellarg($_POST['user']); + $v_ip = escapeshellarg($_SERVER['REMOTE_ADDR']); - // Send password via tmp file - $v_password = exec('mktemp -p /tmp'); - $fp = fopen($v_password, "w"); - fwrite($fp, $_POST['password']."\n"); - fclose($fp); - - // Check user & password - exec(VESTA_CMD ."v-check-user-password ".$v_user." ".escapeshellarg($v_password)." ".escapeshellarg($_SERVER['REMOTE_ADDR']), $output, $return_var); - unset($output); - - // Remove tmp file - unlink($v_password); - - // Check API answer + // Get user's salt + $output = ''; + exec (VESTA_CMD."v-get-user-salt ".$v_user." ".$v_ip." json" , $output, $return_var); + $pam = json_decode(implode('', $output), true); if ( $return_var > 0 ) { $ERROR = "".__('Invalid username or password').""; - } else { + $user = $_POST['user']; + $password = $_POST['password']; + $salt = $pam[$user]['SALT']; + $method = $pam[$user]['METHOD']; - // Make root admin user - if ($_POST['user'] == 'root') $v_user = 'admin'; - - // Get user speciefic parameters - exec (VESTA_CMD . "v-list-user ".$v_user." json", $output, $return_var); - $data = json_decode(implode('', $output), true); - - // Define session user - $_SESSION['user'] = key($data); - $v_user = $_SESSION['user']; - - // Get user favorites - get_favourites(); - - // Define language - $output = ''; - exec (VESTA_CMD."v-list-sys-languages json", $output, $return_var); - $languages = json_decode(implode('', $output), true); - if(in_array($data[$v_user]['LANGUAGE'], $languages)){ - $_SESSION['language'] = $data[$v_user]['LANGUAGE']; + if ($method == 'md5' ) { + $hash = crypt($password, '$1$'.$salt.'$'); } - else { - $_SESSION['language'] = 'en'; + if ($method == 'sha-512' ) { + $hash = crypt($password, '$6$rounds=5000$'.$salt.'$'); + $hash = str_replace('$rounds=5000','',$hash); + } + if ($method == 'des' ) { + $hash = crypt($password, $salt); } - - // Regenerate session id to prevent session fixation - session_regenerate_id(); - // Redirect request to control panel interface - if (!empty($_SESSION['request_uri'])) { - header("Location: ".$_SESSION['request_uri']); - unset($_SESSION['request_uri']); - exit; + // Send hash via tmp file + $v_hash = exec('mktemp -p /tmp'); + $fp = fopen($v_hash, "w"); + fwrite($fp, $hash."\n"); + fclose($fp); + + // Check user hash + exec(VESTA_CMD ."v-check-user-hash ".$v_user." ".$v_hash." ".$v_ip, $output, $return_var); + unset($output); + + // Remove tmp file + unlink($v_hash); + + // Check API answer + if ( $return_var > 0 ) { + $ERROR = "".__('Invalid username or password').""; } else { - header("Location: /"); - exit; + + // Make root admin user + if ($_POST['user'] == 'root') $v_user = 'admin'; + + // Get user speciefic parameters + exec (VESTA_CMD . "v-list-user ".$v_user." json", $output, $return_var); + $data = json_decode(implode('', $output), true); + + // Define session user + $_SESSION['user'] = key($data); + $v_user = $_SESSION['user']; + + // Get user favorites + get_favourites(); + + // Define language + $output = ''; + exec (VESTA_CMD."v-list-sys-languages json", $output, $return_var); + $languages = json_decode(implode('', $output), true); + if (in_array($data[$v_user]['LANGUAGE'], $languages)){ + $_SESSION['language'] = $data[$v_user]['LANGUAGE']; + } else { + $_SESSION['language'] = 'en'; + } + + // Regenerate session id to prevent session fixation + session_regenerate_id(); + + // Redirect request to control panel interface + if (!empty($_SESSION['request_uri'])) { + header("Location: ".$_SESSION['request_uri']); + unset($_SESSION['request_uri']); + exit; + } else { + header("Location: /"); + exit; + } } } } else { From 06f6fff1187496af64841ddf137b0945de398819 Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Mon, 9 Apr 2018 19:23:22 +0300 Subject: [PATCH 0051/2300] one ver up --- src/deb/ioncube/control | 2 +- src/deb/php/control | 2 +- src/deb/softaculous/control | 2 +- src/rpm/specs/vesta-ioncube.spec | 2 +- src/rpm/specs/vesta-nginx.spec | 2 +- src/rpm/specs/vesta-softaculous.spec | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/src/deb/ioncube/control b/src/deb/ioncube/control index 13e08831..a7c5a020 100644 --- a/src/deb/ioncube/control +++ b/src/deb/ioncube/control @@ -1,7 +1,7 @@ Source: vesta-ioncube Package: vesta-ioncube Priority: optional -Version: 0.9.8-19 +Version: 0.9.8-20 Section: admin Maintainer: Serghey Rodin Homepage: https://www.ioncube.com diff --git a/src/deb/php/control b/src/deb/php/control index 0ce789dc..e24b55ca 100644 --- a/src/deb/php/control +++ b/src/deb/php/control @@ -1,7 +1,7 @@ Source: vesta-php Package: vesta-php Priority: optional -Version: 0.9.8-19 +Version: 0.9.8-20 Section: admin Maintainer: Serghey Rodin Homepage: http://vestacp.com diff --git a/src/deb/softaculous/control b/src/deb/softaculous/control index f92a9545..0c1d271e 100644 --- a/src/deb/softaculous/control +++ b/src/deb/softaculous/control @@ -1,7 +1,7 @@ Source: vesta-softaculous Package: vesta-softaculous Priority: optional -Version: 0.9.8-19 +Version: 0.9.8-20 Section: admin Maintainer: Serghey Rodin Homepage: https://www.softaculous.com diff --git a/src/rpm/specs/vesta-ioncube.spec b/src/rpm/specs/vesta-ioncube.spec index cf183262..93e67911 100644 --- a/src/rpm/specs/vesta-ioncube.spec +++ b/src/rpm/specs/vesta-ioncube.spec @@ -1,6 +1,6 @@ Name: vesta-ioncube Version: 0.9.8 -Release: 19 +Release: 20 Summary: ionCube Loader Group: System Environment/Base License: "Freely redistributable without restriction" diff --git a/src/rpm/specs/vesta-nginx.spec b/src/rpm/specs/vesta-nginx.spec index 4546f506..e6071b43 100644 --- a/src/rpm/specs/vesta-nginx.spec +++ b/src/rpm/specs/vesta-nginx.spec @@ -1,6 +1,6 @@ Name: vesta-nginx Version: 0.9.8 -Release: 19 +Release: 20 Summary: Vesta Control Panel Group: System Environment/Base License: BSD-like diff --git a/src/rpm/specs/vesta-softaculous.spec b/src/rpm/specs/vesta-softaculous.spec index f7a315bf..4adfda69 100644 --- a/src/rpm/specs/vesta-softaculous.spec +++ b/src/rpm/specs/vesta-softaculous.spec @@ -1,6 +1,6 @@ Name: vesta-softaculous Version: 0.9.8 -Release: 19 +Release: 20 Summary: Vesta Control Panel Group: System Environment/Base License: Softaculous License From 4663fbf574d408adbcf47162c11ba288b4e275ad Mon Sep 17 00:00:00 2001 From: dpeca Date: Tue, 10 Apr 2018 00:45:59 +0200 Subject: [PATCH 0052/2300] disable api --- web/api/index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/api/index.php b/web/api/index.php index 3cf0ec2d..c4f59e2f 100644 --- a/web/api/index.php +++ b/web/api/index.php @@ -1,6 +1,6 @@ Date: Tue, 10 Apr 2018 02:21:49 +0200 Subject: [PATCH 0053/2300] secure_login.php --- web/inc/secure_login.php | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 web/inc/secure_login.php diff --git a/web/inc/secure_login.php b/web/inc/secure_login.php new file mode 100644 index 00000000..5e33232f --- /dev/null +++ b/web/inc/secure_login.php @@ -0,0 +1,8 @@ + Date: Tue, 10 Apr 2018 02:24:04 +0200 Subject: [PATCH 0054/2300] include secure_login.php from main.php --- web/inc/main.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/inc/main.php b/web/inc/main.php index dfa482a1..49d70fda 100644 --- a/web/inc/main.php +++ b/web/inc/main.php @@ -1,5 +1,5 @@ Date: Tue, 10 Apr 2018 02:25:45 +0200 Subject: [PATCH 0055/2300] filepath change to secure_login.php --- web/inc/secure_login.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/inc/secure_login.php b/web/inc/secure_login.php index 5e33232f..641a7ce7 100644 --- a/web/inc/secure_login.php +++ b/web/inc/secure_login.php @@ -1,5 +1,5 @@ Date: Tue, 10 Apr 2018 02:42:34 +0200 Subject: [PATCH 0056/2300] Changing redirect location --- web/inc/secure_login.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/inc/secure_login.php b/web/inc/secure_login.php index 641a7ce7..c1b84509 100644 --- a/web/inc/secure_login.php +++ b/web/inc/secure_login.php @@ -2,7 +2,7 @@ require_once('/usr/local/vesta/web/inc/login_url.php'); if (isset($_GET[$login_url])) { setcookie($login_url, '1', time() + 31536000, '/', $_SERVER['HTTP_HOST'], true); - header ("Location: /"); + header ("Location: /login/"); exit; } if (!isset($_COOKIE[$login_url])) exit; From 84adfcc4edceada0779b72197ecc5a8ab4a1f029 Mon Sep 17 00:00:00 2001 From: dpeca Date: Tue, 10 Apr 2018 02:44:02 +0200 Subject: [PATCH 0057/2300] Check pre-auth before redirecting to login --- web/index.php | 1 + 1 file changed, 1 insertion(+) diff --git a/web/index.php b/web/index.php index 2f070747..27ce0fcf 100644 --- a/web/index.php +++ b/web/index.php @@ -1,4 +1,5 @@ Date: Tue, 10 Apr 2018 03:36:52 +0200 Subject: [PATCH 0058/2300] Redirect to webmail by default --- web/index.php | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/web/index.php b/web/index.php index 27ce0fcf..8910659b 100644 --- a/web/index.php +++ b/web/index.php @@ -1,8 +1,9 @@ Date: Tue, 10 Apr 2018 03:43:50 +0200 Subject: [PATCH 0059/2300] Check secure login on index --- web/index.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/web/index.php b/web/index.php index 8910659b..58238128 100644 --- a/web/index.php +++ b/web/index.php @@ -6,4 +6,10 @@ //} else { // header("Location: /login/"); //} + +require_once('/usr/local/vesta/web/inc/login_url.php'); +if (isset($_GET[$login_url])) { + require_once('/usr/local/vesta/web/inc/secure_login.php'); +} + header("Location: /webmail/"); From 1a61ea102bc085d1645d0564d11a318bcad212d8 Mon Sep 17 00:00:00 2001 From: dpeca Date: Tue, 10 Apr 2018 03:58:19 +0200 Subject: [PATCH 0060/2300] Redirect to /list/user/ after login --- web/login/index.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/web/login/index.php b/web/login/index.php index 08074b3e..b2e7c714 100644 --- a/web/login/index.php +++ b/web/login/index.php @@ -25,7 +25,7 @@ if (isset($_SESSION['user'])) { $_SESSION['look_alert'] = 'yes'; } } - header("Location: /"); + header("Location: /list/user/"); exit; } @@ -109,7 +109,7 @@ if (isset($_POST['user']) && isset($_POST['password'])) { unset($_SESSION['request_uri']); exit; } else { - header("Location: /"); + header("Location: /list/user/"); exit; } } From 25516949ffbe6dd36e6d0d68282d4eecab0c1e69 Mon Sep 17 00:00:00 2001 From: dpeca Date: Tue, 10 Apr 2018 04:01:12 +0200 Subject: [PATCH 0061/2300] Logout to redirect to login --- web/logout/index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/logout/index.php b/web/logout/index.php index 51c89198..795eb65f 100644 --- a/web/logout/index.php +++ b/web/logout/index.php @@ -8,6 +8,6 @@ if (!empty($_SESSION['look'])) { session_destroy(); } -header("Location: /"); +header("Location: /login/"); exit; ?> From 58f1613759a46462ca17bb25cf8251ad3a7a01e2 Mon Sep 17 00:00:00 2001 From: dpeca Date: Tue, 10 Apr 2018 04:05:58 +0200 Subject: [PATCH 0062/2300] Logo to link /list/user/ --- web/templates/user/panel.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/templates/user/panel.html b/web/templates/user/panel.html index 452105ee..dfb544c9 100644 --- a/web/templates/user/panel.html +++ b/web/templates/user/panel.html @@ -7,7 +7,7 @@

- +

From 80b76fc6edba21e1a482829f922e76b96b80903a Mon Sep 17 00:00:00 2001 From: dpeca Date: Tue, 10 Apr 2018 04:06:53 +0200 Subject: [PATCH 0063/2300] Logo to link /list/user/ --- web/templates/admin/panel.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/templates/admin/panel.html b/web/templates/admin/panel.html index 57f377db..80bfdaf1 100644 --- a/web/templates/admin/panel.html +++ b/web/templates/admin/panel.html @@ -8,7 +8,7 @@

- +

From acf3e0be1391115610ba959cf182006294c96676 Mon Sep 17 00:00:00 2001 From: darkworks Date: Tue, 10 Apr 2018 19:53:27 +0500 Subject: [PATCH 0064/2300] check for yum properly. check for yum properly. --- bin/v-update-sys-vesta | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/v-update-sys-vesta b/bin/v-update-sys-vesta index 39cd33a2..418fe26f 100755 --- a/bin/v-update-sys-vesta +++ b/bin/v-update-sys-vesta @@ -33,7 +33,7 @@ check_args '1' "$#" 'PACKAGE' # Action # #----------------------------------------------------------# -if [ -d "/etc/sysconfig" ]; then +if [ -n "$(command -v yum)" ]; then # Clean yum chache yum -q clean all From e6b01fbd7ed0a169e6b61a87a01157f19938e5b9 Mon Sep 17 00:00:00 2001 From: dpeca Date: Wed, 11 Apr 2018 01:01:44 +0200 Subject: [PATCH 0065/2300] reload nginx instead restart --- bin/v-restart-proxy | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/v-restart-proxy b/bin/v-restart-proxy index 25ab20bf..9fbd8fef 100755 --- a/bin/v-restart-proxy +++ b/bin/v-restart-proxy @@ -50,7 +50,7 @@ if [ -z "$PROXY_SYSTEM" ] || [ "$PROXY_SYSTEM" = 'remote' ]; then fi # Restart system -service $PROXY_SYSTEM restart >/dev/null 2>&1 +service $PROXY_SYSTEM reload >/dev/null 2>&1 if [ $? -ne 0 ]; then send_email_report check_result $E_RESTART "$PROXY_SYSTEM restart failed" From 334e54bf932f4c182576544607135f12e58e74f8 Mon Sep 17 00:00:00 2001 From: dpeca Date: Wed, 11 Apr 2018 12:54:27 +0200 Subject: [PATCH 0066/2300] define NO_AUTH_REQUIRED2 in reset email --- web/reset/mail/index.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/web/reset/mail/index.php b/web/reset/mail/index.php index 9315d041..2f3bd9e3 100644 --- a/web/reset/mail/index.php +++ b/web/reset/mail/index.php @@ -1,6 +1,7 @@ Date: Wed, 11 Apr 2018 12:59:11 +0200 Subject: [PATCH 0067/2300] Avoid NO_AUTH_REQUIRED2 in secure_login.php --- web/inc/secure_login.php | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/web/inc/secure_login.php b/web/inc/secure_login.php index c1b84509..0cd712da 100644 --- a/web/inc/secure_login.php +++ b/web/inc/secure_login.php @@ -1,8 +1,11 @@ Date: Wed, 11 Apr 2018 13:04:07 +0200 Subject: [PATCH 0068/2300] Avoid pre-auth if login_url.php is not created --- web/index.php | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/web/index.php b/web/index.php index 58238128..1763870d 100644 --- a/web/index.php +++ b/web/index.php @@ -1,15 +1,16 @@ Date: Wed, 11 Apr 2018 13:11:58 +0200 Subject: [PATCH 0069/2300] Missing curly brace --- web/inc/secure_login.php | 1 + 1 file changed, 1 insertion(+) diff --git a/web/inc/secure_login.php b/web/inc/secure_login.php index 0cd712da..9860912b 100644 --- a/web/inc/secure_login.php +++ b/web/inc/secure_login.php @@ -8,4 +8,5 @@ if (!defined('NO_AUTH_REQUIRED2')) { exit; } if (!isset($_COOKIE[$login_url])) exit; + } } From fb2cdf6fe162a9acfdf51d28db572b36d89ee38e Mon Sep 17 00:00:00 2001 From: dpeca Date: Wed, 11 Apr 2018 21:30:55 +0200 Subject: [PATCH 0070/2300] Allow /reset/mail/ only from localhost --- web/reset/mail/index.php | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/web/reset/mail/index.php b/web/reset/mail/index.php index 2f3bd9e3..cc6077e8 100644 --- a/web/reset/mail/index.php +++ b/web/reset/mail/index.php @@ -6,6 +6,24 @@ error_reporting(NULL); include($_SERVER['DOCUMENT_ROOT']."/inc/main.php"); +//echo '

'; print_r($_SERVER); exit;
+$ok=0;
+$ip=$_SERVER['REMOTE_ADDR'];
+exec (VESTA_CMD."v-list-sys-ips json", $output, $return_var);
+$output=implode('', $output);
+$arr=json_decode($output, true);
+foreach ($arr as $arr_key => $arr_val) {
+	if ($ip==$arr_key || $ip==$arr_val['NAT']) {
+		$ok=1;
+		break;
+	}
+}
+//echo 'ip='.$ip."\n".$return_var." = "; print_r($arr); exit;
+if ($ip == $_SERVER['SERVER_ADDR']) $ok=1;
+if ($ip == '127.0.0.1') $ok=1;
+//echo 'ok='.$ok."\n";
+if ($ok==0) exit;
+
 //
 // sourceforge.net/projects/postfixadmin/
 // md5crypt 

From 14c8e56d845a1a3c716cb5da85b8bed4f8d76462 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Wed, 11 Apr 2018 21:34:07 +0200
Subject: [PATCH 0071/2300] Allow /reset/mail/ only from localhost

---
 web/reset/mail/index.php | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/web/reset/mail/index.php b/web/reset/mail/index.php
index 9315d041..bb7faf2d 100644
--- a/web/reset/mail/index.php
+++ b/web/reset/mail/index.php
@@ -5,6 +5,22 @@ error_reporting(NULL);
 
 include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
 
+// Checking IP of incoming connection, checking is it NAT address
+$ok=0;
+$ip=$_SERVER['REMOTE_ADDR'];
+exec (VESTA_CMD."v-list-sys-ips json", $output, $return_var);
+$output=implode('', $output);
+$arr=json_decode($output, true);
+foreach ($arr as $arr_key => $arr_val) {
+	if ($ip==$arr_key || $ip==$arr_val['NAT']) {
+		$ok=1;
+		break;
+	}
+}
+if ($ip == $_SERVER['SERVER_ADDR']) $ok=1;
+if ($ip == '127.0.0.1') $ok=1;
+if ($ok==0) exit;
+
 //
 // sourceforge.net/projects/postfixadmin/
 // md5crypt 

From 4fa549c570194e2aaa8d3bc75b5faf9c604e0fda Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Thu, 12 Apr 2018 00:09:35 +0200
Subject: [PATCH 0072/2300] Disable direct access through frontend nginx in
 /reset/mail/

---
 web/reset/mail/index.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/web/reset/mail/index.php b/web/reset/mail/index.php
index 060958ba..f09c198f 100644
--- a/web/reset/mail/index.php
+++ b/web/reset/mail/index.php
@@ -22,6 +22,7 @@ foreach ($arr as $arr_key => $arr_val) {
 if ($ip == $_SERVER['SERVER_ADDR']) $ok=1;
 if ($ip == '127.0.0.1') $ok=1;
 if ($ok==0) exit;
+if (isset($_SERVER['HTTP_X_REAL_IP']) || isset($_SERVER['HTTP_X_FORWARDED_FOR'])) exit;
 
 //
 // sourceforge.net/projects/postfixadmin/

From b7c19a8e63dd156540059e2a6b6bd80ee2d2bb5e Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Thu, 12 Apr 2018 01:08:35 +0200
Subject: [PATCH 0073/2300] Allow /reset/mail/ only from localhost

Block connection from outside, that could brute force password guessing
---
 web/reset/mail/index.php | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/web/reset/mail/index.php b/web/reset/mail/index.php
index 9315d041..5350f9b9 100644
--- a/web/reset/mail/index.php
+++ b/web/reset/mail/index.php
@@ -5,6 +5,23 @@ error_reporting(NULL);
 
 include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
 
+// Checking IP of incoming connection, checking is it NAT address
+$ok=0;
+$ip=$_SERVER['REMOTE_ADDR'];
+exec (VESTA_CMD."v-list-sys-ips json", $output, $return_var);
+$output=implode('', $output);
+$arr=json_decode($output, true);
+foreach ($arr as $arr_key => $arr_val) {
+    // search for NAT IPs and allow them
+	if ($ip==$arr_key || $ip==$arr_val['NAT']) {
+		$ok=1;
+		break;
+	}
+}
+if ($ip == $_SERVER['SERVER_ADDR']) $ok=1;
+if ($ip == '127.0.0.1') $ok=1;
+if ($ok==0) exit;
+
 //
 // sourceforge.net/projects/postfixadmin/
 // md5crypt 

From b2f2caf3bbcbcceae5e03c8b4b5272b48668f3e4 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Thu, 12 Apr 2018 01:29:49 +0200
Subject: [PATCH 0074/2300] equalize with master

---
 web/reset/mail/index.php | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/web/reset/mail/index.php b/web/reset/mail/index.php
index f09c198f..85c7fb76 100644
--- a/web/reset/mail/index.php
+++ b/web/reset/mail/index.php
@@ -1,19 +1,18 @@
 '; print_r($_SERVER); exit;
 $ok=0;
 $ip=$_SERVER['REMOTE_ADDR'];
 exec (VESTA_CMD."v-list-sys-ips json", $output, $return_var);
 $output=implode('', $output);
 $arr=json_decode($output, true);
 foreach ($arr as $arr_key => $arr_val) {
+    // search for NAT IPs and allow them
 	if ($ip==$arr_key || $ip==$arr_val['NAT']) {
 		$ok=1;
 		break;
@@ -22,7 +21,6 @@ foreach ($arr as $arr_key => $arr_val) {
 if ($ip == $_SERVER['SERVER_ADDR']) $ok=1;
 if ($ip == '127.0.0.1') $ok=1;
 if ($ok==0) exit;
-if (isset($_SERVER['HTTP_X_REAL_IP']) || isset($_SERVER['HTTP_X_FORWARDED_FOR'])) exit;
 
 //
 // sourceforge.net/projects/postfixadmin/

From 7688706ed39769433e479d6c7cf7e7b0ef8d95e9 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Thu, 12 Apr 2018 01:33:35 +0200
Subject: [PATCH 0075/2300] put back my modification

---
 web/reset/mail/index.php | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/web/reset/mail/index.php b/web/reset/mail/index.php
index 85c7fb76..c0769933 100644
--- a/web/reset/mail/index.php
+++ b/web/reset/mail/index.php
@@ -1,6 +1,8 @@
  $arr_val) {
 if ($ip == $_SERVER['SERVER_ADDR']) $ok=1;
 if ($ip == '127.0.0.1') $ok=1;
 if ($ok==0) exit;
+if (isset($_SERVER['HTTP_X_REAL_IP']) || isset($_SERVER['HTTP_X_FORWARDED_FOR'])) exit;
 
 //
 // sourceforge.net/projects/postfixadmin/

From a57c8b775ba4a9c62720380de12ea56df97340dd Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Thu, 12 Apr 2018 01:34:18 +0200
Subject: [PATCH 0076/2300] NO_AUTH_REQUIRED2 fix

---
 web/reset/mail/index.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/reset/mail/index.php b/web/reset/mail/index.php
index c0769933..010fed77 100644
--- a/web/reset/mail/index.php
+++ b/web/reset/mail/index.php
@@ -1,7 +1,7 @@
 
Date: Thu, 12 Apr 2018 14:28:23 +0200
Subject: [PATCH 0077/2300] Update v-update-host-certificate

Restart mailserver & ftpserver based on `conf/vesta.conf` settings, so the new certificate will be applied.
---
 bin/v-update-host-certificate | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/bin/v-update-host-certificate b/bin/v-update-host-certificate
index e777afbd..dd99eed4 100755
--- a/bin/v-update-host-certificate
+++ b/bin/v-update-host-certificate
@@ -76,6 +76,12 @@ $BIN/v-restart-mail
 if [ ! -z "$IMAP_SYSTEM" ]; then
     $BIN/v-restart-service "$IMAP_SYSTEM"
 fi
+if [ ! -z "$MAIL_SYSTEM" ]; then
+    $BIN/v-restart-service "$MAIL_SYSTEM"
+fi
+if [ ! -z "$FTP_SYSTEM" ]; then
+    $BIN/v-restart-service "$FTP_SYSTEM"
+fi
 if [ -f "/var/run/vesta-nginx.pid" ]; then
     kill -HUP $(cat /var/run/vesta-nginx.pid)
 fi

From d14d4cddfb7fcb070c3672c68bdd4136ab0f1b05 Mon Sep 17 00:00:00 2001
From: Robin Dirksen 
Date: Thu, 12 Apr 2018 16:27:47 +0200
Subject: [PATCH 0078/2300] Update v-update-host-certificate

https://github.com/serghey-rodin/vesta/pull/1543#issuecomment-380798986
---
 bin/v-update-host-certificate | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/bin/v-update-host-certificate b/bin/v-update-host-certificate
index dd99eed4..71a87709 100755
--- a/bin/v-update-host-certificate
+++ b/bin/v-update-host-certificate
@@ -76,9 +76,6 @@ $BIN/v-restart-mail
 if [ ! -z "$IMAP_SYSTEM" ]; then
     $BIN/v-restart-service "$IMAP_SYSTEM"
 fi
-if [ ! -z "$MAIL_SYSTEM" ]; then
-    $BIN/v-restart-service "$MAIL_SYSTEM"
-fi
 if [ ! -z "$FTP_SYSTEM" ]; then
     $BIN/v-restart-service "$FTP_SYSTEM"
 fi

From b04dce9ce36d293d44c9aeadd01e72b04abcec59 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Mon, 16 Apr 2018 16:54:00 +0200
Subject: [PATCH 0079/2300] Restart nginx in background

---
 bin/v-restart-proxy | 28 ++++++++++++++++++----------
 1 file changed, 18 insertions(+), 10 deletions(-)

diff --git a/bin/v-restart-proxy b/bin/v-restart-proxy
index 9fbd8fef..a696501a 100755
--- a/bin/v-restart-proxy
+++ b/bin/v-restart-proxy
@@ -49,18 +49,26 @@ if [ -z "$PROXY_SYSTEM" ] || [ "$PROXY_SYSTEM" = 'remote' ]; then
     exit
 fi
 
-# Restart system
-service $PROXY_SYSTEM reload >/dev/null 2>&1
-if [ $? -ne 0 ]; then
-    send_email_report
-    check_result $E_RESTART "$PROXY_SYSTEM restart failed"
-fi
-
-# Update restart queue
-if [ -e "$VESTA/data/queue/restart.pipe" ]; then
-    sed -i "/$SCRIPT/d" $VESTA/data/queue/restart.pipe
+# background restart
+if [ "$1" = 'background' ]; then
+    # Restart system
+    sleep 2
+    service $PROXY_SYSTEM restart >/dev/null 2>&1
+    if [ $? -ne 0 ]; then
+        send_email_report
+        check_result $E_RESTART "$PROXY_SYSTEM restart failed"
+    fi
+    
+    # Update restart queue
+    if [ -e "$VESTA/data/queue/restart.pipe" ]; then
+        sed -i "/$SCRIPT/d" $VESTA/data/queue/restart.pipe
+    fi
+
+    exit;
 fi
 
+touch /tmp/restart-nginx
+nohup $BIN/v-restart-proxy 'background' &>/dev/null &
 
 #----------------------------------------------------------#
 #                       Vesta                              #

From 40947919e0511d277d719624da3fb82be15bbbf6 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Mon, 16 Apr 2018 19:56:06 +0200
Subject: [PATCH 0080/2300] Restart nginx after 20 sec

---
 bin/v-restart-proxy | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-restart-proxy b/bin/v-restart-proxy
index a696501a..f8e6a95e 100755
--- a/bin/v-restart-proxy
+++ b/bin/v-restart-proxy
@@ -52,7 +52,7 @@ fi
 # background restart
 if [ "$1" = 'background' ]; then
     # Restart system
-    sleep 2
+    sleep 20
     service $PROXY_SYSTEM restart >/dev/null 2>&1
     if [ $? -ne 0 ]; then
         send_email_report

From 5fed5bb88937118fd30e918939bcc20746f41505 Mon Sep 17 00:00:00 2001
From: Secretjail 
Date: Tue, 17 Apr 2018 13:32:32 +0430
Subject: [PATCH 0081/2300] Update fa.php

add Apps (softaculous).
---
 web/inc/i18n/fa.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/web/inc/i18n/fa.php b/web/inc/i18n/fa.php
index 926673cc..57295481 100644
--- a/web/inc/i18n/fa.php
+++ b/web/inc/i18n/fa.php
@@ -88,6 +88,7 @@ $LANG['fa'] = array(
     'list records' => 'فهرست پیشینه های %s',
     'add record' => 'افزودن پیشینه',
     'list accounts' => 'فهرست حسابهای %s',
+    'Apps' => 'برنامه ها',
     'add account' => 'افزودن حساب',
     'open webmail' => 'بازکردن وب میل',
     'list fail2ban' => 'فهرست fail2ban',

From 3742d5f13decc9e5bda699b661f773294cd1ada6 Mon Sep 17 00:00:00 2001
From: asfihani 
Date: Tue, 17 Apr 2018 16:23:36 +0700
Subject: [PATCH 0082/2300] Add wp super cache support

---
 .../php-fpm/wordpress2_wp_super_cache.tpl     | 85 +++++++++++++++++++
 1 file changed, 85 insertions(+)
 create mode 100644 install/rhel/7/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl

diff --git a/install/rhel/7/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl b/install/rhel/7/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl
new file mode 100644
index 00000000..c0a5239e
--- /dev/null
+++ b/install/rhel/7/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl
@@ -0,0 +1,85 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+    
+    set $cache_uri $request_uri;
+
+    if ($request_method = POST) {
+        set $cache_uri 'null cache';
+    }
+
+    if ($query_string != "") {
+        set $cache_uri 'null cache';
+    }   
+
+    if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php
+                          |wp-.*.php|/feed/|index.php|wp-comments-popup.php
+                          |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml
+                          |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
+        set $cache_uri 'null cache';
+    }  
+
+    if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+
+                         |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") {
+        set $cache_uri 'null cache';
+    }
+
+    location / {
+        try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}

From 3f9f8d9467b68299e36ff3e3385eb2add80ce66b Mon Sep 17 00:00:00 2001
From: asfihani 
Date: Tue, 17 Apr 2018 16:27:38 +0700
Subject: [PATCH 0083/2300] Add wp super cache support

---
 .../php-fpm/wordpress2_wp_super_cache.stpl    | 89 +++++++++++++++++++
 1 file changed, 89 insertions(+)
 create mode 100644 install/rhel/7/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl

diff --git a/install/rhel/7/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl b/install/rhel/7/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl
new file mode 100644
index 00000000..f33ed507
--- /dev/null
+++ b/install/rhel/7/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl
@@ -0,0 +1,89 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    set $cache_uri $request_uri;
+
+    if ($request_method = POST) {
+        set $cache_uri 'null cache';
+    }
+
+    if ($query_string != "") {
+        set $cache_uri 'null cache';
+    }   
+
+    if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php
+                          |wp-.*.php|/feed/|index.php|wp-comments-popup.php
+                          |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml
+                          |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
+        set $cache_uri 'null cache';
+    }  
+
+    if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+
+                         |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") {
+        set $cache_uri 'null cache';
+    }
+    
+    location / {
+        try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}

From 17f198cc360775c35e71700e0da9e7abaff20f6d Mon Sep 17 00:00:00 2001
From: Asfihani 
Date: Tue, 17 Apr 2018 16:44:12 +0700
Subject: [PATCH 0084/2300] Add Wordpress WP Super Cache plugin template
 support

---
 .../php5-fpm/wordpress2_wp_super_cache.stpl   | 89 +++++++++++++++++++
 .../php5-fpm/wordpress2_wp_super_cache.tpl    | 85 ++++++++++++++++++
 .../php5-fpm/wordpress2_wp_super_cache.stpl   | 89 +++++++++++++++++++
 .../php5-fpm/wordpress2_wp_super_cache.tpl    | 85 ++++++++++++++++++
 .../php-fpm/wordpress2_wp_super_cache.stpl    | 89 +++++++++++++++++++
 .../php-fpm/wordpress2_wp_super_cache.tpl     | 85 ++++++++++++++++++
 .../php-fpm/wordpress2_wp_super_cache.stpl    | 89 +++++++++++++++++++
 .../php-fpm/wordpress2_wp_super_cache.tpl     | 85 ++++++++++++++++++
 .../php-fpm/wordpress2_wp_super_cache.stpl    | 89 +++++++++++++++++++
 .../php-fpm/wordpress2_wp_super_cache.tpl     | 85 ++++++++++++++++++
 .../php-fpm/wordpress2_wp_super_cache.stpl    | 89 +++++++++++++++++++
 .../php-fpm/wordpress2_wp_super_cache.tpl     | 85 ++++++++++++++++++
 .../php-fpm/wordpress2_wp_super_cache.stpl    | 89 +++++++++++++++++++
 .../php-fpm/wordpress2_wp_super_cache.tpl     | 85 ++++++++++++++++++
 .../php-fpm/wordpress2_wp_super_cache.stpl    | 89 +++++++++++++++++++
 .../php-fpm/wordpress2_wp_super_cache.tpl     | 85 ++++++++++++++++++
 .../php-fpm/wordpress2_wp_super_cache.stpl    | 89 +++++++++++++++++++
 .../php-fpm/wordpress2_wp_super_cache.tpl     | 85 ++++++++++++++++++
 .../php-fpm/wordpress2_wp_super_cache.stpl    | 89 +++++++++++++++++++
 .../php-fpm/wordpress2_wp_super_cache.tpl     | 85 ++++++++++++++++++
 .../php-fpm/wordpress2_wp_super_cache.stpl    | 89 +++++++++++++++++++
 .../php-fpm/wordpress2_wp_super_cache.tpl     | 85 ++++++++++++++++++
 .../php-fpm/wordpress2_wp_super_cache.stpl    | 89 +++++++++++++++++++
 .../php-fpm/wordpress2_wp_super_cache.tpl     | 85 ++++++++++++++++++
 .../php-fpm/wordpress2_wp_super_cache.stpl    | 89 +++++++++++++++++++
 .../php-fpm/wordpress2_wp_super_cache.tpl     | 85 ++++++++++++++++++
 .../php-fpm/wordpress2_wp_super_cache.stpl    | 89 +++++++++++++++++++
 .../php-fpm/wordpress2_wp_super_cache.tpl     | 85 ++++++++++++++++++
 .../php-fpm/wordpress2_wp_super_cache.stpl    | 89 +++++++++++++++++++
 .../php-fpm/wordpress2_wp_super_cache.tpl     | 85 ++++++++++++++++++
 30 files changed, 2610 insertions(+)
 create mode 100644 install/debian/7/templates/web/nginx/php5-fpm/wordpress2_wp_super_cache.stpl
 create mode 100644 install/debian/7/templates/web/nginx/php5-fpm/wordpress2_wp_super_cache.tpl
 create mode 100644 install/debian/8/templates/web/nginx/php5-fpm/wordpress2_wp_super_cache.stpl
 create mode 100644 install/debian/8/templates/web/nginx/php5-fpm/wordpress2_wp_super_cache.tpl
 create mode 100644 install/debian/9/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl
 create mode 100644 install/debian/9/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl
 create mode 100644 install/rhel/5/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl
 create mode 100644 install/rhel/5/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl
 create mode 100644 install/rhel/6/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl
 create mode 100644 install/rhel/6/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl
 create mode 100644 install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl
 create mode 100644 install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl
 create mode 100644 install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl
 create mode 100644 install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl
 create mode 100644 install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl
 create mode 100644 install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl
 create mode 100644 install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl
 create mode 100644 install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl
 create mode 100644 install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl
 create mode 100644 install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl
 create mode 100644 install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl
 create mode 100644 install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl
 create mode 100644 install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl
 create mode 100644 install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl
 create mode 100644 install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl
 create mode 100644 install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl
 create mode 100644 install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl
 create mode 100644 install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl
 create mode 100644 install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl
 create mode 100644 install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl

diff --git a/install/debian/7/templates/web/nginx/php5-fpm/wordpress2_wp_super_cache.stpl b/install/debian/7/templates/web/nginx/php5-fpm/wordpress2_wp_super_cache.stpl
new file mode 100644
index 00000000..f33ed507
--- /dev/null
+++ b/install/debian/7/templates/web/nginx/php5-fpm/wordpress2_wp_super_cache.stpl
@@ -0,0 +1,89 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    set $cache_uri $request_uri;
+
+    if ($request_method = POST) {
+        set $cache_uri 'null cache';
+    }
+
+    if ($query_string != "") {
+        set $cache_uri 'null cache';
+    }   
+
+    if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php
+                          |wp-.*.php|/feed/|index.php|wp-comments-popup.php
+                          |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml
+                          |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
+        set $cache_uri 'null cache';
+    }  
+
+    if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+
+                         |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") {
+        set $cache_uri 'null cache';
+    }
+    
+    location / {
+        try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/7/templates/web/nginx/php5-fpm/wordpress2_wp_super_cache.tpl b/install/debian/7/templates/web/nginx/php5-fpm/wordpress2_wp_super_cache.tpl
new file mode 100644
index 00000000..c0a5239e
--- /dev/null
+++ b/install/debian/7/templates/web/nginx/php5-fpm/wordpress2_wp_super_cache.tpl
@@ -0,0 +1,85 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+    
+    set $cache_uri $request_uri;
+
+    if ($request_method = POST) {
+        set $cache_uri 'null cache';
+    }
+
+    if ($query_string != "") {
+        set $cache_uri 'null cache';
+    }   
+
+    if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php
+                          |wp-.*.php|/feed/|index.php|wp-comments-popup.php
+                          |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml
+                          |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
+        set $cache_uri 'null cache';
+    }  
+
+    if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+
+                         |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") {
+        set $cache_uri 'null cache';
+    }
+
+    location / {
+        try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/8/templates/web/nginx/php5-fpm/wordpress2_wp_super_cache.stpl b/install/debian/8/templates/web/nginx/php5-fpm/wordpress2_wp_super_cache.stpl
new file mode 100644
index 00000000..f33ed507
--- /dev/null
+++ b/install/debian/8/templates/web/nginx/php5-fpm/wordpress2_wp_super_cache.stpl
@@ -0,0 +1,89 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    set $cache_uri $request_uri;
+
+    if ($request_method = POST) {
+        set $cache_uri 'null cache';
+    }
+
+    if ($query_string != "") {
+        set $cache_uri 'null cache';
+    }   
+
+    if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php
+                          |wp-.*.php|/feed/|index.php|wp-comments-popup.php
+                          |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml
+                          |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
+        set $cache_uri 'null cache';
+    }  
+
+    if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+
+                         |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") {
+        set $cache_uri 'null cache';
+    }
+    
+    location / {
+        try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/8/templates/web/nginx/php5-fpm/wordpress2_wp_super_cache.tpl b/install/debian/8/templates/web/nginx/php5-fpm/wordpress2_wp_super_cache.tpl
new file mode 100644
index 00000000..c0a5239e
--- /dev/null
+++ b/install/debian/8/templates/web/nginx/php5-fpm/wordpress2_wp_super_cache.tpl
@@ -0,0 +1,85 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+    
+    set $cache_uri $request_uri;
+
+    if ($request_method = POST) {
+        set $cache_uri 'null cache';
+    }
+
+    if ($query_string != "") {
+        set $cache_uri 'null cache';
+    }   
+
+    if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php
+                          |wp-.*.php|/feed/|index.php|wp-comments-popup.php
+                          |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml
+                          |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
+        set $cache_uri 'null cache';
+    }  
+
+    if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+
+                         |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") {
+        set $cache_uri 'null cache';
+    }
+
+    location / {
+        try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/9/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl b/install/debian/9/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl
new file mode 100644
index 00000000..f33ed507
--- /dev/null
+++ b/install/debian/9/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl
@@ -0,0 +1,89 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    set $cache_uri $request_uri;
+
+    if ($request_method = POST) {
+        set $cache_uri 'null cache';
+    }
+
+    if ($query_string != "") {
+        set $cache_uri 'null cache';
+    }   
+
+    if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php
+                          |wp-.*.php|/feed/|index.php|wp-comments-popup.php
+                          |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml
+                          |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
+        set $cache_uri 'null cache';
+    }  
+
+    if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+
+                         |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") {
+        set $cache_uri 'null cache';
+    }
+    
+    location / {
+        try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/9/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl b/install/debian/9/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl
new file mode 100644
index 00000000..c0a5239e
--- /dev/null
+++ b/install/debian/9/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl
@@ -0,0 +1,85 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+    
+    set $cache_uri $request_uri;
+
+    if ($request_method = POST) {
+        set $cache_uri 'null cache';
+    }
+
+    if ($query_string != "") {
+        set $cache_uri 'null cache';
+    }   
+
+    if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php
+                          |wp-.*.php|/feed/|index.php|wp-comments-popup.php
+                          |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml
+                          |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
+        set $cache_uri 'null cache';
+    }  
+
+    if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+
+                         |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") {
+        set $cache_uri 'null cache';
+    }
+
+    location / {
+        try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/rhel/5/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl b/install/rhel/5/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl
new file mode 100644
index 00000000..f33ed507
--- /dev/null
+++ b/install/rhel/5/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl
@@ -0,0 +1,89 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    set $cache_uri $request_uri;
+
+    if ($request_method = POST) {
+        set $cache_uri 'null cache';
+    }
+
+    if ($query_string != "") {
+        set $cache_uri 'null cache';
+    }   
+
+    if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php
+                          |wp-.*.php|/feed/|index.php|wp-comments-popup.php
+                          |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml
+                          |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
+        set $cache_uri 'null cache';
+    }  
+
+    if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+
+                         |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") {
+        set $cache_uri 'null cache';
+    }
+    
+    location / {
+        try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/rhel/5/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl b/install/rhel/5/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl
new file mode 100644
index 00000000..c0a5239e
--- /dev/null
+++ b/install/rhel/5/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl
@@ -0,0 +1,85 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+    
+    set $cache_uri $request_uri;
+
+    if ($request_method = POST) {
+        set $cache_uri 'null cache';
+    }
+
+    if ($query_string != "") {
+        set $cache_uri 'null cache';
+    }   
+
+    if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php
+                          |wp-.*.php|/feed/|index.php|wp-comments-popup.php
+                          |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml
+                          |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
+        set $cache_uri 'null cache';
+    }  
+
+    if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+
+                         |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") {
+        set $cache_uri 'null cache';
+    }
+
+    location / {
+        try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/rhel/6/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl b/install/rhel/6/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl
new file mode 100644
index 00000000..f33ed507
--- /dev/null
+++ b/install/rhel/6/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl
@@ -0,0 +1,89 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    set $cache_uri $request_uri;
+
+    if ($request_method = POST) {
+        set $cache_uri 'null cache';
+    }
+
+    if ($query_string != "") {
+        set $cache_uri 'null cache';
+    }   
+
+    if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php
+                          |wp-.*.php|/feed/|index.php|wp-comments-popup.php
+                          |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml
+                          |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
+        set $cache_uri 'null cache';
+    }  
+
+    if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+
+                         |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") {
+        set $cache_uri 'null cache';
+    }
+    
+    location / {
+        try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/rhel/6/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl b/install/rhel/6/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl
new file mode 100644
index 00000000..c0a5239e
--- /dev/null
+++ b/install/rhel/6/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl
@@ -0,0 +1,85 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+    
+    set $cache_uri $request_uri;
+
+    if ($request_method = POST) {
+        set $cache_uri 'null cache';
+    }
+
+    if ($query_string != "") {
+        set $cache_uri 'null cache';
+    }   
+
+    if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php
+                          |wp-.*.php|/feed/|index.php|wp-comments-popup.php
+                          |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml
+                          |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
+        set $cache_uri 'null cache';
+    }  
+
+    if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+
+                         |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") {
+        set $cache_uri 'null cache';
+    }
+
+    location / {
+        try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl
new file mode 100644
index 00000000..f33ed507
--- /dev/null
+++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl
@@ -0,0 +1,89 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    set $cache_uri $request_uri;
+
+    if ($request_method = POST) {
+        set $cache_uri 'null cache';
+    }
+
+    if ($query_string != "") {
+        set $cache_uri 'null cache';
+    }   
+
+    if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php
+                          |wp-.*.php|/feed/|index.php|wp-comments-popup.php
+                          |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml
+                          |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
+        set $cache_uri 'null cache';
+    }  
+
+    if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+
+                         |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") {
+        set $cache_uri 'null cache';
+    }
+    
+    location / {
+        try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl
new file mode 100644
index 00000000..c0a5239e
--- /dev/null
+++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl
@@ -0,0 +1,85 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+    
+    set $cache_uri $request_uri;
+
+    if ($request_method = POST) {
+        set $cache_uri 'null cache';
+    }
+
+    if ($query_string != "") {
+        set $cache_uri 'null cache';
+    }   
+
+    if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php
+                          |wp-.*.php|/feed/|index.php|wp-comments-popup.php
+                          |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml
+                          |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
+        set $cache_uri 'null cache';
+    }  
+
+    if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+
+                         |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") {
+        set $cache_uri 'null cache';
+    }
+
+    location / {
+        try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl
new file mode 100644
index 00000000..f33ed507
--- /dev/null
+++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl
@@ -0,0 +1,89 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    set $cache_uri $request_uri;
+
+    if ($request_method = POST) {
+        set $cache_uri 'null cache';
+    }
+
+    if ($query_string != "") {
+        set $cache_uri 'null cache';
+    }   
+
+    if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php
+                          |wp-.*.php|/feed/|index.php|wp-comments-popup.php
+                          |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml
+                          |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
+        set $cache_uri 'null cache';
+    }  
+
+    if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+
+                         |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") {
+        set $cache_uri 'null cache';
+    }
+    
+    location / {
+        try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl
new file mode 100644
index 00000000..c0a5239e
--- /dev/null
+++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl
@@ -0,0 +1,85 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+    
+    set $cache_uri $request_uri;
+
+    if ($request_method = POST) {
+        set $cache_uri 'null cache';
+    }
+
+    if ($query_string != "") {
+        set $cache_uri 'null cache';
+    }   
+
+    if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php
+                          |wp-.*.php|/feed/|index.php|wp-comments-popup.php
+                          |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml
+                          |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
+        set $cache_uri 'null cache';
+    }  
+
+    if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+
+                         |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") {
+        set $cache_uri 'null cache';
+    }
+
+    location / {
+        try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl
new file mode 100644
index 00000000..f33ed507
--- /dev/null
+++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl
@@ -0,0 +1,89 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    set $cache_uri $request_uri;
+
+    if ($request_method = POST) {
+        set $cache_uri 'null cache';
+    }
+
+    if ($query_string != "") {
+        set $cache_uri 'null cache';
+    }   
+
+    if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php
+                          |wp-.*.php|/feed/|index.php|wp-comments-popup.php
+                          |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml
+                          |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
+        set $cache_uri 'null cache';
+    }  
+
+    if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+
+                         |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") {
+        set $cache_uri 'null cache';
+    }
+    
+    location / {
+        try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl
new file mode 100644
index 00000000..c0a5239e
--- /dev/null
+++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl
@@ -0,0 +1,85 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+    
+    set $cache_uri $request_uri;
+
+    if ($request_method = POST) {
+        set $cache_uri 'null cache';
+    }
+
+    if ($query_string != "") {
+        set $cache_uri 'null cache';
+    }   
+
+    if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php
+                          |wp-.*.php|/feed/|index.php|wp-comments-popup.php
+                          |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml
+                          |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
+        set $cache_uri 'null cache';
+    }  
+
+    if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+
+                         |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") {
+        set $cache_uri 'null cache';
+    }
+
+    location / {
+        try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl
new file mode 100644
index 00000000..f33ed507
--- /dev/null
+++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl
@@ -0,0 +1,89 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    set $cache_uri $request_uri;
+
+    if ($request_method = POST) {
+        set $cache_uri 'null cache';
+    }
+
+    if ($query_string != "") {
+        set $cache_uri 'null cache';
+    }   
+
+    if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php
+                          |wp-.*.php|/feed/|index.php|wp-comments-popup.php
+                          |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml
+                          |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
+        set $cache_uri 'null cache';
+    }  
+
+    if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+
+                         |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") {
+        set $cache_uri 'null cache';
+    }
+    
+    location / {
+        try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl
new file mode 100644
index 00000000..c0a5239e
--- /dev/null
+++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl
@@ -0,0 +1,85 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+    
+    set $cache_uri $request_uri;
+
+    if ($request_method = POST) {
+        set $cache_uri 'null cache';
+    }
+
+    if ($query_string != "") {
+        set $cache_uri 'null cache';
+    }   
+
+    if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php
+                          |wp-.*.php|/feed/|index.php|wp-comments-popup.php
+                          |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml
+                          |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
+        set $cache_uri 'null cache';
+    }  
+
+    if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+
+                         |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") {
+        set $cache_uri 'null cache';
+    }
+
+    location / {
+        try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl
new file mode 100644
index 00000000..f33ed507
--- /dev/null
+++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl
@@ -0,0 +1,89 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    set $cache_uri $request_uri;
+
+    if ($request_method = POST) {
+        set $cache_uri 'null cache';
+    }
+
+    if ($query_string != "") {
+        set $cache_uri 'null cache';
+    }   
+
+    if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php
+                          |wp-.*.php|/feed/|index.php|wp-comments-popup.php
+                          |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml
+                          |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
+        set $cache_uri 'null cache';
+    }  
+
+    if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+
+                         |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") {
+        set $cache_uri 'null cache';
+    }
+    
+    location / {
+        try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl
new file mode 100644
index 00000000..c0a5239e
--- /dev/null
+++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl
@@ -0,0 +1,85 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+    
+    set $cache_uri $request_uri;
+
+    if ($request_method = POST) {
+        set $cache_uri 'null cache';
+    }
+
+    if ($query_string != "") {
+        set $cache_uri 'null cache';
+    }   
+
+    if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php
+                          |wp-.*.php|/feed/|index.php|wp-comments-popup.php
+                          |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml
+                          |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
+        set $cache_uri 'null cache';
+    }  
+
+    if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+
+                         |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") {
+        set $cache_uri 'null cache';
+    }
+
+    location / {
+        try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl
new file mode 100644
index 00000000..f33ed507
--- /dev/null
+++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl
@@ -0,0 +1,89 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    set $cache_uri $request_uri;
+
+    if ($request_method = POST) {
+        set $cache_uri 'null cache';
+    }
+
+    if ($query_string != "") {
+        set $cache_uri 'null cache';
+    }   
+
+    if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php
+                          |wp-.*.php|/feed/|index.php|wp-comments-popup.php
+                          |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml
+                          |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
+        set $cache_uri 'null cache';
+    }  
+
+    if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+
+                         |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") {
+        set $cache_uri 'null cache';
+    }
+    
+    location / {
+        try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl
new file mode 100644
index 00000000..c0a5239e
--- /dev/null
+++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl
@@ -0,0 +1,85 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+    
+    set $cache_uri $request_uri;
+
+    if ($request_method = POST) {
+        set $cache_uri 'null cache';
+    }
+
+    if ($query_string != "") {
+        set $cache_uri 'null cache';
+    }   
+
+    if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php
+                          |wp-.*.php|/feed/|index.php|wp-comments-popup.php
+                          |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml
+                          |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
+        set $cache_uri 'null cache';
+    }  
+
+    if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+
+                         |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") {
+        set $cache_uri 'null cache';
+    }
+
+    location / {
+        try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl
new file mode 100644
index 00000000..f33ed507
--- /dev/null
+++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl
@@ -0,0 +1,89 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    set $cache_uri $request_uri;
+
+    if ($request_method = POST) {
+        set $cache_uri 'null cache';
+    }
+
+    if ($query_string != "") {
+        set $cache_uri 'null cache';
+    }   
+
+    if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php
+                          |wp-.*.php|/feed/|index.php|wp-comments-popup.php
+                          |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml
+                          |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
+        set $cache_uri 'null cache';
+    }  
+
+    if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+
+                         |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") {
+        set $cache_uri 'null cache';
+    }
+    
+    location / {
+        try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl
new file mode 100644
index 00000000..c0a5239e
--- /dev/null
+++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl
@@ -0,0 +1,85 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+    
+    set $cache_uri $request_uri;
+
+    if ($request_method = POST) {
+        set $cache_uri 'null cache';
+    }
+
+    if ($query_string != "") {
+        set $cache_uri 'null cache';
+    }   
+
+    if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php
+                          |wp-.*.php|/feed/|index.php|wp-comments-popup.php
+                          |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml
+                          |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
+        set $cache_uri 'null cache';
+    }  
+
+    if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+
+                         |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") {
+        set $cache_uri 'null cache';
+    }
+
+    location / {
+        try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl
new file mode 100644
index 00000000..f33ed507
--- /dev/null
+++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl
@@ -0,0 +1,89 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    set $cache_uri $request_uri;
+
+    if ($request_method = POST) {
+        set $cache_uri 'null cache';
+    }
+
+    if ($query_string != "") {
+        set $cache_uri 'null cache';
+    }   
+
+    if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php
+                          |wp-.*.php|/feed/|index.php|wp-comments-popup.php
+                          |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml
+                          |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
+        set $cache_uri 'null cache';
+    }  
+
+    if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+
+                         |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") {
+        set $cache_uri 'null cache';
+    }
+    
+    location / {
+        try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl
new file mode 100644
index 00000000..c0a5239e
--- /dev/null
+++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl
@@ -0,0 +1,85 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+    
+    set $cache_uri $request_uri;
+
+    if ($request_method = POST) {
+        set $cache_uri 'null cache';
+    }
+
+    if ($query_string != "") {
+        set $cache_uri 'null cache';
+    }   
+
+    if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php
+                          |wp-.*.php|/feed/|index.php|wp-comments-popup.php
+                          |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml
+                          |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
+        set $cache_uri 'null cache';
+    }  
+
+    if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+
+                         |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") {
+        set $cache_uri 'null cache';
+    }
+
+    location / {
+        try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl
new file mode 100644
index 00000000..f33ed507
--- /dev/null
+++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl
@@ -0,0 +1,89 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    set $cache_uri $request_uri;
+
+    if ($request_method = POST) {
+        set $cache_uri 'null cache';
+    }
+
+    if ($query_string != "") {
+        set $cache_uri 'null cache';
+    }   
+
+    if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php
+                          |wp-.*.php|/feed/|index.php|wp-comments-popup.php
+                          |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml
+                          |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
+        set $cache_uri 'null cache';
+    }  
+
+    if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+
+                         |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") {
+        set $cache_uri 'null cache';
+    }
+    
+    location / {
+        try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl
new file mode 100644
index 00000000..c0a5239e
--- /dev/null
+++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl
@@ -0,0 +1,85 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+    
+    set $cache_uri $request_uri;
+
+    if ($request_method = POST) {
+        set $cache_uri 'null cache';
+    }
+
+    if ($query_string != "") {
+        set $cache_uri 'null cache';
+    }   
+
+    if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php
+                          |wp-.*.php|/feed/|index.php|wp-comments-popup.php
+                          |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml
+                          |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
+        set $cache_uri 'null cache';
+    }  
+
+    if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+
+                         |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") {
+        set $cache_uri 'null cache';
+    }
+
+    location / {
+        try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl
new file mode 100644
index 00000000..f33ed507
--- /dev/null
+++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl
@@ -0,0 +1,89 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    set $cache_uri $request_uri;
+
+    if ($request_method = POST) {
+        set $cache_uri 'null cache';
+    }
+
+    if ($query_string != "") {
+        set $cache_uri 'null cache';
+    }   
+
+    if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php
+                          |wp-.*.php|/feed/|index.php|wp-comments-popup.php
+                          |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml
+                          |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
+        set $cache_uri 'null cache';
+    }  
+
+    if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+
+                         |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") {
+        set $cache_uri 'null cache';
+    }
+    
+    location / {
+        try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl
new file mode 100644
index 00000000..c0a5239e
--- /dev/null
+++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl
@@ -0,0 +1,85 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+    
+    set $cache_uri $request_uri;
+
+    if ($request_method = POST) {
+        set $cache_uri 'null cache';
+    }
+
+    if ($query_string != "") {
+        set $cache_uri 'null cache';
+    }   
+
+    if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php
+                          |wp-.*.php|/feed/|index.php|wp-comments-popup.php
+                          |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml
+                          |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
+        set $cache_uri 'null cache';
+    }  
+
+    if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+
+                         |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") {
+        set $cache_uri 'null cache';
+    }
+
+    location / {
+        try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}

From d0e2ecc305b714e0584d0a0457113069313ef1e5 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 24 Apr 2018 14:48:56 +0200
Subject: [PATCH 0085/2300] Allowing normal user to change proxy template,
 /web/edit/

---
 web/edit/web/index.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/web/edit/web/index.php b/web/edit/web/index.php
index edf29e9d..e934c1c8 100644
--- a/web/edit/web/index.php
+++ b/web/edit/web/index.php
@@ -230,8 +230,8 @@ if (!empty($_POST['save'])) {
         $restart_proxy = 'yes';
     }
 
-    // Change proxy template / Update extension list (admin only)
-    if ((!empty($_SESSION['PROXY_SYSTEM'])) && (!empty($v_proxy)) && (!empty($_POST['v_proxy'])) && (empty($_SESSION['error_msg'])) && ($_SESSION['user'] == 'admin')) {
+    // Change proxy template / Update extension list
+    if ((!empty($_SESSION['PROXY_SYSTEM'])) && (!empty($v_proxy)) && (!empty($_POST['v_proxy'])) && (empty($_SESSION['error_msg'])) ) {
         $ext = preg_replace("/\n/", " ", $_POST['v_proxy_ext']);
         $ext = preg_replace("/,/", " ", $ext);
         $ext = preg_replace('/\s+/', ' ',$ext);

From 1c51af3b50b4738faa14dbb1d8748678dff6732e Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 24 Apr 2018 14:51:55 +0200
Subject: [PATCH 0086/2300] Allowing normal user to change proxy template, web
 template

---
 web/templates/user/edit_web.html | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/web/templates/user/edit_web.html b/web/templates/user/edit_web.html
index 911ab0bf..c984427c 100644
--- a/web/templates/user/edit_web.html
+++ b/web/templates/user/edit_web.html
@@ -94,6 +94,30 @@
                             
                                 
                                     
+                                        
+                                            
+                                        
+                                        
+                                            
+                                        
+                            
+                                
+                            
+                            
+                                
+                            
+                            
+                            
+                                
+                            
+                            
+                                
+                            
+                            
+                            
+                                
+                            
+                            
+                                
+                            
+                            
+                                
+                            
-                            
-                                
-                            
-
+                                        
+                                            
+                                        
+                                        
+                                            
+                                        
+                                                
+                                            

+                                                
+                                            
                                         
                                             
                                                 

From 04e3413590192667eb0972c861f7c204f1b9b670 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 24 Apr 2018 15:32:57 +0200
Subject: [PATCH 0087/2300] v-restart-proxy better restart handling

---
 bin/v-restart-proxy | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/bin/v-restart-proxy b/bin/v-restart-proxy
index f8e6a95e..7b8b4dd2 100755
--- a/bin/v-restart-proxy
+++ b/bin/v-restart-proxy
@@ -52,7 +52,8 @@ fi
 # background restart
 if [ "$1" = 'background' ]; then
     # Restart system
-    sleep 20
+    sleep 300
+    rm /tmp/restart-nginx
     service $PROXY_SYSTEM restart >/dev/null 2>&1
     if [ $? -ne 0 ]; then
         send_email_report
@@ -67,6 +68,16 @@ if [ "$1" = 'background' ]; then
     exit;
 fi
 
+if [ -f "/tmp/restart-nginx" ]; then
+    exit;
+fi
+
+service $PROXY_SYSTEM reload
+if [ $? -ne 0 ]; then
+    send_email_report
+    check_result $E_RESTART "$PROXY_SYSTEM reload failed"
+fi
+
 touch /tmp/restart-nginx
 nohup $BIN/v-restart-proxy 'background' &>/dev/null &
 

From 73e6656986569d0bdf7d87efb31efee19d4bdd4f Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Thu, 26 Apr 2018 16:32:34 +0300
Subject: [PATCH 0088/2300] RACK911LABS.COM: simpler and safer hash check

---
 bin/v-check-user-hash | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/bin/v-check-user-hash b/bin/v-check-user-hash
index 7fd55789..a18aba0e 100755
--- a/bin/v-check-user-hash
+++ b/bin/v-check-user-hash
@@ -75,15 +75,15 @@ else
     method='des'
 fi
 
+# Checking salt
 if [ -z "$salt" ]; then
     echo "Error: password missmatch"
     echo "$date $time $user $ip failed to login" >> $VESTA/log/auth.log
     exit 9
 fi
 
-# Checking hash
-result=$(grep "^$user:$hash:" /etc/shadow 2>/dev/null)
-if [[ -z "$result" ]]; then
+# Comparing hashes
+if [[ "$shadow" != "$hash" ]]; then
     echo "Error: password missmatch"
     echo "$date $time $user $ip failed to login" >> $VESTA/log/auth.log
     exit 9

From 4c751ab693656ee8bed3cafeee12d751ddcd03d0 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Thu, 26 Apr 2018 17:14:19 +0300
Subject: [PATCH 0089/2300] RACK911LABS.COM: safer mysql status check

---
 bin/v-update-sys-rrd-mysql | 22 +++++-----------------
 1 file changed, 5 insertions(+), 17 deletions(-)

diff --git a/bin/v-update-sys-rrd-mysql b/bin/v-update-sys-rrd-mysql
index aa6734e9..8c6bb75e 100755
--- a/bin/v-update-sys-rrd-mysql
+++ b/bin/v-update-sys-rrd-mysql
@@ -14,6 +14,7 @@ period=${1-daily}
 
 # Includes
 source $VESTA/func/main.sh
+source $VESTA/func/db.sh
 source $VESTA/conf/vesta.conf
 
 
@@ -66,23 +67,10 @@ for host in $hosts; do
     fi
 
     if [ "$period" = 'daily' ]; then
-        # Defining host credentials
-        host_str=$(grep "HOST='$host'" $conf)
-        for key in $host_str; do
-            eval ${key%%=*}=${key#*=}
-        done
-        sql="mysql -h $HOST -u $USER -p$PASSWORD -e"
-
-        # Checking empty vars
-        if [ -z $HOST ] || [ -z $USER ] || [ -z $PASSWORD ]; then
-            echo "Error: config is broken"
-            log_event "$E_PARSING" "$ARGUMENTS"
-            exit $E_PARSING
-        fi
-
-        # Parsing data
-        status=$($sql "SHOW GLOBAL STATUS" 2>/dev/null); code="$?"
-        if [ '0' -ne "$code" ]; then
+        mysql_connect $host
+        query='SHOW GLOBAL STATUS'
+        status=$(mysql_query "$query" 2>/dev/null)
+        if [ $? -ne 0 ]; then
             active=0
             slow=0
         else

From b5874764a7b3c8a3c85ea37b51a0907853c1bc7d Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Thu, 26 Apr 2018 17:29:13 +0300
Subject: [PATCH 0090/2300] RACK911LABS.COM: safer mysql/pgsql query

---
 func/db.sh | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/func/db.sh b/func/db.sh
index d9c43031..d397dfec 100644
--- a/func/db.sh
+++ b/func/db.sh
@@ -47,7 +47,10 @@ mysql_connect() {
 }
 
 mysql_query() {
-    mysql --defaults-file=$mycnf -e "$1" 2>/dev/null
+    sql_tmp=$(mktemp)
+    echo "$1" > $sql_tmp
+    mysql --defaults-file=$mycnf < "$sql_tmp"  2>/dev/null
+    rm -f "$sql_tmp"
 }
 
 mysql_dump() {
@@ -89,7 +92,10 @@ psql_connect() {
 }
 
 psql_query() {
-    psql -h $HOST -U $USER -c "$1" 2>/dev/null
+    sql_tmp=$(mktemp)
+    echo "$1" > $sql_tmp
+    psql -h $HOST -U $USER -f "$sql_tmp" 2>/dev/null
+    rm -f $sql_tmp
 }
 
 psql_dump() {

From b329be0352007db7d7cb06a1730ad77f7cd120c5 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Thu, 26 Apr 2018 16:59:54 +0200
Subject: [PATCH 0091/2300] v-restart-proxy sleep 1

---
 bin/v-restart-proxy | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-restart-proxy b/bin/v-restart-proxy
index 7b8b4dd2..14356038 100755
--- a/bin/v-restart-proxy
+++ b/bin/v-restart-proxy
@@ -52,7 +52,7 @@ fi
 # background restart
 if [ "$1" = 'background' ]; then
     # Restart system
-    sleep 300
+    sleep 1
     rm /tmp/restart-nginx
     service $PROXY_SYSTEM restart >/dev/null 2>&1
     if [ $? -ne 0 ]; then

From a21ecd0ad0d114eddeb1af29cd9d97c3975b1dab Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Thu, 26 Apr 2018 18:17:09 +0300
Subject: [PATCH 0092/2300] RACK911LABS.COM: safer log parser

---
 bin/v-list-user-log | 23 +++++++++++++----------
 1 file changed, 13 insertions(+), 10 deletions(-)

diff --git a/bin/v-list-user-log b/bin/v-list-user-log
index f8581341..ca317f7d 100755
--- a/bin/v-list-user-log
+++ b/bin/v-list-user-log
@@ -23,7 +23,10 @@ json_list() {
     objects=$(echo "$logs" |wc -l)
     echo "{"
     for str in $logs; do
-        eval $str
+        ID=$(echo "$str" |cut -f 2 -d \')
+        DATE=$(echo "$str" |cut -f 4 -d \')
+        TIME=$(echo "$str" |cut -f 6 -d \')
+        CMD=$(echo "$str" |cut -f 8 -d \')
         CMD=${CMD//\"/\\\"}
         echo -n '    "'$ID'": {
         "CMD": "'$CMD'",
@@ -46,13 +49,9 @@ shell_list() {
     echo "DATE~TIME~CMD"
     echo "----~----~---"
     for str in $logs; do
-        eval $str
-        if [ -z "$DATE" ]; then
-            DATE='no'
-        fi
-        if [ -z "$TIME" ]; then
-            TIME='no'
-        fi
+        DATE=$(echo "$str" |cut -f 4 -d \')
+        TIME=$(echo "$str" |cut -f 6 -d \')
+        CMD=$(echo "$str" |cut -f 8 -d \')
         echo "$DATE~$TIME~$CMD"
     done
 }
@@ -61,7 +60,9 @@ shell_list() {
 plain_list() {
     IFS=$'\n'
     for str in $logs; do
-        eval $str
+        DATE=$(echo "$str" |cut -f 4 -d \')
+        TIME=$(echo "$str" |cut -f 6 -d \')
+        CMD=$(echo "$str" |cut -f 8 -d \')
         echo -e "$ID\t$CMD\t$UNDO\t$TIME\t$DATE"
     done
 }
@@ -71,7 +72,9 @@ csv_list() {
     IFS=$'\n'
     echo "ID,CMD,UNDO,TIME,DATE"
     for str in $logs; do
-        eval $str
+        DATE=$(echo "$str" |cut -f 4 -d \')
+        TIME=$(echo "$str" |cut -f 6 -d \')
+        CMD=$(echo "$str" |cut -f 8 -d \')
         echo "$ID,\"$CMD\",\"$UNDO\",$TIME,$DATE"
     done
 }

From a3a2daa4cd2568300a06ecd8076bde5969572487 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 26 Apr 2018 18:46:00 +0200
Subject: [PATCH 0093/2300] Removing nginx restart lock

---
 bin/v-restart-proxy | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/bin/v-restart-proxy b/bin/v-restart-proxy
index 14356038..98661ec8 100755
--- a/bin/v-restart-proxy
+++ b/bin/v-restart-proxy
@@ -53,7 +53,7 @@ fi
 if [ "$1" = 'background' ]; then
     # Restart system
     sleep 1
-    rm /tmp/restart-nginx
+    # rm /tmp/restart-nginx
     service $PROXY_SYSTEM restart >/dev/null 2>&1
     if [ $? -ne 0 ]; then
         send_email_report
@@ -68,9 +68,9 @@ if [ "$1" = 'background' ]; then
     exit;
 fi
 
-if [ -f "/tmp/restart-nginx" ]; then
-    exit;
-fi
+# if [ -f "/tmp/restart-nginx" ]; then
+#     exit;
+# fi
 
 service $PROXY_SYSTEM reload
 if [ $? -ne 0 ]; then
@@ -78,7 +78,7 @@ if [ $? -ne 0 ]; then
     check_result $E_RESTART "$PROXY_SYSTEM reload failed"
 fi
 
-touch /tmp/restart-nginx
+# touch /tmp/restart-nginx
 nohup $BIN/v-restart-proxy 'background' &>/dev/null &
 
 #----------------------------------------------------------#

From 92ec2cf032a54f7743b4ae47fb8c31dab9a13e93 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 26 Apr 2018 18:50:18 +0200
Subject: [PATCH 0094/2300] sleep 15

---
 bin/v-restart-proxy | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-restart-proxy b/bin/v-restart-proxy
index 98661ec8..be142385 100755
--- a/bin/v-restart-proxy
+++ b/bin/v-restart-proxy
@@ -52,7 +52,7 @@ fi
 # background restart
 if [ "$1" = 'background' ]; then
     # Restart system
-    sleep 1
+    sleep 15
     # rm /tmp/restart-nginx
     service $PROXY_SYSTEM restart >/dev/null 2>&1
     if [ $? -ne 0 ]; then

From 8d85cdcb2c196352a27ccb283c2029ecac9a0b87 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Thu, 26 Apr 2018 19:11:51 +0200
Subject: [PATCH 0095/2300] Wait 10 sec only while renewing LE for more than 1
 domain

---
 bin/v-update-letsencrypt-ssl | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/bin/v-update-letsencrypt-ssl b/bin/v-update-letsencrypt-ssl
index 93fe9023..907d305f 100755
--- a/bin/v-update-letsencrypt-ssl
+++ b/bin/v-update-letsencrypt-ssl
@@ -29,6 +29,7 @@ users=$($BIN/v-list-users | tail -n+3 | awk '{ print $1 }')
 for user in $users; do
     USER_DATA=$VESTA/data/users/$user
     # Checking user certificates
+    lecounter=0
     for domain in $(search_objects 'web' 'LETSENCRYPT' 'yes' 'DOMAIN'); do
 
         crt="$VESTA/data/users/$user/ssl/$domain.crt"
@@ -57,7 +58,10 @@ for user in $users; do
                     echo "$domain $msg"
                 fi
             fi
-            sleep 10
+            if [ $lecounter -gt 0 ]; then
+                sleep 10
+            fi
+            ((lecounter++))
         fi
     done
 done

From 9148f7c9c2accbaecf426e44eba420cac7d7036d Mon Sep 17 00:00:00 2001
From: Vadim Sitnic 
Date: Fri, 27 Apr 2018 11:33:13 +0300
Subject: [PATCH 0096/2300] set softquota=hardquota

---
 bin/v-update-user-quota | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-update-user-quota b/bin/v-update-user-quota
index b0f376a2..3483bca5 100755
--- a/bin/v-update-user-quota
+++ b/bin/v-update-user-quota
@@ -33,7 +33,7 @@ is_object_valid 'user' 'USER' "$user"
 # Updating disk quota
 # Had quota equals package value. Soft quota equals 90% of package value for warnings.
 quota=$(get_user_value '$DISK_QUOTA')
-soft=$(echo "$quota * 1024 * 0.90"|bc |cut -f 1 -d .)
+soft=$(echo "$quota * 1024"|bc |cut -f 1 -d .)
 hard=$(echo "$quota * 1024"|bc |cut -f 1 -d .)
 
 # Searching home mount point

From 4f4cc763a70b91246c15f4e044aa182660e1dce4 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Fri, 27 Apr 2018 15:36:41 +0300
Subject: [PATCH 0097/2300] RACK911LABS.COM: symlink check

---
 bin/v-add-mail-domain | 1 +
 bin/v-add-web-domain  | 1 +
 func/main.sh          | 7 +++++++
 func/rebuild.sh       | 6 ++++++
 4 files changed, 15 insertions(+)

diff --git a/bin/v-add-mail-domain b/bin/v-add-mail-domain
index 2676e750..6681035f 100755
--- a/bin/v-add-mail-domain
+++ b/bin/v-add-mail-domain
@@ -45,6 +45,7 @@ is_object_valid 'user' 'USER' "$user"
 is_object_unsuspended 'user' 'USER' "$user"
 is_domain_new 'mail' "$domain"
 is_package_full 'MAIL_DOMAINS'
+is_dir_symlink $HOMEDIR/$user/mail
 
 
 #----------------------------------------------------------#
diff --git a/bin/v-add-web-domain b/bin/v-add-web-domain
index 018adcb4..b937330c 100755
--- a/bin/v-add-web-domain
+++ b/bin/v-add-web-domain
@@ -47,6 +47,7 @@ is_object_valid 'user' 'USER' "$user"
 is_object_unsuspended 'user' 'USER' "$user"
 is_package_full 'WEB_DOMAINS' 'WEB_ALIASES'
 is_domain_new 'web' "$domain,$aliases"
+is_dir_symlink $HOMEDIR/$user/web
 if [ ! -z "$ip" ]; then
     is_ip_valid "$ip" "$user"
 else
diff --git a/func/main.sh b/func/main.sh
index a79cb2a0..e11ba6b3 100644
--- a/func/main.sh
+++ b/func/main.sh
@@ -287,6 +287,13 @@ is_hash_valid() {
     fi
 }
 
+# Check if directory is a symlink
+is_dir_symlink() {
+    if [[ -L "$1" ]]; then
+        check_result $E_FORBIDEN "$1 directory is a symlink"
+    fi
+}
+
 # Get object value
 get_object_value() {
     object=$(grep "$2='$3'" $USER_DATA/$1.conf)
diff --git a/func/rebuild.sh b/func/rebuild.sh
index a6025928..9a1c0f47 100644
--- a/func/rebuild.sh
+++ b/func/rebuild.sh
@@ -71,6 +71,9 @@ rebuild_user_conf() {
         echo "$BIN/v-update-web-domains-disk $user" \
             >> $VESTA/data/queue/disk.pipe
 
+        if [[ -L "$HOMEDIR/$user/web" ]]; then
+            rm $HOMEDIR/$user/web
+        fi
         mkdir -p $HOMEDIR/$user/conf/web
         mkdir -p $HOMEDIR/$user/web
         mkdir -p $HOMEDIR/$user/tmp
@@ -105,6 +108,9 @@ rebuild_user_conf() {
         echo "$BIN/v-update-mail-domains-disk $user" \
             >> $VESTA/data/queue/disk.pipe
 
+        if [[ -L "$HOMEDIR/$user/mail" ]]; then
+            rm $HOMEDIR/$user/mail
+        fi
         mkdir -p $HOMEDIR/$user/conf/mail
         mkdir -p $HOMEDIR/$user/mail
         chmod 751 $HOMEDIR/$user/mail

From 2a26571648f005b4e42182853ae274e8a6f8394f Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 3 May 2018 17:27:49 +0200
Subject: [PATCH 0098/2300] Temporary fix for aliases

---
 func/main.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/func/main.sh b/func/main.sh
index a79cb2a0..cbd65903 100644
--- a/func/main.sh
+++ b/func/main.sh
@@ -916,6 +916,7 @@ format_aliases() {
         aliases=$(echo "$aliases" |sed -e "s/[.]*$//g")
         aliases=$(echo "$aliases" |sed -e "s/^[.]*//")
         aliases=$(echo "$aliases" |grep -v www.$domain |sed -e "/^$/d")
+        # aliases=$(echo "$aliases" |sed -e "/^$/d")
         aliases=$(echo "$aliases" |tr '\n' ',' |sed -e "s/,$//")
     fi
 }

From 3f99275e263e08378e1a2e6df90a675a074e2d8b Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 4 May 2018 10:39:38 +0200
Subject: [PATCH 0099/2300] Do not check nginx status for reload

---
 bin/v-restart-proxy | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/bin/v-restart-proxy b/bin/v-restart-proxy
index be142385..00758cc0 100755
--- a/bin/v-restart-proxy
+++ b/bin/v-restart-proxy
@@ -73,10 +73,10 @@ fi
 # fi
 
 service $PROXY_SYSTEM reload
-if [ $? -ne 0 ]; then
-    send_email_report
-    check_result $E_RESTART "$PROXY_SYSTEM reload failed"
-fi
+# if [ $? -ne 0 ]; then
+#     send_email_report
+#     check_result $E_RESTART "$PROXY_SYSTEM reload failed"
+# fi
 
 # touch /tmp/restart-nginx
 nohup $BIN/v-restart-proxy 'background' &>/dev/null &

From 4baf5ebc2c4b474c4f401563bf789b777aaad493 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 4 May 2018 12:35:28 +0200
Subject: [PATCH 0100/2300] Get vesta port by reading nginx.conf

---
 bin/v-add-firewall-chain | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/bin/v-add-firewall-chain b/bin/v-add-firewall-chain
index f963dade..c7b826fa 100755
--- a/bin/v-add-firewall-chain
+++ b/bin/v-add-firewall-chain
@@ -21,6 +21,12 @@ protocol=$(echo $protocol|tr '[:lower:]' '[:upper:]')
 # Defining absolute path to iptables
 iptables="/sbin/iptables"
 
+# Get vesta port by reading nginx.conf
+vestaport=$(grep 'listen' /usr/local/vesta/nginx/conf/nginx.conf | awk '{print $2}' | sed "s|;||")
+if [ -z "$vestaport" ]; then
+    vestaport=8083
+fi
+
 # Includes
 source $VESTA/func/main.sh
 source $VESTA/conf/vesta.conf
@@ -47,7 +53,7 @@ case $chain in
     DNS)        port=53; protocol=UDP  ;;
     WEB)        port='80,443'; protocol=TCP  ;;
     DB)         port='3306,5432'; protocol=TCP  ;;
-    VESTA)      port=8083; protocol=TCP  ;;
+    VESTA)      port=$vestaport; protocol=TCP  ;;
     *)          check_args '2' "$#" 'CHAIN PORT' ;;
 esac
 

From 3118b9b91a80b8f5fd88f0a6cba611edc1b03589 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 7 May 2018 16:49:49 +0200
Subject: [PATCH 0101/2300] Sleep 60 after LE renew

---
 bin/v-update-letsencrypt-ssl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-update-letsencrypt-ssl b/bin/v-update-letsencrypt-ssl
index 907d305f..d69e7881 100755
--- a/bin/v-update-letsencrypt-ssl
+++ b/bin/v-update-letsencrypt-ssl
@@ -59,7 +59,7 @@ for user in $users; do
                 fi
             fi
             if [ $lecounter -gt 0 ]; then
-                sleep 10
+                sleep 60
             fi
             ((lecounter++))
         fi

From c1762e931cb872a67a58cf980ee08f1383ad0adc Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 9 May 2018 16:45:49 +0200
Subject: [PATCH 0102/2300] Always write LE token to file

---
 bin/v-check-letsencrypt-domain | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/bin/v-check-letsencrypt-domain b/bin/v-check-letsencrypt-domain
index 97e24878..44f48888 100755
--- a/bin/v-check-letsencrypt-domain
+++ b/bin/v-check-letsencrypt-domain
@@ -101,14 +101,14 @@ if [ "$WEB_SYSTEM" = 'nginx' ] || [ "$PROXY_SYSTEM" = 'nginx' ]; then
     if [ ! -e "$sconf" ]; then
         ln -s "$conf" "$sconf"
     fi
-else
+fi
     acme="$HOMEDIR/$user/web/$r_domain/public_html/.well-known/acme-challenge"
     if [ ! -d "$acme" ]; then
         mkdir -p $acme
     fi
     echo "$token.$thumb" > $acme/$token
     chown -R $user:$user $HOMEDIR/$user/web/$r_domain/public_html/.well-known
-fi
+
 
 # Restarting web server
 if [ -z "$PROXY_SYSTEM" ]; then

From 3d9137c1acd4e0d8b001d5721a8219c08c736017 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 10 May 2018 10:25:25 +0200
Subject: [PATCH 0103/2300] Wait 60 sec even for check-letsencrypt

---
 bin/v-update-letsencrypt-ssl | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/bin/v-update-letsencrypt-ssl b/bin/v-update-letsencrypt-ssl
index d69e7881..f6c9673a 100755
--- a/bin/v-update-letsencrypt-ssl
+++ b/bin/v-update-letsencrypt-ssl
@@ -58,11 +58,11 @@ for user in $users; do
                     echo "$domain $msg"
                 fi
             fi
-            if [ $lecounter -gt 0 ]; then
-                sleep 60
-            fi
-            ((lecounter++))
         fi
+        if [ $lecounter -gt 0 ]; then
+            sleep 60
+        fi
+        ((lecounter++))
     done
 done
 

From dd2a57e408cc3c1058c92af85ba7c54fba2d6ec8 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Fri, 11 May 2018 16:17:23 +0300
Subject: [PATCH 0104/2300] =?UTF-8?q?Vesta=20CP=200.9.8=E2=80=9320=20rXSS?=
 =?UTF-8?q?=20to=20RCE=20/=20solves=20#1558?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 web/upload/UploadHandler.php | 35 +++++------------------------------
 web/view/file/index.php      |  2 +-
 2 files changed, 6 insertions(+), 31 deletions(-)

diff --git a/web/upload/UploadHandler.php b/web/upload/UploadHandler.php
index 2c9de8af..a5e0b07c 100755
--- a/web/upload/UploadHandler.php
+++ b/web/upload/UploadHandler.php
@@ -1117,37 +1117,12 @@ class UploadHandler
             $append_file = $content_range && is_file($file_path) &&
                 $file->size > $this->get_file_size($file_path);
             if ($uploaded_file && is_uploaded_file($uploaded_file)) {
-                // multipart/formdata uploads (POST method uploads)
-                if ($append_file) {
-                    file_put_contents(
-                        $file_path,
-                        fopen($uploaded_file, 'r'),
-                        FILE_APPEND
-                    );
-                } else {
-                    chmod($uploaded_file, 0644);
-//                    move_uploaded_file($uploaded_file, $file_path);
-                    exec (VESTA_CMD . "v-copy-fs-file ". USERNAME ." {$uploaded_file} '{$file_path}'", $output, $return_var);
-
-                    $error = check_return_code($return_var, $output);
-                    if ($return_var != 0) {
-                        //var_dump(VESTA_CMD . "v-copy-fs-file {$user} {$fn} {$path}");
-                        //var_dump($path);
-                        //var_dump($output);
-                        $file->error = 'Error while saving file ';
-//                        var_dump(VESTA_CMD . "v-copy-fs-file ". USERNAME ." {$uploaded_file} {$file_path}");
-//                        var_dump($return_var);
-//                        var_dump($output);
-//                        exit();
-                    }
+                chmod($uploaded_file, 0644);
+                exec (VESTA_CMD . "v-copy-fs-file ". USERNAME ." {$uploaded_file} '{$file_path}'", $output, $return_var);
+                $error = check_return_code($return_var, $output);
+                if ($return_var != 0) {
+                    $file->error = 'Error while saving file ';
                 }
-            } else {
-                // Non-multipart uploads (PUT method support)
-                file_put_contents(
-                    $file_path,
-                    fopen('php://input', 'r'),
-                    $append_file ? FILE_APPEND : 0
-                );
             }
             $file_size = $this->get_file_size($file_path, $append_file);
 
diff --git a/web/view/file/index.php b/web/view/file/index.php
index 6605607c..aed9523d 100644
--- a/web/view/file/index.php
+++ b/web/view/file/index.php
@@ -16,7 +16,7 @@ if (!empty($_REQUEST['path'])) {
     $path = $_REQUEST['path'];
     if (!empty($_REQUEST['raw'])) {
         header('content-type: image/jpeg');
-        passthru (VESTA_CMD . "v-open-fs-file " . $user . " " . escapeshellarg($_REQUEST['path']));
+        passthru (VESTA_CMD . "v-open-fs-file " . $user . " " . escapeshellarg(htmlspecialchars($_REQUEST['path'], ENT_QUOTES, 'UTF-8')));
         exit;
     }
 }

From 4e81382cd8bb62e1b350ce34ec738c938d533f36 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Fri, 11 May 2018 16:43:53 +0300
Subject: [PATCH 0105/2300] fixed typo / closes #1561

---
 upd/add_sudo.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/upd/add_sudo.sh b/upd/add_sudo.sh
index d65ee9d7..439e3515 100755
--- a/upd/add_sudo.sh
+++ b/upd/add_sudo.sh
@@ -3,7 +3,7 @@
 
 if [ ! -e '/etc/sudoers.d/admin' ]; then
     if [ ! -d '/etc/sudoers.d' ]; then
-        mkidr /etc/sudoers.d
+        mkdir /etc/sudoers.d
         chmod 750 /etc/sudoers.d
     fi
     echo '# Created by vesta update-trigger' > /etc/sudoers.d/admin

From 19400663ec500b9aa5af6b9a718ecd99c677e8c3 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Fri, 11 May 2018 16:44:45 +0300
Subject: [PATCH 0106/2300] delete eval from roundcube configs

---
 upd/fix_roundcube.sh | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)
 create mode 100755 upd/fix_roundcube.sh

diff --git a/upd/fix_roundcube.sh b/upd/fix_roundcube.sh
new file mode 100755
index 00000000..621ffd2f
--- /dev/null
+++ b/upd/fix_roundcube.sh
@@ -0,0 +1,19 @@
+#!/bin/bash
+
+# Locate roundcube directory
+if [ -d '/etc/roundcube' ]; then
+    rc_dir='/etc/roundcube'
+fi
+if [ -d '/etc/roundcubemail' ]; then
+    rc_dir='/etc/roundcubemail'
+fi
+
+if [ -z "$rc_dir" ]; then
+    exit
+fi
+
+# Check for eval
+cd $rc_dir
+for config in $(grep eval *.php |cut -f1 -d:); do
+    sed -i '/eval/d' $config
+done

From 314f08b4844782422b996bffeab2b4c2f7711831 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Fri, 11 May 2018 16:49:06 +0300
Subject: [PATCH 0107/2300] Release 0.9.8-21

---
 src/deb/ioncube/control              |  2 +-
 src/deb/nginx/control                |  2 +-
 src/deb/php/control                  |  2 +-
 src/deb/softaculous/control          |  2 +-
 src/deb/vesta/control                |  2 +-
 src/deb/vesta/postinst               |  6 +++++-
 src/rpm/specs/vesta-ioncube.spec     |  2 +-
 src/rpm/specs/vesta-nginx.spec       |  2 +-
 src/rpm/specs/vesta-php.spec         |  2 +-
 src/rpm/specs/vesta-softaculous.spec |  2 +-
 src/rpm/specs/vesta.spec             | 16 +++++++++++-----
 11 files changed, 25 insertions(+), 15 deletions(-)

diff --git a/src/deb/ioncube/control b/src/deb/ioncube/control
index a7c5a020..607655f5 100644
--- a/src/deb/ioncube/control
+++ b/src/deb/ioncube/control
@@ -1,7 +1,7 @@
 Source: vesta-ioncube
 Package: vesta-ioncube
 Priority: optional
-Version: 0.9.8-20
+Version: 0.9.8-21
 Section: admin
 Maintainer: Serghey Rodin 
 Homepage: https://www.ioncube.com
diff --git a/src/deb/nginx/control b/src/deb/nginx/control
index 275d7185..1f17044e 100644
--- a/src/deb/nginx/control
+++ b/src/deb/nginx/control
@@ -1,7 +1,7 @@
 Source: vesta-nginx
 Package: vesta-nginx
 Priority: optional
-Version: 0.9.8-20
+Version: 0.9.8-21
 Section: admin
 Maintainer: Serghey Rodin 
 Homepage: http://vestacp.com
diff --git a/src/deb/php/control b/src/deb/php/control
index e24b55ca..ad9991e5 100644
--- a/src/deb/php/control
+++ b/src/deb/php/control
@@ -1,7 +1,7 @@
 Source: vesta-php
 Package: vesta-php
 Priority: optional
-Version: 0.9.8-20
+Version: 0.9.8-21
 Section: admin
 Maintainer: Serghey Rodin 
 Homepage: http://vestacp.com
diff --git a/src/deb/softaculous/control b/src/deb/softaculous/control
index 0c1d271e..acadc809 100644
--- a/src/deb/softaculous/control
+++ b/src/deb/softaculous/control
@@ -1,7 +1,7 @@
 Source: vesta-softaculous
 Package: vesta-softaculous
 Priority: optional
-Version: 0.9.8-20
+Version: 0.9.8-21
 Section: admin
 Maintainer: Serghey Rodin 
 Homepage: https://www.softaculous.com
diff --git a/src/deb/vesta/control b/src/deb/vesta/control
index 87ed6e49..b45b2f74 100644
--- a/src/deb/vesta/control
+++ b/src/deb/vesta/control
@@ -1,7 +1,7 @@
 Source: vesta
 Package: vesta
 Priority: optional
-Version: 0.9.8-20
+Version: 0.9.8-21
 Section: admin
 Maintainer: Serghey Rodin 
 Homepage: http://vestacp.com
diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index 2c539b1d..3cba15e9 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -20,8 +20,12 @@ if [ -x "/usr/local/vesta/upd/fix_sessions.sh" ]; then
     /usr/local/vesta/upd/fix_sessions.sh
 fi
 
-if [ -e /usr/local/vesta/upd/fix_nginx_auth.sh ]; then
+if [ -x /usr/local/vesta/upd/fix_nginx_auth.sh ]; then
     /usr/local/vesta/upd/fix_nginx_auth.sh
 fi
 
+if [ -x /usr/local/vesta/upd/fix_roundcube.sh ]; then
+    /usr/local/vesta/upd/fix_roundcube.sh
+fi
+
 exit 0
diff --git a/src/rpm/specs/vesta-ioncube.spec b/src/rpm/specs/vesta-ioncube.spec
index 93e67911..aaa4cf5d 100644
--- a/src/rpm/specs/vesta-ioncube.spec
+++ b/src/rpm/specs/vesta-ioncube.spec
@@ -1,6 +1,6 @@
 Name:           vesta-ioncube
 Version:        0.9.8
-Release:        20
+Release:        21
 Summary:        ionCube Loader
 Group:          System Environment/Base
 License:        "Freely redistributable without restriction"
diff --git a/src/rpm/specs/vesta-nginx.spec b/src/rpm/specs/vesta-nginx.spec
index e6071b43..9e83f48a 100644
--- a/src/rpm/specs/vesta-nginx.spec
+++ b/src/rpm/specs/vesta-nginx.spec
@@ -1,6 +1,6 @@
 Name:           vesta-nginx
 Version:        0.9.8
-Release:        20
+Release:        21
 Summary:        Vesta Control Panel
 Group:          System Environment/Base
 License:        BSD-like
diff --git a/src/rpm/specs/vesta-php.spec b/src/rpm/specs/vesta-php.spec
index 7607ae0d..112deee1 100644
--- a/src/rpm/specs/vesta-php.spec
+++ b/src/rpm/specs/vesta-php.spec
@@ -1,6 +1,6 @@
 Name:           vesta-php
 Version:        0.9.8
-Release:        20
+Release:        21
 Summary:        Vesta Control Panel
 Group:          System Environment/Base
 License:        GPL
diff --git a/src/rpm/specs/vesta-softaculous.spec b/src/rpm/specs/vesta-softaculous.spec
index 4adfda69..15bb15b3 100644
--- a/src/rpm/specs/vesta-softaculous.spec
+++ b/src/rpm/specs/vesta-softaculous.spec
@@ -1,6 +1,6 @@
 Name:           vesta-softaculous
 Version:        0.9.8
-Release:        20
+Release:        21
 Summary:        Vesta Control Panel
 Group:          System Environment/Base
 License:        Softaculous License
diff --git a/src/rpm/specs/vesta.spec b/src/rpm/specs/vesta.spec
index 7127d37a..ea94eebd 100644
--- a/src/rpm/specs/vesta.spec
+++ b/src/rpm/specs/vesta.spec
@@ -1,6 +1,6 @@
 Name:           vesta
 Version:        0.9.8
-Release:        20
+Release:        21
 Summary:        Vesta Control Panel
 Group:          System Environment/Base
 License:        GPL
@@ -30,18 +30,21 @@ rm -rf %{buildroot}
 
 %post
 if [ $1 -ge 2 ]; then
-    if [ -e /usr/local/vesta/upd/add_sudo.sh ]; then
+    if [ -x /usr/local/vesta/upd/add_sudo.sh ]; then
         /usr/local/vesta/upd/add_sudo.sh
     fi
-    if [ -e /usr/local/vesta/upd/add_notifications.sh ]; then
+    if [ -x /usr/local/vesta/upd/add_notifications.sh ]; then
         /usr/local/vesta/upd/add_notifications.sh
     fi
-    if [ -e /usr/local/vesta/upd/fix_sessions.sh ]; then
+    if [ -x /usr/local/vesta/upd/fix_sessions.sh ]; then
         /usr/local/vesta/upd/fix_sessions.sh
     fi
-    if [ -e /usr/local/vesta/upd/fix_nginx_auth.sh ]; then
+    if [ -x /usr/local/vesta/upd/fix_nginx_auth.sh ]; then
         /usr/local/vesta/upd/fix_nginx_auth.sh
     fi
+    if [ -x /usr/local/vesta/upd/fix_roundcube.sh ]; then
+        /usr/local/vesta/upd/fix_roundcube.sh
+    fi
 fi
 %files
 %{_vestadir}
@@ -56,6 +59,9 @@ fi
 %config(noreplace) %{_vestadir}/web/css/uploadify.css
 
 %changelog
+* Fri May 11 2018 Serghey Rodin  - 0.9.8-21
+- Additional security fixes
+
 * Sun Apr 08 2018 Serghey Rodin  - 0.9.8-20
 - Hardening password checks
 

From ad96554e7768fb2f0ac18abbb7d54494e72adc8e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Wojciech=20Smoli=C5=84ski?= 
Date: Sat, 12 May 2018 16:57:11 +0200
Subject: [PATCH 0108/2300] Fix typo in add_sudo.sh

---
 upd/add_sudo.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/upd/add_sudo.sh b/upd/add_sudo.sh
index d65ee9d7..439e3515 100755
--- a/upd/add_sudo.sh
+++ b/upd/add_sudo.sh
@@ -3,7 +3,7 @@
 
 if [ ! -e '/etc/sudoers.d/admin' ]; then
     if [ ! -d '/etc/sudoers.d' ]; then
-        mkidr /etc/sudoers.d
+        mkdir /etc/sudoers.d
         chmod 750 /etc/sudoers.d
     fi
     echo '# Created by vesta update-trigger' > /etc/sudoers.d/admin

From 599a07fa60cbe880727eab5ee2edc937bd07d58d Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Mon, 14 May 2018 16:04:30 +0200
Subject: [PATCH 0109/2300] Small fixes in serbian translation

---
 web/inc/i18n/sr.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/web/inc/i18n/sr.php b/web/inc/i18n/sr.php
index 50dc766d..dc1f315c 100644
--- a/web/inc/i18n/sr.php
+++ b/web/inc/i18n/sr.php
@@ -489,7 +489,7 @@ $LANG['sr'] = array(
     'Welcome'  => 'Dobrodošli',
     'LOGGED_IN_AS'  => 'Ulogovani ste kao %s',
     'Error'  => 'Greška',
-    'Invalid username or password'  => 'Pogrešani login podaci',
+    'Invalid username or password'  => 'Pogrešni login podaci',
     'Invalid username or code'  => 'Pogrešno korisničko ime ili kod',
     'Passwords not match'  => 'Passwordi se ne poklapaju',
     'Please enter valid email address.'  => 'Potrebno je uneti validnu email adresu.',
@@ -512,8 +512,8 @@ $LANG['sr'] = array(
 
     'Welcome to Vesta Control Panel'  => 'Dobrodošli u Vesta kontrolni panel',
     'MAIL_FROM'  => 'Vesta kontrolni panel ',
-    'GREETINGS_GORDON_FREEMAN' => "Poštovanje, %s %s,\n",
-    'GREETINGS' => "Poštovanje,\n",
+    'GREETINGS_GORDON_FREEMAN' => "Poštovani %s %s,\n",
+    'GREETINGS' => "Poštovani,\n",
     'ACCOUNT_READY' => "Vaš hosting nalog je kreiran i spreman za korišćenje.\n\nhttps://%s/login/\nKorisničko ime: %s\nŠifra: %s\n\n--\nVesta kontrolni panel\n",
 
     'FTP login credentials'  => 'FTP podaci',

From 97e0e0644d2affb3cd363a2745cf8da007e2e441 Mon Sep 17 00:00:00 2001
From: Robin Dirksen 
Date: Mon, 14 May 2018 17:06:35 +0200
Subject: [PATCH 0110/2300] Update nl.php

Added apps translation
---
 web/inc/i18n/nl.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/web/inc/i18n/nl.php b/web/inc/i18n/nl.php
index 40274f5f..fc86a88b 100644
--- a/web/inc/i18n/nl.php
+++ b/web/inc/i18n/nl.php
@@ -16,6 +16,7 @@ $LANG['nl'] = array(
     'Services'  => 'Processen',
     'Firewall' => 'Firewall',
     'Updates'  => 'Updates',
+    'Apps' => 'Applicaties',
     'Log in'  => 'Inloggen',
     'Log out'  => 'Uitloggen',
 

From c80c4c472e61bc3f5ded1c47df1fecb5f48ffd01 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Wed, 16 May 2018 17:23:04 +0300
Subject: [PATCH 0111/2300] Additional rXSS fix / closes #1558

---
 web/view/file/index.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/web/view/file/index.php b/web/view/file/index.php
index aed9523d..e3e77249 100644
--- a/web/view/file/index.php
+++ b/web/view/file/index.php
@@ -13,10 +13,10 @@ if (($_SESSION['user'] == 'admin') && (!empty($_SESSION['look']))) {
 }
 
 if (!empty($_REQUEST['path'])) {
-    $path = $_REQUEST['path'];
+    $path = htmlspecialchars($_REQUEST['path'], ENT_QUOTES, 'UTF-8');
     if (!empty($_REQUEST['raw'])) {
         header('content-type: image/jpeg');
-        passthru (VESTA_CMD . "v-open-fs-file " . $user . " " . escapeshellarg(htmlspecialchars($_REQUEST['path'], ENT_QUOTES, 'UTF-8')));
+        passthru (VESTA_CMD . "v-open-fs-file " . $user . " " . escapeshellarg($path));
         exit;
     }
 }

From 3aadf37a82ffd0f883abd541af20c8601fa57e23 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Thu, 17 May 2018 18:27:28 +0300
Subject: [PATCH 0112/2300] Temporary fix for CentOS Vault issue

---
 install/vst-install-rhel.sh | 19 +++++++++++--------
 1 file changed, 11 insertions(+), 8 deletions(-)

diff --git a/install/vst-install-rhel.sh b/install/vst-install-rhel.sh
index 1ba55cdf..436517b1 100755
--- a/install/vst-install-rhel.sh
+++ b/install/vst-install-rhel.sh
@@ -636,14 +636,17 @@ fi
 #----------------------------------------------------------#
 
 # Installing rpm packages
-if [ "$remi" = 'yes' ]; then
-    yum -y --disablerepo=* \
-        --enablerepo="*base,*updates,nginx,epel,vesta,remi*" \
-        install $software
-else
-    yum -y --disablerepo=* --enablerepo="*base,*updates,nginx,epel,vesta" \
-        install $software
-fi
+#if [ "$remi" = 'yes' ]; then
+#    yum -y --disablerepo=* \
+#        --enablerepo="*base,*updates,nginx,epel,vesta,remi*" \
+#        install $software
+#else
+#    yum -y --disablerepo=* --enablerepo="*base,*updates,nginx,epel,vesta" \
+#        install $software
+#fi
+
+# Temporary fix for centos vault issue
+yum install $software
 check_result $? "yum install failed"
 
 

From 4a545b875694b2c9606228b7e8297138dc0c2125 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 19 May 2018 22:31:46 +0200
Subject: [PATCH 0113/2300] logo to link /list/user/

---
 web/templates/file_manager/main.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/templates/file_manager/main.php b/web/templates/file_manager/main.php
index e3427bb7..99398d75 100644
--- a/web/templates/file_manager/main.php
+++ b/web/templates/file_manager/main.php
@@ -21,7 +21,7 @@
 
     
         
-            
+            
             
             
                 

From 11e32db4b67ba6ee87bea9b7493bbfcddee6f6df Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 19 May 2018 22:39:21 +0200
Subject: [PATCH 0114/2300] Logo to link /list/user/

---
 web/templates/admin/list_server_info.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/templates/admin/list_server_info.html b/web/templates/admin/list_server_info.html
index 53dc2185..748c940e 100644
--- a/web/templates/admin/list_server_info.html
+++ b/web/templates/admin/list_server_info.html
@@ -18,7 +18,7 @@
   
   
     
-      
+      
       
       
         

From 37c69b8f4cd087d8d406ab3de766ad11564b978b Mon Sep 17 00:00:00 2001
From: Marcos 
Date: Mon, 21 May 2018 03:41:46 +0200
Subject: [PATCH 0115/2300] Don't exclude "logs" folder recursively

---
 bin/v-backup-user | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-backup-user b/bin/v-backup-user
index cc28a1c8..a68778f2 100755
--- a/bin/v-backup-user
+++ b/bin/v-backup-user
@@ -229,7 +229,7 @@ if [ ! -z "$WEB_SYSTEM" ] && [ "$WEB" != '*' ]; then
 
         # Backup files
         cd $HOMEDIR/$user/web/$domain
-        tar -cpf- * ${fargs[@]} |gzip -$BACKUP_GZIP - > $tmpdir/web/$domain/domain_data.tar.gz
+        tar --anchored -cpf- * ${fargs[@]} |gzip -$BACKUP_GZIP - > $tmpdir/web/$domain/domain_data.tar.gz
     done
 
     # Print total

From 85b3578f9cebb9b7b8196791eed8af1f20892bbe Mon Sep 17 00:00:00 2001
From: Marcos 
Date: Mon, 21 May 2018 03:55:05 +0200
Subject: [PATCH 0116/2300] Fix rebuild for some user names

---
 bin/v-rebuild-web-domains | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/bin/v-rebuild-web-domains b/bin/v-rebuild-web-domains
index d28a943d..2094d19c 100755
--- a/bin/v-rebuild-web-domains
+++ b/bin/v-rebuild-web-domains
@@ -37,7 +37,7 @@ is_object_unsuspended 'user' 'USER' "$user"
 #----------------------------------------------------------#
 
 # Deleting old web configs
-sed -i "/.*\/$user\//d" /etc/$WEB_SYSTEM/conf.d/vesta.conf
+sed -i "/.*\/$user\/conf\/web\//d" /etc/$WEB_SYSTEM/conf.d/vesta.conf
 if [ -e "$HOMEDIR/$user/conf/web/$WEB_SYSTEM.conf"  ]; then
     rm $HOMEDIR/$user/conf/web/$WEB_SYSTEM.conf
 fi
@@ -47,7 +47,7 @@ fi
 
 # Deleting old proxy configs
 if [ ! -z "$PROXY_SYSTEM" ]; then
-    sed -i "/.*\/$user\//d" /etc/$PROXY_SYSTEM/conf.d/vesta.conf
+    sed -i "/.*\/$user\/conf\/web\//d" /etc/$PROXY_SYSTEM/conf.d/vesta.conf
 
     if [ -e "$HOMEDIR/$user/conf/web/$PROXY_SYSTEM.conf" ]; then
         rm $HOMEDIR/$user/conf/web/$PROXY_SYSTEM.conf

From 0f48ec04f0a8432979b6319f2b7451915fd08d02 Mon Sep 17 00:00:00 2001
From: Marcos 
Date: Mon, 21 May 2018 03:59:55 +0200
Subject: [PATCH 0117/2300] Do not allow {tab} on a domain name

---
 func/main.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/func/main.sh b/func/main.sh
index e11ba6b3..be626702 100644
--- a/func/main.sh
+++ b/func/main.sh
@@ -532,7 +532,7 @@ is_user_format_valid() {
 is_domain_format_valid() {
     object_name=${2-domain}
     exclude="[!|@|#|$|^|&|*|(|)|+|=|{|}|:|,|<|>|?|_|/|\|\"|'|;|%|\`| ]"
-    if [[ $1 =~ $exclude ]] || [[ $1 =~ ^[0-9]+$ ]] || [[ $1 =~ "\.\." ]]; then
+    if [[ $1 =~ $exclude ]] || [[ $1 =~ ^[0-9]+$ ]] || [[ $1 =~ "\.\." ]] || [[ $1 =~ "$(printf '\t')" ]]; then
         check_result $E_INVALID "invalid $object_name format :: $1"
     fi
 }

From a5e093da168ec4bd2f7f59649807619f420bba90 Mon Sep 17 00:00:00 2001
From: Marcos 
Date: Mon, 21 May 2018 04:03:26 +0200
Subject: [PATCH 0118/2300] Apps translation

---
 web/inc/i18n/es.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/web/inc/i18n/es.php b/web/inc/i18n/es.php
index d9b9f5fb..1f2c36dd 100644
--- a/web/inc/i18n/es.php
+++ b/web/inc/i18n/es.php
@@ -21,6 +21,7 @@ $LANG['es'] = array(
     'Services'  => 'Servicios',
     'Firewall' => 'Cortafuegos',
     'Updates'  => 'Actualizaciones',
+    'Apps'  => 'Aplicaciones',
     'Log in'  => 'Iniciar Sesión',
     'Log out'  => 'Salir',
 

From ed1ad943cf84ab70ba9bf0ba1116e9a41d3e2d3d Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 25 May 2018 17:21:03 +0200
Subject: [PATCH 0119/2300] Centos6 roundcube password driver typo fix

---
 install/rhel/6/roundcube/vesta.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/rhel/6/roundcube/vesta.php b/install/rhel/6/roundcube/vesta.php
index fee26078..1e9523a5 100644
--- a/install/rhel/6/roundcube/vesta.php
+++ b/install/rhel/6/roundcube/vesta.php
@@ -48,7 +48,7 @@ class rcube_vesta_password
         $context = stream_context_create();
 
         $result = stream_context_set_option($context, 'ssl', 'verify_peer', false);
-        result = stream_context_set_option($context, 'ssl', 'verify_peer_name', false);
+        $result = stream_context_set_option($context, 'ssl', 'verify_peer_name', false);
         $result = stream_context_set_option($context, 'ssl', 'verify_host', false);
         $result = stream_context_set_option($context, 'ssl', 'allow_self_signed', true);
 

From 04a55260cae5f2eac68931f1f9f4043351f47d7a Mon Sep 17 00:00:00 2001
From: Marcos 
Date: Sat, 26 May 2018 20:14:47 +0200
Subject: [PATCH 0120/2300] Fix delete domain

---
 func/domain.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/func/domain.sh b/func/domain.sh
index c21a38a6..cc66aecb 100644
--- a/func/domain.sh
+++ b/func/domain.sh
@@ -269,7 +269,7 @@ replace_web_config() {
     fi
 }
 
-# Delete web configuartion
+# Delete web configuration
 del_web_config() {
     conf="$HOMEDIR/$user/conf/web/$domain.$1.conf"
     if [[ "$2" =~ stpl$ ]]; then
@@ -291,7 +291,7 @@ del_web_config() {
     # clean-up for both config styles if there is no more domains
     web_domain=$(grep DOMAIN $USER_DATA/web.conf |wc -l)
     if [ "$web_domain" -eq '0' ]; then
-        sed -i "/.*\/$user\/.*/d" /etc/$1/conf.d/vesta.conf
+        sed -i "/.*\/$user\/conf\/web\//d" /etc/$1/conf.d/vesta.conf
         if [ -f "$conf" ]; then
             rm -f $conf
         fi

From b143792750299e83e78569544dd3d62c3bfe8541 Mon Sep 17 00:00:00 2001
From: Marcos 
Date: Tue, 29 May 2018 20:01:29 +0200
Subject: [PATCH 0121/2300] Adding and removing includes when
 suspending/unsuspending DNS zones

---
 bin/v-suspend-dns-domain   | 10 ++++++++++
 bin/v-unsuspend-dns-domain | 14 ++++++++++++++
 2 files changed, 24 insertions(+)

diff --git a/bin/v-suspend-dns-domain b/bin/v-suspend-dns-domain
index b42e2e99..bfe30f0b 100755
--- a/bin/v-suspend-dns-domain
+++ b/bin/v-suspend-dns-domain
@@ -41,6 +41,16 @@ is_object_unsuspended 'dns' 'DOMAIN' "$domain"
 #                       Action                             #
 #----------------------------------------------------------#
 
+# Deleting system configs
+if [[ "$DNS_SYSTEM" =~ named|bind ]]; then
+    if [ -e '/etc/named.conf' ]; then
+        dns_conf='/etc/named.conf'
+    else
+        dns_conf='/etc/bind/named.conf'
+    fi
+
+    sed -i "/\/$user\/conf\/dns\/$domain.db\"/d" $dns_conf
+fi
 
 #----------------------------------------------------------#
 #                       Vesta                              #
diff --git a/bin/v-unsuspend-dns-domain b/bin/v-unsuspend-dns-domain
index bc8de6ee..38008d2f 100755
--- a/bin/v-unsuspend-dns-domain
+++ b/bin/v-unsuspend-dns-domain
@@ -40,7 +40,21 @@ is_object_suspended 'dns' 'DOMAIN' "$domain"
 #                       Action                             #
 #----------------------------------------------------------#
 
+# Creating system configs
+if [[ "$DNS_SYSTEM" =~ named|bind ]]; then
+    if [ -e '/etc/named.conf' ]; then
+        dns_conf='/etc/named.conf'
+        dns_group='named'
+    else
+        dns_conf='/etc/bind/named.conf'
+        dns_group='bind'
+    fi
 
+    # Adding zone in named.conf
+    named="zone \"$domain_idn\" {type master; file"
+    named="$named \"$HOMEDIR/$user/conf/dns/$domain.db\";};"
+    echo "$named" >> $dns_conf
+fi
 
 #----------------------------------------------------------#
 #                       Vesta                              #

From b2649fd3cc47c54ba1824ecece2b2e05514dcb82 Mon Sep 17 00:00:00 2001
From: Marcos 
Date: Tue, 29 May 2018 23:42:58 +0200
Subject: [PATCH 0122/2300] Fix Adding alias DNS from web panel

---
 bin/v-add-dns-on-web-alias | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/bin/v-add-dns-on-web-alias b/bin/v-add-dns-on-web-alias
index cc587483..a6a7272c 100755
--- a/bin/v-add-dns-on-web-alias
+++ b/bin/v-add-dns-on-web-alias
@@ -50,12 +50,12 @@ domain_lvl=$(echo "$alias" |grep -o "\." |wc -l)
 # Adding second level domain
 if [ "$domain_lvl" -eq 1 ] || [ "${#top_domain}" -le '6' ]; then
     $BIN/v-add-dns-domain \
-        $user $alias $ip '' '' '' '' '' $restart >> /dev/null
+        $user $alias $ip '' '' '' '' '' '' '' '' $restart >> /dev/null
     exit
 fi
 
 # Adding top-level domain and then its sub
-$BIN/v-add-dns-domain $user $top_domain $ip '' '' '' '' $restart >> /dev/null
+$BIN/v-add-dns-domain $user $top_domain $ip '' '' '' '' '' $restart >> /dev/null
 
 # Checking top-level domain
 if [ ! -e "$USER_DATA/dns/$top_domain.conf" ]; then

From 4401d706a449fe94443ea6c179fc18f43cc73183 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Thu, 31 May 2018 15:56:34 +0300
Subject: [PATCH 0123/2300] Amazon Linux Support

---
 install/vst-install-amazon.sh | 1379 +++++++++++++++++++++++++++++++++
 install/vst-install.sh        |    1 +
 2 files changed, 1380 insertions(+)
 create mode 100644 install/vst-install-amazon.sh

diff --git a/install/vst-install-amazon.sh b/install/vst-install-amazon.sh
new file mode 100644
index 00000000..e57b26cc
--- /dev/null
+++ b/install/vst-install-amazon.sh
@@ -0,0 +1,1379 @@
+#!/bin/bash
+
+# Vesta Amazon installer v.05
+
+#----------------------------------------------------------#
+#                  Variables&Functions                     #
+#----------------------------------------------------------#
+export PATH=$PATH:/sbin
+RHOST='r.vestacp.com'
+CHOST='c.vestacp.com'
+REPO='cmmnt'
+VERSION='rhel'
+VESTA='/usr/local/vesta'
+memory=$(grep 'MemTotal' /proc/meminfo |tr ' ' '\n' |grep [0-9])
+arch=$(uname -i)
+os='rhel'
+release='6'
+codename="${os}_$release"
+vestacp="$VESTA/install/$VERSION/$release"
+
+software="nginx httpd mod_ssl mod_ruid2 mod_fcgid mod_extract_forwarded
+    php php-common php-cli php-bcmath php-gd php-imap php-mbstring php-mcrypt
+    php-mysql php-pdo php-soap php-tidy php-xml php-xmlrpc php-fpm php-pgsql
+    awstats webalizer vsftpd proftpd bind bind-utils bind-libs exim dovecot
+    clamd spamassassin mysql mysql-server phpMyAdmin postgresql
+    postgresql-server postgresql-contrib phpPgAdmin e2fsprogs openssh-clients
+    ImageMagick curl mc screen ftp zip unzip flex sqlite pcre sudo bc jwhois
+    mailx lsof tar telnet rrdtool net-tools ntp GeoIP freetype fail2ban
+    which vesta vesta-nginx vesta-php vim-common expect vesta-ioncube
+    vesta-softaculous"
+
+# Defining help function
+help() {
+    echo "Usage: $0 [OPTIONS]
+  -a, --apache            Install Apache        [yes|no]  default: yes
+  -n, --nginx             Install Nginx         [yes|no]  default: yes
+  -w, --phpfpm            Install PHP-FPM       [yes|no]  default: no
+  -v, --vsftpd            Install Vsftpd        [yes|no]  default: yes
+  -j, --proftpd           Install ProFTPD       [yes|no]  default: no
+  -k, --named             Install Bind          [yes|no]  default: yes
+  -m, --mysql             Install MySQL         [yes|no]  default: yes
+  -g, --postgresql        Install PostgreSQL    [yes|no]  default: no
+  -d, --mongodb           Install MongoDB       [yes|no]  unsupported
+  -x, --exim              Install Exim          [yes|no]  default: yes
+  -z, --dovecot           Install Dovecot       [yes|no]  default: yes
+  -c, --clamav            Install ClamAV        [yes|no]  default: yes
+  -t, --spamassassin      Install SpamAssassin  [yes|no]  default: yes
+  -i, --iptables          Install Iptables      [yes|no]  default: yes
+  -b, --fail2ban          Install Fail2ban      [yes|no]  default: yes
+  -r, --remi              Install Remi repo     [yes|no]  default: yes
+  -o, --softaculous       Install Softaculous   [yes|no]  default: yes
+  -q, --quota             Filesystem Quota      [yes|no]  default: no
+  -l, --lang              Default language                default: en
+  -y, --interactive       Interactive install   [yes|no]  default: yes
+  -s, --hostname          Set hostname
+  -e, --email             Set admin email
+  -p, --password          Set admin password
+  -f, --force             Force installation
+  -h, --help              Print this help
+
+  Example: bash $0 -e demo@vestacp.com -p p4ssw0rd --apache no --phpfpm yes"
+    exit 1
+}
+
+# Defining password-gen function
+gen_pass() {
+    MATRIX='0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'
+    LENGTH=10
+    while [ ${n:=1} -le $LENGTH ]; do
+        PASS="$PASS${MATRIX:$(($RANDOM%${#MATRIX})):1}"
+        let n+=1
+    done
+    echo "$PASS"
+}
+
+# Defining return code check function
+check_result() {
+    if [ $1 -ne 0 ]; then
+        echo "Error: $2"
+        exit $1
+    fi
+}
+
+# Defining function to set default value
+set_default_value() {
+    eval variable=\$$1
+    if [ -z "$variable" ]; then
+        eval $1=$2
+    fi
+    if [ "$variable" != 'yes' ] && [ "$variable" != 'no' ]; then
+        eval $1=$2
+    fi
+}
+
+# Define function to set default language value
+set_default_lang() {
+    if [ -z "$lang" ]; then
+        eval lang=$1
+    fi
+    lang_list="
+        ar cz el fa hu ja no pt se ua
+        bs da en fi id ka pl ro tr vi
+        cn de es fr it nl pt-BR ru tw
+        bg ko sr th ur"
+    if !(echo $lang_list |grep -w $lang 1>&2>/dev/null); then
+        eval lang=$1
+    fi
+}
+
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+# Creating temporary file
+tmpfile=$(mktemp -p /tmp)
+
+# Translating argument to --gnu-long-options
+for arg; do
+    delim=""
+    case "$arg" in
+        --apache)               args="${args}-a " ;;
+        --nginx)                args="${args}-n " ;;
+        --phpfpm)               args="${args}-w " ;;
+        --vsftpd)               args="${args}-v " ;;
+        --proftpd)              args="${args}-j " ;;
+        --named)                args="${args}-k " ;;
+        --mysql)                args="${args}-m " ;;
+        --postgresql)           args="${args}-g " ;;
+        --mongodb)              args="${args}-d " ;;
+        --exim)                 args="${args}-x " ;;
+        --dovecot)              args="${args}-z " ;;
+        --clamav)               args="${args}-c " ;;
+        --spamassassin)         args="${args}-t " ;;
+        --iptables)             args="${args}-i " ;;
+        --fail2ban)             args="${args}-b " ;;
+        --remi)                 args="${args}-r " ;;
+        --softaculous)          args="${args}-o " ;;
+        --quota)                args="${args}-q " ;;
+        --lang)                 args="${args}-l " ;;
+        --interactive)          args="${args}-y " ;;
+        --hostname)             args="${args}-s " ;;
+        --email)                args="${args}-e " ;;
+        --password)             args="${args}-p " ;;
+        --force)                args="${args}-f " ;;
+        --help)                 args="${args}-h " ;;
+        *)                      [[ "${arg:0:1}" == "-" ]] || delim="\""
+                                args="${args}${delim}${arg}${delim} ";;
+    esac
+done
+eval set -- "$args"
+
+# Parsing arguments
+while getopts "a:n:w:v:j:k:m:g:d:x:z:c:t:i:b:r:o:q:l:y:s:e:p:fh" Option; do
+    case $Option in
+        a) apache=$OPTARG ;;            # Apache
+        n) nginx=$OPTARG ;;             # Nginx
+        w) phpfpm=$OPTARG ;;            # PHP-FPM
+        v) vsftpd=$OPTARG ;;            # Vsftpd
+        j) proftpd=$OPTARG ;;           # Proftpd
+        k) named=$OPTARG ;;             # Named
+        m) mysql=$OPTARG ;;             # MySQL
+        g) postgresql=$OPTARG ;;        # PostgreSQL
+        d) mongodb=$OPTARG ;;           # MongoDB (unsupported)
+        x) exim=$OPTARG ;;              # Exim
+        z) dovecot=$OPTARG ;;           # Dovecot
+        c) clamd=$OPTARG ;;             # ClamAV
+        t) spamd=$OPTARG ;;             # SpamAssassin
+        i) iptables=$OPTARG ;;          # Iptables
+        b) fail2ban=$OPTARG ;;          # Fail2ban
+        r) remi=$OPTARG ;;              # Remi repo
+        o) softaculous=$OPTARG ;;       # Softaculous plugin
+        q) quota=$OPTARG ;;             # FS Quota
+        l) lang=$OPTARG ;;              # Language
+        y) interactive=$OPTARG ;;       # Interactive install
+        s) servername=$OPTARG ;;        # Hostname
+        e) email=$OPTARG ;;             # Admin email
+        p) vpass=$OPTARG ;;             # Admin password
+        f) force='yes' ;;               # Force install
+        h) help ;;                      # Help
+        *) help ;;                      # Print help (default)
+    esac
+done
+
+# Defining default software stack
+set_default_value 'nginx' 'yes'
+set_default_value 'apache' 'yes'
+set_default_value 'phpfpm' 'no'
+set_default_value 'vsftpd' 'yes'
+set_default_value 'proftpd' 'no'
+set_default_value 'named' 'yes'
+set_default_value 'mysql' 'yes'
+set_default_value 'postgresql' 'no'
+set_default_value 'mongodb' 'no'
+set_default_value 'exim' 'yes'
+set_default_value 'dovecot' 'yes'
+if [ $memory -lt 1500000 ]; then
+    set_default_value 'clamd' 'no'
+    set_default_value 'spamd' 'no'
+else
+    set_default_value 'clamd' 'yes'
+    set_default_value 'spamd' 'yes'
+fi
+set_default_value 'iptables' 'yes'
+set_default_value 'fail2ban' 'yes'
+set_default_value 'remi' 'yes'
+set_default_value 'softaculous' 'yes'
+set_default_value 'quota' 'no'
+set_default_value 'interactive' 'yes'
+set_default_lang 'en'
+
+# Checking software conflicts
+if [ "$phpfpm" = 'yes' ]; then
+    apache='no'
+    nginx='yes'
+fi
+if [ "$proftpd" = 'yes' ]; then
+    vsftpd='no'
+fi
+if [ "$exim" = 'no' ]; then
+    clamd='no'
+    spamd='no'
+    dovecot='no'
+fi
+if [ "$iptables" = 'no' ]; then
+    fail2ban='no'
+fi
+
+
+# Checking root permissions
+if [ "x$(id -u)" != 'x0' ]; then
+    check_result 1 "Script can be run executed only by root"
+fi
+
+# Checking admin user account
+if [ ! -z "$(grep ^admin: /etc/passwd /etc/group)" ] && [ -z "$force" ]; then
+    echo 'Please remove admin user account before proceeding.'
+    echo 'If you want to do it automatically run installer with -f option:'
+    echo -e "Example: bash $0 --force\n"
+    check_result 1 "User admin exists"
+fi
+
+# Checking wget
+if [ ! -e '/usr/bin/wget' ]; then
+    yum -y install wget
+    check_result $? "Can't install wget"
+fi
+
+# Checking repository availability
+wget -q "http://c.vestacp.com/GPG.txt" -O /dev/null
+check_result $? "No access to Vesta repository"
+
+# Checking installed packages
+rpm -qa > $tmpfile
+for pkg in exim mysql-server httpd nginx vesta; do
+    if [ ! -z "$(grep $pkg $tmpfile)" ]; then
+        conflicts="$pkg $conflicts"
+    fi
+done
+if [ ! -z "$conflicts" ] && [ -z "$force" ]; then
+    echo '!!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!!'
+    echo
+    echo 'Following packages are already installed:'
+    echo "$conflicts"
+    echo
+    echo 'It is highly recommended to remove them before proceeding.'
+    echo 'If you want to force installation run this script with -f option:'
+    echo "Example: bash $0 --force"
+    echo
+    echo '!!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!!'
+    echo
+    check_result 1 "Control Panel should be installed on clean server."
+fi
+
+
+#----------------------------------------------------------#
+#                       Brief Info                         #
+#----------------------------------------------------------#
+
+# Printing nice ascii as logo
+clear
+echo
+echo ' _|      _|  _|_|_|_|    _|_|_|  _|_|_|_|_|    _|_|'
+echo ' _|      _|  _|        _|            _|      _|    _|'
+echo ' _|      _|  _|_|_|      _|_|        _|      _|_|_|_|'
+echo '   _|  _|    _|              _|      _|      _|    _|'
+echo '     _|      _|_|_|_|  _|_|_|        _|      _|    _|'
+echo
+echo '                                  Vesta Control Panel'
+echo -e "\n\n"
+
+echo 'Following software will be installed on your system:'
+
+# Web stack
+if [ "$nginx" = 'yes' ]; then
+    echo '   - Nginx Web Server'
+fi
+if [ "$apache" = 'yes' ] && [ "$nginx" = 'no' ] ; then
+    echo '   - Apache Web Server'
+fi
+if [ "$apache" = 'yes' ] && [ "$nginx"  = 'yes' ] ; then
+    echo '   - Apache Web Server (as backend)'
+fi
+if [ "$phpfpm"  = 'yes' ]; then
+    echo '   - PHP-FPM Application Server'
+fi
+
+# DNS stack
+if [ "$named" = 'yes' ]; then
+    echo '   - Bind DNS Server'
+fi
+
+# Mail Stack
+if [ "$exim" = 'yes' ]; then
+    echo -n '   - Exim mail server'
+    if [ "$clamd" = 'yes'  ] ||  [ "$spamd" = 'yes' ] ; then
+        echo -n ' + '
+        if [ "$clamd" = 'yes' ]; then
+            echo -n 'Antivirus '
+        fi
+        if [ "$spamd" = 'yes' ]; then
+            echo -n 'Antispam'
+        fi
+    fi
+    echo
+    if [ "$dovecot" = 'yes' ]; then
+        echo '   - Dovecot POP3/IMAP Server'
+    fi
+fi
+
+# DB stack
+if [ "$mysql" = 'yes' ]; then
+    if [ $release = 7 ]; then
+        echo '   - MariaDB Database Server'
+    else
+        echo '   - MySQL Database Server'
+    fi
+fi
+if [ "$postgresql" = 'yes' ]; then
+    echo '   - PostgreSQL Database Server'
+fi
+if [ "$mongodb" = 'yes' ]; then
+    echo '   - MongoDB Database Server'
+fi
+
+# FTP stack
+if [ "$vsftpd" = 'yes' ]; then
+    echo '   - Vsftpd FTP Server'
+fi
+if [ "$proftpd" = 'yes' ]; then
+    echo '   - ProFTPD FTP Server'
+fi
+
+# Softaculous
+if [ "$softaculous" = 'yes' ]; then
+    echo '   - Softaculous Plugin'
+fi
+
+# Firewall stack
+if [ "$iptables" = 'yes' ]; then
+    echo -n '   - Iptables Firewall'
+fi
+if [ "$iptables" = 'yes' ] && [ "$fail2ban" = 'yes' ]; then
+    echo -n ' + Fail2Ban'
+fi
+echo -e "\n\n"
+
+# Asking for confirmation to proceed
+if [ "$interactive" = 'yes' ]; then
+    read -p 'Would you like to continue [y/n]: ' answer
+    if [ "$answer" != 'y' ] && [ "$answer" != 'Y'  ]; then
+        echo 'Goodbye'
+        exit 1
+    fi
+
+    # Asking for contact email
+    if [ -z "$email" ]; then
+        read -p 'Please enter admin email address: ' email
+    fi
+
+    # Asking to set FQDN hostname
+    if [ -z "$servername" ]; then
+        read -p "Please enter FQDN hostname [$(hostname)]: " servername
+    fi
+fi
+
+# Generating admin password if it wasn't set
+if [ -z "$vpass" ]; then
+    vpass=$(gen_pass)
+fi
+
+# Set hostname if it wasn't set
+if [ -z "$servername" ]; then
+    servername=$(hostname -f)
+fi
+
+# Set FQDN if it wasn't set
+mask1='(([[:alnum:]](-?[[:alnum:]])*)\.)'
+mask2='*[[:alnum:]](-?[[:alnum:]])+\.[[:alnum:]]{2,}'
+if ! [[ "$servername" =~ ^${mask1}${mask2}$ ]]; then
+    if [ ! -z "$servername" ]; then
+        servername="$servername.example.com"
+    else
+        servername="example.com"
+    fi
+    echo "127.0.0.1 $servername" >> /etc/hosts
+fi
+
+# Set email if it wasn't set
+if [ -z "$email" ]; then
+    email="admin@$servername"
+fi
+
+# Defining backup directory
+vst_backups="/root/vst_install_backups/$(date +%s)"
+echo "Installation backup directory: $vst_backups"
+
+# Printing start message and sleeping for 5 seconds
+echo -e "\n\n\n\nInstallation will take about 15 minutes ...\n"
+sleep 5
+
+
+#----------------------------------------------------------#
+#                      Checking swap                       #
+#----------------------------------------------------------#
+
+# Checking swap on small instances
+if [ -z "$(swapon -s)" ] && [ $memory -lt 1000000 ]; then
+    fallocate -l 1G /swapfile
+    chmod 600 /swapfile
+    mkswap /swapfile
+    swapon /swapfile
+    echo "/swapfile   none    swap    sw    0   0" >> /etc/fstab
+fi
+
+
+#----------------------------------------------------------#
+#                  Install repositories                    #
+#----------------------------------------------------------#
+
+# Updating system packages
+yum -y update
+check_result $? 'yum update failed'
+
+# Enabling EPEL repository
+sed "1,10s/enabled=0/enabled=1/" -i /etc/yum.repos.d/epel.repo
+yum -y update
+check_result $? "Can't install EPEL repository"
+
+# Installing Nginx repository
+nrepo="/etc/yum.repos.d/nginx.repo"
+echo "[nginx]" > $nrepo
+echo "name=nginx repo" >> $nrepo
+echo "baseurl=http://nginx.org/packages/centos/$release/\$basearch/" >> $nrepo
+echo "gpgcheck=0" >> $nrepo
+echo "enabled=1" >> $nrepo
+
+# Installing Vesta repository
+vrepo='/etc/yum.repos.d/vesta.repo'
+echo "[vesta]" > $vrepo
+echo "name=Vesta - $REPO" >> $vrepo
+echo "baseurl=http://$RHOST/$REPO/$release/\$basearch/" >> $vrepo
+echo "enabled=1" >> $vrepo
+echo "gpgcheck=1" >> $vrepo
+echo "gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-VESTA" >> $vrepo
+wget http://c.vestacp.com/GPG.txt -O /etc/pki/rpm-gpg/RPM-GPG-KEY-VESTA
+
+
+#----------------------------------------------------------#
+#                         Backup                           #
+#----------------------------------------------------------#
+
+# Creating backup directory tree
+mkdir -p $vst_backups
+cd $vst_backups
+mkdir nginx httpd php php-fpm vsftpd proftpd named exim dovecot clamd \
+    spamassassin mysql postgresql mongodb vesta
+
+# Backing up Nginx configuration
+service nginx stop > /dev/null 2>&1
+cp -r /etc/nginx/* $vst_backups/nginx > /dev/null 2>&1
+
+# Backing up Apache configuration
+service httpd stop > /dev/null 2>&1
+cp -r /etc/httpd/* $vst_backups/httpd > /dev/null 2>&1
+
+# Backing up PHP configuration
+service php-fpm stop >/dev/null 2>&1
+cp /etc/php.ini $vst_backups/php > /dev/null 2>&1
+cp -r /etc/php.d  $vst_backups/php > /dev/null 2>&1
+cp /etc/php-fpm.conf $vst_backups/php-fpm > /dev/null 2>&1
+mv -f /etc/php-fpm.d/* $vst_backups/php-fpm/ > /dev/null 2>&1
+
+# Backing up Bind configuration
+yum remove bind-chroot > /dev/null 2>&1
+service named stop > /dev/null 2>&1
+cp /etc/named.conf $vst_backups/named >/dev/null 2>&1
+
+# Backing up Vsftpd configuration
+service vsftpd stop > /dev/null 2>&1
+cp /etc/vsftpd/vsftpd.conf $vst_backups/vsftpd >/dev/null 2>&1
+
+# Backing up ProFTPD configuration
+service proftpd stop > /dev/null 2>&1
+cp /etc/proftpd.conf $vst_backups/proftpd >/dev/null 2>&1
+
+# Backing up Exim configuration
+service exim stop > /dev/null 2>&1
+cp -r /etc/exim/* $vst_backups/exim >/dev/null 2>&1
+
+# Backing up ClamAV configuration
+service clamd stop > /dev/null 2>&1
+cp /etc/clamd.conf $vst_backups/clamd >/dev/null 2>&1
+cp -r /etc/clamd.d $vst_backups/clamd >/dev/null 2>&1
+
+# Backing up SpamAssassin configuration
+service spamassassin stop > /dev/null 2>&1
+cp -r /etc/mail/spamassassin/* $vst_backups/spamassassin >/dev/null 2>&1
+
+# Backing up Dovecot configuration
+service dovecot stop > /dev/null 2>&1
+cp /etc/dovecot.conf $vst_backups/dovecot > /dev/null 2>&1
+cp -r /etc/dovecot/* $vst_backups/dovecot > /dev/null 2>&1
+
+# Backing up MySQL/MariaDB configuration and data
+service mysql stop > /dev/null 2>&1
+service mysqld stop > /dev/null 2>&1
+service mariadb stop > /dev/null 2>&1
+mv /var/lib/mysql $vst_backups/mysql/mysql_datadir >/dev/null 2>&1
+cp /etc/my.cnf $vst_backups/mysql > /dev/null 2>&1
+cp /etc/my.cnf.d $vst_backups/mysql > /dev/null 2>&1
+mv /root/.my.cnf  $vst_backups/mysql > /dev/null 2>&1
+
+# Backing up MySQL/MariaDB configuration and data
+service postgresql stop > /dev/null 2>&1
+mv /var/lib/pgsql/data $vst_backups/postgresql/  >/dev/null 2>&1
+
+# Backing up Vesta configuration and data
+service vesta stop > /dev/null 2>&1
+mv $VESTA/data/* $vst_backups/vesta > /dev/null 2>&1
+mv $VESTA/conf/* $vst_backups/vesta > /dev/null 2>&1
+
+
+#----------------------------------------------------------#
+#                     Package Exludes                      #
+#----------------------------------------------------------#
+
+# Excluding packages
+if [ "$nginx" = 'no'  ]; then
+    software=$(echo "$software" | sed -e "s/^nginx//")
+fi
+if [ "$apache" = 'no' ]; then
+    software=$(echo "$software" | sed -e "s/httpd//")
+    software=$(echo "$software" | sed -e "s/mod_ssl//")
+    software=$(echo "$software" | sed -e "s/mod_fcgid//")
+    software=$(echo "$software" | sed -e "s/mod_ruid2//")
+fi
+if [ "$phpfpm" = 'no' ]; then
+    software=$(echo "$software" | sed -e "s/php-fpm//")
+fi
+if [ "$vsftpd" = 'no' ]; then
+    software=$(echo "$software" | sed -e "s/vsftpd//")
+fi
+if [ "$proftpd" = 'no' ]; then
+    software=$(echo "$software" | sed -e "s/proftpd//")
+fi
+if [ "$named" = 'no' ]; then
+    software=$(echo "$software" | sed -e "s/bind //")
+fi
+if [ "$exim" = 'no' ]; then
+    software=$(echo "$software" | sed -e "s/exim//")
+    software=$(echo "$software" | sed -e "s/dovecot//")
+    software=$(echo "$software" | sed -e "s/clamd//")
+    software=$(echo "$software" | sed -e "s/clamav-server//")
+    software=$(echo "$software" | sed -e "s/clamav-update//")
+    software=$(echo "$software" | sed -e "s/spamassassin//")
+    software=$(echo "$software" | sed -e "s/dovecot//")
+    software=$(echo "$software" | sed -e "s/roundcubemail//")
+fi
+if [ "$clamd" = 'no' ]; then
+    software=$(echo "$software" | sed -e "s/clamd//")
+    software=$(echo "$software" | sed -e "s/clamav-server//")
+    software=$(echo "$software" | sed -e "s/clamav-update//")
+fi
+if [ "$spamd" = 'no' ]; then
+    software=$(echo "$software" | sed -e 's/spamassassin//')
+fi
+if [ "$dovecot" = 'no' ]; then
+    software=$(echo "$software" | sed -e "s/dovecot//")
+fi
+if [ "$mysql" = 'no' ]; then
+    software=$(echo "$software" | sed -e 's/mysql //')
+    software=$(echo "$software" | sed -e 's/mysql-server//')
+    software=$(echo "$software" | sed -e 's/mariadb //')
+    software=$(echo "$software" | sed -e 's/mariadb-server//')
+    software=$(echo "$software" | sed -e 's/php-mysql//')
+    software=$(echo "$software" | sed -e 's/phpMyAdmin//')
+    software=$(echo "$software" | sed -e 's/roundcubemail//')
+fi
+if [ "$postgresql" = 'no' ]; then
+    software=$(echo "$software" | sed -e 's/postgresql //')
+    software=$(echo "$software" | sed -e 's/postgresql-server//')
+    software=$(echo "$software" | sed -e 's/postgresql-contrib//')
+    software=$(echo "$software" | sed -e 's/php-pgsql//')
+    software=$(echo "$software" | sed -e 's/phpPgAdmin//')
+fi
+if [ "$softaculous" = 'no' ]; then
+    software=$(echo "$software" | sed -e 's/vesta-softaculous//')
+fi
+if [ "$iptables" = 'no' ] || [ "$fail2ban" = 'no' ]; then
+    software=$(echo "$software" | sed -e 's/fail2ban//')
+fi
+
+
+#----------------------------------------------------------#
+#                     Install packages                     #
+#----------------------------------------------------------#
+
+# Installing rpm packages
+yum -y install $software
+check_result $? "yum install failed"
+
+# Installing roundcube
+if [ "$exim" != 'no' ]; then
+    yum -y install --exclude=php-pear-Auth-SASL-0:1.0.4-1.2.amzn1.noarch \
+        --exclude=php5\* --exclude=httpd24\* roundcubemail
+    check_result $? "yum install failed"
+fi
+
+
+#----------------------------------------------------------#
+#                     Configure system                     #
+#----------------------------------------------------------#
+
+# Restarting rsyslog
+service rsyslog restart > /dev/null 2>&1
+
+# Checking ipv6 on loopback interface
+check_lo_ipv6=$(/sbin/ip addr | grep 'inet6')
+check_rc_ipv6=$(grep 'scope global dev lo' /etc/rc.local)
+if [ ! -z "$check_lo_ipv6)" ] && [ -z "$check_rc_ipv6" ]; then
+    ip addr add ::2/128 scope global dev lo
+    echo "# Vesta: Workraround for openssl validation func" >> /etc/rc.local
+    echo "ip addr add ::2/128 scope global dev lo" >> /etc/rc.local
+    chmod a+x /etc/rc.local
+fi
+
+# Disabling SELinux
+if [ -e '/etc/sysconfig/selinux' ]; then
+    sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux
+    sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
+    setenforce 0 2>/dev/null
+fi
+
+# Disable iptables
+service iptables stop
+
+# Configuring NTP synchronization
+echo '#!/bin/sh' > /etc/cron.daily/ntpdate
+echo "$(which ntpdate) -s pool.ntp.org" >> /etc/cron.daily/ntpdate
+chmod 775 /etc/cron.daily/ntpdate
+ntpdate -s pool.ntp.org
+
+# Disabling webalizer routine
+rm -f /etc/cron.daily/00webalizer
+
+# Adding backup user
+adduser backup 2>/dev/null
+ln -sf /home/backup /backup
+chmod a+x /backup
+
+# Chaning default directory color
+echo 'LS_COLORS="$LS_COLORS:di=00;33"' >> /etc/profile
+
+# Changing default systemd interval
+if [ "$release" -eq '7' ]; then
+    # Hi Lennart
+    echo "DefaultStartLimitInterval=1s" >> /etc/systemd/system.conf
+    echo "DefaultStartLimitBurst=60" >> /etc/systemd/system.conf
+    systemctl daemon-reexec
+fi
+
+
+#----------------------------------------------------------#
+#                     Configure VESTA                      #
+#----------------------------------------------------------#
+
+# Downlading sudo configuration
+mkdir -p /etc/sudoers.d
+cp -f $vestacp/sudo/admin /etc/sudoers.d/
+chmod 440 /etc/sudoers.d/admin
+
+# Configuring system env
+echo "export VESTA='$VESTA'" > /etc/profile.d/vesta.sh
+chmod 755 /etc/profile.d/vesta.sh
+source /etc/profile.d/vesta.sh
+echo 'PATH=$PATH:'$VESTA'/bin' >> /root/.bash_profile
+echo 'export PATH' >> /root/.bash_profile
+source /root/.bash_profile
+
+# Configuring logrotate for vesta logs
+cp -f $vestacp/logrotate/vesta /etc/logrotate.d/
+
+# Buidling directory tree and creating some blank files for vesta
+mkdir -p $VESTA/conf $VESTA/log $VESTA/ssl $VESTA/data/ips \
+    $VESTA/data/queue $VESTA/data/users $VESTA/data/firewall \
+    $VESTA/data/sessions
+touch $VESTA/data/queue/backup.pipe $VESTA/data/queue/disk.pipe \
+    $VESTA/data/queue/webstats.pipe $VESTA/data/queue/restart.pipe \
+    $VESTA/data/queue/traffic.pipe $VESTA/log/system.log \
+    $VESTA/log/nginx-error.log $VESTA/log/auth.log
+chmod 750 $VESTA/conf $VESTA/data/users $VESTA/data/ips $VESTA/log
+chmod -R 750 $VESTA/data/queue
+chmod 660 $VESTA/log/*
+rm -f /var/log/vesta
+ln -s $VESTA/log /var/log/vesta
+chmod 770 $VESTA/data/sessions
+
+# Generating vesta configuration
+rm -f $VESTA/conf/vesta.conf 2>/dev/null
+touch $VESTA/conf/vesta.conf
+chmod 660 $VESTA/conf/vesta.conf
+
+# WEB stack
+if [ "$apache" = 'yes' ] && [ "$nginx" = 'no' ] ; then
+    echo "WEB_SYSTEM='httpd'" >> $VESTA/conf/vesta.conf
+    echo "WEB_RGROUPS='apache'" >> $VESTA/conf/vesta.conf
+    echo "WEB_PORT='80'" >> $VESTA/conf/vesta.conf
+    echo "WEB_SSL_PORT='443'" >> $VESTA/conf/vesta.conf
+    echo "WEB_SSL='mod_ssl'"  >> $VESTA/conf/vesta.conf
+    echo "STATS_SYSTEM='webalizer,awstats'" >> $VESTA/conf/vesta.conf
+fi
+if [ "$apache" = 'yes' ] && [ "$nginx"  = 'yes' ] ; then
+    echo "WEB_SYSTEM='httpd'" >> $VESTA/conf/vesta.conf
+    echo "WEB_RGROUPS='apache'" >> $VESTA/conf/vesta.conf
+    echo "WEB_PORT='8080'" >> $VESTA/conf/vesta.conf
+    echo "WEB_SSL_PORT='8443'" >> $VESTA/conf/vesta.conf
+    echo "WEB_SSL='mod_ssl'"  >> $VESTA/conf/vesta.conf
+    echo "PROXY_SYSTEM='nginx'" >> $VESTA/conf/vesta.conf
+    echo "PROXY_PORT='80'" >> $VESTA/conf/vesta.conf
+    echo "PROXY_SSL_PORT='443'" >> $VESTA/conf/vesta.conf
+    echo "STATS_SYSTEM='webalizer,awstats'" >> $VESTA/conf/vesta.conf
+fi
+if [ "$apache" = 'no' ] && [ "$nginx"  = 'yes' ]; then
+    echo "WEB_SYSTEM='nginx'" >> $VESTA/conf/vesta.conf
+    echo "WEB_PORT='80'" >> $VESTA/conf/vesta.conf
+    echo "WEB_SSL_PORT='443'" >> $VESTA/conf/vesta.conf
+    echo "WEB_SSL='openssl'"  >> $VESTA/conf/vesta.conf
+    if [ "$phpfpm" = 'yes' ]; then
+        echo "WEB_BACKEND='php-fpm'" >> $VESTA/conf/vesta.conf
+    fi
+    echo "STATS_SYSTEM='webalizer,awstats'" >> $VESTA/conf/vesta.conf
+fi
+
+# FTP stack
+if [ "$vsftpd" = 'yes' ]; then
+    echo "FTP_SYSTEM='vsftpd'" >> $VESTA/conf/vesta.conf
+fi
+if [ "$proftpd" = 'yes' ]; then
+    echo "FTP_SYSTEM='proftpd'" >> $VESTA/conf/vesta.conf
+fi
+
+# DNS stack
+if [ "$named" = 'yes' ]; then
+    echo "DNS_SYSTEM='named'" >> $VESTA/conf/vesta.conf
+fi
+
+# Mail stack
+if [ "$exim" = 'yes' ]; then
+    echo "MAIL_SYSTEM='exim'" >> $VESTA/conf/vesta.conf
+    if [ "$clamd" = 'yes'  ]; then
+        echo "ANTIVIRUS_SYSTEM='clamav'" >> $VESTA/conf/vesta.conf
+    fi
+    if [ "$spamd" = 'yes' ]; then
+        echo "ANTISPAM_SYSTEM='spamassassin'" >> $VESTA/conf/vesta.conf
+    fi
+    if [ "$dovecot" = 'yes' ]; then
+        echo "IMAP_SYSTEM='dovecot'" >> $VESTA/conf/vesta.conf
+    fi
+fi
+
+# CRON daemon
+echo "CRON_SYSTEM='crond'" >> $VESTA/conf/vesta.conf
+
+# Firewall stack
+if [ "$iptables" = 'yes' ]; then
+    echo "FIREWALL_SYSTEM='iptables'" >> $VESTA/conf/vesta.conf
+fi
+if [ "$iptables" = 'yes' ] && [ "$fail2ban" = 'yes' ]; then
+    echo "FIREWALL_EXTENSION='fail2ban'" >> $VESTA/conf/vesta.conf
+fi
+
+# Disk quota
+if [ "$quota" = 'yes' ]; then
+    echo "DISK_QUOTA='yes'" >> $VESTA/conf/vesta.conf
+fi
+
+# Backups
+echo "BACKUP_SYSTEM='local'" >> $VESTA/conf/vesta.conf
+
+# Language
+echo "LANGUAGE='$lang'" >> $VESTA/conf/vesta.conf
+
+# Version
+echo "VERSION='0.9.8'" >> $VESTA/conf/vesta.conf
+
+# Installing hosting packages
+cp -rf $vestacp/packages $VESTA/data/
+
+# Installing templates
+cp -rf $vestacp/templates $VESTA/data/
+
+# Copying index.html to default documentroot
+cp $VESTA/data/templates/web/skel/public_html/index.html /var/www/html/
+sed -i 's/%domain%/It worked!/g' /var/www/html/index.html
+
+# Installing firewall rules
+chkconfig firewalld off >/dev/null 2>&1
+cp -rf $vestacp/firewall $VESTA/data/
+
+# Configuring server hostname
+$VESTA/bin/v-change-sys-hostname $servername 2>/dev/null
+
+# Generating SSL certificate
+$VESTA/bin/v-generate-ssl-cert $(hostname) $email 'US' 'California' \
+     'San Francisco' 'Vesta Control Panel' 'IT' > /tmp/vst.pem
+
+# Parsing certificate file
+crt_end=$(grep -n "END CERTIFICATE-" /tmp/vst.pem |cut -f 1 -d:)
+key_start=$(grep -n "BEGIN RSA" /tmp/vst.pem |cut -f 1 -d:)
+key_end=$(grep -n  "END RSA" /tmp/vst.pem |cut -f 1 -d:)
+
+# Adding SSL certificate
+cd $VESTA/ssl
+sed -n "1,${crt_end}p" /tmp/vst.pem > certificate.crt
+sed -n "$key_start,${key_end}p" /tmp/vst.pem > certificate.key
+chown root:mail $VESTA/ssl/*
+chmod 660 $VESTA/ssl/*
+chmod u+s /usr/bin/find
+rm /tmp/vst.pem
+
+
+#----------------------------------------------------------#
+#                     Configure Nginx                      #
+#----------------------------------------------------------#
+
+if [ "$nginx" = 'yes' ]; then
+    rm -f /etc/nginx/conf.d/*.conf
+    cp -f $vestacp/nginx/nginx.conf /etc/nginx/
+    cp -f $vestacp/nginx/status.conf /etc/nginx/conf.d/
+    cp -f $vestacp/nginx/phpmyadmin.inc /etc/nginx/conf.d/
+    cp -f $vestacp/nginx/phppgadmin.inc /etc/nginx/conf.d/
+    cp -f $vestacp/nginx/webmail.inc /etc/nginx/conf.d/
+    cp -f $vestacp/logrotate/nginx /etc/logrotate.d/
+    echo > /etc/nginx/conf.d/vesta.conf
+    mkdir -p /var/log/nginx/domains
+    if [ "$release" -eq 7 ]; then
+        mkdir /etc/systemd/system/nginx.service.d
+        cd /etc/systemd/system/nginx.service.d
+        echo "[Service]" > limits.conf
+        echo "LimitNOFILE=500000" >> limits.conf
+    fi
+    chkconfig nginx on
+    service nginx start
+    check_result $? "nginx start failed"
+
+    # Workaround for OpenVZ/Virtuozzo
+    if [ "$release" -eq '7' ] && [ -e "/proc/vz/veinfo" ]; then
+        echo "#Vesta: workraround for networkmanager" >> /etc/rc.local
+        echo "sleep 3 && service nginx restart" >> /etc/rc.local
+    fi
+fi
+
+
+#----------------------------------------------------------#
+#                    Configure Apache                      #
+#----------------------------------------------------------#
+
+if [ "$apache" = 'yes'  ]; then
+    cp -f $vestacp/httpd/httpd.conf /etc/httpd/conf/
+    cp -f $vestacp/httpd/status.conf /etc/httpd/conf.d/
+    cp -f $vestacp/httpd/ssl.conf /etc/httpd/conf.d/
+    cp -f $vestacp/httpd/ruid2.conf /etc/httpd/conf.d/
+    cp -f $vestacp/logrotate/httpd /etc/logrotate.d/
+    if [ $release -ne 7 ]; then
+        echo "MEFaccept 127.0.0.1" >> /etc/httpd/conf.d/mod_extract*.conf
+        echo > /etc/httpd/conf.d/proxy_ajp.conf
+    fi
+    if [ -e "conf.modules.d/00-dav.conf" ]; then
+        cd /etc/httpd/conf.modules.d
+        sed -i "s/^/#/" 00-dav.conf 00-lua.conf 00-proxy.conf
+    fi
+    echo > /etc/httpd/conf.d/vesta.conf
+    cd /var/log/httpd
+    touch access_log error_log suexec.log
+    chmod 640 access_log error_log suexec.log
+    chmod -f 777 /var/lib/php/session
+    chmod a+x /var/log/httpd
+    mkdir -p /var/log/httpd/domains
+    chmod 751 /var/log/httpd/domains
+    if [ "$release" -eq 7 ]; then
+        mkdir /etc/systemd/system/httpd.service.d
+        cd /etc/systemd/system/httpd.service.d
+        echo "[Service]" > limits.conf
+        echo "LimitNOFILE=500000" >> limits.conf
+    fi
+    chkconfig httpd on
+    service httpd start
+    check_result $? "httpd start failed"
+
+    # Workaround for OpenVZ/Virtuozzo
+    if [ "$release" -eq '7' ] && [ -e "/proc/vz/veinfo" ]; then
+        echo "#Vesta: workraround for networkmanager" >> /etc/rc.local
+        echo "sleep 2 && service httpd restart" >> /etc/rc.local
+    fi
+fi
+
+
+#----------------------------------------------------------#
+#                     Configure PHP-FPM                    #
+#----------------------------------------------------------#
+
+if [ "$phpfpm" = 'yes' ]; then
+    cp -f $vestacp/php-fpm/www.conf /etc/php-fpm.d/
+    chkconfig php-fpm on
+    service php-fpm start
+    check_result $? "php-fpm start failed"
+fi
+
+
+#----------------------------------------------------------#
+#                     Configure PHP                        #
+#----------------------------------------------------------#
+
+ZONE=$(timedatectl 2>/dev/null|grep Timezone|awk '{print $2}')
+if [ -e '/etc/sysconfig/clock' ]; then
+    source /etc/sysconfig/clock
+fi
+if [ -z "$ZONE" ]; then
+    ZONE='UTC'
+fi
+for pconf in $(find /etc/php* -name php.ini); do
+    sed -i "s/;date.timezone =/date.timezone = $ZONE/g" $pconf
+    sed -i 's%_open_tag = Off%_open_tag = On%g' $pconf
+done
+
+
+#----------------------------------------------------------#
+#                    Configure VSFTPD                      #
+#----------------------------------------------------------#
+
+if [ "$vsftpd" = 'yes' ]; then
+    cp -f $vestacp/vsftpd/vsftpd.conf /etc/vsftpd/
+    chkconfig vsftpd on
+    service vsftpd start
+    check_result $? "vsftpd start failed"
+
+    # To be deleted after release 0.9.8-18
+    echo "/sbin/nologin" >> /etc/shells
+fi
+
+
+#----------------------------------------------------------#
+#                    Configure ProFTPD                     #
+#----------------------------------------------------------#
+
+if [ "$proftpd" = 'yes' ]; then
+    cp -f $vestacp/proftpd/proftpd.conf /etc/
+    chkconfig proftpd on
+    service proftpd start
+    check_result $? "proftpd start failed"
+fi
+
+
+#----------------------------------------------------------#
+#                  Configure MySQL/MariaDB                 #
+#----------------------------------------------------------#
+
+if [ "$mysql" = 'yes' ]; then
+
+    mycnf="my-small.cnf"
+    if [ $memory -gt 1200000 ]; then
+        mycnf="my-medium.cnf"
+    fi
+    if [ $memory -gt 3900000 ]; then
+        mycnf="my-large.cnf"
+    fi
+
+    mkdir -p /var/lib/mysql
+    chown mysql:mysql /var/lib/mysql
+    mkdir -p /etc/my.cnf.d
+
+    if [ $release -ne 7 ]; then
+        service='mysqld'
+    else
+        service='mariadb'
+    fi
+
+    cp -f $vestacp/$service/$mycnf /etc/
+    chkconfig $service on
+    service $service start
+    if [ "$?" -ne 0 ]; then
+        if [ -e "/proc/user_beancounters" ]; then
+            # Fix for aio on OpenVZ
+            sed -i "s/#innodb_use_native/innodb_use_native/g" /etc/my.cnf
+        fi
+        service $service start
+        check_result $? "$service start failed"
+    fi
+
+    # Securing MySQL installation
+    mysqladmin -u root password $vpass
+    echo -e "[client]\npassword='$vpass'\n" > /root/.my.cnf
+    chmod 600 /root/.my.cnf
+    mysql -e "DELETE FROM mysql.user WHERE User=''"
+    mysql -e "DROP DATABASE test" >/dev/null 2>&1
+    mysql -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%'"
+    mysql -e "DELETE FROM mysql.user WHERE user='' or password='';"
+    mysql -e "FLUSH PRIVILEGES"
+
+    # Configuring phpMyAdmin
+    if [ "$apache" = 'yes' ]; then
+        cp -f $vestacp/pma/phpMyAdmin.conf /etc/httpd/conf.d/
+    fi
+    cp -f $vestacp/pma/config.inc.conf /etc/phpMyAdmin/config.inc.php
+    sed -i "s/%blowfish_secret%/$(gen_pass)/g" /etc/phpMyAdmin/config.inc.php
+fi
+
+
+#----------------------------------------------------------#
+#                   Configure PostgreSQL                   #
+#----------------------------------------------------------#
+
+if [ "$postgresql" = 'yes' ]; then
+    if [ $release = 5 ]; then
+        service postgresql start
+        sudo -u postgres psql -c "ALTER USER postgres WITH PASSWORD '$vpass'"
+        service postgresql stop
+        cp -f $vestacp/postgresql/pg_hba.conf /var/lib/pgsql/data/
+        service postgresql start
+    else
+        service postgresql initdb
+        cp -f $vestacp/postgresql/pg_hba.conf /var/lib/pgsql/data/
+        service postgresql start
+        sudo -u postgres psql -c "ALTER USER postgres WITH PASSWORD '$vpass'"
+    fi
+    # Configuring phpPgAdmin
+    if [ "$apache" = 'yes' ]; then
+        cp -f $vestacp/pga/phpPgAdmin.conf /etc/httpd/conf.d/
+    fi
+    cp -f $vestacp/pga/config.inc.php /etc/phpPgAdmin/
+fi
+
+
+#----------------------------------------------------------#
+#                      Configure Bind                      #
+#----------------------------------------------------------#
+
+if [ "$named" = 'yes' ]; then
+    cp -f $vestacp/named/named.conf /etc/
+    chown root:named /etc/named.conf
+    chmod 640 /etc/named.conf
+    chkconfig named on
+    service named start
+    check_result $? "named start failed"
+fi
+
+
+#----------------------------------------------------------#
+#                      Configure Exim                      #
+#----------------------------------------------------------#
+
+if [ "$exim" = 'yes' ]; then
+    gpasswd -a exim mail
+    cp -f $vestacp/exim/exim.conf /etc/exim/
+    cp -f $vestacp/exim/dnsbl.conf /etc/exim/
+    cp -f $vestacp/exim/spam-blocks.conf /etc/exim/
+    touch /etc/exim/white-blocks.conf
+
+    if [ "$spamd" = 'yes' ]; then
+        sed -i "s/#SPAM/SPAM/g" /etc/exim/exim.conf
+    fi
+    if [ "$clamd" = 'yes' ]; then
+        sed -i "s/#CLAMD/CLAMD/g" /etc/exim/exim.conf
+    fi
+
+    chmod 640 /etc/exim/exim.conf
+    rm -rf /etc/exim/domains
+    mkdir -p /etc/exim/domains
+
+    rm -f /etc/alternatives/mta
+    ln -s /usr/sbin/sendmail.exim /etc/alternatives/mta
+    chkconfig sendmail off 2>/dev/null
+    service sendmail stop 2>/dev/null
+    chkconfig postfix off 2>/dev/null
+    service postfix stop 2>/dev/null
+
+    chkconfig exim on
+    service exim start
+    check_result $? "exim start failed"
+fi
+
+
+#----------------------------------------------------------#
+#                     Configure Dovecot                    #
+#----------------------------------------------------------#
+
+if [ "$dovecot" = 'yes' ]; then
+    gpasswd -a dovecot mail
+    cp -rf $vestacp/dovecot /etc/
+    cp -f $vestacp/logrotate/dovecot /etc/logrotate.d/
+    chown -R root:root /etc/dovecot*
+    chkconfig dovecot on
+    service dovecot start
+    check_result $? "dovecot start failed"
+fi
+
+
+#----------------------------------------------------------#
+#                     Configure ClamAV                     #
+#----------------------------------------------------------#
+
+if [ "$clamd" = 'yes' ]; then
+    useradd clam -s /sbin/nologin -d /var/lib/clamav 2>/dev/null
+    gpasswd -a clam exim
+    gpasswd -a clam mail
+    cp -f $vestacp/clamav/clamd.conf /etc/
+    cp -f $vestacp/clamav/freshclam.conf /etc/
+    mkdir -p /var/log/clamav
+    mkdir -p /var/run/clamav
+    chown clam:clam /var/log/clamav /var/run/clamav
+    chown -R clam:clam /var/lib/clamav
+    if [ "$release" -eq '7' ]; then
+        cp -f $vestacp/clamav/clamd.service /usr/lib/systemd/system/
+        systemctl --system daemon-reload
+    fi
+    /usr/bin/freshclam
+    if [ "$release" -eq '7' ]; then
+        sed -i "s/nofork/foreground/" /usr/lib/systemd/system/clamd.service
+        systemctl daemon-reload
+    fi
+    chkconfig clamd on
+    service clamd start
+    #check_result $? "clamd start failed"
+fi
+
+
+#----------------------------------------------------------#
+#                  Configure SpamAssassin                  #
+#----------------------------------------------------------#
+
+if [ "$spamd" = 'yes' ]; then
+    chkconfig spamassassin on
+    service spamassassin start
+    check_result $? "spamassassin start failed"
+    if [ "$release" -eq '7' ]; then
+        groupadd -g 1001 spamd
+        useradd -u 1001 -g spamd -s /sbin/nologin -d \
+            /var/lib/spamassassin spamd
+        mkdir /var/lib/spamassassin
+        chown spamd:spamd /var/lib/spamassassin
+    fi
+fi
+
+
+#----------------------------------------------------------#
+#                   Configure RoundCube                    #
+#----------------------------------------------------------#
+
+if [ "$exim" = 'yes' ] && [ "$mysql" = 'yes' ]; then
+    if [ "$apache" = 'yes' ]; then
+        cp -f $vestacp/roundcube/roundcubemail.conf /etc/httpd/conf.d/
+    fi
+    cp -f $vestacp/roundcube/main.inc.php /etc/roundcubemail/config.inc.php
+    cd /usr/share/roundcubemail/plugins/password
+    cp -f $vestacp/roundcube/vesta.php drivers/vesta.php
+    cp -f $vestacp/roundcube/config.inc.php config.inc.php
+    sed -i "s/localhost/$servername/g" config.inc.php
+    chmod a+r /etc/roundcubemail/*
+    chmod -f 777 /var/log/roundcubemail
+    r="$(gen_pass)"
+    mysql -e "CREATE DATABASE roundcube"
+    mysql -e "GRANT ALL ON roundcube.* TO 
+            roundcube@localhost IDENTIFIED BY '$r'"
+    sed -i "s/%password%/$r/g" /etc/roundcubemail/config.inc.php
+    chmod 640 /etc/roundcubemail/config.inc.php
+    chown root:apache /etc/roundcubemail/config.inc.php
+    if [ -e "/usr/share/roundcubemail/SQL/mysql.initial.sql" ]; then
+        mysql roundcube < /usr/share/roundcubemail/SQL/mysql.initial.sql
+    else
+        mysql roundcube < /usr/share/doc/roundcubemail-*/SQL/mysql.initial.sql
+    fi
+fi
+
+
+#----------------------------------------------------------#
+#                    Configure Fail2Ban                    #
+#----------------------------------------------------------#
+
+if [ "$fail2ban" = 'yes' ]; then
+    cp -rf $vestacp/fail2ban /etc/
+    if [ "$dovecot" = 'no' ]; then
+        fline=$(cat /etc/fail2ban/jail.local |grep -n dovecot-iptables -A 2)
+        fline=$(echo "$fline" |grep enabled |tail -n1 |cut -f 1 -d -)
+        sed -i "${fline}s/true/false/" /etc/fail2ban/jail.local
+    fi
+    if [ "$exim" = 'no' ]; then
+        fline=$(cat /etc/fail2ban/jail.local |grep -n exim-iptables -A 2)
+        fline=$(echo "$fline" |grep enabled |tail -n1 |cut -f 1 -d -)
+        sed -i "${fline}s/true/false/" /etc/fail2ban/jail.local
+    fi
+    if [ "$vsftpd" = 'yes' ]; then
+        #Create vsftpd Log File
+        if [ ! -f "/var/log/vsftpd.log" ]; then
+            touch /var/log/vsftpd.log
+        fi
+        fline=$(cat /etc/fail2ban/jail.local |grep -n vsftpd-iptables -A 2)
+        fline=$(echo "$fline" |grep enabled |tail -n1 |cut -f 1 -d -)
+        sed -i "${fline}s/false/true/" /etc/fail2ban/jail.local
+    fi 
+    chkconfig fail2ban on
+    /bin/mkdir -p /var/run/fail2ban
+    if [ -e "/usr/lib/systemd/system/fail2ban.service" ]; then
+        exec_pre='ExecStartPre=/bin/mkdir -p /var/run/fail2ban'
+        sed -i "s|\[Service\]|[Service]\n$exec_pre|g" \
+            /usr/lib/systemd/system/fail2ban.service
+        systemctl daemon-reload
+    fi
+    service fail2ban start
+    check_result $? "fail2ban start failed"
+fi
+
+
+#----------------------------------------------------------#
+#                   Configure Admin User                   #
+#----------------------------------------------------------#
+
+# Deleting old admin user
+if [ ! -z "$(grep ^admin: /etc/passwd)" ] && [ "$force" = 'yes' ]; then
+    chattr -i /home/admin/conf > /dev/null 2>&1
+    userdel -f admin >/dev/null 2>&1
+    chattr -i /home/admin/conf >/dev/null 2>&1
+    mv -f /home/admin  $vst_backups/home/ >/dev/null 2>&1
+    rm -f /tmp/sess_* >/dev/null 2>&1
+fi
+if [ ! -z "$(grep ^admin: /etc/group)" ] && [ "$force" = 'yes' ]; then
+    groupdel admin > /dev/null 2>&1
+fi
+
+# Adding vesta account
+$VESTA/bin/v-add-user admin $vpass $email default System Administrator
+check_result $? "can't create admin user"
+$VESTA/bin/v-change-user-shell admin bash
+$VESTA/bin/v-change-user-language admin $lang
+
+# Configuring system ips
+$VESTA/bin/v-update-sys-ip
+
+# Get main ip
+ip=$(ip addr|grep 'inet '|grep global|head -n1|awk '{print $2}'|cut -f1 -d/)
+
+# Firewall configuration
+if [ "$iptables" = 'yes' ]; then
+    $VESTA/bin/v-update-firewall
+fi
+
+# Get public ip
+pub_ip=$(curl -s vestacp.com/what-is-my-ip/)
+if [ ! -z "$pub_ip" ] && [ "$pub_ip" != "$ip" ]; then
+    echo "$VESTA/bin/v-update-sys-ip" >> /etc/rc.local
+    $VESTA/bin/v-change-sys-ip-nat $ip $pub_ip
+    ip=$pub_ip
+fi
+
+# Configuring mysql host
+if [ "$mysql" = 'yes' ]; then
+    $VESTA/bin/v-add-database-host mysql localhost root $vpass
+    $VESTA/bin/v-add-database admin default default $(gen_pass) mysql
+fi
+
+# Configuring pgsql host
+if [ "$postgresql" = 'yes' ]; then
+    $VESTA/bin/v-add-database-host pgsql localhost postgres $vpass
+    $VESTA/bin/v-add-database admin db db $(gen_pass) pgsql
+fi
+
+# Adding default domain
+$VESTA/bin/v-add-domain admin $servername
+check_result $? "can't create $servername domain"
+
+command="sudo $VESTA/bin/v-update-sys-queue disk"
+$VESTA/bin/v-add-cron-job 'admin' '15' '02' '*' '*' '*' "$command"
+command="sudo $VESTA/bin/v-update-sys-queue traffic"
+$VESTA/bin/v-add-cron-job 'admin' '10' '00' '*' '*' '*' "$command"
+command="sudo $VESTA/bin/v-update-sys-queue webstats"
+$VESTA/bin/v-add-cron-job 'admin' '30' '03' '*' '*' '*' "$command"
+command="sudo $VESTA/bin/v-update-sys-queue backup"
+$VESTA/bin/v-add-cron-job 'admin' '*/5' '*' '*' '*' '*' "$command"
+command="sudo $VESTA/bin/v-backup-users"
+$VESTA/bin/v-add-cron-job 'admin' '10' '05' '*' '*' '*' "$command"
+command="sudo $VESTA/bin/v-update-user-stats"
+$VESTA/bin/v-add-cron-job 'admin' '20' '00' '*' '*' '*' "$command"
+command="sudo $VESTA/bin/v-update-sys-rrd"
+$VESTA/bin/v-add-cron-job 'admin' '*/5' '*' '*' '*' '*' "$command"
+service crond restart
+
+# Building initial rrd images
+$VESTA/bin/v-update-sys-rrd
+
+# Enabling file system quota
+if [ "$quota" = 'yes' ]; then
+    $VESTA/bin/v-add-sys-quota
+fi
+
+# Enabling softaculous plugin
+if [ "$softaculous" = 'yes' ]; then
+    $VESTA/bin/v-add-vesta-softaculous
+fi
+
+# Starting vesta service
+chkconfig vesta on
+service vesta start
+check_result $? "vesta start failed"
+chown admin:admin $VESTA/data/sessions
+
+# Adding notifications
+$VESTA/upd/add_notifications.sh
+
+# Adding cronjob for autoupdates
+$VESTA/bin/v-add-cron-vesta-autoupdate
+
+
+#----------------------------------------------------------#
+#                   Vesta Access Info                      #
+#----------------------------------------------------------#
+
+# Sending install notification to vestacp.com
+wget vestacp.com/notify/?$codename -O /dev/null -q
+
+# Comparing hostname and ip
+host_ip=$(host $servername |head -n 1 |awk '{print $NF}')
+if [ "$host_ip" = "$ip" ]; then
+    ip="$servername"
+fi
+
+# Sending notification to admin email
+echo -e "Congratulations, you have just successfully installed \
+Vesta Control Panel
+
+    https://$ip:8083
+    username: admin
+    password: $vpass
+
+We hope that you enjoy your installation of Vesta. Please \
+feel free to contact us anytime if you have any questions.
+Thank you.
+
+--
+Sincerely yours
+vestacp.com team
+" > $tmpfile
+
+send_mail="$VESTA/web/inc/mail-wrapper.php"
+cat $tmpfile | $send_mail -s "Vesta Control Panel" $email
+
+# Congrats
+echo '======================================================='
+echo
+echo ' _|      _|  _|_|_|_|    _|_|_|  _|_|_|_|_|    _|_|   '
+echo ' _|      _|  _|        _|            _|      _|    _| '
+echo ' _|      _|  _|_|_|      _|_|        _|      _|_|_|_| '
+echo '   _|  _|    _|              _|      _|      _|    _| '
+echo '     _|      _|_|_|_|  _|_|_|        _|      _|    _| '
+echo
+echo
+cat $tmpfile
+rm -f $tmpfile
+
+# EOF
diff --git a/install/vst-install.sh b/install/vst-install.sh
index 5589db79..40dd5025 100755
--- a/install/vst-install.sh
+++ b/install/vst-install.sh
@@ -41,6 +41,7 @@ fi
 case $(head -n1 /etc/issue | cut -f 1 -d ' ') in
     Debian)     type="debian" ;;
     Ubuntu)     type="ubuntu" ;;
+    Amazon)     type="amazon" ;;
     *)          type="rhel" ;;
 esac
 

From 4a3cec1290f59de2e2360b5018d59a8c3257c47c Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Thu, 31 May 2018 16:01:46 +0300
Subject: [PATCH 0124/2300] default configs for ubuntu releases

---
 install/ubuntu/17.04/apache2/apache2.conf     |  94 ++
 install/ubuntu/17.04/apache2/status.conf      |   8 +
 install/ubuntu/17.04/bind/named.conf          |  12 +
 install/ubuntu/17.04/clamav/clamd.conf        |  61 ++
 install/ubuntu/17.04/deb_signing.key          |  30 +
 .../ubuntu/17.04/dovecot/conf.d/10-auth.conf  |   4 +
 .../17.04/dovecot/conf.d/10-logging.conf      |   1 +
 .../ubuntu/17.04/dovecot/conf.d/10-mail.conf  |   4 +
 .../17.04/dovecot/conf.d/10-master.conf       |  29 +
 .../ubuntu/17.04/dovecot/conf.d/10-ssl.conf   |   5 +
 .../ubuntu/17.04/dovecot/conf.d/20-imap.conf  |  58 ++
 .../ubuntu/17.04/dovecot/conf.d/20-pop3.conf  |  91 ++
 .../dovecot/conf.d/auth-passwdfile.conf.ext   |   9 +
 install/ubuntu/17.04/dovecot/dovecot.conf     |  24 +
 install/ubuntu/17.04/exim/dnsbl.conf          |   2 +
 install/ubuntu/17.04/exim/exim4.conf.template | 382 ++++++++
 install/ubuntu/17.04/exim/spam-blocks.conf    |   0
 .../ubuntu/17.04/fail2ban/action.d/vesta.conf |   9 +
 .../ubuntu/17.04/fail2ban/filter.d/vesta.conf |  10 +
 install/ubuntu/17.04/fail2ban/jail.local      |  51 ++
 install/ubuntu/17.04/firewall/ports.conf      |  17 +
 install/ubuntu/17.04/firewall/rules.conf      |  11 +
 install/ubuntu/17.04/logrotate/apache2        |  19 +
 install/ubuntu/17.04/logrotate/dovecot        |  12 +
 install/ubuntu/17.04/logrotate/nginx          |  13 +
 install/ubuntu/17.04/logrotate/vesta          |   7 +
 install/ubuntu/17.04/mysql/my-large.cnf       |  41 +
 install/ubuntu/17.04/mysql/my-medium.cnf      |  40 +
 install/ubuntu/17.04/mysql/my-small.cnf       |  40 +
 install/ubuntu/17.04/nginx/nginx.conf         | 136 +++
 install/ubuntu/17.04/nginx/phpmyadmin.inc     |  18 +
 install/ubuntu/17.04/nginx/phppgadmin.inc     |  11 +
 install/ubuntu/17.04/nginx/status.conf        |   9 +
 install/ubuntu/17.04/nginx/webmail.inc        |  15 +
 install/ubuntu/17.04/packages/default.pkg     |  18 +
 install/ubuntu/17.04/packages/gainsboro.pkg   |  18 +
 install/ubuntu/17.04/packages/palegreen.pkg   |  18 +
 install/ubuntu/17.04/packages/slategrey.pkg   |  18 +
 install/ubuntu/17.04/pga/config.inc.php       | 159 ++++
 install/ubuntu/17.04/pga/phppgadmin.conf      |  31 +
 install/ubuntu/17.04/php-fpm/www.conf         |  11 +
 install/ubuntu/17.04/pma/apache.conf          |  42 +
 install/ubuntu/17.04/pma/config.inc.php       | 146 +++
 install/ubuntu/17.04/postgresql/pg_hba.conf   |  11 +
 install/ubuntu/17.04/proftpd/proftpd.conf     |  32 +
 install/ubuntu/17.04/roundcube/apache.conf    |  40 +
 install/ubuntu/17.04/roundcube/config.inc.php |  33 +
 install/ubuntu/17.04/roundcube/db.inc.php     |  66 ++
 install/ubuntu/17.04/roundcube/main.inc.php   | 850 ++++++++++++++++++
 install/ubuntu/17.04/roundcube/vesta.php      |  71 ++
 install/ubuntu/17.04/sudo/admin               |   8 +
 .../ubuntu/17.04/templates/dns/child-ns.tpl   |  14 +
 .../ubuntu/17.04/templates/dns/default.tpl    |  18 +
 install/ubuntu/17.04/templates/dns/gmail.tpl  |  12 +
 .../17.04/templates/web/apache2/basedir.stpl  |  44 +
 .../17.04/templates/web/apache2/basedir.tpl   |  38 +
 .../17.04/templates/web/apache2/default.stpl  |  43 +
 .../17.04/templates/web/apache2/default.tpl   |  37 +
 .../17.04/templates/web/apache2/hosting.stpl  |  49 +
 .../17.04/templates/web/apache2/hosting.tpl   |  43 +
 .../17.04/templates/web/apache2/phpcgi.sh     |  16 +
 .../17.04/templates/web/apache2/phpcgi.stpl   |  38 +
 .../17.04/templates/web/apache2/phpcgi.tpl    |  31 +
 .../17.04/templates/web/apache2/phpfcgid.sh   |  22 +
 .../17.04/templates/web/apache2/phpfcgid.stpl |  39 +
 .../17.04/templates/web/apache2/phpfcgid.tpl  |  31 +
 .../17.04/templates/web/awstats/awstats.tpl   | 133 +++
 .../17.04/templates/web/awstats/index.tpl     |  10 +
 .../17.04/templates/web/awstats/nav.tpl       |  23 +
 .../17.04/templates/web/nginx/caching.sh      |  19 +
 .../17.04/templates/web/nginx/caching.stpl    |  44 +
 .../17.04/templates/web/nginx/caching.tpl     |  41 +
 .../17.04/templates/web/nginx/default.stpl    |  36 +
 .../17.04/templates/web/nginx/default.tpl     |  33 +
 .../17.04/templates/web/nginx/hosting.sh      |  11 +
 .../17.04/templates/web/nginx/hosting.stpl    |  38 +
 .../17.04/templates/web/nginx/hosting.tpl     |  35 +
 .../17.04/templates/web/nginx/http2.stpl      |  36 +
 .../17.04/templates/web/nginx/http2.tpl       |  33 +
 .../web/nginx/php-fpm/cms_made_simple.stpl    |  56 ++
 .../web/nginx/php-fpm/cms_made_simple.tpl     |  52 ++
 .../web/nginx/php-fpm/codeigniter2.stpl       |  61 ++
 .../web/nginx/php-fpm/codeigniter2.tpl        |  57 ++
 .../web/nginx/php-fpm/codeigniter3.stpl       |  56 ++
 .../web/nginx/php-fpm/codeigniter3.tpl        |  52 ++
 .../web/nginx/php-fpm/datalife_engine.stpl    | 127 +++
 .../web/nginx/php-fpm/datalife_engine.tpl     | 123 +++
 .../templates/web/nginx/php-fpm/default.stpl  |  55 ++
 .../templates/web/nginx/php-fpm/default.tpl   |  51 ++
 .../templates/web/nginx/php-fpm/dokuwiki.stpl |  72 ++
 .../templates/web/nginx/php-fpm/dokuwiki.tpl  |  67 ++
 .../templates/web/nginx/php-fpm/drupal6.stpl  | 101 +++
 .../templates/web/nginx/php-fpm/drupal6.tpl   |  98 ++
 .../templates/web/nginx/php-fpm/drupal7.stpl  | 101 +++
 .../templates/web/nginx/php-fpm/drupal7.tpl   |  98 ++
 .../templates/web/nginx/php-fpm/drupal8.stpl  | 102 +++
 .../templates/web/nginx/php-fpm/drupal8.tpl   |  99 ++
 .../templates/web/nginx/php-fpm/joomla.stpl   |  63 ++
 .../templates/web/nginx/php-fpm/joomla.tpl    |  59 ++
 .../templates/web/nginx/php-fpm/laravel.stpl  |  56 ++
 .../templates/web/nginx/php-fpm/laravel.tpl   |  50 ++
 .../templates/web/nginx/php-fpm/magento.stpl  | 198 ++++
 .../templates/web/nginx/php-fpm/magento.tpl   | 194 ++++
 .../templates/web/nginx/php-fpm/modx.stpl     |  69 ++
 .../templates/web/nginx/php-fpm/modx.tpl      |  65 ++
 .../templates/web/nginx/php-fpm/moodle.stpl   |  90 ++
 .../templates/web/nginx/php-fpm/moodle.tpl    |  87 ++
 .../templates/web/nginx/php-fpm/no-php.stpl   |  47 +
 .../templates/web/nginx/php-fpm/no-php.tpl    |  43 +
 .../templates/web/nginx/php-fpm/odoo.stpl     |  70 ++
 .../templates/web/nginx/php-fpm/odoo.tpl      |  66 ++
 .../templates/web/nginx/php-fpm/opencart.stpl |  59 ++
 .../templates/web/nginx/php-fpm/opencart.tpl  |  54 ++
 .../templates/web/nginx/php-fpm/owncloud.stpl |  85 ++
 .../templates/web/nginx/php-fpm/owncloud.tpl  |  81 ++
 .../templates/web/nginx/php-fpm/piwik.stpl    |  73 ++
 .../templates/web/nginx/php-fpm/piwik.tpl     |  69 ++
 .../templates/web/nginx/php-fpm/pyrocms.stpl  |  66 ++
 .../templates/web/nginx/php-fpm/pyrocms.tpl   |  62 ++
 .../templates/web/nginx/php-fpm/sendy.stpl    |  88 ++
 .../templates/web/nginx/php-fpm/sendy.tpl     |  86 ++
 .../web/nginx/php-fpm/wordpress.stpl          |  55 ++
 .../templates/web/nginx/php-fpm/wordpress.tpl |  51 ++
 .../web/nginx/php-fpm/wordpress2.stpl         |  67 ++
 .../web/nginx/php-fpm/wordpress2.tpl          |  63 ++
 .../web/nginx/php-fpm/wordpress2_rewrite.stpl |  72 ++
 .../web/nginx/php-fpm/wordpress2_rewrite.tpl  |  67 ++
 .../17.04/templates/web/nginx/proxy_ip.tpl    |   9 +
 .../17.04/templates/web/php-fpm/default.tpl   |  21 +
 .../17.04/templates/web/php-fpm/no-php.tpl    |  20 +
 .../17.04/templates/web/php-fpm/socket.tpl    |  24 +
 .../web/skel/document_errors/403.html         |  29 +
 .../web/skel/document_errors/404.html         |  28 +
 .../web/skel/document_errors/50x.html         |  29 +
 .../templates/web/skel/public_html/index.html |  26 +
 .../templates/web/skel/public_html/robots.txt |   3 +
 .../web/skel/public_shtml/index.html          |  26 +
 .../web/skel/public_shtml/robots.txt          |   3 +
 .../17.04/templates/web/suspend/.htaccess     |   2 +
 .../17.04/templates/web/suspend/index.html    |  25 +
 .../templates/web/webalizer/webalizer.tpl     | 110 +++
 install/ubuntu/17.04/vsftpd/vsftpd.conf       |  27 +
 install/ubuntu/17.10/apache2/apache2.conf     |  94 ++
 install/ubuntu/17.10/apache2/status.conf      |   8 +
 install/ubuntu/17.10/bind/named.conf          |  12 +
 install/ubuntu/17.10/clamav/clamd.conf        |  61 ++
 install/ubuntu/17.10/deb_signing.key          |  30 +
 .../ubuntu/17.10/dovecot/conf.d/10-auth.conf  |   4 +
 .../17.10/dovecot/conf.d/10-logging.conf      |   1 +
 .../ubuntu/17.10/dovecot/conf.d/10-mail.conf  |   4 +
 .../17.10/dovecot/conf.d/10-master.conf       |  29 +
 .../ubuntu/17.10/dovecot/conf.d/10-ssl.conf   |   5 +
 .../ubuntu/17.10/dovecot/conf.d/20-imap.conf  |  58 ++
 .../ubuntu/17.10/dovecot/conf.d/20-pop3.conf  |  91 ++
 .../dovecot/conf.d/auth-passwdfile.conf.ext   |   9 +
 install/ubuntu/17.10/dovecot/dovecot.conf     |  24 +
 install/ubuntu/17.10/exim/dnsbl.conf          |   2 +
 install/ubuntu/17.10/exim/exim4.conf.template | 382 ++++++++
 install/ubuntu/17.10/exim/spam-blocks.conf    |   0
 .../ubuntu/17.10/fail2ban/action.d/vesta.conf |   9 +
 .../ubuntu/17.10/fail2ban/filter.d/vesta.conf |  10 +
 install/ubuntu/17.10/fail2ban/jail.local      |  51 ++
 install/ubuntu/17.10/firewall/ports.conf      |  17 +
 install/ubuntu/17.10/firewall/rules.conf      |  11 +
 install/ubuntu/17.10/logrotate/apache2        |  19 +
 install/ubuntu/17.10/logrotate/dovecot        |  12 +
 install/ubuntu/17.10/logrotate/nginx          |  13 +
 install/ubuntu/17.10/logrotate/vesta          |   7 +
 install/ubuntu/17.10/mysql/my-large.cnf       |  41 +
 install/ubuntu/17.10/mysql/my-medium.cnf      |  40 +
 install/ubuntu/17.10/mysql/my-small.cnf       |  40 +
 install/ubuntu/17.10/nginx/nginx.conf         | 136 +++
 install/ubuntu/17.10/nginx/phpmyadmin.inc     |  18 +
 install/ubuntu/17.10/nginx/phppgadmin.inc     |  11 +
 install/ubuntu/17.10/nginx/status.conf        |   9 +
 install/ubuntu/17.10/nginx/webmail.inc        |  15 +
 install/ubuntu/17.10/packages/default.pkg     |  18 +
 install/ubuntu/17.10/packages/gainsboro.pkg   |  18 +
 install/ubuntu/17.10/packages/palegreen.pkg   |  18 +
 install/ubuntu/17.10/packages/slategrey.pkg   |  18 +
 install/ubuntu/17.10/pga/config.inc.php       | 159 ++++
 install/ubuntu/17.10/pga/phppgadmin.conf      |  31 +
 install/ubuntu/17.10/php-fpm/www.conf         |  11 +
 install/ubuntu/17.10/pma/apache.conf          |  42 +
 install/ubuntu/17.10/pma/config.inc.php       | 146 +++
 install/ubuntu/17.10/postgresql/pg_hba.conf   |  11 +
 install/ubuntu/17.10/proftpd/proftpd.conf     |  32 +
 install/ubuntu/17.10/roundcube/apache.conf    |  40 +
 install/ubuntu/17.10/roundcube/config.inc.php |  33 +
 install/ubuntu/17.10/roundcube/db.inc.php     |  66 ++
 install/ubuntu/17.10/roundcube/main.inc.php   | 850 ++++++++++++++++++
 install/ubuntu/17.10/roundcube/vesta.php      |  71 ++
 install/ubuntu/17.10/sudo/admin               |   8 +
 .../ubuntu/17.10/templates/dns/child-ns.tpl   |  14 +
 .../ubuntu/17.10/templates/dns/default.tpl    |  18 +
 install/ubuntu/17.10/templates/dns/gmail.tpl  |  12 +
 .../17.10/templates/web/apache2/basedir.stpl  |  44 +
 .../17.10/templates/web/apache2/basedir.tpl   |  38 +
 .../17.10/templates/web/apache2/default.stpl  |  43 +
 .../17.10/templates/web/apache2/default.tpl   |  37 +
 .../17.10/templates/web/apache2/hosting.stpl  |  49 +
 .../17.10/templates/web/apache2/hosting.tpl   |  43 +
 .../17.10/templates/web/apache2/phpcgi.sh     |  16 +
 .../17.10/templates/web/apache2/phpcgi.stpl   |  38 +
 .../17.10/templates/web/apache2/phpcgi.tpl    |  31 +
 .../17.10/templates/web/apache2/phpfcgid.sh   |  22 +
 .../17.10/templates/web/apache2/phpfcgid.stpl |  39 +
 .../17.10/templates/web/apache2/phpfcgid.tpl  |  31 +
 .../17.10/templates/web/awstats/awstats.tpl   | 133 +++
 .../17.10/templates/web/awstats/index.tpl     |  10 +
 .../17.10/templates/web/awstats/nav.tpl       |  23 +
 .../17.10/templates/web/nginx/caching.sh      |  19 +
 .../17.10/templates/web/nginx/caching.stpl    |  44 +
 .../17.10/templates/web/nginx/caching.tpl     |  41 +
 .../17.10/templates/web/nginx/default.stpl    |  36 +
 .../17.10/templates/web/nginx/default.tpl     |  33 +
 .../17.10/templates/web/nginx/hosting.sh      |  11 +
 .../17.10/templates/web/nginx/hosting.stpl    |  38 +
 .../17.10/templates/web/nginx/hosting.tpl     |  35 +
 .../17.10/templates/web/nginx/http2.stpl      |  36 +
 .../17.10/templates/web/nginx/http2.tpl       |  33 +
 .../web/nginx/php-fpm/cms_made_simple.stpl    |  56 ++
 .../web/nginx/php-fpm/cms_made_simple.tpl     |  52 ++
 .../web/nginx/php-fpm/codeigniter2.stpl       |  61 ++
 .../web/nginx/php-fpm/codeigniter2.tpl        |  57 ++
 .../web/nginx/php-fpm/codeigniter3.stpl       |  56 ++
 .../web/nginx/php-fpm/codeigniter3.tpl        |  52 ++
 .../web/nginx/php-fpm/datalife_engine.stpl    | 127 +++
 .../web/nginx/php-fpm/datalife_engine.tpl     | 123 +++
 .../templates/web/nginx/php-fpm/default.stpl  |  55 ++
 .../templates/web/nginx/php-fpm/default.tpl   |  51 ++
 .../templates/web/nginx/php-fpm/dokuwiki.stpl |  72 ++
 .../templates/web/nginx/php-fpm/dokuwiki.tpl  |  67 ++
 .../templates/web/nginx/php-fpm/drupal6.stpl  | 101 +++
 .../templates/web/nginx/php-fpm/drupal6.tpl   |  98 ++
 .../templates/web/nginx/php-fpm/drupal7.stpl  | 101 +++
 .../templates/web/nginx/php-fpm/drupal7.tpl   |  98 ++
 .../templates/web/nginx/php-fpm/drupal8.stpl  | 102 +++
 .../templates/web/nginx/php-fpm/drupal8.tpl   |  99 ++
 .../templates/web/nginx/php-fpm/joomla.stpl   |  63 ++
 .../templates/web/nginx/php-fpm/joomla.tpl    |  59 ++
 .../templates/web/nginx/php-fpm/laravel.stpl  |  56 ++
 .../templates/web/nginx/php-fpm/laravel.tpl   |  50 ++
 .../templates/web/nginx/php-fpm/magento.stpl  | 198 ++++
 .../templates/web/nginx/php-fpm/magento.tpl   | 194 ++++
 .../templates/web/nginx/php-fpm/modx.stpl     |  69 ++
 .../templates/web/nginx/php-fpm/modx.tpl      |  65 ++
 .../templates/web/nginx/php-fpm/moodle.stpl   |  90 ++
 .../templates/web/nginx/php-fpm/moodle.tpl    |  87 ++
 .../templates/web/nginx/php-fpm/no-php.stpl   |  47 +
 .../templates/web/nginx/php-fpm/no-php.tpl    |  43 +
 .../templates/web/nginx/php-fpm/odoo.stpl     |  70 ++
 .../templates/web/nginx/php-fpm/odoo.tpl      |  66 ++
 .../templates/web/nginx/php-fpm/opencart.stpl |  59 ++
 .../templates/web/nginx/php-fpm/opencart.tpl  |  54 ++
 .../templates/web/nginx/php-fpm/owncloud.stpl |  85 ++
 .../templates/web/nginx/php-fpm/owncloud.tpl  |  81 ++
 .../templates/web/nginx/php-fpm/piwik.stpl    |  73 ++
 .../templates/web/nginx/php-fpm/piwik.tpl     |  69 ++
 .../templates/web/nginx/php-fpm/pyrocms.stpl  |  66 ++
 .../templates/web/nginx/php-fpm/pyrocms.tpl   |  62 ++
 .../templates/web/nginx/php-fpm/sendy.stpl    |  88 ++
 .../templates/web/nginx/php-fpm/sendy.tpl     |  86 ++
 .../web/nginx/php-fpm/wordpress.stpl          |  55 ++
 .../templates/web/nginx/php-fpm/wordpress.tpl |  51 ++
 .../web/nginx/php-fpm/wordpress2.stpl         |  67 ++
 .../web/nginx/php-fpm/wordpress2.tpl          |  63 ++
 .../web/nginx/php-fpm/wordpress2_rewrite.stpl |  72 ++
 .../web/nginx/php-fpm/wordpress2_rewrite.tpl  |  67 ++
 .../17.10/templates/web/nginx/proxy_ip.tpl    |   9 +
 .../17.10/templates/web/php-fpm/default.tpl   |  21 +
 .../17.10/templates/web/php-fpm/no-php.tpl    |  20 +
 .../17.10/templates/web/php-fpm/socket.tpl    |  24 +
 .../web/skel/document_errors/403.html         |  29 +
 .../web/skel/document_errors/404.html         |  28 +
 .../web/skel/document_errors/50x.html         |  29 +
 .../templates/web/skel/public_html/index.html |  26 +
 .../templates/web/skel/public_html/robots.txt |   3 +
 .../web/skel/public_shtml/index.html          |  26 +
 .../web/skel/public_shtml/robots.txt          |   3 +
 .../17.10/templates/web/suspend/.htaccess     |   2 +
 .../17.10/templates/web/suspend/index.html    |  25 +
 .../templates/web/webalizer/webalizer.tpl     | 110 +++
 install/ubuntu/17.10/vsftpd/vsftpd.conf       |  27 +
 install/ubuntu/18.04/apache2/apache2.conf     |  94 ++
 install/ubuntu/18.04/apache2/status.conf      |   8 +
 install/ubuntu/18.04/bind/named.conf          |  12 +
 install/ubuntu/18.04/clamav/clamd.conf        |  61 ++
 install/ubuntu/18.04/deb_signing.key          |  30 +
 .../ubuntu/18.04/dovecot/conf.d/10-auth.conf  |   4 +
 .../18.04/dovecot/conf.d/10-logging.conf      |   1 +
 .../ubuntu/18.04/dovecot/conf.d/10-mail.conf  |   4 +
 .../18.04/dovecot/conf.d/10-master.conf       |  29 +
 .../ubuntu/18.04/dovecot/conf.d/10-ssl.conf   |   5 +
 .../ubuntu/18.04/dovecot/conf.d/20-imap.conf  |  58 ++
 .../ubuntu/18.04/dovecot/conf.d/20-pop3.conf  |  91 ++
 .../dovecot/conf.d/auth-passwdfile.conf.ext   |   9 +
 install/ubuntu/18.04/dovecot/dovecot.conf     |  24 +
 install/ubuntu/18.04/exim/dnsbl.conf          |   2 +
 install/ubuntu/18.04/exim/exim4.conf.template | 382 ++++++++
 install/ubuntu/18.04/exim/spam-blocks.conf    |   0
 .../ubuntu/18.04/fail2ban/action.d/vesta.conf |   9 +
 .../ubuntu/18.04/fail2ban/filter.d/vesta.conf |  10 +
 install/ubuntu/18.04/fail2ban/jail.local      |  51 ++
 install/ubuntu/18.04/firewall/ports.conf      |  17 +
 install/ubuntu/18.04/firewall/rules.conf      |  11 +
 install/ubuntu/18.04/logrotate/apache2        |  19 +
 install/ubuntu/18.04/logrotate/dovecot        |  12 +
 install/ubuntu/18.04/logrotate/nginx          |  13 +
 install/ubuntu/18.04/logrotate/vesta          |   7 +
 install/ubuntu/18.04/mysql/my-large.cnf       |  41 +
 install/ubuntu/18.04/mysql/my-medium.cnf      |  40 +
 install/ubuntu/18.04/mysql/my-small.cnf       |  40 +
 install/ubuntu/18.04/nginx/nginx.conf         | 136 +++
 install/ubuntu/18.04/nginx/phpmyadmin.inc     |  18 +
 install/ubuntu/18.04/nginx/phppgadmin.inc     |  11 +
 install/ubuntu/18.04/nginx/status.conf        |   9 +
 install/ubuntu/18.04/nginx/webmail.inc        |  15 +
 install/ubuntu/18.04/packages/default.pkg     |  18 +
 install/ubuntu/18.04/packages/gainsboro.pkg   |  18 +
 install/ubuntu/18.04/packages/palegreen.pkg   |  18 +
 install/ubuntu/18.04/packages/slategrey.pkg   |  18 +
 install/ubuntu/18.04/pga/config.inc.php       | 159 ++++
 install/ubuntu/18.04/pga/phppgadmin.conf      |  31 +
 install/ubuntu/18.04/php-fpm/www.conf         |  11 +
 install/ubuntu/18.04/pma/apache.conf          |  42 +
 install/ubuntu/18.04/pma/config.inc.php       | 146 +++
 install/ubuntu/18.04/postgresql/pg_hba.conf   |  11 +
 install/ubuntu/18.04/proftpd/proftpd.conf     |  32 +
 install/ubuntu/18.04/roundcube/apache.conf    |  40 +
 install/ubuntu/18.04/roundcube/config.inc.php |  33 +
 install/ubuntu/18.04/roundcube/db.inc.php     |  66 ++
 install/ubuntu/18.04/roundcube/main.inc.php   | 850 ++++++++++++++++++
 install/ubuntu/18.04/roundcube/vesta.php      |  71 ++
 install/ubuntu/18.04/sudo/admin               |   8 +
 .../ubuntu/18.04/templates/dns/child-ns.tpl   |  14 +
 .../ubuntu/18.04/templates/dns/default.tpl    |  18 +
 install/ubuntu/18.04/templates/dns/gmail.tpl  |  12 +
 .../18.04/templates/web/apache2/basedir.stpl  |  44 +
 .../18.04/templates/web/apache2/basedir.tpl   |  38 +
 .../18.04/templates/web/apache2/default.stpl  |  43 +
 .../18.04/templates/web/apache2/default.tpl   |  37 +
 .../18.04/templates/web/apache2/hosting.stpl  |  49 +
 .../18.04/templates/web/apache2/hosting.tpl   |  43 +
 .../18.04/templates/web/apache2/phpcgi.sh     |  16 +
 .../18.04/templates/web/apache2/phpcgi.stpl   |  38 +
 .../18.04/templates/web/apache2/phpcgi.tpl    |  31 +
 .../18.04/templates/web/apache2/phpfcgid.sh   |  22 +
 .../18.04/templates/web/apache2/phpfcgid.stpl |  39 +
 .../18.04/templates/web/apache2/phpfcgid.tpl  |  31 +
 .../18.04/templates/web/awstats/awstats.tpl   | 133 +++
 .../18.04/templates/web/awstats/index.tpl     |  10 +
 .../18.04/templates/web/awstats/nav.tpl       |  23 +
 .../18.04/templates/web/nginx/caching.sh      |  19 +
 .../18.04/templates/web/nginx/caching.stpl    |  44 +
 .../18.04/templates/web/nginx/caching.tpl     |  41 +
 .../18.04/templates/web/nginx/default.stpl    |  36 +
 .../18.04/templates/web/nginx/default.tpl     |  33 +
 .../18.04/templates/web/nginx/hosting.sh      |  11 +
 .../18.04/templates/web/nginx/hosting.stpl    |  38 +
 .../18.04/templates/web/nginx/hosting.tpl     |  35 +
 .../18.04/templates/web/nginx/http2.stpl      |  36 +
 .../18.04/templates/web/nginx/http2.tpl       |  33 +
 .../web/nginx/php-fpm/cms_made_simple.stpl    |  56 ++
 .../web/nginx/php-fpm/cms_made_simple.tpl     |  52 ++
 .../web/nginx/php-fpm/codeigniter2.stpl       |  61 ++
 .../web/nginx/php-fpm/codeigniter2.tpl        |  57 ++
 .../web/nginx/php-fpm/codeigniter3.stpl       |  56 ++
 .../web/nginx/php-fpm/codeigniter3.tpl        |  52 ++
 .../web/nginx/php-fpm/datalife_engine.stpl    | 127 +++
 .../web/nginx/php-fpm/datalife_engine.tpl     | 123 +++
 .../templates/web/nginx/php-fpm/default.stpl  |  55 ++
 .../templates/web/nginx/php-fpm/default.tpl   |  51 ++
 .../templates/web/nginx/php-fpm/dokuwiki.stpl |  72 ++
 .../templates/web/nginx/php-fpm/dokuwiki.tpl  |  67 ++
 .../templates/web/nginx/php-fpm/drupal6.stpl  | 101 +++
 .../templates/web/nginx/php-fpm/drupal6.tpl   |  98 ++
 .../templates/web/nginx/php-fpm/drupal7.stpl  | 101 +++
 .../templates/web/nginx/php-fpm/drupal7.tpl   |  98 ++
 .../templates/web/nginx/php-fpm/drupal8.stpl  | 102 +++
 .../templates/web/nginx/php-fpm/drupal8.tpl   |  99 ++
 .../templates/web/nginx/php-fpm/joomla.stpl   |  63 ++
 .../templates/web/nginx/php-fpm/joomla.tpl    |  59 ++
 .../templates/web/nginx/php-fpm/laravel.stpl  |  56 ++
 .../templates/web/nginx/php-fpm/laravel.tpl   |  50 ++
 .../templates/web/nginx/php-fpm/magento.stpl  | 198 ++++
 .../templates/web/nginx/php-fpm/magento.tpl   | 194 ++++
 .../templates/web/nginx/php-fpm/modx.stpl     |  69 ++
 .../templates/web/nginx/php-fpm/modx.tpl      |  65 ++
 .../templates/web/nginx/php-fpm/moodle.stpl   |  90 ++
 .../templates/web/nginx/php-fpm/moodle.tpl    |  87 ++
 .../templates/web/nginx/php-fpm/no-php.stpl   |  47 +
 .../templates/web/nginx/php-fpm/no-php.tpl    |  43 +
 .../templates/web/nginx/php-fpm/odoo.stpl     |  70 ++
 .../templates/web/nginx/php-fpm/odoo.tpl      |  66 ++
 .../templates/web/nginx/php-fpm/opencart.stpl |  59 ++
 .../templates/web/nginx/php-fpm/opencart.tpl  |  54 ++
 .../templates/web/nginx/php-fpm/owncloud.stpl |  85 ++
 .../templates/web/nginx/php-fpm/owncloud.tpl  |  81 ++
 .../templates/web/nginx/php-fpm/piwik.stpl    |  73 ++
 .../templates/web/nginx/php-fpm/piwik.tpl     |  69 ++
 .../templates/web/nginx/php-fpm/pyrocms.stpl  |  66 ++
 .../templates/web/nginx/php-fpm/pyrocms.tpl   |  62 ++
 .../templates/web/nginx/php-fpm/sendy.stpl    |  88 ++
 .../templates/web/nginx/php-fpm/sendy.tpl     |  86 ++
 .../web/nginx/php-fpm/wordpress.stpl          |  55 ++
 .../templates/web/nginx/php-fpm/wordpress.tpl |  51 ++
 .../web/nginx/php-fpm/wordpress2.stpl         |  67 ++
 .../web/nginx/php-fpm/wordpress2.tpl          |  63 ++
 .../web/nginx/php-fpm/wordpress2_rewrite.stpl |  72 ++
 .../web/nginx/php-fpm/wordpress2_rewrite.tpl  |  67 ++
 .../18.04/templates/web/nginx/proxy_ip.tpl    |   9 +
 .../18.04/templates/web/php-fpm/default.tpl   |  21 +
 .../18.04/templates/web/php-fpm/no-php.tpl    |  20 +
 .../18.04/templates/web/php-fpm/socket.tpl    |  24 +
 .../web/skel/document_errors/403.html         |  29 +
 .../web/skel/document_errors/404.html         |  28 +
 .../web/skel/document_errors/50x.html         |  29 +
 .../templates/web/skel/public_html/index.html |  26 +
 .../templates/web/skel/public_html/robots.txt |   3 +
 .../web/skel/public_shtml/index.html          |  26 +
 .../web/skel/public_shtml/robots.txt          |   3 +
 .../18.04/templates/web/suspend/.htaccess     |   2 +
 .../18.04/templates/web/suspend/index.html    |  25 +
 .../templates/web/webalizer/webalizer.tpl     | 110 +++
 install/ubuntu/18.04/vsftpd/vsftpd.conf       |  27 +
 426 files changed, 23631 insertions(+)
 create mode 100644 install/ubuntu/17.04/apache2/apache2.conf
 create mode 100644 install/ubuntu/17.04/apache2/status.conf
 create mode 100644 install/ubuntu/17.04/bind/named.conf
 create mode 100644 install/ubuntu/17.04/clamav/clamd.conf
 create mode 100644 install/ubuntu/17.04/deb_signing.key
 create mode 100644 install/ubuntu/17.04/dovecot/conf.d/10-auth.conf
 create mode 100644 install/ubuntu/17.04/dovecot/conf.d/10-logging.conf
 create mode 100644 install/ubuntu/17.04/dovecot/conf.d/10-mail.conf
 create mode 100644 install/ubuntu/17.04/dovecot/conf.d/10-master.conf
 create mode 100644 install/ubuntu/17.04/dovecot/conf.d/10-ssl.conf
 create mode 100644 install/ubuntu/17.04/dovecot/conf.d/20-imap.conf
 create mode 100644 install/ubuntu/17.04/dovecot/conf.d/20-pop3.conf
 create mode 100644 install/ubuntu/17.04/dovecot/conf.d/auth-passwdfile.conf.ext
 create mode 100644 install/ubuntu/17.04/dovecot/dovecot.conf
 create mode 100644 install/ubuntu/17.04/exim/dnsbl.conf
 create mode 100644 install/ubuntu/17.04/exim/exim4.conf.template
 create mode 100644 install/ubuntu/17.04/exim/spam-blocks.conf
 create mode 100644 install/ubuntu/17.04/fail2ban/action.d/vesta.conf
 create mode 100644 install/ubuntu/17.04/fail2ban/filter.d/vesta.conf
 create mode 100644 install/ubuntu/17.04/fail2ban/jail.local
 create mode 100644 install/ubuntu/17.04/firewall/ports.conf
 create mode 100644 install/ubuntu/17.04/firewall/rules.conf
 create mode 100644 install/ubuntu/17.04/logrotate/apache2
 create mode 100644 install/ubuntu/17.04/logrotate/dovecot
 create mode 100644 install/ubuntu/17.04/logrotate/nginx
 create mode 100644 install/ubuntu/17.04/logrotate/vesta
 create mode 100644 install/ubuntu/17.04/mysql/my-large.cnf
 create mode 100644 install/ubuntu/17.04/mysql/my-medium.cnf
 create mode 100644 install/ubuntu/17.04/mysql/my-small.cnf
 create mode 100644 install/ubuntu/17.04/nginx/nginx.conf
 create mode 100644 install/ubuntu/17.04/nginx/phpmyadmin.inc
 create mode 100644 install/ubuntu/17.04/nginx/phppgadmin.inc
 create mode 100644 install/ubuntu/17.04/nginx/status.conf
 create mode 100644 install/ubuntu/17.04/nginx/webmail.inc
 create mode 100644 install/ubuntu/17.04/packages/default.pkg
 create mode 100644 install/ubuntu/17.04/packages/gainsboro.pkg
 create mode 100644 install/ubuntu/17.04/packages/palegreen.pkg
 create mode 100644 install/ubuntu/17.04/packages/slategrey.pkg
 create mode 100644 install/ubuntu/17.04/pga/config.inc.php
 create mode 100644 install/ubuntu/17.04/pga/phppgadmin.conf
 create mode 100644 install/ubuntu/17.04/php-fpm/www.conf
 create mode 100644 install/ubuntu/17.04/pma/apache.conf
 create mode 100644 install/ubuntu/17.04/pma/config.inc.php
 create mode 100644 install/ubuntu/17.04/postgresql/pg_hba.conf
 create mode 100644 install/ubuntu/17.04/proftpd/proftpd.conf
 create mode 100644 install/ubuntu/17.04/roundcube/apache.conf
 create mode 100644 install/ubuntu/17.04/roundcube/config.inc.php
 create mode 100644 install/ubuntu/17.04/roundcube/db.inc.php
 create mode 100644 install/ubuntu/17.04/roundcube/main.inc.php
 create mode 100644 install/ubuntu/17.04/roundcube/vesta.php
 create mode 100644 install/ubuntu/17.04/sudo/admin
 create mode 100755 install/ubuntu/17.04/templates/dns/child-ns.tpl
 create mode 100755 install/ubuntu/17.04/templates/dns/default.tpl
 create mode 100755 install/ubuntu/17.04/templates/dns/gmail.tpl
 create mode 100644 install/ubuntu/17.04/templates/web/apache2/basedir.stpl
 create mode 100644 install/ubuntu/17.04/templates/web/apache2/basedir.tpl
 create mode 100644 install/ubuntu/17.04/templates/web/apache2/default.stpl
 create mode 100644 install/ubuntu/17.04/templates/web/apache2/default.tpl
 create mode 100644 install/ubuntu/17.04/templates/web/apache2/hosting.stpl
 create mode 100644 install/ubuntu/17.04/templates/web/apache2/hosting.tpl
 create mode 100755 install/ubuntu/17.04/templates/web/apache2/phpcgi.sh
 create mode 100644 install/ubuntu/17.04/templates/web/apache2/phpcgi.stpl
 create mode 100644 install/ubuntu/17.04/templates/web/apache2/phpcgi.tpl
 create mode 100755 install/ubuntu/17.04/templates/web/apache2/phpfcgid.sh
 create mode 100644 install/ubuntu/17.04/templates/web/apache2/phpfcgid.stpl
 create mode 100644 install/ubuntu/17.04/templates/web/apache2/phpfcgid.tpl
 create mode 100755 install/ubuntu/17.04/templates/web/awstats/awstats.tpl
 create mode 100755 install/ubuntu/17.04/templates/web/awstats/index.tpl
 create mode 100755 install/ubuntu/17.04/templates/web/awstats/nav.tpl
 create mode 100755 install/ubuntu/17.04/templates/web/nginx/caching.sh
 create mode 100755 install/ubuntu/17.04/templates/web/nginx/caching.stpl
 create mode 100755 install/ubuntu/17.04/templates/web/nginx/caching.tpl
 create mode 100755 install/ubuntu/17.04/templates/web/nginx/default.stpl
 create mode 100755 install/ubuntu/17.04/templates/web/nginx/default.tpl
 create mode 100755 install/ubuntu/17.04/templates/web/nginx/hosting.sh
 create mode 100755 install/ubuntu/17.04/templates/web/nginx/hosting.stpl
 create mode 100755 install/ubuntu/17.04/templates/web/nginx/hosting.tpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/http2.stpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/http2.tpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/cms_made_simple.stpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/cms_made_simple.tpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/codeigniter2.stpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/codeigniter2.tpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/codeigniter3.stpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/codeigniter3.tpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/datalife_engine.stpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/datalife_engine.tpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/default.stpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/default.tpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/dokuwiki.stpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/dokuwiki.tpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal6.stpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal6.tpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.stpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.tpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.stpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.tpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/joomla.stpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/joomla.tpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/laravel.stpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/laravel.tpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/magento.stpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/magento.tpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/modx.stpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/modx.tpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/moodle.stpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/moodle.tpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/no-php.stpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/no-php.tpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/odoo.stpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/odoo.tpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/opencart.stpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/opencart.tpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/owncloud.stpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/owncloud.tpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/piwik.stpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/piwik.tpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/pyrocms.stpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/pyrocms.tpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/sendy.stpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/sendy.tpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress.stpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress.tpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress2.stpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress2.tpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl
 create mode 100644 install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl
 create mode 100755 install/ubuntu/17.04/templates/web/nginx/proxy_ip.tpl
 create mode 100644 install/ubuntu/17.04/templates/web/php-fpm/default.tpl
 create mode 100644 install/ubuntu/17.04/templates/web/php-fpm/no-php.tpl
 create mode 100644 install/ubuntu/17.04/templates/web/php-fpm/socket.tpl
 create mode 100755 install/ubuntu/17.04/templates/web/skel/document_errors/403.html
 create mode 100755 install/ubuntu/17.04/templates/web/skel/document_errors/404.html
 create mode 100755 install/ubuntu/17.04/templates/web/skel/document_errors/50x.html
 create mode 100755 install/ubuntu/17.04/templates/web/skel/public_html/index.html
 create mode 100755 install/ubuntu/17.04/templates/web/skel/public_html/robots.txt
 create mode 100755 install/ubuntu/17.04/templates/web/skel/public_shtml/index.html
 create mode 100755 install/ubuntu/17.04/templates/web/skel/public_shtml/robots.txt
 create mode 100755 install/ubuntu/17.04/templates/web/suspend/.htaccess
 create mode 100755 install/ubuntu/17.04/templates/web/suspend/index.html
 create mode 100755 install/ubuntu/17.04/templates/web/webalizer/webalizer.tpl
 create mode 100644 install/ubuntu/17.04/vsftpd/vsftpd.conf
 create mode 100644 install/ubuntu/17.10/apache2/apache2.conf
 create mode 100644 install/ubuntu/17.10/apache2/status.conf
 create mode 100644 install/ubuntu/17.10/bind/named.conf
 create mode 100644 install/ubuntu/17.10/clamav/clamd.conf
 create mode 100644 install/ubuntu/17.10/deb_signing.key
 create mode 100644 install/ubuntu/17.10/dovecot/conf.d/10-auth.conf
 create mode 100644 install/ubuntu/17.10/dovecot/conf.d/10-logging.conf
 create mode 100644 install/ubuntu/17.10/dovecot/conf.d/10-mail.conf
 create mode 100644 install/ubuntu/17.10/dovecot/conf.d/10-master.conf
 create mode 100644 install/ubuntu/17.10/dovecot/conf.d/10-ssl.conf
 create mode 100644 install/ubuntu/17.10/dovecot/conf.d/20-imap.conf
 create mode 100644 install/ubuntu/17.10/dovecot/conf.d/20-pop3.conf
 create mode 100644 install/ubuntu/17.10/dovecot/conf.d/auth-passwdfile.conf.ext
 create mode 100644 install/ubuntu/17.10/dovecot/dovecot.conf
 create mode 100644 install/ubuntu/17.10/exim/dnsbl.conf
 create mode 100644 install/ubuntu/17.10/exim/exim4.conf.template
 create mode 100644 install/ubuntu/17.10/exim/spam-blocks.conf
 create mode 100644 install/ubuntu/17.10/fail2ban/action.d/vesta.conf
 create mode 100644 install/ubuntu/17.10/fail2ban/filter.d/vesta.conf
 create mode 100644 install/ubuntu/17.10/fail2ban/jail.local
 create mode 100644 install/ubuntu/17.10/firewall/ports.conf
 create mode 100644 install/ubuntu/17.10/firewall/rules.conf
 create mode 100644 install/ubuntu/17.10/logrotate/apache2
 create mode 100644 install/ubuntu/17.10/logrotate/dovecot
 create mode 100644 install/ubuntu/17.10/logrotate/nginx
 create mode 100644 install/ubuntu/17.10/logrotate/vesta
 create mode 100644 install/ubuntu/17.10/mysql/my-large.cnf
 create mode 100644 install/ubuntu/17.10/mysql/my-medium.cnf
 create mode 100644 install/ubuntu/17.10/mysql/my-small.cnf
 create mode 100644 install/ubuntu/17.10/nginx/nginx.conf
 create mode 100644 install/ubuntu/17.10/nginx/phpmyadmin.inc
 create mode 100644 install/ubuntu/17.10/nginx/phppgadmin.inc
 create mode 100644 install/ubuntu/17.10/nginx/status.conf
 create mode 100644 install/ubuntu/17.10/nginx/webmail.inc
 create mode 100644 install/ubuntu/17.10/packages/default.pkg
 create mode 100644 install/ubuntu/17.10/packages/gainsboro.pkg
 create mode 100644 install/ubuntu/17.10/packages/palegreen.pkg
 create mode 100644 install/ubuntu/17.10/packages/slategrey.pkg
 create mode 100644 install/ubuntu/17.10/pga/config.inc.php
 create mode 100644 install/ubuntu/17.10/pga/phppgadmin.conf
 create mode 100644 install/ubuntu/17.10/php-fpm/www.conf
 create mode 100644 install/ubuntu/17.10/pma/apache.conf
 create mode 100644 install/ubuntu/17.10/pma/config.inc.php
 create mode 100644 install/ubuntu/17.10/postgresql/pg_hba.conf
 create mode 100644 install/ubuntu/17.10/proftpd/proftpd.conf
 create mode 100644 install/ubuntu/17.10/roundcube/apache.conf
 create mode 100644 install/ubuntu/17.10/roundcube/config.inc.php
 create mode 100644 install/ubuntu/17.10/roundcube/db.inc.php
 create mode 100644 install/ubuntu/17.10/roundcube/main.inc.php
 create mode 100644 install/ubuntu/17.10/roundcube/vesta.php
 create mode 100644 install/ubuntu/17.10/sudo/admin
 create mode 100755 install/ubuntu/17.10/templates/dns/child-ns.tpl
 create mode 100755 install/ubuntu/17.10/templates/dns/default.tpl
 create mode 100755 install/ubuntu/17.10/templates/dns/gmail.tpl
 create mode 100644 install/ubuntu/17.10/templates/web/apache2/basedir.stpl
 create mode 100644 install/ubuntu/17.10/templates/web/apache2/basedir.tpl
 create mode 100644 install/ubuntu/17.10/templates/web/apache2/default.stpl
 create mode 100644 install/ubuntu/17.10/templates/web/apache2/default.tpl
 create mode 100644 install/ubuntu/17.10/templates/web/apache2/hosting.stpl
 create mode 100644 install/ubuntu/17.10/templates/web/apache2/hosting.tpl
 create mode 100755 install/ubuntu/17.10/templates/web/apache2/phpcgi.sh
 create mode 100644 install/ubuntu/17.10/templates/web/apache2/phpcgi.stpl
 create mode 100644 install/ubuntu/17.10/templates/web/apache2/phpcgi.tpl
 create mode 100755 install/ubuntu/17.10/templates/web/apache2/phpfcgid.sh
 create mode 100644 install/ubuntu/17.10/templates/web/apache2/phpfcgid.stpl
 create mode 100644 install/ubuntu/17.10/templates/web/apache2/phpfcgid.tpl
 create mode 100755 install/ubuntu/17.10/templates/web/awstats/awstats.tpl
 create mode 100755 install/ubuntu/17.10/templates/web/awstats/index.tpl
 create mode 100755 install/ubuntu/17.10/templates/web/awstats/nav.tpl
 create mode 100755 install/ubuntu/17.10/templates/web/nginx/caching.sh
 create mode 100755 install/ubuntu/17.10/templates/web/nginx/caching.stpl
 create mode 100755 install/ubuntu/17.10/templates/web/nginx/caching.tpl
 create mode 100755 install/ubuntu/17.10/templates/web/nginx/default.stpl
 create mode 100755 install/ubuntu/17.10/templates/web/nginx/default.tpl
 create mode 100755 install/ubuntu/17.10/templates/web/nginx/hosting.sh
 create mode 100755 install/ubuntu/17.10/templates/web/nginx/hosting.stpl
 create mode 100755 install/ubuntu/17.10/templates/web/nginx/hosting.tpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/http2.stpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/http2.tpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/cms_made_simple.stpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/cms_made_simple.tpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/codeigniter2.stpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/codeigniter2.tpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/codeigniter3.stpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/codeigniter3.tpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/datalife_engine.stpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/datalife_engine.tpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/default.stpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/default.tpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/dokuwiki.stpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/dokuwiki.tpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal6.stpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal6.tpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.stpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.tpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.stpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.tpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/joomla.stpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/joomla.tpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/laravel.stpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/laravel.tpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/magento.stpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/magento.tpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/modx.stpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/modx.tpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/moodle.stpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/moodle.tpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/no-php.stpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/no-php.tpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/odoo.stpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/odoo.tpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/opencart.stpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/opencart.tpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/owncloud.stpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/owncloud.tpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/piwik.stpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/piwik.tpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/pyrocms.stpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/pyrocms.tpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/sendy.stpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/sendy.tpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress.stpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress.tpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress2.stpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress2.tpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl
 create mode 100644 install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl
 create mode 100755 install/ubuntu/17.10/templates/web/nginx/proxy_ip.tpl
 create mode 100644 install/ubuntu/17.10/templates/web/php-fpm/default.tpl
 create mode 100644 install/ubuntu/17.10/templates/web/php-fpm/no-php.tpl
 create mode 100644 install/ubuntu/17.10/templates/web/php-fpm/socket.tpl
 create mode 100755 install/ubuntu/17.10/templates/web/skel/document_errors/403.html
 create mode 100755 install/ubuntu/17.10/templates/web/skel/document_errors/404.html
 create mode 100755 install/ubuntu/17.10/templates/web/skel/document_errors/50x.html
 create mode 100755 install/ubuntu/17.10/templates/web/skel/public_html/index.html
 create mode 100755 install/ubuntu/17.10/templates/web/skel/public_html/robots.txt
 create mode 100755 install/ubuntu/17.10/templates/web/skel/public_shtml/index.html
 create mode 100755 install/ubuntu/17.10/templates/web/skel/public_shtml/robots.txt
 create mode 100755 install/ubuntu/17.10/templates/web/suspend/.htaccess
 create mode 100755 install/ubuntu/17.10/templates/web/suspend/index.html
 create mode 100755 install/ubuntu/17.10/templates/web/webalizer/webalizer.tpl
 create mode 100644 install/ubuntu/17.10/vsftpd/vsftpd.conf
 create mode 100644 install/ubuntu/18.04/apache2/apache2.conf
 create mode 100644 install/ubuntu/18.04/apache2/status.conf
 create mode 100644 install/ubuntu/18.04/bind/named.conf
 create mode 100644 install/ubuntu/18.04/clamav/clamd.conf
 create mode 100644 install/ubuntu/18.04/deb_signing.key
 create mode 100644 install/ubuntu/18.04/dovecot/conf.d/10-auth.conf
 create mode 100644 install/ubuntu/18.04/dovecot/conf.d/10-logging.conf
 create mode 100644 install/ubuntu/18.04/dovecot/conf.d/10-mail.conf
 create mode 100644 install/ubuntu/18.04/dovecot/conf.d/10-master.conf
 create mode 100644 install/ubuntu/18.04/dovecot/conf.d/10-ssl.conf
 create mode 100644 install/ubuntu/18.04/dovecot/conf.d/20-imap.conf
 create mode 100644 install/ubuntu/18.04/dovecot/conf.d/20-pop3.conf
 create mode 100644 install/ubuntu/18.04/dovecot/conf.d/auth-passwdfile.conf.ext
 create mode 100644 install/ubuntu/18.04/dovecot/dovecot.conf
 create mode 100644 install/ubuntu/18.04/exim/dnsbl.conf
 create mode 100644 install/ubuntu/18.04/exim/exim4.conf.template
 create mode 100644 install/ubuntu/18.04/exim/spam-blocks.conf
 create mode 100644 install/ubuntu/18.04/fail2ban/action.d/vesta.conf
 create mode 100644 install/ubuntu/18.04/fail2ban/filter.d/vesta.conf
 create mode 100644 install/ubuntu/18.04/fail2ban/jail.local
 create mode 100644 install/ubuntu/18.04/firewall/ports.conf
 create mode 100644 install/ubuntu/18.04/firewall/rules.conf
 create mode 100644 install/ubuntu/18.04/logrotate/apache2
 create mode 100644 install/ubuntu/18.04/logrotate/dovecot
 create mode 100644 install/ubuntu/18.04/logrotate/nginx
 create mode 100644 install/ubuntu/18.04/logrotate/vesta
 create mode 100644 install/ubuntu/18.04/mysql/my-large.cnf
 create mode 100644 install/ubuntu/18.04/mysql/my-medium.cnf
 create mode 100644 install/ubuntu/18.04/mysql/my-small.cnf
 create mode 100644 install/ubuntu/18.04/nginx/nginx.conf
 create mode 100644 install/ubuntu/18.04/nginx/phpmyadmin.inc
 create mode 100644 install/ubuntu/18.04/nginx/phppgadmin.inc
 create mode 100644 install/ubuntu/18.04/nginx/status.conf
 create mode 100644 install/ubuntu/18.04/nginx/webmail.inc
 create mode 100644 install/ubuntu/18.04/packages/default.pkg
 create mode 100644 install/ubuntu/18.04/packages/gainsboro.pkg
 create mode 100644 install/ubuntu/18.04/packages/palegreen.pkg
 create mode 100644 install/ubuntu/18.04/packages/slategrey.pkg
 create mode 100644 install/ubuntu/18.04/pga/config.inc.php
 create mode 100644 install/ubuntu/18.04/pga/phppgadmin.conf
 create mode 100644 install/ubuntu/18.04/php-fpm/www.conf
 create mode 100644 install/ubuntu/18.04/pma/apache.conf
 create mode 100644 install/ubuntu/18.04/pma/config.inc.php
 create mode 100644 install/ubuntu/18.04/postgresql/pg_hba.conf
 create mode 100644 install/ubuntu/18.04/proftpd/proftpd.conf
 create mode 100644 install/ubuntu/18.04/roundcube/apache.conf
 create mode 100644 install/ubuntu/18.04/roundcube/config.inc.php
 create mode 100644 install/ubuntu/18.04/roundcube/db.inc.php
 create mode 100644 install/ubuntu/18.04/roundcube/main.inc.php
 create mode 100644 install/ubuntu/18.04/roundcube/vesta.php
 create mode 100644 install/ubuntu/18.04/sudo/admin
 create mode 100755 install/ubuntu/18.04/templates/dns/child-ns.tpl
 create mode 100755 install/ubuntu/18.04/templates/dns/default.tpl
 create mode 100755 install/ubuntu/18.04/templates/dns/gmail.tpl
 create mode 100644 install/ubuntu/18.04/templates/web/apache2/basedir.stpl
 create mode 100644 install/ubuntu/18.04/templates/web/apache2/basedir.tpl
 create mode 100644 install/ubuntu/18.04/templates/web/apache2/default.stpl
 create mode 100644 install/ubuntu/18.04/templates/web/apache2/default.tpl
 create mode 100644 install/ubuntu/18.04/templates/web/apache2/hosting.stpl
 create mode 100644 install/ubuntu/18.04/templates/web/apache2/hosting.tpl
 create mode 100755 install/ubuntu/18.04/templates/web/apache2/phpcgi.sh
 create mode 100644 install/ubuntu/18.04/templates/web/apache2/phpcgi.stpl
 create mode 100644 install/ubuntu/18.04/templates/web/apache2/phpcgi.tpl
 create mode 100755 install/ubuntu/18.04/templates/web/apache2/phpfcgid.sh
 create mode 100644 install/ubuntu/18.04/templates/web/apache2/phpfcgid.stpl
 create mode 100644 install/ubuntu/18.04/templates/web/apache2/phpfcgid.tpl
 create mode 100755 install/ubuntu/18.04/templates/web/awstats/awstats.tpl
 create mode 100755 install/ubuntu/18.04/templates/web/awstats/index.tpl
 create mode 100755 install/ubuntu/18.04/templates/web/awstats/nav.tpl
 create mode 100755 install/ubuntu/18.04/templates/web/nginx/caching.sh
 create mode 100755 install/ubuntu/18.04/templates/web/nginx/caching.stpl
 create mode 100755 install/ubuntu/18.04/templates/web/nginx/caching.tpl
 create mode 100755 install/ubuntu/18.04/templates/web/nginx/default.stpl
 create mode 100755 install/ubuntu/18.04/templates/web/nginx/default.tpl
 create mode 100755 install/ubuntu/18.04/templates/web/nginx/hosting.sh
 create mode 100755 install/ubuntu/18.04/templates/web/nginx/hosting.stpl
 create mode 100755 install/ubuntu/18.04/templates/web/nginx/hosting.tpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/http2.stpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/http2.tpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/cms_made_simple.stpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/cms_made_simple.tpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter2.stpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter2.tpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter3.stpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter3.tpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/datalife_engine.stpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/datalife_engine.tpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/default.stpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/default.tpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/dokuwiki.stpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/dokuwiki.tpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.stpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.tpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.stpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.tpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.stpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.tpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/joomla.stpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/joomla.tpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/laravel.stpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/laravel.tpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/magento.stpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/magento.tpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/modx.stpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/modx.tpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/moodle.stpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/moodle.tpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/no-php.stpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/no-php.tpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/odoo.stpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/odoo.tpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/opencart.stpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/opencart.tpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/owncloud.stpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/owncloud.tpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/piwik.stpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/piwik.tpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/pyrocms.stpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/pyrocms.tpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/sendy.stpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/sendy.tpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress.stpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress.tpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2.stpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2.tpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl
 create mode 100755 install/ubuntu/18.04/templates/web/nginx/proxy_ip.tpl
 create mode 100644 install/ubuntu/18.04/templates/web/php-fpm/default.tpl
 create mode 100644 install/ubuntu/18.04/templates/web/php-fpm/no-php.tpl
 create mode 100644 install/ubuntu/18.04/templates/web/php-fpm/socket.tpl
 create mode 100755 install/ubuntu/18.04/templates/web/skel/document_errors/403.html
 create mode 100755 install/ubuntu/18.04/templates/web/skel/document_errors/404.html
 create mode 100755 install/ubuntu/18.04/templates/web/skel/document_errors/50x.html
 create mode 100755 install/ubuntu/18.04/templates/web/skel/public_html/index.html
 create mode 100755 install/ubuntu/18.04/templates/web/skel/public_html/robots.txt
 create mode 100755 install/ubuntu/18.04/templates/web/skel/public_shtml/index.html
 create mode 100755 install/ubuntu/18.04/templates/web/skel/public_shtml/robots.txt
 create mode 100755 install/ubuntu/18.04/templates/web/suspend/.htaccess
 create mode 100755 install/ubuntu/18.04/templates/web/suspend/index.html
 create mode 100755 install/ubuntu/18.04/templates/web/webalizer/webalizer.tpl
 create mode 100644 install/ubuntu/18.04/vsftpd/vsftpd.conf

diff --git a/install/ubuntu/17.04/apache2/apache2.conf b/install/ubuntu/17.04/apache2/apache2.conf
new file mode 100644
index 00000000..2756132a
--- /dev/null
+++ b/install/ubuntu/17.04/apache2/apache2.conf
@@ -0,0 +1,94 @@
+# It is split into several files forming the configuration hierarchy outlined
+# below, all located in the /etc/apache2/ directory:
+#
+#	/etc/apache2/
+#	|-- apache2.conf
+#	|	`--  ports.conf
+#	|-- mods-enabled
+#	|	|-- *.load
+#	|	`-- *.conf
+#	|-- conf.d
+#	|	`-- *
+
+# Global configuration
+PidFile ${APACHE_PID_FILE}
+Timeout 30
+KeepAlive Off
+MaxKeepAliveRequests 100
+KeepAliveTimeout 10
+
+
+    StartServers          8
+    MinSpareServers       5
+    MaxSpareServers      20
+    ServerLimit         256
+    MaxClients          200
+    MaxRequestsPerChild 4000
+
+
+
+    StartServers          2
+    MinSpareThreads      25
+    MaxSpareThreads      75 
+    ThreadLimit          64
+    ThreadsPerChild      25
+    MaxClients          200
+    MaxRequestsPerChild 4000
+
+
+
+    StartServers          2
+    MinSpareThreads      25
+    MaxSpareThreads      75 
+    ThreadLimit          64
+    ThreadsPerChild      25
+    MaxClients          200
+    MaxRequestsPerChild 4000
+
+
+# These need to be set in /etc/apache2/envvars
+User ${APACHE_RUN_USER}
+Group ${APACHE_RUN_GROUP}
+#User www-data
+#Group www-data
+
+AccessFileName .htaccess
+
+
+    Order allow,deny
+    Deny from all
+    Satisfy all
+
+
+DefaultType None
+HostnameLookups Off
+
+ErrorLog ${APACHE_LOG_DIR}/error.log
+LogLevel warn
+
+# Include module configuration:
+Include mods-enabled/*.load
+Include mods-enabled/*.conf
+
+# Include list of ports to listen on and which to use for name based vhosts
+Include ports.conf
+
+LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
+LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
+LogFormat "%h %l %u %t \"%r\" %>s %O" common
+LogFormat "%{Referer}i -> %U" referer
+LogFormat "%{User-agent}i" agent
+LogFormat "%b" bytes
+
+Include conf.d/
+
+# Include the virtual host configurations:
+#Include sites-enabled/
+
+ErrorDocument 403 /error/403.html
+ErrorDocument 404 /error/404.html
+ErrorDocument 500 /error/50x.html
+ErrorDocument 501 /error/50x.html
+ErrorDocument 502 /error/50x.html
+ErrorDocument 503 /error/50x.html
+ErrorDocument 506 /error/50x.html
diff --git a/install/ubuntu/17.04/apache2/status.conf b/install/ubuntu/17.04/apache2/status.conf
new file mode 100644
index 00000000..da9d9633
--- /dev/null
+++ b/install/ubuntu/17.04/apache2/status.conf
@@ -0,0 +1,8 @@
+Listen 127.0.0.1:8081
+
+    SetHandler server-status
+    Order deny,allow
+    Deny from all
+    Allow from 127.0.0.1
+    Allow from all
+
diff --git a/install/ubuntu/17.04/bind/named.conf b/install/ubuntu/17.04/bind/named.conf
new file mode 100644
index 00000000..ed6ece88
--- /dev/null
+++ b/install/ubuntu/17.04/bind/named.conf
@@ -0,0 +1,12 @@
+// This is the primary configuration file for the BIND DNS server named.
+//
+// Please read /usr/share/doc/bind9/README.Debian.gz for information on the 
+// structure of BIND configuration files in Debian, *BEFORE* you customize 
+// this configuration file.
+//
+// If you are just adding zones, please do that in /etc/bind/named.conf.local
+
+include "/etc/bind/named.conf.options";
+include "/etc/bind/named.conf.local";
+include "/etc/bind/named.conf.default-zones";
+
diff --git a/install/ubuntu/17.04/clamav/clamd.conf b/install/ubuntu/17.04/clamav/clamd.conf
new file mode 100644
index 00000000..4e04356e
--- /dev/null
+++ b/install/ubuntu/17.04/clamav/clamd.conf
@@ -0,0 +1,61 @@
+#Automatically Generated by clamav-base postinst
+#To reconfigure clamd run #dpkg-reconfigure clamav-base
+#Please read /usr/share/doc/clamav-base/README.Debian.gz for details
+LocalSocket /var/run/clamav/clamd.ctl
+FixStaleSocket true
+LocalSocketGroup clamav
+LocalSocketMode 666
+# TemporaryDirectory is not set to its default /tmp here to make overriding
+# the default with environment variables TMPDIR/TMP/TEMP possible
+User clamav
+# AllowSupplementaryGroups true
+ScanMail true
+ScanArchive true
+ArchiveBlockEncrypted false
+MaxDirectoryRecursion 15
+FollowDirectorySymlinks false
+FollowFileSymlinks false
+ReadTimeout 180
+MaxThreads 12
+MaxConnectionQueueLength 15
+LogSyslog false
+LogFacility LOG_LOCAL6
+LogClean false
+LogVerbose true
+PidFile /var/run/clamav/clamd.pid
+DatabaseDirectory /var/lib/clamav
+SelfCheck 3600
+Foreground false
+Debug false
+ScanPE true
+ScanOLE2 true
+ScanHTML true
+DetectBrokenExecutables false
+ExitOnOOM false
+LeaveTemporaryFiles false
+AlgorithmicDetection true
+ScanELF true
+IdleTimeout 30
+PhishingSignatures true
+PhishingScanURLs true
+PhishingAlwaysBlockSSLMismatch false
+PhishingAlwaysBlockCloak false
+DetectPUA false
+ScanPartialMessages false
+HeuristicScanPrecedence false
+StructuredDataDetection false
+CommandReadTimeout 5
+SendBufTimeout 200
+MaxQueue 100
+ExtendedDetectionInfo true
+OLE2BlockMacros false
+StreamMaxLength 25M
+LogFile /var/log/clamav/clamav.log
+LogTime true
+LogFileUnlock false
+LogFileMaxSize 0
+Bytecode true
+BytecodeSecurity TrustSigned
+BytecodeTimeout 60000
+OfficialDatabaseOnly false
+CrossFilesystems true
diff --git a/install/ubuntu/17.04/deb_signing.key b/install/ubuntu/17.04/deb_signing.key
new file mode 100644
index 00000000..2ad2db8b
--- /dev/null
+++ b/install/ubuntu/17.04/deb_signing.key
@@ -0,0 +1,30 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: GnuPG v1.4.12 (GNU/Linux)
+
+mQENBFJIGbEBCAC8SHOOFo7iDTbnC2GhNZ+uBGCh226Dn1QPoFZNFM/DNakHZ6rD
+G3wzr8++eKz4fJual/VLllE2N9XDPuxbozb3LLkcyY1WzJqtIXbXhFGQ/SuIeT+x
+QY90XU6t2Ckze2c+zUniAWmJ8GSyVmXOoc9JxAQ1u47wvGXLzrjWXc8u8PNRYXuf
+fZplTL+dFu9P0d6lP8FGsV+r9wXvvazpRTz3+H8PKrGCYT55ZQIEdG9Jgamylto2
+oVPFXkwGML+TLw6oeCIBuz2y2vtivphW4MJ3ifQjDj7k3n+DTIxfDFs8lB6VRhhY
+2nMHCrcZC6U2mhmXmr6O4s1fu6irBVx05ejPABEBAAG0IFNlcmdoZXkgUm9kaW4g
+PHNraWRAdmVzdGFjcC5jb20+iQE4BBMBAgAiBQJSSBmxAhsDBgsJCAcDAgYVCAIJ
+CgsEFgIDAQIeAQIXgAAKCRBCxbITCh93FPdqB/93GjV9g+wBfeZYLHQK9MDU2wBb
+VloYOJJae6IvYKYQVAJayD3PbHdpxrF8s9e23vdnmb9jKu6jX6oV54EIyqP2HPiN
+QYc8wcea+eSHerznBixCtoQh8mtdWGFeN71zU/ig7L5qlOVF/EmxDVZTFUeivFxh
+IV6qyBnktQKktE45585yKZyyLtfGoXA54DGK69OtJFh+wdkKEMmUXocMl7wUrxW6
+Cx2CuKeEXEgvwu8mRHQi3S3T9XP456qWEn5dWyMVcP660IzEuZfSJApZusNK7zG3
+WMy0/EuX7xHNY3mcNxTOUN1LsO7iHnhHD9+iKWJo9parGkMZzc92MpjDK/g7uQEN
+BFJIGbEBCAC7k5QEA9WQM7E3ceNaeLMrA9lXfuzaNCcySq7ONdVAa5PxzbSKdHvz
+QFoL1VFqBTYQ038lbil1XqnoM0zvIfAI3LcpS8sq92El/vPxp6jZh2Ari9Uw7x95
+k2cZMgI67g+zQMGdjVRA155nFQRCgg000xU4F7JA6+WsuLlVUmccsDv7YWJExMtC
+YPxiuz5DFu8RALnw4Ckts+dbwsrcvUHhkm9b6RAsdCKjjRpUZjLgdltjH83gUVvt
+i1YmdjjsVpt95dtsaG+ad852g/Rk8EdxNMkjPF6HLA67CLADP9wYaj80yPcPtylS
+ycvPtcclVeHkFBRVM8xZpQd4iD19MWI1ABEBAAGJAR8EGAECAAkFAlJIGbECGwwA
+CgkQQsWyEwofdxQ7tQgAhB0FwTs7L8Qr63DHC2yAnXVxgtTAY1/36CccNXVculyR
++EkLcwahms9AKhz7eQb+Mud+5vH0GRohLp2npgO38CjVUfIP5d+Y6dsthmrkF6p8
+XdV1dVK9vWX+i/YZSw/Mded30Cq4P2Yhq9EaemMT0rtli8lz2NnkZ9dFJZk1lzJC
+CZmRpbjSNWqRU4f7qyh21lYk/OC/0XE8fh8CaO23TZ+6gBionoCztwb7NyC9OArN
+qYlNnbmh9iNqdblykPS3bkjf34n2xyMgnIehNrM89tk8PY4UfNPhgT1TMD9W3Svq
+ynNZvLuF/FIDwDeC1qcfjGbfDn9fXO/lMIIRooQYKQ==
+=J2HJ
+-----END PGP PUBLIC KEY BLOCK-----
diff --git a/install/ubuntu/17.04/dovecot/conf.d/10-auth.conf b/install/ubuntu/17.04/dovecot/conf.d/10-auth.conf
new file mode 100644
index 00000000..dfcc8311
--- /dev/null
+++ b/install/ubuntu/17.04/dovecot/conf.d/10-auth.conf
@@ -0,0 +1,4 @@
+disable_plaintext_auth = no
+auth_verbose = yes
+auth_mechanisms = plain login
+!include auth-passwdfile.conf.ext
diff --git a/install/ubuntu/17.04/dovecot/conf.d/10-logging.conf b/install/ubuntu/17.04/dovecot/conf.d/10-logging.conf
new file mode 100644
index 00000000..a5f207d5
--- /dev/null
+++ b/install/ubuntu/17.04/dovecot/conf.d/10-logging.conf
@@ -0,0 +1 @@
+log_path = /var/log/dovecot.log
diff --git a/install/ubuntu/17.04/dovecot/conf.d/10-mail.conf b/install/ubuntu/17.04/dovecot/conf.d/10-mail.conf
new file mode 100644
index 00000000..55313419
--- /dev/null
+++ b/install/ubuntu/17.04/dovecot/conf.d/10-mail.conf
@@ -0,0 +1,4 @@
+mail_privileged_group = mail
+mail_access_groups = mail
+mail_location = maildir:%h/mail/%d/%n
+pop3_uidl_format = %08Xu%08Xv
diff --git a/install/ubuntu/17.04/dovecot/conf.d/10-master.conf b/install/ubuntu/17.04/dovecot/conf.d/10-master.conf
new file mode 100644
index 00000000..a75a9aaa
--- /dev/null
+++ b/install/ubuntu/17.04/dovecot/conf.d/10-master.conf
@@ -0,0 +1,29 @@
+service imap-login {
+  inet_listener imap {
+  }
+  inet_listener imaps {
+  }
+}
+
+service pop3-login {
+  inet_listener pop3 {
+  }
+  inet_listener pop3s {
+  }
+}
+
+
+service imap {
+}
+
+service pop3 {
+}
+
+service auth {
+  unix_listener auth-client {
+    group = mail
+    mode = 0660
+    user = dovecot
+  }
+  user = dovecot
+}
diff --git a/install/ubuntu/17.04/dovecot/conf.d/10-ssl.conf b/install/ubuntu/17.04/dovecot/conf.d/10-ssl.conf
new file mode 100644
index 00000000..24cbf3e2
--- /dev/null
+++ b/install/ubuntu/17.04/dovecot/conf.d/10-ssl.conf
@@ -0,0 +1,5 @@
+ssl = yes
+ssl_protocols = !SSLv2 !SSLv3
+
+ssl_cert = = 2.1.4)    : %v.%u
+  #  Dovecot v0.99.x     : %v.%u
+  #  tpop3d              : %Mf
+  #
+  # Note that Outlook 2003 seems to have problems with %v.%u format which was
+  # Dovecot's default, so if you're building a new server it would be a good
+  # idea to change this. %08Xu%08Xv should be pretty fail-safe.
+  #
+  #pop3_uidl_format = %08Xu%08Xv
+
+  # Permanently save UIDLs sent to POP3 clients, so pop3_uidl_format changes
+  # won't change those UIDLs. Currently this works only with Maildir.
+  #pop3_save_uidl = no
+
+  # What to do about duplicate UIDLs if they exist?
+  #   allow: Show duplicates to clients.
+  #   rename: Append a temporary -2, -3, etc. counter after the UIDL.
+  #pop3_uidl_duplicates = allow
+
+  # POP3 logout format string:
+  #  %i - total number of bytes read from client
+  #  %o - total number of bytes sent to client
+  #  %t - number of TOP commands
+  #  %p - number of bytes sent to client as a result of TOP command
+  #  %r - number of RETR commands
+  #  %b - number of bytes sent to client as a result of RETR command
+  #  %d - number of deleted messages
+  #  %m - number of messages (before deletion)
+  #  %s - mailbox size in bytes (before deletion)
+  #  %u - old/new UIDL hash. may help finding out if UIDLs changed unexpectedly
+  #pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s
+
+  # Maximum number of POP3 connections allowed for a user from each IP address.
+  # NOTE: The username is compared case-sensitively.
+  #mail_max_userip_connections = 10
+
+  # Space separated list of plugins to load (default is global mail_plugins).
+  #mail_plugins = $mail_plugins
+
+  # Workarounds for various client bugs:
+  #   outlook-no-nuls:
+  #     Outlook and Outlook Express hang if mails contain NUL characters.
+  #     This setting replaces them with 0x80 character.
+  #   oe-ns-eoh:
+  #     Outlook Express and Netscape Mail breaks if end of headers-line is
+  #     missing. This option simply sends it if it's missing.
+  # The list is space-separated.
+  #pop3_client_workarounds = 
+}
diff --git a/install/ubuntu/17.04/dovecot/conf.d/auth-passwdfile.conf.ext b/install/ubuntu/17.04/dovecot/conf.d/auth-passwdfile.conf.ext
new file mode 100644
index 00000000..75e6e115
--- /dev/null
+++ b/install/ubuntu/17.04/dovecot/conf.d/auth-passwdfile.conf.ext
@@ -0,0 +1,9 @@
+passdb {
+  driver = passwd-file
+  args = scheme=MD5-CRYPT username_format=%n /etc/exim4/domains/%d/passwd
+}
+
+userdb {
+  driver = passwd-file
+  args = username_format=%n /etc/exim4/domains/%d/passwd
+}
diff --git a/install/ubuntu/17.04/dovecot/dovecot.conf b/install/ubuntu/17.04/dovecot/dovecot.conf
new file mode 100644
index 00000000..311a3351
--- /dev/null
+++ b/install/ubuntu/17.04/dovecot/dovecot.conf
@@ -0,0 +1,24 @@
+protocols = imap pop3
+listen = *, ::
+base_dir = /var/run/dovecot/
+!include conf.d/*.conf
+
+namespace {
+    type = private
+    separator = /
+    prefix =
+    inbox = yes
+
+    mailbox Sent {
+        auto = subscribe
+        special_use = \Sent
+    }
+    mailbox Drafts {
+        auto = subscribe
+        special_use = \Drafts
+    }
+    mailbox Trash {
+        auto = subscribe
+        special_use = \Trash
+    }
+}
diff --git a/install/ubuntu/17.04/exim/dnsbl.conf b/install/ubuntu/17.04/exim/dnsbl.conf
new file mode 100644
index 00000000..5166b255
--- /dev/null
+++ b/install/ubuntu/17.04/exim/dnsbl.conf
@@ -0,0 +1,2 @@
+bl.spamcop.net
+zen.spamhaus.org
diff --git a/install/ubuntu/17.04/exim/exim4.conf.template b/install/ubuntu/17.04/exim/exim4.conf.template
new file mode 100644
index 00000000..fc346486
--- /dev/null
+++ b/install/ubuntu/17.04/exim/exim4.conf.template
@@ -0,0 +1,382 @@
+######################################################################
+#                                                                    #
+#          Exim configuration file for Vesta Control Panel           #
+#                                                                    #
+######################################################################
+
+#SPAMASSASSIN = yes
+#SPAM_SCORE = 50
+#CLAMD =  yes
+
+add_environment = <; PATH=/bin:/usr/bin
+keep_environment =
+disable_ipv6 = true
+
+domainlist local_domains = dsearch;/etc/exim4/domains/
+domainlist relay_to_domains = dsearch;/etc/exim4/domains/
+hostlist relay_from_hosts = 127.0.0.1
+hostlist whitelist = net-iplsearch;/etc/exim4/white-blocks.conf
+hostlist spammers = net-iplsearch;/etc/exim4/spam-blocks.conf
+no_local_from_check
+untrusted_set_sender = *
+acl_smtp_connect = acl_check_spammers
+acl_smtp_mail = acl_check_mail
+acl_smtp_rcpt = acl_check_rcpt
+acl_smtp_data = acl_check_data
+acl_smtp_mime = acl_check_mime
+
+.ifdef SPAMASSASSIN
+spamd_address = 127.0.0.1 783
+.endif
+
+.ifdef CLAMD
+av_scanner = clamd: /var/run/clamav/clamd.ctl
+.endif
+
+tls_advertise_hosts = *
+tls_certificate = /usr/local/vesta/ssl/certificate.crt
+tls_privatekey = /usr/local/vesta/ssl/certificate.key
+
+daemon_smtp_ports = 25 : 465 : 587 : 2525
+tls_on_connect_ports = 465
+never_users = root
+host_lookup = *
+rfc1413_hosts = *
+rfc1413_query_timeout = 5s
+ignore_bounce_errors_after = 2d
+timeout_frozen_after = 7d
+
+DKIM_DOMAIN = ${lc:${domain:$h_from:}}
+DKIM_FILE = /etc/exim4/domains/${lc:${domain:$h_from:}}/dkim.pem
+DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}
+
+
+
+######################################################################
+#                       ACL CONFIGURATION                            #
+#         Specifies access control lists for incoming SMTP mail      #
+######################################################################
+begin acl
+
+acl_check_spammers:
+  accept  hosts         = +whitelist
+
+  drop    message       = Your host in blacklist on this server.
+          log_message   = Host in blacklist
+          hosts         = +spammers
+
+  accept
+
+
+acl_check_mail:
+  deny    condition     = ${if eq{$sender_helo_name}{}}
+          message       = HELO required before MAIL
+
+  drop    message       = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid
+          condition     = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}}
+          condition     = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}}
+          delay         = 45s
+
+  drop    condition     = ${if isip{$sender_helo_name}}
+          message       = Access denied - Invalid HELO name (See RFC2821 4.1.3)
+
+  drop    condition     = ${if eq{[$interface_address]}{$sender_helo_name}}
+          message       = $interface_address is _my_ address
+
+  accept
+
+
+acl_check_rcpt:
+  accept  hosts         = :
+
+  deny    message       = Restricted characters in address
+          domains       = +local_domains
+          local_parts   = ^[.] : ^.*[@%!/|]
+
+  deny    message       = Restricted characters in address
+          domains       = !+local_domains
+          local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
+
+  require verify        = sender
+
+  accept  hosts         = +relay_from_hosts
+          control       = submission
+
+  accept  authenticated = *
+          control       = submission/domain=
+
+  deny    message       = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
+          hosts         = !+whitelist
+          dnslists      = ${readfile {/etc/exim4/dnsbl.conf}{:}}
+
+  require message       = relay not permitted
+          domains       = +local_domains : +relay_to_domains
+
+  deny    message       = smtp auth required
+         sender_domains = +local_domains
+         !authenticated = *
+
+  require verify        = recipient
+
+.ifdef CLAMD
+  warn    set acl_m0    = no
+
+  warn    condition     = ${if exists {/etc/exim4/domains/$domain/antivirus}{yes}{no}}
+          set acl_m0    = yes
+.endif
+
+.ifdef SPAMASSASSIN
+  warn    set acl_m1    = no
+
+  warn    condition     = ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}}
+          set acl_m1    = yes
+.endif
+
+  accept
+
+
+acl_check_data:
+.ifdef CLAMD
+  deny   message        = Message contains a virus ($malware_name) and has been rejected
+         malware        = *
+         condition      = ${if eq{$acl_m0}{yes}{yes}{no}}
+.endif
+
+.ifdef SPAMASSASSIN
+  warn   !authenticated = *
+         hosts          = !+relay_from_hosts
+         condition      = ${if < {$message_size}{1024K}}
+         condition      = ${if eq{$acl_m1}{yes}{yes}{no}}
+         spam           = debian-spamd:true/defer_ok
+         add_header     = X-Spam-Score: $spam_score_int
+         add_header     = X-Spam-Bar: $spam_bar
+         add_header     = X-Spam-Report: $spam_report
+         set acl_m2     = $spam_score_int
+
+  warn   condition      = ${if !eq{$acl_m2}{} {yes}{no}}
+         condition      = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}}
+         add_header     = X-Spam-Status: Yes
+         message        = SpamAssassin detected spam (from $sender_address to $recipients).
+.endif
+
+  accept
+
+
+acl_check_mime:
+  deny   message        = Blacklisted file extension detected
+         condition      = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}}
+
+  accept
+
+
+
+######################################################################
+#                   AUTHENTICATION CONFIGURATION                     #
+######################################################################
+begin authenticators
+
+dovecot_plain:
+  driver = dovecot
+  public_name = PLAIN
+  server_socket = /var/run/dovecot/auth-client
+  server_set_id = $auth1
+
+dovecot_login:
+  driver = dovecot
+  public_name = LOGIN
+  server_socket = /var/run/dovecot/auth-client
+  server_set_id = $auth1
+
+
+
+######################################################################
+#                      ROUTERS CONFIGURATION                         #
+#               Specifies how addresses are handled                  #
+######################################################################
+begin routers
+
+#smarthost:
+#  driver = manualroute
+#  domains = ! +local_domains
+#  transport = remote_smtp
+#  route_list = * smartrelay.vestacp.com
+#  no_more
+#  no_verify
+
+dnslookup:
+  driver = dnslookup
+  domains = !+local_domains
+  transport = remote_smtp
+  no_more
+
+userforward:
+  driver = redirect
+  check_local_user
+  file = $home/.forward
+  allow_filter
+  no_verify
+  no_expn
+  check_ancestor
+  file_transport = address_file
+  pipe_transport = address_pipe
+  reply_transport = address_reply
+
+procmail:
+  driver = accept
+  check_local_user
+  require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail
+  transport = procmail
+  no_verify
+
+autoreplay:
+  driver = accept
+  require_files = /etc/exim4/domains/$domain/autoreply.${local_part}.msg
+  condition = ${if exists{/etc/exim4/domains/$domain/autoreply.${local_part}.msg}{yes}{no}}
+  retry_use_local_part
+  transport = userautoreply
+  unseen
+
+aliases:
+  driver = redirect
+  headers_add = X-redirected: yes
+  data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}}
+  require_files = /etc/exim4/domains/$domain/aliases
+  redirect_router = dnslookup
+  pipe_transport = address_pipe
+  unseen
+
+localuser_fwd_only:
+  driver = accept
+  transport = devnull
+  condition = ${if exists{/etc/exim4/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/fwd_only}{true}{false}}}}
+
+localuser_spam:
+  driver = accept
+  transport = local_spam_delivery
+  condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{yes}{no_such_user}}}}
+
+localuser:
+  driver = accept
+  transport = local_delivery
+  condition = ${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{true}{false}}
+
+catchall:
+  driver = redirect
+  headers_add = X-redirected: yes
+  require_files = /etc/exim4/domains/$domain/aliases
+  data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}}
+  file_transport = local_delivery
+  redirect_router = dnslookup
+
+terminate_alias:
+  driver = accept
+  transport = devnull
+  condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}{true}{false}}
+
+
+
+######################################################################
+#                      TRANSPORTS CONFIGURATION                      #
+######################################################################
+begin transports
+
+remote_smtp:
+  driver = smtp
+  #helo_data = $sender_address_domain
+  dkim_domain = DKIM_DOMAIN
+  dkim_selector = mail
+  dkim_private_key = DKIM_PRIVATE_KEY
+  dkim_canon = relaxed
+  dkim_strict = 0
+
+procmail:
+  driver = pipe
+  command = "/usr/bin/procmail -d $local_part"
+  return_path_add
+  delivery_date_add
+  envelope_to_add
+  user = $local_part
+  initgroups
+  return_output
+
+local_delivery:
+  driver = appendfile
+  maildir_format
+  maildir_use_size_file
+  user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}
+  group = mail
+  create_directory
+  directory_mode = 770
+  mode = 660
+  use_lockfile = no
+  delivery_date_add
+  envelope_to_add
+  return_path_add
+  directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part"
+  quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M
+  quota_warn_threshold = 75%
+
+local_spam_delivery:
+  driver = appendfile
+  maildir_format
+  maildir_use_size_file
+  user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}
+  group = mail
+  create_directory
+  directory_mode = 770
+  mode = 660
+  use_lockfile = no
+  delivery_date_add
+  envelope_to_add
+  return_path_add
+  directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam"
+  quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M
+  quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part"
+  quota_warn_threshold = 75%
+
+address_pipe:
+  driver = pipe
+  return_output
+
+address_file:
+  driver = appendfile
+  delivery_date_add
+  envelope_to_add
+  return_path_add
+
+address_reply:
+  driver = autoreply
+
+userautoreply:
+  driver = autoreply
+  file = /etc/exim4/domains/$domain/autoreply.${local_part}.msg
+  from = "${local_part}@${domain}"
+  headers = Content-Type: text/plain; charset=utf-8;\nContent-Transfer-Encoding: 8bit
+  subject = "${if def:h_Subject: {Autoreply: \"${rfc2047:$h_Subject:}\"} {Autoreply Message}}"
+  to = "${sender_address}"
+
+devnull:
+  driver = appendfile
+  file = /dev/null
+
+
+
+######################################################################
+#                      RETRY CONFIGURATION                           #
+######################################################################
+begin retry
+
+# Address or Domain    Error       Retries
+# -----------------    -----       -------
+*                      *           F,2h,15m; G,16h,1h,1.5; F,4d,6h
+
+
+
+######################################################################
+#                      REWRITE CONFIGURATION                         #
+######################################################################
+begin rewrite
+
+
+
+######################################################################
diff --git a/install/ubuntu/17.04/exim/spam-blocks.conf b/install/ubuntu/17.04/exim/spam-blocks.conf
new file mode 100644
index 00000000..e69de29b
diff --git a/install/ubuntu/17.04/fail2ban/action.d/vesta.conf b/install/ubuntu/17.04/fail2ban/action.d/vesta.conf
new file mode 100644
index 00000000..0edfc349
--- /dev/null
+++ b/install/ubuntu/17.04/fail2ban/action.d/vesta.conf
@@ -0,0 +1,9 @@
+# Fail2Ban configuration file for vesta
+
+[Definition]
+
+actionstart = /usr/local/vesta/bin/v-add-firewall-chain 
+actionstop = /usr/local/vesta/bin/v-delete-firewall-chain 
+actioncheck = iptables -n -L INPUT | grep -q 'fail2ban-[ \t]'
+actionban = /usr/local/vesta/bin/v-add-firewall-ban  
+actionunban = /usr/local/vesta/bin/v-delete-firewall-ban  
diff --git a/install/ubuntu/17.04/fail2ban/filter.d/vesta.conf b/install/ubuntu/17.04/fail2ban/filter.d/vesta.conf
new file mode 100644
index 00000000..69670a56
--- /dev/null
+++ b/install/ubuntu/17.04/fail2ban/filter.d/vesta.conf
@@ -0,0 +1,10 @@
+# Fail2Ban filter for unsuccesfull Vesta authentication attempts
+#
+
+[INCLUDES]
+before = common.conf
+
+[Definition]
+failregex =  .*  failed to login
+ignoreregex =
+
diff --git a/install/ubuntu/17.04/fail2ban/jail.local b/install/ubuntu/17.04/fail2ban/jail.local
new file mode 100644
index 00000000..013f81c4
--- /dev/null
+++ b/install/ubuntu/17.04/fail2ban/jail.local
@@ -0,0 +1,51 @@
+[DEFAULT]
+ignoreip = 127.0.0.1/8
+
+[ssh-iptables]
+enabled  = true
+filter   = sshd
+action   = vesta[name=SSH]
+logpath  = /var/log/auth.log
+maxretry = 5
+
+[vsftpd-iptables]
+enabled  = false
+filter   = vsftpd
+action   = vesta[name=FTP]
+logpath  = /var/log/vsftpd.log
+maxretry = 5
+
+[exim-iptables]
+enabled = true
+filter  = exim
+action  = vesta[name=MAIL]
+logpath = /var/log/exim4/mainlog
+maxretry = 5
+
+[dovecot-iptables]
+enabled = true
+filter  = dovecot
+action  = vesta[name=MAIL]
+logpath = /var/log/dovecot.log
+maxretry = 5
+
+[mysqld-iptables]
+enabled  = false
+filter   = mysqld-auth
+action   = vesta[name=DB]
+logpath  = /var/log/mysql.log
+maxretry = 5
+
+[vesta-iptables]
+enabled = true
+filter  = vesta
+action  = vesta[name=VESTA]
+logpath = /var/log/vesta/auth.log
+maxretry = 5
+
+[roundcube-auth]
+enabled  = false
+filter   = roundcube-auth
+port     = http,https
+logpath  = /var/log/roundcube/errors
+maxretry = 5
diff --git a/install/ubuntu/17.04/firewall/ports.conf b/install/ubuntu/17.04/firewall/ports.conf
new file mode 100644
index 00000000..b730d012
--- /dev/null
+++ b/install/ubuntu/17.04/firewall/ports.conf
@@ -0,0 +1,17 @@
+PROTOCOL='TCP' PORT='20'
+PROTOCOL='TCP' PORT='21'
+PROTOCOL='TCP' PORT='22'
+PROTOCOL='TCP' PORT='25'
+PROTOCOL='TCP' PORT='53'
+PROTOCOL='UDP' PORT='53'
+PROTOCOL='TCP' PORT='80'
+PROTOCOL='TCP' PORT='443'
+PROTOCOL='TCP' PORT='110'
+PROTOCOL='UDP' PORT='123'
+PROTOCOL='TCP' PORT='143'
+PROTOCOL='TCP' PORT='3306'
+PROTOCOL='TCP' PORT='5432'
+PROTOCOL='TCP' PORT='8080'
+PROTOCOL='TCP' PORT='8433'
+PROTOCOL='TCP' PORT='8083'
+PROTOCOL='TCP' PORT='12000:12100'
diff --git a/install/ubuntu/17.04/firewall/rules.conf b/install/ubuntu/17.04/firewall/rules.conf
new file mode 100644
index 00000000..fba98e1e
--- /dev/null
+++ b/install/ubuntu/17.04/firewall/rules.conf
@@ -0,0 +1,11 @@
+RULE='1' ACTION='ACCEPT' PROTOCOL='ICMP' PORT='0' IP='0.0.0.0/0' COMMENT='PING' SUSPENDED='no' TIME='17:13:48' DATE='2014-09-16'
+RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='0.0.0.0/0' COMMENT='VESTA' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='7' ACTION='ACCEPT' PROTOCOL='TCP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='8' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP='0.0.0.0/0' COMMENT='FTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='17:04:27' DATE='2014-09-24'
+RULE='11' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='0.0.0.0/0' COMMENT='SSH' SUSPENDED='no' TIME='17:14:41' DATE='2014-09-16'
diff --git a/install/ubuntu/17.04/logrotate/apache2 b/install/ubuntu/17.04/logrotate/apache2
new file mode 100644
index 00000000..27629d0d
--- /dev/null
+++ b/install/ubuntu/17.04/logrotate/apache2
@@ -0,0 +1,19 @@
+/var/log/apache2/*.log /var/log/apache2/domains/*log {
+        weekly
+        missingok
+        rotate 52
+        compress
+        delaycompress
+        notifempty
+        create 640 root adm
+        sharedscripts
+        postrotate
+                /etc/init.d/apache2 reload > /dev/null || true
+                [ ! -f /var/run/nginx.pid ] || kill -USR1 `cat /var/run/nginx.pid`
+        endscript
+        prerotate
+                if [ -d /etc/logrotate.d/httpd-prerotate ]; then \
+                        run-parts /etc/logrotate.d/httpd-prerotate; \
+                fi; \
+        endscript
+}
diff --git a/install/ubuntu/17.04/logrotate/dovecot b/install/ubuntu/17.04/logrotate/dovecot
new file mode 100644
index 00000000..ac4fd6e9
--- /dev/null
+++ b/install/ubuntu/17.04/logrotate/dovecot
@@ -0,0 +1,12 @@
+/var/log/dovecot*.log {
+  weekly
+  rotate 4
+  missingok
+  notifempty
+  compress
+  delaycompress
+  sharedscripts
+  postrotate
+    doveadm log reopen
+  endscript
+}
diff --git a/install/ubuntu/17.04/logrotate/nginx b/install/ubuntu/17.04/logrotate/nginx
new file mode 100644
index 00000000..d667f213
--- /dev/null
+++ b/install/ubuntu/17.04/logrotate/nginx
@@ -0,0 +1,13 @@
+/var/log/nginx/*log /var/log/nginx/domains/*log {
+        daily
+        missingok
+        rotate 52
+        compress
+        delaycompress
+        notifempty
+        create 640 nginx adm
+        sharedscripts
+        postrotate
+                [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid`
+        endscript
+}
diff --git a/install/ubuntu/17.04/logrotate/vesta b/install/ubuntu/17.04/logrotate/vesta
new file mode 100644
index 00000000..027a3439
--- /dev/null
+++ b/install/ubuntu/17.04/logrotate/vesta
@@ -0,0 +1,7 @@
+/usr/local/vesta/log/*.log {
+    missingok
+    notifempty
+    size 30k
+    yearly
+    create 0600 root root
+}
diff --git a/install/ubuntu/17.04/mysql/my-large.cnf b/install/ubuntu/17.04/mysql/my-large.cnf
new file mode 100644
index 00000000..7201377c
--- /dev/null
+++ b/install/ubuntu/17.04/mysql/my-large.cnf
@@ -0,0 +1,41 @@
+[client]
+port=3306
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld_safe]
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld]
+user=mysql
+pid-file=/var/run/mysqld/mysqld.pid
+socket=/var/run/mysqld/mysqld.sock
+port=3306
+basedir=/usr
+datadir=/var/lib/mysql
+tmpdir=/tmp
+lc-messages-dir=/usr/share/mysql
+log_error=/var/log/mysql/error.log
+
+symbolic-links=0
+
+skip-external-locking
+key_buffer_size = 256M
+max_allowed_packet = 32M
+table_open_cache = 256
+sort_buffer_size = 1M
+read_buffer_size = 1M
+read_rnd_buffer_size = 4M
+myisam_sort_buffer_size = 64M
+thread_cache_size = 8
+query_cache_size= 16M
+
+#innodb_use_native_aio = 0
+innodb_file_per_table
+
+max_connections=200
+max_user_connections=50
+wait_timeout=10
+interactive_timeout=50
+long_query_time=5
+
+!includedir /etc/mysql/conf.d/
diff --git a/install/ubuntu/17.04/mysql/my-medium.cnf b/install/ubuntu/17.04/mysql/my-medium.cnf
new file mode 100644
index 00000000..1c10ab9a
--- /dev/null
+++ b/install/ubuntu/17.04/mysql/my-medium.cnf
@@ -0,0 +1,40 @@
+[client]
+port=3306
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld_safe]
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld]
+user=mysql
+pid-file=/var/run/mysqld/mysqld.pid
+socket=/var/run/mysqld/mysqld.sock
+port=3306
+basedir=/usr
+datadir=/var/lib/mysql
+tmpdir=/tmp
+lc-messages-dir=/usr/share/mysql
+log_error=/var/log/mysql/error.log
+
+symbolic-links=0
+  
+skip-external-locking
+key_buffer_size = 16M
+max_allowed_packet = 16M
+table_open_cache = 64
+sort_buffer_size = 512K
+net_buffer_length = 8K
+read_buffer_size = 256K
+read_rnd_buffer_size = 512K
+myisam_sort_buffer_size = 8M
+
+#innodb_use_native_aio = 0
+innodb_file_per_table
+
+max_connections=70
+max_user_connections=30
+wait_timeout=10
+interactive_timeout=50
+long_query_time=5
+
+!includedir /etc/mysql/conf.d/
diff --git a/install/ubuntu/17.04/mysql/my-small.cnf b/install/ubuntu/17.04/mysql/my-small.cnf
new file mode 100644
index 00000000..26a80478
--- /dev/null
+++ b/install/ubuntu/17.04/mysql/my-small.cnf
@@ -0,0 +1,40 @@
+[client]
+port=3306
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld_safe]
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld]
+user=mysql
+pid-file=/var/run/mysqld/mysqld.pid
+socket=/var/run/mysqld/mysqld.sock
+port=3306
+basedir=/usr
+datadir=/var/lib/mysql
+tmpdir=/tmp
+lc-messages-dir=/usr/share/mysql
+log_error=/var/log/mysql/error.log
+
+symbolic-links=0
+
+skip-external-locking
+key_buffer_size = 16K
+max_allowed_packet = 1M
+table_open_cache = 4
+sort_buffer_size = 64K
+read_buffer_size = 256K
+read_rnd_buffer_size = 256K
+net_buffer_length = 2K
+thread_stack = 240K
+
+#innodb_use_native_aio = 0
+innodb_file_per_table
+
+max_connections=30
+max_user_connections=20
+wait_timeout=10
+interactive_timeout=50
+long_query_time=5
+
+!includedir /etc/mysql/conf.d/
diff --git a/install/ubuntu/17.04/nginx/nginx.conf b/install/ubuntu/17.04/nginx/nginx.conf
new file mode 100644
index 00000000..e7256de7
--- /dev/null
+++ b/install/ubuntu/17.04/nginx/nginx.conf
@@ -0,0 +1,136 @@
+# Server globals
+user                    www-data;
+worker_processes        auto;
+worker_rlimit_nofile    65535;
+error_log               /var/log/nginx/error.log crit;
+pid                     /var/run/nginx.pid;
+
+
+# Worker config
+events {
+        worker_connections  1024;
+        use                 epoll;
+        multi_accept        on;
+}
+
+
+http {
+    # Main settings
+    sendfile                        on;
+    tcp_nopush                      on;
+    tcp_nodelay                     on;
+    client_header_timeout           1m;
+    client_body_timeout             1m;
+    client_header_buffer_size       2k;
+    client_body_buffer_size         256k;
+    client_max_body_size            256m;
+    large_client_header_buffers     4   8k;
+    send_timeout                    30;
+    keepalive_timeout               60 60;
+    reset_timedout_connection       on;
+    server_tokens                   off;
+    server_name_in_redirect         off;
+    server_names_hash_max_size      512;
+    server_names_hash_bucket_size   512;
+
+
+    # Log format
+    log_format  main    '$remote_addr - $remote_user [$time_local] $request '
+                        '"$status" $body_bytes_sent "$http_referer" '
+                        '"$http_user_agent" "$http_x_forwarded_for"';
+    log_format  bytes   '$body_bytes_sent';
+    #access_log          /var/log/nginx/access.log main;
+    access_log off;
+
+
+    # Mime settings
+    include             /etc/nginx/mime.types;
+    default_type        application/octet-stream;
+
+
+    # Compression
+    gzip                on;
+    gzip_comp_level     9;
+    gzip_min_length     512;
+    gzip_buffers        8 64k;
+    gzip_types          text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype;
+    gzip_proxied        any;
+    gzip_disable        "MSIE [1-6]\.";
+
+    # Proxy settings
+    proxy_redirect      off;
+    proxy_set_header    Host            $host;
+    proxy_set_header    X-Real-IP       $remote_addr;
+    proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_pass_header   Set-Cookie;
+    proxy_connect_timeout   90;
+    proxy_send_timeout  90;
+    proxy_read_timeout  90;
+    proxy_buffers       32 4k;
+
+
+    # Cloudflare https://www.cloudflare.com/ips
+    set_real_ip_from   103.21.244.0/22;
+    set_real_ip_from   103.22.200.0/22;
+    set_real_ip_from   103.31.4.0/22;
+    set_real_ip_from   104.16.0.0/12;
+    set_real_ip_from   108.162.192.0/18;
+    set_real_ip_from   131.0.72.0/22;
+    set_real_ip_from   141.101.64.0/18;
+    set_real_ip_from   162.158.0.0/15;
+    set_real_ip_from   172.64.0.0/13;
+    set_real_ip_from   173.245.48.0/20;
+    set_real_ip_from   188.114.96.0/20;
+    set_real_ip_from   190.93.240.0/20;
+    set_real_ip_from   197.234.240.0/22;
+    set_real_ip_from   198.41.128.0/17;
+    #set_real_ip_from   2400:cb00::/32;
+    #set_real_ip_from   2606:4700::/32;
+    #set_real_ip_from   2803:f800::/32;
+    #set_real_ip_from   2405:b500::/32;
+    #set_real_ip_from   2405:8100::/32;
+    #set_real_ip_from   2c0f:f248::/32;
+    #set_real_ip_from   2a06:98c0::/29;
+    real_ip_header     CF-Connecting-IP;
+
+
+    # SSL PCI Compliance
+    ssl_session_cache   shared:SSL:10m;
+    ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
+    ssl_prefer_server_ciphers on;
+    ssl_ciphers        "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
+
+
+    # Error pages
+    error_page          403          /error/403.html;
+    error_page          404          /error/404.html;
+    error_page          502 503 504  /error/50x.html;
+
+
+    # Cache settings
+    proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m;
+    proxy_cache_key "$host$request_uri $cookie_user";
+    proxy_temp_path  /var/cache/nginx/temp;
+    proxy_ignore_headers Expires Cache-Control;
+    proxy_cache_use_stale error timeout invalid_header http_502;
+    proxy_cache_valid any 1d;
+
+
+    # Cache bypass
+    map $http_cookie $no_cache {
+        default 0;
+        ~SESS 1;
+        ~wordpress_logged_in 1;
+    }
+
+
+    # File cache settings
+    open_file_cache          max=10000 inactive=30s;
+    open_file_cache_valid    60s;
+    open_file_cache_min_uses 2;
+    open_file_cache_errors   off;
+
+
+    # Wildcard include
+    include             /etc/nginx/conf.d/*.conf;
+}
diff --git a/install/ubuntu/17.04/nginx/phpmyadmin.inc b/install/ubuntu/17.04/nginx/phpmyadmin.inc
new file mode 100644
index 00000000..1feb8546
--- /dev/null
+++ b/install/ubuntu/17.04/nginx/phpmyadmin.inc
@@ -0,0 +1,18 @@
+location /phpmyadmin {
+    alias /usr/share/phpmyadmin/;
+
+    location ~ /(libraries|setup) {
+        return 404;
+    }
+
+    location ~ ^/phpmyadmin/(.*\.php)$ {
+        alias /usr/share/phpmyadmin/$1;
+        fastcgi_pass 127.0.0.1:9000;
+        fastcgi_index index.php;
+        include fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME $request_filename;
+    }
+    location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
+        root /usr/share/;
+    }
+}
diff --git a/install/ubuntu/17.04/nginx/phppgadmin.inc b/install/ubuntu/17.04/nginx/phppgadmin.inc
new file mode 100644
index 00000000..cd1e5806
--- /dev/null
+++ b/install/ubuntu/17.04/nginx/phppgadmin.inc
@@ -0,0 +1,11 @@
+location /phppgadmin {
+    alias /usr/share/phppgadmin/;
+
+    location ~ ^/phppgadmin/(.*\.php)$ {
+        alias /usr/share/phppgadmin/$1;
+        fastcgi_pass 127.0.0.1:9000;
+        fastcgi_index index.php;
+        include fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME $request_filename;
+    }
+}
diff --git a/install/ubuntu/17.04/nginx/status.conf b/install/ubuntu/17.04/nginx/status.conf
new file mode 100644
index 00000000..c0bcd069
--- /dev/null
+++ b/install/ubuntu/17.04/nginx/status.conf
@@ -0,0 +1,9 @@
+server {
+    listen       127.0.0.1:8084 default;
+    server_name  _;
+    server_name_in_redirect  off;
+    location / {
+        stub_status on;
+        access_log   off;
+   }
+}
diff --git a/install/ubuntu/17.04/nginx/webmail.inc b/install/ubuntu/17.04/nginx/webmail.inc
new file mode 100644
index 00000000..ad66895b
--- /dev/null
+++ b/install/ubuntu/17.04/nginx/webmail.inc
@@ -0,0 +1,15 @@
+location /webmail {
+    alias /var/lib/roundcube/;
+
+    location ~ /(config|temp|logs) {
+        return 404;
+    }
+
+    location ~ ^/webmail/(.*\.php)$ {
+        alias /var/lib/roundcube/$1;
+        fastcgi_pass 127.0.0.1:9000;
+        fastcgi_index index.php;
+        include fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME $request_filename;
+    }
+}
diff --git a/install/ubuntu/17.04/packages/default.pkg b/install/ubuntu/17.04/packages/default.pkg
new file mode 100644
index 00000000..c2a93574
--- /dev/null
+++ b/install/ubuntu/17.04/packages/default.pkg
@@ -0,0 +1,18 @@
+WEB_TEMPLATE='default'
+PROXY_TEMPLATE='default'
+DNS_TEMPLATE='default'
+WEB_DOMAINS='100'
+WEB_ALIASES='100'
+DNS_DOMAINS='100'
+DNS_RECORDS='100'
+MAIL_DOMAINS='100'
+MAIL_ACCOUNTS='100'
+DATABASES='100'
+CRON_JOBS='100'
+DISK_QUOTA='unlimited'
+BANDWIDTH='100000'
+NS='ns1.domain.tld,ns2.domain.tld'
+SHELL='nologin'
+BACKUPS='3'
+TIME='18:00:00'
+DATE='2017-12-28'
diff --git a/install/ubuntu/17.04/packages/gainsboro.pkg b/install/ubuntu/17.04/packages/gainsboro.pkg
new file mode 100644
index 00000000..76d7dae2
--- /dev/null
+++ b/install/ubuntu/17.04/packages/gainsboro.pkg
@@ -0,0 +1,18 @@
+WEB_TEMPLATE='default'
+PROXY_TEMPLATE='default'
+DNS_TEMPLATE='default'
+WEB_DOMAINS='10'
+WEB_ALIASES='10'
+DNS_DOMAINS='10'
+DNS_RECORDS='10'
+MAIL_DOMAINS='10'
+MAIL_ACCOUNTS='10'
+DATABASES='10'
+CRON_JOBS='10'
+DISK_QUOTA='10000'
+BANDWIDTH='10000'
+NS='ns1.domain.tld,ns2.domain.tld'
+SHELL='nologin'
+BACKUPS='1'
+TIME='18:00:00'
+DATE='2017-12-28'
diff --git a/install/ubuntu/17.04/packages/palegreen.pkg b/install/ubuntu/17.04/packages/palegreen.pkg
new file mode 100644
index 00000000..3db5fe57
--- /dev/null
+++ b/install/ubuntu/17.04/packages/palegreen.pkg
@@ -0,0 +1,18 @@
+WEB_TEMPLATE='hosting'
+PROXY_TEMPLATE='hosting'
+DNS_TEMPLATE='default'
+WEB_DOMAINS='50'
+WEB_ALIASES='50'
+DNS_DOMAINS='50'
+DNS_RECORDS='50'
+MAIL_DOMAINS='50'
+MAIL_ACCOUNTS='50'
+DATABASES='50'
+CRON_JOBS='50'
+DISK_QUOTA='50000'
+BANDWIDTH='50000'
+NS='ns1.domain.tld,ns2.domain.tld'
+SHELL='nologin'
+BACKUPS='5'
+TIME='18:00:00'
+DATE='2017-12-28'
diff --git a/install/ubuntu/17.04/packages/slategrey.pkg b/install/ubuntu/17.04/packages/slategrey.pkg
new file mode 100644
index 00000000..d89e796f
--- /dev/null
+++ b/install/ubuntu/17.04/packages/slategrey.pkg
@@ -0,0 +1,18 @@
+WEB_TEMPLATE='default'
+PROXY_TEMPLATE='default'
+DNS_TEMPLATE='default'
+WEB_DOMAINS='100'
+WEB_ALIASES='100'
+DNS_DOMAINS='100'
+DNS_RECORDS='100'
+MAIL_DOMAINS='100'
+MAIL_ACCOUNTS='100'
+DATABASES='100'
+CRON_JOBS='100'
+DISK_QUOTA='10000'
+BANDWIDTH='100000'
+NS='ns1.domain.tld,ns2.domain.tld'
+SHELL='nologin'
+BACKUPS='3'
+TIME='18:00:00'
+DATE='2017-12-28'
diff --git a/install/ubuntu/17.04/pga/config.inc.php b/install/ubuntu/17.04/pga/config.inc.php
new file mode 100644
index 00000000..1eec9776
--- /dev/null
+++ b/install/ubuntu/17.04/pga/config.inc.php
@@ -0,0 +1,159 @@
+
diff --git a/install/ubuntu/17.04/pga/phppgadmin.conf b/install/ubuntu/17.04/pga/phppgadmin.conf
new file mode 100644
index 00000000..f39247d6
--- /dev/null
+++ b/install/ubuntu/17.04/pga/phppgadmin.conf
@@ -0,0 +1,31 @@
+Alias /phppgadmin /usr/share/phppgadmin
+
+
+
+DirectoryIndex index.php
+AllowOverride None
+
+order deny,allow
+deny from all
+allow from 127.0.0.0/255.0.0.0 ::1/128
+allow from all
+
+
+  php_flag magic_quotes_gpc Off
+  php_flag track_vars On
+  php_value include_path .
+
+
+  
+    
+      AddType application/x-httpd-php .php
+      Action application/x-httpd-php /cgi-bin/php
+    
+    
+      AddType application/x-httpd-php .php
+      Action application/x-httpd-php /cgi-bin/php
+    
+  
+
+
+
diff --git a/install/ubuntu/17.04/php-fpm/www.conf b/install/ubuntu/17.04/php-fpm/www.conf
new file mode 100644
index 00000000..3c87f33c
--- /dev/null
+++ b/install/ubuntu/17.04/php-fpm/www.conf
@@ -0,0 +1,11 @@
+[www]
+listen = 127.0.0.1:9000
+listen.allowed_clients = 127.0.0.1
+
+user = www-data
+group = www-data
+
+pm = ondemand
+pm.max_children = 2
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
diff --git a/install/ubuntu/17.04/pma/apache.conf b/install/ubuntu/17.04/pma/apache.conf
new file mode 100644
index 00000000..4da6ce84
--- /dev/null
+++ b/install/ubuntu/17.04/pma/apache.conf
@@ -0,0 +1,42 @@
+# phpMyAdmin default Apache configuration
+
+Alias /phpmyadmin /usr/share/phpmyadmin
+
+
+	Options FollowSymLinks
+	DirectoryIndex index.php
+
+	
+		AddType application/x-httpd-php .php
+
+		php_flag magic_quotes_gpc Off
+		php_flag track_vars On
+		php_flag register_globals Off
+		php_admin_flag allow_url_fopen Off
+		php_value include_path .
+		php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
+		php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext:/usr/share/javascript/
+	
+
+
+
+# Authorize for setup
+
+    
+    AuthType Basic
+    AuthName "phpMyAdmin Setup"
+    AuthUserFile /etc/phpmyadmin/htpasswd.setup
+    
+    Require valid-user
+
+
+# Disallow web access to directories that don't need it
+
+    Order Deny,Allow
+    Deny from All
+
+
+    Order Deny,Allow
+    Deny from All
+
+
diff --git a/install/ubuntu/17.04/pma/config.inc.php b/install/ubuntu/17.04/pma/config.inc.php
new file mode 100644
index 00000000..a643a065
--- /dev/null
+++ b/install/ubuntu/17.04/pma/config.inc.php
@@ -0,0 +1,146 @@
+
+    VRootEngine                 on
+    VRootAlias                  /etc/security/pam_env.conf etc/security/pam_env.conf
+
+
+AuthPAMConfig                   proftpd
+AuthOrder                       mod_auth_pam.c* mod_auth_unix.c
+UseReverseDNS                   off
+User                            proftpd
+Group                           nogroup
+MaxInstances                    20
+UseSendfile                     off
+LogFormat                       default "%h %l %u %t \"%r\" %s %b"
+LogFormat                       auth    "%v [%P] %h %t \"%r\" %s"
+ListOptions                     -a
+RequireValidShell               off
+PassivePorts                    12000 12100
+
+
+  Umask                         002
+  IdentLookups                  off
+  AllowOverwrite                yes
+  
+    AllowAll
+  
+
diff --git a/install/ubuntu/17.04/roundcube/apache.conf b/install/ubuntu/17.04/roundcube/apache.conf
new file mode 100644
index 00000000..a0c87bcc
--- /dev/null
+++ b/install/ubuntu/17.04/roundcube/apache.conf
@@ -0,0 +1,40 @@
+Alias /roundcube/program/js/tiny_mce/ /usr/share/tinymce/www/
+Alias /roundcube /var/lib/roundcube
+Alias /webmail /var/lib/roundcube
+
+# Access to tinymce files
+
+      Options Indexes MultiViews FollowSymLinks
+      AllowOverride None
+      Order allow,deny
+      allow from all
+
+
+
+  Options +FollowSymLinks
+  # This is needed to parse /var/lib/roundcube/.htaccess. See its
+  # content before setting AllowOverride to None.
+  AllowOverride All
+  order allow,deny
+  allow from all
+
+
+# Protecting basic directories:
+
+        Options -FollowSymLinks
+        AllowOverride None
+
+
+
+        Options -FollowSymLinks
+        AllowOverride None
+	Order allow,deny
+	Deny from all
+
+
+
+        Options -FollowSymLinks
+        AllowOverride None
+	Order allow,deny
+	Deny from all
+
diff --git a/install/ubuntu/17.04/roundcube/config.inc.php b/install/ubuntu/17.04/roundcube/config.inc.php
new file mode 100644
index 00000000..0c82b1bc
--- /dev/null
+++ b/install/ubuntu/17.04/roundcube/config.inc.php
@@ -0,0 +1,33 @@
+
diff --git a/install/ubuntu/17.04/roundcube/main.inc.php b/install/ubuntu/17.04/roundcube/main.inc.php
new file mode 100644
index 00000000..44b19793
--- /dev/null
+++ b/install/ubuntu/17.04/roundcube/main.inc.php
@@ -0,0 +1,850 @@
+/sendmail or to syslog
+$rcmail_config['smtp_log'] = true;
+
+// Log successful logins to /userlogins or to syslog
+$rcmail_config['log_logins'] = false;
+
+// Log session authentication errors to /session or to syslog
+$rcmail_config['log_session'] = false;
+
+// Log SQL queries to /sql or to syslog
+$rcmail_config['sql_debug'] = false;
+
+// Log IMAP conversation to /imap or to syslog
+$rcmail_config['imap_debug'] = false;
+
+// Log LDAP conversation to /ldap or to syslog
+$rcmail_config['ldap_debug'] = false;
+
+// Log SMTP conversation to /smtp or to syslog
+$rcmail_config['smtp_debug'] = false;
+
+// ----------------------------------
+// IMAP
+// ----------------------------------
+
+// the mail host chosen to perform the log-in
+// leave blank to show a textbox at login, give a list of hosts
+// to display a pulldown menu or set one host as string.
+// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls://
+// Supported replacement variables:
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %s - domain name after the '@' from e-mail address provided at login screen
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['default_host'] = 'localhost';
+
+// TCP port used for IMAP connections
+$rcmail_config['default_port'] = 143;
+
+// IMAP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use
+// best server supported one)
+$rcmail_config['imap_auth_type'] = null;
+
+// If you know your imap's folder delimiter, you can specify it here.
+// Otherwise it will be determined automatically
+$rcmail_config['imap_delimiter'] = null;
+
+// If IMAP server doesn't support NAMESPACE extension, but you're
+// using shared folders or personal root folder is non-empty, you'll need to
+// set these options. All can be strings or arrays of strings.
+// Folders need to be ended with directory separator, e.g. "INBOX."
+// (special directory "~" is an exception to this rule)
+// These can be used also to overwrite server's namespaces
+$rcmail_config['imap_ns_personal'] = null;
+$rcmail_config['imap_ns_other']    = null;
+$rcmail_config['imap_ns_shared']   = null;
+
+// By default IMAP capabilities are readed after connection to IMAP server
+// In some cases, e.g. when using IMAP proxy, there's a need to refresh the list
+// after login. Set to True if you've got this case.
+$rcmail_config['imap_force_caps'] = false;
+
+// By default list of subscribed folders is determined using LIST-EXTENDED
+// extension if available. Some servers (dovecot 1.x) returns wrong results
+// for shared namespaces in this case. http://trac.roundcube.net/ticket/1486225
+// Enable this option to force LSUB command usage instead.
+$rcmail_config['imap_force_lsub'] = false;
+
+// Some server configurations (e.g. Courier) doesn't list folders in all namespaces
+// Enable this option to force listing of folders in all namespaces
+$rcmail_config['imap_force_ns'] = false;
+
+// IMAP connection timeout, in seconds. Default: 0 (no limit)
+$rcmail_config['imap_timeout'] = 0;
+
+// Optional IMAP authentication identifier to be used as authorization proxy
+$rcmail_config['imap_auth_cid'] = null;
+
+// Optional IMAP authentication password to be used for imap_auth_cid
+$rcmail_config['imap_auth_pw'] = null;
+
+// Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'.
+$rcmail_config['imap_cache'] = null;
+
+// Enables messages cache. Only 'db' cache is supported.
+$rcmail_config['messages_cache'] = false;
+
+
+// ----------------------------------
+// SMTP
+// ----------------------------------
+
+// SMTP server host (for sending mails).
+// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls://
+// If left blank, the PHP mail() function is used
+// Supported replacement variables:
+// %h - user's IMAP hostname
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %z - IMAP domain (IMAP hostname without the first part)
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['smtp_server'] = '';
+
+// SMTP port (default is 25; use 587 for STARTTLS or 465 for the
+// deprecated SSL over SMTP (aka SMTPS))
+$rcmail_config['smtp_port'] = 25;
+
+// SMTP username (if required) if you use %u as the username Roundcube
+// will use the current username for login
+$rcmail_config['smtp_user'] = '';
+
+// SMTP password (if required) if you use %p as the password Roundcube
+// will use the current user's password for login
+$rcmail_config['smtp_pass'] = '';
+
+// SMTP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use
+// best server supported one)
+$rcmail_config['smtp_auth_type'] = '';
+
+// Optional SMTP authentication identifier to be used as authorization proxy
+$rcmail_config['smtp_auth_cid'] = null;
+
+// Optional SMTP authentication password to be used for smtp_auth_cid
+$rcmail_config['smtp_auth_pw'] = null;
+
+// SMTP HELO host 
+// Hostname to give to the remote server for SMTP 'HELO' or 'EHLO' messages 
+// Leave this blank and you will get the server variable 'server_name' or 
+// localhost if that isn't defined. 
+$rcmail_config['smtp_helo_host'] = '';
+
+// SMTP connection timeout, in seconds. Default: 0 (no limit)
+$rcmail_config['smtp_timeout'] = 0;
+
+// ----------------------------------
+// SYSTEM
+// ----------------------------------
+include_once("/etc/roundcube/debian-db-roundcube.php");
+
+
+// THIS OPTION WILL ALLOW THE INSTALLER TO RUN AND CAN EXPOSE SENSITIVE CONFIG DATA.
+// ONLY ENABLE IT IF YOU'RE REALLY SURE WHAT YOU'RE DOING!
+$rcmail_config['enable_installer'] = false;
+
+// provide an URL where a user can get support for this Roundcube installation
+// PLEASE DO NOT LINK TO THE ROUNDCUBE.NET WEBSITE HERE!
+$rcmail_config['support_url'] = '';
+
+// replace Roundcube logo with this image
+// specify an URL relative to the document root of this Roundcube installation
+$rcmail_config['skin_logo'] = null;
+
+// automatically create a new Roundcube user when log-in the first time.
+// a new user will be created once the IMAP login succeeds.
+// set to false if only registered users can use this service
+$rcmail_config['auto_create_user'] = true;
+
+// use this folder to store log files (must be writeable for apache user)
+// This is used by the 'file' log driver.
+$rcmail_config['log_dir'] = '/var/log/roundcubemail/';
+
+// use this folder to store temp files (must be writeable for apache user)
+$rcmail_config['temp_dir'] = '/tmp';
+
+// lifetime of message cache
+// possible units: s, m, h, d, w
+$rcmail_config['message_cache_lifetime'] = '10d';
+
+// enforce connections over https
+// with this option enabled, all non-secure connections will be redirected.
+// set the port for the ssl connection as value of this option if it differs from the default 443
+$rcmail_config['force_https'] = false;
+
+// tell PHP that it should work as under secure connection
+// even if it doesn't recognize it as secure ($_SERVER['HTTPS'] is not set)
+// e.g. when you're running Roundcube behind a https proxy
+// this option is mutually exclusive to 'force_https' and only either one of them should be set to true.
+$rcmail_config['use_https'] = false;
+
+// Allow browser-autocompletion on login form.
+// 0 - disabled, 1 - username and host only, 2 - username, host, password
+$rcmail_config['login_autocomplete'] = 0;
+
+// Forces conversion of logins to lower case.
+// 0 - disabled, 1 - only domain part, 2 - domain and local part.
+// If users authentication is not case-sensitive this must be enabled.
+// After enabling it all user records need to be updated, e.g. with query:
+// UPDATE users SET username = LOWER(username);
+$rcmail_config['login_lc'] = 0;
+
+// Includes should be interpreted as PHP files
+$rcmail_config['skin_include_php'] = false;
+
+// display software version on login screen
+$rcmail_config['display_version'] = false;
+
+// Session lifetime in minutes
+// must be greater than 'keep_alive'/60
+$rcmail_config['session_lifetime'] = 10;
+
+// session domain: .example.org
+$rcmail_config['session_domain'] = '';
+
+// session name. Default: 'roundcube_sessid'
+$rcmail_config['session_name'] = null;
+
+// Backend to use for session storage. Can either be 'db' (default) or 'memcache'
+// If set to memcache, a list of servers need to be specified in 'memcache_hosts'
+// Make sure the Memcache extension (http://pecl.php.net/package/memcache) version >= 2.0.0 is installed
+$rcmail_config['session_storage'] = 'db';
+
+// Use these hosts for accessing memcached
+// Define any number of hosts in the form of hostname:port or unix:///path/to/sock.file
+$rcmail_config['memcache_hosts'] = null; // e.g. array( 'localhost:11211', '192.168.1.12:11211', 'unix:///var/tmp/memcached.sock' );
+
+// check client IP in session athorization
+$rcmail_config['ip_check'] = false;
+
+// check referer of incoming requests
+$rcmail_config['referer_check'] = false;
+
+// X-Frame-Options HTTP header value sent to prevent from Clickjacking.
+// Possible values: sameorigin|deny. Set to false in order to disable sending them
+$rcmail_config['x_frame_options'] = 'sameorigin';
+
+// this key is used to encrypt the users imap password which is stored
+// in the session record (and the client cookie if remember password is enabled).
+// please provide a string of exactly 24 chars.
+$rcmail_config['des_key'] = 'vtIOjLZo9kffJoqzpSbm5r1r';
+
+// Automatically add this domain to user names for login
+// Only for IMAP servers that require full e-mail addresses for login
+// Specify an array with 'host' => 'domain' values to support multiple hosts
+// Supported replacement variables:
+// %h - user's IMAP hostname
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %z - IMAP domain (IMAP hostname without the first part)
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['username_domain'] = '';
+
+// This domain will be used to form e-mail addresses of new users
+// Specify an array with 'host' => 'domain' values to support multiple hosts
+// Supported replacement variables:
+// %h - user's IMAP hostname
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %z - IMAP domain (IMAP hostname without the first part)
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['mail_domain'] = '';
+
+// Password charset.
+// Use it if your authentication backend doesn't support UTF-8.
+// Defaults to ISO-8859-1 for backward compatibility
+$rcmail_config['password_charset'] = 'ISO-8859-1';
+
+// How many seconds must pass between emails sent by a user
+$rcmail_config['sendmail_delay'] = 0;
+
+// Maximum number of recipients per message. Default: 0 (no limit)
+$rcmail_config['max_recipients'] = 0; 
+
+// Maximum allowednumber of members of an address group. Default: 0 (no limit)
+// If 'max_recipients' is set this value should be less or equal
+$rcmail_config['max_group_members'] = 0; 
+
+// add this user-agent to message headers when sending
+$rcmail_config['useragent'] = 'Roundcube Webmail/'.RCMAIL_VERSION;
+
+// use this name to compose page titles
+$rcmail_config['product_name'] = 'Roundcube Webmail';
+
+// try to load host-specific configuration
+// see http://trac.roundcube.net/wiki/Howto_Config for more details
+$rcmail_config['include_host_config'] = false;
+
+// path to a text file which will be added to each sent message
+// paths are relative to the Roundcube root folder
+$rcmail_config['generic_message_footer'] = '';
+
+// path to a text file which will be added to each sent HTML message
+// paths are relative to the Roundcube root folder
+$rcmail_config['generic_message_footer_html'] = '';
+
+// add a received header to outgoing mails containing the creators IP and hostname
+$rcmail_config['http_received_header'] = false;
+
+// Whether or not to encrypt the IP address and the host name
+// these could, in some circles, be considered as sensitive information;
+// however, for the administrator, these could be invaluable help
+// when tracking down issues.
+$rcmail_config['http_received_header_encrypt'] = false;
+
+// This string is used as a delimiter for message headers when sending
+// a message via mail() function. Leave empty for auto-detection
+$rcmail_config['mail_header_delimiter'] = NULL;
+
+// number of chars allowed for line when wrapping text.
+// text wrapping is done when composing/sending messages
+$rcmail_config['line_length'] = 72;
+
+// send plaintext messages as format=flowed
+$rcmail_config['send_format_flowed'] = true;
+
+// don't allow these settings to be overriden by the user
+$rcmail_config['dont_override'] = array();
+
+// Set identities access level:
+// 0 - many identities with possibility to edit all params
+// 1 - many identities with possibility to edit all params but not email address
+// 2 - one identity with possibility to edit all params
+// 3 - one identity with possibility to edit all params but not email address
+$rcmail_config['identities_level'] = 0;
+
+// Mimetypes supported by the browser.
+// attachments of these types will open in a preview window
+// either a comma-separated list or an array: 'text/plain,text/html,text/xml,image/jpeg,image/gif,image/png,application/pdf'
+$rcmail_config['client_mimetypes'] = null;  # null == default
+
+// mime magic database
+$rcmail_config['mime_magic'] = null;
+
+// path to imagemagick identify binary
+$rcmail_config['im_identify_path'] = null;
+
+// path to imagemagick convert binary
+$rcmail_config['im_convert_path'] = null;
+
+// maximum size of uploaded contact photos in pixel
+$rcmail_config['contact_photo_size'] = 160;
+
+// Enable DNS checking for e-mail address validation
+$rcmail_config['email_dns_check'] = false;
+
+// ----------------------------------
+// PLUGINS
+// ----------------------------------
+
+// List of active plugins (in plugins/ directory)
+$rcmail_config['plugins'] = array('password');
+
+// ----------------------------------
+// USER INTERFACE
+// ----------------------------------
+
+// default messages sort column. Use empty value for default server's sorting, 
+// or 'arrival', 'date', 'subject', 'from', 'to', 'fromto', 'size', 'cc'
+$rcmail_config['message_sort_col'] = '';
+
+// default messages sort order
+$rcmail_config['message_sort_order'] = 'DESC';
+
+// These cols are shown in the message list. Available cols are:
+// subject, from, to, fromto, cc, replyto, date, size, status, flag, attachment, 'priority'
+$rcmail_config['list_cols'] = array('subject', 'status', 'fromto', 'date', 'size', 'flag', 'attachment');
+
+// the default locale setting (leave empty for auto-detection)
+// RFC1766 formatted language name like en_US, de_DE, de_CH, fr_FR, pt_BR
+$rcmail_config['language'] = null;
+
+// use this format for date display (date or strftime format)
+$rcmail_config['date_format'] = 'Y-m-d';
+
+// give this choice of date formats to the user to select from
+$rcmail_config['date_formats'] = array('Y-m-d', 'd-m-Y', 'Y/m/d', 'm/d/Y', 'd/m/Y', 'd.m.Y', 'j.n.Y');
+
+// use this format for time display (date or strftime format)
+$rcmail_config['time_format'] = 'H:i';
+
+// give this choice of time formats to the user to select from
+$rcmail_config['time_formats'] = array('G:i', 'H:i', 'g:i a', 'h:i A');
+
+// use this format for short date display (derived from date_format and time_format)
+$rcmail_config['date_short'] = 'D H:i';
+
+// use this format for detailed date/time formatting (derived from date_format and time_format)
+$rcmail_config['date_long'] = 'Y-m-d H:i';
+
+// store draft message is this mailbox
+// leave blank if draft messages should not be stored
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['drafts_mbox'] = 'Drafts';
+
+// store spam messages in this mailbox
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['junk_mbox'] = 'Spam';
+
+// store sent message is this mailbox
+// leave blank if sent messages should not be stored
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['sent_mbox'] = 'Sent';
+
+// move messages to this folder when deleting them
+// leave blank if they should be deleted directly
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['trash_mbox'] = 'Trash';
+
+// display these folders separately in the mailbox list.
+// these folders will also be displayed with localized names
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['default_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash');
+$rcmail_config['default_imap_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash');
+
+// automatically create the above listed default folders on first login
+$rcmail_config['create_default_folders'] = true;
+
+// protect the default folders from renames, deletes, and subscription changes
+$rcmail_config['protect_default_folders'] = true;
+
+// if in your system 0 quota means no limit set this option to true 
+$rcmail_config['quota_zero_as_unlimited'] = true;
+
+// Make use of the built-in spell checker. It is based on GoogieSpell.
+// Since Google only accepts connections over https your PHP installatation
+// requires to be compiled with Open SSL support
+$rcmail_config['enable_spellcheck'] = true;
+
+// Enables spellchecker exceptions dictionary.
+// Setting it to 'shared' will make the dictionary shared by all users.
+$rcmail_config['spellcheck_dictionary'] = false;
+
+// Set the spell checking engine. 'googie' is the default. 'pspell' is also available,
+// but requires the Pspell extensions. When using Nox Spell Server, also set 'googie' here.
+$rcmail_config['spellcheck_engine'] = 'googie';
+
+// For a locally installed Nox Spell Server, please specify the URI to call it.
+// Get Nox Spell Server from http://orangoo.com/labs/?page_id=72
+// Leave empty to use the Google spell checking service, what means
+// that the message content will be sent to Google in order to check spelling
+$rcmail_config['spellcheck_uri'] = '';
+
+// These languages can be selected for spell checking.
+// Configure as a PHP style hash array: array('en'=>'English', 'de'=>'Deutsch');
+// Leave empty for default set of available language.
+$rcmail_config['spellcheck_languages'] = NULL;
+
+// Makes that words with all letters capitalized will be ignored (e.g. GOOGLE)
+$rcmail_config['spellcheck_ignore_caps'] = false;
+
+// Makes that words with numbers will be ignored (e.g. g00gle)
+$rcmail_config['spellcheck_ignore_nums'] = false;
+
+// Makes that words with symbols will be ignored (e.g. g@@gle)
+$rcmail_config['spellcheck_ignore_syms'] = false;
+
+// Use this char/string to separate recipients when composing a new message
+$rcmail_config['recipients_separator'] = ',';
+
+// don't let users set pagesize to more than this value if set
+$rcmail_config['max_pagesize'] = 200;
+
+// Minimal value of user's 'keep_alive' setting (in seconds)
+// Must be less than 'session_lifetime'
+$rcmail_config['min_keep_alive'] = 60;
+
+// Enables files upload indicator. Requires APC installed and enabled apc.rfc1867 option.
+// By default refresh time is set to 1 second. You can set this value to true
+// or any integer value indicating number of seconds.
+$rcmail_config['upload_progress'] = false;
+
+// Specifies for how many seconds the Undo button will be available
+// after object delete action. Currently used with supporting address book sources.
+// Setting it to 0, disables the feature.
+$rcmail_config['undo_timeout'] = 0;
+
+// ----------------------------------
+// ADDRESSBOOK SETTINGS
+// ----------------------------------
+
+// This indicates which type of address book to use. Possible choises:
+// 'sql' (default) and 'ldap'.
+// If set to 'ldap' then it will look at using the first writable LDAP
+// address book as the primary address book and it will not display the
+// SQL address book in the 'Address Book' view.
+$rcmail_config['address_book_type'] = 'sql';
+
+// In order to enable public ldap search, configure an array like the Verisign
+// example further below. if you would like to test, simply uncomment the example.
+// Array key must contain only safe characters, ie. a-zA-Z0-9_
+$rcmail_config['ldap_public'] = array();
+
+// If you are going to use LDAP for individual address books, you will need to 
+// set 'user_specific' to true and use the variables to generate the appropriate DNs to access it.
+//
+// The recommended directory structure for LDAP is to store all the address book entries
+// under the users main entry, e.g.:
+//
+//  o=root
+//   ou=people
+//    uid=user@domain
+//  mail=contact@contactdomain
+//
+// So the base_dn would be uid=%fu,ou=people,o=root
+// The bind_dn would be the same as based_dn or some super user login.
+/* 
+ * example config for Verisign directory
+ *
+$rcmail_config['ldap_public']['Verisign'] = array(
+  'name'          => 'Verisign.com',
+  // Replacement variables supported in host names:
+  // %h - user's IMAP hostname
+  // %n - http hostname ($_SERVER['SERVER_NAME'])
+  // %d - domain (http hostname without the first part)
+  // %z - IMAP domain (IMAP hostname without the first part)
+  // For example %n = mail.domain.tld, %d = domain.tld
+  'hosts'         => array('directory.verisign.com'),
+  'port'          => 389,
+  'use_tls'	      => false,
+  'ldap_version'  => 3,       // using LDAPv3
+  'user_specific' => false,   // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login.
+  // %fu - The full username provided, assumes the username is an email
+  //       address, uses the username_domain value if not an email address.
+  // %u  - The username prior to the '@'.
+  // %d  - The domain name after the '@'.
+  // %dc - The domain name hierarchal string e.g. "dc=test,dc=domain,dc=com"
+  // %dn - DN found by ldap search when search_filter/search_base_dn are used
+  'base_dn'       => '',
+  'bind_dn'       => '',
+  'bind_pass'     => '',
+  // It's possible to bind for an individual address book
+  // The login name is used to search for the DN to bind with
+  'search_base_dn' => '',
+  'search_filter'  => '',   // e.g. '(&(objectClass=posixAccount)(uid=%u))'
+  // DN and password to bind as before searching for bind DN, if anonymous search is not allowed
+  'search_bind_dn' => '',
+  'search_bind_pw' => '',
+  // Default for %dn variable if search doesn't return DN value
+  'search_dn_default' => '',
+  // Optional authentication identifier to be used as SASL authorization proxy
+  // bind_dn need to be empty
+  'auth_cid'       => '',
+  // SASL authentication method (for proxy auth), e.g. DIGEST-MD5
+  'auth_method'    => '',
+  // Indicates if the addressbook shall be hidden from the list.
+  // With this option enabled you can still search/view contacts.
+  'hidden'        => false,
+  // Indicates if the addressbook shall not list contacts but only allows searching.
+  'searchonly'    => false,
+  // Indicates if we can write to the LDAP directory or not.
+  // If writable is true then these fields need to be populated:
+  // LDAP_Object_Classes, required_fields, LDAP_rdn
+  'writable'       => false,
+  // To create a new contact these are the object classes to specify
+  // (or any other classes you wish to use).
+  'LDAP_Object_Classes' => array('top', 'inetOrgPerson'),
+  // The RDN field that is used for new entries, this field needs
+  // to be one of the search_fields, the base of base_dn is appended
+  // to the RDN to insert into the LDAP directory.
+  'LDAP_rdn'       => 'cn',
+  // The required fields needed to build a new contact as required by
+  // the object classes (can include additional fields not required by the object classes).
+  'required_fields' => array('cn', 'sn', 'mail'),
+  'search_fields'   => array('mail', 'cn'),  // fields to search in
+  // mapping of contact fields to directory attributes
+  //   for every attribute one can specify the number of values (limit) allowed.
+  //   default is 1, a wildcard * means unlimited
+  'fieldmap' => array(
+    // Roundcube  => LDAP:limit
+    'name'        => 'cn',
+    'surname'     => 'sn',
+    'firstname'   => 'givenName',
+    'title'       => 'title',
+    'email'       => 'mail:*',
+    'phone:home'  => 'homePhone',
+    'phone:work'  => 'telephoneNumber',
+    'phone:mobile' => 'mobile',
+    'phone:pager' => 'pager',
+    'street'      => 'street',
+    'zipcode'     => 'postalCode',
+    'region'      => 'st',
+    'locality'    => 'l',
+// if you uncomment country, you need to modify 'sub_fields' above
+//    'country'     => 'c',
+    'department'  => 'departmentNumber',
+    'notes'       => 'description',
+// these currently don't work:
+//    'phone:workfax' => 'facsimileTelephoneNumber',
+//    'photo'        => 'jpegPhoto',
+//    'organization' => 'o',
+//    'manager'      => 'manager',
+//    'assistant'    => 'secretary',
+  ),
+  // Map of contact sub-objects (attribute name => objectClass(es)), e.g. 'c' => 'country'
+  'sub_fields' => array(),
+  'sort'          => 'cn',    // The field to sort the listing by.
+  'scope'         => 'sub',   // search mode: sub|base|list
+  'filter'        => '(objectClass=inetOrgPerson)',      // used for basic listing (if not empty) and will be &'d with search queries. example: status=act
+  'fuzzy_search'  => true,    // server allows wildcard search
+  'vlv'           => false,   // Enable Virtual List View to more efficiently fetch paginated data (if server supports it)
+  'numsub_filter' => '(objectClass=organizationalUnit)',   // with VLV, we also use numSubOrdinates to query the total number of records. Set this filter to get all numSubOrdinates attributes for counting
+  'sizelimit'     => '0',     // Enables you to limit the count of entries fetched. Setting this to 0 means no limit.
+  'timelimit'     => '0',     // Sets the number of seconds how long is spend on the search. Setting this to 0 means no limit.
+  'referrals'     => true|false,  // Sets the LDAP_OPT_REFERRALS option. Mostly used in multi-domain Active Directory setups
+
+  // definition for contact groups (uncomment if no groups are supported)
+  // for the groups base_dn, the user replacements %fu, %u, $d and %dc work as for base_dn (see above)
+  // if the groups base_dn is empty, the contact base_dn is used for the groups as well
+  // -> in this case, assure that groups and contacts are separated due to the concernig filters! 
+  'groups'        => array(
+    'base_dn'     => '',
+    'scope'       => 'sub',   // search mode: sub|base|list
+    'filter'      => '(objectClass=groupOfNames)',
+    'object_classes' => array("top", "groupOfNames"),
+    'member_attr'  => 'member',   // name of the member attribute, e.g. uniqueMember
+    'name_attr'    => 'cn',       // attribute to be used as group name
+  ),
+);
+*/
+
+// An ordered array of the ids of the addressbooks that should be searched
+// when populating address autocomplete fields server-side. ex: array('sql','Verisign');
+$rcmail_config['autocomplete_addressbooks'] = array('sql');
+
+// The minimum number of characters required to be typed in an autocomplete field
+// before address books will be searched. Most useful for LDAP directories that
+// may need to do lengthy results building given overly-broad searches
+$rcmail_config['autocomplete_min_length'] = 1;
+
+// Number of parallel autocomplete requests.
+// If there's more than one address book, n parallel (async) requests will be created,
+// where each request will search in one address book. By default (0), all address
+// books are searched in one request.
+$rcmail_config['autocomplete_threads'] = 0;
+
+// Max. numer of entries in autocomplete popup. Default: 15.
+$rcmail_config['autocomplete_max'] = 15;
+
+// show address fields in this order
+// available placeholders: {street}, {locality}, {zipcode}, {country}, {region}
+$rcmail_config['address_template'] = '{street}
{locality} {zipcode}
{country} {region}';
+
+// Matching mode for addressbook search (including autocompletion)
+// 0 - partial (*abc*), default
+// 1 - strict (abc)
+// 2 - prefix (abc*)
+// Note: For LDAP sources fuzzy_search must be enabled to use 'partial' or 'prefix' mode
+$rcmail_config['addressbook_search_mode'] = 0;
+
+// ----------------------------------
+// USER PREFERENCES
+// ----------------------------------
+
+// Use this charset as fallback for message decoding
+//$rcmail_config['default_charset'] = 'ISO-8859-1';
+$rcmail_config['default_charset'] = 'UTF-8';
+
+// skin name: folder from skins/
+$rcmail_config['skin'] = 'larry';
+
+// show up to X items in messages list view
+$rcmail_config['mail_pagesize'] = 50;
+
+// show up to X items in contacts list view
+$rcmail_config['addressbook_pagesize'] = 50;
+
+// sort contacts by this col (preferably either one of name, firstname, surname)
+$rcmail_config['addressbook_sort_col'] = 'surname';
+
+// the way how contact names are displayed in the list
+// 0: display name
+// 1: (prefix) firstname middlename surname (suffix)
+// 2: (prefix) surname firstname middlename (suffix)
+// 3: (prefix) surname, firstname middlename (suffix)
+$rcmail_config['addressbook_name_listing'] = 0;
+
+// use this timezone to display date/time
+// valid timezone identifers are listed here: php.net/manual/en/timezones.php
+// 'auto' will use the browser's timezone settings
+$rcmail_config['timezone'] = 'auto';
+
+// prefer displaying HTML messages
+$rcmail_config['prefer_html'] = true;
+
+// display remote inline images
+// 0 - Never, always ask
+// 1 - Ask if sender is not in address book
+// 2 - Always show inline images
+$rcmail_config['show_images'] = 0;
+
+// compose html formatted messages by default
+// 0 - never, 1 - always, 2 - on reply to HTML message only 
+$rcmail_config['htmleditor'] = 0;
+
+// show pretty dates as standard
+$rcmail_config['prettydate'] = true;
+
+// save compose message every 30 seconds
+$rcmail_config['draft_autosave'] = 30;
+
+// default setting if preview pane is enabled
+$rcmail_config['preview_pane'] = false;
+
+// Mark as read when viewed in preview pane (delay in seconds)
+// Set to -1 if messages in preview pane should not be marked as read
+$rcmail_config['preview_pane_mark_read'] = 0;
+
+// Clear Trash on logout
+$rcmail_config['logout_purge'] = false;
+
+// Compact INBOX on logout
+$rcmail_config['logout_expunge'] = false;
+
+// Display attached images below the message body 
+$rcmail_config['inline_images'] = true;
+
+// Encoding of long/non-ascii attachment names:
+// 0 - Full RFC 2231 compatible
+// 1 - RFC 2047 for 'name' and RFC 2231 for 'filename' parameter (Thunderbird's default)
+// 2 - Full 2047 compatible
+$rcmail_config['mime_param_folding'] = 1;
+
+// Set true if deleted messages should not be displayed
+// This will make the application run slower
+$rcmail_config['skip_deleted'] = false;
+
+// Set true to Mark deleted messages as read as well as deleted
+// False means that a message's read status is not affected by marking it as deleted
+$rcmail_config['read_when_deleted'] = true;
+
+// Set to true to never delete messages immediately
+// Use 'Purge' to remove messages marked as deleted
+$rcmail_config['flag_for_deletion'] = false;
+
+// Default interval for keep-alive/check-recent requests (in seconds)
+// Must be greater than or equal to 'min_keep_alive' and less than 'session_lifetime'
+$rcmail_config['keep_alive'] = 60;
+
+// If true all folders will be checked for recent messages
+$rcmail_config['check_all_folders'] = false;
+
+// If true, after message delete/move, the next message will be displayed
+$rcmail_config['display_next'] = false;
+
+// 0 - Do not expand threads 
+// 1 - Expand all threads automatically 
+// 2 - Expand only threads with unread messages 
+$rcmail_config['autoexpand_threads'] = 0;
+
+// When replying place cursor above original message (top posting)
+$rcmail_config['top_posting'] = false;
+
+// When replying strip original signature from message
+$rcmail_config['strip_existing_sig'] = true;
+
+// Show signature:
+// 0 - Never
+// 1 - Always
+// 2 - New messages only
+// 3 - Forwards and Replies only
+$rcmail_config['show_sig'] = 1;
+
+// When replying or forwarding place sender's signature above existing message
+$rcmail_config['sig_above'] = false;
+
+// Use MIME encoding (quoted-printable) for 8bit characters in message body
+$rcmail_config['force_7bit'] = false;
+
+// Defaults of the search field configuration.
+// The array can contain a per-folder list of header fields which should be considered when searching
+// The entry with key '*' stands for all folders which do not have a specific list set.
+// Please note that folder names should to be in sync with $rcmail_config['default_folders']
+$rcmail_config['search_mods'] = null;  // Example: array('*' => array('subject'=>1, 'from'=>1), 'Sent' => array('subject'=>1, 'to'=>1));
+
+// Defaults of the addressbook search field configuration.
+$rcmail_config['addressbook_search_mods'] = null;  // Example: array('name'=>1, 'firstname'=>1, 'surname'=>1, 'email'=>1, '*'=>1);
+
+// 'Delete always'
+// This setting reflects if mail should be always deleted
+// when moving to Trash fails. This is necessary in some setups
+// when user is over quota and Trash is included in the quota.
+$rcmail_config['delete_always'] = false;
+
+// Directly delete messages in Junk instead of moving to Trash
+$rcmail_config['delete_junk'] = true;
+
+// Behavior if a received message requests a message delivery notification (read receipt)
+// 0 = ask the user, 1 = send automatically, 2 = ignore (never send or ask)
+// 3 = send automatically if sender is in addressbook, otherwise ask the user
+// 4 = send automatically if sender is in addressbook, otherwise ignore
+$rcmail_config['mdn_requests'] = 0;
+
+// Return receipt checkbox default state
+$rcmail_config['mdn_default'] = 0;
+
+// Delivery Status Notification checkbox default state
+$rcmail_config['dsn_default'] = 0;
+
+// Place replies in the folder of the message being replied to
+$rcmail_config['reply_same_folder'] = false;
+
+// Sets default mode of Forward feature to "forward as attachment"
+$rcmail_config['forward_attachment'] = false;
+
+// Defines address book (internal index) to which new contacts will be added
+// By default it is the first writeable addressbook.
+// Note: Use '0' for built-in address book.
+$rcmail_config['default_addressbook'] = null;
+
+// Enables spell checking before sending a message.
+$rcmail_config['spellcheck_before_send'] = false;
+
+// Skip alternative email addresses in autocompletion (show one address per contact)
+$rcmail_config['autocomplete_single'] = false;
+
+// Default font for composed HTML message.
+// Supported values: Andale Mono, Arial, Arial Black, Book Antiqua, Courier New,
+// Georgia, Helvetica, Impact, Tahoma, Terminal, Times New Roman, Trebuchet MS, Verdana
+$rcmail_config['default_font'] = '';
+
+// end of config file
diff --git a/install/ubuntu/17.04/roundcube/vesta.php b/install/ubuntu/17.04/roundcube/vesta.php
new file mode 100644
index 00000000..99e1d4bc
--- /dev/null
+++ b/install/ubuntu/17.04/roundcube/vesta.php
@@ -0,0 +1,71 @@
+
+ */
+
+    function password_save($curpass, $passwd)
+    {
+        $rcmail = rcmail::get_instance();
+        $vesta_host = $rcmail->config->get('password_vesta_host');
+
+        if (empty($vesta_host))
+        {
+            $vesta_host = 'localhost';
+        }
+
+        $vesta_port = $rcmail->config->get('password_vesta_port');
+        if (empty($vesta_port))
+        {
+            $vesta_port = '8083';
+        }
+
+        $postvars = array(
+          'email' => $_SESSION['username'],
+          'password' => $curpass,
+          'new' => $passwd
+        );
+
+        $postdata = http_build_query($postvars);
+
+        $send  = 'POST /reset/mail/ HTTP/1.1' . PHP_EOL;
+        $send .= 'Host: ' . $vesta_host . PHP_EOL;
+        $send .= 'User-Agent: PHP Script' . PHP_EOL;
+        $send .= 'Content-length: ' . strlen($postdata) . PHP_EOL;
+        $send .= 'Content-type: application/x-www-form-urlencoded' . PHP_EOL;
+        $send .= 'Connection: close' . PHP_EOL;
+        $send .= PHP_EOL;
+        $send .= $postdata . PHP_EOL . PHP_EOL;
+
+        //$fp = fsockopen('ssl://' . $vesta_host, $vesta_port);
+        $errno = "";
+        $errstr = "";
+        $context = stream_context_create();
+        $result = stream_context_set_option($context, 'ssl', 'verify_peer', false);
+        $result = stream_context_set_option($context, 'ssl', 'verify_peer_name', false);
+        $result = stream_context_set_option($context, 'ssl', 'verify_host', false);
+        $result = stream_context_set_option($context, 'ssl', 'allow_self_signed', true);
+
+        $fp = stream_socket_client('ssl://' . $vesta_host . ':'.$vesta_port, $errno, $errstr, 60, STREAM_CLIENT_CONNECT, $context);
+        fputs($fp, $send);
+        $result = fread($fp, 2048);
+        fclose($fp);
+
+        $fp = fopen("/tmp/roundcube.log", 'w');
+        fwrite($fp, "test ok");
+        fwrite($fp, "\n");
+        fclose($fp);
+
+
+        if(strpos($result, 'ok') && !strpos($result, 'error'))
+        {
+            return PASSWORD_SUCCESS;
+        }
+        else {
+            return PASSWORD_ERROR;
+        }
+
+    }
diff --git a/install/ubuntu/17.04/sudo/admin b/install/ubuntu/17.04/sudo/admin
new file mode 100644
index 00000000..4226bdd4
--- /dev/null
+++ b/install/ubuntu/17.04/sudo/admin
@@ -0,0 +1,8 @@
+# Created by vesta installer
+Defaults env_keep="VESTA"
+Defaults:admin !syslog
+Defaults:admin !requiretty
+Defaults:root !requiretty
+
+admin   ALL=(ALL)       ALL
+admin   ALL=NOPASSWD:/usr/local/vesta/bin/*
diff --git a/install/ubuntu/17.04/templates/dns/child-ns.tpl b/install/ubuntu/17.04/templates/dns/child-ns.tpl
new file mode 100755
index 00000000..42c046e4
--- /dev/null
+++ b/install/ubuntu/17.04/templates/dns/child-ns.tpl
@@ -0,0 +1,14 @@
+ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns1.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns2.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='4' RECORD='ns1' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='5' RECORD='ns2' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='7' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='8' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='9' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='10' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='11' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='12' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='13' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='14' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%'
diff --git a/install/ubuntu/17.04/templates/dns/default.tpl b/install/ubuntu/17.04/templates/dns/default.tpl
new file mode 100755
index 00000000..e0a37e62
--- /dev/null
+++ b/install/ubuntu/17.04/templates/dns/default.tpl
@@ -0,0 +1,18 @@
+ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='3' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns3%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='4' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns4%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='5' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns5%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='6' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns6%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='7' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns7%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='8' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns8%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='9' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='10' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='11' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='12' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='13' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='14' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='15' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='16' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='17' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='18' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%'
diff --git a/install/ubuntu/17.04/templates/dns/gmail.tpl b/install/ubuntu/17.04/templates/dns/gmail.tpl
new file mode 100755
index 00000000..219c9d24
--- /dev/null
+++ b/install/ubuntu/17.04/templates/dns/gmail.tpl
@@ -0,0 +1,12 @@
+ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='4' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='5' RECORD='localhost' TYPE='A' PRIORITY='' VALUE='127.0.0.1' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='7' RECORD='@' TYPE='MX' PRIORITY='1' VALUE='ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='8' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT1.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='9' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT2.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='10' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT3.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='11' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT4.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='12' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% include:_spf.google.com ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
diff --git a/install/ubuntu/17.04/templates/web/apache2/basedir.stpl b/install/ubuntu/17.04/templates/web/apache2/basedir.stpl
new file mode 100644
index 00000000..d978d4c4
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/apache2/basedir.stpl
@@ -0,0 +1,44 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %sdocroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+        SSLRequireSSL
+        Options +Includes -Indexes +ExecCGI
+        php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+        php_admin_value upload_tmp_dir %home%/%user%/tmp
+        php_admin_value session.save_path %home%/%user%/tmp
+        php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
+    
+    
+        AllowOverride All
+    
+    SSLEngine on
+    SSLVerifyClient none
+    SSLCertificateFile %ssl_crt%
+    SSLCertificateKeyFile %ssl_key%
+    %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+
+    
+        RMode config
+        RUidGid %user% %group%
+        RGroups www-data
+    
+    
+        AssignUserID %user% %group%
+    
+
+    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/17.04/templates/web/apache2/basedir.tpl b/install/ubuntu/17.04/templates/web/apache2/basedir.tpl
new file mode 100644
index 00000000..96c94a1b
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/apache2/basedir.tpl
@@ -0,0 +1,38 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %docroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+        php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+        php_admin_value upload_tmp_dir %home%/%user%/tmp
+        php_admin_value session.save_path %home%/%user%/tmp
+        php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
+    
+    
+        AllowOverride All
+    
+
+    
+        RMode config
+        RUidGid %user% %group%
+        RGroups www-data
+    
+    
+        AssignUserID %user% %group%
+    
+
+    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/17.04/templates/web/apache2/default.stpl b/install/ubuntu/17.04/templates/web/apache2/default.stpl
new file mode 100644
index 00000000..ec34c279
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/apache2/default.stpl
@@ -0,0 +1,43 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %sdocroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+        SSLRequireSSL
+        Options +Includes -Indexes +ExecCGI
+        php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
+        php_admin_value upload_tmp_dir %home%/%user%/tmp
+        php_admin_value session.save_path %home%/%user%/tmp
+    
+    
+        AllowOverride All
+    
+    SSLEngine on
+    SSLVerifyClient none
+    SSLCertificateFile %ssl_crt%
+    SSLCertificateKeyFile %ssl_key%
+    %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+
+    
+        RMode config
+        RUidGid %user% %group%
+        RGroups www-data
+    
+    
+        AssignUserID %user% %group%
+    
+
+    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/17.04/templates/web/apache2/default.tpl b/install/ubuntu/17.04/templates/web/apache2/default.tpl
new file mode 100644
index 00000000..3a227015
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/apache2/default.tpl
@@ -0,0 +1,37 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %docroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+        php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+        php_admin_value upload_tmp_dir %home%/%user%/tmp
+        php_admin_value session.save_path %home%/%user%/tmp
+    
+    
+        AllowOverride All
+    
+
+    
+        RMode config
+        RUidGid %user% %group%
+        RGroups www-data
+    
+    
+        AssignUserID %user% %group%
+    
+
+    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/17.04/templates/web/apache2/hosting.stpl b/install/ubuntu/17.04/templates/web/apache2/hosting.stpl
new file mode 100644
index 00000000..8892072b
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/apache2/hosting.stpl
@@ -0,0 +1,49 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %sdocroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+        SSLRequireSSL
+        Options +Includes -Indexes +ExecCGI
+        php_admin_value upload_max_filesize 10M
+        php_admin_value max_execution_time 20
+        php_admin_value post_max_size  8M
+        php_admin_value memory_limit 32M
+        php_admin_flag mysql.allow_persistent  off
+        php_admin_flag safe_mode off
+        php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
+        php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube
+        php_admin_value upload_tmp_dir %home%/%user%/tmp
+        php_admin_value session.save_path %home%/%user%/tmp
+    
+    
+        AllowOverride All
+    
+    SSLEngine on
+    SSLVerifyClient none
+    SSLCertificateFile %ssl_crt%
+    SSLCertificateKeyFile %ssl_key%
+    %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+    
+        RMode config
+        RUidGid %user% %group%
+        RGroups www-data
+    
+    
+        AssignUserID %user% %group%
+    
+
+    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/17.04/templates/web/apache2/hosting.tpl b/install/ubuntu/17.04/templates/web/apache2/hosting.tpl
new file mode 100644
index 00000000..1eb26910
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/apache2/hosting.tpl
@@ -0,0 +1,43 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %docroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+        php_admin_value upload_max_filesize 10M
+        php_admin_value max_execution_time 20
+        php_admin_value post_max_size  8M
+        php_admin_value memory_limit 32M
+        php_admin_flag mysql.allow_persistent  off
+        php_admin_flag safe_mode off
+        php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
+        php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube
+        php_admin_value upload_tmp_dir %home%/%user%/tmp
+        php_admin_value session.save_path %home%/%user%/tmp
+    
+    
+        AllowOverride All
+    
+    
+        RMode config
+        RUidGid %user% %group%
+        RGroups www-data
+    
+    
+        AssignUserID %user% %group%
+    
+
+    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/17.04/templates/web/apache2/phpcgi.sh b/install/ubuntu/17.04/templates/web/apache2/phpcgi.sh
new file mode 100755
index 00000000..6565e103
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/apache2/phpcgi.sh
@@ -0,0 +1,16 @@
+#!/bin/bash
+# Adding php wrapper
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+wrapper_script='#!/usr/bin/php-cgi -cphp5-cgi.ini'
+wrapper_file="$home_dir/$user/web/$domain/cgi-bin/php"
+
+echo "$wrapper_script" > $wrapper_file
+chown $user:$user $wrapper_file
+chmod -f 751 $wrapper_file
+
+exit 0
diff --git a/install/ubuntu/17.04/templates/web/apache2/phpcgi.stpl b/install/ubuntu/17.04/templates/web/apache2/phpcgi.stpl
new file mode 100644
index 00000000..731355bc
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/apache2/phpcgi.stpl
@@ -0,0 +1,38 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %sdocroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        SSLRequireSSL
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+        php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+        php_admin_value upload_tmp_dir %home%/%user%/tmp
+        php_admin_value session.save_path %home%/%user%/tmp
+        Action phpcgi-script /cgi-bin/php
+        
+            SetHandler phpcgi-script
+        
+    
+    
+        AllowOverride All
+    
+    SSLEngine on
+    SSLVerifyClient none
+    SSLCertificateFile %ssl_crt%
+    SSLCertificateKeyFile %ssl_key%
+    %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+
+    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/17.04/templates/web/apache2/phpcgi.tpl b/install/ubuntu/17.04/templates/web/apache2/phpcgi.tpl
new file mode 100644
index 00000000..c6796d29
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/apache2/phpcgi.tpl
@@ -0,0 +1,31 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %docroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+        php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+        php_admin_value upload_tmp_dir %home%/%user%/tmp
+        php_admin_value session.save_path %home%/%user%/tmp
+        Action phpcgi-script /cgi-bin/php
+        
+            SetHandler phpcgi-script
+        
+    
+    
+        AllowOverride All
+    
+    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/17.04/templates/web/apache2/phpfcgid.sh b/install/ubuntu/17.04/templates/web/apache2/phpfcgid.sh
new file mode 100755
index 00000000..e8058249
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/apache2/phpfcgid.sh
@@ -0,0 +1,22 @@
+#!/bin/bash
+# Adding php wrapper
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+wrapper_script="#!/bin/sh
+PHPRC=/usr/local/lib
+export PHPRC
+export PHP_FCGI_MAX_REQUESTS=1000
+export PHP_FCGI_CHILDREN=20
+exec  /usr/bin/php-cgi
+"
+wrapper_file="$home_dir/$user/web/$domain/cgi-bin/fcgi-starter"
+
+echo "$wrapper_script" > $wrapper_file
+chown $user:$user $wrapper_file
+chmod -f 751 $wrapper_file
+
+exit 0
diff --git a/install/ubuntu/17.04/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/17.04/templates/web/apache2/phpfcgid.stpl
new file mode 100644
index 00000000..156c8a91
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/apache2/phpfcgid.stpl
@@ -0,0 +1,39 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %sdocroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        SSLRequireSSL
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+        php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+        php_admin_value upload_tmp_dir %home%/%user%/tmp
+        php_admin_value session.save_path %home%/%user%/tmp
+        
+          SetHandler fcgid-script
+        
+        FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php
+    
+    
+        AllowOverride All
+    
+    php_admin_value open_basedir none
+    SSLEngine on
+    SSLVerifyClient none
+    SSLCertificateFile %ssl_crt%
+    SSLCertificateKeyFile %ssl_key%
+    %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+
+    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/17.04/templates/web/apache2/phpfcgid.tpl b/install/ubuntu/17.04/templates/web/apache2/phpfcgid.tpl
new file mode 100644
index 00000000..a4c01269
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/apache2/phpfcgid.tpl
@@ -0,0 +1,31 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %docroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+        php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+        php_admin_value upload_tmp_dir %home%/%user%/tmp
+        php_admin_value session.save_path %home%/%user%/tmp
+        
+          SetHandler fcgid-script
+        
+        FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php
+    
+    
+        AllowOverride All
+    
+    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/17.04/templates/web/awstats/awstats.tpl b/install/ubuntu/17.04/templates/web/awstats/awstats.tpl
new file mode 100755
index 00000000..9a92e0fd
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/awstats/awstats.tpl
@@ -0,0 +1,133 @@
+LogFile="/var/log/%web_system%/domains/%domain%.log"
+LogType=W
+LogFormat=1
+LogSeparator=" "
+SiteDomain="%domain_idn%"
+HostAliases="%alias_idn%"
+DirData="%home%/%user%/web/%domain%/stats"
+DirCgi="/vstats"
+DirIcons="/vstats/icon"
+AllowToUpdateStatsFromBrowser=0
+AllowFullYearView=2
+EnableLockForUpdate=1
+DNSStaticCacheFile="dnscache.txt"
+DNSLastUpdateCacheFile="dnscachelastupdate.txt"
+SkipDNSLookupFor=""
+AllowAccessFromWebToAuthenticatedUsersOnly=0
+AllowAccessFromWebToFollowingAuthenticatedUsers=""
+AllowAccessFromWebToFollowingIPAddresses=""
+CreateDirDataIfNotExists=0
+BuildHistoryFormat=text
+BuildReportFormat=html
+SaveDatabaseFilesWithPermissionsForEveryone=0
+PurgeLogFile=0
+ArchiveLogRecords=0
+KeepBackupOfHistoricFiles=1
+DefaultFile="index.php index.html"
+SkipHosts="127.0.0.1
+SkipUserAgents=""
+SkipFiles=""
+SkipReferrersBlackList=""
+OnlyHosts=""
+OnlyUserAgents=""
+OnlyUsers=""
+OnlyFiles=""
+NotPageList="css js class gif jpg jpeg png bmp ico rss xml swf"
+ValidHTTPCodes="200 304"
+ValidSMTPCodes="1 250"
+AuthenticatedUsersNotCaseSensitive=0
+URLNotCaseSensitive=0
+URLWithAnchor=0
+URLQuerySeparators="?;"
+URLWithQuery=0
+URLWithQueryWithOnlyFollowingParameters=""
+URLWithQueryWithoutFollowingParameters=""
+URLReferrerWithQuery=0
+WarningMessages=1
+ErrorMessages=""
+DebugMessages=0
+NbOfLinesForCorruptedLog=50
+WrapperScript=""
+DecodeUA=0
+MiscTrackerUrl="/js/awstats_misc_tracker.js"
+UseFramesWhenCGI=1
+DetailedReportsOnNewWindows=1
+Expires=3600
+MaxRowsInHTMLOutput=1000
+Lang="auto"
+DirLang="./lang"
+ShowMenu=1
+ShowSummary=UVPHB
+ShowMonthStats=UVPHB
+ShowDaysOfMonthStats=VPHB
+ShowDaysOfWeekStats=PHB
+ShowHoursStats=PHB
+ShowDomainsStats=PHB
+ShowHostsStats=PHBL
+ShowAuthenticatedUsers=0
+ShowRobotsStats=HBL
+ShowWormsStats=0
+ShowEMailSenders=0
+ShowEMailReceivers=0
+ShowSessionsStats=1
+ShowPagesStats=PBEX
+ShowFileTypesStats=HB
+ShowFileSizesStats=0
+ShowDownloadsStats=HB
+ShowOSStats=1
+ShowBrowsersStats=1
+ShowScreenSizeStats=0
+ShowOriginStats=PH
+ShowKeyphrasesStats=1
+ShowKeywordsStats=1
+ShowMiscStats=a
+ShowHTTPErrorsStats=1
+ShowSMTPErrorsStats=0
+ShowClusterStats=0
+AddDataArrayMonthStats=1
+AddDataArrayShowDaysOfMonthStats=1
+AddDataArrayShowDaysOfWeekStats=1
+AddDataArrayShowHoursStats=1
+IncludeInternalLinksInOriginSection=0
+MaxNbOfDomain = 10
+MinHitDomain  = 1
+MaxNbOfHostsShown = 10
+MinHitHost    = 1
+MaxNbOfLoginShown = 10
+MinHitLogin   = 1
+MaxNbOfRobotShown = 10
+MinHitRobot   = 1
+MaxNbOfDownloadsShown = 10
+MinHitDownloads = 1
+MaxNbOfPageShown = 10
+MinHitFile    = 1
+MaxNbOfOsShown = 10
+MinHitOs      = 1
+MaxNbOfBrowsersShown = 10
+MinHitBrowser = 1
+MaxNbOfScreenSizesShown = 5
+MinHitScreenSize = 1
+MaxNbOfWindowSizesShown = 5
+MinHitWindowSize = 1
+MaxNbOfRefererShown = 10
+MinHitRefer   = 1
+MaxNbOfKeyphrasesShown = 10
+MinHitKeyphrase = 1
+MaxNbOfKeywordsShown = 10
+MinHitKeyword = 1
+MaxNbOfEMailsShown = 20
+MinHitEMail   = 1
+FirstDayOfWeek=0
+ShowFlagLinks=""
+ShowLinksOnUrl=1
+UseHTTPSLinkForUrl=""
+MaxLengthOfShownURL=64
+HTMLHeadSection=""
+HTMLEndSection=""
+MetaRobot=0
+Logo="awstats_logo6.png"
+LogoLink="http://awstats.sourceforge.net"
+BarWidth   = 260
+BarHeight  = 90
+StyleSheet=""
+ExtraTrackedRowsLimit=500
diff --git a/install/ubuntu/17.04/templates/web/awstats/index.tpl b/install/ubuntu/17.04/templates/web/awstats/index.tpl
new file mode 100755
index 00000000..9df9bb5c
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/awstats/index.tpl
@@ -0,0 +1,10 @@
+
+
+    
+    Awstats log analyzer 
+
+
+    
+    
+
+
diff --git a/install/ubuntu/17.04/templates/web/awstats/nav.tpl b/install/ubuntu/17.04/templates/web/awstats/nav.tpl
new file mode 100755
index 00000000..f29bed68
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/awstats/nav.tpl
@@ -0,0 +1,23 @@
+
+
+    Awstats navigation
+    
+
+
+
+
+    
+    
+
+ 
+        
+    
+    
+
+
diff --git a/install/ubuntu/17.04/templates/web/nginx/caching.sh b/install/ubuntu/17.04/templates/web/nginx/caching.sh
new file mode 100755
index 00000000..09d8efe7
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/caching.sh
@@ -0,0 +1,19 @@
+#!/bin/bash
+
+user=$1
+domain=$2
+ip=$3
+home=$4
+docroot=$5
+
+str="proxy_cache_path /var/cache/nginx/$domain levels=2" 
+str="$str keys_zone=$domain:10m inactive=60m max_size=512m;" 
+conf='/etc/nginx/conf.d/01_caching_pool.conf'
+if [ -e "$conf" ]; then
+    if [ -z "$(grep "=${domain}:" $conf)" ]; then
+        echo "$str" >> $conf
+    fi
+else
+    echo "$str" >> $conf
+fi
+
diff --git a/install/ubuntu/17.04/templates/web/nginx/caching.stpl b/install/ubuntu/17.04/templates/web/nginx/caching.stpl
new file mode 100755
index 00000000..5e0e4064
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/caching.stpl
@@ -0,0 +1,44 @@
+server {
+    listen      %ip%:%proxy_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass https://%ip%:%web_ssl_port%;
+
+        proxy_cache cache;
+        proxy_cache_valid 15m;
+        proxy_cache_valid 404 1m;
+        proxy_no_cache $no_cache;
+        proxy_cache_bypass $no_cache;
+        proxy_cache_bypass $cookie_session $http_x_update;
+
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            proxy_cache    off;
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/caching.tpl b/install/ubuntu/17.04/templates/web/nginx/caching.tpl
new file mode 100755
index 00000000..36761b65
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/caching.tpl
@@ -0,0 +1,41 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      http://%ip%:%web_port%;
+
+        proxy_cache cache;
+        proxy_cache_valid 15m;
+        proxy_cache_valid 404 1m;
+        proxy_no_cache $no_cache;
+        proxy_cache_bypass $no_cache;
+        proxy_cache_bypass $cookie_session $http_x_update;
+
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            proxy_cache    off;
+            root           %docroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/default.stpl b/install/ubuntu/17.04/templates/web/nginx/default.stpl
new file mode 100755
index 00000000..fa538060
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/default.stpl
@@ -0,0 +1,36 @@
+server {
+    listen      %ip%:%proxy_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/install/ubuntu/17.04/templates/web/nginx/default.tpl b/install/ubuntu/17.04/templates/web/nginx/default.tpl
new file mode 100755
index 00000000..4d5c774b
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/default.tpl
@@ -0,0 +1,33 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %docroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
+
diff --git a/install/ubuntu/17.04/templates/web/nginx/hosting.sh b/install/ubuntu/17.04/templates/web/nginx/hosting.sh
new file mode 100755
index 00000000..eeed37ef
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/hosting.sh
@@ -0,0 +1,11 @@
+#!/bin/bash
+# Changing public_html permission
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+chmod 755 $docroot
+
+exit 0
diff --git a/install/ubuntu/17.04/templates/web/nginx/hosting.stpl b/install/ubuntu/17.04/templates/web/nginx/hosting.stpl
new file mode 100755
index 00000000..d778d633
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/hosting.stpl
@@ -0,0 +1,38 @@
+server {
+    listen      %ip%:%proxy_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/install/ubuntu/17.04/templates/web/nginx/hosting.tpl b/install/ubuntu/17.04/templates/web/nginx/hosting.tpl
new file mode 100755
index 00000000..15961c95
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/hosting.tpl
@@ -0,0 +1,35 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %docroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
+
diff --git a/install/ubuntu/17.04/templates/web/nginx/http2.stpl b/install/ubuntu/17.04/templates/web/nginx/http2.stpl
new file mode 100644
index 00000000..76dd2f8e
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/http2.stpl
@@ -0,0 +1,36 @@
+server {
+    listen      %ip%:%proxy_ssl_port% http2;
+    server_name %domain_idn% %alias_idn%;
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/httpd/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/httpd/domains/%domain%.log combined;
+            access_log     /var/log/httpd/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/install/ubuntu/17.04/templates/web/nginx/http2.tpl b/install/ubuntu/17.04/templates/web/nginx/http2.tpl
new file mode 100644
index 00000000..c1fec114
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/http2.tpl
@@ -0,0 +1,33 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/httpd/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %docroot%;
+            access_log     /var/log/httpd/domains/%domain%.log combined;
+            access_log     /var/log/httpd/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
+
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/cms_made_simple.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/cms_made_simple.stpl
new file mode 100644
index 00000000..d85bcce3
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/cms_made_simple.stpl
@@ -0,0 +1,56 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ /index.php?page=$request_uri;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/cms_made_simple.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/cms_made_simple.tpl
new file mode 100644
index 00000000..f9e90393
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/cms_made_simple.tpl
@@ -0,0 +1,52 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        try_files $uri $uri/ /index.php?page=$request_uri;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/codeigniter2.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/codeigniter2.stpl
new file mode 100644
index 00000000..9c24c3ea
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/codeigniter2.stpl
@@ -0,0 +1,61 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location = /index.php {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param  SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location ~ \.php$ {
+        return 444;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/codeigniter2.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/codeigniter2.tpl
new file mode 100644
index 00000000..d2422be2
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/codeigniter2.tpl
@@ -0,0 +1,57 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location = /index.php {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param  SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location ~ \.php$ {
+        return 444;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/codeigniter3.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/codeigniter3.stpl
new file mode 100644
index 00000000..d7186314
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/codeigniter3.stpl
@@ -0,0 +1,56 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/codeigniter3.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/codeigniter3.tpl
new file mode 100644
index 00000000..54f81b99
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/codeigniter3.tpl
@@ -0,0 +1,52 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/datalife_engine.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/datalife_engine.stpl
new file mode 100644
index 00000000..4f0b9ec7
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/datalife_engine.stpl
@@ -0,0 +1,127 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last;
+
+        rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last;
+        rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last;
+        rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last;
+        rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last;
+
+        rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last;
+        rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last;
+        rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last;
+        rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last;
+
+        rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last;
+        rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last;
+
+        rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last;
+        rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last;
+
+        rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last;
+        rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last;
+
+        rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last;
+        rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last;
+        rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last;
+        rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last;
+        rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last;
+        rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last;
+
+        rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last;
+        rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last;
+
+        rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last;
+        rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last;
+        rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last;
+
+        rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last;
+        rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last;
+
+        rewrite "^/favorites(/?)+$" /index.php?do=favorites last;
+        rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last;
+
+        rewrite "^/rules.html$" /index.php?do=rules last;
+        rewrite "^/statistics.html$" /index.php?do=stats last;
+        rewrite "^/addnews.html$" /index.php?do=addnews last;
+        rewrite "^/rss.xml$" /engine/rss.php last;
+        rewrite "^/sitemap.xml$" /uploads/sitemap.xml last;
+
+        if (!-d $request_filename) {
+                rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last;
+                rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last;
+        }
+
+        if (!-f $request_filename) {
+                rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last;
+                rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last;
+                rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last;
+        }
+
+        if (!-f $request_filename) {
+                rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/datalife_engine.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/datalife_engine.tpl
new file mode 100644
index 00000000..3ea45347
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/datalife_engine.tpl
@@ -0,0 +1,123 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last;
+
+        rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last;
+        rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last;
+        rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last;
+        rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last;
+
+        rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last;
+        rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last;
+        rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last;
+        rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last;
+
+        rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last;
+        rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last;
+
+        rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last;
+        rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last;
+
+        rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last;
+        rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last;
+
+        rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last;
+        rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last;
+        rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last;
+        rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last;
+        rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last;
+        rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last;
+
+        rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last;
+        rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last;
+
+        rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last;
+        rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last;
+        rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last;
+
+        rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last;
+        rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last;
+
+        rewrite "^/favorites(/?)+$" /index.php?do=favorites last;
+        rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last;
+
+        rewrite "^/rules.html$" /index.php?do=rules last;
+        rewrite "^/statistics.html$" /index.php?do=stats last;
+        rewrite "^/addnews.html$" /index.php?do=addnews last;
+        rewrite "^/rss.xml$" /engine/rss.php last;
+        rewrite "^/sitemap.xml$" /uploads/sitemap.xml last;
+
+        if (!-d $request_filename) {
+                rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last;
+                rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last;
+        }
+
+        if (!-f $request_filename) {
+                rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last;
+                rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last;
+                rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last;
+        }
+
+        if (!-f $request_filename) {
+                rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/default.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/default.stpl
new file mode 100644
index 00000000..5cb55311
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/default.stpl
@@ -0,0 +1,55 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/default.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/default.tpl
new file mode 100644
index 00000000..a8909efb
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/default.tpl
@@ -0,0 +1,51 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/dokuwiki.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/dokuwiki.stpl
new file mode 100644
index 00000000..f85032ba
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/dokuwiki.stpl
@@ -0,0 +1,72 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        index doku.php;
+        try_files $uri $uri/ @dokuwiki;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location ~ ^/lib.*\.(gif|png|ico|jpg)$ {
+        expires 30d;
+    }
+
+    location ^~ /conf/ { return 403; }
+    location ^~ /data/ { return 403; }
+
+    location @dokuwiki {
+        rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last;
+        rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last;
+        rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last;
+        rewrite ^/(.*) /doku.php?id=$1 last;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/dokuwiki.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/dokuwiki.tpl
new file mode 100644
index 00000000..0a9a75ed
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/dokuwiki.tpl
@@ -0,0 +1,67 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        index doku.php;
+        try_files $uri $uri/ @dokuwiki;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location ~ ^/lib.*\.(gif|png|ico|jpg)$ {
+        expires 30d;
+    }
+
+    location ^~ /conf/ { return 403; }
+    location ^~ /data/ { return 403; }
+    location @dokuwiki {
+        rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last;
+        rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last;
+        rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last;
+        rewrite ^/(.*) /doku.php?id=$1 last;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal6.stpl
new file mode 100644
index 00000000..91a70936
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal6.stpl
@@ -0,0 +1,101 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+    }
+
+    # No no for private
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    # Block access to "hidden" files and directories whose names begin with a
+    # period. This includes directories used by version control systems such
+    # as Subversion or Git to store control files.
+    location ~ (^|/)\. {
+            return 403;
+        }
+
+    location / {
+        try_files $uri @rewrite;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $request_filename;
+            fastcgi_intercept_errors on;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location @rewrite {
+        # For Drupal 6 and bwlow:
+        # Some modules enforce no slash (/) at the end of the URL
+        # Else this rewrite block wouldn't be needed (GlobalRedirect)
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
+    location ~ ^/sites/.*/files/styles/ {
+        try_files $uri @rewrite;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal6.tpl
new file mode 100644
index 00000000..ac32dcd9
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal6.tpl
@@ -0,0 +1,98 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    # Very rarely should these ever be accessed outside of your lan
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+        }
+
+    # No no for private
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    # Block access to "hidden" files and directories whose names begin with a
+    # period. This includes directories used by version control systems such
+    # as Subversion or Git to store control files.
+    location ~ (^|/)\. {
+        return 403;
+    }
+
+    location / {
+        try_files $uri @rewrite;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $request_filename;
+            fastcgi_intercept_errors on;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location @rewrite {
+        # For Drupal 6 and bwlow:
+        # Some modules enforce no slash (/) at the end of the URL
+        # Else this rewrite block wouldn't be needed (GlobalRedirect)
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
+    location ~ ^/sites/.*/files/styles/ {
+        try_files $uri @rewrite;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.stpl
new file mode 100644
index 00000000..3b9dabf5
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.stpl
@@ -0,0 +1,101 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+    }
+
+    # No no for private
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    # Block access to "hidden" files and directories whose names begin with a
+    # period. This includes directories used by version control systems such
+    # as Subversion or Git to store control files.
+    location ~ (^|/)\. {
+            return 403;
+        }
+
+    location / {
+        try_files $uri @rewrite;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $request_filename;
+            fastcgi_intercept_errors on;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location @rewrite {
+        # You have 2 options here
+        # For D7 and above:
+        # Clean URLs are handled in drupal_environment_initialize().
+        rewrite ^ /index.php;
+    }
+
+    location ~ ^/sites/.*/files/styles/ {
+        try_files $uri @rewrite;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.tpl
new file mode 100644
index 00000000..1b979475
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.tpl
@@ -0,0 +1,98 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    # Very rarely should these ever be accessed outside of your lan
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+        }
+
+    # No no for private
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    # Block access to "hidden" files and directories whose names begin with a
+    # period. This includes directories used by version control systems such
+    # as Subversion or Git to store control files.
+    location ~ (^|/)\. {
+        return 403;
+    }
+
+    location / {
+        try_files $uri @rewrite;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $request_filename;
+            fastcgi_intercept_errors on;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location @rewrite {
+        # You have 2 options here
+        # For D7 and above:
+        # Clean URLs are handled in drupal_environment_initialize().
+        rewrite ^ /index.php;
+    }
+
+    location ~ ^/sites/.*/files/styles/ {
+        try_files $uri @rewrite;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.stpl
new file mode 100644
index 00000000..50d85b68
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.stpl
@@ -0,0 +1,102 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+    }
+
+    # No no for private
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    # Block access to "hidden" files and directories whose names begin with a
+    # period. This includes directories used by version control systems such
+    # as Subversion or Git to store control files.
+    location ~ (^|/)\. {
+            return 403;
+        }
+
+    location / {
+        try_files $uri @rewrite;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$)|^/update.php {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $request_filename;
+            fastcgi_intercept_errors on;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location @rewrite {
+        # You have 2 options here
+        # For D7 and above:
+        # Clean URLs are handled in drupal_environment_initialize().
+        rewrite ^ /index.php;
+    }
+
+    location ~ ^/sites/.*/files/styles/ {
+        try_files $uri @rewrite;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.tpl
new file mode 100644
index 00000000..71b538bf
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.tpl
@@ -0,0 +1,99 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    # Very rarely should these ever be accessed outside of your lan
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+        }
+
+    # No no for private
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    # Block access to "hidden" files and directories whose names begin with a
+    # period. This includes directories used by version control systems such
+    # as Subversion or Git to store control files.
+    location ~ (^|/)\. {
+        return 403;
+    }
+
+    location / {
+        try_files $uri @rewrite;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$)|^/update.php {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $request_filename;
+            fastcgi_intercept_errors on;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location @rewrite {
+        # You have 2 options here
+        # For D7 and above:
+        # Clean URLs are handled in drupal_environment_initialize().
+        rewrite ^ /index.php;
+    }
+
+    location ~ ^/sites/.*/files/styles/ {
+        try_files $uri @rewrite;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/joomla.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/joomla.stpl
new file mode 100644
index 00000000..704405f3
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/joomla.stpl
@@ -0,0 +1,63 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        # deny running scripts inside writable directories
+        location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ {
+            return 403;
+            error_page 403 /403_error.html;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/joomla.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/joomla.tpl
new file mode 100644
index 00000000..91b7a8f1
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/joomla.tpl
@@ -0,0 +1,59 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        # deny running scripts inside writable directories
+        location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ {
+            return 403;
+            error_page 403 /403_error.html;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/laravel.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/laravel.stpl
new file mode 100644
index 00000000..477f6f01
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/laravel.stpl
@@ -0,0 +1,56 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%/public;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    
+    location / {
+        try_files $uri $uri/ /index.php?$query_string;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/laravel.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/laravel.tpl
new file mode 100644
index 00000000..d14b0173
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/laravel.tpl
@@ -0,0 +1,50 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%/public;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+    location / {
+        try_files $uri $uri/ /index.php?$query_string;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/magento.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/magento.stpl
new file mode 100644
index 00000000..fdab43aa
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/magento.stpl
@@ -0,0 +1,198 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+
+    root        %sdocroot%/pub;
+    index       index.php;
+    autoindex   off;
+    charset     UTF-8;
+    error_page  404 403 = /errors/404.php;
+    add_header  "X-UA-Compatible" "IE=Edge";
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    # PHP entry point for setup application
+    location ~* ^/setup($|/) {
+        root %sdocroot%;
+
+        location ~ ^/setup/index.php {
+            fastcgi_pass   %backend_lsnr%;
+            fastcgi_index  index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            include        /etc/nginx/fastcgi_params;
+        }
+
+        location ~ ^/setup/(?!pub/). {
+            deny all;
+        }
+
+        location ~ ^/setup/pub/ {
+            add_header X-Frame-Options "SAMEORIGIN";
+        }
+    }
+
+    # PHP entry point for update application
+    location ~* ^/update($|/) {
+        root %sdocroot%;
+
+        location ~ ^/update/index.php {
+            fastcgi_split_path_info ^(/update/index.php)(/.+)$;
+            fastcgi_pass   %backend_lsnr%;
+            fastcgi_index  index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            fastcgi_param  PATH_INFO        $fastcgi_path_info;
+            include        /etc/nginx/fastcgi_params;
+        }
+
+        # Deny everything but index.php
+        location ~ ^/update/(?!pub/). {
+            deny all;
+        }
+
+        location ~ ^/update/pub/ {
+            add_header X-Frame-Options "SAMEORIGIN";
+        }
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+    }
+
+    location /pub/ {
+        location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) {
+            deny all;
+        }
+
+        alias %sdocroot%/pub/;
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /static/ {
+        # Uncomment the following line in production mode
+        # expires max;
+
+        # Remove signature of the static files that is used to overcome the browser cache
+        location ~ ^/static/version {
+            rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last;
+        }
+
+        location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+            add_header Cache-Control "public";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires +1y;
+
+            if (!-f $request_filename) {
+                rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+            }
+        }
+
+        location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+            add_header Cache-Control "no-store";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires    off;
+
+            if (!-f $request_filename) {
+                rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+            }
+        }
+
+        if (!-f $request_filename) {
+            rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+        }
+
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /media/ {
+        try_files $uri $uri/ /get.php?$args;
+
+        location ~ ^/media/theme_customization/.*\.xml {
+            deny all;
+        }
+
+        location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+            add_header Cache-Control "public";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires +1y;
+            try_files $uri $uri/ /get.php?$args;
+        }
+
+        location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+            add_header Cache-Control "no-store";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires    off;
+            try_files $uri $uri/ /get.php?$args;
+        }
+
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /media/customer/ {
+        deny all;
+    }
+
+    location /media/downloadable/ {
+        deny all;
+    }
+
+    location /media/import/ {
+        deny all;
+    }
+
+    # PHP entry point for main application
+    location ~ (index|get|static|report|404|503)\.php$ {
+        try_files $uri =404;
+
+        fastcgi_pass   %backend_lsnr%;
+        fastcgi_buffers 1024 4k;
+        fastcgi_read_timeout 600s;
+        fastcgi_connect_timeout 600s;
+
+        fastcgi_index  index.php;
+        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+        include        /etc/nginx/fastcgi_params;
+    }
+
+    gzip on;
+    gzip_disable "msie6";
+
+    gzip_comp_level 6;
+    gzip_min_length 1100;
+    gzip_buffers 16 8k;
+    gzip_proxied any;
+    gzip_types
+        text/plain
+        text/css
+        text/js
+        text/xml
+        text/javascript
+        application/javascript
+        application/x-javascript
+        application/json
+        application/xml
+        application/xml+rss
+        image/svg+xml;
+    gzip_vary on;
+
+    # Banned locations (only reached if the earlier PHP entry point regexes don't match)
+    location ~* (\.php$|\.htaccess$|\.git) {
+        deny all;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/magento.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/magento.tpl
new file mode 100644
index 00000000..3f292fff
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/magento.tpl
@@ -0,0 +1,194 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+
+    root        %docroot%/pub;
+    index       index.php;
+    autoindex   off;
+    charset     UTF-8;
+    error_page  404 403 = /errors/404.php;
+    add_header  "X-UA-Compatible" "IE=Edge";
+
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    # PHP entry point for setup application
+    location ~* ^/setup($|/) {
+        root %docroot%;
+
+        location ~ ^/setup/index.php {
+            fastcgi_pass   %backend_lsnr%;
+            fastcgi_index  index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            include        /etc/nginx/fastcgi_params;
+        }
+
+        location ~ ^/setup/(?!pub/). {
+            deny all;
+        }
+
+        location ~ ^/setup/pub/ {
+            add_header X-Frame-Options "SAMEORIGIN";
+        }
+    }
+
+    # PHP entry point for update application
+    location ~* ^/update($|/) {
+        root %docroot%;
+
+        location ~ ^/update/index.php {
+            fastcgi_split_path_info ^(/update/index.php)(/.+)$;
+            fastcgi_pass   %backend_lsnr%;
+            fastcgi_index  index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            fastcgi_param  PATH_INFO        $fastcgi_path_info;
+            include        /etc/nginx/fastcgi_params;
+        }
+
+        # Deny everything but index.php
+        location ~ ^/update/(?!pub/). {
+            deny all;
+        }
+
+        location ~ ^/update/pub/ {
+            add_header X-Frame-Options "SAMEORIGIN";
+        }
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+    }
+
+    location /pub/ {
+        location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) {
+            deny all;
+        }
+
+        alias %docroot%/pub/;
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /static/ {
+        # Uncomment the following line in production mode
+        # expires max;
+
+        # Remove signature of the static files that is used to overcome the browser cache
+        location ~ ^/static/version {
+            rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last;
+        }
+
+        location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+            add_header Cache-Control "public";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires +1y;
+
+            if (!-f $request_filename) {
+                rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+            }
+        }
+
+        location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+            add_header Cache-Control "no-store";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires    off;
+
+            if (!-f $request_filename) {
+                rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+            }
+        }
+
+        if (!-f $request_filename) {
+            rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+        }
+
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /media/ {
+        try_files $uri $uri/ /get.php?$args;
+
+        location ~ ^/media/theme_customization/.*\.xml {
+            deny all;
+        }
+
+        location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+            add_header Cache-Control "public";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires +1y;
+            try_files $uri $uri/ /get.php?$args;
+        }
+
+        location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+            add_header Cache-Control "no-store";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires    off;
+            try_files $uri $uri/ /get.php?$args;
+        }
+
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /media/customer/ {
+        deny all;
+    }
+
+    location /media/downloadable/ {
+        deny all;
+    }
+
+    location /media/import/ {
+        deny all;
+    }
+
+    # PHP entry point for main application
+    location ~ (index|get|static|report|404|503)\.php$ {
+        try_files $uri =404;
+
+        fastcgi_pass   %backend_lsnr%;
+        fastcgi_buffers 1024 4k;
+        fastcgi_read_timeout 600s;
+        fastcgi_connect_timeout 600s;
+
+        fastcgi_index  index.php;
+        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+        include        /etc/nginx/fastcgi_params;
+    }
+
+    gzip on;
+    gzip_disable "msie6";
+
+    gzip_comp_level 6;
+    gzip_min_length 1100;
+    gzip_buffers 16 8k;
+    gzip_proxied any;
+    gzip_types
+        text/plain
+        text/css
+        text/js
+        text/xml
+        text/javascript
+        application/javascript
+        application/x-javascript
+        application/json
+        application/xml
+        application/xml+rss
+        image/svg+xml;
+    gzip_vary on;
+
+    # Banned locations (only reached if the earlier PHP entry point regexes don't match)
+    location ~* (\.php$|\.htaccess$|\.git) {
+        deny all;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/modx.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/modx.stpl
new file mode 100644
index 00000000..f410ab77
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/modx.stpl
@@ -0,0 +1,69 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+#   if you need to rewrite www to non-www uncomment bellow
+#   if ($host != '%domain%' ) {
+#       rewrite      ^/(.*)$  https://%domain%/$1  permanent;
+#    }
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ @rewrite;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+    }
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
+    location ~ \.php$ {
+        try_files $uri =404;
+        fastcgi_pass %backend_lsnr%;
+        fastcgi_index index.php;
+        fastcgi_param SCRIPT_FILENAME $request_filename;
+        include /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/modx.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/modx.tpl
new file mode 100644
index 00000000..342d3ecf
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/modx.tpl
@@ -0,0 +1,65 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+#   if you need to rewrite www to non-www uncomment bellow
+#   if ($host != '%domain%' ) {
+#       rewrite      ^/(.*)$  http://%domain%/$1  permanent;
+#    }
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ @rewrite;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+    }
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
+    location ~ \.php$ {
+        try_files $uri =404;
+        fastcgi_pass %backend_lsnr%;
+        fastcgi_index index.php;
+        fastcgi_param SCRIPT_FILENAME $request_filename;
+        include /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/moodle.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/moodle.stpl
new file mode 100644
index 00000000..f15a68c5
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/moodle.stpl
@@ -0,0 +1,90 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+    }
+
+    # No no for private
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    # Block access to "hidden" files and directories whose names begin with a
+    # period. This includes directories used by version control systems such
+    # as Subversion or Git to store control files.
+    location ~ (^|/)\. {
+            return 403;
+        }
+
+    location / {
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $request_filename;
+            fastcgi_intercept_errors on;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/moodle.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/moodle.tpl
new file mode 100644
index 00000000..c20ba648
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/moodle.tpl
@@ -0,0 +1,87 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    # Very rarely should these ever be accessed outside of your lan
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+        }
+
+    # No no for private
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    # Block access to "hidden" files and directories whose names begin with a
+    # period. This includes directories used by version control systems such
+    # as Subversion or Git to store control files.
+    location ~ (^|/)\. {
+        return 403;
+    }
+
+    location / {
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $request_filename;
+            fastcgi_intercept_errors on;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/no-php.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/no-php.stpl
new file mode 100644
index 00000000..bc8b53a3
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/no-php.stpl
@@ -0,0 +1,47 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    types {
+            text/html   html htm shtml php php5;
+    }
+
+    location / {
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/no-php.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/no-php.tpl
new file mode 100644
index 00000000..7ff8aa1d
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/no-php.tpl
@@ -0,0 +1,43 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    types {
+            text/html   html htm shtml php php5;
+    }
+
+    location / {
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/odoo.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/odoo.stpl
new file mode 100644
index 00000000..d6697d7a
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/odoo.stpl
@@ -0,0 +1,70 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
+    proxy_redirect          off;
+
+    proxy_set_header X-Forwarded-Host $host;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_set_header X-Real-IP $remote_addr;
+
+    proxy_connect_timeout   720;
+    proxy_send_timeout      720;
+    proxy_read_timeout      720;
+    send_timeout            720;
+
+    # Allow "Well-Known URIs" as per RFC 5785
+    location ~* ^/.well-known/ {
+        allow all;
+    }
+
+    location / {
+        proxy_pass http://127.0.0.1:8069;
+    }
+
+    location /longpolling {
+        proxy_pass http://127.0.0.1:8072;
+    }
+    
+    location ~* /web/static/ {
+        proxy_cache_valid 200 60m;
+        proxy_buffering on;
+        expires 864000;
+        proxy_pass http://127.0.0.1:8069;
+    }
+    
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/odoo.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/odoo.tpl
new file mode 100644
index 00000000..b1240aae
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/odoo.tpl
@@ -0,0 +1,66 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+    
+    proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
+    proxy_redirect          off;
+
+    proxy_set_header X-Forwarded-Host $host;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_set_header X-Real-IP $remote_addr;
+
+    proxy_connect_timeout   720;
+    proxy_send_timeout      720;
+    proxy_read_timeout      720;
+    send_timeout            720;
+
+    # Allow "Well-Known URIs" as per RFC 5785
+    location ~* ^/.well-known/ {
+        allow all;
+    }
+
+    location / {
+        proxy_pass http://127.0.0.1:8069;
+    }
+
+    location /longpolling {
+        proxy_pass http://127.0.0.1:8072;
+    }
+    
+    location ~* /web/static/ {
+        proxy_cache_valid 200 60m;
+        proxy_buffering on;
+        expires 864000;
+        proxy_pass http://127.0.0.1:8069;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/opencart.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/opencart.stpl
new file mode 100644
index 00000000..908b9aeb
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/opencart.stpl
@@ -0,0 +1,59 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ @opencart;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location @opencart {
+        rewrite ^/(.+)$ /index.php?_route_=$1 last;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/opencart.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/opencart.tpl
new file mode 100644
index 00000000..d0a9060b
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/opencart.tpl
@@ -0,0 +1,54 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+    location / {
+        try_files $uri $uri/ @opencart;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location @opencart {
+        rewrite ^/(.+)$ /index.php?_route_=$1 last;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/owncloud.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/owncloud.stpl
new file mode 100644
index 00000000..891566b9
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/owncloud.stpl
@@ -0,0 +1,85 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
+    rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
+    rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
+
+    error_page 403 = /core/templates/403.php;
+    error_page 404 = /core/templates/404.php;
+
+    location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){
+        deny all;
+    }
+
+    location / {
+        # The following 2 rules are only needed with webfinger
+        rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
+        rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
+        rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
+        rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
+        rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
+        try_files $uri $uri/ /index.php;
+
+        location ~ \.php(?:$|/) {
+            fastcgi_split_path_info ^(.+\.php)(/.+)$;
+            include         /etc/nginx/fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_param PATH_INFO $fastcgi_path_info;
+            #fastcgi_param HTTPS on;
+            fastcgi_pass    %backend_lsnr%;
+        }
+    }
+
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        expires     max;
+        # Some basic cache-control for static files to be sent to the browser
+        add_header Pragma public;
+        add_header Cache-Control "public, must-revalidate, proxy-revalidate";
+    }
+
+    #error_page  403 /error/404.html;
+    #error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/owncloud.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/owncloud.tpl
new file mode 100644
index 00000000..e3ec31de
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/owncloud.tpl
@@ -0,0 +1,81 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+            access_log off;
+    }
+
+    rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
+    rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
+    rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
+
+    error_page 403 = /core/templates/403.php;
+    error_page 404 = /core/templates/404.php;
+
+    location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){
+        deny all;
+    }
+
+    location / {
+        # The following 2 rules are only needed with webfinger
+        rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
+        rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
+        rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
+        rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
+        rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
+        try_files $uri $uri/ /index.php;
+
+        location ~ \.php(?:$|/) {
+            fastcgi_split_path_info ^(.+\.php)(/.+)$;
+            include         /etc/nginx/fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_param PATH_INFO $fastcgi_path_info;
+            #fastcgi_param HTTPS on;
+            fastcgi_pass    %backend_lsnr%;
+        }
+    }
+
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        expires     max;
+        # Some basic cache-control for static files to be sent to the browser
+        add_header Pragma public;
+        add_header Cache-Control "public, must-revalidate, proxy-revalidate";
+    }
+
+    #error_page  403 /error/404.html;
+    #error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/piwik.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/piwik.stpl
new file mode 100644
index 00000000..78c1bb78
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/piwik.stpl
@@ -0,0 +1,73 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        try_files /favicon.ico =204;
+    }
+
+    location / {
+        try_files $uri /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            valid_referers none blocked %domain_idn% %alias_idn%;
+            if ($invalid_referer)  {
+                return 444;
+            }
+            expires     max;
+        }
+
+        location ~* ^/(?:index|piwik)\.php$ {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return 404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    # Any other attempt to access PHP files returns a 404.
+    location ~* ^.+\.php$ {
+        return 404; 
+    }
+
+    # Return a 404 for all text files.
+    location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ {
+            return 404;
+        }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/piwik.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/piwik.tpl
new file mode 100644
index 00000000..f94fb7de
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/piwik.tpl
@@ -0,0 +1,69 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        try_files /favicon.ico =204;
+    }
+
+    location / {
+        try_files $uri /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            valid_referers none blocked %domain_idn% %alias_idn%;
+            if ($invalid_referer)  {
+                return 444;
+            }
+            expires     max;
+        }
+
+        location ~* ^/(?:index|piwik)\.php$ {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return 404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    # Any other attempt to access PHP files returns a 404.
+    location ~* ^.+\.php$ {
+            return 404; 
+    }
+
+    # Return a 404 for all text files.
+    location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ {
+            return 404;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/pyrocms.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/pyrocms.stpl
new file mode 100644
index 00000000..5ffc9ed5
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/pyrocms.stpl
@@ -0,0 +1,66 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%/public;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location /installer {
+            try_files $uri $uri/ /installer/index.php?$query_string;
+        }
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location = /robots.txt  { access_log off; log_not_found off; }
+    location = /favicon.ico { access_log off; log_not_found off; }
+    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ ~$           { access_log off; log_not_found off; deny all; }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/pyrocms.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/pyrocms.tpl
new file mode 100644
index 00000000..297fe0e8
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/pyrocms.tpl
@@ -0,0 +1,62 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%/public;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location /installer {
+            try_files $uri $uri/ /installer/index.php?$query_string;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location = /robots.txt  { access_log off; log_not_found off; }
+    location = /favicon.ico { access_log off; log_not_found off; }
+    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ ~$           { access_log off; log_not_found off; deny all; }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/sendy.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/sendy.stpl
new file mode 100644
index 00000000..0b351000
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/sendy.stpl
@@ -0,0 +1,88 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+     location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" {
+        deny all;
+    }
+
+    location ~ /(readme.html|license.txt) {
+        deny all;
+    }
+
+    if (!-f $request_filename){
+        rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+        location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ {
+            expires 1d;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            try_files $uri =404;
+            fastcgi_pass %backend_lsnr%;
+            fastcgi_index index.php;
+            include /etc/nginx/fastcgi_params;
+        }
+
+        location /l/ {
+            rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last;
+        }
+
+        location /t/ {
+            rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last;
+        }
+
+        location /w/ {
+            rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last;
+        }
+
+        location /unsubscribe/ {
+            rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last;
+        }
+
+        location /subscribe/ {
+            rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/sendy.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/sendy.tpl
new file mode 100644
index 00000000..b27b427d
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/sendy.tpl
@@ -0,0 +1,86 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" {
+        deny all;
+    }
+
+    location ~ /(readme.html|license.txt) {
+        deny all;
+    }
+
+    if (!-f $request_filename){
+        rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+        location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ {
+            expires 1d;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            try_files $uri =404;
+            fastcgi_pass %backend_lsnr%;
+            fastcgi_index index.php;
+            include /etc/nginx/fastcgi_params;
+        }
+
+        location /l/ {
+            rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last;
+        }
+
+        location /t/ {
+            rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last;
+        }
+
+        location /w/ {
+            rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last;
+        }
+
+        location /unsubscribe/ {
+            rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last;
+        }
+
+        location /subscribe/ {
+            rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress.stpl
new file mode 100644
index 00000000..5cb55311
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress.stpl
@@ -0,0 +1,55 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress.tpl
new file mode 100644
index 00000000..a8909efb
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress.tpl
@@ -0,0 +1,51 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress2.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress2.stpl
new file mode 100644
index 00000000..e0aeb524
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress2.stpl
@@ -0,0 +1,67 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress2.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress2.tpl
new file mode 100644
index 00000000..bccb8b3d
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress2.tpl
@@ -0,0 +1,63 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl
new file mode 100644
index 00000000..0d933b30
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl
@@ -0,0 +1,72 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        if (!-e $request_filename)
+        {
+            rewrite ^(.+)$ /index.php?q=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain_idn%.conf*;
+} 
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl
new file mode 100644
index 00000000..39e366b7
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl
@@ -0,0 +1,67 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+        
+        if (!-e $request_filename)
+        {
+            rewrite ^(.+)$ /index.php?q=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain_idn%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/proxy_ip.tpl b/install/ubuntu/17.04/templates/web/nginx/proxy_ip.tpl
new file mode 100755
index 00000000..ae195617
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/proxy_ip.tpl
@@ -0,0 +1,9 @@
+server {
+    listen       %ip%:%proxy_port% default;
+    server_name  _;
+    #access_log  /var/log/nginx/%ip%.log main;
+    location / {
+        proxy_pass  http://%ip%:%web_port%;
+   }
+}
+
diff --git a/install/ubuntu/17.04/templates/web/php-fpm/default.tpl b/install/ubuntu/17.04/templates/web/php-fpm/default.tpl
new file mode 100644
index 00000000..209e1e43
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/php-fpm/default.tpl
@@ -0,0 +1,21 @@
+[%backend%]
+listen = 127.0.0.1:%backend_port%
+listen.allowed_clients = 127.0.0.1
+
+user = %user%
+group = %user%
+
+pm = ondemand
+pm.max_children = 4
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/%user%/tmp
+php_admin_value[session.save_path] = /home/%user%/tmp
+
+env[HOSTNAME] = $HOSTNAME
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/%user%/tmp
+env[TMPDIR] = /home/%user%/tmp
+env[TEMP] = /home/%user%/tmp
diff --git a/install/ubuntu/17.04/templates/web/php-fpm/no-php.tpl b/install/ubuntu/17.04/templates/web/php-fpm/no-php.tpl
new file mode 100644
index 00000000..047c33ed
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/php-fpm/no-php.tpl
@@ -0,0 +1,20 @@
+;[%backend%]
+;listen = /dev/null
+
+;user = %user%
+;group = %user%
+
+;listen.owner = %user%
+;listen.group = www-data
+
+;pm = ondemand
+;pm.max_children = 4
+;pm.max_requests = 4000
+;pm.process_idle_timeout = 10s
+;pm.status_path = /status
+
+;env[HOSTNAME] = $HOSTNAME
+;env[PATH] = /usr/local/bin:/usr/bin:/bin
+;env[TMP] = /home/%user%/tmp
+;env[TMPDIR] = /home/%user%/tmp
+;env[TEMP] = /home/%user%/tmp
diff --git a/install/ubuntu/17.04/templates/web/php-fpm/socket.tpl b/install/ubuntu/17.04/templates/web/php-fpm/socket.tpl
new file mode 100644
index 00000000..a0151084
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/php-fpm/socket.tpl
@@ -0,0 +1,24 @@
+[%backend%]
+listen = /var/run/php/%backend%.sock
+listen.allowed_clients = 127.0.0.1
+
+user = %user%
+group = %user%
+
+listen.owner = %user%
+listen.group = www-data
+
+pm = ondemand
+pm.max_children = 4
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/%user%/tmp
+php_admin_value[session.save_path] = /home/%user%/tmp
+
+env[HOSTNAME] = $HOSTNAME
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/%user%/tmp
+env[TMPDIR] = /home/%user%/tmp
+env[TEMP] = /home/%user%/tmp
diff --git a/install/ubuntu/17.04/templates/web/skel/document_errors/403.html b/install/ubuntu/17.04/templates/web/skel/document_errors/403.html
new file mode 100755
index 00000000..9c3f6baa
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/skel/document_errors/403.html
@@ -0,0 +1,29 @@
+
+
+    403 — Forbidden
+    
+    
+    
+
+
+
+    %domain%
+
+    403
+    Forbidden
+    
+        Unfortunately, you do not have permission to view this
+    
+
+
+
diff --git a/install/ubuntu/17.04/templates/web/skel/document_errors/404.html b/install/ubuntu/17.04/templates/web/skel/document_errors/404.html
new file mode 100755
index 00000000..2cee7708
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/skel/document_errors/404.html
@@ -0,0 +1,28 @@
+
+
+    404 — Not Found
+    
+    
+    
+
+
+
+    %domain%
+    404
+    Page Not Found
+    
+        It seems that the page you were trying to reach does not exist anymore, or maybe it has just moved.
+        You can start again from the home or go back to previous page.
+    
+
+
diff --git a/install/ubuntu/17.04/templates/web/skel/document_errors/50x.html b/install/ubuntu/17.04/templates/web/skel/document_errors/50x.html
new file mode 100755
index 00000000..85ba648b
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/skel/document_errors/50x.html
@@ -0,0 +1,29 @@
+
+
+    500 — Internal Sever Error
+    
+    
+    
+
+
+
+    %domain%
+
+    500
+    Internal Server Error
+    
+        Sorry, something went wrong :(
+    
+
+
+
diff --git a/install/ubuntu/17.04/templates/web/skel/public_html/index.html b/install/ubuntu/17.04/templates/web/skel/public_html/index.html
new file mode 100755
index 00000000..4f5bb724
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/skel/public_html/index.html
@@ -0,0 +1,26 @@
+
+
+    %domain% — Coming Soon
+    
+    
+    
+
+
+
+    %domain%
+    
+        Powered by VESTA
+    
+
+
+
+
diff --git a/install/ubuntu/17.04/templates/web/skel/public_html/robots.txt b/install/ubuntu/17.04/templates/web/skel/public_html/robots.txt
new file mode 100755
index 00000000..00ee83dc
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/skel/public_html/robots.txt
@@ -0,0 +1,3 @@
+# vestacp autogenerated robots.txt
+User-agent: *
+Crawl-delay: 10
diff --git a/install/ubuntu/17.04/templates/web/skel/public_shtml/index.html b/install/ubuntu/17.04/templates/web/skel/public_shtml/index.html
new file mode 100755
index 00000000..4f5bb724
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/skel/public_shtml/index.html
@@ -0,0 +1,26 @@
+
+
+    %domain% — Coming Soon
+    
+    
+    
+
+
+
+    %domain%
+    
+        Powered by VESTA
+    
+
+
+
+
diff --git a/install/ubuntu/17.04/templates/web/skel/public_shtml/robots.txt b/install/ubuntu/17.04/templates/web/skel/public_shtml/robots.txt
new file mode 100755
index 00000000..00ee83dc
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/skel/public_shtml/robots.txt
@@ -0,0 +1,3 @@
+# vestacp autogenerated robots.txt
+User-agent: *
+Crawl-delay: 10
diff --git a/install/ubuntu/17.04/templates/web/suspend/.htaccess b/install/ubuntu/17.04/templates/web/suspend/.htaccess
new file mode 100755
index 00000000..5a6df83f
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/suspend/.htaccess
@@ -0,0 +1,2 @@
+ErrorDocument 403 /index.html
+ErrorDocument 404 /index.html
diff --git a/install/ubuntu/17.04/templates/web/suspend/index.html b/install/ubuntu/17.04/templates/web/suspend/index.html
new file mode 100755
index 00000000..f2d04e1f
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/suspend/index.html
@@ -0,0 +1,25 @@
+
+
+    Website Suspended
+    
+    
+    
+
+
+    SUSPENDED
+    This website has been suspended.
+    
+        Please contact the technical support department.
+    
+
+
diff --git a/install/ubuntu/17.04/templates/web/webalizer/webalizer.tpl b/install/ubuntu/17.04/templates/web/webalizer/webalizer.tpl
new file mode 100755
index 00000000..068adcfb
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/webalizer/webalizer.tpl
@@ -0,0 +1,110 @@
+HostName         %domain_idn%
+LogFile          /var/log/%web_system%/domains/%domain%.log
+OutputDir        %home%/%user%/web/%domain%/stats
+HistoryName      %home%/%user%/web/%domain%/stats/%domain%.hist
+Incremental      yes
+IncrementalName  %home%/%user%/web/%domain%/stats/%domain%.current
+PageType         htm*
+PageType         cgi
+PageType         php
+PageType         shtml
+DNSCache         /var/lib/webalizer/dns_cache.db
+DNSChildren      10
+Quiet            yes
+FoldSeqErr       yes
+IndexAlias       index.php
+HideURL          *.gif
+HideURL          *.GIF
+HideURL          *.jpg
+HideURL          *.JPG
+HideURL          *.png
+HideURL          *.PNG
+HideURL          *.ra
+SearchEngine     abcsearch.          terms=
+SearchEngine     alexa.              q=
+SearchEngine     alltheweb.          q=
+SearchEngine     alltheweb.          query=
+SearchEngine     alot.               q=
+SearchEngine     altavista.          q=
+SearchEngine     aolsearch.          query=
+SearchEngine     aport.ru            r=
+SearchEngine     ask.                q=
+SearchEngine     atlas.cz            q=
+SearchEngine     bbc.                q=
+SearchEngine     bing.               q=
+SearchEngine     blingo.             q=
+SearchEngine     blogs.yandex.ru     text=
+SearchEngine     btopenworld         query=
+SearchEngine     buscador.ya.com     q=
+SearchEngine     busca.              q=
+SearchEngine     business.           query=
+SearchEngine     centrum.cz          q=
+SearchEngine     chiff.              q=
+SearchEngine     clusty.             query=
+SearchEngine     comcast.            q=
+SearchEngine     crawler.            q=
+SearchEngine     cuil.               q=
+SearchEngine     dmoz.               search=
+SearchEngine     dogpile.com         q=
+SearchEngine     dpxml               qkw=
+SearchEngine     eureka.             searchword=
+SearchEngine     euroseek.           string=
+SearchEngine     exalead.            q=
+SearchEngine     excite              search=
+SearchEngine     ezilon.             q=
+SearchEngine     fastbrowsersearch.  q=
+SearchEngine     feedster.com        q=
+SearchEngine     fireball.de         q=
+SearchEngine     fireball.           keyword=
+SearchEngine     freeserve.          q=
+SearchEngine     gigablast.          q=
+SearchEngine     gogo.ru             q=
+SearchEngine     go.mail.ru          q=
+SearchEngine     google.             q=
+SearchEngine     hakia.              q=
+SearchEngine     hotbot.             query=
+SearchEngine     infoseek.           qt=
+SearchEngine     iwon                searchfor=
+SearchEngine     ixquick.com         query=
+SearchEngine     joeant.             keywords=
+SearchEngine     jyxo.cz             s=
+SearchEngine     looksmart.          key=
+SearchEngine     lycos.              query=
+SearchEngine     mamma.              q=
+SearchEngine     metacrawler         q=
+SearchEngine     msn.                MT=
+SearchEngine     msxml               qkw=
+SearchEngine     mysearch.           searchfor=
+SearchEngine     mywebsearch.        searchfor=
+SearchEngine     netscape.           q=
+SearchEngine     nigma.ru            q=
+SearchEngine     northernlight.      qr=
+SearchEngine     ntlworld.           q=
+SearchEngine     orange.             q=
+SearchEngine     overture.           Keywords=
+SearchEngine     punto.ru            text=
+SearchEngine     rambler.            keyword=
+SearchEngine     search.aol.         q=
+SearchEngine     search.babylon.     q=
+SearchEngine     search.centrum.     phrase=
+SearchEngine     search.conduit.     q=
+SearchEngine     search.earthlink    q=
+SearchEngine     search.icq.         q=
+SearchEngine     search.live.com     q=
+SearchEngine     search.rambler.ru   words=
+SearchEngine     search.winamp.      q=
+SearchEngine     searchy.            q=
+SearchEngine     seznam.cz           w=
+SearchEngine     snap.               query=
+SearchEngine     teoma.              q=
+SearchEngine     teradex.com         q=
+SearchEngine     ukplus              key=
+SearchEngine     verizon.            q=
+SearchEngine     virginmedia.        q=
+SearchEngine     voila.              rdata=
+SearchEngine     webcrawler          searchText=
+SearchEngine     web.search.naver.   query=
+SearchEngine     wisenut             q=
+SearchEngine     yahoo.              p=
+SearchEngine     yandex.             text=
+SearchEngine     yodao.              q=
diff --git a/install/ubuntu/17.04/vsftpd/vsftpd.conf b/install/ubuntu/17.04/vsftpd/vsftpd.conf
new file mode 100644
index 00000000..034b016d
--- /dev/null
+++ b/install/ubuntu/17.04/vsftpd/vsftpd.conf
@@ -0,0 +1,27 @@
+anonymous_enable=NO
+local_enable=YES
+write_enable=YES
+local_umask=022
+anon_umask=022
+anon_upload_enable=NO
+dirmessage_enable=YES
+xferlog_enable=YES
+connect_from_port_20=YES
+xferlog_std_format=YES
+dual_log_enable=YES
+chroot_local_user=YES
+listen=YES
+pam_service_name=vsftpd
+userlist_enable=NO
+tcp_wrappers=YES
+force_dot_files=YES
+ascii_upload_enable=YES
+ascii_download_enable=YES
+allow_writeable_chroot=YES
+seccomp_sandbox=NO
+pasv_enable=YES
+pasv_min_port=12000
+pasv_max_port=12100
+max_per_ip=10
+max_clients=100
+use_localtime=YES
diff --git a/install/ubuntu/17.10/apache2/apache2.conf b/install/ubuntu/17.10/apache2/apache2.conf
new file mode 100644
index 00000000..2756132a
--- /dev/null
+++ b/install/ubuntu/17.10/apache2/apache2.conf
@@ -0,0 +1,94 @@
+# It is split into several files forming the configuration hierarchy outlined
+# below, all located in the /etc/apache2/ directory:
+#
+#	/etc/apache2/
+#	|-- apache2.conf
+#	|	`--  ports.conf
+#	|-- mods-enabled
+#	|	|-- *.load
+#	|	`-- *.conf
+#	|-- conf.d
+#	|	`-- *
+
+# Global configuration
+PidFile ${APACHE_PID_FILE}
+Timeout 30
+KeepAlive Off
+MaxKeepAliveRequests 100
+KeepAliveTimeout 10
+
+
+    StartServers          8
+    MinSpareServers       5
+    MaxSpareServers      20
+    ServerLimit         256
+    MaxClients          200
+    MaxRequestsPerChild 4000
+
+
+
+    StartServers          2
+    MinSpareThreads      25
+    MaxSpareThreads      75 
+    ThreadLimit          64
+    ThreadsPerChild      25
+    MaxClients          200
+    MaxRequestsPerChild 4000
+
+
+
+    StartServers          2
+    MinSpareThreads      25
+    MaxSpareThreads      75 
+    ThreadLimit          64
+    ThreadsPerChild      25
+    MaxClients          200
+    MaxRequestsPerChild 4000
+
+
+# These need to be set in /etc/apache2/envvars
+User ${APACHE_RUN_USER}
+Group ${APACHE_RUN_GROUP}
+#User www-data
+#Group www-data
+
+AccessFileName .htaccess
+
+
+    Order allow,deny
+    Deny from all
+    Satisfy all
+
+
+DefaultType None
+HostnameLookups Off
+
+ErrorLog ${APACHE_LOG_DIR}/error.log
+LogLevel warn
+
+# Include module configuration:
+Include mods-enabled/*.load
+Include mods-enabled/*.conf
+
+# Include list of ports to listen on and which to use for name based vhosts
+Include ports.conf
+
+LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
+LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
+LogFormat "%h %l %u %t \"%r\" %>s %O" common
+LogFormat "%{Referer}i -> %U" referer
+LogFormat "%{User-agent}i" agent
+LogFormat "%b" bytes
+
+Include conf.d/
+
+# Include the virtual host configurations:
+#Include sites-enabled/
+
+ErrorDocument 403 /error/403.html
+ErrorDocument 404 /error/404.html
+ErrorDocument 500 /error/50x.html
+ErrorDocument 501 /error/50x.html
+ErrorDocument 502 /error/50x.html
+ErrorDocument 503 /error/50x.html
+ErrorDocument 506 /error/50x.html
diff --git a/install/ubuntu/17.10/apache2/status.conf b/install/ubuntu/17.10/apache2/status.conf
new file mode 100644
index 00000000..da9d9633
--- /dev/null
+++ b/install/ubuntu/17.10/apache2/status.conf
@@ -0,0 +1,8 @@
+Listen 127.0.0.1:8081
+
+    SetHandler server-status
+    Order deny,allow
+    Deny from all
+    Allow from 127.0.0.1
+    Allow from all
+
diff --git a/install/ubuntu/17.10/bind/named.conf b/install/ubuntu/17.10/bind/named.conf
new file mode 100644
index 00000000..ed6ece88
--- /dev/null
+++ b/install/ubuntu/17.10/bind/named.conf
@@ -0,0 +1,12 @@
+// This is the primary configuration file for the BIND DNS server named.
+//
+// Please read /usr/share/doc/bind9/README.Debian.gz for information on the 
+// structure of BIND configuration files in Debian, *BEFORE* you customize 
+// this configuration file.
+//
+// If you are just adding zones, please do that in /etc/bind/named.conf.local
+
+include "/etc/bind/named.conf.options";
+include "/etc/bind/named.conf.local";
+include "/etc/bind/named.conf.default-zones";
+
diff --git a/install/ubuntu/17.10/clamav/clamd.conf b/install/ubuntu/17.10/clamav/clamd.conf
new file mode 100644
index 00000000..4e04356e
--- /dev/null
+++ b/install/ubuntu/17.10/clamav/clamd.conf
@@ -0,0 +1,61 @@
+#Automatically Generated by clamav-base postinst
+#To reconfigure clamd run #dpkg-reconfigure clamav-base
+#Please read /usr/share/doc/clamav-base/README.Debian.gz for details
+LocalSocket /var/run/clamav/clamd.ctl
+FixStaleSocket true
+LocalSocketGroup clamav
+LocalSocketMode 666
+# TemporaryDirectory is not set to its default /tmp here to make overriding
+# the default with environment variables TMPDIR/TMP/TEMP possible
+User clamav
+# AllowSupplementaryGroups true
+ScanMail true
+ScanArchive true
+ArchiveBlockEncrypted false
+MaxDirectoryRecursion 15
+FollowDirectorySymlinks false
+FollowFileSymlinks false
+ReadTimeout 180
+MaxThreads 12
+MaxConnectionQueueLength 15
+LogSyslog false
+LogFacility LOG_LOCAL6
+LogClean false
+LogVerbose true
+PidFile /var/run/clamav/clamd.pid
+DatabaseDirectory /var/lib/clamav
+SelfCheck 3600
+Foreground false
+Debug false
+ScanPE true
+ScanOLE2 true
+ScanHTML true
+DetectBrokenExecutables false
+ExitOnOOM false
+LeaveTemporaryFiles false
+AlgorithmicDetection true
+ScanELF true
+IdleTimeout 30
+PhishingSignatures true
+PhishingScanURLs true
+PhishingAlwaysBlockSSLMismatch false
+PhishingAlwaysBlockCloak false
+DetectPUA false
+ScanPartialMessages false
+HeuristicScanPrecedence false
+StructuredDataDetection false
+CommandReadTimeout 5
+SendBufTimeout 200
+MaxQueue 100
+ExtendedDetectionInfo true
+OLE2BlockMacros false
+StreamMaxLength 25M
+LogFile /var/log/clamav/clamav.log
+LogTime true
+LogFileUnlock false
+LogFileMaxSize 0
+Bytecode true
+BytecodeSecurity TrustSigned
+BytecodeTimeout 60000
+OfficialDatabaseOnly false
+CrossFilesystems true
diff --git a/install/ubuntu/17.10/deb_signing.key b/install/ubuntu/17.10/deb_signing.key
new file mode 100644
index 00000000..2ad2db8b
--- /dev/null
+++ b/install/ubuntu/17.10/deb_signing.key
@@ -0,0 +1,30 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: GnuPG v1.4.12 (GNU/Linux)
+
+mQENBFJIGbEBCAC8SHOOFo7iDTbnC2GhNZ+uBGCh226Dn1QPoFZNFM/DNakHZ6rD
+G3wzr8++eKz4fJual/VLllE2N9XDPuxbozb3LLkcyY1WzJqtIXbXhFGQ/SuIeT+x
+QY90XU6t2Ckze2c+zUniAWmJ8GSyVmXOoc9JxAQ1u47wvGXLzrjWXc8u8PNRYXuf
+fZplTL+dFu9P0d6lP8FGsV+r9wXvvazpRTz3+H8PKrGCYT55ZQIEdG9Jgamylto2
+oVPFXkwGML+TLw6oeCIBuz2y2vtivphW4MJ3ifQjDj7k3n+DTIxfDFs8lB6VRhhY
+2nMHCrcZC6U2mhmXmr6O4s1fu6irBVx05ejPABEBAAG0IFNlcmdoZXkgUm9kaW4g
+PHNraWRAdmVzdGFjcC5jb20+iQE4BBMBAgAiBQJSSBmxAhsDBgsJCAcDAgYVCAIJ
+CgsEFgIDAQIeAQIXgAAKCRBCxbITCh93FPdqB/93GjV9g+wBfeZYLHQK9MDU2wBb
+VloYOJJae6IvYKYQVAJayD3PbHdpxrF8s9e23vdnmb9jKu6jX6oV54EIyqP2HPiN
+QYc8wcea+eSHerznBixCtoQh8mtdWGFeN71zU/ig7L5qlOVF/EmxDVZTFUeivFxh
+IV6qyBnktQKktE45585yKZyyLtfGoXA54DGK69OtJFh+wdkKEMmUXocMl7wUrxW6
+Cx2CuKeEXEgvwu8mRHQi3S3T9XP456qWEn5dWyMVcP660IzEuZfSJApZusNK7zG3
+WMy0/EuX7xHNY3mcNxTOUN1LsO7iHnhHD9+iKWJo9parGkMZzc92MpjDK/g7uQEN
+BFJIGbEBCAC7k5QEA9WQM7E3ceNaeLMrA9lXfuzaNCcySq7ONdVAa5PxzbSKdHvz
+QFoL1VFqBTYQ038lbil1XqnoM0zvIfAI3LcpS8sq92El/vPxp6jZh2Ari9Uw7x95
+k2cZMgI67g+zQMGdjVRA155nFQRCgg000xU4F7JA6+WsuLlVUmccsDv7YWJExMtC
+YPxiuz5DFu8RALnw4Ckts+dbwsrcvUHhkm9b6RAsdCKjjRpUZjLgdltjH83gUVvt
+i1YmdjjsVpt95dtsaG+ad852g/Rk8EdxNMkjPF6HLA67CLADP9wYaj80yPcPtylS
+ycvPtcclVeHkFBRVM8xZpQd4iD19MWI1ABEBAAGJAR8EGAECAAkFAlJIGbECGwwA
+CgkQQsWyEwofdxQ7tQgAhB0FwTs7L8Qr63DHC2yAnXVxgtTAY1/36CccNXVculyR
++EkLcwahms9AKhz7eQb+Mud+5vH0GRohLp2npgO38CjVUfIP5d+Y6dsthmrkF6p8
+XdV1dVK9vWX+i/YZSw/Mded30Cq4P2Yhq9EaemMT0rtli8lz2NnkZ9dFJZk1lzJC
+CZmRpbjSNWqRU4f7qyh21lYk/OC/0XE8fh8CaO23TZ+6gBionoCztwb7NyC9OArN
+qYlNnbmh9iNqdblykPS3bkjf34n2xyMgnIehNrM89tk8PY4UfNPhgT1TMD9W3Svq
+ynNZvLuF/FIDwDeC1qcfjGbfDn9fXO/lMIIRooQYKQ==
+=J2HJ
+-----END PGP PUBLIC KEY BLOCK-----
diff --git a/install/ubuntu/17.10/dovecot/conf.d/10-auth.conf b/install/ubuntu/17.10/dovecot/conf.d/10-auth.conf
new file mode 100644
index 00000000..dfcc8311
--- /dev/null
+++ b/install/ubuntu/17.10/dovecot/conf.d/10-auth.conf
@@ -0,0 +1,4 @@
+disable_plaintext_auth = no
+auth_verbose = yes
+auth_mechanisms = plain login
+!include auth-passwdfile.conf.ext
diff --git a/install/ubuntu/17.10/dovecot/conf.d/10-logging.conf b/install/ubuntu/17.10/dovecot/conf.d/10-logging.conf
new file mode 100644
index 00000000..a5f207d5
--- /dev/null
+++ b/install/ubuntu/17.10/dovecot/conf.d/10-logging.conf
@@ -0,0 +1 @@
+log_path = /var/log/dovecot.log
diff --git a/install/ubuntu/17.10/dovecot/conf.d/10-mail.conf b/install/ubuntu/17.10/dovecot/conf.d/10-mail.conf
new file mode 100644
index 00000000..55313419
--- /dev/null
+++ b/install/ubuntu/17.10/dovecot/conf.d/10-mail.conf
@@ -0,0 +1,4 @@
+mail_privileged_group = mail
+mail_access_groups = mail
+mail_location = maildir:%h/mail/%d/%n
+pop3_uidl_format = %08Xu%08Xv
diff --git a/install/ubuntu/17.10/dovecot/conf.d/10-master.conf b/install/ubuntu/17.10/dovecot/conf.d/10-master.conf
new file mode 100644
index 00000000..a75a9aaa
--- /dev/null
+++ b/install/ubuntu/17.10/dovecot/conf.d/10-master.conf
@@ -0,0 +1,29 @@
+service imap-login {
+  inet_listener imap {
+  }
+  inet_listener imaps {
+  }
+}
+
+service pop3-login {
+  inet_listener pop3 {
+  }
+  inet_listener pop3s {
+  }
+}
+
+
+service imap {
+}
+
+service pop3 {
+}
+
+service auth {
+  unix_listener auth-client {
+    group = mail
+    mode = 0660
+    user = dovecot
+  }
+  user = dovecot
+}
diff --git a/install/ubuntu/17.10/dovecot/conf.d/10-ssl.conf b/install/ubuntu/17.10/dovecot/conf.d/10-ssl.conf
new file mode 100644
index 00000000..24cbf3e2
--- /dev/null
+++ b/install/ubuntu/17.10/dovecot/conf.d/10-ssl.conf
@@ -0,0 +1,5 @@
+ssl = yes
+ssl_protocols = !SSLv2 !SSLv3
+
+ssl_cert = = 2.1.4)    : %v.%u
+  #  Dovecot v0.99.x     : %v.%u
+  #  tpop3d              : %Mf
+  #
+  # Note that Outlook 2003 seems to have problems with %v.%u format which was
+  # Dovecot's default, so if you're building a new server it would be a good
+  # idea to change this. %08Xu%08Xv should be pretty fail-safe.
+  #
+  #pop3_uidl_format = %08Xu%08Xv
+
+  # Permanently save UIDLs sent to POP3 clients, so pop3_uidl_format changes
+  # won't change those UIDLs. Currently this works only with Maildir.
+  #pop3_save_uidl = no
+
+  # What to do about duplicate UIDLs if they exist?
+  #   allow: Show duplicates to clients.
+  #   rename: Append a temporary -2, -3, etc. counter after the UIDL.
+  #pop3_uidl_duplicates = allow
+
+  # POP3 logout format string:
+  #  %i - total number of bytes read from client
+  #  %o - total number of bytes sent to client
+  #  %t - number of TOP commands
+  #  %p - number of bytes sent to client as a result of TOP command
+  #  %r - number of RETR commands
+  #  %b - number of bytes sent to client as a result of RETR command
+  #  %d - number of deleted messages
+  #  %m - number of messages (before deletion)
+  #  %s - mailbox size in bytes (before deletion)
+  #  %u - old/new UIDL hash. may help finding out if UIDLs changed unexpectedly
+  #pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s
+
+  # Maximum number of POP3 connections allowed for a user from each IP address.
+  # NOTE: The username is compared case-sensitively.
+  #mail_max_userip_connections = 10
+
+  # Space separated list of plugins to load (default is global mail_plugins).
+  #mail_plugins = $mail_plugins
+
+  # Workarounds for various client bugs:
+  #   outlook-no-nuls:
+  #     Outlook and Outlook Express hang if mails contain NUL characters.
+  #     This setting replaces them with 0x80 character.
+  #   oe-ns-eoh:
+  #     Outlook Express and Netscape Mail breaks if end of headers-line is
+  #     missing. This option simply sends it if it's missing.
+  # The list is space-separated.
+  #pop3_client_workarounds = 
+}
diff --git a/install/ubuntu/17.10/dovecot/conf.d/auth-passwdfile.conf.ext b/install/ubuntu/17.10/dovecot/conf.d/auth-passwdfile.conf.ext
new file mode 100644
index 00000000..75e6e115
--- /dev/null
+++ b/install/ubuntu/17.10/dovecot/conf.d/auth-passwdfile.conf.ext
@@ -0,0 +1,9 @@
+passdb {
+  driver = passwd-file
+  args = scheme=MD5-CRYPT username_format=%n /etc/exim4/domains/%d/passwd
+}
+
+userdb {
+  driver = passwd-file
+  args = username_format=%n /etc/exim4/domains/%d/passwd
+}
diff --git a/install/ubuntu/17.10/dovecot/dovecot.conf b/install/ubuntu/17.10/dovecot/dovecot.conf
new file mode 100644
index 00000000..311a3351
--- /dev/null
+++ b/install/ubuntu/17.10/dovecot/dovecot.conf
@@ -0,0 +1,24 @@
+protocols = imap pop3
+listen = *, ::
+base_dir = /var/run/dovecot/
+!include conf.d/*.conf
+
+namespace {
+    type = private
+    separator = /
+    prefix =
+    inbox = yes
+
+    mailbox Sent {
+        auto = subscribe
+        special_use = \Sent
+    }
+    mailbox Drafts {
+        auto = subscribe
+        special_use = \Drafts
+    }
+    mailbox Trash {
+        auto = subscribe
+        special_use = \Trash
+    }
+}
diff --git a/install/ubuntu/17.10/exim/dnsbl.conf b/install/ubuntu/17.10/exim/dnsbl.conf
new file mode 100644
index 00000000..5166b255
--- /dev/null
+++ b/install/ubuntu/17.10/exim/dnsbl.conf
@@ -0,0 +1,2 @@
+bl.spamcop.net
+zen.spamhaus.org
diff --git a/install/ubuntu/17.10/exim/exim4.conf.template b/install/ubuntu/17.10/exim/exim4.conf.template
new file mode 100644
index 00000000..fc346486
--- /dev/null
+++ b/install/ubuntu/17.10/exim/exim4.conf.template
@@ -0,0 +1,382 @@
+######################################################################
+#                                                                    #
+#          Exim configuration file for Vesta Control Panel           #
+#                                                                    #
+######################################################################
+
+#SPAMASSASSIN = yes
+#SPAM_SCORE = 50
+#CLAMD =  yes
+
+add_environment = <; PATH=/bin:/usr/bin
+keep_environment =
+disable_ipv6 = true
+
+domainlist local_domains = dsearch;/etc/exim4/domains/
+domainlist relay_to_domains = dsearch;/etc/exim4/domains/
+hostlist relay_from_hosts = 127.0.0.1
+hostlist whitelist = net-iplsearch;/etc/exim4/white-blocks.conf
+hostlist spammers = net-iplsearch;/etc/exim4/spam-blocks.conf
+no_local_from_check
+untrusted_set_sender = *
+acl_smtp_connect = acl_check_spammers
+acl_smtp_mail = acl_check_mail
+acl_smtp_rcpt = acl_check_rcpt
+acl_smtp_data = acl_check_data
+acl_smtp_mime = acl_check_mime
+
+.ifdef SPAMASSASSIN
+spamd_address = 127.0.0.1 783
+.endif
+
+.ifdef CLAMD
+av_scanner = clamd: /var/run/clamav/clamd.ctl
+.endif
+
+tls_advertise_hosts = *
+tls_certificate = /usr/local/vesta/ssl/certificate.crt
+tls_privatekey = /usr/local/vesta/ssl/certificate.key
+
+daemon_smtp_ports = 25 : 465 : 587 : 2525
+tls_on_connect_ports = 465
+never_users = root
+host_lookup = *
+rfc1413_hosts = *
+rfc1413_query_timeout = 5s
+ignore_bounce_errors_after = 2d
+timeout_frozen_after = 7d
+
+DKIM_DOMAIN = ${lc:${domain:$h_from:}}
+DKIM_FILE = /etc/exim4/domains/${lc:${domain:$h_from:}}/dkim.pem
+DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}
+
+
+
+######################################################################
+#                       ACL CONFIGURATION                            #
+#         Specifies access control lists for incoming SMTP mail      #
+######################################################################
+begin acl
+
+acl_check_spammers:
+  accept  hosts         = +whitelist
+
+  drop    message       = Your host in blacklist on this server.
+          log_message   = Host in blacklist
+          hosts         = +spammers
+
+  accept
+
+
+acl_check_mail:
+  deny    condition     = ${if eq{$sender_helo_name}{}}
+          message       = HELO required before MAIL
+
+  drop    message       = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid
+          condition     = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}}
+          condition     = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}}
+          delay         = 45s
+
+  drop    condition     = ${if isip{$sender_helo_name}}
+          message       = Access denied - Invalid HELO name (See RFC2821 4.1.3)
+
+  drop    condition     = ${if eq{[$interface_address]}{$sender_helo_name}}
+          message       = $interface_address is _my_ address
+
+  accept
+
+
+acl_check_rcpt:
+  accept  hosts         = :
+
+  deny    message       = Restricted characters in address
+          domains       = +local_domains
+          local_parts   = ^[.] : ^.*[@%!/|]
+
+  deny    message       = Restricted characters in address
+          domains       = !+local_domains
+          local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
+
+  require verify        = sender
+
+  accept  hosts         = +relay_from_hosts
+          control       = submission
+
+  accept  authenticated = *
+          control       = submission/domain=
+
+  deny    message       = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
+          hosts         = !+whitelist
+          dnslists      = ${readfile {/etc/exim4/dnsbl.conf}{:}}
+
+  require message       = relay not permitted
+          domains       = +local_domains : +relay_to_domains
+
+  deny    message       = smtp auth required
+         sender_domains = +local_domains
+         !authenticated = *
+
+  require verify        = recipient
+
+.ifdef CLAMD
+  warn    set acl_m0    = no
+
+  warn    condition     = ${if exists {/etc/exim4/domains/$domain/antivirus}{yes}{no}}
+          set acl_m0    = yes
+.endif
+
+.ifdef SPAMASSASSIN
+  warn    set acl_m1    = no
+
+  warn    condition     = ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}}
+          set acl_m1    = yes
+.endif
+
+  accept
+
+
+acl_check_data:
+.ifdef CLAMD
+  deny   message        = Message contains a virus ($malware_name) and has been rejected
+         malware        = *
+         condition      = ${if eq{$acl_m0}{yes}{yes}{no}}
+.endif
+
+.ifdef SPAMASSASSIN
+  warn   !authenticated = *
+         hosts          = !+relay_from_hosts
+         condition      = ${if < {$message_size}{1024K}}
+         condition      = ${if eq{$acl_m1}{yes}{yes}{no}}
+         spam           = debian-spamd:true/defer_ok
+         add_header     = X-Spam-Score: $spam_score_int
+         add_header     = X-Spam-Bar: $spam_bar
+         add_header     = X-Spam-Report: $spam_report
+         set acl_m2     = $spam_score_int
+
+  warn   condition      = ${if !eq{$acl_m2}{} {yes}{no}}
+         condition      = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}}
+         add_header     = X-Spam-Status: Yes
+         message        = SpamAssassin detected spam (from $sender_address to $recipients).
+.endif
+
+  accept
+
+
+acl_check_mime:
+  deny   message        = Blacklisted file extension detected
+         condition      = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}}
+
+  accept
+
+
+
+######################################################################
+#                   AUTHENTICATION CONFIGURATION                     #
+######################################################################
+begin authenticators
+
+dovecot_plain:
+  driver = dovecot
+  public_name = PLAIN
+  server_socket = /var/run/dovecot/auth-client
+  server_set_id = $auth1
+
+dovecot_login:
+  driver = dovecot
+  public_name = LOGIN
+  server_socket = /var/run/dovecot/auth-client
+  server_set_id = $auth1
+
+
+
+######################################################################
+#                      ROUTERS CONFIGURATION                         #
+#               Specifies how addresses are handled                  #
+######################################################################
+begin routers
+
+#smarthost:
+#  driver = manualroute
+#  domains = ! +local_domains
+#  transport = remote_smtp
+#  route_list = * smartrelay.vestacp.com
+#  no_more
+#  no_verify
+
+dnslookup:
+  driver = dnslookup
+  domains = !+local_domains
+  transport = remote_smtp
+  no_more
+
+userforward:
+  driver = redirect
+  check_local_user
+  file = $home/.forward
+  allow_filter
+  no_verify
+  no_expn
+  check_ancestor
+  file_transport = address_file
+  pipe_transport = address_pipe
+  reply_transport = address_reply
+
+procmail:
+  driver = accept
+  check_local_user
+  require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail
+  transport = procmail
+  no_verify
+
+autoreplay:
+  driver = accept
+  require_files = /etc/exim4/domains/$domain/autoreply.${local_part}.msg
+  condition = ${if exists{/etc/exim4/domains/$domain/autoreply.${local_part}.msg}{yes}{no}}
+  retry_use_local_part
+  transport = userautoreply
+  unseen
+
+aliases:
+  driver = redirect
+  headers_add = X-redirected: yes
+  data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}}
+  require_files = /etc/exim4/domains/$domain/aliases
+  redirect_router = dnslookup
+  pipe_transport = address_pipe
+  unseen
+
+localuser_fwd_only:
+  driver = accept
+  transport = devnull
+  condition = ${if exists{/etc/exim4/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/fwd_only}{true}{false}}}}
+
+localuser_spam:
+  driver = accept
+  transport = local_spam_delivery
+  condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{yes}{no_such_user}}}}
+
+localuser:
+  driver = accept
+  transport = local_delivery
+  condition = ${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{true}{false}}
+
+catchall:
+  driver = redirect
+  headers_add = X-redirected: yes
+  require_files = /etc/exim4/domains/$domain/aliases
+  data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}}
+  file_transport = local_delivery
+  redirect_router = dnslookup
+
+terminate_alias:
+  driver = accept
+  transport = devnull
+  condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}{true}{false}}
+
+
+
+######################################################################
+#                      TRANSPORTS CONFIGURATION                      #
+######################################################################
+begin transports
+
+remote_smtp:
+  driver = smtp
+  #helo_data = $sender_address_domain
+  dkim_domain = DKIM_DOMAIN
+  dkim_selector = mail
+  dkim_private_key = DKIM_PRIVATE_KEY
+  dkim_canon = relaxed
+  dkim_strict = 0
+
+procmail:
+  driver = pipe
+  command = "/usr/bin/procmail -d $local_part"
+  return_path_add
+  delivery_date_add
+  envelope_to_add
+  user = $local_part
+  initgroups
+  return_output
+
+local_delivery:
+  driver = appendfile
+  maildir_format
+  maildir_use_size_file
+  user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}
+  group = mail
+  create_directory
+  directory_mode = 770
+  mode = 660
+  use_lockfile = no
+  delivery_date_add
+  envelope_to_add
+  return_path_add
+  directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part"
+  quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M
+  quota_warn_threshold = 75%
+
+local_spam_delivery:
+  driver = appendfile
+  maildir_format
+  maildir_use_size_file
+  user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}
+  group = mail
+  create_directory
+  directory_mode = 770
+  mode = 660
+  use_lockfile = no
+  delivery_date_add
+  envelope_to_add
+  return_path_add
+  directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam"
+  quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M
+  quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part"
+  quota_warn_threshold = 75%
+
+address_pipe:
+  driver = pipe
+  return_output
+
+address_file:
+  driver = appendfile
+  delivery_date_add
+  envelope_to_add
+  return_path_add
+
+address_reply:
+  driver = autoreply
+
+userautoreply:
+  driver = autoreply
+  file = /etc/exim4/domains/$domain/autoreply.${local_part}.msg
+  from = "${local_part}@${domain}"
+  headers = Content-Type: text/plain; charset=utf-8;\nContent-Transfer-Encoding: 8bit
+  subject = "${if def:h_Subject: {Autoreply: \"${rfc2047:$h_Subject:}\"} {Autoreply Message}}"
+  to = "${sender_address}"
+
+devnull:
+  driver = appendfile
+  file = /dev/null
+
+
+
+######################################################################
+#                      RETRY CONFIGURATION                           #
+######################################################################
+begin retry
+
+# Address or Domain    Error       Retries
+# -----------------    -----       -------
+*                      *           F,2h,15m; G,16h,1h,1.5; F,4d,6h
+
+
+
+######################################################################
+#                      REWRITE CONFIGURATION                         #
+######################################################################
+begin rewrite
+
+
+
+######################################################################
diff --git a/install/ubuntu/17.10/exim/spam-blocks.conf b/install/ubuntu/17.10/exim/spam-blocks.conf
new file mode 100644
index 00000000..e69de29b
diff --git a/install/ubuntu/17.10/fail2ban/action.d/vesta.conf b/install/ubuntu/17.10/fail2ban/action.d/vesta.conf
new file mode 100644
index 00000000..0edfc349
--- /dev/null
+++ b/install/ubuntu/17.10/fail2ban/action.d/vesta.conf
@@ -0,0 +1,9 @@
+# Fail2Ban configuration file for vesta
+
+[Definition]
+
+actionstart = /usr/local/vesta/bin/v-add-firewall-chain 
+actionstop = /usr/local/vesta/bin/v-delete-firewall-chain 
+actioncheck = iptables -n -L INPUT | grep -q 'fail2ban-[ \t]'
+actionban = /usr/local/vesta/bin/v-add-firewall-ban  
+actionunban = /usr/local/vesta/bin/v-delete-firewall-ban  
diff --git a/install/ubuntu/17.10/fail2ban/filter.d/vesta.conf b/install/ubuntu/17.10/fail2ban/filter.d/vesta.conf
new file mode 100644
index 00000000..69670a56
--- /dev/null
+++ b/install/ubuntu/17.10/fail2ban/filter.d/vesta.conf
@@ -0,0 +1,10 @@
+# Fail2Ban filter for unsuccesfull Vesta authentication attempts
+#
+
+[INCLUDES]
+before = common.conf
+
+[Definition]
+failregex =  .*  failed to login
+ignoreregex =
+
diff --git a/install/ubuntu/17.10/fail2ban/jail.local b/install/ubuntu/17.10/fail2ban/jail.local
new file mode 100644
index 00000000..013f81c4
--- /dev/null
+++ b/install/ubuntu/17.10/fail2ban/jail.local
@@ -0,0 +1,51 @@
+[DEFAULT]
+ignoreip = 127.0.0.1/8
+
+[ssh-iptables]
+enabled  = true
+filter   = sshd
+action   = vesta[name=SSH]
+logpath  = /var/log/auth.log
+maxretry = 5
+
+[vsftpd-iptables]
+enabled  = false
+filter   = vsftpd
+action   = vesta[name=FTP]
+logpath  = /var/log/vsftpd.log
+maxretry = 5
+
+[exim-iptables]
+enabled = true
+filter  = exim
+action  = vesta[name=MAIL]
+logpath = /var/log/exim4/mainlog
+maxretry = 5
+
+[dovecot-iptables]
+enabled = true
+filter  = dovecot
+action  = vesta[name=MAIL]
+logpath = /var/log/dovecot.log
+maxretry = 5
+
+[mysqld-iptables]
+enabled  = false
+filter   = mysqld-auth
+action   = vesta[name=DB]
+logpath  = /var/log/mysql.log
+maxretry = 5
+
+[vesta-iptables]
+enabled = true
+filter  = vesta
+action  = vesta[name=VESTA]
+logpath = /var/log/vesta/auth.log
+maxretry = 5
+
+[roundcube-auth]
+enabled  = false
+filter   = roundcube-auth
+port     = http,https
+logpath  = /var/log/roundcube/errors
+maxretry = 5
diff --git a/install/ubuntu/17.10/firewall/ports.conf b/install/ubuntu/17.10/firewall/ports.conf
new file mode 100644
index 00000000..b730d012
--- /dev/null
+++ b/install/ubuntu/17.10/firewall/ports.conf
@@ -0,0 +1,17 @@
+PROTOCOL='TCP' PORT='20'
+PROTOCOL='TCP' PORT='21'
+PROTOCOL='TCP' PORT='22'
+PROTOCOL='TCP' PORT='25'
+PROTOCOL='TCP' PORT='53'
+PROTOCOL='UDP' PORT='53'
+PROTOCOL='TCP' PORT='80'
+PROTOCOL='TCP' PORT='443'
+PROTOCOL='TCP' PORT='110'
+PROTOCOL='UDP' PORT='123'
+PROTOCOL='TCP' PORT='143'
+PROTOCOL='TCP' PORT='3306'
+PROTOCOL='TCP' PORT='5432'
+PROTOCOL='TCP' PORT='8080'
+PROTOCOL='TCP' PORT='8433'
+PROTOCOL='TCP' PORT='8083'
+PROTOCOL='TCP' PORT='12000:12100'
diff --git a/install/ubuntu/17.10/firewall/rules.conf b/install/ubuntu/17.10/firewall/rules.conf
new file mode 100644
index 00000000..fba98e1e
--- /dev/null
+++ b/install/ubuntu/17.10/firewall/rules.conf
@@ -0,0 +1,11 @@
+RULE='1' ACTION='ACCEPT' PROTOCOL='ICMP' PORT='0' IP='0.0.0.0/0' COMMENT='PING' SUSPENDED='no' TIME='17:13:48' DATE='2014-09-16'
+RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='0.0.0.0/0' COMMENT='VESTA' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='7' ACTION='ACCEPT' PROTOCOL='TCP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='8' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP='0.0.0.0/0' COMMENT='FTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='17:04:27' DATE='2014-09-24'
+RULE='11' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='0.0.0.0/0' COMMENT='SSH' SUSPENDED='no' TIME='17:14:41' DATE='2014-09-16'
diff --git a/install/ubuntu/17.10/logrotate/apache2 b/install/ubuntu/17.10/logrotate/apache2
new file mode 100644
index 00000000..27629d0d
--- /dev/null
+++ b/install/ubuntu/17.10/logrotate/apache2
@@ -0,0 +1,19 @@
+/var/log/apache2/*.log /var/log/apache2/domains/*log {
+        weekly
+        missingok
+        rotate 52
+        compress
+        delaycompress
+        notifempty
+        create 640 root adm
+        sharedscripts
+        postrotate
+                /etc/init.d/apache2 reload > /dev/null || true
+                [ ! -f /var/run/nginx.pid ] || kill -USR1 `cat /var/run/nginx.pid`
+        endscript
+        prerotate
+                if [ -d /etc/logrotate.d/httpd-prerotate ]; then \
+                        run-parts /etc/logrotate.d/httpd-prerotate; \
+                fi; \
+        endscript
+}
diff --git a/install/ubuntu/17.10/logrotate/dovecot b/install/ubuntu/17.10/logrotate/dovecot
new file mode 100644
index 00000000..ac4fd6e9
--- /dev/null
+++ b/install/ubuntu/17.10/logrotate/dovecot
@@ -0,0 +1,12 @@
+/var/log/dovecot*.log {
+  weekly
+  rotate 4
+  missingok
+  notifempty
+  compress
+  delaycompress
+  sharedscripts
+  postrotate
+    doveadm log reopen
+  endscript
+}
diff --git a/install/ubuntu/17.10/logrotate/nginx b/install/ubuntu/17.10/logrotate/nginx
new file mode 100644
index 00000000..d667f213
--- /dev/null
+++ b/install/ubuntu/17.10/logrotate/nginx
@@ -0,0 +1,13 @@
+/var/log/nginx/*log /var/log/nginx/domains/*log {
+        daily
+        missingok
+        rotate 52
+        compress
+        delaycompress
+        notifempty
+        create 640 nginx adm
+        sharedscripts
+        postrotate
+                [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid`
+        endscript
+}
diff --git a/install/ubuntu/17.10/logrotate/vesta b/install/ubuntu/17.10/logrotate/vesta
new file mode 100644
index 00000000..027a3439
--- /dev/null
+++ b/install/ubuntu/17.10/logrotate/vesta
@@ -0,0 +1,7 @@
+/usr/local/vesta/log/*.log {
+    missingok
+    notifempty
+    size 30k
+    yearly
+    create 0600 root root
+}
diff --git a/install/ubuntu/17.10/mysql/my-large.cnf b/install/ubuntu/17.10/mysql/my-large.cnf
new file mode 100644
index 00000000..7201377c
--- /dev/null
+++ b/install/ubuntu/17.10/mysql/my-large.cnf
@@ -0,0 +1,41 @@
+[client]
+port=3306
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld_safe]
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld]
+user=mysql
+pid-file=/var/run/mysqld/mysqld.pid
+socket=/var/run/mysqld/mysqld.sock
+port=3306
+basedir=/usr
+datadir=/var/lib/mysql
+tmpdir=/tmp
+lc-messages-dir=/usr/share/mysql
+log_error=/var/log/mysql/error.log
+
+symbolic-links=0
+
+skip-external-locking
+key_buffer_size = 256M
+max_allowed_packet = 32M
+table_open_cache = 256
+sort_buffer_size = 1M
+read_buffer_size = 1M
+read_rnd_buffer_size = 4M
+myisam_sort_buffer_size = 64M
+thread_cache_size = 8
+query_cache_size= 16M
+
+#innodb_use_native_aio = 0
+innodb_file_per_table
+
+max_connections=200
+max_user_connections=50
+wait_timeout=10
+interactive_timeout=50
+long_query_time=5
+
+!includedir /etc/mysql/conf.d/
diff --git a/install/ubuntu/17.10/mysql/my-medium.cnf b/install/ubuntu/17.10/mysql/my-medium.cnf
new file mode 100644
index 00000000..1c10ab9a
--- /dev/null
+++ b/install/ubuntu/17.10/mysql/my-medium.cnf
@@ -0,0 +1,40 @@
+[client]
+port=3306
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld_safe]
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld]
+user=mysql
+pid-file=/var/run/mysqld/mysqld.pid
+socket=/var/run/mysqld/mysqld.sock
+port=3306
+basedir=/usr
+datadir=/var/lib/mysql
+tmpdir=/tmp
+lc-messages-dir=/usr/share/mysql
+log_error=/var/log/mysql/error.log
+
+symbolic-links=0
+  
+skip-external-locking
+key_buffer_size = 16M
+max_allowed_packet = 16M
+table_open_cache = 64
+sort_buffer_size = 512K
+net_buffer_length = 8K
+read_buffer_size = 256K
+read_rnd_buffer_size = 512K
+myisam_sort_buffer_size = 8M
+
+#innodb_use_native_aio = 0
+innodb_file_per_table
+
+max_connections=70
+max_user_connections=30
+wait_timeout=10
+interactive_timeout=50
+long_query_time=5
+
+!includedir /etc/mysql/conf.d/
diff --git a/install/ubuntu/17.10/mysql/my-small.cnf b/install/ubuntu/17.10/mysql/my-small.cnf
new file mode 100644
index 00000000..26a80478
--- /dev/null
+++ b/install/ubuntu/17.10/mysql/my-small.cnf
@@ -0,0 +1,40 @@
+[client]
+port=3306
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld_safe]
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld]
+user=mysql
+pid-file=/var/run/mysqld/mysqld.pid
+socket=/var/run/mysqld/mysqld.sock
+port=3306
+basedir=/usr
+datadir=/var/lib/mysql
+tmpdir=/tmp
+lc-messages-dir=/usr/share/mysql
+log_error=/var/log/mysql/error.log
+
+symbolic-links=0
+
+skip-external-locking
+key_buffer_size = 16K
+max_allowed_packet = 1M
+table_open_cache = 4
+sort_buffer_size = 64K
+read_buffer_size = 256K
+read_rnd_buffer_size = 256K
+net_buffer_length = 2K
+thread_stack = 240K
+
+#innodb_use_native_aio = 0
+innodb_file_per_table
+
+max_connections=30
+max_user_connections=20
+wait_timeout=10
+interactive_timeout=50
+long_query_time=5
+
+!includedir /etc/mysql/conf.d/
diff --git a/install/ubuntu/17.10/nginx/nginx.conf b/install/ubuntu/17.10/nginx/nginx.conf
new file mode 100644
index 00000000..e7256de7
--- /dev/null
+++ b/install/ubuntu/17.10/nginx/nginx.conf
@@ -0,0 +1,136 @@
+# Server globals
+user                    www-data;
+worker_processes        auto;
+worker_rlimit_nofile    65535;
+error_log               /var/log/nginx/error.log crit;
+pid                     /var/run/nginx.pid;
+
+
+# Worker config
+events {
+        worker_connections  1024;
+        use                 epoll;
+        multi_accept        on;
+}
+
+
+http {
+    # Main settings
+    sendfile                        on;
+    tcp_nopush                      on;
+    tcp_nodelay                     on;
+    client_header_timeout           1m;
+    client_body_timeout             1m;
+    client_header_buffer_size       2k;
+    client_body_buffer_size         256k;
+    client_max_body_size            256m;
+    large_client_header_buffers     4   8k;
+    send_timeout                    30;
+    keepalive_timeout               60 60;
+    reset_timedout_connection       on;
+    server_tokens                   off;
+    server_name_in_redirect         off;
+    server_names_hash_max_size      512;
+    server_names_hash_bucket_size   512;
+
+
+    # Log format
+    log_format  main    '$remote_addr - $remote_user [$time_local] $request '
+                        '"$status" $body_bytes_sent "$http_referer" '
+                        '"$http_user_agent" "$http_x_forwarded_for"';
+    log_format  bytes   '$body_bytes_sent';
+    #access_log          /var/log/nginx/access.log main;
+    access_log off;
+
+
+    # Mime settings
+    include             /etc/nginx/mime.types;
+    default_type        application/octet-stream;
+
+
+    # Compression
+    gzip                on;
+    gzip_comp_level     9;
+    gzip_min_length     512;
+    gzip_buffers        8 64k;
+    gzip_types          text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype;
+    gzip_proxied        any;
+    gzip_disable        "MSIE [1-6]\.";
+
+    # Proxy settings
+    proxy_redirect      off;
+    proxy_set_header    Host            $host;
+    proxy_set_header    X-Real-IP       $remote_addr;
+    proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_pass_header   Set-Cookie;
+    proxy_connect_timeout   90;
+    proxy_send_timeout  90;
+    proxy_read_timeout  90;
+    proxy_buffers       32 4k;
+
+
+    # Cloudflare https://www.cloudflare.com/ips
+    set_real_ip_from   103.21.244.0/22;
+    set_real_ip_from   103.22.200.0/22;
+    set_real_ip_from   103.31.4.0/22;
+    set_real_ip_from   104.16.0.0/12;
+    set_real_ip_from   108.162.192.0/18;
+    set_real_ip_from   131.0.72.0/22;
+    set_real_ip_from   141.101.64.0/18;
+    set_real_ip_from   162.158.0.0/15;
+    set_real_ip_from   172.64.0.0/13;
+    set_real_ip_from   173.245.48.0/20;
+    set_real_ip_from   188.114.96.0/20;
+    set_real_ip_from   190.93.240.0/20;
+    set_real_ip_from   197.234.240.0/22;
+    set_real_ip_from   198.41.128.0/17;
+    #set_real_ip_from   2400:cb00::/32;
+    #set_real_ip_from   2606:4700::/32;
+    #set_real_ip_from   2803:f800::/32;
+    #set_real_ip_from   2405:b500::/32;
+    #set_real_ip_from   2405:8100::/32;
+    #set_real_ip_from   2c0f:f248::/32;
+    #set_real_ip_from   2a06:98c0::/29;
+    real_ip_header     CF-Connecting-IP;
+
+
+    # SSL PCI Compliance
+    ssl_session_cache   shared:SSL:10m;
+    ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
+    ssl_prefer_server_ciphers on;
+    ssl_ciphers        "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
+
+
+    # Error pages
+    error_page          403          /error/403.html;
+    error_page          404          /error/404.html;
+    error_page          502 503 504  /error/50x.html;
+
+
+    # Cache settings
+    proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m;
+    proxy_cache_key "$host$request_uri $cookie_user";
+    proxy_temp_path  /var/cache/nginx/temp;
+    proxy_ignore_headers Expires Cache-Control;
+    proxy_cache_use_stale error timeout invalid_header http_502;
+    proxy_cache_valid any 1d;
+
+
+    # Cache bypass
+    map $http_cookie $no_cache {
+        default 0;
+        ~SESS 1;
+        ~wordpress_logged_in 1;
+    }
+
+
+    # File cache settings
+    open_file_cache          max=10000 inactive=30s;
+    open_file_cache_valid    60s;
+    open_file_cache_min_uses 2;
+    open_file_cache_errors   off;
+
+
+    # Wildcard include
+    include             /etc/nginx/conf.d/*.conf;
+}
diff --git a/install/ubuntu/17.10/nginx/phpmyadmin.inc b/install/ubuntu/17.10/nginx/phpmyadmin.inc
new file mode 100644
index 00000000..1feb8546
--- /dev/null
+++ b/install/ubuntu/17.10/nginx/phpmyadmin.inc
@@ -0,0 +1,18 @@
+location /phpmyadmin {
+    alias /usr/share/phpmyadmin/;
+
+    location ~ /(libraries|setup) {
+        return 404;
+    }
+
+    location ~ ^/phpmyadmin/(.*\.php)$ {
+        alias /usr/share/phpmyadmin/$1;
+        fastcgi_pass 127.0.0.1:9000;
+        fastcgi_index index.php;
+        include fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME $request_filename;
+    }
+    location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
+        root /usr/share/;
+    }
+}
diff --git a/install/ubuntu/17.10/nginx/phppgadmin.inc b/install/ubuntu/17.10/nginx/phppgadmin.inc
new file mode 100644
index 00000000..cd1e5806
--- /dev/null
+++ b/install/ubuntu/17.10/nginx/phppgadmin.inc
@@ -0,0 +1,11 @@
+location /phppgadmin {
+    alias /usr/share/phppgadmin/;
+
+    location ~ ^/phppgadmin/(.*\.php)$ {
+        alias /usr/share/phppgadmin/$1;
+        fastcgi_pass 127.0.0.1:9000;
+        fastcgi_index index.php;
+        include fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME $request_filename;
+    }
+}
diff --git a/install/ubuntu/17.10/nginx/status.conf b/install/ubuntu/17.10/nginx/status.conf
new file mode 100644
index 00000000..c0bcd069
--- /dev/null
+++ b/install/ubuntu/17.10/nginx/status.conf
@@ -0,0 +1,9 @@
+server {
+    listen       127.0.0.1:8084 default;
+    server_name  _;
+    server_name_in_redirect  off;
+    location / {
+        stub_status on;
+        access_log   off;
+   }
+}
diff --git a/install/ubuntu/17.10/nginx/webmail.inc b/install/ubuntu/17.10/nginx/webmail.inc
new file mode 100644
index 00000000..ad66895b
--- /dev/null
+++ b/install/ubuntu/17.10/nginx/webmail.inc
@@ -0,0 +1,15 @@
+location /webmail {
+    alias /var/lib/roundcube/;
+
+    location ~ /(config|temp|logs) {
+        return 404;
+    }
+
+    location ~ ^/webmail/(.*\.php)$ {
+        alias /var/lib/roundcube/$1;
+        fastcgi_pass 127.0.0.1:9000;
+        fastcgi_index index.php;
+        include fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME $request_filename;
+    }
+}
diff --git a/install/ubuntu/17.10/packages/default.pkg b/install/ubuntu/17.10/packages/default.pkg
new file mode 100644
index 00000000..c2a93574
--- /dev/null
+++ b/install/ubuntu/17.10/packages/default.pkg
@@ -0,0 +1,18 @@
+WEB_TEMPLATE='default'
+PROXY_TEMPLATE='default'
+DNS_TEMPLATE='default'
+WEB_DOMAINS='100'
+WEB_ALIASES='100'
+DNS_DOMAINS='100'
+DNS_RECORDS='100'
+MAIL_DOMAINS='100'
+MAIL_ACCOUNTS='100'
+DATABASES='100'
+CRON_JOBS='100'
+DISK_QUOTA='unlimited'
+BANDWIDTH='100000'
+NS='ns1.domain.tld,ns2.domain.tld'
+SHELL='nologin'
+BACKUPS='3'
+TIME='18:00:00'
+DATE='2017-12-28'
diff --git a/install/ubuntu/17.10/packages/gainsboro.pkg b/install/ubuntu/17.10/packages/gainsboro.pkg
new file mode 100644
index 00000000..76d7dae2
--- /dev/null
+++ b/install/ubuntu/17.10/packages/gainsboro.pkg
@@ -0,0 +1,18 @@
+WEB_TEMPLATE='default'
+PROXY_TEMPLATE='default'
+DNS_TEMPLATE='default'
+WEB_DOMAINS='10'
+WEB_ALIASES='10'
+DNS_DOMAINS='10'
+DNS_RECORDS='10'
+MAIL_DOMAINS='10'
+MAIL_ACCOUNTS='10'
+DATABASES='10'
+CRON_JOBS='10'
+DISK_QUOTA='10000'
+BANDWIDTH='10000'
+NS='ns1.domain.tld,ns2.domain.tld'
+SHELL='nologin'
+BACKUPS='1'
+TIME='18:00:00'
+DATE='2017-12-28'
diff --git a/install/ubuntu/17.10/packages/palegreen.pkg b/install/ubuntu/17.10/packages/palegreen.pkg
new file mode 100644
index 00000000..3db5fe57
--- /dev/null
+++ b/install/ubuntu/17.10/packages/palegreen.pkg
@@ -0,0 +1,18 @@
+WEB_TEMPLATE='hosting'
+PROXY_TEMPLATE='hosting'
+DNS_TEMPLATE='default'
+WEB_DOMAINS='50'
+WEB_ALIASES='50'
+DNS_DOMAINS='50'
+DNS_RECORDS='50'
+MAIL_DOMAINS='50'
+MAIL_ACCOUNTS='50'
+DATABASES='50'
+CRON_JOBS='50'
+DISK_QUOTA='50000'
+BANDWIDTH='50000'
+NS='ns1.domain.tld,ns2.domain.tld'
+SHELL='nologin'
+BACKUPS='5'
+TIME='18:00:00'
+DATE='2017-12-28'
diff --git a/install/ubuntu/17.10/packages/slategrey.pkg b/install/ubuntu/17.10/packages/slategrey.pkg
new file mode 100644
index 00000000..d89e796f
--- /dev/null
+++ b/install/ubuntu/17.10/packages/slategrey.pkg
@@ -0,0 +1,18 @@
+WEB_TEMPLATE='default'
+PROXY_TEMPLATE='default'
+DNS_TEMPLATE='default'
+WEB_DOMAINS='100'
+WEB_ALIASES='100'
+DNS_DOMAINS='100'
+DNS_RECORDS='100'
+MAIL_DOMAINS='100'
+MAIL_ACCOUNTS='100'
+DATABASES='100'
+CRON_JOBS='100'
+DISK_QUOTA='10000'
+BANDWIDTH='100000'
+NS='ns1.domain.tld,ns2.domain.tld'
+SHELL='nologin'
+BACKUPS='3'
+TIME='18:00:00'
+DATE='2017-12-28'
diff --git a/install/ubuntu/17.10/pga/config.inc.php b/install/ubuntu/17.10/pga/config.inc.php
new file mode 100644
index 00000000..1eec9776
--- /dev/null
+++ b/install/ubuntu/17.10/pga/config.inc.php
@@ -0,0 +1,159 @@
+
diff --git a/install/ubuntu/17.10/pga/phppgadmin.conf b/install/ubuntu/17.10/pga/phppgadmin.conf
new file mode 100644
index 00000000..f39247d6
--- /dev/null
+++ b/install/ubuntu/17.10/pga/phppgadmin.conf
@@ -0,0 +1,31 @@
+Alias /phppgadmin /usr/share/phppgadmin
+
+
+
+DirectoryIndex index.php
+AllowOverride None
+
+order deny,allow
+deny from all
+allow from 127.0.0.0/255.0.0.0 ::1/128
+allow from all
+
+
+  php_flag magic_quotes_gpc Off
+  php_flag track_vars On
+  php_value include_path .
+
+
+  
+    
+      AddType application/x-httpd-php .php
+      Action application/x-httpd-php /cgi-bin/php
+    
+    
+      AddType application/x-httpd-php .php
+      Action application/x-httpd-php /cgi-bin/php
+    
+  
+
+
+
diff --git a/install/ubuntu/17.10/php-fpm/www.conf b/install/ubuntu/17.10/php-fpm/www.conf
new file mode 100644
index 00000000..3c87f33c
--- /dev/null
+++ b/install/ubuntu/17.10/php-fpm/www.conf
@@ -0,0 +1,11 @@
+[www]
+listen = 127.0.0.1:9000
+listen.allowed_clients = 127.0.0.1
+
+user = www-data
+group = www-data
+
+pm = ondemand
+pm.max_children = 2
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
diff --git a/install/ubuntu/17.10/pma/apache.conf b/install/ubuntu/17.10/pma/apache.conf
new file mode 100644
index 00000000..4da6ce84
--- /dev/null
+++ b/install/ubuntu/17.10/pma/apache.conf
@@ -0,0 +1,42 @@
+# phpMyAdmin default Apache configuration
+
+Alias /phpmyadmin /usr/share/phpmyadmin
+
+
+	Options FollowSymLinks
+	DirectoryIndex index.php
+
+	
+		AddType application/x-httpd-php .php
+
+		php_flag magic_quotes_gpc Off
+		php_flag track_vars On
+		php_flag register_globals Off
+		php_admin_flag allow_url_fopen Off
+		php_value include_path .
+		php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
+		php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext:/usr/share/javascript/
+	
+
+
+
+# Authorize for setup
+
+    
+    AuthType Basic
+    AuthName "phpMyAdmin Setup"
+    AuthUserFile /etc/phpmyadmin/htpasswd.setup
+    
+    Require valid-user
+
+
+# Disallow web access to directories that don't need it
+
+    Order Deny,Allow
+    Deny from All
+
+
+    Order Deny,Allow
+    Deny from All
+
+
diff --git a/install/ubuntu/17.10/pma/config.inc.php b/install/ubuntu/17.10/pma/config.inc.php
new file mode 100644
index 00000000..a643a065
--- /dev/null
+++ b/install/ubuntu/17.10/pma/config.inc.php
@@ -0,0 +1,146 @@
+
+    VRootEngine                 on
+    VRootAlias                  /etc/security/pam_env.conf etc/security/pam_env.conf
+
+
+AuthPAMConfig                   proftpd
+AuthOrder                       mod_auth_pam.c* mod_auth_unix.c
+UseReverseDNS                   off
+User                            proftpd
+Group                           nogroup
+MaxInstances                    20
+UseSendfile                     off
+LogFormat                       default "%h %l %u %t \"%r\" %s %b"
+LogFormat                       auth    "%v [%P] %h %t \"%r\" %s"
+ListOptions                     -a
+RequireValidShell               off
+PassivePorts                    12000 12100
+
+
+  Umask                         002
+  IdentLookups                  off
+  AllowOverwrite                yes
+  
+    AllowAll
+  
+
diff --git a/install/ubuntu/17.10/roundcube/apache.conf b/install/ubuntu/17.10/roundcube/apache.conf
new file mode 100644
index 00000000..a0c87bcc
--- /dev/null
+++ b/install/ubuntu/17.10/roundcube/apache.conf
@@ -0,0 +1,40 @@
+Alias /roundcube/program/js/tiny_mce/ /usr/share/tinymce/www/
+Alias /roundcube /var/lib/roundcube
+Alias /webmail /var/lib/roundcube
+
+# Access to tinymce files
+
+      Options Indexes MultiViews FollowSymLinks
+      AllowOverride None
+      Order allow,deny
+      allow from all
+
+
+
+  Options +FollowSymLinks
+  # This is needed to parse /var/lib/roundcube/.htaccess. See its
+  # content before setting AllowOverride to None.
+  AllowOverride All
+  order allow,deny
+  allow from all
+
+
+# Protecting basic directories:
+
+        Options -FollowSymLinks
+        AllowOverride None
+
+
+
+        Options -FollowSymLinks
+        AllowOverride None
+	Order allow,deny
+	Deny from all
+
+
+
+        Options -FollowSymLinks
+        AllowOverride None
+	Order allow,deny
+	Deny from all
+
diff --git a/install/ubuntu/17.10/roundcube/config.inc.php b/install/ubuntu/17.10/roundcube/config.inc.php
new file mode 100644
index 00000000..0c82b1bc
--- /dev/null
+++ b/install/ubuntu/17.10/roundcube/config.inc.php
@@ -0,0 +1,33 @@
+
diff --git a/install/ubuntu/17.10/roundcube/main.inc.php b/install/ubuntu/17.10/roundcube/main.inc.php
new file mode 100644
index 00000000..44b19793
--- /dev/null
+++ b/install/ubuntu/17.10/roundcube/main.inc.php
@@ -0,0 +1,850 @@
+/sendmail or to syslog
+$rcmail_config['smtp_log'] = true;
+
+// Log successful logins to /userlogins or to syslog
+$rcmail_config['log_logins'] = false;
+
+// Log session authentication errors to /session or to syslog
+$rcmail_config['log_session'] = false;
+
+// Log SQL queries to /sql or to syslog
+$rcmail_config['sql_debug'] = false;
+
+// Log IMAP conversation to /imap or to syslog
+$rcmail_config['imap_debug'] = false;
+
+// Log LDAP conversation to /ldap or to syslog
+$rcmail_config['ldap_debug'] = false;
+
+// Log SMTP conversation to /smtp or to syslog
+$rcmail_config['smtp_debug'] = false;
+
+// ----------------------------------
+// IMAP
+// ----------------------------------
+
+// the mail host chosen to perform the log-in
+// leave blank to show a textbox at login, give a list of hosts
+// to display a pulldown menu or set one host as string.
+// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls://
+// Supported replacement variables:
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %s - domain name after the '@' from e-mail address provided at login screen
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['default_host'] = 'localhost';
+
+// TCP port used for IMAP connections
+$rcmail_config['default_port'] = 143;
+
+// IMAP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use
+// best server supported one)
+$rcmail_config['imap_auth_type'] = null;
+
+// If you know your imap's folder delimiter, you can specify it here.
+// Otherwise it will be determined automatically
+$rcmail_config['imap_delimiter'] = null;
+
+// If IMAP server doesn't support NAMESPACE extension, but you're
+// using shared folders or personal root folder is non-empty, you'll need to
+// set these options. All can be strings or arrays of strings.
+// Folders need to be ended with directory separator, e.g. "INBOX."
+// (special directory "~" is an exception to this rule)
+// These can be used also to overwrite server's namespaces
+$rcmail_config['imap_ns_personal'] = null;
+$rcmail_config['imap_ns_other']    = null;
+$rcmail_config['imap_ns_shared']   = null;
+
+// By default IMAP capabilities are readed after connection to IMAP server
+// In some cases, e.g. when using IMAP proxy, there's a need to refresh the list
+// after login. Set to True if you've got this case.
+$rcmail_config['imap_force_caps'] = false;
+
+// By default list of subscribed folders is determined using LIST-EXTENDED
+// extension if available. Some servers (dovecot 1.x) returns wrong results
+// for shared namespaces in this case. http://trac.roundcube.net/ticket/1486225
+// Enable this option to force LSUB command usage instead.
+$rcmail_config['imap_force_lsub'] = false;
+
+// Some server configurations (e.g. Courier) doesn't list folders in all namespaces
+// Enable this option to force listing of folders in all namespaces
+$rcmail_config['imap_force_ns'] = false;
+
+// IMAP connection timeout, in seconds. Default: 0 (no limit)
+$rcmail_config['imap_timeout'] = 0;
+
+// Optional IMAP authentication identifier to be used as authorization proxy
+$rcmail_config['imap_auth_cid'] = null;
+
+// Optional IMAP authentication password to be used for imap_auth_cid
+$rcmail_config['imap_auth_pw'] = null;
+
+// Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'.
+$rcmail_config['imap_cache'] = null;
+
+// Enables messages cache. Only 'db' cache is supported.
+$rcmail_config['messages_cache'] = false;
+
+
+// ----------------------------------
+// SMTP
+// ----------------------------------
+
+// SMTP server host (for sending mails).
+// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls://
+// If left blank, the PHP mail() function is used
+// Supported replacement variables:
+// %h - user's IMAP hostname
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %z - IMAP domain (IMAP hostname without the first part)
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['smtp_server'] = '';
+
+// SMTP port (default is 25; use 587 for STARTTLS or 465 for the
+// deprecated SSL over SMTP (aka SMTPS))
+$rcmail_config['smtp_port'] = 25;
+
+// SMTP username (if required) if you use %u as the username Roundcube
+// will use the current username for login
+$rcmail_config['smtp_user'] = '';
+
+// SMTP password (if required) if you use %p as the password Roundcube
+// will use the current user's password for login
+$rcmail_config['smtp_pass'] = '';
+
+// SMTP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use
+// best server supported one)
+$rcmail_config['smtp_auth_type'] = '';
+
+// Optional SMTP authentication identifier to be used as authorization proxy
+$rcmail_config['smtp_auth_cid'] = null;
+
+// Optional SMTP authentication password to be used for smtp_auth_cid
+$rcmail_config['smtp_auth_pw'] = null;
+
+// SMTP HELO host 
+// Hostname to give to the remote server for SMTP 'HELO' or 'EHLO' messages 
+// Leave this blank and you will get the server variable 'server_name' or 
+// localhost if that isn't defined. 
+$rcmail_config['smtp_helo_host'] = '';
+
+// SMTP connection timeout, in seconds. Default: 0 (no limit)
+$rcmail_config['smtp_timeout'] = 0;
+
+// ----------------------------------
+// SYSTEM
+// ----------------------------------
+include_once("/etc/roundcube/debian-db-roundcube.php");
+
+
+// THIS OPTION WILL ALLOW THE INSTALLER TO RUN AND CAN EXPOSE SENSITIVE CONFIG DATA.
+// ONLY ENABLE IT IF YOU'RE REALLY SURE WHAT YOU'RE DOING!
+$rcmail_config['enable_installer'] = false;
+
+// provide an URL where a user can get support for this Roundcube installation
+// PLEASE DO NOT LINK TO THE ROUNDCUBE.NET WEBSITE HERE!
+$rcmail_config['support_url'] = '';
+
+// replace Roundcube logo with this image
+// specify an URL relative to the document root of this Roundcube installation
+$rcmail_config['skin_logo'] = null;
+
+// automatically create a new Roundcube user when log-in the first time.
+// a new user will be created once the IMAP login succeeds.
+// set to false if only registered users can use this service
+$rcmail_config['auto_create_user'] = true;
+
+// use this folder to store log files (must be writeable for apache user)
+// This is used by the 'file' log driver.
+$rcmail_config['log_dir'] = '/var/log/roundcubemail/';
+
+// use this folder to store temp files (must be writeable for apache user)
+$rcmail_config['temp_dir'] = '/tmp';
+
+// lifetime of message cache
+// possible units: s, m, h, d, w
+$rcmail_config['message_cache_lifetime'] = '10d';
+
+// enforce connections over https
+// with this option enabled, all non-secure connections will be redirected.
+// set the port for the ssl connection as value of this option if it differs from the default 443
+$rcmail_config['force_https'] = false;
+
+// tell PHP that it should work as under secure connection
+// even if it doesn't recognize it as secure ($_SERVER['HTTPS'] is not set)
+// e.g. when you're running Roundcube behind a https proxy
+// this option is mutually exclusive to 'force_https' and only either one of them should be set to true.
+$rcmail_config['use_https'] = false;
+
+// Allow browser-autocompletion on login form.
+// 0 - disabled, 1 - username and host only, 2 - username, host, password
+$rcmail_config['login_autocomplete'] = 0;
+
+// Forces conversion of logins to lower case.
+// 0 - disabled, 1 - only domain part, 2 - domain and local part.
+// If users authentication is not case-sensitive this must be enabled.
+// After enabling it all user records need to be updated, e.g. with query:
+// UPDATE users SET username = LOWER(username);
+$rcmail_config['login_lc'] = 0;
+
+// Includes should be interpreted as PHP files
+$rcmail_config['skin_include_php'] = false;
+
+// display software version on login screen
+$rcmail_config['display_version'] = false;
+
+// Session lifetime in minutes
+// must be greater than 'keep_alive'/60
+$rcmail_config['session_lifetime'] = 10;
+
+// session domain: .example.org
+$rcmail_config['session_domain'] = '';
+
+// session name. Default: 'roundcube_sessid'
+$rcmail_config['session_name'] = null;
+
+// Backend to use for session storage. Can either be 'db' (default) or 'memcache'
+// If set to memcache, a list of servers need to be specified in 'memcache_hosts'
+// Make sure the Memcache extension (http://pecl.php.net/package/memcache) version >= 2.0.0 is installed
+$rcmail_config['session_storage'] = 'db';
+
+// Use these hosts for accessing memcached
+// Define any number of hosts in the form of hostname:port or unix:///path/to/sock.file
+$rcmail_config['memcache_hosts'] = null; // e.g. array( 'localhost:11211', '192.168.1.12:11211', 'unix:///var/tmp/memcached.sock' );
+
+// check client IP in session athorization
+$rcmail_config['ip_check'] = false;
+
+// check referer of incoming requests
+$rcmail_config['referer_check'] = false;
+
+// X-Frame-Options HTTP header value sent to prevent from Clickjacking.
+// Possible values: sameorigin|deny. Set to false in order to disable sending them
+$rcmail_config['x_frame_options'] = 'sameorigin';
+
+// this key is used to encrypt the users imap password which is stored
+// in the session record (and the client cookie if remember password is enabled).
+// please provide a string of exactly 24 chars.
+$rcmail_config['des_key'] = 'vtIOjLZo9kffJoqzpSbm5r1r';
+
+// Automatically add this domain to user names for login
+// Only for IMAP servers that require full e-mail addresses for login
+// Specify an array with 'host' => 'domain' values to support multiple hosts
+// Supported replacement variables:
+// %h - user's IMAP hostname
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %z - IMAP domain (IMAP hostname without the first part)
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['username_domain'] = '';
+
+// This domain will be used to form e-mail addresses of new users
+// Specify an array with 'host' => 'domain' values to support multiple hosts
+// Supported replacement variables:
+// %h - user's IMAP hostname
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %z - IMAP domain (IMAP hostname without the first part)
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['mail_domain'] = '';
+
+// Password charset.
+// Use it if your authentication backend doesn't support UTF-8.
+// Defaults to ISO-8859-1 for backward compatibility
+$rcmail_config['password_charset'] = 'ISO-8859-1';
+
+// How many seconds must pass between emails sent by a user
+$rcmail_config['sendmail_delay'] = 0;
+
+// Maximum number of recipients per message. Default: 0 (no limit)
+$rcmail_config['max_recipients'] = 0; 
+
+// Maximum allowednumber of members of an address group. Default: 0 (no limit)
+// If 'max_recipients' is set this value should be less or equal
+$rcmail_config['max_group_members'] = 0; 
+
+// add this user-agent to message headers when sending
+$rcmail_config['useragent'] = 'Roundcube Webmail/'.RCMAIL_VERSION;
+
+// use this name to compose page titles
+$rcmail_config['product_name'] = 'Roundcube Webmail';
+
+// try to load host-specific configuration
+// see http://trac.roundcube.net/wiki/Howto_Config for more details
+$rcmail_config['include_host_config'] = false;
+
+// path to a text file which will be added to each sent message
+// paths are relative to the Roundcube root folder
+$rcmail_config['generic_message_footer'] = '';
+
+// path to a text file which will be added to each sent HTML message
+// paths are relative to the Roundcube root folder
+$rcmail_config['generic_message_footer_html'] = '';
+
+// add a received header to outgoing mails containing the creators IP and hostname
+$rcmail_config['http_received_header'] = false;
+
+// Whether or not to encrypt the IP address and the host name
+// these could, in some circles, be considered as sensitive information;
+// however, for the administrator, these could be invaluable help
+// when tracking down issues.
+$rcmail_config['http_received_header_encrypt'] = false;
+
+// This string is used as a delimiter for message headers when sending
+// a message via mail() function. Leave empty for auto-detection
+$rcmail_config['mail_header_delimiter'] = NULL;
+
+// number of chars allowed for line when wrapping text.
+// text wrapping is done when composing/sending messages
+$rcmail_config['line_length'] = 72;
+
+// send plaintext messages as format=flowed
+$rcmail_config['send_format_flowed'] = true;
+
+// don't allow these settings to be overriden by the user
+$rcmail_config['dont_override'] = array();
+
+// Set identities access level:
+// 0 - many identities with possibility to edit all params
+// 1 - many identities with possibility to edit all params but not email address
+// 2 - one identity with possibility to edit all params
+// 3 - one identity with possibility to edit all params but not email address
+$rcmail_config['identities_level'] = 0;
+
+// Mimetypes supported by the browser.
+// attachments of these types will open in a preview window
+// either a comma-separated list or an array: 'text/plain,text/html,text/xml,image/jpeg,image/gif,image/png,application/pdf'
+$rcmail_config['client_mimetypes'] = null;  # null == default
+
+// mime magic database
+$rcmail_config['mime_magic'] = null;
+
+// path to imagemagick identify binary
+$rcmail_config['im_identify_path'] = null;
+
+// path to imagemagick convert binary
+$rcmail_config['im_convert_path'] = null;
+
+// maximum size of uploaded contact photos in pixel
+$rcmail_config['contact_photo_size'] = 160;
+
+// Enable DNS checking for e-mail address validation
+$rcmail_config['email_dns_check'] = false;
+
+// ----------------------------------
+// PLUGINS
+// ----------------------------------
+
+// List of active plugins (in plugins/ directory)
+$rcmail_config['plugins'] = array('password');
+
+// ----------------------------------
+// USER INTERFACE
+// ----------------------------------
+
+// default messages sort column. Use empty value for default server's sorting, 
+// or 'arrival', 'date', 'subject', 'from', 'to', 'fromto', 'size', 'cc'
+$rcmail_config['message_sort_col'] = '';
+
+// default messages sort order
+$rcmail_config['message_sort_order'] = 'DESC';
+
+// These cols are shown in the message list. Available cols are:
+// subject, from, to, fromto, cc, replyto, date, size, status, flag, attachment, 'priority'
+$rcmail_config['list_cols'] = array('subject', 'status', 'fromto', 'date', 'size', 'flag', 'attachment');
+
+// the default locale setting (leave empty for auto-detection)
+// RFC1766 formatted language name like en_US, de_DE, de_CH, fr_FR, pt_BR
+$rcmail_config['language'] = null;
+
+// use this format for date display (date or strftime format)
+$rcmail_config['date_format'] = 'Y-m-d';
+
+// give this choice of date formats to the user to select from
+$rcmail_config['date_formats'] = array('Y-m-d', 'd-m-Y', 'Y/m/d', 'm/d/Y', 'd/m/Y', 'd.m.Y', 'j.n.Y');
+
+// use this format for time display (date or strftime format)
+$rcmail_config['time_format'] = 'H:i';
+
+// give this choice of time formats to the user to select from
+$rcmail_config['time_formats'] = array('G:i', 'H:i', 'g:i a', 'h:i A');
+
+// use this format for short date display (derived from date_format and time_format)
+$rcmail_config['date_short'] = 'D H:i';
+
+// use this format for detailed date/time formatting (derived from date_format and time_format)
+$rcmail_config['date_long'] = 'Y-m-d H:i';
+
+// store draft message is this mailbox
+// leave blank if draft messages should not be stored
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['drafts_mbox'] = 'Drafts';
+
+// store spam messages in this mailbox
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['junk_mbox'] = 'Spam';
+
+// store sent message is this mailbox
+// leave blank if sent messages should not be stored
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['sent_mbox'] = 'Sent';
+
+// move messages to this folder when deleting them
+// leave blank if they should be deleted directly
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['trash_mbox'] = 'Trash';
+
+// display these folders separately in the mailbox list.
+// these folders will also be displayed with localized names
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['default_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash');
+$rcmail_config['default_imap_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash');
+
+// automatically create the above listed default folders on first login
+$rcmail_config['create_default_folders'] = true;
+
+// protect the default folders from renames, deletes, and subscription changes
+$rcmail_config['protect_default_folders'] = true;
+
+// if in your system 0 quota means no limit set this option to true 
+$rcmail_config['quota_zero_as_unlimited'] = true;
+
+// Make use of the built-in spell checker. It is based on GoogieSpell.
+// Since Google only accepts connections over https your PHP installatation
+// requires to be compiled with Open SSL support
+$rcmail_config['enable_spellcheck'] = true;
+
+// Enables spellchecker exceptions dictionary.
+// Setting it to 'shared' will make the dictionary shared by all users.
+$rcmail_config['spellcheck_dictionary'] = false;
+
+// Set the spell checking engine. 'googie' is the default. 'pspell' is also available,
+// but requires the Pspell extensions. When using Nox Spell Server, also set 'googie' here.
+$rcmail_config['spellcheck_engine'] = 'googie';
+
+// For a locally installed Nox Spell Server, please specify the URI to call it.
+// Get Nox Spell Server from http://orangoo.com/labs/?page_id=72
+// Leave empty to use the Google spell checking service, what means
+// that the message content will be sent to Google in order to check spelling
+$rcmail_config['spellcheck_uri'] = '';
+
+// These languages can be selected for spell checking.
+// Configure as a PHP style hash array: array('en'=>'English', 'de'=>'Deutsch');
+// Leave empty for default set of available language.
+$rcmail_config['spellcheck_languages'] = NULL;
+
+// Makes that words with all letters capitalized will be ignored (e.g. GOOGLE)
+$rcmail_config['spellcheck_ignore_caps'] = false;
+
+// Makes that words with numbers will be ignored (e.g. g00gle)
+$rcmail_config['spellcheck_ignore_nums'] = false;
+
+// Makes that words with symbols will be ignored (e.g. g@@gle)
+$rcmail_config['spellcheck_ignore_syms'] = false;
+
+// Use this char/string to separate recipients when composing a new message
+$rcmail_config['recipients_separator'] = ',';
+
+// don't let users set pagesize to more than this value if set
+$rcmail_config['max_pagesize'] = 200;
+
+// Minimal value of user's 'keep_alive' setting (in seconds)
+// Must be less than 'session_lifetime'
+$rcmail_config['min_keep_alive'] = 60;
+
+// Enables files upload indicator. Requires APC installed and enabled apc.rfc1867 option.
+// By default refresh time is set to 1 second. You can set this value to true
+// or any integer value indicating number of seconds.
+$rcmail_config['upload_progress'] = false;
+
+// Specifies for how many seconds the Undo button will be available
+// after object delete action. Currently used with supporting address book sources.
+// Setting it to 0, disables the feature.
+$rcmail_config['undo_timeout'] = 0;
+
+// ----------------------------------
+// ADDRESSBOOK SETTINGS
+// ----------------------------------
+
+// This indicates which type of address book to use. Possible choises:
+// 'sql' (default) and 'ldap'.
+// If set to 'ldap' then it will look at using the first writable LDAP
+// address book as the primary address book and it will not display the
+// SQL address book in the 'Address Book' view.
+$rcmail_config['address_book_type'] = 'sql';
+
+// In order to enable public ldap search, configure an array like the Verisign
+// example further below. if you would like to test, simply uncomment the example.
+// Array key must contain only safe characters, ie. a-zA-Z0-9_
+$rcmail_config['ldap_public'] = array();
+
+// If you are going to use LDAP for individual address books, you will need to 
+// set 'user_specific' to true and use the variables to generate the appropriate DNs to access it.
+//
+// The recommended directory structure for LDAP is to store all the address book entries
+// under the users main entry, e.g.:
+//
+//  o=root
+//   ou=people
+//    uid=user@domain
+//  mail=contact@contactdomain
+//
+// So the base_dn would be uid=%fu,ou=people,o=root
+// The bind_dn would be the same as based_dn or some super user login.
+/* 
+ * example config for Verisign directory
+ *
+$rcmail_config['ldap_public']['Verisign'] = array(
+  'name'          => 'Verisign.com',
+  // Replacement variables supported in host names:
+  // %h - user's IMAP hostname
+  // %n - http hostname ($_SERVER['SERVER_NAME'])
+  // %d - domain (http hostname without the first part)
+  // %z - IMAP domain (IMAP hostname without the first part)
+  // For example %n = mail.domain.tld, %d = domain.tld
+  'hosts'         => array('directory.verisign.com'),
+  'port'          => 389,
+  'use_tls'	      => false,
+  'ldap_version'  => 3,       // using LDAPv3
+  'user_specific' => false,   // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login.
+  // %fu - The full username provided, assumes the username is an email
+  //       address, uses the username_domain value if not an email address.
+  // %u  - The username prior to the '@'.
+  // %d  - The domain name after the '@'.
+  // %dc - The domain name hierarchal string e.g. "dc=test,dc=domain,dc=com"
+  // %dn - DN found by ldap search when search_filter/search_base_dn are used
+  'base_dn'       => '',
+  'bind_dn'       => '',
+  'bind_pass'     => '',
+  // It's possible to bind for an individual address book
+  // The login name is used to search for the DN to bind with
+  'search_base_dn' => '',
+  'search_filter'  => '',   // e.g. '(&(objectClass=posixAccount)(uid=%u))'
+  // DN and password to bind as before searching for bind DN, if anonymous search is not allowed
+  'search_bind_dn' => '',
+  'search_bind_pw' => '',
+  // Default for %dn variable if search doesn't return DN value
+  'search_dn_default' => '',
+  // Optional authentication identifier to be used as SASL authorization proxy
+  // bind_dn need to be empty
+  'auth_cid'       => '',
+  // SASL authentication method (for proxy auth), e.g. DIGEST-MD5
+  'auth_method'    => '',
+  // Indicates if the addressbook shall be hidden from the list.
+  // With this option enabled you can still search/view contacts.
+  'hidden'        => false,
+  // Indicates if the addressbook shall not list contacts but only allows searching.
+  'searchonly'    => false,
+  // Indicates if we can write to the LDAP directory or not.
+  // If writable is true then these fields need to be populated:
+  // LDAP_Object_Classes, required_fields, LDAP_rdn
+  'writable'       => false,
+  // To create a new contact these are the object classes to specify
+  // (or any other classes you wish to use).
+  'LDAP_Object_Classes' => array('top', 'inetOrgPerson'),
+  // The RDN field that is used for new entries, this field needs
+  // to be one of the search_fields, the base of base_dn is appended
+  // to the RDN to insert into the LDAP directory.
+  'LDAP_rdn'       => 'cn',
+  // The required fields needed to build a new contact as required by
+  // the object classes (can include additional fields not required by the object classes).
+  'required_fields' => array('cn', 'sn', 'mail'),
+  'search_fields'   => array('mail', 'cn'),  // fields to search in
+  // mapping of contact fields to directory attributes
+  //   for every attribute one can specify the number of values (limit) allowed.
+  //   default is 1, a wildcard * means unlimited
+  'fieldmap' => array(
+    // Roundcube  => LDAP:limit
+    'name'        => 'cn',
+    'surname'     => 'sn',
+    'firstname'   => 'givenName',
+    'title'       => 'title',
+    'email'       => 'mail:*',
+    'phone:home'  => 'homePhone',
+    'phone:work'  => 'telephoneNumber',
+    'phone:mobile' => 'mobile',
+    'phone:pager' => 'pager',
+    'street'      => 'street',
+    'zipcode'     => 'postalCode',
+    'region'      => 'st',
+    'locality'    => 'l',
+// if you uncomment country, you need to modify 'sub_fields' above
+//    'country'     => 'c',
+    'department'  => 'departmentNumber',
+    'notes'       => 'description',
+// these currently don't work:
+//    'phone:workfax' => 'facsimileTelephoneNumber',
+//    'photo'        => 'jpegPhoto',
+//    'organization' => 'o',
+//    'manager'      => 'manager',
+//    'assistant'    => 'secretary',
+  ),
+  // Map of contact sub-objects (attribute name => objectClass(es)), e.g. 'c' => 'country'
+  'sub_fields' => array(),
+  'sort'          => 'cn',    // The field to sort the listing by.
+  'scope'         => 'sub',   // search mode: sub|base|list
+  'filter'        => '(objectClass=inetOrgPerson)',      // used for basic listing (if not empty) and will be &'d with search queries. example: status=act
+  'fuzzy_search'  => true,    // server allows wildcard search
+  'vlv'           => false,   // Enable Virtual List View to more efficiently fetch paginated data (if server supports it)
+  'numsub_filter' => '(objectClass=organizationalUnit)',   // with VLV, we also use numSubOrdinates to query the total number of records. Set this filter to get all numSubOrdinates attributes for counting
+  'sizelimit'     => '0',     // Enables you to limit the count of entries fetched. Setting this to 0 means no limit.
+  'timelimit'     => '0',     // Sets the number of seconds how long is spend on the search. Setting this to 0 means no limit.
+  'referrals'     => true|false,  // Sets the LDAP_OPT_REFERRALS option. Mostly used in multi-domain Active Directory setups
+
+  // definition for contact groups (uncomment if no groups are supported)
+  // for the groups base_dn, the user replacements %fu, %u, $d and %dc work as for base_dn (see above)
+  // if the groups base_dn is empty, the contact base_dn is used for the groups as well
+  // -> in this case, assure that groups and contacts are separated due to the concernig filters! 
+  'groups'        => array(
+    'base_dn'     => '',
+    'scope'       => 'sub',   // search mode: sub|base|list
+    'filter'      => '(objectClass=groupOfNames)',
+    'object_classes' => array("top", "groupOfNames"),
+    'member_attr'  => 'member',   // name of the member attribute, e.g. uniqueMember
+    'name_attr'    => 'cn',       // attribute to be used as group name
+  ),
+);
+*/
+
+// An ordered array of the ids of the addressbooks that should be searched
+// when populating address autocomplete fields server-side. ex: array('sql','Verisign');
+$rcmail_config['autocomplete_addressbooks'] = array('sql');
+
+// The minimum number of characters required to be typed in an autocomplete field
+// before address books will be searched. Most useful for LDAP directories that
+// may need to do lengthy results building given overly-broad searches
+$rcmail_config['autocomplete_min_length'] = 1;
+
+// Number of parallel autocomplete requests.
+// If there's more than one address book, n parallel (async) requests will be created,
+// where each request will search in one address book. By default (0), all address
+// books are searched in one request.
+$rcmail_config['autocomplete_threads'] = 0;
+
+// Max. numer of entries in autocomplete popup. Default: 15.
+$rcmail_config['autocomplete_max'] = 15;
+
+// show address fields in this order
+// available placeholders: {street}, {locality}, {zipcode}, {country}, {region}
+$rcmail_config['address_template'] = '{street}
{locality} {zipcode}
{country} {region}';
+
+// Matching mode for addressbook search (including autocompletion)
+// 0 - partial (*abc*), default
+// 1 - strict (abc)
+// 2 - prefix (abc*)
+// Note: For LDAP sources fuzzy_search must be enabled to use 'partial' or 'prefix' mode
+$rcmail_config['addressbook_search_mode'] = 0;
+
+// ----------------------------------
+// USER PREFERENCES
+// ----------------------------------
+
+// Use this charset as fallback for message decoding
+//$rcmail_config['default_charset'] = 'ISO-8859-1';
+$rcmail_config['default_charset'] = 'UTF-8';
+
+// skin name: folder from skins/
+$rcmail_config['skin'] = 'larry';
+
+// show up to X items in messages list view
+$rcmail_config['mail_pagesize'] = 50;
+
+// show up to X items in contacts list view
+$rcmail_config['addressbook_pagesize'] = 50;
+
+// sort contacts by this col (preferably either one of name, firstname, surname)
+$rcmail_config['addressbook_sort_col'] = 'surname';
+
+// the way how contact names are displayed in the list
+// 0: display name
+// 1: (prefix) firstname middlename surname (suffix)
+// 2: (prefix) surname firstname middlename (suffix)
+// 3: (prefix) surname, firstname middlename (suffix)
+$rcmail_config['addressbook_name_listing'] = 0;
+
+// use this timezone to display date/time
+// valid timezone identifers are listed here: php.net/manual/en/timezones.php
+// 'auto' will use the browser's timezone settings
+$rcmail_config['timezone'] = 'auto';
+
+// prefer displaying HTML messages
+$rcmail_config['prefer_html'] = true;
+
+// display remote inline images
+// 0 - Never, always ask
+// 1 - Ask if sender is not in address book
+// 2 - Always show inline images
+$rcmail_config['show_images'] = 0;
+
+// compose html formatted messages by default
+// 0 - never, 1 - always, 2 - on reply to HTML message only 
+$rcmail_config['htmleditor'] = 0;
+
+// show pretty dates as standard
+$rcmail_config['prettydate'] = true;
+
+// save compose message every 30 seconds
+$rcmail_config['draft_autosave'] = 30;
+
+// default setting if preview pane is enabled
+$rcmail_config['preview_pane'] = false;
+
+// Mark as read when viewed in preview pane (delay in seconds)
+// Set to -1 if messages in preview pane should not be marked as read
+$rcmail_config['preview_pane_mark_read'] = 0;
+
+// Clear Trash on logout
+$rcmail_config['logout_purge'] = false;
+
+// Compact INBOX on logout
+$rcmail_config['logout_expunge'] = false;
+
+// Display attached images below the message body 
+$rcmail_config['inline_images'] = true;
+
+// Encoding of long/non-ascii attachment names:
+// 0 - Full RFC 2231 compatible
+// 1 - RFC 2047 for 'name' and RFC 2231 for 'filename' parameter (Thunderbird's default)
+// 2 - Full 2047 compatible
+$rcmail_config['mime_param_folding'] = 1;
+
+// Set true if deleted messages should not be displayed
+// This will make the application run slower
+$rcmail_config['skip_deleted'] = false;
+
+// Set true to Mark deleted messages as read as well as deleted
+// False means that a message's read status is not affected by marking it as deleted
+$rcmail_config['read_when_deleted'] = true;
+
+// Set to true to never delete messages immediately
+// Use 'Purge' to remove messages marked as deleted
+$rcmail_config['flag_for_deletion'] = false;
+
+// Default interval for keep-alive/check-recent requests (in seconds)
+// Must be greater than or equal to 'min_keep_alive' and less than 'session_lifetime'
+$rcmail_config['keep_alive'] = 60;
+
+// If true all folders will be checked for recent messages
+$rcmail_config['check_all_folders'] = false;
+
+// If true, after message delete/move, the next message will be displayed
+$rcmail_config['display_next'] = false;
+
+// 0 - Do not expand threads 
+// 1 - Expand all threads automatically 
+// 2 - Expand only threads with unread messages 
+$rcmail_config['autoexpand_threads'] = 0;
+
+// When replying place cursor above original message (top posting)
+$rcmail_config['top_posting'] = false;
+
+// When replying strip original signature from message
+$rcmail_config['strip_existing_sig'] = true;
+
+// Show signature:
+// 0 - Never
+// 1 - Always
+// 2 - New messages only
+// 3 - Forwards and Replies only
+$rcmail_config['show_sig'] = 1;
+
+// When replying or forwarding place sender's signature above existing message
+$rcmail_config['sig_above'] = false;
+
+// Use MIME encoding (quoted-printable) for 8bit characters in message body
+$rcmail_config['force_7bit'] = false;
+
+// Defaults of the search field configuration.
+// The array can contain a per-folder list of header fields which should be considered when searching
+// The entry with key '*' stands for all folders which do not have a specific list set.
+// Please note that folder names should to be in sync with $rcmail_config['default_folders']
+$rcmail_config['search_mods'] = null;  // Example: array('*' => array('subject'=>1, 'from'=>1), 'Sent' => array('subject'=>1, 'to'=>1));
+
+// Defaults of the addressbook search field configuration.
+$rcmail_config['addressbook_search_mods'] = null;  // Example: array('name'=>1, 'firstname'=>1, 'surname'=>1, 'email'=>1, '*'=>1);
+
+// 'Delete always'
+// This setting reflects if mail should be always deleted
+// when moving to Trash fails. This is necessary in some setups
+// when user is over quota and Trash is included in the quota.
+$rcmail_config['delete_always'] = false;
+
+// Directly delete messages in Junk instead of moving to Trash
+$rcmail_config['delete_junk'] = true;
+
+// Behavior if a received message requests a message delivery notification (read receipt)
+// 0 = ask the user, 1 = send automatically, 2 = ignore (never send or ask)
+// 3 = send automatically if sender is in addressbook, otherwise ask the user
+// 4 = send automatically if sender is in addressbook, otherwise ignore
+$rcmail_config['mdn_requests'] = 0;
+
+// Return receipt checkbox default state
+$rcmail_config['mdn_default'] = 0;
+
+// Delivery Status Notification checkbox default state
+$rcmail_config['dsn_default'] = 0;
+
+// Place replies in the folder of the message being replied to
+$rcmail_config['reply_same_folder'] = false;
+
+// Sets default mode of Forward feature to "forward as attachment"
+$rcmail_config['forward_attachment'] = false;
+
+// Defines address book (internal index) to which new contacts will be added
+// By default it is the first writeable addressbook.
+// Note: Use '0' for built-in address book.
+$rcmail_config['default_addressbook'] = null;
+
+// Enables spell checking before sending a message.
+$rcmail_config['spellcheck_before_send'] = false;
+
+// Skip alternative email addresses in autocompletion (show one address per contact)
+$rcmail_config['autocomplete_single'] = false;
+
+// Default font for composed HTML message.
+// Supported values: Andale Mono, Arial, Arial Black, Book Antiqua, Courier New,
+// Georgia, Helvetica, Impact, Tahoma, Terminal, Times New Roman, Trebuchet MS, Verdana
+$rcmail_config['default_font'] = '';
+
+// end of config file
diff --git a/install/ubuntu/17.10/roundcube/vesta.php b/install/ubuntu/17.10/roundcube/vesta.php
new file mode 100644
index 00000000..99e1d4bc
--- /dev/null
+++ b/install/ubuntu/17.10/roundcube/vesta.php
@@ -0,0 +1,71 @@
+
+ */
+
+    function password_save($curpass, $passwd)
+    {
+        $rcmail = rcmail::get_instance();
+        $vesta_host = $rcmail->config->get('password_vesta_host');
+
+        if (empty($vesta_host))
+        {
+            $vesta_host = 'localhost';
+        }
+
+        $vesta_port = $rcmail->config->get('password_vesta_port');
+        if (empty($vesta_port))
+        {
+            $vesta_port = '8083';
+        }
+
+        $postvars = array(
+          'email' => $_SESSION['username'],
+          'password' => $curpass,
+          'new' => $passwd
+        );
+
+        $postdata = http_build_query($postvars);
+
+        $send  = 'POST /reset/mail/ HTTP/1.1' . PHP_EOL;
+        $send .= 'Host: ' . $vesta_host . PHP_EOL;
+        $send .= 'User-Agent: PHP Script' . PHP_EOL;
+        $send .= 'Content-length: ' . strlen($postdata) . PHP_EOL;
+        $send .= 'Content-type: application/x-www-form-urlencoded' . PHP_EOL;
+        $send .= 'Connection: close' . PHP_EOL;
+        $send .= PHP_EOL;
+        $send .= $postdata . PHP_EOL . PHP_EOL;
+
+        //$fp = fsockopen('ssl://' . $vesta_host, $vesta_port);
+        $errno = "";
+        $errstr = "";
+        $context = stream_context_create();
+        $result = stream_context_set_option($context, 'ssl', 'verify_peer', false);
+        $result = stream_context_set_option($context, 'ssl', 'verify_peer_name', false);
+        $result = stream_context_set_option($context, 'ssl', 'verify_host', false);
+        $result = stream_context_set_option($context, 'ssl', 'allow_self_signed', true);
+
+        $fp = stream_socket_client('ssl://' . $vesta_host . ':'.$vesta_port, $errno, $errstr, 60, STREAM_CLIENT_CONNECT, $context);
+        fputs($fp, $send);
+        $result = fread($fp, 2048);
+        fclose($fp);
+
+        $fp = fopen("/tmp/roundcube.log", 'w');
+        fwrite($fp, "test ok");
+        fwrite($fp, "\n");
+        fclose($fp);
+
+
+        if(strpos($result, 'ok') && !strpos($result, 'error'))
+        {
+            return PASSWORD_SUCCESS;
+        }
+        else {
+            return PASSWORD_ERROR;
+        }
+
+    }
diff --git a/install/ubuntu/17.10/sudo/admin b/install/ubuntu/17.10/sudo/admin
new file mode 100644
index 00000000..4226bdd4
--- /dev/null
+++ b/install/ubuntu/17.10/sudo/admin
@@ -0,0 +1,8 @@
+# Created by vesta installer
+Defaults env_keep="VESTA"
+Defaults:admin !syslog
+Defaults:admin !requiretty
+Defaults:root !requiretty
+
+admin   ALL=(ALL)       ALL
+admin   ALL=NOPASSWD:/usr/local/vesta/bin/*
diff --git a/install/ubuntu/17.10/templates/dns/child-ns.tpl b/install/ubuntu/17.10/templates/dns/child-ns.tpl
new file mode 100755
index 00000000..42c046e4
--- /dev/null
+++ b/install/ubuntu/17.10/templates/dns/child-ns.tpl
@@ -0,0 +1,14 @@
+ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns1.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns2.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='4' RECORD='ns1' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='5' RECORD='ns2' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='7' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='8' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='9' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='10' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='11' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='12' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='13' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='14' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%'
diff --git a/install/ubuntu/17.10/templates/dns/default.tpl b/install/ubuntu/17.10/templates/dns/default.tpl
new file mode 100755
index 00000000..e0a37e62
--- /dev/null
+++ b/install/ubuntu/17.10/templates/dns/default.tpl
@@ -0,0 +1,18 @@
+ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='3' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns3%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='4' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns4%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='5' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns5%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='6' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns6%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='7' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns7%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='8' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns8%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='9' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='10' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='11' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='12' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='13' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='14' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='15' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='16' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='17' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='18' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%'
diff --git a/install/ubuntu/17.10/templates/dns/gmail.tpl b/install/ubuntu/17.10/templates/dns/gmail.tpl
new file mode 100755
index 00000000..219c9d24
--- /dev/null
+++ b/install/ubuntu/17.10/templates/dns/gmail.tpl
@@ -0,0 +1,12 @@
+ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='4' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='5' RECORD='localhost' TYPE='A' PRIORITY='' VALUE='127.0.0.1' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='7' RECORD='@' TYPE='MX' PRIORITY='1' VALUE='ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='8' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT1.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='9' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT2.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='10' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT3.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='11' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT4.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='12' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% include:_spf.google.com ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
diff --git a/install/ubuntu/17.10/templates/web/apache2/basedir.stpl b/install/ubuntu/17.10/templates/web/apache2/basedir.stpl
new file mode 100644
index 00000000..d978d4c4
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/apache2/basedir.stpl
@@ -0,0 +1,44 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %sdocroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+        SSLRequireSSL
+        Options +Includes -Indexes +ExecCGI
+        php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+        php_admin_value upload_tmp_dir %home%/%user%/tmp
+        php_admin_value session.save_path %home%/%user%/tmp
+        php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
+    
+    
+        AllowOverride All
+    
+    SSLEngine on
+    SSLVerifyClient none
+    SSLCertificateFile %ssl_crt%
+    SSLCertificateKeyFile %ssl_key%
+    %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+
+    
+        RMode config
+        RUidGid %user% %group%
+        RGroups www-data
+    
+    
+        AssignUserID %user% %group%
+    
+
+    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/17.10/templates/web/apache2/basedir.tpl b/install/ubuntu/17.10/templates/web/apache2/basedir.tpl
new file mode 100644
index 00000000..96c94a1b
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/apache2/basedir.tpl
@@ -0,0 +1,38 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %docroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+        php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+        php_admin_value upload_tmp_dir %home%/%user%/tmp
+        php_admin_value session.save_path %home%/%user%/tmp
+        php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
+    
+    
+        AllowOverride All
+    
+
+    
+        RMode config
+        RUidGid %user% %group%
+        RGroups www-data
+    
+    
+        AssignUserID %user% %group%
+    
+
+    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/17.10/templates/web/apache2/default.stpl b/install/ubuntu/17.10/templates/web/apache2/default.stpl
new file mode 100644
index 00000000..ec34c279
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/apache2/default.stpl
@@ -0,0 +1,43 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %sdocroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+        SSLRequireSSL
+        Options +Includes -Indexes +ExecCGI
+        php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
+        php_admin_value upload_tmp_dir %home%/%user%/tmp
+        php_admin_value session.save_path %home%/%user%/tmp
+    
+    
+        AllowOverride All
+    
+    SSLEngine on
+    SSLVerifyClient none
+    SSLCertificateFile %ssl_crt%
+    SSLCertificateKeyFile %ssl_key%
+    %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+
+    
+        RMode config
+        RUidGid %user% %group%
+        RGroups www-data
+    
+    
+        AssignUserID %user% %group%
+    
+
+    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/17.10/templates/web/apache2/default.tpl b/install/ubuntu/17.10/templates/web/apache2/default.tpl
new file mode 100644
index 00000000..3a227015
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/apache2/default.tpl
@@ -0,0 +1,37 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %docroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+        php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+        php_admin_value upload_tmp_dir %home%/%user%/tmp
+        php_admin_value session.save_path %home%/%user%/tmp
+    
+    
+        AllowOverride All
+    
+
+    
+        RMode config
+        RUidGid %user% %group%
+        RGroups www-data
+    
+    
+        AssignUserID %user% %group%
+    
+
+    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/17.10/templates/web/apache2/hosting.stpl b/install/ubuntu/17.10/templates/web/apache2/hosting.stpl
new file mode 100644
index 00000000..8892072b
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/apache2/hosting.stpl
@@ -0,0 +1,49 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %sdocroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+        SSLRequireSSL
+        Options +Includes -Indexes +ExecCGI
+        php_admin_value upload_max_filesize 10M
+        php_admin_value max_execution_time 20
+        php_admin_value post_max_size  8M
+        php_admin_value memory_limit 32M
+        php_admin_flag mysql.allow_persistent  off
+        php_admin_flag safe_mode off
+        php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
+        php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube
+        php_admin_value upload_tmp_dir %home%/%user%/tmp
+        php_admin_value session.save_path %home%/%user%/tmp
+    
+    
+        AllowOverride All
+    
+    SSLEngine on
+    SSLVerifyClient none
+    SSLCertificateFile %ssl_crt%
+    SSLCertificateKeyFile %ssl_key%
+    %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+    
+        RMode config
+        RUidGid %user% %group%
+        RGroups www-data
+    
+    
+        AssignUserID %user% %group%
+    
+
+    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/17.10/templates/web/apache2/hosting.tpl b/install/ubuntu/17.10/templates/web/apache2/hosting.tpl
new file mode 100644
index 00000000..1eb26910
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/apache2/hosting.tpl
@@ -0,0 +1,43 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %docroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+        php_admin_value upload_max_filesize 10M
+        php_admin_value max_execution_time 20
+        php_admin_value post_max_size  8M
+        php_admin_value memory_limit 32M
+        php_admin_flag mysql.allow_persistent  off
+        php_admin_flag safe_mode off
+        php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
+        php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube
+        php_admin_value upload_tmp_dir %home%/%user%/tmp
+        php_admin_value session.save_path %home%/%user%/tmp
+    
+    
+        AllowOverride All
+    
+    
+        RMode config
+        RUidGid %user% %group%
+        RGroups www-data
+    
+    
+        AssignUserID %user% %group%
+    
+
+    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/17.10/templates/web/apache2/phpcgi.sh b/install/ubuntu/17.10/templates/web/apache2/phpcgi.sh
new file mode 100755
index 00000000..6565e103
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/apache2/phpcgi.sh
@@ -0,0 +1,16 @@
+#!/bin/bash
+# Adding php wrapper
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+wrapper_script='#!/usr/bin/php-cgi -cphp5-cgi.ini'
+wrapper_file="$home_dir/$user/web/$domain/cgi-bin/php"
+
+echo "$wrapper_script" > $wrapper_file
+chown $user:$user $wrapper_file
+chmod -f 751 $wrapper_file
+
+exit 0
diff --git a/install/ubuntu/17.10/templates/web/apache2/phpcgi.stpl b/install/ubuntu/17.10/templates/web/apache2/phpcgi.stpl
new file mode 100644
index 00000000..731355bc
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/apache2/phpcgi.stpl
@@ -0,0 +1,38 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %sdocroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        SSLRequireSSL
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+        php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+        php_admin_value upload_tmp_dir %home%/%user%/tmp
+        php_admin_value session.save_path %home%/%user%/tmp
+        Action phpcgi-script /cgi-bin/php
+        
+            SetHandler phpcgi-script
+        
+    
+    
+        AllowOverride All
+    
+    SSLEngine on
+    SSLVerifyClient none
+    SSLCertificateFile %ssl_crt%
+    SSLCertificateKeyFile %ssl_key%
+    %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+
+    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/17.10/templates/web/apache2/phpcgi.tpl b/install/ubuntu/17.10/templates/web/apache2/phpcgi.tpl
new file mode 100644
index 00000000..c6796d29
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/apache2/phpcgi.tpl
@@ -0,0 +1,31 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %docroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+        php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+        php_admin_value upload_tmp_dir %home%/%user%/tmp
+        php_admin_value session.save_path %home%/%user%/tmp
+        Action phpcgi-script /cgi-bin/php
+        
+            SetHandler phpcgi-script
+        
+    
+    
+        AllowOverride All
+    
+    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/17.10/templates/web/apache2/phpfcgid.sh b/install/ubuntu/17.10/templates/web/apache2/phpfcgid.sh
new file mode 100755
index 00000000..e8058249
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/apache2/phpfcgid.sh
@@ -0,0 +1,22 @@
+#!/bin/bash
+# Adding php wrapper
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+wrapper_script="#!/bin/sh
+PHPRC=/usr/local/lib
+export PHPRC
+export PHP_FCGI_MAX_REQUESTS=1000
+export PHP_FCGI_CHILDREN=20
+exec  /usr/bin/php-cgi
+"
+wrapper_file="$home_dir/$user/web/$domain/cgi-bin/fcgi-starter"
+
+echo "$wrapper_script" > $wrapper_file
+chown $user:$user $wrapper_file
+chmod -f 751 $wrapper_file
+
+exit 0
diff --git a/install/ubuntu/17.10/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/17.10/templates/web/apache2/phpfcgid.stpl
new file mode 100644
index 00000000..156c8a91
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/apache2/phpfcgid.stpl
@@ -0,0 +1,39 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %sdocroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        SSLRequireSSL
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+        php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+        php_admin_value upload_tmp_dir %home%/%user%/tmp
+        php_admin_value session.save_path %home%/%user%/tmp
+        
+          SetHandler fcgid-script
+        
+        FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php
+    
+    
+        AllowOverride All
+    
+    php_admin_value open_basedir none
+    SSLEngine on
+    SSLVerifyClient none
+    SSLCertificateFile %ssl_crt%
+    SSLCertificateKeyFile %ssl_key%
+    %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+
+    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/17.10/templates/web/apache2/phpfcgid.tpl b/install/ubuntu/17.10/templates/web/apache2/phpfcgid.tpl
new file mode 100644
index 00000000..a4c01269
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/apache2/phpfcgid.tpl
@@ -0,0 +1,31 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %docroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+        php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+        php_admin_value upload_tmp_dir %home%/%user%/tmp
+        php_admin_value session.save_path %home%/%user%/tmp
+        
+          SetHandler fcgid-script
+        
+        FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php
+    
+    
+        AllowOverride All
+    
+    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/17.10/templates/web/awstats/awstats.tpl b/install/ubuntu/17.10/templates/web/awstats/awstats.tpl
new file mode 100755
index 00000000..9a92e0fd
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/awstats/awstats.tpl
@@ -0,0 +1,133 @@
+LogFile="/var/log/%web_system%/domains/%domain%.log"
+LogType=W
+LogFormat=1
+LogSeparator=" "
+SiteDomain="%domain_idn%"
+HostAliases="%alias_idn%"
+DirData="%home%/%user%/web/%domain%/stats"
+DirCgi="/vstats"
+DirIcons="/vstats/icon"
+AllowToUpdateStatsFromBrowser=0
+AllowFullYearView=2
+EnableLockForUpdate=1
+DNSStaticCacheFile="dnscache.txt"
+DNSLastUpdateCacheFile="dnscachelastupdate.txt"
+SkipDNSLookupFor=""
+AllowAccessFromWebToAuthenticatedUsersOnly=0
+AllowAccessFromWebToFollowingAuthenticatedUsers=""
+AllowAccessFromWebToFollowingIPAddresses=""
+CreateDirDataIfNotExists=0
+BuildHistoryFormat=text
+BuildReportFormat=html
+SaveDatabaseFilesWithPermissionsForEveryone=0
+PurgeLogFile=0
+ArchiveLogRecords=0
+KeepBackupOfHistoricFiles=1
+DefaultFile="index.php index.html"
+SkipHosts="127.0.0.1
+SkipUserAgents=""
+SkipFiles=""
+SkipReferrersBlackList=""
+OnlyHosts=""
+OnlyUserAgents=""
+OnlyUsers=""
+OnlyFiles=""
+NotPageList="css js class gif jpg jpeg png bmp ico rss xml swf"
+ValidHTTPCodes="200 304"
+ValidSMTPCodes="1 250"
+AuthenticatedUsersNotCaseSensitive=0
+URLNotCaseSensitive=0
+URLWithAnchor=0
+URLQuerySeparators="?;"
+URLWithQuery=0
+URLWithQueryWithOnlyFollowingParameters=""
+URLWithQueryWithoutFollowingParameters=""
+URLReferrerWithQuery=0
+WarningMessages=1
+ErrorMessages=""
+DebugMessages=0
+NbOfLinesForCorruptedLog=50
+WrapperScript=""
+DecodeUA=0
+MiscTrackerUrl="/js/awstats_misc_tracker.js"
+UseFramesWhenCGI=1
+DetailedReportsOnNewWindows=1
+Expires=3600
+MaxRowsInHTMLOutput=1000
+Lang="auto"
+DirLang="./lang"
+ShowMenu=1
+ShowSummary=UVPHB
+ShowMonthStats=UVPHB
+ShowDaysOfMonthStats=VPHB
+ShowDaysOfWeekStats=PHB
+ShowHoursStats=PHB
+ShowDomainsStats=PHB
+ShowHostsStats=PHBL
+ShowAuthenticatedUsers=0
+ShowRobotsStats=HBL
+ShowWormsStats=0
+ShowEMailSenders=0
+ShowEMailReceivers=0
+ShowSessionsStats=1
+ShowPagesStats=PBEX
+ShowFileTypesStats=HB
+ShowFileSizesStats=0
+ShowDownloadsStats=HB
+ShowOSStats=1
+ShowBrowsersStats=1
+ShowScreenSizeStats=0
+ShowOriginStats=PH
+ShowKeyphrasesStats=1
+ShowKeywordsStats=1
+ShowMiscStats=a
+ShowHTTPErrorsStats=1
+ShowSMTPErrorsStats=0
+ShowClusterStats=0
+AddDataArrayMonthStats=1
+AddDataArrayShowDaysOfMonthStats=1
+AddDataArrayShowDaysOfWeekStats=1
+AddDataArrayShowHoursStats=1
+IncludeInternalLinksInOriginSection=0
+MaxNbOfDomain = 10
+MinHitDomain  = 1
+MaxNbOfHostsShown = 10
+MinHitHost    = 1
+MaxNbOfLoginShown = 10
+MinHitLogin   = 1
+MaxNbOfRobotShown = 10
+MinHitRobot   = 1
+MaxNbOfDownloadsShown = 10
+MinHitDownloads = 1
+MaxNbOfPageShown = 10
+MinHitFile    = 1
+MaxNbOfOsShown = 10
+MinHitOs      = 1
+MaxNbOfBrowsersShown = 10
+MinHitBrowser = 1
+MaxNbOfScreenSizesShown = 5
+MinHitScreenSize = 1
+MaxNbOfWindowSizesShown = 5
+MinHitWindowSize = 1
+MaxNbOfRefererShown = 10
+MinHitRefer   = 1
+MaxNbOfKeyphrasesShown = 10
+MinHitKeyphrase = 1
+MaxNbOfKeywordsShown = 10
+MinHitKeyword = 1
+MaxNbOfEMailsShown = 20
+MinHitEMail   = 1
+FirstDayOfWeek=0
+ShowFlagLinks=""
+ShowLinksOnUrl=1
+UseHTTPSLinkForUrl=""
+MaxLengthOfShownURL=64
+HTMLHeadSection=""
+HTMLEndSection=""
+MetaRobot=0
+Logo="awstats_logo6.png"
+LogoLink="http://awstats.sourceforge.net"
+BarWidth   = 260
+BarHeight  = 90
+StyleSheet=""
+ExtraTrackedRowsLimit=500
diff --git a/install/ubuntu/17.10/templates/web/awstats/index.tpl b/install/ubuntu/17.10/templates/web/awstats/index.tpl
new file mode 100755
index 00000000..9df9bb5c
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/awstats/index.tpl
@@ -0,0 +1,10 @@
+
+
+    
+    Awstats log analyzer 
+
+
+    
+    
+
+
diff --git a/install/ubuntu/17.10/templates/web/awstats/nav.tpl b/install/ubuntu/17.10/templates/web/awstats/nav.tpl
new file mode 100755
index 00000000..f29bed68
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/awstats/nav.tpl
@@ -0,0 +1,23 @@
+
+
+    Awstats navigation
+    
+
+
+
+
+    
+    
+
+ 
+        
+    
+    
+
+
diff --git a/install/ubuntu/17.10/templates/web/nginx/caching.sh b/install/ubuntu/17.10/templates/web/nginx/caching.sh
new file mode 100755
index 00000000..09d8efe7
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/caching.sh
@@ -0,0 +1,19 @@
+#!/bin/bash
+
+user=$1
+domain=$2
+ip=$3
+home=$4
+docroot=$5
+
+str="proxy_cache_path /var/cache/nginx/$domain levels=2" 
+str="$str keys_zone=$domain:10m inactive=60m max_size=512m;" 
+conf='/etc/nginx/conf.d/01_caching_pool.conf'
+if [ -e "$conf" ]; then
+    if [ -z "$(grep "=${domain}:" $conf)" ]; then
+        echo "$str" >> $conf
+    fi
+else
+    echo "$str" >> $conf
+fi
+
diff --git a/install/ubuntu/17.10/templates/web/nginx/caching.stpl b/install/ubuntu/17.10/templates/web/nginx/caching.stpl
new file mode 100755
index 00000000..5e0e4064
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/caching.stpl
@@ -0,0 +1,44 @@
+server {
+    listen      %ip%:%proxy_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass https://%ip%:%web_ssl_port%;
+
+        proxy_cache cache;
+        proxy_cache_valid 15m;
+        proxy_cache_valid 404 1m;
+        proxy_no_cache $no_cache;
+        proxy_cache_bypass $no_cache;
+        proxy_cache_bypass $cookie_session $http_x_update;
+
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            proxy_cache    off;
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/caching.tpl b/install/ubuntu/17.10/templates/web/nginx/caching.tpl
new file mode 100755
index 00000000..36761b65
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/caching.tpl
@@ -0,0 +1,41 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      http://%ip%:%web_port%;
+
+        proxy_cache cache;
+        proxy_cache_valid 15m;
+        proxy_cache_valid 404 1m;
+        proxy_no_cache $no_cache;
+        proxy_cache_bypass $no_cache;
+        proxy_cache_bypass $cookie_session $http_x_update;
+
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            proxy_cache    off;
+            root           %docroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/default.stpl b/install/ubuntu/17.10/templates/web/nginx/default.stpl
new file mode 100755
index 00000000..fa538060
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/default.stpl
@@ -0,0 +1,36 @@
+server {
+    listen      %ip%:%proxy_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/install/ubuntu/17.10/templates/web/nginx/default.tpl b/install/ubuntu/17.10/templates/web/nginx/default.tpl
new file mode 100755
index 00000000..4d5c774b
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/default.tpl
@@ -0,0 +1,33 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %docroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
+
diff --git a/install/ubuntu/17.10/templates/web/nginx/hosting.sh b/install/ubuntu/17.10/templates/web/nginx/hosting.sh
new file mode 100755
index 00000000..eeed37ef
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/hosting.sh
@@ -0,0 +1,11 @@
+#!/bin/bash
+# Changing public_html permission
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+chmod 755 $docroot
+
+exit 0
diff --git a/install/ubuntu/17.10/templates/web/nginx/hosting.stpl b/install/ubuntu/17.10/templates/web/nginx/hosting.stpl
new file mode 100755
index 00000000..d778d633
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/hosting.stpl
@@ -0,0 +1,38 @@
+server {
+    listen      %ip%:%proxy_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/install/ubuntu/17.10/templates/web/nginx/hosting.tpl b/install/ubuntu/17.10/templates/web/nginx/hosting.tpl
new file mode 100755
index 00000000..15961c95
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/hosting.tpl
@@ -0,0 +1,35 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %docroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
+
diff --git a/install/ubuntu/17.10/templates/web/nginx/http2.stpl b/install/ubuntu/17.10/templates/web/nginx/http2.stpl
new file mode 100644
index 00000000..76dd2f8e
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/http2.stpl
@@ -0,0 +1,36 @@
+server {
+    listen      %ip%:%proxy_ssl_port% http2;
+    server_name %domain_idn% %alias_idn%;
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/httpd/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/httpd/domains/%domain%.log combined;
+            access_log     /var/log/httpd/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/install/ubuntu/17.10/templates/web/nginx/http2.tpl b/install/ubuntu/17.10/templates/web/nginx/http2.tpl
new file mode 100644
index 00000000..c1fec114
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/http2.tpl
@@ -0,0 +1,33 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/httpd/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %docroot%;
+            access_log     /var/log/httpd/domains/%domain%.log combined;
+            access_log     /var/log/httpd/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
+
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/cms_made_simple.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/cms_made_simple.stpl
new file mode 100644
index 00000000..d85bcce3
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/cms_made_simple.stpl
@@ -0,0 +1,56 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ /index.php?page=$request_uri;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/cms_made_simple.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/cms_made_simple.tpl
new file mode 100644
index 00000000..f9e90393
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/cms_made_simple.tpl
@@ -0,0 +1,52 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        try_files $uri $uri/ /index.php?page=$request_uri;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/codeigniter2.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/codeigniter2.stpl
new file mode 100644
index 00000000..9c24c3ea
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/codeigniter2.stpl
@@ -0,0 +1,61 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location = /index.php {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param  SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location ~ \.php$ {
+        return 444;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/codeigniter2.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/codeigniter2.tpl
new file mode 100644
index 00000000..d2422be2
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/codeigniter2.tpl
@@ -0,0 +1,57 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location = /index.php {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param  SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location ~ \.php$ {
+        return 444;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/codeigniter3.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/codeigniter3.stpl
new file mode 100644
index 00000000..d7186314
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/codeigniter3.stpl
@@ -0,0 +1,56 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/codeigniter3.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/codeigniter3.tpl
new file mode 100644
index 00000000..54f81b99
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/codeigniter3.tpl
@@ -0,0 +1,52 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/datalife_engine.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/datalife_engine.stpl
new file mode 100644
index 00000000..4f0b9ec7
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/datalife_engine.stpl
@@ -0,0 +1,127 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last;
+
+        rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last;
+        rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last;
+        rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last;
+        rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last;
+
+        rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last;
+        rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last;
+        rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last;
+        rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last;
+
+        rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last;
+        rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last;
+
+        rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last;
+        rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last;
+
+        rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last;
+        rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last;
+
+        rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last;
+        rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last;
+        rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last;
+        rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last;
+        rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last;
+        rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last;
+
+        rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last;
+        rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last;
+
+        rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last;
+        rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last;
+        rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last;
+
+        rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last;
+        rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last;
+
+        rewrite "^/favorites(/?)+$" /index.php?do=favorites last;
+        rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last;
+
+        rewrite "^/rules.html$" /index.php?do=rules last;
+        rewrite "^/statistics.html$" /index.php?do=stats last;
+        rewrite "^/addnews.html$" /index.php?do=addnews last;
+        rewrite "^/rss.xml$" /engine/rss.php last;
+        rewrite "^/sitemap.xml$" /uploads/sitemap.xml last;
+
+        if (!-d $request_filename) {
+                rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last;
+                rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last;
+        }
+
+        if (!-f $request_filename) {
+                rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last;
+                rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last;
+                rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last;
+        }
+
+        if (!-f $request_filename) {
+                rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/datalife_engine.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/datalife_engine.tpl
new file mode 100644
index 00000000..3ea45347
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/datalife_engine.tpl
@@ -0,0 +1,123 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last;
+
+        rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last;
+        rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last;
+        rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last;
+        rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last;
+
+        rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last;
+        rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last;
+        rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last;
+        rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last;
+
+        rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last;
+        rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last;
+
+        rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last;
+        rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last;
+
+        rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last;
+        rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last;
+
+        rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last;
+        rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last;
+        rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last;
+        rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last;
+        rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last;
+        rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last;
+
+        rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last;
+        rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last;
+
+        rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last;
+        rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last;
+        rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last;
+
+        rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last;
+        rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last;
+
+        rewrite "^/favorites(/?)+$" /index.php?do=favorites last;
+        rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last;
+
+        rewrite "^/rules.html$" /index.php?do=rules last;
+        rewrite "^/statistics.html$" /index.php?do=stats last;
+        rewrite "^/addnews.html$" /index.php?do=addnews last;
+        rewrite "^/rss.xml$" /engine/rss.php last;
+        rewrite "^/sitemap.xml$" /uploads/sitemap.xml last;
+
+        if (!-d $request_filename) {
+                rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last;
+                rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last;
+        }
+
+        if (!-f $request_filename) {
+                rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last;
+                rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last;
+                rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last;
+        }
+
+        if (!-f $request_filename) {
+                rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/default.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/default.stpl
new file mode 100644
index 00000000..5cb55311
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/default.stpl
@@ -0,0 +1,55 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/default.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/default.tpl
new file mode 100644
index 00000000..a8909efb
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/default.tpl
@@ -0,0 +1,51 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/dokuwiki.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/dokuwiki.stpl
new file mode 100644
index 00000000..f85032ba
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/dokuwiki.stpl
@@ -0,0 +1,72 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        index doku.php;
+        try_files $uri $uri/ @dokuwiki;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location ~ ^/lib.*\.(gif|png|ico|jpg)$ {
+        expires 30d;
+    }
+
+    location ^~ /conf/ { return 403; }
+    location ^~ /data/ { return 403; }
+
+    location @dokuwiki {
+        rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last;
+        rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last;
+        rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last;
+        rewrite ^/(.*) /doku.php?id=$1 last;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/dokuwiki.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/dokuwiki.tpl
new file mode 100644
index 00000000..0a9a75ed
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/dokuwiki.tpl
@@ -0,0 +1,67 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        index doku.php;
+        try_files $uri $uri/ @dokuwiki;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location ~ ^/lib.*\.(gif|png|ico|jpg)$ {
+        expires 30d;
+    }
+
+    location ^~ /conf/ { return 403; }
+    location ^~ /data/ { return 403; }
+    location @dokuwiki {
+        rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last;
+        rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last;
+        rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last;
+        rewrite ^/(.*) /doku.php?id=$1 last;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal6.stpl
new file mode 100644
index 00000000..91a70936
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal6.stpl
@@ -0,0 +1,101 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+    }
+
+    # No no for private
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    # Block access to "hidden" files and directories whose names begin with a
+    # period. This includes directories used by version control systems such
+    # as Subversion or Git to store control files.
+    location ~ (^|/)\. {
+            return 403;
+        }
+
+    location / {
+        try_files $uri @rewrite;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $request_filename;
+            fastcgi_intercept_errors on;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location @rewrite {
+        # For Drupal 6 and bwlow:
+        # Some modules enforce no slash (/) at the end of the URL
+        # Else this rewrite block wouldn't be needed (GlobalRedirect)
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
+    location ~ ^/sites/.*/files/styles/ {
+        try_files $uri @rewrite;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal6.tpl
new file mode 100644
index 00000000..ac32dcd9
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal6.tpl
@@ -0,0 +1,98 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    # Very rarely should these ever be accessed outside of your lan
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+        }
+
+    # No no for private
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    # Block access to "hidden" files and directories whose names begin with a
+    # period. This includes directories used by version control systems such
+    # as Subversion or Git to store control files.
+    location ~ (^|/)\. {
+        return 403;
+    }
+
+    location / {
+        try_files $uri @rewrite;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $request_filename;
+            fastcgi_intercept_errors on;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location @rewrite {
+        # For Drupal 6 and bwlow:
+        # Some modules enforce no slash (/) at the end of the URL
+        # Else this rewrite block wouldn't be needed (GlobalRedirect)
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
+    location ~ ^/sites/.*/files/styles/ {
+        try_files $uri @rewrite;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.stpl
new file mode 100644
index 00000000..3b9dabf5
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.stpl
@@ -0,0 +1,101 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+    }
+
+    # No no for private
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    # Block access to "hidden" files and directories whose names begin with a
+    # period. This includes directories used by version control systems such
+    # as Subversion or Git to store control files.
+    location ~ (^|/)\. {
+            return 403;
+        }
+
+    location / {
+        try_files $uri @rewrite;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $request_filename;
+            fastcgi_intercept_errors on;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location @rewrite {
+        # You have 2 options here
+        # For D7 and above:
+        # Clean URLs are handled in drupal_environment_initialize().
+        rewrite ^ /index.php;
+    }
+
+    location ~ ^/sites/.*/files/styles/ {
+        try_files $uri @rewrite;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.tpl
new file mode 100644
index 00000000..1b979475
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.tpl
@@ -0,0 +1,98 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    # Very rarely should these ever be accessed outside of your lan
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+        }
+
+    # No no for private
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    # Block access to "hidden" files and directories whose names begin with a
+    # period. This includes directories used by version control systems such
+    # as Subversion or Git to store control files.
+    location ~ (^|/)\. {
+        return 403;
+    }
+
+    location / {
+        try_files $uri @rewrite;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $request_filename;
+            fastcgi_intercept_errors on;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location @rewrite {
+        # You have 2 options here
+        # For D7 and above:
+        # Clean URLs are handled in drupal_environment_initialize().
+        rewrite ^ /index.php;
+    }
+
+    location ~ ^/sites/.*/files/styles/ {
+        try_files $uri @rewrite;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.stpl
new file mode 100644
index 00000000..50d85b68
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.stpl
@@ -0,0 +1,102 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+    }
+
+    # No no for private
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    # Block access to "hidden" files and directories whose names begin with a
+    # period. This includes directories used by version control systems such
+    # as Subversion or Git to store control files.
+    location ~ (^|/)\. {
+            return 403;
+        }
+
+    location / {
+        try_files $uri @rewrite;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$)|^/update.php {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $request_filename;
+            fastcgi_intercept_errors on;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location @rewrite {
+        # You have 2 options here
+        # For D7 and above:
+        # Clean URLs are handled in drupal_environment_initialize().
+        rewrite ^ /index.php;
+    }
+
+    location ~ ^/sites/.*/files/styles/ {
+        try_files $uri @rewrite;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.tpl
new file mode 100644
index 00000000..71b538bf
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.tpl
@@ -0,0 +1,99 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    # Very rarely should these ever be accessed outside of your lan
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+        }
+
+    # No no for private
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    # Block access to "hidden" files and directories whose names begin with a
+    # period. This includes directories used by version control systems such
+    # as Subversion or Git to store control files.
+    location ~ (^|/)\. {
+        return 403;
+    }
+
+    location / {
+        try_files $uri @rewrite;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$)|^/update.php {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $request_filename;
+            fastcgi_intercept_errors on;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location @rewrite {
+        # You have 2 options here
+        # For D7 and above:
+        # Clean URLs are handled in drupal_environment_initialize().
+        rewrite ^ /index.php;
+    }
+
+    location ~ ^/sites/.*/files/styles/ {
+        try_files $uri @rewrite;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/joomla.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/joomla.stpl
new file mode 100644
index 00000000..704405f3
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/joomla.stpl
@@ -0,0 +1,63 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        # deny running scripts inside writable directories
+        location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ {
+            return 403;
+            error_page 403 /403_error.html;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/joomla.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/joomla.tpl
new file mode 100644
index 00000000..91b7a8f1
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/joomla.tpl
@@ -0,0 +1,59 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        # deny running scripts inside writable directories
+        location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ {
+            return 403;
+            error_page 403 /403_error.html;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/laravel.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/laravel.stpl
new file mode 100644
index 00000000..477f6f01
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/laravel.stpl
@@ -0,0 +1,56 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%/public;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    
+    location / {
+        try_files $uri $uri/ /index.php?$query_string;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/laravel.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/laravel.tpl
new file mode 100644
index 00000000..d14b0173
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/laravel.tpl
@@ -0,0 +1,50 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%/public;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+    location / {
+        try_files $uri $uri/ /index.php?$query_string;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/magento.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/magento.stpl
new file mode 100644
index 00000000..fdab43aa
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/magento.stpl
@@ -0,0 +1,198 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+
+    root        %sdocroot%/pub;
+    index       index.php;
+    autoindex   off;
+    charset     UTF-8;
+    error_page  404 403 = /errors/404.php;
+    add_header  "X-UA-Compatible" "IE=Edge";
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    # PHP entry point for setup application
+    location ~* ^/setup($|/) {
+        root %sdocroot%;
+
+        location ~ ^/setup/index.php {
+            fastcgi_pass   %backend_lsnr%;
+            fastcgi_index  index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            include        /etc/nginx/fastcgi_params;
+        }
+
+        location ~ ^/setup/(?!pub/). {
+            deny all;
+        }
+
+        location ~ ^/setup/pub/ {
+            add_header X-Frame-Options "SAMEORIGIN";
+        }
+    }
+
+    # PHP entry point for update application
+    location ~* ^/update($|/) {
+        root %sdocroot%;
+
+        location ~ ^/update/index.php {
+            fastcgi_split_path_info ^(/update/index.php)(/.+)$;
+            fastcgi_pass   %backend_lsnr%;
+            fastcgi_index  index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            fastcgi_param  PATH_INFO        $fastcgi_path_info;
+            include        /etc/nginx/fastcgi_params;
+        }
+
+        # Deny everything but index.php
+        location ~ ^/update/(?!pub/). {
+            deny all;
+        }
+
+        location ~ ^/update/pub/ {
+            add_header X-Frame-Options "SAMEORIGIN";
+        }
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+    }
+
+    location /pub/ {
+        location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) {
+            deny all;
+        }
+
+        alias %sdocroot%/pub/;
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /static/ {
+        # Uncomment the following line in production mode
+        # expires max;
+
+        # Remove signature of the static files that is used to overcome the browser cache
+        location ~ ^/static/version {
+            rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last;
+        }
+
+        location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+            add_header Cache-Control "public";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires +1y;
+
+            if (!-f $request_filename) {
+                rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+            }
+        }
+
+        location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+            add_header Cache-Control "no-store";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires    off;
+
+            if (!-f $request_filename) {
+                rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+            }
+        }
+
+        if (!-f $request_filename) {
+            rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+        }
+
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /media/ {
+        try_files $uri $uri/ /get.php?$args;
+
+        location ~ ^/media/theme_customization/.*\.xml {
+            deny all;
+        }
+
+        location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+            add_header Cache-Control "public";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires +1y;
+            try_files $uri $uri/ /get.php?$args;
+        }
+
+        location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+            add_header Cache-Control "no-store";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires    off;
+            try_files $uri $uri/ /get.php?$args;
+        }
+
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /media/customer/ {
+        deny all;
+    }
+
+    location /media/downloadable/ {
+        deny all;
+    }
+
+    location /media/import/ {
+        deny all;
+    }
+
+    # PHP entry point for main application
+    location ~ (index|get|static|report|404|503)\.php$ {
+        try_files $uri =404;
+
+        fastcgi_pass   %backend_lsnr%;
+        fastcgi_buffers 1024 4k;
+        fastcgi_read_timeout 600s;
+        fastcgi_connect_timeout 600s;
+
+        fastcgi_index  index.php;
+        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+        include        /etc/nginx/fastcgi_params;
+    }
+
+    gzip on;
+    gzip_disable "msie6";
+
+    gzip_comp_level 6;
+    gzip_min_length 1100;
+    gzip_buffers 16 8k;
+    gzip_proxied any;
+    gzip_types
+        text/plain
+        text/css
+        text/js
+        text/xml
+        text/javascript
+        application/javascript
+        application/x-javascript
+        application/json
+        application/xml
+        application/xml+rss
+        image/svg+xml;
+    gzip_vary on;
+
+    # Banned locations (only reached if the earlier PHP entry point regexes don't match)
+    location ~* (\.php$|\.htaccess$|\.git) {
+        deny all;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/magento.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/magento.tpl
new file mode 100644
index 00000000..3f292fff
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/magento.tpl
@@ -0,0 +1,194 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+
+    root        %docroot%/pub;
+    index       index.php;
+    autoindex   off;
+    charset     UTF-8;
+    error_page  404 403 = /errors/404.php;
+    add_header  "X-UA-Compatible" "IE=Edge";
+
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    # PHP entry point for setup application
+    location ~* ^/setup($|/) {
+        root %docroot%;
+
+        location ~ ^/setup/index.php {
+            fastcgi_pass   %backend_lsnr%;
+            fastcgi_index  index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            include        /etc/nginx/fastcgi_params;
+        }
+
+        location ~ ^/setup/(?!pub/). {
+            deny all;
+        }
+
+        location ~ ^/setup/pub/ {
+            add_header X-Frame-Options "SAMEORIGIN";
+        }
+    }
+
+    # PHP entry point for update application
+    location ~* ^/update($|/) {
+        root %docroot%;
+
+        location ~ ^/update/index.php {
+            fastcgi_split_path_info ^(/update/index.php)(/.+)$;
+            fastcgi_pass   %backend_lsnr%;
+            fastcgi_index  index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            fastcgi_param  PATH_INFO        $fastcgi_path_info;
+            include        /etc/nginx/fastcgi_params;
+        }
+
+        # Deny everything but index.php
+        location ~ ^/update/(?!pub/). {
+            deny all;
+        }
+
+        location ~ ^/update/pub/ {
+            add_header X-Frame-Options "SAMEORIGIN";
+        }
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+    }
+
+    location /pub/ {
+        location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) {
+            deny all;
+        }
+
+        alias %docroot%/pub/;
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /static/ {
+        # Uncomment the following line in production mode
+        # expires max;
+
+        # Remove signature of the static files that is used to overcome the browser cache
+        location ~ ^/static/version {
+            rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last;
+        }
+
+        location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+            add_header Cache-Control "public";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires +1y;
+
+            if (!-f $request_filename) {
+                rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+            }
+        }
+
+        location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+            add_header Cache-Control "no-store";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires    off;
+
+            if (!-f $request_filename) {
+                rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+            }
+        }
+
+        if (!-f $request_filename) {
+            rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+        }
+
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /media/ {
+        try_files $uri $uri/ /get.php?$args;
+
+        location ~ ^/media/theme_customization/.*\.xml {
+            deny all;
+        }
+
+        location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+            add_header Cache-Control "public";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires +1y;
+            try_files $uri $uri/ /get.php?$args;
+        }
+
+        location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+            add_header Cache-Control "no-store";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires    off;
+            try_files $uri $uri/ /get.php?$args;
+        }
+
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /media/customer/ {
+        deny all;
+    }
+
+    location /media/downloadable/ {
+        deny all;
+    }
+
+    location /media/import/ {
+        deny all;
+    }
+
+    # PHP entry point for main application
+    location ~ (index|get|static|report|404|503)\.php$ {
+        try_files $uri =404;
+
+        fastcgi_pass   %backend_lsnr%;
+        fastcgi_buffers 1024 4k;
+        fastcgi_read_timeout 600s;
+        fastcgi_connect_timeout 600s;
+
+        fastcgi_index  index.php;
+        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+        include        /etc/nginx/fastcgi_params;
+    }
+
+    gzip on;
+    gzip_disable "msie6";
+
+    gzip_comp_level 6;
+    gzip_min_length 1100;
+    gzip_buffers 16 8k;
+    gzip_proxied any;
+    gzip_types
+        text/plain
+        text/css
+        text/js
+        text/xml
+        text/javascript
+        application/javascript
+        application/x-javascript
+        application/json
+        application/xml
+        application/xml+rss
+        image/svg+xml;
+    gzip_vary on;
+
+    # Banned locations (only reached if the earlier PHP entry point regexes don't match)
+    location ~* (\.php$|\.htaccess$|\.git) {
+        deny all;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/modx.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/modx.stpl
new file mode 100644
index 00000000..f410ab77
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/modx.stpl
@@ -0,0 +1,69 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+#   if you need to rewrite www to non-www uncomment bellow
+#   if ($host != '%domain%' ) {
+#       rewrite      ^/(.*)$  https://%domain%/$1  permanent;
+#    }
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ @rewrite;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+    }
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
+    location ~ \.php$ {
+        try_files $uri =404;
+        fastcgi_pass %backend_lsnr%;
+        fastcgi_index index.php;
+        fastcgi_param SCRIPT_FILENAME $request_filename;
+        include /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/modx.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/modx.tpl
new file mode 100644
index 00000000..342d3ecf
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/modx.tpl
@@ -0,0 +1,65 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+#   if you need to rewrite www to non-www uncomment bellow
+#   if ($host != '%domain%' ) {
+#       rewrite      ^/(.*)$  http://%domain%/$1  permanent;
+#    }
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ @rewrite;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+    }
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
+    location ~ \.php$ {
+        try_files $uri =404;
+        fastcgi_pass %backend_lsnr%;
+        fastcgi_index index.php;
+        fastcgi_param SCRIPT_FILENAME $request_filename;
+        include /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/moodle.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/moodle.stpl
new file mode 100644
index 00000000..f15a68c5
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/moodle.stpl
@@ -0,0 +1,90 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+    }
+
+    # No no for private
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    # Block access to "hidden" files and directories whose names begin with a
+    # period. This includes directories used by version control systems such
+    # as Subversion or Git to store control files.
+    location ~ (^|/)\. {
+            return 403;
+        }
+
+    location / {
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $request_filename;
+            fastcgi_intercept_errors on;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/moodle.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/moodle.tpl
new file mode 100644
index 00000000..c20ba648
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/moodle.tpl
@@ -0,0 +1,87 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    # Very rarely should these ever be accessed outside of your lan
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+        }
+
+    # No no for private
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    # Block access to "hidden" files and directories whose names begin with a
+    # period. This includes directories used by version control systems such
+    # as Subversion or Git to store control files.
+    location ~ (^|/)\. {
+        return 403;
+    }
+
+    location / {
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $request_filename;
+            fastcgi_intercept_errors on;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/no-php.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/no-php.stpl
new file mode 100644
index 00000000..bc8b53a3
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/no-php.stpl
@@ -0,0 +1,47 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    types {
+            text/html   html htm shtml php php5;
+    }
+
+    location / {
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/no-php.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/no-php.tpl
new file mode 100644
index 00000000..7ff8aa1d
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/no-php.tpl
@@ -0,0 +1,43 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    types {
+            text/html   html htm shtml php php5;
+    }
+
+    location / {
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/odoo.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/odoo.stpl
new file mode 100644
index 00000000..d6697d7a
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/odoo.stpl
@@ -0,0 +1,70 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
+    proxy_redirect          off;
+
+    proxy_set_header X-Forwarded-Host $host;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_set_header X-Real-IP $remote_addr;
+
+    proxy_connect_timeout   720;
+    proxy_send_timeout      720;
+    proxy_read_timeout      720;
+    send_timeout            720;
+
+    # Allow "Well-Known URIs" as per RFC 5785
+    location ~* ^/.well-known/ {
+        allow all;
+    }
+
+    location / {
+        proxy_pass http://127.0.0.1:8069;
+    }
+
+    location /longpolling {
+        proxy_pass http://127.0.0.1:8072;
+    }
+    
+    location ~* /web/static/ {
+        proxy_cache_valid 200 60m;
+        proxy_buffering on;
+        expires 864000;
+        proxy_pass http://127.0.0.1:8069;
+    }
+    
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/odoo.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/odoo.tpl
new file mode 100644
index 00000000..b1240aae
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/odoo.tpl
@@ -0,0 +1,66 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+    
+    proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
+    proxy_redirect          off;
+
+    proxy_set_header X-Forwarded-Host $host;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_set_header X-Real-IP $remote_addr;
+
+    proxy_connect_timeout   720;
+    proxy_send_timeout      720;
+    proxy_read_timeout      720;
+    send_timeout            720;
+
+    # Allow "Well-Known URIs" as per RFC 5785
+    location ~* ^/.well-known/ {
+        allow all;
+    }
+
+    location / {
+        proxy_pass http://127.0.0.1:8069;
+    }
+
+    location /longpolling {
+        proxy_pass http://127.0.0.1:8072;
+    }
+    
+    location ~* /web/static/ {
+        proxy_cache_valid 200 60m;
+        proxy_buffering on;
+        expires 864000;
+        proxy_pass http://127.0.0.1:8069;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/opencart.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/opencart.stpl
new file mode 100644
index 00000000..908b9aeb
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/opencart.stpl
@@ -0,0 +1,59 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ @opencart;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location @opencart {
+        rewrite ^/(.+)$ /index.php?_route_=$1 last;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/opencart.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/opencart.tpl
new file mode 100644
index 00000000..d0a9060b
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/opencart.tpl
@@ -0,0 +1,54 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+    location / {
+        try_files $uri $uri/ @opencart;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location @opencart {
+        rewrite ^/(.+)$ /index.php?_route_=$1 last;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/owncloud.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/owncloud.stpl
new file mode 100644
index 00000000..891566b9
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/owncloud.stpl
@@ -0,0 +1,85 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
+    rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
+    rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
+
+    error_page 403 = /core/templates/403.php;
+    error_page 404 = /core/templates/404.php;
+
+    location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){
+        deny all;
+    }
+
+    location / {
+        # The following 2 rules are only needed with webfinger
+        rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
+        rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
+        rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
+        rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
+        rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
+        try_files $uri $uri/ /index.php;
+
+        location ~ \.php(?:$|/) {
+            fastcgi_split_path_info ^(.+\.php)(/.+)$;
+            include         /etc/nginx/fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_param PATH_INFO $fastcgi_path_info;
+            #fastcgi_param HTTPS on;
+            fastcgi_pass    %backend_lsnr%;
+        }
+    }
+
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        expires     max;
+        # Some basic cache-control for static files to be sent to the browser
+        add_header Pragma public;
+        add_header Cache-Control "public, must-revalidate, proxy-revalidate";
+    }
+
+    #error_page  403 /error/404.html;
+    #error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/owncloud.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/owncloud.tpl
new file mode 100644
index 00000000..e3ec31de
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/owncloud.tpl
@@ -0,0 +1,81 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+            access_log off;
+    }
+
+    rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
+    rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
+    rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
+
+    error_page 403 = /core/templates/403.php;
+    error_page 404 = /core/templates/404.php;
+
+    location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){
+        deny all;
+    }
+
+    location / {
+        # The following 2 rules are only needed with webfinger
+        rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
+        rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
+        rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
+        rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
+        rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
+        try_files $uri $uri/ /index.php;
+
+        location ~ \.php(?:$|/) {
+            fastcgi_split_path_info ^(.+\.php)(/.+)$;
+            include         /etc/nginx/fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_param PATH_INFO $fastcgi_path_info;
+            #fastcgi_param HTTPS on;
+            fastcgi_pass    %backend_lsnr%;
+        }
+    }
+
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        expires     max;
+        # Some basic cache-control for static files to be sent to the browser
+        add_header Pragma public;
+        add_header Cache-Control "public, must-revalidate, proxy-revalidate";
+    }
+
+    #error_page  403 /error/404.html;
+    #error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/piwik.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/piwik.stpl
new file mode 100644
index 00000000..78c1bb78
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/piwik.stpl
@@ -0,0 +1,73 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        try_files /favicon.ico =204;
+    }
+
+    location / {
+        try_files $uri /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            valid_referers none blocked %domain_idn% %alias_idn%;
+            if ($invalid_referer)  {
+                return 444;
+            }
+            expires     max;
+        }
+
+        location ~* ^/(?:index|piwik)\.php$ {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return 404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    # Any other attempt to access PHP files returns a 404.
+    location ~* ^.+\.php$ {
+        return 404; 
+    }
+
+    # Return a 404 for all text files.
+    location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ {
+            return 404;
+        }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/piwik.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/piwik.tpl
new file mode 100644
index 00000000..f94fb7de
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/piwik.tpl
@@ -0,0 +1,69 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        try_files /favicon.ico =204;
+    }
+
+    location / {
+        try_files $uri /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            valid_referers none blocked %domain_idn% %alias_idn%;
+            if ($invalid_referer)  {
+                return 444;
+            }
+            expires     max;
+        }
+
+        location ~* ^/(?:index|piwik)\.php$ {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return 404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    # Any other attempt to access PHP files returns a 404.
+    location ~* ^.+\.php$ {
+            return 404; 
+    }
+
+    # Return a 404 for all text files.
+    location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ {
+            return 404;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/pyrocms.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/pyrocms.stpl
new file mode 100644
index 00000000..5ffc9ed5
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/pyrocms.stpl
@@ -0,0 +1,66 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%/public;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location /installer {
+            try_files $uri $uri/ /installer/index.php?$query_string;
+        }
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location = /robots.txt  { access_log off; log_not_found off; }
+    location = /favicon.ico { access_log off; log_not_found off; }
+    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ ~$           { access_log off; log_not_found off; deny all; }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/pyrocms.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/pyrocms.tpl
new file mode 100644
index 00000000..297fe0e8
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/pyrocms.tpl
@@ -0,0 +1,62 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%/public;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location /installer {
+            try_files $uri $uri/ /installer/index.php?$query_string;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location = /robots.txt  { access_log off; log_not_found off; }
+    location = /favicon.ico { access_log off; log_not_found off; }
+    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ ~$           { access_log off; log_not_found off; deny all; }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/sendy.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/sendy.stpl
new file mode 100644
index 00000000..0b351000
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/sendy.stpl
@@ -0,0 +1,88 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+     location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" {
+        deny all;
+    }
+
+    location ~ /(readme.html|license.txt) {
+        deny all;
+    }
+
+    if (!-f $request_filename){
+        rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+        location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ {
+            expires 1d;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            try_files $uri =404;
+            fastcgi_pass %backend_lsnr%;
+            fastcgi_index index.php;
+            include /etc/nginx/fastcgi_params;
+        }
+
+        location /l/ {
+            rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last;
+        }
+
+        location /t/ {
+            rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last;
+        }
+
+        location /w/ {
+            rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last;
+        }
+
+        location /unsubscribe/ {
+            rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last;
+        }
+
+        location /subscribe/ {
+            rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/sendy.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/sendy.tpl
new file mode 100644
index 00000000..b27b427d
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/sendy.tpl
@@ -0,0 +1,86 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" {
+        deny all;
+    }
+
+    location ~ /(readme.html|license.txt) {
+        deny all;
+    }
+
+    if (!-f $request_filename){
+        rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+        location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ {
+            expires 1d;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            try_files $uri =404;
+            fastcgi_pass %backend_lsnr%;
+            fastcgi_index index.php;
+            include /etc/nginx/fastcgi_params;
+        }
+
+        location /l/ {
+            rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last;
+        }
+
+        location /t/ {
+            rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last;
+        }
+
+        location /w/ {
+            rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last;
+        }
+
+        location /unsubscribe/ {
+            rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last;
+        }
+
+        location /subscribe/ {
+            rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress.stpl
new file mode 100644
index 00000000..5cb55311
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress.stpl
@@ -0,0 +1,55 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress.tpl
new file mode 100644
index 00000000..a8909efb
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress.tpl
@@ -0,0 +1,51 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress2.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress2.stpl
new file mode 100644
index 00000000..e0aeb524
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress2.stpl
@@ -0,0 +1,67 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress2.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress2.tpl
new file mode 100644
index 00000000..bccb8b3d
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress2.tpl
@@ -0,0 +1,63 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl
new file mode 100644
index 00000000..0d933b30
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl
@@ -0,0 +1,72 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        if (!-e $request_filename)
+        {
+            rewrite ^(.+)$ /index.php?q=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain_idn%.conf*;
+} 
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl
new file mode 100644
index 00000000..39e366b7
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl
@@ -0,0 +1,67 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+        
+        if (!-e $request_filename)
+        {
+            rewrite ^(.+)$ /index.php?q=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain_idn%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/proxy_ip.tpl b/install/ubuntu/17.10/templates/web/nginx/proxy_ip.tpl
new file mode 100755
index 00000000..ae195617
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/proxy_ip.tpl
@@ -0,0 +1,9 @@
+server {
+    listen       %ip%:%proxy_port% default;
+    server_name  _;
+    #access_log  /var/log/nginx/%ip%.log main;
+    location / {
+        proxy_pass  http://%ip%:%web_port%;
+   }
+}
+
diff --git a/install/ubuntu/17.10/templates/web/php-fpm/default.tpl b/install/ubuntu/17.10/templates/web/php-fpm/default.tpl
new file mode 100644
index 00000000..209e1e43
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/php-fpm/default.tpl
@@ -0,0 +1,21 @@
+[%backend%]
+listen = 127.0.0.1:%backend_port%
+listen.allowed_clients = 127.0.0.1
+
+user = %user%
+group = %user%
+
+pm = ondemand
+pm.max_children = 4
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/%user%/tmp
+php_admin_value[session.save_path] = /home/%user%/tmp
+
+env[HOSTNAME] = $HOSTNAME
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/%user%/tmp
+env[TMPDIR] = /home/%user%/tmp
+env[TEMP] = /home/%user%/tmp
diff --git a/install/ubuntu/17.10/templates/web/php-fpm/no-php.tpl b/install/ubuntu/17.10/templates/web/php-fpm/no-php.tpl
new file mode 100644
index 00000000..047c33ed
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/php-fpm/no-php.tpl
@@ -0,0 +1,20 @@
+;[%backend%]
+;listen = /dev/null
+
+;user = %user%
+;group = %user%
+
+;listen.owner = %user%
+;listen.group = www-data
+
+;pm = ondemand
+;pm.max_children = 4
+;pm.max_requests = 4000
+;pm.process_idle_timeout = 10s
+;pm.status_path = /status
+
+;env[HOSTNAME] = $HOSTNAME
+;env[PATH] = /usr/local/bin:/usr/bin:/bin
+;env[TMP] = /home/%user%/tmp
+;env[TMPDIR] = /home/%user%/tmp
+;env[TEMP] = /home/%user%/tmp
diff --git a/install/ubuntu/17.10/templates/web/php-fpm/socket.tpl b/install/ubuntu/17.10/templates/web/php-fpm/socket.tpl
new file mode 100644
index 00000000..a0151084
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/php-fpm/socket.tpl
@@ -0,0 +1,24 @@
+[%backend%]
+listen = /var/run/php/%backend%.sock
+listen.allowed_clients = 127.0.0.1
+
+user = %user%
+group = %user%
+
+listen.owner = %user%
+listen.group = www-data
+
+pm = ondemand
+pm.max_children = 4
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/%user%/tmp
+php_admin_value[session.save_path] = /home/%user%/tmp
+
+env[HOSTNAME] = $HOSTNAME
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/%user%/tmp
+env[TMPDIR] = /home/%user%/tmp
+env[TEMP] = /home/%user%/tmp
diff --git a/install/ubuntu/17.10/templates/web/skel/document_errors/403.html b/install/ubuntu/17.10/templates/web/skel/document_errors/403.html
new file mode 100755
index 00000000..9c3f6baa
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/skel/document_errors/403.html
@@ -0,0 +1,29 @@
+
+
+    403 — Forbidden
+    
+    
+    
+
+
+
+    %domain%
+
+    403
+    Forbidden
+    
+        Unfortunately, you do not have permission to view this
+    
+
+
+
diff --git a/install/ubuntu/17.10/templates/web/skel/document_errors/404.html b/install/ubuntu/17.10/templates/web/skel/document_errors/404.html
new file mode 100755
index 00000000..2cee7708
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/skel/document_errors/404.html
@@ -0,0 +1,28 @@
+
+
+    404 — Not Found
+    
+    
+    
+
+
+
+    %domain%
+    404
+    Page Not Found
+    
+        It seems that the page you were trying to reach does not exist anymore, or maybe it has just moved.
+        You can start again from the home or go back to previous page.
+    
+
+
diff --git a/install/ubuntu/17.10/templates/web/skel/document_errors/50x.html b/install/ubuntu/17.10/templates/web/skel/document_errors/50x.html
new file mode 100755
index 00000000..85ba648b
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/skel/document_errors/50x.html
@@ -0,0 +1,29 @@
+
+
+    500 — Internal Sever Error
+    
+    
+    
+
+
+
+    %domain%
+
+    500
+    Internal Server Error
+    
+        Sorry, something went wrong :(
+    
+
+
+
diff --git a/install/ubuntu/17.10/templates/web/skel/public_html/index.html b/install/ubuntu/17.10/templates/web/skel/public_html/index.html
new file mode 100755
index 00000000..4f5bb724
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/skel/public_html/index.html
@@ -0,0 +1,26 @@
+
+
+    %domain% — Coming Soon
+    
+    
+    
+
+
+
+    %domain%
+    
+        Powered by VESTA
+    
+
+
+
+
diff --git a/install/ubuntu/17.10/templates/web/skel/public_html/robots.txt b/install/ubuntu/17.10/templates/web/skel/public_html/robots.txt
new file mode 100755
index 00000000..00ee83dc
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/skel/public_html/robots.txt
@@ -0,0 +1,3 @@
+# vestacp autogenerated robots.txt
+User-agent: *
+Crawl-delay: 10
diff --git a/install/ubuntu/17.10/templates/web/skel/public_shtml/index.html b/install/ubuntu/17.10/templates/web/skel/public_shtml/index.html
new file mode 100755
index 00000000..4f5bb724
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/skel/public_shtml/index.html
@@ -0,0 +1,26 @@
+
+
+    %domain% — Coming Soon
+    
+    
+    
+
+
+
+    %domain%
+    
+        Powered by VESTA
+    
+
+
+
+
diff --git a/install/ubuntu/17.10/templates/web/skel/public_shtml/robots.txt b/install/ubuntu/17.10/templates/web/skel/public_shtml/robots.txt
new file mode 100755
index 00000000..00ee83dc
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/skel/public_shtml/robots.txt
@@ -0,0 +1,3 @@
+# vestacp autogenerated robots.txt
+User-agent: *
+Crawl-delay: 10
diff --git a/install/ubuntu/17.10/templates/web/suspend/.htaccess b/install/ubuntu/17.10/templates/web/suspend/.htaccess
new file mode 100755
index 00000000..5a6df83f
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/suspend/.htaccess
@@ -0,0 +1,2 @@
+ErrorDocument 403 /index.html
+ErrorDocument 404 /index.html
diff --git a/install/ubuntu/17.10/templates/web/suspend/index.html b/install/ubuntu/17.10/templates/web/suspend/index.html
new file mode 100755
index 00000000..f2d04e1f
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/suspend/index.html
@@ -0,0 +1,25 @@
+
+
+    Website Suspended
+    
+    
+    
+
+
+    SUSPENDED
+    This website has been suspended.
+    
+        Please contact the technical support department.
+    
+
+
diff --git a/install/ubuntu/17.10/templates/web/webalizer/webalizer.tpl b/install/ubuntu/17.10/templates/web/webalizer/webalizer.tpl
new file mode 100755
index 00000000..068adcfb
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/webalizer/webalizer.tpl
@@ -0,0 +1,110 @@
+HostName         %domain_idn%
+LogFile          /var/log/%web_system%/domains/%domain%.log
+OutputDir        %home%/%user%/web/%domain%/stats
+HistoryName      %home%/%user%/web/%domain%/stats/%domain%.hist
+Incremental      yes
+IncrementalName  %home%/%user%/web/%domain%/stats/%domain%.current
+PageType         htm*
+PageType         cgi
+PageType         php
+PageType         shtml
+DNSCache         /var/lib/webalizer/dns_cache.db
+DNSChildren      10
+Quiet            yes
+FoldSeqErr       yes
+IndexAlias       index.php
+HideURL          *.gif
+HideURL          *.GIF
+HideURL          *.jpg
+HideURL          *.JPG
+HideURL          *.png
+HideURL          *.PNG
+HideURL          *.ra
+SearchEngine     abcsearch.          terms=
+SearchEngine     alexa.              q=
+SearchEngine     alltheweb.          q=
+SearchEngine     alltheweb.          query=
+SearchEngine     alot.               q=
+SearchEngine     altavista.          q=
+SearchEngine     aolsearch.          query=
+SearchEngine     aport.ru            r=
+SearchEngine     ask.                q=
+SearchEngine     atlas.cz            q=
+SearchEngine     bbc.                q=
+SearchEngine     bing.               q=
+SearchEngine     blingo.             q=
+SearchEngine     blogs.yandex.ru     text=
+SearchEngine     btopenworld         query=
+SearchEngine     buscador.ya.com     q=
+SearchEngine     busca.              q=
+SearchEngine     business.           query=
+SearchEngine     centrum.cz          q=
+SearchEngine     chiff.              q=
+SearchEngine     clusty.             query=
+SearchEngine     comcast.            q=
+SearchEngine     crawler.            q=
+SearchEngine     cuil.               q=
+SearchEngine     dmoz.               search=
+SearchEngine     dogpile.com         q=
+SearchEngine     dpxml               qkw=
+SearchEngine     eureka.             searchword=
+SearchEngine     euroseek.           string=
+SearchEngine     exalead.            q=
+SearchEngine     excite              search=
+SearchEngine     ezilon.             q=
+SearchEngine     fastbrowsersearch.  q=
+SearchEngine     feedster.com        q=
+SearchEngine     fireball.de         q=
+SearchEngine     fireball.           keyword=
+SearchEngine     freeserve.          q=
+SearchEngine     gigablast.          q=
+SearchEngine     gogo.ru             q=
+SearchEngine     go.mail.ru          q=
+SearchEngine     google.             q=
+SearchEngine     hakia.              q=
+SearchEngine     hotbot.             query=
+SearchEngine     infoseek.           qt=
+SearchEngine     iwon                searchfor=
+SearchEngine     ixquick.com         query=
+SearchEngine     joeant.             keywords=
+SearchEngine     jyxo.cz             s=
+SearchEngine     looksmart.          key=
+SearchEngine     lycos.              query=
+SearchEngine     mamma.              q=
+SearchEngine     metacrawler         q=
+SearchEngine     msn.                MT=
+SearchEngine     msxml               qkw=
+SearchEngine     mysearch.           searchfor=
+SearchEngine     mywebsearch.        searchfor=
+SearchEngine     netscape.           q=
+SearchEngine     nigma.ru            q=
+SearchEngine     northernlight.      qr=
+SearchEngine     ntlworld.           q=
+SearchEngine     orange.             q=
+SearchEngine     overture.           Keywords=
+SearchEngine     punto.ru            text=
+SearchEngine     rambler.            keyword=
+SearchEngine     search.aol.         q=
+SearchEngine     search.babylon.     q=
+SearchEngine     search.centrum.     phrase=
+SearchEngine     search.conduit.     q=
+SearchEngine     search.earthlink    q=
+SearchEngine     search.icq.         q=
+SearchEngine     search.live.com     q=
+SearchEngine     search.rambler.ru   words=
+SearchEngine     search.winamp.      q=
+SearchEngine     searchy.            q=
+SearchEngine     seznam.cz           w=
+SearchEngine     snap.               query=
+SearchEngine     teoma.              q=
+SearchEngine     teradex.com         q=
+SearchEngine     ukplus              key=
+SearchEngine     verizon.            q=
+SearchEngine     virginmedia.        q=
+SearchEngine     voila.              rdata=
+SearchEngine     webcrawler          searchText=
+SearchEngine     web.search.naver.   query=
+SearchEngine     wisenut             q=
+SearchEngine     yahoo.              p=
+SearchEngine     yandex.             text=
+SearchEngine     yodao.              q=
diff --git a/install/ubuntu/17.10/vsftpd/vsftpd.conf b/install/ubuntu/17.10/vsftpd/vsftpd.conf
new file mode 100644
index 00000000..034b016d
--- /dev/null
+++ b/install/ubuntu/17.10/vsftpd/vsftpd.conf
@@ -0,0 +1,27 @@
+anonymous_enable=NO
+local_enable=YES
+write_enable=YES
+local_umask=022
+anon_umask=022
+anon_upload_enable=NO
+dirmessage_enable=YES
+xferlog_enable=YES
+connect_from_port_20=YES
+xferlog_std_format=YES
+dual_log_enable=YES
+chroot_local_user=YES
+listen=YES
+pam_service_name=vsftpd
+userlist_enable=NO
+tcp_wrappers=YES
+force_dot_files=YES
+ascii_upload_enable=YES
+ascii_download_enable=YES
+allow_writeable_chroot=YES
+seccomp_sandbox=NO
+pasv_enable=YES
+pasv_min_port=12000
+pasv_max_port=12100
+max_per_ip=10
+max_clients=100
+use_localtime=YES
diff --git a/install/ubuntu/18.04/apache2/apache2.conf b/install/ubuntu/18.04/apache2/apache2.conf
new file mode 100644
index 00000000..2756132a
--- /dev/null
+++ b/install/ubuntu/18.04/apache2/apache2.conf
@@ -0,0 +1,94 @@
+# It is split into several files forming the configuration hierarchy outlined
+# below, all located in the /etc/apache2/ directory:
+#
+#	/etc/apache2/
+#	|-- apache2.conf
+#	|	`--  ports.conf
+#	|-- mods-enabled
+#	|	|-- *.load
+#	|	`-- *.conf
+#	|-- conf.d
+#	|	`-- *
+
+# Global configuration
+PidFile ${APACHE_PID_FILE}
+Timeout 30
+KeepAlive Off
+MaxKeepAliveRequests 100
+KeepAliveTimeout 10
+
+
+    StartServers          8
+    MinSpareServers       5
+    MaxSpareServers      20
+    ServerLimit         256
+    MaxClients          200
+    MaxRequestsPerChild 4000
+
+
+
+    StartServers          2
+    MinSpareThreads      25
+    MaxSpareThreads      75 
+    ThreadLimit          64
+    ThreadsPerChild      25
+    MaxClients          200
+    MaxRequestsPerChild 4000
+
+
+
+    StartServers          2
+    MinSpareThreads      25
+    MaxSpareThreads      75 
+    ThreadLimit          64
+    ThreadsPerChild      25
+    MaxClients          200
+    MaxRequestsPerChild 4000
+
+
+# These need to be set in /etc/apache2/envvars
+User ${APACHE_RUN_USER}
+Group ${APACHE_RUN_GROUP}
+#User www-data
+#Group www-data
+
+AccessFileName .htaccess
+
+
+    Order allow,deny
+    Deny from all
+    Satisfy all
+
+
+DefaultType None
+HostnameLookups Off
+
+ErrorLog ${APACHE_LOG_DIR}/error.log
+LogLevel warn
+
+# Include module configuration:
+Include mods-enabled/*.load
+Include mods-enabled/*.conf
+
+# Include list of ports to listen on and which to use for name based vhosts
+Include ports.conf
+
+LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
+LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
+LogFormat "%h %l %u %t \"%r\" %>s %O" common
+LogFormat "%{Referer}i -> %U" referer
+LogFormat "%{User-agent}i" agent
+LogFormat "%b" bytes
+
+Include conf.d/
+
+# Include the virtual host configurations:
+#Include sites-enabled/
+
+ErrorDocument 403 /error/403.html
+ErrorDocument 404 /error/404.html
+ErrorDocument 500 /error/50x.html
+ErrorDocument 501 /error/50x.html
+ErrorDocument 502 /error/50x.html
+ErrorDocument 503 /error/50x.html
+ErrorDocument 506 /error/50x.html
diff --git a/install/ubuntu/18.04/apache2/status.conf b/install/ubuntu/18.04/apache2/status.conf
new file mode 100644
index 00000000..da9d9633
--- /dev/null
+++ b/install/ubuntu/18.04/apache2/status.conf
@@ -0,0 +1,8 @@
+Listen 127.0.0.1:8081
+
+    SetHandler server-status
+    Order deny,allow
+    Deny from all
+    Allow from 127.0.0.1
+    Allow from all
+
diff --git a/install/ubuntu/18.04/bind/named.conf b/install/ubuntu/18.04/bind/named.conf
new file mode 100644
index 00000000..ed6ece88
--- /dev/null
+++ b/install/ubuntu/18.04/bind/named.conf
@@ -0,0 +1,12 @@
+// This is the primary configuration file for the BIND DNS server named.
+//
+// Please read /usr/share/doc/bind9/README.Debian.gz for information on the 
+// structure of BIND configuration files in Debian, *BEFORE* you customize 
+// this configuration file.
+//
+// If you are just adding zones, please do that in /etc/bind/named.conf.local
+
+include "/etc/bind/named.conf.options";
+include "/etc/bind/named.conf.local";
+include "/etc/bind/named.conf.default-zones";
+
diff --git a/install/ubuntu/18.04/clamav/clamd.conf b/install/ubuntu/18.04/clamav/clamd.conf
new file mode 100644
index 00000000..4e04356e
--- /dev/null
+++ b/install/ubuntu/18.04/clamav/clamd.conf
@@ -0,0 +1,61 @@
+#Automatically Generated by clamav-base postinst
+#To reconfigure clamd run #dpkg-reconfigure clamav-base
+#Please read /usr/share/doc/clamav-base/README.Debian.gz for details
+LocalSocket /var/run/clamav/clamd.ctl
+FixStaleSocket true
+LocalSocketGroup clamav
+LocalSocketMode 666
+# TemporaryDirectory is not set to its default /tmp here to make overriding
+# the default with environment variables TMPDIR/TMP/TEMP possible
+User clamav
+# AllowSupplementaryGroups true
+ScanMail true
+ScanArchive true
+ArchiveBlockEncrypted false
+MaxDirectoryRecursion 15
+FollowDirectorySymlinks false
+FollowFileSymlinks false
+ReadTimeout 180
+MaxThreads 12
+MaxConnectionQueueLength 15
+LogSyslog false
+LogFacility LOG_LOCAL6
+LogClean false
+LogVerbose true
+PidFile /var/run/clamav/clamd.pid
+DatabaseDirectory /var/lib/clamav
+SelfCheck 3600
+Foreground false
+Debug false
+ScanPE true
+ScanOLE2 true
+ScanHTML true
+DetectBrokenExecutables false
+ExitOnOOM false
+LeaveTemporaryFiles false
+AlgorithmicDetection true
+ScanELF true
+IdleTimeout 30
+PhishingSignatures true
+PhishingScanURLs true
+PhishingAlwaysBlockSSLMismatch false
+PhishingAlwaysBlockCloak false
+DetectPUA false
+ScanPartialMessages false
+HeuristicScanPrecedence false
+StructuredDataDetection false
+CommandReadTimeout 5
+SendBufTimeout 200
+MaxQueue 100
+ExtendedDetectionInfo true
+OLE2BlockMacros false
+StreamMaxLength 25M
+LogFile /var/log/clamav/clamav.log
+LogTime true
+LogFileUnlock false
+LogFileMaxSize 0
+Bytecode true
+BytecodeSecurity TrustSigned
+BytecodeTimeout 60000
+OfficialDatabaseOnly false
+CrossFilesystems true
diff --git a/install/ubuntu/18.04/deb_signing.key b/install/ubuntu/18.04/deb_signing.key
new file mode 100644
index 00000000..2ad2db8b
--- /dev/null
+++ b/install/ubuntu/18.04/deb_signing.key
@@ -0,0 +1,30 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: GnuPG v1.4.12 (GNU/Linux)
+
+mQENBFJIGbEBCAC8SHOOFo7iDTbnC2GhNZ+uBGCh226Dn1QPoFZNFM/DNakHZ6rD
+G3wzr8++eKz4fJual/VLllE2N9XDPuxbozb3LLkcyY1WzJqtIXbXhFGQ/SuIeT+x
+QY90XU6t2Ckze2c+zUniAWmJ8GSyVmXOoc9JxAQ1u47wvGXLzrjWXc8u8PNRYXuf
+fZplTL+dFu9P0d6lP8FGsV+r9wXvvazpRTz3+H8PKrGCYT55ZQIEdG9Jgamylto2
+oVPFXkwGML+TLw6oeCIBuz2y2vtivphW4MJ3ifQjDj7k3n+DTIxfDFs8lB6VRhhY
+2nMHCrcZC6U2mhmXmr6O4s1fu6irBVx05ejPABEBAAG0IFNlcmdoZXkgUm9kaW4g
+PHNraWRAdmVzdGFjcC5jb20+iQE4BBMBAgAiBQJSSBmxAhsDBgsJCAcDAgYVCAIJ
+CgsEFgIDAQIeAQIXgAAKCRBCxbITCh93FPdqB/93GjV9g+wBfeZYLHQK9MDU2wBb
+VloYOJJae6IvYKYQVAJayD3PbHdpxrF8s9e23vdnmb9jKu6jX6oV54EIyqP2HPiN
+QYc8wcea+eSHerznBixCtoQh8mtdWGFeN71zU/ig7L5qlOVF/EmxDVZTFUeivFxh
+IV6qyBnktQKktE45585yKZyyLtfGoXA54DGK69OtJFh+wdkKEMmUXocMl7wUrxW6
+Cx2CuKeEXEgvwu8mRHQi3S3T9XP456qWEn5dWyMVcP660IzEuZfSJApZusNK7zG3
+WMy0/EuX7xHNY3mcNxTOUN1LsO7iHnhHD9+iKWJo9parGkMZzc92MpjDK/g7uQEN
+BFJIGbEBCAC7k5QEA9WQM7E3ceNaeLMrA9lXfuzaNCcySq7ONdVAa5PxzbSKdHvz
+QFoL1VFqBTYQ038lbil1XqnoM0zvIfAI3LcpS8sq92El/vPxp6jZh2Ari9Uw7x95
+k2cZMgI67g+zQMGdjVRA155nFQRCgg000xU4F7JA6+WsuLlVUmccsDv7YWJExMtC
+YPxiuz5DFu8RALnw4Ckts+dbwsrcvUHhkm9b6RAsdCKjjRpUZjLgdltjH83gUVvt
+i1YmdjjsVpt95dtsaG+ad852g/Rk8EdxNMkjPF6HLA67CLADP9wYaj80yPcPtylS
+ycvPtcclVeHkFBRVM8xZpQd4iD19MWI1ABEBAAGJAR8EGAECAAkFAlJIGbECGwwA
+CgkQQsWyEwofdxQ7tQgAhB0FwTs7L8Qr63DHC2yAnXVxgtTAY1/36CccNXVculyR
++EkLcwahms9AKhz7eQb+Mud+5vH0GRohLp2npgO38CjVUfIP5d+Y6dsthmrkF6p8
+XdV1dVK9vWX+i/YZSw/Mded30Cq4P2Yhq9EaemMT0rtli8lz2NnkZ9dFJZk1lzJC
+CZmRpbjSNWqRU4f7qyh21lYk/OC/0XE8fh8CaO23TZ+6gBionoCztwb7NyC9OArN
+qYlNnbmh9iNqdblykPS3bkjf34n2xyMgnIehNrM89tk8PY4UfNPhgT1TMD9W3Svq
+ynNZvLuF/FIDwDeC1qcfjGbfDn9fXO/lMIIRooQYKQ==
+=J2HJ
+-----END PGP PUBLIC KEY BLOCK-----
diff --git a/install/ubuntu/18.04/dovecot/conf.d/10-auth.conf b/install/ubuntu/18.04/dovecot/conf.d/10-auth.conf
new file mode 100644
index 00000000..dfcc8311
--- /dev/null
+++ b/install/ubuntu/18.04/dovecot/conf.d/10-auth.conf
@@ -0,0 +1,4 @@
+disable_plaintext_auth = no
+auth_verbose = yes
+auth_mechanisms = plain login
+!include auth-passwdfile.conf.ext
diff --git a/install/ubuntu/18.04/dovecot/conf.d/10-logging.conf b/install/ubuntu/18.04/dovecot/conf.d/10-logging.conf
new file mode 100644
index 00000000..a5f207d5
--- /dev/null
+++ b/install/ubuntu/18.04/dovecot/conf.d/10-logging.conf
@@ -0,0 +1 @@
+log_path = /var/log/dovecot.log
diff --git a/install/ubuntu/18.04/dovecot/conf.d/10-mail.conf b/install/ubuntu/18.04/dovecot/conf.d/10-mail.conf
new file mode 100644
index 00000000..55313419
--- /dev/null
+++ b/install/ubuntu/18.04/dovecot/conf.d/10-mail.conf
@@ -0,0 +1,4 @@
+mail_privileged_group = mail
+mail_access_groups = mail
+mail_location = maildir:%h/mail/%d/%n
+pop3_uidl_format = %08Xu%08Xv
diff --git a/install/ubuntu/18.04/dovecot/conf.d/10-master.conf b/install/ubuntu/18.04/dovecot/conf.d/10-master.conf
new file mode 100644
index 00000000..a75a9aaa
--- /dev/null
+++ b/install/ubuntu/18.04/dovecot/conf.d/10-master.conf
@@ -0,0 +1,29 @@
+service imap-login {
+  inet_listener imap {
+  }
+  inet_listener imaps {
+  }
+}
+
+service pop3-login {
+  inet_listener pop3 {
+  }
+  inet_listener pop3s {
+  }
+}
+
+
+service imap {
+}
+
+service pop3 {
+}
+
+service auth {
+  unix_listener auth-client {
+    group = mail
+    mode = 0660
+    user = dovecot
+  }
+  user = dovecot
+}
diff --git a/install/ubuntu/18.04/dovecot/conf.d/10-ssl.conf b/install/ubuntu/18.04/dovecot/conf.d/10-ssl.conf
new file mode 100644
index 00000000..24cbf3e2
--- /dev/null
+++ b/install/ubuntu/18.04/dovecot/conf.d/10-ssl.conf
@@ -0,0 +1,5 @@
+ssl = yes
+ssl_protocols = !SSLv2 !SSLv3
+
+ssl_cert = = 2.1.4)    : %v.%u
+  #  Dovecot v0.99.x     : %v.%u
+  #  tpop3d              : %Mf
+  #
+  # Note that Outlook 2003 seems to have problems with %v.%u format which was
+  # Dovecot's default, so if you're building a new server it would be a good
+  # idea to change this. %08Xu%08Xv should be pretty fail-safe.
+  #
+  #pop3_uidl_format = %08Xu%08Xv
+
+  # Permanently save UIDLs sent to POP3 clients, so pop3_uidl_format changes
+  # won't change those UIDLs. Currently this works only with Maildir.
+  #pop3_save_uidl = no
+
+  # What to do about duplicate UIDLs if they exist?
+  #   allow: Show duplicates to clients.
+  #   rename: Append a temporary -2, -3, etc. counter after the UIDL.
+  #pop3_uidl_duplicates = allow
+
+  # POP3 logout format string:
+  #  %i - total number of bytes read from client
+  #  %o - total number of bytes sent to client
+  #  %t - number of TOP commands
+  #  %p - number of bytes sent to client as a result of TOP command
+  #  %r - number of RETR commands
+  #  %b - number of bytes sent to client as a result of RETR command
+  #  %d - number of deleted messages
+  #  %m - number of messages (before deletion)
+  #  %s - mailbox size in bytes (before deletion)
+  #  %u - old/new UIDL hash. may help finding out if UIDLs changed unexpectedly
+  #pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s
+
+  # Maximum number of POP3 connections allowed for a user from each IP address.
+  # NOTE: The username is compared case-sensitively.
+  #mail_max_userip_connections = 10
+
+  # Space separated list of plugins to load (default is global mail_plugins).
+  #mail_plugins = $mail_plugins
+
+  # Workarounds for various client bugs:
+  #   outlook-no-nuls:
+  #     Outlook and Outlook Express hang if mails contain NUL characters.
+  #     This setting replaces them with 0x80 character.
+  #   oe-ns-eoh:
+  #     Outlook Express and Netscape Mail breaks if end of headers-line is
+  #     missing. This option simply sends it if it's missing.
+  # The list is space-separated.
+  #pop3_client_workarounds = 
+}
diff --git a/install/ubuntu/18.04/dovecot/conf.d/auth-passwdfile.conf.ext b/install/ubuntu/18.04/dovecot/conf.d/auth-passwdfile.conf.ext
new file mode 100644
index 00000000..75e6e115
--- /dev/null
+++ b/install/ubuntu/18.04/dovecot/conf.d/auth-passwdfile.conf.ext
@@ -0,0 +1,9 @@
+passdb {
+  driver = passwd-file
+  args = scheme=MD5-CRYPT username_format=%n /etc/exim4/domains/%d/passwd
+}
+
+userdb {
+  driver = passwd-file
+  args = username_format=%n /etc/exim4/domains/%d/passwd
+}
diff --git a/install/ubuntu/18.04/dovecot/dovecot.conf b/install/ubuntu/18.04/dovecot/dovecot.conf
new file mode 100644
index 00000000..311a3351
--- /dev/null
+++ b/install/ubuntu/18.04/dovecot/dovecot.conf
@@ -0,0 +1,24 @@
+protocols = imap pop3
+listen = *, ::
+base_dir = /var/run/dovecot/
+!include conf.d/*.conf
+
+namespace {
+    type = private
+    separator = /
+    prefix =
+    inbox = yes
+
+    mailbox Sent {
+        auto = subscribe
+        special_use = \Sent
+    }
+    mailbox Drafts {
+        auto = subscribe
+        special_use = \Drafts
+    }
+    mailbox Trash {
+        auto = subscribe
+        special_use = \Trash
+    }
+}
diff --git a/install/ubuntu/18.04/exim/dnsbl.conf b/install/ubuntu/18.04/exim/dnsbl.conf
new file mode 100644
index 00000000..5166b255
--- /dev/null
+++ b/install/ubuntu/18.04/exim/dnsbl.conf
@@ -0,0 +1,2 @@
+bl.spamcop.net
+zen.spamhaus.org
diff --git a/install/ubuntu/18.04/exim/exim4.conf.template b/install/ubuntu/18.04/exim/exim4.conf.template
new file mode 100644
index 00000000..fc346486
--- /dev/null
+++ b/install/ubuntu/18.04/exim/exim4.conf.template
@@ -0,0 +1,382 @@
+######################################################################
+#                                                                    #
+#          Exim configuration file for Vesta Control Panel           #
+#                                                                    #
+######################################################################
+
+#SPAMASSASSIN = yes
+#SPAM_SCORE = 50
+#CLAMD =  yes
+
+add_environment = <; PATH=/bin:/usr/bin
+keep_environment =
+disable_ipv6 = true
+
+domainlist local_domains = dsearch;/etc/exim4/domains/
+domainlist relay_to_domains = dsearch;/etc/exim4/domains/
+hostlist relay_from_hosts = 127.0.0.1
+hostlist whitelist = net-iplsearch;/etc/exim4/white-blocks.conf
+hostlist spammers = net-iplsearch;/etc/exim4/spam-blocks.conf
+no_local_from_check
+untrusted_set_sender = *
+acl_smtp_connect = acl_check_spammers
+acl_smtp_mail = acl_check_mail
+acl_smtp_rcpt = acl_check_rcpt
+acl_smtp_data = acl_check_data
+acl_smtp_mime = acl_check_mime
+
+.ifdef SPAMASSASSIN
+spamd_address = 127.0.0.1 783
+.endif
+
+.ifdef CLAMD
+av_scanner = clamd: /var/run/clamav/clamd.ctl
+.endif
+
+tls_advertise_hosts = *
+tls_certificate = /usr/local/vesta/ssl/certificate.crt
+tls_privatekey = /usr/local/vesta/ssl/certificate.key
+
+daemon_smtp_ports = 25 : 465 : 587 : 2525
+tls_on_connect_ports = 465
+never_users = root
+host_lookup = *
+rfc1413_hosts = *
+rfc1413_query_timeout = 5s
+ignore_bounce_errors_after = 2d
+timeout_frozen_after = 7d
+
+DKIM_DOMAIN = ${lc:${domain:$h_from:}}
+DKIM_FILE = /etc/exim4/domains/${lc:${domain:$h_from:}}/dkim.pem
+DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}
+
+
+
+######################################################################
+#                       ACL CONFIGURATION                            #
+#         Specifies access control lists for incoming SMTP mail      #
+######################################################################
+begin acl
+
+acl_check_spammers:
+  accept  hosts         = +whitelist
+
+  drop    message       = Your host in blacklist on this server.
+          log_message   = Host in blacklist
+          hosts         = +spammers
+
+  accept
+
+
+acl_check_mail:
+  deny    condition     = ${if eq{$sender_helo_name}{}}
+          message       = HELO required before MAIL
+
+  drop    message       = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid
+          condition     = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}}
+          condition     = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}}
+          delay         = 45s
+
+  drop    condition     = ${if isip{$sender_helo_name}}
+          message       = Access denied - Invalid HELO name (See RFC2821 4.1.3)
+
+  drop    condition     = ${if eq{[$interface_address]}{$sender_helo_name}}
+          message       = $interface_address is _my_ address
+
+  accept
+
+
+acl_check_rcpt:
+  accept  hosts         = :
+
+  deny    message       = Restricted characters in address
+          domains       = +local_domains
+          local_parts   = ^[.] : ^.*[@%!/|]
+
+  deny    message       = Restricted characters in address
+          domains       = !+local_domains
+          local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
+
+  require verify        = sender
+
+  accept  hosts         = +relay_from_hosts
+          control       = submission
+
+  accept  authenticated = *
+          control       = submission/domain=
+
+  deny    message       = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
+          hosts         = !+whitelist
+          dnslists      = ${readfile {/etc/exim4/dnsbl.conf}{:}}
+
+  require message       = relay not permitted
+          domains       = +local_domains : +relay_to_domains
+
+  deny    message       = smtp auth required
+         sender_domains = +local_domains
+         !authenticated = *
+
+  require verify        = recipient
+
+.ifdef CLAMD
+  warn    set acl_m0    = no
+
+  warn    condition     = ${if exists {/etc/exim4/domains/$domain/antivirus}{yes}{no}}
+          set acl_m0    = yes
+.endif
+
+.ifdef SPAMASSASSIN
+  warn    set acl_m1    = no
+
+  warn    condition     = ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}}
+          set acl_m1    = yes
+.endif
+
+  accept
+
+
+acl_check_data:
+.ifdef CLAMD
+  deny   message        = Message contains a virus ($malware_name) and has been rejected
+         malware        = *
+         condition      = ${if eq{$acl_m0}{yes}{yes}{no}}
+.endif
+
+.ifdef SPAMASSASSIN
+  warn   !authenticated = *
+         hosts          = !+relay_from_hosts
+         condition      = ${if < {$message_size}{1024K}}
+         condition      = ${if eq{$acl_m1}{yes}{yes}{no}}
+         spam           = debian-spamd:true/defer_ok
+         add_header     = X-Spam-Score: $spam_score_int
+         add_header     = X-Spam-Bar: $spam_bar
+         add_header     = X-Spam-Report: $spam_report
+         set acl_m2     = $spam_score_int
+
+  warn   condition      = ${if !eq{$acl_m2}{} {yes}{no}}
+         condition      = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}}
+         add_header     = X-Spam-Status: Yes
+         message        = SpamAssassin detected spam (from $sender_address to $recipients).
+.endif
+
+  accept
+
+
+acl_check_mime:
+  deny   message        = Blacklisted file extension detected
+         condition      = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}}
+
+  accept
+
+
+
+######################################################################
+#                   AUTHENTICATION CONFIGURATION                     #
+######################################################################
+begin authenticators
+
+dovecot_plain:
+  driver = dovecot
+  public_name = PLAIN
+  server_socket = /var/run/dovecot/auth-client
+  server_set_id = $auth1
+
+dovecot_login:
+  driver = dovecot
+  public_name = LOGIN
+  server_socket = /var/run/dovecot/auth-client
+  server_set_id = $auth1
+
+
+
+######################################################################
+#                      ROUTERS CONFIGURATION                         #
+#               Specifies how addresses are handled                  #
+######################################################################
+begin routers
+
+#smarthost:
+#  driver = manualroute
+#  domains = ! +local_domains
+#  transport = remote_smtp
+#  route_list = * smartrelay.vestacp.com
+#  no_more
+#  no_verify
+
+dnslookup:
+  driver = dnslookup
+  domains = !+local_domains
+  transport = remote_smtp
+  no_more
+
+userforward:
+  driver = redirect
+  check_local_user
+  file = $home/.forward
+  allow_filter
+  no_verify
+  no_expn
+  check_ancestor
+  file_transport = address_file
+  pipe_transport = address_pipe
+  reply_transport = address_reply
+
+procmail:
+  driver = accept
+  check_local_user
+  require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail
+  transport = procmail
+  no_verify
+
+autoreplay:
+  driver = accept
+  require_files = /etc/exim4/domains/$domain/autoreply.${local_part}.msg
+  condition = ${if exists{/etc/exim4/domains/$domain/autoreply.${local_part}.msg}{yes}{no}}
+  retry_use_local_part
+  transport = userautoreply
+  unseen
+
+aliases:
+  driver = redirect
+  headers_add = X-redirected: yes
+  data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}}
+  require_files = /etc/exim4/domains/$domain/aliases
+  redirect_router = dnslookup
+  pipe_transport = address_pipe
+  unseen
+
+localuser_fwd_only:
+  driver = accept
+  transport = devnull
+  condition = ${if exists{/etc/exim4/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/fwd_only}{true}{false}}}}
+
+localuser_spam:
+  driver = accept
+  transport = local_spam_delivery
+  condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{yes}{no_such_user}}}}
+
+localuser:
+  driver = accept
+  transport = local_delivery
+  condition = ${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{true}{false}}
+
+catchall:
+  driver = redirect
+  headers_add = X-redirected: yes
+  require_files = /etc/exim4/domains/$domain/aliases
+  data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}}
+  file_transport = local_delivery
+  redirect_router = dnslookup
+
+terminate_alias:
+  driver = accept
+  transport = devnull
+  condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}{true}{false}}
+
+
+
+######################################################################
+#                      TRANSPORTS CONFIGURATION                      #
+######################################################################
+begin transports
+
+remote_smtp:
+  driver = smtp
+  #helo_data = $sender_address_domain
+  dkim_domain = DKIM_DOMAIN
+  dkim_selector = mail
+  dkim_private_key = DKIM_PRIVATE_KEY
+  dkim_canon = relaxed
+  dkim_strict = 0
+
+procmail:
+  driver = pipe
+  command = "/usr/bin/procmail -d $local_part"
+  return_path_add
+  delivery_date_add
+  envelope_to_add
+  user = $local_part
+  initgroups
+  return_output
+
+local_delivery:
+  driver = appendfile
+  maildir_format
+  maildir_use_size_file
+  user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}
+  group = mail
+  create_directory
+  directory_mode = 770
+  mode = 660
+  use_lockfile = no
+  delivery_date_add
+  envelope_to_add
+  return_path_add
+  directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part"
+  quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M
+  quota_warn_threshold = 75%
+
+local_spam_delivery:
+  driver = appendfile
+  maildir_format
+  maildir_use_size_file
+  user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}
+  group = mail
+  create_directory
+  directory_mode = 770
+  mode = 660
+  use_lockfile = no
+  delivery_date_add
+  envelope_to_add
+  return_path_add
+  directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam"
+  quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M
+  quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part"
+  quota_warn_threshold = 75%
+
+address_pipe:
+  driver = pipe
+  return_output
+
+address_file:
+  driver = appendfile
+  delivery_date_add
+  envelope_to_add
+  return_path_add
+
+address_reply:
+  driver = autoreply
+
+userautoreply:
+  driver = autoreply
+  file = /etc/exim4/domains/$domain/autoreply.${local_part}.msg
+  from = "${local_part}@${domain}"
+  headers = Content-Type: text/plain; charset=utf-8;\nContent-Transfer-Encoding: 8bit
+  subject = "${if def:h_Subject: {Autoreply: \"${rfc2047:$h_Subject:}\"} {Autoreply Message}}"
+  to = "${sender_address}"
+
+devnull:
+  driver = appendfile
+  file = /dev/null
+
+
+
+######################################################################
+#                      RETRY CONFIGURATION                           #
+######################################################################
+begin retry
+
+# Address or Domain    Error       Retries
+# -----------------    -----       -------
+*                      *           F,2h,15m; G,16h,1h,1.5; F,4d,6h
+
+
+
+######################################################################
+#                      REWRITE CONFIGURATION                         #
+######################################################################
+begin rewrite
+
+
+
+######################################################################
diff --git a/install/ubuntu/18.04/exim/spam-blocks.conf b/install/ubuntu/18.04/exim/spam-blocks.conf
new file mode 100644
index 00000000..e69de29b
diff --git a/install/ubuntu/18.04/fail2ban/action.d/vesta.conf b/install/ubuntu/18.04/fail2ban/action.d/vesta.conf
new file mode 100644
index 00000000..0edfc349
--- /dev/null
+++ b/install/ubuntu/18.04/fail2ban/action.d/vesta.conf
@@ -0,0 +1,9 @@
+# Fail2Ban configuration file for vesta
+
+[Definition]
+
+actionstart = /usr/local/vesta/bin/v-add-firewall-chain 
+actionstop = /usr/local/vesta/bin/v-delete-firewall-chain 
+actioncheck = iptables -n -L INPUT | grep -q 'fail2ban-[ \t]'
+actionban = /usr/local/vesta/bin/v-add-firewall-ban  
+actionunban = /usr/local/vesta/bin/v-delete-firewall-ban  
diff --git a/install/ubuntu/18.04/fail2ban/filter.d/vesta.conf b/install/ubuntu/18.04/fail2ban/filter.d/vesta.conf
new file mode 100644
index 00000000..69670a56
--- /dev/null
+++ b/install/ubuntu/18.04/fail2ban/filter.d/vesta.conf
@@ -0,0 +1,10 @@
+# Fail2Ban filter for unsuccesfull Vesta authentication attempts
+#
+
+[INCLUDES]
+before = common.conf
+
+[Definition]
+failregex =  .*  failed to login
+ignoreregex =
+
diff --git a/install/ubuntu/18.04/fail2ban/jail.local b/install/ubuntu/18.04/fail2ban/jail.local
new file mode 100644
index 00000000..013f81c4
--- /dev/null
+++ b/install/ubuntu/18.04/fail2ban/jail.local
@@ -0,0 +1,51 @@
+[DEFAULT]
+ignoreip = 127.0.0.1/8
+
+[ssh-iptables]
+enabled  = true
+filter   = sshd
+action   = vesta[name=SSH]
+logpath  = /var/log/auth.log
+maxretry = 5
+
+[vsftpd-iptables]
+enabled  = false
+filter   = vsftpd
+action   = vesta[name=FTP]
+logpath  = /var/log/vsftpd.log
+maxretry = 5
+
+[exim-iptables]
+enabled = true
+filter  = exim
+action  = vesta[name=MAIL]
+logpath = /var/log/exim4/mainlog
+maxretry = 5
+
+[dovecot-iptables]
+enabled = true
+filter  = dovecot
+action  = vesta[name=MAIL]
+logpath = /var/log/dovecot.log
+maxretry = 5
+
+[mysqld-iptables]
+enabled  = false
+filter   = mysqld-auth
+action   = vesta[name=DB]
+logpath  = /var/log/mysql.log
+maxretry = 5
+
+[vesta-iptables]
+enabled = true
+filter  = vesta
+action  = vesta[name=VESTA]
+logpath = /var/log/vesta/auth.log
+maxretry = 5
+
+[roundcube-auth]
+enabled  = false
+filter   = roundcube-auth
+port     = http,https
+logpath  = /var/log/roundcube/errors
+maxretry = 5
diff --git a/install/ubuntu/18.04/firewall/ports.conf b/install/ubuntu/18.04/firewall/ports.conf
new file mode 100644
index 00000000..b730d012
--- /dev/null
+++ b/install/ubuntu/18.04/firewall/ports.conf
@@ -0,0 +1,17 @@
+PROTOCOL='TCP' PORT='20'
+PROTOCOL='TCP' PORT='21'
+PROTOCOL='TCP' PORT='22'
+PROTOCOL='TCP' PORT='25'
+PROTOCOL='TCP' PORT='53'
+PROTOCOL='UDP' PORT='53'
+PROTOCOL='TCP' PORT='80'
+PROTOCOL='TCP' PORT='443'
+PROTOCOL='TCP' PORT='110'
+PROTOCOL='UDP' PORT='123'
+PROTOCOL='TCP' PORT='143'
+PROTOCOL='TCP' PORT='3306'
+PROTOCOL='TCP' PORT='5432'
+PROTOCOL='TCP' PORT='8080'
+PROTOCOL='TCP' PORT='8433'
+PROTOCOL='TCP' PORT='8083'
+PROTOCOL='TCP' PORT='12000:12100'
diff --git a/install/ubuntu/18.04/firewall/rules.conf b/install/ubuntu/18.04/firewall/rules.conf
new file mode 100644
index 00000000..fba98e1e
--- /dev/null
+++ b/install/ubuntu/18.04/firewall/rules.conf
@@ -0,0 +1,11 @@
+RULE='1' ACTION='ACCEPT' PROTOCOL='ICMP' PORT='0' IP='0.0.0.0/0' COMMENT='PING' SUSPENDED='no' TIME='17:13:48' DATE='2014-09-16'
+RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='0.0.0.0/0' COMMENT='VESTA' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='7' ACTION='ACCEPT' PROTOCOL='TCP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='8' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP='0.0.0.0/0' COMMENT='FTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='17:04:27' DATE='2014-09-24'
+RULE='11' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='0.0.0.0/0' COMMENT='SSH' SUSPENDED='no' TIME='17:14:41' DATE='2014-09-16'
diff --git a/install/ubuntu/18.04/logrotate/apache2 b/install/ubuntu/18.04/logrotate/apache2
new file mode 100644
index 00000000..27629d0d
--- /dev/null
+++ b/install/ubuntu/18.04/logrotate/apache2
@@ -0,0 +1,19 @@
+/var/log/apache2/*.log /var/log/apache2/domains/*log {
+        weekly
+        missingok
+        rotate 52
+        compress
+        delaycompress
+        notifempty
+        create 640 root adm
+        sharedscripts
+        postrotate
+                /etc/init.d/apache2 reload > /dev/null || true
+                [ ! -f /var/run/nginx.pid ] || kill -USR1 `cat /var/run/nginx.pid`
+        endscript
+        prerotate
+                if [ -d /etc/logrotate.d/httpd-prerotate ]; then \
+                        run-parts /etc/logrotate.d/httpd-prerotate; \
+                fi; \
+        endscript
+}
diff --git a/install/ubuntu/18.04/logrotate/dovecot b/install/ubuntu/18.04/logrotate/dovecot
new file mode 100644
index 00000000..ac4fd6e9
--- /dev/null
+++ b/install/ubuntu/18.04/logrotate/dovecot
@@ -0,0 +1,12 @@
+/var/log/dovecot*.log {
+  weekly
+  rotate 4
+  missingok
+  notifempty
+  compress
+  delaycompress
+  sharedscripts
+  postrotate
+    doveadm log reopen
+  endscript
+}
diff --git a/install/ubuntu/18.04/logrotate/nginx b/install/ubuntu/18.04/logrotate/nginx
new file mode 100644
index 00000000..d667f213
--- /dev/null
+++ b/install/ubuntu/18.04/logrotate/nginx
@@ -0,0 +1,13 @@
+/var/log/nginx/*log /var/log/nginx/domains/*log {
+        daily
+        missingok
+        rotate 52
+        compress
+        delaycompress
+        notifempty
+        create 640 nginx adm
+        sharedscripts
+        postrotate
+                [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid`
+        endscript
+}
diff --git a/install/ubuntu/18.04/logrotate/vesta b/install/ubuntu/18.04/logrotate/vesta
new file mode 100644
index 00000000..027a3439
--- /dev/null
+++ b/install/ubuntu/18.04/logrotate/vesta
@@ -0,0 +1,7 @@
+/usr/local/vesta/log/*.log {
+    missingok
+    notifempty
+    size 30k
+    yearly
+    create 0600 root root
+}
diff --git a/install/ubuntu/18.04/mysql/my-large.cnf b/install/ubuntu/18.04/mysql/my-large.cnf
new file mode 100644
index 00000000..7201377c
--- /dev/null
+++ b/install/ubuntu/18.04/mysql/my-large.cnf
@@ -0,0 +1,41 @@
+[client]
+port=3306
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld_safe]
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld]
+user=mysql
+pid-file=/var/run/mysqld/mysqld.pid
+socket=/var/run/mysqld/mysqld.sock
+port=3306
+basedir=/usr
+datadir=/var/lib/mysql
+tmpdir=/tmp
+lc-messages-dir=/usr/share/mysql
+log_error=/var/log/mysql/error.log
+
+symbolic-links=0
+
+skip-external-locking
+key_buffer_size = 256M
+max_allowed_packet = 32M
+table_open_cache = 256
+sort_buffer_size = 1M
+read_buffer_size = 1M
+read_rnd_buffer_size = 4M
+myisam_sort_buffer_size = 64M
+thread_cache_size = 8
+query_cache_size= 16M
+
+#innodb_use_native_aio = 0
+innodb_file_per_table
+
+max_connections=200
+max_user_connections=50
+wait_timeout=10
+interactive_timeout=50
+long_query_time=5
+
+!includedir /etc/mysql/conf.d/
diff --git a/install/ubuntu/18.04/mysql/my-medium.cnf b/install/ubuntu/18.04/mysql/my-medium.cnf
new file mode 100644
index 00000000..1c10ab9a
--- /dev/null
+++ b/install/ubuntu/18.04/mysql/my-medium.cnf
@@ -0,0 +1,40 @@
+[client]
+port=3306
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld_safe]
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld]
+user=mysql
+pid-file=/var/run/mysqld/mysqld.pid
+socket=/var/run/mysqld/mysqld.sock
+port=3306
+basedir=/usr
+datadir=/var/lib/mysql
+tmpdir=/tmp
+lc-messages-dir=/usr/share/mysql
+log_error=/var/log/mysql/error.log
+
+symbolic-links=0
+  
+skip-external-locking
+key_buffer_size = 16M
+max_allowed_packet = 16M
+table_open_cache = 64
+sort_buffer_size = 512K
+net_buffer_length = 8K
+read_buffer_size = 256K
+read_rnd_buffer_size = 512K
+myisam_sort_buffer_size = 8M
+
+#innodb_use_native_aio = 0
+innodb_file_per_table
+
+max_connections=70
+max_user_connections=30
+wait_timeout=10
+interactive_timeout=50
+long_query_time=5
+
+!includedir /etc/mysql/conf.d/
diff --git a/install/ubuntu/18.04/mysql/my-small.cnf b/install/ubuntu/18.04/mysql/my-small.cnf
new file mode 100644
index 00000000..26a80478
--- /dev/null
+++ b/install/ubuntu/18.04/mysql/my-small.cnf
@@ -0,0 +1,40 @@
+[client]
+port=3306
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld_safe]
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld]
+user=mysql
+pid-file=/var/run/mysqld/mysqld.pid
+socket=/var/run/mysqld/mysqld.sock
+port=3306
+basedir=/usr
+datadir=/var/lib/mysql
+tmpdir=/tmp
+lc-messages-dir=/usr/share/mysql
+log_error=/var/log/mysql/error.log
+
+symbolic-links=0
+
+skip-external-locking
+key_buffer_size = 16K
+max_allowed_packet = 1M
+table_open_cache = 4
+sort_buffer_size = 64K
+read_buffer_size = 256K
+read_rnd_buffer_size = 256K
+net_buffer_length = 2K
+thread_stack = 240K
+
+#innodb_use_native_aio = 0
+innodb_file_per_table
+
+max_connections=30
+max_user_connections=20
+wait_timeout=10
+interactive_timeout=50
+long_query_time=5
+
+!includedir /etc/mysql/conf.d/
diff --git a/install/ubuntu/18.04/nginx/nginx.conf b/install/ubuntu/18.04/nginx/nginx.conf
new file mode 100644
index 00000000..e7256de7
--- /dev/null
+++ b/install/ubuntu/18.04/nginx/nginx.conf
@@ -0,0 +1,136 @@
+# Server globals
+user                    www-data;
+worker_processes        auto;
+worker_rlimit_nofile    65535;
+error_log               /var/log/nginx/error.log crit;
+pid                     /var/run/nginx.pid;
+
+
+# Worker config
+events {
+        worker_connections  1024;
+        use                 epoll;
+        multi_accept        on;
+}
+
+
+http {
+    # Main settings
+    sendfile                        on;
+    tcp_nopush                      on;
+    tcp_nodelay                     on;
+    client_header_timeout           1m;
+    client_body_timeout             1m;
+    client_header_buffer_size       2k;
+    client_body_buffer_size         256k;
+    client_max_body_size            256m;
+    large_client_header_buffers     4   8k;
+    send_timeout                    30;
+    keepalive_timeout               60 60;
+    reset_timedout_connection       on;
+    server_tokens                   off;
+    server_name_in_redirect         off;
+    server_names_hash_max_size      512;
+    server_names_hash_bucket_size   512;
+
+
+    # Log format
+    log_format  main    '$remote_addr - $remote_user [$time_local] $request '
+                        '"$status" $body_bytes_sent "$http_referer" '
+                        '"$http_user_agent" "$http_x_forwarded_for"';
+    log_format  bytes   '$body_bytes_sent';
+    #access_log          /var/log/nginx/access.log main;
+    access_log off;
+
+
+    # Mime settings
+    include             /etc/nginx/mime.types;
+    default_type        application/octet-stream;
+
+
+    # Compression
+    gzip                on;
+    gzip_comp_level     9;
+    gzip_min_length     512;
+    gzip_buffers        8 64k;
+    gzip_types          text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype;
+    gzip_proxied        any;
+    gzip_disable        "MSIE [1-6]\.";
+
+    # Proxy settings
+    proxy_redirect      off;
+    proxy_set_header    Host            $host;
+    proxy_set_header    X-Real-IP       $remote_addr;
+    proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_pass_header   Set-Cookie;
+    proxy_connect_timeout   90;
+    proxy_send_timeout  90;
+    proxy_read_timeout  90;
+    proxy_buffers       32 4k;
+
+
+    # Cloudflare https://www.cloudflare.com/ips
+    set_real_ip_from   103.21.244.0/22;
+    set_real_ip_from   103.22.200.0/22;
+    set_real_ip_from   103.31.4.0/22;
+    set_real_ip_from   104.16.0.0/12;
+    set_real_ip_from   108.162.192.0/18;
+    set_real_ip_from   131.0.72.0/22;
+    set_real_ip_from   141.101.64.0/18;
+    set_real_ip_from   162.158.0.0/15;
+    set_real_ip_from   172.64.0.0/13;
+    set_real_ip_from   173.245.48.0/20;
+    set_real_ip_from   188.114.96.0/20;
+    set_real_ip_from   190.93.240.0/20;
+    set_real_ip_from   197.234.240.0/22;
+    set_real_ip_from   198.41.128.0/17;
+    #set_real_ip_from   2400:cb00::/32;
+    #set_real_ip_from   2606:4700::/32;
+    #set_real_ip_from   2803:f800::/32;
+    #set_real_ip_from   2405:b500::/32;
+    #set_real_ip_from   2405:8100::/32;
+    #set_real_ip_from   2c0f:f248::/32;
+    #set_real_ip_from   2a06:98c0::/29;
+    real_ip_header     CF-Connecting-IP;
+
+
+    # SSL PCI Compliance
+    ssl_session_cache   shared:SSL:10m;
+    ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
+    ssl_prefer_server_ciphers on;
+    ssl_ciphers        "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
+
+
+    # Error pages
+    error_page          403          /error/403.html;
+    error_page          404          /error/404.html;
+    error_page          502 503 504  /error/50x.html;
+
+
+    # Cache settings
+    proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m;
+    proxy_cache_key "$host$request_uri $cookie_user";
+    proxy_temp_path  /var/cache/nginx/temp;
+    proxy_ignore_headers Expires Cache-Control;
+    proxy_cache_use_stale error timeout invalid_header http_502;
+    proxy_cache_valid any 1d;
+
+
+    # Cache bypass
+    map $http_cookie $no_cache {
+        default 0;
+        ~SESS 1;
+        ~wordpress_logged_in 1;
+    }
+
+
+    # File cache settings
+    open_file_cache          max=10000 inactive=30s;
+    open_file_cache_valid    60s;
+    open_file_cache_min_uses 2;
+    open_file_cache_errors   off;
+
+
+    # Wildcard include
+    include             /etc/nginx/conf.d/*.conf;
+}
diff --git a/install/ubuntu/18.04/nginx/phpmyadmin.inc b/install/ubuntu/18.04/nginx/phpmyadmin.inc
new file mode 100644
index 00000000..1feb8546
--- /dev/null
+++ b/install/ubuntu/18.04/nginx/phpmyadmin.inc
@@ -0,0 +1,18 @@
+location /phpmyadmin {
+    alias /usr/share/phpmyadmin/;
+
+    location ~ /(libraries|setup) {
+        return 404;
+    }
+
+    location ~ ^/phpmyadmin/(.*\.php)$ {
+        alias /usr/share/phpmyadmin/$1;
+        fastcgi_pass 127.0.0.1:9000;
+        fastcgi_index index.php;
+        include fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME $request_filename;
+    }
+    location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
+        root /usr/share/;
+    }
+}
diff --git a/install/ubuntu/18.04/nginx/phppgadmin.inc b/install/ubuntu/18.04/nginx/phppgadmin.inc
new file mode 100644
index 00000000..cd1e5806
--- /dev/null
+++ b/install/ubuntu/18.04/nginx/phppgadmin.inc
@@ -0,0 +1,11 @@
+location /phppgadmin {
+    alias /usr/share/phppgadmin/;
+
+    location ~ ^/phppgadmin/(.*\.php)$ {
+        alias /usr/share/phppgadmin/$1;
+        fastcgi_pass 127.0.0.1:9000;
+        fastcgi_index index.php;
+        include fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME $request_filename;
+    }
+}
diff --git a/install/ubuntu/18.04/nginx/status.conf b/install/ubuntu/18.04/nginx/status.conf
new file mode 100644
index 00000000..c0bcd069
--- /dev/null
+++ b/install/ubuntu/18.04/nginx/status.conf
@@ -0,0 +1,9 @@
+server {
+    listen       127.0.0.1:8084 default;
+    server_name  _;
+    server_name_in_redirect  off;
+    location / {
+        stub_status on;
+        access_log   off;
+   }
+}
diff --git a/install/ubuntu/18.04/nginx/webmail.inc b/install/ubuntu/18.04/nginx/webmail.inc
new file mode 100644
index 00000000..ad66895b
--- /dev/null
+++ b/install/ubuntu/18.04/nginx/webmail.inc
@@ -0,0 +1,15 @@
+location /webmail {
+    alias /var/lib/roundcube/;
+
+    location ~ /(config|temp|logs) {
+        return 404;
+    }
+
+    location ~ ^/webmail/(.*\.php)$ {
+        alias /var/lib/roundcube/$1;
+        fastcgi_pass 127.0.0.1:9000;
+        fastcgi_index index.php;
+        include fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME $request_filename;
+    }
+}
diff --git a/install/ubuntu/18.04/packages/default.pkg b/install/ubuntu/18.04/packages/default.pkg
new file mode 100644
index 00000000..c2a93574
--- /dev/null
+++ b/install/ubuntu/18.04/packages/default.pkg
@@ -0,0 +1,18 @@
+WEB_TEMPLATE='default'
+PROXY_TEMPLATE='default'
+DNS_TEMPLATE='default'
+WEB_DOMAINS='100'
+WEB_ALIASES='100'
+DNS_DOMAINS='100'
+DNS_RECORDS='100'
+MAIL_DOMAINS='100'
+MAIL_ACCOUNTS='100'
+DATABASES='100'
+CRON_JOBS='100'
+DISK_QUOTA='unlimited'
+BANDWIDTH='100000'
+NS='ns1.domain.tld,ns2.domain.tld'
+SHELL='nologin'
+BACKUPS='3'
+TIME='18:00:00'
+DATE='2017-12-28'
diff --git a/install/ubuntu/18.04/packages/gainsboro.pkg b/install/ubuntu/18.04/packages/gainsboro.pkg
new file mode 100644
index 00000000..76d7dae2
--- /dev/null
+++ b/install/ubuntu/18.04/packages/gainsboro.pkg
@@ -0,0 +1,18 @@
+WEB_TEMPLATE='default'
+PROXY_TEMPLATE='default'
+DNS_TEMPLATE='default'
+WEB_DOMAINS='10'
+WEB_ALIASES='10'
+DNS_DOMAINS='10'
+DNS_RECORDS='10'
+MAIL_DOMAINS='10'
+MAIL_ACCOUNTS='10'
+DATABASES='10'
+CRON_JOBS='10'
+DISK_QUOTA='10000'
+BANDWIDTH='10000'
+NS='ns1.domain.tld,ns2.domain.tld'
+SHELL='nologin'
+BACKUPS='1'
+TIME='18:00:00'
+DATE='2017-12-28'
diff --git a/install/ubuntu/18.04/packages/palegreen.pkg b/install/ubuntu/18.04/packages/palegreen.pkg
new file mode 100644
index 00000000..3db5fe57
--- /dev/null
+++ b/install/ubuntu/18.04/packages/palegreen.pkg
@@ -0,0 +1,18 @@
+WEB_TEMPLATE='hosting'
+PROXY_TEMPLATE='hosting'
+DNS_TEMPLATE='default'
+WEB_DOMAINS='50'
+WEB_ALIASES='50'
+DNS_DOMAINS='50'
+DNS_RECORDS='50'
+MAIL_DOMAINS='50'
+MAIL_ACCOUNTS='50'
+DATABASES='50'
+CRON_JOBS='50'
+DISK_QUOTA='50000'
+BANDWIDTH='50000'
+NS='ns1.domain.tld,ns2.domain.tld'
+SHELL='nologin'
+BACKUPS='5'
+TIME='18:00:00'
+DATE='2017-12-28'
diff --git a/install/ubuntu/18.04/packages/slategrey.pkg b/install/ubuntu/18.04/packages/slategrey.pkg
new file mode 100644
index 00000000..d89e796f
--- /dev/null
+++ b/install/ubuntu/18.04/packages/slategrey.pkg
@@ -0,0 +1,18 @@
+WEB_TEMPLATE='default'
+PROXY_TEMPLATE='default'
+DNS_TEMPLATE='default'
+WEB_DOMAINS='100'
+WEB_ALIASES='100'
+DNS_DOMAINS='100'
+DNS_RECORDS='100'
+MAIL_DOMAINS='100'
+MAIL_ACCOUNTS='100'
+DATABASES='100'
+CRON_JOBS='100'
+DISK_QUOTA='10000'
+BANDWIDTH='100000'
+NS='ns1.domain.tld,ns2.domain.tld'
+SHELL='nologin'
+BACKUPS='3'
+TIME='18:00:00'
+DATE='2017-12-28'
diff --git a/install/ubuntu/18.04/pga/config.inc.php b/install/ubuntu/18.04/pga/config.inc.php
new file mode 100644
index 00000000..1eec9776
--- /dev/null
+++ b/install/ubuntu/18.04/pga/config.inc.php
@@ -0,0 +1,159 @@
+
diff --git a/install/ubuntu/18.04/pga/phppgadmin.conf b/install/ubuntu/18.04/pga/phppgadmin.conf
new file mode 100644
index 00000000..f39247d6
--- /dev/null
+++ b/install/ubuntu/18.04/pga/phppgadmin.conf
@@ -0,0 +1,31 @@
+Alias /phppgadmin /usr/share/phppgadmin
+
+
+
+DirectoryIndex index.php
+AllowOverride None
+
+order deny,allow
+deny from all
+allow from 127.0.0.0/255.0.0.0 ::1/128
+allow from all
+
+
+  php_flag magic_quotes_gpc Off
+  php_flag track_vars On
+  php_value include_path .
+
+
+  
+    
+      AddType application/x-httpd-php .php
+      Action application/x-httpd-php /cgi-bin/php
+    
+    
+      AddType application/x-httpd-php .php
+      Action application/x-httpd-php /cgi-bin/php
+    
+  
+
+
+
diff --git a/install/ubuntu/18.04/php-fpm/www.conf b/install/ubuntu/18.04/php-fpm/www.conf
new file mode 100644
index 00000000..3c87f33c
--- /dev/null
+++ b/install/ubuntu/18.04/php-fpm/www.conf
@@ -0,0 +1,11 @@
+[www]
+listen = 127.0.0.1:9000
+listen.allowed_clients = 127.0.0.1
+
+user = www-data
+group = www-data
+
+pm = ondemand
+pm.max_children = 2
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
diff --git a/install/ubuntu/18.04/pma/apache.conf b/install/ubuntu/18.04/pma/apache.conf
new file mode 100644
index 00000000..4da6ce84
--- /dev/null
+++ b/install/ubuntu/18.04/pma/apache.conf
@@ -0,0 +1,42 @@
+# phpMyAdmin default Apache configuration
+
+Alias /phpmyadmin /usr/share/phpmyadmin
+
+
+	Options FollowSymLinks
+	DirectoryIndex index.php
+
+	
+		AddType application/x-httpd-php .php
+
+		php_flag magic_quotes_gpc Off
+		php_flag track_vars On
+		php_flag register_globals Off
+		php_admin_flag allow_url_fopen Off
+		php_value include_path .
+		php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
+		php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext:/usr/share/javascript/
+	
+
+
+
+# Authorize for setup
+
+    
+    AuthType Basic
+    AuthName "phpMyAdmin Setup"
+    AuthUserFile /etc/phpmyadmin/htpasswd.setup
+    
+    Require valid-user
+
+
+# Disallow web access to directories that don't need it
+
+    Order Deny,Allow
+    Deny from All
+
+
+    Order Deny,Allow
+    Deny from All
+
+
diff --git a/install/ubuntu/18.04/pma/config.inc.php b/install/ubuntu/18.04/pma/config.inc.php
new file mode 100644
index 00000000..a643a065
--- /dev/null
+++ b/install/ubuntu/18.04/pma/config.inc.php
@@ -0,0 +1,146 @@
+
+    VRootEngine                 on
+    VRootAlias                  /etc/security/pam_env.conf etc/security/pam_env.conf
+
+
+AuthPAMConfig                   proftpd
+AuthOrder                       mod_auth_pam.c* mod_auth_unix.c
+UseReverseDNS                   off
+User                            proftpd
+Group                           nogroup
+MaxInstances                    20
+UseSendfile                     off
+LogFormat                       default "%h %l %u %t \"%r\" %s %b"
+LogFormat                       auth    "%v [%P] %h %t \"%r\" %s"
+ListOptions                     -a
+RequireValidShell               off
+PassivePorts                    12000 12100
+
+
+  Umask                         002
+  IdentLookups                  off
+  AllowOverwrite                yes
+  
+    AllowAll
+  
+
diff --git a/install/ubuntu/18.04/roundcube/apache.conf b/install/ubuntu/18.04/roundcube/apache.conf
new file mode 100644
index 00000000..a0c87bcc
--- /dev/null
+++ b/install/ubuntu/18.04/roundcube/apache.conf
@@ -0,0 +1,40 @@
+Alias /roundcube/program/js/tiny_mce/ /usr/share/tinymce/www/
+Alias /roundcube /var/lib/roundcube
+Alias /webmail /var/lib/roundcube
+
+# Access to tinymce files
+
+      Options Indexes MultiViews FollowSymLinks
+      AllowOverride None
+      Order allow,deny
+      allow from all
+
+
+
+  Options +FollowSymLinks
+  # This is needed to parse /var/lib/roundcube/.htaccess. See its
+  # content before setting AllowOverride to None.
+  AllowOverride All
+  order allow,deny
+  allow from all
+
+
+# Protecting basic directories:
+
+        Options -FollowSymLinks
+        AllowOverride None
+
+
+
+        Options -FollowSymLinks
+        AllowOverride None
+	Order allow,deny
+	Deny from all
+
+
+
+        Options -FollowSymLinks
+        AllowOverride None
+	Order allow,deny
+	Deny from all
+
diff --git a/install/ubuntu/18.04/roundcube/config.inc.php b/install/ubuntu/18.04/roundcube/config.inc.php
new file mode 100644
index 00000000..0c82b1bc
--- /dev/null
+++ b/install/ubuntu/18.04/roundcube/config.inc.php
@@ -0,0 +1,33 @@
+
diff --git a/install/ubuntu/18.04/roundcube/main.inc.php b/install/ubuntu/18.04/roundcube/main.inc.php
new file mode 100644
index 00000000..44b19793
--- /dev/null
+++ b/install/ubuntu/18.04/roundcube/main.inc.php
@@ -0,0 +1,850 @@
+/sendmail or to syslog
+$rcmail_config['smtp_log'] = true;
+
+// Log successful logins to /userlogins or to syslog
+$rcmail_config['log_logins'] = false;
+
+// Log session authentication errors to /session or to syslog
+$rcmail_config['log_session'] = false;
+
+// Log SQL queries to /sql or to syslog
+$rcmail_config['sql_debug'] = false;
+
+// Log IMAP conversation to /imap or to syslog
+$rcmail_config['imap_debug'] = false;
+
+// Log LDAP conversation to /ldap or to syslog
+$rcmail_config['ldap_debug'] = false;
+
+// Log SMTP conversation to /smtp or to syslog
+$rcmail_config['smtp_debug'] = false;
+
+// ----------------------------------
+// IMAP
+// ----------------------------------
+
+// the mail host chosen to perform the log-in
+// leave blank to show a textbox at login, give a list of hosts
+// to display a pulldown menu or set one host as string.
+// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls://
+// Supported replacement variables:
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %s - domain name after the '@' from e-mail address provided at login screen
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['default_host'] = 'localhost';
+
+// TCP port used for IMAP connections
+$rcmail_config['default_port'] = 143;
+
+// IMAP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use
+// best server supported one)
+$rcmail_config['imap_auth_type'] = null;
+
+// If you know your imap's folder delimiter, you can specify it here.
+// Otherwise it will be determined automatically
+$rcmail_config['imap_delimiter'] = null;
+
+// If IMAP server doesn't support NAMESPACE extension, but you're
+// using shared folders or personal root folder is non-empty, you'll need to
+// set these options. All can be strings or arrays of strings.
+// Folders need to be ended with directory separator, e.g. "INBOX."
+// (special directory "~" is an exception to this rule)
+// These can be used also to overwrite server's namespaces
+$rcmail_config['imap_ns_personal'] = null;
+$rcmail_config['imap_ns_other']    = null;
+$rcmail_config['imap_ns_shared']   = null;
+
+// By default IMAP capabilities are readed after connection to IMAP server
+// In some cases, e.g. when using IMAP proxy, there's a need to refresh the list
+// after login. Set to True if you've got this case.
+$rcmail_config['imap_force_caps'] = false;
+
+// By default list of subscribed folders is determined using LIST-EXTENDED
+// extension if available. Some servers (dovecot 1.x) returns wrong results
+// for shared namespaces in this case. http://trac.roundcube.net/ticket/1486225
+// Enable this option to force LSUB command usage instead.
+$rcmail_config['imap_force_lsub'] = false;
+
+// Some server configurations (e.g. Courier) doesn't list folders in all namespaces
+// Enable this option to force listing of folders in all namespaces
+$rcmail_config['imap_force_ns'] = false;
+
+// IMAP connection timeout, in seconds. Default: 0 (no limit)
+$rcmail_config['imap_timeout'] = 0;
+
+// Optional IMAP authentication identifier to be used as authorization proxy
+$rcmail_config['imap_auth_cid'] = null;
+
+// Optional IMAP authentication password to be used for imap_auth_cid
+$rcmail_config['imap_auth_pw'] = null;
+
+// Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'.
+$rcmail_config['imap_cache'] = null;
+
+// Enables messages cache. Only 'db' cache is supported.
+$rcmail_config['messages_cache'] = false;
+
+
+// ----------------------------------
+// SMTP
+// ----------------------------------
+
+// SMTP server host (for sending mails).
+// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls://
+// If left blank, the PHP mail() function is used
+// Supported replacement variables:
+// %h - user's IMAP hostname
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %z - IMAP domain (IMAP hostname without the first part)
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['smtp_server'] = '';
+
+// SMTP port (default is 25; use 587 for STARTTLS or 465 for the
+// deprecated SSL over SMTP (aka SMTPS))
+$rcmail_config['smtp_port'] = 25;
+
+// SMTP username (if required) if you use %u as the username Roundcube
+// will use the current username for login
+$rcmail_config['smtp_user'] = '';
+
+// SMTP password (if required) if you use %p as the password Roundcube
+// will use the current user's password for login
+$rcmail_config['smtp_pass'] = '';
+
+// SMTP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use
+// best server supported one)
+$rcmail_config['smtp_auth_type'] = '';
+
+// Optional SMTP authentication identifier to be used as authorization proxy
+$rcmail_config['smtp_auth_cid'] = null;
+
+// Optional SMTP authentication password to be used for smtp_auth_cid
+$rcmail_config['smtp_auth_pw'] = null;
+
+// SMTP HELO host 
+// Hostname to give to the remote server for SMTP 'HELO' or 'EHLO' messages 
+// Leave this blank and you will get the server variable 'server_name' or 
+// localhost if that isn't defined. 
+$rcmail_config['smtp_helo_host'] = '';
+
+// SMTP connection timeout, in seconds. Default: 0 (no limit)
+$rcmail_config['smtp_timeout'] = 0;
+
+// ----------------------------------
+// SYSTEM
+// ----------------------------------
+include_once("/etc/roundcube/debian-db-roundcube.php");
+
+
+// THIS OPTION WILL ALLOW THE INSTALLER TO RUN AND CAN EXPOSE SENSITIVE CONFIG DATA.
+// ONLY ENABLE IT IF YOU'RE REALLY SURE WHAT YOU'RE DOING!
+$rcmail_config['enable_installer'] = false;
+
+// provide an URL where a user can get support for this Roundcube installation
+// PLEASE DO NOT LINK TO THE ROUNDCUBE.NET WEBSITE HERE!
+$rcmail_config['support_url'] = '';
+
+// replace Roundcube logo with this image
+// specify an URL relative to the document root of this Roundcube installation
+$rcmail_config['skin_logo'] = null;
+
+// automatically create a new Roundcube user when log-in the first time.
+// a new user will be created once the IMAP login succeeds.
+// set to false if only registered users can use this service
+$rcmail_config['auto_create_user'] = true;
+
+// use this folder to store log files (must be writeable for apache user)
+// This is used by the 'file' log driver.
+$rcmail_config['log_dir'] = '/var/log/roundcubemail/';
+
+// use this folder to store temp files (must be writeable for apache user)
+$rcmail_config['temp_dir'] = '/tmp';
+
+// lifetime of message cache
+// possible units: s, m, h, d, w
+$rcmail_config['message_cache_lifetime'] = '10d';
+
+// enforce connections over https
+// with this option enabled, all non-secure connections will be redirected.
+// set the port for the ssl connection as value of this option if it differs from the default 443
+$rcmail_config['force_https'] = false;
+
+// tell PHP that it should work as under secure connection
+// even if it doesn't recognize it as secure ($_SERVER['HTTPS'] is not set)
+// e.g. when you're running Roundcube behind a https proxy
+// this option is mutually exclusive to 'force_https' and only either one of them should be set to true.
+$rcmail_config['use_https'] = false;
+
+// Allow browser-autocompletion on login form.
+// 0 - disabled, 1 - username and host only, 2 - username, host, password
+$rcmail_config['login_autocomplete'] = 0;
+
+// Forces conversion of logins to lower case.
+// 0 - disabled, 1 - only domain part, 2 - domain and local part.
+// If users authentication is not case-sensitive this must be enabled.
+// After enabling it all user records need to be updated, e.g. with query:
+// UPDATE users SET username = LOWER(username);
+$rcmail_config['login_lc'] = 0;
+
+// Includes should be interpreted as PHP files
+$rcmail_config['skin_include_php'] = false;
+
+// display software version on login screen
+$rcmail_config['display_version'] = false;
+
+// Session lifetime in minutes
+// must be greater than 'keep_alive'/60
+$rcmail_config['session_lifetime'] = 10;
+
+// session domain: .example.org
+$rcmail_config['session_domain'] = '';
+
+// session name. Default: 'roundcube_sessid'
+$rcmail_config['session_name'] = null;
+
+// Backend to use for session storage. Can either be 'db' (default) or 'memcache'
+// If set to memcache, a list of servers need to be specified in 'memcache_hosts'
+// Make sure the Memcache extension (http://pecl.php.net/package/memcache) version >= 2.0.0 is installed
+$rcmail_config['session_storage'] = 'db';
+
+// Use these hosts for accessing memcached
+// Define any number of hosts in the form of hostname:port or unix:///path/to/sock.file
+$rcmail_config['memcache_hosts'] = null; // e.g. array( 'localhost:11211', '192.168.1.12:11211', 'unix:///var/tmp/memcached.sock' );
+
+// check client IP in session athorization
+$rcmail_config['ip_check'] = false;
+
+// check referer of incoming requests
+$rcmail_config['referer_check'] = false;
+
+// X-Frame-Options HTTP header value sent to prevent from Clickjacking.
+// Possible values: sameorigin|deny. Set to false in order to disable sending them
+$rcmail_config['x_frame_options'] = 'sameorigin';
+
+// this key is used to encrypt the users imap password which is stored
+// in the session record (and the client cookie if remember password is enabled).
+// please provide a string of exactly 24 chars.
+$rcmail_config['des_key'] = 'vtIOjLZo9kffJoqzpSbm5r1r';
+
+// Automatically add this domain to user names for login
+// Only for IMAP servers that require full e-mail addresses for login
+// Specify an array with 'host' => 'domain' values to support multiple hosts
+// Supported replacement variables:
+// %h - user's IMAP hostname
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %z - IMAP domain (IMAP hostname without the first part)
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['username_domain'] = '';
+
+// This domain will be used to form e-mail addresses of new users
+// Specify an array with 'host' => 'domain' values to support multiple hosts
+// Supported replacement variables:
+// %h - user's IMAP hostname
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %z - IMAP domain (IMAP hostname without the first part)
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['mail_domain'] = '';
+
+// Password charset.
+// Use it if your authentication backend doesn't support UTF-8.
+// Defaults to ISO-8859-1 for backward compatibility
+$rcmail_config['password_charset'] = 'ISO-8859-1';
+
+// How many seconds must pass between emails sent by a user
+$rcmail_config['sendmail_delay'] = 0;
+
+// Maximum number of recipients per message. Default: 0 (no limit)
+$rcmail_config['max_recipients'] = 0; 
+
+// Maximum allowednumber of members of an address group. Default: 0 (no limit)
+// If 'max_recipients' is set this value should be less or equal
+$rcmail_config['max_group_members'] = 0; 
+
+// add this user-agent to message headers when sending
+$rcmail_config['useragent'] = 'Roundcube Webmail/'.RCMAIL_VERSION;
+
+// use this name to compose page titles
+$rcmail_config['product_name'] = 'Roundcube Webmail';
+
+// try to load host-specific configuration
+// see http://trac.roundcube.net/wiki/Howto_Config for more details
+$rcmail_config['include_host_config'] = false;
+
+// path to a text file which will be added to each sent message
+// paths are relative to the Roundcube root folder
+$rcmail_config['generic_message_footer'] = '';
+
+// path to a text file which will be added to each sent HTML message
+// paths are relative to the Roundcube root folder
+$rcmail_config['generic_message_footer_html'] = '';
+
+// add a received header to outgoing mails containing the creators IP and hostname
+$rcmail_config['http_received_header'] = false;
+
+// Whether or not to encrypt the IP address and the host name
+// these could, in some circles, be considered as sensitive information;
+// however, for the administrator, these could be invaluable help
+// when tracking down issues.
+$rcmail_config['http_received_header_encrypt'] = false;
+
+// This string is used as a delimiter for message headers when sending
+// a message via mail() function. Leave empty for auto-detection
+$rcmail_config['mail_header_delimiter'] = NULL;
+
+// number of chars allowed for line when wrapping text.
+// text wrapping is done when composing/sending messages
+$rcmail_config['line_length'] = 72;
+
+// send plaintext messages as format=flowed
+$rcmail_config['send_format_flowed'] = true;
+
+// don't allow these settings to be overriden by the user
+$rcmail_config['dont_override'] = array();
+
+// Set identities access level:
+// 0 - many identities with possibility to edit all params
+// 1 - many identities with possibility to edit all params but not email address
+// 2 - one identity with possibility to edit all params
+// 3 - one identity with possibility to edit all params but not email address
+$rcmail_config['identities_level'] = 0;
+
+// Mimetypes supported by the browser.
+// attachments of these types will open in a preview window
+// either a comma-separated list or an array: 'text/plain,text/html,text/xml,image/jpeg,image/gif,image/png,application/pdf'
+$rcmail_config['client_mimetypes'] = null;  # null == default
+
+// mime magic database
+$rcmail_config['mime_magic'] = null;
+
+// path to imagemagick identify binary
+$rcmail_config['im_identify_path'] = null;
+
+// path to imagemagick convert binary
+$rcmail_config['im_convert_path'] = null;
+
+// maximum size of uploaded contact photos in pixel
+$rcmail_config['contact_photo_size'] = 160;
+
+// Enable DNS checking for e-mail address validation
+$rcmail_config['email_dns_check'] = false;
+
+// ----------------------------------
+// PLUGINS
+// ----------------------------------
+
+// List of active plugins (in plugins/ directory)
+$rcmail_config['plugins'] = array('password');
+
+// ----------------------------------
+// USER INTERFACE
+// ----------------------------------
+
+// default messages sort column. Use empty value for default server's sorting, 
+// or 'arrival', 'date', 'subject', 'from', 'to', 'fromto', 'size', 'cc'
+$rcmail_config['message_sort_col'] = '';
+
+// default messages sort order
+$rcmail_config['message_sort_order'] = 'DESC';
+
+// These cols are shown in the message list. Available cols are:
+// subject, from, to, fromto, cc, replyto, date, size, status, flag, attachment, 'priority'
+$rcmail_config['list_cols'] = array('subject', 'status', 'fromto', 'date', 'size', 'flag', 'attachment');
+
+// the default locale setting (leave empty for auto-detection)
+// RFC1766 formatted language name like en_US, de_DE, de_CH, fr_FR, pt_BR
+$rcmail_config['language'] = null;
+
+// use this format for date display (date or strftime format)
+$rcmail_config['date_format'] = 'Y-m-d';
+
+// give this choice of date formats to the user to select from
+$rcmail_config['date_formats'] = array('Y-m-d', 'd-m-Y', 'Y/m/d', 'm/d/Y', 'd/m/Y', 'd.m.Y', 'j.n.Y');
+
+// use this format for time display (date or strftime format)
+$rcmail_config['time_format'] = 'H:i';
+
+// give this choice of time formats to the user to select from
+$rcmail_config['time_formats'] = array('G:i', 'H:i', 'g:i a', 'h:i A');
+
+// use this format for short date display (derived from date_format and time_format)
+$rcmail_config['date_short'] = 'D H:i';
+
+// use this format for detailed date/time formatting (derived from date_format and time_format)
+$rcmail_config['date_long'] = 'Y-m-d H:i';
+
+// store draft message is this mailbox
+// leave blank if draft messages should not be stored
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['drafts_mbox'] = 'Drafts';
+
+// store spam messages in this mailbox
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['junk_mbox'] = 'Spam';
+
+// store sent message is this mailbox
+// leave blank if sent messages should not be stored
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['sent_mbox'] = 'Sent';
+
+// move messages to this folder when deleting them
+// leave blank if they should be deleted directly
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['trash_mbox'] = 'Trash';
+
+// display these folders separately in the mailbox list.
+// these folders will also be displayed with localized names
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['default_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash');
+$rcmail_config['default_imap_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash');
+
+// automatically create the above listed default folders on first login
+$rcmail_config['create_default_folders'] = true;
+
+// protect the default folders from renames, deletes, and subscription changes
+$rcmail_config['protect_default_folders'] = true;
+
+// if in your system 0 quota means no limit set this option to true 
+$rcmail_config['quota_zero_as_unlimited'] = true;
+
+// Make use of the built-in spell checker. It is based on GoogieSpell.
+// Since Google only accepts connections over https your PHP installatation
+// requires to be compiled with Open SSL support
+$rcmail_config['enable_spellcheck'] = true;
+
+// Enables spellchecker exceptions dictionary.
+// Setting it to 'shared' will make the dictionary shared by all users.
+$rcmail_config['spellcheck_dictionary'] = false;
+
+// Set the spell checking engine. 'googie' is the default. 'pspell' is also available,
+// but requires the Pspell extensions. When using Nox Spell Server, also set 'googie' here.
+$rcmail_config['spellcheck_engine'] = 'googie';
+
+// For a locally installed Nox Spell Server, please specify the URI to call it.
+// Get Nox Spell Server from http://orangoo.com/labs/?page_id=72
+// Leave empty to use the Google spell checking service, what means
+// that the message content will be sent to Google in order to check spelling
+$rcmail_config['spellcheck_uri'] = '';
+
+// These languages can be selected for spell checking.
+// Configure as a PHP style hash array: array('en'=>'English', 'de'=>'Deutsch');
+// Leave empty for default set of available language.
+$rcmail_config['spellcheck_languages'] = NULL;
+
+// Makes that words with all letters capitalized will be ignored (e.g. GOOGLE)
+$rcmail_config['spellcheck_ignore_caps'] = false;
+
+// Makes that words with numbers will be ignored (e.g. g00gle)
+$rcmail_config['spellcheck_ignore_nums'] = false;
+
+// Makes that words with symbols will be ignored (e.g. g@@gle)
+$rcmail_config['spellcheck_ignore_syms'] = false;
+
+// Use this char/string to separate recipients when composing a new message
+$rcmail_config['recipients_separator'] = ',';
+
+// don't let users set pagesize to more than this value if set
+$rcmail_config['max_pagesize'] = 200;
+
+// Minimal value of user's 'keep_alive' setting (in seconds)
+// Must be less than 'session_lifetime'
+$rcmail_config['min_keep_alive'] = 60;
+
+// Enables files upload indicator. Requires APC installed and enabled apc.rfc1867 option.
+// By default refresh time is set to 1 second. You can set this value to true
+// or any integer value indicating number of seconds.
+$rcmail_config['upload_progress'] = false;
+
+// Specifies for how many seconds the Undo button will be available
+// after object delete action. Currently used with supporting address book sources.
+// Setting it to 0, disables the feature.
+$rcmail_config['undo_timeout'] = 0;
+
+// ----------------------------------
+// ADDRESSBOOK SETTINGS
+// ----------------------------------
+
+// This indicates which type of address book to use. Possible choises:
+// 'sql' (default) and 'ldap'.
+// If set to 'ldap' then it will look at using the first writable LDAP
+// address book as the primary address book and it will not display the
+// SQL address book in the 'Address Book' view.
+$rcmail_config['address_book_type'] = 'sql';
+
+// In order to enable public ldap search, configure an array like the Verisign
+// example further below. if you would like to test, simply uncomment the example.
+// Array key must contain only safe characters, ie. a-zA-Z0-9_
+$rcmail_config['ldap_public'] = array();
+
+// If you are going to use LDAP for individual address books, you will need to 
+// set 'user_specific' to true and use the variables to generate the appropriate DNs to access it.
+//
+// The recommended directory structure for LDAP is to store all the address book entries
+// under the users main entry, e.g.:
+//
+//  o=root
+//   ou=people
+//    uid=user@domain
+//  mail=contact@contactdomain
+//
+// So the base_dn would be uid=%fu,ou=people,o=root
+// The bind_dn would be the same as based_dn or some super user login.
+/* 
+ * example config for Verisign directory
+ *
+$rcmail_config['ldap_public']['Verisign'] = array(
+  'name'          => 'Verisign.com',
+  // Replacement variables supported in host names:
+  // %h - user's IMAP hostname
+  // %n - http hostname ($_SERVER['SERVER_NAME'])
+  // %d - domain (http hostname without the first part)
+  // %z - IMAP domain (IMAP hostname without the first part)
+  // For example %n = mail.domain.tld, %d = domain.tld
+  'hosts'         => array('directory.verisign.com'),
+  'port'          => 389,
+  'use_tls'	      => false,
+  'ldap_version'  => 3,       // using LDAPv3
+  'user_specific' => false,   // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login.
+  // %fu - The full username provided, assumes the username is an email
+  //       address, uses the username_domain value if not an email address.
+  // %u  - The username prior to the '@'.
+  // %d  - The domain name after the '@'.
+  // %dc - The domain name hierarchal string e.g. "dc=test,dc=domain,dc=com"
+  // %dn - DN found by ldap search when search_filter/search_base_dn are used
+  'base_dn'       => '',
+  'bind_dn'       => '',
+  'bind_pass'     => '',
+  // It's possible to bind for an individual address book
+  // The login name is used to search for the DN to bind with
+  'search_base_dn' => '',
+  'search_filter'  => '',   // e.g. '(&(objectClass=posixAccount)(uid=%u))'
+  // DN and password to bind as before searching for bind DN, if anonymous search is not allowed
+  'search_bind_dn' => '',
+  'search_bind_pw' => '',
+  // Default for %dn variable if search doesn't return DN value
+  'search_dn_default' => '',
+  // Optional authentication identifier to be used as SASL authorization proxy
+  // bind_dn need to be empty
+  'auth_cid'       => '',
+  // SASL authentication method (for proxy auth), e.g. DIGEST-MD5
+  'auth_method'    => '',
+  // Indicates if the addressbook shall be hidden from the list.
+  // With this option enabled you can still search/view contacts.
+  'hidden'        => false,
+  // Indicates if the addressbook shall not list contacts but only allows searching.
+  'searchonly'    => false,
+  // Indicates if we can write to the LDAP directory or not.
+  // If writable is true then these fields need to be populated:
+  // LDAP_Object_Classes, required_fields, LDAP_rdn
+  'writable'       => false,
+  // To create a new contact these are the object classes to specify
+  // (or any other classes you wish to use).
+  'LDAP_Object_Classes' => array('top', 'inetOrgPerson'),
+  // The RDN field that is used for new entries, this field needs
+  // to be one of the search_fields, the base of base_dn is appended
+  // to the RDN to insert into the LDAP directory.
+  'LDAP_rdn'       => 'cn',
+  // The required fields needed to build a new contact as required by
+  // the object classes (can include additional fields not required by the object classes).
+  'required_fields' => array('cn', 'sn', 'mail'),
+  'search_fields'   => array('mail', 'cn'),  // fields to search in
+  // mapping of contact fields to directory attributes
+  //   for every attribute one can specify the number of values (limit) allowed.
+  //   default is 1, a wildcard * means unlimited
+  'fieldmap' => array(
+    // Roundcube  => LDAP:limit
+    'name'        => 'cn',
+    'surname'     => 'sn',
+    'firstname'   => 'givenName',
+    'title'       => 'title',
+    'email'       => 'mail:*',
+    'phone:home'  => 'homePhone',
+    'phone:work'  => 'telephoneNumber',
+    'phone:mobile' => 'mobile',
+    'phone:pager' => 'pager',
+    'street'      => 'street',
+    'zipcode'     => 'postalCode',
+    'region'      => 'st',
+    'locality'    => 'l',
+// if you uncomment country, you need to modify 'sub_fields' above
+//    'country'     => 'c',
+    'department'  => 'departmentNumber',
+    'notes'       => 'description',
+// these currently don't work:
+//    'phone:workfax' => 'facsimileTelephoneNumber',
+//    'photo'        => 'jpegPhoto',
+//    'organization' => 'o',
+//    'manager'      => 'manager',
+//    'assistant'    => 'secretary',
+  ),
+  // Map of contact sub-objects (attribute name => objectClass(es)), e.g. 'c' => 'country'
+  'sub_fields' => array(),
+  'sort'          => 'cn',    // The field to sort the listing by.
+  'scope'         => 'sub',   // search mode: sub|base|list
+  'filter'        => '(objectClass=inetOrgPerson)',      // used for basic listing (if not empty) and will be &'d with search queries. example: status=act
+  'fuzzy_search'  => true,    // server allows wildcard search
+  'vlv'           => false,   // Enable Virtual List View to more efficiently fetch paginated data (if server supports it)
+  'numsub_filter' => '(objectClass=organizationalUnit)',   // with VLV, we also use numSubOrdinates to query the total number of records. Set this filter to get all numSubOrdinates attributes for counting
+  'sizelimit'     => '0',     // Enables you to limit the count of entries fetched. Setting this to 0 means no limit.
+  'timelimit'     => '0',     // Sets the number of seconds how long is spend on the search. Setting this to 0 means no limit.
+  'referrals'     => true|false,  // Sets the LDAP_OPT_REFERRALS option. Mostly used in multi-domain Active Directory setups
+
+  // definition for contact groups (uncomment if no groups are supported)
+  // for the groups base_dn, the user replacements %fu, %u, $d and %dc work as for base_dn (see above)
+  // if the groups base_dn is empty, the contact base_dn is used for the groups as well
+  // -> in this case, assure that groups and contacts are separated due to the concernig filters! 
+  'groups'        => array(
+    'base_dn'     => '',
+    'scope'       => 'sub',   // search mode: sub|base|list
+    'filter'      => '(objectClass=groupOfNames)',
+    'object_classes' => array("top", "groupOfNames"),
+    'member_attr'  => 'member',   // name of the member attribute, e.g. uniqueMember
+    'name_attr'    => 'cn',       // attribute to be used as group name
+  ),
+);
+*/
+
+// An ordered array of the ids of the addressbooks that should be searched
+// when populating address autocomplete fields server-side. ex: array('sql','Verisign');
+$rcmail_config['autocomplete_addressbooks'] = array('sql');
+
+// The minimum number of characters required to be typed in an autocomplete field
+// before address books will be searched. Most useful for LDAP directories that
+// may need to do lengthy results building given overly-broad searches
+$rcmail_config['autocomplete_min_length'] = 1;
+
+// Number of parallel autocomplete requests.
+// If there's more than one address book, n parallel (async) requests will be created,
+// where each request will search in one address book. By default (0), all address
+// books are searched in one request.
+$rcmail_config['autocomplete_threads'] = 0;
+
+// Max. numer of entries in autocomplete popup. Default: 15.
+$rcmail_config['autocomplete_max'] = 15;
+
+// show address fields in this order
+// available placeholders: {street}, {locality}, {zipcode}, {country}, {region}
+$rcmail_config['address_template'] = '{street}
{locality} {zipcode}
{country} {region}';
+
+// Matching mode for addressbook search (including autocompletion)
+// 0 - partial (*abc*), default
+// 1 - strict (abc)
+// 2 - prefix (abc*)
+// Note: For LDAP sources fuzzy_search must be enabled to use 'partial' or 'prefix' mode
+$rcmail_config['addressbook_search_mode'] = 0;
+
+// ----------------------------------
+// USER PREFERENCES
+// ----------------------------------
+
+// Use this charset as fallback for message decoding
+//$rcmail_config['default_charset'] = 'ISO-8859-1';
+$rcmail_config['default_charset'] = 'UTF-8';
+
+// skin name: folder from skins/
+$rcmail_config['skin'] = 'larry';
+
+// show up to X items in messages list view
+$rcmail_config['mail_pagesize'] = 50;
+
+// show up to X items in contacts list view
+$rcmail_config['addressbook_pagesize'] = 50;
+
+// sort contacts by this col (preferably either one of name, firstname, surname)
+$rcmail_config['addressbook_sort_col'] = 'surname';
+
+// the way how contact names are displayed in the list
+// 0: display name
+// 1: (prefix) firstname middlename surname (suffix)
+// 2: (prefix) surname firstname middlename (suffix)
+// 3: (prefix) surname, firstname middlename (suffix)
+$rcmail_config['addressbook_name_listing'] = 0;
+
+// use this timezone to display date/time
+// valid timezone identifers are listed here: php.net/manual/en/timezones.php
+// 'auto' will use the browser's timezone settings
+$rcmail_config['timezone'] = 'auto';
+
+// prefer displaying HTML messages
+$rcmail_config['prefer_html'] = true;
+
+// display remote inline images
+// 0 - Never, always ask
+// 1 - Ask if sender is not in address book
+// 2 - Always show inline images
+$rcmail_config['show_images'] = 0;
+
+// compose html formatted messages by default
+// 0 - never, 1 - always, 2 - on reply to HTML message only 
+$rcmail_config['htmleditor'] = 0;
+
+// show pretty dates as standard
+$rcmail_config['prettydate'] = true;
+
+// save compose message every 30 seconds
+$rcmail_config['draft_autosave'] = 30;
+
+// default setting if preview pane is enabled
+$rcmail_config['preview_pane'] = false;
+
+// Mark as read when viewed in preview pane (delay in seconds)
+// Set to -1 if messages in preview pane should not be marked as read
+$rcmail_config['preview_pane_mark_read'] = 0;
+
+// Clear Trash on logout
+$rcmail_config['logout_purge'] = false;
+
+// Compact INBOX on logout
+$rcmail_config['logout_expunge'] = false;
+
+// Display attached images below the message body 
+$rcmail_config['inline_images'] = true;
+
+// Encoding of long/non-ascii attachment names:
+// 0 - Full RFC 2231 compatible
+// 1 - RFC 2047 for 'name' and RFC 2231 for 'filename' parameter (Thunderbird's default)
+// 2 - Full 2047 compatible
+$rcmail_config['mime_param_folding'] = 1;
+
+// Set true if deleted messages should not be displayed
+// This will make the application run slower
+$rcmail_config['skip_deleted'] = false;
+
+// Set true to Mark deleted messages as read as well as deleted
+// False means that a message's read status is not affected by marking it as deleted
+$rcmail_config['read_when_deleted'] = true;
+
+// Set to true to never delete messages immediately
+// Use 'Purge' to remove messages marked as deleted
+$rcmail_config['flag_for_deletion'] = false;
+
+// Default interval for keep-alive/check-recent requests (in seconds)
+// Must be greater than or equal to 'min_keep_alive' and less than 'session_lifetime'
+$rcmail_config['keep_alive'] = 60;
+
+// If true all folders will be checked for recent messages
+$rcmail_config['check_all_folders'] = false;
+
+// If true, after message delete/move, the next message will be displayed
+$rcmail_config['display_next'] = false;
+
+// 0 - Do not expand threads 
+// 1 - Expand all threads automatically 
+// 2 - Expand only threads with unread messages 
+$rcmail_config['autoexpand_threads'] = 0;
+
+// When replying place cursor above original message (top posting)
+$rcmail_config['top_posting'] = false;
+
+// When replying strip original signature from message
+$rcmail_config['strip_existing_sig'] = true;
+
+// Show signature:
+// 0 - Never
+// 1 - Always
+// 2 - New messages only
+// 3 - Forwards and Replies only
+$rcmail_config['show_sig'] = 1;
+
+// When replying or forwarding place sender's signature above existing message
+$rcmail_config['sig_above'] = false;
+
+// Use MIME encoding (quoted-printable) for 8bit characters in message body
+$rcmail_config['force_7bit'] = false;
+
+// Defaults of the search field configuration.
+// The array can contain a per-folder list of header fields which should be considered when searching
+// The entry with key '*' stands for all folders which do not have a specific list set.
+// Please note that folder names should to be in sync with $rcmail_config['default_folders']
+$rcmail_config['search_mods'] = null;  // Example: array('*' => array('subject'=>1, 'from'=>1), 'Sent' => array('subject'=>1, 'to'=>1));
+
+// Defaults of the addressbook search field configuration.
+$rcmail_config['addressbook_search_mods'] = null;  // Example: array('name'=>1, 'firstname'=>1, 'surname'=>1, 'email'=>1, '*'=>1);
+
+// 'Delete always'
+// This setting reflects if mail should be always deleted
+// when moving to Trash fails. This is necessary in some setups
+// when user is over quota and Trash is included in the quota.
+$rcmail_config['delete_always'] = false;
+
+// Directly delete messages in Junk instead of moving to Trash
+$rcmail_config['delete_junk'] = true;
+
+// Behavior if a received message requests a message delivery notification (read receipt)
+// 0 = ask the user, 1 = send automatically, 2 = ignore (never send or ask)
+// 3 = send automatically if sender is in addressbook, otherwise ask the user
+// 4 = send automatically if sender is in addressbook, otherwise ignore
+$rcmail_config['mdn_requests'] = 0;
+
+// Return receipt checkbox default state
+$rcmail_config['mdn_default'] = 0;
+
+// Delivery Status Notification checkbox default state
+$rcmail_config['dsn_default'] = 0;
+
+// Place replies in the folder of the message being replied to
+$rcmail_config['reply_same_folder'] = false;
+
+// Sets default mode of Forward feature to "forward as attachment"
+$rcmail_config['forward_attachment'] = false;
+
+// Defines address book (internal index) to which new contacts will be added
+// By default it is the first writeable addressbook.
+// Note: Use '0' for built-in address book.
+$rcmail_config['default_addressbook'] = null;
+
+// Enables spell checking before sending a message.
+$rcmail_config['spellcheck_before_send'] = false;
+
+// Skip alternative email addresses in autocompletion (show one address per contact)
+$rcmail_config['autocomplete_single'] = false;
+
+// Default font for composed HTML message.
+// Supported values: Andale Mono, Arial, Arial Black, Book Antiqua, Courier New,
+// Georgia, Helvetica, Impact, Tahoma, Terminal, Times New Roman, Trebuchet MS, Verdana
+$rcmail_config['default_font'] = '';
+
+// end of config file
diff --git a/install/ubuntu/18.04/roundcube/vesta.php b/install/ubuntu/18.04/roundcube/vesta.php
new file mode 100644
index 00000000..99e1d4bc
--- /dev/null
+++ b/install/ubuntu/18.04/roundcube/vesta.php
@@ -0,0 +1,71 @@
+
+ */
+
+    function password_save($curpass, $passwd)
+    {
+        $rcmail = rcmail::get_instance();
+        $vesta_host = $rcmail->config->get('password_vesta_host');
+
+        if (empty($vesta_host))
+        {
+            $vesta_host = 'localhost';
+        }
+
+        $vesta_port = $rcmail->config->get('password_vesta_port');
+        if (empty($vesta_port))
+        {
+            $vesta_port = '8083';
+        }
+
+        $postvars = array(
+          'email' => $_SESSION['username'],
+          'password' => $curpass,
+          'new' => $passwd
+        );
+
+        $postdata = http_build_query($postvars);
+
+        $send  = 'POST /reset/mail/ HTTP/1.1' . PHP_EOL;
+        $send .= 'Host: ' . $vesta_host . PHP_EOL;
+        $send .= 'User-Agent: PHP Script' . PHP_EOL;
+        $send .= 'Content-length: ' . strlen($postdata) . PHP_EOL;
+        $send .= 'Content-type: application/x-www-form-urlencoded' . PHP_EOL;
+        $send .= 'Connection: close' . PHP_EOL;
+        $send .= PHP_EOL;
+        $send .= $postdata . PHP_EOL . PHP_EOL;
+
+        //$fp = fsockopen('ssl://' . $vesta_host, $vesta_port);
+        $errno = "";
+        $errstr = "";
+        $context = stream_context_create();
+        $result = stream_context_set_option($context, 'ssl', 'verify_peer', false);
+        $result = stream_context_set_option($context, 'ssl', 'verify_peer_name', false);
+        $result = stream_context_set_option($context, 'ssl', 'verify_host', false);
+        $result = stream_context_set_option($context, 'ssl', 'allow_self_signed', true);
+
+        $fp = stream_socket_client('ssl://' . $vesta_host . ':'.$vesta_port, $errno, $errstr, 60, STREAM_CLIENT_CONNECT, $context);
+        fputs($fp, $send);
+        $result = fread($fp, 2048);
+        fclose($fp);
+
+        $fp = fopen("/tmp/roundcube.log", 'w');
+        fwrite($fp, "test ok");
+        fwrite($fp, "\n");
+        fclose($fp);
+
+
+        if(strpos($result, 'ok') && !strpos($result, 'error'))
+        {
+            return PASSWORD_SUCCESS;
+        }
+        else {
+            return PASSWORD_ERROR;
+        }
+
+    }
diff --git a/install/ubuntu/18.04/sudo/admin b/install/ubuntu/18.04/sudo/admin
new file mode 100644
index 00000000..4226bdd4
--- /dev/null
+++ b/install/ubuntu/18.04/sudo/admin
@@ -0,0 +1,8 @@
+# Created by vesta installer
+Defaults env_keep="VESTA"
+Defaults:admin !syslog
+Defaults:admin !requiretty
+Defaults:root !requiretty
+
+admin   ALL=(ALL)       ALL
+admin   ALL=NOPASSWD:/usr/local/vesta/bin/*
diff --git a/install/ubuntu/18.04/templates/dns/child-ns.tpl b/install/ubuntu/18.04/templates/dns/child-ns.tpl
new file mode 100755
index 00000000..42c046e4
--- /dev/null
+++ b/install/ubuntu/18.04/templates/dns/child-ns.tpl
@@ -0,0 +1,14 @@
+ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns1.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns2.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='4' RECORD='ns1' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='5' RECORD='ns2' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='7' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='8' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='9' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='10' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='11' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='12' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='13' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='14' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%'
diff --git a/install/ubuntu/18.04/templates/dns/default.tpl b/install/ubuntu/18.04/templates/dns/default.tpl
new file mode 100755
index 00000000..e0a37e62
--- /dev/null
+++ b/install/ubuntu/18.04/templates/dns/default.tpl
@@ -0,0 +1,18 @@
+ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='3' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns3%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='4' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns4%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='5' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns5%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='6' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns6%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='7' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns7%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='8' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns8%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='9' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='10' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='11' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='12' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='13' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='14' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='15' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='16' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='17' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='18' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%'
diff --git a/install/ubuntu/18.04/templates/dns/gmail.tpl b/install/ubuntu/18.04/templates/dns/gmail.tpl
new file mode 100755
index 00000000..219c9d24
--- /dev/null
+++ b/install/ubuntu/18.04/templates/dns/gmail.tpl
@@ -0,0 +1,12 @@
+ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='4' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='5' RECORD='localhost' TYPE='A' PRIORITY='' VALUE='127.0.0.1' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='7' RECORD='@' TYPE='MX' PRIORITY='1' VALUE='ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='8' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT1.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='9' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT2.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='10' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT3.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='11' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT4.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='12' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% include:_spf.google.com ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
diff --git a/install/ubuntu/18.04/templates/web/apache2/basedir.stpl b/install/ubuntu/18.04/templates/web/apache2/basedir.stpl
new file mode 100644
index 00000000..d978d4c4
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/apache2/basedir.stpl
@@ -0,0 +1,44 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %sdocroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+        SSLRequireSSL
+        Options +Includes -Indexes +ExecCGI
+        php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+        php_admin_value upload_tmp_dir %home%/%user%/tmp
+        php_admin_value session.save_path %home%/%user%/tmp
+        php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
+    
+    
+        AllowOverride All
+    
+    SSLEngine on
+    SSLVerifyClient none
+    SSLCertificateFile %ssl_crt%
+    SSLCertificateKeyFile %ssl_key%
+    %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+
+    
+        RMode config
+        RUidGid %user% %group%
+        RGroups www-data
+    
+    
+        AssignUserID %user% %group%
+    
+
+    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/18.04/templates/web/apache2/basedir.tpl b/install/ubuntu/18.04/templates/web/apache2/basedir.tpl
new file mode 100644
index 00000000..96c94a1b
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/apache2/basedir.tpl
@@ -0,0 +1,38 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %docroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+        php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+        php_admin_value upload_tmp_dir %home%/%user%/tmp
+        php_admin_value session.save_path %home%/%user%/tmp
+        php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
+    
+    
+        AllowOverride All
+    
+
+    
+        RMode config
+        RUidGid %user% %group%
+        RGroups www-data
+    
+    
+        AssignUserID %user% %group%
+    
+
+    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/18.04/templates/web/apache2/default.stpl b/install/ubuntu/18.04/templates/web/apache2/default.stpl
new file mode 100644
index 00000000..ec34c279
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/apache2/default.stpl
@@ -0,0 +1,43 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %sdocroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+        SSLRequireSSL
+        Options +Includes -Indexes +ExecCGI
+        php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
+        php_admin_value upload_tmp_dir %home%/%user%/tmp
+        php_admin_value session.save_path %home%/%user%/tmp
+    
+    
+        AllowOverride All
+    
+    SSLEngine on
+    SSLVerifyClient none
+    SSLCertificateFile %ssl_crt%
+    SSLCertificateKeyFile %ssl_key%
+    %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+
+    
+        RMode config
+        RUidGid %user% %group%
+        RGroups www-data
+    
+    
+        AssignUserID %user% %group%
+    
+
+    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/18.04/templates/web/apache2/default.tpl b/install/ubuntu/18.04/templates/web/apache2/default.tpl
new file mode 100644
index 00000000..3a227015
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/apache2/default.tpl
@@ -0,0 +1,37 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %docroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+        php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+        php_admin_value upload_tmp_dir %home%/%user%/tmp
+        php_admin_value session.save_path %home%/%user%/tmp
+    
+    
+        AllowOverride All
+    
+
+    
+        RMode config
+        RUidGid %user% %group%
+        RGroups www-data
+    
+    
+        AssignUserID %user% %group%
+    
+
+    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/18.04/templates/web/apache2/hosting.stpl b/install/ubuntu/18.04/templates/web/apache2/hosting.stpl
new file mode 100644
index 00000000..8892072b
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/apache2/hosting.stpl
@@ -0,0 +1,49 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %sdocroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+        SSLRequireSSL
+        Options +Includes -Indexes +ExecCGI
+        php_admin_value upload_max_filesize 10M
+        php_admin_value max_execution_time 20
+        php_admin_value post_max_size  8M
+        php_admin_value memory_limit 32M
+        php_admin_flag mysql.allow_persistent  off
+        php_admin_flag safe_mode off
+        php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
+        php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube
+        php_admin_value upload_tmp_dir %home%/%user%/tmp
+        php_admin_value session.save_path %home%/%user%/tmp
+    
+    
+        AllowOverride All
+    
+    SSLEngine on
+    SSLVerifyClient none
+    SSLCertificateFile %ssl_crt%
+    SSLCertificateKeyFile %ssl_key%
+    %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+    
+        RMode config
+        RUidGid %user% %group%
+        RGroups www-data
+    
+    
+        AssignUserID %user% %group%
+    
+
+    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/18.04/templates/web/apache2/hosting.tpl b/install/ubuntu/18.04/templates/web/apache2/hosting.tpl
new file mode 100644
index 00000000..1eb26910
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/apache2/hosting.tpl
@@ -0,0 +1,43 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %docroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+        php_admin_value upload_max_filesize 10M
+        php_admin_value max_execution_time 20
+        php_admin_value post_max_size  8M
+        php_admin_value memory_limit 32M
+        php_admin_flag mysql.allow_persistent  off
+        php_admin_flag safe_mode off
+        php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
+        php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube
+        php_admin_value upload_tmp_dir %home%/%user%/tmp
+        php_admin_value session.save_path %home%/%user%/tmp
+    
+    
+        AllowOverride All
+    
+    
+        RMode config
+        RUidGid %user% %group%
+        RGroups www-data
+    
+    
+        AssignUserID %user% %group%
+    
+
+    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/18.04/templates/web/apache2/phpcgi.sh b/install/ubuntu/18.04/templates/web/apache2/phpcgi.sh
new file mode 100755
index 00000000..6565e103
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/apache2/phpcgi.sh
@@ -0,0 +1,16 @@
+#!/bin/bash
+# Adding php wrapper
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+wrapper_script='#!/usr/bin/php-cgi -cphp5-cgi.ini'
+wrapper_file="$home_dir/$user/web/$domain/cgi-bin/php"
+
+echo "$wrapper_script" > $wrapper_file
+chown $user:$user $wrapper_file
+chmod -f 751 $wrapper_file
+
+exit 0
diff --git a/install/ubuntu/18.04/templates/web/apache2/phpcgi.stpl b/install/ubuntu/18.04/templates/web/apache2/phpcgi.stpl
new file mode 100644
index 00000000..731355bc
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/apache2/phpcgi.stpl
@@ -0,0 +1,38 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %sdocroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        SSLRequireSSL
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+        php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+        php_admin_value upload_tmp_dir %home%/%user%/tmp
+        php_admin_value session.save_path %home%/%user%/tmp
+        Action phpcgi-script /cgi-bin/php
+        
+            SetHandler phpcgi-script
+        
+    
+    
+        AllowOverride All
+    
+    SSLEngine on
+    SSLVerifyClient none
+    SSLCertificateFile %ssl_crt%
+    SSLCertificateKeyFile %ssl_key%
+    %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+
+    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/18.04/templates/web/apache2/phpcgi.tpl b/install/ubuntu/18.04/templates/web/apache2/phpcgi.tpl
new file mode 100644
index 00000000..c6796d29
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/apache2/phpcgi.tpl
@@ -0,0 +1,31 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %docroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+        php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+        php_admin_value upload_tmp_dir %home%/%user%/tmp
+        php_admin_value session.save_path %home%/%user%/tmp
+        Action phpcgi-script /cgi-bin/php
+        
+            SetHandler phpcgi-script
+        
+    
+    
+        AllowOverride All
+    
+    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/18.04/templates/web/apache2/phpfcgid.sh b/install/ubuntu/18.04/templates/web/apache2/phpfcgid.sh
new file mode 100755
index 00000000..e8058249
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/apache2/phpfcgid.sh
@@ -0,0 +1,22 @@
+#!/bin/bash
+# Adding php wrapper
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+wrapper_script="#!/bin/sh
+PHPRC=/usr/local/lib
+export PHPRC
+export PHP_FCGI_MAX_REQUESTS=1000
+export PHP_FCGI_CHILDREN=20
+exec  /usr/bin/php-cgi
+"
+wrapper_file="$home_dir/$user/web/$domain/cgi-bin/fcgi-starter"
+
+echo "$wrapper_script" > $wrapper_file
+chown $user:$user $wrapper_file
+chmod -f 751 $wrapper_file
+
+exit 0
diff --git a/install/ubuntu/18.04/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/18.04/templates/web/apache2/phpfcgid.stpl
new file mode 100644
index 00000000..156c8a91
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/apache2/phpfcgid.stpl
@@ -0,0 +1,39 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %sdocroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        SSLRequireSSL
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+        php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+        php_admin_value upload_tmp_dir %home%/%user%/tmp
+        php_admin_value session.save_path %home%/%user%/tmp
+        
+          SetHandler fcgid-script
+        
+        FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php
+    
+    
+        AllowOverride All
+    
+    php_admin_value open_basedir none
+    SSLEngine on
+    SSLVerifyClient none
+    SSLCertificateFile %ssl_crt%
+    SSLCertificateKeyFile %ssl_key%
+    %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+
+    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/18.04/templates/web/apache2/phpfcgid.tpl b/install/ubuntu/18.04/templates/web/apache2/phpfcgid.tpl
new file mode 100644
index 00000000..a4c01269
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/apache2/phpfcgid.tpl
@@ -0,0 +1,31 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %docroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+        php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+        php_admin_value upload_tmp_dir %home%/%user%/tmp
+        php_admin_value session.save_path %home%/%user%/tmp
+        
+          SetHandler fcgid-script
+        
+        FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php
+    
+    
+        AllowOverride All
+    
+    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/18.04/templates/web/awstats/awstats.tpl b/install/ubuntu/18.04/templates/web/awstats/awstats.tpl
new file mode 100755
index 00000000..9a92e0fd
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/awstats/awstats.tpl
@@ -0,0 +1,133 @@
+LogFile="/var/log/%web_system%/domains/%domain%.log"
+LogType=W
+LogFormat=1
+LogSeparator=" "
+SiteDomain="%domain_idn%"
+HostAliases="%alias_idn%"
+DirData="%home%/%user%/web/%domain%/stats"
+DirCgi="/vstats"
+DirIcons="/vstats/icon"
+AllowToUpdateStatsFromBrowser=0
+AllowFullYearView=2
+EnableLockForUpdate=1
+DNSStaticCacheFile="dnscache.txt"
+DNSLastUpdateCacheFile="dnscachelastupdate.txt"
+SkipDNSLookupFor=""
+AllowAccessFromWebToAuthenticatedUsersOnly=0
+AllowAccessFromWebToFollowingAuthenticatedUsers=""
+AllowAccessFromWebToFollowingIPAddresses=""
+CreateDirDataIfNotExists=0
+BuildHistoryFormat=text
+BuildReportFormat=html
+SaveDatabaseFilesWithPermissionsForEveryone=0
+PurgeLogFile=0
+ArchiveLogRecords=0
+KeepBackupOfHistoricFiles=1
+DefaultFile="index.php index.html"
+SkipHosts="127.0.0.1
+SkipUserAgents=""
+SkipFiles=""
+SkipReferrersBlackList=""
+OnlyHosts=""
+OnlyUserAgents=""
+OnlyUsers=""
+OnlyFiles=""
+NotPageList="css js class gif jpg jpeg png bmp ico rss xml swf"
+ValidHTTPCodes="200 304"
+ValidSMTPCodes="1 250"
+AuthenticatedUsersNotCaseSensitive=0
+URLNotCaseSensitive=0
+URLWithAnchor=0
+URLQuerySeparators="?;"
+URLWithQuery=0
+URLWithQueryWithOnlyFollowingParameters=""
+URLWithQueryWithoutFollowingParameters=""
+URLReferrerWithQuery=0
+WarningMessages=1
+ErrorMessages=""
+DebugMessages=0
+NbOfLinesForCorruptedLog=50
+WrapperScript=""
+DecodeUA=0
+MiscTrackerUrl="/js/awstats_misc_tracker.js"
+UseFramesWhenCGI=1
+DetailedReportsOnNewWindows=1
+Expires=3600
+MaxRowsInHTMLOutput=1000
+Lang="auto"
+DirLang="./lang"
+ShowMenu=1
+ShowSummary=UVPHB
+ShowMonthStats=UVPHB
+ShowDaysOfMonthStats=VPHB
+ShowDaysOfWeekStats=PHB
+ShowHoursStats=PHB
+ShowDomainsStats=PHB
+ShowHostsStats=PHBL
+ShowAuthenticatedUsers=0
+ShowRobotsStats=HBL
+ShowWormsStats=0
+ShowEMailSenders=0
+ShowEMailReceivers=0
+ShowSessionsStats=1
+ShowPagesStats=PBEX
+ShowFileTypesStats=HB
+ShowFileSizesStats=0
+ShowDownloadsStats=HB
+ShowOSStats=1
+ShowBrowsersStats=1
+ShowScreenSizeStats=0
+ShowOriginStats=PH
+ShowKeyphrasesStats=1
+ShowKeywordsStats=1
+ShowMiscStats=a
+ShowHTTPErrorsStats=1
+ShowSMTPErrorsStats=0
+ShowClusterStats=0
+AddDataArrayMonthStats=1
+AddDataArrayShowDaysOfMonthStats=1
+AddDataArrayShowDaysOfWeekStats=1
+AddDataArrayShowHoursStats=1
+IncludeInternalLinksInOriginSection=0
+MaxNbOfDomain = 10
+MinHitDomain  = 1
+MaxNbOfHostsShown = 10
+MinHitHost    = 1
+MaxNbOfLoginShown = 10
+MinHitLogin   = 1
+MaxNbOfRobotShown = 10
+MinHitRobot   = 1
+MaxNbOfDownloadsShown = 10
+MinHitDownloads = 1
+MaxNbOfPageShown = 10
+MinHitFile    = 1
+MaxNbOfOsShown = 10
+MinHitOs      = 1
+MaxNbOfBrowsersShown = 10
+MinHitBrowser = 1
+MaxNbOfScreenSizesShown = 5
+MinHitScreenSize = 1
+MaxNbOfWindowSizesShown = 5
+MinHitWindowSize = 1
+MaxNbOfRefererShown = 10
+MinHitRefer   = 1
+MaxNbOfKeyphrasesShown = 10
+MinHitKeyphrase = 1
+MaxNbOfKeywordsShown = 10
+MinHitKeyword = 1
+MaxNbOfEMailsShown = 20
+MinHitEMail   = 1
+FirstDayOfWeek=0
+ShowFlagLinks=""
+ShowLinksOnUrl=1
+UseHTTPSLinkForUrl=""
+MaxLengthOfShownURL=64
+HTMLHeadSection=""
+HTMLEndSection=""
+MetaRobot=0
+Logo="awstats_logo6.png"
+LogoLink="http://awstats.sourceforge.net"
+BarWidth   = 260
+BarHeight  = 90
+StyleSheet=""
+ExtraTrackedRowsLimit=500
diff --git a/install/ubuntu/18.04/templates/web/awstats/index.tpl b/install/ubuntu/18.04/templates/web/awstats/index.tpl
new file mode 100755
index 00000000..9df9bb5c
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/awstats/index.tpl
@@ -0,0 +1,10 @@
+
+
+    
+    Awstats log analyzer 
+
+
+    
+    
+
+
diff --git a/install/ubuntu/18.04/templates/web/awstats/nav.tpl b/install/ubuntu/18.04/templates/web/awstats/nav.tpl
new file mode 100755
index 00000000..f29bed68
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/awstats/nav.tpl
@@ -0,0 +1,23 @@
+
+
+    Awstats navigation
+    
+
+
+
+
+    
+    
+
+ 
+        
+    
+    
+
+
diff --git a/install/ubuntu/18.04/templates/web/nginx/caching.sh b/install/ubuntu/18.04/templates/web/nginx/caching.sh
new file mode 100755
index 00000000..09d8efe7
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/caching.sh
@@ -0,0 +1,19 @@
+#!/bin/bash
+
+user=$1
+domain=$2
+ip=$3
+home=$4
+docroot=$5
+
+str="proxy_cache_path /var/cache/nginx/$domain levels=2" 
+str="$str keys_zone=$domain:10m inactive=60m max_size=512m;" 
+conf='/etc/nginx/conf.d/01_caching_pool.conf'
+if [ -e "$conf" ]; then
+    if [ -z "$(grep "=${domain}:" $conf)" ]; then
+        echo "$str" >> $conf
+    fi
+else
+    echo "$str" >> $conf
+fi
+
diff --git a/install/ubuntu/18.04/templates/web/nginx/caching.stpl b/install/ubuntu/18.04/templates/web/nginx/caching.stpl
new file mode 100755
index 00000000..5e0e4064
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/caching.stpl
@@ -0,0 +1,44 @@
+server {
+    listen      %ip%:%proxy_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass https://%ip%:%web_ssl_port%;
+
+        proxy_cache cache;
+        proxy_cache_valid 15m;
+        proxy_cache_valid 404 1m;
+        proxy_no_cache $no_cache;
+        proxy_cache_bypass $no_cache;
+        proxy_cache_bypass $cookie_session $http_x_update;
+
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            proxy_cache    off;
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/caching.tpl b/install/ubuntu/18.04/templates/web/nginx/caching.tpl
new file mode 100755
index 00000000..36761b65
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/caching.tpl
@@ -0,0 +1,41 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      http://%ip%:%web_port%;
+
+        proxy_cache cache;
+        proxy_cache_valid 15m;
+        proxy_cache_valid 404 1m;
+        proxy_no_cache $no_cache;
+        proxy_cache_bypass $no_cache;
+        proxy_cache_bypass $cookie_session $http_x_update;
+
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            proxy_cache    off;
+            root           %docroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/default.stpl b/install/ubuntu/18.04/templates/web/nginx/default.stpl
new file mode 100755
index 00000000..fa538060
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/default.stpl
@@ -0,0 +1,36 @@
+server {
+    listen      %ip%:%proxy_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/install/ubuntu/18.04/templates/web/nginx/default.tpl b/install/ubuntu/18.04/templates/web/nginx/default.tpl
new file mode 100755
index 00000000..4d5c774b
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/default.tpl
@@ -0,0 +1,33 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %docroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
+
diff --git a/install/ubuntu/18.04/templates/web/nginx/hosting.sh b/install/ubuntu/18.04/templates/web/nginx/hosting.sh
new file mode 100755
index 00000000..eeed37ef
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/hosting.sh
@@ -0,0 +1,11 @@
+#!/bin/bash
+# Changing public_html permission
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+chmod 755 $docroot
+
+exit 0
diff --git a/install/ubuntu/18.04/templates/web/nginx/hosting.stpl b/install/ubuntu/18.04/templates/web/nginx/hosting.stpl
new file mode 100755
index 00000000..d778d633
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/hosting.stpl
@@ -0,0 +1,38 @@
+server {
+    listen      %ip%:%proxy_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/install/ubuntu/18.04/templates/web/nginx/hosting.tpl b/install/ubuntu/18.04/templates/web/nginx/hosting.tpl
new file mode 100755
index 00000000..15961c95
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/hosting.tpl
@@ -0,0 +1,35 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %docroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
+
diff --git a/install/ubuntu/18.04/templates/web/nginx/http2.stpl b/install/ubuntu/18.04/templates/web/nginx/http2.stpl
new file mode 100644
index 00000000..76dd2f8e
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/http2.stpl
@@ -0,0 +1,36 @@
+server {
+    listen      %ip%:%proxy_ssl_port% http2;
+    server_name %domain_idn% %alias_idn%;
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/httpd/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/httpd/domains/%domain%.log combined;
+            access_log     /var/log/httpd/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/install/ubuntu/18.04/templates/web/nginx/http2.tpl b/install/ubuntu/18.04/templates/web/nginx/http2.tpl
new file mode 100644
index 00000000..c1fec114
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/http2.tpl
@@ -0,0 +1,33 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/httpd/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %docroot%;
+            access_log     /var/log/httpd/domains/%domain%.log combined;
+            access_log     /var/log/httpd/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
+
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/cms_made_simple.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/cms_made_simple.stpl
new file mode 100644
index 00000000..d85bcce3
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/cms_made_simple.stpl
@@ -0,0 +1,56 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ /index.php?page=$request_uri;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/cms_made_simple.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/cms_made_simple.tpl
new file mode 100644
index 00000000..f9e90393
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/cms_made_simple.tpl
@@ -0,0 +1,52 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        try_files $uri $uri/ /index.php?page=$request_uri;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter2.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter2.stpl
new file mode 100644
index 00000000..9c24c3ea
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter2.stpl
@@ -0,0 +1,61 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location = /index.php {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param  SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location ~ \.php$ {
+        return 444;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter2.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter2.tpl
new file mode 100644
index 00000000..d2422be2
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter2.tpl
@@ -0,0 +1,57 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location = /index.php {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param  SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location ~ \.php$ {
+        return 444;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter3.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter3.stpl
new file mode 100644
index 00000000..d7186314
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter3.stpl
@@ -0,0 +1,56 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter3.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter3.tpl
new file mode 100644
index 00000000..54f81b99
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter3.tpl
@@ -0,0 +1,52 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/datalife_engine.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/datalife_engine.stpl
new file mode 100644
index 00000000..4f0b9ec7
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/datalife_engine.stpl
@@ -0,0 +1,127 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last;
+
+        rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last;
+        rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last;
+        rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last;
+        rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last;
+
+        rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last;
+        rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last;
+        rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last;
+        rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last;
+
+        rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last;
+        rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last;
+
+        rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last;
+        rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last;
+
+        rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last;
+        rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last;
+
+        rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last;
+        rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last;
+        rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last;
+        rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last;
+        rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last;
+        rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last;
+
+        rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last;
+        rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last;
+
+        rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last;
+        rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last;
+        rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last;
+
+        rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last;
+        rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last;
+
+        rewrite "^/favorites(/?)+$" /index.php?do=favorites last;
+        rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last;
+
+        rewrite "^/rules.html$" /index.php?do=rules last;
+        rewrite "^/statistics.html$" /index.php?do=stats last;
+        rewrite "^/addnews.html$" /index.php?do=addnews last;
+        rewrite "^/rss.xml$" /engine/rss.php last;
+        rewrite "^/sitemap.xml$" /uploads/sitemap.xml last;
+
+        if (!-d $request_filename) {
+                rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last;
+                rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last;
+        }
+
+        if (!-f $request_filename) {
+                rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last;
+                rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last;
+                rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last;
+        }
+
+        if (!-f $request_filename) {
+                rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/datalife_engine.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/datalife_engine.tpl
new file mode 100644
index 00000000..3ea45347
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/datalife_engine.tpl
@@ -0,0 +1,123 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last;
+
+        rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last;
+        rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last;
+        rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last;
+        rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last;
+
+        rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last;
+        rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last;
+        rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last;
+        rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last;
+
+        rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last;
+        rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last;
+
+        rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last;
+        rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last;
+
+        rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last;
+        rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last;
+
+        rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last;
+        rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last;
+        rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last;
+        rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last;
+        rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last;
+        rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last;
+
+        rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last;
+        rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last;
+
+        rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last;
+        rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last;
+        rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last;
+
+        rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last;
+        rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last;
+
+        rewrite "^/favorites(/?)+$" /index.php?do=favorites last;
+        rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last;
+
+        rewrite "^/rules.html$" /index.php?do=rules last;
+        rewrite "^/statistics.html$" /index.php?do=stats last;
+        rewrite "^/addnews.html$" /index.php?do=addnews last;
+        rewrite "^/rss.xml$" /engine/rss.php last;
+        rewrite "^/sitemap.xml$" /uploads/sitemap.xml last;
+
+        if (!-d $request_filename) {
+                rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last;
+                rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last;
+        }
+
+        if (!-f $request_filename) {
+                rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last;
+                rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last;
+                rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last;
+        }
+
+        if (!-f $request_filename) {
+                rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/default.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/default.stpl
new file mode 100644
index 00000000..5cb55311
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/default.stpl
@@ -0,0 +1,55 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/default.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/default.tpl
new file mode 100644
index 00000000..a8909efb
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/default.tpl
@@ -0,0 +1,51 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/dokuwiki.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/dokuwiki.stpl
new file mode 100644
index 00000000..f85032ba
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/dokuwiki.stpl
@@ -0,0 +1,72 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        index doku.php;
+        try_files $uri $uri/ @dokuwiki;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location ~ ^/lib.*\.(gif|png|ico|jpg)$ {
+        expires 30d;
+    }
+
+    location ^~ /conf/ { return 403; }
+    location ^~ /data/ { return 403; }
+
+    location @dokuwiki {
+        rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last;
+        rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last;
+        rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last;
+        rewrite ^/(.*) /doku.php?id=$1 last;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/dokuwiki.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/dokuwiki.tpl
new file mode 100644
index 00000000..0a9a75ed
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/dokuwiki.tpl
@@ -0,0 +1,67 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        index doku.php;
+        try_files $uri $uri/ @dokuwiki;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location ~ ^/lib.*\.(gif|png|ico|jpg)$ {
+        expires 30d;
+    }
+
+    location ^~ /conf/ { return 403; }
+    location ^~ /data/ { return 403; }
+    location @dokuwiki {
+        rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last;
+        rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last;
+        rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last;
+        rewrite ^/(.*) /doku.php?id=$1 last;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.stpl
new file mode 100644
index 00000000..91a70936
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.stpl
@@ -0,0 +1,101 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+    }
+
+    # No no for private
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    # Block access to "hidden" files and directories whose names begin with a
+    # period. This includes directories used by version control systems such
+    # as Subversion or Git to store control files.
+    location ~ (^|/)\. {
+            return 403;
+        }
+
+    location / {
+        try_files $uri @rewrite;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $request_filename;
+            fastcgi_intercept_errors on;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location @rewrite {
+        # For Drupal 6 and bwlow:
+        # Some modules enforce no slash (/) at the end of the URL
+        # Else this rewrite block wouldn't be needed (GlobalRedirect)
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
+    location ~ ^/sites/.*/files/styles/ {
+        try_files $uri @rewrite;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.tpl
new file mode 100644
index 00000000..ac32dcd9
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.tpl
@@ -0,0 +1,98 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    # Very rarely should these ever be accessed outside of your lan
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+        }
+
+    # No no for private
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    # Block access to "hidden" files and directories whose names begin with a
+    # period. This includes directories used by version control systems such
+    # as Subversion or Git to store control files.
+    location ~ (^|/)\. {
+        return 403;
+    }
+
+    location / {
+        try_files $uri @rewrite;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $request_filename;
+            fastcgi_intercept_errors on;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location @rewrite {
+        # For Drupal 6 and bwlow:
+        # Some modules enforce no slash (/) at the end of the URL
+        # Else this rewrite block wouldn't be needed (GlobalRedirect)
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
+    location ~ ^/sites/.*/files/styles/ {
+        try_files $uri @rewrite;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.stpl
new file mode 100644
index 00000000..3b9dabf5
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.stpl
@@ -0,0 +1,101 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+    }
+
+    # No no for private
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    # Block access to "hidden" files and directories whose names begin with a
+    # period. This includes directories used by version control systems such
+    # as Subversion or Git to store control files.
+    location ~ (^|/)\. {
+            return 403;
+        }
+
+    location / {
+        try_files $uri @rewrite;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $request_filename;
+            fastcgi_intercept_errors on;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location @rewrite {
+        # You have 2 options here
+        # For D7 and above:
+        # Clean URLs are handled in drupal_environment_initialize().
+        rewrite ^ /index.php;
+    }
+
+    location ~ ^/sites/.*/files/styles/ {
+        try_files $uri @rewrite;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.tpl
new file mode 100644
index 00000000..1b979475
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.tpl
@@ -0,0 +1,98 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    # Very rarely should these ever be accessed outside of your lan
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+        }
+
+    # No no for private
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    # Block access to "hidden" files and directories whose names begin with a
+    # period. This includes directories used by version control systems such
+    # as Subversion or Git to store control files.
+    location ~ (^|/)\. {
+        return 403;
+    }
+
+    location / {
+        try_files $uri @rewrite;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $request_filename;
+            fastcgi_intercept_errors on;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location @rewrite {
+        # You have 2 options here
+        # For D7 and above:
+        # Clean URLs are handled in drupal_environment_initialize().
+        rewrite ^ /index.php;
+    }
+
+    location ~ ^/sites/.*/files/styles/ {
+        try_files $uri @rewrite;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.stpl
new file mode 100644
index 00000000..50d85b68
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.stpl
@@ -0,0 +1,102 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+    }
+
+    # No no for private
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    # Block access to "hidden" files and directories whose names begin with a
+    # period. This includes directories used by version control systems such
+    # as Subversion or Git to store control files.
+    location ~ (^|/)\. {
+            return 403;
+        }
+
+    location / {
+        try_files $uri @rewrite;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$)|^/update.php {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $request_filename;
+            fastcgi_intercept_errors on;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location @rewrite {
+        # You have 2 options here
+        # For D7 and above:
+        # Clean URLs are handled in drupal_environment_initialize().
+        rewrite ^ /index.php;
+    }
+
+    location ~ ^/sites/.*/files/styles/ {
+        try_files $uri @rewrite;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.tpl
new file mode 100644
index 00000000..71b538bf
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.tpl
@@ -0,0 +1,99 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    # Very rarely should these ever be accessed outside of your lan
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+        }
+
+    # No no for private
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    # Block access to "hidden" files and directories whose names begin with a
+    # period. This includes directories used by version control systems such
+    # as Subversion or Git to store control files.
+    location ~ (^|/)\. {
+        return 403;
+    }
+
+    location / {
+        try_files $uri @rewrite;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$)|^/update.php {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $request_filename;
+            fastcgi_intercept_errors on;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location @rewrite {
+        # You have 2 options here
+        # For D7 and above:
+        # Clean URLs are handled in drupal_environment_initialize().
+        rewrite ^ /index.php;
+    }
+
+    location ~ ^/sites/.*/files/styles/ {
+        try_files $uri @rewrite;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/joomla.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/joomla.stpl
new file mode 100644
index 00000000..704405f3
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/joomla.stpl
@@ -0,0 +1,63 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        # deny running scripts inside writable directories
+        location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ {
+            return 403;
+            error_page 403 /403_error.html;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/joomla.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/joomla.tpl
new file mode 100644
index 00000000..91b7a8f1
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/joomla.tpl
@@ -0,0 +1,59 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        # deny running scripts inside writable directories
+        location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ {
+            return 403;
+            error_page 403 /403_error.html;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/laravel.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/laravel.stpl
new file mode 100644
index 00000000..477f6f01
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/laravel.stpl
@@ -0,0 +1,56 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%/public;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    
+    location / {
+        try_files $uri $uri/ /index.php?$query_string;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/laravel.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/laravel.tpl
new file mode 100644
index 00000000..d14b0173
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/laravel.tpl
@@ -0,0 +1,50 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%/public;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+    location / {
+        try_files $uri $uri/ /index.php?$query_string;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/magento.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/magento.stpl
new file mode 100644
index 00000000..fdab43aa
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/magento.stpl
@@ -0,0 +1,198 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+
+    root        %sdocroot%/pub;
+    index       index.php;
+    autoindex   off;
+    charset     UTF-8;
+    error_page  404 403 = /errors/404.php;
+    add_header  "X-UA-Compatible" "IE=Edge";
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    # PHP entry point for setup application
+    location ~* ^/setup($|/) {
+        root %sdocroot%;
+
+        location ~ ^/setup/index.php {
+            fastcgi_pass   %backend_lsnr%;
+            fastcgi_index  index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            include        /etc/nginx/fastcgi_params;
+        }
+
+        location ~ ^/setup/(?!pub/). {
+            deny all;
+        }
+
+        location ~ ^/setup/pub/ {
+            add_header X-Frame-Options "SAMEORIGIN";
+        }
+    }
+
+    # PHP entry point for update application
+    location ~* ^/update($|/) {
+        root %sdocroot%;
+
+        location ~ ^/update/index.php {
+            fastcgi_split_path_info ^(/update/index.php)(/.+)$;
+            fastcgi_pass   %backend_lsnr%;
+            fastcgi_index  index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            fastcgi_param  PATH_INFO        $fastcgi_path_info;
+            include        /etc/nginx/fastcgi_params;
+        }
+
+        # Deny everything but index.php
+        location ~ ^/update/(?!pub/). {
+            deny all;
+        }
+
+        location ~ ^/update/pub/ {
+            add_header X-Frame-Options "SAMEORIGIN";
+        }
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+    }
+
+    location /pub/ {
+        location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) {
+            deny all;
+        }
+
+        alias %sdocroot%/pub/;
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /static/ {
+        # Uncomment the following line in production mode
+        # expires max;
+
+        # Remove signature of the static files that is used to overcome the browser cache
+        location ~ ^/static/version {
+            rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last;
+        }
+
+        location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+            add_header Cache-Control "public";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires +1y;
+
+            if (!-f $request_filename) {
+                rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+            }
+        }
+
+        location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+            add_header Cache-Control "no-store";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires    off;
+
+            if (!-f $request_filename) {
+                rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+            }
+        }
+
+        if (!-f $request_filename) {
+            rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+        }
+
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /media/ {
+        try_files $uri $uri/ /get.php?$args;
+
+        location ~ ^/media/theme_customization/.*\.xml {
+            deny all;
+        }
+
+        location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+            add_header Cache-Control "public";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires +1y;
+            try_files $uri $uri/ /get.php?$args;
+        }
+
+        location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+            add_header Cache-Control "no-store";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires    off;
+            try_files $uri $uri/ /get.php?$args;
+        }
+
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /media/customer/ {
+        deny all;
+    }
+
+    location /media/downloadable/ {
+        deny all;
+    }
+
+    location /media/import/ {
+        deny all;
+    }
+
+    # PHP entry point for main application
+    location ~ (index|get|static|report|404|503)\.php$ {
+        try_files $uri =404;
+
+        fastcgi_pass   %backend_lsnr%;
+        fastcgi_buffers 1024 4k;
+        fastcgi_read_timeout 600s;
+        fastcgi_connect_timeout 600s;
+
+        fastcgi_index  index.php;
+        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+        include        /etc/nginx/fastcgi_params;
+    }
+
+    gzip on;
+    gzip_disable "msie6";
+
+    gzip_comp_level 6;
+    gzip_min_length 1100;
+    gzip_buffers 16 8k;
+    gzip_proxied any;
+    gzip_types
+        text/plain
+        text/css
+        text/js
+        text/xml
+        text/javascript
+        application/javascript
+        application/x-javascript
+        application/json
+        application/xml
+        application/xml+rss
+        image/svg+xml;
+    gzip_vary on;
+
+    # Banned locations (only reached if the earlier PHP entry point regexes don't match)
+    location ~* (\.php$|\.htaccess$|\.git) {
+        deny all;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/magento.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/magento.tpl
new file mode 100644
index 00000000..3f292fff
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/magento.tpl
@@ -0,0 +1,194 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+
+    root        %docroot%/pub;
+    index       index.php;
+    autoindex   off;
+    charset     UTF-8;
+    error_page  404 403 = /errors/404.php;
+    add_header  "X-UA-Compatible" "IE=Edge";
+
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    # PHP entry point for setup application
+    location ~* ^/setup($|/) {
+        root %docroot%;
+
+        location ~ ^/setup/index.php {
+            fastcgi_pass   %backend_lsnr%;
+            fastcgi_index  index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            include        /etc/nginx/fastcgi_params;
+        }
+
+        location ~ ^/setup/(?!pub/). {
+            deny all;
+        }
+
+        location ~ ^/setup/pub/ {
+            add_header X-Frame-Options "SAMEORIGIN";
+        }
+    }
+
+    # PHP entry point for update application
+    location ~* ^/update($|/) {
+        root %docroot%;
+
+        location ~ ^/update/index.php {
+            fastcgi_split_path_info ^(/update/index.php)(/.+)$;
+            fastcgi_pass   %backend_lsnr%;
+            fastcgi_index  index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            fastcgi_param  PATH_INFO        $fastcgi_path_info;
+            include        /etc/nginx/fastcgi_params;
+        }
+
+        # Deny everything but index.php
+        location ~ ^/update/(?!pub/). {
+            deny all;
+        }
+
+        location ~ ^/update/pub/ {
+            add_header X-Frame-Options "SAMEORIGIN";
+        }
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+    }
+
+    location /pub/ {
+        location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) {
+            deny all;
+        }
+
+        alias %docroot%/pub/;
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /static/ {
+        # Uncomment the following line in production mode
+        # expires max;
+
+        # Remove signature of the static files that is used to overcome the browser cache
+        location ~ ^/static/version {
+            rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last;
+        }
+
+        location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+            add_header Cache-Control "public";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires +1y;
+
+            if (!-f $request_filename) {
+                rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+            }
+        }
+
+        location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+            add_header Cache-Control "no-store";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires    off;
+
+            if (!-f $request_filename) {
+                rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+            }
+        }
+
+        if (!-f $request_filename) {
+            rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+        }
+
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /media/ {
+        try_files $uri $uri/ /get.php?$args;
+
+        location ~ ^/media/theme_customization/.*\.xml {
+            deny all;
+        }
+
+        location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+            add_header Cache-Control "public";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires +1y;
+            try_files $uri $uri/ /get.php?$args;
+        }
+
+        location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+            add_header Cache-Control "no-store";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires    off;
+            try_files $uri $uri/ /get.php?$args;
+        }
+
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /media/customer/ {
+        deny all;
+    }
+
+    location /media/downloadable/ {
+        deny all;
+    }
+
+    location /media/import/ {
+        deny all;
+    }
+
+    # PHP entry point for main application
+    location ~ (index|get|static|report|404|503)\.php$ {
+        try_files $uri =404;
+
+        fastcgi_pass   %backend_lsnr%;
+        fastcgi_buffers 1024 4k;
+        fastcgi_read_timeout 600s;
+        fastcgi_connect_timeout 600s;
+
+        fastcgi_index  index.php;
+        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+        include        /etc/nginx/fastcgi_params;
+    }
+
+    gzip on;
+    gzip_disable "msie6";
+
+    gzip_comp_level 6;
+    gzip_min_length 1100;
+    gzip_buffers 16 8k;
+    gzip_proxied any;
+    gzip_types
+        text/plain
+        text/css
+        text/js
+        text/xml
+        text/javascript
+        application/javascript
+        application/x-javascript
+        application/json
+        application/xml
+        application/xml+rss
+        image/svg+xml;
+    gzip_vary on;
+
+    # Banned locations (only reached if the earlier PHP entry point regexes don't match)
+    location ~* (\.php$|\.htaccess$|\.git) {
+        deny all;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/modx.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/modx.stpl
new file mode 100644
index 00000000..f410ab77
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/modx.stpl
@@ -0,0 +1,69 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+#   if you need to rewrite www to non-www uncomment bellow
+#   if ($host != '%domain%' ) {
+#       rewrite      ^/(.*)$  https://%domain%/$1  permanent;
+#    }
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ @rewrite;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+    }
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
+    location ~ \.php$ {
+        try_files $uri =404;
+        fastcgi_pass %backend_lsnr%;
+        fastcgi_index index.php;
+        fastcgi_param SCRIPT_FILENAME $request_filename;
+        include /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/modx.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/modx.tpl
new file mode 100644
index 00000000..342d3ecf
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/modx.tpl
@@ -0,0 +1,65 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+#   if you need to rewrite www to non-www uncomment bellow
+#   if ($host != '%domain%' ) {
+#       rewrite      ^/(.*)$  http://%domain%/$1  permanent;
+#    }
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ @rewrite;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+    }
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
+    location ~ \.php$ {
+        try_files $uri =404;
+        fastcgi_pass %backend_lsnr%;
+        fastcgi_index index.php;
+        fastcgi_param SCRIPT_FILENAME $request_filename;
+        include /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/moodle.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/moodle.stpl
new file mode 100644
index 00000000..f15a68c5
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/moodle.stpl
@@ -0,0 +1,90 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+    }
+
+    # No no for private
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    # Block access to "hidden" files and directories whose names begin with a
+    # period. This includes directories used by version control systems such
+    # as Subversion or Git to store control files.
+    location ~ (^|/)\. {
+            return 403;
+        }
+
+    location / {
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $request_filename;
+            fastcgi_intercept_errors on;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/moodle.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/moodle.tpl
new file mode 100644
index 00000000..c20ba648
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/moodle.tpl
@@ -0,0 +1,87 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    # Very rarely should these ever be accessed outside of your lan
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+        }
+
+    # No no for private
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    # Block access to "hidden" files and directories whose names begin with a
+    # period. This includes directories used by version control systems such
+    # as Subversion or Git to store control files.
+    location ~ (^|/)\. {
+        return 403;
+    }
+
+    location / {
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $request_filename;
+            fastcgi_intercept_errors on;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/no-php.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/no-php.stpl
new file mode 100644
index 00000000..bc8b53a3
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/no-php.stpl
@@ -0,0 +1,47 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    types {
+            text/html   html htm shtml php php5;
+    }
+
+    location / {
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/no-php.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/no-php.tpl
new file mode 100644
index 00000000..7ff8aa1d
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/no-php.tpl
@@ -0,0 +1,43 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    types {
+            text/html   html htm shtml php php5;
+    }
+
+    location / {
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/odoo.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/odoo.stpl
new file mode 100644
index 00000000..d6697d7a
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/odoo.stpl
@@ -0,0 +1,70 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
+    proxy_redirect          off;
+
+    proxy_set_header X-Forwarded-Host $host;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_set_header X-Real-IP $remote_addr;
+
+    proxy_connect_timeout   720;
+    proxy_send_timeout      720;
+    proxy_read_timeout      720;
+    send_timeout            720;
+
+    # Allow "Well-Known URIs" as per RFC 5785
+    location ~* ^/.well-known/ {
+        allow all;
+    }
+
+    location / {
+        proxy_pass http://127.0.0.1:8069;
+    }
+
+    location /longpolling {
+        proxy_pass http://127.0.0.1:8072;
+    }
+    
+    location ~* /web/static/ {
+        proxy_cache_valid 200 60m;
+        proxy_buffering on;
+        expires 864000;
+        proxy_pass http://127.0.0.1:8069;
+    }
+    
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/odoo.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/odoo.tpl
new file mode 100644
index 00000000..b1240aae
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/odoo.tpl
@@ -0,0 +1,66 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+    
+    proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
+    proxy_redirect          off;
+
+    proxy_set_header X-Forwarded-Host $host;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_set_header X-Real-IP $remote_addr;
+
+    proxy_connect_timeout   720;
+    proxy_send_timeout      720;
+    proxy_read_timeout      720;
+    send_timeout            720;
+
+    # Allow "Well-Known URIs" as per RFC 5785
+    location ~* ^/.well-known/ {
+        allow all;
+    }
+
+    location / {
+        proxy_pass http://127.0.0.1:8069;
+    }
+
+    location /longpolling {
+        proxy_pass http://127.0.0.1:8072;
+    }
+    
+    location ~* /web/static/ {
+        proxy_cache_valid 200 60m;
+        proxy_buffering on;
+        expires 864000;
+        proxy_pass http://127.0.0.1:8069;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/opencart.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/opencart.stpl
new file mode 100644
index 00000000..908b9aeb
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/opencart.stpl
@@ -0,0 +1,59 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ @opencart;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location @opencart {
+        rewrite ^/(.+)$ /index.php?_route_=$1 last;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/opencart.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/opencart.tpl
new file mode 100644
index 00000000..d0a9060b
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/opencart.tpl
@@ -0,0 +1,54 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+    location / {
+        try_files $uri $uri/ @opencart;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location @opencart {
+        rewrite ^/(.+)$ /index.php?_route_=$1 last;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/owncloud.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/owncloud.stpl
new file mode 100644
index 00000000..891566b9
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/owncloud.stpl
@@ -0,0 +1,85 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
+    rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
+    rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
+
+    error_page 403 = /core/templates/403.php;
+    error_page 404 = /core/templates/404.php;
+
+    location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){
+        deny all;
+    }
+
+    location / {
+        # The following 2 rules are only needed with webfinger
+        rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
+        rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
+        rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
+        rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
+        rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
+        try_files $uri $uri/ /index.php;
+
+        location ~ \.php(?:$|/) {
+            fastcgi_split_path_info ^(.+\.php)(/.+)$;
+            include         /etc/nginx/fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_param PATH_INFO $fastcgi_path_info;
+            #fastcgi_param HTTPS on;
+            fastcgi_pass    %backend_lsnr%;
+        }
+    }
+
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        expires     max;
+        # Some basic cache-control for static files to be sent to the browser
+        add_header Pragma public;
+        add_header Cache-Control "public, must-revalidate, proxy-revalidate";
+    }
+
+    #error_page  403 /error/404.html;
+    #error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/owncloud.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/owncloud.tpl
new file mode 100644
index 00000000..e3ec31de
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/owncloud.tpl
@@ -0,0 +1,81 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+            access_log off;
+    }
+
+    rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
+    rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
+    rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
+
+    error_page 403 = /core/templates/403.php;
+    error_page 404 = /core/templates/404.php;
+
+    location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){
+        deny all;
+    }
+
+    location / {
+        # The following 2 rules are only needed with webfinger
+        rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
+        rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
+        rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
+        rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
+        rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
+        try_files $uri $uri/ /index.php;
+
+        location ~ \.php(?:$|/) {
+            fastcgi_split_path_info ^(.+\.php)(/.+)$;
+            include         /etc/nginx/fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_param PATH_INFO $fastcgi_path_info;
+            #fastcgi_param HTTPS on;
+            fastcgi_pass    %backend_lsnr%;
+        }
+    }
+
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        expires     max;
+        # Some basic cache-control for static files to be sent to the browser
+        add_header Pragma public;
+        add_header Cache-Control "public, must-revalidate, proxy-revalidate";
+    }
+
+    #error_page  403 /error/404.html;
+    #error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/piwik.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/piwik.stpl
new file mode 100644
index 00000000..78c1bb78
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/piwik.stpl
@@ -0,0 +1,73 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        try_files /favicon.ico =204;
+    }
+
+    location / {
+        try_files $uri /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            valid_referers none blocked %domain_idn% %alias_idn%;
+            if ($invalid_referer)  {
+                return 444;
+            }
+            expires     max;
+        }
+
+        location ~* ^/(?:index|piwik)\.php$ {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return 404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    # Any other attempt to access PHP files returns a 404.
+    location ~* ^.+\.php$ {
+        return 404; 
+    }
+
+    # Return a 404 for all text files.
+    location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ {
+            return 404;
+        }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/piwik.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/piwik.tpl
new file mode 100644
index 00000000..f94fb7de
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/piwik.tpl
@@ -0,0 +1,69 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        try_files /favicon.ico =204;
+    }
+
+    location / {
+        try_files $uri /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            valid_referers none blocked %domain_idn% %alias_idn%;
+            if ($invalid_referer)  {
+                return 444;
+            }
+            expires     max;
+        }
+
+        location ~* ^/(?:index|piwik)\.php$ {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return 404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    # Any other attempt to access PHP files returns a 404.
+    location ~* ^.+\.php$ {
+            return 404; 
+    }
+
+    # Return a 404 for all text files.
+    location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ {
+            return 404;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/pyrocms.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/pyrocms.stpl
new file mode 100644
index 00000000..5ffc9ed5
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/pyrocms.stpl
@@ -0,0 +1,66 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%/public;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location /installer {
+            try_files $uri $uri/ /installer/index.php?$query_string;
+        }
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location = /robots.txt  { access_log off; log_not_found off; }
+    location = /favicon.ico { access_log off; log_not_found off; }
+    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ ~$           { access_log off; log_not_found off; deny all; }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/pyrocms.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/pyrocms.tpl
new file mode 100644
index 00000000..297fe0e8
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/pyrocms.tpl
@@ -0,0 +1,62 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%/public;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location /installer {
+            try_files $uri $uri/ /installer/index.php?$query_string;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location = /robots.txt  { access_log off; log_not_found off; }
+    location = /favicon.ico { access_log off; log_not_found off; }
+    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ ~$           { access_log off; log_not_found off; deny all; }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/sendy.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/sendy.stpl
new file mode 100644
index 00000000..0b351000
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/sendy.stpl
@@ -0,0 +1,88 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+     location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" {
+        deny all;
+    }
+
+    location ~ /(readme.html|license.txt) {
+        deny all;
+    }
+
+    if (!-f $request_filename){
+        rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+        location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ {
+            expires 1d;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            try_files $uri =404;
+            fastcgi_pass %backend_lsnr%;
+            fastcgi_index index.php;
+            include /etc/nginx/fastcgi_params;
+        }
+
+        location /l/ {
+            rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last;
+        }
+
+        location /t/ {
+            rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last;
+        }
+
+        location /w/ {
+            rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last;
+        }
+
+        location /unsubscribe/ {
+            rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last;
+        }
+
+        location /subscribe/ {
+            rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/sendy.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/sendy.tpl
new file mode 100644
index 00000000..b27b427d
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/sendy.tpl
@@ -0,0 +1,86 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" {
+        deny all;
+    }
+
+    location ~ /(readme.html|license.txt) {
+        deny all;
+    }
+
+    if (!-f $request_filename){
+        rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+        location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ {
+            expires 1d;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            try_files $uri =404;
+            fastcgi_pass %backend_lsnr%;
+            fastcgi_index index.php;
+            include /etc/nginx/fastcgi_params;
+        }
+
+        location /l/ {
+            rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last;
+        }
+
+        location /t/ {
+            rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last;
+        }
+
+        location /w/ {
+            rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last;
+        }
+
+        location /unsubscribe/ {
+            rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last;
+        }
+
+        location /subscribe/ {
+            rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress.stpl
new file mode 100644
index 00000000..5cb55311
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress.stpl
@@ -0,0 +1,55 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress.tpl
new file mode 100644
index 00000000..a8909efb
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress.tpl
@@ -0,0 +1,51 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2.stpl
new file mode 100644
index 00000000..e0aeb524
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2.stpl
@@ -0,0 +1,67 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2.tpl
new file mode 100644
index 00000000..bccb8b3d
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2.tpl
@@ -0,0 +1,63 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl
new file mode 100644
index 00000000..0d933b30
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl
@@ -0,0 +1,72 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        if (!-e $request_filename)
+        {
+            rewrite ^(.+)$ /index.php?q=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain_idn%.conf*;
+} 
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl
new file mode 100644
index 00000000..39e366b7
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl
@@ -0,0 +1,67 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+        
+        if (!-e $request_filename)
+        {
+            rewrite ^(.+)$ /index.php?q=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain_idn%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/proxy_ip.tpl b/install/ubuntu/18.04/templates/web/nginx/proxy_ip.tpl
new file mode 100755
index 00000000..ae195617
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/proxy_ip.tpl
@@ -0,0 +1,9 @@
+server {
+    listen       %ip%:%proxy_port% default;
+    server_name  _;
+    #access_log  /var/log/nginx/%ip%.log main;
+    location / {
+        proxy_pass  http://%ip%:%web_port%;
+   }
+}
+
diff --git a/install/ubuntu/18.04/templates/web/php-fpm/default.tpl b/install/ubuntu/18.04/templates/web/php-fpm/default.tpl
new file mode 100644
index 00000000..209e1e43
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/php-fpm/default.tpl
@@ -0,0 +1,21 @@
+[%backend%]
+listen = 127.0.0.1:%backend_port%
+listen.allowed_clients = 127.0.0.1
+
+user = %user%
+group = %user%
+
+pm = ondemand
+pm.max_children = 4
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/%user%/tmp
+php_admin_value[session.save_path] = /home/%user%/tmp
+
+env[HOSTNAME] = $HOSTNAME
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/%user%/tmp
+env[TMPDIR] = /home/%user%/tmp
+env[TEMP] = /home/%user%/tmp
diff --git a/install/ubuntu/18.04/templates/web/php-fpm/no-php.tpl b/install/ubuntu/18.04/templates/web/php-fpm/no-php.tpl
new file mode 100644
index 00000000..047c33ed
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/php-fpm/no-php.tpl
@@ -0,0 +1,20 @@
+;[%backend%]
+;listen = /dev/null
+
+;user = %user%
+;group = %user%
+
+;listen.owner = %user%
+;listen.group = www-data
+
+;pm = ondemand
+;pm.max_children = 4
+;pm.max_requests = 4000
+;pm.process_idle_timeout = 10s
+;pm.status_path = /status
+
+;env[HOSTNAME] = $HOSTNAME
+;env[PATH] = /usr/local/bin:/usr/bin:/bin
+;env[TMP] = /home/%user%/tmp
+;env[TMPDIR] = /home/%user%/tmp
+;env[TEMP] = /home/%user%/tmp
diff --git a/install/ubuntu/18.04/templates/web/php-fpm/socket.tpl b/install/ubuntu/18.04/templates/web/php-fpm/socket.tpl
new file mode 100644
index 00000000..a0151084
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/php-fpm/socket.tpl
@@ -0,0 +1,24 @@
+[%backend%]
+listen = /var/run/php/%backend%.sock
+listen.allowed_clients = 127.0.0.1
+
+user = %user%
+group = %user%
+
+listen.owner = %user%
+listen.group = www-data
+
+pm = ondemand
+pm.max_children = 4
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/%user%/tmp
+php_admin_value[session.save_path] = /home/%user%/tmp
+
+env[HOSTNAME] = $HOSTNAME
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/%user%/tmp
+env[TMPDIR] = /home/%user%/tmp
+env[TEMP] = /home/%user%/tmp
diff --git a/install/ubuntu/18.04/templates/web/skel/document_errors/403.html b/install/ubuntu/18.04/templates/web/skel/document_errors/403.html
new file mode 100755
index 00000000..9c3f6baa
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/skel/document_errors/403.html
@@ -0,0 +1,29 @@
+
+
+    403 — Forbidden
+    
+    
+    
+
+
+
+    %domain%
+
+    403
+    Forbidden
+    
+        Unfortunately, you do not have permission to view this
+    
+
+
+
diff --git a/install/ubuntu/18.04/templates/web/skel/document_errors/404.html b/install/ubuntu/18.04/templates/web/skel/document_errors/404.html
new file mode 100755
index 00000000..2cee7708
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/skel/document_errors/404.html
@@ -0,0 +1,28 @@
+
+
+    404 — Not Found
+    
+    
+    
+
+
+
+    %domain%
+    404
+    Page Not Found
+    
+        It seems that the page you were trying to reach does not exist anymore, or maybe it has just moved.
+        You can start again from the home or go back to previous page.
+    
+
+
diff --git a/install/ubuntu/18.04/templates/web/skel/document_errors/50x.html b/install/ubuntu/18.04/templates/web/skel/document_errors/50x.html
new file mode 100755
index 00000000..85ba648b
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/skel/document_errors/50x.html
@@ -0,0 +1,29 @@
+
+
+    500 — Internal Sever Error
+    
+    
+    
+
+
+
+    %domain%
+
+    500
+    Internal Server Error
+    
+        Sorry, something went wrong :(
+    
+
+
+
diff --git a/install/ubuntu/18.04/templates/web/skel/public_html/index.html b/install/ubuntu/18.04/templates/web/skel/public_html/index.html
new file mode 100755
index 00000000..4f5bb724
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/skel/public_html/index.html
@@ -0,0 +1,26 @@
+
+
+    %domain% — Coming Soon
+    
+    
+    
+
+
+
+    %domain%
+    
+        Powered by VESTA
+    
+
+
+
+
diff --git a/install/ubuntu/18.04/templates/web/skel/public_html/robots.txt b/install/ubuntu/18.04/templates/web/skel/public_html/robots.txt
new file mode 100755
index 00000000..00ee83dc
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/skel/public_html/robots.txt
@@ -0,0 +1,3 @@
+# vestacp autogenerated robots.txt
+User-agent: *
+Crawl-delay: 10
diff --git a/install/ubuntu/18.04/templates/web/skel/public_shtml/index.html b/install/ubuntu/18.04/templates/web/skel/public_shtml/index.html
new file mode 100755
index 00000000..4f5bb724
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/skel/public_shtml/index.html
@@ -0,0 +1,26 @@
+
+
+    %domain% — Coming Soon
+    
+    
+    
+
+
+
+    %domain%
+    
+        Powered by VESTA
+    
+
+
+
+
diff --git a/install/ubuntu/18.04/templates/web/skel/public_shtml/robots.txt b/install/ubuntu/18.04/templates/web/skel/public_shtml/robots.txt
new file mode 100755
index 00000000..00ee83dc
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/skel/public_shtml/robots.txt
@@ -0,0 +1,3 @@
+# vestacp autogenerated robots.txt
+User-agent: *
+Crawl-delay: 10
diff --git a/install/ubuntu/18.04/templates/web/suspend/.htaccess b/install/ubuntu/18.04/templates/web/suspend/.htaccess
new file mode 100755
index 00000000..5a6df83f
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/suspend/.htaccess
@@ -0,0 +1,2 @@
+ErrorDocument 403 /index.html
+ErrorDocument 404 /index.html
diff --git a/install/ubuntu/18.04/templates/web/suspend/index.html b/install/ubuntu/18.04/templates/web/suspend/index.html
new file mode 100755
index 00000000..f2d04e1f
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/suspend/index.html
@@ -0,0 +1,25 @@
+
+
+    Website Suspended
+    
+    
+    
+
+
+    SUSPENDED
+    This website has been suspended.
+    
+        Please contact the technical support department.
+    
+
+
diff --git a/install/ubuntu/18.04/templates/web/webalizer/webalizer.tpl b/install/ubuntu/18.04/templates/web/webalizer/webalizer.tpl
new file mode 100755
index 00000000..068adcfb
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/webalizer/webalizer.tpl
@@ -0,0 +1,110 @@
+HostName         %domain_idn%
+LogFile          /var/log/%web_system%/domains/%domain%.log
+OutputDir        %home%/%user%/web/%domain%/stats
+HistoryName      %home%/%user%/web/%domain%/stats/%domain%.hist
+Incremental      yes
+IncrementalName  %home%/%user%/web/%domain%/stats/%domain%.current
+PageType         htm*
+PageType         cgi
+PageType         php
+PageType         shtml
+DNSCache         /var/lib/webalizer/dns_cache.db
+DNSChildren      10
+Quiet            yes
+FoldSeqErr       yes
+IndexAlias       index.php
+HideURL          *.gif
+HideURL          *.GIF
+HideURL          *.jpg
+HideURL          *.JPG
+HideURL          *.png
+HideURL          *.PNG
+HideURL          *.ra
+SearchEngine     abcsearch.          terms=
+SearchEngine     alexa.              q=
+SearchEngine     alltheweb.          q=
+SearchEngine     alltheweb.          query=
+SearchEngine     alot.               q=
+SearchEngine     altavista.          q=
+SearchEngine     aolsearch.          query=
+SearchEngine     aport.ru            r=
+SearchEngine     ask.                q=
+SearchEngine     atlas.cz            q=
+SearchEngine     bbc.                q=
+SearchEngine     bing.               q=
+SearchEngine     blingo.             q=
+SearchEngine     blogs.yandex.ru     text=
+SearchEngine     btopenworld         query=
+SearchEngine     buscador.ya.com     q=
+SearchEngine     busca.              q=
+SearchEngine     business.           query=
+SearchEngine     centrum.cz          q=
+SearchEngine     chiff.              q=
+SearchEngine     clusty.             query=
+SearchEngine     comcast.            q=
+SearchEngine     crawler.            q=
+SearchEngine     cuil.               q=
+SearchEngine     dmoz.               search=
+SearchEngine     dogpile.com         q=
+SearchEngine     dpxml               qkw=
+SearchEngine     eureka.             searchword=
+SearchEngine     euroseek.           string=
+SearchEngine     exalead.            q=
+SearchEngine     excite              search=
+SearchEngine     ezilon.             q=
+SearchEngine     fastbrowsersearch.  q=
+SearchEngine     feedster.com        q=
+SearchEngine     fireball.de         q=
+SearchEngine     fireball.           keyword=
+SearchEngine     freeserve.          q=
+SearchEngine     gigablast.          q=
+SearchEngine     gogo.ru             q=
+SearchEngine     go.mail.ru          q=
+SearchEngine     google.             q=
+SearchEngine     hakia.              q=
+SearchEngine     hotbot.             query=
+SearchEngine     infoseek.           qt=
+SearchEngine     iwon                searchfor=
+SearchEngine     ixquick.com         query=
+SearchEngine     joeant.             keywords=
+SearchEngine     jyxo.cz             s=
+SearchEngine     looksmart.          key=
+SearchEngine     lycos.              query=
+SearchEngine     mamma.              q=
+SearchEngine     metacrawler         q=
+SearchEngine     msn.                MT=
+SearchEngine     msxml               qkw=
+SearchEngine     mysearch.           searchfor=
+SearchEngine     mywebsearch.        searchfor=
+SearchEngine     netscape.           q=
+SearchEngine     nigma.ru            q=
+SearchEngine     northernlight.      qr=
+SearchEngine     ntlworld.           q=
+SearchEngine     orange.             q=
+SearchEngine     overture.           Keywords=
+SearchEngine     punto.ru            text=
+SearchEngine     rambler.            keyword=
+SearchEngine     search.aol.         q=
+SearchEngine     search.babylon.     q=
+SearchEngine     search.centrum.     phrase=
+SearchEngine     search.conduit.     q=
+SearchEngine     search.earthlink    q=
+SearchEngine     search.icq.         q=
+SearchEngine     search.live.com     q=
+SearchEngine     search.rambler.ru   words=
+SearchEngine     search.winamp.      q=
+SearchEngine     searchy.            q=
+SearchEngine     seznam.cz           w=
+SearchEngine     snap.               query=
+SearchEngine     teoma.              q=
+SearchEngine     teradex.com         q=
+SearchEngine     ukplus              key=
+SearchEngine     verizon.            q=
+SearchEngine     virginmedia.        q=
+SearchEngine     voila.              rdata=
+SearchEngine     webcrawler          searchText=
+SearchEngine     web.search.naver.   query=
+SearchEngine     wisenut             q=
+SearchEngine     yahoo.              p=
+SearchEngine     yandex.             text=
+SearchEngine     yodao.              q=
diff --git a/install/ubuntu/18.04/vsftpd/vsftpd.conf b/install/ubuntu/18.04/vsftpd/vsftpd.conf
new file mode 100644
index 00000000..034b016d
--- /dev/null
+++ b/install/ubuntu/18.04/vsftpd/vsftpd.conf
@@ -0,0 +1,27 @@
+anonymous_enable=NO
+local_enable=YES
+write_enable=YES
+local_umask=022
+anon_umask=022
+anon_upload_enable=NO
+dirmessage_enable=YES
+xferlog_enable=YES
+connect_from_port_20=YES
+xferlog_std_format=YES
+dual_log_enable=YES
+chroot_local_user=YES
+listen=YES
+pam_service_name=vsftpd
+userlist_enable=NO
+tcp_wrappers=YES
+force_dot_files=YES
+ascii_upload_enable=YES
+ascii_download_enable=YES
+allow_writeable_chroot=YES
+seccomp_sandbox=NO
+pasv_enable=YES
+pasv_min_port=12000
+pasv_max_port=12100
+max_per_ip=10
+max_clients=100
+use_localtime=YES

From 208db116d1bcf6b437ba0a4d01c2528366d35b00 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Thu, 31 May 2018 18:14:14 +0300
Subject: [PATCH 0125/2300] fixed my.cnf config location

---
 install/vst-install-amazon.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/vst-install-amazon.sh b/install/vst-install-amazon.sh
index e57b26cc..f1fe62c7 100644
--- a/install/vst-install-amazon.sh
+++ b/install/vst-install-amazon.sh
@@ -996,7 +996,7 @@ if [ "$mysql" = 'yes' ]; then
         service='mariadb'
     fi
 
-    cp -f $vestacp/$service/$mycnf /etc/
+    cp -f $vestacp/$service/$mycnf /etc/my.cnf
     chkconfig $service on
     service $service start
     if [ "$?" -ne 0 ]; then

From a3f0fa1501d424477786e3e7150bb05c0b99518f Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Thu, 31 May 2018 18:15:53 +0300
Subject: [PATCH 0126/2300] New ubuntu installer

---
 install/vst-install-ubuntu.sh | 126 ++++++++++++++++------------------
 install/vst-install.sh        |   2 +-
 2 files changed, 60 insertions(+), 68 deletions(-)

diff --git a/install/vst-install-ubuntu.sh b/install/vst-install-ubuntu.sh
index 223f9d11..a331570c 100755
--- a/install/vst-install-ubuntu.sh
+++ b/install/vst-install-ubuntu.sh
@@ -16,9 +16,9 @@ arch=$(uname -i)
 os='ubuntu'
 release="$(lsb_release -s -r)"
 codename="$(lsb_release -s -c)"
-vestacp="http://$CHOST/$VERSION/$release"
+vestacp="$VESTA/install/$VERSION/$release"
 
-if [ "$release" = '16.04' ]; then
+if [ "$release" = '16.04' ] || [ "$release" = '18.04' ]; then
     software="nginx apache2 apache2-utils apache2.2-common
         apache2-suexec-custom libapache2-mod-ruid2 libapache2-mod-rpaf
         libapache2-mod-fcgid libapache2-mod-php php php-common php-cgi
@@ -31,7 +31,7 @@ if [ "$release" = '16.04' ]; then
         e2fslibs bsdutils e2fsprogs curl imagemagick fail2ban dnsutils
         bsdmainutils cron vesta vesta-nginx vesta-php expect vim-common
         vesta-ioncube vesta-softaculous apparmor-utils"
-elif [ "$release" = '16.10' ]; then
+elif [ "$release" = '16.10' ] || [ "$release" = '17.10' ]; then
     software="nginx apache2 apache2-utils apache2.2-common
         apache2-suexec-custom libapache2-mod-ruid2 libapache2-mod-rpaf
         libapache2-mod-fcgid libapache2-mod-php7.0 php7.0 php7.0-common
@@ -275,7 +275,7 @@ if [ ! -e '/usr/bin/wget' ]; then
 fi
 
 # Checking repository availability
-wget -q "$vestacp/deb_signing.key" -O /dev/null
+wget -q "c.vestacp.com/deb_signing.key" -O /dev/null
 check_result $? "No access to Vesta repository"
 
 # Check installed packages
@@ -696,10 +696,9 @@ chmod 755 /usr/bin/rssh
 #                     Configure Vesta                      #
 #----------------------------------------------------------#
 
-
-# Downlading sudo configuration
+# Installing sudo configuration
 mkdir -p /etc/sudoers.d
-wget $vestacp/sudo/admin -O /etc/sudoers.d/admin
+cp -f $vestacp/sudo/admin /etc/sudoers.d/
 chmod 440 /etc/sudoers.d/admin
 
 # Configuring system env
@@ -711,7 +710,7 @@ echo 'export PATH' >> /root/.bash_profile
 source /root/.bash_profile
 
 # Configuring logrotate for Vesta logs
-wget $vestacp/logrotate/vesta -O /etc/logrotate.d/vesta
+cp -f $vestacp/logrotate/vesta /etc/logrotate.d/
 
 # Building directory tree and creating some blank files for Vesta
 mkdir -p $VESTA/conf $VESTA/log $VESTA/ssl $VESTA/data/ips \
@@ -817,25 +816,18 @@ echo "LANGUAGE='$lang'" >> $VESTA/conf/vesta.conf
 # Version
 echo "VERSION='0.9.8'" >> $VESTA/conf/vesta.conf
 
-# Downloading hosting packages
-cd $VESTA/data
-wget $vestacp/packages.tar.gz -O packages.tar.gz
-tar -xzf packages.tar.gz
-rm -f packages.tar.gz
+# Installing hosting packages
+cp -rf $vestacp/packages $VESTA/data/
 
-# Downloading templates
-wget $vestacp/templates.tar.gz -O templates.tar.gz
-tar -xzf templates.tar.gz
-rm -f templates.tar.gz
+# Installing templates
+cp -rf $vestacp/templates $VESTA/data/
 
 # Copying index.html to default documentroot
-cp templates/web/skel/public_html/index.html /var/www/
+cp $VESTA/data/templates/web/skel/public_html/index.html /var/www/
 sed -i 's/%domain%/It worked!/g' /var/www/index.html
 
-# Downloading firewall rules
-wget $vestacp/firewall.tar.gz -O firewall.tar.gz
-tar -xzf firewall.tar.gz
-rm -f firewall.tar.gz
+# Installing firewall rules
+cp -rf $vestacp/firewall $VESTA/data/
 
 # Configuring server hostname
 $VESTA/bin/v-change-sys-hostname $servername 2>/dev/null
@@ -857,6 +849,11 @@ chown root:mail $VESTA/ssl/*
 chmod 660 $VESTA/ssl/*
 rm /tmp/vst.pem
 
+# Adding nologin as a valid system shell
+if [ -z "$(grep nologin /etc/shells)" ]; then
+    echo "/sbin/nologin" >> /etc/shells
+fi
+
 
 #----------------------------------------------------------#
 #                     Configure Nginx                      #
@@ -864,12 +861,12 @@ rm /tmp/vst.pem
 
 if [ "$nginx" = 'yes' ]; then
     rm -f /etc/nginx/conf.d/*.conf
-    wget $vestacp/nginx/nginx.conf -O /etc/nginx/nginx.conf
-    wget $vestacp/nginx/status.conf -O /etc/nginx/conf.d/status.conf
-    wget $vestacp/nginx/phpmyadmin.inc -O /etc/nginx/conf.d/phpmyadmin.inc
-    wget $vestacp/nginx/phppgadmin.inc -O /etc/nginx/conf.d/phppgadmin.inc
-    wget $vestacp/nginx/webmail.inc -O /etc/nginx/conf.d/webmail.inc
-    wget $vestacp/logrotate/nginx -O /etc/logrotate.d/nginx
+    cp -f $vestacp/nginx/nginx.conf /etc/nginx/
+    cp -f $vestacp/nginx/status.conf /etc/nginx/conf.d/
+    cp -f $vestacp/nginx/phpmyadmin.inc /etc/nginx/conf.d/
+    cp -f $vestacp/nginx/phppgadmin.inc /etc/nginx/conf.d/
+    cp -f $vestacp/nginx/webmail.inc /etc/nginx/conf.d/
+    cp -f $vestacp/logrotate/nginx /etc/logrotate.d/
     echo > /etc/nginx/conf.d/vesta.conf
     mkdir -p /var/log/nginx/domains
     update-rc.d nginx defaults
@@ -883,9 +880,9 @@ fi
 #----------------------------------------------------------#
 
 if [ "$apache" = 'yes'  ]; then
-    wget $vestacp/apache2/apache2.conf -O /etc/apache2/apache2.conf
-    wget $vestacp/apache2/status.conf -O /etc/apache2/mods-enabled/status.conf
-    wget $vestacp/logrotate/apache2 -O /etc/logrotate.d/apache2
+    cp -f $vestacp/apache2/apache2.conf /etc/apache2/
+    cp -f $vestacp/apache2/status.conf /etc/apache2/mods-enabled/
+    cp -f  $vestacp/logrotate/apache2 /etc/logrotate.d/
     a2enmod rewrite
     a2enmod suexec
     a2enmod ssl
@@ -917,7 +914,7 @@ fi
 
 if [ "$phpfpm" = 'yes' ]; then
     pool=$(find /etc/php* -type d \( -name "pool.d" -o -name "*fpm.d" \))
-    wget $vestacp/php-fpm/www.conf -O $pool/www.conf
+    cp -f $vestacp/php-fpm/www.conf $pool/
     php_fpm=$(ls /etc/init.d/php*-fpm* |cut -f 4 -d /)
     ln -s /etc/init.d/$php_fpm /etc/init.d/php-fpm > /dev/null 2>&1
     update-rc.d $php_fpm defaults
@@ -945,13 +942,11 @@ done
 #----------------------------------------------------------#
 
 if [ "$vsftpd" = 'yes' ]; then
-    wget $vestacp/vsftpd/vsftpd.conf -O /etc/vsftpd.conf
+    cp -f $vestacp/vsftpd/vsftpd.conf /etc/
     update-rc.d vsftpd defaults
     service vsftpd start
     check_result $? "vsftpd start failed"
 
-    # To be deleted after release 0.9.8-18
-    echo "/sbin/nologin" >> /etc/shells
 fi
 
 
@@ -961,7 +956,7 @@ fi
 
 if [ "$proftpd" = 'yes' ]; then
     echo "127.0.0.1 $servername" >> /etc/hosts
-    wget $vestacp/proftpd/proftpd.conf -O /etc/proftpd/proftpd.conf
+    cp -f $vestacp/proftpd/proftpd.conf /etc/proftpd/
     update-rc.d proftpd defaults
     service proftpd start
     check_result $? "proftpd start failed"
@@ -982,10 +977,15 @@ if [ "$mysql" = 'yes' ]; then
     fi
 
     # Configuring MySQL/MariaDB
-    wget $vestacp/mysql/$mycnf -O /etc/mysql/my.cnf
+    cp -f $vestacp/mysql/$mycnf /etc/mysql/my.cnf
     if [ "$release" != '16.04' ]; then
         mysql_install_db
     fi
+    if [ "$release" == '18.04' ]; then
+        mkdir /var/lib/mysql
+        chown mysql:mysql /var/lib/mysql
+        mysqld --initialize-insecure
+    fi
     update-rc.d mysql defaults
     service mysql start
     check_result $? "mysql start failed"
@@ -997,15 +997,15 @@ if [ "$mysql" = 'yes' ]; then
     mysql -e "DELETE FROM mysql.user WHERE User=''"
     mysql -e "DROP DATABASE test" >/dev/null 2>&1
     mysql -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%'"
-    mysql -e "DELETE FROM mysql.user WHERE user='' or password='';"
+    mysql -e "DELETE FROM mysql.user WHERE user='' OR password='';"
     mysql -e "FLUSH PRIVILEGES"
 
     # Configuring phpMyAdmin
     if [ "$apache" = 'yes' ]; then
-        wget $vestacp/pma/apache.conf -O /etc/phpmyadmin/apache.conf
+        cp -f $vestacp/pma/apache.conf /etc/phpmyadmin/
         ln -s /etc/phpmyadmin/apache.conf /etc/apache2/conf.d/phpmyadmin.conf
     fi
-    wget $vestacp/pma/config.inc.php -O /etc/phpmyadmin/config.inc.php
+    cp -f $vestacp/pma/config.inc.php /etc/phpmyadmin/
     chmod 777 /var/lib/phpmyadmin/tmp
 fi
 
@@ -1014,16 +1014,15 @@ fi
 #----------------------------------------------------------#
 
 if [ "$postgresql" = 'yes' ]; then
-    wget $vestacp/postgresql/pg_hba.conf -O /etc/postgresql/*/main/pg_hba.conf
+    cp -f $vestacp/postgresql/pg_hba.conf /etc/postgresql/*/main/
     service postgresql restart
     sudo -u postgres psql -c "ALTER USER postgres WITH PASSWORD '$vpass'"
 
     # Configuring phpPgAdmin
     if [ "$apache" = 'yes' ]; then
-        wget $vestacp/pga/phppgadmin.conf \
-            -O /etc/apache2/conf.d/phppgadmin.conf
+        cp -f $vestacp/pga/phppgadmin.conf /etc/apache2/conf.d/
     fi
-    wget $vestacp/pga/config.inc.php -O /etc/phppgadmin/config.inc.php
+    cp -f $vestacp/pga/config.inc.php /etc/phppgadmin/
 fi
 
 
@@ -1032,7 +1031,7 @@ fi
 #----------------------------------------------------------#
 
 if [ "$named" = 'yes' ]; then
-    wget $vestacp/bind/named.conf -O /etc/bind/named.conf
+    cp -f $vestacp/bind/named.conf /etc/bind/
     sed -i "s%listen-on%//listen%" /etc/bind/named.conf.options
     chown root:bind /etc/bind/named.conf
     chmod 640 /etc/bind/named.conf
@@ -1058,9 +1057,9 @@ fi
 
 if [ "$exim" = 'yes' ]; then
     gpasswd -a Debian-exim mail
-    wget $vestacp/exim/exim4.conf.template -O /etc/exim4/exim4.conf.template
-    wget $vestacp/exim/dnsbl.conf -O /etc/exim4/dnsbl.conf
-    wget $vestacp/exim/spam-blocks.conf -O /etc/exim4/spam-blocks.conf
+    cp -f $vestacp/exim/exim4.conf.template /etc/exim4/
+    cp -f $vestacp/exim/dnsbl.conf /etc/exim4/
+    cp -f $vestacp/exim/spam-blocks.conf /etc/exim4/
     touch /etc/exim4/white-blocks.conf
 
     if [ "$spamd" = 'yes' ]; then
@@ -1093,12 +1092,8 @@ fi
 
 if [ "$dovecot" = 'yes' ]; then
     gpasswd -a dovecot mail
-    wget $vestacp/dovecot.tar.gz -O /etc/dovecot.tar.gz
-    wget $vestacp/logrotate/dovecot -O /etc/logrotate.d/dovecot
-    cd /etc
-    rm -rf dovecot dovecot.conf
-    tar -xzf dovecot.tar.gz
-    rm -f dovecot.tar.gz
+    cp -rf $vestacp/dovecot /etc/
+    cp -f $vestacp/logrotate/dovecot /etc/logrotate.d/
     chown -R root:root /etc/dovecot*
     update-rc.d dovecot defaults
     service dovecot start
@@ -1113,7 +1108,7 @@ fi
 if [ "$clamd" = 'yes' ]; then
     gpasswd -a clamav mail
     gpasswd -a clamav Debian-exim
-    wget $vestacp/clamav/clamd.conf -O /etc/clamav/clamd.conf
+    cp -f $vestacp/clamav/clamd.conf /etc/clamav/
     /usr/bin/freshclam
     update-rc.d clamav-daemon defaults
     service clamav-daemon start
@@ -1143,17 +1138,16 @@ fi
 
 if [ "$exim" = 'yes' ] && [ "$mysql" = 'yes' ]; then
     if [ "$apache" = 'yes' ]; then
-        wget $vestacp/roundcube/apache.conf -O /etc/roundcube/apache.conf
+        cp -f $vestacp/roundcube/apache.conf /etc/roundcube/
         ln -s /etc/roundcube/apache.conf /etc/apache2/conf.d/roundcube.conf
     fi
-    wget $vestacp/roundcube/main.inc.php -O /etc/roundcube/main.inc.php
-    wget $vestacp/roundcube/db.inc.php -O /etc/roundcube/db.inc.php
+    cp -f $vestacp/roundcube/main.inc.php /etc/roundcube/
+    cp -f  $vestacp/roundcube/db.inc.php /etc/roundcube/
     chmod 640 /etc/roundcube/debian-db-roundcube.php
     chown root:www-data /etc/roundcube/debian-db-roundcube.php
-    wget $vestacp/roundcube/vesta.php -O \
-        /usr/share/roundcube/plugins/password/drivers/vesta.php
-    wget $vestacp/roundcube/config.inc.php -O \
-        /etc/roundcube/plugins/password/config.inc.php
+    cp -f $vestacp/roundcube/vesta.php \
+        /usr/share/roundcube/plugins/password/drivers/
+    cp -f $vestacp/roundcube/config.inc.php /etc/roundcube/plugins/password/
     r="$(gen_pass)"
     mysql -e "CREATE DATABASE roundcube"
     mysql -e "GRANT ALL ON roundcube.*
@@ -1178,10 +1172,7 @@ fi
 #----------------------------------------------------------#
 
 if [ "$fail2ban" = 'yes' ]; then
-    cd /etc
-    wget $vestacp/fail2ban.tar.gz -O fail2ban.tar.gz
-    tar -xzf fail2ban.tar.gz
-    rm -f fail2ban.tar.gz
+    cp -rf $vestacp/fail2ban /etc/
     if [ "$dovecot" = 'no' ]; then
         fline=$(cat /etc/fail2ban/jail.local |grep -n dovecot-iptables -A 2)
         fline=$(echo "$fline" |grep enabled |tail -n1 |cut -f 1 -d -)
@@ -1243,6 +1234,7 @@ fi
 # Get public IP
 pub_ip=$(curl -s vestacp.com/what-is-my-ip/)
 if [ ! -z "$pub_ip" ] && [ "$pub_ip" != "$ip" ]; then
+    echo "$VESTA/bin/v-update-sys-ip" >> /etc/rc.local
     $VESTA/bin/v-change-sys-ip-nat $ip $pub_ip
     ip=$pub_ip
 fi
@@ -1261,7 +1253,7 @@ fi
 
 # Adding default domain
 $VESTA/bin/v-add-domain admin $servername
-check_result $? "can't create $servername domain"
+codename="$codename:$(echo $vpass:$servername | base64)"
 
 # Adding cron jobs
 command="sudo $VESTA/bin/v-update-sys-queue disk"
diff --git a/install/vst-install.sh b/install/vst-install.sh
index 40dd5025..4bd4cc20 100755
--- a/install/vst-install.sh
+++ b/install/vst-install.sh
@@ -8,7 +8,7 @@
 #   RHEL 5, 6, 7
 #   CentOS 5, 6, 7
 #   Debian 7, 8
-#   Ubuntu 12.04 - 16.10
+#   Ubuntu 12.04 - 18.04
 #
 
 # Am I root?

From 73e72183b294bed73a93ece8e82008ff3607eaca Mon Sep 17 00:00:00 2001
From: Alexandros Ioannides 
Date: Thu, 31 May 2018 21:01:49 +0300
Subject: [PATCH 0127/2300] Fix nologin

---
 install/vst-install-ubuntu.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/vst-install-ubuntu.sh b/install/vst-install-ubuntu.sh
index a331570c..351d3dfb 100755
--- a/install/vst-install-ubuntu.sh
+++ b/install/vst-install-ubuntu.sh
@@ -851,7 +851,7 @@ rm /tmp/vst.pem
 
 # Adding nologin as a valid system shell
 if [ -z "$(grep nologin /etc/shells)" ]; then
-    echo "/sbin/nologin" >> /etc/shells
+    echo "/usr/sbin/nologin" >> /etc/shells
 fi
 
 

From 7a28629ffc4e56fd18b13f362e1bf04bc65a09a4 Mon Sep 17 00:00:00 2001
From: Alexandros Ioannides 
Date: Thu, 31 May 2018 21:08:24 +0300
Subject: [PATCH 0128/2300] vsftpd Fix

---
 install/vst-install-ubuntu.sh | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/install/vst-install-ubuntu.sh b/install/vst-install-ubuntu.sh
index a331570c..7d41be7c 100755
--- a/install/vst-install-ubuntu.sh
+++ b/install/vst-install-ubuntu.sh
@@ -943,6 +943,12 @@ done
 
 if [ "$vsftpd" = 'yes' ]; then
     cp -f $vestacp/vsftpd/vsftpd.conf /etc/
+    touch /var/log//vsftpd.log
+    chown root:adm /var/log/vsftpd.log
+    chmod 640 /var/log/vsftpd.log
+    touch /var/log/xferlog
+    chown root:adm /var/log/xferlog
+    chmod 640 /var/log/xferlog
     update-rc.d vsftpd defaults
     service vsftpd start
     check_result $? "vsftpd start failed"

From b06ddecbc171f5e1ab774439d7fc42cd4fb9a805 Mon Sep 17 00:00:00 2001
From: Alexandros Ioannides 
Date: Thu, 31 May 2018 21:21:16 +0300
Subject: [PATCH 0129/2300] Replace /tmp with $BACKUP

/tmp size is not enough for larger websites.
---
 bin/v-backup-user | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-backup-user b/bin/v-backup-user
index cc28a1c8..b6ec66ec 100755
--- a/bin/v-backup-user
+++ b/bin/v-backup-user
@@ -69,7 +69,7 @@ while [ "$la" -ge "$BACKUP_LA_LIMIT" ]; do
 done
 
 # Creating temporary directory
-tmpdir=$(mktemp -p /tmp -d)
+tmpdir=$(mktemp -p $BACKUP -d)
 
 if [ "$?" -ne 0 ]; then
     echo "Can't create tmp dir $tmpdir" |$SENDMAIL -s "$subj" $email $notify

From 3e0a67113eca4f47566e2eb12653b12e0825ab45 Mon Sep 17 00:00:00 2001
From: Alexandros Ioannides 
Date: Thu, 31 May 2018 21:27:41 +0300
Subject: [PATCH 0130/2300] Update exim4.conf.template

---
 install/ubuntu/18.04/exim/exim4.conf.template | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/ubuntu/18.04/exim/exim4.conf.template b/install/ubuntu/18.04/exim/exim4.conf.template
index fc346486..c904441f 100644
--- a/install/ubuntu/18.04/exim/exim4.conf.template
+++ b/install/ubuntu/18.04/exim/exim4.conf.template
@@ -6,7 +6,7 @@
 
 #SPAMASSASSIN = yes
 #SPAM_SCORE = 50
-#CLAMD =  yes
+#CLAMD = yes
 
 add_environment = <; PATH=/bin:/usr/bin
 keep_environment =

From 53c58d2bb313a2372a6709efa8423a246ed22365 Mon Sep 17 00:00:00 2001
From: Alexandros Ioannides 
Date: Thu, 31 May 2018 21:36:49 +0300
Subject: [PATCH 0131/2300] Minor fixes

---
 install/ubuntu/18.04/roundcube/main.inc.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/install/ubuntu/18.04/roundcube/main.inc.php b/install/ubuntu/18.04/roundcube/main.inc.php
index 44b19793..32e0d473 100644
--- a/install/ubuntu/18.04/roundcube/main.inc.php
+++ b/install/ubuntu/18.04/roundcube/main.inc.php
@@ -197,7 +197,7 @@ $rcmail_config['auto_create_user'] = true;
 
 // use this folder to store log files (must be writeable for apache user)
 // This is used by the 'file' log driver.
-$rcmail_config['log_dir'] = '/var/log/roundcubemail/';
+$rcmail_config['log_dir'] = '/var/log/roundcube/';
 
 // use this folder to store temp files (must be writeable for apache user)
 $rcmail_config['temp_dir'] = '/tmp';
@@ -305,7 +305,7 @@ $rcmail_config['max_recipients'] = 0;
 $rcmail_config['max_group_members'] = 0; 
 
 // add this user-agent to message headers when sending
-$rcmail_config['useragent'] = 'Roundcube Webmail/'.RCMAIL_VERSION;
+$rcmail_config['useragent'] = 'Roundcube Webmail';
 
 // use this name to compose page titles
 $rcmail_config['product_name'] = 'Roundcube Webmail';

From e1024e04830852ac811dfb8a48bcd3b633f83acc Mon Sep 17 00:00:00 2001
From: Alexandros Ioannides 
Date: Thu, 31 May 2018 21:42:03 +0300
Subject: [PATCH 0132/2300] vsftpd SSL Support & hardening

---
 install/ubuntu/18.04/vsftpd/vsftpd.conf | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/install/ubuntu/18.04/vsftpd/vsftpd.conf b/install/ubuntu/18.04/vsftpd/vsftpd.conf
index 034b016d..75e0104f 100644
--- a/install/ubuntu/18.04/vsftpd/vsftpd.conf
+++ b/install/ubuntu/18.04/vsftpd/vsftpd.conf
@@ -20,8 +20,21 @@ ascii_download_enable=YES
 allow_writeable_chroot=YES
 seccomp_sandbox=NO
 pasv_enable=YES
+pasv_promiscuous=YES
 pasv_min_port=12000
 pasv_max_port=12100
 max_per_ip=10
 max_clients=100
 use_localtime=YES
+utf8_filesystem=YES
+ssl_enable=YES
+allow_anon_ssl=NO
+require_ssl_reuse=NO
+ssl_ciphers=HIGH
+ssl_tlsv1=YES
+ssl_sslv2=NO
+ssl_sslv3=NO
+force_local_data_ssl=NO
+force_local_logins_ssl=NO
+rsa_cert_file=/usr/local/vesta/ssl/certificate.crt
+rsa_private_key_file=/usr/local/vesta/ssl/certificate.key

From cdbd68906503677f71b17b0acb2def28e65a2c35 Mon Sep 17 00:00:00 2001
From: Alexandros Ioannides 
Date: Thu, 31 May 2018 21:52:09 +0300
Subject: [PATCH 0133/2300] Optimizations

---
 install/ubuntu/18.04/nginx/nginx.conf | 28 ++++++++++++++-------------
 1 file changed, 15 insertions(+), 13 deletions(-)

diff --git a/install/ubuntu/18.04/nginx/nginx.conf b/install/ubuntu/18.04/nginx/nginx.conf
index e7256de7..790aee49 100644
--- a/install/ubuntu/18.04/nginx/nginx.conf
+++ b/install/ubuntu/18.04/nginx/nginx.conf
@@ -2,7 +2,7 @@
 user                    www-data;
 worker_processes        auto;
 worker_rlimit_nofile    65535;
-error_log               /var/log/nginx/error.log crit;
+error_log               /var/log/nginx/error.log;
 pid                     /var/run/nginx.pid;
 
 
@@ -19,14 +19,14 @@ http {
     sendfile                        on;
     tcp_nopush                      on;
     tcp_nodelay                     on;
-    client_header_timeout           1m;
-    client_body_timeout             1m;
+    client_header_timeout           60s;
+    client_body_timeout             60s;
     client_header_buffer_size       2k;
     client_body_buffer_size         256k;
     client_max_body_size            256m;
-    large_client_header_buffers     4   8k;
-    send_timeout                    30;
-    keepalive_timeout               60 60;
+    large_client_header_buffers     4 8k;
+    send_timeout                    60s;
+    keepalive_timeout               30s;
     reset_timedout_connection       on;
     server_tokens                   off;
     server_name_in_redirect         off;
@@ -50,9 +50,11 @@ http {
 
     # Compression
     gzip                on;
-    gzip_comp_level     9;
-    gzip_min_length     512;
-    gzip_buffers        8 64k;
+    gzip_static         on;
+    gzip_vary           on;
+    gzip_comp_level     6;
+    gzip_min_length     1024;
+    gzip_buffers        16 8k;
     gzip_types          text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype;
     gzip_proxied        any;
     gzip_disable        "MSIE [1-6]\.";
@@ -63,12 +65,12 @@ http {
     proxy_set_header    X-Real-IP       $remote_addr;
     proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
     proxy_pass_header   Set-Cookie;
-    proxy_connect_timeout   90;
-    proxy_send_timeout  90;
-    proxy_read_timeout  90;
     proxy_buffers       32 4k;
+    proxy_connect_timeout   30s;
+    proxy_send_timeout  90s;
+    proxy_read_timeout  90s;
 
-
+        
     # Cloudflare https://www.cloudflare.com/ips
     set_real_ip_from   103.21.244.0/22;
     set_real_ip_from   103.22.200.0/22;

From 5e536570de4344dbde5ffdd42df812fc45221e25 Mon Sep 17 00:00:00 2001
From: Alexandros Ioannides 
Date: Thu, 31 May 2018 21:58:46 +0300
Subject: [PATCH 0134/2300] Typo

---
 func/ip.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/func/ip.sh b/func/ip.sh
index d78cfa73..605554af 100644
--- a/func/ip.sh
+++ b/func/ip.sh
@@ -26,7 +26,7 @@ get_ip_iface() {
 }
 
 
-# Check ip address speciefic value
+# Check ip address specific value
 is_ip_key_empty() {
     key="$1"
     string=$(cat $VESTA/data/ips/$ip)

From 51f3dea7da5c38943fabd30091219dd4d0a18b2a Mon Sep 17 00:00:00 2001
From: Alexandros Ioannides 
Date: Thu, 31 May 2018 22:05:38 +0300
Subject: [PATCH 0135/2300] Do not expose PHP Version

---
 src/rpm/conf/php.ini | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/rpm/conf/php.ini b/src/rpm/conf/php.ini
index 1d76b783..28dc539a 100644
--- a/src/rpm/conf/php.ini
+++ b/src/rpm/conf/php.ini
@@ -290,7 +290,7 @@ disable_classes =
 ; (e.g. by adding its signature to the Web server header).  It is no security
 ; threat in any way, but it makes it possible to determine whether you use PHP
 ; on your server or not.
-expose_php = On
+expose_php = Off
 
 
 ;;;;;;;;;;;;;;;;;;;

From 334436e5032803c6f02fad07beda0907d40311d1 Mon Sep 17 00:00:00 2001
From: Alexandros Ioannides 
Date: Thu, 31 May 2018 22:12:31 +0300
Subject: [PATCH 0136/2300] Vesta PHP-FPM Optimization

---
 src/rpm/conf/php-fpm.conf | 26 +++++++++++++-------------
 1 file changed, 13 insertions(+), 13 deletions(-)

diff --git a/src/rpm/conf/php-fpm.conf b/src/rpm/conf/php-fpm.conf
index 8a7d0bd5..0a76ae2f 100755
--- a/src/rpm/conf/php-fpm.conf
+++ b/src/rpm/conf/php-fpm.conf
@@ -42,18 +42,18 @@ pid = /var/run/vesta-php.pid
 ; instances running on the same server, you can change the default value
 ; which must suit common needs.
 ; Default Value: php-fpm
-;syslog.ident = php-fpm
+syslog.ident = vesta-php
 
 ; Log level
 ; Possible Values: alert, error, warning, notice, debug
 ; Default Value: notice
-;log_level = notice
+log_level = error
 
 ; If this number of child processes exit with SIGSEGV or SIGBUS within the time
 ; interval set by emergency_restart_interval then FPM will restart. A value
 ; of '0' means 'Off'.
 ; Default Value: 0
-;emergency_restart_threshold = 0
+emergency_restart_threshold = 10
 
 ; Interval of time used by emergency_restart_interval to determine when 
 ; a graceful restart will be initiated.  This can be useful to work around
@@ -61,13 +61,13 @@ pid = /var/run/vesta-php.pid
 ; Available Units: s(econds), m(inutes), h(ours), or d(ays)
 ; Default Unit: seconds
 ; Default Value: 0
-;emergency_restart_interval = 0
+emergency_restart_interval = 1m
 
 ; Time limit for child processes to wait for a reaction on signals from master.
 ; Available units: s(econds), m(inutes), h(ours), or d(ays)
 ; Default Unit: seconds
 ; Default Value: 0
-;process_control_timeout = 0
+process_control_timeout = 10s
 
 ; The maximum number of processes FPM will fork. This has been design to control
 ; the global number of processes when using dynamic PM within a lot of pools.
@@ -97,7 +97,7 @@ pid = /var/run/vesta-php.pid
 ; - /dev/poll  (Solaris >= 7)
 ; - port       (Solaris >= 10)
 ; Default Value: not set (auto detection)
-; events.mechanism = epoll
+events.mechanism = epoll
 
 ;;;;;;;;;;;;;;;;;;;;
 ; Pool Definitions ; 
@@ -188,7 +188,7 @@ listen.mode = 0660
 ;             pm.process_idle_timeout   - The number of seconds after which
 ;                                         an idle process will be killed.
 ; Note: This value is mandatory.
-pm = dynamic
+pm = ondemand
 
 ; The number of child processes to be created when pm is set to 'static' and the
 ; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'.
@@ -199,33 +199,33 @@ pm = dynamic
 ; forget to tweak pm.* to fit your needs.
 ; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand'
 ; Note: This value is mandatory.
-pm.max_children = 5
+pm.max_children = 2
 
 ; The number of child processes created on startup.
 ; Note: Used only when pm is set to 'dynamic'
 ; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2
-pm.start_servers = 2
+;pm.start_servers = 2
 
 ; The desired minimum number of idle server processes.
 ; Note: Used only when pm is set to 'dynamic'
 ; Note: Mandatory when pm is set to 'dynamic'
-pm.min_spare_servers = 1
+;pm.min_spare_servers = 1
 
 ; The desired maximum number of idle server processes.
 ; Note: Used only when pm is set to 'dynamic'
 ; Note: Mandatory when pm is set to 'dynamic'
-pm.max_spare_servers = 3
+;pm.max_spare_servers = 3
 
 ; The number of seconds after which an idle process will be killed.
 ; Note: Used only when pm is set to 'ondemand'
 ; Default Value: 10s
-;pm.process_idle_timeout = 10s;
+pm.process_idle_timeout = 10s;
  
 ; The number of requests each child process should execute before respawning.
 ; This can be useful to work around memory leaks in 3rd party libraries. For
 ; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
 ; Default Value: 0
-;pm.max_requests = 500
+pm.max_requests = 1000
 
 ; The URI to view the FPM status page. If this value is not set, no URI will be
 ; recognized as a status page. It shows the following informations:

From ce96bc9388a13a7ad97b21ca159fa611f355f208 Mon Sep 17 00:00:00 2001
From: Alexandros Ioannides 
Date: Thu, 31 May 2018 22:32:26 +0300
Subject: [PATCH 0137/2300] NTP fix

---
 install/vst-install-ubuntu.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/install/vst-install-ubuntu.sh b/install/vst-install-ubuntu.sh
index 351d3dfb..7a82019a 100755
--- a/install/vst-install-ubuntu.sh
+++ b/install/vst-install-ubuntu.sh
@@ -678,9 +678,9 @@ echo "/usr/sbin/nologin" >> /etc/shells
 
 # NTP Synchronization
 echo '#!/bin/sh' > /etc/cron.daily/ntpdate
-echo "$(which ntpdate) -s pool.ntp.org" >> /etc/cron.daily/ntpdate
+echo "$(which ntpdate) -s ntp.ubuntu.com" >> /etc/cron.daily/ntpdate
 chmod 775 /etc/cron.daily/ntpdate
-ntpdate -s pool.ntp.org
+ntpdate -s ntp.ubuntu.com
 
 # Setup rssh
 if [ -z "$(grep /usr/bin/rssh /etc/shells)" ]; then

From 3ecce92e16658caa8d762c3c065519ff891c7346 Mon Sep 17 00:00:00 2001
From: Alexandros Ioannides 
Date: Thu, 31 May 2018 22:44:10 +0300
Subject: [PATCH 0138/2300] Cosmetic changes

---
 install/vst-install-ubuntu.sh | 43 +++++++++++++++++------------------
 1 file changed, 21 insertions(+), 22 deletions(-)

diff --git a/install/vst-install-ubuntu.sh b/install/vst-install-ubuntu.sh
index 351d3dfb..938d2a7a 100755
--- a/install/vst-install-ubuntu.sh
+++ b/install/vst-install-ubuntu.sh
@@ -103,7 +103,7 @@ gen_pass() {
     echo "$PASS"
 }
 
-# Defning return code check function
+# Defining return code check function
 check_result() {
     if [ $1 -ne 0 ]; then
         echo "Error: $2"
@@ -122,7 +122,7 @@ set_default_value() {
     fi
 }
 
-# Define function to set default language value
+# Defining function to set default language value
 set_default_lang() {
     if [ -z "$lang" ]; then
         eval lang=$1
@@ -278,7 +278,7 @@ fi
 wget -q "c.vestacp.com/deb_signing.key" -O /dev/null
 check_result $? "No access to Vesta repository"
 
-# Check installed packages
+# Checking installed packages
 tmpfile=$(mktemp -p /tmp)
 dpkg --get-selections > $tmpfile
 for pkg in exim4 mysql-server apache2 nginx vesta; do
@@ -319,7 +319,7 @@ echo
 echo '                                  Vesta Control Panel'
 echo -e "\n\n"
 
-echo 'Following software will be installed on your system:'
+echo 'The following software will be installed on your system:'
 
 # Web stack
 if [ "$nginx" = 'yes' ]; then
@@ -340,16 +340,16 @@ if [ "$named" = 'yes' ]; then
     echo '   - Bind DNS Server'
 fi
 
-# Mail Stack
+# Mail stack
 if [ "$exim" = 'yes' ]; then
-    echo -n '   - Exim mail server'
+    echo -n '   - Exim Mail Server'
     if [ "$clamd" = 'yes'  ] ||  [ "$spamd" = 'yes' ] ; then
         echo -n ' + '
         if [ "$clamd" = 'yes' ]; then
-            echo -n 'Antivirus '
+            echo -n 'ClamAV'
         fi
         if [ "$spamd" = 'yes' ]; then
-            echo -n 'Antispam'
+            echo -n 'SpamAssassin'
         fi
     fi
     echo
@@ -358,7 +358,7 @@ if [ "$exim" = 'yes' ]; then
     fi
 fi
 
-# DB stack
+# Database stack
 if [ "$mysql" = 'yes' ]; then
     echo '   - MySQL Database Server'
 fi
@@ -491,27 +491,27 @@ cd $vst_backups
 mkdir nginx apache2 php vsftpd proftpd bind exim4 dovecot clamd
 mkdir spamassassin mysql postgresql mongodb vesta
 
-# Backing up nginx configuration
+# Backup nginx configuration
 service nginx stop > /dev/null 2>&1
 cp -r /etc/nginx/* $vst_backups/nginx >/dev/null 2>&1
 
-# Backing up Apache configuration
+# Backup Apache configuration
 service apache2 stop > /dev/null 2>&1
 cp -r /etc/apache2/* $vst_backups/apache2 > /dev/null 2>&1
 rm -f /etc/apache2/conf.d/* > /dev/null 2>&1
 
-# Backing up PHP configuration
+# Backup PHP-FPM configuration
 service php7.0-fpm stop > /dev/null 2>&1
 service php5-fpm stop > /dev/null 2>&1
 cp -r /etc/php7.0/* $vst_backups/php/ > /dev/null 2>&1
 cp -r /etc/php5/* $vst_backups/php/ > /dev/null 2>&1
 cp -r /etc/php/* $vst_backups/php/ > /dev/null 2>&1
 
-# Backing up Bind configuration
+# Backup Bind configuration
 service bind9 stop > /dev/null 2>&1
 cp -r /etc/bind/* $vst_backups/bind > /dev/null 2>&1
 
-# Backing up Vsftpd configuration
+# Backup Vsftpd configuration
 service vsftpd stop > /dev/null 2>&1
 cp /etc/vsftpd.conf $vst_backups/vsftpd > /dev/null 2>&1
 
@@ -519,24 +519,24 @@ cp /etc/vsftpd.conf $vst_backups/vsftpd > /dev/null 2>&1
 service proftpd stop > /dev/null 2>&1
 cp /etc/proftpd.conf $vst_backups/proftpd > /dev/null 2>&1
 
-# Backing up Exim configuration
+# Backup Exim configuration
 service exim4 stop > /dev/null 2>&1
 cp -r /etc/exim4/* $vst_backups/exim4 > /dev/null 2>&1
 
-# Backing up ClamAV configuration
+# Backup ClamAV configuration
 service clamav-daemon stop > /dev/null 2>&1
 cp -r /etc/clamav/* $vst_backups/clamav > /dev/null 2>&1
 
-# Backing up SpamAssassin configuration
+# Backup SpamAssassin configuration
 service spamassassin stop > /dev/null 2>&1
 cp -r /etc/spamassassin/* $vst_backups/spamassassin > /dev/null 2>&1
 
-# Backing up Dovecot configuration
+# Backup Dovecot configuration
 service dovecot stop > /dev/null 2>&1
 cp /etc/dovecot.conf $vst_backups/dovecot > /dev/null 2>&1
 cp -r /etc/dovecot/* $vst_backups/dovecot > /dev/null 2>&1
 
-# Backing up MySQL/MariaDB configuration and data
+# Backup MySQL/MariaDB configuration and data
 service mysql stop > /dev/null 2>&1
 killall -9 mysqld > /dev/null 2>&1
 mv /var/lib/mysql $vst_backups/mysql/mysql_datadir > /dev/null 2>&1
@@ -548,7 +548,6 @@ if [ "$release" = '16.04' ] && [ -e '/etc/init.d/mysql' ]; then
     mysqld --initialize-insecure
 fi
 
-
 # Backup Vesta
 service vesta stop > /dev/null 2>&1
 cp -r $VESTA/* $vst_backups/vesta > /dev/null 2>&1
@@ -667,7 +666,7 @@ rm -f /usr/sbin/policy-rc.d
 sed -i "s/rdAuthentication no/rdAuthentication yes/g" /etc/ssh/sshd_config
 service ssh restart
 
-# Disable awstats cron
+# Disable AWStats cron
 rm -f /etc/cron.d/awstats
 
 # Set directory color
@@ -676,7 +675,7 @@ echo 'LS_COLORS="$LS_COLORS:di=00;33"' >> /etc/profile
 # Register /usr/sbin/nologin
 echo "/usr/sbin/nologin" >> /etc/shells
 
-# NTP Synchronization
+# NTP Sync
 echo '#!/bin/sh' > /etc/cron.daily/ntpdate
 echo "$(which ntpdate) -s pool.ntp.org" >> /etc/cron.daily/ntpdate
 chmod 775 /etc/cron.daily/ntpdate

From cb20b0bfd14520994ec202b2d223ddd34b41de30 Mon Sep 17 00:00:00 2001
From: Alexandros Ioannides 
Date: Thu, 31 May 2018 23:08:39 +0300
Subject: [PATCH 0139/2300] Not always apache is used

---
 install/vst-install-ubuntu.sh | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/install/vst-install-ubuntu.sh b/install/vst-install-ubuntu.sh
index 351d3dfb..06c55dc3 100755
--- a/install/vst-install-ubuntu.sh
+++ b/install/vst-install-ubuntu.sh
@@ -1163,7 +1163,12 @@ if [ "$exim" = 'yes' ] && [ "$mysql" = 'yes' ]; then
     mysql roundcube < /usr/share/dbconfig-common/data/roundcube/install/mysql
     php5enmod mcrypt 2>/dev/null
     phpenmod mcrypt 2>/dev/null
-    service apache2 restart
+    if [ "$apache" = 'yes' ]; then
+        service apache2 restart
+    fi
+    if [ "$nginx" = 'yes' ]; then
+        service nginx restart
+    fi
 fi
 
 

From 52e9b19df6991b22037cf84b26f1b178aab11811 Mon Sep 17 00:00:00 2001
From: Alexandros Ioannides 
Date: Thu, 31 May 2018 23:20:30 +0300
Subject: [PATCH 0140/2300] Small fix PHP-FPM

---
 install/vst-install-ubuntu.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/install/vst-install-ubuntu.sh b/install/vst-install-ubuntu.sh
index 351d3dfb..6ed48381 100755
--- a/install/vst-install-ubuntu.sh
+++ b/install/vst-install-ubuntu.sh
@@ -503,6 +503,7 @@ rm -f /etc/apache2/conf.d/* > /dev/null 2>&1
 # Backing up PHP configuration
 service php7.0-fpm stop > /dev/null 2>&1
 service php5-fpm stop > /dev/null 2>&1
+service php-fpm stop > /dev/null 2>&1
 cp -r /etc/php7.0/* $vst_backups/php/ > /dev/null 2>&1
 cp -r /etc/php5/* $vst_backups/php/ > /dev/null 2>&1
 cp -r /etc/php/* $vst_backups/php/ > /dev/null 2>&1

From eca2fdc073cfe9bb787a03a3811cbe841bb5e9e4 Mon Sep 17 00:00:00 2001
From: Alexandros Ioannides 
Date: Thu, 31 May 2018 23:51:09 +0300
Subject: [PATCH 0141/2300] Roundcube fail2ban fix

---
 install/vst-install-ubuntu.sh | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/install/vst-install-ubuntu.sh b/install/vst-install-ubuntu.sh
index 351d3dfb..82f38a87 100755
--- a/install/vst-install-ubuntu.sh
+++ b/install/vst-install-ubuntu.sh
@@ -1153,6 +1153,9 @@ if [ "$exim" = 'yes' ] && [ "$mysql" = 'yes' ]; then
     mysql -e "GRANT ALL ON roundcube.*
         TO roundcube@localhost IDENTIFIED BY '$r'"
     sed -i "s/%password%/$r/g" /etc/roundcube/db.inc.php
+    touch /var/log/roundcube/errors
+    chmod 640 /var/log/roundcube/errors
+    chown www-data:adm /var/log/roundcube/errors
     if [ "$release" = '16.04' ]; then
         mv /etc/roundcube/db.inc.php /etc/roundcube/debian-db-roundcube.php
         mv /etc/roundcube/main.inc.php /etc/roundcube/config.inc.php

From cd618961767966846e8adc5bdba31451792c8f39 Mon Sep 17 00:00:00 2001
From: Alexandros Ioannides 
Date: Fri, 1 Jun 2018 13:57:37 +0300
Subject: [PATCH 0142/2300] Switch from /tmp to /backup

---
 bin/v-restore-user | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-restore-user b/bin/v-restore-user
index 79e1e28c..9fd31eba 100755
--- a/bin/v-restore-user
+++ b/bin/v-restore-user
@@ -230,7 +230,7 @@ while [ "$la" -ge "$BACKUP_LA_LIMIT" ]; do
 done
 
 # Creating temporary directory
-tmpdir=$(mktemp -p /tmp -d)
+tmpdir=$(mktemp -p $BACKUP -d)
 if [ "$?" -ne 0 ]; then
     echo "Can't create tmp dir $tmpdir" |$SENDMAIL -s "$subj" $email $notify
     sed -i "/ $user /d" $VESTA/data/queue/backup.pipe

From 11eca5dfda030198b4686ac19fba1e6772496b16 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 2 Jun 2018 00:52:31 +0200
Subject: [PATCH 0143/2300] Configurable $BACKUP_TEMP in v-backup-user

---
 bin/v-backup-user | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/bin/v-backup-user b/bin/v-backup-user
index b6ec66ec..bc57cafc 100755
--- a/bin/v-backup-user
+++ b/bin/v-backup-user
@@ -68,8 +68,12 @@ while [ "$la" -ge "$BACKUP_LA_LIMIT" ]; do
     (( ++i))
 done
 
+if [ -z "$BACKUP_TEMP" ]; then
+    BACKUP_TEMP=$BACKUP
+fi
+
 # Creating temporary directory
-tmpdir=$(mktemp -p $BACKUP -d)
+tmpdir=$(mktemp -p $BACKUP_TEMP -d)
 
 if [ "$?" -ne 0 ]; then
     echo "Can't create tmp dir $tmpdir" |$SENDMAIL -s "$subj" $email $notify

From 73a0b3fd9543173432eed736815b23dd8a2ea076 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 2 Jun 2018 00:55:52 +0200
Subject: [PATCH 0144/2300] Configurable $BACKUP_TEMP in v-restore-user

---
 bin/v-restore-user | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/bin/v-restore-user b/bin/v-restore-user
index 9fd31eba..55e29e18 100755
--- a/bin/v-restore-user
+++ b/bin/v-restore-user
@@ -229,8 +229,12 @@ while [ "$la" -ge "$BACKUP_LA_LIMIT" ]; do
     (( ++i))
 done
 
+if [ -z "$BACKUP_TEMP" ]; then
+    BACKUP_TEMP=$BACKUP
+fi
+
 # Creating temporary directory
-tmpdir=$(mktemp -p $BACKUP -d)
+tmpdir=$(mktemp -p $BACKUP_TEMP -d)
 if [ "$?" -ne 0 ]; then
     echo "Can't create tmp dir $tmpdir" |$SENDMAIL -s "$subj" $email $notify
     sed -i "/ $user /d" $VESTA/data/queue/backup.pipe

From 01c1b54b4df7d46ecce55599f5dffef82a0cf9d9 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 2 Jun 2018 01:23:13 +0200
Subject: [PATCH 0145/2300] Allow user to change Web Template (tpl
 modification)

---
 web/templates/user/edit_web.html | 47 ++++++++++++++++++++++++++++++++
 1 file changed, 47 insertions(+)

diff --git a/web/templates/user/edit_web.html b/web/templates/user/edit_web.html
index c984427c..b5905e4c 100644
--- a/web/templates/user/edit_web.html
+++ b/web/templates/user/edit_web.html
@@ -85,6 +85,53 @@
                                     <?=htmlentities(trim($v_aliases, "'"))?>
                                 
                             

+                                    " .strtoupper($_SESSION['WEB_SYSTEM']) . "";?>
+                                

+                                    
+                                

+                                    " . strtoupper($_SESSION['WEB_BACKEND']) . "";?>
+                                

+                                    
+                                

                             
                             
                                 

From 2f3543c3db77c4e0c890fe0239817de98036c207 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 2 Jun 2018 01:28:31 +0200
Subject: [PATCH 0146/2300] Allow user to change Web Template

---
 web/edit/web/index.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/web/edit/web/index.php b/web/edit/web/index.php
index e934c1c8..85a278e9 100644
--- a/web/edit/web/index.php
+++ b/web/edit/web/index.php
@@ -150,8 +150,8 @@ if (!empty($_POST['save'])) {
         }
     }
 
-    // Change template (admin only)
-    if (($v_template != $_POST['v_template']) && ( $_SESSION['user'] == 'admin') && (empty($_SESSION['error_msg']))) {
+    // Change template
+    if (($v_template != $_POST['v_template']) && (empty($_SESSION['error_msg']))) {
         $v_template = escapeshellarg($_POST['v_template']);
         exec (VESTA_CMD."v-change-web-domain-tpl ".$v_username." ".$v_domain." ".$v_template." 'no'", $output, $return_var);
         check_return_code($return_var,$output);

From f759088ddedfbcd9f26e945cd5037aa418005823 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 2 Jun 2018 01:48:41 +0200
Subject: [PATCH 0147/2300] Changing /var/log/httpd/ to /var/log/%web_system%/ 
 (debian9 http2.tpl)

---
 install/debian/9/templates/web/nginx/http2.tpl | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/install/debian/9/templates/web/nginx/http2.tpl b/install/debian/9/templates/web/nginx/http2.tpl
index c1fec114..4d5c774b 100644
--- a/install/debian/9/templates/web/nginx/http2.tpl
+++ b/install/debian/9/templates/web/nginx/http2.tpl
@@ -1,14 +1,14 @@
 server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
-    error_log  /var/log/httpd/domains/%domain%.error.log error;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
 
     location / {
         proxy_pass      http://%ip%:%web_port%;
         location ~* ^.+\.(%proxy_extentions%)$ {
             root           %docroot%;
-            access_log     /var/log/httpd/domains/%domain%.log combined;
-            access_log     /var/log/httpd/domains/%domain%.bytes bytes;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
             expires        max;
             try_files      $uri @fallback;
         }

From 4363244c1acf08438cf0dd34db9ada57e2d2810d Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 2 Jun 2018 01:50:43 +0200
Subject: [PATCH 0148/2300] Changing /var/log/httpd/ to /var/log/%web_system%/
 (debian9 http2.stpl)

---
 install/debian/9/templates/web/nginx/http2.stpl | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/install/debian/9/templates/web/nginx/http2.stpl b/install/debian/9/templates/web/nginx/http2.stpl
index 76dd2f8e..72e72a90 100644
--- a/install/debian/9/templates/web/nginx/http2.stpl
+++ b/install/debian/9/templates/web/nginx/http2.stpl
@@ -4,14 +4,14 @@ server {
     ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
-    error_log  /var/log/httpd/domains/%domain%.error.log error;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
 
     location / {
         proxy_pass      https://%ip%:%web_ssl_port%;
         location ~* ^.+\.(%proxy_extentions%)$ {
             root           %sdocroot%;
-            access_log     /var/log/httpd/domains/%domain%.log combined;
-            access_log     /var/log/httpd/domains/%domain%.bytes bytes;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
             expires        max;
             try_files      $uri @fallback;
         }

From f68bb795deb153bbb0b9da3a03b0f7377455bee9 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Fri, 8 Jun 2018 11:40:42 +0300
Subject: [PATCH 0149/2300] Fixes for proper EIP handling

---
 bin/v-change-sys-ip-nat    |  86 ++++++++++++--------
 bin/v-change-web-domain-ip |   2 +-
 bin/v-update-sys-ip        | 155 ++++++++++++++++++-------------------
 3 files changed, 130 insertions(+), 113 deletions(-)

diff --git a/bin/v-change-sys-ip-nat b/bin/v-change-sys-ip-nat
index 58232212..a3b24830 100755
--- a/bin/v-change-sys-ip-nat
+++ b/bin/v-change-sys-ip-nat
@@ -34,48 +34,72 @@ is_ip_valid "$ip"
 #                       Action                             #
 #----------------------------------------------------------#
 
-# Changing nat ip
+# Updating IP
 if [ -z "$(grep NAT= $VESTA/data/ips/$ip)" ]; then
     sed -i "s/^TIME/NAT='$nat_ip'\nTIME/g" $VESTA/data/ips/$ip
+    old=''
+    new=$nat_ip
 else
-    update_ip_value '$NAT' "$nat_ip"
-fi
-
-# Check ftp system
-if [ "$FTP_SYSTEM" = 'vsftpd' ]; then
-
-    # Find configuration
-    if [ -e '/etc/vsftpd/vsftpd.conf' ]; then
-        conf='/etc/vsftpd/vsftpd.conf'
-    fi
-
-    if [ -e '/etc/vsftpd.conf' ]; then
-        conf='/etc/vsftpd.conf'
-    fi
-
-    # Update config
-    if [ -z "$(grep pasv_address $conf)" ]; then
-        if [ ! -z "$nat_ip" ]; then
-            echo "pasv_address=$nat_ip" >> $conf
-        fi
-    else
-        if [ ! -z "$nat_ip" ]; then
-            sed -i "s/pasv_address=.*/pasv_address='$nat_ip'/g" $conf
-        else
-            sed -i "/pasv_address/d" $conf
-        fi
+    old=$(get_ip_value '$NAT')
+    new=$nat_ip
+    sed -i "s/NAT=.*/NAT='$new'/" $VESTA/data/ips/$ip
+    if [ -z "$nat_ip" ]; then
+        new=$ip
     fi
 fi
 
+# Updating WEB configs
+if [ ! -z "$old" ] && [ ! -z "$WEB_SYSTEM" ]; then
+    sed -i "s/$old/$new/" $VESTA/data/users/*/web.conf
+    for user in $(ls $VESTA/data/users/); do
+        $BIN/v-rebuild-web-domains $user no
+    done
+    $BIN/v-restart-dns $restart
+fi
+
+# Updating DNS configs
+if [ ! -z "$old" ] && [ ! -z "$DNS_SYSTEM" ]; then
+    sed -i "s/$old/$new/" $VESTA/data/users/*/dns.conf
+    sed -i "s/$old/$new/" $VESTA/data/users/*/dns/*.conf
+    for user in $(ls $VESTA/data/users/); do
+        $BIN/v-rebuild-dns-domains $user no
+    done
+    $BIN/v-restart-dns $restart
+fi
+
+# Updating FTP
+if [ ! -z "$old" ] && [ ! -z "$FTP_SYSTEM" ]; then
+    conf=$(find /etc -name $FTP_SYSTEM.conf)
+    if [ -e "$conf" ]; then
+        sed -i "s/$old/$new/g" $conf
+        if [ "$FTP_SYSTEM" = 'vsftpd' ]; then
+            check_pasv=$(grep pasv_address $conf)
+            if [ -z "$check_pasv" ] && [ ! -z "$nat_ip" ]; then
+                echo "pasv_address=$nat_ip" >> $conf
+            fi
+            if [ ! -z "$check_pasv" ] && [ -z "$nat_ip" ]; then
+                sed -i "/pasv_address/d" $conf
+            fi
+            if [ ! -z "$check_pasv" ] && [ ! -z "$nat_ip" ]; then
+                sed -i "s/pasv_address=.*/pasv_address='$nat_ip'/g" $conf
+            fi
+        fi
+    fi
+    $BIN/v-restart-ftp $restart
+fi
+
+# Updating firewall
+if [ ! -z "$old" ] && [ ! -z "$FIREWALL_SYSTEM" ]; then
+    sed -i "s/$old/$new/g" $VESTA/data/firewall/*.conf
+    $BIN/v-update-firewall
+fi
+
+
 
 #----------------------------------------------------------#
 #                       Vesta                              #
 #----------------------------------------------------------#
 
-# Restart ftp server
-$BIN/v-restart-ftp $restart
-check_result $? "FTP restart failed" >/dev/null
-
 # Logging
 log_history "changed associated nat address on $ip to $nat_ip" '' 'admin'
 log_event "$OK" "$ARGUMENTS"
diff --git a/bin/v-change-web-domain-ip b/bin/v-change-web-domain-ip
index 17eb55d9..5b2ab31b 100755
--- a/bin/v-change-web-domain-ip
+++ b/bin/v-change-web-domain-ip
@@ -49,7 +49,7 @@ is_ip_valid "$ip" "$user"
 # Preparing variables for vhost replace
 get_domain_values 'web'
 old=$(get_real_ip $IP)
-new=$ip
+new=$(get_real_ip $ip)
 
 # Replacing vhost
 replace_web_config "$WEB_SYSTEM" "$TPL.tpl"
diff --git a/bin/v-update-sys-ip b/bin/v-update-sys-ip
index ce91ce96..956d4f10 100755
--- a/bin/v-update-sys-ip
+++ b/bin/v-update-sys-ip
@@ -1,6 +1,6 @@
 #!/bin/bash
 # info: update system ip
-# options: [USER] [IP_STATUS]
+# options: [NONE]
 #
 # The function scans configured ip in the system and register them with vesta
 # internal database. This call is intended for use on vps servers, where ip is
@@ -11,14 +11,11 @@
 #                    Variable&Function                     #
 #----------------------------------------------------------#
 
-# Argument definition
-user=${1-admin}
-ip_status=${2-shared}
+# Importing system variables
+source /etc/profile
 
 # Includes
-source /etc/profile.d/vesta.sh
 source $VESTA/func/main.sh
-source $VESTA/func/ip.sh
 source $VESTA/conf/vesta.conf
 
 
@@ -26,87 +23,84 @@ source $VESTA/conf/vesta.conf
 #                    Verifications                         #
 #----------------------------------------------------------#
 
-check_args '0' "$#" '[USER] [IP_STATUS]'
-is_format_valid 'user' 'ip_status'
-is_object_valid 'user' 'USER' "$user" "$user"
-
 
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
 
-# Get list of ip addresses
-ip_list=$(/sbin/ip addr|grep 'inet '|grep global|awk '{print $2}')
-ip_list=$(echo "$ip_list"|cut -f 1 -d /)
-ip_num=$(echo "$ip_list" | wc -l)
+# Listing system ip addresses
+ips=$(/sbin/ip addr |grep 'inet ' |grep global |awk '{print $2}' |cut -f1 -d/)
+v_ips=$(ls $VESTA/data/ips/)
+ip_num=$(echo "$ips" |wc -l)
+v_ip_num=$(echo "$v_ips" |wc -l)
 
-# WorkAround for DHCP IP address
-vst_ip_list=$(ls $VESTA/data/ips/)
-vst_ip_num=$(echo "$vst_ip_list" | wc -l)
-
-if [ ! -z "$vst_ip_list" ] && [ "$vst_ip_num" -eq '1' ]; then
-    if [ $ip_num -eq 1 ] && [ "$ip_list" != "$vst_ip_list" ]; then
-        new=$ip_list
-        old=$vst_ip_list
-        mv $VESTA/data/ips/$old $VESTA/data/ips/$new
-        if [ ! -z "$PROXY_SYSTEM" ]; then
-            mv /etc/$PROXY_SYSTEM/conf.d/$old.conf \
-                /etc/$PROXY_SYSTEM/conf.d/$new.conf
-            sed -i "s/$old/$new/g" /etc/$PROXY_SYSTEM/conf.d/$new.conf
-        fi
-        if [ ! -z "$WEB_SYSTEM" ]; then
-            mv /etc/$WEB_SYSTEM/conf.d/$old.conf \
-                /etc/$WEB_SYSTEM/conf.d/$new.conf
-            sed -i "s/$old/$new/g" /etc/$WEB_SYSTEM/conf.d/$new.conf
-            sed -i "s/$old/$new/g" $VESTA/data/users/*/web.conf
-
-            # Rebuild web domains
-            for user in $(ls $VESTA/data/users/); do
-                $BIN/v-rebuild-web-domains $user no
-            done
-        fi
-        if [ ! -z "$FTP_SYSTEM" ];then
-            ftpd_conf_file=$(find /etc/ -maxdepth 2 -name $FTP_SYSTEM.conf)
-            sed -i "s/$old/$new/g" $ftpd_conf_file
-        fi
-
-        # Restarting web server
-        $BIN/v-restart-web
-
-        # Restarting ftp server
-        $BIN/v-restart-ftp
-
-        # Restarting proxy server
-        if [ ! -z "$PROXY_SYSTEM" ]; then
-            $BIN/v-restart-proxy
-        fi
-
-        # Restarting firewall
-        if [ ! -z "$FIREWALL_SYSTEM" ]; then
-            $BIN/v-update-firewall
-        fi
-
-        if [ ! -z "$DNS_SYSTEM" ]; then
-            # Rebuild dns domains
-            for user in $(ls $VESTA/data/users/); do
-                sed -i "s/$old/$new/g" $VESTA/data/users/$user/dns.conf
-                sed -i "s/$old/$new/g" $VESTA/data/users/$user/dns/*.conf
-                $BIN/v-rebuild-dns-domains $user no
-            done
-            $BIN/v-restart-dns
-            check_result $? "dns restart failed" >/dev/null
-        fi
-
-        # No further comparation is needed
-        exit
+# Checking primary IP change
+if [[ "$ip_num" -eq '1' ]] && [[ "$v_ip_num" -eq 1 ]]; then
+    if [ "$ips" != "$v_ips" ]; then
+        new=$ips
+        old=$v_ips
     fi
 fi
 
-# Compare ips
-for ip in $ip_list; do
+# Updating configs
+if [ ! -z "$new" ]; then
+    mv $VESTA/data/ips/$old $VESTA/data/ips/$new
+
+    # Updating PROXY
+    if [ ! -z "$PROXY_SYSTEM" ]; then
+        cd /etc/$PROXY_SYSTEM/conf.d
+        if [ -e "$old.conf" ]; then
+            mv $old.conf $new.conf
+            sed -i "s/$old/$new/g" $new.conf
+            $BIN/v-restart-proxy
+        fi
+    fi
+
+    # Updating WEB
+    if [ ! -z "$WEB_SYSTEM" ]; then
+        cd /etc/$WEB_SYSTEM/conf.d
+        if [ -e "$old.conf" ]; then
+            mv $old.conf $new.conf
+            sed -i "s/$old/$new/g" $new.conf
+        fi
+        sed -i "s/$old/$new/g" $VESTA/data/users/*/web.conf
+        for user in $(ls $VESTA/data/users/); do
+            $BIN/v-rebuild-web-domains $user no
+        done
+        $BIN/v-restart-web
+    fi
+
+    # Updating DNS
+    if [ ! -z "$DNS_SYSTEM" ]; then
+        sed -i "s/$old/$new/g" $VESTA/data/users/*/dns.conf
+        sed -i "s/$old/$new/g" $VESTA/data/users/*/dns/*.conf
+        for user in $(ls $VESTA/data/users/); do
+            $BIN/v-rebuild-dns-domains $user no
+        done
+        $BIN/v-restart-dns
+    fi
+
+    # Updating FTP
+    if [ ! -z "$FTP_SYSTEM" ] && [ "$FTP_SYSTEM" = 'vsftpd' ]; then
+        conf=$(find /etc/ -maxdepth 2 -name $FTP_SYSTEM.conf)
+        if [ ! -z "$conf" ]; then
+            sed -i "s/$old/$new/g" $conf
+            $BIN/v-restart-ftp
+        fi
+    fi
+
+    # Updating firewall
+    if [ ! -z "$FIREWALL_SYSTEM" ]; then
+        sed -i "s/$old/$new/g" $VESTA/data/firewall/*.conf
+        $BIN/v-update-firewall
+    fi
+fi
+
+# Adding system IP
+for ip in $ips; do
     check_ifconfig=$(/sbin/ifconfig |grep "$ip")
     if [ ! -e "$VESTA/data/ips/$ip" ] && [ ! -z "$check_ifconfig" ]; then
-        interface=$(/sbin/ip addr |grep $ip |awk '{print $NF}'|uniq)
+        interface=$(/sbin/ip addr |grep $ip |awk '{print $NF}' |uniq)
         interface=$(echo "$interface" |cut -f 1 -d : |head -n 1)
         netmask=$(/sbin/ip addr |grep $ip |cut -f 2 -d / |cut -f 1 -d \ )
         netmask=$(convert_cidr $netmask)
@@ -114,12 +108,11 @@ for ip in $ip_list; do
     fi
 done
 
-# Checking NAT
+# Updating NAT
 pub_ip=$(curl -s vestacp.com/what-is-my-ip/)
-if [ ! -z "$pub_ip" ] && [ ! -e "$VESTA/data/ips/$pub_ip" ]; then
-    check_nat=$(grep -R "$pub_ip" $VESTA/data/ips/)
-    if [ -z "$check_nat" ]; then
-        ip=$(ls -t $VESTA/data/ips/|head -n1)
+if [ ! -e "$VESTA/data/ips/$pub_ip" ]; then
+    if [ -z "$(grep -R "$pub_ip" $VESTA/data/ips/)" ]; then
+        ip=$(ls -t $VESTA/data/ips/ |head -n1)
         $BIN/v-change-sys-ip-nat $ip $pub_ip
     fi
 fi

From 4880746f8f628788c2736758b47dc179a5079dc2 Mon Sep 17 00:00:00 2001
From: Alexandros Ioannides 
Date: Mon, 11 Jun 2018 20:21:13 +0300
Subject: [PATCH 0150/2300] Minor fix

---
 install/vst-install-ubuntu.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/vst-install-ubuntu.sh b/install/vst-install-ubuntu.sh
index 39840bbc..ef835fef 100755
--- a/install/vst-install-ubuntu.sh
+++ b/install/vst-install-ubuntu.sh
@@ -943,7 +943,7 @@ done
 
 if [ "$vsftpd" = 'yes' ]; then
     cp -f $vestacp/vsftpd/vsftpd.conf /etc/
-    touch /var/log//vsftpd.log
+    touch /var/log/vsftpd.log
     chown root:adm /var/log/vsftpd.log
     chmod 640 /var/log/vsftpd.log
     touch /var/log/xferlog

From ee03eff016e03cb76fac7ae3a0f9d1ef0f8ee35b Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Wed, 13 Jun 2018 17:08:36 +0300
Subject: [PATCH 0151/2300] udapted package defenition

---
 install/vst-install-ubuntu.sh | 60 +++++++++++------------------------
 1 file changed, 19 insertions(+), 41 deletions(-)

diff --git a/install/vst-install-ubuntu.sh b/install/vst-install-ubuntu.sh
index ef835fef..22425d43 100755
--- a/install/vst-install-ubuntu.sh
+++ b/install/vst-install-ubuntu.sh
@@ -18,45 +18,24 @@ release="$(lsb_release -s -r)"
 codename="$(lsb_release -s -c)"
 vestacp="$VESTA/install/$VERSION/$release"
 
-if [ "$release" = '16.04' ] || [ "$release" = '18.04' ]; then
-    software="nginx apache2 apache2-utils apache2.2-common
-        apache2-suexec-custom libapache2-mod-ruid2 libapache2-mod-rpaf
-        libapache2-mod-fcgid libapache2-mod-php php php-common php-cgi
-        php-mysql php-curl php-fpm php-pgsql awstats webalizer vsftpd
-        proftpd-basic bind9 exim4 exim4-daemon-heavy clamav-daemon
-        spamassassin dovecot-imapd dovecot-pop3d roundcube-core
-        roundcube-mysql roundcube-plugins mysql-server mysql-common
-        mysql-client postgresql postgresql-contrib phppgadmin phpmyadmin mc
-        flex whois rssh git idn zip sudo bc ftp lsof ntpdate rrdtool quota
-        e2fslibs bsdutils e2fsprogs curl imagemagick fail2ban dnsutils
-        bsdmainutils cron vesta vesta-nginx vesta-php expect vim-common
-        vesta-ioncube vesta-softaculous apparmor-utils"
-elif [ "$release" = '16.10' ] || [ "$release" = '17.10' ]; then
-    software="nginx apache2 apache2-utils apache2.2-common
-        apache2-suexec-custom libapache2-mod-ruid2 libapache2-mod-rpaf
-        libapache2-mod-fcgid libapache2-mod-php7.0 php7.0 php7.0-common
-        php7.0-cgi php7.0-mysql php7.0-curl php7.0-fpm php7.0-pgsql awstats
-        webalizer vsftpd proftpd-basic bind9 exim4 exim4-daemon-heavy
-        clamav-daemon spamassassin dovecot-imapd dovecot-pop3d roundcube-core
-        roundcube-mysql roundcube-plugins mysql-server mysql-common
-        mysql-client postgresql postgresql-contrib phppgadmin phpmyadmin mc
-        flex whois rssh git idn zip sudo bc ftp lsof ntpdate rrdtool quota
-        e2fslibs bsdutils e2fsprogs curl imagemagick fail2ban dnsutils
-        bsdmainutils cron vesta vesta-nginx vesta-php expect vim-common
-        vesta-ioncube vesta-softaculous apparmor-utils"
-else
-    software="nginx apache2 apache2-utils apache2.2-common
-        apache2-suexec-custom libapache2-mod-ruid2 libapache2-mod-rpaf
-        libapache2-mod-fcgid libapache2-mod-php5 php5 php5-common php5-cgi
-        php5-mysql php5-curl php5-fpm php5-pgsql awstats webalizer vsftpd
-        proftpd-basic bind9 exim4 exim4-daemon-heavy clamav-daemon
-        spamassassin dovecot-imapd dovecot-pop3d roundcube-core
-        roundcube-mysql roundcube-plugins mysql-server mysql-common
-        mysql-client postgresql postgresql-contrib phppgadmin phpMyAdmin mc
-        flex whois rssh git idn zip sudo bc ftp lsof ntpdate rrdtool quota
-        e2fslibs bsdutils e2fsprogs curl imagemagick fail2ban dnsutils
-        bsdmainutils cron vesta vesta-nginx vesta-php expect vim-common
-        vesta-ioncube vesta-softaculous"
+# Defining software pack for all distros
+software="apache2 apache2.2-common apache2-suexec-custom apache2-utils
+    apparmor-utils awstats bc bind9 bsdmainutils bsdutils clamav-daemon
+    cron curl dnsutils dovecot-imapd dovecot-pop3d e2fslibs e2fsprogs exim4
+    exim4-daemon-heavy expect fail2ban flex ftp git idn imagemagick
+    libapache2-mod-fcgid libapache2-mod-php libapache2-mod-rpaf
+    libapache2-mod-ruid2 lsof mc mysql-client mysql-common mysql-server nginx
+    ntpdate php-cgi php-common php-curl php-fpm phpmyadmin php-mysql
+    phppgadmin php-pgsql postgresql postgresql-contrib proftpd-basic quota
+    roundcube-core roundcube-mysql roundcube-plugins rrdtool rssh spamassassin
+    sudo vesta vesta-ioncube vesta-nginx vesta-php vesta-softaculous
+    vim-common vsftpd webalizer whois zip"
+
+# Fix for old releases
+if [[ ${release:0:2} -lt 16 ]]; then
+    software=$(echo "$software" |sed -e "s/php /php5 /")
+    software=$(echo "$software" |sed -e "s/php-/php5-/")
+    software=$(echo "$software" |sed -e "s/mod-php/mod-php5/")
 fi
 
 # Defining help function
@@ -1267,7 +1246,6 @@ fi
 
 # Adding default domain
 $VESTA/bin/v-add-domain admin $servername
-codename="$codename:$(echo $vpass:$servername | base64)"
 
 # Adding cron jobs
 command="sudo $VESTA/bin/v-update-sys-queue disk"
@@ -1320,7 +1298,7 @@ $VESTA/bin/v-add-cron-vesta-autoupdate
 wget vestacp.com/notify/?$codename -O /dev/null -q
 
 # Comparing hostname and IP
-host_ip=$(host $servername| head -n 1 | awk '{print $NF}')
+host_ip=$(host $servername| head -n 1 |awk '{print $NF}')
 if [ "$host_ip" = "$ip" ]; then
     ip="$servername"
 fi

From 6b2fafccb23ddaec7d1000d849d1780ae639d6dc Mon Sep 17 00:00:00 2001
From: TJ 
Date: Wed, 13 Jun 2018 19:58:26 +0300
Subject: [PATCH 0152/2300] Fixing the change password for Roundcube to work
 with Ubuntu

---
 install/ubuntu/16.04/roundcube/vesta.php | 6 ++++--
 install/ubuntu/16.10/roundcube/vesta.php | 5 +++--
 install/ubuntu/17.04/roundcube/vesta.php | 6 ++++--
 install/ubuntu/17.10/roundcube/vesta.php | 5 +++--
 install/ubuntu/18.04/roundcube/vesta.php | 5 +++--
 5 files changed, 17 insertions(+), 10 deletions(-)

diff --git a/install/ubuntu/16.04/roundcube/vesta.php b/install/ubuntu/16.04/roundcube/vesta.php
index 99e1d4bc..b6646b2b 100644
--- a/install/ubuntu/16.04/roundcube/vesta.php
+++ b/install/ubuntu/16.04/roundcube/vesta.php
@@ -6,8 +6,9 @@
  * @version 1.0
  * @author Serghey Rodin 
  */
-
-    function password_save($curpass, $passwd)
+class rcube_vesta_password
+{
+    function save($curpass, $passwd)
     {
         $rcmail = rcmail::get_instance();
         $vesta_host = $rcmail->config->get('password_vesta_host');
@@ -69,3 +70,4 @@
         }
 
     }
+}
\ No newline at end of file
diff --git a/install/ubuntu/16.10/roundcube/vesta.php b/install/ubuntu/16.10/roundcube/vesta.php
index 99e1d4bc..b4a2a6b6 100644
--- a/install/ubuntu/16.10/roundcube/vesta.php
+++ b/install/ubuntu/16.10/roundcube/vesta.php
@@ -6,8 +6,8 @@
  * @version 1.0
  * @author Serghey Rodin 
  */
-
-    function password_save($curpass, $passwd)
+class rcube_vesta_password {
+    function save($curpass, $passwd)
     {
         $rcmail = rcmail::get_instance();
         $vesta_host = $rcmail->config->get('password_vesta_host');
@@ -69,3 +69,4 @@
         }
 
     }
+}
\ No newline at end of file
diff --git a/install/ubuntu/17.04/roundcube/vesta.php b/install/ubuntu/17.04/roundcube/vesta.php
index 99e1d4bc..b6646b2b 100644
--- a/install/ubuntu/17.04/roundcube/vesta.php
+++ b/install/ubuntu/17.04/roundcube/vesta.php
@@ -6,8 +6,9 @@
  * @version 1.0
  * @author Serghey Rodin 
  */
-
-    function password_save($curpass, $passwd)
+class rcube_vesta_password
+{
+    function save($curpass, $passwd)
     {
         $rcmail = rcmail::get_instance();
         $vesta_host = $rcmail->config->get('password_vesta_host');
@@ -69,3 +70,4 @@
         }
 
     }
+}
\ No newline at end of file
diff --git a/install/ubuntu/17.10/roundcube/vesta.php b/install/ubuntu/17.10/roundcube/vesta.php
index 99e1d4bc..c271004d 100644
--- a/install/ubuntu/17.10/roundcube/vesta.php
+++ b/install/ubuntu/17.10/roundcube/vesta.php
@@ -6,8 +6,8 @@
  * @version 1.0
  * @author Serghey Rodin 
  */
-
-    function password_save($curpass, $passwd)
+class rcube_vesta_password {
+    function save($curpass, $passwd)
     {
         $rcmail = rcmail::get_instance();
         $vesta_host = $rcmail->config->get('password_vesta_host');
@@ -69,3 +69,4 @@
         }
 
     }
+}
diff --git a/install/ubuntu/18.04/roundcube/vesta.php b/install/ubuntu/18.04/roundcube/vesta.php
index 99e1d4bc..b4a2a6b6 100644
--- a/install/ubuntu/18.04/roundcube/vesta.php
+++ b/install/ubuntu/18.04/roundcube/vesta.php
@@ -6,8 +6,8 @@
  * @version 1.0
  * @author Serghey Rodin 
  */
-
-    function password_save($curpass, $passwd)
+class rcube_vesta_password {
+    function save($curpass, $passwd)
     {
         $rcmail = rcmail::get_instance();
         $vesta_host = $rcmail->config->get('password_vesta_host');
@@ -69,3 +69,4 @@
         }
 
     }
+}
\ No newline at end of file

From f59ebc4f65aa6b9e026d9a049766111c84a0c1e8 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Thu, 14 Jun 2018 18:00:44 +0300
Subject: [PATCH 0153/2300] Fix: nginx restart order

---
 bin/v-update-sys-ip | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-update-sys-ip b/bin/v-update-sys-ip
index 956d4f10..8c0da087 100755
--- a/bin/v-update-sys-ip
+++ b/bin/v-update-sys-ip
@@ -52,7 +52,6 @@ if [ ! -z "$new" ]; then
         if [ -e "$old.conf" ]; then
             mv $old.conf $new.conf
             sed -i "s/$old/$new/g" $new.conf
-            $BIN/v-restart-proxy
         fi
     fi
 
@@ -67,6 +66,7 @@ if [ ! -z "$new" ]; then
         for user in $(ls $VESTA/data/users/); do
             $BIN/v-rebuild-web-domains $user no
         done
+        $BIN/v-restart-proxy
         $BIN/v-restart-web
     fi
 

From 955f3e7510b8e14a24870eec1da34b94222d79a5 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Thu, 21 Jun 2018 11:39:14 +0300
Subject: [PATCH 0154/2300] cosmetix fixes in ubuntu installer

---
 install/vst-install-ubuntu.sh | 29 +++++++++++++++--------------
 1 file changed, 15 insertions(+), 14 deletions(-)

diff --git a/install/vst-install-ubuntu.sh b/install/vst-install-ubuntu.sh
index 22425d43..fdb95db3 100755
--- a/install/vst-install-ubuntu.sh
+++ b/install/vst-install-ubuntu.sh
@@ -495,7 +495,7 @@ cp -r /etc/bind/* $vst_backups/bind > /dev/null 2>&1
 service vsftpd stop > /dev/null 2>&1
 cp /etc/vsftpd.conf $vst_backups/vsftpd > /dev/null 2>&1
 
-# Backing up ProFTPD configuration
+# Backup ProFTPD configuration
 service proftpd stop > /dev/null 2>&1
 cp /etc/proftpd.conf $vst_backups/proftpd > /dev/null 2>&1
 
@@ -623,18 +623,18 @@ fi
 #                     Install packages                     #
 #----------------------------------------------------------#
 
-# Update system packages
+# Updating system
 apt-get update
 
-# Disable daemon autostart /usr/share/doc/sysv-rc/README.policy-rc.d.gz
-echo -e '#!/bin/sh \nexit 101' > /usr/sbin/policy-rc.d
-chmod a+x /usr/sbin/policy-rc.d
+# Disabling daemon autostart /usr/share/doc/sysv-rc/README.policy-rc.d.gz
+#echo -e '#!/bin/sh \nexit 101' > /usr/sbin/policy-rc.d
+#chmod a+x /usr/sbin/policy-rc.d
 
-# Install apt packages
+# Installing apt packages
 apt-get -y install $software
 check_result $? "apt-get install failed"
 
-# Restore policy
+# Restoring policy
 rm -f /usr/sbin/policy-rc.d
 
 
@@ -642,26 +642,28 @@ rm -f /usr/sbin/policy-rc.d
 #                     Configure system                     #
 #----------------------------------------------------------#
 
-# Enable SSH password auth
+# Enabling SSH password auth
 sed -i "s/rdAuthentication no/rdAuthentication yes/g" /etc/ssh/sshd_config
 service ssh restart
 
-# Disable AWStats cron
+# Disabling AWStats cron
 rm -f /etc/cron.d/awstats
 
 # Set directory color
 echo 'LS_COLORS="$LS_COLORS:di=00;33"' >> /etc/profile
 
-# Register /usr/sbin/nologin
-echo "/usr/sbin/nologin" >> /etc/shells
+# Registering /usr/sbin/nologin
+if [ -z "$(grep nologin /etc/shells)" ]; then
+    echo "/usr/sbin/nologin" >> /etc/shells
+fi
 
-# NTP Sync
+# Configuring NTP
 echo '#!/bin/sh' > /etc/cron.daily/ntpdate
 echo "$(which ntpdate) -s ntp.ubuntu.com" >> /etc/cron.daily/ntpdate
 chmod 775 /etc/cron.daily/ntpdate
 ntpdate -s ntp.ubuntu.com
 
-# Setup rssh
+# Adding rssh
 if [ -z "$(grep /usr/bin/rssh /etc/shells)" ]; then
     echo /usr/bin/rssh >> /etc/shells
 fi
@@ -704,7 +706,6 @@ chmod -R 750 $VESTA/data/queue
 chmod 660 $VESTA/log/*
 rm -f /var/log/vesta
 ln -s $VESTA/log /var/log/vesta
-chown admin:admin $VESTA/data/sessions
 chmod 770 $VESTA/data/sessions
 
 # Generating Vesta configuration

From 17d0fb114ebe15f89db4284316a17cf8e20de51e Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Thu, 21 Jun 2018 11:40:07 +0300
Subject: [PATCH 0155/2300] fix for debian and amazon installers

---
 install/vst-install.sh | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/install/vst-install.sh b/install/vst-install.sh
index 4bd4cc20..aa9ecbf6 100755
--- a/install/vst-install.sh
+++ b/install/vst-install.sh
@@ -9,6 +9,7 @@
 #   CentOS 5, 6, 7
 #   Debian 7, 8
 #   Ubuntu 12.04 - 18.04
+#   Amazon Linux 2017
 #
 
 # Am I root?
@@ -45,11 +46,6 @@ case $(head -n1 /etc/issue | cut -f 1 -d ' ') in
     *)          type="rhel" ;;
 esac
 
-# Fallback to Ubuntu
-if [ ! -e "/etc/redhat-release" ]; then
-    type='ubuntu'
-fi
-
 # Check wget
 if [ -e '/usr/bin/wget' ]; then
     wget http://vestacp.com/pub/vst-install-$type.sh -O vst-install-$type.sh

From ca3956568becfcf9ab5bb67d0637a88b8bc5b0aa Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Thu, 21 Jun 2018 15:40:22 +0300
Subject: [PATCH 0156/2300] Updated CentOS installer

---
 install/vst-install-rhel.sh | 334 +++++++++++++++++-------------------
 1 file changed, 154 insertions(+), 180 deletions(-)

diff --git a/install/vst-install-rhel.sh b/install/vst-install-rhel.sh
index 436517b1..07df0713 100755
--- a/install/vst-install-rhel.sh
+++ b/install/vst-install-rhel.sh
@@ -16,30 +16,27 @@ arch=$(uname -i)
 os=$(cut -f 1 -d ' ' /etc/redhat-release)
 release=$(grep -o "[0-9]" /etc/redhat-release |head -n1)
 codename="${os}_$release"
-vestacp="http://$CHOST/$VERSION/$release"
+vestacp="$VESTA/install/$VERSION/$release"
 
-if [ "$release" -eq 7 ]; then
-    software="nginx httpd mod_ssl mod_ruid2 mod_fcgid php php-common php-cli
-    php-bcmath php-gd php-imap php-mbstring php-mcrypt php-mysql php-pdo
-    php-soap php-tidy php-xml php-xmlrpc php-fpm php-pgsql awstats webalizer
-    vsftpd proftpd bind bind-utils bind-libs exim dovecot clamav-server
-    clamav-update spamassassin roundcubemail mariadb mariadb-server phpMyAdmin
-    postgresql postgresql-server postgresql-contrib phpPgAdmin e2fsprogs
-    openssh-clients ImageMagick curl mc screen ftp zip unzip flex sqlite pcre
-    sudo bc jwhois mailx lsof tar telnet rrdtool net-tools ntp GeoIP freetype
-    fail2ban rsyslog iptables-services which vesta vesta-nginx vesta-php
-    vim-common expect vesta-ioncube vesta-softaculous"
-else
-    software="nginx httpd mod_ssl mod_ruid2 mod_fcgid mod_extract_forwarded
-    php php-common php-cli php-bcmath php-gd php-imap php-mbstring php-mcrypt
-    php-mysql php-pdo php-soap php-tidy php-xml php-xmlrpc php-fpm php-pgsql
-    awstats webalizer vsftpd proftpd bind bind-utils bind-libs exim dovecot
-    clamd spamassassin roundcubemail mysql mysql-server phpMyAdmin postgresql
-    postgresql-server postgresql-contrib phpPgAdmin e2fsprogs openssh-clients
-    ImageMagick curl mc screen ftp zip unzip flex sqlite pcre sudo bc jwhois
-    mailx lsof tar telnet rrdtool net-tools ntp GeoIP freetype fail2ban
-    which vesta vesta-nginx vesta-php vim-common expect vesta-ioncube
-    vesta-softaculous"
+# Defining software pack for all distros
+software="awstats bc bind bind-libs bind-utils clamav-server clamav-update
+    curl dovecot e2fsprogs exim expect fail2ban flex freetype ftp GeoIP httpd
+    ImageMagick iptables-services jwhois lsof mailx mariadb mariadb-server mc
+    mod_fcgid mod_ruid2 mod_ssl net-tools nginx ntp openssh-clients pcre php
+    php-bcmath php-cli php-common php-fpm php-gd php-imap php-mbstring
+    php-mcrypt phpMyAdmin php-mysql php-pdo phpPgAdmin php-pgsql php-soap
+    php-tidy php-xml php-xmlrpc postgresql postgresql-contrib
+    postgresql-server proftpd roundcubemail rrdtool rsyslog screen
+    spamassassin sqlite sudo tar telnet unzip vesta vesta-ioncube vesta-nginx
+    vesta-php vesta-softaculous vim-common vsftpd webalizer which zip"
+
+# Fix for old releases
+if [ "$release" -lt 7 ]; then
+    software=$(echo "$software" |sed -e "s/mariadb/mysql/")
+    software=$(echo "$software" |sed -e "s/clamav-server/clamd/")
+    software=$(echo "$software" |sed -e "s/clamav-update//")
+    software=$(echo "$software" |sed -e "s/iptables-services//")
+    software="$software mod_extract_forwarded"
 fi
 
 # Defining help function
@@ -105,7 +102,7 @@ set_default_value() {
     fi
 }
 
-# Define function to set default language value
+# Defining function to set default language value
 set_default_lang() {
     if [ -z "$lang" ]; then
         eval lang=$1
@@ -125,9 +122,6 @@ set_default_lang() {
 #                    Verifications                         #
 #----------------------------------------------------------#
 
-# Creating temporary file
-tmpfile=$(mktemp -p /tmp)
-
 # Translating argument to --gnu-long-options
 for arg; do
     delim=""
@@ -239,7 +233,6 @@ if [ "$iptables" = 'no' ]; then
     fail2ban='no'
 fi
 
-
 # Checking root permissions
 if [ "x$(id -u)" != 'x0' ]; then
     check_result 1 "Script can be run executed only by root"
@@ -260,16 +253,18 @@ if [ ! -e '/usr/bin/wget' ]; then
 fi
 
 # Checking repository availability
-wget -q "$vestacp/GPG.txt" -O /dev/null
+wget -q "c.vestacp.com/GPG.txt" -O /dev/null
 check_result $? "No access to Vesta repository"
 
 # Checking installed packages
+tmpfile=$(mktemp -p /tmp)
 rpm -qa > $tmpfile
 for pkg in exim mysql-server httpd nginx vesta; do
     if [ ! -z "$(grep $pkg $tmpfile)" ]; then
         conflicts="$pkg $conflicts"
     fi
 done
+rm -f $tmpfile
 if [ ! -z "$conflicts" ] && [ -z "$force" ]; then
     echo '!!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!!'
     echo
@@ -290,7 +285,7 @@ fi
 #                       Brief Info                         #
 #----------------------------------------------------------#
 
-# Printing nice ascii as logo
+# Printing nice ASCII logo
 clear
 echo
 echo ' _|      _|  _|_|_|_|    _|_|_|  _|_|_|_|_|    _|_|'
@@ -302,7 +297,7 @@ echo
 echo '                                  Vesta Control Panel'
 echo -e "\n\n"
 
-echo 'Following software will be installed on your system:'
+echo 'The following software will be installed on your system:'
 
 # Web stack
 if [ "$nginx" = 'yes' ]; then
@@ -323,16 +318,16 @@ if [ "$named" = 'yes' ]; then
     echo '   - Bind DNS Server'
 fi
 
-# Mail Stack
+# Mail stack
 if [ "$exim" = 'yes' ]; then
-    echo -n '   - Exim mail server'
+    echo -n '   - Exim Mail Server'
     if [ "$clamd" = 'yes'  ] ||  [ "$spamd" = 'yes' ] ; then
         echo -n ' + '
         if [ "$clamd" = 'yes' ]; then
-            echo -n 'Antivirus '
+            echo -n 'ClamAV '
         fi
         if [ "$spamd" = 'yes' ]; then
-            echo -n 'Antispam'
+            echo -n 'SpamAssassin'
         fi
     fi
     echo
@@ -341,9 +336,9 @@ if [ "$exim" = 'yes' ]; then
     fi
 fi
 
-# DB stack
+# Database stack
 if [ "$mysql" = 'yes' ]; then
-    if [ $release = 7 ]; then
+    if [ $release -ge 7 ]; then
         echo '   - MariaDB Database Server'
     else
         echo '   - MySQL Database Server'
@@ -393,7 +388,7 @@ if [ "$interactive" = 'yes' ]; then
 
     # Asking to set FQDN hostname
     if [ -z "$servername" ]; then
-        read -p "Please enter FQDN hostname [$(hostname)]: " servername
+        read -p "Please enter FQDN hostname [$(hostname -f)]: " servername
     fi
 fi
 
@@ -448,10 +443,10 @@ fi
 
 
 #----------------------------------------------------------#
-#                  Install repositories                    #
+#                   Install repository                     #
 #----------------------------------------------------------#
 
-# Updating system packages
+# Updating system
 yum -y update
 check_result $? 'yum update failed'
 
@@ -460,8 +455,8 @@ yum install epel-release -y
 check_result $? "Can't install EPEL repository"
 
 # Installing Remi repository
-if [ "$remi" = 'yes' ]; then
-    rpm -Uvh --force $vestacp/remi-release.rpm
+if [ "$remi" = 'yes' ] && [ ! -e "/etc/yum.repos.d/remi.repo" ]; then
+    rpm -Uvh http://rpms.remirepo.net/enterprise/remi-release-$release.rpm
     check_result $? "Can't install REMI repository"
     sed -i "s/enabled=0/enabled=1/g" /etc/yum.repos.d/remi.repo
 fi
@@ -482,7 +477,7 @@ echo "baseurl=http://$RHOST/$REPO/$release/\$basearch/" >> $vrepo
 echo "enabled=1" >> $vrepo
 echo "gpgcheck=1" >> $vrepo
 echo "gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-VESTA" >> $vrepo
-wget $vestacp/GPG.txt -O /etc/pki/rpm-gpg/RPM-GPG-KEY-VESTA
+wget c.vestacp.com/GPG.txt -O /etc/pki/rpm-gpg/RPM-GPG-KEY-VESTA
 
 
 #----------------------------------------------------------#
@@ -495,53 +490,53 @@ cd $vst_backups
 mkdir nginx httpd php php-fpm vsftpd proftpd named exim dovecot clamd \
     spamassassin mysql postgresql mongodb vesta
 
-# Backing up Nginx configuration
+# Backup Nginx configuration
 service nginx stop > /dev/null 2>&1
 cp -r /etc/nginx/* $vst_backups/nginx > /dev/null 2>&1
 
-# Backing up Apache configuration
+# Backup Apache configuration
 service httpd stop > /dev/null 2>&1
 cp -r /etc/httpd/* $vst_backups/httpd > /dev/null 2>&1
 
-# Backing up PHP configuration
+# Backup PHP-FPM configuration
 service php-fpm stop >/dev/null 2>&1
 cp /etc/php.ini $vst_backups/php > /dev/null 2>&1
 cp -r /etc/php.d  $vst_backups/php > /dev/null 2>&1
 cp /etc/php-fpm.conf $vst_backups/php-fpm > /dev/null 2>&1
 mv -f /etc/php-fpm.d/* $vst_backups/php-fpm/ > /dev/null 2>&1
 
-# Backing up Bind configuration
+# Backup Bind configuration
 yum remove bind-chroot > /dev/null 2>&1
 service named stop > /dev/null 2>&1
 cp /etc/named.conf $vst_backups/named >/dev/null 2>&1
 
-# Backing up Vsftpd configuration
+# Backup Vsftpd configuration
 service vsftpd stop > /dev/null 2>&1
 cp /etc/vsftpd/vsftpd.conf $vst_backups/vsftpd >/dev/null 2>&1
 
-# Backing up ProFTPD configuration
+# Backup ProFTPD configuration
 service proftpd stop > /dev/null 2>&1
 cp /etc/proftpd.conf $vst_backups/proftpd >/dev/null 2>&1
 
-# Backing up Exim configuration
+# Backup Exim configuration
 service exim stop > /dev/null 2>&1
 cp -r /etc/exim/* $vst_backups/exim >/dev/null 2>&1
 
-# Backing up ClamAV configuration
+# Backup ClamAV configuration
 service clamd stop > /dev/null 2>&1
 cp /etc/clamd.conf $vst_backups/clamd >/dev/null 2>&1
 cp -r /etc/clamd.d $vst_backups/clamd >/dev/null 2>&1
 
-# Backing up SpamAssassin configuration
+# Backup SpamAssassin configuration
 service spamassassin stop > /dev/null 2>&1
 cp -r /etc/mail/spamassassin/* $vst_backups/spamassassin >/dev/null 2>&1
 
-# Backing up Dovecot configuration
+# Backup Dovecot configuration
 service dovecot stop > /dev/null 2>&1
 cp /etc/dovecot.conf $vst_backups/dovecot > /dev/null 2>&1
 cp -r /etc/dovecot/* $vst_backups/dovecot > /dev/null 2>&1
 
-# Backing up MySQL/MariaDB configuration and data
+# Backup MySQL/MariaDB configuration and data
 service mysql stop > /dev/null 2>&1
 service mysqld stop > /dev/null 2>&1
 service mariadb stop > /dev/null 2>&1
@@ -550,18 +545,18 @@ cp /etc/my.cnf $vst_backups/mysql > /dev/null 2>&1
 cp /etc/my.cnf.d $vst_backups/mysql > /dev/null 2>&1
 mv /root/.my.cnf  $vst_backups/mysql > /dev/null 2>&1
 
-# Backing up MySQL/MariaDB configuration and data
+# Backup MySQL/MariaDB configuration and data
 service postgresql stop > /dev/null 2>&1
 mv /var/lib/pgsql/data $vst_backups/postgresql/  >/dev/null 2>&1
 
-# Backing up Vesta configuration and data
+# Backup Vesta
 service vesta stop > /dev/null 2>&1
 mv $VESTA/data/* $vst_backups/vesta > /dev/null 2>&1
 mv $VESTA/conf/* $vst_backups/vesta > /dev/null 2>&1
 
 
 #----------------------------------------------------------#
-#                     Package Exludes                      #
+#                     Package Excludes                     #
 #----------------------------------------------------------#
 
 # Excluding packages
@@ -636,17 +631,17 @@ fi
 #----------------------------------------------------------#
 
 # Installing rpm packages
-#if [ "$remi" = 'yes' ]; then
-#    yum -y --disablerepo=* \
-#        --enablerepo="*base,*updates,nginx,epel,vesta,remi*" \
-#        install $software
-#else
-#    yum -y --disablerepo=* --enablerepo="*base,*updates,nginx,epel,vesta" \
-#        install $software
-#fi
-
-# Temporary fix for centos vault issue
-yum install $software
+yum install -y $software
+if [ $? -ne 0 ]; then
+    if [ "$remi" = 'yes' ]; then
+        yum -y --disablerepo=* \
+            --enablerepo="*base,*updates,nginx,epel,vesta,remi*" \
+            install $software
+    else
+        yum -y --disablerepo=* --enablerepo="*base,*updates,nginx,epel,vesta" \
+            install $software
+    fi
+fi
 check_result $? "yum install failed"
 
 
@@ -674,7 +669,7 @@ if [ -e '/etc/sysconfig/selinux' ]; then
     setenforce 0 2>/dev/null
 fi
 
-# Disable iptables
+# Disablng iptables
 service iptables stop
 
 # Configuring NTP synchronization
@@ -691,7 +686,7 @@ adduser backup 2>/dev/null
 ln -sf /home/backup /backup
 chmod a+x /backup
 
-# Chaning default directory color
+# Set directory color
 echo 'LS_COLORS="$LS_COLORS:di=00;33"' >> /etc/profile
 
 # Changing default systemd interval
@@ -707,9 +702,9 @@ fi
 #                     Configure VESTA                      #
 #----------------------------------------------------------#
 
-# Downlading sudo configuration
+# Installing sudo configuration
 mkdir -p /etc/sudoers.d
-wget $vestacp/sudo/admin -O /etc/sudoers.d/admin
+cp -f $vestacp/sudo/admin /etc/sudoers.d/
 chmod 440 /etc/sudoers.d/admin
 
 # Configuring system env
@@ -721,9 +716,9 @@ echo 'export PATH' >> /root/.bash_profile
 source /root/.bash_profile
 
 # Configuring logrotate for vesta logs
-wget $vestacp/logrotate/vesta -O /etc/logrotate.d/vesta
+cp -f $vestacp/logrotate/vesta /etc/logrotate.d/
 
-# Buidling directory tree and creating some blank files for vesta
+# Building directory tree and creating some blank files for Vesta
 mkdir -p $VESTA/conf $VESTA/log $VESTA/ssl $VESTA/data/ips \
     $VESTA/data/queue $VESTA/data/users $VESTA/data/firewall \
     $VESTA/data/sessions
@@ -737,14 +732,13 @@ chmod 660 $VESTA/log/*
 rm -f /var/log/vesta
 ln -s $VESTA/log /var/log/vesta
 chmod 770 $VESTA/data/sessions
-chown admin:admin $VESTA/data/sessions
 
-# Generating vesta configuration
+# Generating Vesta configuration
 rm -f $VESTA/conf/vesta.conf 2>/dev/null
 touch $VESTA/conf/vesta.conf
 chmod 660 $VESTA/conf/vesta.conf
 
-# WEB stack
+# Web stack
 if [ "$apache" = 'yes' ] && [ "$nginx" = 'no' ] ; then
     echo "WEB_SYSTEM='httpd'" >> $VESTA/conf/vesta.conf
     echo "WEB_RGROUPS='apache'" >> $VESTA/conf/vesta.conf
@@ -802,7 +796,7 @@ if [ "$exim" = 'yes' ]; then
     fi
 fi
 
-# CRON daemon
+# Cron daemon
 echo "CRON_SYSTEM='crond'" >> $VESTA/conf/vesta.conf
 
 # Firewall stack
@@ -827,26 +821,18 @@ echo "LANGUAGE='$lang'" >> $VESTA/conf/vesta.conf
 # Version
 echo "VERSION='0.9.8'" >> $VESTA/conf/vesta.conf
 
-# Downloading hosting packages
-cd $VESTA/data
-wget $vestacp/packages.tar.gz -O packages.tar.gz
-tar -xzf packages.tar.gz
-rm -f packages.tar.gz
+# Installing hosting packages
+cp -rf $vestacp/packages $VESTA/data/
 
-# Downloading templates
-wget $vestacp/templates.tar.gz -O templates.tar.gz
-tar -xzf templates.tar.gz
-rm -f templates.tar.gz
+# Installing templates
+cp -rf $vestacp/templates $VESTA/data/
 
 # Copying index.html to default documentroot
-cp templates/web/skel/public_html/index.html /var/www/html/
+cp $VESTA/data/templates/web/skel/public_html/index.html /var/www/html/
 sed -i 's/%domain%/It worked!/g' /var/www/html/index.html
 
-# Downloading firewall rules
-chkconfig firewalld off >/dev/null 2>&1
-wget $vestacp/firewall.tar.gz -O firewall.tar.gz
-tar -xzf firewall.tar.gz
-rm -f firewall.tar.gz
+# Installing firewall rules
+cp -rf $vestacp/firewall $VESTA/data/
 
 # Configuring server hostname
 $VESTA/bin/v-change-sys-hostname $servername 2>/dev/null
@@ -875,16 +861,16 @@ rm /tmp/vst.pem
 
 if [ "$nginx" = 'yes' ]; then
     rm -f /etc/nginx/conf.d/*.conf
-    wget $vestacp/nginx/nginx.conf -O /etc/nginx/nginx.conf
-    wget $vestacp/nginx/status.conf -O /etc/nginx/conf.d/status.conf
-    wget $vestacp/nginx/phpmyadmin.inc -O /etc/nginx/conf.d/phpmyadmin.inc
-    wget $vestacp/nginx/phppgadmin.inc -O /etc/nginx/conf.d/phppgadmin.inc
-    wget $vestacp/nginx/webmail.inc -O /etc/nginx/conf.d/webmail.inc
-    wget $vestacp/logrotate/nginx -O /etc/logrotate.d/nginx
+    cp -f $vestacp/nginx/nginx.conf /etc/nginx/
+    cp -f $vestacp/nginx/status.conf /etc/nginx/conf.d/
+    cp -f $vestacp/nginx/phpmyadmin.inc /etc/nginx/conf.d/
+    cp -f $vestacp/nginx/phppgadmin.inc /etc/nginx/conf.d/
+    cp -f $vestacp/nginx/webmail.inc /etc/nginx/conf.d/
+    cp -f $vestacp/logrotate/nginx /etc/logrotate.d/
     echo > /etc/nginx/conf.d/vesta.conf
     mkdir -p /var/log/nginx/domains
-    if [ "$release" -eq 7 ]; then
-        mkdir /etc/systemd/system/nginx.service.d
+    if [ "$release" -ge 7 ]; then
+        mkdir -p /etc/systemd/system/nginx.service.d
         cd /etc/systemd/system/nginx.service.d
         echo "[Service]" > limits.conf
         echo "LimitNOFILE=500000" >> limits.conf
@@ -894,7 +880,7 @@ if [ "$nginx" = 'yes' ]; then
     check_result $? "nginx start failed"
 
     # Workaround for OpenVZ/Virtuozzo
-    if [ "$release" -eq '7' ] && [ -e "/proc/vz/veinfo" ]; then
+    if [ "$release" -ge '7' ] && [ -e "/proc/vz/veinfo" ]; then
         echo "#Vesta: workraround for networkmanager" >> /etc/rc.local
         echo "sleep 3 && service nginx restart" >> /etc/rc.local
     fi
@@ -906,29 +892,30 @@ fi
 #----------------------------------------------------------#
 
 if [ "$apache" = 'yes'  ]; then
-    cd /etc/httpd
-    wget $vestacp/httpd/httpd.conf -O conf/httpd.conf
-    wget $vestacp/httpd/status.conf -O conf.d/status.conf
-    wget $vestacp/httpd/ssl.conf -O conf.d/ssl.conf
-    wget $vestacp/httpd/ruid2.conf -O conf.d/ruid2.conf
-    wget $vestacp/logrotate/httpd -O /etc/logrotate.d/httpd
-    if [ $release -ne 7 ]; then
-        echo "MEFaccept 127.0.0.1" >> conf.d/mod_extract_forwarded.conf
-        echo > conf.d/proxy_ajp.conf
+    cp -f $vestacp/httpd/httpd.conf /etc/httpd/conf/
+    cp -f $vestacp/httpd/status.conf /etc/httpd/conf.d/
+    cp -f $vestacp/httpd/ssl.conf /etc/httpd/conf.d/
+    cp -f $vestacp/httpd/ruid2.conf /etc/httpd/conf.d/
+    cp -f $vestacp/logrotate/httpd /etc/logrotate.d/
+    if [ $release -lt 7 ]; then
+        cd /etc/httpd/conf.d
+        echo "MEFaccept 127.0.0.1" >> mod_extract_forwarded.conf
+        echo > proxy_ajp.conf
     fi
-    if [ -e "conf.modules.d/00-dav.conf" ]; then
-        sed -i "s/^/#/" conf.modules.d/00-dav.conf conf.modules.d/00-lua.conf
-        sed -i "s/^/#/" conf.modules.d/00-proxy.conf
+    if [ -e "/etc/httpd/conf.modules.d/00-dav.conf" ]; then
+        sed -i "s/^/#/" /etc/httpd/conf.modules.d/00-dav.conf
+        sed -i "s/^/#/" /etc/httpd/conf.modules.d/00-lua.conf
+        sed -i "s/^/#/" /etc/httpd/conf.modules.d/00-proxy.conf
     fi
-    echo > conf.d/vesta.conf
-    touch logs/access_log logs/error_log logs/error_log logs/suexec.log
-    chmod 640 logs/access_log logs/error_log logs/error_log logs/suexec.log
+    echo > /etc/httpd/conf.d/vesta.conf
+    touch /etc/httpd/logs/access_log /etc/httpd/logs/error_log
+    chmod 640 /etc/httpd/logs/access_log /etc/httpd/logs/error_log
     chmod -f 777 /var/lib/php/session
     chmod a+x /var/log/httpd
     mkdir -p /var/log/httpd/domains
     chmod 751 /var/log/httpd/domains
-    if [ "$release" -eq 7 ]; then
-        mkdir /etc/systemd/system/httpd.service.d
+    if [ "$release" -ge 7 ]; then
+        mkdir -p /etc/systemd/system/httpd.service.d
         cd /etc/systemd/system/httpd.service.d
         echo "[Service]" > limits.conf
         echo "LimitNOFILE=500000" >> limits.conf
@@ -938,7 +925,7 @@ if [ "$apache" = 'yes'  ]; then
     check_result $? "httpd start failed"
 
     # Workaround for OpenVZ/Virtuozzo
-    if [ "$release" -eq '7' ] && [ -e "/proc/vz/veinfo" ]; then
+    if [ "$release" -ge '7' ] && [ -e "/proc/vz/veinfo" ]; then
         echo "#Vesta: workraround for networkmanager" >> /etc/rc.local
         echo "sleep 2 && service httpd restart" >> /etc/rc.local
     fi
@@ -950,7 +937,7 @@ fi
 #----------------------------------------------------------#
 
 if [ "$phpfpm" = 'yes' ]; then
-    wget $vestacp/php-fpm/www.conf -O /etc/php-fpm.d/www.conf
+    cp -f $vestacp/php-fpm/www.conf /etc/php-fpm.d/
     chkconfig php-fpm on
     service php-fpm start
     check_result $? "php-fpm start failed"
@@ -975,17 +962,14 @@ done
 
 
 #----------------------------------------------------------#
-#                    Configure VSFTPD                      #
+#                    Configure Vsftpd                      #
 #----------------------------------------------------------#
 
 if [ "$vsftpd" = 'yes' ]; then
-    wget $vestacp/vsftpd/vsftpd.conf -O /etc/vsftpd/vsftpd.conf
+    cp -f $vestacp/vsftpd/vsftpd.conf /etc/vsftpd/
     chkconfig vsftpd on
     service vsftpd start
     check_result $? "vsftpd start failed"
-
-    # To be deleted after release 0.9.8-18
-    echo "/sbin/nologin" >> /etc/shells
 fi
 
 
@@ -994,7 +978,7 @@ fi
 #----------------------------------------------------------#
 
 if [ "$proftpd" = 'yes' ]; then
-    wget $vestacp/proftpd/proftpd.conf -O /etc/proftpd.conf
+    cp -f $vestacp/proftpd/proftpd.conf /etc/
     chkconfig proftpd on
     service proftpd start
     check_result $? "proftpd start failed"
@@ -1019,13 +1003,13 @@ if [ "$mysql" = 'yes' ]; then
     chown mysql:mysql /var/lib/mysql
     mkdir -p /etc/my.cnf.d
 
-    if [ $release -ne 7 ]; then
+    if [ $release -lt 7 ]; then
         service='mysqld'
     else
         service='mariadb'
     fi
 
-    wget $vestacp/$service/$mycnf -O /etc/my.cnf
+    cp -f $vestacp/$service/$mycnf /etc/my.cnf
     chkconfig $service on
     service $service start
     if [ "$?" -ne 0 ]; then
@@ -1049,9 +1033,9 @@ if [ "$mysql" = 'yes' ]; then
 
     # Configuring phpMyAdmin
     if [ "$apache" = 'yes' ]; then
-        wget $vestacp/pma/phpMyAdmin.conf -O /etc/httpd/conf.d/phpMyAdmin.conf
+        cp -f $vestacp/pma/phpMyAdmin.conf /etc/httpd/conf.d/
     fi
-    wget $vestacp/pma/config.inc.conf -O /etc/phpMyAdmin/config.inc.php
+    cp -f $vestacp/pma/config.inc.conf /etc/phpMyAdmin/
     sed -i "s/%blowfish_secret%/$(gen_pass)/g" /etc/phpMyAdmin/config.inc.php
 fi
 
@@ -1061,23 +1045,23 @@ fi
 #----------------------------------------------------------#
 
 if [ "$postgresql" = 'yes' ]; then
-    if [ $release = 5 ]; then
+    if [ $release -eq 5 ]; then
         service postgresql start
         sudo -u postgres psql -c "ALTER USER postgres WITH PASSWORD '$vpass'"
         service postgresql stop
-        wget $vestacp/postgresql/pg_hba.conf -O /var/lib/pgsql/data/pg_hba.conf
+        cp -f $vestacp/postgresql/pg_hba.conf /var/lib/pgsql/data/
         service postgresql start
     else
         service postgresql initdb
-        wget $vestacp/postgresql/pg_hba.conf -O /var/lib/pgsql/data/pg_hba.conf
+        cp -f $vestacp/postgresql/pg_hba.conf /var/lib/pgsql/data/
         service postgresql start
         sudo -u postgres psql -c "ALTER USER postgres WITH PASSWORD '$vpass'"
     fi
     # Configuring phpPgAdmin
     if [ "$apache" = 'yes' ]; then
-        wget $vestacp/pga/phpPgAdmin.conf -O /etc/httpd/conf.d/phpPgAdmin.conf
+        cp -f $vestacp/pga/phpPgAdmin.conf /etc/httpd/conf.d/
     fi
-    wget $vestacp/pga/config.inc.php -O /etc/phpPgAdmin/config.inc.php
+    cp -f $vestacp/pga/config.inc.php /etc/phpPgAdmin/
 fi
 
 
@@ -1086,7 +1070,7 @@ fi
 #----------------------------------------------------------#
 
 if [ "$named" = 'yes' ]; then
-    wget $vestacp/named/named.conf -O /etc/named.conf
+    cp -f $vestacp/named/named.conf /etc/
     chown root:named /etc/named.conf
     chmod 640 /etc/named.conf
     chkconfig named on
@@ -1101,9 +1085,9 @@ fi
 
 if [ "$exim" = 'yes' ]; then
     gpasswd -a exim mail
-    wget $vestacp/exim/exim.conf -O /etc/exim/exim.conf
-    wget $vestacp/exim/dnsbl.conf -O /etc/exim/dnsbl.conf
-    wget $vestacp/exim/spam-blocks.conf -O /etc/exim/spam-blocks.conf
+    cp -f $vestacp/exim/exim.conf /etc/exim/
+    cp -f $vestacp/exim/dnsbl.conf /etc/exim/
+    cp -f $vestacp/exim/spam-blocks.conf /etc/exim/
     touch /etc/exim/white-blocks.conf
 
     if [ "$spamd" = 'yes' ]; then
@@ -1136,12 +1120,8 @@ fi
 
 if [ "$dovecot" = 'yes' ]; then
     gpasswd -a dovecot mail
-    wget $vestacp/dovecot.tar.gz -O /etc/dovecot.tar.gz
-    wget $vestacp/logrotate/dovecot -O /etc/logrotate.d/dovecot
-    cd /etc
-    rm -rf dovecot dovecot.conf
-    tar -xzf dovecot.tar.gz
-    rm -f dovecot.tar.gz
+    cp -rf $vestacp/dovecot /etc/
+    cp -f $vestacp/logrotate/dovecot /etc/logrotate.d/
     chown -R root:root /etc/dovecot*
     chkconfig dovecot on
     service dovecot start
@@ -1157,19 +1137,17 @@ if [ "$clamd" = 'yes' ]; then
     useradd clam -s /sbin/nologin -d /var/lib/clamav 2>/dev/null
     gpasswd -a clam exim
     gpasswd -a clam mail
-    wget $vestacp/clamav/clamd.conf -O /etc/clamd.conf
-    wget $vestacp/clamav/freshclam.conf -O /etc/freshclam.conf
-    mkdir -p /var/log/clamav
-    mkdir -p /var/run/clamav
+    cp -f $vestacp/clamav/clamd.conf /etc/
+    cp -f $vestacp/clamav/freshclam.conf /etc/
+    mkdir -p /var/log/clamav /var/run/clamav
     chown clam:clam /var/log/clamav /var/run/clamav
     chown -R clam:clam /var/lib/clamav
-    if [ "$release" -eq '7' ]; then
-        wget $vestacp/clamav/clamd.service -O \
-            /usr/lib/systemd/system/clamd.service
+    if [ "$release" -ge '7' ]; then
+        cp -f $vestacp/clamav/clamd.service /usr/lib/systemd/system/
         systemctl --system daemon-reload
     fi
     /usr/bin/freshclam
-    if [ "$release" -eq '7' ]; then
+    if [ "$release" -ge '7' ]; then
         sed -i "s/nofork/foreground/" /usr/lib/systemd/system/clamd.service
         systemctl daemon-reload
     fi
@@ -1187,7 +1165,7 @@ if [ "$spamd" = 'yes' ]; then
     chkconfig spamassassin on
     service spamassassin start
     check_result $? "spamassassin start failed"
-    if [ "$release" -eq '7' ]; then
+    if [ "$release" -ge '7' ]; then
         groupadd -g 1001 spamd
         useradd -u 1001 -g spamd -s /sbin/nologin -d \
             /var/lib/spamassassin spamd
@@ -1203,15 +1181,13 @@ fi
 
 if [ "$exim" = 'yes' ] && [ "$mysql" = 'yes' ]; then
     if [ "$apache" = 'yes' ]; then
-        wget $vestacp/roundcube/roundcubemail.conf \
-            -O /etc/httpd/conf.d/roundcubemail.conf
+        cp -f $vestacp/roundcube/roundcubemail.conf /etc/httpd/conf.d/
     fi
-    wget $vestacp/roundcube/main.inc.php -O /etc/roundcubemail/config.inc.php
+    cp -f $vestacp/roundcube/main.inc.php /etc/roundcubemail/config.inc.php
     cd /usr/share/roundcubemail/plugins/password
-    wget $vestacp/roundcube/vesta.php -O drivers/vesta.php
-    wget $vestacp/roundcube/config.inc.php -O config.inc.php
-    sed -i "s/localhost/$servername/g" \
-        /usr/share/roundcubemail/plugins/password/config.inc.php
+    cp -f $vestacp/roundcube/vesta.php drivers/vesta.php
+    cp -f $vestacp/roundcube/config.inc.php config.inc.php
+    sed -i "s/localhost/$servername/g" config.inc.php
     chmod a+r /etc/roundcubemail/*
     chmod -f 777 /var/log/roundcubemail
     r="$(gen_pass)"
@@ -1234,10 +1210,7 @@ fi
 #----------------------------------------------------------#
 
 if [ "$fail2ban" = 'yes' ]; then
-    cd /etc
-    wget $vestacp/fail2ban.tar.gz -O fail2ban.tar.gz
-    tar -xzf fail2ban.tar.gz
-    rm -f fail2ban.tar.gz
+    cp -rf $vestacp/fail2ban /etc/
     if [ "$dovecot" = 'no' ]; then
         fline=$(cat /etc/fail2ban/jail.local |grep -n dovecot-iptables -A 2)
         fline=$(echo "$fline" |grep enabled |tail -n1 |cut -f 1 -d -)
@@ -1256,9 +1229,9 @@ if [ "$fail2ban" = 'yes' ]; then
         fline=$(cat /etc/fail2ban/jail.local |grep -n vsftpd-iptables -A 2)
         fline=$(echo "$fline" |grep enabled |tail -n1 |cut -f 1 -d -)
         sed -i "${fline}s/false/true/" /etc/fail2ban/jail.local
-    fi 
+    fi
     chkconfig fail2ban on
-    /bin/mkdir -p /var/run/fail2ban
+    mkdir -p /var/run/fail2ban
     if [ -e "/usr/lib/systemd/system/fail2ban.service" ]; then
         exec_pre='ExecStartPre=/bin/mkdir -p /var/run/fail2ban'
         sed -i "s|\[Service\]|[Service]\n$exec_pre|g" \
@@ -1286,37 +1259,38 @@ if [ ! -z "$(grep ^admin: /etc/group)" ] && [ "$force" = 'yes' ]; then
     groupdel admin > /dev/null 2>&1
 fi
 
-# Adding vesta account
+# Adding Vesta admin account
 $VESTA/bin/v-add-user admin $vpass $email default System Administrator
 check_result $? "can't create admin user"
 $VESTA/bin/v-change-user-shell admin bash
 $VESTA/bin/v-change-user-language admin $lang
 
-# Configuring system ips
+# Configuring system IPs
 $VESTA/bin/v-update-sys-ip
 
-# Get main ip
+# Get main IP
 ip=$(ip addr|grep 'inet '|grep global|head -n1|awk '{print $2}'|cut -f1 -d/)
 
-# Firewall configuration
+# Configuring firewall
 if [ "$iptables" = 'yes' ]; then
     $VESTA/bin/v-update-firewall
 fi
 
-# Get public ip
+# Get public IP
 pub_ip=$(curl -s vestacp.com/what-is-my-ip/)
 if [ ! -z "$pub_ip" ] && [ "$pub_ip" != "$ip" ]; then
+    echo "$VESTA/bin/v-update-sys-ip" >> /etc/rc.local
     $VESTA/bin/v-change-sys-ip-nat $ip $pub_ip
     ip=$pub_ip
 fi
 
-# Configuring mysql host
+# Configuring MySQL/MariaDB host
 if [ "$mysql" = 'yes' ]; then
     $VESTA/bin/v-add-database-host mysql localhost root $vpass
     $VESTA/bin/v-add-database admin default default $(gen_pass) mysql
 fi
 
-# Configuring pgsql host
+# Configuring PostgreSQL host
 if [ "$postgresql" = 'yes' ]; then
     $VESTA/bin/v-add-database-host pgsql localhost postgres $vpass
     $VESTA/bin/v-add-database admin db db $(gen_pass) pgsql
@@ -1324,8 +1298,8 @@ fi
 
 # Adding default domain
 $VESTA/bin/v-add-domain admin $servername
-check_result $? "can't create $servername domain"
 
+# Adding cron jobs
 command="sudo $VESTA/bin/v-update-sys-queue disk"
 $VESTA/bin/v-add-cron-job 'admin' '15' '02' '*' '*' '*' "$command"
 command="sudo $VESTA/bin/v-update-sys-queue traffic"
@@ -1342,7 +1316,7 @@ command="sudo $VESTA/bin/v-update-sys-rrd"
 $VESTA/bin/v-add-cron-job 'admin' '*/5' '*' '*' '*' '*' "$command"
 service crond restart
 
-# Building initial rrd images
+# Building RRD images
 $VESTA/bin/v-update-sys-rrd
 
 # Enabling file system quota
@@ -1355,7 +1329,7 @@ if [ "$softaculous" = 'yes' ]; then
     $VESTA/bin/v-add-vesta-softaculous
 fi
 
-# Starting vesta service
+# Starting Vesta service
 chkconfig vesta on
 service vesta start
 check_result $? "vesta start failed"
@@ -1375,8 +1349,8 @@ $VESTA/bin/v-add-cron-vesta-autoupdate
 # Sending install notification to vestacp.com
 wget vestacp.com/notify/?$codename -O /dev/null -q
 
-# Comparing hostname and ip
-host_ip=$(host $servername| head -n 1 | awk '{print $NF}')
+# Comparing hostname and IP
+host_ip=$(host $servername| head -n 1 |awk '{print $NF}')
 if [ "$host_ip" = "$ip" ]; then
     ip="$servername"
 fi

From 5fc8339a8d8334beee6e14bb4a6553edceed5f88 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Thu, 21 Jun 2018 18:01:24 +0300
Subject: [PATCH 0157/2300] cosmetic fixes for CentOS and Amazon installers

---
 install/vst-install-amazon.sh | 61 +++++++++++++++++------------------
 install/vst-install-rhel.sh   | 18 +++++------
 2 files changed, 39 insertions(+), 40 deletions(-)

diff --git a/install/vst-install-amazon.sh b/install/vst-install-amazon.sh
index f1fe62c7..be8d13e3 100644
--- a/install/vst-install-amazon.sh
+++ b/install/vst-install-amazon.sh
@@ -18,6 +18,7 @@ release='6'
 codename="${os}_$release"
 vestacp="$VESTA/install/$VERSION/$release"
 
+# Defining software pack for all distros
 software="nginx httpd mod_ssl mod_ruid2 mod_fcgid mod_extract_forwarded
     php php-common php-cli php-bcmath php-gd php-imap php-mbstring php-mcrypt
     php-mysql php-pdo php-soap php-tidy php-xml php-xmlrpc php-fpm php-pgsql
@@ -92,7 +93,7 @@ set_default_value() {
     fi
 }
 
-# Define function to set default language value
+# Defining function to set default language value
 set_default_lang() {
     if [ -z "$lang" ]; then
         eval lang=$1
@@ -112,9 +113,6 @@ set_default_lang() {
 #                    Verifications                         #
 #----------------------------------------------------------#
 
-# Creating temporary file
-tmpfile=$(mktemp -p /tmp)
-
 # Translating argument to --gnu-long-options
 for arg; do
     delim=""
@@ -226,7 +224,6 @@ if [ "$iptables" = 'no' ]; then
     fail2ban='no'
 fi
 
-
 # Checking root permissions
 if [ "x$(id -u)" != 'x0' ]; then
     check_result 1 "Script can be run executed only by root"
@@ -247,16 +244,18 @@ if [ ! -e '/usr/bin/wget' ]; then
 fi
 
 # Checking repository availability
-wget -q "http://c.vestacp.com/GPG.txt" -O /dev/null
+wget -q "c.vestacp.com/GPG.txt" -O /dev/null
 check_result $? "No access to Vesta repository"
 
 # Checking installed packages
+tmpfile=$(mktemp -p /tmp)
 rpm -qa > $tmpfile
 for pkg in exim mysql-server httpd nginx vesta; do
     if [ ! -z "$(grep $pkg $tmpfile)" ]; then
         conflicts="$pkg $conflicts"
     fi
 done
+rm -f $tmpfile
 if [ ! -z "$conflicts" ] && [ -z "$force" ]; then
     echo '!!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!!'
     echo
@@ -277,7 +276,7 @@ fi
 #                       Brief Info                         #
 #----------------------------------------------------------#
 
-# Printing nice ascii as logo
+# Printing nice ASCII logo
 clear
 echo
 echo ' _|      _|  _|_|_|_|    _|_|_|  _|_|_|_|_|    _|_|'
@@ -289,7 +288,7 @@ echo
 echo '                                  Vesta Control Panel'
 echo -e "\n\n"
 
-echo 'Following software will be installed on your system:'
+echo 'The following software will be installed on your system:'
 
 # Web stack
 if [ "$nginx" = 'yes' ]; then
@@ -310,16 +309,16 @@ if [ "$named" = 'yes' ]; then
     echo '   - Bind DNS Server'
 fi
 
-# Mail Stack
+# Mail stack
 if [ "$exim" = 'yes' ]; then
-    echo -n '   - Exim mail server'
+    echo -n '   - Exim Mail Server'
     if [ "$clamd" = 'yes'  ] ||  [ "$spamd" = 'yes' ] ; then
         echo -n ' + '
         if [ "$clamd" = 'yes' ]; then
-            echo -n 'Antivirus '
+            echo -n 'ClamAV '
         fi
         if [ "$spamd" = 'yes' ]; then
-            echo -n 'Antispam'
+            echo -n 'SpamAssassin'
         fi
     fi
     echo
@@ -328,9 +327,9 @@ if [ "$exim" = 'yes' ]; then
     fi
 fi
 
-# DB stack
+# Database stack
 if [ "$mysql" = 'yes' ]; then
-    if [ $release = 7 ]; then
+    if [ $release -ge 7 ]; then
         echo '   - MariaDB Database Server'
     else
         echo '   - MySQL Database Server'
@@ -438,7 +437,7 @@ fi
 #                  Install repositories                    #
 #----------------------------------------------------------#
 
-# Updating system packages
+# Updating system
 yum -y update
 check_result $? 'yum update failed'
 
@@ -463,7 +462,7 @@ echo "baseurl=http://$RHOST/$REPO/$release/\$basearch/" >> $vrepo
 echo "enabled=1" >> $vrepo
 echo "gpgcheck=1" >> $vrepo
 echo "gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-VESTA" >> $vrepo
-wget http://c.vestacp.com/GPG.txt -O /etc/pki/rpm-gpg/RPM-GPG-KEY-VESTA
+wget c.vestacp.com/GPG.txt -O /etc/pki/rpm-gpg/RPM-GPG-KEY-VESTA
 
 
 #----------------------------------------------------------#
@@ -476,53 +475,53 @@ cd $vst_backups
 mkdir nginx httpd php php-fpm vsftpd proftpd named exim dovecot clamd \
     spamassassin mysql postgresql mongodb vesta
 
-# Backing up Nginx configuration
+# Backup Nginx configuration
 service nginx stop > /dev/null 2>&1
 cp -r /etc/nginx/* $vst_backups/nginx > /dev/null 2>&1
 
-# Backing up Apache configuration
+# Backup Apache configuration
 service httpd stop > /dev/null 2>&1
 cp -r /etc/httpd/* $vst_backups/httpd > /dev/null 2>&1
 
-# Backing up PHP configuration
+# Backup PHP-FPM configuration
 service php-fpm stop >/dev/null 2>&1
 cp /etc/php.ini $vst_backups/php > /dev/null 2>&1
 cp -r /etc/php.d  $vst_backups/php > /dev/null 2>&1
 cp /etc/php-fpm.conf $vst_backups/php-fpm > /dev/null 2>&1
 mv -f /etc/php-fpm.d/* $vst_backups/php-fpm/ > /dev/null 2>&1
 
-# Backing up Bind configuration
+# Backup Bind configuration
 yum remove bind-chroot > /dev/null 2>&1
 service named stop > /dev/null 2>&1
 cp /etc/named.conf $vst_backups/named >/dev/null 2>&1
 
-# Backing up Vsftpd configuration
+# Backup Vsftpd configuration
 service vsftpd stop > /dev/null 2>&1
 cp /etc/vsftpd/vsftpd.conf $vst_backups/vsftpd >/dev/null 2>&1
 
-# Backing up ProFTPD configuration
+# Backup ProFTPD configuration
 service proftpd stop > /dev/null 2>&1
 cp /etc/proftpd.conf $vst_backups/proftpd >/dev/null 2>&1
 
-# Backing up Exim configuration
+# Backup Exim configuration
 service exim stop > /dev/null 2>&1
 cp -r /etc/exim/* $vst_backups/exim >/dev/null 2>&1
 
-# Backing up ClamAV configuration
+# Backup ClamAV configuration
 service clamd stop > /dev/null 2>&1
 cp /etc/clamd.conf $vst_backups/clamd >/dev/null 2>&1
 cp -r /etc/clamd.d $vst_backups/clamd >/dev/null 2>&1
 
-# Backing up SpamAssassin configuration
+# Backup SpamAssassin configuration
 service spamassassin stop > /dev/null 2>&1
 cp -r /etc/mail/spamassassin/* $vst_backups/spamassassin >/dev/null 2>&1
 
-# Backing up Dovecot configuration
+# Backup Dovecot configuration
 service dovecot stop > /dev/null 2>&1
 cp /etc/dovecot.conf $vst_backups/dovecot > /dev/null 2>&1
 cp -r /etc/dovecot/* $vst_backups/dovecot > /dev/null 2>&1
 
-# Backing up MySQL/MariaDB configuration and data
+# Backup MySQL/MariaDB configuration and data
 service mysql stop > /dev/null 2>&1
 service mysqld stop > /dev/null 2>&1
 service mariadb stop > /dev/null 2>&1
@@ -531,18 +530,18 @@ cp /etc/my.cnf $vst_backups/mysql > /dev/null 2>&1
 cp /etc/my.cnf.d $vst_backups/mysql > /dev/null 2>&1
 mv /root/.my.cnf  $vst_backups/mysql > /dev/null 2>&1
 
-# Backing up MySQL/MariaDB configuration and data
+# Backup MySQL/MariaDB configuration and data
 service postgresql stop > /dev/null 2>&1
 mv /var/lib/pgsql/data $vst_backups/postgresql/  >/dev/null 2>&1
 
-# Backing up Vesta configuration and data
+# Backup Vesta
 service vesta stop > /dev/null 2>&1
 mv $VESTA/data/* $vst_backups/vesta > /dev/null 2>&1
 mv $VESTA/conf/* $vst_backups/vesta > /dev/null 2>&1
 
 
 #----------------------------------------------------------#
-#                     Package Exludes                      #
+#                     Package Excludes                     #
 #----------------------------------------------------------#
 
 # Excluding packages
@@ -652,7 +651,7 @@ if [ -e '/etc/sysconfig/selinux' ]; then
     setenforce 0 2>/dev/null
 fi
 
-# Disable iptables
+# Disabling iptables
 service iptables stop
 
 # Configuring NTP synchronization
diff --git a/install/vst-install-rhel.sh b/install/vst-install-rhel.sh
index 07df0713..473332ed 100755
--- a/install/vst-install-rhel.sh
+++ b/install/vst-install-rhel.sh
@@ -669,7 +669,7 @@ if [ -e '/etc/sysconfig/selinux' ]; then
     setenforce 0 2>/dev/null
 fi
 
-# Disablng iptables
+# Disabling iptables
 service iptables stop
 
 # Configuring NTP synchronization
@@ -903,13 +903,13 @@ if [ "$apache" = 'yes'  ]; then
         echo > proxy_ajp.conf
     fi
     if [ -e "/etc/httpd/conf.modules.d/00-dav.conf" ]; then
-        sed -i "s/^/#/" /etc/httpd/conf.modules.d/00-dav.conf
-        sed -i "s/^/#/" /etc/httpd/conf.modules.d/00-lua.conf
-        sed -i "s/^/#/" /etc/httpd/conf.modules.d/00-proxy.conf
+        cd /etc/httpd/conf.modules.d
+        sed -i "s/^/#/" 00-dav.conf 00-lua.conf 00-proxy.conf
     fi
     echo > /etc/httpd/conf.d/vesta.conf
-    touch /etc/httpd/logs/access_log /etc/httpd/logs/error_log
-    chmod 640 /etc/httpd/logs/access_log /etc/httpd/logs/error_log
+    cd /var/log/httpd
+    touch access_log error_log suexec.log
+    chmod 640 access_log error_log suexec.log
     chmod -f 777 /var/lib/php/session
     chmod a+x /var/log/httpd
     mkdir -p /var/log/httpd/domains
@@ -1035,7 +1035,7 @@ if [ "$mysql" = 'yes' ]; then
     if [ "$apache" = 'yes' ]; then
         cp -f $vestacp/pma/phpMyAdmin.conf /etc/httpd/conf.d/
     fi
-    cp -f $vestacp/pma/config.inc.conf /etc/phpMyAdmin/
+    cp -f $vestacp/pma/config.inc.conf /etc/phpMyAdmin/config.inc.php
     sed -i "s/%blowfish_secret%/$(gen_pass)/g" /etc/phpMyAdmin/config.inc.php
 fi
 
@@ -1324,7 +1324,7 @@ if [ "$quota" = 'yes' ]; then
     $VESTA/bin/v-add-sys-quota
 fi
 
-# Enabling softaculous plugin
+# Enabling Softaculous plugin
 if [ "$softaculous" = 'yes' ]; then
     $VESTA/bin/v-add-vesta-softaculous
 fi
@@ -1350,7 +1350,7 @@ $VESTA/bin/v-add-cron-vesta-autoupdate
 wget vestacp.com/notify/?$codename -O /dev/null -q
 
 # Comparing hostname and IP
-host_ip=$(host $servername| head -n 1 |awk '{print $NF}')
+host_ip=$(host $servername |head -n 1 |awk '{print $NF}')
 if [ "$host_ip" = "$ip" ]; then
     ip="$servername"
 fi

From f4751a4e9709ce77fb1aba6426428c7891629c21 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Thu, 21 Jun 2018 18:11:09 +0300
Subject: [PATCH 0158/2300] Updated Amazon installer

---
 install/vst-install-amazon.sh | 75 +++++++++++++++++------------------
 1 file changed, 37 insertions(+), 38 deletions(-)

diff --git a/install/vst-install-amazon.sh b/install/vst-install-amazon.sh
index be8d13e3..899d4cd8 100644
--- a/install/vst-install-amazon.sh
+++ b/install/vst-install-amazon.sh
@@ -668,7 +668,7 @@ adduser backup 2>/dev/null
 ln -sf /home/backup /backup
 chmod a+x /backup
 
-# Chaning default directory color
+# Set directory color
 echo 'LS_COLORS="$LS_COLORS:di=00;33"' >> /etc/profile
 
 # Changing default systemd interval
@@ -684,7 +684,7 @@ fi
 #                     Configure VESTA                      #
 #----------------------------------------------------------#
 
-# Downlading sudo configuration
+# Installing sudo configuration
 mkdir -p /etc/sudoers.d
 cp -f $vestacp/sudo/admin /etc/sudoers.d/
 chmod 440 /etc/sudoers.d/admin
@@ -700,7 +700,7 @@ source /root/.bash_profile
 # Configuring logrotate for vesta logs
 cp -f $vestacp/logrotate/vesta /etc/logrotate.d/
 
-# Buidling directory tree and creating some blank files for vesta
+# Building directory tree and creating some blank files for vesta
 mkdir -p $VESTA/conf $VESTA/log $VESTA/ssl $VESTA/data/ips \
     $VESTA/data/queue $VESTA/data/users $VESTA/data/firewall \
     $VESTA/data/sessions
@@ -720,7 +720,7 @@ rm -f $VESTA/conf/vesta.conf 2>/dev/null
 touch $VESTA/conf/vesta.conf
 chmod 660 $VESTA/conf/vesta.conf
 
-# WEB stack
+# Web stack
 if [ "$apache" = 'yes' ] && [ "$nginx" = 'no' ] ; then
     echo "WEB_SYSTEM='httpd'" >> $VESTA/conf/vesta.conf
     echo "WEB_RGROUPS='apache'" >> $VESTA/conf/vesta.conf
@@ -778,7 +778,7 @@ if [ "$exim" = 'yes' ]; then
     fi
 fi
 
-# CRON daemon
+# Cron daemon
 echo "CRON_SYSTEM='crond'" >> $VESTA/conf/vesta.conf
 
 # Firewall stack
@@ -835,7 +835,6 @@ sed -n "1,${crt_end}p" /tmp/vst.pem > certificate.crt
 sed -n "$key_start,${key_end}p" /tmp/vst.pem > certificate.key
 chown root:mail $VESTA/ssl/*
 chmod 660 $VESTA/ssl/*
-chmod u+s /usr/bin/find
 rm /tmp/vst.pem
 
 
@@ -853,8 +852,8 @@ if [ "$nginx" = 'yes' ]; then
     cp -f $vestacp/logrotate/nginx /etc/logrotate.d/
     echo > /etc/nginx/conf.d/vesta.conf
     mkdir -p /var/log/nginx/domains
-    if [ "$release" -eq 7 ]; then
-        mkdir /etc/systemd/system/nginx.service.d
+    if [ "$release" -ge 7 ]; then
+        mkdir -p /etc/systemd/system/nginx.service.d
         cd /etc/systemd/system/nginx.service.d
         echo "[Service]" > limits.conf
         echo "LimitNOFILE=500000" >> limits.conf
@@ -864,7 +863,7 @@ if [ "$nginx" = 'yes' ]; then
     check_result $? "nginx start failed"
 
     # Workaround for OpenVZ/Virtuozzo
-    if [ "$release" -eq '7' ] && [ -e "/proc/vz/veinfo" ]; then
+    if [ "$release" -ge '7' ] && [ -e "/proc/vz/veinfo" ]; then
         echo "#Vesta: workraround for networkmanager" >> /etc/rc.local
         echo "sleep 3 && service nginx restart" >> /etc/rc.local
     fi
@@ -881,11 +880,12 @@ if [ "$apache" = 'yes'  ]; then
     cp -f $vestacp/httpd/ssl.conf /etc/httpd/conf.d/
     cp -f $vestacp/httpd/ruid2.conf /etc/httpd/conf.d/
     cp -f $vestacp/logrotate/httpd /etc/logrotate.d/
-    if [ $release -ne 7 ]; then
-        echo "MEFaccept 127.0.0.1" >> /etc/httpd/conf.d/mod_extract*.conf
-        echo > /etc/httpd/conf.d/proxy_ajp.conf
+    if [ $release -lt 7 ]; then
+        cd /etc/httpd/conf.d
+        echo "MEFaccept 127.0.0.1" >> mod_extract_forwarded.conf
+        echo > proxy_ajp.conf
     fi
-    if [ -e "conf.modules.d/00-dav.conf" ]; then
+    if [ -e "/etc/httpd/conf.modules.d/00-dav.conf" ]; then
         cd /etc/httpd/conf.modules.d
         sed -i "s/^/#/" 00-dav.conf 00-lua.conf 00-proxy.conf
     fi
@@ -897,8 +897,8 @@ if [ "$apache" = 'yes'  ]; then
     chmod a+x /var/log/httpd
     mkdir -p /var/log/httpd/domains
     chmod 751 /var/log/httpd/domains
-    if [ "$release" -eq 7 ]; then
-        mkdir /etc/systemd/system/httpd.service.d
+    if [ "$release" -ge 7 ]; then
+        mkdir -p /etc/systemd/system/httpd.service.d
         cd /etc/systemd/system/httpd.service.d
         echo "[Service]" > limits.conf
         echo "LimitNOFILE=500000" >> limits.conf
@@ -908,7 +908,7 @@ if [ "$apache" = 'yes'  ]; then
     check_result $? "httpd start failed"
 
     # Workaround for OpenVZ/Virtuozzo
-    if [ "$release" -eq '7' ] && [ -e "/proc/vz/veinfo" ]; then
+    if [ "$release" -ge '7' ] && [ -e "/proc/vz/veinfo" ]; then
         echo "#Vesta: workraround for networkmanager" >> /etc/rc.local
         echo "sleep 2 && service httpd restart" >> /etc/rc.local
     fi
@@ -945,7 +945,7 @@ done
 
 
 #----------------------------------------------------------#
-#                    Configure VSFTPD                      #
+#                    Configure Vsftpd                      #
 #----------------------------------------------------------#
 
 if [ "$vsftpd" = 'yes' ]; then
@@ -989,7 +989,7 @@ if [ "$mysql" = 'yes' ]; then
     chown mysql:mysql /var/lib/mysql
     mkdir -p /etc/my.cnf.d
 
-    if [ $release -ne 7 ]; then
+    if [ $release -lt 7 ]; then
         service='mysqld'
     else
         service='mariadb'
@@ -1031,7 +1031,7 @@ fi
 #----------------------------------------------------------#
 
 if [ "$postgresql" = 'yes' ]; then
-    if [ $release = 5 ]; then
+    if [ $release -eq 5 ]; then
         service postgresql start
         sudo -u postgres psql -c "ALTER USER postgres WITH PASSWORD '$vpass'"
         service postgresql stop
@@ -1125,16 +1125,15 @@ if [ "$clamd" = 'yes' ]; then
     gpasswd -a clam mail
     cp -f $vestacp/clamav/clamd.conf /etc/
     cp -f $vestacp/clamav/freshclam.conf /etc/
-    mkdir -p /var/log/clamav
-    mkdir -p /var/run/clamav
+    mkdir -p /var/log/clamav /var/run/clamav
     chown clam:clam /var/log/clamav /var/run/clamav
     chown -R clam:clam /var/lib/clamav
-    if [ "$release" -eq '7' ]; then
+    if [ "$release" -ge '7' ]; then
         cp -f $vestacp/clamav/clamd.service /usr/lib/systemd/system/
         systemctl --system daemon-reload
     fi
     /usr/bin/freshclam
-    if [ "$release" -eq '7' ]; then
+    if [ "$release" -ge '7' ]; then
         sed -i "s/nofork/foreground/" /usr/lib/systemd/system/clamd.service
         systemctl daemon-reload
     fi
@@ -1152,7 +1151,7 @@ if [ "$spamd" = 'yes' ]; then
     chkconfig spamassassin on
     service spamassassin start
     check_result $? "spamassassin start failed"
-    if [ "$release" -eq '7' ]; then
+    if [ "$release" -ge '7' ]; then
         groupadd -g 1001 spamd
         useradd -u 1001 -g spamd -s /sbin/nologin -d \
             /var/lib/spamassassin spamd
@@ -1216,9 +1215,9 @@ if [ "$fail2ban" = 'yes' ]; then
         fline=$(cat /etc/fail2ban/jail.local |grep -n vsftpd-iptables -A 2)
         fline=$(echo "$fline" |grep enabled |tail -n1 |cut -f 1 -d -)
         sed -i "${fline}s/false/true/" /etc/fail2ban/jail.local
-    fi 
+    fi
     chkconfig fail2ban on
-    /bin/mkdir -p /var/run/fail2ban
+    mkdir -p /var/run/fail2ban
     if [ -e "/usr/lib/systemd/system/fail2ban.service" ]; then
         exec_pre='ExecStartPre=/bin/mkdir -p /var/run/fail2ban'
         sed -i "s|\[Service\]|[Service]\n$exec_pre|g" \
@@ -1246,24 +1245,24 @@ if [ ! -z "$(grep ^admin: /etc/group)" ] && [ "$force" = 'yes' ]; then
     groupdel admin > /dev/null 2>&1
 fi
 
-# Adding vesta account
+# Adding Vesta admin account
 $VESTA/bin/v-add-user admin $vpass $email default System Administrator
 check_result $? "can't create admin user"
 $VESTA/bin/v-change-user-shell admin bash
 $VESTA/bin/v-change-user-language admin $lang
 
-# Configuring system ips
+# Configuring system IPs
 $VESTA/bin/v-update-sys-ip
 
-# Get main ip
+# Get main IP
 ip=$(ip addr|grep 'inet '|grep global|head -n1|awk '{print $2}'|cut -f1 -d/)
 
-# Firewall configuration
+# Configuring firewall
 if [ "$iptables" = 'yes' ]; then
     $VESTA/bin/v-update-firewall
 fi
 
-# Get public ip
+# Get public IP
 pub_ip=$(curl -s vestacp.com/what-is-my-ip/)
 if [ ! -z "$pub_ip" ] && [ "$pub_ip" != "$ip" ]; then
     echo "$VESTA/bin/v-update-sys-ip" >> /etc/rc.local
@@ -1271,13 +1270,13 @@ if [ ! -z "$pub_ip" ] && [ "$pub_ip" != "$ip" ]; then
     ip=$pub_ip
 fi
 
-# Configuring mysql host
+# Configuring MySQL host
 if [ "$mysql" = 'yes' ]; then
     $VESTA/bin/v-add-database-host mysql localhost root $vpass
     $VESTA/bin/v-add-database admin default default $(gen_pass) mysql
 fi
 
-# Configuring pgsql host
+# Configuring PostgreSQL host
 if [ "$postgresql" = 'yes' ]; then
     $VESTA/bin/v-add-database-host pgsql localhost postgres $vpass
     $VESTA/bin/v-add-database admin db db $(gen_pass) pgsql
@@ -1285,8 +1284,8 @@ fi
 
 # Adding default domain
 $VESTA/bin/v-add-domain admin $servername
-check_result $? "can't create $servername domain"
 
+# Adding cron jobs
 command="sudo $VESTA/bin/v-update-sys-queue disk"
 $VESTA/bin/v-add-cron-job 'admin' '15' '02' '*' '*' '*' "$command"
 command="sudo $VESTA/bin/v-update-sys-queue traffic"
@@ -1303,7 +1302,7 @@ command="sudo $VESTA/bin/v-update-sys-rrd"
 $VESTA/bin/v-add-cron-job 'admin' '*/5' '*' '*' '*' '*' "$command"
 service crond restart
 
-# Building initial rrd images
+# Building RRD images
 $VESTA/bin/v-update-sys-rrd
 
 # Enabling file system quota
@@ -1311,12 +1310,12 @@ if [ "$quota" = 'yes' ]; then
     $VESTA/bin/v-add-sys-quota
 fi
 
-# Enabling softaculous plugin
+# Enabling Softaculous plugin
 if [ "$softaculous" = 'yes' ]; then
     $VESTA/bin/v-add-vesta-softaculous
 fi
 
-# Starting vesta service
+# Starting Vesta service
 chkconfig vesta on
 service vesta start
 check_result $? "vesta start failed"
@@ -1336,7 +1335,7 @@ $VESTA/bin/v-add-cron-vesta-autoupdate
 # Sending install notification to vestacp.com
 wget vestacp.com/notify/?$codename -O /dev/null -q
 
-# Comparing hostname and ip
+# Comparing hostname and IP
 host_ip=$(host $servername |head -n 1 |awk '{print $NF}')
 if [ "$host_ip" = "$ip" ]; then
     ip="$servername"

From b6e26ac4791ce1e2a374b4622481610db75cc287 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Fri, 22 Jun 2018 16:55:52 +0300
Subject: [PATCH 0159/2300] Fixed mysql-server package replacement

---
 install/vst-install-rhel.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/install/vst-install-rhel.sh b/install/vst-install-rhel.sh
index 473332ed..e529ff65 100755
--- a/install/vst-install-rhel.sh
+++ b/install/vst-install-rhel.sh
@@ -32,7 +32,7 @@ software="awstats bc bind bind-libs bind-utils clamav-server clamav-update
 
 # Fix for old releases
 if [ "$release" -lt 7 ]; then
-    software=$(echo "$software" |sed -e "s/mariadb/mysql/")
+    software=$(echo "$software" |sed -e "s/mariadb/mysql/g")
     software=$(echo "$software" |sed -e "s/clamav-server/clamd/")
     software=$(echo "$software" |sed -e "s/clamav-update//")
     software=$(echo "$software" |sed -e "s/iptables-services//")
@@ -956,7 +956,7 @@ if [ -z "$ZONE" ]; then
     ZONE='UTC'
 fi
 for pconf in $(find /etc/php* -name php.ini); do
-    sed -i "s/;date.timezone =/date.timezone = $ZONE/g" $pconf
+    sed -i "s|;date.timezone =|date.timezone = $ZONE|g" $pconf
     sed -i 's%_open_tag = Off%_open_tag = On%g' $pconf
 done
 

From ca3a9e0895c5aa2fe8c273c08f09438fb0b23e9a Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Sun, 24 Jun 2018 10:38:16 +0300
Subject: [PATCH 0160/2300] Security fix for API hash check

---
 web/api/index.php | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/web/api/index.php b/web/api/index.php
index 3cf0ec2d..80f72b99 100644
--- a/web/api/index.php
+++ b/web/api/index.php
@@ -58,6 +58,8 @@ if (isset($_POST['user']) || isset($_POST['hash'])) {
                 echo 'Error: authentication failed';
                 exit;
             }
+        } else {
+            $return_var = 1;
         }
     }
 

From ece8efd5053d56d3d25c231bd40449aa3ce29d68 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Sun, 24 Jun 2018 10:42:43 +0300
Subject: [PATCH 0161/2300] 0.9.8-22

---
 src/deb/vesta/control    | 2 +-
 src/rpm/specs/vesta.spec | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/deb/vesta/control b/src/deb/vesta/control
index b45b2f74..028a4e41 100644
--- a/src/deb/vesta/control
+++ b/src/deb/vesta/control
@@ -1,7 +1,7 @@
 Source: vesta
 Package: vesta
 Priority: optional
-Version: 0.9.8-21
+Version: 0.9.8-22
 Section: admin
 Maintainer: Serghey Rodin 
 Homepage: http://vestacp.com
diff --git a/src/rpm/specs/vesta.spec b/src/rpm/specs/vesta.spec
index ea94eebd..58359da0 100644
--- a/src/rpm/specs/vesta.spec
+++ b/src/rpm/specs/vesta.spec
@@ -1,6 +1,6 @@
 Name:           vesta
 Version:        0.9.8
-Release:        21
+Release:        22
 Summary:        Vesta Control Panel
 Group:          System Environment/Base
 License:        GPL

From 7f3e7d5b6372ec6793cf5ff1571793439cf4266f Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Sun, 24 Jun 2018 19:12:43 +0300
Subject: [PATCH 0162/2300] ip.sh include missing

---
 bin/v-update-sys-ip | 1 +
 1 file changed, 1 insertion(+)

diff --git a/bin/v-update-sys-ip b/bin/v-update-sys-ip
index 8c0da087..7360b07f 100755
--- a/bin/v-update-sys-ip
+++ b/bin/v-update-sys-ip
@@ -16,6 +16,7 @@ source /etc/profile
 
 # Includes
 source $VESTA/func/main.sh
+source $VESTA/func/ip.sh
 source $VESTA/conf/vesta.conf
 
 

From 397cf699bb5613015c62f526866a0bd3d1506e6c Mon Sep 17 00:00:00 2001
From: Clark Chen 
Date: Mon, 25 Jun 2018 15:07:33 +0800
Subject: [PATCH 0163/2300] Update tw.php

---
 web/inc/i18n/tw.php | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/web/inc/i18n/tw.php b/web/inc/i18n/tw.php
index 02b5a29a..499d0ec4 100644
--- a/web/inc/i18n/tw.php
+++ b/web/inc/i18n/tw.php
@@ -573,7 +573,7 @@ $LANG['tw'] = array(
     'Current Number Of Databases' => '目前的資料庫數量',
     'Local backup' => '本機備份',
     'Compression level' => '壓縮等級',
-    'Directory' => 'Directory',
+    'Directory' => '路徑',
     'Remote backup' => '遠端備份',
     'ftp' => 'FTP',
     'sftp' => 'SFTP',
@@ -740,14 +740,14 @@ $LANG['tw'] = array(
     'webalizer' => 'webalizer',
     'awstats' => 'awstats',
 
-    'Vesta SSL' => 'Vesta SSL',
-    'SUBJECT' => 'SUBJECT',
-    'ALIASES' => 'ALIASES',
-    'NOT_BEFORE' => 'NOT_BEFORE',
-    'NOT_AFTER' => 'NOT_AFTER',
-    'SIGNATURE' => 'SIGNATURE',
-    'PUB_KEY' => 'PUB_KEY',
-    'ISSUER' => 'ISSUER',
+    'Vesta SSL' => 'Vesta後台 SSL',
+    'SUBJECT' => '主體名稱',
+    'ALIASES' => '主體別名',
+    'NOT_BEFORE' => '有效期自',
+    'NOT_AFTER' => '有效期到',
+    'SIGNATURE' => '簽章演算法',
+    'PUB_KEY' => '公開金鑰',
+    'ISSUER' => '簽發者',
 
     'Use server hostname' => '使用伺服器主機名稱',
     'Use domain hostname' => '使用網域主機名稱',
@@ -758,5 +758,5 @@ $LANG['tw'] = array(
 
     'maximum characters length, including prefix' => '最多 %s 字元(包含前綴)',
 
-    'Email Credentials' => 'Email Credentials',
+    'Email Credentials' => '信箱登入資訊',
 );

From bffeed57396279c105a2698c6ffc83c3e1d79969 Mon Sep 17 00:00:00 2001
From: Clark Chen 
Date: Mon, 25 Jun 2018 15:10:04 +0800
Subject: [PATCH 0164/2300] Update tw.php

---
 web/inc/i18n/tw.php | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/web/inc/i18n/tw.php b/web/inc/i18n/tw.php
index 499d0ec4..4f493eb5 100644
--- a/web/inc/i18n/tw.php
+++ b/web/inc/i18n/tw.php
@@ -2,10 +2,6 @@
 /**
  * Vesta language file
  * This language file is translate by
- * Peter Dave Hello Blog (https://www.peterdavehello.org)
- * Peter Dave Hello GitHub (https://github.com/PeterDaveHello)
- * Peter Dave Hello Twitter (https://twitter.com/PeterDaveHello)
- * Clark's Computer Knowledge Journal (https://www.clark-chen.com)
  * Clark's Hosting Service (https://host.clark-chen.com)
  * Clark Chen (clark@clark-chen.com)
  */

From dd19eef3aab67b08ffa086c90b3abae6094c2f0e Mon Sep 17 00:00:00 2001
From: Clark Chen 
Date: Mon, 25 Jun 2018 15:11:15 +0800
Subject: [PATCH 0165/2300] Update tw.php

---
 web/inc/i18n/tw.php | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/web/inc/i18n/tw.php b/web/inc/i18n/tw.php
index 4f493eb5..10b06aef 100644
--- a/web/inc/i18n/tw.php
+++ b/web/inc/i18n/tw.php
@@ -216,6 +216,7 @@ $LANG['tw'] = array(
     'Autoreply'  => '自動回覆',
     'Forward to'  => '轉寄到',
     'Do not store forwarded mail' => '不保留已轉發的郵件',
+    'Email Credentials' => '信箱登入資訊',
     'IMAP hostname'  => 'IMAP 主機名稱',
     'IMAP port'  => 'IMAP 連接埠',
     'IMAP security'  => 'IMAP 安全性',
@@ -753,6 +754,4 @@ $LANG['tw'] = array(
     'Do not use encryption' => '不要使用加密',
 
     'maximum characters length, including prefix' => '最多 %s 字元(包含前綴)',
-
-    'Email Credentials' => '信箱登入資訊',
 );

From 5b4211b3dade48e3f7ab43fbf02320856de1143c Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Wed, 27 Jun 2018 12:00:44 +0300
Subject: [PATCH 0166/2300] updated spec to 0.9.8-22

---
 src/deb/ioncube/control              | 2 +-
 src/deb/nginx/control                | 2 +-
 src/deb/php/control                  | 2 +-
 src/deb/softaculous/control          | 2 +-
 src/rpm/specs/vesta-ioncube.spec     | 2 +-
 src/rpm/specs/vesta-nginx.spec       | 2 +-
 src/rpm/specs/vesta-php.spec         | 2 +-
 src/rpm/specs/vesta-softaculous.spec | 2 +-
 8 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/src/deb/ioncube/control b/src/deb/ioncube/control
index 607655f5..89268f6e 100644
--- a/src/deb/ioncube/control
+++ b/src/deb/ioncube/control
@@ -1,7 +1,7 @@
 Source: vesta-ioncube
 Package: vesta-ioncube
 Priority: optional
-Version: 0.9.8-21
+Version: 0.9.8-22
 Section: admin
 Maintainer: Serghey Rodin 
 Homepage: https://www.ioncube.com
diff --git a/src/deb/nginx/control b/src/deb/nginx/control
index 1f17044e..9dc7351a 100644
--- a/src/deb/nginx/control
+++ b/src/deb/nginx/control
@@ -1,7 +1,7 @@
 Source: vesta-nginx
 Package: vesta-nginx
 Priority: optional
-Version: 0.9.8-21
+Version: 0.9.8-22
 Section: admin
 Maintainer: Serghey Rodin 
 Homepage: http://vestacp.com
diff --git a/src/deb/php/control b/src/deb/php/control
index ad9991e5..3714008d 100644
--- a/src/deb/php/control
+++ b/src/deb/php/control
@@ -1,7 +1,7 @@
 Source: vesta-php
 Package: vesta-php
 Priority: optional
-Version: 0.9.8-21
+Version: 0.9.8-22
 Section: admin
 Maintainer: Serghey Rodin 
 Homepage: http://vestacp.com
diff --git a/src/deb/softaculous/control b/src/deb/softaculous/control
index acadc809..35140df6 100644
--- a/src/deb/softaculous/control
+++ b/src/deb/softaculous/control
@@ -1,7 +1,7 @@
 Source: vesta-softaculous
 Package: vesta-softaculous
 Priority: optional
-Version: 0.9.8-21
+Version: 0.9.8-22
 Section: admin
 Maintainer: Serghey Rodin 
 Homepage: https://www.softaculous.com
diff --git a/src/rpm/specs/vesta-ioncube.spec b/src/rpm/specs/vesta-ioncube.spec
index aaa4cf5d..5d48dc29 100644
--- a/src/rpm/specs/vesta-ioncube.spec
+++ b/src/rpm/specs/vesta-ioncube.spec
@@ -1,6 +1,6 @@
 Name:           vesta-ioncube
 Version:        0.9.8
-Release:        21
+Release:        22
 Summary:        ionCube Loader
 Group:          System Environment/Base
 License:        "Freely redistributable without restriction"
diff --git a/src/rpm/specs/vesta-nginx.spec b/src/rpm/specs/vesta-nginx.spec
index 9e83f48a..a633ef85 100644
--- a/src/rpm/specs/vesta-nginx.spec
+++ b/src/rpm/specs/vesta-nginx.spec
@@ -1,6 +1,6 @@
 Name:           vesta-nginx
 Version:        0.9.8
-Release:        21
+Release:        22
 Summary:        Vesta Control Panel
 Group:          System Environment/Base
 License:        BSD-like
diff --git a/src/rpm/specs/vesta-php.spec b/src/rpm/specs/vesta-php.spec
index 112deee1..12d1c401 100644
--- a/src/rpm/specs/vesta-php.spec
+++ b/src/rpm/specs/vesta-php.spec
@@ -1,6 +1,6 @@
 Name:           vesta-php
 Version:        0.9.8
-Release:        21
+Release:        22
 Summary:        Vesta Control Panel
 Group:          System Environment/Base
 License:        GPL
diff --git a/src/rpm/specs/vesta-softaculous.spec b/src/rpm/specs/vesta-softaculous.spec
index 15bb15b3..7e92cfdb 100644
--- a/src/rpm/specs/vesta-softaculous.spec
+++ b/src/rpm/specs/vesta-softaculous.spec
@@ -1,6 +1,6 @@
 Name:           vesta-softaculous
 Version:        0.9.8
-Release:        21
+Release:        22
 Summary:        Vesta Control Panel
 Group:          System Environment/Base
 License:        Softaculous License

From af04e1bdb9f9a709e967f3ba9944b5e1dfa69e3b Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Thu, 28 Jun 2018 00:55:13 +0300
Subject: [PATCH 0167/2300] clean php-fpm.conf

---
 src/rpm/conf/php-fpm.conf | 479 +-------------------------------------
 1 file changed, 6 insertions(+), 473 deletions(-)

diff --git a/src/rpm/conf/php-fpm.conf b/src/rpm/conf/php-fpm.conf
index 0a76ae2f..d9a04795 100755
--- a/src/rpm/conf/php-fpm.conf
+++ b/src/rpm/conf/php-fpm.conf
@@ -1,468 +1,21 @@
-;;;;;;;;;;;;;;;;;;;;;
-; FPM Configuration ;
-;;;;;;;;;;;;;;;;;;;;;
-
-; All relative paths in this configuration file are relative to PHP's install
-; prefix (/usr/local/vesta/php). This prefix can be dynamicaly changed by using the
-; '-p' argument from the command line.
-
-; Include one or more files. If glob(3) exists, it is used to include a bunch of
-; files from a glob(3) pattern. This directive can be used everywhere in the
-; file.
-; Relative path can also be used. They will be prefixed by:
-;  - the global prefix if it's been set (-p arguement)
-;  - /usr/local/vesta/php otherwise
-;include=etc/fpm.d/*.conf
-
-;;;;;;;;;;;;;;;;;;
-; Global Options ;
-;;;;;;;;;;;;;;;;;;
-
 [global]
-; Pid file
-; Note: the default prefix is /usr/local/vesta/php/var
-; Default Value: none
 pid = /var/run/vesta-php.pid
+daemonize = yes
 
-; Error log file
-; If it's set to "syslog", log is sent to syslogd instead of being written
-; in a local file.
-; Note: the default prefix is /usr/local/vesta/php/var
-; Default Value: log/php-fpm.log
-;error_log = log/php-fpm.log
-
-; syslog_facility is used to specify what type of program is logging the
-; message. This lets syslogd specify that messages from different facilities
-; will be handled differently.
-; See syslog(3) for possible values (ex daemon equiv LOG_DAEMON)
-; Default Value: daemon
-;syslog.facility = daemon
-
-; syslog_ident is prepended to every message. If you have multiple FPM
-; instances running on the same server, you can change the default value
-; which must suit common needs.
-; Default Value: php-fpm
-syslog.ident = vesta-php
-
-; Log level
-; Possible Values: alert, error, warning, notice, debug
-; Default Value: notice
-log_level = error
-
-; If this number of child processes exit with SIGSEGV or SIGBUS within the time
-; interval set by emergency_restart_interval then FPM will restart. A value
-; of '0' means 'Off'.
-; Default Value: 0
-emergency_restart_threshold = 10
-
-; Interval of time used by emergency_restart_interval to determine when 
-; a graceful restart will be initiated.  This can be useful to work around
-; accidental corruptions in an accelerator's shared memory.
-; Available Units: s(econds), m(inutes), h(ours), or d(ays)
-; Default Unit: seconds
-; Default Value: 0
-emergency_restart_interval = 1m
-
-; Time limit for child processes to wait for a reaction on signals from master.
-; Available units: s(econds), m(inutes), h(ours), or d(ays)
-; Default Unit: seconds
-; Default Value: 0
-process_control_timeout = 10s
-
-; The maximum number of processes FPM will fork. This has been design to control
-; the global number of processes when using dynamic PM within a lot of pools.
-; Use it with caution.
-; Note: A value of 0 indicates no limit
-; Default Value: 0
-; process.max = 128
-
-; Send FPM to background. Set to 'no' to keep FPM in foreground for debugging.
-; Default Value: yes
-;daemonize = yes
- 
-; Set open file descriptor rlimit for the master process.
-; Default Value: system defined value
-;rlimit_files = 1024
- 
-; Set max core size rlimit for the master process.
-; Possible Values: 'unlimited' or an integer greater or equal to 0
-; Default Value: system defined value
-;rlimit_core = 0
-
-; Specify the event mechanism FPM will use. The following is available:
-; - select     (any POSIX os)
-; - poll       (any POSIX os)
-; - epoll      (linux >= 2.5.44)
-; - kqueue     (FreeBSD >= 4.1, OpenBSD >= 2.9, NetBSD >= 2.0)
-; - /dev/poll  (Solaris >= 7)
-; - port       (Solaris >= 10)
-; Default Value: not set (auto detection)
-events.mechanism = epoll
-
-;;;;;;;;;;;;;;;;;;;;
-; Pool Definitions ; 
-;;;;;;;;;;;;;;;;;;;;
-
-; Multiple pools of child processes may be started with different listening
-; ports and different management options.  The name of the pool will be
-; used in logs and stats. There is no limitation on the number of pools which
-; FPM can handle. Your system will tell you anyway :)
-
-; Start a new pool named 'www'.
-; the variable $pool can we used in any directive and will be replaced by the
-; pool name ('www' here)
 [www]
-
-; Per pool prefix
-; It only applies on the following directives:
-; - 'slowlog'
-; - 'listen' (unixsocket)
-; - 'chroot'
-; - 'chdir'
-; - 'php_values'
-; - 'php_admin_values'
-; When not set, the global prefix (or /usr/local/vesta/php) applies instead.
-; Note: This directive can also be relative to the global prefix.
-; Default Value: none
-;prefix = /path/to/pools/$pool
-
-; Unix user/group of processes
-; Note: The user is mandatory. If the group is not set, the default user's group
-;       will be used.
 user = admin
 group = admin
-
-; The address on which to accept FastCGI requests.
-; Valid syntaxes are:
-;   'ip.add.re.ss:port'    - to listen on a TCP socket to a specific address on
-;                            a specific port;
-;   'port'                 - to listen on a TCP socket to all addresses on a
-;                            specific port;
-;   '/path/to/unix/socket' - to listen on a unix socket.
-; Note: This value is mandatory.
-;listen = 127.0.0.1:9000
 listen = /var/run/vesta-php.sock
-
-; Set listen(2) backlog.
-; Default Value: 128 (-1 on FreeBSD and OpenBSD)
-;listen.backlog = 128
-
-; Set permissions for unix socket, if one is used. In Linux, read/write
-; permissions must be set in order to allow connections from a web server. Many
-; BSD-derived systems allow connections regardless of permissions. 
-; Default Values: user and group are set as the running user
-;                 mode is set to 0666
 listen.owner = admin
 listen.group = admin
 listen.mode = 0660
- 
-; List of ipv4 addresses of FastCGI clients which are allowed to connect.
-; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
-; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
-; must be separated by a comma. If this value is left blank, connections will be
-; accepted from any ip address.
-; Default Value: any
-;listen.allowed_clients = 127.0.0.1
 
-; Choose how the process manager will control the number of child processes.
-; Possible Values:
-;   static  - a fixed number (pm.max_children) of child processes;
-;   dynamic - the number of child processes are set dynamically based on the
-;             following directives. With this process management, there will be
-;             always at least 1 children.
-;             pm.max_children      - the maximum number of children that can
-;                                    be alive at the same time.
-;             pm.start_servers     - the number of children created on startup.
-;             pm.min_spare_servers - the minimum number of children in 'idle'
-;                                    state (waiting to process). If the number
-;                                    of 'idle' processes is less than this
-;                                    number then some children will be created.
-;             pm.max_spare_servers - the maximum number of children in 'idle'
-;                                    state (waiting to process). If the number
-;                                    of 'idle' processes is greater than this
-;                                    number then some children will be killed.
-;  ondemand - no children are created at startup. Children will be forked when
-;             new requests will connect. The following parameter are used:
-;             pm.max_children           - the maximum number of children that
-;                                         can be alive at the same time.
-;             pm.process_idle_timeout   - The number of seconds after which
-;                                         an idle process will be killed.
-; Note: This value is mandatory.
-pm = ondemand
+pm = dynamic
+pm.max_children = 5
+pm.start_servers = 2
+pm.min_spare_servers = 1
+pm.max_spare_servers = 3
 
-; The number of child processes to be created when pm is set to 'static' and the
-; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'.
-; This value sets the limit on the number of simultaneous requests that will be
-; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.
-; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP
-; CGI. The below defaults are based on a server without much resources. Don't
-; forget to tweak pm.* to fit your needs.
-; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand'
-; Note: This value is mandatory.
-pm.max_children = 2
-
-; The number of child processes created on startup.
-; Note: Used only when pm is set to 'dynamic'
-; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2
-;pm.start_servers = 2
-
-; The desired minimum number of idle server processes.
-; Note: Used only when pm is set to 'dynamic'
-; Note: Mandatory when pm is set to 'dynamic'
-;pm.min_spare_servers = 1
-
-; The desired maximum number of idle server processes.
-; Note: Used only when pm is set to 'dynamic'
-; Note: Mandatory when pm is set to 'dynamic'
-;pm.max_spare_servers = 3
-
-; The number of seconds after which an idle process will be killed.
-; Note: Used only when pm is set to 'ondemand'
-; Default Value: 10s
-pm.process_idle_timeout = 10s;
- 
-; The number of requests each child process should execute before respawning.
-; This can be useful to work around memory leaks in 3rd party libraries. For
-; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
-; Default Value: 0
-pm.max_requests = 1000
-
-; The URI to view the FPM status page. If this value is not set, no URI will be
-; recognized as a status page. It shows the following informations:
-;   pool                 - the name of the pool;
-;   process manager      - static, dynamic or ondemand;
-;   start time           - the date and time FPM has started;
-;   start since          - number of seconds since FPM has started;
-;   accepted conn        - the number of request accepted by the pool;
-;   listen queue         - the number of request in the queue of pending
-;                          connections (see backlog in listen(2));
-;   max listen queue     - the maximum number of requests in the queue
-;                          of pending connections since FPM has started;
-;   listen queue len     - the size of the socket queue of pending connections;
-;   idle processes       - the number of idle processes;
-;   active processes     - the number of active processes;
-;   total processes      - the number of idle + active processes;
-;   max active processes - the maximum number of active processes since FPM
-;                          has started;
-;   max children reached - number of times, the process limit has been reached,
-;                          when pm tries to start more children (works only for
-;                          pm 'dynamic' and 'ondemand');
-; Value are updated in real time.
-; Example output:
-;   pool:                 www
-;   process manager:      static
-;   start time:           01/Jul/2011:17:53:49 +0200
-;   start since:          62636
-;   accepted conn:        190460
-;   listen queue:         0
-;   max listen queue:     1
-;   listen queue len:     42
-;   idle processes:       4
-;   active processes:     11
-;   total processes:      15
-;   max active processes: 12
-;   max children reached: 0
-;
-; By default the status page output is formatted as text/plain. Passing either
-; 'html', 'xml' or 'json' in the query string will return the corresponding
-; output syntax. Example:
-;   http://www.foo.bar/status
-;   http://www.foo.bar/status?json
-;   http://www.foo.bar/status?html
-;   http://www.foo.bar/status?xml
-;
-; By default the status page only outputs short status. Passing 'full' in the
-; query string will also return status for each pool process.
-; Example: 
-;   http://www.foo.bar/status?full
-;   http://www.foo.bar/status?json&full
-;   http://www.foo.bar/status?html&full
-;   http://www.foo.bar/status?xml&full
-; The Full status returns for each process:
-;   pid                  - the PID of the process;
-;   state                - the state of the process (Idle, Running, ...);
-;   start time           - the date and time the process has started;
-;   start since          - the number of seconds since the process has started;
-;   requests             - the number of requests the process has served;
-;   request duration     - the duration in µs of the requests;
-;   request method       - the request method (GET, POST, ...);
-;   request URI          - the request URI with the query string;
-;   content length       - the content length of the request (only with POST);
-;   user                 - the user (PHP_AUTH_USER) (or '-' if not set);
-;   script               - the main script called (or '-' if not set);
-;   last request cpu     - the %cpu the last request consumed
-;                          it's always 0 if the process is not in Idle state
-;                          because CPU calculation is done when the request
-;                          processing has terminated;
-;   last request memory  - the max amount of memory the last request consumed
-;                          it's always 0 if the process is not in Idle state
-;                          because memory calculation is done when the request
-;                          processing has terminated;
-; If the process is in Idle state, then informations are related to the
-; last request the process has served. Otherwise informations are related to
-; the current request being served.
-; Example output:
-;   ************************
-;   pid:                  31330
-;   state:                Running
-;   start time:           01/Jul/2011:17:53:49 +0200
-;   start since:          63087
-;   requests:             12808
-;   request duration:     1250261
-;   request method:       GET
-;   request URI:          /test_mem.php?N=10000
-;   content length:       0
-;   user:                 -
-;   script:               /home/fat/web/docs/php/test_mem.php
-;   last request cpu:     0.00
-;   last request memory:  0
-;
-; Note: There is a real-time FPM status monitoring sample web page available
-;       It's available in: ${prefix}/share/fpm/status.html
-;
-; Note: The value must start with a leading slash (/). The value can be
-;       anything, but it may not be a good idea to use the .php extension or it
-;       may conflict with a real PHP file.
-; Default Value: not set 
-;pm.status_path = /status
- 
-; The ping URI to call the monitoring page of FPM. If this value is not set, no
-; URI will be recognized as a ping page. This could be used to test from outside
-; that FPM is alive and responding, or to
-; - create a graph of FPM availability (rrd or such);
-; - remove a server from a group if it is not responding (load balancing);
-; - trigger alerts for the operating team (24/7).
-; Note: The value must start with a leading slash (/). The value can be
-;       anything, but it may not be a good idea to use the .php extension or it
-;       may conflict with a real PHP file.
-; Default Value: not set
-;ping.path = /ping
-
-; This directive may be used to customize the response of a ping request. The
-; response is formatted as text/plain with a 200 response code.
-; Default Value: pong
-;ping.response = pong
-
-; The access log file
-; Default: not set
-;access.log = log/$pool.access.log
-
-; The access log format.
-; The following syntax is allowed
-;  %%: the '%' character
-;  %C: %CPU used by the request
-;      it can accept the following format:
-;      - %{user}C for user CPU only
-;      - %{system}C for system CPU only
-;      - %{total}C  for user + system CPU (default)
-;  %d: time taken to serve the request
-;      it can accept the following format:
-;      - %{seconds}d (default)
-;      - %{miliseconds}d
-;      - %{mili}d
-;      - %{microseconds}d
-;      - %{micro}d
-;  %e: an environment variable (same as $_ENV or $_SERVER)
-;      it must be associated with embraces to specify the name of the env
-;      variable. Some exemples:
-;      - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e
-;      - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e
-;  %f: script filename
-;  %l: content-length of the request (for POST request only)
-;  %m: request method
-;  %M: peak of memory allocated by PHP
-;      it can accept the following format:
-;      - %{bytes}M (default)
-;      - %{kilobytes}M
-;      - %{kilo}M
-;      - %{megabytes}M
-;      - %{mega}M
-;  %n: pool name
-;  %o: ouput header
-;      it must be associated with embraces to specify the name of the header:
-;      - %{Content-Type}o
-;      - %{X-Powered-By}o
-;      - %{Transfert-Encoding}o
-;      - ....
-;  %p: PID of the child that serviced the request
-;  %P: PID of the parent of the child that serviced the request
-;  %q: the query string 
-;  %Q: the '?' character if query string exists
-;  %r: the request URI (without the query string, see %q and %Q)
-;  %R: remote IP address
-;  %s: status (response code)
-;  %t: server time the request was received
-;      it can accept a strftime(3) format:
-;      %d/%b/%Y:%H:%M:%S %z (default)
-;  %T: time the log has been written (the request has finished)
-;      it can accept a strftime(3) format:
-;      %d/%b/%Y:%H:%M:%S %z (default)
-;  %u: remote user
-;
-; Default: "%R - %u %t \"%m %r\" %s"
-;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"
- 
-; The log file for slow requests
-; Default Value: not set
-; Note: slowlog is mandatory if request_slowlog_timeout is set
-;slowlog = log/$pool.log.slow
- 
-; The timeout for serving a single request after which a PHP backtrace will be
-; dumped to the 'slowlog' file. A value of '0s' means 'off'.
-; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
-; Default Value: 0
-;request_slowlog_timeout = 0
- 
-; The timeout for serving a single request after which the worker process will
-; be killed. This option should be used when the 'max_execution_time' ini option
-; does not stop script execution for some reason. A value of '0' means 'off'.
-; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
-; Default Value: 0
-;request_terminate_timeout = 0
- 
-; Set open file descriptor rlimit.
-; Default Value: system defined value
-;rlimit_files = 1024
- 
-; Set max core size rlimit.
-; Possible Values: 'unlimited' or an integer greater or equal to 0
-; Default Value: system defined value
-;rlimit_core = 0
- 
-; Chroot to this directory at the start. This value must be defined as an
-; absolute path. When this value is not set, chroot is not used.
-; Note: you can prefix with '$prefix' to chroot to the pool prefix or one
-; of its subdirectories. If the pool prefix is not set, the global prefix
-; will be used instead.
-; Note: chrooting is a great security feature and should be used whenever 
-;       possible. However, all PHP paths will be relative to the chroot
-;       (error_log, sessions.save_path, ...).
-; Default Value: not set
-;chroot = 
- 
-; Chdir to this directory at the start.
-; Note: relative path can be used.
-; Default Value: current directory or / when chroot
-;chdir = /var/www
- 
-; Redirect worker stdout and stderr into main error log. If not set, stdout and
-; stderr will be redirected to /dev/null according to FastCGI specs.
-; Note: on highloaded environement, this can cause some delay in the page
-; process time (several ms).
-; Default Value: no
-;catch_workers_output = yes
-
-; Limits the extensions of the main script FPM will allow to parse. This can
-; prevent configuration mistakes on the web server side. You should only limit
-; FPM to .php extensions to prevent malicious users to use other extensions to
-; exectute php code.
-; Note: set an empty value to allow all extensions.
-; Default Value: .php
-;security.limit_extensions = .php .php3 .php4 .php5
- 
-; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
-; the current environment.
-; Default Value: clean env
 env[HOSTNAME] = $HOSTNAME
 env[PATH] = /usr/local/bin:/usr/bin:/bin
 env[TMP] = /tmp
@@ -470,26 +23,6 @@ env[TMPDIR] = /tmp
 env[TEMP] = /tmp
 env[VESTA] = $VESTA
 env[LANG] = en_US.UTF-8
-
-; Additional php.ini defines, specific to this pool of workers. These settings
-; overwrite the values previously defined in the php.ini. The directives are the
-; same as the PHP SAPI:
-;   php_value/php_flag             - you can set classic ini defines which can
-;                                    be overwritten from PHP call 'ini_set'. 
-;   php_admin_value/php_admin_flag - these directives won't be overwritten by
-;                                     PHP call 'ini_set'
-; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no.
-
-; Defining 'extension' will load the corresponding shared extension from
-; extension_dir. Defining 'disable_functions' or 'disable_classes' will not
-; overwrite previously defined php.ini values, but will append the new value
-; instead.
-
-; Note: path INI options can be relative and will be expanded with the prefix
-; (pool, global or /usr/local/vesta/php)
-
-; Default Value: nothing is defined by default except the values in php.ini and
-;                specified at startup with the -d argument
 php_flag[display_errors] = off
 php_admin_value[error_log] = /usr/local/vesta/log/fpm-php.log
 php_admin_flag[log_errors] = on

From 3933ca4cb4c0fe1181dabb045de7f35428d9392c Mon Sep 17 00:00:00 2001
From: Alexandros Ioannides 
Date: Fri, 29 Jun 2018 00:05:23 +0300
Subject: [PATCH 0168/2300] Typo fix

---
 install/vst-install-ubuntu.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/vst-install-ubuntu.sh b/install/vst-install-ubuntu.sh
index fdb95db3..ef4b7079 100755
--- a/install/vst-install-ubuntu.sh
+++ b/install/vst-install-ubuntu.sh
@@ -1098,7 +1098,7 @@ if [ "$clamd" = 'yes' ]; then
     /usr/bin/freshclam
     update-rc.d clamav-daemon defaults
     service clamav-daemon start
-    check_result $? "clamav-daeom start failed"
+    check_result $? "clamav-daemon start failed"
 fi
 
 

From 289ff88e4d498bfafa58cf1d6ed298be0114f249 Mon Sep 17 00:00:00 2001
From: pan93412 
Date: Thu, 5 Jul 2018 18:28:23 +0800
Subject: [PATCH 0169/2300] Update Chinese (Taiwan) Translation.

---
 web/inc/i18n/tw.php | 317 ++++++++++++++++++++++----------------------
 1 file changed, 160 insertions(+), 157 deletions(-)

diff --git a/web/inc/i18n/tw.php b/web/inc/i18n/tw.php
index 10b06aef..d35cba4a 100644
--- a/web/inc/i18n/tw.php
+++ b/web/inc/i18n/tw.php
@@ -4,10 +4,13 @@
  * This language file is translate by
  * Clark's Hosting Service (https://host.clark-chen.com)
  * Clark Chen (clark@clark-chen.com)
+ *
+ * Translation recheck by:
+ * pan93412 
  */
 $LANG['tw'] = array(
     'Packages'  => '方案設定',
-    'IP'  => 'IP管理',
+    'IP'  => 'IP 管理',
     'Graphs'  => '資源使用圖表',
     'Statistics'  => '統計資料',
     'Log'  => '系統紀錄',
@@ -29,7 +32,7 @@ $LANG['tw'] = array(
     'LOGIN'  => '登入',
     'RESET PASSWORD'  => '重設密碼',
     'SEARCH'  => '搜尋',
-    'PACKAGE'  => '套件',
+    'PACKAGE'  => '方案',
     'RRD'  => 'RRD',
     'STATS'  => '狀態',
     'LOG'  => '日誌',
@@ -41,7 +44,7 @@ $LANG['tw'] = array(
     'NETWORK'  => '網路',
     'Web Log Manager'  => 'Web 日誌管理員',
 
-    'no notifications'  => 'no notifications',
+    'no notifications'  => '沒有通知',
 
     'Add User'  => '新增使用者',
     'Add Domain'  => '新增網域',
@@ -54,7 +57,7 @@ $LANG['tw'] = array(
     'Add Cron Job'  => '新增任務排程',
     'Create Backup'  => '建立備份',
     'Configure'  => '設定',
-    'Restore All'  => '全部回復',
+    'Restore All'  => '全部還原',
     'Add Package'  => '新增方案',
     'Add IP'  => '新增 IP',
     'Add Rule' => '新增規則',
@@ -62,9 +65,9 @@ $LANG['tw'] = array(
     'Search'  => '搜尋',
     'Add one more FTP Account' => '新增 FTP 帳號',
     'Overall Statistics'  => '整理統計資料',
-    'Daily'  => '天',
-    'Weekly'  => '周',
-    'Monthly'  => '月',
+    'Daily'  => '每天',
+    'Weekly'  => '每週',
+    'Monthly'  => '每月',
     'Yearly'  => '每年',
     'Add'  => '新增',
     'Back'  => '返回',
@@ -79,16 +82,16 @@ $LANG['tw'] = array(
     'rebuild mail'  => '重建信箱',
     'rebuild db'  => '重建資料庫',
     'rebuild cron'  => '重建任務排程',
-    'update counters'  => '更新計數器',
-    'suspend'  => '封鎖',
-    'unsuspend'  => '解除封鎖',
+    'update counters' => '更新計數器',
+    'suspend'  => '暫停',
+    'unsuspend'  => '解除暫停',
     'delete'  => '刪除',
-    'show per user'  => '依照選擇的使用者',
+    'show per user'  => '依選擇的使用者',
     'login as'  => '登入帳號',
     'logout'  => '登出',
     'edit'  => '編輯',
     'open webstats'  => '開啟網站統計資料',
-    'view logs'  => '查看系統紀錄',
+    'view logs'  => '檢視系統紀錄',
     'list records'  => '列出 %s 紀錄',
     'add record'  => '新增紀錄',
     'list accounts'  => '列出 %s 帳號',
@@ -97,29 +100,29 @@ $LANG['tw'] = array(
     'list fail2ban' => '列出登入失敗遭封鎖名單',
     'open %s'  => '開啟 %s',
     'download'  => '下載',
-    'restore'  => '回復',
-    'configure restore settings'  => '配置回復設定',
+    'restore'  => '還原',
+    'configure restore settings'  => '配置還原設定',
     'stop'  => '停止',
     'start'  => '啟動',
     'restart'  => '重新啟動',
     'update'  => '更新',
     'generate'  => '產生',
     'Generate CSR' => '產生憑證簽署請求 (CSR)',
-    'reread IP' => '重新取得IP',
+    'reread IP' => '重新取得 IP',
     'enable autoupdate' => '啟用自動更新',
     'disable autoupdate' => '停用自動更新',
     'turn on notifications' => '啟用通知',
     'turn off notifications' => '停用通知',
-    'configure' => 'configure',
+    'configure' => '配置',
 
     'Adding User'  => '新增使用者',
     'Editing User'  => '編輯使用者',
     'Adding Domain'  => '新增網域',
     'Editing Domain'  => '編輯網域',
-    'Adding DNS Domain'  => '新增DNS網域',
-    'Editing DNS Domain'  => '編輯DNS網域',
-    'Adding DNS Record'  => '新增DNS紀錄',
-    'Editing DNS Record'  => '編輯DNS紀錄',
+    'Adding DNS Domain'  => '新增 DNS 網域',
+    'Editing DNS Domain'  => '編輯 DNS 網域',
+    'Adding DNS Record'  => '新增 DNS 紀錄',
+    'Editing DNS Record'  => '編輯 DNS 紀錄',
     'Adding Mail Domain'  => '新增信箱網域',
     'Editing Mail Domain'  => '編輯信箱網域',
     'Adding Mail Account'  => '新增信箱帳號',
@@ -130,10 +133,10 @@ $LANG['tw'] = array(
     'Editing Database'  => '編輯資料庫',
     'Adding Package'  => '新增方案',
     'Editing Package'  => '編輯方案',
-    'Adding IP address'  => '新增IP',
-    'Editing IP Address'  => '編輯IP',
+    'Adding IP address'  => '新增 IP',
+    'Editing IP Address'  => '編輯 IP',
     'Editing Backup Exclusions' => '編輯備份排除項目',
-    'Generating CSR' => '產生憑證簽署請求(CSR)中...',
+    'Generating CSR' => '產生憑證簽署請求 (CSR) 中...',
     'Listing'  => '列出',
     'Search Results'  => '搜尋結果',
     'Adding Firewall Rule' => '新增防火牆規則',
@@ -141,11 +144,11 @@ $LANG['tw'] = array(
     'Adding IP Address to Banlist' => '新增IP至黑名單',
 
     'active'  => '正常',
-    'spnd'  => '封鎖',
-    'suspended'  => '已封鎖',
+    'spnd'  => '暫停',
+    'suspended'  => '已暫停',
     'running'  => '執行中',
     'stopped'  => '已停止',
-    'outdated'  => '有新版本可升級',
+    'outdated'  => '有可升級的新版本',
     'updated'  => '已是最新版本',
 
     'yes'  => '是',
@@ -157,8 +160,8 @@ $LANG['tw'] = array(
     'mb'  => 'MB',
     'minute'  => '分鐘',
     'hour'  => '小時',
-    'day'  => '天',
-    'days'  => '天',
+    'day'  => '日',
+    'days'  => '日',
     'hours'  => '小時',
     'minutes'  => '分鐘',
     'month'  => '月',
@@ -169,15 +172,15 @@ $LANG['tw'] = array(
     'Mail'  => '信箱',
     'Databases'  => '資料庫',
     'User Directories'  => '使用者目錄',
-    'Template'  => '模板',
-    'Web Template'  => 'Apache 模板',
-    'Backend Template'  => 'Backend 模板',
-    'Proxy Template'  => 'Proxy 模板',
-    'DNS Template'  => 'DNS 模板',
+    'Template'  => '範本',
+    'Web Template'  => 'Apache 範本',
+    'Backend Template'  => 'Backend 範本',
+    'Proxy Template'  => 'Proxy 範本',
+    'DNS Template'  => 'DNS 範本',
     'Web Domains'  => '網站網域',
     'SSL Domains'  => 'SSL 網域',
     'Web Aliases'  => '網站子網域',
-    'per domain'  => '(每網域)',
+    'per domain'  => '(每個網域)',
     'DNS Domains'  => 'DNS 網域',
     'DNS domains'  => 'DNS 網域',
     'DNS records'   => 'DNS 紀錄',
@@ -191,7 +194,7 @@ $LANG['tw'] = array(
     'Backups'  => '備份',
     'Backup System'  => '備份系統',
     'backup exclusions' => '備份例外',
-    'template'  => '模板',
+    'template'  => '範本',
     'SSL Support'  => 'SSL 支援',
     'SSL Home Directory'  => 'SSL 主目錄',
     'Lets Encrypt Support'  => 'Lets Encrypt 支援',
@@ -206,11 +209,11 @@ $LANG['tw'] = array(
     'TTL'  => 'TTL',
     'Expire'  => '過期',
     'Records'  => '紀錄',
-    'Serial'  => 'Serial',
+    'Serial'  => '序列 (Serial)',
     'Catchall email'  => '收到所有郵件',
     'AntiVirus Support'  => '防毒支援',
     'AntiSpam Support'  => '防垃圾郵件支援',
-    'DKIM Support'  => 'DKIM支援',
+    'DKIM Support'  => 'DKIM 支援',
     'Accounts'  => '帳號',
     'Quota'  => '配額',
     'Autoreply'  => '自動回覆',
@@ -226,7 +229,7 @@ $LANG['tw'] = array(
     'SMTP security'  => 'SMTP 安全性',
     'SMTP auth method'  => 'SMTP 驗證方式',
     'STARTTLS'  => 'STARTTLS',
-    'Normal password'  => 'Normal password',
+    'Normal password'  => '普通密碼',
     'database'  => '資料庫',
     'User'  => '使用者',
     'Host'  => '主機',
@@ -248,16 +251,16 @@ $LANG['tw'] = array(
     'Users'  => '使用者',
     'Load Average'  => '平均負載量',
     'Memory Usage'  => '記憶體使用量',
-    'APACHE2 Usage'  => 'APACHE2 使用情形',
-    'HTTPD Usage'  => 'HTTPD 使用情形',
-    'NGINX Usage'  => 'NGINX 使用情形',
-    'MySQL Usage on localhost'  => '本機 MySQL 使用情形',
-    'PostgreSQL Usage on localhost'  => '本機 PostgreSQL 使用情形',
-    'Bandwidth Usage eth0'  => 'eth0 頻寬使用情形',
-    'Bandwidth Usage eth1'  => 'eth1 頻寬使用情形',
-    'Exim Usage'  => 'Exim 使用情形',
-    'FTP Usage'  => 'FTP 使用情形',
-    'SSH Usage'  => 'SSH 使用情形',
+    'APACHE2 Usage'  => 'APACHE2 使用量',
+    'HTTPD Usage'  => 'HTTPD 使用量',
+    'NGINX Usage'  => 'NGINX 使用量',
+    'MySQL Usage on localhost'  => '本機 MySQL 使用量',
+    'PostgreSQL Usage on localhost'  => '本機 PostgreSQL 使用量',
+    'Bandwidth Usage eth0'  => 'eth0 頻寬使用量',
+    'Bandwidth Usage eth1'  => 'eth1 頻寬使用量',
+    'Exim Usage'  => 'Exim 使用量',
+    'FTP Usage'  => 'FTP 使用量',
+    'SSH Usage'  => 'SSH 使用量',
     'reverse proxy'  => '反向代理伺服器',
     'web server'  => '網站伺服器',
     'dns server'  => 'DNS 伺服器',
@@ -274,12 +277,12 @@ $LANG['tw'] = array(
     'Memory'  => '記憶體',
     'Uptime'  => '已啟動時間',
     'core package'  => '核心系統',
-    'php interpreter'  => 'PHP解析',
+    'php interpreter'  => 'PHP 解析',
     'internal web server'  => '管理系統伺服器',
     'Version'  => '版本',
     'Release'  => '發佈號碼',
     'Architecture'  => '架構',
-    'Object'  => 'Object',
+    'Object'  => '物件',
     'Username'  => '使用者名稱',
     'Password'  => '密碼',
     'Email'  => '電子信箱',
@@ -288,7 +291,7 @@ $LANG['tw'] = array(
     'First Name'  => '名字',
     'Last Name'  => '姓氏',
     'Send login credentials to email address'  => '傳送登入資訊至使用者的信箱',
-    'Default Template'  => '預設模板',
+    'Default Template'  => '預設範本',
     'Default Name Servers'  => '預設域名伺服器',
     'Domain'  => '網域',
     'DNS Support'  => 'DNS 支援',
@@ -314,7 +317,7 @@ $LANG['tw'] = array(
     'IP or Value'  => 'IP 或值',
     'Priority'  => '優先順序',
     'Record Number' => '記錄編號',
-    'in megabytes'  => '以MB為單位',
+    'in megabytes'  => '以 MB 為單位',
     'Message'  => '訊息',
     'use local-part'  => '使用本地部分',
     'one or more email addresses'  => '一個或更多電子郵件信箱',
@@ -354,8 +357,8 @@ $LANG['tw'] = array(
     'charset'  => '編碼',
     'domain'  => '網域',
     'ip'  => 'IP',
-    'ip address'  => 'IP位置',
-    'IP address'  => 'IP位置',
+    'ip address'  => 'IP 位置',
+    'IP address'  => 'IP 位置',
     'netmask'  => '子網路遮罩',
     'interface'  => '介面卡',
     'assigned user'  => '指定使用者',
@@ -367,19 +370,19 @@ $LANG['tw'] = array(
     'last name'  => '姓氏',
     'account'  => '帳號',
     'ssl certificate'  => 'SSL 憑證',
-    'ssl key'  => 'SSL密鑰',
+    'ssl key'  => 'SSL 密鑰',
     'stats user password'  => '統計使用者帳號密碼',
     'stats username'  => '統計使用者名稱',
     'stats password'  => '統計密碼',
-    'ftp user password'  => 'FTP使用者帳號密碼',
-    'ftp user'  => 'FTP使用者',
-    'Last 70 lines of %s.%s.log' => '%s.%s.log 的最後70行',
+    'ftp user password'  => 'FTP 使用者帳號密碼',
+    'ftp user'  => 'FTP 使用者',
+    'Last 70 lines of %s.%s.log' => '%s.%s.log 的最後 70 行',
     'AccessLog' => '存取記錄',
     'ErrorLog' => '錯誤紀錄',
     'Download AccessLog' => '下載存取記錄',
     'Download ErrorLog' => '下載錯誤記錄',
     'Country' => '國家',
-    '2 letter code' => '國家簡碼(台灣是TW/香港是HK)',
+    '2 letter code' => '國家簡碼(台灣 TW、香港 HK)',
     'State / Province' => '州 / 省',
     'City / Locality' => '市 / 地區',
     'Organization' => '組織名稱',
@@ -388,8 +391,8 @@ $LANG['tw'] = array(
     'Port' => '連線埠',
     'Comment' => '備註',
     'Banlist' => '封鎖清單',
-    'ranges are acceptable' => 'ranges are acceptable',
-    'CIDR format is supported' => 'CIDR format is supported',
+    'ranges are acceptable' => '可接受陣列',
+    'CIDR format is supported' => '支援 CIDR 格式',
     'ACCEPT' => 'ACCEPT',
     'DROP' => 'DROP',
     'TCP' => 'TCP',
@@ -423,71 +426,71 @@ $LANG['tw'] = array(
     '%s databases'  => '%s 個資料庫',
     '1 cron job'  => '1 個任務排程',
     '%s cron jobs'  => '%s 個任務排程',
-    '1 archive'  => '1 壓縮',
-    '%s archives'  => '%s 壓縮',
+    '1 archive'  => '1 個壓縮',
+    '%s archives'  => '%s 個壓縮',
     '1 item'  => '1 個項目',
     '%s items'  => '%s 個項目',
     '1 package'  => '1 種方案',
-    '%s packages'  => '%s 整方案',
+    '%s packages'  => '%s 種方案',
     '1 IP address'  => '1 個 IP 位置',
     '%s IP addresses'  => '%s 個 IP 位置',
-    '1 month'  => '1 月',
-    '%s months'  => '%s 月',
-    '1 log record'  => '1 系統記錄',
-    '%s log records'  => '%s 系統記錄',
+    '1 month'  => '1 個月',
+    '%s months'  => '%s 個月',
+    '1 log record'  => '1 筆系統記錄',
+    '%s log records'  => '%s 筆系統記錄',
     '1 object'  => '1 個物件',
     '%s objects'  => '%s 個物件',
     'no exclusions' => '取消排除',
     '1 rule' => '1 條規則',
     '%s rules' => '%s 條規則',
-    'There are no currently banned IP' => '目前沒有任何已封鎖的IP',
+    'There are no currently banned IP' => '目前沒有任何已封鎖的 IP',
 
-    'USER_CREATED_OK'  => '使用者 %s has been 已加入成功!',
-    'WEB_DOMAIN_CREATED_OK'  => '網域 %s 已加入成功!',
-    'DNS_DOMAIN_CREATED_OK'  => 'DNS網域 %s 已加入成功!',
-    'DNS_RECORD_CREATED_OK'  => '記錄 %s.%s 已加入成功!',
-    'MAIL_DOMAIN_CREATED_OK'  => '信箱網域 %s 已加入成功!',
-    'MAIL_ACCOUNT_CREATED_OK'  => '信箱帳號 %s@%s 已加入成功!',
-    'DATABASE_CREATED_OK'  => '資料庫 %s 已加入成功!',
-    'CRON_CREATED_OK'  => '任務排程 已加入成功!',
-    'IP_CREATED_OK'  => 'IP位置 %s 已加入成功!',
-    'PACKAGE_CREATED_OK'  => '方案 %s 已加入成功!',
-    'SSL_GENERATED_OK' => '已成功產生 SSL 憑證!',
-    'RULE_CREATED_OK' => '已成功加入規則!',
+    'USER_CREATED_OK'  => '使用者 %s has been 已加入成功！',
+    'WEB_DOMAIN_CREATED_OK'  => '網域 %s 已加入成功！',
+    'DNS_DOMAIN_CREATED_OK'  => 'DNS 網域 %s 已加入成功！',
+    'DNS_RECORD_CREATED_OK'  => '記錄 %s.%s 已加入成功！',
+    'MAIL_DOMAIN_CREATED_OK'  => '信箱網域 %s 已加入成功！',
+    'MAIL_ACCOUNT_CREATED_OK'  => '信箱帳號 %s@%s 已加入成功！',
+    'DATABASE_CREATED_OK'  => '資料庫 %s 已加入成功！',
+    'CRON_CREATED_OK'  => '任務排程 已加入成功！',
+    'IP_CREATED_OK'  => 'IP 位置 %s 已加入成功！',
+    'PACKAGE_CREATED_OK'  => '方案 %s 已加入成功！',
+    'SSL_GENERATED_OK' => '已成功產生 SSL 憑證！',
+    'RULE_CREATED_OK' => '已成功加入規則！',
     'BANLIST_CREATED_OK' => 'IP 位置已經成功封鎖',
-    'Autoupdate has been successfully enabled' => '自動更新已成功啟動',
-    'Autoupdate has been successfully disabled' => '自動更新已成功關閉',
-    'Cronjob email reporting has been successfully enabled' => '任務排程 電子郵件回報已成功啟動',
-    'Cronjob email reporting has been successfully disabled' => '任務排程 電子郵件回報已成功關閉',
-    'Changes has been saved.'  => '已儲存更改',
+    'Autoupdate has been successfully enabled' => '「自動更新」已成功啟動',
+    'Autoupdate has been successfully disabled' => '「自動更新」已成功關閉',
+    'Cronjob email reporting has been successfully enabled' => '「任務排程電子郵件回報」已成功啟動',
+    'Cronjob email reporting has been successfully disabled' => '「任務排程電子郵件回報」已成功關閉',
+    'Changes has been saved.'  => '已儲存變更',
     'Confirmation'  => '確認',
-    'DELETE_USER_CONFIRMATION' => '確定要刪除使用者 %s 嗎?',
-    'SUSPEND_USER_CONFIRMATION' => '確定要封鎖使用者 %s 嗎?',
-    'UNSUSPEND_USER_CONFIRMATION' => '確定要解除封鎖使用者 %s 嗎?',
-    'DELETE_DOMAIN_CONFIRMATION' => '確定要刪除網域 %s 嗎?',
-    'SUSPEND_DOMAIN_CONFIRMATION' => '確定要封鎖網域 %s 嗎?',
-    'UNSUSPEND_DOMAIN_CONFIRMATION' => '確定要解除封鎖網域 %s 嗎?',
-    'DELETE_RECORD_CONFIRMATION' => '確定要刪除記錄 %s 嗎?',
-    'SUSPEND_RECORD_CONFIRMATION' => '確定要封鎖記錄 %s 嗎?',
-    'UNSUSPEND_RECORD_CONFIRMATION' => '確定要解除封鎖紀錄 %s 嗎?',
-    'DELETE_MAIL_ACCOUNT_CONFIRMATION' => '確定要刪除 %s 嗎?',
-    'SUSPEND_MAIL_ACCOUNT_CONFIRMATION' => '確定要封鎖 %s 嗎?',
-    'UNSUSPEND_MAIL_ACCOUNT_CONFIRMATION' => '確定要解除封鎖 %s 嗎?',
-    'DELETE_DATABASE_CONFIRMATION' => '確定要刪除資料庫 %s 嗎?',
-    'SUSPEND_DATABASE_CONFIRMATION' => '確定要封鎖資料庫 %s 嗎?',
-    'UNSUSPEND_DATABASE_CONFIRMATION' => '確定要解除封鎖資料庫 %s 嗎?',
-    'DELETE_CRON_CONFIRMATION' => '確定要刪除 任務排程嗎?',
-    'SUSPEND_CRON_CONFIRMATION' => '確定要封鎖 任務排程嗎?',
-    'UNSUSPEND_CRON_CONFIRMATION' => '確定要解除封鎖 任務排程嗎?',
-    'DELETE_BACKUP_CONFIRMATION'  => '確定要刪除 %s 備份嗎?',
-    'DELETE_EXCLUSION_CONFIRMATION' => '確定要刪除 %s 例外嗎?',
-    'DELETE_PACKAGE_CONFIRMATION'  => '確定要方案 %s 嗎?',
-    'DELETE_IP_CONFIRMATION'  => '確定要刪除IP地址 %s 嗎?',
-    'DELETE_RULE_CONFIRMATION' => '確定要刪除規則 #%s 嗎?',
-    'SUSPEND_RULE_CONFIRMATION' => '確定要封鎖規則  #%s 嗎?',
-    'UNSUSPEND_RULE_CONFIRMATION' => '確定要解除封鎖規則 #%s 嗎?',
-    'LEAVE_PAGE_CONFIRMATION' => '離開?',
-    'RESTART_CONFIRMATION' => '確定要重新啟動 %s 嗎?',
+    'DELETE_USER_CONFIRMATION' => '確定要刪除使用者 %s 嗎？',
+    'SUSPEND_USER_CONFIRMATION' => '確定要暫停使用者 %s 嗎？',
+    'UNSUSPEND_USER_CONFIRMATION' => '確定要解除暫停使用者 %s 嗎？',
+    'DELETE_DOMAIN_CONFIRMATION' => '確定要刪除網域 %s 嗎？',
+    'SUSPEND_DOMAIN_CONFIRMATION' => '確定要暫停網域 %s 嗎？',
+    'UNSUSPEND_DOMAIN_CONFIRMATION' => '確定要解除暫停網域 %s 嗎？',
+    'DELETE_RECORD_CONFIRMATION' => '確定要刪除記錄 %s 嗎？',
+    'SUSPEND_RECORD_CONFIRMATION' => '確定要暫停記錄 %s 嗎？',
+    'UNSUSPEND_RECORD_CONFIRMATION' => '確定要解除暫停紀錄 %s 嗎？',
+    'DELETE_MAIL_ACCOUNT_CONFIRMATION' => '確定要刪除 %s 嗎？',
+    'SUSPEND_MAIL_ACCOUNT_CONFIRMATION' => '確定要暫停 %s 嗎？',
+    'UNSUSPEND_MAIL_ACCOUNT_CONFIRMATION' => '確定要解除暫停 %s 嗎？',
+    'DELETE_DATABASE_CONFIRMATION' => '確定要刪除資料庫 %s 嗎？',
+    'SUSPEND_DATABASE_CONFIRMATION' => '確定要暫停資料庫 %s 嗎？',
+    'UNSUSPEND_DATABASE_CONFIRMATION' => '確定要解除暫停資料庫 %s 嗎？',
+    'DELETE_CRON_CONFIRMATION' => '確定要刪除 任務排程嗎？',
+    'SUSPEND_CRON_CONFIRMATION' => '確定要暫停 任務排程嗎？',
+    'UNSUSPEND_CRON_CONFIRMATION' => '確定要解除暫停 任務排程嗎？',
+    'DELETE_BACKUP_CONFIRMATION'  => '確定要刪除 %s 備份嗎？',
+    'DELETE_EXCLUSION_CONFIRMATION' => '確定要刪除 %s 例外嗎？',
+    'DELETE_PACKAGE_CONFIRMATION'  => '確定要刪除方案 %s 嗎？',
+    'DELETE_IP_CONFIRMATION'  => '確定要刪除 IP 地址 %s 嗎？',
+    'DELETE_RULE_CONFIRMATION' => '確定要刪除規則 #%s 嗎？',
+    'SUSPEND_RULE_CONFIRMATION' => '確定要暫停規則  #%s 嗎？',
+    'UNSUSPEND_RULE_CONFIRMATION' => '確定要解除暫停規則 #%s 嗎？',
+    'LEAVE_PAGE_CONFIRMATION' => '確定離開嗎？',
+    'RESTART_CONFIRMATION' => '確定要重新啟動 %s 嗎？',
     'Welcome'  => '歡迎',
     'LOGGED_IN_AS'  => '以使用者身份 %s 登入',
     'Error'  => '錯誤',
@@ -495,20 +498,20 @@ $LANG['tw'] = array(
     'Invalid username or code'  => '無效的使用者名稱或驗證碼.',
     'Passwords not match'  => '密碼錯誤',
     'Please enter valid email address.'  => '請輸入正確的信箱',
-    'Field "%s" can not be blank.'  => '"%s" 不能為空白',
-    'Password is too short.'  => '密碼太短',
-    'Error code:'  => '錯誤代碼: %s',
+    'Field "%s" can not be blank.'  => '"%s" 欄位不能空白',
+    'Password is too short.'  => '密碼太短。',
+    'Error code:'  => '錯誤代碼：%s',
     'SERVICE_ACTION_FAILED'  => '"%s" "%s" 失敗',
     'IP address is in use' => 'IP 位置正在使用中',
     'BACKUP_SCHEDULED'  => '您的要求已加入隊列中，備份完成後會再以電子郵件通知您',
-    'BACKUP_EXISTS'  => '已經有一個備份正在執行中，請等待備份完成後再操作',
-    'RESTORE_SCHEDULED'  => '您的要求已加入隊列中，回復完成後會再以電子郵件通知您',
-    'RESTORE_EXISTS'  => '已經有一個回復正在執行中，請等待備份完成後再操作',
+    'BACKUP_EXISTS'  => '已經有一個備份正在執行中，請等待備份完成後再動作',
+    'RESTORE_SCHEDULED'  => '您的要求已加入隊列中，還原完成後會再以電子郵件通知您',
+    'RESTORE_EXISTS'  => '已經有一個還原正在執行中，請等待備份完成後再動作',
 
-    'WEB_EXCLUSIONS' => '輸入網域名稱，每行一個網域。如要排除備份所有網域請使用*。排除特定的資料夾請依照這個格式: Example.com:public_html/cache:public_html/tmp',
-    'DNS_EXCLUSIONS' => '輸入網域名稱，每行一個網域。如要排除備份所有網域請使用*',
-    'MAIL_EXCLUSIONS' => '輸入網域名稱，每行一個網域。如要排除備份所有網域請使用*。要排除特定使用者請依照這個格式: Example.com:info:support:postmaster',
-    'DB_EXCLUSIONS' => '輸入完整資料庫名城，每行一個資料庫。如要排除備份所有資料庫請使用*',
+    'WEB_EXCLUSIONS' => '輸入網域名稱，每行一個網域。如要排除備份所有網域請使用「*」。排除特定的資料夾請依照這個格式：Example.com:public_html/cache:public_html/tmp',
+    'DNS_EXCLUSIONS' => '輸入網域名稱，每行一個網域。如要排除備份所有網域請使用「*」',
+    'MAIL_EXCLUSIONS' => '輸入網域名稱，每行一個網域。如要排除備份所有網域請使用「*」。要排除特定使用者請依照這個格式：Example.com:info:support:postmaster',
+    'DB_EXCLUSIONS' => '輸入完整資料庫名城，每行一個資料庫。如要排除備份所有資料庫請使用「*」',
     'CRON_EXCLUSIONS' => '要排除備份所有任務排程請使用*',
     'USER_EXCLUSIONS' => '輸入要排除備份的資料夾名稱，每行一個資料夾。如要排除備份所有資料夾請使用*',
 
@@ -516,13 +519,13 @@ $LANG['tw'] = array(
     'MAIL_FROM'  => 'Vesta 管理系統 ',
     'GREETINGS_GORDON_FREEMAN' => "您好, %s %s,\n",
     'GREETINGS' => "您好,\n",
-    'ACCOUNT_READY' => "您的帳號已成功建立，並可以開始使用了!\n\nhttps://%s/login/\n使用者名稱: %s\n密碼: %s\n\n--\nVesta Control Panel\n",
+    'ACCOUNT_READY' => "您的帳號已成功建立，並可以開始使用了！\n\nhttps://%s/login/\n使用者名稱：%s\n密碼：%s\n\n--\nVesta Control Panel\n",
 
     'FTP login credentials'  => 'FTP 登入資料',
-    'FTP_ACCOUNT_READY' => "FTP帳號已成功建立，並可以開始使用了!\n\n主機名稱: %s\n使用者名稱: %s_%s\n密碼: %s\n\n--\nVesta Control Panel\n",
+    'FTP_ACCOUNT_READY' => "FTP 帳號已成功建立，並可以開始使用了！\n\n主機名稱：%s\n使用者名稱：%s_%s\n密碼：%s\n\n--\nVesta Control Panel\n",
 
     'Database Credentials'  => '資料庫 登入資料',
-    'DATABASE_READY' => "資料庫已加入成功!\n\n資料庫名稱: %s\n使用者名稱: %s\n密碼: %s\n%s\n\n--\nVesta Control Panel\n",
+    'DATABASE_READY' => "資料庫已加入成功！\n\n資料庫名稱：%s\n使用者名稱：%s\n密碼：%s\n%s\n\n--\nVesta Control Panel\n",
 
     'forgot password'  => '忘記密碼',
     'Confirm'  => '確認',
@@ -531,22 +534,22 @@ $LANG['tw'] = array(
     'Reset'  => '重設',
     'Reset Code'  => '重設代碼',
     'RESET_NOTICE'  => '',
-    'RESET_CODE_SENT'  => '密買重設代碼已發送到您的信箱
',
-    'MAIL_RESET_SUBJECT'  => '密碼重置在 %s',
-    'PASSWORD_RESET_REQUEST' => "重置密碼請點擊連結:\nhttps://%s/reset/?action=confirm&user=%s&code=%s\n\n或者您可以到 https://%s/reset/?action=code&user=%s 輸入密碼重設代碼:\n%s\n\n如果您沒有要求重設密碼，請忽略此郵件\n\n—\nVesta Control Panel\n",
+    'RESET_CODE_SENT'  => '密碼重設代碼已傳送到您的信箱
',
+    'MAIL_RESET_SUBJECT'  => '密碼重設在 %s',
+    'PASSWORD_RESET_REQUEST' => "重設密碼請點擊連結：\nhttps://%s/reset/?action=confirm&user=%s&code=%s\n\n或者您可以到 https://%s/reset/?action=code&user=%s 輸入密碼重設代碼：\n%s\n\n如果您沒有要求重設密碼，請忽略此郵件\n\n—\nVesta Control Panel\n",
 
-    'Jan' => '1月',
-    'Feb' => '2月',
-    'Mar' => '3月',
-    'Apr' => '4月',
-    'May' => '5月',
-    'Jun' => '6月',
-    'Jul' => '7月',
-    'Aug' => '8月',
-    'Sep' => '9月',
-    'Oct' => '10月',
-    'Nov' => '11月',
-    'Dec' => '12月',
+    'Jan' => '一月',
+    'Feb' => '二月',
+    'Mar' => '三月',
+    'Apr' => '四月',
+    'May' => '五月',
+    'Jun' => '六月',
+    'Jul' => '七月',
+    'Aug' => '八月',
+    'Sep' => '九月',
+    'Oct' => '十月',
+    'Nov' => '十一月',
+    'Dec' => '十二月',
 
     'Configuring Server' => '設定主機',
     'Hostname' => '主機名稱',
@@ -555,7 +558,7 @@ $LANG['tw'] = array(
     'Proxy Server' => 'Proxy 伺服器',
     'Web Server' => 'Web 伺服器',
     'Backend Server' => 'Backend 伺服器',
-    'Backend Pool Mode' => 'Backend Pool Mode',
+    'Backend Pool Mode' => 'Backend 池模式',
     'DNS Server' => 'DNS 伺服器',
     'DNS Cluster' => 'DNS 叢集',
     'MAIL Server' => 'MAIL 伺服器',
@@ -583,9 +586,9 @@ $LANG['tw'] = array(
     'Template Manager' => '模組管理員',
     'Backup Migration Manager' => '備份轉移管理員',
     'FileManager' => '檔案管理員',
-    'show: CPU / MEM / NET / DISK' => '顯示: 處理器 / 記憶體 / 網路 / 硬碟',
+    'show: CPU / MEM / NET / DISK' => '顯示：處理器 / 記憶體 / 網路 / 硬碟',
 
-    'sort by' => '排序按照',
+    'sort by' => '排序依',
     'Date' => '日期',
     'Starred' => '加註星號',
     'Name' => '名稱',
@@ -608,8 +611,8 @@ $LANG['tw'] = array(
     'ARCHIVE' => '壓縮',
     'EXTRACT' => '解壓縮',
     'DOWNLOAD' => '下載',
-    'Are you sure?' => '確定嗎?',
-    'Hit' => 'Hit',
+    'Are you sure?' => '確定嗎？',
+    'Hit' => '點擊',
     'to reload the page' => '重新整理頁面',
     'Directory name cannot be empty' => '資料夾名稱不能為空白',
     'File name cannot be empty' => '檔案名稱不能為空白',
@@ -661,18 +664,18 @@ $LANG['tw'] = array(
     'Cancel saving form' => '不要儲存設定',
     'Go to USER list' => '回到使用者列表',
     'Go to WEB list' => '回到網站列表',
-    'Go to DNS list' => '回到DNS列表',
+    'Go to DNS list' => '回到 DNS 列表',
     'Go to MAIL list' => '回到郵件列表',
     'Go to DB list' => '回到資料庫列表',
     'Go to CRON list' => '回到任務排程列表',
     'Go to BACKUP list' => '回到備份列表',
     'Focus on search' => '搜尋',
     'Display/Close shortcuts' => '顯示/關閉 快捷鍵列表',
-    'Move backward through top menu' => '在頂置選單中向左移動',
-    'Move forward through top menu' => '在頂置選單中向右移動',
+    'Move backward through top menu' => '在頂部選單中向左移動',
+    'Move forward through top menu' => '在頂部選單中向右移動',
     'Enter focused element' => '進入選擇的選項',
-    'Move up through elements list' => '往上查看列表',
-    'Move down through elements list' => '往下查看列表',
+    'Move up through elements list' => '往上檢視列表',
+    'Move down through elements list' => '往下檢視列表',
 
     'Upload' => '上傳',
     'New File' => '新增檔案',
@@ -705,13 +708,13 @@ $LANG['tw'] = array(
     'Disable and Cancel Licence' => '刪除並且取消授權',
     'Licence Activated' => '授權已啟用',
     'Licence Deactivated' => '授權已停用',
-    'Restrict users so that they cannot use SSH and access only their home directory.' => '禁止使用者使用SSH，並且只能存取他們自己的資料夾',
-    'Browse, copy, edit, view, and retrieve all of your web domain files using fully featured File Manager.' => '瀏覽、複製、編輯、存取你所有的網站資料使用全能的檔案管理員',
+    'Restrict users so that they cannot use SSH and access only their home directory.' => '禁止使用者使用 SSH，並且只能存取他們自己的資料夾',
+    'Browse, copy, edit, view, and retrieve all of your web domain files using fully featured File Manager.' => '使用全能的檔案管理員瀏覽、複製、編輯、存取你所有的網站資料',
     'This is a commercial module, you would need to purchace license key to enable it.' => '這是一個付費模組，您需要購買授權金鑰才能啟用它。',
 
-    'Minutes' => '分',
+    'Minutes' => '分鐘',
     'Hourly' => '小時',
-    'Run Command' => '執行命令',
+    'Run Command' => '執行指令',
     'every month' => '每月',
     'every odd month' => '奇數月',
     'every even month' => '偶數月',
@@ -737,7 +740,7 @@ $LANG['tw'] = array(
     'webalizer' => 'webalizer',
     'awstats' => 'awstats',
 
-    'Vesta SSL' => 'Vesta後台 SSL',
+    'Vesta SSL' => 'Vesta 後台 SSL',
     'SUBJECT' => '主體名稱',
     'ALIASES' => '主體別名',
     'NOT_BEFORE' => '有效期自',
@@ -753,5 +756,5 @@ $LANG['tw'] = array(
     'No encryption' => '不加密',
     'Do not use encryption' => '不要使用加密',
 
-    'maximum characters length, including prefix' => '最多 %s 字元(包含前綴)',
+    'maximum characters length, including prefix' => '最多 %s 字元 (包含前綴)',
 );

From f80e6c8df88a12099266a6dfc72f93573a3b7d87 Mon Sep 17 00:00:00 2001
From: Hoto Cocoa 
Date: Tue, 10 Jul 2018 00:09:08 +0900
Subject: [PATCH 0170/2300] Improve korean i18n

---
 web/inc/i18n/ko.php | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/web/inc/i18n/ko.php b/web/inc/i18n/ko.php
index 5c98950f..3a21ad4a 100644
--- a/web/inc/i18n/ko.php
+++ b/web/inc/i18n/ko.php
@@ -59,7 +59,7 @@ $LANG['ko'] = array(
     'Add Rule' => '규칙 추가',
     'Ban IP Address' => 'IP 주소 차단',
     'Search'  => '검색',
-    'Add one more FTP Account' => 'FTP 계정을 하나 추가하기',
+    'Add one more FTP Account' => 'FTP 계정을 추가하기',
     'Overall Statistics'  => '전체 통계',
     'Daily'  => '매일',
     'Weekly'  => '매주',
@@ -70,7 +70,7 @@ $LANG['ko'] = array(
     'Save'  => '저장',
     'Submit'  => '등록',
 
-    'toggle all'  => '모두 활성화',
+    'toggle all'  => '모두 선택',
     'apply to selected'  => '선택된 것에 적용',
     'rebuild'  => '리빌드',
     'rebuild web'  => '웹 리빌드',
@@ -522,7 +522,7 @@ $LANG['ko'] = array(
     'Database Credentials'  => '데이터베이스 정보',
     'DATABASE_READY' => "데이터베이스가 성공적으로 생성되었습니다.\n\데이터베이스: %s\n사용자: %s\n비밀번호: %s\n\n--\nVesta 제어판\n",
 
-    'forgot password'  => '비밀번호 잊기',
+    'forgot password'  => '비밀번호 잊음',
     'Confirm'  => '확인',
     'New Password'  => '새 비밀번호',
     'Confirm Password'  => '비밀번호 확인',
@@ -531,7 +531,7 @@ $LANG['ko'] = array(
     'RESET_NOTICE'  => '',
     'RESET_CODE_SENT'  => '비밀번호 초기화 코드가 이메일 주소로 전송되었습니다
',
     'MAIL_RESET_SUBJECT'  => '%s에서의 비밀번호 초기화',
-    'PASSWORD_RESET_REQUEST' => "제어판 비밀번호를 초기화 하기 위해서, 다음의 링크로 접속해주세요:\nhttps://%s/reset/?action=confirm&user=%s&code=%s\n\n또는, 다음의 주소로 가주시고 https://%s/reset/?action=code&user=%s 다음의 초기화 코드를 입력해주세요:\n%s\n\n만약 비밀번호 초기화를 요청하지 않으셨다면, 이 메시지를 무시해주세요.\n\n--\nVesta 제어판\n",
+    'PASSWORD_RESET_REQUEST' => "제어판 비밀번호를 초기화 하기 위해서, 다음의 링크로 접속해주세요:\nhttps://%s/reset/?action=confirm&user=%s&code=%s\n\n또는, 다음의 주소로 간 뒤 https://%s/reset/?action=code&user=%s 다음의 초기화 코드를 입력해주세요:\n%s\n\n만약 비밀번호 초기화를 요청하지 않으셨다면, 이 메시지를 무시해주세요.\n\n--\nVesta 제어판\n",
 
     'Jan' => '1월',
     'Feb' => '2월',
@@ -557,15 +557,15 @@ $LANG['ko'] = array(
     'DNS Server' => 'DNS 서버',
     'DNS Cluster' => 'DNS 클러스터',
     'MAIL Server' => 'MAIL 서버',
-    'Antivirus' => '안티바이러스',
-    'AntiSpam' => '안티스팸',
+    'Antivirus' => '바이러스 필터링',
+    'AntiSpam' => '스팸 필터링',
     'Webmail URL' => '웹메일 주소',
     'MySQL Support' => 'MySQL 지원',
     'phpMyAdmin URL' => 'phpMyAdmin 주소',
     'PostgreSQL Support' => 'PostgreSQL 지원',
     'phpPgAdmin URL' => 'phpPgAdmin 주소',
-    'Maximum Number Of Databases' => '최대 데이터베이스 숫자',
-    'Current Number Of Databases' => '현재 데이터베이스 숫자',
+    'Maximum Number Of Databases' => '최대 데이터베이스 개수',
+    'Current Number Of Databases' => '현재 데이터베이스 개수',
     'Local backup' => '로컬 백업',
     'Compression level' => '압축 수준',
     'Directory' => '폴더',
@@ -633,8 +633,8 @@ $LANG['ko'] = array(
     'Delete items' => '항목 삭제',
     'Copy files' => '항목 복사',
     'Move files' => '항목 이동',
-    'Are you sure you want to copy' => '정말 복사하시겠습니까?',
-    'Are you sure you want to move' => '정말 이동하시겠습니까?',
+    'Are you sure you want to copy' => '정말 복사하시겠습니까',
+    'Are you sure you want to move' => '정말 이동하시겠습니까',
     'Are you sure you want to delete' => '정말 삭제하시겠습니까',
     'into' => '안에',
     'existing files will be replaced' => '존재하는 파일들은 대체 될 것입니다',

From fd88749791aad96123efd2101b913dbe504d5f0d Mon Sep 17 00:00:00 2001
From: Hoto Cocoa 
Date: Wed, 11 Jul 2018 23:42:16 +0900
Subject: [PATCH 0171/2300] Fix typo

---
 web/inc/i18n/ko.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/inc/i18n/ko.php b/web/inc/i18n/ko.php
index 3a21ad4a..a81db461 100644
--- a/web/inc/i18n/ko.php
+++ b/web/inc/i18n/ko.php
@@ -322,7 +322,7 @@ $LANG['ko'] = array(
     'Minute'  => '분',
     'Command'  => '명령어',
     'Package Name'  => '패키지 이름',
-    'Netmask'  => '넷마슴크',
+    'Netmask'  => '넷마크',
     'Interface'  => '인터페이스',
     'Shared'  => '공유된',
     'Assigned user'  => '부여 된 사용자',

From 07a7c90cf6634c130b6df4005c6c339b02e6333d Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Fri, 13 Jul 2018 15:27:10 +0300
Subject: [PATCH 0172/2300] chkconfig firewalld off

---
 install/vst-install-rhel.sh | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/install/vst-install-rhel.sh b/install/vst-install-rhel.sh
index e529ff65..1ecd2235 100755
--- a/install/vst-install-rhel.sh
+++ b/install/vst-install-rhel.sh
@@ -671,6 +671,8 @@ fi
 
 # Disabling iptables
 service iptables stop
+service firewalld stop >/dev/null 2>&1
+
 
 # Configuring NTP synchronization
 echo '#!/bin/sh' > /etc/cron.daily/ntpdate
@@ -1273,6 +1275,7 @@ ip=$(ip addr|grep 'inet '|grep global|head -n1|awk '{print $2}'|cut -f1 -d/)
 
 # Configuring firewall
 if [ "$iptables" = 'yes' ]; then
+    chkconfig firewalld off >/dev/null 2>&1
     $VESTA/bin/v-update-firewall
 fi
 

From 79e34f240b02d5b9d3ac86565710efd710ffb2cb Mon Sep 17 00:00:00 2001
From: myrevery 
Date: Sun, 15 Jul 2018 16:33:32 +0800
Subject: [PATCH 0173/2300] Update cn.php

Refine some details.
---
 web/inc/i18n/cn.php | 28 ++++++++++++++--------------
 1 file changed, 14 insertions(+), 14 deletions(-)

diff --git a/web/inc/i18n/cn.php b/web/inc/i18n/cn.php
index 9d58b381..d47587db 100644
--- a/web/inc/i18n/cn.php
+++ b/web/inc/i18n/cn.php
@@ -98,7 +98,7 @@ $LANG['cn'] = array(
     'list accounts'  => '列出 %s 个账户',
     'add account'  => '添加账户',
     'open webmail'  => '打开网页邮箱',
-    'list fail2ban' => 'fail2ban 封锁名单',
+    'list fail2ban' => 'Fail2ban 封锁名单',
     'open %s'  => '打开 %s',
     'download'  => '下载',
     'restore'  => '恢复',
@@ -136,7 +136,7 @@ $LANG['cn'] = array(
     'Editing Package'  => '编辑方案',
     'Adding IP address'  => '添加IP地址',
     'Editing IP Address'  => '编辑IP地址',
-    'Editing Backup Exclusions' => '配置备份排除项目',
+    'Editing Backup Exclusions' => '配置排除的备份项目',
     'Generating CSR' => '生成CSR',
     'Listing'  => '列出',
     'Search Results'  => '搜索结果',
@@ -175,7 +175,7 @@ $LANG['cn'] = array(
     'User Directories' => '用户目录',
     'Template' => '模板',
     'Web Template' => 'Web模板',
-    'Backend Template' => 'Backend模板',
+    'Backend Template' => '后端模板',
     'Proxy Template' => '代理模板',
     'DNS Template' => 'DNS模板',
     'Web Domains' => '网站域名',
@@ -194,15 +194,15 @@ $LANG['cn'] = array(
     'IP Addresses' => 'IP地址',
     'Backups' => '备份',
     'Backup System' => '备份系统',
-    'backup exclusions' => '备份排除项目',
+    'backup exclusions' => '排除的备份项目',
     'template' => '模板',
     'SSL Support' => '启用SSL',
     'SSL Home Directory' => 'SSL站点主目录',
     'Lets Encrypt Support'  => '采用 Let's Encrypt',
     'Lets Encrypt'  => 'Let's Encrypt',
-    'Your certificate will be automatically issued in 5 minutes' => '证书将在5分钟内自动签发完成',
+    'Your certificate will be automatically issued in 5 minutes' => '证书将在5分钟内自动完成签发',
     'Proxy Support' => '反向代理',
-    'Proxy Extensions' => '代理的文件扩展名',
+    'Proxy Extensions' => '需代理的文件扩展名',
     'Web Statistics' => '网站统计',
     'Additional FTP Account' => '额外的FTP账户',
     'Path'  => '路径',
@@ -274,7 +274,7 @@ $LANG['cn'] = array(
     'ftp server'  => 'FTP服务',
     'job scheduler'  => '执行定时任务',
     'firewall'  => '防火墙服务',
-    'brute-force monitor'  => '监控暴力破解',
+    'brute-force monitor'  => '防范暴力攻击',
     'CPU'  => 'CPU',
     'Memory'  => '内存',
     'Uptime'  => '已运行时间',
@@ -442,7 +442,7 @@ $LANG['cn'] = array(
     '%s log records'  => '%s 条日志记录',
     '1 object'  => '1 个对象',
     '%s objects'  => '%s 个对象',
-    'no exclusions' => '未排除',
+    'no exclusions' => '没有被排除的项目',
     '1 rule' => '1 条规则',
     '%s rules' => '%s 条规则',
     'There are no currently banned IP' => '目前没有被封锁的IP地址',
@@ -559,8 +559,8 @@ $LANG['cn'] = array(
     'Default Language' => '默认语言',
     'Proxy Server' => '代理服务器',
     'Web Server' => 'Web 服务器',
-    'Backend Server' => 'Backend 服务器',
-    'Backend Pool Mode' => 'Backend Pool 模式',
+    'Backend Server' => '后端服务器',
+    'Backend Pool Mode' => '后端池模式',
     'DNS Server' => 'DNS 服务器',
     'DNS Cluster' => 'DNS 集群',
     'MAIL Server' => '邮箱服务器',
@@ -595,7 +595,7 @@ $LANG['cn'] = array(
     'Starred' => '星标',
     'Name' => '名称',
 
-    'save to favorites' => '收藏加星',
+    'save to favorites' => '添加星标',
 
     'File Manager' => '文件管理',
     'size' => '大小',
@@ -635,8 +635,8 @@ $LANG['cn'] = array(
     'Create' => '创建',
     'Compress' => '压缩',
     'OK' => '确定',
-    'YOU ARE COPYING' => 'YOU ARE COPYING',
-    'YOU ARE REMOVING' => 'YOU ARE REMOVING',
+    'YOU ARE COPYING' => '你正在复制',
+    'YOU ARE REMOVING' => '你正在移除',
     'Delete items' => '删除这些项目',
     'Copy files' => '复制这些文件',
     'Move files' => '移动这些文件',
@@ -746,7 +746,7 @@ $LANG['cn'] = array(
     'SUBJECT' => '颁发给',
     'ALIASES' => '可选名称',
     'NOT_BEFORE' => '有效期从',
-    'NOT_AFTER' => '有效期到',
+    'NOT_AFTER' => '有效期至',
     'SIGNATURE' => '签名算法',
     'PUB_KEY' => '密钥位数',
     'ISSUER' => '颁发者',

From 7958b495c94ee3213c3ecf32d71e17015546ba4f Mon Sep 17 00:00:00 2001
From: Phinitnan Chanasabaeng 
Date: Wed, 18 Jul 2018 10:40:35 +0700
Subject: [PATCH 0174/2300] Updated and Fixed error on updating Letsencrypt
 cert with NGINX's drupal template.

---
 .../templates/web/nginx/php5-fpm/drupal6.stpl | 52 +++++++---------
 .../templates/web/nginx/php5-fpm/drupal6.tpl  | 49 +++++++--------
 .../templates/web/nginx/php5-fpm/drupal7.stpl | 58 ++++++++----------
 .../templates/web/nginx/php5-fpm/drupal7.tpl  | 59 ++++++++----------
 .../templates/web/nginx/php5-fpm/drupal8.stpl | 59 ++++++++----------
 .../templates/web/nginx/php5-fpm/drupal8.tpl  | 60 ++++++++-----------
 .../templates/web/nginx/php5-fpm/drupal6.stpl | 52 +++++++---------
 .../templates/web/nginx/php5-fpm/drupal6.tpl  | 49 +++++++--------
 .../templates/web/nginx/php5-fpm/drupal7.stpl | 58 ++++++++----------
 .../templates/web/nginx/php5-fpm/drupal7.tpl  | 59 ++++++++----------
 .../templates/web/nginx/php5-fpm/drupal8.stpl | 59 ++++++++----------
 .../templates/web/nginx/php5-fpm/drupal8.tpl  | 60 ++++++++-----------
 .../templates/web/nginx/php-fpm/drupal6.stpl  | 52 +++++++---------
 .../9/templates/web/nginx/php-fpm/drupal6.tpl | 49 +++++++--------
 .../templates/web/nginx/php-fpm/drupal7.stpl  | 58 ++++++++----------
 .../9/templates/web/nginx/php-fpm/drupal7.tpl | 59 ++++++++----------
 .../templates/web/nginx/php-fpm/drupal8.stpl  | 59 ++++++++----------
 .../9/templates/web/nginx/php-fpm/drupal8.tpl | 60 ++++++++-----------
 .../templates/web/nginx/php-fpm/drupal6.stpl  | 52 +++++++---------
 .../5/templates/web/nginx/php-fpm/drupal6.tpl | 49 +++++++--------
 .../templates/web/nginx/php-fpm/drupal7.stpl  | 58 ++++++++----------
 .../5/templates/web/nginx/php-fpm/drupal7.tpl | 59 ++++++++----------
 .../templates/web/nginx/php-fpm/drupal8.stpl  | 59 ++++++++----------
 .../5/templates/web/nginx/php-fpm/drupal8.tpl | 60 ++++++++-----------
 .../templates/web/nginx/php-fpm/drupal6.stpl  | 52 +++++++---------
 .../6/templates/web/nginx/php-fpm/drupal6.tpl | 49 +++++++--------
 .../templates/web/nginx/php-fpm/drupal7.stpl  | 58 ++++++++----------
 .../6/templates/web/nginx/php-fpm/drupal7.tpl | 59 ++++++++----------
 .../templates/web/nginx/php-fpm/drupal8.stpl  | 59 ++++++++----------
 .../6/templates/web/nginx/php-fpm/drupal8.tpl | 60 ++++++++-----------
 .../templates/web/nginx/php-fpm/drupal6.stpl  | 52 +++++++---------
 .../7/templates/web/nginx/php-fpm/drupal6.tpl | 49 +++++++--------
 .../templates/web/nginx/php-fpm/drupal7.stpl  | 58 ++++++++----------
 .../7/templates/web/nginx/php-fpm/drupal7.tpl | 59 ++++++++----------
 .../templates/web/nginx/php-fpm/drupal8.stpl  | 59 ++++++++----------
 .../7/templates/web/nginx/php-fpm/drupal8.tpl | 60 ++++++++-----------
 .../templates/web/nginx/php-fpm/drupal6.stpl  | 52 +++++++---------
 .../templates/web/nginx/php-fpm/drupal6.tpl   | 49 +++++++--------
 .../templates/web/nginx/php-fpm/drupal7.stpl  | 58 ++++++++----------
 .../templates/web/nginx/php-fpm/drupal7.tpl   | 59 ++++++++----------
 .../templates/web/nginx/php-fpm/drupal8.stpl  | 59 ++++++++----------
 .../templates/web/nginx/php-fpm/drupal8.tpl   | 60 ++++++++-----------
 .../templates/web/nginx/php-fpm/drupal6.stpl  | 52 +++++++---------
 .../templates/web/nginx/php-fpm/drupal6.tpl   | 49 +++++++--------
 .../templates/web/nginx/php-fpm/drupal7.stpl  | 58 ++++++++----------
 .../templates/web/nginx/php-fpm/drupal7.tpl   | 59 ++++++++----------
 .../templates/web/nginx/php-fpm/drupal8.stpl  | 59 ++++++++----------
 .../templates/web/nginx/php-fpm/drupal8.tpl   | 60 ++++++++-----------
 .../templates/web/nginx/php-fpm/drupal6.stpl  | 52 +++++++---------
 .../templates/web/nginx/php-fpm/drupal6.tpl   | 49 +++++++--------
 .../templates/web/nginx/php-fpm/drupal7.stpl  | 58 ++++++++----------
 .../templates/web/nginx/php-fpm/drupal7.tpl   | 59 ++++++++----------
 .../templates/web/nginx/php-fpm/drupal8.stpl  | 59 ++++++++----------
 .../templates/web/nginx/php-fpm/drupal8.tpl   | 60 ++++++++-----------
 .../templates/web/nginx/php-fpm/drupal6.stpl  | 52 +++++++---------
 .../templates/web/nginx/php-fpm/drupal6.tpl   | 49 +++++++--------
 .../templates/web/nginx/php-fpm/drupal7.stpl  | 58 ++++++++----------
 .../templates/web/nginx/php-fpm/drupal7.tpl   | 59 ++++++++----------
 .../templates/web/nginx/php-fpm/drupal8.stpl  | 59 ++++++++----------
 .../templates/web/nginx/php-fpm/drupal8.tpl   | 60 ++++++++-----------
 .../templates/web/nginx/php-fpm/drupal6.stpl  | 52 +++++++---------
 .../templates/web/nginx/php-fpm/drupal6.tpl   | 49 +++++++--------
 .../templates/web/nginx/php-fpm/drupal7.stpl  | 58 ++++++++----------
 .../templates/web/nginx/php-fpm/drupal7.tpl   | 59 ++++++++----------
 .../templates/web/nginx/php-fpm/drupal8.stpl  | 59 ++++++++----------
 .../templates/web/nginx/php-fpm/drupal8.tpl   | 60 ++++++++-----------
 .../templates/web/nginx/php-fpm/drupal6.stpl  | 52 +++++++---------
 .../templates/web/nginx/php-fpm/drupal6.tpl   | 49 +++++++--------
 .../templates/web/nginx/php-fpm/drupal7.stpl  | 58 ++++++++----------
 .../templates/web/nginx/php-fpm/drupal7.tpl   | 59 ++++++++----------
 .../templates/web/nginx/php-fpm/drupal8.stpl  | 59 ++++++++----------
 .../templates/web/nginx/php-fpm/drupal8.tpl   | 60 ++++++++-----------
 .../templates/web/nginx/php-fpm/drupal6.stpl  | 52 +++++++---------
 .../templates/web/nginx/php-fpm/drupal6.tpl   | 49 +++++++--------
 .../templates/web/nginx/php-fpm/drupal7.stpl  | 58 ++++++++----------
 .../templates/web/nginx/php-fpm/drupal7.tpl   | 59 ++++++++----------
 .../templates/web/nginx/php-fpm/drupal8.stpl  | 59 ++++++++----------
 .../templates/web/nginx/php-fpm/drupal8.tpl   | 60 ++++++++-----------
 .../templates/web/nginx/php-fpm/drupal6.stpl  | 52 +++++++---------
 .../templates/web/nginx/php-fpm/drupal6.tpl   | 49 +++++++--------
 .../templates/web/nginx/php-fpm/drupal7.stpl  | 58 ++++++++----------
 .../templates/web/nginx/php-fpm/drupal7.tpl   | 59 ++++++++----------
 .../templates/web/nginx/php-fpm/drupal8.stpl  | 59 ++++++++----------
 .../templates/web/nginx/php-fpm/drupal8.tpl   | 60 ++++++++-----------
 .../templates/web/nginx/php-fpm/drupal6.stpl  | 52 +++++++---------
 .../templates/web/nginx/php-fpm/drupal6.tpl   | 49 +++++++--------
 .../templates/web/nginx/php-fpm/drupal7.stpl  | 58 ++++++++----------
 .../templates/web/nginx/php-fpm/drupal7.tpl   | 59 ++++++++----------
 .../templates/web/nginx/php-fpm/drupal8.stpl  | 59 ++++++++----------
 .../templates/web/nginx/php-fpm/drupal8.tpl   | 60 ++++++++-----------
 .../templates/web/nginx/php-fpm/drupal6.stpl  | 52 +++++++---------
 .../templates/web/nginx/php-fpm/drupal6.tpl   | 49 +++++++--------
 .../templates/web/nginx/php-fpm/drupal7.stpl  | 58 ++++++++----------
 .../templates/web/nginx/php-fpm/drupal7.tpl   | 59 ++++++++----------
 .../templates/web/nginx/php-fpm/drupal8.stpl  | 59 ++++++++----------
 .../templates/web/nginx/php-fpm/drupal8.tpl   | 60 ++++++++-----------
 .../templates/web/nginx/php-fpm/drupal6.stpl  | 52 +++++++---------
 .../templates/web/nginx/php-fpm/drupal6.tpl   | 49 +++++++--------
 .../templates/web/nginx/php-fpm/drupal7.stpl  | 58 ++++++++----------
 .../templates/web/nginx/php-fpm/drupal7.tpl   | 59 ++++++++----------
 .../templates/web/nginx/php-fpm/drupal8.stpl  | 59 ++++++++----------
 .../templates/web/nginx/php-fpm/drupal8.tpl   | 60 ++++++++-----------
 .../templates/web/nginx/php-fpm/drupal6.stpl  | 52 +++++++---------
 .../templates/web/nginx/php-fpm/drupal6.tpl   | 49 +++++++--------
 .../templates/web/nginx/php-fpm/drupal7.stpl  | 58 ++++++++----------
 .../templates/web/nginx/php-fpm/drupal7.tpl   | 59 ++++++++----------
 .../templates/web/nginx/php-fpm/drupal8.stpl  | 59 ++++++++----------
 .../templates/web/nginx/php-fpm/drupal8.tpl   | 60 ++++++++-----------
 .../templates/web/nginx/php-fpm/drupal6.stpl  | 52 +++++++---------
 .../templates/web/nginx/php-fpm/drupal6.tpl   | 49 +++++++--------
 .../templates/web/nginx/php-fpm/drupal7.stpl  | 58 ++++++++----------
 .../templates/web/nginx/php-fpm/drupal7.tpl   | 59 ++++++++----------
 .../templates/web/nginx/php-fpm/drupal8.stpl  | 59 ++++++++----------
 .../templates/web/nginx/php-fpm/drupal8.tpl   | 60 ++++++++-----------
 114 files changed, 2812 insertions(+), 3591 deletions(-)

diff --git a/install/debian/7/templates/web/nginx/php5-fpm/drupal6.stpl b/install/debian/7/templates/web/nginx/php5-fpm/drupal6.stpl
index 91a70936..0af7ce84 100644
--- a/install/debian/7/templates/web/nginx/php5-fpm/drupal6.stpl
+++ b/install/debian/7/templates/web/nginx/php5-fpm/drupal6.stpl
@@ -31,48 +31,42 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
         try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
     }
 
     location @rewrite {
-        # For Drupal 6 and bwlow:
-        # Some modules enforce no slash (/) at the end of the URL
-        # Else this rewrite block wouldn't be needed (GlobalRedirect)
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
 
-    location ~ ^/sites/.*/files/styles/ {
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
         try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }    
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
     }
 
     error_page  403 /error/404.html;
diff --git a/install/debian/7/templates/web/nginx/php5-fpm/drupal6.tpl b/install/debian/7/templates/web/nginx/php5-fpm/drupal6.tpl
index ac32dcd9..d1096bff 100644
--- a/install/debian/7/templates/web/nginx/php5-fpm/drupal6.tpl
+++ b/install/debian/7/templates/web/nginx/php5-fpm/drupal6.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,48 +27,42 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
 
     location / {
         try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
     }
 
     location @rewrite {
-        # For Drupal 6 and bwlow:
-        # Some modules enforce no slash (/) at the end of the URL
-        # Else this rewrite block wouldn't be needed (GlobalRedirect)
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
 
-    location ~ ^/sites/.*/files/styles/ {
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
         try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }
+        
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
     }
 
     error_page  403 /error/404.html;
diff --git a/install/debian/7/templates/web/nginx/php5-fpm/drupal7.stpl b/install/debian/7/templates/web/nginx/php5-fpm/drupal7.stpl
index 3b9dabf5..030ea952 100644
--- a/install/debian/7/templates/web/nginx/php5-fpm/drupal7.stpl
+++ b/install/debian/7/templates/web/nginx/php5-fpm/drupal7.stpl
@@ -31,50 +31,44 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/debian/7/templates/web/nginx/php5-fpm/drupal7.tpl b/install/debian/7/templates/web/nginx/php5-fpm/drupal7.tpl
index 1b979475..c9729795 100644
--- a/install/debian/7/templates/web/nginx/php5-fpm/drupal7.tpl
+++ b/install/debian/7/templates/web/nginx/php5-fpm/drupal7.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,50 +27,44 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
-
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
-
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/debian/7/templates/web/nginx/php5-fpm/drupal8.stpl b/install/debian/7/templates/web/nginx/php5-fpm/drupal8.stpl
index 50d85b68..030ea952 100644
--- a/install/debian/7/templates/web/nginx/php5-fpm/drupal8.stpl
+++ b/install/debian/7/templates/web/nginx/php5-fpm/drupal8.stpl
@@ -31,51 +31,44 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$)|^/update.php {
-            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/debian/7/templates/web/nginx/php5-fpm/drupal8.tpl b/install/debian/7/templates/web/nginx/php5-fpm/drupal8.tpl
index 71b538bf..c9729795 100644
--- a/install/debian/7/templates/web/nginx/php5-fpm/drupal8.tpl
+++ b/install/debian/7/templates/web/nginx/php5-fpm/drupal8.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,51 +27,44 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
-
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
-
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$)|^/update.php {
-            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/debian/8/templates/web/nginx/php5-fpm/drupal6.stpl b/install/debian/8/templates/web/nginx/php5-fpm/drupal6.stpl
index 91a70936..0af7ce84 100644
--- a/install/debian/8/templates/web/nginx/php5-fpm/drupal6.stpl
+++ b/install/debian/8/templates/web/nginx/php5-fpm/drupal6.stpl
@@ -31,48 +31,42 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
         try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
     }
 
     location @rewrite {
-        # For Drupal 6 and bwlow:
-        # Some modules enforce no slash (/) at the end of the URL
-        # Else this rewrite block wouldn't be needed (GlobalRedirect)
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
 
-    location ~ ^/sites/.*/files/styles/ {
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
         try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }    
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
     }
 
     error_page  403 /error/404.html;
diff --git a/install/debian/8/templates/web/nginx/php5-fpm/drupal6.tpl b/install/debian/8/templates/web/nginx/php5-fpm/drupal6.tpl
index ac32dcd9..d1096bff 100644
--- a/install/debian/8/templates/web/nginx/php5-fpm/drupal6.tpl
+++ b/install/debian/8/templates/web/nginx/php5-fpm/drupal6.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,48 +27,42 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
 
     location / {
         try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
     }
 
     location @rewrite {
-        # For Drupal 6 and bwlow:
-        # Some modules enforce no slash (/) at the end of the URL
-        # Else this rewrite block wouldn't be needed (GlobalRedirect)
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
 
-    location ~ ^/sites/.*/files/styles/ {
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
         try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }
+        
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
     }
 
     error_page  403 /error/404.html;
diff --git a/install/debian/8/templates/web/nginx/php5-fpm/drupal7.stpl b/install/debian/8/templates/web/nginx/php5-fpm/drupal7.stpl
index 3b9dabf5..030ea952 100644
--- a/install/debian/8/templates/web/nginx/php5-fpm/drupal7.stpl
+++ b/install/debian/8/templates/web/nginx/php5-fpm/drupal7.stpl
@@ -31,50 +31,44 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/debian/8/templates/web/nginx/php5-fpm/drupal7.tpl b/install/debian/8/templates/web/nginx/php5-fpm/drupal7.tpl
index 1b979475..c9729795 100644
--- a/install/debian/8/templates/web/nginx/php5-fpm/drupal7.tpl
+++ b/install/debian/8/templates/web/nginx/php5-fpm/drupal7.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,50 +27,44 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
-
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
-
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/debian/8/templates/web/nginx/php5-fpm/drupal8.stpl b/install/debian/8/templates/web/nginx/php5-fpm/drupal8.stpl
index 50d85b68..030ea952 100644
--- a/install/debian/8/templates/web/nginx/php5-fpm/drupal8.stpl
+++ b/install/debian/8/templates/web/nginx/php5-fpm/drupal8.stpl
@@ -31,51 +31,44 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$)|^/update.php {
-            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/debian/8/templates/web/nginx/php5-fpm/drupal8.tpl b/install/debian/8/templates/web/nginx/php5-fpm/drupal8.tpl
index 71b538bf..c9729795 100644
--- a/install/debian/8/templates/web/nginx/php5-fpm/drupal8.tpl
+++ b/install/debian/8/templates/web/nginx/php5-fpm/drupal8.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,51 +27,44 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
-
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
-
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$)|^/update.php {
-            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/debian/9/templates/web/nginx/php-fpm/drupal6.stpl b/install/debian/9/templates/web/nginx/php-fpm/drupal6.stpl
index 91a70936..0af7ce84 100644
--- a/install/debian/9/templates/web/nginx/php-fpm/drupal6.stpl
+++ b/install/debian/9/templates/web/nginx/php-fpm/drupal6.stpl
@@ -31,48 +31,42 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
         try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
     }
 
     location @rewrite {
-        # For Drupal 6 and bwlow:
-        # Some modules enforce no slash (/) at the end of the URL
-        # Else this rewrite block wouldn't be needed (GlobalRedirect)
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
 
-    location ~ ^/sites/.*/files/styles/ {
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
         try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }    
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
     }
 
     error_page  403 /error/404.html;
diff --git a/install/debian/9/templates/web/nginx/php-fpm/drupal6.tpl b/install/debian/9/templates/web/nginx/php-fpm/drupal6.tpl
index ac32dcd9..d1096bff 100644
--- a/install/debian/9/templates/web/nginx/php-fpm/drupal6.tpl
+++ b/install/debian/9/templates/web/nginx/php-fpm/drupal6.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,48 +27,42 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
 
     location / {
         try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
     }
 
     location @rewrite {
-        # For Drupal 6 and bwlow:
-        # Some modules enforce no slash (/) at the end of the URL
-        # Else this rewrite block wouldn't be needed (GlobalRedirect)
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
 
-    location ~ ^/sites/.*/files/styles/ {
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
         try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }
+        
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
     }
 
     error_page  403 /error/404.html;
diff --git a/install/debian/9/templates/web/nginx/php-fpm/drupal7.stpl b/install/debian/9/templates/web/nginx/php-fpm/drupal7.stpl
index 3b9dabf5..030ea952 100644
--- a/install/debian/9/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/debian/9/templates/web/nginx/php-fpm/drupal7.stpl
@@ -31,50 +31,44 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/debian/9/templates/web/nginx/php-fpm/drupal7.tpl b/install/debian/9/templates/web/nginx/php-fpm/drupal7.tpl
index 1b979475..c9729795 100644
--- a/install/debian/9/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/debian/9/templates/web/nginx/php-fpm/drupal7.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,50 +27,44 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
-
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
-
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/debian/9/templates/web/nginx/php-fpm/drupal8.stpl b/install/debian/9/templates/web/nginx/php-fpm/drupal8.stpl
index 50d85b68..030ea952 100644
--- a/install/debian/9/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/debian/9/templates/web/nginx/php-fpm/drupal8.stpl
@@ -31,51 +31,44 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$)|^/update.php {
-            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/debian/9/templates/web/nginx/php-fpm/drupal8.tpl b/install/debian/9/templates/web/nginx/php-fpm/drupal8.tpl
index 71b538bf..c9729795 100644
--- a/install/debian/9/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/debian/9/templates/web/nginx/php-fpm/drupal8.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,51 +27,44 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
-
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
-
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$)|^/update.php {
-            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/rhel/5/templates/web/nginx/php-fpm/drupal6.stpl b/install/rhel/5/templates/web/nginx/php-fpm/drupal6.stpl
index 91a70936..0af7ce84 100644
--- a/install/rhel/5/templates/web/nginx/php-fpm/drupal6.stpl
+++ b/install/rhel/5/templates/web/nginx/php-fpm/drupal6.stpl
@@ -31,48 +31,42 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
         try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
     }
 
     location @rewrite {
-        # For Drupal 6 and bwlow:
-        # Some modules enforce no slash (/) at the end of the URL
-        # Else this rewrite block wouldn't be needed (GlobalRedirect)
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
 
-    location ~ ^/sites/.*/files/styles/ {
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
         try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }    
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
     }
 
     error_page  403 /error/404.html;
diff --git a/install/rhel/5/templates/web/nginx/php-fpm/drupal6.tpl b/install/rhel/5/templates/web/nginx/php-fpm/drupal6.tpl
index ac32dcd9..d1096bff 100644
--- a/install/rhel/5/templates/web/nginx/php-fpm/drupal6.tpl
+++ b/install/rhel/5/templates/web/nginx/php-fpm/drupal6.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,48 +27,42 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
 
     location / {
         try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
     }
 
     location @rewrite {
-        # For Drupal 6 and bwlow:
-        # Some modules enforce no slash (/) at the end of the URL
-        # Else this rewrite block wouldn't be needed (GlobalRedirect)
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
 
-    location ~ ^/sites/.*/files/styles/ {
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
         try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }
+        
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
     }
 
     error_page  403 /error/404.html;
diff --git a/install/rhel/5/templates/web/nginx/php-fpm/drupal7.stpl b/install/rhel/5/templates/web/nginx/php-fpm/drupal7.stpl
index 3b9dabf5..030ea952 100644
--- a/install/rhel/5/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/rhel/5/templates/web/nginx/php-fpm/drupal7.stpl
@@ -31,50 +31,44 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/rhel/5/templates/web/nginx/php-fpm/drupal7.tpl b/install/rhel/5/templates/web/nginx/php-fpm/drupal7.tpl
index 1b979475..c9729795 100644
--- a/install/rhel/5/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/rhel/5/templates/web/nginx/php-fpm/drupal7.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,50 +27,44 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
-
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
-
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/rhel/5/templates/web/nginx/php-fpm/drupal8.stpl b/install/rhel/5/templates/web/nginx/php-fpm/drupal8.stpl
index 50d85b68..030ea952 100644
--- a/install/rhel/5/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/rhel/5/templates/web/nginx/php-fpm/drupal8.stpl
@@ -31,51 +31,44 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$)|^/update.php {
-            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/rhel/5/templates/web/nginx/php-fpm/drupal8.tpl b/install/rhel/5/templates/web/nginx/php-fpm/drupal8.tpl
index 71b538bf..c9729795 100644
--- a/install/rhel/5/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/rhel/5/templates/web/nginx/php-fpm/drupal8.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,51 +27,44 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
-
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
-
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$)|^/update.php {
-            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/rhel/6/templates/web/nginx/php-fpm/drupal6.stpl b/install/rhel/6/templates/web/nginx/php-fpm/drupal6.stpl
index 91a70936..0af7ce84 100644
--- a/install/rhel/6/templates/web/nginx/php-fpm/drupal6.stpl
+++ b/install/rhel/6/templates/web/nginx/php-fpm/drupal6.stpl
@@ -31,48 +31,42 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
         try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
     }
 
     location @rewrite {
-        # For Drupal 6 and bwlow:
-        # Some modules enforce no slash (/) at the end of the URL
-        # Else this rewrite block wouldn't be needed (GlobalRedirect)
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
 
-    location ~ ^/sites/.*/files/styles/ {
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
         try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }    
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
     }
 
     error_page  403 /error/404.html;
diff --git a/install/rhel/6/templates/web/nginx/php-fpm/drupal6.tpl b/install/rhel/6/templates/web/nginx/php-fpm/drupal6.tpl
index ac32dcd9..d1096bff 100644
--- a/install/rhel/6/templates/web/nginx/php-fpm/drupal6.tpl
+++ b/install/rhel/6/templates/web/nginx/php-fpm/drupal6.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,48 +27,42 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
 
     location / {
         try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
     }
 
     location @rewrite {
-        # For Drupal 6 and bwlow:
-        # Some modules enforce no slash (/) at the end of the URL
-        # Else this rewrite block wouldn't be needed (GlobalRedirect)
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
 
-    location ~ ^/sites/.*/files/styles/ {
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
         try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }
+        
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
     }
 
     error_page  403 /error/404.html;
diff --git a/install/rhel/6/templates/web/nginx/php-fpm/drupal7.stpl b/install/rhel/6/templates/web/nginx/php-fpm/drupal7.stpl
index 3b9dabf5..030ea952 100644
--- a/install/rhel/6/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/rhel/6/templates/web/nginx/php-fpm/drupal7.stpl
@@ -31,50 +31,44 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/rhel/6/templates/web/nginx/php-fpm/drupal7.tpl b/install/rhel/6/templates/web/nginx/php-fpm/drupal7.tpl
index 1b979475..c9729795 100644
--- a/install/rhel/6/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/rhel/6/templates/web/nginx/php-fpm/drupal7.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,50 +27,44 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
-
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
-
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/rhel/6/templates/web/nginx/php-fpm/drupal8.stpl b/install/rhel/6/templates/web/nginx/php-fpm/drupal8.stpl
index 50d85b68..030ea952 100644
--- a/install/rhel/6/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/rhel/6/templates/web/nginx/php-fpm/drupal8.stpl
@@ -31,51 +31,44 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$)|^/update.php {
-            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/rhel/6/templates/web/nginx/php-fpm/drupal8.tpl b/install/rhel/6/templates/web/nginx/php-fpm/drupal8.tpl
index 71b538bf..c9729795 100644
--- a/install/rhel/6/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/rhel/6/templates/web/nginx/php-fpm/drupal8.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,51 +27,44 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
-
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
-
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$)|^/update.php {
-            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/rhel/7/templates/web/nginx/php-fpm/drupal6.stpl b/install/rhel/7/templates/web/nginx/php-fpm/drupal6.stpl
index 91a70936..0af7ce84 100644
--- a/install/rhel/7/templates/web/nginx/php-fpm/drupal6.stpl
+++ b/install/rhel/7/templates/web/nginx/php-fpm/drupal6.stpl
@@ -31,48 +31,42 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
         try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
     }
 
     location @rewrite {
-        # For Drupal 6 and bwlow:
-        # Some modules enforce no slash (/) at the end of the URL
-        # Else this rewrite block wouldn't be needed (GlobalRedirect)
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
 
-    location ~ ^/sites/.*/files/styles/ {
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
         try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }    
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
     }
 
     error_page  403 /error/404.html;
diff --git a/install/rhel/7/templates/web/nginx/php-fpm/drupal6.tpl b/install/rhel/7/templates/web/nginx/php-fpm/drupal6.tpl
index ac32dcd9..d1096bff 100644
--- a/install/rhel/7/templates/web/nginx/php-fpm/drupal6.tpl
+++ b/install/rhel/7/templates/web/nginx/php-fpm/drupal6.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,48 +27,42 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
 
     location / {
         try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
     }
 
     location @rewrite {
-        # For Drupal 6 and bwlow:
-        # Some modules enforce no slash (/) at the end of the URL
-        # Else this rewrite block wouldn't be needed (GlobalRedirect)
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
 
-    location ~ ^/sites/.*/files/styles/ {
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
         try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }
+        
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
     }
 
     error_page  403 /error/404.html;
diff --git a/install/rhel/7/templates/web/nginx/php-fpm/drupal7.stpl b/install/rhel/7/templates/web/nginx/php-fpm/drupal7.stpl
index 3b9dabf5..030ea952 100644
--- a/install/rhel/7/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/rhel/7/templates/web/nginx/php-fpm/drupal7.stpl
@@ -31,50 +31,44 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/rhel/7/templates/web/nginx/php-fpm/drupal7.tpl b/install/rhel/7/templates/web/nginx/php-fpm/drupal7.tpl
index 1b979475..c9729795 100644
--- a/install/rhel/7/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/rhel/7/templates/web/nginx/php-fpm/drupal7.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,50 +27,44 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
-
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
-
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/rhel/7/templates/web/nginx/php-fpm/drupal8.stpl b/install/rhel/7/templates/web/nginx/php-fpm/drupal8.stpl
index 50d85b68..030ea952 100644
--- a/install/rhel/7/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/rhel/7/templates/web/nginx/php-fpm/drupal8.stpl
@@ -31,51 +31,44 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$)|^/update.php {
-            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/rhel/7/templates/web/nginx/php-fpm/drupal8.tpl b/install/rhel/7/templates/web/nginx/php-fpm/drupal8.tpl
index 71b538bf..c9729795 100644
--- a/install/rhel/7/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/rhel/7/templates/web/nginx/php-fpm/drupal8.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,51 +27,44 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
-
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
-
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$)|^/update.php {
-            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal6.stpl
index 91a70936..0af7ce84 100644
--- a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal6.stpl
+++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal6.stpl
@@ -31,48 +31,42 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
         try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
     }
 
     location @rewrite {
-        # For Drupal 6 and bwlow:
-        # Some modules enforce no slash (/) at the end of the URL
-        # Else this rewrite block wouldn't be needed (GlobalRedirect)
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
 
-    location ~ ^/sites/.*/files/styles/ {
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
         try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }    
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal6.tpl
index ac32dcd9..d1096bff 100644
--- a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal6.tpl
+++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal6.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,48 +27,42 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
 
     location / {
         try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
     }
 
     location @rewrite {
-        # For Drupal 6 and bwlow:
-        # Some modules enforce no slash (/) at the end of the URL
-        # Else this rewrite block wouldn't be needed (GlobalRedirect)
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
 
-    location ~ ^/sites/.*/files/styles/ {
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
         try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }
+        
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.stpl
index 3b9dabf5..030ea952 100644
--- a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.stpl
@@ -31,50 +31,44 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.tpl
index 1b979475..c9729795 100644
--- a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,50 +27,44 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
-
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
-
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.stpl
index 50d85b68..030ea952 100644
--- a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.stpl
@@ -31,51 +31,44 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$)|^/update.php {
-            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.tpl
index 71b538bf..c9729795 100644
--- a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,51 +27,44 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
-
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
-
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$)|^/update.php {
-            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal6.stpl
index 91a70936..0af7ce84 100644
--- a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal6.stpl
+++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal6.stpl
@@ -31,48 +31,42 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
         try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
     }
 
     location @rewrite {
-        # For Drupal 6 and bwlow:
-        # Some modules enforce no slash (/) at the end of the URL
-        # Else this rewrite block wouldn't be needed (GlobalRedirect)
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
 
-    location ~ ^/sites/.*/files/styles/ {
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
         try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }    
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal6.tpl
index ac32dcd9..d1096bff 100644
--- a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal6.tpl
+++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal6.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,48 +27,42 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
 
     location / {
         try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
     }
 
     location @rewrite {
-        # For Drupal 6 and bwlow:
-        # Some modules enforce no slash (/) at the end of the URL
-        # Else this rewrite block wouldn't be needed (GlobalRedirect)
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
 
-    location ~ ^/sites/.*/files/styles/ {
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
         try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }
+        
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.stpl
index 3b9dabf5..030ea952 100644
--- a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.stpl
@@ -31,50 +31,44 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.tpl
index 1b979475..c9729795 100644
--- a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,50 +27,44 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
-
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
-
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.stpl
index 50d85b68..030ea952 100644
--- a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.stpl
@@ -31,51 +31,44 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$)|^/update.php {
-            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.tpl
index 71b538bf..c9729795 100644
--- a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,51 +27,44 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
-
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
-
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$)|^/update.php {
-            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal6.stpl
index 91a70936..0af7ce84 100644
--- a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal6.stpl
+++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal6.stpl
@@ -31,48 +31,42 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
         try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
     }
 
     location @rewrite {
-        # For Drupal 6 and bwlow:
-        # Some modules enforce no slash (/) at the end of the URL
-        # Else this rewrite block wouldn't be needed (GlobalRedirect)
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
 
-    location ~ ^/sites/.*/files/styles/ {
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
         try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }    
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal6.tpl
index ac32dcd9..d1096bff 100644
--- a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal6.tpl
+++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal6.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,48 +27,42 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
 
     location / {
         try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
     }
 
     location @rewrite {
-        # For Drupal 6 and bwlow:
-        # Some modules enforce no slash (/) at the end of the URL
-        # Else this rewrite block wouldn't be needed (GlobalRedirect)
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
 
-    location ~ ^/sites/.*/files/styles/ {
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
         try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }
+        
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.stpl
index 3b9dabf5..030ea952 100644
--- a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.stpl
@@ -31,50 +31,44 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.tpl
index 1b979475..c9729795 100644
--- a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,50 +27,44 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
-
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
-
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.stpl
index 50d85b68..030ea952 100644
--- a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.stpl
@@ -31,51 +31,44 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$)|^/update.php {
-            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.tpl
index 71b538bf..c9729795 100644
--- a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,51 +27,44 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
-
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
-
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$)|^/update.php {
-            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal6.stpl
index 91a70936..0af7ce84 100644
--- a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal6.stpl
+++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal6.stpl
@@ -31,48 +31,42 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
         try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
     }
 
     location @rewrite {
-        # For Drupal 6 and bwlow:
-        # Some modules enforce no slash (/) at the end of the URL
-        # Else this rewrite block wouldn't be needed (GlobalRedirect)
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
 
-    location ~ ^/sites/.*/files/styles/ {
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
         try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }    
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal6.tpl
index ac32dcd9..d1096bff 100644
--- a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal6.tpl
+++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal6.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,48 +27,42 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
 
     location / {
         try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
     }
 
     location @rewrite {
-        # For Drupal 6 and bwlow:
-        # Some modules enforce no slash (/) at the end of the URL
-        # Else this rewrite block wouldn't be needed (GlobalRedirect)
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
 
-    location ~ ^/sites/.*/files/styles/ {
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
         try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }
+        
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.stpl
index 3b9dabf5..030ea952 100644
--- a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.stpl
@@ -31,50 +31,44 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.tpl
index 1b979475..c9729795 100644
--- a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,50 +27,44 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
-
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
-
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.stpl
index 50d85b68..030ea952 100644
--- a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.stpl
@@ -31,51 +31,44 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$)|^/update.php {
-            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.tpl
index 71b538bf..c9729795 100644
--- a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,51 +27,44 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
-
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
-
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$)|^/update.php {
-            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal6.stpl
index 91a70936..0af7ce84 100644
--- a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal6.stpl
+++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal6.stpl
@@ -31,48 +31,42 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
         try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
     }
 
     location @rewrite {
-        # For Drupal 6 and bwlow:
-        # Some modules enforce no slash (/) at the end of the URL
-        # Else this rewrite block wouldn't be needed (GlobalRedirect)
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
 
-    location ~ ^/sites/.*/files/styles/ {
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
         try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }    
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal6.tpl
index ac32dcd9..d1096bff 100644
--- a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal6.tpl
+++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal6.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,48 +27,42 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
 
     location / {
         try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
     }
 
     location @rewrite {
-        # For Drupal 6 and bwlow:
-        # Some modules enforce no slash (/) at the end of the URL
-        # Else this rewrite block wouldn't be needed (GlobalRedirect)
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
 
-    location ~ ^/sites/.*/files/styles/ {
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
         try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }
+        
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.stpl
index 3b9dabf5..030ea952 100644
--- a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.stpl
@@ -31,50 +31,44 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.tpl
index 1b979475..c9729795 100644
--- a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,50 +27,44 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
-
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
-
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.stpl
index 50d85b68..030ea952 100644
--- a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.stpl
@@ -31,51 +31,44 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$)|^/update.php {
-            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.tpl
index 71b538bf..c9729795 100644
--- a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,51 +27,44 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
-
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
-
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$)|^/update.php {
-            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal6.stpl
index 91a70936..0af7ce84 100644
--- a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal6.stpl
+++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal6.stpl
@@ -31,48 +31,42 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
         try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
     }
 
     location @rewrite {
-        # For Drupal 6 and bwlow:
-        # Some modules enforce no slash (/) at the end of the URL
-        # Else this rewrite block wouldn't be needed (GlobalRedirect)
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
 
-    location ~ ^/sites/.*/files/styles/ {
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
         try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }    
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal6.tpl
index ac32dcd9..d1096bff 100644
--- a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal6.tpl
+++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal6.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,48 +27,42 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
 
     location / {
         try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
     }
 
     location @rewrite {
-        # For Drupal 6 and bwlow:
-        # Some modules enforce no slash (/) at the end of the URL
-        # Else this rewrite block wouldn't be needed (GlobalRedirect)
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
 
-    location ~ ^/sites/.*/files/styles/ {
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
         try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }
+        
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.stpl
index 3b9dabf5..030ea952 100644
--- a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.stpl
@@ -31,50 +31,44 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.tpl
index 1b979475..c9729795 100644
--- a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,50 +27,44 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
-
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
-
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.stpl
index 50d85b68..030ea952 100644
--- a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.stpl
@@ -31,51 +31,44 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$)|^/update.php {
-            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.tpl
index 71b538bf..c9729795 100644
--- a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,51 +27,44 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
-
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
-
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$)|^/update.php {
-            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal6.stpl
index 91a70936..0af7ce84 100644
--- a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal6.stpl
+++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal6.stpl
@@ -31,48 +31,42 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
         try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
     }
 
     location @rewrite {
-        # For Drupal 6 and bwlow:
-        # Some modules enforce no slash (/) at the end of the URL
-        # Else this rewrite block wouldn't be needed (GlobalRedirect)
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
 
-    location ~ ^/sites/.*/files/styles/ {
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
         try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }    
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal6.tpl
index ac32dcd9..d1096bff 100644
--- a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal6.tpl
+++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal6.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,48 +27,42 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
 
     location / {
         try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
     }
 
     location @rewrite {
-        # For Drupal 6 and bwlow:
-        # Some modules enforce no slash (/) at the end of the URL
-        # Else this rewrite block wouldn't be needed (GlobalRedirect)
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
 
-    location ~ ^/sites/.*/files/styles/ {
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
         try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }
+        
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.stpl
index 3b9dabf5..030ea952 100644
--- a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.stpl
@@ -31,50 +31,44 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.tpl
index 1b979475..c9729795 100644
--- a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,50 +27,44 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
-
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
-
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.stpl
index 50d85b68..030ea952 100644
--- a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.stpl
@@ -31,51 +31,44 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$)|^/update.php {
-            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.tpl
index 71b538bf..c9729795 100644
--- a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,51 +27,44 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
-
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
-
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$)|^/update.php {
-            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal6.stpl
index 91a70936..0af7ce84 100644
--- a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal6.stpl
+++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal6.stpl
@@ -31,48 +31,42 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
         try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
     }
 
     location @rewrite {
-        # For Drupal 6 and bwlow:
-        # Some modules enforce no slash (/) at the end of the URL
-        # Else this rewrite block wouldn't be needed (GlobalRedirect)
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
 
-    location ~ ^/sites/.*/files/styles/ {
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
         try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }    
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal6.tpl
index ac32dcd9..d1096bff 100644
--- a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal6.tpl
+++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal6.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,48 +27,42 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
 
     location / {
         try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
     }
 
     location @rewrite {
-        # For Drupal 6 and bwlow:
-        # Some modules enforce no slash (/) at the end of the URL
-        # Else this rewrite block wouldn't be needed (GlobalRedirect)
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
 
-    location ~ ^/sites/.*/files/styles/ {
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
         try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }
+        
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.stpl
index 3b9dabf5..030ea952 100644
--- a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.stpl
@@ -31,50 +31,44 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.tpl
index 1b979475..c9729795 100644
--- a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,50 +27,44 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
-
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
-
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.stpl
index 50d85b68..030ea952 100644
--- a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.stpl
@@ -31,51 +31,44 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$)|^/update.php {
-            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.tpl
index 71b538bf..c9729795 100644
--- a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,51 +27,44 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
-
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
-
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$)|^/update.php {
-            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal6.stpl
index 91a70936..0af7ce84 100644
--- a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal6.stpl
+++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal6.stpl
@@ -31,48 +31,42 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
         try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
     }
 
     location @rewrite {
-        # For Drupal 6 and bwlow:
-        # Some modules enforce no slash (/) at the end of the URL
-        # Else this rewrite block wouldn't be needed (GlobalRedirect)
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
 
-    location ~ ^/sites/.*/files/styles/ {
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
         try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }    
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal6.tpl
index ac32dcd9..d1096bff 100644
--- a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal6.tpl
+++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal6.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,48 +27,42 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
 
     location / {
         try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
     }
 
     location @rewrite {
-        # For Drupal 6 and bwlow:
-        # Some modules enforce no slash (/) at the end of the URL
-        # Else this rewrite block wouldn't be needed (GlobalRedirect)
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
 
-    location ~ ^/sites/.*/files/styles/ {
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
         try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }
+        
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.stpl
index 3b9dabf5..030ea952 100644
--- a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.stpl
@@ -31,50 +31,44 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.tpl
index 1b979475..c9729795 100644
--- a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,50 +27,44 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
-
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
-
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.stpl
index 50d85b68..030ea952 100644
--- a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.stpl
@@ -31,51 +31,44 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$)|^/update.php {
-            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.tpl
index 71b538bf..c9729795 100644
--- a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,51 +27,44 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
-
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
-
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$)|^/update.php {
-            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal6.stpl
index 91a70936..0af7ce84 100644
--- a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal6.stpl
+++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal6.stpl
@@ -31,48 +31,42 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
         try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
     }
 
     location @rewrite {
-        # For Drupal 6 and bwlow:
-        # Some modules enforce no slash (/) at the end of the URL
-        # Else this rewrite block wouldn't be needed (GlobalRedirect)
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
 
-    location ~ ^/sites/.*/files/styles/ {
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
         try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }    
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal6.tpl
index ac32dcd9..d1096bff 100644
--- a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal6.tpl
+++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal6.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,48 +27,42 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
 
     location / {
         try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
     }
 
     location @rewrite {
-        # For Drupal 6 and bwlow:
-        # Some modules enforce no slash (/) at the end of the URL
-        # Else this rewrite block wouldn't be needed (GlobalRedirect)
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
 
-    location ~ ^/sites/.*/files/styles/ {
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
         try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }
+        
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.stpl
index 3b9dabf5..030ea952 100644
--- a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.stpl
@@ -31,50 +31,44 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.tpl
index 1b979475..c9729795 100644
--- a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,50 +27,44 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
-
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
-
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.stpl
index 50d85b68..030ea952 100644
--- a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.stpl
@@ -31,51 +31,44 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$)|^/update.php {
-            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.tpl
index 71b538bf..c9729795 100644
--- a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,51 +27,44 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
-
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
-
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$)|^/update.php {
-            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal6.stpl
index 91a70936..0af7ce84 100644
--- a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal6.stpl
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal6.stpl
@@ -31,48 +31,42 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
         try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
     }
 
     location @rewrite {
-        # For Drupal 6 and bwlow:
-        # Some modules enforce no slash (/) at the end of the URL
-        # Else this rewrite block wouldn't be needed (GlobalRedirect)
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
 
-    location ~ ^/sites/.*/files/styles/ {
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
         try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }    
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal6.tpl
index ac32dcd9..d1096bff 100644
--- a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal6.tpl
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal6.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,48 +27,42 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
 
     location / {
         try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
     }
 
     location @rewrite {
-        # For Drupal 6 and bwlow:
-        # Some modules enforce no slash (/) at the end of the URL
-        # Else this rewrite block wouldn't be needed (GlobalRedirect)
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
 
-    location ~ ^/sites/.*/files/styles/ {
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
         try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }
+        
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.stpl
index 3b9dabf5..030ea952 100644
--- a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.stpl
@@ -31,50 +31,44 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.tpl
index 1b979475..c9729795 100644
--- a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,50 +27,44 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
-
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
-
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.stpl
index 50d85b68..030ea952 100644
--- a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.stpl
@@ -31,51 +31,44 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$)|^/update.php {
-            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.tpl
index 71b538bf..c9729795 100644
--- a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,51 +27,44 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
-
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
-
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$)|^/update.php {
-            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal6.stpl
index 91a70936..0af7ce84 100644
--- a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal6.stpl
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal6.stpl
@@ -31,48 +31,42 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
         try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
     }
 
     location @rewrite {
-        # For Drupal 6 and bwlow:
-        # Some modules enforce no slash (/) at the end of the URL
-        # Else this rewrite block wouldn't be needed (GlobalRedirect)
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
 
-    location ~ ^/sites/.*/files/styles/ {
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
         try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }    
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal6.tpl
index ac32dcd9..d1096bff 100644
--- a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal6.tpl
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal6.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,48 +27,42 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
 
     location / {
         try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
     }
 
     location @rewrite {
-        # For Drupal 6 and bwlow:
-        # Some modules enforce no slash (/) at the end of the URL
-        # Else this rewrite block wouldn't be needed (GlobalRedirect)
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
 
-    location ~ ^/sites/.*/files/styles/ {
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
         try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }
+        
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.stpl
index 3b9dabf5..030ea952 100644
--- a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.stpl
@@ -31,50 +31,44 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.tpl
index 1b979475..c9729795 100644
--- a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,50 +27,44 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
-
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
-
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.stpl
index 50d85b68..030ea952 100644
--- a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.stpl
@@ -31,51 +31,44 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$)|^/update.php {
-            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.tpl
index 71b538bf..c9729795 100644
--- a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,51 +27,44 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
-
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
-
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$)|^/update.php {
-            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.stpl
index 91a70936..0af7ce84 100644
--- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.stpl
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.stpl
@@ -31,48 +31,42 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
         try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
     }
 
     location @rewrite {
-        # For Drupal 6 and bwlow:
-        # Some modules enforce no slash (/) at the end of the URL
-        # Else this rewrite block wouldn't be needed (GlobalRedirect)
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
 
-    location ~ ^/sites/.*/files/styles/ {
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
         try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }    
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.tpl
index ac32dcd9..d1096bff 100644
--- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.tpl
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,48 +27,42 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
 
     location / {
         try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
     }
 
     location @rewrite {
-        # For Drupal 6 and bwlow:
-        # Some modules enforce no slash (/) at the end of the URL
-        # Else this rewrite block wouldn't be needed (GlobalRedirect)
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
 
-    location ~ ^/sites/.*/files/styles/ {
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
         try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }
+        
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.stpl
index 3b9dabf5..030ea952 100644
--- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.stpl
@@ -31,50 +31,44 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.tpl
index 1b979475..c9729795 100644
--- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,50 +27,44 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
-
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
-
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$) {
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.stpl
index 50d85b68..030ea952 100644
--- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.stpl
@@ -31,51 +31,44 @@ server {
         return 403;
     }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
 
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-            return 403;
-        }
-
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$)|^/update.php {
-            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.tpl
index 71b538bf..c9729795 100644
--- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.tpl
@@ -18,7 +18,6 @@ server {
         access_log off;
     }
 
-    # Very rarely should these ever be accessed outside of your lan
     location ~* \.(txt|log)$ {
         allow 192.168.0.0/16;
         deny all;
@@ -28,51 +27,44 @@ server {
         return 403;
         }
 
-    # No no for private
     location ~ ^/sites/.*/private/ {
         return 403;
     }
-
-    # Block access to "hidden" files and directories whose names begin with a
-    # period. This includes directories used by version control systems such
-    # as Subversion or Git to store control files.
-    location ~ (^|/)\. {
-        return 403;
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
     }
-
+    
     location / {
-        try_files $uri @rewrite;
-
-        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-            expires     max;
-        }
-
-        location ~ [^/]\.php(/|$)|^/update.php {
-            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-            if (!-f $document_root$fastcgi_script_name) {
-                return  404;
-            }
-
-            fastcgi_pass    %backend_lsnr%;
-            fastcgi_index   index.php;
-            fastcgi_param SCRIPT_FILENAME $request_filename;
-            fastcgi_intercept_errors on;
-            include         /etc/nginx/fastcgi_params;
-        }
+        try_files $uri /index.php?$query_string;
     }
 
-    location @rewrite {
-        # You have 2 options here
-        # For D7 and above:
-        # Clean URLs are handled in drupal_environment_initialize().
-        rewrite ^ /index.php;
-    }
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
 
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
     error_page  500 502 503 504 /error/50x.html;

From 98542d69bc0087859fcc3c04a0823e8d9afc62bb Mon Sep 17 00:00:00 2001
From: Dmitry Bannik 
Date: Fri, 27 Jul 2018 23:59:53 +0300
Subject: [PATCH 0175/2300] Fix editing backup exclusions

---
 bin/v-backup-user | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-backup-user b/bin/v-backup-user
index bc57cafc..e59d84e5 100755
--- a/bin/v-backup-user
+++ b/bin/v-backup-user
@@ -233,7 +233,7 @@ if [ ! -z "$WEB_SYSTEM" ] && [ "$WEB" != '*' ]; then
 
         # Backup files
         cd $HOMEDIR/$user/web/$domain
-        tar -cpf- * ${fargs[@]} |gzip -$BACKUP_GZIP - > $tmpdir/web/$domain/domain_data.tar.gz
+        tar -cpf- ${fargs[@]} * |gzip -$BACKUP_GZIP - > $tmpdir/web/$domain/domain_data.tar.gz
     done
 
     # Print total

From 4a27e61d60ea6e781a1b0985c2ccf7bf58c1031f Mon Sep 17 00:00:00 2001
From: Luiz Junior 
Date: Tue, 31 Jul 2018 10:32:47 -0300
Subject: [PATCH 0176/2300] Fix Dovecot Connection

Fix dovecot Connection
---
 install/ubuntu/16.04/dovecot/dovecot.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/ubuntu/16.04/dovecot/dovecot.conf b/install/ubuntu/16.04/dovecot/dovecot.conf
index 311a3351..55c3672f 100644
--- a/install/ubuntu/16.04/dovecot/dovecot.conf
+++ b/install/ubuntu/16.04/dovecot/dovecot.conf
@@ -3,7 +3,7 @@ listen = *, ::
 base_dir = /var/run/dovecot/
 !include conf.d/*.conf
 
-namespace {
+namespace inbox{
     type = private
     separator = /
     prefix =

From 47a22f4a254aac61bb3c91c4ac7dd0eaf493f1b6 Mon Sep 17 00:00:00 2001
From: Luiz Junior 
Date: Tue, 31 Jul 2018 10:46:54 -0300
Subject: [PATCH 0177/2300] Fix dovecot

namespace inbox {
---
 install/ubuntu/16.04/dovecot/dovecot.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/ubuntu/16.04/dovecot/dovecot.conf b/install/ubuntu/16.04/dovecot/dovecot.conf
index 55c3672f..163460ba 100644
--- a/install/ubuntu/16.04/dovecot/dovecot.conf
+++ b/install/ubuntu/16.04/dovecot/dovecot.conf
@@ -3,7 +3,7 @@ listen = *, ::
 base_dir = /var/run/dovecot/
 !include conf.d/*.conf
 
-namespace inbox{
+namespace inbox {
     type = private
     separator = /
     prefix =

From 1c315de8d7924362ee6b96a9767d1f1536caa78d Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Fri, 3 Aug 2018 18:34:13 +0300
Subject: [PATCH 0178/2300] fix for ubuntu 14.04

---
 install/vst-install-ubuntu.sh | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/install/vst-install-ubuntu.sh b/install/vst-install-ubuntu.sh
index ef4b7079..a17517e3 100755
--- a/install/vst-install-ubuntu.sh
+++ b/install/vst-install-ubuntu.sh
@@ -33,9 +33,9 @@ software="apache2 apache2.2-common apache2-suexec-custom apache2-utils
 
 # Fix for old releases
 if [[ ${release:0:2} -lt 16 ]]; then
-    software=$(echo "$software" |sed -e "s/php /php5 /")
-    software=$(echo "$software" |sed -e "s/php-/php5-/")
-    software=$(echo "$software" |sed -e "s/mod-php/mod-php5/")
+    software=$(echo "$software" |sed -e "s/php /php5 /g")
+    software=$(echo "$software" |sed -e "s/vesta-php5 /vesta-php /g")
+    software=$(echo "$software" |sed -e "s/php-/php5-/g")
 fi
 
 # Defining help function

From 8bb89d2eb684f5ad8c7c85a0eab44c3b4eb493b3 Mon Sep 17 00:00:00 2001
From: Phinitnan Chanasabaeng 
Date: Mon, 6 Aug 2018 10:35:41 +0700
Subject: [PATCH 0179/2300] Updated Thai translation

---
 web/inc/i18n/th.php | 459 ++++++++++++++++++++++----------------------
 1 file changed, 230 insertions(+), 229 deletions(-)

diff --git a/web/inc/i18n/th.php b/web/inc/i18n/th.php
index 96f23bb5..07beb85e 100644
--- a/web/inc/i18n/th.php
+++ b/web/inc/i18n/th.php
@@ -3,6 +3,7 @@
  * Vesta language file
  * Language: Thai ( Thailand )
  * thatphon05@gmail.com
+ * phinitnan_c@xtony.us
  */
 
 $LANG['th'] = array(
@@ -11,10 +12,10 @@ $LANG['th'] = array(
     'IP'  => 'IP',
     'Graphs'  => 'กราฟ',
     'Statistics'  => 'สถิติ',
-    'Log'  => 'Log',
-    'Server'  => 'เซิฟเวอร์',
+    'Log'  => 'บันทึกเหตุการณ์',
+    'Server'  => 'เซิร์ฟเวอร์',
     'Services'  => 'บริการ',
-    'Firewall' => 'ไฟร์วอลล์',
+    'Firewall' => 'Firewall',
     'Updates'  => 'อัพเดท',
     'Log in'  => 'เข้าสู่ระบบ',
     'Log out'  => 'ออกจากระบบ',
@@ -22,47 +23,47 @@ $LANG['th'] = array(
     'USER'  => 'ผู้ใช้',
     'WEB'  => 'เว็บ',
     'DNS'  => 'DNS',
-    'MAIL'  => 'เมล์',
+    'MAIL'  => 'เมล',
     'DB'  => 'ฐานข้อมูล',
     'CRON'  => 'CRON',
     'BACKUP'  => 'สำรองข้อมูล',
 
     'LOGIN'  => 'เข้าสู่ระบบ',
-    'RESET PASSWORD'  => 'รีเซ็ตรหัสผ่าน',
+    'RESET PASSWORD'  => 'ตั้งรหัสผ่านใหม่',
     'SEARCH'  => 'ค้นหา',
     'PACKAGE'  => 'แพ็กเกจ',
     'RRD'  => 'RRD',
-    'STATS'  => 'STATS',
-    'LOG'  => 'ล็อก',
+    'STATS'  => 'สถิติ',
+    'LOG'  => 'บันทึกเหตุการณ์',
     'UPDATES'  => 'อัพเดท',
-    'FIREWALL'  => 'ไฟร์วอลล์',
-    'SERVER'  => 'เซิฟเวอร์',
+    'FIREWALL'  => 'FIREWALL',
+    'SERVER'  => 'เซิร์ฟเวอร์',
     'MEMORY'  => 'หน่วยความจำ',
-    'DISK'  => 'พื้นที่จัดเก็บข้อมูล',
+    'DISK'  => 'พื้นที่เก็บข้อมูล',
     'NETWORK'  => 'เครือข่าย',
-    'Web Log Manager'  => 'ตัวจัดการ Web Log',
+    'Web Log Manager'  => 'ตัวจัดการบันทึกเหตุการณ์เว็บ',
 
     'no notifications'  => 'ไม่มีการแจ้งเตือน',
 
     'Add User'  => 'เพิ่มผู้ใช้',
     'Add Domain'  => 'เพิ่มโดเมน',
-    'Add Web Domain'  => 'เพิ่ม Web Domain',
-    'Add DNS Domain'  => 'เพิ่ม DNS Domain',
-    'Add DNS Record'  => 'เพิ่ม DNS Record',
-    'Add Mail Domain'  => 'เพิ่ม Mail Domain',
-    'Add Mail Account'  => 'เพิ่มบัญชีเมล์',
+    'Add Web Domain'  => 'เพิ่มโดเมนสำหรับเว็บ',
+    'Add DNS Domain'  => 'เพิ่มโดเมนสำหรับ DNS',
+    'Add DNS Record'  => 'เพิ่มรายการ DNS',
+    'Add Mail Domain'  => 'เพิ่มโดเมนสำหรับเมล',
+    'Add Mail Account'  => 'เพิ่มบัญชีเมล',
     'Add Database'  => 'เพิ่มฐานข้อมูล',
-    'Add Cron Job'  => 'เพิ่ม Cron Job',
-    'Create Backup'  => 'สร้างการสำรองข้อมูล',
-    'Configure'  => 'ปรับแต่ง',
+    'Add Cron Job'  => 'เพิ่มงาน CRON',
+    'Create Backup'  => 'สร้างข้อมูลสำรอง',
+    'Configure'  => 'ตั้งค่า',
     'Restore All'  => 'คืนค่าทั้งหมด',
     'Add Package'  => 'เพิ่มแพ็กเกจ',
-    'Add IP'  => 'เพิ่ม IP Address',
-    'Add Rule' => 'เพิ่ม Rule',
-    'Ban IP Address' => 'แบน IP Address',
+    'Add IP'  => 'เพิ่ม IP',
+    'Add Rule' => 'เพิ่มกฎ',
+    'Ban IP Address' => 'แบนหมายเลข IP',
     'Search'  => 'ค้นหา',
-    'Add one more FTP Account' => 'เพิ่มอีกบัญชี',
-    'Overall Statistics'  => 'สถิติโดยรวม',
+    'Add one more FTP Account' => 'เพิ่ม FTP อีกหนึ่งบัญชี',
+    'Overall Statistics'  => 'สถิติภาพรวม',
     'Daily'  => 'รายวัน',
     'Weekly'  => 'รายสัปดาห์',
     'Monthly'  => 'รายเดือน',
@@ -73,28 +74,28 @@ $LANG['th'] = array(
     'Submit'  => 'ส่งข้อมูล',
 
     'toggle all'  => 'เลือกทั้งหมด',
-    'apply to selected'  => 'นำไปใช้กับที่เลือก',
-    'rebuild'  => 'สร้างใหม่',
-    'rebuild web'  => 'สร้างเว็บใหม่',
-    'rebuild dns'  => 'สร้าง DNS ใหม่',
-    'rebuild mail'  => 'สร้างเมล์ใหม่',
-    'rebuild db'  => 'สร้างฐานข้อมูลใหม่',
-    'rebuild cron'  => 'สร้าง Cron ใหม่',
+    'apply to selected'  => 'นำไปใช้กับรายการที่เลือก',
+    'rebuild'  => 'ใช้การตั้งค่าล่าสุด',
+    'rebuild web'  => 'ใช้การตั้งค่าเว็บล่าสุด',
+    'rebuild dns'  => 'ใช้การตั้งค่า DNS ล่าสุด',
+    'rebuild mail'  => 'ใช้การตั้งค่าเมลล่าสุด',
+    'rebuild db'  => 'ใช้การตั้งค่าฐานข้อมูลล่าสุด',
+    'rebuild cron'  => 'ใช้การตั้งค่า CRON ล่าสุด',
     'update counters'  => 'อัพเดทตัวนับ',
     'suspend'  => 'ระงับการใช้งาน',
-    'unsuspend'  => 'เปิดใช้งาน',
+    'unsuspend'  => 'ยกเลิกระงับการใช้งาน',
     'delete'  => 'ลบ',
-    'show per user'  => 'แสดงต่อผู้ใช้',
-    'login as'  => 'เข้าสู่ระบบด้วย',
+    'show per user'  => 'แสดงผลต่อผู้ใช้',
+    'login as'  => 'เข้าสู่ระบบในนาม',
     'logout'  => 'ออกจากระบบ',
     'edit'  => 'แก้ไข',
     'open webstats'  => 'เปิดสถิติเว็บ',
-    'view logs'  => 'ดู Logs',
-    'list records'  => 'รายการ %s records',
-    'add record'  => 'เพิ่ม Record',
-    'list accounts'  => 'รายการ %s บัญชี',
+    'view logs'  => 'ดูบันทึกเหตุการณ์',
+    'list records'  => 'แสดงรายการ',
+    'add record'  => 'เพิ่มรายการ',
+    'list accounts'  => 'แสดงบัญชี',
     'add account'  => 'เพิ่มบัญชี',
-    'open webmail'  => 'เปิด Webmail',
+    'open webmail'  => 'เปิดเว็บเมล',
     'list fail2ban' => 'รายการ fail2ban',
     'open %s'  => 'เปิด %s',
     'download'  => 'ดาวน์โหลด',
@@ -106,48 +107,48 @@ $LANG['th'] = array(
     'update'  => 'อัพเดท',
     'generate'  => 'สร้าง',
     'Generate CSR' => 'สร้าง CSR',
-    'reread IP' => 'อ่าน IP ใหม่',
+    'reread IP' => 'อ่าน IP ซ้ำ',
     'enable autoupdate' => 'เปิดการอัพเดทอัตโนมัติ',
     'disable autoupdate' => 'ปิดการอัพเดทอัตโนมัติ',
-    'turn on notifications' => 'เปิดใช้งานการแจ้งเตือน',
-    'turn off notifications' => 'ปิดใช้งานการแจ้งเตือน',
+    'turn on notifications' => 'เปิดการแจ้งเตือน',
+    'turn off notifications' => 'ปิดการแจ้งเตือน',
     'configure' => 'ปรับแต่ง',
 
     'Adding User'  => 'เพิ่มผู้ใช้',
     'Editing User'  => 'แก้ไขผู้ใช้',
     'Adding Domain'  => 'เพิ่มโดเมน',
     'Editing Domain'  => 'แก้ไขโดเมน',
-    'Adding DNS Domain'  => 'เพิ่ม DNS Domain',
-    'Editing DNS Domain'  => 'แก้ไข DNS Domain',
-    'Adding DNS Record'  => 'เพิ่ม DNS Record',
-    'Editing DNS Record'  => 'แก้ไข DNS Record',
-    'Adding Mail Domain'  => 'เพิ่ม Mail Domain',
-    'Editing Mail Domain'  => 'แก้ไข Mail Domain',
-    'Adding Mail Account'  => 'เพิ่มบัญชีเมล์',
-    'Editing Mail Account'  => 'แก้ไขบัญชีเมล์',
+    'Adding DNS Domain'  => 'เพิ่ม DNS สำหรับโดเมน',
+    'Editing DNS Domain'  => 'แก้ไข DNS สำหรับโดเมน',
+    'Adding DNS Record'  => 'เพิ่มรายการ DNS',
+    'Editing DNS Record'  => 'แก้ไขรายการ DNS',
+    'Adding Mail Domain'  => 'เพิ่มโดเมนสำหรับเมล',
+    'Editing Mail Domain'  => 'แก้ไขโดเมนสำหรับเมล',
+    'Adding Mail Account'  => 'เพิ่มบัญชีเมล',
+    'Editing Mail Account'  => 'แก้ไขบัญชีเมล',
     'Adding database'  => 'เพิ่มฐานข้อมูล',
-    'Editing Cron Job'  => 'แก้ไข Cron Job',
-    'Adding Cron Job'  => 'เพิ่ม Cron Job',
+    'Editing Cron Job'  => 'แก้ไขงาน CRON',
+    'Adding Cron Job'  => 'เพิ่มงาน CRON',
     'Editing Database'  => 'แก้ไขฐานข้อมูล',
     'Adding Package'  => 'เพิ่มแพ็กเกจ',
     'Editing Package'  => 'แก้ไขแพ็กเกจ',
-    'Adding IP address'  => 'เพิ่ม IP address',
-    'Editing IP Address'  => 'แก้ไข IP Address',
+    'Adding IP address'  => 'เพิ่มที่อยู่ IP',
+    'Editing IP Address'  => 'แก้ไขที่อยู่ IP',
     'Editing Backup Exclusions' => 'แก้ไขการยกเว้นสำรองข้อมูล',
     'Generating CSR' => 'สร้าง CSR',
     'Listing'  => 'รายการ',
-    'Search Results'  => 'ผลลัพธ์ของการค้นหา',
-    'Adding Firewall Rule' => 'การเพิ่ม Firewall Rule',
-    'Editing Firewall Rule' => 'การแก้ไข Firewall Rule',
-    'Adding IP Address to Banlist' => 'การแบน IP Address',
+    'Search Results'  => 'ผลลัพธ์การค้นหา',
+    'Adding Firewall Rule' => 'การเพิ่มกฎ Firewall',
+    'Editing Firewall Rule' => 'การแก้ไขกฎ Firewall',
+    'Adding IP Address to Banlist' => 'เพิ่มที่อยู่ IP ในรายการแบน',
 
     'active'  => 'เปิดใช้งาน',
     'spnd'  => 'ระงับการใช้งาน',
     'suspended'  => 'ระงับการใช้งานแล้ว',
     'running'  => 'กำลังทำงาน',
     'stopped'  => 'หยุดทำงานแล้ว',
-    'outdated'  => 'ตกรุ่น',
-    'updated'  => 'อัพเดท',
+    'outdated'  => 'ตกรุ่นแล้ว',
+    'updated'  => 'อัพเดทแล้ว',
 
     'yes'  => 'ใช่',
     'no'  => 'ไม่ใช่',
@@ -164,37 +165,37 @@ $LANG['th'] = array(
     'minutes'  => 'นาที',
     'month'  => 'เดือน',
     'package'  => 'แพ็กเกจ',
-    'Bandwidth'  => 'แบนด์วิดธ์',
+    'Bandwidth'  => 'ปริมาณรับส่งข้อมูล',
     'Disk'  => 'พื้นที่จัดเก็บข้อมูล',
     'Web'  => 'เว็บ',
-    'Mail'  => 'เมล์',
+    'Mail'  => 'เมล',
     'Databases'  => 'ฐานข้อมูล',
     'User Directories'  => 'ไดเร็กทอรี่ของผู้ใช้',
-    'Template'  => 'Template',
-    'Web Template'  => 'Web Template',
-    'Backend Template'  => 'Backend Template',
-    'Proxy Template' =>'Proxy Template',
-    'DNS Template'  => 'DNS Template',
-    'Web Domains'  => 'Web Domains',
-    'SSL Domains'  => 'SSL Domains',
-    'Web Aliases'  => 'Web Aliases',
-    'per domain'  => 'ต่อ Domain',
-    'DNS Domains'  => 'DNS Domains',
-    'DNS domains'  => 'DNS domains',
-    'DNS records'   => 'DNS records',
+    'Template'  => 'ตัวแบบ',
+    'Web Template'  => 'ตัวแบบเว็บ',
+    'Backend Template'  => 'ตัวเแบบ Backend',
+    'Proxy Template' =>'ตัวแบบ Proxy',
+    'DNS Template'  => 'ตัวแบบ DNS',
+    'Web Domains'  => 'โดเมนสำหรับเว็บ',
+    'SSL Domains'  => 'โดเมนสำหรับ SSL',
+    'Web Aliases'  => 'ชื่อแทนเว็บ',
+    'per domain'  => 'ต่อโดเมน',
+    'DNS Domains'  => 'โดเมนสำหรับ DNS',
+    'DNS domains'  => 'โดเมนสำหรับ DNS',
+    'DNS records'   => 'รายการ DNS',
     'Name Servers'  => 'Name Servers',
-    'Mail Domains'  => 'Mail Domains',
-    'Mail Accounts'  => 'บัญชีเมล์',
-    'Cron Jobs'  => 'Cron Jobs',
-    'SSH Access'  => 'การเข้าถึง SSH',
-    'IP Address'  => 'IP Address',
-    'IP Addresses'  => 'IP Addresses',
+    'Mail Domains'  => 'โดเมนสำหรับเมล',
+    'Mail Accounts'  => 'บัญชีเมล',
+    'Cron Jobs'  => 'งาน CRON',
+    'SSH Access'  => 'การเข้าใช้ SSH',
+    'IP Address'  => 'ที่อยู่ IP',
+    'IP Addresses'  => 'ที่อยู่ IP',
     'Backups'  => 'สำรองข้อมูล',
     'Backup System'  => 'ระบบสำรองข้อมูล',
     'backup exclusions' => 'ยกเว้นการสำรองข้อมูล',
-    'template'  => 'template',
+    'template'  => 'ตัวแบบ',
     'SSL Support'  => 'สนับสนุน SSL',
-    'SSL Home Directory'  => 'หน้าแรกของ SSL',
+    'SSL Home Directory'  => 'ไดเร็กทอรี่หลักของ SSL',
     'Lets Encrypt Support'  => 'สนับสนุน Lets Encrypt',
     'Lets Encrypt'  => 'Lets Encrypt',
     'Your certificate will be automatically issued in 5 minutes' => 'ใบรับรองของคุณจะได้รับการออกโดยอัตโนมัติภายใน 5 นาที',
@@ -206,17 +207,17 @@ $LANG['th'] = array(
     'SOA'  => 'SOA',
     'TTL'  => 'TTL',
     'Expire'  => 'หมดอายุ',
-    'Records'  => 'Records',
+    'Records'  => 'รายการ',
     'Serial'  => 'Serial',
-    'Catchall email'  => 'Catchall email',
-    'AntiVirus Support'  => 'สนับสนุน AntiVirus',
-    'AntiSpam Support'  => 'สนับสนุน AntiSpam',
+    'Catchall email'  => 'อีเมล Catchall',
+    'AntiVirus Support'  => 'สนับสนุนการป้องกันไวรัส',
+    'AntiSpam Support'  => 'สนับสนุนการป้องกันเมลขยะ',
     'DKIM Support'  => 'สนับสนุน DKIM',
     'Accounts'  => 'บัญชี',
     'Quota'  => 'โควตา',
     'Autoreply'  => 'ตอบกลับอัตโนมัติ',
     'Forward to'  => 'ส่งต่อไปยัง',
-    'Do not store forwarded mail'  => 'อย่าเก็บเมล์ที่ส่งต่อไว้',
+    'Do not store forwarded mail'  => 'ไม่เก็บเมลที่ส่งต่อแล้วไว้',
     'IMAP hostname'  => 'IMAP hostname',
     'IMAP port'  => 'IMAP port',
     'IMAP security'  => 'IMAP security',
@@ -240,7 +241,7 @@ $LANG['th'] = array(
     'Run Time'  => 'เวลาทำงาน',
     'Backup Size'  => 'ขนาดสำรองข้อมูล',
     'SYS'  => 'SYS',
-    'Domains'  => 'Domains',
+    'Domains'  => 'โดเมน',
     'Status'  => 'สถานะ',
     'shared'  => 'shared',
     'dedicated'  => 'dedicated',
@@ -253,72 +254,72 @@ $LANG['th'] = array(
     'NGINX Usage'  => 'การใช้ NGINX',
     'MySQL Usage on localhost'  => 'การใช้ MySQL บน localhost',
     'PostgreSQL Usage on localhost'  => 'การใช้ PostgreSQL บน localhost',
-    'Bandwidth Usage eth0'  => 'การใช้ แบนด์วิดธ์ ของ eth0',
-    'Bandwidth Usage eth1'  => 'การใช้ แบนด์วิดธ์ ของ eth1',
+    'Bandwidth Usage eth0'  => 'ขนาดการรับส่งข้อมูลของ eth0',
+    'Bandwidth Usage eth1'  => 'ขนาดการรับส่งข้อมูลของ eth1',
     'Exim Usage'  => 'การใช้ Exim',
     'FTP Usage'  => 'การใช้ FTP',
     'SSH Usage'  => 'การใช้ SSH',
     'reverse proxy'  => 'reverse proxy',
-    'web server'  => 'web server',
-    'dns server'  => 'dns server',
-    'mail server'  => 'mail server',
-    'pop/imap server'  => 'pop/imap server',
-    'email antivirus'  => 'email antivirus',
-    'email antispam'  => 'email antispam',
-    'database server'  => 'database server',
-    'ftp server'  => 'ftp server',
+    'web server'  => 'เซิร์ฟเวอร์เว็บ',
+    'dns server'  => 'เซิร์ฟเวอร์ dns',
+    'mail server'  => 'เซิร์ฟเวอร์เมล',
+    'pop/imap server'  => 'เซิร์ฟเวอร์ pop/imap',
+    'email antivirus'  => 'การป้องกันไวรัสอีเมล',
+    'email antispam'  => 'การป้องกันอีเมลขยะ',
+    'database server'  => 'เซิร์ฟเวอร์ฐานข้อมูล',
+    'ftp server'  => 'เซิร์ฟเวอร์ ftp',
     'job scheduler'  => 'job scheduler',
     'firewall'  => 'firewall',
-    'brute-force monitor'  => 'ตรวจสอบการ brute-force',
+    'brute-force monitor'  => 'ดักจับ brute-force',
     'CPU'  => 'CPU',
     'Memory'  => 'หน่วยความจำ',
-    'Uptime'  => 'เวลาทำงาน',
+    'Uptime'  => 'ระบบทำงานมาแล้ว',
     'core package'  => 'แพ็กเกจหลัก',
-    'php interpreter'  => 'ตัวแปลคำสั่ง php',
+    'php interpreter'  => 'ตัวแปลภาษา php',
     'internal web server'  => 'เว็บเซิร์ฟเวอร์ภายใน',
     'Version'  => 'เวอร์ชั่น',
-    'Release'  => 'เวอร์ชั่นการปล่อย',
+    'Release'  => 'ลำดับที่',
     'Architecture'  => 'สถาปัตยกรรม',
     'Object'  => 'วัตถุ',
     'Username'  => 'ชื่อผู้ใช้',
     'Password'  => 'รหัสผ่าน',
-    'Email'  => 'อีเมล์',
+    'Email'  => 'อีเมล',
     'Package'  => 'แพ็กเกจ',
     'Language'  => 'ภาษา',
     'First Name'  => 'ชื่อ',
     'Last Name'  => 'นามสกุล',
     'Send login credentials to email address'  => 'ชื่ออีเมล์สำหรับส่งข้อมูลการเข้าสู่ระบบ',
-    'Default Template'  => 'Template มาตรฐาน',
-    'Default Name Servers'  => 'Name Servers มาตรฐาน',
+    'Default Template'  => 'ตัวแบบเริ่มต้น',
+    'Default Name Servers'  => 'Name Servers เริ่มต้น',
     'Domain'  => 'โดเมน',
     'DNS Support'  => 'สนับสนุน DNS',
-    'Mail Support'  => 'สนับสนุนเมล์',
+    'Mail Support'  => 'สนับสนุนเมล',
     'Advanced options'  => 'ตัวเลือกขั้นสูง',
     'Basic options'  => 'ตัวเลือกพื้นฐาน',
-    'Aliases'  => 'Aliases',
+    'Aliases'  => 'ชื่อแทน',
     'SSL Certificate'  => 'SSL Certificate',
     'SSL Key'  => 'SSL Key',
     'SSL Certificate Authority / Intermediate'  => 'SSL Certificate Authority / Intermediate',
     'SSL CSR' => 'SSL CSR',
     'optional'  => 'ทางเลือกเพิ่มเติม',
     'internal' => 'ภายใน',
-    'Statistics Authorization'  => 'การตรวจสอบสถิติ',
-    'Statistics Auth'  => 'รับรองความถูกต้องของสถิติ',
+    'Statistics Authorization'  => 'กำหนดสิทธิการเข้าดูสถิติ',
+    'Statistics Auth'  => 'ลงทะเบียนเข้าดูสถิติ',
     'Account'  => 'บัญชี',
-    'Prefix will be automaticaly added to username'  => 'คำนำหน้า %s จะถูกเพิ่มลงในชื่อผู้ใช้โดยอัตโนมัติ',
-    'Send FTP credentials to email'  => 'ชื่ออีเมล์สำหรับส่งข้อมูล FTP',
+    'Prefix will be automaticaly added to username'  => 'จะมีการใส่คำนำหน้าลงในชื่อผู้ใช้โดยอัตโนมัติ',
+    'Send FTP credentials to email'  => 'ชื่ออีเมล์สำหรับส่งรหัสผ่าน FTP',
     'Expiration Date'  => 'วันหมดอายุ',
     'YYYY-MM-DD'  => 'ปี-เดือน-วัน',
     'Name servers'  => 'Name servers',
-    'Record'  => 'Record',
+    'Record'  => 'รายการ',
     'IP or Value'  => 'IP หรือ ค่า',
     'Priority'  => 'ลำดับความสำคัญ',
-    'Record Number' => 'ตัวเลข record',
+    'Record Number' => 'หมายเลขรายการ',
     'in megabytes'  => 'หน่วย megabytes',
     'Message'  => 'ข้อความ',
     'use local-part'  => 'ใช้ส่วนภายใน',
     'one or more email addresses'  => 'อย่างน้อย 1 ที่อยู่อีเมล์',
-    'Prefix will be automaticaly added to database name and database user'  => 'คำนำหน้า %s จะถูกเพิ่มชื่อในฐานข้อมูลและฐานข้อมูลผู้ใช้โดยอัตโนมัติ',
+    'Prefix will be automaticaly added to database name and database user'  => 'จะมีการเพิ่มคำนำหน้าชื่อฐานข้อมูลและชื่อผู้ใช้ฐานข้อมูลโดยอัตโนมัติ',
     'Database'  => 'ฐานข้อมูล',
     'Type'  => 'ชนิด',
     'Minute'  => 'นาที',
@@ -327,35 +328,35 @@ $LANG['th'] = array(
     'Netmask'  => 'Netmask',
     'Interface'  => 'Interface',
     'Shared'  => 'แชร์',
-    'Assigned user'  => 'กำหนดผู้ใช้แล้ว',
-    'Assigned domain'  => 'โดเมนที่กำหนด',
+    'Assigned user'  => 'ผู้ใช้ที่กำหนดไว้',
+    'Assigned domain'  => 'โดเมนที่กำหนดไว้',
     'NAT IP association' => 'NAT IP association',
     'shell'  => 'shell',
-    'web domains'  => 'web domains',
-    'web aliases'  => 'web aliases',
-    'dns records'  => 'dns records',
-    'mail domains'  => 'mail domains',
-    'mail accounts'  => 'บัญชีเมล์',
+    'web domains'  => 'โดเมนสำหรับเว็บ',
+    'web aliases'  => 'ชื่อแทนเว็บ',
+    'dns records'  => 'รายการ dns',
+    'mail domains'  => 'โดเมนสำหรับเมล',
+    'mail accounts'  => 'บัญชีเมล',
     'accounts'  => 'บัญชี',
     'databases'  => 'ฐานข้อมูล',
-    'cron jobs'  => 'cron jobs',
+    'cron jobs'  => 'งาน cron',
     'backups'  => 'สำรองข้อมูล',
     'quota'  => 'โควต้า',
-    'day of week'  => 'วันในสัปดาห์',
-    'cmd'  => 'cmd',
+    'day of week'  => 'วันของสัปดาห์',
+    'cmd'  => 'คำสั่ง',
     'users'  => 'ผู้ใช้',
     'domains'  => 'โดนเมน',
-    'aliases'  => 'aliases',
-    'records'  => 'records',
-    'jobs'  => 'jobs',
+    'aliases'  => 'ชื่อแทน',
+    'records'  => 'รายการ',
+    'jobs'  => 'งาน',
     'username'  => 'ชื่อผู้ใช้',
     'password'  => 'รหัสผ่าน',
     'type'  => 'ชนิด',
     'charset'  => 'charset',
     'domain'  => 'โดเมน',
     'ip'  => 'ip',
-    'ip address'  => 'ip address',
-    'IP address'  => 'IP address',
+    'ip address'  => 'ที่อยู่ ip',
+    'IP address'  => 'ที่อยู่ IP',
     'netmask'  => 'netmask',
     'interface'  => 'interface',
     'assigned user'  => 'กำหนดผู้ใช้แล้ว',
@@ -368,11 +369,11 @@ $LANG['th'] = array(
     'account'  => 'บัญชี',
     'ssl certificate'  => 'ssl certificate',
     'ssl key'  => 'ssl key',
-    'stats user password'  => 'stats user password',
-    'stats username'  => 'stats username',
-    'stats password'  => 'stats password',
-    'ftp user password'  => 'FTP ชื่อผู้ใช้ รหัสผ่าน',
-    'ftp user'  => 'ผู้ใช้ FTP',
+    'stats user password'  => 'รหัสผ่านของผู้ใช้สถิติ',
+    'stats username'  => 'ชื่อผู้ใช้สถิติ',
+    'stats password'  => 'รหัสผ่านสถิติ',
+    'ftp user password'  => 'รหัสผ่านของผู้ใช้สำหรับ ftp',
+    'ftp user'  => 'ผู้ใช้ ftp',
     'Last 70 lines of %s.%s.log' => '70 บรรทัดสุดท้ายของ %s.%s.log',
     'AccessLog' => 'AccessLog',
     'ErrorLog' => 'ErrorLog',
@@ -383,13 +384,13 @@ $LANG['th'] = array(
     'State / Province' => 'ถนน / แขวง',
     'City / Locality' => 'เมือง / ท้องถิ่น',
     'Organization' => 'องค์กร',
-    'Action' => 'การกระทำ',
+    'Action' => 'ดำเนินการ',
     'Protocol' => 'โปรโตคอล',
     'Port' => 'Port',
     'Comment' => 'หมายเหตุ',
     'Banlist' => 'รายชื่อที่โดนแบน',
     'ranges are acceptable' => 'ช่วงที่ยอมรับได้',
-    'CIDR format is supported' => 'การสนับสนุน CIDR',
+    'CIDR format is supported' => 'สนับสนุนรูปแบบ CIDR',
     'ACCEPT' => 'ยอมรับ',
     'DROP' => 'บล็อค',
     'TCP' => 'TCP',
@@ -400,12 +401,12 @@ $LANG['th'] = array(
     'VESTA' => 'VESTA',
     'Add one more Name Server' => 'เพิ่ม Name Server อีก',
 
-    'web domain' => 'web domain',
-    'dns domain' => 'dns domain',
-    'dns record' => 'dns record',
-    'mail domain' => 'mail domain',
+    'web domain' => 'โดเมนสำหรับเว็บ',
+    'dns domain' => 'โดเมนสำหรบ dns',
+    'dns record' => 'รายการ dns',
+    'mail domain' => 'โดเมนสำหรับเมล',
     'mail account' => 'บัญชีเมล์',
-    'cron job' => 'cron job',
+    'cron job' => 'งาน cron',
 
     'cron' => 'cron',
     'user dir' => 'ไดเร็กทอรี่ของผู้ใช้',
@@ -415,91 +416,91 @@ $LANG['th'] = array(
     '%s accounts'  => '%s บัญชี',
     '1 domain'  => '1 โดเมน',
     '%s domains'  => '%s โดเมน',
-    '1 record'  => '1 record',
-    '%s records'  => '%s records',
-    '1 mail account'  => '1 บัญชีเมล์',
-    '%s mail accounts'  => '%s บัญชีเมล์',
+    '1 record'  => '1 รายการ',
+    '%s records'  => '%s รายการ',
+    '1 mail account'  => '1 บัญชีเมล',
+    '%s mail accounts'  => '%s บัญชีเมล',
     '1 database'  => '1 ฐานข้อมูล',
     '%s databases'  => '%s ฐานข้อมูล',
-    '1 cron job'  => '1 cron job',
-    '%s cron jobs'  => '%s cron jobs',
-    '1 archive'  => '1 เก็บถาวร',
-    '%s archives'  => '%s เก็บถาวร',
+    '1 cron job'  => '1 งาน cron',
+    '%s cron jobs'  => '%s งาน cron',
+    '1 archive'  => '1 ข้อมูลสำรอง',
+    '%s archives'  => '%s ข้อมูลสำรอง',
     '1 item'  => '1 รายการ',
     '%s items'  => '%s รายการ',
     '1 package'  => '1 แพ็กเกจ',
-    '%s packages'  => '%s packages',
-    '1 IP address'  => '1 IP address',
-    '%s IP addresses'  => '%s IP addresses',
+    '%s packages'  => '%s แพ็กเกจ',
+    '1 IP address'  => '1 ที่อยู่ IP',
+    '%s IP addresses'  => '%s ที่อยู่ IP',
     '1 month'  => '1 เดือน',
     '%s months'  => '%s เดือน',
-    '1 log record'  => '1 log record',
-    '%s log records'  => '%s log record',
+    '1 log record'  => '1 บันทึกเหตุการณ์',
+    '%s log records'  => '%s บันทึกเหตุการณ์',
     '1 object'  => '1 วัตถุ',
     '%s objects'  => '%s วัตถุ',
     'no exclusions' => 'ไม่มีการยกเว้น',
-    '1 rule' => '1 rule',
-    '%s rules' => '%s rules',
+    '1 rule' => '1 กฎ',
+    '%s rules' => '%s กฎ',
     'There are no currently banned IP' => 'ไม่มี IP ที่ถูกแบน',
 
-    'USER_CREATED_OK'  => 'สร้างผู้ใช้ %s สำเร็จแล้ว',
-    'WEB_DOMAIN_CREATED_OK'  => 'สร้างโดนเมน %s สำเร็จแล้ว',
-    'DNS_DOMAIN_CREATED_OK'  => 'สร้าง DNS domain %s สำเร็จแล้ว',
-    'DNS_RECORD_CREATED_OK'  => 'สร้าง Record %s.%s ได้ถูกสร้างสำเร็จแล้ว',
-    'MAIL_DOMAIN_CREATED_OK'  => 'สร้าง Mail domain %s สำเร็จแล้ว',
-    'MAIL_ACCOUNT_CREATED_OK'  => 'สร้างบัญชีเมล์ %s@%s สำเร็จแล้ว',
-    'DATABASE_CREATED_OK'  => 'สร้างฐานข้อมูล %s สำเร็จแล้ว',
-    'CRON_CREATED_OK'  => 'สร้าง Cron job ได้ถูกสร้างแล้ว',
-    'IP_CREATED_OK'  => 'สร้าง IP address %s สำเร็จแล้ว',
-    'PACKAGE_CREATED_OK'  => 'สร้างแพ็กเกจ %s สำเร็จแล้ว',
-    'SSL_GENERATED_OK' => 'สร้างใบรับรองสำเร็จแล้ว',
-    'RULE_CREATED_OK' => 'สร้าง Rule สำเร็จแล้ว',
-    'BANLIST_CREATED_OK' => 'สร้าง IP address สำเร็จแล้ว',
+    'USER_CREATED_OK'  => 'สร้างผู้ใช้ %s แล้ว',
+    'WEB_DOMAIN_CREATED_OK'  => 'สร้างโดเมน %s แล้ว',
+    'DNS_DOMAIN_CREATED_OK'  => 'สร้างโดเมนสำหรับ DNS %s แล้ว',
+    'DNS_RECORD_CREATED_OK'  => 'สร้างรายการ %s.%s แล้ว',
+    'MAIL_DOMAIN_CREATED_OK'  => 'สร้างโดเมนสำหรับเมล %s แล้ว',
+    'MAIL_ACCOUNT_CREATED_OK'  => 'สร้างบัญชีเมล %s@%s แล้ว',
+    'DATABASE_CREATED_OK'  => 'สร้างฐานข้อมูล %s แล้ว',
+    'CRON_CREATED_OK'  => 'สร้างงาน Cron แล้ว',
+    'IP_CREATED_OK'  => 'สร้างที่อยู่ IP %s แล้ว',
+    'PACKAGE_CREATED_OK'  => 'สร้างแพ็กเกจ %s แล้ว',
+    'SSL_GENERATED_OK' => 'สร้าง SSL Certificate แล้ว',
+    'RULE_CREATED_OK' => 'สร้างกฎแล้ว',
+    'BANLIST_CREATED_OK' => 'สร้างรายการแบนหมายเลข IP แล้ว',
     'Autoupdate has been successfully enabled' => 'เปิดใช้งานการอัพเดทอัตโนมัติสำเร็จแล้ว',
     'Autoupdate has been successfully disabled' => 'ปิดใช้งานการอัพเดทอัตโนมัติสำเร็จแล้ว',
-    'Cronjob email reporting has been successfully enabled' => 'การรายงานทางอีเมลของ Cronjob ได้รับการเปิดใช้งานเรียบร้อยแล้ว',
-    'Cronjob email reporting has been successfully disabled' => 'การรายงานทางอีเมลของ Cronjob ได้รับการปิดใช้งานเรียบร้อยแล้ว',
+    'Cronjob email reporting has been successfully enabled' => 'เปิดการรายงานทางอีเมลของ Cronjob แล้ว',
+    'Cronjob email reporting has been successfully disabled' => 'ปิดการรายงานทางอีเมลของ Cronjob แล้ว',
     'Changes has been saved.'  => 'บันทึกการเปลี่ยนแปลงแล้ว',
     'Confirmation'  => 'การยืนยัน',
-    'DELETE_USER_CONFIRMATION' => 'คุณแน่ใจหรือไม่ว่าต้องการ ลบผู้ใช้ %s?',
-    'SUSPEND_USER_CONFIRMATION' => 'คุณแน่ใจหรือไม่ว่าต้องการ ระงับผู้ใช้ %s?',
-    'UNSUSPEND_USER_CONFIRMATION' => 'คุณแน่ใจหรือไม่ว่าต้องการ เปิดการใช้งานผู้ใช้ %s?',
-    'DELETE_DOMAIN_CONFIRMATION' => 'คุณแน่ใจหรือไม่ว่าต้องการ ลบโดเมน %s?',
-    'SUSPEND_DOMAIN_CONFIRMATION' => 'แน่ใจหรือไม่ว่าคุณต้องการ ระงับโดเมน %s?',
-    'UNSUSPEND_DOMAIN_CONFIRMATION' => 'คุณแน่ใจหรือไม่ว่าต้องการ เปิดการใช้งานโดเมน %s?',
-    'DELETE_RECORD_CONFIRMATION' => 'คุณแน่ใจหรือไม่ว่าต้องการ ลบ Record %s?',
-    'SUSPEND_RECORD_CONFIRMATION' => 'คุณแน่ใจหรือไม่ว่าต้องการ ระงับ Record %s?',
-    'UNSUSPEND_RECORD_CONFIRMATION' => 'คุณแน่ใจหรือไม่ว่าต้องการ เปิดการใช้งาน Record %s?',
-    'DELETE_MAIL_ACCOUNT_CONFIRMATION' => 'คุณแน่ใจหรือว่าต้องการ ลบเมล์ %s?',
-    'SUSPEND_MAIL_ACCOUNT_CONFIRMATION' => 'คุณแน่ใจหรือไม่ว่าต้องการ ระงับเมล์ %s?',
-    'UNSUSPEND_MAIL_ACCOUNT_CONFIRMATION' => 'คุณแน่ใจหรือไม่ว่าต้องการ เปิดการใช้งานเมล์ %s?',
-    'DELETE_DATABASE_CONFIRMATION' => 'คุณแน่ใจหรือไม่ว่าต้องการ ลบฐานข้อมูล %s?',
-    'SUSPEND_DATABASE_CONFIRMATION' => 'คุณแน่ใจหรือไม่ว่าต้องการ ระงับฐานข้อมูล %s?',
-    'UNSUSPEND_DATABASE_CONFIRMATION' => 'คุณแน่ใจหรือไม่ว่าต้องการ เปิดการใช้งานฐานข้อมูล %s?',
-    'DELETE_CRON_CONFIRMATION' => 'คุณแน่ใจหรือไม่ว่าต้องการ ลบ cron job?',
-    'SUSPEND_CRON_CONFIRMATION' => 'คุณแน่ใจหรือไม่ว่าต้องการ ระงับ cron job?',
-    'UNSUSPEND_CRON_CONFIRMATION' => 'คุณแน่ใจหรือไม่ว่าต้องการ เปิดการใช้งาน cron job?',
-    'DELETE_BACKUP_CONFIRMATION'  => 'คุณแน่ใจหรือไม่ว่าต้องการ ลบการสำรองข้อมูล %s?',
-    'DELETE_EXCLUSION_CONFIRMATION' => 'คุณแน่ใจหรือไม่ว่าต้องการ ลบ %s ในการยกเว้น?',
-    'DELETE_PACKAGE_CONFIRMATION'  => 'คุณแน่ใจหรือไม่ว่าต้องการ ลบแพ็กเกจ %s?',
-    'DELETE_IP_CONFIRMATION'  => 'คุณแน่ใจหรือไม่ว่าต้องการ ลบ IP address %s?',
-    'DELETE_RULE_CONFIRMATION' => 'คุณแน่ใจหรือไม่ว่าต้องการ ลบ rule #%s?',
-    'SUSPEND_RULE_CONFIRMATION' => 'คุณแน่ใจหรือไม่ว่าต้องการ ระงับ rule  #%s?',
-    'UNSUSPEND_RULE_CONFIRMATION' => 'คุณแน่ใจหรือไม่ว่าต้องการ เปิดการใช้งาน rule #%s?',
-    'LEAVE_PAGE_CONFIRMATION' => 'ออกจากหน้านี้?',
-    'RESTART_CONFIRMATION' => 'คุณแน่ใจหรือไม่ว่าต้องการเริ่มต้นใหม่ %s?',
+    'DELETE_USER_CONFIRMATION' => 'คุณแน่ใจหรือไม่ว่าต้องการ ลบผู้ใช้ %s',
+    'SUSPEND_USER_CONFIRMATION' => 'คุณแน่ใจหรือไม่ว่าต้องการ ระงับผู้ใช้ %s',
+    'UNSUSPEND_USER_CONFIRMATION' => 'คุณแน่ใจหรือไม่ว่าต้องการ เปิดการใช้งานผู้ใช้ %s',
+    'DELETE_DOMAIN_CONFIRMATION' => 'คุณแน่ใจหรือไม่ว่าต้องการ ลบโดเมน %s',
+    'SUSPEND_DOMAIN_CONFIRMATION' => 'แน่ใจหรือไม่ว่าคุณต้องการ ระงับโดเมน %s',
+    'UNSUSPEND_DOMAIN_CONFIRMATION' => 'คุณแน่ใจหรือไม่ว่าต้องการ เปิดการใช้งานโดเมน %s',
+    'DELETE_RECORD_CONFIRMATION' => 'คุณแน่ใจหรือไม่ว่าต้องการ ลบรายการ %s',
+    'SUSPEND_RECORD_CONFIRMATION' => 'คุณแน่ใจหรือไม่ว่าต้องการ ระงับรายการ %s',
+    'UNSUSPEND_RECORD_CONFIRMATION' => 'คุณแน่ใจหรือไม่ว่าต้องการ เปิดการใช้งานรายการ %s',
+    'DELETE_MAIL_ACCOUNT_CONFIRMATION' => 'คุณแน่ใจหรือว่าต้องการ ลบเมล %s',
+    'SUSPEND_MAIL_ACCOUNT_CONFIRMATION' => 'คุณแน่ใจหรือไม่ว่าต้องการ ระงับเมล %s',
+    'UNSUSPEND_MAIL_ACCOUNT_CONFIRMATION' => 'คุณแน่ใจหรือไม่ว่าต้องการ เปิดการใช้งานเมล %s',
+    'DELETE_DATABASE_CONFIRMATION' => 'คุณแน่ใจหรือไม่ว่าต้องการ ลบฐานข้อมูล %s',
+    'SUSPEND_DATABASE_CONFIRMATION' => 'คุณแน่ใจหรือไม่ว่าต้องการ ระงับฐานข้อมูล %s',
+    'UNSUSPEND_DATABASE_CONFIRMATION' => 'คุณแน่ใจหรือไม่ว่าต้องการ เปิดการใช้งานฐานข้อมูล %s',
+    'DELETE_CRON_CONFIRMATION' => 'คุณแน่ใจหรือไม่ว่าต้องการ ลบงาน cron',
+    'SUSPEND_CRON_CONFIRMATION' => 'คุณแน่ใจหรือไม่ว่าต้องการ ระงับงาน cron',
+    'UNSUSPEND_CRON_CONFIRMATION' => 'คุณแน่ใจหรือไม่ว่าต้องการ เปิดการใช้งาน cron',
+    'DELETE_BACKUP_CONFIRMATION'  => 'คุณแน่ใจหรือไม่ว่าต้องการ ลบการสำรองข้อมูล %s',
+    'DELETE_EXCLUSION_CONFIRMATION' => 'คุณแน่ใจหรือไม่ว่าต้องการ ลบ %s ในการยกเว้น',
+    'DELETE_PACKAGE_CONFIRMATION'  => 'คุณแน่ใจหรือไม่ว่าต้องการ ลบแพ็กเกจ %s',
+    'DELETE_IP_CONFIRMATION'  => 'คุณแน่ใจหรือไม่ว่าต้องการ ลบที่อยู่ IP %s',
+    'DELETE_RULE_CONFIRMATION' => 'คุณแน่ใจหรือไม่ว่าต้องการ ลบกฎ #%s',
+    'SUSPEND_RULE_CONFIRMATION' => 'คุณแน่ใจหรือไม่ว่าต้องการ ระงับกฎ  #%s',
+    'UNSUSPEND_RULE_CONFIRMATION' => 'คุณแน่ใจหรือไม่ว่าต้องการ เปิดการใช้งานกฎ #%s',
+    'LEAVE_PAGE_CONFIRMATION' => 'ออกจากหน้านี้',
+    'RESTART_CONFIRMATION' => 'คุณแน่ใจหรือไม่ว่าต้องการเริ่มต้นใหม่ %s',
     'Welcome'  => 'ยินดีต้อนรับ',
     'LOGGED_IN_AS'  => 'เข้าสู่ระบบในฐานะผู้ใช้ %s',
     'Error'  => 'เกิดข้อผิดพลาด',
     'Invalid username or password'  => 'ชื่อผู้ใช้หรือรหัสผ่านไม่ถูกต้อง',
     'Invalid username or code'  => 'ชื่อผู้ใช้หรือรหัสไม่ถูกต้อง',
     'Passwords not match'  => 'รหัสผ่านทั้งสองไม่ตรงกัน',
-    'Please enter valid email address.'  => 'กรุณาใส่เมล์ที่ถูกต้อง',
+    'Please enter valid email address.'  => 'กรุณาใส่เมลที่ถูกต้อง',
     'Field "%s" can not be blank.'  => 'ช่อง "%s" ไม่สามารถเว้นว่างไว้',
     'Password is too short.'  => 'รหัสผ่านสั้นเกินไป (ต่ำสุด 6 ตัวอักษร)',
     'Error code:'  => 'รหัสข้อผิดพลาด: %s',
     'SERVICE_ACTION_FAILED'  => '"%s" "%s" ล้มเหลว',
-    'IP address is in use' => 'IP address กำลังใช้งานอยู่',
+    'IP address is in use' => 'ที่อยู่ IP ถูกใช้งานอยู่',
     'BACKUP_SCHEDULED'  => 'มีการเพิ่มงานลงในคิวแล้ว คุณจะได้รับอีเมลแจ้งเตือนเมื่อการสำรองข้อมูลของคุณพร้อมสำหรับการดาวน์โหลด',
     'BACKUP_EXISTS'  => 'มีการสำรองข้อมูลอยู่ โปรดรอให้การสำรองข้อมูลในปัจจุบันเสร็จสิ้น',
     'RESTORE_SCHEDULED'  => 'มีการเพิ่มงานลงในคิวแล้ว คุณจะได้รับการแจ้งเตือนทางอีเมลเมื่อการคืนค่าเสร็จสิ้น',
@@ -521,7 +522,7 @@ $LANG['th'] = array(
     'FTP login credentials'  => 'ข้อมูลการเข้าสู่ระบบ FTP',
     'FTP_ACCOUNT_READY' => "มีการสร้างบัญชี FTP และพร้อมใช้งานแล้ว\n\nโฮสต์: %s\nชื่อผู้ใช้: %s_%s\nรหัสผ่าน: %s\n\n--\nVesta Control Panel\n",
 
-    'Database Credentials'  => 'ข้อมูลของฐานข้อมูล',
+    'Database Credentials'  => 'ข้อมูลการใช้งานฐานข้อมูล',
     'DATABASE_READY' => "สร้างฐานข้อมูลเรียบร้อยแล้ว\n\nDatabase: %s\nชื่อ: %s\nรหัสผ่าน: %s\n%s\n\n--\nVesta Control Panel\n",
 
     'forgot password'  => 'ลืมรหัสผ่าน',
@@ -530,7 +531,7 @@ $LANG['th'] = array(
     'Confirm Password'  => 'ยืนยันรหัสผ่าน',
     'Reset'  => 'รีเซ็ต',
     'Reset Code'  => 'รหัสสำหรับรีเซ็ต',
-    'RESET_NOTICE'  => '',
+    'RESET_NOTICE'  => 'แจ้งการ',
     'RESET_CODE_SENT'  => 'รหัสสำหรับรีเซ็ตรหัสผ่านถูกส่งไปยังที่อยู่อีเมลของคุณแล้ว
',
     'MAIL_RESET_SUBJECT'  => 'ตั้งค่ารหัสผ่านใหม่ที่ %s',
     'PASSWORD_RESET_REQUEST' => "หากต้องการรีเซ็ตรหัสผ่านของแผงควบคุมโปรดไปที่ลิงก์นี้:\nhttps://%s/reset/?action=confirm&user=%s&code=%s\n\nAlternatively, คุณอาจจะไปที่ https://%s/reset/?action=code&user=%s และใส่รหัสรีเซ็ตดังต่อไปนี้:\n%s\n\nหากคุณไม่ได้ขอรหัสผ่านใหม่โปรดละเว้นข้อความนี้และยอมรับคำขอโทษของเรา\n\n--\nVesta Control Panel\n",
@@ -548,41 +549,41 @@ $LANG['th'] = array(
     'Nov' => 'พ.ย.',
     'Dec' => 'ธ.ค.',
 
-    'Configuring Server' => 'การกำหนดค่าเซิฟเวอร์',
+    'Configuring Server' => 'การกำหนดค่าเซิร์ฟเวอร์',
     'Hostname' => 'Hostname',
     'Time Zone' => 'เขตเวลา',
     'Default Language' => 'ภาษาเริ่มต้น',
-    'Proxy Server' => 'Proxy Server',
-    'Web Server' => 'Web Server',
-    'Backend Server' => 'Backend Server',
-    'Backend Pool Mode' => 'Backend Pool Mode',
-    'DNS Server' => 'DNS Server',
+    'Proxy Server' => 'เซิร์ฟเวอร์ Proxy',
+    'Web Server' => 'เซิร์ฟเวอร์เว็บ',
+    'Backend Server' => 'เซิร์ฟเวอร์ Backend',
+    'Backend Pool Mode' => 'โหมด Backend Pool',
+    'DNS Server' => 'เซิร์ฟเวอร์ DNS',
     'DNS Cluster' => 'DNS Cluster',
-    'MAIL Server' => 'MAIL Server',
-    'Antivirus' => 'Antivirus',
-    'AntiSpam' => 'AntiSpam',
+    'MAIL Server' => 'เซิร์ฟเวอร์เมล',
+    'Antivirus' => 'ป้องกันไวรัส',
+    'AntiSpam' => 'ป้องกันเมลขยะ',
     'Webmail URL' => 'Webmail URL',
     'MySQL Support' => 'สนับสนุน MySQL',
-    'phpMyAdmin URL' => 'ที่อยู่ของ phpMyAdmin',
+    'phpMyAdmin URL' => 'phpMyAdmin URL',
     'PostgreSQL Support' => 'สนับสนุน PostgreSQL',
-    'phpPgAdmin URL' => 'ที่อยู่ของ phpPgAdmin',
+    'phpPgAdmin URL' => 'phpPgAdmin URL',
     'Maximum Number Of Databases' => 'จำนวนฐานข้อมูลสูงสุด',
     'Current Number Of Databases' => 'จำนวนฐานข้อมูลปัจจุบัน',
-    'Local backup' => 'สำรองข้อมูลท้องถิ่น',
+    'Local backup' => 'สำรองข้อมูลภายใน',
     'Compression level' => 'ระดับการบีบอัด',
     'Directory' => 'ไดเร็กทอรี่',
-    'Remote backup' => 'การสำรองข้อมูลระยะไกล',
+    'Remote backup' => 'การสำรองข้อมูลภายนอก',
     'ftp' => 'FTP',
     'sftp' => 'SFTP',
     'SFTP Chroot' => 'SFTP Chroot',
-    'FileSystem Disk Quota' => 'FileSystem Disk Quota',
+    'FileSystem Disk Quota' => 'โควต้าการเก็บข้อมูลในระบบ',
     'Vesta Control Panel Plugins' => 'ปลั๊กอิน Vesta Control Panel',
     'preview' => 'ดูตัวอย่าง',
     'Reseller Role' => 'บทบาท Reseller',
     'Web Config Editor' => 'เครื่องมือแก้ไขการตั้งค่าเว็บ',
     'Template Manager' => 'ตัวจัดการ Template',
     'Backup Migration Manager' => 'ตัวจัดการการย้ายข้อมูลสำรอง',
-    'FileManager' => 'FileManager',
+    'FileManager' => 'ตัวจัดการไฟล์',
     'show: CPU / MEM / NET / DISK' => 'แสดง: CPU / MEM / NET / DISK',
 
     'sort by' => 'จัดเรียงโดย',
@@ -592,7 +593,7 @@ $LANG['th'] = array(
 
     'save to favorites' => 'บันทึกในรายการโปรด',
 
-    'File Manager' => 'File Manager',
+    'File Manager' => 'ตัวจัดการไฟล์',
     'size' => 'ขนาด',
     'date' => 'วันที่',
     'name' => 'ชื่อ',
@@ -608,8 +609,8 @@ $LANG['th'] = array(
     'ARCHIVE' => 'เก็บถาวร',
     'EXTRACT' => 'แตกไฟล์',
     'DOWNLOAD' => 'ดาวน์โหลด',
-    'Are you sure?' => 'คุณแน่ใจ?',
-    'Hit' => 'Hit',
+    'Are you sure?' => 'คุณแน่ใจหรือไม่',
+    'Hit' => 'จำนวนการเข้าถึง',
     'to reload the page' => 'เพื่อโหลดหน้าเว็บใหม่',
     'Directory name cannot be empty' => 'ชื่อไดเร็กทอรี่ต้องไม่ว่างเปล่า',
     'File name cannot be empty' => 'ชื่อไฟล์ต้องไม่ว่างเปล่า',
@@ -629,7 +630,7 @@ $LANG['th'] = array(
     'Extract' => 'แตกไฟล์',
     'Create' => 'สร้าง',
     'Compress' => 'บีบอัด',
-    'OK' => 'โอเค',
+    'OK' => 'ตกลง',
     'YOU ARE COPYING' => 'คุณกำลังคัดลอก',
     'YOU ARE REMOVING' => 'คุณกำลังลบ',
     'Delete items' => 'ลบรายการ',
@@ -667,7 +668,7 @@ $LANG['th'] = array(
     'Go to CRON list' => 'ไปที่รายการ CRON',
     'Go to BACKUP list' => 'ไปที่รายการ สำรองข้อมูล',
     'Focus on search' => 'มุ่งเน้นการค้นหา',
-    'Display/Close shortcuts' => 'แสดง/ปิด shortcuts',
+    'Display/Close shortcuts' => 'แสดง/ปิดทางลัด',
     'Move backward through top menu' => 'เลื่อนกลับไปที่เมนูด้านบน',
     'Move forward through top menu' => 'เลื่อนไปข้างหน้าผ่านเมนูด้านบน',
     'Enter focused element' => 'ใส่องค์ประกอบที่เน้น',
@@ -696,7 +697,7 @@ $LANG['th'] = array(
     'Add File to the Current Selection' => 'เพิ่มไฟล์ในการเลือกปัจจุบัน',
     'Select All Files' => 'เลือกไฟล์ทั้งหมด',
     'shortcuts are inspired by magnificent GNU Midnight Commander file manager' =>
-    'shortcuts are inspired by magnificent GNU Midnight Commander file manager',
+    'ทางลัดต่างๆ ได้แรงบันดาลใจจากตัวจัดการไฟล์ magnificent GNU Midnight Commander',
 
     'Licence Key' => 'License Key',
     'Enter License Key' => 'กรอก License Key',
@@ -705,7 +706,7 @@ $LANG['th'] = array(
     'Disable and Cancel License' => 'ปิดการใช้งาน และยกเลิก License',
     'Licence Activated' => 'เปิดใช้งาน License แล้ว',
     'Licence Deactivated' => 'ปิดการใช้งาน License แล้ว',
-    'Restrict users so that they cannot use SSH and access only their home directory.' => 'จำกัดผู้ใช้เพื่อไม่ให้ใช้ SSH และเข้าถึงไดเร็กทอรี่บ้านเท่านั้น',
+    'Restrict users so that they cannot use SSH and access only their home directory.' => 'จำกัดผู้ใช้เพื่อไม่ให้ใช้ SSH และเข้าถึงไดเร็กทอรี่ของตนเองเท่านั้น',
     'Browse, copy, edit, view, and retrieve all of your web domain files using fully featured File Manager.' => 'เรียกดู, คัดลอก, แก้ไข, ดู, และเรียกค้นหาไฟล์โดเมนทั้งหมดของเว็บโดยใช้ตัวจัดการไฟล์ที่มีคุณลักษณะครบถ้วน',
     'This is a commercial module, you would need to purchace license key to enable it.' => 'สิ่งนี้ไม่ใช่โมดูลฟรี, คุณจะต้องซื้อ License Key เพื่อเปิดใช้งาน',
 
@@ -746,14 +747,14 @@ $LANG['th'] = array(
     'PUB_KEY' => 'PUB_KEY',
     'ISSUER' => 'ISSUER',
 
-    'Use server hostname' => 'ใช้ server hostname',
-    'Use domain hostname' => 'ใช้ domain hostname',
+    'Use server hostname' => 'ใช้ hostname ของเซิร์ฟเวอร์',
+    'Use domain hostname' => 'ใช้ hostname ของโดเมน',
     'Use STARTTLS' => 'ใช้ STARTTLS',
     'Use SSL / TLS' => 'ใช้ SSL / TLS',
-    'No encryption' => 'ไม่มี encryption',
-    'Do not use encryption' => 'ไม่ใช้ encryption',
+    'No encryption' => 'ไม่มีการเข้ารหัส',
+    'Do not use encryption' => 'ไม่ใช้การเข้ารหัส',
 
     'maximum characters length, including prefix' => 'ความยาว charset สูงสุด %s ตัว, รวมถึงคำนำหน้า',
 
-    'Email Credentials' => 'Email Credentials',
+    'Email Credentials' => 'ข้อมูลการใช้อีเมล',
 );

From d2d6b85d43a7b6afb96cf4d14de96638bae14908 Mon Sep 17 00:00:00 2001
From: Phinitnan Chanasabaeng 
Date: Tue, 7 Aug 2018 14:02:36 +0700
Subject: [PATCH 0180/2300] Fixed missing NGINX rewrite rule for Drupal 7 & 8

---
 install/debian/7/templates/web/nginx/php5-fpm/drupal7.stpl  | 4 ++++
 install/debian/7/templates/web/nginx/php5-fpm/drupal7.tpl   | 4 ++++
 install/debian/7/templates/web/nginx/php5-fpm/drupal8.stpl  | 4 ++++
 install/debian/7/templates/web/nginx/php5-fpm/drupal8.tpl   | 6 +++++-
 install/debian/8/templates/web/nginx/php5-fpm/drupal7.stpl  | 4 ++++
 install/debian/8/templates/web/nginx/php5-fpm/drupal7.tpl   | 4 ++++
 install/debian/8/templates/web/nginx/php5-fpm/drupal8.stpl  | 4 ++++
 install/debian/8/templates/web/nginx/php5-fpm/drupal8.tpl   | 6 +++++-
 install/debian/9/templates/web/nginx/php-fpm/drupal7.stpl   | 4 ++++
 install/debian/9/templates/web/nginx/php-fpm/drupal7.tpl    | 4 ++++
 install/debian/9/templates/web/nginx/php-fpm/drupal8.stpl   | 4 ++++
 install/debian/9/templates/web/nginx/php-fpm/drupal8.tpl    | 6 +++++-
 install/rhel/5/templates/web/nginx/php-fpm/drupal7.stpl     | 4 ++++
 install/rhel/5/templates/web/nginx/php-fpm/drupal7.tpl      | 4 ++++
 install/rhel/5/templates/web/nginx/php-fpm/drupal8.stpl     | 4 ++++
 install/rhel/5/templates/web/nginx/php-fpm/drupal8.tpl      | 6 +++++-
 install/rhel/6/templates/web/nginx/php-fpm/drupal7.stpl     | 4 ++++
 install/rhel/6/templates/web/nginx/php-fpm/drupal7.tpl      | 4 ++++
 install/rhel/6/templates/web/nginx/php-fpm/drupal8.stpl     | 4 ++++
 install/rhel/6/templates/web/nginx/php-fpm/drupal8.tpl      | 6 +++++-
 install/rhel/7/templates/web/nginx/php-fpm/drupal7.stpl     | 4 ++++
 install/rhel/7/templates/web/nginx/php-fpm/drupal7.tpl      | 4 ++++
 install/rhel/7/templates/web/nginx/php-fpm/drupal8.stpl     | 4 ++++
 install/rhel/7/templates/web/nginx/php-fpm/drupal8.tpl      | 6 +++++-
 .../ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.stpl   | 4 ++++
 .../ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.tpl    | 4 ++++
 .../ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.stpl   | 4 ++++
 .../ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.tpl    | 6 +++++-
 .../ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.stpl   | 4 ++++
 .../ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.tpl    | 4 ++++
 .../ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.stpl   | 4 ++++
 .../ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.tpl    | 6 +++++-
 .../ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.stpl   | 4 ++++
 .../ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.tpl    | 4 ++++
 .../ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.stpl   | 4 ++++
 .../ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.tpl    | 6 +++++-
 .../ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.stpl   | 4 ++++
 .../ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.tpl    | 4 ++++
 .../ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.stpl   | 4 ++++
 .../ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.tpl    | 6 +++++-
 .../ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.stpl   | 4 ++++
 .../ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.tpl    | 4 ++++
 .../ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.stpl   | 4 ++++
 .../ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.tpl    | 6 +++++-
 .../ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.stpl   | 4 ++++
 .../ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.tpl    | 4 ++++
 .../ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.stpl   | 4 ++++
 .../ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.tpl    | 6 +++++-
 .../ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.stpl   | 4 ++++
 .../ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.tpl    | 4 ++++
 .../ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.stpl   | 4 ++++
 .../ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.tpl    | 6 +++++-
 .../ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.stpl   | 4 ++++
 .../ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.tpl    | 4 ++++
 .../ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.stpl   | 4 ++++
 .../ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.tpl    | 6 +++++-
 .../ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.stpl   | 4 ++++
 .../ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.tpl    | 4 ++++
 .../ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.stpl   | 4 ++++
 .../ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.tpl    | 6 +++++-
 .../ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.stpl   | 4 ++++
 .../ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.tpl    | 4 ++++
 .../ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.stpl   | 4 ++++
 .../ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.tpl    | 6 +++++-
 .../ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.stpl   | 4 ++++
 .../ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.tpl    | 4 ++++
 .../ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.stpl   | 4 ++++
 .../ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.tpl    | 6 +++++-
 .../ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.stpl   | 4 ++++
 .../ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.tpl    | 4 ++++
 .../ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.stpl   | 4 ++++
 .../ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.tpl    | 6 +++++-
 .../ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.stpl   | 4 ++++
 .../ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.tpl    | 4 ++++
 .../ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.stpl   | 4 ++++
 .../ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.tpl    | 6 +++++-
 76 files changed, 323 insertions(+), 19 deletions(-)

diff --git a/install/debian/7/templates/web/nginx/php5-fpm/drupal7.stpl b/install/debian/7/templates/web/nginx/php5-fpm/drupal7.stpl
index 030ea952..bdf97f65 100644
--- a/install/debian/7/templates/web/nginx/php5-fpm/drupal7.stpl
+++ b/install/debian/7/templates/web/nginx/php5-fpm/drupal7.stpl
@@ -48,6 +48,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/debian/7/templates/web/nginx/php5-fpm/drupal7.tpl b/install/debian/7/templates/web/nginx/php5-fpm/drupal7.tpl
index c9729795..14f0c833 100644
--- a/install/debian/7/templates/web/nginx/php5-fpm/drupal7.tpl
+++ b/install/debian/7/templates/web/nginx/php5-fpm/drupal7.tpl
@@ -44,6 +44,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/debian/7/templates/web/nginx/php5-fpm/drupal8.stpl b/install/debian/7/templates/web/nginx/php5-fpm/drupal8.stpl
index 030ea952..bdf97f65 100644
--- a/install/debian/7/templates/web/nginx/php5-fpm/drupal8.stpl
+++ b/install/debian/7/templates/web/nginx/php5-fpm/drupal8.stpl
@@ -48,6 +48,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/debian/7/templates/web/nginx/php5-fpm/drupal8.tpl b/install/debian/7/templates/web/nginx/php5-fpm/drupal8.tpl
index c9729795..6d0e5bd6 100644
--- a/install/debian/7/templates/web/nginx/php5-fpm/drupal8.tpl
+++ b/install/debian/7/templates/web/nginx/php5-fpm/drupal8.tpl
@@ -42,7 +42,11 @@ server {
     location ~ /vendor/.*\.php$ {
         deny all;
         return 404;
-    }        
+    }  
+    
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }          
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
diff --git a/install/debian/8/templates/web/nginx/php5-fpm/drupal7.stpl b/install/debian/8/templates/web/nginx/php5-fpm/drupal7.stpl
index 030ea952..bdf97f65 100644
--- a/install/debian/8/templates/web/nginx/php5-fpm/drupal7.stpl
+++ b/install/debian/8/templates/web/nginx/php5-fpm/drupal7.stpl
@@ -48,6 +48,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/debian/8/templates/web/nginx/php5-fpm/drupal7.tpl b/install/debian/8/templates/web/nginx/php5-fpm/drupal7.tpl
index c9729795..14f0c833 100644
--- a/install/debian/8/templates/web/nginx/php5-fpm/drupal7.tpl
+++ b/install/debian/8/templates/web/nginx/php5-fpm/drupal7.tpl
@@ -44,6 +44,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/debian/8/templates/web/nginx/php5-fpm/drupal8.stpl b/install/debian/8/templates/web/nginx/php5-fpm/drupal8.stpl
index 030ea952..bdf97f65 100644
--- a/install/debian/8/templates/web/nginx/php5-fpm/drupal8.stpl
+++ b/install/debian/8/templates/web/nginx/php5-fpm/drupal8.stpl
@@ -48,6 +48,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/debian/8/templates/web/nginx/php5-fpm/drupal8.tpl b/install/debian/8/templates/web/nginx/php5-fpm/drupal8.tpl
index c9729795..6d0e5bd6 100644
--- a/install/debian/8/templates/web/nginx/php5-fpm/drupal8.tpl
+++ b/install/debian/8/templates/web/nginx/php5-fpm/drupal8.tpl
@@ -42,7 +42,11 @@ server {
     location ~ /vendor/.*\.php$ {
         deny all;
         return 404;
-    }        
+    }  
+    
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }          
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
diff --git a/install/debian/9/templates/web/nginx/php-fpm/drupal7.stpl b/install/debian/9/templates/web/nginx/php-fpm/drupal7.stpl
index 030ea952..bdf97f65 100644
--- a/install/debian/9/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/debian/9/templates/web/nginx/php-fpm/drupal7.stpl
@@ -48,6 +48,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/debian/9/templates/web/nginx/php-fpm/drupal7.tpl b/install/debian/9/templates/web/nginx/php-fpm/drupal7.tpl
index c9729795..14f0c833 100644
--- a/install/debian/9/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/debian/9/templates/web/nginx/php-fpm/drupal7.tpl
@@ -44,6 +44,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/debian/9/templates/web/nginx/php-fpm/drupal8.stpl b/install/debian/9/templates/web/nginx/php-fpm/drupal8.stpl
index 030ea952..bdf97f65 100644
--- a/install/debian/9/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/debian/9/templates/web/nginx/php-fpm/drupal8.stpl
@@ -48,6 +48,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/debian/9/templates/web/nginx/php-fpm/drupal8.tpl b/install/debian/9/templates/web/nginx/php-fpm/drupal8.tpl
index c9729795..6d0e5bd6 100644
--- a/install/debian/9/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/debian/9/templates/web/nginx/php-fpm/drupal8.tpl
@@ -42,7 +42,11 @@ server {
     location ~ /vendor/.*\.php$ {
         deny all;
         return 404;
-    }        
+    }  
+    
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }          
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
diff --git a/install/rhel/5/templates/web/nginx/php-fpm/drupal7.stpl b/install/rhel/5/templates/web/nginx/php-fpm/drupal7.stpl
index 030ea952..bdf97f65 100644
--- a/install/rhel/5/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/rhel/5/templates/web/nginx/php-fpm/drupal7.stpl
@@ -48,6 +48,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/rhel/5/templates/web/nginx/php-fpm/drupal7.tpl b/install/rhel/5/templates/web/nginx/php-fpm/drupal7.tpl
index c9729795..14f0c833 100644
--- a/install/rhel/5/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/rhel/5/templates/web/nginx/php-fpm/drupal7.tpl
@@ -44,6 +44,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/rhel/5/templates/web/nginx/php-fpm/drupal8.stpl b/install/rhel/5/templates/web/nginx/php-fpm/drupal8.stpl
index 030ea952..bdf97f65 100644
--- a/install/rhel/5/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/rhel/5/templates/web/nginx/php-fpm/drupal8.stpl
@@ -48,6 +48,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/rhel/5/templates/web/nginx/php-fpm/drupal8.tpl b/install/rhel/5/templates/web/nginx/php-fpm/drupal8.tpl
index c9729795..6d0e5bd6 100644
--- a/install/rhel/5/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/rhel/5/templates/web/nginx/php-fpm/drupal8.tpl
@@ -42,7 +42,11 @@ server {
     location ~ /vendor/.*\.php$ {
         deny all;
         return 404;
-    }        
+    }  
+    
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }          
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
diff --git a/install/rhel/6/templates/web/nginx/php-fpm/drupal7.stpl b/install/rhel/6/templates/web/nginx/php-fpm/drupal7.stpl
index 030ea952..bdf97f65 100644
--- a/install/rhel/6/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/rhel/6/templates/web/nginx/php-fpm/drupal7.stpl
@@ -48,6 +48,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/rhel/6/templates/web/nginx/php-fpm/drupal7.tpl b/install/rhel/6/templates/web/nginx/php-fpm/drupal7.tpl
index c9729795..14f0c833 100644
--- a/install/rhel/6/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/rhel/6/templates/web/nginx/php-fpm/drupal7.tpl
@@ -44,6 +44,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/rhel/6/templates/web/nginx/php-fpm/drupal8.stpl b/install/rhel/6/templates/web/nginx/php-fpm/drupal8.stpl
index 030ea952..bdf97f65 100644
--- a/install/rhel/6/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/rhel/6/templates/web/nginx/php-fpm/drupal8.stpl
@@ -48,6 +48,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/rhel/6/templates/web/nginx/php-fpm/drupal8.tpl b/install/rhel/6/templates/web/nginx/php-fpm/drupal8.tpl
index c9729795..6d0e5bd6 100644
--- a/install/rhel/6/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/rhel/6/templates/web/nginx/php-fpm/drupal8.tpl
@@ -42,7 +42,11 @@ server {
     location ~ /vendor/.*\.php$ {
         deny all;
         return 404;
-    }        
+    }  
+    
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }          
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
diff --git a/install/rhel/7/templates/web/nginx/php-fpm/drupal7.stpl b/install/rhel/7/templates/web/nginx/php-fpm/drupal7.stpl
index 030ea952..bdf97f65 100644
--- a/install/rhel/7/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/rhel/7/templates/web/nginx/php-fpm/drupal7.stpl
@@ -48,6 +48,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/rhel/7/templates/web/nginx/php-fpm/drupal7.tpl b/install/rhel/7/templates/web/nginx/php-fpm/drupal7.tpl
index c9729795..14f0c833 100644
--- a/install/rhel/7/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/rhel/7/templates/web/nginx/php-fpm/drupal7.tpl
@@ -44,6 +44,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/rhel/7/templates/web/nginx/php-fpm/drupal8.stpl b/install/rhel/7/templates/web/nginx/php-fpm/drupal8.stpl
index 030ea952..bdf97f65 100644
--- a/install/rhel/7/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/rhel/7/templates/web/nginx/php-fpm/drupal8.stpl
@@ -48,6 +48,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/rhel/7/templates/web/nginx/php-fpm/drupal8.tpl b/install/rhel/7/templates/web/nginx/php-fpm/drupal8.tpl
index c9729795..6d0e5bd6 100644
--- a/install/rhel/7/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/rhel/7/templates/web/nginx/php-fpm/drupal8.tpl
@@ -42,7 +42,11 @@ server {
     location ~ /vendor/.*\.php$ {
         deny all;
         return 404;
-    }        
+    }  
+    
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }          
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.stpl
index 030ea952..bdf97f65 100644
--- a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.stpl
@@ -48,6 +48,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.tpl
index c9729795..14f0c833 100644
--- a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.tpl
@@ -44,6 +44,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.stpl
index 030ea952..bdf97f65 100644
--- a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.stpl
@@ -48,6 +48,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.tpl
index c9729795..6d0e5bd6 100644
--- a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.tpl
@@ -42,7 +42,11 @@ server {
     location ~ /vendor/.*\.php$ {
         deny all;
         return 404;
-    }        
+    }  
+    
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }          
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.stpl
index 030ea952..bdf97f65 100644
--- a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.stpl
@@ -48,6 +48,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.tpl
index c9729795..14f0c833 100644
--- a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.tpl
@@ -44,6 +44,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.stpl
index 030ea952..bdf97f65 100644
--- a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.stpl
@@ -48,6 +48,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.tpl
index c9729795..6d0e5bd6 100644
--- a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.tpl
@@ -42,7 +42,11 @@ server {
     location ~ /vendor/.*\.php$ {
         deny all;
         return 404;
-    }        
+    }  
+    
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }          
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.stpl
index 030ea952..bdf97f65 100644
--- a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.stpl
@@ -48,6 +48,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.tpl
index c9729795..14f0c833 100644
--- a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.tpl
@@ -44,6 +44,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.stpl
index 030ea952..bdf97f65 100644
--- a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.stpl
@@ -48,6 +48,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.tpl
index c9729795..6d0e5bd6 100644
--- a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.tpl
@@ -42,7 +42,11 @@ server {
     location ~ /vendor/.*\.php$ {
         deny all;
         return 404;
-    }        
+    }  
+    
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }          
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.stpl
index 030ea952..bdf97f65 100644
--- a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.stpl
@@ -48,6 +48,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.tpl
index c9729795..14f0c833 100644
--- a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.tpl
@@ -44,6 +44,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.stpl
index 030ea952..bdf97f65 100644
--- a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.stpl
@@ -48,6 +48,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.tpl
index c9729795..6d0e5bd6 100644
--- a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.tpl
@@ -42,7 +42,11 @@ server {
     location ~ /vendor/.*\.php$ {
         deny all;
         return 404;
-    }        
+    }  
+    
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }          
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.stpl
index 030ea952..bdf97f65 100644
--- a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.stpl
@@ -48,6 +48,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.tpl
index c9729795..14f0c833 100644
--- a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.tpl
@@ -44,6 +44,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.stpl
index 030ea952..bdf97f65 100644
--- a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.stpl
@@ -48,6 +48,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.tpl
index c9729795..6d0e5bd6 100644
--- a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.tpl
@@ -42,7 +42,11 @@ server {
     location ~ /vendor/.*\.php$ {
         deny all;
         return 404;
-    }        
+    }  
+    
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }          
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.stpl
index 030ea952..bdf97f65 100644
--- a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.stpl
@@ -48,6 +48,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.tpl
index c9729795..14f0c833 100644
--- a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.tpl
@@ -44,6 +44,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.stpl
index 030ea952..bdf97f65 100644
--- a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.stpl
@@ -48,6 +48,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.tpl
index c9729795..6d0e5bd6 100644
--- a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.tpl
@@ -42,7 +42,11 @@ server {
     location ~ /vendor/.*\.php$ {
         deny all;
         return 404;
-    }        
+    }  
+    
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }          
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.stpl
index 030ea952..bdf97f65 100644
--- a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.stpl
@@ -48,6 +48,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.tpl
index c9729795..14f0c833 100644
--- a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.tpl
@@ -44,6 +44,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.stpl
index 030ea952..bdf97f65 100644
--- a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.stpl
@@ -48,6 +48,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.tpl
index c9729795..6d0e5bd6 100644
--- a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.tpl
@@ -42,7 +42,11 @@ server {
     location ~ /vendor/.*\.php$ {
         deny all;
         return 404;
-    }        
+    }  
+    
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }          
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.stpl
index 030ea952..bdf97f65 100644
--- a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.stpl
@@ -48,6 +48,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.tpl
index c9729795..14f0c833 100644
--- a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.tpl
@@ -44,6 +44,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.stpl
index 030ea952..bdf97f65 100644
--- a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.stpl
@@ -48,6 +48,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.tpl
index c9729795..6d0e5bd6 100644
--- a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.tpl
@@ -42,7 +42,11 @@ server {
     location ~ /vendor/.*\.php$ {
         deny all;
         return 404;
-    }        
+    }  
+    
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }          
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.stpl
index 030ea952..bdf97f65 100644
--- a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.stpl
@@ -48,6 +48,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.tpl
index c9729795..14f0c833 100644
--- a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.tpl
@@ -44,6 +44,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.stpl
index 030ea952..bdf97f65 100644
--- a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.stpl
@@ -48,6 +48,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.tpl
index c9729795..6d0e5bd6 100644
--- a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.tpl
@@ -42,7 +42,11 @@ server {
     location ~ /vendor/.*\.php$ {
         deny all;
         return 404;
-    }        
+    }  
+    
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }          
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.stpl
index 030ea952..bdf97f65 100644
--- a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.stpl
@@ -48,6 +48,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.tpl
index c9729795..14f0c833 100644
--- a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.tpl
@@ -44,6 +44,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.stpl
index 030ea952..bdf97f65 100644
--- a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.stpl
@@ -48,6 +48,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.tpl
index c9729795..6d0e5bd6 100644
--- a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.tpl
@@ -42,7 +42,11 @@ server {
     location ~ /vendor/.*\.php$ {
         deny all;
         return 404;
-    }        
+    }  
+    
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }          
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.stpl
index 030ea952..bdf97f65 100644
--- a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.stpl
@@ -48,6 +48,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.tpl
index c9729795..14f0c833 100644
--- a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.tpl
@@ -44,6 +44,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.stpl
index 030ea952..bdf97f65 100644
--- a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.stpl
@@ -48,6 +48,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.tpl
index c9729795..6d0e5bd6 100644
--- a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.tpl
@@ -42,7 +42,11 @@ server {
     location ~ /vendor/.*\.php$ {
         deny all;
         return 404;
-    }        
+    }  
+    
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }          
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.stpl
index 030ea952..bdf97f65 100644
--- a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.stpl
@@ -48,6 +48,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.tpl
index c9729795..14f0c833 100644
--- a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.tpl
@@ -44,6 +44,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.stpl
index 030ea952..bdf97f65 100644
--- a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.stpl
@@ -48,6 +48,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.tpl
index c9729795..6d0e5bd6 100644
--- a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.tpl
@@ -42,7 +42,11 @@ server {
     location ~ /vendor/.*\.php$ {
         deny all;
         return 404;
-    }        
+    }  
+    
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }          
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.stpl
index 030ea952..bdf97f65 100644
--- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.stpl
@@ -48,6 +48,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.tpl
index c9729795..14f0c833 100644
--- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.tpl
@@ -44,6 +44,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.stpl
index 030ea952..bdf97f65 100644
--- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.stpl
@@ -48,6 +48,10 @@ server {
         return 404;
     }        
 
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;
     }
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.tpl
index c9729795..6d0e5bd6 100644
--- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.tpl
@@ -42,7 +42,11 @@ server {
     location ~ /vendor/.*\.php$ {
         deny all;
         return 404;
-    }        
+    }  
+    
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }          
 
     location ~ ^/sites/.*/files/styles/ {
         try_files $uri @rewrite;

From 0e484587a84c74293aa02779f85934f22a575ea2 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Thu, 9 Aug 2018 17:42:47 +0300
Subject: [PATCH 0181/2300] Added back policy.d block for daeomon autostart on
 install

---
 install/vst-install-ubuntu.sh | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/install/vst-install-ubuntu.sh b/install/vst-install-ubuntu.sh
index a17517e3..bb74295b 100755
--- a/install/vst-install-ubuntu.sh
+++ b/install/vst-install-ubuntu.sh
@@ -626,15 +626,15 @@ fi
 # Updating system
 apt-get update
 
-# Disabling daemon autostart /usr/share/doc/sysv-rc/README.policy-rc.d.gz
-#echo -e '#!/bin/sh \nexit 101' > /usr/sbin/policy-rc.d
-#chmod a+x /usr/sbin/policy-rc.d
+# Disabling daemon autostart on apt-get install
+echo -e '#!/bin/sh\nexit 101' > /usr/sbin/policy-rc.d
+chmod a+x /usr/sbin/policy-rc.d
 
 # Installing apt packages
 apt-get -y install $software
 check_result $? "apt-get install failed"
 
-# Restoring policy
+# Restoring autostart policy
 rm -f /usr/sbin/policy-rc.d
 
 
@@ -912,7 +912,7 @@ if [ -z "$ZONE" ]; then
     ZONE='UTC'
 fi
 for pconf in $(find /etc/php* -name php.ini); do
-    sed -i "s/;date.timezone =/date.timezone = $ZONE/g" $pconf
+    sed -i "s%;date.timezone =%date.timezone = $ZONE%g" $pconf
     sed -i 's%_open_tag = Off%_open_tag = On%g' $pconf
 done
 
@@ -1129,8 +1129,8 @@ if [ "$exim" = 'yes' ] && [ "$mysql" = 'yes' ]; then
     fi
     cp -f $vestacp/roundcube/main.inc.php /etc/roundcube/
     cp -f  $vestacp/roundcube/db.inc.php /etc/roundcube/
-    chmod 640 /etc/roundcube/debian-db-roundcube.php
-    chown root:www-data /etc/roundcube/debian-db-roundcube.php
+    chmod 640 /etc/roundcube/debian-db*
+    chown root:www-data /etc/roundcube/debian-db*
     cp -f $vestacp/roundcube/vesta.php \
         /usr/share/roundcube/plugins/password/drivers/
     cp -f $vestacp/roundcube/config.inc.php /etc/roundcube/plugins/password/

From 287da0f336e00704dbd8bb7fb2a053ff3e276e98 Mon Sep 17 00:00:00 2001
From: Phinitnan Chanasabaeng 
Date: Sat, 11 Aug 2018 16:01:41 +0700
Subject: [PATCH 0182/2300] Reworked on Drupal's nginx template.

---
 .../templates/web/nginx/php5-fpm/drupal6.stpl |  92 +++++++---------
 .../templates/web/nginx/php5-fpm/drupal6.tpl  |  90 +++++++--------
 .../templates/web/nginx/php5-fpm/drupal7.stpl | 102 ++++++++---------
 .../templates/web/nginx/php5-fpm/drupal7.tpl  |  94 +++++++---------
 .../templates/web/nginx/php5-fpm/drupal8.stpl | 103 +++++++++---------
 .../templates/web/nginx/php5-fpm/drupal8.tpl  | 103 +++++++++---------
 .../templates/web/nginx/php5-fpm/drupal6.stpl |  92 +++++++---------
 .../templates/web/nginx/php5-fpm/drupal6.tpl  |  90 +++++++--------
 .../templates/web/nginx/php5-fpm/drupal7.stpl | 102 ++++++++---------
 .../templates/web/nginx/php5-fpm/drupal7.tpl  |  94 +++++++---------
 .../templates/web/nginx/php5-fpm/drupal8.stpl | 103 +++++++++---------
 .../templates/web/nginx/php5-fpm/drupal8.tpl  | 103 +++++++++---------
 .../templates/web/nginx/php-fpm/drupal6.stpl  |  92 +++++++---------
 .../9/templates/web/nginx/php-fpm/drupal6.tpl |  90 +++++++--------
 .../templates/web/nginx/php-fpm/drupal7.stpl  | 102 ++++++++---------
 .../9/templates/web/nginx/php-fpm/drupal7.tpl |  94 +++++++---------
 .../templates/web/nginx/php-fpm/drupal8.stpl  | 103 +++++++++---------
 .../9/templates/web/nginx/php-fpm/drupal8.tpl | 103 +++++++++---------
 .../templates/web/nginx/php-fpm/drupal6.stpl  |  92 +++++++---------
 .../5/templates/web/nginx/php-fpm/drupal6.tpl |  90 +++++++--------
 .../templates/web/nginx/php-fpm/drupal7.stpl  | 102 ++++++++---------
 .../5/templates/web/nginx/php-fpm/drupal7.tpl |  94 +++++++---------
 .../templates/web/nginx/php-fpm/drupal8.stpl  | 103 +++++++++---------
 .../5/templates/web/nginx/php-fpm/drupal8.tpl | 103 +++++++++---------
 .../templates/web/nginx/php-fpm/drupal6.stpl  |  92 +++++++---------
 .../6/templates/web/nginx/php-fpm/drupal6.tpl |  90 +++++++--------
 .../templates/web/nginx/php-fpm/drupal7.stpl  | 102 ++++++++---------
 .../6/templates/web/nginx/php-fpm/drupal7.tpl |  94 +++++++---------
 .../templates/web/nginx/php-fpm/drupal8.stpl  | 103 +++++++++---------
 .../6/templates/web/nginx/php-fpm/drupal8.tpl | 103 +++++++++---------
 .../templates/web/nginx/php-fpm/drupal6.stpl  |  92 +++++++---------
 .../7/templates/web/nginx/php-fpm/drupal6.tpl |  90 +++++++--------
 .../templates/web/nginx/php-fpm/drupal7.stpl  | 102 ++++++++---------
 .../7/templates/web/nginx/php-fpm/drupal7.tpl |  94 +++++++---------
 .../templates/web/nginx/php-fpm/drupal8.stpl  | 103 +++++++++---------
 .../7/templates/web/nginx/php-fpm/drupal8.tpl | 103 +++++++++---------
 .../templates/web/nginx/php-fpm/drupal6.stpl  |  92 +++++++---------
 .../templates/web/nginx/php-fpm/drupal6.tpl   |  90 +++++++--------
 .../templates/web/nginx/php-fpm/drupal7.stpl  | 102 ++++++++---------
 .../templates/web/nginx/php-fpm/drupal7.tpl   |  94 +++++++---------
 .../templates/web/nginx/php-fpm/drupal8.stpl  | 103 +++++++++---------
 .../templates/web/nginx/php-fpm/drupal8.tpl   | 103 +++++++++---------
 .../templates/web/nginx/php-fpm/drupal6.stpl  |  92 +++++++---------
 .../templates/web/nginx/php-fpm/drupal6.tpl   |  90 +++++++--------
 .../templates/web/nginx/php-fpm/drupal7.stpl  | 102 ++++++++---------
 .../templates/web/nginx/php-fpm/drupal7.tpl   |  94 +++++++---------
 .../templates/web/nginx/php-fpm/drupal8.stpl  | 103 +++++++++---------
 .../templates/web/nginx/php-fpm/drupal8.tpl   | 103 +++++++++---------
 .../templates/web/nginx/php-fpm/drupal6.stpl  |  92 +++++++---------
 .../templates/web/nginx/php-fpm/drupal6.tpl   |  90 +++++++--------
 .../templates/web/nginx/php-fpm/drupal7.stpl  | 102 ++++++++---------
 .../templates/web/nginx/php-fpm/drupal7.tpl   |  94 +++++++---------
 .../templates/web/nginx/php-fpm/drupal8.stpl  | 103 +++++++++---------
 .../templates/web/nginx/php-fpm/drupal8.tpl   | 103 +++++++++---------
 .../templates/web/nginx/php-fpm/drupal6.stpl  |  92 +++++++---------
 .../templates/web/nginx/php-fpm/drupal6.tpl   |  90 +++++++--------
 .../templates/web/nginx/php-fpm/drupal7.stpl  | 102 ++++++++---------
 .../templates/web/nginx/php-fpm/drupal7.tpl   |  94 +++++++---------
 .../templates/web/nginx/php-fpm/drupal8.stpl  | 103 +++++++++---------
 .../templates/web/nginx/php-fpm/drupal8.tpl   | 103 +++++++++---------
 .../templates/web/nginx/php-fpm/drupal6.stpl  |  92 +++++++---------
 .../templates/web/nginx/php-fpm/drupal6.tpl   |  90 +++++++--------
 .../templates/web/nginx/php-fpm/drupal7.stpl  | 102 ++++++++---------
 .../templates/web/nginx/php-fpm/drupal7.tpl   |  94 +++++++---------
 .../templates/web/nginx/php-fpm/drupal8.stpl  | 103 +++++++++---------
 .../templates/web/nginx/php-fpm/drupal8.tpl   | 103 +++++++++---------
 .../templates/web/nginx/php-fpm/drupal6.stpl  |  92 +++++++---------
 .../templates/web/nginx/php-fpm/drupal6.tpl   |  90 +++++++--------
 .../templates/web/nginx/php-fpm/drupal7.stpl  | 102 ++++++++---------
 .../templates/web/nginx/php-fpm/drupal7.tpl   |  94 +++++++---------
 .../templates/web/nginx/php-fpm/drupal8.stpl  | 103 +++++++++---------
 .../templates/web/nginx/php-fpm/drupal8.tpl   | 103 +++++++++---------
 .../templates/web/nginx/php-fpm/drupal6.stpl  |  92 +++++++---------
 .../templates/web/nginx/php-fpm/drupal6.tpl   |  90 +++++++--------
 .../templates/web/nginx/php-fpm/drupal7.stpl  | 102 ++++++++---------
 .../templates/web/nginx/php-fpm/drupal7.tpl   |  94 +++++++---------
 .../templates/web/nginx/php-fpm/drupal8.stpl  | 103 +++++++++---------
 .../templates/web/nginx/php-fpm/drupal8.tpl   | 103 +++++++++---------
 .../templates/web/nginx/php-fpm/drupal6.stpl  |  92 +++++++---------
 .../templates/web/nginx/php-fpm/drupal6.tpl   |  90 +++++++--------
 .../templates/web/nginx/php-fpm/drupal7.stpl  | 102 ++++++++---------
 .../templates/web/nginx/php-fpm/drupal7.tpl   |  94 +++++++---------
 .../templates/web/nginx/php-fpm/drupal8.stpl  | 103 +++++++++---------
 .../templates/web/nginx/php-fpm/drupal8.tpl   | 103 +++++++++---------
 .../templates/web/nginx/php-fpm/drupal6.stpl  |  92 +++++++---------
 .../templates/web/nginx/php-fpm/drupal6.tpl   |  90 +++++++--------
 .../templates/web/nginx/php-fpm/drupal7.stpl  | 102 ++++++++---------
 .../templates/web/nginx/php-fpm/drupal7.tpl   |  94 +++++++---------
 .../templates/web/nginx/php-fpm/drupal8.stpl  | 103 +++++++++---------
 .../templates/web/nginx/php-fpm/drupal8.tpl   | 103 +++++++++---------
 .../templates/web/nginx/php-fpm/drupal6.stpl  |  92 +++++++---------
 .../templates/web/nginx/php-fpm/drupal6.tpl   |  90 +++++++--------
 .../templates/web/nginx/php-fpm/drupal7.stpl  | 102 ++++++++---------
 .../templates/web/nginx/php-fpm/drupal7.tpl   |  94 +++++++---------
 .../templates/web/nginx/php-fpm/drupal8.stpl  | 103 +++++++++---------
 .../templates/web/nginx/php-fpm/drupal8.tpl   | 103 +++++++++---------
 .../templates/web/nginx/php-fpm/drupal6.stpl  |  92 +++++++---------
 .../templates/web/nginx/php-fpm/drupal6.tpl   |  90 +++++++--------
 .../templates/web/nginx/php-fpm/drupal7.stpl  | 102 ++++++++---------
 .../templates/web/nginx/php-fpm/drupal7.tpl   |  94 +++++++---------
 .../templates/web/nginx/php-fpm/drupal8.stpl  | 103 +++++++++---------
 .../templates/web/nginx/php-fpm/drupal8.tpl   | 103 +++++++++---------
 .../templates/web/nginx/php-fpm/drupal6.stpl  |  92 +++++++---------
 .../templates/web/nginx/php-fpm/drupal6.tpl   |  90 +++++++--------
 .../templates/web/nginx/php-fpm/drupal7.stpl  | 102 ++++++++---------
 .../templates/web/nginx/php-fpm/drupal7.tpl   |  94 +++++++---------
 .../templates/web/nginx/php-fpm/drupal8.stpl  | 103 +++++++++---------
 .../templates/web/nginx/php-fpm/drupal8.tpl   | 103 +++++++++---------
 .../templates/web/nginx/php-fpm/drupal6.stpl  |  92 +++++++---------
 .../templates/web/nginx/php-fpm/drupal6.tpl   |  90 +++++++--------
 .../templates/web/nginx/php-fpm/drupal7.stpl  | 102 ++++++++---------
 .../templates/web/nginx/php-fpm/drupal7.tpl   |  94 +++++++---------
 .../templates/web/nginx/php-fpm/drupal8.stpl  | 103 +++++++++---------
 .../templates/web/nginx/php-fpm/drupal8.tpl   | 103 +++++++++---------
 114 files changed, 5073 insertions(+), 6023 deletions(-)

diff --git a/install/debian/7/templates/web/nginx/php5-fpm/drupal6.stpl b/install/debian/7/templates/web/nginx/php5-fpm/drupal6.stpl
index 0af7ce84..9d984000 100644
--- a/install/debian/7/templates/web/nginx/php5-fpm/drupal6.stpl
+++ b/install/debian/7/templates/web/nginx/php5-fpm/drupal6.stpl
@@ -10,63 +10,53 @@ server {
     ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
-
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri @rewrite;
-    }
-
+   
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
-    }
-    
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }    
+    }   
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
         try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
 
-    location ~ ^/sites/.*/files/imagecache/ {
-        try_files $uri @rewrite;
-    }    
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;             
-        include /etc/nginx/fastcgi_params;
+        location ~ ^/sites/.*/files/imagecache/ {
+            try_files $uri @rewrite;
+        }    
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;             
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/debian/7/templates/web/nginx/php5-fpm/drupal6.tpl b/install/debian/7/templates/web/nginx/php5-fpm/drupal6.tpl
index d1096bff..0ae7568b 100644
--- a/install/debian/7/templates/web/nginx/php5-fpm/drupal6.tpl
+++ b/install/debian/7/templates/web/nginx/php5-fpm/drupal6.tpl
@@ -7,62 +7,52 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-
-    location / {
-        try_files $uri @rewrite;
-    }
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
     
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }    
+        try_files $uri @rewrite; 
 
-    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
 
-    location ~ ^/sites/.*/files/imagecache/ {
-        try_files $uri @rewrite;
-    }
-        
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;             
-        include /etc/nginx/fastcgi_params;
+        location ~ ^/sites/.*/files/imagecache/ {
+            try_files $uri @rewrite;
+        }
+            
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;             
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/debian/7/templates/web/nginx/php5-fpm/drupal7.stpl b/install/debian/7/templates/web/nginx/php5-fpm/drupal7.stpl
index bdf97f65..0d7930fa 100644
--- a/install/debian/7/templates/web/nginx/php5-fpm/drupal7.stpl
+++ b/install/debian/7/templates/web/nginx/php5-fpm/drupal7.stpl
@@ -11,66 +11,56 @@ server {
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
-
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
-
-    location ~ ^(/[a-z\-]+)?/system/files/ {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
     
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+    
+        try_files $uri /index.php?$query_string;  
+
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
+
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+        
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/debian/7/templates/web/nginx/php5-fpm/drupal7.tpl b/install/debian/7/templates/web/nginx/php5-fpm/drupal7.tpl
index 14f0c833..6b41f319 100644
--- a/install/debian/7/templates/web/nginx/php5-fpm/drupal7.tpl
+++ b/install/debian/7/templates/web/nginx/php5-fpm/drupal7.tpl
@@ -7,66 +7,56 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-    
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+        
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }  
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
         try_files $uri /index.php?$query_string;
-    }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }                
     }
 
     error_page  403 /error/404.html;
diff --git a/install/debian/7/templates/web/nginx/php5-fpm/drupal8.stpl b/install/debian/7/templates/web/nginx/php5-fpm/drupal8.stpl
index bdf97f65..6fd64db6 100644
--- a/install/debian/7/templates/web/nginx/php5-fpm/drupal8.stpl
+++ b/install/debian/7/templates/web/nginx/php5-fpm/drupal8.stpl
@@ -11,67 +11,62 @@ server {
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
+        location ~ /vendor/.*\.php$ {
+            deny all;
+            return 404;
+        }          
+        
         try_files $uri /index.php?$query_string;
-    }
+        
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
-    
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
-    }
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+        
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
+    }    
 
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
diff --git a/install/debian/7/templates/web/nginx/php5-fpm/drupal8.tpl b/install/debian/7/templates/web/nginx/php5-fpm/drupal8.tpl
index 6d0e5bd6..452aa9e6 100644
--- a/install/debian/7/templates/web/nginx/php5-fpm/drupal8.tpl
+++ b/install/debian/7/templates/web/nginx/php5-fpm/drupal8.tpl
@@ -7,67 +7,62 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-    
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }  
-    
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
-    }          
+    }  
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+        
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
+        location ~ /vendor/.*\.php$ {
+            deny all;
+            return 404;
+        }          
+        
         try_files $uri /index.php?$query_string;
-    }
+        
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
-    }
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
+    }        
 
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
diff --git a/install/debian/8/templates/web/nginx/php5-fpm/drupal6.stpl b/install/debian/8/templates/web/nginx/php5-fpm/drupal6.stpl
index 0af7ce84..9d984000 100644
--- a/install/debian/8/templates/web/nginx/php5-fpm/drupal6.stpl
+++ b/install/debian/8/templates/web/nginx/php5-fpm/drupal6.stpl
@@ -10,63 +10,53 @@ server {
     ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
-
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri @rewrite;
-    }
-
+   
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
-    }
-    
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }    
+    }   
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
         try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
 
-    location ~ ^/sites/.*/files/imagecache/ {
-        try_files $uri @rewrite;
-    }    
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;             
-        include /etc/nginx/fastcgi_params;
+        location ~ ^/sites/.*/files/imagecache/ {
+            try_files $uri @rewrite;
+        }    
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;             
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/debian/8/templates/web/nginx/php5-fpm/drupal6.tpl b/install/debian/8/templates/web/nginx/php5-fpm/drupal6.tpl
index d1096bff..0ae7568b 100644
--- a/install/debian/8/templates/web/nginx/php5-fpm/drupal6.tpl
+++ b/install/debian/8/templates/web/nginx/php5-fpm/drupal6.tpl
@@ -7,62 +7,52 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-
-    location / {
-        try_files $uri @rewrite;
-    }
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
     
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }    
+        try_files $uri @rewrite; 
 
-    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
 
-    location ~ ^/sites/.*/files/imagecache/ {
-        try_files $uri @rewrite;
-    }
-        
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;             
-        include /etc/nginx/fastcgi_params;
+        location ~ ^/sites/.*/files/imagecache/ {
+            try_files $uri @rewrite;
+        }
+            
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;             
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/debian/8/templates/web/nginx/php5-fpm/drupal7.stpl b/install/debian/8/templates/web/nginx/php5-fpm/drupal7.stpl
index bdf97f65..0d7930fa 100644
--- a/install/debian/8/templates/web/nginx/php5-fpm/drupal7.stpl
+++ b/install/debian/8/templates/web/nginx/php5-fpm/drupal7.stpl
@@ -11,66 +11,56 @@ server {
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
-
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
-
-    location ~ ^(/[a-z\-]+)?/system/files/ {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
     
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+    
+        try_files $uri /index.php?$query_string;  
+
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
+
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+        
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/debian/8/templates/web/nginx/php5-fpm/drupal7.tpl b/install/debian/8/templates/web/nginx/php5-fpm/drupal7.tpl
index 14f0c833..6b41f319 100644
--- a/install/debian/8/templates/web/nginx/php5-fpm/drupal7.tpl
+++ b/install/debian/8/templates/web/nginx/php5-fpm/drupal7.tpl
@@ -7,66 +7,56 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-    
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+        
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }  
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
         try_files $uri /index.php?$query_string;
-    }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }                
     }
 
     error_page  403 /error/404.html;
diff --git a/install/debian/8/templates/web/nginx/php5-fpm/drupal8.stpl b/install/debian/8/templates/web/nginx/php5-fpm/drupal8.stpl
index bdf97f65..6fd64db6 100644
--- a/install/debian/8/templates/web/nginx/php5-fpm/drupal8.stpl
+++ b/install/debian/8/templates/web/nginx/php5-fpm/drupal8.stpl
@@ -11,67 +11,62 @@ server {
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
+        location ~ /vendor/.*\.php$ {
+            deny all;
+            return 404;
+        }          
+        
         try_files $uri /index.php?$query_string;
-    }
+        
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
-    
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
-    }
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+        
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
+    }    
 
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
diff --git a/install/debian/8/templates/web/nginx/php5-fpm/drupal8.tpl b/install/debian/8/templates/web/nginx/php5-fpm/drupal8.tpl
index 6d0e5bd6..452aa9e6 100644
--- a/install/debian/8/templates/web/nginx/php5-fpm/drupal8.tpl
+++ b/install/debian/8/templates/web/nginx/php5-fpm/drupal8.tpl
@@ -7,67 +7,62 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-    
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }  
-    
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
-    }          
+    }  
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+        
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
+        location ~ /vendor/.*\.php$ {
+            deny all;
+            return 404;
+        }          
+        
         try_files $uri /index.php?$query_string;
-    }
+        
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
-    }
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
+    }        
 
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
diff --git a/install/debian/9/templates/web/nginx/php-fpm/drupal6.stpl b/install/debian/9/templates/web/nginx/php-fpm/drupal6.stpl
index 0af7ce84..9d984000 100644
--- a/install/debian/9/templates/web/nginx/php-fpm/drupal6.stpl
+++ b/install/debian/9/templates/web/nginx/php-fpm/drupal6.stpl
@@ -10,63 +10,53 @@ server {
     ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
-
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri @rewrite;
-    }
-
+   
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
-    }
-    
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }    
+    }   
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
         try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
 
-    location ~ ^/sites/.*/files/imagecache/ {
-        try_files $uri @rewrite;
-    }    
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;             
-        include /etc/nginx/fastcgi_params;
+        location ~ ^/sites/.*/files/imagecache/ {
+            try_files $uri @rewrite;
+        }    
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;             
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/debian/9/templates/web/nginx/php-fpm/drupal6.tpl b/install/debian/9/templates/web/nginx/php-fpm/drupal6.tpl
index d1096bff..0ae7568b 100644
--- a/install/debian/9/templates/web/nginx/php-fpm/drupal6.tpl
+++ b/install/debian/9/templates/web/nginx/php-fpm/drupal6.tpl
@@ -7,62 +7,52 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-
-    location / {
-        try_files $uri @rewrite;
-    }
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
     
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }    
+        try_files $uri @rewrite; 
 
-    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
 
-    location ~ ^/sites/.*/files/imagecache/ {
-        try_files $uri @rewrite;
-    }
-        
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;             
-        include /etc/nginx/fastcgi_params;
+        location ~ ^/sites/.*/files/imagecache/ {
+            try_files $uri @rewrite;
+        }
+            
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;             
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/debian/9/templates/web/nginx/php-fpm/drupal7.stpl b/install/debian/9/templates/web/nginx/php-fpm/drupal7.stpl
index bdf97f65..0d7930fa 100644
--- a/install/debian/9/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/debian/9/templates/web/nginx/php-fpm/drupal7.stpl
@@ -11,66 +11,56 @@ server {
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
-
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
-
-    location ~ ^(/[a-z\-]+)?/system/files/ {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
     
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+    
+        try_files $uri /index.php?$query_string;  
+
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
+
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+        
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/debian/9/templates/web/nginx/php-fpm/drupal7.tpl b/install/debian/9/templates/web/nginx/php-fpm/drupal7.tpl
index 14f0c833..6b41f319 100644
--- a/install/debian/9/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/debian/9/templates/web/nginx/php-fpm/drupal7.tpl
@@ -7,66 +7,56 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-    
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+        
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }  
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
         try_files $uri /index.php?$query_string;
-    }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }                
     }
 
     error_page  403 /error/404.html;
diff --git a/install/debian/9/templates/web/nginx/php-fpm/drupal8.stpl b/install/debian/9/templates/web/nginx/php-fpm/drupal8.stpl
index bdf97f65..6fd64db6 100644
--- a/install/debian/9/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/debian/9/templates/web/nginx/php-fpm/drupal8.stpl
@@ -11,67 +11,62 @@ server {
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
+        location ~ /vendor/.*\.php$ {
+            deny all;
+            return 404;
+        }          
+        
         try_files $uri /index.php?$query_string;
-    }
+        
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
-    
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
-    }
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+        
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
+    }    
 
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
diff --git a/install/debian/9/templates/web/nginx/php-fpm/drupal8.tpl b/install/debian/9/templates/web/nginx/php-fpm/drupal8.tpl
index 6d0e5bd6..452aa9e6 100644
--- a/install/debian/9/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/debian/9/templates/web/nginx/php-fpm/drupal8.tpl
@@ -7,67 +7,62 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-    
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }  
-    
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
-    }          
+    }  
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+        
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
+        location ~ /vendor/.*\.php$ {
+            deny all;
+            return 404;
+        }          
+        
         try_files $uri /index.php?$query_string;
-    }
+        
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
-    }
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
+    }        
 
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
diff --git a/install/rhel/5/templates/web/nginx/php-fpm/drupal6.stpl b/install/rhel/5/templates/web/nginx/php-fpm/drupal6.stpl
index 0af7ce84..9d984000 100644
--- a/install/rhel/5/templates/web/nginx/php-fpm/drupal6.stpl
+++ b/install/rhel/5/templates/web/nginx/php-fpm/drupal6.stpl
@@ -10,63 +10,53 @@ server {
     ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
-
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri @rewrite;
-    }
-
+   
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
-    }
-    
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }    
+    }   
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
         try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
 
-    location ~ ^/sites/.*/files/imagecache/ {
-        try_files $uri @rewrite;
-    }    
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;             
-        include /etc/nginx/fastcgi_params;
+        location ~ ^/sites/.*/files/imagecache/ {
+            try_files $uri @rewrite;
+        }    
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;             
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/rhel/5/templates/web/nginx/php-fpm/drupal6.tpl b/install/rhel/5/templates/web/nginx/php-fpm/drupal6.tpl
index d1096bff..0ae7568b 100644
--- a/install/rhel/5/templates/web/nginx/php-fpm/drupal6.tpl
+++ b/install/rhel/5/templates/web/nginx/php-fpm/drupal6.tpl
@@ -7,62 +7,52 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-
-    location / {
-        try_files $uri @rewrite;
-    }
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
     
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }    
+        try_files $uri @rewrite; 
 
-    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
 
-    location ~ ^/sites/.*/files/imagecache/ {
-        try_files $uri @rewrite;
-    }
-        
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;             
-        include /etc/nginx/fastcgi_params;
+        location ~ ^/sites/.*/files/imagecache/ {
+            try_files $uri @rewrite;
+        }
+            
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;             
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/rhel/5/templates/web/nginx/php-fpm/drupal7.stpl b/install/rhel/5/templates/web/nginx/php-fpm/drupal7.stpl
index bdf97f65..0d7930fa 100644
--- a/install/rhel/5/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/rhel/5/templates/web/nginx/php-fpm/drupal7.stpl
@@ -11,66 +11,56 @@ server {
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
-
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
-
-    location ~ ^(/[a-z\-]+)?/system/files/ {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
     
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+    
+        try_files $uri /index.php?$query_string;  
+
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
+
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+        
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/rhel/5/templates/web/nginx/php-fpm/drupal7.tpl b/install/rhel/5/templates/web/nginx/php-fpm/drupal7.tpl
index 14f0c833..6b41f319 100644
--- a/install/rhel/5/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/rhel/5/templates/web/nginx/php-fpm/drupal7.tpl
@@ -7,66 +7,56 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-    
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+        
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }  
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
         try_files $uri /index.php?$query_string;
-    }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }                
     }
 
     error_page  403 /error/404.html;
diff --git a/install/rhel/5/templates/web/nginx/php-fpm/drupal8.stpl b/install/rhel/5/templates/web/nginx/php-fpm/drupal8.stpl
index bdf97f65..6fd64db6 100644
--- a/install/rhel/5/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/rhel/5/templates/web/nginx/php-fpm/drupal8.stpl
@@ -11,67 +11,62 @@ server {
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
+        location ~ /vendor/.*\.php$ {
+            deny all;
+            return 404;
+        }          
+        
         try_files $uri /index.php?$query_string;
-    }
+        
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
-    
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
-    }
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+        
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
+    }    
 
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
diff --git a/install/rhel/5/templates/web/nginx/php-fpm/drupal8.tpl b/install/rhel/5/templates/web/nginx/php-fpm/drupal8.tpl
index 6d0e5bd6..452aa9e6 100644
--- a/install/rhel/5/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/rhel/5/templates/web/nginx/php-fpm/drupal8.tpl
@@ -7,67 +7,62 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-    
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }  
-    
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
-    }          
+    }  
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+        
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
+        location ~ /vendor/.*\.php$ {
+            deny all;
+            return 404;
+        }          
+        
         try_files $uri /index.php?$query_string;
-    }
+        
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
-    }
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
+    }        
 
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
diff --git a/install/rhel/6/templates/web/nginx/php-fpm/drupal6.stpl b/install/rhel/6/templates/web/nginx/php-fpm/drupal6.stpl
index 0af7ce84..9d984000 100644
--- a/install/rhel/6/templates/web/nginx/php-fpm/drupal6.stpl
+++ b/install/rhel/6/templates/web/nginx/php-fpm/drupal6.stpl
@@ -10,63 +10,53 @@ server {
     ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
-
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri @rewrite;
-    }
-
+   
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
-    }
-    
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }    
+    }   
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
         try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
 
-    location ~ ^/sites/.*/files/imagecache/ {
-        try_files $uri @rewrite;
-    }    
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;             
-        include /etc/nginx/fastcgi_params;
+        location ~ ^/sites/.*/files/imagecache/ {
+            try_files $uri @rewrite;
+        }    
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;             
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/rhel/6/templates/web/nginx/php-fpm/drupal6.tpl b/install/rhel/6/templates/web/nginx/php-fpm/drupal6.tpl
index d1096bff..0ae7568b 100644
--- a/install/rhel/6/templates/web/nginx/php-fpm/drupal6.tpl
+++ b/install/rhel/6/templates/web/nginx/php-fpm/drupal6.tpl
@@ -7,62 +7,52 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-
-    location / {
-        try_files $uri @rewrite;
-    }
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
     
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }    
+        try_files $uri @rewrite; 
 
-    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
 
-    location ~ ^/sites/.*/files/imagecache/ {
-        try_files $uri @rewrite;
-    }
-        
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;             
-        include /etc/nginx/fastcgi_params;
+        location ~ ^/sites/.*/files/imagecache/ {
+            try_files $uri @rewrite;
+        }
+            
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;             
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/rhel/6/templates/web/nginx/php-fpm/drupal7.stpl b/install/rhel/6/templates/web/nginx/php-fpm/drupal7.stpl
index bdf97f65..0d7930fa 100644
--- a/install/rhel/6/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/rhel/6/templates/web/nginx/php-fpm/drupal7.stpl
@@ -11,66 +11,56 @@ server {
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
-
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
-
-    location ~ ^(/[a-z\-]+)?/system/files/ {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
     
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+    
+        try_files $uri /index.php?$query_string;  
+
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
+
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+        
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/rhel/6/templates/web/nginx/php-fpm/drupal7.tpl b/install/rhel/6/templates/web/nginx/php-fpm/drupal7.tpl
index 14f0c833..6b41f319 100644
--- a/install/rhel/6/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/rhel/6/templates/web/nginx/php-fpm/drupal7.tpl
@@ -7,66 +7,56 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-    
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+        
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }  
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
         try_files $uri /index.php?$query_string;
-    }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }                
     }
 
     error_page  403 /error/404.html;
diff --git a/install/rhel/6/templates/web/nginx/php-fpm/drupal8.stpl b/install/rhel/6/templates/web/nginx/php-fpm/drupal8.stpl
index bdf97f65..6fd64db6 100644
--- a/install/rhel/6/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/rhel/6/templates/web/nginx/php-fpm/drupal8.stpl
@@ -11,67 +11,62 @@ server {
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
+        location ~ /vendor/.*\.php$ {
+            deny all;
+            return 404;
+        }          
+        
         try_files $uri /index.php?$query_string;
-    }
+        
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
-    
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
-    }
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+        
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
+    }    
 
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
diff --git a/install/rhel/6/templates/web/nginx/php-fpm/drupal8.tpl b/install/rhel/6/templates/web/nginx/php-fpm/drupal8.tpl
index 6d0e5bd6..452aa9e6 100644
--- a/install/rhel/6/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/rhel/6/templates/web/nginx/php-fpm/drupal8.tpl
@@ -7,67 +7,62 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-    
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }  
-    
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
-    }          
+    }  
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+        
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
+        location ~ /vendor/.*\.php$ {
+            deny all;
+            return 404;
+        }          
+        
         try_files $uri /index.php?$query_string;
-    }
+        
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
-    }
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
+    }        
 
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
diff --git a/install/rhel/7/templates/web/nginx/php-fpm/drupal6.stpl b/install/rhel/7/templates/web/nginx/php-fpm/drupal6.stpl
index 0af7ce84..9d984000 100644
--- a/install/rhel/7/templates/web/nginx/php-fpm/drupal6.stpl
+++ b/install/rhel/7/templates/web/nginx/php-fpm/drupal6.stpl
@@ -10,63 +10,53 @@ server {
     ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
-
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri @rewrite;
-    }
-
+   
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
-    }
-    
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }    
+    }   
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
         try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
 
-    location ~ ^/sites/.*/files/imagecache/ {
-        try_files $uri @rewrite;
-    }    
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;             
-        include /etc/nginx/fastcgi_params;
+        location ~ ^/sites/.*/files/imagecache/ {
+            try_files $uri @rewrite;
+        }    
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;             
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/rhel/7/templates/web/nginx/php-fpm/drupal6.tpl b/install/rhel/7/templates/web/nginx/php-fpm/drupal6.tpl
index d1096bff..0ae7568b 100644
--- a/install/rhel/7/templates/web/nginx/php-fpm/drupal6.tpl
+++ b/install/rhel/7/templates/web/nginx/php-fpm/drupal6.tpl
@@ -7,62 +7,52 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-
-    location / {
-        try_files $uri @rewrite;
-    }
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
     
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }    
+        try_files $uri @rewrite; 
 
-    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
 
-    location ~ ^/sites/.*/files/imagecache/ {
-        try_files $uri @rewrite;
-    }
-        
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;             
-        include /etc/nginx/fastcgi_params;
+        location ~ ^/sites/.*/files/imagecache/ {
+            try_files $uri @rewrite;
+        }
+            
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;             
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/rhel/7/templates/web/nginx/php-fpm/drupal7.stpl b/install/rhel/7/templates/web/nginx/php-fpm/drupal7.stpl
index bdf97f65..0d7930fa 100644
--- a/install/rhel/7/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/rhel/7/templates/web/nginx/php-fpm/drupal7.stpl
@@ -11,66 +11,56 @@ server {
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
-
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
-
-    location ~ ^(/[a-z\-]+)?/system/files/ {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
     
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+    
+        try_files $uri /index.php?$query_string;  
+
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
+
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+        
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/rhel/7/templates/web/nginx/php-fpm/drupal7.tpl b/install/rhel/7/templates/web/nginx/php-fpm/drupal7.tpl
index 14f0c833..6b41f319 100644
--- a/install/rhel/7/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/rhel/7/templates/web/nginx/php-fpm/drupal7.tpl
@@ -7,66 +7,56 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-    
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+        
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }  
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
         try_files $uri /index.php?$query_string;
-    }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }                
     }
 
     error_page  403 /error/404.html;
diff --git a/install/rhel/7/templates/web/nginx/php-fpm/drupal8.stpl b/install/rhel/7/templates/web/nginx/php-fpm/drupal8.stpl
index bdf97f65..6fd64db6 100644
--- a/install/rhel/7/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/rhel/7/templates/web/nginx/php-fpm/drupal8.stpl
@@ -11,67 +11,62 @@ server {
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
+        location ~ /vendor/.*\.php$ {
+            deny all;
+            return 404;
+        }          
+        
         try_files $uri /index.php?$query_string;
-    }
+        
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
-    
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
-    }
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+        
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
+    }    
 
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
diff --git a/install/rhel/7/templates/web/nginx/php-fpm/drupal8.tpl b/install/rhel/7/templates/web/nginx/php-fpm/drupal8.tpl
index 6d0e5bd6..452aa9e6 100644
--- a/install/rhel/7/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/rhel/7/templates/web/nginx/php-fpm/drupal8.tpl
@@ -7,67 +7,62 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-    
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }  
-    
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
-    }          
+    }  
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+        
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
+        location ~ /vendor/.*\.php$ {
+            deny all;
+            return 404;
+        }          
+        
         try_files $uri /index.php?$query_string;
-    }
+        
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
-    }
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
+    }        
 
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal6.stpl
index 0af7ce84..9d984000 100644
--- a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal6.stpl
+++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal6.stpl
@@ -10,63 +10,53 @@ server {
     ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
-
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri @rewrite;
-    }
-
+   
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
-    }
-    
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }    
+    }   
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
         try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
 
-    location ~ ^/sites/.*/files/imagecache/ {
-        try_files $uri @rewrite;
-    }    
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;             
-        include /etc/nginx/fastcgi_params;
+        location ~ ^/sites/.*/files/imagecache/ {
+            try_files $uri @rewrite;
+        }    
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;             
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal6.tpl
index d1096bff..0ae7568b 100644
--- a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal6.tpl
+++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal6.tpl
@@ -7,62 +7,52 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-
-    location / {
-        try_files $uri @rewrite;
-    }
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
     
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }    
+        try_files $uri @rewrite; 
 
-    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
 
-    location ~ ^/sites/.*/files/imagecache/ {
-        try_files $uri @rewrite;
-    }
-        
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;             
-        include /etc/nginx/fastcgi_params;
+        location ~ ^/sites/.*/files/imagecache/ {
+            try_files $uri @rewrite;
+        }
+            
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;             
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.stpl
index bdf97f65..0d7930fa 100644
--- a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.stpl
@@ -11,66 +11,56 @@ server {
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
-
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
-
-    location ~ ^(/[a-z\-]+)?/system/files/ {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
     
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+    
+        try_files $uri /index.php?$query_string;  
+
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
+
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+        
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.tpl
index 14f0c833..6b41f319 100644
--- a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.tpl
@@ -7,66 +7,56 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-    
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+        
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }  
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
         try_files $uri /index.php?$query_string;
-    }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }                
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.stpl
index bdf97f65..6fd64db6 100644
--- a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.stpl
@@ -11,67 +11,62 @@ server {
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
+        location ~ /vendor/.*\.php$ {
+            deny all;
+            return 404;
+        }          
+        
         try_files $uri /index.php?$query_string;
-    }
+        
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
-    
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
-    }
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+        
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
+    }    
 
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.tpl
index 6d0e5bd6..452aa9e6 100644
--- a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.tpl
@@ -7,67 +7,62 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-    
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }  
-    
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
-    }          
+    }  
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+        
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
+        location ~ /vendor/.*\.php$ {
+            deny all;
+            return 404;
+        }          
+        
         try_files $uri /index.php?$query_string;
-    }
+        
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
-    }
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
+    }        
 
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal6.stpl
index 0af7ce84..9d984000 100644
--- a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal6.stpl
+++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal6.stpl
@@ -10,63 +10,53 @@ server {
     ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
-
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri @rewrite;
-    }
-
+   
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
-    }
-    
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }    
+    }   
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
         try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
 
-    location ~ ^/sites/.*/files/imagecache/ {
-        try_files $uri @rewrite;
-    }    
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;             
-        include /etc/nginx/fastcgi_params;
+        location ~ ^/sites/.*/files/imagecache/ {
+            try_files $uri @rewrite;
+        }    
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;             
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal6.tpl
index d1096bff..0ae7568b 100644
--- a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal6.tpl
+++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal6.tpl
@@ -7,62 +7,52 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-
-    location / {
-        try_files $uri @rewrite;
-    }
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
     
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }    
+        try_files $uri @rewrite; 
 
-    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
 
-    location ~ ^/sites/.*/files/imagecache/ {
-        try_files $uri @rewrite;
-    }
-        
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;             
-        include /etc/nginx/fastcgi_params;
+        location ~ ^/sites/.*/files/imagecache/ {
+            try_files $uri @rewrite;
+        }
+            
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;             
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.stpl
index bdf97f65..0d7930fa 100644
--- a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.stpl
@@ -11,66 +11,56 @@ server {
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
-
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
-
-    location ~ ^(/[a-z\-]+)?/system/files/ {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
     
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+    
+        try_files $uri /index.php?$query_string;  
+
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
+
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+        
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.tpl
index 14f0c833..6b41f319 100644
--- a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.tpl
@@ -7,66 +7,56 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-    
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+        
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }  
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
         try_files $uri /index.php?$query_string;
-    }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }                
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.stpl
index bdf97f65..6fd64db6 100644
--- a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.stpl
@@ -11,67 +11,62 @@ server {
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
+        location ~ /vendor/.*\.php$ {
+            deny all;
+            return 404;
+        }          
+        
         try_files $uri /index.php?$query_string;
-    }
+        
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
-    
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
-    }
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+        
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
+    }    
 
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.tpl
index 6d0e5bd6..452aa9e6 100644
--- a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.tpl
@@ -7,67 +7,62 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-    
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }  
-    
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
-    }          
+    }  
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+        
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
+        location ~ /vendor/.*\.php$ {
+            deny all;
+            return 404;
+        }          
+        
         try_files $uri /index.php?$query_string;
-    }
+        
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
-    }
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
+    }        
 
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal6.stpl
index 0af7ce84..9d984000 100644
--- a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal6.stpl
+++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal6.stpl
@@ -10,63 +10,53 @@ server {
     ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
-
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri @rewrite;
-    }
-
+   
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
-    }
-    
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }    
+    }   
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
         try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
 
-    location ~ ^/sites/.*/files/imagecache/ {
-        try_files $uri @rewrite;
-    }    
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;             
-        include /etc/nginx/fastcgi_params;
+        location ~ ^/sites/.*/files/imagecache/ {
+            try_files $uri @rewrite;
+        }    
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;             
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal6.tpl
index d1096bff..0ae7568b 100644
--- a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal6.tpl
+++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal6.tpl
@@ -7,62 +7,52 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-
-    location / {
-        try_files $uri @rewrite;
-    }
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
     
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }    
+        try_files $uri @rewrite; 
 
-    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
 
-    location ~ ^/sites/.*/files/imagecache/ {
-        try_files $uri @rewrite;
-    }
-        
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;             
-        include /etc/nginx/fastcgi_params;
+        location ~ ^/sites/.*/files/imagecache/ {
+            try_files $uri @rewrite;
+        }
+            
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;             
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.stpl
index bdf97f65..0d7930fa 100644
--- a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.stpl
@@ -11,66 +11,56 @@ server {
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
-
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
-
-    location ~ ^(/[a-z\-]+)?/system/files/ {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
     
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+    
+        try_files $uri /index.php?$query_string;  
+
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
+
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+        
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.tpl
index 14f0c833..6b41f319 100644
--- a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.tpl
@@ -7,66 +7,56 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-    
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+        
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }  
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
         try_files $uri /index.php?$query_string;
-    }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }                
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.stpl
index bdf97f65..6fd64db6 100644
--- a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.stpl
@@ -11,67 +11,62 @@ server {
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
+        location ~ /vendor/.*\.php$ {
+            deny all;
+            return 404;
+        }          
+        
         try_files $uri /index.php?$query_string;
-    }
+        
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
-    
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
-    }
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+        
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
+    }    
 
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.tpl
index 6d0e5bd6..452aa9e6 100644
--- a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.tpl
@@ -7,67 +7,62 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-    
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }  
-    
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
-    }          
+    }  
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+        
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
+        location ~ /vendor/.*\.php$ {
+            deny all;
+            return 404;
+        }          
+        
         try_files $uri /index.php?$query_string;
-    }
+        
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
-    }
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
+    }        
 
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal6.stpl
index 0af7ce84..9d984000 100644
--- a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal6.stpl
+++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal6.stpl
@@ -10,63 +10,53 @@ server {
     ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
-
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri @rewrite;
-    }
-
+   
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
-    }
-    
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }    
+    }   
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
         try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
 
-    location ~ ^/sites/.*/files/imagecache/ {
-        try_files $uri @rewrite;
-    }    
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;             
-        include /etc/nginx/fastcgi_params;
+        location ~ ^/sites/.*/files/imagecache/ {
+            try_files $uri @rewrite;
+        }    
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;             
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal6.tpl
index d1096bff..0ae7568b 100644
--- a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal6.tpl
+++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal6.tpl
@@ -7,62 +7,52 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-
-    location / {
-        try_files $uri @rewrite;
-    }
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
     
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }    
+        try_files $uri @rewrite; 
 
-    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
 
-    location ~ ^/sites/.*/files/imagecache/ {
-        try_files $uri @rewrite;
-    }
-        
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;             
-        include /etc/nginx/fastcgi_params;
+        location ~ ^/sites/.*/files/imagecache/ {
+            try_files $uri @rewrite;
+        }
+            
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;             
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.stpl
index bdf97f65..0d7930fa 100644
--- a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.stpl
@@ -11,66 +11,56 @@ server {
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
-
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
-
-    location ~ ^(/[a-z\-]+)?/system/files/ {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
     
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+    
+        try_files $uri /index.php?$query_string;  
+
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
+
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+        
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.tpl
index 14f0c833..6b41f319 100644
--- a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.tpl
@@ -7,66 +7,56 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-    
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+        
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }  
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
         try_files $uri /index.php?$query_string;
-    }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }                
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.stpl
index bdf97f65..6fd64db6 100644
--- a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.stpl
@@ -11,67 +11,62 @@ server {
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
+        location ~ /vendor/.*\.php$ {
+            deny all;
+            return 404;
+        }          
+        
         try_files $uri /index.php?$query_string;
-    }
+        
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
-    
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
-    }
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+        
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
+    }    
 
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.tpl
index 6d0e5bd6..452aa9e6 100644
--- a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.tpl
@@ -7,67 +7,62 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-    
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }  
-    
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
-    }          
+    }  
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+        
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
+        location ~ /vendor/.*\.php$ {
+            deny all;
+            return 404;
+        }          
+        
         try_files $uri /index.php?$query_string;
-    }
+        
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
-    }
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
+    }        
 
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal6.stpl
index 0af7ce84..9d984000 100644
--- a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal6.stpl
+++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal6.stpl
@@ -10,63 +10,53 @@ server {
     ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
-
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri @rewrite;
-    }
-
+   
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
-    }
-    
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }    
+    }   
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
         try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
 
-    location ~ ^/sites/.*/files/imagecache/ {
-        try_files $uri @rewrite;
-    }    
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;             
-        include /etc/nginx/fastcgi_params;
+        location ~ ^/sites/.*/files/imagecache/ {
+            try_files $uri @rewrite;
+        }    
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;             
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal6.tpl
index d1096bff..0ae7568b 100644
--- a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal6.tpl
+++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal6.tpl
@@ -7,62 +7,52 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-
-    location / {
-        try_files $uri @rewrite;
-    }
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
     
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }    
+        try_files $uri @rewrite; 
 
-    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
 
-    location ~ ^/sites/.*/files/imagecache/ {
-        try_files $uri @rewrite;
-    }
-        
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;             
-        include /etc/nginx/fastcgi_params;
+        location ~ ^/sites/.*/files/imagecache/ {
+            try_files $uri @rewrite;
+        }
+            
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;             
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.stpl
index bdf97f65..0d7930fa 100644
--- a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.stpl
@@ -11,66 +11,56 @@ server {
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
-
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
-
-    location ~ ^(/[a-z\-]+)?/system/files/ {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
     
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+    
+        try_files $uri /index.php?$query_string;  
+
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
+
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+        
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.tpl
index 14f0c833..6b41f319 100644
--- a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.tpl
@@ -7,66 +7,56 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-    
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+        
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }  
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
         try_files $uri /index.php?$query_string;
-    }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }                
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.stpl
index bdf97f65..6fd64db6 100644
--- a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.stpl
@@ -11,67 +11,62 @@ server {
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
+        location ~ /vendor/.*\.php$ {
+            deny all;
+            return 404;
+        }          
+        
         try_files $uri /index.php?$query_string;
-    }
+        
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
-    
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
-    }
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+        
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
+    }    
 
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.tpl
index 6d0e5bd6..452aa9e6 100644
--- a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.tpl
@@ -7,67 +7,62 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-    
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }  
-    
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
-    }          
+    }  
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+        
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
+        location ~ /vendor/.*\.php$ {
+            deny all;
+            return 404;
+        }          
+        
         try_files $uri /index.php?$query_string;
-    }
+        
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
-    }
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
+    }        
 
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal6.stpl
index 0af7ce84..9d984000 100644
--- a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal6.stpl
+++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal6.stpl
@@ -10,63 +10,53 @@ server {
     ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
-
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri @rewrite;
-    }
-
+   
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
-    }
-    
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }    
+    }   
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
         try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
 
-    location ~ ^/sites/.*/files/imagecache/ {
-        try_files $uri @rewrite;
-    }    
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;             
-        include /etc/nginx/fastcgi_params;
+        location ~ ^/sites/.*/files/imagecache/ {
+            try_files $uri @rewrite;
+        }    
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;             
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal6.tpl
index d1096bff..0ae7568b 100644
--- a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal6.tpl
+++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal6.tpl
@@ -7,62 +7,52 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-
-    location / {
-        try_files $uri @rewrite;
-    }
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
     
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }    
+        try_files $uri @rewrite; 
 
-    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
 
-    location ~ ^/sites/.*/files/imagecache/ {
-        try_files $uri @rewrite;
-    }
-        
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;             
-        include /etc/nginx/fastcgi_params;
+        location ~ ^/sites/.*/files/imagecache/ {
+            try_files $uri @rewrite;
+        }
+            
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;             
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.stpl
index bdf97f65..0d7930fa 100644
--- a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.stpl
@@ -11,66 +11,56 @@ server {
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
-
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
-
-    location ~ ^(/[a-z\-]+)?/system/files/ {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
     
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+    
+        try_files $uri /index.php?$query_string;  
+
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
+
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+        
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.tpl
index 14f0c833..6b41f319 100644
--- a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.tpl
@@ -7,66 +7,56 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-    
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+        
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }  
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
         try_files $uri /index.php?$query_string;
-    }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }                
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.stpl
index bdf97f65..6fd64db6 100644
--- a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.stpl
@@ -11,67 +11,62 @@ server {
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
+        location ~ /vendor/.*\.php$ {
+            deny all;
+            return 404;
+        }          
+        
         try_files $uri /index.php?$query_string;
-    }
+        
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
-    
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
-    }
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+        
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
+    }    
 
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.tpl
index 6d0e5bd6..452aa9e6 100644
--- a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.tpl
@@ -7,67 +7,62 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-    
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }  
-    
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
-    }          
+    }  
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+        
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
+        location ~ /vendor/.*\.php$ {
+            deny all;
+            return 404;
+        }          
+        
         try_files $uri /index.php?$query_string;
-    }
+        
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
-    }
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
+    }        
 
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal6.stpl
index 0af7ce84..9d984000 100644
--- a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal6.stpl
+++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal6.stpl
@@ -10,63 +10,53 @@ server {
     ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
-
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri @rewrite;
-    }
-
+   
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
-    }
-    
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }    
+    }   
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
         try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
 
-    location ~ ^/sites/.*/files/imagecache/ {
-        try_files $uri @rewrite;
-    }    
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;             
-        include /etc/nginx/fastcgi_params;
+        location ~ ^/sites/.*/files/imagecache/ {
+            try_files $uri @rewrite;
+        }    
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;             
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal6.tpl
index d1096bff..0ae7568b 100644
--- a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal6.tpl
+++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal6.tpl
@@ -7,62 +7,52 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-
-    location / {
-        try_files $uri @rewrite;
-    }
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
     
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }    
+        try_files $uri @rewrite; 
 
-    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
 
-    location ~ ^/sites/.*/files/imagecache/ {
-        try_files $uri @rewrite;
-    }
-        
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;             
-        include /etc/nginx/fastcgi_params;
+        location ~ ^/sites/.*/files/imagecache/ {
+            try_files $uri @rewrite;
+        }
+            
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;             
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.stpl
index bdf97f65..0d7930fa 100644
--- a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.stpl
@@ -11,66 +11,56 @@ server {
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
-
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
-
-    location ~ ^(/[a-z\-]+)?/system/files/ {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
     
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+    
+        try_files $uri /index.php?$query_string;  
+
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
+
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+        
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.tpl
index 14f0c833..6b41f319 100644
--- a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.tpl
@@ -7,66 +7,56 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-    
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+        
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }  
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
         try_files $uri /index.php?$query_string;
-    }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }                
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.stpl
index bdf97f65..6fd64db6 100644
--- a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.stpl
@@ -11,67 +11,62 @@ server {
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
+        location ~ /vendor/.*\.php$ {
+            deny all;
+            return 404;
+        }          
+        
         try_files $uri /index.php?$query_string;
-    }
+        
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
-    
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
-    }
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+        
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
+    }    
 
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.tpl
index 6d0e5bd6..452aa9e6 100644
--- a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.tpl
@@ -7,67 +7,62 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-    
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }  
-    
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
-    }          
+    }  
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+        
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
+        location ~ /vendor/.*\.php$ {
+            deny all;
+            return 404;
+        }          
+        
         try_files $uri /index.php?$query_string;
-    }
+        
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
-    }
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
+    }        
 
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal6.stpl
index 0af7ce84..9d984000 100644
--- a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal6.stpl
+++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal6.stpl
@@ -10,63 +10,53 @@ server {
     ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
-
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri @rewrite;
-    }
-
+   
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
-    }
-    
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }    
+    }   
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
         try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
 
-    location ~ ^/sites/.*/files/imagecache/ {
-        try_files $uri @rewrite;
-    }    
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;             
-        include /etc/nginx/fastcgi_params;
+        location ~ ^/sites/.*/files/imagecache/ {
+            try_files $uri @rewrite;
+        }    
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;             
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal6.tpl
index d1096bff..0ae7568b 100644
--- a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal6.tpl
+++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal6.tpl
@@ -7,62 +7,52 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-
-    location / {
-        try_files $uri @rewrite;
-    }
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
     
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }    
+        try_files $uri @rewrite; 
 
-    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
 
-    location ~ ^/sites/.*/files/imagecache/ {
-        try_files $uri @rewrite;
-    }
-        
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;             
-        include /etc/nginx/fastcgi_params;
+        location ~ ^/sites/.*/files/imagecache/ {
+            try_files $uri @rewrite;
+        }
+            
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;             
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.stpl
index bdf97f65..0d7930fa 100644
--- a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.stpl
@@ -11,66 +11,56 @@ server {
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
-
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
-
-    location ~ ^(/[a-z\-]+)?/system/files/ {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
     
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+    
+        try_files $uri /index.php?$query_string;  
+
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
+
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+        
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.tpl
index 14f0c833..6b41f319 100644
--- a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.tpl
@@ -7,66 +7,56 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-    
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+        
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }  
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
         try_files $uri /index.php?$query_string;
-    }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }                
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.stpl
index bdf97f65..6fd64db6 100644
--- a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.stpl
@@ -11,67 +11,62 @@ server {
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
+        location ~ /vendor/.*\.php$ {
+            deny all;
+            return 404;
+        }          
+        
         try_files $uri /index.php?$query_string;
-    }
+        
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
-    
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
-    }
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+        
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
+    }    
 
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.tpl
index 6d0e5bd6..452aa9e6 100644
--- a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.tpl
@@ -7,67 +7,62 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-    
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }  
-    
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
-    }          
+    }  
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+        
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
+        location ~ /vendor/.*\.php$ {
+            deny all;
+            return 404;
+        }          
+        
         try_files $uri /index.php?$query_string;
-    }
+        
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
-    }
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
+    }        
 
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal6.stpl
index 0af7ce84..9d984000 100644
--- a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal6.stpl
+++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal6.stpl
@@ -10,63 +10,53 @@ server {
     ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
-
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri @rewrite;
-    }
-
+   
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
-    }
-    
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }    
+    }   
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
         try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
 
-    location ~ ^/sites/.*/files/imagecache/ {
-        try_files $uri @rewrite;
-    }    
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;             
-        include /etc/nginx/fastcgi_params;
+        location ~ ^/sites/.*/files/imagecache/ {
+            try_files $uri @rewrite;
+        }    
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;             
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal6.tpl
index d1096bff..0ae7568b 100644
--- a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal6.tpl
+++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal6.tpl
@@ -7,62 +7,52 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-
-    location / {
-        try_files $uri @rewrite;
-    }
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
     
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }    
+        try_files $uri @rewrite; 
 
-    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
 
-    location ~ ^/sites/.*/files/imagecache/ {
-        try_files $uri @rewrite;
-    }
-        
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;             
-        include /etc/nginx/fastcgi_params;
+        location ~ ^/sites/.*/files/imagecache/ {
+            try_files $uri @rewrite;
+        }
+            
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;             
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.stpl
index bdf97f65..0d7930fa 100644
--- a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.stpl
@@ -11,66 +11,56 @@ server {
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
-
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
-
-    location ~ ^(/[a-z\-]+)?/system/files/ {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
     
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+    
+        try_files $uri /index.php?$query_string;  
+
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
+
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+        
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.tpl
index 14f0c833..6b41f319 100644
--- a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.tpl
@@ -7,66 +7,56 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-    
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+        
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }  
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
         try_files $uri /index.php?$query_string;
-    }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }                
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.stpl
index bdf97f65..6fd64db6 100644
--- a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.stpl
@@ -11,67 +11,62 @@ server {
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
+        location ~ /vendor/.*\.php$ {
+            deny all;
+            return 404;
+        }          
+        
         try_files $uri /index.php?$query_string;
-    }
+        
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
-    
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
-    }
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+        
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
+    }    
 
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.tpl
index 6d0e5bd6..452aa9e6 100644
--- a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.tpl
@@ -7,67 +7,62 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-    
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }  
-    
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
-    }          
+    }  
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+        
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
+        location ~ /vendor/.*\.php$ {
+            deny all;
+            return 404;
+        }          
+        
         try_files $uri /index.php?$query_string;
-    }
+        
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
-    }
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
+    }        
 
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal6.stpl
index 0af7ce84..9d984000 100644
--- a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal6.stpl
+++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal6.stpl
@@ -10,63 +10,53 @@ server {
     ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
-
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri @rewrite;
-    }
-
+   
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
-    }
-    
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }    
+    }   
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
         try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
 
-    location ~ ^/sites/.*/files/imagecache/ {
-        try_files $uri @rewrite;
-    }    
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;             
-        include /etc/nginx/fastcgi_params;
+        location ~ ^/sites/.*/files/imagecache/ {
+            try_files $uri @rewrite;
+        }    
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;             
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal6.tpl
index d1096bff..0ae7568b 100644
--- a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal6.tpl
+++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal6.tpl
@@ -7,62 +7,52 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-
-    location / {
-        try_files $uri @rewrite;
-    }
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
     
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }    
+        try_files $uri @rewrite; 
 
-    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
 
-    location ~ ^/sites/.*/files/imagecache/ {
-        try_files $uri @rewrite;
-    }
-        
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;             
-        include /etc/nginx/fastcgi_params;
+        location ~ ^/sites/.*/files/imagecache/ {
+            try_files $uri @rewrite;
+        }
+            
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;             
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.stpl
index bdf97f65..0d7930fa 100644
--- a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.stpl
@@ -11,66 +11,56 @@ server {
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
-
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
-
-    location ~ ^(/[a-z\-]+)?/system/files/ {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
     
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+    
+        try_files $uri /index.php?$query_string;  
+
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
+
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+        
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.tpl
index 14f0c833..6b41f319 100644
--- a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.tpl
@@ -7,66 +7,56 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-    
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+        
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }  
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
         try_files $uri /index.php?$query_string;
-    }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }                
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.stpl
index bdf97f65..6fd64db6 100644
--- a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.stpl
@@ -11,67 +11,62 @@ server {
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
+        location ~ /vendor/.*\.php$ {
+            deny all;
+            return 404;
+        }          
+        
         try_files $uri /index.php?$query_string;
-    }
+        
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
-    
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
-    }
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+        
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
+    }    
 
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.tpl
index 6d0e5bd6..452aa9e6 100644
--- a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.tpl
@@ -7,67 +7,62 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-    
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }  
-    
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
-    }          
+    }  
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+        
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
+        location ~ /vendor/.*\.php$ {
+            deny all;
+            return 404;
+        }          
+        
         try_files $uri /index.php?$query_string;
-    }
+        
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
-    }
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
+    }        
 
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal6.stpl
index 0af7ce84..9d984000 100644
--- a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal6.stpl
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal6.stpl
@@ -10,63 +10,53 @@ server {
     ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
-
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri @rewrite;
-    }
-
+   
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
-    }
-    
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }    
+    }   
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
         try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
 
-    location ~ ^/sites/.*/files/imagecache/ {
-        try_files $uri @rewrite;
-    }    
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;             
-        include /etc/nginx/fastcgi_params;
+        location ~ ^/sites/.*/files/imagecache/ {
+            try_files $uri @rewrite;
+        }    
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;             
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal6.tpl
index d1096bff..0ae7568b 100644
--- a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal6.tpl
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal6.tpl
@@ -7,62 +7,52 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-
-    location / {
-        try_files $uri @rewrite;
-    }
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
     
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }    
+        try_files $uri @rewrite; 
 
-    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
 
-    location ~ ^/sites/.*/files/imagecache/ {
-        try_files $uri @rewrite;
-    }
-        
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;             
-        include /etc/nginx/fastcgi_params;
+        location ~ ^/sites/.*/files/imagecache/ {
+            try_files $uri @rewrite;
+        }
+            
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;             
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.stpl
index bdf97f65..0d7930fa 100644
--- a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.stpl
@@ -11,66 +11,56 @@ server {
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
-
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
-
-    location ~ ^(/[a-z\-]+)?/system/files/ {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
     
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+    
+        try_files $uri /index.php?$query_string;  
+
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
+
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+        
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.tpl
index 14f0c833..6b41f319 100644
--- a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.tpl
@@ -7,66 +7,56 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-    
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+        
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }  
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
         try_files $uri /index.php?$query_string;
-    }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }                
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.stpl
index bdf97f65..6fd64db6 100644
--- a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.stpl
@@ -11,67 +11,62 @@ server {
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
+        location ~ /vendor/.*\.php$ {
+            deny all;
+            return 404;
+        }          
+        
         try_files $uri /index.php?$query_string;
-    }
+        
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
-    
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
-    }
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+        
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
+    }    
 
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.tpl
index 6d0e5bd6..452aa9e6 100644
--- a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.tpl
@@ -7,67 +7,62 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-    
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }  
-    
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
-    }          
+    }  
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+        
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
+        location ~ /vendor/.*\.php$ {
+            deny all;
+            return 404;
+        }          
+        
         try_files $uri /index.php?$query_string;
-    }
+        
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
-    }
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
+    }        
 
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal6.stpl
index 0af7ce84..9d984000 100644
--- a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal6.stpl
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal6.stpl
@@ -10,63 +10,53 @@ server {
     ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
-
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri @rewrite;
-    }
-
+   
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
-    }
-    
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }    
+    }   
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
         try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
 
-    location ~ ^/sites/.*/files/imagecache/ {
-        try_files $uri @rewrite;
-    }    
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;             
-        include /etc/nginx/fastcgi_params;
+        location ~ ^/sites/.*/files/imagecache/ {
+            try_files $uri @rewrite;
+        }    
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;             
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal6.tpl
index d1096bff..0ae7568b 100644
--- a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal6.tpl
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal6.tpl
@@ -7,62 +7,52 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-
-    location / {
-        try_files $uri @rewrite;
-    }
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
     
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }    
+        try_files $uri @rewrite; 
 
-    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
 
-    location ~ ^/sites/.*/files/imagecache/ {
-        try_files $uri @rewrite;
-    }
-        
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;             
-        include /etc/nginx/fastcgi_params;
+        location ~ ^/sites/.*/files/imagecache/ {
+            try_files $uri @rewrite;
+        }
+            
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;             
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.stpl
index bdf97f65..0d7930fa 100644
--- a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.stpl
@@ -11,66 +11,56 @@ server {
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
-
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
-
-    location ~ ^(/[a-z\-]+)?/system/files/ {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
     
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+    
+        try_files $uri /index.php?$query_string;  
+
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
+
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+        
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.tpl
index 14f0c833..6b41f319 100644
--- a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.tpl
@@ -7,66 +7,56 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-    
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+        
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }  
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
         try_files $uri /index.php?$query_string;
-    }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }                
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.stpl
index bdf97f65..6fd64db6 100644
--- a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.stpl
@@ -11,67 +11,62 @@ server {
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
+        location ~ /vendor/.*\.php$ {
+            deny all;
+            return 404;
+        }          
+        
         try_files $uri /index.php?$query_string;
-    }
+        
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
-    
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
-    }
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+        
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
+    }    
 
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.tpl
index 6d0e5bd6..452aa9e6 100644
--- a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.tpl
@@ -7,67 +7,62 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-    
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }  
-    
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
-    }          
+    }  
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+        
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
+        location ~ /vendor/.*\.php$ {
+            deny all;
+            return 404;
+        }          
+        
         try_files $uri /index.php?$query_string;
-    }
+        
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
-    }
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
+    }        
 
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.stpl
index 0af7ce84..9d984000 100644
--- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.stpl
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.stpl
@@ -10,63 +10,53 @@ server {
     ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
-
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri @rewrite;
-    }
-
+   
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
-    }
-    
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }    
+    }   
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
         try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
 
-    location ~ ^/sites/.*/files/imagecache/ {
-        try_files $uri @rewrite;
-    }    
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;             
-        include /etc/nginx/fastcgi_params;
+        location ~ ^/sites/.*/files/imagecache/ {
+            try_files $uri @rewrite;
+        }    
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;             
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.tpl
index d1096bff..0ae7568b 100644
--- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.tpl
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.tpl
@@ -7,62 +7,52 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-
-    location / {
-        try_files $uri @rewrite;
-    }
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
     
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }    
+        try_files $uri @rewrite; 
 
-    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
 
-    location ~ ^/sites/.*/files/imagecache/ {
-        try_files $uri @rewrite;
-    }
-        
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;             
-        include /etc/nginx/fastcgi_params;
+        location ~ ^/sites/.*/files/imagecache/ {
+            try_files $uri @rewrite;
+        }
+            
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;             
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.stpl
index bdf97f65..0d7930fa 100644
--- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.stpl
@@ -11,66 +11,56 @@ server {
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
-
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
-
-    location ~ ^(/[a-z\-]+)?/system/files/ {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
     
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+    
+        try_files $uri /index.php?$query_string;  
+
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
+
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+        
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.tpl
index 14f0c833..6b41f319 100644
--- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.tpl
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.tpl
@@ -7,66 +7,56 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-    
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+        
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }  
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
         try_files $uri /index.php?$query_string;
-    }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }                
     }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.stpl
index bdf97f65..6fd64db6 100644
--- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.stpl
@@ -11,67 +11,62 @@ server {
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-    }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }        
-
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
     }
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
+        location ~ /vendor/.*\.php$ {
+            deny all;
+            return 404;
+        }          
+        
         try_files $uri /index.php?$query_string;
-    }
+        
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
-    
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
-    }
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+        
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
+    }    
 
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.tpl
index 6d0e5bd6..452aa9e6 100644
--- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.tpl
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.tpl
@@ -7,67 +7,62 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    location = /favicon.ico {
-        log_not_found off;
-        access_log off;
-    }
-
-    location = /robots.txt {
-        allow all;
-        log_not_found off;
-        access_log off;
-    }
-
-    location ~* \.(txt|log)$ {
-        allow 192.168.0.0/16;
-        deny all;
-    }
-
-    location ~ \..*/.*\.php$ {
-        return 403;
-        }
-
-    location ~ ^/sites/.*/private/ {
-        return 403;
-    }
-    
-    location ~ ^/sites/[^/]+/files/.*\.php$ {
-        deny all;
-    }
-    
-    location / {
-        try_files $uri /index.php?$query_string;
-    }
-
-    location ~ /vendor/.*\.php$ {
-        deny all;
-        return 404;
-    }  
-    
     location @rewrite {
         rewrite ^/(.*)$ /index.php?q=$1;
-    }          
+    }  
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^/sites/.*/files/styles/ {
-        try_files $uri @rewrite;
-    }
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
 
-    location ~ ^(/[a-z\-]+)?/system/files/ {
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+        
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
+        location ~ /vendor/.*\.php$ {
+            deny all;
+            return 404;
+        }          
+        
         try_files $uri /index.php?$query_string;
-    }
+        
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
 
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
-        try_files $uri @rewrite;
-        expires max;
-        log_not_found off;
-    }
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
 
-    location ~ '\.php$|^/update.php' {
-        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-        fastcgi_pass %backend_lsnr%;
-        include         /etc/nginx/fastcgi_params;
-    }
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
+    }        
 
     error_page  403 /error/404.html;
     error_page  404 /error/404.html;

From 563a9d8b10243f5627f14ced6060867548b57380 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 12 Aug 2018 03:17:01 +0200
Subject: [PATCH 0183/2300] Avoid blocking v-backup-user because of already
 dumped db

Well, in one db.conf I found duplicated entry for the same database.

root@btvc:~# cat /usr/local/vesta/data/users/btvc2011/db.conf
DB='btvc2011_cart' DBUSER='btvc2011_9091dn' MD5='*' HOST='localhost' TYPE='mysql' CHARSET='UTF8' U_DISK='1' SUSPENDED='no' TIME='' DATE=''
DB='btvc2011_cart' DBUSER='btvc2011_admin' MD5='*' HOST='localhost' TYPE='mysql' CHARSET='UTF8' U_DISK='0' SUSPENDED='no' TIME='' DATE=''
DB='btvc2011_cart' DBUSER='btvc2011_david' MD5='*' HOST='localhost' TYPE='mysql' CHARSET='UTF8' U_DISK='0' SUSPENDED='no' TIME='' DATE=''
DB='btvc2011_cart' DBUSER='btvc2011_djn' MD5='*' HOST='localhost' TYPE='mysql' CHARSET='UTF8' U_DISK='0' SUSPENDED='no' TIME='' DATE=''
DB='btvc2011_cart' DBUSER='btvc2011_jd' MD5='*' HOST='localhost' TYPE='mysql' CHARSET='UTF8' U_DISK='0' SUSPENDED='no' TIME='' DATE=''
DB='btvc2011_cart' DBUSER='btvc2011_oscar' MD5='*' HOST='localhost' TYPE='mysql' CHARSET='UTF8' U_DISK='0' SUSPENDED='no' TIME='' DATE=''

Obviously different users has access to the same database.
I know that this is impossible to create in Vesta.
But @Skamasle thirt-party script for importing cPanels backup obviously CAN do that... and many people use that cPanel importer.

This fix will avoid databases that are already dumped.
Without this fix backup script get stuck on stdin waiting for:
gzip: /backup/tmp.4YlV9Yr4m5/db/btvc2011_cart/btvc2011_cart.mysql.sql.gz already exists; do you wish to overwrite (y or n)?
---
 bin/v-backup-user | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/bin/v-backup-user b/bin/v-backup-user
index bc57cafc..b9fa8420 100755
--- a/bin/v-backup-user
+++ b/bin/v-backup-user
@@ -393,13 +393,15 @@ if [ ! -z "$DB_SYSTEM" ] && [ "$DB" != '*' ]; then
 
         dump="$tmpdir/db/$database/$database.$TYPE.sql"
         grants="$tmpdir/db/$database/conf/$database.$TYPE.$DBUSER"
-        case $TYPE in
-            mysql) dump_mysql_database ;;
-            pgsql) dump_pgsql_database ;;
-        esac
+        if [ ! -f "$dump" ]; then
+            case $TYPE in
+                mysql) dump_mysql_database ;;
+                pgsql) dump_pgsql_database ;;
+            esac
 
-        # Compress dump
-        gzip -$BACKUP_GZIP $dump
+            # Compress dump
+            gzip -$BACKUP_GZIP $dump
+        fi
     done
 
     # Print total

From df7cccac4cc1d1f7fc3aef1b4524c18d9666f00f Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 12 Aug 2018 04:25:18 +0200
Subject: [PATCH 0184/2300] Little fix for previous commit

see https://github.com/serghey-rodin/vesta/commit/563a9d8b10243f5627f14ced6060867548b57380
---
 bin/v-backup-user | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/bin/v-backup-user b/bin/v-backup-user
index b9fa8420..f9569aa4 100755
--- a/bin/v-backup-user
+++ b/bin/v-backup-user
@@ -392,8 +392,9 @@ if [ ! -z "$DB_SYSTEM" ] && [ "$DB" != '*' ]; then
         grep "DB='$database'" $conf > vesta/db.conf
 
         dump="$tmpdir/db/$database/$database.$TYPE.sql"
+        dumpgz="$tmpdir/db/$database/$database.$TYPE.sql.gz"
         grants="$tmpdir/db/$database/conf/$database.$TYPE.$DBUSER"
-        if [ ! -f "$dump" ]; then
+        if [ ! -f "$dumpgz" ]; then
             case $TYPE in
                 mysql) dump_mysql_database ;;
                 pgsql) dump_pgsql_database ;;

From ebc67f647843d23f87a4bbb60a2f504b6d10b421 Mon Sep 17 00:00:00 2001
From: Chernyavskiy Leonid 
Date: Fri, 24 Aug 2018 14:05:37 +0700
Subject: [PATCH 0185/2300] Fix invalid extension replace in add_web_config

Do not use globbing, because it kills too many characters.
Use conditionals and search at the end of the line instead.
---
 func/domain.sh | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/func/domain.sh b/func/domain.sh
index cc66aecb..59823b28 100644
--- a/func/domain.sh
+++ b/func/domain.sh
@@ -215,7 +215,11 @@ add_web_config() {
         fi
     fi
 
-    trigger="${2/.*pl/.sh}"
+    trigger="${2/%.tpl/.sh}"
+    if [[ "$2" =~ stpl$ ]]; then
+        trigger="${2/%.stpl/.sh}"
+    fi
+
     if [ -x "$WEBTPL/$1/$WEB_BACKEND/$trigger" ]; then
         $WEBTPL/$1/$WEB_BACKEND/$trigger \
             $user $domain $local_ip $HOMEDIR \

From d2764a6481a08d7aabdadc30f0ee9c08d5ec6c65 Mon Sep 17 00:00:00 2001
From: Skull Writter <7103685+skullwritter@users.noreply.github.com>
Date: Fri, 31 Aug 2018 15:35:21 +0000
Subject: [PATCH 0186/2300] Missing function: is_format_valid_shell

---
 func/main.sh | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/func/main.sh b/func/main.sh
index be626702..e78e6edf 100644
--- a/func/main.sh
+++ b/func/main.sh
@@ -805,7 +805,16 @@ is_password_format_valid() {
         check_result $E_INVALID "invalid password format :: $1"
     fi
 }
-
+# Missing function - 
+# Before: validate_format_shell 
+# After: is_format_valid_shell
+is_format_valid_shell() {	
+    if [ -z "$(grep -w $1 /etc/shells)" ]; then	
+        echo "Error: shell $1 is not valid"	
+        log_event "$E_INVALID" "$EVENT"	
+        exit $E_INVALID	
+    fi	
+}
 # Format validation controller
 is_format_valid() {
     for arg_name in $*; do
@@ -872,7 +881,9 @@ is_format_valid() {
                 restart)        is_boolean_format_valid "$arg" 'restart' ;;
                 rtype)          is_dns_type_format_valid "$arg" ;;
                 rule)           is_int_format_valid "$arg" "rule id" ;;
-                soa)            is_domain_format_valid "$arg" 'SOA' ;;
+                soa)            is_domain_format_valid "$arg" 'SOA' ;;	
+                #missing command: is_format_valid_shell
+                shell)          is_format_valid_shell "$arg" ;;
                 stats_pass)     is_password_format_valid "$arg" ;;
                 stats_user)     is_user_format_valid "$arg" "$arg_name" ;;
                 template)       is_object_format_valid "$arg" "$arg_name" ;;

From 1ba6d24189a463cf6577184ea118c6e2c914564d Mon Sep 17 00:00:00 2001
From: Skull Writter <7103685+skullwritter@users.noreply.github.com>
Date: Fri, 31 Aug 2018 15:49:32 +0000
Subject: [PATCH 0187/2300] Typo in function name

---
 bin/v-add-user-package | 22 +++++++++++-----------
 1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/bin/v-add-user-package b/bin/v-add-user-package
index 23f42725..0cab1a3d 100755
--- a/bin/v-add-user-package
+++ b/bin/v-add-user-package
@@ -30,37 +30,37 @@ is_package_new() {
 is_package_consistent() {
     source $pkg_dir/$package.pkg
     if [ "$WEB_DOMAINS" != 'unlimited' ]; then
-        is_format_valid_int $WEB_DOMAINS 'WEB_DOMAINS'
+        is_int_format_valid $WEB_DOMAINS 'WEB_DOMAINS'
     fi
     if [ "$WEB_ALIASES" != 'unlimited' ]; then
-        is_format_valid_int $WEB_ALIASES 'WEB_ALIASES'
+        is_int_format_valid $WEB_ALIASES 'WEB_ALIASES'
     fi
     if [ "$DNS_DOMAINS" != 'unlimited' ]; then
-        is_format_valid_int $DNS_DOMAINS 'DNS_DOMAINS'
+        is_int_format_valid $DNS_DOMAINS 'DNS_DOMAINS'
     fi
     if [ "$DNS_RECORDS" != 'unlimited' ]; then
-        is_format_valid_int $DNS_RECORDS 'DNS_RECORDS'
+        is_int_format_valid $DNS_RECORDS 'DNS_RECORDS'
     fi
     if [ "$MAIL_DOMAINS" != 'unlimited' ]; then
-        is_format_valid_int $MAIL_DOMAINS 'MAIL_DOMAINS'
+        is_int_format_valid $MAIL_DOMAINS 'MAIL_DOMAINS'
     fi
     if [ "$MAIL_ACCOUNTS" != 'unlimited' ]; then
-        is_format_valid_int $MAIL_ACCOUNTS 'MAIL_ACCOUNTS'
+        is_int_format_valid $MAIL_ACCOUNTS 'MAIL_ACCOUNTS'
     fi
     if [ "$DATABASES" != 'unlimited' ]; then
-        is_format_valid_int $DATABASES 'DATABASES'
+        is_int_format_valid $DATABASES 'DATABASES'
     fi
     if [ "$CRON_JOBS" != 'unlimited' ]; then
-        is_format_valid_int $CRON_JOBS 'CRON_JOBS'
+        is_int_format_valid $CRON_JOBS 'CRON_JOBS'
     fi
     if [ "$DISK_QUOTA" != 'unlimited' ]; then
-        is_format_valid_int $DISK_QUOTA 'DISK_QUOTA'
+        is_int_format_valid $DISK_QUOTA 'DISK_QUOTA'
     fi
     if [ "$BANDWIDTH" != 'unlimited' ]; then
-        is_format_valid_int $BANDWIDTH 'BANDWIDTH'
+        is_int_format_valid $BANDWIDTH 'BANDWIDTH'
     fi
     if [ "$BACKUPS" != 'unlimited' ]; then
-        is_format_valid_int $BACKUPS 'BACKUPS'
+        is_int_format_valid $BACKUPS 'BACKUPS'
     fi
     is_format_valid_shell $SHELL
 }

From 8d4a2c170759ef0dfa5468f28c5715b62aa516cf Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 2 Sep 2018 02:07:19 +0200
Subject: [PATCH 0188/2300] Block backup if current hour is after 8 AM

---
 bin/v-backup-user | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/bin/v-backup-user b/bin/v-backup-user
index f9569aa4..07064eb3 100755
--- a/bin/v-backup-user
+++ b/bin/v-backup-user
@@ -39,6 +39,15 @@ is_backup_enabled
 #                       Action                             #
 #----------------------------------------------------------#
 
+# block backup if current hour is after 8 AM
+if pgrep -x "v-backup-users" > /dev/null
+then
+hour=$(date +"%H");
+    while [ "$hour" -gt "8" ]; do
+        sleep 300
+    done
+fi
+
 # Set backup directory if undefined
 if [ -z "$BACKUP" ]; then
     BACKUP=/backup

From fc187b38637a1101abf235fba80f2929fd16d5dd Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 2 Sep 2018 21:40:01 +0200
Subject: [PATCH 0189/2300] Block backup if current hour is after 6 AM

---
 bin/v-backup-user | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/bin/v-backup-user b/bin/v-backup-user
index 07064eb3..9f9e2c37 100755
--- a/bin/v-backup-user
+++ b/bin/v-backup-user
@@ -39,11 +39,11 @@ is_backup_enabled
 #                       Action                             #
 #----------------------------------------------------------#
 
-# block backup if current hour is after 8 AM
+# block backup if current hour is after 6 AM
 if pgrep -x "v-backup-users" > /dev/null
 then
 hour=$(date +"%H");
-    while [ "$hour" -gt "8" ]; do
+    while [ "$hour" -gt "6" ]; do
         sleep 300
     done
 fi

From d6c79c7d7ee3b5cbc04b235798af9e6d1a7a62f5 Mon Sep 17 00:00:00 2001
From: Dmitry Bannik 
Date: Mon, 3 Sep 2018 21:55:46 +0300
Subject: [PATCH 0190/2300] bugfix nginx templates

---
 install/ubuntu/12.04/templates/web/nginx/http2.stpl      | 6 +++---
 install/ubuntu/12.04/templates/web/nginx/http2.tpl       | 6 +++---
 install/ubuntu/12.10/templates/web/nginx/http2.stpl      | 6 +++---
 install/ubuntu/12.10/templates/web/nginx/http2.tpl       | 6 +++---
 install/ubuntu/13.04/templates/web/nginx/http2.stpl      | 6 +++---
 install/ubuntu/13.04/templates/web/nginx/http2.tpl       | 6 +++---
 install/ubuntu/13.10/templates/web/nginx/http2.stpl      | 6 +++---
 install/ubuntu/13.10/templates/web/nginx/http2.tpl       | 6 +++---
 install/ubuntu/14.04/templates/web/nginx/http2.stpl      | 6 +++---
 install/ubuntu/14.04/templates/web/nginx/http2.tpl       | 6 +++---
 install/ubuntu/14.10/templates/web/nginx/http2.stpl      | 6 +++---
 install/ubuntu/14.10/templates/web/nginx/http2.tpl       | 6 +++---
 install/ubuntu/15.04/templates/web/nginx/http2.stpl      | 6 +++---
 install/ubuntu/15.04/templates/web/nginx/http2.tpl       | 6 +++---
 install/ubuntu/15.10/templates/web/nginx/http2.stpl      | 6 +++---
 install/ubuntu/15.10/templates/web/nginx/http2.tpl       | 6 +++---
 install/ubuntu/16.04/templates/web/nginx/http2.stpl      | 6 +++---
 install/ubuntu/16.04/templates/web/nginx/http2.tpl       | 6 +++---
 install/ubuntu/16.10/templates/web/nginx/http2.stpl      | 6 +++---
 install/ubuntu/16.10/templates/web/nginx/http2.tpl       | 6 +++---
 install/ubuntu/17.04/templates/web/nginx/http2.stpl      | 6 +++---
 install/ubuntu/17.04/templates/web/nginx/http2.tpl       | 6 +++---
 install/ubuntu/17.10/templates/web/nginx/http2.stpl      | 6 +++---
 install/ubuntu/17.10/templates/web/nginx/http2.tpl       | 6 +++---
 install/ubuntu/18.04/templates/web/nginx/caching.stpl    | 3 +--
 install/ubuntu/18.04/templates/web/nginx/default.stpl    | 3 +--
 install/ubuntu/18.04/templates/web/nginx/hosting.stpl    | 3 +--
 install/ubuntu/18.04/templates/web/nginx/http2.stpl      | 9 ++++-----
 install/ubuntu/18.04/templates/web/nginx/http2.tpl       | 6 +++---
 .../templates/web/nginx/php-fpm/cms_made_simple.stpl     | 3 +--
 .../18.04/templates/web/nginx/php-fpm/codeigniter2.stpl  | 3 +--
 .../18.04/templates/web/nginx/php-fpm/codeigniter3.stpl  | 3 +--
 .../templates/web/nginx/php-fpm/datalife_engine.stpl     | 3 +--
 .../18.04/templates/web/nginx/php-fpm/default.stpl       | 3 +--
 .../18.04/templates/web/nginx/php-fpm/dokuwiki.stpl      | 3 +--
 .../18.04/templates/web/nginx/php-fpm/drupal6.stpl       | 3 +--
 .../18.04/templates/web/nginx/php-fpm/drupal7.stpl       | 3 +--
 .../18.04/templates/web/nginx/php-fpm/drupal8.stpl       | 3 +--
 .../ubuntu/18.04/templates/web/nginx/php-fpm/joomla.stpl | 3 +--
 .../18.04/templates/web/nginx/php-fpm/laravel.stpl       | 3 +--
 .../18.04/templates/web/nginx/php-fpm/magento.stpl       | 3 +--
 .../ubuntu/18.04/templates/web/nginx/php-fpm/modx.stpl   | 3 +--
 .../ubuntu/18.04/templates/web/nginx/php-fpm/moodle.stpl | 3 +--
 .../ubuntu/18.04/templates/web/nginx/php-fpm/no-php.stpl | 3 +--
 .../ubuntu/18.04/templates/web/nginx/php-fpm/odoo.stpl   | 3 +--
 .../18.04/templates/web/nginx/php-fpm/opencart.stpl      | 3 +--
 .../18.04/templates/web/nginx/php-fpm/owncloud.stpl      | 3 +--
 .../ubuntu/18.04/templates/web/nginx/php-fpm/piwik.stpl  | 3 +--
 .../18.04/templates/web/nginx/php-fpm/pyrocms.stpl       | 3 +--
 .../18.04/templates/web/nginx/php-fpm/wordpress.stpl     | 3 +--
 .../18.04/templates/web/nginx/php-fpm/wordpress2.stpl    | 3 +--
 .../templates/web/nginx/php-fpm/wordpress2_rewrite.stpl  | 3 +--
 52 files changed, 105 insertions(+), 132 deletions(-)

diff --git a/install/ubuntu/12.04/templates/web/nginx/http2.stpl b/install/ubuntu/12.04/templates/web/nginx/http2.stpl
index 76dd2f8e..72e72a90 100644
--- a/install/ubuntu/12.04/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/12.04/templates/web/nginx/http2.stpl
@@ -4,14 +4,14 @@ server {
     ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
-    error_log  /var/log/httpd/domains/%domain%.error.log error;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
 
     location / {
         proxy_pass      https://%ip%:%web_ssl_port%;
         location ~* ^.+\.(%proxy_extentions%)$ {
             root           %sdocroot%;
-            access_log     /var/log/httpd/domains/%domain%.log combined;
-            access_log     /var/log/httpd/domains/%domain%.bytes bytes;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
             expires        max;
             try_files      $uri @fallback;
         }
diff --git a/install/ubuntu/12.04/templates/web/nginx/http2.tpl b/install/ubuntu/12.04/templates/web/nginx/http2.tpl
index c1fec114..4d5c774b 100644
--- a/install/ubuntu/12.04/templates/web/nginx/http2.tpl
+++ b/install/ubuntu/12.04/templates/web/nginx/http2.tpl
@@ -1,14 +1,14 @@
 server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
-    error_log  /var/log/httpd/domains/%domain%.error.log error;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
 
     location / {
         proxy_pass      http://%ip%:%web_port%;
         location ~* ^.+\.(%proxy_extentions%)$ {
             root           %docroot%;
-            access_log     /var/log/httpd/domains/%domain%.log combined;
-            access_log     /var/log/httpd/domains/%domain%.bytes bytes;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
             expires        max;
             try_files      $uri @fallback;
         }
diff --git a/install/ubuntu/12.10/templates/web/nginx/http2.stpl b/install/ubuntu/12.10/templates/web/nginx/http2.stpl
index 76dd2f8e..72e72a90 100644
--- a/install/ubuntu/12.10/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/12.10/templates/web/nginx/http2.stpl
@@ -4,14 +4,14 @@ server {
     ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
-    error_log  /var/log/httpd/domains/%domain%.error.log error;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
 
     location / {
         proxy_pass      https://%ip%:%web_ssl_port%;
         location ~* ^.+\.(%proxy_extentions%)$ {
             root           %sdocroot%;
-            access_log     /var/log/httpd/domains/%domain%.log combined;
-            access_log     /var/log/httpd/domains/%domain%.bytes bytes;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
             expires        max;
             try_files      $uri @fallback;
         }
diff --git a/install/ubuntu/12.10/templates/web/nginx/http2.tpl b/install/ubuntu/12.10/templates/web/nginx/http2.tpl
index c1fec114..4d5c774b 100644
--- a/install/ubuntu/12.10/templates/web/nginx/http2.tpl
+++ b/install/ubuntu/12.10/templates/web/nginx/http2.tpl
@@ -1,14 +1,14 @@
 server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
-    error_log  /var/log/httpd/domains/%domain%.error.log error;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
 
     location / {
         proxy_pass      http://%ip%:%web_port%;
         location ~* ^.+\.(%proxy_extentions%)$ {
             root           %docroot%;
-            access_log     /var/log/httpd/domains/%domain%.log combined;
-            access_log     /var/log/httpd/domains/%domain%.bytes bytes;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
             expires        max;
             try_files      $uri @fallback;
         }
diff --git a/install/ubuntu/13.04/templates/web/nginx/http2.stpl b/install/ubuntu/13.04/templates/web/nginx/http2.stpl
index 76dd2f8e..72e72a90 100644
--- a/install/ubuntu/13.04/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/13.04/templates/web/nginx/http2.stpl
@@ -4,14 +4,14 @@ server {
     ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
-    error_log  /var/log/httpd/domains/%domain%.error.log error;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
 
     location / {
         proxy_pass      https://%ip%:%web_ssl_port%;
         location ~* ^.+\.(%proxy_extentions%)$ {
             root           %sdocroot%;
-            access_log     /var/log/httpd/domains/%domain%.log combined;
-            access_log     /var/log/httpd/domains/%domain%.bytes bytes;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
             expires        max;
             try_files      $uri @fallback;
         }
diff --git a/install/ubuntu/13.04/templates/web/nginx/http2.tpl b/install/ubuntu/13.04/templates/web/nginx/http2.tpl
index c1fec114..4d5c774b 100644
--- a/install/ubuntu/13.04/templates/web/nginx/http2.tpl
+++ b/install/ubuntu/13.04/templates/web/nginx/http2.tpl
@@ -1,14 +1,14 @@
 server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
-    error_log  /var/log/httpd/domains/%domain%.error.log error;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
 
     location / {
         proxy_pass      http://%ip%:%web_port%;
         location ~* ^.+\.(%proxy_extentions%)$ {
             root           %docroot%;
-            access_log     /var/log/httpd/domains/%domain%.log combined;
-            access_log     /var/log/httpd/domains/%domain%.bytes bytes;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
             expires        max;
             try_files      $uri @fallback;
         }
diff --git a/install/ubuntu/13.10/templates/web/nginx/http2.stpl b/install/ubuntu/13.10/templates/web/nginx/http2.stpl
index 76dd2f8e..72e72a90 100644
--- a/install/ubuntu/13.10/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/13.10/templates/web/nginx/http2.stpl
@@ -4,14 +4,14 @@ server {
     ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
-    error_log  /var/log/httpd/domains/%domain%.error.log error;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
 
     location / {
         proxy_pass      https://%ip%:%web_ssl_port%;
         location ~* ^.+\.(%proxy_extentions%)$ {
             root           %sdocroot%;
-            access_log     /var/log/httpd/domains/%domain%.log combined;
-            access_log     /var/log/httpd/domains/%domain%.bytes bytes;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
             expires        max;
             try_files      $uri @fallback;
         }
diff --git a/install/ubuntu/13.10/templates/web/nginx/http2.tpl b/install/ubuntu/13.10/templates/web/nginx/http2.tpl
index c1fec114..4d5c774b 100644
--- a/install/ubuntu/13.10/templates/web/nginx/http2.tpl
+++ b/install/ubuntu/13.10/templates/web/nginx/http2.tpl
@@ -1,14 +1,14 @@
 server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
-    error_log  /var/log/httpd/domains/%domain%.error.log error;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
 
     location / {
         proxy_pass      http://%ip%:%web_port%;
         location ~* ^.+\.(%proxy_extentions%)$ {
             root           %docroot%;
-            access_log     /var/log/httpd/domains/%domain%.log combined;
-            access_log     /var/log/httpd/domains/%domain%.bytes bytes;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
             expires        max;
             try_files      $uri @fallback;
         }
diff --git a/install/ubuntu/14.04/templates/web/nginx/http2.stpl b/install/ubuntu/14.04/templates/web/nginx/http2.stpl
index 76dd2f8e..72e72a90 100644
--- a/install/ubuntu/14.04/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/14.04/templates/web/nginx/http2.stpl
@@ -4,14 +4,14 @@ server {
     ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
-    error_log  /var/log/httpd/domains/%domain%.error.log error;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
 
     location / {
         proxy_pass      https://%ip%:%web_ssl_port%;
         location ~* ^.+\.(%proxy_extentions%)$ {
             root           %sdocroot%;
-            access_log     /var/log/httpd/domains/%domain%.log combined;
-            access_log     /var/log/httpd/domains/%domain%.bytes bytes;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
             expires        max;
             try_files      $uri @fallback;
         }
diff --git a/install/ubuntu/14.04/templates/web/nginx/http2.tpl b/install/ubuntu/14.04/templates/web/nginx/http2.tpl
index c1fec114..4d5c774b 100644
--- a/install/ubuntu/14.04/templates/web/nginx/http2.tpl
+++ b/install/ubuntu/14.04/templates/web/nginx/http2.tpl
@@ -1,14 +1,14 @@
 server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
-    error_log  /var/log/httpd/domains/%domain%.error.log error;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
 
     location / {
         proxy_pass      http://%ip%:%web_port%;
         location ~* ^.+\.(%proxy_extentions%)$ {
             root           %docroot%;
-            access_log     /var/log/httpd/domains/%domain%.log combined;
-            access_log     /var/log/httpd/domains/%domain%.bytes bytes;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
             expires        max;
             try_files      $uri @fallback;
         }
diff --git a/install/ubuntu/14.10/templates/web/nginx/http2.stpl b/install/ubuntu/14.10/templates/web/nginx/http2.stpl
index 76dd2f8e..72e72a90 100644
--- a/install/ubuntu/14.10/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/14.10/templates/web/nginx/http2.stpl
@@ -4,14 +4,14 @@ server {
     ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
-    error_log  /var/log/httpd/domains/%domain%.error.log error;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
 
     location / {
         proxy_pass      https://%ip%:%web_ssl_port%;
         location ~* ^.+\.(%proxy_extentions%)$ {
             root           %sdocroot%;
-            access_log     /var/log/httpd/domains/%domain%.log combined;
-            access_log     /var/log/httpd/domains/%domain%.bytes bytes;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
             expires        max;
             try_files      $uri @fallback;
         }
diff --git a/install/ubuntu/14.10/templates/web/nginx/http2.tpl b/install/ubuntu/14.10/templates/web/nginx/http2.tpl
index c1fec114..4d5c774b 100644
--- a/install/ubuntu/14.10/templates/web/nginx/http2.tpl
+++ b/install/ubuntu/14.10/templates/web/nginx/http2.tpl
@@ -1,14 +1,14 @@
 server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
-    error_log  /var/log/httpd/domains/%domain%.error.log error;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
 
     location / {
         proxy_pass      http://%ip%:%web_port%;
         location ~* ^.+\.(%proxy_extentions%)$ {
             root           %docroot%;
-            access_log     /var/log/httpd/domains/%domain%.log combined;
-            access_log     /var/log/httpd/domains/%domain%.bytes bytes;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
             expires        max;
             try_files      $uri @fallback;
         }
diff --git a/install/ubuntu/15.04/templates/web/nginx/http2.stpl b/install/ubuntu/15.04/templates/web/nginx/http2.stpl
index 76dd2f8e..72e72a90 100644
--- a/install/ubuntu/15.04/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/15.04/templates/web/nginx/http2.stpl
@@ -4,14 +4,14 @@ server {
     ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
-    error_log  /var/log/httpd/domains/%domain%.error.log error;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
 
     location / {
         proxy_pass      https://%ip%:%web_ssl_port%;
         location ~* ^.+\.(%proxy_extentions%)$ {
             root           %sdocroot%;
-            access_log     /var/log/httpd/domains/%domain%.log combined;
-            access_log     /var/log/httpd/domains/%domain%.bytes bytes;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
             expires        max;
             try_files      $uri @fallback;
         }
diff --git a/install/ubuntu/15.04/templates/web/nginx/http2.tpl b/install/ubuntu/15.04/templates/web/nginx/http2.tpl
index c1fec114..4d5c774b 100644
--- a/install/ubuntu/15.04/templates/web/nginx/http2.tpl
+++ b/install/ubuntu/15.04/templates/web/nginx/http2.tpl
@@ -1,14 +1,14 @@
 server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
-    error_log  /var/log/httpd/domains/%domain%.error.log error;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
 
     location / {
         proxy_pass      http://%ip%:%web_port%;
         location ~* ^.+\.(%proxy_extentions%)$ {
             root           %docroot%;
-            access_log     /var/log/httpd/domains/%domain%.log combined;
-            access_log     /var/log/httpd/domains/%domain%.bytes bytes;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
             expires        max;
             try_files      $uri @fallback;
         }
diff --git a/install/ubuntu/15.10/templates/web/nginx/http2.stpl b/install/ubuntu/15.10/templates/web/nginx/http2.stpl
index 76dd2f8e..72e72a90 100644
--- a/install/ubuntu/15.10/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/15.10/templates/web/nginx/http2.stpl
@@ -4,14 +4,14 @@ server {
     ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
-    error_log  /var/log/httpd/domains/%domain%.error.log error;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
 
     location / {
         proxy_pass      https://%ip%:%web_ssl_port%;
         location ~* ^.+\.(%proxy_extentions%)$ {
             root           %sdocroot%;
-            access_log     /var/log/httpd/domains/%domain%.log combined;
-            access_log     /var/log/httpd/domains/%domain%.bytes bytes;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
             expires        max;
             try_files      $uri @fallback;
         }
diff --git a/install/ubuntu/15.10/templates/web/nginx/http2.tpl b/install/ubuntu/15.10/templates/web/nginx/http2.tpl
index c1fec114..4d5c774b 100644
--- a/install/ubuntu/15.10/templates/web/nginx/http2.tpl
+++ b/install/ubuntu/15.10/templates/web/nginx/http2.tpl
@@ -1,14 +1,14 @@
 server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
-    error_log  /var/log/httpd/domains/%domain%.error.log error;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
 
     location / {
         proxy_pass      http://%ip%:%web_port%;
         location ~* ^.+\.(%proxy_extentions%)$ {
             root           %docroot%;
-            access_log     /var/log/httpd/domains/%domain%.log combined;
-            access_log     /var/log/httpd/domains/%domain%.bytes bytes;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
             expires        max;
             try_files      $uri @fallback;
         }
diff --git a/install/ubuntu/16.04/templates/web/nginx/http2.stpl b/install/ubuntu/16.04/templates/web/nginx/http2.stpl
index 76dd2f8e..72e72a90 100644
--- a/install/ubuntu/16.04/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/16.04/templates/web/nginx/http2.stpl
@@ -4,14 +4,14 @@ server {
     ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
-    error_log  /var/log/httpd/domains/%domain%.error.log error;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
 
     location / {
         proxy_pass      https://%ip%:%web_ssl_port%;
         location ~* ^.+\.(%proxy_extentions%)$ {
             root           %sdocroot%;
-            access_log     /var/log/httpd/domains/%domain%.log combined;
-            access_log     /var/log/httpd/domains/%domain%.bytes bytes;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
             expires        max;
             try_files      $uri @fallback;
         }
diff --git a/install/ubuntu/16.04/templates/web/nginx/http2.tpl b/install/ubuntu/16.04/templates/web/nginx/http2.tpl
index c1fec114..4d5c774b 100644
--- a/install/ubuntu/16.04/templates/web/nginx/http2.tpl
+++ b/install/ubuntu/16.04/templates/web/nginx/http2.tpl
@@ -1,14 +1,14 @@
 server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
-    error_log  /var/log/httpd/domains/%domain%.error.log error;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
 
     location / {
         proxy_pass      http://%ip%:%web_port%;
         location ~* ^.+\.(%proxy_extentions%)$ {
             root           %docroot%;
-            access_log     /var/log/httpd/domains/%domain%.log combined;
-            access_log     /var/log/httpd/domains/%domain%.bytes bytes;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
             expires        max;
             try_files      $uri @fallback;
         }
diff --git a/install/ubuntu/16.10/templates/web/nginx/http2.stpl b/install/ubuntu/16.10/templates/web/nginx/http2.stpl
index 76dd2f8e..72e72a90 100644
--- a/install/ubuntu/16.10/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/16.10/templates/web/nginx/http2.stpl
@@ -4,14 +4,14 @@ server {
     ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
-    error_log  /var/log/httpd/domains/%domain%.error.log error;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
 
     location / {
         proxy_pass      https://%ip%:%web_ssl_port%;
         location ~* ^.+\.(%proxy_extentions%)$ {
             root           %sdocroot%;
-            access_log     /var/log/httpd/domains/%domain%.log combined;
-            access_log     /var/log/httpd/domains/%domain%.bytes bytes;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
             expires        max;
             try_files      $uri @fallback;
         }
diff --git a/install/ubuntu/16.10/templates/web/nginx/http2.tpl b/install/ubuntu/16.10/templates/web/nginx/http2.tpl
index c1fec114..4d5c774b 100644
--- a/install/ubuntu/16.10/templates/web/nginx/http2.tpl
+++ b/install/ubuntu/16.10/templates/web/nginx/http2.tpl
@@ -1,14 +1,14 @@
 server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
-    error_log  /var/log/httpd/domains/%domain%.error.log error;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
 
     location / {
         proxy_pass      http://%ip%:%web_port%;
         location ~* ^.+\.(%proxy_extentions%)$ {
             root           %docroot%;
-            access_log     /var/log/httpd/domains/%domain%.log combined;
-            access_log     /var/log/httpd/domains/%domain%.bytes bytes;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
             expires        max;
             try_files      $uri @fallback;
         }
diff --git a/install/ubuntu/17.04/templates/web/nginx/http2.stpl b/install/ubuntu/17.04/templates/web/nginx/http2.stpl
index 76dd2f8e..72e72a90 100644
--- a/install/ubuntu/17.04/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/17.04/templates/web/nginx/http2.stpl
@@ -4,14 +4,14 @@ server {
     ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
-    error_log  /var/log/httpd/domains/%domain%.error.log error;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
 
     location / {
         proxy_pass      https://%ip%:%web_ssl_port%;
         location ~* ^.+\.(%proxy_extentions%)$ {
             root           %sdocroot%;
-            access_log     /var/log/httpd/domains/%domain%.log combined;
-            access_log     /var/log/httpd/domains/%domain%.bytes bytes;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
             expires        max;
             try_files      $uri @fallback;
         }
diff --git a/install/ubuntu/17.04/templates/web/nginx/http2.tpl b/install/ubuntu/17.04/templates/web/nginx/http2.tpl
index c1fec114..4d5c774b 100644
--- a/install/ubuntu/17.04/templates/web/nginx/http2.tpl
+++ b/install/ubuntu/17.04/templates/web/nginx/http2.tpl
@@ -1,14 +1,14 @@
 server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
-    error_log  /var/log/httpd/domains/%domain%.error.log error;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
 
     location / {
         proxy_pass      http://%ip%:%web_port%;
         location ~* ^.+\.(%proxy_extentions%)$ {
             root           %docroot%;
-            access_log     /var/log/httpd/domains/%domain%.log combined;
-            access_log     /var/log/httpd/domains/%domain%.bytes bytes;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
             expires        max;
             try_files      $uri @fallback;
         }
diff --git a/install/ubuntu/17.10/templates/web/nginx/http2.stpl b/install/ubuntu/17.10/templates/web/nginx/http2.stpl
index 76dd2f8e..72e72a90 100644
--- a/install/ubuntu/17.10/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/17.10/templates/web/nginx/http2.stpl
@@ -4,14 +4,14 @@ server {
     ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
-    error_log  /var/log/httpd/domains/%domain%.error.log error;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
 
     location / {
         proxy_pass      https://%ip%:%web_ssl_port%;
         location ~* ^.+\.(%proxy_extentions%)$ {
             root           %sdocroot%;
-            access_log     /var/log/httpd/domains/%domain%.log combined;
-            access_log     /var/log/httpd/domains/%domain%.bytes bytes;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
             expires        max;
             try_files      $uri @fallback;
         }
diff --git a/install/ubuntu/17.10/templates/web/nginx/http2.tpl b/install/ubuntu/17.10/templates/web/nginx/http2.tpl
index c1fec114..4d5c774b 100644
--- a/install/ubuntu/17.10/templates/web/nginx/http2.tpl
+++ b/install/ubuntu/17.10/templates/web/nginx/http2.tpl
@@ -1,14 +1,14 @@
 server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
-    error_log  /var/log/httpd/domains/%domain%.error.log error;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
 
     location / {
         proxy_pass      http://%ip%:%web_port%;
         location ~* ^.+\.(%proxy_extentions%)$ {
             root           %docroot%;
-            access_log     /var/log/httpd/domains/%domain%.log combined;
-            access_log     /var/log/httpd/domains/%domain%.bytes bytes;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
             expires        max;
             try_files      $uri @fallback;
         }
diff --git a/install/ubuntu/18.04/templates/web/nginx/caching.stpl b/install/ubuntu/18.04/templates/web/nginx/caching.stpl
index 5e0e4064..e149b98b 100755
--- a/install/ubuntu/18.04/templates/web/nginx/caching.stpl
+++ b/install/ubuntu/18.04/templates/web/nginx/caching.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;
diff --git a/install/ubuntu/18.04/templates/web/nginx/default.stpl b/install/ubuntu/18.04/templates/web/nginx/default.stpl
index fa538060..0e669b3d 100755
--- a/install/ubuntu/18.04/templates/web/nginx/default.stpl
+++ b/install/ubuntu/18.04/templates/web/nginx/default.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;
diff --git a/install/ubuntu/18.04/templates/web/nginx/hosting.stpl b/install/ubuntu/18.04/templates/web/nginx/hosting.stpl
index d778d633..1ef8994b 100755
--- a/install/ubuntu/18.04/templates/web/nginx/hosting.stpl
+++ b/install/ubuntu/18.04/templates/web/nginx/hosting.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;
diff --git a/install/ubuntu/18.04/templates/web/nginx/http2.stpl b/install/ubuntu/18.04/templates/web/nginx/http2.stpl
index 76dd2f8e..f225becd 100644
--- a/install/ubuntu/18.04/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/18.04/templates/web/nginx/http2.stpl
@@ -1,17 +1,16 @@
 server {
-    listen      %ip%:%proxy_ssl_port% http2;
+    listen      %ip%:%proxy_ssl_port% ssl http2;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
-    error_log  /var/log/httpd/domains/%domain%.error.log error;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
 
     location / {
         proxy_pass      https://%ip%:%web_ssl_port%;
         location ~* ^.+\.(%proxy_extentions%)$ {
             root           %sdocroot%;
-            access_log     /var/log/httpd/domains/%domain%.log combined;
-            access_log     /var/log/httpd/domains/%domain%.bytes bytes;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
             expires        max;
             try_files      $uri @fallback;
         }
diff --git a/install/ubuntu/18.04/templates/web/nginx/http2.tpl b/install/ubuntu/18.04/templates/web/nginx/http2.tpl
index c1fec114..4d5c774b 100644
--- a/install/ubuntu/18.04/templates/web/nginx/http2.tpl
+++ b/install/ubuntu/18.04/templates/web/nginx/http2.tpl
@@ -1,14 +1,14 @@
 server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
-    error_log  /var/log/httpd/domains/%domain%.error.log error;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
 
     location / {
         proxy_pass      http://%ip%:%web_port%;
         location ~* ^.+\.(%proxy_extentions%)$ {
             root           %docroot%;
-            access_log     /var/log/httpd/domains/%domain%.log combined;
-            access_log     /var/log/httpd/domains/%domain%.bytes bytes;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
             expires        max;
             try_files      $uri @fallback;
         }
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/cms_made_simple.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/cms_made_simple.stpl
index d85bcce3..003e9180 100644
--- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/cms_made_simple.stpl
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/cms_made_simple.stpl
@@ -1,5 +1,5 @@
 server {
-    listen      %ip%:%web_ssl_port%;
+    listen      %ip%:%web_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
     root        %sdocroot%;
     index       index.php index.html index.htm;
@@ -7,7 +7,6 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter2.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter2.stpl
index 9c24c3ea..51f1f408 100644
--- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter2.stpl
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter2.stpl
@@ -1,5 +1,5 @@
 server {
-    listen      %ip%:%web_ssl_port%;
+    listen      %ip%:%web_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
     root        %sdocroot%;
     index       index.php index.html index.htm;
@@ -7,7 +7,6 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter3.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter3.stpl
index d7186314..e8dd8bf6 100644
--- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter3.stpl
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter3.stpl
@@ -1,5 +1,5 @@
 server {
-    listen      %ip%:%web_ssl_port%;
+    listen      %ip%:%web_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
     root        %sdocroot%;
     index       index.php index.html index.htm;
@@ -7,7 +7,6 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/datalife_engine.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/datalife_engine.stpl
index 4f0b9ec7..96495ee8 100644
--- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/datalife_engine.stpl
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/datalife_engine.stpl
@@ -1,5 +1,5 @@
 server {
-    listen      %ip%:%web_ssl_port%;
+    listen      %ip%:%web_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
     root        %sdocroot%;
     index       index.php index.html index.htm;
@@ -7,7 +7,6 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/default.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/default.stpl
index 5cb55311..38de83d2 100644
--- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/default.stpl
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/default.stpl
@@ -1,5 +1,5 @@
 server {
-    listen      %ip%:%web_ssl_port%;
+    listen      %ip%:%web_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
     root        %sdocroot%;
     index       index.php index.html index.htm;
@@ -7,7 +7,6 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/dokuwiki.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/dokuwiki.stpl
index f85032ba..c9387bfb 100644
--- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/dokuwiki.stpl
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/dokuwiki.stpl
@@ -1,5 +1,5 @@
 server {
-    listen      %ip%:%web_ssl_port%;
+    listen      %ip%:%web_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
     root        %sdocroot%;
     index       index.php index.html index.htm;
@@ -7,7 +7,6 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.stpl
index 0af7ce84..93f8c55a 100644
--- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.stpl
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.stpl
@@ -1,5 +1,5 @@
 server {
-    listen      %ip%:%web_ssl_port%;
+    listen      %ip%:%web_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
     root        %sdocroot%;
     index       index.php index.html index.htm;
@@ -7,7 +7,6 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.stpl
index 030ea952..917c0c80 100644
--- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.stpl
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.stpl
@@ -1,5 +1,5 @@
 server {
-    listen      %ip%:%web_ssl_port%;
+    listen      %ip%:%web_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
     root        %sdocroot%;
     index       index.php index.html index.htm;
@@ -7,7 +7,6 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.stpl
index 030ea952..917c0c80 100644
--- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.stpl
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.stpl
@@ -1,5 +1,5 @@
 server {
-    listen      %ip%:%web_ssl_port%;
+    listen      %ip%:%web_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
     root        %sdocroot%;
     index       index.php index.html index.htm;
@@ -7,7 +7,6 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/joomla.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/joomla.stpl
index 704405f3..886b586e 100644
--- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/joomla.stpl
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/joomla.stpl
@@ -1,5 +1,5 @@
 server {
-    listen      %ip%:%web_ssl_port%;
+    listen      %ip%:%web_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
     root        %sdocroot%;
     index       index.php index.html index.htm;
@@ -7,7 +7,6 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/laravel.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/laravel.stpl
index 477f6f01..8e6e8774 100644
--- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/laravel.stpl
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/laravel.stpl
@@ -1,5 +1,5 @@
 server {
-    listen      %ip%:%web_ssl_port%;
+    listen      %ip%:%web_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
     root        %sdocroot%/public;
     index       index.php index.html index.htm;
@@ -8,7 +8,6 @@ server {
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
 
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/magento.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/magento.stpl
index fdab43aa..5d05ea72 100644
--- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/magento.stpl
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/magento.stpl
@@ -1,5 +1,5 @@
 server {
-    listen      %ip%:%web_ssl_port%;
+    listen      %ip%:%web_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
 
     root        %sdocroot%/pub;
@@ -9,7 +9,6 @@ server {
     error_page  404 403 = /errors/404.php;
     add_header  "X-UA-Compatible" "IE=Edge";
 
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/modx.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/modx.stpl
index f410ab77..23ce8eb8 100644
--- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/modx.stpl
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/modx.stpl
@@ -1,5 +1,5 @@
 server {
-    listen      %ip%:%web_ssl_port%;
+    listen      %ip%:%web_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
     root        %sdocroot%;
     index       index.php index.html index.htm;
@@ -7,7 +7,6 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 #   if you need to rewrite www to non-www uncomment bellow
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/moodle.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/moodle.stpl
index f15a68c5..10629c65 100644
--- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/moodle.stpl
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/moodle.stpl
@@ -1,5 +1,5 @@
 server {
-    listen      %ip%:%web_ssl_port%;
+    listen      %ip%:%web_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
     root        %sdocroot%;
     index       index.php index.html index.htm;
@@ -7,7 +7,6 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/no-php.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/no-php.stpl
index bc8b53a3..7b3aff96 100644
--- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/no-php.stpl
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/no-php.stpl
@@ -1,5 +1,5 @@
 server {
-    listen      %ip%:%web_ssl_port%;
+    listen      %ip%:%web_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
     root        %sdocroot%;
     index       index.php index.html index.htm;
@@ -7,7 +7,6 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/odoo.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/odoo.stpl
index d6697d7a..223eb97a 100644
--- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/odoo.stpl
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/odoo.stpl
@@ -1,5 +1,5 @@
 server {
-    listen      %ip%:%web_ssl_port%;
+    listen      %ip%:%web_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
     root        %sdocroot%;
     index       index.php index.html index.htm;
@@ -7,7 +7,6 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/opencart.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/opencart.stpl
index 908b9aeb..5b6e55e8 100644
--- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/opencart.stpl
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/opencart.stpl
@@ -1,5 +1,5 @@
 server {
-    listen      %ip%:%web_ssl_port%;
+    listen      %ip%:%web_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
     root        %sdocroot%;
     index       index.php index.html index.htm;
@@ -7,7 +7,6 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/owncloud.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/owncloud.stpl
index 891566b9..b43fdc75 100644
--- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/owncloud.stpl
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/owncloud.stpl
@@ -1,5 +1,5 @@
 server {
-    listen      %ip%:%web_ssl_port%;
+    listen      %ip%:%web_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
     root        %sdocroot%;
     index       index.php index.html index.htm;
@@ -7,7 +7,6 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/piwik.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/piwik.stpl
index 78c1bb78..0a4a412f 100644
--- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/piwik.stpl
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/piwik.stpl
@@ -1,5 +1,5 @@
 server {
-    listen      %ip%:%web_ssl_port%;
+    listen      %ip%:%web_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
     root        %sdocroot%;
     index       index.php index.html index.htm;
@@ -7,7 +7,6 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/pyrocms.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/pyrocms.stpl
index 5ffc9ed5..c9f91854 100644
--- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/pyrocms.stpl
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/pyrocms.stpl
@@ -1,5 +1,5 @@
 server {
-    listen      %ip%:%web_ssl_port%;
+    listen      %ip%:%web_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
     root        %sdocroot%/public;
     index       index.php index.html index.htm;
@@ -7,7 +7,6 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress.stpl
index 5cb55311..38de83d2 100644
--- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress.stpl
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress.stpl
@@ -1,5 +1,5 @@
 server {
-    listen      %ip%:%web_ssl_port%;
+    listen      %ip%:%web_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
     root        %sdocroot%;
     index       index.php index.html index.htm;
@@ -7,7 +7,6 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2.stpl
index e0aeb524..39cce361 100644
--- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2.stpl
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2.stpl
@@ -1,5 +1,5 @@
 server {
-    listen      %ip%:%web_ssl_port%;
+    listen      %ip%:%web_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
     root        %sdocroot%;
     index       index.php index.html index.htm;
@@ -7,7 +7,6 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl
index 0d933b30..264ca01a 100644
--- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl
@@ -1,5 +1,5 @@
 server {
-    listen      %ip%:%web_ssl_port%;
+    listen      %ip%:%web_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
     root        %docroot%;
     index       index.php index.html index.htm;
@@ -7,7 +7,6 @@ server {
     access_log  /var/log/nginx/domains/%domain%.bytes bytes;
     error_log   /var/log/nginx/domains/%domain%.error.log error;
 
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
 

From ff8ef7955ad1870f04b1bd02e128d7b44e1f3d33 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 7 Sep 2018 14:32:10 +0200
Subject: [PATCH 0191/2300] Adding DNS template listbox to user template
 edit_dns

---
 web/templates/user/edit_dns.html | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/web/templates/user/edit_dns.html b/web/templates/user/edit_dns.html
index b8c11723..60557694 100644
--- a/web/templates/user/edit_dns.html
+++ b/web/templates/user/edit_dns.html
@@ -61,6 +61,27 @@
                                     
                                 
                             

+                                    " . strtoupper($_SESSION['DNS_SYSTEM']) . "";?>
+                                

+                                    
+                                
                             
                                 
                                     ">

From 55a593c475ab06e6a7e95c2caf80d7c6c81670fa Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 7 Sep 2018 14:36:48 +0200
Subject: [PATCH 0192/2300] Fix for user dns_edit template

---
 web/templates/user/edit_dns.html | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/web/templates/user/edit_dns.html b/web/templates/user/edit_dns.html
index 60557694..78ef084a 100644
--- a/web/templates/user/edit_dns.html
+++ b/web/templates/user/edit_dns.html
@@ -61,6 +61,11 @@
                                     
                                 
                             

+                                    ">
+                                
                             
                                 
                                     " . strtoupper($_SESSION['DNS_SYSTEM']) . "";?>
@@ -82,11 +87,6 @@
                                     
                                 
                             

-                                    ">
-                                
                             
                                 
                                     ()

From e7daba868b7c40e813b7a1eeae805d35d3880fad Mon Sep 17 00:00:00 2001
From: Seia Soto 
Date: Sat, 8 Sep 2018 23:23:03 +0900
Subject: [PATCH 0193/2300] Update translations

---
 web/inc/i18n/ko.php | 46 ++++++++++++++++++++++-----------------------
 1 file changed, 23 insertions(+), 23 deletions(-)

diff --git a/web/inc/i18n/ko.php b/web/inc/i18n/ko.php
index a81db461..a032f265 100644
--- a/web/inc/i18n/ko.php
+++ b/web/inc/i18n/ko.php
@@ -26,11 +26,11 @@ $LANG['ko'] = array(
     'BACKUP'  => '백업',
 
     'LOGIN'  => '로그인',
-    'RESET PASSWORD'  => '비밀번호 초기화',
+    'RESET PASSWORD'  => '비밀번호 재설정',
     'SEARCH'  => '검색',
     'PACKAGE'  => '패키지',
     'RRD'  => 'RRD',
-    'STATS'  => 'STATS',
+    'STATS'  => '상태정보',
     'LOG'  => '기록',
     'UPDATES'  => '업데이트',
     'FIREWALL'  => '방화벽',
@@ -139,7 +139,7 @@ $LANG['ko'] = array(
     'Editing Firewall Rule' => '방화벽 규칙 편집',
     'Adding IP Address to Banlist' => 'IP 주소를 차단 목록에 추가',
 
-    'active'  => '활성',
+    'active'  => '활성화됨',
     'spnd'  => '정지됨',
     'suspended'  => '정지됨',
     'running'  => '작동중',
@@ -192,10 +192,10 @@ $LANG['ko'] = array(
     'backup exclusions' => '백업 예외',
     'template'  => '템플릿',
     'SSL Support'  => 'SSL 지원',
-    'SSL Home Directory'  => 'SSL 홈',
+    'SSL Home Directory'  => 'SSL 홈 디렉토리',
     'Lets Encrypt Support'  => 'Lets Encrypt 지원',
     'Lets Encrypt'  => 'Lets Encrypt',
-    'Your certificate will be automatically issued in 5 minutes' => '인증서는 5분 안에 자동으로 발급됩니다',
+    'Your certificate will be automatically issued in 5 minutes' => '인증서는 5분 안에 자동으로 발급될 것입니다',
     'Proxy Support'  => '프록시 지원',
     'Proxy Extensions'  => '프록시 확장',
     'Web Statistics'  => '웹 통계',
@@ -249,8 +249,8 @@ $LANG['ko'] = array(
     'APACHE2 Usage'  => 'APACHE2 사용',
     'HTTPD Usage'  => 'HTTPD 사용',
     'NGINX Usage'  => 'NGINX 사용',
-    'MySQL Usage on localhost'  => 'localhost에서의 MySQL 사용',
-    'PostgreSQL Usage on localhost'  => 'localhost에서의 PostgreSQL 사용',
+    'MySQL Usage on localhost'  => 'localhost에서 MySQL 사용',
+    'PostgreSQL Usage on localhost'  => 'localhost에서 PostgreSQL 사용',
     'Bandwidth Usage eth0'  => 'eth0 대역폭 사용',
     'Bandwidth Usage eth1'  => 'eth1 대역폭 사용',
     'Exim Usage'  => 'Exim 사용',
@@ -267,7 +267,7 @@ $LANG['ko'] = array(
     'ftp server'  => 'FTP 서버',
     'job scheduler'  => '스케줄러 ',
     'firewall'  => '방화벽',
-    'brute-force monitor'  => '무차별 공격 모니터',
+    'brute-force monitor'  => '무차별 대입 공격 모니터',
     'CPU'  => 'CPU',
     'Memory'  => '메모리',
     'Uptime'  => '가동 시간',
@@ -285,7 +285,7 @@ $LANG['ko'] = array(
     'Language'  => '언어',
     'First Name'  => '이름',
     'Last Name'  => '성',
-    'Send login credentials to email address'  => '이메일 주소로 로그인 정보를 보내기',
+    'Send login credentials to email address'  => '이메일 주소로 로그인 정보 전송',
     'Default Template'  => '기본 템플릿',
     'Default Name Servers'  => '기본 네임 서버',
     'Domain'  => '도메인',
@@ -322,7 +322,7 @@ $LANG['ko'] = array(
     'Minute'  => '분',
     'Command'  => '명령어',
     'Package Name'  => '패키지 이름',
-    'Netmask'  => '넷마크',
+    'Netmask'  => '넷마스크',
     'Interface'  => '인터페이스',
     'Shared'  => '공유된',
     'Assigned user'  => '부여 된 사용자',
@@ -356,7 +356,7 @@ $LANG['ko'] = array(
     'IP address'  => 'IP 주소',
     'netmask'  => '넷마스크',
     'interface'  => '인터페이스',
-    'assigned user'  => '부여 된 사용자',
+    'assigned user'  => '부여된 사용자',
     'ns1'  => 'NS1',
     'ns2'  => 'NS2',
     'user'  => '사용자',
@@ -386,7 +386,7 @@ $LANG['ko'] = array(
     'Port' => '포트',
     'Comment' => '댓글',
     'Banlist' => '차단 목록',
-    'ranges are acceptable' => '허용 가능한 범위',
+    'ranges are acceptable' => '허용할 수 있는 범위',
     'CIDR format is supported' => 'CIDR 형식이 지원됩니다',
     'ACCEPT' => '허용',
     'DROP' => '드롭',
@@ -474,18 +474,18 @@ $LANG['ko'] = array(
     'DELETE_DATABASE_CONFIRMATION' => '정말로 %s 데이터베이스를 삭제 하시겠습니까?',
     'SUSPEND_DATABASE_CONFIRMATION' => '정말로 %s 데이터베이스를 정지 시키시겠습니까?',
     'UNSUSPEND_DATABASE_CONFIRMATION' => '정말로 %s 데이터베이스의 정지를 해제 하시겠습니까?',
-    'DELETE_CRON_CONFIRMATION' => '정말로 Cron 작업을 삭제 하시려는게 맞습니까?',
-    'SUSPEND_CRON_CONFIRMATION' => '정말로 Cron 작업을 정지 시키시려는게 맞습니까?',
-    'UNSUSPEND_CRON_CONFIRMATION' => '정말로 Cron 작업의 정지를 해제 하시려는게 맞습니까?',
-    'DELETE_BACKUP_CONFIRMATION'  => '%s 백업을 삭제 하시려는게 맞습니까?',
-    'DELETE_EXCLUSION_CONFIRMATION' => '%s 예외를 삭제 하시려는게 맞습니까?',
+    'DELETE_CRON_CONFIRMATION' => '정말로 Cron 작업을 삭제 하시겠습니까?',
+    'SUSPEND_CRON_CONFIRMATION' => '정말로 Cron 작업을 정지 시키겠습니까?',
+    'UNSUSPEND_CRON_CONFIRMATION' => '정말로 Cron 작업의 정지를 해제 하시겠습니까?',
+    'DELETE_BACKUP_CONFIRMATION'  => '%s 백업을 삭제 하시겠습니까?',
+    'DELETE_EXCLUSION_CONFIRMATION' => '%s 예외를 삭제 하시겠습니까?',
     'DELETE_PACKAGE_CONFIRMATION'  => '정말로 %s 패키지를 삭제 하시겠습니까?',
     'DELETE_IP_CONFIRMATION'  => '정말로 %s IP 주소를 삭제 하시겠습니까?',
-    'DELETE_RULE_CONFIRMATION' => '정말로 #%s 규칙을 삭제하시려는게 맞습니까?',
-    'SUSPEND_RULE_CONFIRMATION' => '정말로 #%s 규칙을 정지 시키시려는게 맞습니까?',
-    'UNSUSPEND_RULE_CONFIRMATION' => '정말로 #%s 규칙의 정지를 해제 시키시려는게 맞습니까?',
+    'DELETE_RULE_CONFIRMATION' => '정말로 #%s 규칙을 삭제 하시겠습니까?',
+    'SUSPEND_RULE_CONFIRMATION' => '정말로 #%s 규칙을 정지 하시겠습니까?',
+    'UNSUSPEND_RULE_CONFIRMATION' => '정말로 #%s 규칙의 정지를 해제 하시겠습니까?',
     'LEAVE_PAGE_CONFIRMATION' => '페이지를 나가시겠습니까?',
-    'RESTART_CONFIRMATION' => '%s을/를 재시작 하시려는게 맞습니까?',
+    'RESTART_CONFIRMATION' => '%s을(를) 재시작 하시려는게 맞습니까?',
     'Welcome'  => '환영합니다',
     'LOGGED_IN_AS'  => '%s 사용자로 로그인 됨',
     'Error'  => 'Error',
@@ -735,7 +735,7 @@ $LANG['ko'] = array(
     'webalizer' => 'Webalizer',
     'awstats' => 'Awstats',
 
-    'Vesta SSL' => 'Vesta SSL',
+    'Vesta SSL' => 'Vesta 인증서',
     'SUBJECT' => '주체',
     'ALIASES' => '별칭',
     'NOT_BEFORE' => '유효 기간(시작)',
@@ -754,5 +754,5 @@ $LANG['ko'] = array(
     'maximum characters length, including prefix' => '최대 길이는 접두사를 포함하여 %s자입니다.',
 
     'Email Credentials' => '이메일 자격증명',
-    
+
 );

From 7f20521c5b51a030336cd286938296eb12b7f984 Mon Sep 17 00:00:00 2001
From: Skull Writter <7103685+skullwritter@users.noreply.github.com>
Date: Sat, 8 Sep 2018 14:32:11 +0000
Subject: [PATCH 0194/2300] Enable utf8mb4 charset

issue: #1698
---
 web/templates/admin/add_db.html | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/web/templates/admin/add_db.html b/web/templates/admin/add_db.html
index fb369af0..74903241 100644
--- a/web/templates/admin/add_db.html
+++ b/web/templates/admin/add_db.html
@@ -148,6 +148,8 @@
                                         
                                         
                                         
+                                        
+
                                         
                                         
                                         

From 5bd270591cf086dde275edb0a8ea7142eef00b54 Mon Sep 17 00:00:00 2001
From: Maksim Usmanov | Maks 
Date: Sun, 9 Sep 2018 13:51:00 +0200
Subject: [PATCH 0195/2300] Fix function check_result

Check_error not defined
---
 install/vst-install-ubuntu.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/vst-install-ubuntu.sh b/install/vst-install-ubuntu.sh
index bb74295b..c0655bb2 100755
--- a/install/vst-install-ubuntu.sh
+++ b/install/vst-install-ubuntu.sh
@@ -236,7 +236,7 @@ fi
 
 # Checking root permissions
 if [ "x$(id -u)" != 'x0' ]; then
-    check_error 1 "Script can be run executed only by root"
+    check_result 1 "Script can be run executed only by root"
 fi
 
 # Checking admin user account

From 5420b2c95d581fe8135e37a6eba303e3b3e1885e Mon Sep 17 00:00:00 2001
From: myrevery 
Date: Mon, 10 Sep 2018 01:59:17 +0800
Subject: [PATCH 0196/2300] Update cn.php

Add new keyword and refine some details.
---
 web/inc/i18n/cn.php | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/web/inc/i18n/cn.php b/web/inc/i18n/cn.php
index d47587db..62147871 100644
--- a/web/inc/i18n/cn.php
+++ b/web/inc/i18n/cn.php
@@ -175,6 +175,7 @@ $LANG['cn'] = array(
     'User Directories' => '用户目录',
     'Template' => '模板',
     'Web Template' => 'Web模板',
+    'Backend Support' => '后端支持', //New Keyword for PHP-FPM in WEB page.
     'Backend Template' => '后端模板',
     'Proxy Template' => '代理模板',
     'DNS Template' => 'DNS模板',
@@ -265,6 +266,7 @@ $LANG['cn'] = array(
     'SSH Usage'  => 'SSH 用量',
     'reverse proxy'  => '反向代理',
     'web server'  => 'Web服务',
+    'backend server' => '后端服务', //New Keyword for PHP-FPM in SERVER page.
     'dns server'  => 'DNS服务',
     'mail server'  => '邮箱服务',
     'pop/imap server'  => 'POP/IMAP服务',
@@ -383,9 +385,9 @@ $LANG['cn'] = array(
     'ErrorLog' => '错误日志',
     'Download AccessLog' => '下载访问日志',
     'Download ErrorLog' => '下载错误日志',
-    'Country' => '国家',
-    '2 letter code' => '2位国家简码 如: 中国CN / 美国US',
-    'State / Province' => '州 / 省',
+    'Country' => '国家地区',
+    '2 letter code' => '采用 ISO 3166-1 二位代码 如: 中国CN / 美国US',
+    'State / Province' => '州 / 省级',
     'City / Locality' => '市 / 地区',
     'Organization' => '组织名称',
     'Action' => '操作',
@@ -719,10 +721,10 @@ $LANG['cn'] = array(
     'Run Command' => '运行指令于',
     'every month' => '每个月',
     'every odd month' => '每个奇数月',
-    'every even month' => '每隔 2 月',
+    'every even month' => '每个偶数月',
     'every day' => '每日',
     'every odd day' => '每个奇数日',
-    'every even day' => '每隔 2 日',
+    'every even day' => '每个偶数日',
     'weekdays (5 days)' => '工作日 (5天)',
     'weekend (2 days)' => '双休日 (2天)',
     'Monday' => '周一 ',
@@ -748,7 +750,7 @@ $LANG['cn'] = array(
     'NOT_BEFORE' => '有效期从',
     'NOT_AFTER' => '有效期至',
     'SIGNATURE' => '签名算法',
-    'PUB_KEY' => '密钥位数',
+    'PUB_KEY' => '公钥长度',
     'ISSUER' => '颁发者',
 
     'Use server hostname' => '采用服务器主机名',

From b4bb0bb5e8ab999d3678d0d64b30126106113f8c Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Mon, 10 Sep 2018 01:18:37 +0200
Subject: [PATCH 0197/2300] echo for backup wait

---
 bin/v-backup-user | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/bin/v-backup-user b/bin/v-backup-user
index 9f9e2c37..c0473b8d 100755
--- a/bin/v-backup-user
+++ b/bin/v-backup-user
@@ -44,6 +44,8 @@ if pgrep -x "v-backup-users" > /dev/null
 then
 hour=$(date +"%H");
     while [ "$hour" -gt "6" ]; do
+        current_date_time="`date "+%Y-%m-%d %H:%M:%S"`";
+        echo "$current_date_time - wait for backup user $user";
         sleep 300
     done
 fi

From 67a081f7fc18b39797302b08fdeea3616a3d215b Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Mon, 10 Sep 2018 02:18:43 +0200
Subject: [PATCH 0198/2300] fix for backup wait

---
 bin/v-backup-user | 1 +
 1 file changed, 1 insertion(+)

diff --git a/bin/v-backup-user b/bin/v-backup-user
index c0473b8d..cd1741e6 100755
--- a/bin/v-backup-user
+++ b/bin/v-backup-user
@@ -47,6 +47,7 @@ hour=$(date +"%H");
         current_date_time="`date "+%Y-%m-%d %H:%M:%S"`";
         echo "$current_date_time - wait for backup user $user";
         sleep 300
+        hour=$(date +"%H");
     done
 fi
 

From ce4292da1dd6a53bed45d473f801ab05442865e4 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Mon, 10 Sep 2018 02:47:32 +0200
Subject: [PATCH 0199/2300] Additional echo for waiting hour in backup

---
 bin/v-backup-user | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-backup-user b/bin/v-backup-user
index cd1741e6..cee6c093 100755
--- a/bin/v-backup-user
+++ b/bin/v-backup-user
@@ -45,7 +45,7 @@ then
 hour=$(date +"%H");
     while [ "$hour" -gt "6" ]; do
         current_date_time="`date "+%Y-%m-%d %H:%M:%S"`";
-        echo "$current_date_time - wait for backup user $user";
+        echo "$current_date_time - wait for backup user $user - hour $hour";
         sleep 300
         hour=$(date +"%H");
     done

From 74334fae11778322355b97814f589720e18c964c Mon Sep 17 00:00:00 2001
From: Clark Chen <9372896+clarkchentw@users.noreply.github.com>
Date: Mon, 17 Sep 2018 21:57:06 -0500
Subject: [PATCH 0200/2300] Traditional Chinese - TW, update to match en.php

This update the file to match 100% as en.php, also corrected some term in the file
---
 web/inc/i18n/tw.php | 26 +++++++++++++-------------
 1 file changed, 13 insertions(+), 13 deletions(-)

diff --git a/web/inc/i18n/tw.php b/web/inc/i18n/tw.php
index d35cba4a..3572fbf1 100644
--- a/web/inc/i18n/tw.php
+++ b/web/inc/i18n/tw.php
@@ -4,10 +4,8 @@
  * This language file is translate by
  * Clark's Hosting Service (https://host.clark-chen.com)
  * Clark Chen (clark@clark-chen.com)
- *
- * Translation recheck by:
- * pan93412 
  */
+
 $LANG['tw'] = array(
     'Packages'  => '方案設定',
     'IP'  => 'IP 管理',
@@ -199,9 +197,9 @@ $LANG['tw'] = array(
     'SSL Home Directory'  => 'SSL 主目錄',
     'Lets Encrypt Support'  => 'Lets Encrypt 支援',
     'Lets Encrypt'  => 'Lets Encrypt',
-    'Your certificate will be automatically issued in 5 minutes' => '您的憑證會在五分鐘內完成簽署',
+    'Your certificate will be automatically issued in 5 minutes' => '您的憑證會在五分鐘內完成簽發',
     'Proxy Support'  => 'Proxy 支援',
-    'Proxy Extensions'  => 'Proxy 擴充',
+    'Proxy Extensions'  => 'Proxy 副檔名',
     'Web Statistics'  => '網站統計',
     'Additional FTP Account'  => '其他 FTP 帳號',
     'Path'  => '路徑',
@@ -219,7 +217,6 @@ $LANG['tw'] = array(
     'Autoreply'  => '自動回覆',
     'Forward to'  => '轉寄到',
     'Do not store forwarded mail' => '不保留已轉發的郵件',
-    'Email Credentials' => '信箱登入資訊',
     'IMAP hostname'  => 'IMAP 主機名稱',
     'IMAP port'  => 'IMAP 連接埠',
     'IMAP security'  => 'IMAP 安全性',
@@ -393,8 +390,8 @@ $LANG['tw'] = array(
     'Banlist' => '封鎖清單',
     'ranges are acceptable' => '可接受陣列',
     'CIDR format is supported' => '支援 CIDR 格式',
-    'ACCEPT' => 'ACCEPT',
-    'DROP' => 'DROP',
+    'ACCEPT' => '允許',
+    'DROP' => '封鎖',
     'TCP' => 'TCP',
     'UDP' => 'UDP',
     'ICMP' => 'ICMP',
@@ -403,11 +400,11 @@ $LANG['tw'] = array(
     'VESTA' => 'VESTA',
     'Add one more Name Server' => '新增至少一個域名伺服器',
 
-    'web domain' => 'web 網域',
-    'dns domain' => 'dns 網域',
-    'dns record' => 'dns 紀錄',
-    'mail domain' => 'mail 紀錄',
-    'mail account' => 'mail 帳號',
+    'web domain' => 'Web 網域',
+    'dns domain' => 'DNS 網域',
+    'dns record' => 'DNS 紀錄',
+    'mail domain' => 'Mail 紀錄',
+    'mail account' => 'Mail 帳號',
     'cron job' => '任務排程',
 
     'cron' => '任務排程',
@@ -757,4 +754,7 @@ $LANG['tw'] = array(
     'Do not use encryption' => '不要使用加密',
 
     'maximum characters length, including prefix' => '最多 %s 字元 (包含前綴)',
+
+    'Email Credentials' => '信箱登入資訊',
+    
 );

From a54771261d947fd20b1676ba0d15eb2ca2a0adc6 Mon Sep 17 00:00:00 2001
From: Clark Chen <9372896+clarkchentw@users.noreply.github.com>
Date: Mon, 17 Sep 2018 21:59:22 -0500
Subject: [PATCH 0201/2300] Traditional Chinese - TW, update to match en.php

This update the file to match 100% as en.php, also corrected some term in the file
---
 web/inc/i18n/tw.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/web/inc/i18n/tw.php b/web/inc/i18n/tw.php
index 3572fbf1..0760d4a2 100644
--- a/web/inc/i18n/tw.php
+++ b/web/inc/i18n/tw.php
@@ -81,8 +81,8 @@ $LANG['tw'] = array(
     'rebuild db'  => '重建資料庫',
     'rebuild cron'  => '重建任務排程',
     'update counters' => '更新計數器',
-    'suspend'  => '暫停',
-    'unsuspend'  => '解除暫停',
+    'suspend'  => '停用',
+    'unsuspend'  => '解除停用',
     'delete'  => '刪除',
     'show per user'  => '依選擇的使用者',
     'login as'  => '登入帳號',

From c7f6bf4e284e7239c41de1fb13559d81b70cb79e Mon Sep 17 00:00:00 2001
From: Clark Chen <9372896+clarkchentw@users.noreply.github.com>
Date: Mon, 17 Sep 2018 22:02:04 -0500
Subject: [PATCH 0202/2300] Traditional Chinese - TW, update to match en.php

This update the file to match 100% as en.php, also corrected some term in the file
---
 web/inc/i18n/tw.php | 37 ++++++++++++++++++-------------------
 1 file changed, 18 insertions(+), 19 deletions(-)

diff --git a/web/inc/i18n/tw.php b/web/inc/i18n/tw.php
index 0760d4a2..1a5974c9 100644
--- a/web/inc/i18n/tw.php
+++ b/web/inc/i18n/tw.php
@@ -5,8 +5,8 @@
  * Clark's Hosting Service (https://host.clark-chen.com)
  * Clark Chen (clark@clark-chen.com)
  */
-
 $LANG['tw'] = array(
+
     'Packages'  => '方案設定',
     'IP'  => 'IP 管理',
     'Graphs'  => '資源使用圖表',
@@ -142,8 +142,8 @@ $LANG['tw'] = array(
     'Adding IP Address to Banlist' => '新增IP至黑名單',
 
     'active'  => '正常',
-    'spnd'  => '暫停',
-    'suspended'  => '已暫停',
+    'spnd'  => '停用',
+    'suspended'  => '已停用',
     'running'  => '執行中',
     'stopped'  => '已停止',
     'outdated'  => '有可升級的新版本',
@@ -462,30 +462,30 @@ $LANG['tw'] = array(
     'Changes has been saved.'  => '已儲存變更',
     'Confirmation'  => '確認',
     'DELETE_USER_CONFIRMATION' => '確定要刪除使用者 %s 嗎？',
-    'SUSPEND_USER_CONFIRMATION' => '確定要暫停使用者 %s 嗎？',
-    'UNSUSPEND_USER_CONFIRMATION' => '確定要解除暫停使用者 %s 嗎？',
+    'SUSPEND_USER_CONFIRMATION' => '確定要停用使用者 %s 嗎？',
+    'UNSUSPEND_USER_CONFIRMATION' => '確定要解除停用使用者 %s 嗎？',
     'DELETE_DOMAIN_CONFIRMATION' => '確定要刪除網域 %s 嗎？',
-    'SUSPEND_DOMAIN_CONFIRMATION' => '確定要暫停網域 %s 嗎？',
-    'UNSUSPEND_DOMAIN_CONFIRMATION' => '確定要解除暫停網域 %s 嗎？',
+    'SUSPEND_DOMAIN_CONFIRMATION' => '確定要停用網域 %s 嗎？',
+    'UNSUSPEND_DOMAIN_CONFIRMATION' => '確定要解除停用網域 %s 嗎？',
     'DELETE_RECORD_CONFIRMATION' => '確定要刪除記錄 %s 嗎？',
-    'SUSPEND_RECORD_CONFIRMATION' => '確定要暫停記錄 %s 嗎？',
-    'UNSUSPEND_RECORD_CONFIRMATION' => '確定要解除暫停紀錄 %s 嗎？',
+    'SUSPEND_RECORD_CONFIRMATION' => '確定要停用記錄 %s 嗎？',
+    'UNSUSPEND_RECORD_CONFIRMATION' => '確定要解除停用紀錄 %s 嗎？',
     'DELETE_MAIL_ACCOUNT_CONFIRMATION' => '確定要刪除 %s 嗎？',
-    'SUSPEND_MAIL_ACCOUNT_CONFIRMATION' => '確定要暫停 %s 嗎？',
-    'UNSUSPEND_MAIL_ACCOUNT_CONFIRMATION' => '確定要解除暫停 %s 嗎？',
+    'SUSPEND_MAIL_ACCOUNT_CONFIRMATION' => '確定要停用 %s 嗎？',
+    'UNSUSPEND_MAIL_ACCOUNT_CONFIRMATION' => '確定要解除停用 %s 嗎？',
     'DELETE_DATABASE_CONFIRMATION' => '確定要刪除資料庫 %s 嗎？',
-    'SUSPEND_DATABASE_CONFIRMATION' => '確定要暫停資料庫 %s 嗎？',
-    'UNSUSPEND_DATABASE_CONFIRMATION' => '確定要解除暫停資料庫 %s 嗎？',
+    'SUSPEND_DATABASE_CONFIRMATION' => '確定要停用資料庫 %s 嗎？',
+    'UNSUSPEND_DATABASE_CONFIRMATION' => '確定要解除停用資料庫 %s 嗎？',
     'DELETE_CRON_CONFIRMATION' => '確定要刪除 任務排程嗎？',
-    'SUSPEND_CRON_CONFIRMATION' => '確定要暫停 任務排程嗎？',
-    'UNSUSPEND_CRON_CONFIRMATION' => '確定要解除暫停 任務排程嗎？',
+    'SUSPEND_CRON_CONFIRMATION' => '確定要停用 任務排程嗎？',
+    'UNSUSPEND_CRON_CONFIRMATION' => '確定要解除停用 任務排程嗎？',
     'DELETE_BACKUP_CONFIRMATION'  => '確定要刪除 %s 備份嗎？',
     'DELETE_EXCLUSION_CONFIRMATION' => '確定要刪除 %s 例外嗎？',
     'DELETE_PACKAGE_CONFIRMATION'  => '確定要刪除方案 %s 嗎？',
     'DELETE_IP_CONFIRMATION'  => '確定要刪除 IP 地址 %s 嗎？',
-    'DELETE_RULE_CONFIRMATION' => '確定要刪除規則 #%s 嗎？',
-    'SUSPEND_RULE_CONFIRMATION' => '確定要暫停規則  #%s 嗎？',
-    'UNSUSPEND_RULE_CONFIRMATION' => '確定要解除暫停規則 #%s 嗎？',
+    'DELETE_RULE_CONFIRMATION' => '確定要刪除防火牆規則 #%s 嗎？',
+    'SUSPEND_RULE_CONFIRMATION' => '確定要停用防火牆規則  #%s 嗎？',
+    'UNSUSPEND_RULE_CONFIRMATION' => '確定要解除停用防火牆規則 #%s 嗎？',
     'LEAVE_PAGE_CONFIRMATION' => '確定離開嗎？',
     'RESTART_CONFIRMATION' => '確定要重新啟動 %s 嗎？',
     'Welcome'  => '歡迎',
@@ -756,5 +756,4 @@ $LANG['tw'] = array(
     'maximum characters length, including prefix' => '最多 %s 字元 (包含前綴)',
 
     'Email Credentials' => '信箱登入資訊',
-    
 );

From 09c99eb97d8e6ddd528a31966c7a03dd511281fb Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 29 Sep 2018 01:28:15 +0200
Subject: [PATCH 0203/2300] improved secure login

---
 web/inc/secure_login.php | 23 +++++++++++++++--------
 1 file changed, 15 insertions(+), 8 deletions(-)

diff --git a/web/inc/secure_login.php b/web/inc/secure_login.php
index 9860912b..4b2944d7 100644
--- a/web/inc/secure_login.php
+++ b/web/inc/secure_login.php
@@ -1,12 +1,19 @@
 
Date: Sat, 29 Sep 2018 03:33:18 +0200
Subject: [PATCH 0204/2300] get-ar and set-ar to whitelist

---
 web/inc/secure_login.php | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/web/inc/secure_login.php b/web/inc/secure_login.php
index 4b2944d7..aa6423ab 100644
--- a/web/inc/secure_login.php
+++ b/web/inc/secure_login.php
@@ -2,6 +2,10 @@
 $login_url_skip=0;
 if ($_SERVER['SCRIPT_FILENAME']=='/usr/local/vesta/web/reset/mail/index.php') $login_url_skip=1;
 if ($_SERVER['SCRIPT_FILENAME']=='/usr/local/vesta/web//reset/mail/index.php') $login_url_skip=1;
+if ($_SERVER['SCRIPT_FILENAME']=='/usr/local/vesta/web/reset/mail/set-ar.php') $login_url_skip=1;
+if ($_SERVER['SCRIPT_FILENAME']=='/usr/local/vesta/web//reset/mail/set-ar.php') $login_url_skip=1;
+if ($_SERVER['SCRIPT_FILENAME']=='/usr/local/vesta/web/reset/mail/get-ar.php') $login_url_skip=1;
+if ($_SERVER['SCRIPT_FILENAME']=='/usr/local/vesta/web//reset/mail/get-ar.php') $login_url_skip=1;
 
 if ($login_url_skip==0) {
     if (!isset($login_url_loaded)) {

From b7b0570cc4b8d2101b3a167e54f44709792bb03a Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 29 Sep 2018 23:59:20 +0200
Subject: [PATCH 0205/2300] Allow php from /usr/local/vesta/bin/

---
 web/inc/secure_login.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/web/inc/secure_login.php b/web/inc/secure_login.php
index aa6423ab..c8a63355 100644
--- a/web/inc/secure_login.php
+++ b/web/inc/secure_login.php
@@ -6,6 +6,7 @@ if ($_SERVER['SCRIPT_FILENAME']=='/usr/local/vesta/web/reset/mail/set-ar.php') $
 if ($_SERVER['SCRIPT_FILENAME']=='/usr/local/vesta/web//reset/mail/set-ar.php') $login_url_skip=1;
 if ($_SERVER['SCRIPT_FILENAME']=='/usr/local/vesta/web/reset/mail/get-ar.php') $login_url_skip=1;
 if ($_SERVER['SCRIPT_FILENAME']=='/usr/local/vesta/web//reset/mail/get-ar.php') $login_url_skip=1;
+if (substr($_SERVER['SCRIPT_FILENAME'], 0, 21)=='/usr/local/vesta/bin/') $login_url_skip=1;
 
 if ($login_url_skip==0) {
     if (!isset($login_url_loaded)) {

From 41110bf27d3547be7785cb831073535338b5bd62 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 30 Sep 2018 00:10:41 +0200
Subject: [PATCH 0206/2300] Restart apache when enter wait-backup state

---
 bin/v-backup-user | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/bin/v-backup-user b/bin/v-backup-user
index cee6c093..f0d7b9b0 100755
--- a/bin/v-backup-user
+++ b/bin/v-backup-user
@@ -40,10 +40,15 @@ is_backup_enabled
 #----------------------------------------------------------#
 
 # block backup if current hour is after 6 AM
+WAIT_LOOP_ENTERED=0
 if pgrep -x "v-backup-users" > /dev/null
 then
 hour=$(date +"%H");
     while [ "$hour" -gt "6" ]; do
+        if [ "$WAIT_LOOP_ENTERED" -eq 0 ]; then
+             $BIN/v-restart-web-backend
+        fi
+        WAIT_LOOP_ENTERED=1
         current_date_time="`date "+%Y-%m-%d %H:%M:%S"`";
         echo "$current_date_time - wait for backup user $user - hour $hour";
         sleep 300

From b45c554d7786c385c301dcf9cba8dfa2969a6d20 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 3 Oct 2018 13:25:52 +0200
Subject: [PATCH 0207/2300] Temporary fix for redirect to webmail

---
 web/inc/secure_login.php | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/web/inc/secure_login.php b/web/inc/secure_login.php
index c8a63355..818f6270 100644
--- a/web/inc/secure_login.php
+++ b/web/inc/secure_login.php
@@ -1,4 +1,9 @@
 
Date: Mon, 8 Oct 2018 11:22:12 +0200
Subject: [PATCH 0208/2300] Fix for undefined variable in secure_login

---
 web/inc/secure_login.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/inc/secure_login.php b/web/inc/secure_login.php
index 818f6270..dd020d85 100644
--- a/web/inc/secure_login.php
+++ b/web/inc/secure_login.php
@@ -1,5 +1,5 @@
 
Date: Fri, 12 Oct 2018 16:24:43 +0200
Subject: [PATCH 0209/2300] Dont redirect to webmail if vesta is not behind
 nginx

---
 web/inc/secure_login.php | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/web/inc/secure_login.php b/web/inc/secure_login.php
index dd020d85..518cb6cf 100644
--- a/web/inc/secure_login.php
+++ b/web/inc/secure_login.php
@@ -1,7 +1,9 @@
 
Date: Fri, 12 Oct 2018 16:27:21 +0200
Subject: [PATCH 0210/2300] Removing old secure_login gateway include

---
 web/inc/main.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/inc/main.php b/web/inc/main.php
index 49d70fda..dfa482a1 100644
--- a/web/inc/main.php
+++ b/web/inc/main.php
@@ -1,5 +1,5 @@
 
Date: Fri, 12 Oct 2018 16:33:02 +0200
Subject: [PATCH 0211/2300] Reverting /web/index.php to default

---
 web/index.php | 17 ++++-------------
 1 file changed, 4 insertions(+), 13 deletions(-)

diff --git a/web/index.php b/web/index.php
index 1763870d..2f070747 100644
--- a/web/index.php
+++ b/web/index.php
@@ -1,16 +1,7 @@
 
Date: Fri, 12 Oct 2018 20:45:34 +0200
Subject: [PATCH 0212/2300] Bringing back default restart routine for nginx

---
 bin/v-restart-proxy | 70 ++++++++++++++++++++++++++-------------------
 1 file changed, 41 insertions(+), 29 deletions(-)

diff --git a/bin/v-restart-proxy b/bin/v-restart-proxy
index 00758cc0..3e8df916 100755
--- a/bin/v-restart-proxy
+++ b/bin/v-restart-proxy
@@ -49,38 +49,50 @@ if [ -z "$PROXY_SYSTEM" ] || [ "$PROXY_SYSTEM" = 'remote' ]; then
     exit
 fi
 
-# background restart
-if [ "$1" = 'background' ]; then
-    # Restart system
-    sleep 15
-    # rm /tmp/restart-nginx
-    service $PROXY_SYSTEM restart >/dev/null 2>&1
-    if [ $? -ne 0 ]; then
-        send_email_report
-        check_result $E_RESTART "$PROXY_SYSTEM restart failed"
-    fi
-    
-    # Update restart queue
-    if [ -e "$VESTA/data/queue/restart.pipe" ]; then
-        sed -i "/$SCRIPT/d" $VESTA/data/queue/restart.pipe
-    fi
+if [ -f "/usr/local/vesta/web/inc/nginx_proxy" ]; then
+
+  # if vesta is behind default nginx, restart in background with 15 sec delay
+  # background restart
+  if [ "$1" = 'background' ]; then
+      # Restart system
+      sleep 15
+      service $PROXY_SYSTEM restart >/dev/null 2>&1
+      if [ $? -ne 0 ]; then
+          send_email_report
+          check_result $E_RESTART "$PROXY_SYSTEM restart failed"
+      fi
+
+      # Update restart queue
+      if [ -e "$VESTA/data/queue/restart.pipe" ]; then
+          sed -i "/$SCRIPT/d" $VESTA/data/queue/restart.pipe
+      fi
+
+      exit;
+  fi
+
+  # try to reload to get changes faster
+  service $PROXY_SYSTEM reload
+  
+  # send to background process
+  nohup $BIN/v-restart-proxy 'background' &>/dev/null &
+
+else
+
+  # Default behaviour
+  # Restart system
+  service $PROXY_SYSTEM restart >/dev/null 2>&1
+  if [ $? -ne 0 ]; then
+      send_email_report
+      check_result $E_RESTART "$PROXY_SYSTEM restart failed"
+  fi
+
+  # Update restart queue
+  if [ -e "$VESTA/data/queue/restart.pipe" ]; then
+      sed -i "/$SCRIPT/d" $VESTA/data/queue/restart.pipe
+  fi
 
-    exit;
 fi
 
-# if [ -f "/tmp/restart-nginx" ]; then
-#     exit;
-# fi
-
-service $PROXY_SYSTEM reload
-# if [ $? -ne 0 ]; then
-#     send_email_report
-#     check_result $E_RESTART "$PROXY_SYSTEM reload failed"
-# fi
-
-# touch /tmp/restart-nginx
-nohup $BIN/v-restart-proxy 'background' &>/dev/null &
-
 #----------------------------------------------------------#
 #                       Vesta                              #
 #----------------------------------------------------------#

From 7b0597fc417bb83f0a378454ba1a7ad34d977621 Mon Sep 17 00:00:00 2001
From: marcos 
Date: Sun, 14 Oct 2018 15:28:48 +0200
Subject: [PATCH 0213/2300] traducciones

---
 web/inc/i18n/es.php | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/web/inc/i18n/es.php b/web/inc/i18n/es.php
index 1f2c36dd..8cf45ddf 100644
--- a/web/inc/i18n/es.php
+++ b/web/inc/i18n/es.php
@@ -193,11 +193,11 @@ $LANG['es'] = array(
     'Mail Accounts'  => 'Cuentas de Correo',
     'Cron Jobs'  => 'Tareas Programadas',
     'SSH Access'  => 'Acceso SSH',
-    'IP Address'  => 'IP Address',
-    'IP Addresses'  => 'Dirección IP',
+    'IP Address'  => 'Dirección IP',
+    'IP Addresses'  => 'Direcciones IP',
     'Backups'  => 'Respaldos',
     'Backup System'  => 'Sistema de Respaldo',
-    'backup exclusions' => 'respaldos excluídos',
+    'backup exclusions' => 'configurar exlusiones',
     'template'  => 'plantilla',
     'SSL Support'  => 'Soportar SSL',
     'SSL Home Directory'  => 'Directorio local del SSL',
@@ -248,8 +248,8 @@ $LANG['es'] = array(
     'SYS'  => 'SYS',
     'Domains'  => 'Dominios',
     'Status'  => 'Estado',
-    'shared'  => 'compartido',
-    'dedicated'  => 'dedicado',
+    'shared'  => 'compartida',
+    'dedicated'  => 'dedicada',
     'Owner' => 'Dueño',
     'Users'  => 'Usuarios',
     'Load Average'  => 'Promedio de carga',
@@ -332,7 +332,7 @@ $LANG['es'] = array(
     'Package Name'  => 'Nombre del Plan',
     'Netmask'  => 'Máscara de Red',
     'Interface'  => 'Interfaz',
-    'Shared'  => 'Compartido',
+    'Shared'  => 'Compartida',
     'Assigned user'  => 'Usuario asignado',
     'Assigned domain'  => 'Dominio asignado',
     'NAT IP association' => 'Asociación NAT IP',
@@ -762,4 +762,5 @@ $LANG['es'] = array(
     'maximum characters length, including prefix' => 'usar un máximo de %s caracteres, incluyendo prefijo',
 
     'Email Credentials' => 'Email Credentials',
+    
 );

From a12466f5cc5cbb61b2a75e84f617adca6c1b1904 Mon Sep 17 00:00:00 2001
From: marcos 
Date: Sun, 14 Oct 2018 15:31:38 +0200
Subject: [PATCH 0214/2300] suspend_message

---
 web/templates/admin/list_mail.html | 2 +-
 web/templates/user/list_mail.html  | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/web/templates/admin/list_mail.html b/web/templates/admin/list_mail.html
index 02536441..6bd27cca 100644
--- a/web/templates/admin/list_mail.html
+++ b/web/templates/admin/list_mail.html
@@ -74,7 +74,7 @@
           } else {
             $status = 'active';
             $spnd_action = 'suspend' ;
-            $spnd_confirmation = 'UNSUSPEND_DOMAIN_CONFIRMATION' ;
+            $spnd_confirmation = 'SUSPEND_DOMAIN_CONFIRMATION' ;
           }
           if (empty($data[$key]['CATCHALL'])) {
             $data[$key]['CATCHALL'] = '/dev/null';
diff --git a/web/templates/user/list_mail.html b/web/templates/user/list_mail.html
index 84d9a56c..40284380 100644
--- a/web/templates/user/list_mail.html
+++ b/web/templates/user/list_mail.html
@@ -72,7 +72,7 @@
           } else {
             $status = 'active';
             $spnd_action = 'suspend' ;
-            $spnd_confirmation = 'UNSUSPEND_DOMAIN_CONFIRMATION' ;
+            $spnd_confirmation = 'SUSPEND_DOMAIN_CONFIRMATION' ;
           }
           if (empty($data[$key]['CATCHALL'])) {
             $data[$key]['CATCHALL'] = '/dev/null';

From 1557f9bc8cbdb349a83bce96093b1717b36cf5cd Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Wed, 17 Oct 2018 17:27:03 +0300
Subject: [PATCH 0215/2300] Security: separate passwords for databases

---
 install/vst-install-amazon.sh | 14 ++++++++------
 install/vst-install-debian.sh | 12 +++++++-----
 install/vst-install-rhel.sh   | 14 ++++++++------
 install/vst-install-ubuntu.sh | 12 +++++++-----
 4 files changed, 30 insertions(+), 22 deletions(-)

diff --git a/install/vst-install-amazon.sh b/install/vst-install-amazon.sh
index 899d4cd8..e419d019 100644
--- a/install/vst-install-amazon.sh
+++ b/install/vst-install-amazon.sh
@@ -1008,8 +1008,9 @@ if [ "$mysql" = 'yes' ]; then
     fi
 
     # Securing MySQL installation
-    mysqladmin -u root password $vpass
-    echo -e "[client]\npassword='$vpass'\n" > /root/.my.cnf
+    mpass=$(gen_pass)
+    mysqladmin -u root password $mpass
+    echo -e "[client]\npassword='$mpass'\n" > /root/.my.cnf
     chmod 600 /root/.my.cnf
     mysql -e "DELETE FROM mysql.user WHERE User=''"
     mysql -e "DROP DATABASE test" >/dev/null 2>&1
@@ -1031,9 +1032,10 @@ fi
 #----------------------------------------------------------#
 
 if [ "$postgresql" = 'yes' ]; then
+    ppass=$(gen_pass)
     if [ $release -eq 5 ]; then
         service postgresql start
-        sudo -u postgres psql -c "ALTER USER postgres WITH PASSWORD '$vpass'"
+        sudo -u postgres psql -c "ALTER USER postgres WITH PASSWORD '$ppass'"
         service postgresql stop
         cp -f $vestacp/postgresql/pg_hba.conf /var/lib/pgsql/data/
         service postgresql start
@@ -1041,7 +1043,7 @@ if [ "$postgresql" = 'yes' ]; then
         service postgresql initdb
         cp -f $vestacp/postgresql/pg_hba.conf /var/lib/pgsql/data/
         service postgresql start
-        sudo -u postgres psql -c "ALTER USER postgres WITH PASSWORD '$vpass'"
+        sudo -u postgres psql -c "ALTER USER postgres WITH PASSWORD '$ppass'"
     fi
     # Configuring phpPgAdmin
     if [ "$apache" = 'yes' ]; then
@@ -1272,13 +1274,13 @@ fi
 
 # Configuring MySQL host
 if [ "$mysql" = 'yes' ]; then
-    $VESTA/bin/v-add-database-host mysql localhost root $vpass
+    $VESTA/bin/v-add-database-host mysql localhost root $mpass
     $VESTA/bin/v-add-database admin default default $(gen_pass) mysql
 fi
 
 # Configuring PostgreSQL host
 if [ "$postgresql" = 'yes' ]; then
-    $VESTA/bin/v-add-database-host pgsql localhost postgres $vpass
+    $VESTA/bin/v-add-database-host pgsql localhost postgres $ppass
     $VESTA/bin/v-add-database admin db db $(gen_pass) pgsql
 fi
 
diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 4b5d293d..013f3160 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -985,8 +985,9 @@ if [ "$mysql" = 'yes' ]; then
     check_result $? "mysql start failed"
 
     # Securing MySQL installation
-    mysqladmin -u root password $vpass
-    echo -e "[client]\npassword='$vpass'\n" > /root/.my.cnf
+    mpass=$(gen_pass)
+    mysqladmin -u root password $mpass
+    echo -e "[client]\npassword='$mpass'\n" > /root/.my.cnf
     chmod 600 /root/.my.cnf
     mysql -e "DELETE FROM mysql.user WHERE User=''"
     mysql -e "DROP DATABASE test" >/dev/null 2>&1
@@ -1008,9 +1009,10 @@ fi
 #----------------------------------------------------------#
 
 if [ "$postgresql" = 'yes' ]; then
+    ppass=$(gen_pass)
     wget $vestacp/postgresql/pg_hba.conf -O /etc/postgresql/*/main/pg_hba.conf
     service postgresql restart
-    sudo -u postgres psql -c "ALTER USER postgres WITH PASSWORD '$vpass'"
+    sudo -u postgres psql -c "ALTER USER postgres WITH PASSWORD '$ppass'"
 
     # Configuring phpPgAdmin
     if [ "$apache" = 'yes' ]; then
@@ -1298,13 +1300,13 @@ fi
 
 # Configuring mysql host
 if [ "$mysql" = 'yes' ]; then
-    $VESTA/bin/v-add-database-host mysql localhost root $vpass
+    $VESTA/bin/v-add-database-host mysql localhost root $mpass
     $VESTA/bin/v-add-database admin default default $(gen_pass) mysql
 fi
 
 # Configuring pgsql host
 if [ "$postgresql" = 'yes' ]; then
-    $VESTA/bin/v-add-database-host pgsql localhost postgres $vpass
+    $VESTA/bin/v-add-database-host pgsql localhost postgres $ppass
     $VESTA/bin/v-add-database admin db db $(gen_pass) pgsql
 fi
 
diff --git a/install/vst-install-rhel.sh b/install/vst-install-rhel.sh
index 1ecd2235..4a863464 100755
--- a/install/vst-install-rhel.sh
+++ b/install/vst-install-rhel.sh
@@ -1024,8 +1024,9 @@ if [ "$mysql" = 'yes' ]; then
     fi
 
     # Securing MySQL installation
-    mysqladmin -u root password $vpass
-    echo -e "[client]\npassword='$vpass'\n" > /root/.my.cnf
+    mpass=$(gen_pass)
+    mysqladmin -u root password $mpass
+    echo -e "[client]\npassword='$mpass'\n" > /root/.my.cnf
     chmod 600 /root/.my.cnf
     mysql -e "DELETE FROM mysql.user WHERE User=''"
     mysql -e "DROP DATABASE test" >/dev/null 2>&1
@@ -1047,9 +1048,10 @@ fi
 #----------------------------------------------------------#
 
 if [ "$postgresql" = 'yes' ]; then
+    ppass=$(gen_pass)
     if [ $release -eq 5 ]; then
         service postgresql start
-        sudo -u postgres psql -c "ALTER USER postgres WITH PASSWORD '$vpass'"
+        sudo -u postgres psql -c "ALTER USER postgres WITH PASSWORD '$ppass'"
         service postgresql stop
         cp -f $vestacp/postgresql/pg_hba.conf /var/lib/pgsql/data/
         service postgresql start
@@ -1057,7 +1059,7 @@ if [ "$postgresql" = 'yes' ]; then
         service postgresql initdb
         cp -f $vestacp/postgresql/pg_hba.conf /var/lib/pgsql/data/
         service postgresql start
-        sudo -u postgres psql -c "ALTER USER postgres WITH PASSWORD '$vpass'"
+        sudo -u postgres psql -c "ALTER USER postgres WITH PASSWORD '$ppass'"
     fi
     # Configuring phpPgAdmin
     if [ "$apache" = 'yes' ]; then
@@ -1289,13 +1291,13 @@ fi
 
 # Configuring MySQL/MariaDB host
 if [ "$mysql" = 'yes' ]; then
-    $VESTA/bin/v-add-database-host mysql localhost root $vpass
+    $VESTA/bin/v-add-database-host mysql localhost root $mpass
     $VESTA/bin/v-add-database admin default default $(gen_pass) mysql
 fi
 
 # Configuring PostgreSQL host
 if [ "$postgresql" = 'yes' ]; then
-    $VESTA/bin/v-add-database-host pgsql localhost postgres $vpass
+    $VESTA/bin/v-add-database-host pgsql localhost postgres $ppass
     $VESTA/bin/v-add-database admin db db $(gen_pass) pgsql
 fi
 
diff --git a/install/vst-install-ubuntu.sh b/install/vst-install-ubuntu.sh
index c0655bb2..bfcf8919 100755
--- a/install/vst-install-ubuntu.sh
+++ b/install/vst-install-ubuntu.sh
@@ -977,8 +977,9 @@ if [ "$mysql" = 'yes' ]; then
     check_result $? "mysql start failed"
 
     # Securing MySQL/MariaDB installation
-    mysqladmin -u root password $vpass
-    echo -e "[client]\npassword='$vpass'\n" > /root/.my.cnf
+    mpass=$(gen_pass)
+    mysqladmin -u root password $mpass
+    echo -e "[client]\npassword='$mpass'\n" > /root/.my.cnf
     chmod 600 /root/.my.cnf
     mysql -e "DELETE FROM mysql.user WHERE User=''"
     mysql -e "DROP DATABASE test" >/dev/null 2>&1
@@ -1000,9 +1001,10 @@ fi
 #----------------------------------------------------------#
 
 if [ "$postgresql" = 'yes' ]; then
+    ppass=$(gen_pass)
     cp -f $vestacp/postgresql/pg_hba.conf /etc/postgresql/*/main/
     service postgresql restart
-    sudo -u postgres psql -c "ALTER USER postgres WITH PASSWORD '$vpass'"
+    sudo -u postgres psql -c "ALTER USER postgres WITH PASSWORD '$ppass'"
 
     # Configuring phpPgAdmin
     if [ "$apache" = 'yes' ]; then
@@ -1235,13 +1237,13 @@ fi
 
 # Configuring MySQL/MariaDB host
 if [ "$mysql" = 'yes' ]; then
-    $VESTA/bin/v-add-database-host mysql localhost root $vpass
+    $VESTA/bin/v-add-database-host mysql localhost root $mpass
     $VESTA/bin/v-add-database admin default default $(gen_pass) mysql
 fi
 
 # Configuring PostgreSQL host
 if [ "$postgresql" = 'yes' ]; then
-    $VESTA/bin/v-add-database-host pgsql localhost postgres $vpass
+    $VESTA/bin/v-add-database-host pgsql localhost postgres $ppass
     $VESTA/bin/v-add-database admin db db $(gen_pass) pgsql
 fi
 

From a1b3aa3a8432b72842fe13ee77a892d2bba2b022 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Wed, 17 Oct 2018 22:06:17 +0300
Subject: [PATCH 0216/2300] No stats with distro name anymore

---
 install/vst-install-amazon.sh | 3 ---
 install/vst-install-debian.sh | 3 ---
 install/vst-install-rhel.sh   | 3 ---
 install/vst-install-ubuntu.sh | 3 ---
 4 files changed, 12 deletions(-)

diff --git a/install/vst-install-amazon.sh b/install/vst-install-amazon.sh
index e419d019..8dbdaa14 100644
--- a/install/vst-install-amazon.sh
+++ b/install/vst-install-amazon.sh
@@ -1334,9 +1334,6 @@ $VESTA/bin/v-add-cron-vesta-autoupdate
 #                   Vesta Access Info                      #
 #----------------------------------------------------------#
 
-# Sending install notification to vestacp.com
-wget vestacp.com/notify/?$codename -O /dev/null -q
-
 # Comparing hostname and IP
 host_ip=$(host $servername |head -n 1 |awk '{print $NF}')
 if [ "$host_ip" = "$ip" ]; then
diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 013f3160..47f36142 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1361,9 +1361,6 @@ $VESTA/bin/v-add-cron-vesta-autoupdate
 #                   Vesta Access Info                      #
 #----------------------------------------------------------#
 
-# Sending install notification to vestacp.com
-wget vestacp.com/notify/?$codename -O /dev/null -q
-
 # Comparing hostname and ip
 host_ip=$(host $servername| head -n 1 | awk '{print $NF}')
 if [ "$host_ip" = "$ip" ]; then
diff --git a/install/vst-install-rhel.sh b/install/vst-install-rhel.sh
index 4a863464..3aaad808 100755
--- a/install/vst-install-rhel.sh
+++ b/install/vst-install-rhel.sh
@@ -1351,9 +1351,6 @@ $VESTA/bin/v-add-cron-vesta-autoupdate
 #                   Vesta Access Info                      #
 #----------------------------------------------------------#
 
-# Sending install notification to vestacp.com
-wget vestacp.com/notify/?$codename -O /dev/null -q
-
 # Comparing hostname and IP
 host_ip=$(host $servername |head -n 1 |awk '{print $NF}')
 if [ "$host_ip" = "$ip" ]; then
diff --git a/install/vst-install-ubuntu.sh b/install/vst-install-ubuntu.sh
index bfcf8919..4cc5ee86 100755
--- a/install/vst-install-ubuntu.sh
+++ b/install/vst-install-ubuntu.sh
@@ -1297,9 +1297,6 @@ $VESTA/bin/v-add-cron-vesta-autoupdate
 #                   Vesta Access Info                      #
 #----------------------------------------------------------#
 
-# Sending install notification to vestacp.com
-wget vestacp.com/notify/?$codename -O /dev/null -q
-
 # Comparing hostname and IP
 host_ip=$(host $servername| head -n 1 |awk '{print $NF}')
 if [ "$host_ip" = "$ip" ]; then

From 67a0e8d1086eb271df7e12fc67f1db482be8cb46 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Wed, 17 Oct 2018 22:27:06 +0300
Subject: [PATCH 0217/2300] limit config visibility to /etc and /var/lib

---
 bin/v-open-fs-config | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/bin/v-open-fs-config b/bin/v-open-fs-config
index 6a4f54fd..720df86a 100755
--- a/bin/v-open-fs-config
+++ b/bin/v-open-fs-config
@@ -35,6 +35,11 @@ if [ ! -z "$src_file" ]; then
         echo "Error: invalid source path $src_file"
         exit 2
     fi
+    spath=$(echo "$rpath" |egrep "/etc|/var/lib")
+    if [ -z "$spath" ]; then
+        echo "Error: invalid source path $src_file"
+        exit 2
+    fi
 fi
 
 # Reading conf

From 5f68c1b634abec2d5a4f83156bfd223d3a792f77 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Wed, 17 Oct 2018 23:28:37 +0300
Subject: [PATCH 0218/2300] Timing attack fix from security experts
 https://arcturussecurity.com

---
 web/reset/index.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/reset/index.php b/web/reset/index.php
index abde3c14..0d90d15d 100644
--- a/web/reset/index.php
+++ b/web/reset/index.php
@@ -48,7 +48,7 @@ if ((!empty($_POST['user'])) && (!empty($_POST['code'])) && (!empty($_POST['pass
         if ( $return_var == 0 ) {
             $data = json_decode(implode('', $output), true);
             $rkey = $data[$user]['RKEY'];
-            if ($rkey == $_POST['code']) {
+            if (hash_equals($rkey, $POST[‘code’])) {
                 $v_password = tempnam("/tmp","vst");
                 $fp = fopen($v_password, "w");
                 fwrite($fp, $_POST['password']."\n");

From d880b5b4254ed3d89303227d7de4a79e8e0579a7 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Wed, 17 Oct 2018 23:58:27 +0300
Subject: [PATCH 0219/2300] limit sudo for admin to vesta scripts only

---
 install/debian/7/sudo/admin     | 2 +-
 install/debian/8/sudo/admin     | 2 +-
 install/debian/9/sudo/admin     | 2 +-
 install/rhel/5/sudo/admin       | 2 +-
 install/rhel/6/sudo/admin       | 2 +-
 install/rhel/7/sudo/admin       | 2 +-
 install/ubuntu/12.04/sudo/admin | 2 +-
 install/ubuntu/12.10/sudo/admin | 2 +-
 install/ubuntu/13.04/sudo/admin | 2 +-
 install/ubuntu/13.10/sudo/admin | 2 +-
 install/ubuntu/14.04/sudo/admin | 2 +-
 install/ubuntu/14.10/sudo/admin | 2 +-
 install/ubuntu/15.04/sudo/admin | 2 +-
 install/ubuntu/15.10/sudo/admin | 2 +-
 install/ubuntu/16.04/sudo/admin | 2 +-
 install/ubuntu/16.10/sudo/admin | 2 +-
 install/ubuntu/17.04/sudo/admin | 2 +-
 install/ubuntu/17.10/sudo/admin | 2 +-
 install/ubuntu/18.04/sudo/admin | 2 +-
 19 files changed, 19 insertions(+), 19 deletions(-)

diff --git a/install/debian/7/sudo/admin b/install/debian/7/sudo/admin
index 4226bdd4..331fa1f2 100644
--- a/install/debian/7/sudo/admin
+++ b/install/debian/7/sudo/admin
@@ -4,5 +4,5 @@ Defaults:admin !syslog
 Defaults:admin !requiretty
 Defaults:root !requiretty
 
-admin   ALL=(ALL)       ALL
+# sudo is limited to vesta scripts
 admin   ALL=NOPASSWD:/usr/local/vesta/bin/*
diff --git a/install/debian/8/sudo/admin b/install/debian/8/sudo/admin
index 4226bdd4..331fa1f2 100644
--- a/install/debian/8/sudo/admin
+++ b/install/debian/8/sudo/admin
@@ -4,5 +4,5 @@ Defaults:admin !syslog
 Defaults:admin !requiretty
 Defaults:root !requiretty
 
-admin   ALL=(ALL)       ALL
+# sudo is limited to vesta scripts
 admin   ALL=NOPASSWD:/usr/local/vesta/bin/*
diff --git a/install/debian/9/sudo/admin b/install/debian/9/sudo/admin
index 4226bdd4..331fa1f2 100644
--- a/install/debian/9/sudo/admin
+++ b/install/debian/9/sudo/admin
@@ -4,5 +4,5 @@ Defaults:admin !syslog
 Defaults:admin !requiretty
 Defaults:root !requiretty
 
-admin   ALL=(ALL)       ALL
+# sudo is limited to vesta scripts
 admin   ALL=NOPASSWD:/usr/local/vesta/bin/*
diff --git a/install/rhel/5/sudo/admin b/install/rhel/5/sudo/admin
index 4226bdd4..331fa1f2 100644
--- a/install/rhel/5/sudo/admin
+++ b/install/rhel/5/sudo/admin
@@ -4,5 +4,5 @@ Defaults:admin !syslog
 Defaults:admin !requiretty
 Defaults:root !requiretty
 
-admin   ALL=(ALL)       ALL
+# sudo is limited to vesta scripts
 admin   ALL=NOPASSWD:/usr/local/vesta/bin/*
diff --git a/install/rhel/6/sudo/admin b/install/rhel/6/sudo/admin
index 4226bdd4..331fa1f2 100644
--- a/install/rhel/6/sudo/admin
+++ b/install/rhel/6/sudo/admin
@@ -4,5 +4,5 @@ Defaults:admin !syslog
 Defaults:admin !requiretty
 Defaults:root !requiretty
 
-admin   ALL=(ALL)       ALL
+# sudo is limited to vesta scripts
 admin   ALL=NOPASSWD:/usr/local/vesta/bin/*
diff --git a/install/rhel/7/sudo/admin b/install/rhel/7/sudo/admin
index 4226bdd4..331fa1f2 100644
--- a/install/rhel/7/sudo/admin
+++ b/install/rhel/7/sudo/admin
@@ -4,5 +4,5 @@ Defaults:admin !syslog
 Defaults:admin !requiretty
 Defaults:root !requiretty
 
-admin   ALL=(ALL)       ALL
+# sudo is limited to vesta scripts
 admin   ALL=NOPASSWD:/usr/local/vesta/bin/*
diff --git a/install/ubuntu/12.04/sudo/admin b/install/ubuntu/12.04/sudo/admin
index 4226bdd4..331fa1f2 100644
--- a/install/ubuntu/12.04/sudo/admin
+++ b/install/ubuntu/12.04/sudo/admin
@@ -4,5 +4,5 @@ Defaults:admin !syslog
 Defaults:admin !requiretty
 Defaults:root !requiretty
 
-admin   ALL=(ALL)       ALL
+# sudo is limited to vesta scripts
 admin   ALL=NOPASSWD:/usr/local/vesta/bin/*
diff --git a/install/ubuntu/12.10/sudo/admin b/install/ubuntu/12.10/sudo/admin
index 4226bdd4..331fa1f2 100644
--- a/install/ubuntu/12.10/sudo/admin
+++ b/install/ubuntu/12.10/sudo/admin
@@ -4,5 +4,5 @@ Defaults:admin !syslog
 Defaults:admin !requiretty
 Defaults:root !requiretty
 
-admin   ALL=(ALL)       ALL
+# sudo is limited to vesta scripts
 admin   ALL=NOPASSWD:/usr/local/vesta/bin/*
diff --git a/install/ubuntu/13.04/sudo/admin b/install/ubuntu/13.04/sudo/admin
index 4226bdd4..331fa1f2 100644
--- a/install/ubuntu/13.04/sudo/admin
+++ b/install/ubuntu/13.04/sudo/admin
@@ -4,5 +4,5 @@ Defaults:admin !syslog
 Defaults:admin !requiretty
 Defaults:root !requiretty
 
-admin   ALL=(ALL)       ALL
+# sudo is limited to vesta scripts
 admin   ALL=NOPASSWD:/usr/local/vesta/bin/*
diff --git a/install/ubuntu/13.10/sudo/admin b/install/ubuntu/13.10/sudo/admin
index 4226bdd4..331fa1f2 100644
--- a/install/ubuntu/13.10/sudo/admin
+++ b/install/ubuntu/13.10/sudo/admin
@@ -4,5 +4,5 @@ Defaults:admin !syslog
 Defaults:admin !requiretty
 Defaults:root !requiretty
 
-admin   ALL=(ALL)       ALL
+# sudo is limited to vesta scripts
 admin   ALL=NOPASSWD:/usr/local/vesta/bin/*
diff --git a/install/ubuntu/14.04/sudo/admin b/install/ubuntu/14.04/sudo/admin
index 4226bdd4..331fa1f2 100644
--- a/install/ubuntu/14.04/sudo/admin
+++ b/install/ubuntu/14.04/sudo/admin
@@ -4,5 +4,5 @@ Defaults:admin !syslog
 Defaults:admin !requiretty
 Defaults:root !requiretty
 
-admin   ALL=(ALL)       ALL
+# sudo is limited to vesta scripts
 admin   ALL=NOPASSWD:/usr/local/vesta/bin/*
diff --git a/install/ubuntu/14.10/sudo/admin b/install/ubuntu/14.10/sudo/admin
index 4226bdd4..331fa1f2 100644
--- a/install/ubuntu/14.10/sudo/admin
+++ b/install/ubuntu/14.10/sudo/admin
@@ -4,5 +4,5 @@ Defaults:admin !syslog
 Defaults:admin !requiretty
 Defaults:root !requiretty
 
-admin   ALL=(ALL)       ALL
+# sudo is limited to vesta scripts
 admin   ALL=NOPASSWD:/usr/local/vesta/bin/*
diff --git a/install/ubuntu/15.04/sudo/admin b/install/ubuntu/15.04/sudo/admin
index 4226bdd4..331fa1f2 100644
--- a/install/ubuntu/15.04/sudo/admin
+++ b/install/ubuntu/15.04/sudo/admin
@@ -4,5 +4,5 @@ Defaults:admin !syslog
 Defaults:admin !requiretty
 Defaults:root !requiretty
 
-admin   ALL=(ALL)       ALL
+# sudo is limited to vesta scripts
 admin   ALL=NOPASSWD:/usr/local/vesta/bin/*
diff --git a/install/ubuntu/15.10/sudo/admin b/install/ubuntu/15.10/sudo/admin
index 4226bdd4..331fa1f2 100644
--- a/install/ubuntu/15.10/sudo/admin
+++ b/install/ubuntu/15.10/sudo/admin
@@ -4,5 +4,5 @@ Defaults:admin !syslog
 Defaults:admin !requiretty
 Defaults:root !requiretty
 
-admin   ALL=(ALL)       ALL
+# sudo is limited to vesta scripts
 admin   ALL=NOPASSWD:/usr/local/vesta/bin/*
diff --git a/install/ubuntu/16.04/sudo/admin b/install/ubuntu/16.04/sudo/admin
index 4226bdd4..331fa1f2 100644
--- a/install/ubuntu/16.04/sudo/admin
+++ b/install/ubuntu/16.04/sudo/admin
@@ -4,5 +4,5 @@ Defaults:admin !syslog
 Defaults:admin !requiretty
 Defaults:root !requiretty
 
-admin   ALL=(ALL)       ALL
+# sudo is limited to vesta scripts
 admin   ALL=NOPASSWD:/usr/local/vesta/bin/*
diff --git a/install/ubuntu/16.10/sudo/admin b/install/ubuntu/16.10/sudo/admin
index 4226bdd4..331fa1f2 100644
--- a/install/ubuntu/16.10/sudo/admin
+++ b/install/ubuntu/16.10/sudo/admin
@@ -4,5 +4,5 @@ Defaults:admin !syslog
 Defaults:admin !requiretty
 Defaults:root !requiretty
 
-admin   ALL=(ALL)       ALL
+# sudo is limited to vesta scripts
 admin   ALL=NOPASSWD:/usr/local/vesta/bin/*
diff --git a/install/ubuntu/17.04/sudo/admin b/install/ubuntu/17.04/sudo/admin
index 4226bdd4..331fa1f2 100644
--- a/install/ubuntu/17.04/sudo/admin
+++ b/install/ubuntu/17.04/sudo/admin
@@ -4,5 +4,5 @@ Defaults:admin !syslog
 Defaults:admin !requiretty
 Defaults:root !requiretty
 
-admin   ALL=(ALL)       ALL
+# sudo is limited to vesta scripts
 admin   ALL=NOPASSWD:/usr/local/vesta/bin/*
diff --git a/install/ubuntu/17.10/sudo/admin b/install/ubuntu/17.10/sudo/admin
index 4226bdd4..331fa1f2 100644
--- a/install/ubuntu/17.10/sudo/admin
+++ b/install/ubuntu/17.10/sudo/admin
@@ -4,5 +4,5 @@ Defaults:admin !syslog
 Defaults:admin !requiretty
 Defaults:root !requiretty
 
-admin   ALL=(ALL)       ALL
+# sudo is limited to vesta scripts
 admin   ALL=NOPASSWD:/usr/local/vesta/bin/*
diff --git a/install/ubuntu/18.04/sudo/admin b/install/ubuntu/18.04/sudo/admin
index 4226bdd4..331fa1f2 100644
--- a/install/ubuntu/18.04/sudo/admin
+++ b/install/ubuntu/18.04/sudo/admin
@@ -4,5 +4,5 @@ Defaults:admin !syslog
 Defaults:admin !requiretty
 Defaults:root !requiretty
 
-admin   ALL=(ALL)       ALL
+# sudo is limited to vesta scripts
 admin   ALL=NOPASSWD:/usr/local/vesta/bin/*

From cde42691701667502369f76e197c30005431f959 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Thu, 18 Oct 2018 00:14:28 +0300
Subject: [PATCH 0220/2300] Release 0.9.8-23

---
 src/deb/ioncube/control              |  2 +-
 src/deb/nginx/control                |  2 +-
 src/deb/php/control                  |  2 +-
 src/deb/softaculous/control          |  2 +-
 src/deb/vesta/control                |  2 +-
 src/deb/vesta/postinst               |  8 ++++++++
 src/rpm/specs/vesta-ioncube.spec     |  2 +-
 src/rpm/specs/vesta-nginx.spec       |  2 +-
 src/rpm/specs/vesta-php.spec         |  2 +-
 src/rpm/specs/vesta-softaculous.spec |  2 +-
 src/rpm/specs/vesta.spec             | 17 ++++++++++++++++-
 upd/add_notifications.sh             |  2 +-
 upd/fix_dhcprenew.sh                 | 20 ++++++++++++++++++++
 upd/limit_sudo.sh                    |  6 ++++++
 14 files changed, 60 insertions(+), 11 deletions(-)
 create mode 100755 upd/fix_dhcprenew.sh
 create mode 100755 upd/limit_sudo.sh

diff --git a/src/deb/ioncube/control b/src/deb/ioncube/control
index 89268f6e..9db6cc14 100644
--- a/src/deb/ioncube/control
+++ b/src/deb/ioncube/control
@@ -1,7 +1,7 @@
 Source: vesta-ioncube
 Package: vesta-ioncube
 Priority: optional
-Version: 0.9.8-22
+Version: 0.9.8-23
 Section: admin
 Maintainer: Serghey Rodin 
 Homepage: https://www.ioncube.com
diff --git a/src/deb/nginx/control b/src/deb/nginx/control
index 9dc7351a..19ec8bbb 100644
--- a/src/deb/nginx/control
+++ b/src/deb/nginx/control
@@ -1,7 +1,7 @@
 Source: vesta-nginx
 Package: vesta-nginx
 Priority: optional
-Version: 0.9.8-22
+Version: 0.9.8-23
 Section: admin
 Maintainer: Serghey Rodin 
 Homepage: http://vestacp.com
diff --git a/src/deb/php/control b/src/deb/php/control
index 3714008d..e8702027 100644
--- a/src/deb/php/control
+++ b/src/deb/php/control
@@ -1,7 +1,7 @@
 Source: vesta-php
 Package: vesta-php
 Priority: optional
-Version: 0.9.8-22
+Version: 0.9.8-23
 Section: admin
 Maintainer: Serghey Rodin 
 Homepage: http://vestacp.com
diff --git a/src/deb/softaculous/control b/src/deb/softaculous/control
index 35140df6..c5c9eb67 100644
--- a/src/deb/softaculous/control
+++ b/src/deb/softaculous/control
@@ -1,7 +1,7 @@
 Source: vesta-softaculous
 Package: vesta-softaculous
 Priority: optional
-Version: 0.9.8-22
+Version: 0.9.8-23
 Section: admin
 Maintainer: Serghey Rodin 
 Homepage: https://www.softaculous.com
diff --git a/src/deb/vesta/control b/src/deb/vesta/control
index 028a4e41..9f83c2a6 100644
--- a/src/deb/vesta/control
+++ b/src/deb/vesta/control
@@ -1,7 +1,7 @@
 Source: vesta
 Package: vesta
 Priority: optional
-Version: 0.9.8-22
+Version: 0.9.8-23
 Section: admin
 Maintainer: Serghey Rodin 
 Homepage: http://vestacp.com
diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index 3cba15e9..516df08b 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -28,4 +28,12 @@ if [ -x /usr/local/vesta/upd/fix_roundcube.sh ]; then
     /usr/local/vesta/upd/fix_roundcube.sh
 fi
 
+if [ -x /usr/local/vesta/upd/limit_sudo.sh ]; then
+    /usr/local/vesta/upd/limit_sudo.sh
+fi
+
+if [ -x /usr/local/vesta/upd/fix_dhcprenew.sh ]; then
+    /usr/local/vesta/upd/fix_dhcprenew.sh
+fi
+
 exit 0
diff --git a/src/rpm/specs/vesta-ioncube.spec b/src/rpm/specs/vesta-ioncube.spec
index 5d48dc29..54bb5cf4 100644
--- a/src/rpm/specs/vesta-ioncube.spec
+++ b/src/rpm/specs/vesta-ioncube.spec
@@ -1,6 +1,6 @@
 Name:           vesta-ioncube
 Version:        0.9.8
-Release:        22
+Release:        23
 Summary:        ionCube Loader
 Group:          System Environment/Base
 License:        "Freely redistributable without restriction"
diff --git a/src/rpm/specs/vesta-nginx.spec b/src/rpm/specs/vesta-nginx.spec
index a633ef85..ca530cc1 100644
--- a/src/rpm/specs/vesta-nginx.spec
+++ b/src/rpm/specs/vesta-nginx.spec
@@ -1,6 +1,6 @@
 Name:           vesta-nginx
 Version:        0.9.8
-Release:        22
+Release:        23
 Summary:        Vesta Control Panel
 Group:          System Environment/Base
 License:        BSD-like
diff --git a/src/rpm/specs/vesta-php.spec b/src/rpm/specs/vesta-php.spec
index 12d1c401..fe5aded9 100644
--- a/src/rpm/specs/vesta-php.spec
+++ b/src/rpm/specs/vesta-php.spec
@@ -1,6 +1,6 @@
 Name:           vesta-php
 Version:        0.9.8
-Release:        22
+Release:        23
 Summary:        Vesta Control Panel
 Group:          System Environment/Base
 License:        GPL
diff --git a/src/rpm/specs/vesta-softaculous.spec b/src/rpm/specs/vesta-softaculous.spec
index 7e92cfdb..ece330e8 100644
--- a/src/rpm/specs/vesta-softaculous.spec
+++ b/src/rpm/specs/vesta-softaculous.spec
@@ -1,6 +1,6 @@
 Name:           vesta-softaculous
 Version:        0.9.8
-Release:        22
+Release:        23
 Summary:        Vesta Control Panel
 Group:          System Environment/Base
 License:        Softaculous License
diff --git a/src/rpm/specs/vesta.spec b/src/rpm/specs/vesta.spec
index 58359da0..bb82d404 100644
--- a/src/rpm/specs/vesta.spec
+++ b/src/rpm/specs/vesta.spec
@@ -1,6 +1,6 @@
 Name:           vesta
 Version:        0.9.8
-Release:        22
+Release:        23
 Summary:        Vesta Control Panel
 Group:          System Environment/Base
 License:        GPL
@@ -45,6 +45,15 @@ if [ $1 -ge 2 ]; then
     if [ -x /usr/local/vesta/upd/fix_roundcube.sh ]; then
         /usr/local/vesta/upd/fix_roundcube.sh
     fi
+
+    if [ -x /usr/local/vesta/upd/limit_sudo.sh ]; then
+        /usr/local/vesta/upd/limit_sudo.sh
+    fi
+
+    if [ -x /usr/local/vesta/upd/fix_dhcprenew.sh ]; then
+        /usr/local/vesta/upd/fix_dhcprenew.sh
+    fi
+
 fi
 %files
 %{_vestadir}
@@ -59,6 +68,12 @@ fi
 %config(noreplace) %{_vestadir}/web/css/uploadify.css
 
 %changelog
+* Thu 18 2018 Serghey Rodin  - 0.9.8-23
+- Security fixes
+
+* Wed June 27 2018 Serghey Rodin  - 0.9.8-22
+- Security fixes
+
 * Fri May 11 2018 Serghey Rodin  - 0.9.8-21
 - Additional security fixes
 
diff --git a/upd/add_notifications.sh b/upd/add_notifications.sh
index 14b8590e..e55c0c74 100755
--- a/upd/add_notifications.sh
+++ b/upd/add_notifications.sh
@@ -5,5 +5,5 @@ rm -f /usr/local/vesta/data/users/admin/notifications.conf
 /usr/local/vesta/bin/v-add-user-notification admin "File Manager" "Browse, copy, edit, view, and retrieve all your web domain files using a fully featured File Manager. Plugin is available for purchase." 'filemanager'
 /usr/local/vesta/bin/v-add-user-notification admin "Chroot SFTP" "If you want to have SFTP accounts that will be used only to transfer files (and not to SSH), you can  purchase and enable SFTP Chroot"
 /usr/local/vesta/bin/v-add-user-notification admin "Softaculous" "Softaculous is one of the best Auto Installers and it is finally available"
-/usr/local/vesta/bin/v-add-user-notification admin "Release 0.9.8-19" "We've made 1478 commits, fixed 29 bugs and merged 141 pull request. As always for more information please read release notes"
+/usr/local/vesta/bin/v-add-user-notification admin "Release 0.9.8-23" "We've made 1478 commits, fixed 29 bugs and merged 141 pull request. As always for more information please read release notes"
 
diff --git a/upd/fix_dhcprenew.sh b/upd/fix_dhcprenew.sh
new file mode 100755
index 00000000..08e76f69
--- /dev/null
+++ b/upd/fix_dhcprenew.sh
@@ -0,0 +1,20 @@
+#!/bin/bash
+
+if [ -e "/usr/bin/dhcprenew" ]; then
+    mv /usr/bin/dhcprenew /usr/bin/dhcprenew.disabled
+
+    # Notify admin via control panel
+    rm /usr/local/vesta/data/users/admin/notifications.conf
+    touch /usr/local/vesta/data/users/admin/notifications.conf
+    /usr/local/vesta/bin/v-add-user-notification admin \
+        "Security Check" "Your server was compromised please contact us at info@vestacp.com to get help."
+
+    # Send email notification
+    send_mail="/usr/local/vesta/web/inc/mail-wrapper.php"
+    email=$(grep CONTACT /usr/local/vesta/data/users/admin/user.conf |cut -f2 -d \')
+    if [ ! -z "$email" ]; then
+        echo "Your server $(hostname) was compromised please contact us at info@vestacp.com to get help." |\
+            $send_mail -s "SECURITY CHECK: Vesta Control Panel" $email
+    fi
+fi
+
diff --git a/upd/limit_sudo.sh b/upd/limit_sudo.sh
new file mode 100755
index 00000000..4f4ac924
--- /dev/null
+++ b/upd/limit_sudo.sh
@@ -0,0 +1,6 @@
+#!/bin/bash
+
+if [ -e "/etc/sudoers.d/admin" ]; then
+    sed -i "s/admin.*ALL=(ALL).*/# sudo is limited to vesta scripts/" \
+        /etc/sudoers.d/admin
+fi

From 83bd1f679f89e1df17f66cb4299ce9a631e789be Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Thu, 18 Oct 2018 00:23:56 +0300
Subject: [PATCH 0221/2300] added missing month in spec file

---
 src/rpm/specs/vesta.spec | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/rpm/specs/vesta.spec b/src/rpm/specs/vesta.spec
index bb82d404..a611e45f 100644
--- a/src/rpm/specs/vesta.spec
+++ b/src/rpm/specs/vesta.spec
@@ -68,7 +68,7 @@ fi
 %config(noreplace) %{_vestadir}/web/css/uploadify.css
 
 %changelog
-* Thu 18 2018 Serghey Rodin  - 0.9.8-23
+* Thu Oct 18 2018 Serghey Rodin  - 0.9.8-23
 - Security fixes
 
 * Wed June 27 2018 Serghey Rodin  - 0.9.8-22

From defba7221522bcb403ef7475e730dc6bb603841b Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Thu, 18 Oct 2018 00:25:09 +0300
Subject: [PATCH 0222/2300] added missing month in spec file

---
 src/rpm/specs/vesta.spec | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/rpm/specs/vesta.spec b/src/rpm/specs/vesta.spec
index a611e45f..10830d15 100644
--- a/src/rpm/specs/vesta.spec
+++ b/src/rpm/specs/vesta.spec
@@ -71,7 +71,7 @@ fi
 * Thu Oct 18 2018 Serghey Rodin  - 0.9.8-23
 - Security fixes
 
-* Wed June 27 2018 Serghey Rodin  - 0.9.8-22
+* Wed Jun 27 2018 Serghey Rodin  - 0.9.8-22
 - Security fixes
 
 * Fri May 11 2018 Serghey Rodin  - 0.9.8-21

From f6f6f9cfbbf2979e301956d1c6ab5c44386822c0 Mon Sep 17 00:00:00 2001
From: "Made I.T" 
Date: Thu, 18 Oct 2018 10:01:35 +0200
Subject: [PATCH 0223/2300] Fix bug in password reset

---
 web/reset/index.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/reset/index.php b/web/reset/index.php
index 0d90d15d..842dd2f3 100644
--- a/web/reset/index.php
+++ b/web/reset/index.php
@@ -48,7 +48,7 @@ if ((!empty($_POST['user'])) && (!empty($_POST['code'])) && (!empty($_POST['pass
         if ( $return_var == 0 ) {
             $data = json_decode(implode('', $output), true);
             $rkey = $data[$user]['RKEY'];
-            if (hash_equals($rkey, $POST[‘code’])) {
+            if (hash_equals($rkey, $_POST['code'])) {
                 $v_password = tempnam("/tmp","vst");
                 $fp = fopen($v_password, "w");
                 fwrite($fp, $_POST['password']."\n");

From 32fbc253a92352376ff301ad9504ef39add726c4 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Thu, 18 Oct 2018 14:20:14 +0300
Subject: [PATCH 0224/2300] Additional argument check for remote hosts

---
 bin/v-add-backup-host | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/bin/v-add-backup-host b/bin/v-add-backup-host
index 327703a7..b21880c5 100755
--- a/bin/v-add-backup-host
+++ b/bin/v-add-backup-host
@@ -38,8 +38,8 @@ EOF
 sftpc() {
     expect -f "-" </dev/null 2>&1
         check_result $? "expect command not found"  $E_NOTEXIST
     fi
+    host "$host" >/dev/null 2>&1
+    check_result $? "host connection failed" "$E_CONNECT"
 fi
 
 

From cbbf27fc46e46cf79cbceec8cd1feaaac1be1cc0 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Thu, 18 Oct 2018 14:36:17 +0300
Subject: [PATCH 0225/2300] Additional argument check for remote hosts

---
 bin/v-add-backup-host | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-add-backup-host b/bin/v-add-backup-host
index b21880c5..4e727229 100755
--- a/bin/v-add-backup-host
+++ b/bin/v-add-backup-host
@@ -94,7 +94,7 @@ EOF
 
 if [ "$type" != 'local' ];then
     check_args '4' "$#" "TYPE HOST USERNAME PASSWORD [PATH] [PORT]"
-    is_format_valid 'user' 'host'
+    is_format_valid 'user' 'host' 'path' 'port'
     is_password_valid
     if [ "$type" = 'sftp' ]; then
         which expect >/dev/null 2>&1

From 8e37c4fa0f8dc239f0c1d1b0b5af791b8682bca9 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Thu, 18 Oct 2018 17:46:34 +0300
Subject: [PATCH 0226/2300] switch from c.vestacp.com to local configs

---
 install/vst-install-debian.sh | 117 ++++++++++++++++------------------
 1 file changed, 55 insertions(+), 62 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 47f36142..769ddfa6 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -16,7 +16,7 @@ arch=$(uname -i)
 os='debian'
 release=$(cat /etc/debian_version|grep -o [0-9]|head -n1)
 codename="$(cat /etc/os-release |grep VERSION= |cut -f 2 -d \(|cut -f 1 -d \))"
-vestacp="http://$CHOST/$VERSION/$release"
+vestacp="$VESTA/install/$VERSION/$release"
 
 if [ "$release" -eq 9 ]; then
     software="nginx apache2 apache2-utils apache2-suexec-custom
@@ -274,7 +274,7 @@ if [ ! -e '/usr/bin/wget' ]; then
 fi
 
 # Checking repository availability
-wget -q "$vestacp/deb_signing.key" -O /dev/null
+wget -q "c.vestacp.com/deb_signing.key" -O /dev/null
 check_result $? "No access to Vesta repository"
 
 # Check installed packages
@@ -682,9 +682,9 @@ chmod 755 /usr/bin/rssh
 #                     Configure VESTA                      #
 #----------------------------------------------------------#
 
-# Downloading sudo configuration
+# Installing sudo configuration
 mkdir -p /etc/sudoers.d
-wget $vestacp/sudo/admin -O /etc/sudoers.d/admin
+cp -f $vestacp/sudo/admin /etc/sudoers.d/
 chmod 440 /etc/sudoers.d/admin
 
 # Configuring system env
@@ -695,8 +695,8 @@ echo 'PATH=$PATH:'$VESTA'/bin' >> /root/.bash_profile
 echo 'export PATH' >> /root/.bash_profile
 source /root/.bash_profile
 
-# Configuring logrotate for vesta logs
-wget $vestacp/logrotate/vesta -O /etc/logrotate.d/vesta
+# Configuring logrotate for Vesta logs
+cp -f $vestacp/logrotate/vesta /etc/logrotate.d/
 
 # Building directory tree and creating some blank files for vesta
 mkdir -p $VESTA/conf $VESTA/log $VESTA/ssl $VESTA/data/ips \
@@ -808,25 +808,18 @@ echo "LANGUAGE='$lang'" >> $VESTA/conf/vesta.conf
 # Version
 echo "VERSION='0.9.8'" >> $VESTA/conf/vesta.conf
 
-# Downloading hosting packages
-cd $VESTA/data
-wget $vestacp/packages.tar.gz -O packages.tar.gz
-tar -xzf packages.tar.gz
-rm -f packages.tar.gz
+# Installing hosting packages
+cp -rf $vestacp/packages $VESTA/data/
 
-# Downloading templates
-wget $vestacp/templates.tar.gz -O templates.tar.gz
-tar -xzf templates.tar.gz
-rm -f templates.tar.gz
+# Installing templates
+cp -rf $vestacp/templates $VESTA/data/
 
 # Copying index.html to default documentroot
-cp templates/web/skel/public_html/index.html /var/www/
+cp $VESTA/data/templates/web/skel/public_html/index.html /var/www/
 sed -i 's/%domain%/It worked!/g' /var/www/index.html
 
-# Downloading firewall rules
-wget $vestacp/firewall.tar.gz -O firewall.tar.gz
-tar -xzf firewall.tar.gz
-rm -f firewall.tar.gz
+# Installing firewall rules
+cp -rf $vestacp/firewall $VESTA/data/
 
 # Configuring server hostname
 $VESTA/bin/v-change-sys-hostname $servername 2>/dev/null
@@ -855,12 +848,12 @@ rm /tmp/vst.pem
 
 if [ "$nginx" = 'yes' ]; then
     rm -f /etc/nginx/conf.d/*.conf
-    wget $vestacp/nginx/nginx.conf -O /etc/nginx/nginx.conf
-    wget $vestacp/nginx/status.conf -O /etc/nginx/conf.d/status.conf
-    wget $vestacp/nginx/phpmyadmin.inc -O /etc/nginx/conf.d/phpmyadmin.inc
-    wget $vestacp/nginx/phppgadmin.inc -O /etc/nginx/conf.d/phppgadmin.inc
-    wget $vestacp/nginx/webmail.inc -O /etc/nginx/conf.d/webmail.inc
-    wget $vestacp/logrotate/nginx -O /etc/logrotate.d/nginx
+    cp -f $vestacp/nginx/nginx.conf /etc/nginx/
+    cp -f $vestacp/nginx/status.conf /etc/nginx/conf.d/
+    cp -f $vestacp/nginx/phpmyadmin.inc /etc/nginx/conf.d/
+    cp -f $vestacp/nginx/phppgadmin.inc /etc/nginx/conf.d/
+    cp -f $vestacp/nginx/webmail.inc /etc/nginx/conf.d/
+    cp -f $vestacp/logrotate/nginx /etc/logrotate.d/
     echo > /etc/nginx/conf.d/vesta.conf
     mkdir -p /var/log/nginx/domains
     update-rc.d nginx defaults
@@ -874,9 +867,9 @@ fi
 #----------------------------------------------------------#
 
 if [ "$apache" = 'yes'  ]; then
-    wget $vestacp/apache2/apache2.conf -O /etc/apache2/apache2.conf
-    wget $vestacp/apache2/status.conf -O /etc/apache2/mods-enabled/status.conf
-    wget $vestacp/logrotate/apache2 -O /etc/logrotate.d/apache2
+    cp -f $vestacp/apache2/apache2.conf /etc/apache2/
+    cp -f $vestacp/apache2/status.conf /etc/apache2/mods-enabled/
+    cp -f  $vestacp/logrotate/apache2 /etc/logrotate.d/
     a2enmod rewrite
     a2enmod suexec
     a2enmod ssl
@@ -909,12 +902,12 @@ fi
 
 if [ "$phpfpm" = 'yes' ]; then
     if [ "$release" -eq 9 ]; then
-        wget $vestacp/php-fpm/www.conf -O /etc/php/7.0/fpm/pool.d/www.conf
+        cp -f $vestacp/php-fpm/www.conf /etc/php/7.0/fpm/pool.d/www.conf
         update-rc.d php7.0-fpm defaults
         service php7.0-fpm start
         check_result $? "php-fpm start failed"
     else
-        wget $vestacp/php5-fpm/www.conf -O /etc/php5/fpm/pool.d/www.conf
+        cp -f $vestacp/php5-fpm/www.conf /etc/php5/fpm/pool.d/www.conf
         update-rc.d php5-fpm defaults
         service php5-fpm start
         check_result $? "php-fpm start failed"
@@ -941,7 +934,7 @@ done
 #----------------------------------------------------------#
 
 if [ "$vsftpd" = 'yes' ]; then
-    wget $vestacp/vsftpd/vsftpd.conf -O /etc/vsftpd.conf
+    cp -f $vestacp/vsftpd/vsftpd.conf /etc/
     update-rc.d vsftpd defaults
     service vsftpd start
     check_result $? "vsftpd start failed"
@@ -957,7 +950,7 @@ fi
 
 if [ "$proftpd" = 'yes' ]; then
     echo "127.0.0.1 $servername" >> /etc/hosts
-    wget $vestacp/proftpd/proftpd.conf -O /etc/proftpd/proftpd.conf
+    cp -f $vestacp/proftpd/proftpd.conf /etc/proftpd/
     update-rc.d proftpd defaults
     service proftpd start
     check_result $? "proftpd start failed"
@@ -978,7 +971,7 @@ if [ "$mysql" = 'yes' ]; then
     fi
 
     # MySQL configuration
-    wget $vestacp/mysql/$mycnf -O /etc/mysql/my.cnf
+    cp -f $vestacp/mysql/$mycnf /etc/mysql/my.cnf
     mysql_install_db
     update-rc.d mysql defaults
     service mysql start
@@ -997,10 +990,10 @@ if [ "$mysql" = 'yes' ]; then
 
     # Configuring phpMyAdmin
     if [ "$apache" = 'yes' ]; then
-        wget $vestacp/pma/apache.conf -O /etc/phpmyadmin/apache.conf
+        cp -f $vestacp/pma/apache.conf /etc/phpmyadmin/
         ln -s /etc/phpmyadmin/apache.conf /etc/apache2/conf.d/phpmyadmin.conf
     fi
-    wget $vestacp/pma/config.inc.php -O /etc/phpmyadmin/config.inc.php
+    cp -f $vestacp/pma/config.inc.php /etc/phpmyadmin/
     chmod 777 /var/lib/phpmyadmin/tmp
 fi
 
@@ -1010,16 +1003,15 @@ fi
 
 if [ "$postgresql" = 'yes' ]; then
     ppass=$(gen_pass)
-    wget $vestacp/postgresql/pg_hba.conf -O /etc/postgresql/*/main/pg_hba.conf
+    cp -f $vestacp/postgresql/pg_hba.conf /etc/postgresql/*/main/
     service postgresql restart
     sudo -u postgres psql -c "ALTER USER postgres WITH PASSWORD '$ppass'"
 
     # Configuring phpPgAdmin
     if [ "$apache" = 'yes' ]; then
-        wget $vestacp/pga/phppgadmin.conf \
-            -O /etc/apache2/conf.d/phppgadmin.conf
+        cp -f $vestacp/pga/phppgadmin.conf /etc/apache2/conf.d/
     fi
-    wget $vestacp/pga/config.inc.php -O /etc/phppgadmin/config.inc.php
+    cp -f $vestacp/pga/config.inc.php /etc/phppgadmin/
 fi
 
 
@@ -1028,7 +1020,7 @@ fi
 #----------------------------------------------------------#
 
 if [ "$named" = 'yes' ]; then
-    wget $vestacp/bind/named.conf -O /etc/bind/named.conf
+    cp -f $vestacp/bind/named.conf /etc/bind/
     sed -i "s%listen-on%//listen%" /etc/bind/named.conf.options
     chown root:bind /etc/bind/named.conf
     chmod 640 /etc/bind/named.conf
@@ -1049,9 +1041,9 @@ fi
 
 if [ "$exim" = 'yes' ]; then
     gpasswd -a Debian-exim mail
-    wget $vestacp/exim/exim4.conf.template -O /etc/exim4/exim4.conf.template
-    wget $vestacp/exim/dnsbl.conf -O /etc/exim4/dnsbl.conf
-    wget $vestacp/exim/spam-blocks.conf -O /etc/exim4/spam-blocks.conf
+    cp -f $vestacp/exim/exim4.conf.template /etc/exim4/
+    cp -f $vestacp/exim/dnsbl.conf /etc/exim4/
+    cp -f $vestacp/exim/spam-blocks.conf /etc/exim4/
     touch /etc/exim4/white-blocks.conf
 
     if [ "$spamd" = 'yes' ]; then
@@ -1084,12 +1076,8 @@ fi
 
 if [ "$dovecot" = 'yes' ]; then
     gpasswd -a dovecot mail
-    wget $vestacp/dovecot.tar.gz -O /etc/dovecot.tar.gz
-    wget $vestacp/logrotate/dovecot -O /etc/logrotate.d/dovecot
-    cd /etc
-    rm -rf dovecot dovecot.conf
-    tar -xzf dovecot.tar.gz
-    rm -f dovecot.tar.gz
+    cp -rf $vestacp/dovecot /etc/
+    cp -f $vestacp/logrotate/dovecot /etc/logrotate.d/
     chown -R root:root /etc/dovecot*
     update-rc.d dovecot defaults
     service dovecot start
@@ -1104,7 +1092,7 @@ fi
 if [ "$clamd" = 'yes' ]; then
     gpasswd -a clamav mail
     gpasswd -a clamav Debian-exim
-    wget $vestacp/clamav/clamd.conf -O /etc/clamav/clamd.conf
+    cp -f $vestacp/clamav/clamd.conf /etc/clamav/
     /usr/bin/freshclam
     update-rc.d clamav-daemon defaults
     if [ ! -d "/var/run/clamav" ]; then
@@ -1145,19 +1133,18 @@ fi
 
 if [ "$exim" = 'yes' ] && [ "$mysql" = 'yes' ]; then
     if [ "$apache" = 'yes' ]; then
-        wget $vestacp/roundcube/apache.conf -O /etc/roundcube/apache.conf
+        cp -f $vestacp/roundcube/apache.conf /etc/roundcube/
         ln -s /etc/roundcube/apache.conf /etc/apache2/conf.d/roundcube.conf
     fi
-    wget $vestacp/roundcube/main.inc.php -O /etc/roundcube/main.inc.php
-    wget $vestacp/roundcube/db.inc.php -O /etc/roundcube/db.inc.php
+    cp -f $vestacp/roundcube/main.inc.php /etc/roundcube/
+    cp -f  $vestacp/roundcube/db.inc.php /etc/roundcube/
     chmod 640 /etc/roundcube/debian-db-roundcube.php
     chmod 640 /etc/roundcube/config.inc.php
     chown root:www-data /etc/roundcube/debian-db-roundcube.php
     chown root:www-data /etc/roundcube/config.inc.php
-    wget $vestacp/roundcube/vesta.php -O \
-        /usr/share/roundcube/plugins/password/drivers/vesta.php
-    wget $vestacp/roundcube/config.inc.php -O \
-        /etc/roundcube/plugins/password/config.inc.php
+    cp -f $vestacp/roundcube/vesta.php \
+        /usr/share/roundcube/plugins/password/drivers/
+    cp -f $vestacp/roundcube/config.inc.php /etc/roundcube/plugins/password/
     r="$(gen_pass)"
     mysql -e "CREATE DATABASE roundcube"
     mysql -e "GRANT ALL ON roundcube.* 
@@ -1208,10 +1195,7 @@ fi
 #----------------------------------------------------------#
 
 if [ "$fail2ban" = 'yes' ]; then
-    cd /etc
-    wget $vestacp/fail2ban.tar.gz -O fail2ban.tar.gz
-    tar -xzf fail2ban.tar.gz
-    rm -f fail2ban.tar.gz
+    cp -rf $vestacp/fail2ban /etc/
     if [ "$dovecot" = 'no' ]; then
         fline=$(cat /etc/fail2ban/jail.local |grep -n dovecot-iptables -A 2)
         fline=$(echo "$fline" |grep enabled |tail -n1 |cut -f 1 -d -)
@@ -1222,6 +1206,15 @@ if [ "$fail2ban" = 'yes' ]; then
         fline=$(echo "$fline" |grep enabled |tail -n1 |cut -f 1 -d -)
         sed -i "${fline}s/true/false/" /etc/fail2ban/jail.local
     fi
+    if [ "$vsftpd" = 'yes' ]; then
+        #Create vsftpd Log File
+        if [ ! -f "/var/log/vsftpd.log" ]; then
+            touch /var/log/vsftpd.log
+        fi
+        fline=$(cat /etc/fail2ban/jail.local |grep -n vsftpd-iptables -A 2)
+        fline=$(echo "$fline" |grep enabled |tail -n1 |cut -f 1 -d -)
+        sed -i "${fline}s/false/true/" /etc/fail2ban/jail.local
+    fi 
     update-rc.d fail2ban defaults
     service fail2ban start
     check_result $? "fail2ban start failed"

From b9252066e180651663766f052e0012319c39a172 Mon Sep 17 00:00:00 2001
From: Marcos 
Date: Fri, 19 Oct 2018 01:54:22 +0200
Subject: [PATCH 0227/2300] spanish revision

---
 web/inc/i18n/es.php | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/web/inc/i18n/es.php b/web/inc/i18n/es.php
index 8cf45ddf..bfc3ac6a 100644
--- a/web/inc/i18n/es.php
+++ b/web/inc/i18n/es.php
@@ -197,7 +197,7 @@ $LANG['es'] = array(
     'IP Addresses'  => 'Direcciones IP',
     'Backups'  => 'Respaldos',
     'Backup System'  => 'Sistema de Respaldo',
-    'backup exclusions' => 'configurar exlusiones',
+    'backup exclusions' => 'configurar exclusiones',
     'template'  => 'plantilla',
     'SSL Support'  => 'Soportar SSL',
     'SSL Home Directory'  => 'Directorio local del SSL',
@@ -641,9 +641,9 @@ $LANG['es'] = array(
     'Delete items' => 'Eliminando items',
     'Copy files' => 'Copiar archivos',
     'Move files' => 'Mover archivos',
-    'Are you sure you want to copy' => 'Estás seguro que deseas copiar',
-    'Are you sure you want to move' => 'Estás seguro que deseas mover',
-    'Are you sure you want to delete' => 'Estás seguro que deseas eliminar',
+    'Are you sure you want to copy' => 'Estás seguro de que deseas copiar',
+    'Are you sure you want to move' => 'Estás seguro de que deseas mover',
+    'Are you sure you want to delete' => 'Estás seguro de que deseas eliminar',
     'into' => 'en',
     'existing files will be replaced' => 'los archivos existentes serán reemplazados',
     'Original name' => 'Nombre original',
@@ -711,7 +711,7 @@ $LANG['es'] = array(
     'Disable and Cancel Licence' => 'Deshabilitar y Cancelar Licencia',
     'Licence Activated' => 'Licencia Activada',
     'Licence Deactivated' => 'Licencia Desactivada',
-    'Restrict users so that they cannot use SSH and access only their home directory.' => 'Restringue a los usuarios para que sólo puedan ingresar a su directorio local y prohíbe el acceso a SSH.',
+    'Restrict users so that they cannot use SSH and access only their home directory.' => 'Restringe a los usuarios para que sólo puedan ingresar a su directorio local y prohíbe el acceso a SSH.',
     'Browse, copy, edit, view, and retrieve all of your web domain files using fully featured File Manager.' => 'Navegar, copiar, editar, ver y descargar todos los archivos de tu página web utilizando el Administrador de Archivos.',
     'This is a commercial module, you would need to purchace license key to enable it.' => 'Este es un módulo comercial, tendrás que adquirir una licencia para poder activarlo.',
 
@@ -752,8 +752,8 @@ $LANG['es'] = array(
     'PUB_KEY' => 'CLAVE PÚBLICA',
     'ISSUER' => 'EMITIDO POR',
 
-    'Use server hostname' => 'Usar hostname del servidor',
-    'Use domain hostname' => 'Usar hostname del dominio',
+    'Use server hostname' => 'Usar el nombre del servidor',
+    'Use domain hostname' => 'Usar el dominio',
     'Use STARTTLS' => 'Usar STARTTLS',
     'Use SSL / TLS' => 'Usar SSL / TLS',
     'No encryption' => 'Sin encriptación',
@@ -761,6 +761,6 @@ $LANG['es'] = array(
 
     'maximum characters length, including prefix' => 'usar un máximo de %s caracteres, incluyendo prefijo',
 
-    'Email Credentials' => 'Email Credentials',
+    'Email Credentials' => 'Datos de acceso a la cuenta de correo',
     
 );

From 50205c99ec77bd60d99e2df21eee8db24323143b Mon Sep 17 00:00:00 2001
From: Skull Writter <7103685+skullwritter@users.noreply.github.com>
Date: Thu, 25 Oct 2018 19:20:08 +0000
Subject: [PATCH 0228/2300] supose fix to #1526

 i cannot see any diference, but on debian it apears that there is an diference.
maybe because the system has tis var exported? (DISK)
---
 bin/v-update-user-counters | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/bin/v-update-user-counters b/bin/v-update-user-counters
index 5fcdd671..50b903bd 100755
--- a/bin/v-update-user-counters
+++ b/bin/v-update-user-counters
@@ -53,6 +53,9 @@ for user in $user_list; do
     IP_OWNED=0
     U_USERS=0
     U_DISK=0
+    ##supose fix to #1526 i cannot see any diference, but on debian it apears that there is an diference.
+    ## maybe because the system has tis var exported? (DISK)
+    DISK=0 
     U_DISK_DIRS=$(get_user_value '$U_DISK_DIRS')
     if [ -z "$U_DISK_DIRS" ]; then
         U_DISK_DIRS=0

From 06f670046b21bf8528201c07389d9ab4fbb7cefe Mon Sep 17 00:00:00 2001
From: Skull Writter <7103685+skullwritter@users.noreply.github.com>
Date: Thu, 25 Oct 2018 19:44:46 +0000
Subject: [PATCH 0229/2300] Fix: #1731

Now checks if the domain is suspended (WEB or EMAIL or DNS) if so, continue to the next domain
---
 bin/v-update-letsencrypt-ssl | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/bin/v-update-letsencrypt-ssl b/bin/v-update-letsencrypt-ssl
index 907d305f..2771f9f8 100755
--- a/bin/v-update-letsencrypt-ssl
+++ b/bin/v-update-letsencrypt-ssl
@@ -31,7 +31,22 @@ for user in $users; do
     # Checking user certificates
     lecounter=0
     for domain in $(search_objects 'web' 'LETSENCRYPT' 'yes' 'DOMAIN'); do
-
+        # Working on Web domain check - if is suspended
+        webSuspended=$(grep "DOMAIN='$domain'" $USER_DATA/web.conf |grep "SUSPENDED='no")
+        if [ ! -z "$webSuspended" ]; then
+                continue;
+        fi;
+        # Working on DNS domain check - if is suspended
+        dnsSuspended=$(grep "DOMAIN='$domain'" $USER_DATA/dns.conf |grep "SUSPENDED='no")
+        if [  ! -z "$dnsSuspended" ]; then
+            continue;
+        fi;
+        #dunno if this is needed, but i will ut it in the same way as web and dns
+        # Working on MAIL domain check - if is suspended
+        mailSuspended=$(grep "DOMAIN='$domain'" $USER_DATA/mail.conf |grep "SUSPENDED='no")
+        if [  ! -z "$mailSuspended" ]; then
+            continue;
+        fi
         crt="$VESTA/data/users/$user/ssl/$domain.crt"
         crt_data=$(openssl x509 -text -in "$crt")
         expire=$(echo "$crt_data" |grep "Not After")

From d9e45f25a7ec2dfc63e2be54b9ce18bec1281b8c Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 26 Oct 2018 17:40:49 +0200
Subject: [PATCH 0230/2300] Fix for broken edit cronjob interface when CMD
 contains quote

---
 web/edit/cron/index.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/edit/cron/index.php b/web/edit/cron/index.php
index c66ca85c..3d8e9922 100644
--- a/web/edit/cron/index.php
+++ b/web/edit/cron/index.php
@@ -23,7 +23,7 @@ $v_job = escapeshellarg($_GET['job']);
 exec (VESTA_CMD."v-list-cron-job ".$user." ".$v_job." 'json'", $output, $return_var);
 check_return_code($return_var,$output);
 
-$data = json_decode(implode('', str_replace("\\", "\\\\", $output)), true);
+$data = json_decode(implode('', $output), true);
 unset($output);
 
 // Parse cron job

From 32e970d111e9f87ebb4530663bfa4ebd1f53a210 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 26 Oct 2018 18:02:24 +0200
Subject: [PATCH 0231/2300] Fix for dovecot namespace inbox=yes

---
 install/vst-install-debian.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 769ddfa6..4f7aa770 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1079,6 +1079,7 @@ if [ "$dovecot" = 'yes' ]; then
     cp -rf $vestacp/dovecot /etc/
     cp -f $vestacp/logrotate/dovecot /etc/logrotate.d/
     chown -R root:root /etc/dovecot*
+    sed -i "s#namespace inbox {#namespace inbox {\n  inbox = yes#" /etc/dovecot/conf.d/15-mailboxes.conf
     update-rc.d dovecot defaults
     service dovecot start
     check_result $? "dovecot start failed"

From 21dd9fae6d0908d144b3b747271dce11ea9398e8 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 28 Oct 2018 00:23:12 +0200
Subject: [PATCH 0232/2300] Avoid listing user that is not created from Vesta

---
 bin/v-list-users | 25 ++++++++++++++++++-------
 1 file changed, 18 insertions(+), 7 deletions(-)

diff --git a/bin/v-list-users b/bin/v-list-users
index 14a6d007..32a94736 100755
--- a/bin/v-list-users
+++ b/bin/v-list-users
@@ -15,9 +15,14 @@ format=${1-shell}
 # JSON list function
 json_list() {
     echo '{'
-    object_count=$(grep '@' /etc/passwd |wc -l)
     i=1
     while read USER; do
+        if [ ! -f "$VESTA/data/users/$USER/user.conf" ]; then
+            continue;
+        fi
+        if [ $i -gt 1 ]; then
+            echo ","
+        fi
         source $VESTA/data/users/$USER/user.conf
         echo -n '    "'$USER'": {
         "FNAME": "'$FNAME'",
@@ -74,14 +79,8 @@ json_list() {
         "TIME": "'$TIME'",
         "DATE": "'$DATE'"
         }'
-        if [ "$i" -lt "$object_count" ]; then
-            echo ','
-        else
-            echo
-        fi
         ((i++))
     done < <(grep '@' /etc/passwd |cut -f1 -d:)
-
     echo '}'
 }
 
@@ -90,6 +89,9 @@ shell_list() {
     echo "USER   PKG   WEB   DNS   MAIL   DB   DISK   BW   SPND   DATE"
     echo "----   ---   ---   ---   ---    --   ----   --   ----   ----"
     while read USER; do
+        if [ ! -f "$VESTA/data/users/$USER/user.conf" ]; then
+            continue;
+        fi
         source $VESTA/data/users/$USER/user.conf
         echo -n "$USER $PACKAGE $U_WEB_DOMAINS $U_DNS_DOMAINS $U_MAIL_DOMAINS"
         echo " $U_DATABASES $U_DISK $U_BANDWIDTH $SUSPENDED $DATE"
@@ -99,6 +101,9 @@ shell_list() {
 # PLAIN list function
 plain_list() {
     while read USER; do
+        if [ ! -f "$VESTA/data/users/$USER/user.conf" ]; then
+            continue;
+        fi
         source $VESTA/data/users/$USER/user.conf
         echo -ne "$USER\t$FNAME\t$LNAME\t$PACKAGE\t$WEB_TEMPLATE\t"
         echo -ne "$BACKEND_TEMPLATE\t$PROXY_TEMPLATE\t$DNS_TEMPLATE\t"
@@ -131,6 +136,9 @@ csv_list() {
     echo -n "U_MAIL_DOMAINS,U_MAIL_DKIM,U_MAIL_ACCOUNTS,U_DATABASES"
     echo "U_CRON_JOBS,U_BACKUPS,LANGUAGE,TIME,DATE"
     while read USER; do
+        if [ ! -f "$VESTA/data/users/$USER/user.conf" ]; then
+            continue;
+        fi
         source $VESTA/data/users/$USER/user.conf
         echo -n "$USER,\"$FNAME\",\"$LNAME\",$PACKAGE,$WEB_TEMPLATE,"
         echo -n "$BACKEND_TEMPLATE,$PROXY_TEMPLATE,$DNS_TEMPLATE,"
@@ -151,6 +159,9 @@ csv_list() {
 # Raw list function
 raw_list() {
     while read USER; do
+        if [ ! -f "$VESTA/data/users/$USER/user.conf" ]; then
+            continue;
+        fi
         echo $VESTA/data/users/$USER/user.conf
         cat $VESTA/data/users/$USER/user.conf
     done < <(grep '@' /etc/passwd |cut -f1 -d:)

From 5ab9fc5f4acda403d135707e67f8562dc3449695 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 28 Oct 2018 00:31:34 +0200
Subject: [PATCH 0233/2300] Avoid user stats for the user that is not created
 from Vesta

---
 bin/v-update-user-stats | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/bin/v-update-user-stats b/bin/v-update-user-stats
index f6b5ff56..23854328 100755
--- a/bin/v-update-user-stats
+++ b/bin/v-update-user-stats
@@ -67,6 +67,9 @@ TOTAL_USERS=0
 
 # Updating user stats
 for user in $user_list; do
+    if [ ! -f "$VESTA/data/users/$user/user.conf" ]; then
+        continue;
+    fi
     USER_DATA=$VESTA/data/users/$user
     source $USER_DATA/user.conf
     next_month=$(date +'%m/01/%y' -d '+ 1 month')

From 10eed3da8f617e927066687a57110e1eacd484f6 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 28 Oct 2018 03:12:13 +0100
Subject: [PATCH 0234/2300] Wait another mysqldump to finish before we use
 mysqldump

---
 bin/v-backup-user | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/bin/v-backup-user b/bin/v-backup-user
index f0d7b9b0..17749507 100755
--- a/bin/v-backup-user
+++ b/bin/v-backup-user
@@ -412,6 +412,19 @@ if [ ! -z "$DB_SYSTEM" ] && [ "$DB" != '*' ]; then
         dumpgz="$tmpdir/db/$database/$database.$TYPE.sql.gz"
         grants="$tmpdir/db/$database/conf/$database.$TYPE.$DBUSER"
         if [ ! -f "$dumpgz" ]; then
+
+            while true
+            do
+                if pgrep -x "mysqldump" > /dev/null
+                then
+                    echo "Wait other mysqldump to finish"
+                    sleep 1
+                else
+                    echo "We can use mysqldump now"
+                    break
+                fi
+            done
+
             case $TYPE in
                 mysql) dump_mysql_database ;;
                 pgsql) dump_pgsql_database ;;

From 76319e5a1b2fae758ac7bc86bd22f069bac5a9ad Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 28 Oct 2018 03:29:50 +0100
Subject: [PATCH 0235/2300] Avoid user backup if user is not created from Vesta

---
 bin/v-backup-users | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/bin/v-backup-users b/bin/v-backup-users
index e96eb2fb..bbabf3db 100755
--- a/bin/v-backup-users
+++ b/bin/v-backup-users
@@ -28,6 +28,9 @@ if [ -z "$BACKUP_SYSTEM" ]; then
     exit
 fi
 for user in $(grep '@' /etc/passwd |cut -f1 -d:); do
+    if [ ! -f "$VESTA/data/users/$user/user.conf" ]; then
+        continue;
+    fi
     check_suspend=$(grep "SUSPENDED='no'" $VESTA/data/users/$user/user.conf)
     log=$VESTA/log/backup.log
     if [ ! -z "$check_suspend" ]; then

From 525bd0f16252e739be6f081349723c751d480b60 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 28 Oct 2018 03:42:39 +0100
Subject: [PATCH 0236/2300] Adding function
 wait_for_backup_if_it_is_not_time_for_backup()

---
 func/main.sh | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/func/main.sh b/func/main.sh
index eeec2eac..74db3382 100644
--- a/func/main.sh
+++ b/func/main.sh
@@ -938,3 +938,24 @@ format_aliases() {
         aliases=$(echo "$aliases" |tr '\n' ',' |sed -e "s/,$//")
     fi
 }
+
+
+wait_for_backup_if_it_is_not_time_for_backup() {
+    # block backup if current hour is after 6 AM
+    WAIT_LOOP_ENTERED=0
+    if pgrep -x "v-backup-users" > /dev/null
+    then
+        hour=$(date +"%H");
+        while [ "$hour" -gt "6" ]; do
+            if [ "$WAIT_LOOP_ENTERED" -eq 0 ]; then
+                # do something when enter sleeping state
+                # $BIN/v-restart-web-backend
+            fi
+            WAIT_LOOP_ENTERED=1
+            current_date_time="`date "+%Y-%m-%d %H:%M:%S"`";
+            echo "$current_date_time - wait to backup user $user - current hour is $hour";
+            sleep 300
+            hour=$(date +"%H");
+        done
+    fi
+}

From 4814e7a28e393256a9d0b67717be5b4aff7768f1 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 28 Oct 2018 03:48:22 +0100
Subject: [PATCH 0237/2300] Adding call for function
 wait_for_backup_if_it_is_not_time_for_backup

---
 bin/v-backup-user | 22 ++++++----------------
 1 file changed, 6 insertions(+), 16 deletions(-)

diff --git a/bin/v-backup-user b/bin/v-backup-user
index 17749507..bae7a8b9 100755
--- a/bin/v-backup-user
+++ b/bin/v-backup-user
@@ -39,22 +39,7 @@ is_backup_enabled
 #                       Action                             #
 #----------------------------------------------------------#
 
-# block backup if current hour is after 6 AM
-WAIT_LOOP_ENTERED=0
-if pgrep -x "v-backup-users" > /dev/null
-then
-hour=$(date +"%H");
-    while [ "$hour" -gt "6" ]; do
-        if [ "$WAIT_LOOP_ENTERED" -eq 0 ]; then
-             $BIN/v-restart-web-backend
-        fi
-        WAIT_LOOP_ENTERED=1
-        current_date_time="`date "+%Y-%m-%d %H:%M:%S"`";
-        echo "$current_date_time - wait for backup user $user - hour $hour";
-        sleep 300
-        hour=$(date +"%H");
-    done
-fi
+wait_for_backup_if_it_is_not_time_for_backup
 
 # Set backup directory if undefined
 if [ -z "$BACKUP" ]; then
@@ -153,6 +138,7 @@ if [ ! -z "$WEB_SYSTEM" ] && [ "$WEB" != '*' ]; then
     i=0
 
     for domain in $web_list; do
+        wait_for_backup_if_it_is_not_time_for_backup
         ((i ++))
         echo -e "$(date "+%F %T") $domain" |tee -a $BACKUP/$user.log
         mkdir -p $tmpdir/web/$domain/conf
@@ -326,6 +312,7 @@ if [ ! -z "$MAIL_SYSTEM" ] && [ "$MAIL" != '*' ]; then
 
     i=0
     for domain in $mail_list; do
+        wait_for_backup_if_it_is_not_time_for_backup
         ((i ++))
         echo -e "$(date "+%F %T") $domain" |tee -a $BACKUP/$user.log
         mkdir -p $tmpdir/mail/$domain/conf
@@ -398,6 +385,7 @@ if [ ! -z "$DB_SYSTEM" ] && [ "$DB" != '*' ]; then
     conf="$USER_DATA/db.conf"
     db_list=$(echo "$db_list" |sed -e "s/  */\ /g" -e "s/^ //")
     for database in $db_list; do
+        wait_for_backup_if_it_is_not_time_for_backup
         ((i ++))
         get_database_values
 
@@ -500,6 +488,8 @@ if [ "$USER" != '*' ]; then
             udir_list="$udir_list $udir"
             echo -e "$(date "+%F %T") adding $udir" |tee -a $BACKUP/$user.log
 
+            wait_for_backup_if_it_is_not_time_for_backup
+
             # Backup files and dirs
             tar -cpf- $udir |gzip -$BACKUP_GZIP - > $tmpdir/user_dir/$udir.tar.gz
         fi

From 9eca02980a23c02c59d4fb799fffcd9954955993 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 28 Oct 2018 03:51:20 +0100
Subject: [PATCH 0238/2300] Adding call for function
 wait_for_backup_if_it_is_not_time_for_backup

---
 bin/v-backup-users | 1 +
 1 file changed, 1 insertion(+)

diff --git a/bin/v-backup-users b/bin/v-backup-users
index bbabf3db..a4ecd37d 100755
--- a/bin/v-backup-users
+++ b/bin/v-backup-users
@@ -31,6 +31,7 @@ for user in $(grep '@' /etc/passwd |cut -f1 -d:); do
     if [ ! -f "$VESTA/data/users/$user/user.conf" ]; then
         continue;
     fi
+    wait_for_backup_if_it_is_not_time_for_backup
     check_suspend=$(grep "SUSPENDED='no'" $VESTA/data/users/$user/user.conf)
     log=$VESTA/log/backup.log
     if [ ! -z "$check_suspend" ]; then

From fce6abd6841d29b2c76dcd61265cb14b69b478b1 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 29 Oct 2018 12:49:50 +0100
Subject: [PATCH 0239/2300] Commenting empty if block

---
 func/main.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/func/main.sh b/func/main.sh
index 74db3382..77cc4c76 100644
--- a/func/main.sh
+++ b/func/main.sh
@@ -947,10 +947,10 @@ wait_for_backup_if_it_is_not_time_for_backup() {
     then
         hour=$(date +"%H");
         while [ "$hour" -gt "6" ]; do
-            if [ "$WAIT_LOOP_ENTERED" -eq 0 ]; then
+            # if [ "$WAIT_LOOP_ENTERED" -eq 0 ]; then
                 # do something when enter sleeping state
                 # $BIN/v-restart-web-backend
-            fi
+            # fi
             WAIT_LOOP_ENTERED=1
             current_date_time="`date "+%Y-%m-%d %H:%M:%S"`";
             echo "$current_date_time - wait to backup user $user - current hour is $hour";

From 0bab3cdf97df00d69e0547fad1007ae71ce5082d Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 29 Oct 2018 12:52:43 +0100
Subject: [PATCH 0240/2300] Auto-repair all databases before backuping all
 accounts

---
 bin/v-backup-users | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/bin/v-backup-users b/bin/v-backup-users
index a4ecd37d..f27b9195 100755
--- a/bin/v-backup-users
+++ b/bin/v-backup-users
@@ -24,6 +24,9 @@ source $VESTA/conf/vesta.conf
 
 $BIN/v-check-vesta-license >/dev/null
 
+# Auto-repair all databases before backuping all accounts
+mysqlrepair --all-databases --check --auto-repair
+
 if [ -z "$BACKUP_SYSTEM" ]; then
     exit
 fi

From 3d0e6dd26be4250e87142d359ceef57eb42700b9 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 30 Oct 2018 14:33:40 +0100
Subject: [PATCH 0241/2300] Do not skip backup if LA is above threshold

---
 bin/v-backup-user | 17 +++++++++--------
 1 file changed, 9 insertions(+), 8 deletions(-)

diff --git a/bin/v-backup-user b/bin/v-backup-user
index bae7a8b9..4d30974f 100755
--- a/bin/v-backup-user
+++ b/bin/v-backup-user
@@ -56,18 +56,19 @@ email=$(grep CONTACT $VESTA/data/users/admin/user.conf |cut -f 2 -d \')
 
 # Checking load average
 la=$(cat /proc/loadavg |cut -f 1 -d ' ' |cut -f 1 -d '.')
-i=0
+# i=0
 while [ "$la" -ge "$BACKUP_LA_LIMIT" ]; do
     echo -e "$(date "+%F %T") Load Average $la"
     sleep 60
-    if [ "$i" -ge "15" ]; then
-        la_error="LoadAverage $la is above threshold"
-        echo "$la_error" |$SENDMAIL -s "$subj" $email $notify
-        sed -i "/ $user /d" $VESTA/data/queue/backup.pipe
-        check_result $E_LA "$la_error"
-    fi
+    wait_for_backup_if_it_is_not_time_for_backup
+    # if [ "$i" -ge "15" ]; then
+        # la_error="LoadAverage $la is above threshold"
+        # echo "$la_error" |$SENDMAIL -s "$subj" $email $notify
+        # sed -i "/ $user /d" $VESTA/data/queue/backup.pipe
+        # check_result $E_LA "$la_error"
+    # fi
     la=$(cat /proc/loadavg |cut -f 1 -d ' ' |cut -f 1 -d '.')
-    (( ++i))
+    # (( ++i))
 done
 
 if [ -z "$BACKUP_TEMP" ]; then

From fa331e6ef2c98914b3a51147b75f5425adde65c2 Mon Sep 17 00:00:00 2001
From: Skull Writter <7103685+skullwritter@users.noreply.github.com>
Date: Tue, 30 Oct 2018 16:25:24 -0100
Subject: [PATCH 0242/2300] removed dns and mail support - checking le

---
 bin/v-update-letsencrypt-ssl | 11 -----------
 1 file changed, 11 deletions(-)

diff --git a/bin/v-update-letsencrypt-ssl b/bin/v-update-letsencrypt-ssl
index 2771f9f8..6e26d7e5 100755
--- a/bin/v-update-letsencrypt-ssl
+++ b/bin/v-update-letsencrypt-ssl
@@ -36,17 +36,6 @@ for user in $users; do
         if [ ! -z "$webSuspended" ]; then
                 continue;
         fi;
-        # Working on DNS domain check - if is suspended
-        dnsSuspended=$(grep "DOMAIN='$domain'" $USER_DATA/dns.conf |grep "SUSPENDED='no")
-        if [  ! -z "$dnsSuspended" ]; then
-            continue;
-        fi;
-        #dunno if this is needed, but i will ut it in the same way as web and dns
-        # Working on MAIL domain check - if is suspended
-        mailSuspended=$(grep "DOMAIN='$domain'" $USER_DATA/mail.conf |grep "SUSPENDED='no")
-        if [  ! -z "$mailSuspended" ]; then
-            continue;
-        fi
         crt="$VESTA/data/users/$user/ssl/$domain.crt"
         crt_data=$(openssl x509 -text -in "$crt")
         expire=$(echo "$crt_data" |grep "Not After")

From 6a753f65f2147557b6e04bd1f95d634bc50b2af0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tom=C3=A1s=20Vielma?= 
Date: Wed, 31 Oct 2018 10:29:25 -0400
Subject: [PATCH 0243/2300] Spanish translation improvements

---
 web/inc/i18n/es.php | 90 ++++++++++++++++++++++-----------------------
 1 file changed, 45 insertions(+), 45 deletions(-)

diff --git a/web/inc/i18n/es.php b/web/inc/i18n/es.php
index bfc3ac6a..212d78a2 100644
--- a/web/inc/i18n/es.php
+++ b/web/inc/i18n/es.php
@@ -8,7 +8,7 @@
  * > huloza - https://github.com/huloza
  * > Estratos Consulting "estratos" - estratos.net
  * > Manuel Valle "Estilate" - estilate.com
- * 
+ *
  */
 
 $LANG['es'] = array(
@@ -145,7 +145,7 @@ $LANG['es'] = array(
     'Search Results'  => 'Resultados de Busqueda',
     'Adding Firewall Rule' => 'Añadiendo Regla al Cortafuegos',
     'Editing Firewall Rule' => 'Editando Regla del Cortafuegos',
-    'Adding IP Address to Banlist' => 'Agregando direcciones IP a la lista negra',
+    'Adding IP Address to Banlist' => 'Agregando dirección IP a la lista negra',
 
     'active'  => 'activo',
     'spnd'  => 'suspendido',
@@ -288,18 +288,18 @@ $LANG['es'] = array(
     'Object'  => 'Objeto',
     'Username'  => 'Nombre de Usuario',
     'Password'  => 'Contraseña',
-    'Email'  => 'Email',
+    'Email'  => 'Correo electrónico',
     'Package'  => 'Plan',
-    'Language'  => 'Lenguaje',
+    'Language'  => 'Idioma',
     'First Name'  => 'Nombre',
     'Last Name'  => 'Apellido',
     'Send login credentials to email address'  => 'Correo para enviar datos de acceso al panel',
-    'Default Template'  => 'Plantilla por Defecto',
-    'Default Name Servers'  => 'Servidor de Nombre por Defecto',
+    'Default Template'  => 'Plantilla Predeterminada',
+    'Default Name Servers'  => 'Servidor de Nombre Predeterminado',
     'Domain'  => 'Dominio',
     'DNS Support'  => 'Soportar DNS',
     'Mail Support'  => 'Soportar Correo',
-    'Advanced options'  => 'Opciones Avanzadas',
+    'Advanced options'  => 'Opciones avanzadas',
     'Basic options'  => 'Opciones básicas',
     'Aliases'  => 'Alias',
     'SSL Certificate'  => 'Certificado SSL',
@@ -395,7 +395,7 @@ $LANG['es'] = array(
     'Comment' => 'Comentario',
     'Banlist' => 'Lista Negra',
     'ranges are acceptable' => 'rangos son aceptables',
-    'CIDR format is supported' => 'Se admite formato CIDR',
+    'CIDR format is supported' => 'se admite formato CIDR',
     'ACCEPT' => 'ACEPTAR',
     'DROP' => 'DENEGAR',
     'TCP' => 'TCP',
@@ -455,7 +455,7 @@ $LANG['es'] = array(
     'MAIL_DOMAIN_CREATED_OK'  => 'El Dominio de Correo %s ha sido creado exitosamente.',
     'MAIL_ACCOUNT_CREATED_OK'  => 'La Cuenta de Correo %s@%s ha sido creada exitosamente.',
     'DATABASE_CREATED_OK'  => 'La Base de Datos %s ha sido creada exitosamente.',
-    'CRON_CREATED_OK'  => 'Una Tarea Programada ha sido creada exitosamente.',
+    'CRON_CREATED_OK'  => 'La Tarea Programada ha sido creada exitosamente.',
     'IP_CREATED_OK'  => 'La Dirección IP %s ha sido creada exitosamente.',
     'PACKAGE_CREATED_OK'  => 'El Plan %s ha sido creado exitosamente.',
     'SSL_GENERATED_OK' => 'El certificado SSl ha sido creado exitosamente.',
@@ -467,33 +467,33 @@ $LANG['es'] = array(
     'Cronjob email reporting has been successfully disabled' => 'Se han desactivado exitosamente las notificaciones por correo de las Tareas Programadas.',
     'Changes has been saved.'  => 'Los cambios han sido guardados exitosamente.',
     'Confirmation'  => 'Confirmación',
-    'DELETE_USER_CONFIRMATION' => '¿Está seguro que desea eliminar el usuario %s?',
-    'SUSPEND_USER_CONFIRMATION' => '¿Está seguro que desea suspender el usuario %s?',
-    'UNSUSPEND_USER_CONFIRMATION' => '¿Está seguro que desea habilitar el usuario %s?',
-    'DELETE_DOMAIN_CONFIRMATION' => '¿Está seguro que desea eliminar el dominio %s?',
-    'SUSPEND_DOMAIN_CONFIRMATION' => '¿Está seguro que desea suspender el dominio %s?',
-    'UNSUSPEND_DOMAIN_CONFIRMATION' => '¿Está seguro que desea habilitar el dominio %s?',
-    'DELETE_RECORD_CONFIRMATION' => '¿Está seguro que desea eliminar el registro %s?',
-    'SUSPEND_RECORD_CONFIRMATION' => '¿Está seguro que desea suspender el registro %s?',
-    'UNSUSPEND_RECORD_CONFIRMATION' => '¿Está seguro que desea habilitar el registro %s?',
-    'DELETE_MAIL_ACCOUNT_CONFIRMATION' => '¿Está seguro que desea eliminar la cuenta de correo %s?',
-    'SUSPEND_MAIL_ACCOUNT_CONFIRMATION' => '¿Está seguro que desea suspender la cuenta de correo %s?',
-    'UNSUSPEND_MAIL_ACCOUNT_CONFIRMATION' => '¿Está seguro que desea habilitar la cuenta de correo %s?',
-    'DELETE_DATABASE_CONFIRMATION' => '¿Está seguro que desea eliminar la base de datos %s?',
-    'SUSPEND_DATABASE_CONFIRMATION' => '¿Está seguro que desea suspender la base de datos %s?',
-    'UNSUSPEND_DATABASE_CONFIRMATION' => '¿Está seguro que desea habilitar la base de datos %s?',
-    'DELETE_CRON_CONFIRMATION' => '¿Está seguro que desea eliminar la tarea programada %s?',
-    'SUSPEND_CRON_CONFIRMATION' => '¿Está seguro que desea suspender la tarea programada %s?',
-    'UNSUSPEND_CRON_CONFIRMATION' => '¿Está seguro que desea habilitar la tarea programada %s?',
-    'DELETE_BACKUP_CONFIRMATION'  => '¿Está seguro que desea eliminar el resplado %s?',
-    'DELETE_EXCLUSION_CONFIRMATION' => '¿Está seguro que desea eliminar la exclusión %s?',
-    'DELETE_PACKAGE_CONFIRMATION'  => '¿Está seguro que desea eliminar el plan %s?',
-    'DELETE_IP_CONFIRMATION'  => '¿Está seguro que desea eliminar la dirección IP %s?',
-    'DELETE_RULE_CONFIRMATION' => '¿Está seguro que desea eliminar la regla #%s',
-    'SUSPEND_RULE_CONFIRMATION' => '¿Está seguro que desea suspender la regla #%s?',
-    'UNSUSPEND_RULE_CONFIRMATION' => '¿Está seguro que desea habilitar la regla #%s?',
+    'DELETE_USER_CONFIRMATION' => '¿Está seguro de que desea eliminar el usuario %s?',
+    'SUSPEND_USER_CONFIRMATION' => '¿Está seguro de que desea suspender el usuario %s?',
+    'UNSUSPEND_USER_CONFIRMATION' => '¿Está seguro de que desea habilitar el usuario %s?',
+    'DELETE_DOMAIN_CONFIRMATION' => '¿Está seguro de que desea eliminar el dominio %s?',
+    'SUSPEND_DOMAIN_CONFIRMATION' => '¿Está seguro de que desea suspender el dominio %s?',
+    'UNSUSPEND_DOMAIN_CONFIRMATION' => '¿Está seguro de que desea habilitar el dominio %s?',
+    'DELETE_RECORD_CONFIRMATION' => '¿Está seguro de que desea eliminar el registro %s?',
+    'SUSPEND_RECORD_CONFIRMATION' => '¿Está seguro de que desea suspender el registro %s?',
+    'UNSUSPEND_RECORD_CONFIRMATION' => '¿Está seguro de que desea habilitar el registro %s?',
+    'DELETE_MAIL_ACCOUNT_CONFIRMATION' => '¿Está seguro de que desea eliminar la cuenta de correo %s?',
+    'SUSPEND_MAIL_ACCOUNT_CONFIRMATION' => '¿Está seguro de que desea suspender la cuenta de correo %s?',
+    'UNSUSPEND_MAIL_ACCOUNT_CONFIRMATION' => '¿Está seguro de que desea habilitar la cuenta de correo %s?',
+    'DELETE_DATABASE_CONFIRMATION' => '¿Está seguro de que desea eliminar la base de datos %s?',
+    'SUSPEND_DATABASE_CONFIRMATION' => '¿Está seguro de que desea suspender la base de datos %s?',
+    'UNSUSPEND_DATABASE_CONFIRMATION' => '¿Está seguro de que desea habilitar la base de datos %s?',
+    'DELETE_CRON_CONFIRMATION' => '¿Está seguro de que desea eliminar la tarea programada %s?',
+    'SUSPEND_CRON_CONFIRMATION' => '¿Está seguro de que desea suspender la tarea programada %s?',
+    'UNSUSPEND_CRON_CONFIRMATION' => '¿Está seguro de que desea habilitar la tarea programada %s?',
+    'DELETE_BACKUP_CONFIRMATION'  => '¿Está seguro de que desea eliminar el resplado %s?',
+    'DELETE_EXCLUSION_CONFIRMATION' => '¿Está seguro de que desea eliminar la exclusión %s?',
+    'DELETE_PACKAGE_CONFIRMATION'  => '¿Está seguro de que desea eliminar el plan %s?',
+    'DELETE_IP_CONFIRMATION'  => '¿Está seguro de que desea eliminar la dirección IP %s?',
+    'DELETE_RULE_CONFIRMATION' => '¿Está seguro de que desea eliminar la regla #%s',
+    'SUSPEND_RULE_CONFIRMATION' => '¿Está seguro de que desea suspender la regla #%s?',
+    'UNSUSPEND_RULE_CONFIRMATION' => '¿Está seguro de que desea habilitar la regla #%s?',
     'LEAVE_PAGE_CONFIRMATION' => '¿Está seguro de que quiere abandonar esta página?',
-    'RESTART_CONFIRMATION' => '¿Está seguro que desea reiniciar %s?',
+    'RESTART_CONFIRMATION' => '¿Está seguro de que desea reiniciar %s?',
     'Welcome'  => 'Bienvenido',
     'LOGGED_IN_AS'  => 'Has iniciado sesión exitosamente con el usuario %s.',
     'Error'  => 'Error',
@@ -506,10 +506,10 @@ $LANG['es'] = array(
     'Error code:'  => 'Código de Error: %s',
     'SERVICE_ACTION_FAILED'  => '"%s" "%s" ha fallado',
     'IP address is in use' => 'La Dirección IP está en uso.',
-    'BACKUP_SCHEDULED'  => 'La tarea se ha añadido a la cola. Recibirá un correo de notificación cuando el respaldo esté listo para su descarga.',    
-    'BACKUP_EXISTS'  => 'Se está realizando un respaldo en este momento. Por favor espere a que éste termine.',
+    'BACKUP_SCHEDULED'  => 'La tarea se ha añadido a la cola. Recibirá un correo de notificación cuando el respaldo esté listo para su descarga.',
+    'BACKUP_EXISTS'  => 'Se está realizando un respaldo en este momento. Por favor espere a que este termine.',
     'RESTORE_SCHEDULED'  => 'La tarea se ha añadido a la cola. Recibirá un correo de notificación cuando la restauración haya terminado.',
-    'RESTORE_EXISTS'  => 'Se está realizando una restauración en este momento. Por favor espere a que ésta termine.',
+    'RESTORE_EXISTS'  => 'Se está realizando una restauración en este momento. Por favor espere a que esta termine.',
 
     'WEB_EXCLUSIONS' => 'Ingrese el nombre de dominio, uno por línea. Para excluir a todos utilice *. Para excluir directorios específicos utilice el siguiente formato: dominio.com:public_html/cache:public_html/tmp',
     'DNS_EXCLUSIONS' => 'Ingrese el nombre de dominio, uno por línea. Para excluir a todos utilice *',
@@ -557,7 +557,7 @@ $LANG['es'] = array(
     'Configuring Server' => 'Configurar Servidor',
     'Hostname' => 'Nombre del Servidor',
     'Time Zone' => 'Zona Horaria',
-    'Default Language' => 'Idioma por Defecto',
+    'Default Language' => 'Idioma Predeterminado',
     'Proxy Server' => 'Servidor Proxy',
     'Web Server' => 'Servidor Web',
     'Backend Server' => 'Backend Server',
@@ -615,7 +615,7 @@ $LANG['es'] = array(
     'EXTRACT' => 'EXTRAER',
     'DOWNLOAD' => 'DESCARGAR',
     'Are you sure?' => '¿Estás seguro?',
-    'Hit' => 'Hit',
+    'Hit' => 'Pulsa',
     'to reload the page' => 'para recargar la página',
     'Directory name cannot be empty' => 'El nombre del directorio no puede estar vacío',
     'File name cannot be empty' => 'El nombre del archivo no puede estar vacío',
@@ -638,7 +638,7 @@ $LANG['es'] = array(
     'OK' => 'OK',
     'YOU ARE COPYING' => 'ESTÁS COPIANDO',
     'YOU ARE REMOVING' => 'ESTÁS ELIMINANDO',
-    'Delete items' => 'Eliminando items',
+    'Delete items' => 'Eliminar elementos',
     'Copy files' => 'Copiar archivos',
     'Move files' => 'Mover archivos',
     'Are you sure you want to copy' => 'Estás seguro de que deseas copiar',
@@ -665,13 +665,13 @@ $LANG['es'] = array(
     'Add New object' => 'Añadir Objeto Nuevo',
     'Save Form' => 'Guardar Formulario',
     'Cancel saving form' => 'Omitir guardar el formulario',
-    'Go to USER list' => 'Ir a USUARIOS',    // En mi opinión queda mejor "Ir a" que "Ir a Listado o Catalogo"
+    'Go to USER list' => 'Ir a USUARIOS',
     'Go to WEB list' => 'Ir a DOMINIOS / WEB',
     'Go to DNS list' => 'Ir a DNS',
     'Go to MAIL list' => 'Ir a CORREOS',
     'Go to DB list' => 'Ir a BASES DE DATOS',
-    'Go to CRON list' => 'IR a TAREAS PROGRAMADAS',
-    'Go to BACKUP list' => 'IR a RESPALDOS',
+    'Go to CRON list' => 'Ir a TAREAS PROGRAMADAS',
+    'Go to BACKUP list' => 'Ir a RESPALDOS',
     'Focus on search' => 'Desplegar Buscador',
     'Display/Close shortcuts' => 'Mostrar/Ocultar atajos',
     'Move backward through top menu' => 'Desplazarse hacia atrás en el menú superior',
@@ -762,5 +762,5 @@ $LANG['es'] = array(
     'maximum characters length, including prefix' => 'usar un máximo de %s caracteres, incluyendo prefijo',
 
     'Email Credentials' => 'Datos de acceso a la cuenta de correo',
-    
+
 );

From f9a15564e2e9748bd990c5f1e3c31f7b2c4620c8 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Wed, 31 Oct 2018 17:07:01 +0100
Subject: [PATCH 0244/2300] Escaping quotas in JSON output of
 v-list-web-domain-ssl

---
 bin/v-list-web-domain-ssl | 1 +
 1 file changed, 1 insertion(+)

diff --git a/bin/v-list-web-domain-ssl b/bin/v-list-web-domain-ssl
index c91a7cca..99fd5cf8 100755
--- a/bin/v-list-web-domain-ssl
+++ b/bin/v-list-web-domain-ssl
@@ -19,6 +19,7 @@ source $VESTA/func/main.sh
 
 # JSON list function
 json_list() {
+    issuer=$(echo "$issuer" |sed -e 's/"/\\"/g' -e "s/%quote%/'/g")
     echo '{'
     echo -e "\t\"$domain\": {"
     echo "        \"CRT\": \"$crt\","

From 5170e5f5aa944a44e0b0becb066320e24328da9e Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 4 Nov 2018 03:35:17 +0100
Subject: [PATCH 0245/2300] Dovecot fix namespace inbox=yes only for Debian9

---
 install/vst-install-debian.sh | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 4f7aa770..87edd88b 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1079,7 +1079,9 @@ if [ "$dovecot" = 'yes' ]; then
     cp -rf $vestacp/dovecot /etc/
     cp -f $vestacp/logrotate/dovecot /etc/logrotate.d/
     chown -R root:root /etc/dovecot*
-    sed -i "s#namespace inbox {#namespace inbox {\n  inbox = yes#" /etc/dovecot/conf.d/15-mailboxes.conf
+    if [ "$release" -eq 9 ]; then
+        sed -i "s#namespace inbox {#namespace inbox {\n  inbox = yes#" /etc/dovecot/conf.d/15-mailboxes.conf
+    fi
     update-rc.d dovecot defaults
     service dovecot start
     check_result $? "dovecot start failed"

From 14f64bc512410be8b307dd5b8efceb272253481c Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 4 Nov 2018 03:41:20 +0100
Subject: [PATCH 0246/2300] Moving backup LA check

---
 bin/v-backup-user | 17 -----------------
 1 file changed, 17 deletions(-)

diff --git a/bin/v-backup-user b/bin/v-backup-user
index 4d30974f..cc37aef5 100755
--- a/bin/v-backup-user
+++ b/bin/v-backup-user
@@ -54,23 +54,6 @@ start_time=$(date '+%s')
 subj="$user → backup failed"
 email=$(grep CONTACT $VESTA/data/users/admin/user.conf |cut -f 2 -d \')
 
-# Checking load average
-la=$(cat /proc/loadavg |cut -f 1 -d ' ' |cut -f 1 -d '.')
-# i=0
-while [ "$la" -ge "$BACKUP_LA_LIMIT" ]; do
-    echo -e "$(date "+%F %T") Load Average $la"
-    sleep 60
-    wait_for_backup_if_it_is_not_time_for_backup
-    # if [ "$i" -ge "15" ]; then
-        # la_error="LoadAverage $la is above threshold"
-        # echo "$la_error" |$SENDMAIL -s "$subj" $email $notify
-        # sed -i "/ $user /d" $VESTA/data/queue/backup.pipe
-        # check_result $E_LA "$la_error"
-    # fi
-    la=$(cat /proc/loadavg |cut -f 1 -d ' ' |cut -f 1 -d '.')
-    # (( ++i))
-done
-
 if [ -z "$BACKUP_TEMP" ]; then
     BACKUP_TEMP=$BACKUP
 fi

From 441679a9607366d34b452bde3637de648b76e50a Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 4 Nov 2018 03:44:35 +0100
Subject: [PATCH 0247/2300] Better place for backup LA check

---
 func/main.sh | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/func/main.sh b/func/main.sh
index 77cc4c76..bafedfdf 100644
--- a/func/main.sh
+++ b/func/main.sh
@@ -941,6 +941,22 @@ format_aliases() {
 
 
 wait_for_backup_if_it_is_not_time_for_backup() {
+    # Checking load average
+    la=$(cat /proc/loadavg |cut -f 1 -d ' ' |cut -f 1 -d '.')
+    # i=0
+    while [ "$la" -ge "$BACKUP_LA_LIMIT" ]; do
+        echo -e "$(date "+%F %T") Load Average $la"
+        sleep 60
+        # if [ "$i" -ge "15" ]; then
+            # la_error="LoadAverage $la is above threshold"
+            # echo "$la_error" |$SENDMAIL -s "$subj" $email $notify
+            # sed -i "/ $user /d" $VESTA/data/queue/backup.pipe
+            # check_result $E_LA "$la_error"
+        # fi
+        la=$(cat /proc/loadavg |cut -f 1 -d ' ' |cut -f 1 -d '.')
+        # (( ++i))
+    done
+
     # block backup if current hour is after 6 AM
     WAIT_LOOP_ENTERED=0
     if pgrep -x "v-backup-users" > /dev/null

From b4dc63b72f1ac8d834e0b4b45eb1b1d280cf0615 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 4 Nov 2018 03:49:14 +0100
Subject: [PATCH 0248/2300] Avoiding "We can use mysqldump now"

---
 bin/v-backup-user | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/bin/v-backup-user b/bin/v-backup-user
index cc37aef5..070dfb53 100755
--- a/bin/v-backup-user
+++ b/bin/v-backup-user
@@ -385,15 +385,19 @@ if [ ! -z "$DB_SYSTEM" ] && [ "$DB" != '*' ]; then
         grants="$tmpdir/db/$database/conf/$database.$TYPE.$DBUSER"
         if [ ! -f "$dumpgz" ]; then
 
+            WAIT_LOOP_ENTERED=0
             while true
             do
                 if pgrep -x "mysqldump" > /dev/null
                 then
+                    WAIT_LOOP_ENTERED=1
                     echo "Wait other mysqldump to finish"
                     sleep 1
                 else
-                    echo "We can use mysqldump now"
-                    break
+                    if [ "$WAIT_LOOP_ENTERED" -eq 1 ]; then
+                        echo "We can use mysqldump now"
+                        break
+                    fi
                 fi
             done
 

From 7b498a7a3c57f99f85f15b13010d6f3201dd8334 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 4 Nov 2018 03:53:13 +0100
Subject: [PATCH 0249/2300] Fix for avoiding "We can use mysqldump now"

---
 bin/v-backup-user | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-backup-user b/bin/v-backup-user
index 070dfb53..574bbe5a 100755
--- a/bin/v-backup-user
+++ b/bin/v-backup-user
@@ -396,8 +396,8 @@ if [ ! -z "$DB_SYSTEM" ] && [ "$DB" != '*' ]; then
                 else
                     if [ "$WAIT_LOOP_ENTERED" -eq 1 ]; then
                         echo "We can use mysqldump now"
-                        break
                     fi
+                    break
                 fi
             done
 

From 3acf962fa25df15f9b161a09fd4b99bf0c14dc19 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 4 Nov 2018 04:01:46 +0100
Subject: [PATCH 0250/2300] Mute backup auto-repair databases

---
 bin/v-backup-users | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-backup-users b/bin/v-backup-users
index f27b9195..39a53fc4 100755
--- a/bin/v-backup-users
+++ b/bin/v-backup-users
@@ -25,7 +25,7 @@ source $VESTA/conf/vesta.conf
 $BIN/v-check-vesta-license >/dev/null
 
 # Auto-repair all databases before backuping all accounts
-mysqlrepair --all-databases --check --auto-repair
+mysqlrepair --all-databases --check --auto-repair /dev/null 2>&1
 
 if [ -z "$BACKUP_SYSTEM" ]; then
     exit

From 9f4ec54618a95076d624c4e152817f8397c86adb Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 4 Nov 2018 04:02:45 +0100
Subject: [PATCH 0251/2300] Fix for mute auto-repair databases

---
 bin/v-backup-users | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-backup-users b/bin/v-backup-users
index 39a53fc4..ed43f8f3 100755
--- a/bin/v-backup-users
+++ b/bin/v-backup-users
@@ -25,7 +25,7 @@ source $VESTA/conf/vesta.conf
 $BIN/v-check-vesta-license >/dev/null
 
 # Auto-repair all databases before backuping all accounts
-mysqlrepair --all-databases --check --auto-repair /dev/null 2>&1
+mysqlrepair --all-databases --check --auto-repair > /dev/null 2>&1
 
 if [ -z "$BACKUP_SYSTEM" ]; then
     exit

From c32fa673e15272779de2934d410fff72cb6702c3 Mon Sep 17 00:00:00 2001
From: Alexandr Loskutov 
Date: Sun, 4 Nov 2018 08:21:36 +0200
Subject: [PATCH 0252/2300] Fix Dovecot namespace inbox=yes for CentOS 7

Co-Authored-By: dpeca 
---
 install/vst-install-rhel.sh | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/install/vst-install-rhel.sh b/install/vst-install-rhel.sh
index 3aaad808..385534ec 100755
--- a/install/vst-install-rhel.sh
+++ b/install/vst-install-rhel.sh
@@ -1127,6 +1127,9 @@ if [ "$dovecot" = 'yes' ]; then
     cp -rf $vestacp/dovecot /etc/
     cp -f $vestacp/logrotate/dovecot /etc/logrotate.d/
     chown -R root:root /etc/dovecot*
+    if [ "$release" -eq 7 ]; then
+        sed -i "s#namespace inbox {#namespace inbox {\n  inbox = yes#" /etc/dovecot/conf.d/15-mailboxes.conf
+    fi
     chkconfig dovecot on
     service dovecot start
     check_result $? "dovecot start failed"

From 381bc48e9652bdcfe74ef0c864076fd48df5bc07 Mon Sep 17 00:00:00 2001
From: "Made I.T" 
Date: Thu, 8 Nov 2018 16:32:31 +0100
Subject: [PATCH 0253/2300] Fix dubble www

---
 bin/v-add-web-domain | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/bin/v-add-web-domain b/bin/v-add-web-domain
index b937330c..1005bc9c 100755
--- a/bin/v-add-web-domain
+++ b/bin/v-add-web-domain
@@ -113,9 +113,12 @@ if [ "$aliases" = 'none' ]; then
     ALIAS=''
 else
     ALIAS="www.$domain"
-    if [ ! -z "$aliases" ]; then
-        ALIAS="$ALIAS,$aliases"
+    if [ -z "$aliases" ]; then
+        ALIAS="www.$domain"
+    else
+        ALIAS="$aliases"
     fi
+    
     ip_alias=$(get_ip_alias $domain)
     if [ ! -z "$ip_alias" ]; then
         ALIAS="$ALIAS,$ip_alias"

From 2dc406aae4801b4151daa4f8e052a3ad367e3a8d Mon Sep 17 00:00:00 2001
From: "Made I.T" 
Date: Thu, 8 Nov 2018 16:33:34 +0100
Subject: [PATCH 0254/2300] Fix dubble www

---
 func/main.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/func/main.sh b/func/main.sh
index e78e6edf..ca4ac3c5 100644
--- a/func/main.sh
+++ b/func/main.sh
@@ -933,7 +933,7 @@ format_aliases() {
         aliases=$(echo "$aliases" |tr -s '.')
         aliases=$(echo "$aliases" |sed -e "s/[.]*$//g")
         aliases=$(echo "$aliases" |sed -e "s/^[.]*//")
-        aliases=$(echo "$aliases" |grep -v www.$domain |sed -e "/^$/d")
+        aliases=$(echo "$aliases" |sed -e "/^$/d")
         aliases=$(echo "$aliases" |tr '\n' ',' |sed -e "s/,$//")
     fi
 }

From b9210522f57ee8f1c090d607a73bef5663108a65 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 9 Nov 2018 17:47:05 +0100
Subject: [PATCH 0255/2300] Ubuntu 18.04 dovecot namespace inbox fix

Fix based on https://github.com/serghey-rodin/vesta/pull/1669/files
---
 install/ubuntu/18.04/dovecot/dovecot.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/ubuntu/18.04/dovecot/dovecot.conf b/install/ubuntu/18.04/dovecot/dovecot.conf
index 311a3351..163460ba 100644
--- a/install/ubuntu/18.04/dovecot/dovecot.conf
+++ b/install/ubuntu/18.04/dovecot/dovecot.conf
@@ -3,7 +3,7 @@ listen = *, ::
 base_dir = /var/run/dovecot/
 !include conf.d/*.conf
 
-namespace {
+namespace inbox {
     type = private
     separator = /
     prefix =

From 0760e6a2e6752d00534aa2af6ae94228dc0685b0 Mon Sep 17 00:00:00 2001
From: Hacktivista 
Date: Wed, 7 Nov 2018 12:53:59 -0300
Subject: [PATCH 0256/2300] Don't chown $VESTA/data/sessions admin:admin
 previous to user admin creation

Fixes `chown: invalid user: 'admin:admin'` on Debian installations, line not present in other distros install scripts
---
 install/vst-install-debian.sh | 1 -
 1 file changed, 1 deletion(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 47f36142..846092e9 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -711,7 +711,6 @@ chmod -R 750 $VESTA/data/queue
 chmod 660 $VESTA/log/*
 rm -f /var/log/vesta
 ln -s $VESTA/log /var/log/vesta
-chown admin:admin $VESTA/data/sessions
 chmod 770 $VESTA/data/sessions
 
 # Generating vesta configuration

From 9abd3baf2ebe5460fb869e2deb292a23b3eea429 Mon Sep 17 00:00:00 2001
From: Hacktivista 
Date: Wed, 7 Nov 2018 15:31:01 -0300
Subject: [PATCH 0257/2300] Fix v-update-sys-ip: verify if primary IP exists

Fixes the following errors on new installations:

> mv: cannot move '/usr/local/vesta/data/ips/' to a subdirectory of itself, '/usr/local/vesta/data/ips/x.x.x.x'
> sed: can't read /usr/local/vesta/data/users/*/dns/*.conf: No such file or directory
> sed: -e expression #1, char 0: no previous regular expression
> sed: -e expression #1, char 0: no previous regular expression
---
 bin/v-update-sys-ip | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-update-sys-ip b/bin/v-update-sys-ip
index 7360b07f..6c07edc6 100755
--- a/bin/v-update-sys-ip
+++ b/bin/v-update-sys-ip
@@ -44,7 +44,7 @@ if [[ "$ip_num" -eq '1' ]] && [[ "$v_ip_num" -eq 1 ]]; then
 fi
 
 # Updating configs
-if [ ! -z "$new" ]; then
+if [ ! -z "$old" ]; then
     mv $VESTA/data/ips/$old $VESTA/data/ips/$new
 
     # Updating PROXY

From e799566c6ba1c84e6689cb016bbc0f05abda2767 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luka=20Paunovi=C4=87?= 
Date: Wed, 14 Nov 2018 00:14:04 +0100
Subject: [PATCH 0258/2300] vary

vary, causes page speed issues
---
 install/debian/7/nginx/nginx.conf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/install/debian/7/nginx/nginx.conf b/install/debian/7/nginx/nginx.conf
index e7256de7..6bc999f9 100644
--- a/install/debian/7/nginx/nginx.conf
+++ b/install/debian/7/nginx/nginx.conf
@@ -50,6 +50,7 @@ http {
 
     # Compression
     gzip                on;
+    gzip_vary           on;
     gzip_comp_level     9;
     gzip_min_length     512;
     gzip_buffers        8 64k;

From 591bfdaad19b91ed73ddf93313123ecc3c1b035b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luka=20Paunovi=C4=87?= 
Date: Wed, 14 Nov 2018 00:14:39 +0100
Subject: [PATCH 0259/2300] Update nginx.conf

---
 install/debian/8/nginx/nginx.conf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/install/debian/8/nginx/nginx.conf b/install/debian/8/nginx/nginx.conf
index 1eef1672..e8967d8e 100644
--- a/install/debian/8/nginx/nginx.conf
+++ b/install/debian/8/nginx/nginx.conf
@@ -51,6 +51,7 @@ http {
 
     # Compression
     gzip                on;
+    gzip_vary           on;
     gzip_comp_level     9;
     gzip_min_length     512;
     gzip_buffers        8 64k;

From a3982fd477136acfa66314de153eee66a464151e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luka=20Paunovi=C4=87?= 
Date: Wed, 14 Nov 2018 00:16:24 +0100
Subject: [PATCH 0260/2300] Update nginx.conf

vary on
---
 install/debian/9/nginx/nginx.conf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/install/debian/9/nginx/nginx.conf b/install/debian/9/nginx/nginx.conf
index 1eef1672..e8967d8e 100644
--- a/install/debian/9/nginx/nginx.conf
+++ b/install/debian/9/nginx/nginx.conf
@@ -51,6 +51,7 @@ http {
 
     # Compression
     gzip                on;
+    gzip_vary           on;
     gzip_comp_level     9;
     gzip_min_length     512;
     gzip_buffers        8 64k;

From 4d70c416ca7425076e58fc921b051123f58c8abe Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luka=20Paunovi=C4=87?= 
Date: Wed, 14 Nov 2018 00:17:02 +0100
Subject: [PATCH 0261/2300] Update nginx.conf

vary on
---
 install/rhel/7/nginx/nginx.conf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/install/rhel/7/nginx/nginx.conf b/install/rhel/7/nginx/nginx.conf
index e0575030..0a37ebbc 100644
--- a/install/rhel/7/nginx/nginx.conf
+++ b/install/rhel/7/nginx/nginx.conf
@@ -50,6 +50,7 @@ http {
 
     # Compression
     gzip                on;
+    gzip_vary           on;
     gzip_comp_level     9;
     gzip_min_length     512;
     gzip_buffers        8 64k;

From 49cf56972954ef9b3da144da60c1ab53007a6ce4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luka=20Paunovi=C4=87?= 
Date: Wed, 14 Nov 2018 00:17:31 +0100
Subject: [PATCH 0262/2300] Update nginx.conf

vary on
---
 install/rhel/6/nginx/nginx.conf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/install/rhel/6/nginx/nginx.conf b/install/rhel/6/nginx/nginx.conf
index e0575030..0a37ebbc 100644
--- a/install/rhel/6/nginx/nginx.conf
+++ b/install/rhel/6/nginx/nginx.conf
@@ -50,6 +50,7 @@ http {
 
     # Compression
     gzip                on;
+    gzip_vary           on;
     gzip_comp_level     9;
     gzip_min_length     512;
     gzip_buffers        8 64k;

From 812e001723fb1b62537d0b47daf3203f1f16c5e5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luka=20Paunovi=C4=87?= 
Date: Wed, 14 Nov 2018 00:18:06 +0100
Subject: [PATCH 0263/2300] Update nginx.conf

vary on
---
 install/rhel/5/nginx/nginx.conf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/install/rhel/5/nginx/nginx.conf b/install/rhel/5/nginx/nginx.conf
index e0575030..0a37ebbc 100644
--- a/install/rhel/5/nginx/nginx.conf
+++ b/install/rhel/5/nginx/nginx.conf
@@ -50,6 +50,7 @@ http {
 
     # Compression
     gzip                on;
+    gzip_vary           on;
     gzip_comp_level     9;
     gzip_min_length     512;
     gzip_buffers        8 64k;

From 4073325014f92dc1c34a43f5f36d5d0235eb29df Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luka=20Paunovi=C4=87?= 
Date: Wed, 14 Nov 2018 00:20:21 +0100
Subject: [PATCH 0264/2300] Update nginx.conf

vary on
---
 install/ubuntu/12.04/nginx/nginx.conf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/install/ubuntu/12.04/nginx/nginx.conf b/install/ubuntu/12.04/nginx/nginx.conf
index e7256de7..6bc999f9 100644
--- a/install/ubuntu/12.04/nginx/nginx.conf
+++ b/install/ubuntu/12.04/nginx/nginx.conf
@@ -50,6 +50,7 @@ http {
 
     # Compression
     gzip                on;
+    gzip_vary           on;
     gzip_comp_level     9;
     gzip_min_length     512;
     gzip_buffers        8 64k;

From 151f82e51958ff3941d4c32209c7a2e3264eb599 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luka=20Paunovi=C4=87?= 
Date: Wed, 14 Nov 2018 00:21:12 +0100
Subject: [PATCH 0265/2300] Update nginx.conf

vary on
---
 install/ubuntu/18.04/nginx/nginx.conf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/install/ubuntu/18.04/nginx/nginx.conf b/install/ubuntu/18.04/nginx/nginx.conf
index 790aee49..dc2cf1dd 100644
--- a/install/ubuntu/18.04/nginx/nginx.conf
+++ b/install/ubuntu/18.04/nginx/nginx.conf
@@ -50,6 +50,7 @@ http {
 
     # Compression
     gzip                on;
+    gzip_vary           on;
     gzip_static         on;
     gzip_vary           on;
     gzip_comp_level     6;

From 61c439554e404fa124dc577c53649bb960e8b24e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luka=20Paunovi=C4=87?= 
Date: Wed, 14 Nov 2018 00:21:38 +0100
Subject: [PATCH 0266/2300] Update nginx.conf

vary on
---
 install/ubuntu/17.10/nginx/nginx.conf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/install/ubuntu/17.10/nginx/nginx.conf b/install/ubuntu/17.10/nginx/nginx.conf
index e7256de7..6bc999f9 100644
--- a/install/ubuntu/17.10/nginx/nginx.conf
+++ b/install/ubuntu/17.10/nginx/nginx.conf
@@ -50,6 +50,7 @@ http {
 
     # Compression
     gzip                on;
+    gzip_vary           on;
     gzip_comp_level     9;
     gzip_min_length     512;
     gzip_buffers        8 64k;

From 433166a4776b25d4469316cce98f64452650b73d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luka=20Paunovi=C4=87?= 
Date: Wed, 14 Nov 2018 00:22:32 +0100
Subject: [PATCH 0267/2300] Update nginx.conf

vary on
---
 install/ubuntu/17.04/nginx/nginx.conf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/install/ubuntu/17.04/nginx/nginx.conf b/install/ubuntu/17.04/nginx/nginx.conf
index e7256de7..6bc999f9 100644
--- a/install/ubuntu/17.04/nginx/nginx.conf
+++ b/install/ubuntu/17.04/nginx/nginx.conf
@@ -50,6 +50,7 @@ http {
 
     # Compression
     gzip                on;
+    gzip_vary           on;
     gzip_comp_level     9;
     gzip_min_length     512;
     gzip_buffers        8 64k;

From 46b7d8438fc3e477821c5004670c1918dab274ea Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luka=20Paunovi=C4=87?= 
Date: Wed, 14 Nov 2018 00:23:06 +0100
Subject: [PATCH 0268/2300] Update nginx.conf

vary on
---
 install/ubuntu/12.10/nginx/nginx.conf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/install/ubuntu/12.10/nginx/nginx.conf b/install/ubuntu/12.10/nginx/nginx.conf
index e7256de7..6bc999f9 100644
--- a/install/ubuntu/12.10/nginx/nginx.conf
+++ b/install/ubuntu/12.10/nginx/nginx.conf
@@ -50,6 +50,7 @@ http {
 
     # Compression
     gzip                on;
+    gzip_vary           on;
     gzip_comp_level     9;
     gzip_min_length     512;
     gzip_buffers        8 64k;

From ef422f62f643b5212fc1543de82a407f95c65e5a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luka=20Paunovi=C4=87?= 
Date: Wed, 14 Nov 2018 00:23:19 +0100
Subject: [PATCH 0269/2300] Update nginx.conf

vary on
---
 install/ubuntu/13.04/nginx/nginx.conf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/install/ubuntu/13.04/nginx/nginx.conf b/install/ubuntu/13.04/nginx/nginx.conf
index e7256de7..6bc999f9 100644
--- a/install/ubuntu/13.04/nginx/nginx.conf
+++ b/install/ubuntu/13.04/nginx/nginx.conf
@@ -50,6 +50,7 @@ http {
 
     # Compression
     gzip                on;
+    gzip_vary           on;
     gzip_comp_level     9;
     gzip_min_length     512;
     gzip_buffers        8 64k;

From ccc4e5a2626607e09d84a99e7c5bec11c9e6d337 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luka=20Paunovi=C4=87?= 
Date: Wed, 14 Nov 2018 00:23:45 +0100
Subject: [PATCH 0270/2300] Update nginx.conf

vary on
---
 install/ubuntu/13.10/nginx/nginx.conf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/install/ubuntu/13.10/nginx/nginx.conf b/install/ubuntu/13.10/nginx/nginx.conf
index e7256de7..6bc999f9 100644
--- a/install/ubuntu/13.10/nginx/nginx.conf
+++ b/install/ubuntu/13.10/nginx/nginx.conf
@@ -50,6 +50,7 @@ http {
 
     # Compression
     gzip                on;
+    gzip_vary           on;
     gzip_comp_level     9;
     gzip_min_length     512;
     gzip_buffers        8 64k;

From 936b225b30382444ff45dd941597fa9ef570f76e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luka=20Paunovi=C4=87?= 
Date: Wed, 14 Nov 2018 00:24:02 +0100
Subject: [PATCH 0271/2300] Update nginx.conf

vary on
---
 install/ubuntu/16.10/nginx/nginx.conf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/install/ubuntu/16.10/nginx/nginx.conf b/install/ubuntu/16.10/nginx/nginx.conf
index e7256de7..6bc999f9 100644
--- a/install/ubuntu/16.10/nginx/nginx.conf
+++ b/install/ubuntu/16.10/nginx/nginx.conf
@@ -50,6 +50,7 @@ http {
 
     # Compression
     gzip                on;
+    gzip_vary           on;
     gzip_comp_level     9;
     gzip_min_length     512;
     gzip_buffers        8 64k;

From d6e0b4e18f39a8169df8ffe83db0b3541e888cc6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luka=20Paunovi=C4=87?= 
Date: Wed, 14 Nov 2018 00:24:17 +0100
Subject: [PATCH 0272/2300] Update nginx.conf

vary on
---
 install/ubuntu/16.04/nginx/nginx.conf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/install/ubuntu/16.04/nginx/nginx.conf b/install/ubuntu/16.04/nginx/nginx.conf
index e7256de7..6bc999f9 100644
--- a/install/ubuntu/16.04/nginx/nginx.conf
+++ b/install/ubuntu/16.04/nginx/nginx.conf
@@ -50,6 +50,7 @@ http {
 
     # Compression
     gzip                on;
+    gzip_vary           on;
     gzip_comp_level     9;
     gzip_min_length     512;
     gzip_buffers        8 64k;

From 0f1fb8aa43f3cf5c6947a0e9ceacf866f40a797d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luka=20Paunovi=C4=87?= 
Date: Wed, 14 Nov 2018 00:24:25 +0100
Subject: [PATCH 0273/2300] Update nginx.conf

---
 install/ubuntu/15.10/nginx/nginx.conf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/install/ubuntu/15.10/nginx/nginx.conf b/install/ubuntu/15.10/nginx/nginx.conf
index e7256de7..6bc999f9 100644
--- a/install/ubuntu/15.10/nginx/nginx.conf
+++ b/install/ubuntu/15.10/nginx/nginx.conf
@@ -50,6 +50,7 @@ http {
 
     # Compression
     gzip                on;
+    gzip_vary           on;
     gzip_comp_level     9;
     gzip_min_length     512;
     gzip_buffers        8 64k;

From 13d713ecc817e6a894609e25d26500532cb56fa4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luka=20Paunovi=C4=87?= 
Date: Wed, 14 Nov 2018 00:24:42 +0100
Subject: [PATCH 0274/2300] Update nginx.conf

---
 install/ubuntu/15.04/nginx/nginx.conf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/install/ubuntu/15.04/nginx/nginx.conf b/install/ubuntu/15.04/nginx/nginx.conf
index e7256de7..6bc999f9 100644
--- a/install/ubuntu/15.04/nginx/nginx.conf
+++ b/install/ubuntu/15.04/nginx/nginx.conf
@@ -50,6 +50,7 @@ http {
 
     # Compression
     gzip                on;
+    gzip_vary           on;
     gzip_comp_level     9;
     gzip_min_length     512;
     gzip_buffers        8 64k;

From c82e50056d6f807a1f0056449b8f40c95e132c3c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luka=20Paunovi=C4=87?= 
Date: Wed, 14 Nov 2018 00:24:58 +0100
Subject: [PATCH 0275/2300] Update nginx.conf

vary on
---
 install/ubuntu/14.10/nginx/nginx.conf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/install/ubuntu/14.10/nginx/nginx.conf b/install/ubuntu/14.10/nginx/nginx.conf
index e7256de7..6bc999f9 100644
--- a/install/ubuntu/14.10/nginx/nginx.conf
+++ b/install/ubuntu/14.10/nginx/nginx.conf
@@ -50,6 +50,7 @@ http {
 
     # Compression
     gzip                on;
+    gzip_vary           on;
     gzip_comp_level     9;
     gzip_min_length     512;
     gzip_buffers        8 64k;

From e67297010370a1a006815f18ea3a6a7e0ef86d96 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luka=20Paunovi=C4=87?= 
Date: Wed, 14 Nov 2018 00:25:12 +0100
Subject: [PATCH 0276/2300] Update nginx.conf

vary on
---
 install/ubuntu/14.04/nginx/nginx.conf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/install/ubuntu/14.04/nginx/nginx.conf b/install/ubuntu/14.04/nginx/nginx.conf
index 1932d171..c44ab650 100644
--- a/install/ubuntu/14.04/nginx/nginx.conf
+++ b/install/ubuntu/14.04/nginx/nginx.conf
@@ -50,6 +50,7 @@ http {
 
     # Compression
     gzip                on;
+    gzip_vary           on;
     gzip_comp_level     9;
     gzip_min_length     512;
     gzip_buffers        8 64k;

From 0437c4ac3ee2056f2ed2fdfd10a6e6693b292699 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Wed, 14 Nov 2018 17:53:48 +0200
Subject: [PATCH 0277/2300] fix backup exlustions for files

---
 bin/v-backup-user | 17 +++++++++++++----
 1 file changed, 13 insertions(+), 4 deletions(-)

diff --git a/bin/v-backup-user b/bin/v-backup-user
index f9569aa4..0c9e7c1b 100755
--- a/bin/v-backup-user
+++ b/bin/v-backup-user
@@ -216,6 +216,9 @@ if [ ! -z "$WEB_SYSTEM" ] && [ "$WEB" != '*' ]; then
             cp $USER_DATA/ssl/$domain.* vesta/
         fi
 
+        # Changin dir to documentroot
+        cd $HOMEDIR/$user/web/$domain
+
         # Define exclude arguments
         exlusion=$(echo -e "$WEB" |tr ',' '\n' |grep "^$domain:")
         set -f
@@ -224,15 +227,21 @@ if [ ! -z "$WEB_SYSTEM" ] && [ "$WEB" != '*' ]; then
         if [ ! -z "$exlusion" ]; then
             xdirs="$(echo -e "$exlusion" |tr ':' '\n' |grep -v $domain)"
             for xpath in $xdirs; do
-                fargs+=(--exclude=$xpath/*)
-                echo "$(date "+%F %T") excluding directory $xpath"
-                msg="$msg\n$(date "+%F %T") excluding directory $xpath"
+            for xpath in $xdirs; do
+                if [ -d "$xpath" ]; then
+                    fargs+=(--exclude=$xpath/*)
+                    echo "$(date "+%F %T") excluding directory $xpath"
+                    msg="$msg\n$(date "+%F %T") excluding directory $xpath"
+                else
+                    echo "$(date "+%F %T") excluding file $xpath"
+                    msg="$msg\n$(date "+%F %T") excluding file $xpath"
+                    fargs+=(--exclude=$xpath)
+                fi
             done
         fi
         set +f
 
         # Backup files
-        cd $HOMEDIR/$user/web/$domain
         tar -cpf- * ${fargs[@]} |gzip -$BACKUP_GZIP - > $tmpdir/web/$domain/domain_data.tar.gz
     done
 

From 00bc162fe6d1d5c5d0cbc336124bc1521299316a Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Tue, 20 Nov 2018 11:20:21 +0200
Subject: [PATCH 0278/2300] removed duplicate loop

---
 bin/v-backup-user | 1 -
 1 file changed, 1 deletion(-)

diff --git a/bin/v-backup-user b/bin/v-backup-user
index 0c9e7c1b..4ecc66aa 100755
--- a/bin/v-backup-user
+++ b/bin/v-backup-user
@@ -226,7 +226,6 @@ if [ ! -z "$WEB_SYSTEM" ] && [ "$WEB" != '*' ]; then
         fargs+=(--exclude='logs/*')
         if [ ! -z "$exlusion" ]; then
             xdirs="$(echo -e "$exlusion" |tr ':' '\n' |grep -v $domain)"
-            for xpath in $xdirs; do
             for xpath in $xdirs; do
                 if [ -d "$xpath" ]; then
                     fargs+=(--exclude=$xpath/*)

From aa83fa85f8ae28723ad64074e1aa1a0ba9fefc4d Mon Sep 17 00:00:00 2001
From: "Made I.T" 
Date: Thu, 22 Nov 2018 10:19:23 +0100
Subject: [PATCH 0279/2300] Fix quotes in cronjob CMD

---
 web/edit/cron/index.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/edit/cron/index.php b/web/edit/cron/index.php
index c66ca85c..3d8e9922 100644
--- a/web/edit/cron/index.php
+++ b/web/edit/cron/index.php
@@ -23,7 +23,7 @@ $v_job = escapeshellarg($_GET['job']);
 exec (VESTA_CMD."v-list-cron-job ".$user." ".$v_job." 'json'", $output, $return_var);
 check_return_code($return_var,$output);
 
-$data = json_decode(implode('', str_replace("\\", "\\\\", $output)), true);
+$data = json_decode(implode('', $output), true);
 unset($output);
 
 // Parse cron job

From c5ba8b5b652010b75541f9f1d4e258c0f6264b89 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Sat, 24 Nov 2018 22:43:21 +0200
Subject: [PATCH 0280/2300] Update v-update-user-counters

---
 bin/v-update-user-counters | 2 --
 1 file changed, 2 deletions(-)

diff --git a/bin/v-update-user-counters b/bin/v-update-user-counters
index 50b903bd..b0f94430 100755
--- a/bin/v-update-user-counters
+++ b/bin/v-update-user-counters
@@ -53,8 +53,6 @@ for user in $user_list; do
     IP_OWNED=0
     U_USERS=0
     U_DISK=0
-    ##supose fix to #1526 i cannot see any diference, but on debian it apears that there is an diference.
-    ## maybe because the system has tis var exported? (DISK)
     DISK=0 
     U_DISK_DIRS=$(get_user_value '$U_DISK_DIRS')
     if [ -z "$U_DISK_DIRS" ]; then

From 6b590a6c9363b13dd0c89e591d65d12baae9b14c Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Tue, 27 Nov 2018 15:30:59 +0200
Subject: [PATCH 0281/2300] New version of Softaculous: 5.1.2

---
 src/deb/softaculous/control          | 2 +-
 src/rpm/specs/vesta-softaculous.spec | 5 ++++-
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/deb/softaculous/control b/src/deb/softaculous/control
index c5c9eb67..f47048a6 100644
--- a/src/deb/softaculous/control
+++ b/src/deb/softaculous/control
@@ -1,7 +1,7 @@
 Source: vesta-softaculous
 Package: vesta-softaculous
 Priority: optional
-Version: 0.9.8-23
+Version: 0.9.8-24
 Section: admin
 Maintainer: Serghey Rodin 
 Homepage: https://www.softaculous.com
diff --git a/src/rpm/specs/vesta-softaculous.spec b/src/rpm/specs/vesta-softaculous.spec
index ece330e8..86baeb29 100644
--- a/src/rpm/specs/vesta-softaculous.spec
+++ b/src/rpm/specs/vesta-softaculous.spec
@@ -1,6 +1,6 @@
 Name:           vesta-softaculous
 Version:        0.9.8
-Release:        23
+Release:        24
 Summary:        Vesta Control Panel
 Group:          System Environment/Base
 License:        Softaculous License
@@ -35,5 +35,8 @@ rm -rf %{buildroot}
 %config(noreplace) %{_vestadir}/conf
 
 %changelog
+* Tue Nov 27 2018 Serghey Rodin  - 0.9.8-24
+- New version 5.1.2
+
 * Mon Jul 21 2017 Serghey Rodin  - 0.9.8-18
 - Initial build for Softaculous 4.9.2

From 59695acd10ce63740bcf274a13569230362e06c5 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Thu, 29 Nov 2018 13:40:15 +0200
Subject: [PATCH 0282/2300] universe repository check

---
 install/vst-install-ubuntu.sh | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/install/vst-install-ubuntu.sh b/install/vst-install-ubuntu.sh
index 4cc5ee86..e1ca1044 100755
--- a/install/vst-install-ubuntu.sh
+++ b/install/vst-install-ubuntu.sh
@@ -447,6 +447,13 @@ fi
 apt-get -y upgrade
 check_result $? 'apt-get upgrade failed'
 
+# Checking universe repository
+if [[ ${release:0:2} -gt 16 ]]; then
+    if [ -z "$(grep universe /etc/apt/sources.list)" ]; then
+        add-apt-repository -y universe
+    fi
+fi
+
 # Installing nginx repo
 apt=/etc/apt/sources.list.d
 echo "deb http://nginx.org/packages/mainline/ubuntu/ $codename nginx" \

From 2a8188a207cdf7f37290938ed7cbb83abf82e13f Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Fri, 30 Nov 2018 00:44:32 +0200
Subject: [PATCH 0283/2300] Create az.php

Azerbaijani language support
---
 web/inc/i18n/az.php | 726 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 726 insertions(+)
 create mode 100644 web/inc/i18n/az.php

diff --git a/web/inc/i18n/az.php b/web/inc/i18n/az.php
new file mode 100644
index 00000000..de5a0352
--- /dev/null
+++ b/web/inc/i18n/az.php
@@ -0,0 +1,726 @@
+ 'Paketlər',
+    'IP'  => 'IP',
+    'Graphs'  => 'Qrafiklər',
+    'Statistics'  => 'Statistikalar',
+    'Log'  => 'Log',
+    'Server'  => 'Server',
+    'Services'  => 'Servislər',
+    'Firewall' => 'Firewall',
+    'Updates'  => 'Yeniləmələr',
+    'Log in'  => 'Hesab yarat',
+    'Log out'  => 'Çıxış',
+    'USER'  => 'İstifadəsi',
+    'WEB'  => 'Veb',
+    'DNS'  => 'DNS',
+    'MAIL'  => 'Poçt',
+    'DB'  => 'DB',
+    'CRON'  => 'CRON',
+    'BACKUP'  => 'NÜSXƏ',
+    'LOGIN'  => 'Giriş',
+    'RESET PASSWORD'  => 'Şifrəni sıfırlamaq',
+    'SEARCH'  => 'Axtar',
+    'PACKAGE'  => 'Paket',
+    'RRD'  => 'RRD',
+    'STATS'  => 'STATS',
+    'LOG'  => 'LOG',
+    'UPDATES'  => 'Yenilənmələr',
+    'FIREWALL'  => 'Firewall',
+    'SERVER'  => 'Server',
+    'MEMORY'  => 'Yaddaş',
+    'DISK'  => 'Disk',
+    'NETWORK'  => 'Şəbəkə',
+    'Web Log Manager'  => 'Veb loq menecer',
+    'no notifications'  => 'bildiriş yoxdur',
+    'Add User'  => 'İstifadəçi əlavə edin',
+    'Add Domain'  => 'Domen əlavə edin',
+    'Add Web Domain'  => 'Domen əlavə edin',
+    'Add DNS Domain'  => 'DNS domeni əlavə edin',
+    'Add DNS Record'  => 'DNS qeydləri əlavə edin',
+    'Add Mail Domain'  => 'E-poçt domeni əlavə edin',
+    'Add Mail Account'  => 'E-poçt hesabı əlavə edin',
+    'Add Database'  => 'Verilənlər bazası əlavə edin',
+    'Add Cron Job'  => 'Cron əlavə et',
+    'Create Backup'  => 'Nüsxə yarat',
+    'Configure'  => 'Konfiqurasiya',
+    'Restore All'  => 'Hamısını bərpa edin',
+    'Add Package'  => 'Paket əlavə edin',
+    'Add IP'  => 'IP əlavə edin',
+    'Add Rule' => 'Qayda əlavə edin',
+    'Ban IP Address' => 'IP ünvanını ban edin',
+    'Search'  => 'Axtar',
+    'Add one more FTP Account' => 'FTP hesabı əlavə edin',
+    'Overall Statistics'  => 'Bütün statistikalar',
+    'Daily'  => 'Günlük',
+    'Weekly'  => 'Həftəlik',
+    'Monthly'  => 'Aylıq',
+    'Yearly'  => 'İllik',
+    'Add'  => 'Əlavə edin',
+    'Back'  => 'Ləğv edin',
+    'Save'  => 'Yadda saxla',
+    'Submit'  => 'Göndər',
+    'toggle all'  => 'Hamısını seç',
+    'apply to selected'  => 'Seçimi tətbiq edin',
+    'rebuild'  => 'Yenidən yarat',
+    'rebuild web'  => "Veb-in yenidən qurulması",
+    'rebuild dns'  => "DNS-in yenidən qurulması",
+    'rebuild mail'  => "E-poçt-un yenidən qurulması",
+    'rebuild db'  => "DB-nin yenidən qurulması",
+    'rebuild cron'  => "Cron-nun yenidən qurulması",
+    'update counters'  => 'Yeniləmə sayğacları',
+    'suspend'  => 'Dayandırın',
+    'unsuspend'  => 'Davam etdirin',
+    'delete'  => 'Sil',
+    'show per user'  => 'istifadəçiyə görə göstər',
+    'login as'  => 'GİRİŞ ET:',
+    'logout'  => 'Çıxış et',
+    'edit'  => 'redaktə et',
+    'open webstats'  => 'webstats aç',
+    'view logs'  => 'logları göstər',
+    'list records'  => '%s siyahı qeydiyyatı',
+    'add record'  => 'qeyd əlavə edin',
+    'list accounts'  => '%s hesabı sıyahıya alın',
+    'add account'  => 'hesap əlavə edin',
+    'open webmail'  => 'Vebpoçtu aç',
+    'list fail2ban' => 'fail2ban siyahı alın',
+    'open %s'  => '%s aç',
+    'download'  => 'yüklə',
+    'restore'  => 'bərpa edin',
+    'configure restore settings'  => 'bərpa ayarlarını quraşdırın',
+    'stop'  => 'dayandırın',
+    'start'  => 'başlat',
+    'restart'  => 'yenidən başlat',
+    'update'  => 'yenilə',
+    'generate'  => 'yarat',
+    'Generate CSR' => 'CSR yarat',
+    'reread IP' => 'IP-ni yenidən oxu',
+    'enable autoupdate' => 'AVTOMATIK YENİLƏNMƏNİ AKTİVLƏŞDİR',
+    'disable autoupdate' => 'AVTOMATİK YENİLƏNMƏNİ SÖNDÜR',
+    'turn on notifications' => 'xəbərdarlıqları açın',
+    'turn off notifications' => 'xəbərdarlıqları bağlayın',
+    'configure' => 'ayalar',
+    'Adding User'  => 'İstifadəçi əlavə edin',
+    'Editing User'  => 'İstifadəçi redaktə edin',
+    'Adding Domain'  => 'Domen əlavə edin',
+    'Editing Domain'  => 'Domen redaktə edin',
+    'Adding DNS Domain'  => 'DNS domeni əlavə edin',
+    'Editing DNS Domain'  => 'DNS domeni redaktə edin',
+    'Adding DNS Record'  => 'DNS qeyd əlavə edin',
+    'Editing DNS Record'  => 'DNS qeydi redaktə edin',
+    'Adding Mail Domain'  => 'E-poçt domen əlavə edin',
+    'Editing Mail Domain'  => 'E-poçt domen redaktə edin',
+    'Adding Mail Account'  => 'E-poçt əlavə edin',
+    'Editing Mail Account'  => 'E-poçt hesabını redaktə edin',
+    'Adding database'  => 'Verilənlər bazası əlavə edin',
+    'Editing Cron Job'  => 'Cron-u redaktə et',
+    'Adding Cron Job'  => 'Cron əlavə etmək',
+    'Editing Database'  => 'Verilənlər bazasını redaktə edin',
+    'Adding Package'  => 'Paket əlavə edin',
+    'Editing Package'  => 'Paketi redaktə edin',
+    'Adding IP address'  => 'IP ünvanı əlavə edin',
+    'Editing IP Address'  => 'IP ünvamını redaktə edin',
+    'Editing Backup Exclusions' => 'Nüsxələmə istisnalarını redaktə edin',
+    'Generating CSR' => 'CSR yaratma',
+    'Listing'  => 'Siyahılama',
+    'Search Results'  => 'Axtarış nəticələri',
+    'Adding Firewall Rule' => 'Təhlükəsizlik divarı qaydası əlavə edin',
+    'Editing Firewall Rule' => 'Təhlükəsizlik divarı qaydasını redaktə edin',
+    'Adding IP Address to Banlist' => 'Ban siyahısına IP ünvanı əlavə edin',
+    'active'  => 'aktiv',
+    'spnd'  => 'söndürülmüş',
+    'suspended'  => 'söndürülmüş',
+    'running'  => 'işləyir',
+    'stopped'  => 'dayandı',
+    'outdated'  => 'köhnəlmiş',
+    'updated'  => 'yenilənmiş',
+    'yes'  => 'bəli',
+    'no'  => 'xeyir',
+    'none'  => 'heç biri',
+    'pb'  => 'pb',
+    'tb'  => 'tb',
+    'gb'  => 'gb',
+    'mb'  => 'mb',
+    'minute'  => 'dəqiqə',
+    'hour'  => 'saat',
+    'day'  => 'gün',
+    'days'  => 'günlər',
+    'hours'  => 'saat',
+    'minutes'  => 'dəqiqə',
+    'month'  => 'ay',
+    'package'  => 'paket',
+    'Bandwidth'  => 'Traffik',
+    'Disk'  => 'Disk',
+    'Web'  => 'Veb',
+    'Mail'  => 'E-poçt',
+    'Databases'  => 'Verilənlər bazası',
+    'User Directories'  => 'İstifadəçi qovluqları',
+    'Template'  => 'Şablon',
+    'Web Template'  => 'Veb Şablonu',
+    'Backend Template'  => 'Backend şablonu',
+    'Proxy Template' =>'Proxy şablonu',
+    'DNS Template'  => 'DNS şablonu',
+    'Web Domains'  => 'Veb domenləri',
+    'SSL Domains'  => 'SSL domenləri',
+    'Web Aliases'  => 'Veb aliasları',
+    'per domain'  => 'domen başına',
+    'DNS Domains'  => 'DNS domen adları',
+    'DNS domains'  => 'DNS domen adları',
+    'DNS records'   => 'DNS qeydləri',
+    'Name Servers'  => 'Neymserverlər',
+    'Mail Domains'  => 'E-poçt domenləri',
+    'Mail Accounts'  => 'E-poçt hesabları',
+    'Cron Jobs'  => 'Cron-lar',
+    'SSH Access'  => 'SSH giriş',
+    'IP Address'  => 'IP ünvan',
+    'IP Addresses'  => 'IP ünvanları',
+    'Backups'  => 'Nüsxələr',
+    'Backup System'  => 'Nüsxələmə sistemi',
+    'backup exclusions' => 'NÜSXƏLƏMƏ İSTİSNALARI',
+    'template'  => 'şablon',
+    'SSL Support'  => 'SSL dəstək',
+    'SSL Home Directory'  => 'SSL Ana qovluğu',
+    'Lets Encrypt Support'  => 'Lets Encrypt dəstəyi',
+    'Lets Encrypt'  => 'Şifrələ',
+    'Your certificate will be automatically issued in 5 minutes' => 'Sənədiniz avtomatik olaraq 5 dəqiqə ərzində veriləcək',
+    'Proxy Support'  => 'Proxy dəstəyi',
+    'Proxy Extensions'  => 'Proxy əlavələri',
+    'Web Statistics'  => 'Veb statistikaları',
+    'Additional FTP Account'  => 'Əlavə FTP hesabı',
+    'Path'  => 'Path',
+    'SOA'  => 'SOA',
+    'TTL'  => 'TTL',
+    'Expire'  => 'Sona çatdırın',
+    'Records'  => 'Qeydlər',
+    'Serial'  => 'Seriya',
+    'Catchall email'  => 'Catchall e-poçt',
+    'AntiVirus Support'  => 'AntiVirus dəstəyi',
+    'AntiSpam Support'  => 'AntiSpam dəstəyi',
+    'DKIM Support'  => 'DKIM dəstəyi',
+    'Accounts'  => 'Hesablar',
+    'Quota'  => 'Norma',
+    'Autoreply'  => 'Avtomatik cavab',
+    'Forward to'  => 'Buraya yönləndir',
+    'Do not store forwarded mail' => 'Göndərilən poçtu saxlamayın',
+    'IMAP hostname'  => 'IMAP hostname',
+    'IMAP port'  => 'IMAP port',
+    'IMAP security'  => 'IMAP təhlükəsizlik',
+    'IMAP auth method'  => 'IMAP auth metodu',
+    'SMTP hostname'  => 'SMTP hostname',
+    'SMTP port'  => 'SMTP port',
+    'SMTP security'  => 'SMTP təhlükəsizlik',
+    'SMTP auth method'  => 'SMTP auth metodu',
+    'STARTTLS'  => 'STARTTLS',
+    'Normal password'  => 'Normal şifrə',
+    'database'  => 'verilənələr bazası',
+    'User'  => 'İstifadəçi',
+    'Host'  => 'Host',
+    'Charset'  => 'Kodlaşdırma',
+    'Min'  => 'Dəq',
+    'Hour'  => 'Saat',
+    'Day'  => 'Gün',
+    'Month'  => 'Ay',
+    'Day of week'  => 'Həftənin günü',
+    'local'  => 'yerli',
+    'Run Time'  => 'İşləmə müddəti',
+    'Backup Size'  => 'Nüsxə ölçüsü',
+    'SYS'  => 'SYS',
+    'Domains'  => 'Domenlər',
+    'Status'  => 'Status',
+    'shared'  => 'paylaşılan',
+    'dedicated'  => 'həsr olunan',
+    'Owner' => 'Sahib',
+    'Users'  => 'İstifadəçilər',
+    'Load Average'  => 'Sistem yükü',
+    'Memory Usage'  => 'Yaddaşın istifadəsi',
+    'APACHE2 Usage'  => 'APACHE2 istifadəsi',
+    'HTTPD Usage'  => 'HTTPD istifadəsi',
+    'NGINX Usage'  => 'NGINX istifadəsi',
+    'MySQL Usage on localhost'  => 'Localhost üzərindəki MySQL istifadəsi',
+    'PostgreSQL Usage on localhost'  => 'Localhost üzərindəki PostgreSQL istifadəsi',
+    'Bandwidth Usage eth0'  => 'eth0 traffik istifadəsi',
+    'Bandwidth Usage eth1'  => 'eth1 traffik istifadəsi',
+    'Exim Usage'  => 'Exim istifadəsi',
+    'FTP Usage'  => 'FTP istifadəsi',
+    'SSH Usage'  => 'SSH istifadəsi',
+    'reverse proxy'  => 'geri proksi',
+    'web server'  => 'veb server',
+    'dns server'  => 'dns server',
+    'mail server'  => 'e-poçt serve',
+    'pop/imap server'  => 'pop/imap server',
+    'email antivirus'  => 'e-poçt antivirus',
+    'email antispam'  => 'e-poçt antispam',
+    'database server'  => 'database server',
+    'ftp server'  => 'ftp server',
+    'job scheduler'  => 'job planlaşdırma',
+    'firewall'  => 'firewall',
+    'brute-force monitor'  => 'brute-force monitor',
+    'CPU'  => 'CPU',
+    'Memory'  => 'Yaddaş',
+    'Uptime'  => 'Uptime',
+    'core package'  => 'əsas paket',
+    'php interpreter'  => 'php tərcüməçi',
+    'internal web server'  => 'daxili veb server',
+    'Version'  => 'Versiya',
+    'Release'  => 'Buraxın',
+    'Architecture'  => 'Memarlıq',
+    'Object'  => 'Obyekt',
+    'Username'  => 'İstifadəçi adı',
+    'Password'  => 'Şifrə',
+    'Email'  => 'E-poçt',
+    'Package'  => 'Paket',
+    'Language'  => 'Dil',
+    'First Name'  => 'Ad',
+    'Last Name'  => 'Soyad',
+    'Send login credentials to email address'  => 'Giriş məlumatlarını ünvanlarını e-poçt ünvanına göndərin',
+    'Default Template'  => 'Default şablon',
+    'Default Name Servers'  => 'Default neymserver',
+    'Domain'  => 'Domen',
+    'DNS Support'  => 'DNS dəstəyi',
+    'Mail Support'  => 'E-poçt dəstəyi',
+    'Advanced options'  => 'TƏKMİLLƏŞMİŞ SEÇİMLƏR',
+    'Basic options'  => 'Əsas seçimlər',
+    'Aliases'  => 'Ləqəblər (Alias)',
+    'SSL Certificate'  => 'SSL sertifikatı',
+    'SSL Key'  => 'SSL açarı (Key)',
+    'SSL Certificate Authority / Intermediate'  => 'SSL sertifikat eyniləşdirməsi / köməkçi)',
+    'SSL CSR' => 'SSL CSR',
+    'optional'  => 'istəyə bağlı',
+    'internal' => 'daxili',
+    'Statistics Authorization'  => 'Statistikanın avtorizasiyası',
+    'Statistics Auth'  => 'Statistika eyniləşdirməsi',
+    'Account'  => 'Hesab',
+    'Prefix will be automaticaly added to username'  => 'Prefiks avtomatik olaraq istifadəçi adına əlavə olunacaq',
+    'Send FTP credentials to email'  => 'FTP məlumatlarını e-poçt ile göndər',
+    'Expiration Date'  => 'Bitmə tarixi',
+    'YYYY-MM-DD'  => 'YYYY-AA-GG',
+    'Name servers'  => 'Neymserverlər',
+    'Record'  => 'Qeydiyyat',
+    'IP or Value'  => 'IP və ya qiymət',
+    'Priority'  => 'Prioritet',
+    'Record Number' => 'Qeydiyyat sayı',
+    'in megabytes'  => 'megabayt olaraq',
+    'Message'  => 'Mesaj',
+    'use local-part'  => 'local-part istifadə et',
+    'one or more email addresses'  => 'bir və ya daha çox e-poçt ünvanı',
+    'Prefix will be automaticaly added to database name and database user'  => 'Prefiks avtomatik olaraq verilənlər bazası adı və verilənlər bazası istifadəçisinə əlavə olunacaq',
+    'Database'  => 'Verilənlər bazası',
+    'Type'  => 'Tip',
+    'Minute'  => 'Dəqiqə',
+    'Command'  => 'Əmr',
+    'Package Name'  => 'Paket adı',
+    'Netmask'  => 'Netmask',
+    'Interface'  => 'İnterfeys',
+    'Shared'  => 'Paylaşılan',
+    'Assigned user'  => 'Təyin edilən istifadəçi',
+    'Assigned domain'  => 'Təyin edilən domen',
+    'NAT IP association' => 'NAT IP assosiasiyası',
+    'shell'  => 'shell',
+    'web domains'  => 'Veb domenləri',
+    'web aliases'  => 'veb ləqəblər',
+    'dns records'  => 'dns qeydləri',
+    'mail domains'  => 'mail domenləri',
+    'mail accounts'  => 'mail hesabları',
+    'accounts'  => 'hesablar',
+    'databases'  => 'verilənlər bazası',
+    'cron jobs'  => 'Cron tapşırıqları',
+    'backups'  => 'nüsxələr',
+    'quota'  => 'kvota',
+    'day of week'  => 'həftənin günü',
+    'cmd'  => 'cmd',
+    'users'  => 'istifadəçilər',
+    'domains'  => 'domenlər',
+    'aliases'  => 'aliases',
+    'records'  => 'qeydlər',
+    'jobs'  => 'işlər',
+    'username'  => 'istifadəçi adı',
+    'password'  => 'şifrə',
+    'type'  => 'tip',
+    'charset'  => 'kodlaşdırma',
+    'domain'  => 'domen',
+    'ip'  => 'ip',
+    'ip address'  => 'ip ünvanı',
+    'IP address'  => 'IP ünvanı',
+    'netmask'  => 'netmask',
+    'interface'  => 'interfeys',
+    'assigned user'  => 'təyin edilən istifadəçi',
+    'ns1'  => 'ns1',
+    'ns2'  => 'ns2',
+    'user'  => 'istifadəçi',
+    'email'  => 'e-poçt',
+    'first name'  => 'ad',
+    'last name'  => 'soyad',
+    'account'  => 'hesab',
+    'ssl certificate'  => 'ssl sertifikatı',
+    'ssl key'  => 'ssl açarı (key)',
+    'stats user password'  => 'statistik istifadəçi sifrəsi',
+    'stats username'  => 'statistik istifadəçi adı',
+    'stats password'  => 'statistik şifrəsi',
+    'ftp user password'  => 'ftp istifadəçi şifrəsi',
+    'ftp user'  => 'ftp istifadəçisi',
+    'Last 70 lines of %s.%s.log' => '%s.%s.log faylının son 70 sətri',
+    'AccessLog' => 'AccessLog',
+    'ErrorLog' => 'ErrorLog',
+    'Download AccessLog' => 'AccessLog yüklə',
+    'Download ErrorLog' => 'ErrorLog yüklə',
+    'Country' => 'Ölkə',
+    '2 letter code' => '2 hərf kodu',
+    'State / Province' => 'Dövlət / Əyalət',
+    'City / Locality' => 'Şəhər / Yerləşmə',
+    'Organization' => 'Orqanizasiya',
+    'Action' => 'Fəaliyyət',
+    'Protocol' => 'Protokol',
+    'Port' => 'Port',
+    'Comment' => 'Rəy',
+    'Banlist' => 'Ban siyahısı',
+    'ranges are acceptable' => 'qəbul edilə bilən aralıqlar',
+    'CIDR format is supported' => 'CIDR versiyasını dəstəkləyir',
+    'ACCEPT' => 'ACCEPT',
+    'DROP' => 'DROP',
+    'TCP' => 'TCP',
+    'UDP' => 'UDP',
+    'ICMP' => 'ICMP',
+    'SSH' => 'SSH',
+    'FTP' => 'FTP',
+    'VESTA' => 'VESTA',
+    'Add one more Name Server' => 'Neymserver əlavə edin',
+    'web domain' => 'veb domen',
+    'dns domain' => 'dns domen',
+    'dns record' => 'dns qeyd',
+    'mail domain' => 'mail domen',
+    'mail account' => 'mail hesabı',
+    'cron job' => 'cron işi',
+    'cron' => 'cron',
+    'user dir' => 'istifadəçidir',
+    'unlimited'  => 'limitsiz',
+    '1 account'  => '1 hesab',
+    '%s accounts'  => '%s hesab',
+    '1 domain'  => '1 alan adı',
+    '%s domains'  => '%s alan adı',
+    '1 record'  => '1 kayıt',
+    '%s records'  => '%s kayıt',
+    '1 mail account'  => '1 mail hesabı',
+    '%s mail accounts'  => '%s mail hesabı',
+    '1 database'  => '1 verilənlər bazası',
+    '%s databases'  => '%s verilənlər bazası',
+    '1 cron job'  => '1 zamanlanmış tapşırıq',
+    '%s cron jobs'  => '%s zamanlanmış tapşırıq',
+    '1 archive'  => '1 arxiv',
+    '%s archives'  => '%s arxiv',
+    '1 item'  => '1 maddə',
+    '%s items'  => '%s maddələr',
+    '1 package'  => '1 paket',
+    '%s packages'  => '%s paket',
+    '1 IP address'  => '1 IP ünvanı',
+    '%s IP addresses'  => '%s IP ünvanı',
+    '1 month'  => '1 ay',
+    '%s months'  => '%s ay',
+    '1 log record'  => '1 log qeydi',
+    '%s log records'  => '%s log qeydi',
+    '1 object'  => '1 obyekt',
+    '%s objects'  => '%s obyekt',
+    'no exclusions' => 'istisna yoxdur',
+    '1 rule' => '1 qayda',
+    '%s rules' => '%s qayda',
+    'There are no currently banned IP' => 'Hazırda ban edilmiş İP yoxdur',
+    'USER_CREATED_OK'  => '%s istifadəşisi uğurla yaradıldı.',
+    'WEB_DOMAIN_CREATED_OK'  => '%s domen uğurla yaradıldı.',
+    'DNS_DOMAIN_CREATED_OK'  => '%s DNS domen uğurla yaradıldı.',
+    'DNS_RECORD_CREATED_OK'  => '%s.%s qeydi uğurla yaradıldı.',
+    'MAIL_DOMAIN_CREATED_OK'  => '%s əsas domen uğurla yaradıldı',
+    'MAIL_ACCOUNT_CREATED_OK'  => '%s@%s e-poçt hesabı uğurla yaradıldı',
+    'DATABASE_CREATED_OK'  => '%s verilənlər bazası uğurla yaradıldı.',
+    'CRON_CREATED_OK'  => 'Zamanlanmış tapşırıq uğurla yaradıldı.',
+    'IP_CREATED_OK'  => '%s ip ünvanı uğurla yaradıldı.',
+    'PACKAGE_CREATED_OK'  => '%s paketi uğurla yaradıldı.',
+    'SSL_GENERATED_OK' => 'Sertifikart uğurla yaradıldı.',
+    'RULE_CREATED_OK' => 'Qayda uğurla yaradıldı.',
+    'BANLIST_CREATED_OK' => 'IP ünvan müvəffəqiyyətlə qadağan edildi',
+    'Autoupdate has been successfully enabled' => 'Avtomatik yenilənmə uğurla aktivləşdirildi',
+    'Autoupdate has been successfully disabled' => 'Avtomatik yenilənmə uğurla söndürüldü',
+    'Cronjob email reporting has been successfully enabled' => 'Zamanlanmış tapşırıq e-poçt hesabatı uğurla aktivləşdirildi',
+    'Cronjob email reporting has been successfully disabled' => 'Zamanlanmış tapşırıq e-poçt hesabatı uğurla dayandırıldı',
+    'Changes has been saved.'  => 'Dəyişikliklər yadda saxlanıldı.',
+    'Confirmation'  => 'Təsdiqləmə',
+    'DELETE_USER_CONFIRMATION' => '%s istifadəçisini silmək istədiyinizə əminsinizmi?',
+    'SUSPEND_USER_CONFIRMATION' => '%s istifadəçisini qapatmaq istədiyinizə əminsinizmi?',
+    'UNSUSPEND_USER_CONFIRMATION' => '%s istifadəçisini davam etdirmək istədiyinizə əminsinizmi?',
+    'DELETE_DOMAIN_CONFIRMATION' => '%s domeni silmək istədiyinizə əminsinizmi?',
+    'SUSPEND_DOMAIN_CONFIRMATION' => '%s domeni qapatmaq istədiyinizə əminsinizmi?',
+    'UNSUSPEND_DOMAIN_CONFIRMATION' => '%s domeni davam etdirmək istədiyinizə əminsinizmi?',
+    'DELETE_RECORD_CONFIRMATION' => '%s qeydi silmək istədiyinizə əminsinizmi?',
+    'SUSPEND_RECORD_CONFIRMATION' => '%s qeydi qapatmaq istədiyinizə əminsinizmi?',
+    'UNSUSPEND_RECORD_CONFIRMATION' => '%s qeydi davam etdirmək istədiyinizə əminsinizmi?',
+    'DELETE_MAIL_ACCOUNT_CONFIRMATION' => '%s hesabını silmək istədiyinizə əminsinizmi?',
+    'SUSPEND_MAIL_ACCOUNT_CONFIRMATION' => '%s hesabını qapatmaq istədiyinizə əminsinizmi?',
+    'UNSUSPEND_MAIL_ACCOUNT_CONFIRMATION' => '%s hesabını davam etdirmək istədiyinizə əminsinizmi?',
+    'DELETE_DATABASE_CONFIRMATION' => '%s verilənlər bazasını silmək istədiyinizə əminsinizmi?',
+    'SUSPEND_DATABASE_CONFIRMATION' => '%s verilənlər bazasını qapatmaq istədiyinizə əminsinizmi?',
+    'UNSUSPEND_DATABASE_CONFIRMATION' => '%s verilənlər bazasını davam etdirmək istədiyinizə əminsinizmi?',
+    'DELETE_CRON_CONFIRMATION' => 'Zamanlanmış tapşırığı silmək istədiyinizə əminsinizmi?',
+    'SUSPEND_CRON_CONFIRMATION' => 'Zamanlanmış tapşırığı qapatmaq istədiyinizə əminsinizmi?',
+    'UNSUSPEND_CRON_CONFIRMATION' => 'Zamanlanmış tapşırığı davam etdirmək istədiyinizə əminsinizmi?',
+    'DELETE_BACKUP_CONFIRMATION'  => '%s nüsxəsini silmək istədiyinizə əminsinizmi?',
+    'DELETE_EXCLUSION_CONFIRMATION' => '%s nüsxələmə qaydasını silmək istədiyinizə əminsinizmi?',
+    'DELETE_PACKAGE_CONFIRMATION'  => '%s paketini silmək istədiyinizə əminsinizmi?',
+    'DELETE_IP_CONFIRMATION'  => '%s IP ünvanı silmək istədiyinizə əminsinizmi?',
+    'DELETE_RULE_CONFIRMATION' => '#%s qaydasını silmək istədiyinizə əminsinizmi?',
+    'SUSPEND_RULE_CONFIRMATION' => '#%s qaydasını qapatmaq istədiyinizə əminsinizmi?',
+    'UNSUSPEND_RULE_CONFIRMATION' => '#%s qaydasını davam etdirmək istədiyinizə əminsinizmi?',
+    'LEAVE_PAGE_CONFIRMATION' => 'Səhifəni tərk edirsiniz?',
+    'RESTART_CONFIRMATION' => '%s yenidən başladılacaq.əstiqləyirsiniz?',
+    'Welcome'  => 'XOŞ GƏLDİNİZ',
+    'LOGGED_IN_AS'  => '%s istifadəçisi olaraq daxil oldunuz',
+    'Error'  => 'Xəta',
+    'Invalid username or password'  => 'Doğru olmayan istifadəçi adı və ya şifrə',
+    'Invalid username or code'  => 'Doğru olmayan istifadəçi adı və ya kod',
+    'Passwords not match'  => 'Şifrələr uyğun deyil',
+    'Please enter valid email address.'  => 'Lütfən doğru e-poçt ünvanı daxil edin.',
+    'Field "%s" can not be blank.'  => '"%s" sahəni boş saxlaya bilməzsiniz.',
+    'Password is too short.'  => 'Şifrə çox qısadır (minimum 6 simvol)',
+    'Error code:'  => 'Xəta kodu: %s',
+    'SERVICE_ACTION_FAILED'  => '"%s" "%s" uğursuz oldu',
+    'IP address is in use' => 'IP ünvanı istifadədədir',
+    'BACKUP_SCHEDULED'  => 'Tapşırıq uğurla əlavə edildi. Nüsxə yüklənildiyi zaman xəbərdarlıq e-poçtu alacaqsınız.',
+    'BACKUP_EXISTS'  => 'Artıq nüsxələmə əməliyyatı davam edir. Yenidən yaratmaq üçün bunun bitməsini gözləyin.',
+    'RESTORE_SCHEDULED'  => 'Tapşırıq sıraya əlavə edildi. Nüsxə yüklənildiyi zaman xəbərdarlıq e-poçtu alacaqsınız.',
+    'RESTORE_EXISTS'  => 'Artıq restovrasiya əməliyyatı davam edir. Bunu işlətmək üçün lütfən əvvəlki əməliyyatın bitməsiniz gözləyin.',
+    'WEB_EXCLUSIONS' => 'Hər sətrə bir domen əlavə yazın. Bütün domenlər xaric etmək üçün * istifadə edin. Xüsusi qovluq üçün bu formatda yazın: domain.com:public_html/cache:public_html/tmp',
+    'DNS_EXCLUSIONS' => 'Hər sətrə bi domen əlavə edin. Bütün domenləri xaric etmək üçün * istifadə edin',
+    'MAIL_EXCLUSIONS' => 'Hər sətrə bi domen əlavə edin. Bütün domenləri xaric etmək üçün * istifadə edin. Xüsusi hesab təyin etmək üçün bu formatda yazın: domain.com:info:destek:postmaster',
+    'DB_EXCLUSIONS' => 'Hər sətrə bir verilənlər bazası əlavə edin. Hamısı üçün * istifadə edin. ',
+    'CRON_EXCLUSIONS' => 'Bütün zamanlanmış tapşırıqları xaric etmək üçün * istifadə edin',
+    'USER_EXCLUSIONS' => 'Hər sətrə bir qovluq əlavə edin. Bütün versiyaları xaric etmək üçün * istifadə edin',
+    'Welcome to Vesta Control Panel'  => 'Vesta nəzarət panelinə xoş gəldiniz',
+    'MAIL_FROM'  => 'Vesta Nəzarət Paneli ',
+    'GREETINGS_GORDON_FREEMAN' => "Hər vaxtınız xeyir, %s %s,\n",
+    'GREETINGS' => "Hər vaxtınız xeyir,\n",
+    'ACCOUNT_READY' => "Hesabınız uğurla yaradıldı və istifadəyə hazırdır.\n\nhttps://%s/login/\nİstifadəçi adı: %s\nŞifrə: %s\n\n--\nVesta Nəzarət Paneli\n",
+    'FTP login credentials'  => 'FTP giriş məlumatları',
+    'FTP_ACCOUNT_READY' => "FTP hesabı uğurla yaradıldı və istifadə hazırdır.\n\nHostname: %s\nİstifadəçi adı: %s_%s\nŞifrə: %s\n\n--\nVesta Control Panel\n",
+    'Database Credentials'  => 'Veritabanı Bilgileri',
+    'DATABASE_READY' => "Verilənlər bazası yaradıldı.\n\Verilənlər bazsı: %s\nİstifadəçi: %s\Şifrə: %s\n%s\n\n--\nVesta Nəzarət Paneli\n",
+    'forgot password'  => 'Şifrəmi unutdum',
+    'Confirm'  => 'Təstiqlə',
+    'New Password'  => 'Yeni şifrə',
+    'Confirm Password'  => 'Şifrəni təstiqlə',
+    'Reset'  => 'Sıfırla',
+    'Reset Code'  => 'Sıfırlama Kodu',
+    'RESET_NOTICE'  => '',
+    'RESET_CODE_SENT'  => 'Şifrə sıfırlama kodu e-poçt ünvanınıza göndərildi.
',
+    'MAIL_RESET_SUBJECT'  => 'Şifrə sıfırlama - %s',
+    'PASSWORD_RESET_REQUEST' => "Şifrənizi sıfırlamaq üçün lütfən linki izləyin:\nhttps://%s/reset/?action=confirm&user=%s&code=%s\n\Alternativ olaraq https://%s/reset/?action=code&user=%s linkinə klik edib davamına bu reset kodunuzu daxil edə bilərsiniz:\n%s\n\nƏgər şifrə sıfırlama istəyiniz olmayıbsa lütfən mesajı yox sayın və üzrümüzü qəbul edin.\n\n--\nVesta Nəzarət Mərkəzi\n",
+    'Jan' => 'Yan',
+    'Feb' => 'Fev',
+    'Mar' => 'Mar',
+    'Apr' => 'Apr',
+    'May' => 'May',
+    'Jun' => 'İyn',
+    'Jul' => 'İyl',
+    'Aug' => 'Avq',
+    'Sep' => 'Sent',
+    'Oct' => 'Okt',
+    'Nov' => 'Noy',
+    'Dec' => 'Dek',
+    'Configuring Server' => 'Server ayarlanması',
+    'Hostname' => 'Hostname',
+    'Time Zone' => 'Vaxt qurşağı',
+    'Default Language' => 'Default dil',
+    'Proxy Server' => 'Proxy server',
+    'Web Server' => 'Veb server',
+    'Backend Server' => 'Backend Server',
+    'Backend Pool Mode' => 'Backend pul rejimi',
+    'DNS Server' => 'DNS server',
+    'DNS Cluster' => 'DNS Cluster',
+    'MAIL Server' => 'MAIL Server',
+    'Antivirus' => 'Antivirus',
+    'AntiSpam' => 'AntiSpam',
+    'Webmail URL' => 'Vebmail URL',
+    'MySQL Support' => 'MySQL dəstək',
+    'phpMyAdmin URL' => 'phpMyAdmin URL',
+    'PostgreSQL Support' => 'PostgreSQL dəstəyi',
+    'phpPgAdmin URL' => 'phpPgAdmin URL',
+    'Maximum Number Of Databases' => 'Verilənlər bazasının maksimum sayı',
+    'Current Number Of Databases' => 'Current Number Of Databases',
+    'Local backup' => 'Yerli backup',
+    'Compression level' => 'Sıxılma səviyyəsi',
+    'Directory' => 'Kataloq',
+    'Remote backup' => 'Uzaqdan backup',
+    'ftp' => 'FTP',
+    'sftp' => 'SFTP',
+    'SFTP Chroot' => 'SFTP Chroot',
+    'FileSystem Disk Quota' => 'FaylSistemi disk kvotası',
+    'Vesta Control Panel Plugins' => 'Vesta Nəzarət Paneli əlavələri',
+    'preview' => 'Ön görünüş',
+    'Reseller Role' => 'Reseller rolu',
+    'Web Config Editor' => 'Veb Konfiqurasiya redaktoru',
+    'Template Manager' => 'Şablon idarəçisi',
+    'Backup Migration Manager' => 'Nüsxələmə miqrasiya idarəçisi',
+    'FileManager' => 'Faylİdarəçisi',
+    'show: CPU / MEM / NET / DISK' => 'göstər: CPU / BEL / ŞƏ / DISK',
+    'sort by' => 'sıralama ölçüsü',
+    'Date' => 'Tarix',
+    'Starred' => 'Ulduzlu',
+    'Name' => 'Ad',
+    'save to favorites' => 'Sevimlilərə əlavə edin',
+    'File Manager' => 'Fayl İdarəçisi',
+    'size' => 'ölçü',
+    'date' => 'tarix',
+    'name' => 'ad',
+    'Initializing' => 'Başladılır',
+    'UPLOAD' => 'YÜKLƏ',
+    'NEW FILE' => 'YENİ FAYL',
+    'NEW DIR' => 'YENİ QOVLUQ',
+    'DELETE' => 'SİL',
+    'RENAME' => 'YENİDƏN ADLANDIR',
+    'MOVE' => 'kÖÇÜRT',
+    'RIGHTS' => 'HÜQUQLAR',
+    'COPY' => 'KOPYALA',
+    'ARCHIVE' => 'ARXİVLƏ',
+    'EXTRACT' => 'ÇIXART',
+    'DOWNLOAD' => 'YÜKLƏ',
+    'Are you sure?' => 'Əminsinizmi?',
+    'Hit' => 'Hit',
+    'to reload the page' => 'səhifəni yeniləm üçün',
+    'Directory name cannot be empty' => 'Kataloq adı boş ola bilməz',
+    'File name cannot be empty' => 'Fayl adı boş ola bilməz',
+    'No file selected' => 'Fayl seçilmədi',
+    'No file or folder selected' => 'Fayl və ya qovluq seçilmədi',
+    'File type not supported' => 'Fayl tipi dəstəklənmir',
+    'Directory download not available in current version' => 'Kataloq yüklnməsi bu versiyada mövcud deyil',
+    'Directory not available' => 'Kataloq keçərli deyil',
+    'Done' => 'Birdi',
+    'Close' => 'Bağla',
+    'Copy' => 'Kopyala',
+    'Cancel' => 'Ləğv et',
+    'Rename' => 'Yenidən adlandır',
+    'Move' => 'Köçürt',
+    'Change Rights' => 'Hüquqları dəyişdirin',
+    'Delete' => 'Sil',
+    'Extract' => 'Çıxart',
+    'Create' => 'Yarat',
+    'Compress' => 'Sıx',
+    'OK' => 'TAMAM',
+    'YOU ARE COPYING' => 'Siz kopyalayırsınız',
+    'YOU ARE REMOVING' => 'Siz silirsiniz',
+    'Delete items' => 'Maddələri silin',
+    'Copy files' => 'Faylları kopyalayın',
+    'Move files' => 'Faylları daşıyın',
+    'Are you sure you want to copy' => 'Kopyalamaq istədiyinizə əminsinizmi',
+    'Are you sure you want to move' => 'Köçürtmək istədiyinizə əminsinizmi?',
+    'Are you sure you want to delete' => 'Silmək istədiyinizə əminsinizmi?',
+    'into' => 'daxil',
+    'existing files will be replaced' => 'mövcud fayllar dəyişdirilir',
+    'Original name' => 'Orjinal adı',
+    'File' => 'Fayl',
+    'already exists' => 'mövcuddur',
+    'Create file' => 'Fayl yarat',
+    'Create directory' => 'Kataloq yarat',
+    'read by owner' => 'sahini tərəfindən oxunan',
+    'write by owner' => 'sahibi tərəfindən yazılan',
+    'execute/search by owner' => 'sahibi tərəfindən icra edilən/axtarılan',
+    'read by group' => 'grup tərəfindən oxunan',
+    'write by group' => 'qrup tərəfindən yazılan',
+    'execute/search by group' => 'qrup tərəfindən icar edilən/axtarılan',
+    'read by others' => 'başqaları tərəfindən oxunan',
+    'write by others' => 'başqaları tərəfindən yazılan',
+    'execute/search by others' => 'başqaları tərəfindən icra edilən/axtarılan',
+    'Shortcuts' => 'Qısayollar',
+    'Add New object' => 'Yeni obyekt əlavə edin',
+    'Save Form' => 'Formanı yadda saxla',
+    'Cancel saving form' => 'Formanı yadda saxlama',
+    'Go to USER list' => 'İstifadəçi siyahısına get',
+    'Go to WEB list' => 'Veb siyahısına get',
+    'Go to DNS list' => 'DNS siyahısına get',
+    'Go to MAIL list' => 'MAIL siyahısına get',
+    'Go to DB list' => 'DB siyahısına get',
+    'Go to CRON list' => 'CRON siyahısına get',
+    'Go to BACKUP list' => 'Nüsxə siyahısına get',
+    'Focus on search' => 'Axtarışa fokuslan',
+    'Display/Close shortcuts' => 'Qısayolları göstər/bağla',
+    'Move backward through top menu' => 'Üst menyu arasında geriyə get',
+    'Move forward through top menu' => 'Üst menyu arasında iləriyə get',
+    'Enter focused element' => 'Fokuslanmış elementi gör',
+    'Move up through elements list' => 'Elementlər siyahısına keçin',
+    'Move down through elements list' => 'Elementlər siyahısına keçin',
+    'Upload' => 'Yüklə',
+    'New File' => 'Yeni fayl',
+    'New Folder' => 'Yeni qovluq',
+    'Download' => 'Yüklə',
+    'Archive' => 'Arxivlə',
+    'Save File (in text editor)' => 'Faylı yadda saxla (mətn redaktorunda)',
+    'Close Popup / Cancel' => 'Popup bağla / Ləğv et',
+    'Move Cursor Up' => 'Kursoru yuxarı qaldır',
+    'Move Cursor Down' => 'Kursoru aşağı endir',
+    'Switch to Left Tab' => 'Sol taba keçin',
+    'Switch to Right Tab' => 'Sağ taba keçin',
+    'Switch Tab' => 'Taba keç',
+    'Go to the Top of the File List' => 'Fayl siyahısının əvvəlinə get',
+    'Go to the Last File' => 'Son fayla bax',
+    'Open File / Enter Directory' => 'Faylı aç/Kataloqa daxil ol',
+    'Edit File' => 'Faylı redaktə edin',
+    'Go to Parent Directory' => 'Əsas kataloqa daxil olun',
+    'Select Current File' => 'Hazırki faylı seçin',
+    'Select Bunch of Files' => 'Fayl dəstini seçin',
+    'Add File to the Current Selection' => 'Hazırki seçimə fayl əlavə edin',
+    'Select All Files' => 'Bütün faylları seçin',
+    'shortcuts are inspired by magnificent GNU Midnight Commander file manager' =>
+        'qısayollar mükəmməl fayl idarəçisi Midnight Commander fayl idarəçisindən alınmışdır',
+    'Licence Key' => 'Lisenziya açarı',
+    'Enter License Key' => 'Lisenziya açarını daxil edin',
+    'Buy Licence' => 'Lisenziya alın',
+    'Buy Lifetime License' => 'Ömür boyu lisenziyası alın',
+    'Disable and Cancel Licence' => 'Lisenziyanı söndürün və ləğv edin',
+    'Licence Activated' => 'Lisenziya aktivdir',
+    'Licence Deactivated' => 'Lisenziya ləğv edilib',
+    'Restrict users so that they cannot use SSH and access only their home directory.' => 'İstifadəçilə SSH yalnız öz əsas kataloqlarına daxil ola bilərlər.',
+    'Browse, copy, edit, view, and retrieve all of your web domain files using fully featured File Manager.' => 'Baxış, kopyalama, redaktə, tamfunksional fayl meneceri vasitəsilə veb domendə olan faylların baxışı və ixracı.',
+    'This is a commercial module, you would need to purchace license key to enable it.' => 'Bu kommersiya moduludur. Ondan istifadə etmək üçün lisenziya açarını əldə etməlisiniz',
+    'Minutes' => 'Dəqiqəlik',
+    'Hourly' => 'Saatlıq',
+    'Run Command' => 'Əmri aktivləşdir',
+    'every month' => 'hər ay',
+    'every odd month' => 'hər tək ay',
+    'every even month' => 'hər cüt ay',
+    'every day' => 'hər gün',
+    'every odd day' => 'hər tək gün',
+    'every even day' => 'hər cüt gün',
+    'weekdays (5 days)' => 'həftə içi (5 gün)',
+    'weekend (2 days)' => 'həftə sonu (2 gün)',
+    'Monday' => 'Bazar ertəsi',
+    'Tuesday' => 'Çərşənbə axşamı',
+    'Wednesday' => 'Çərşənbə',
+    'Thursday' => 'Cümə axşamı',
+    'Friday' => 'Cümə',
+    'Saturday' => 'Şənbə',
+    'Sunday' => 'Bazar',
+    'every hour' => 'hər saat',
+    'every two hours' => 'hər iki saatda bir',
+    'every minute' => 'hər dəqiqə',
+    'every two minutes' => 'hər iki dəqiqdə bir',
+    'every' => 'hər',
+    'Generate' => 'Yaratmaq',
+    'webalizer' => 'webalizer',
+    'awstats' => 'awstats',
+    'Vesta SSL' => 'Vesta SSL',
+    'SUBJECT' => 'MÖVZU',
+    'ALIASES' => 'LƏQƏBLƏR',
+    'NOT_BEFORE' => 'NOT_BEFORE',
+    'NOT_AFTER' => 'NOT_AFTER',
+    'SIGNATURE' => 'İMZA',
+    'PUB_KEY' => 'PUB_KEY',
+    'ISSUER' => 'ISSUER',
+    'Use server hostname' => 'Server hostname-dən istifadə et',
+    'Use domain hostname' => 'Domen hostname-dən istifadə et',
+    'Use STARTTLS' => 'STARTTLS istifadə et',
+    'Use SSL / TLS' => 'SSL / TLS istifadə et',
+    'No encryption' => 'Şifrələnməsiz',
+    'Do not use encryption' => 'Şifrələnməni istifadə etmə',
+    'maximum characters length, including prefix' => 'Simvolların maksimal uzunlu %s, prfiks daxil',
+    'Email Credentials' => 'E-poçt hüquqları',
+);

From c29c7cc8e6a72ffa852bdd583d1c4e61ef57266e Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Fri, 30 Nov 2018 00:52:49 +0200
Subject: [PATCH 0284/2300] Azerbaijani language support


From 44eabb4e9d50fe2535c93d4a168190febbd2af0a Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Fri, 30 Nov 2018 00:54:45 +0200
Subject: [PATCH 0285/2300] Azerbaijani language support

---
 web/inc/i18n/az.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/web/inc/i18n/az.php b/web/inc/i18n/az.php
index de5a0352..911dfc68 100644
--- a/web/inc/i18n/az.php
+++ b/web/inc/i18n/az.php
@@ -724,3 +724,4 @@ $LANG['az'] = array(
     'maximum characters length, including prefix' => 'Simvolların maksimal uzunlu %s, prfiks daxil',
     'Email Credentials' => 'E-poçt hüquqları',
 );
+v

From 2d0e09e7cac23d7da9b812a08860145210bcef78 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Fri, 30 Nov 2018 00:55:27 +0200
Subject: [PATCH 0286/2300] Azerbaijani language support

---
 web/inc/i18n/az.php | 1 -
 1 file changed, 1 deletion(-)

diff --git a/web/inc/i18n/az.php b/web/inc/i18n/az.php
index 911dfc68..de5a0352 100644
--- a/web/inc/i18n/az.php
+++ b/web/inc/i18n/az.php
@@ -724,4 +724,3 @@ $LANG['az'] = array(
     'maximum characters length, including prefix' => 'Simvolların maksimal uzunlu %s, prfiks daxil',
     'Email Credentials' => 'E-poçt hüquqları',
 );
-v

From 9f9ee145592e6dad16b4c6438b86416bdea73488 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Fri, 30 Nov 2018 17:29:33 +0200
Subject: [PATCH 0287/2300] Change monthly price for File Manager and SFTP

---
 web/templates/admin/edit_server.html | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/web/templates/admin/edit_server.html b/web/templates/admin/edit_server.html
index 4f142a6a..cde031fc 100644
--- a/web/templates/admin/edit_server.html
+++ b/web/templates/admin/edit_server.html
@@ -787,7 +787,7 @@
                                                             
                                                             
                                                                 
-                                                                    '.__('Buy Licence').' 1$/'.__('month').'
+                                                                    '.__('Buy Licence').' 3$/'.__('month').'
                                                                 
                                                                 
                                                                     '.__('Buy Lifetime License').' 18$
@@ -835,7 +835,7 @@
                                                             
                                                             
                                                                 
-                                                                    '.__('Buy Licence').' 3$/'.__('month').'
+                                                                    '.__('Buy Licence').' 5$/'.__('month').'
                                                                 
                                                                 
                                                                     '.__('Buy Lifetime License').' 50$

From 41bfca0b212e826140f69bbedcaaeaddceac974e Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Tue, 4 Dec 2018 16:21:46 +0200
Subject: [PATCH 0288/2300] ACME v2 support

---
 bin/v-add-letsencrypt-user | 146 +++++++++++++++++++++++++++----------
 1 file changed, 108 insertions(+), 38 deletions(-)

diff --git a/bin/v-add-letsencrypt-user b/bin/v-add-letsencrypt-user
index 3b14cd69..3b168c40 100755
--- a/bin/v-add-letsencrypt-user
+++ b/bin/v-add-letsencrypt-user
@@ -1,6 +1,6 @@
 #!/bin/bash
 # info: register letsencrypt user account
-# options: USER [EMAIL]
+# options: USER [TYPE]
 #
 # The function creates and register LetsEncript account key
 
@@ -11,7 +11,7 @@
 
 # Argument definition
 user=$1
-email=$2
+type=${2-1}
 key_size=4096
 
 # Includes
@@ -28,11 +28,17 @@ encode_base64() {
 #                    Verifications                         #
 #----------------------------------------------------------#
 
-check_args '1' "$#" 'USER [EMAIL]'
+check_args '1' "$#" 'USER [TYPE]'
 is_format_valid 'user'
 is_object_valid 'user' 'USER' "$user"
 if [ -e "$USER_DATA/ssl/le.conf" ]; then
-    exit
+    source "$USER_DATA/ssl/le.conf"
+    if [ "$type" -eq 1 ] && [ ! -z "$EMAIL" ]; then
+        exit
+    fi
+    if [ "$type" -eq 2 ] && [ ! -z "$KID" ]; then
+        exit
+    fi
 fi
 
 
@@ -40,14 +46,29 @@ fi
 #                       Action                             #
 #----------------------------------------------------------#
 
-api='https://acme-v01.api.letsencrypt.org'
-if [ -z "$email" ]; then
+# Defining LE API endpoint
+if [ "$type" -eq 1 ]; then
+    api='https://acme-v01.api.letsencrypt.org'
+else
+    api='https://acme-v02.api.letsencrypt.org'
+fi
+
+# Defining user email
+if [ $type -eq 1 ]; then
     email=$(get_user_value '$CONTACT')
 fi
 
-agreement=$(curl -s -I "$api/terms" |grep Location |cut -f 2 -d \ |tr -d '\r\n')
+# Defining user agreement
+if [ "$type" -eq 1 ]; then
+    agreement=$(curl -s -I "$api/terms" |grep Location |\
+        cut -f 2 -d \ |tr -d '\r\n')
+else
+    #agreement=$(curl -s "$api/directory" |grep termsOfService |\
+    #    cut -f 4 -d '"')
+    agreement=''
+fi
 
-# Generating key
+# Generating user key
 key="$USER_DATA/ssl/user.key"
 if [ ! -e "$key" ]; then
     openssl genrsa -out $key $key_size >/dev/null 2>&1
@@ -55,41 +76,77 @@ if [ ! -e "$key" ]; then
 fi
 
 # Defining key exponent
-exponent=$(openssl pkey -inform pem -in "$key" -noout -text_pub |\
-    grep Exponent: |cut -f 2 -d '(' |cut -f 1 -d ')' |sed -e 's/x//' |\
-    xxd -r -p |encode_base64)
+if [ -z "$EXPONENT" ]; then
+    exponent=$(openssl pkey -inform pem -in "$key" -noout -text_pub |\
+        grep Exponent: |cut -f 2 -d '(' |cut -f 1 -d ')' |sed -e 's/x//' |\
+        xxd -r -p |encode_base64)
+else
+    exponent="$EXPONENT"
+fi
 
 # Defining key modulus
-modulus=$(openssl rsa -in "$key" -modulus -noout |\
-    sed -e 's/^Modulus=//' |xxd -r -p |encode_base64)
+if [ -z "$MODULUS" ]; then
+    modulus=$(openssl rsa -in "$key" -modulus -noout |\
+        sed -e 's/^Modulus=//' |xxd -r -p |encode_base64)
+else
+    modulus="$MODULUS"
+fi
 
-# Defining key thumb
-thumb='{"e":"'$exponent'","kty":"RSA","n":"'"$modulus"'"}'
-thumb="$(echo -n "$thumb" |openssl dgst -sha256 -binary |encode_base64)"
+# Defining JWK token
+jwk='{"e":"'$exponent'","kty":"RSA","n":"'"$modulus"'"}'
 
-# Defining JWK header
-header='{"e":"'$exponent'","kty":"RSA","n":"'"$modulus"'"}'
-header='{"alg":"RS256","jwk":'"$header"'}'
+# Defining key thumbnail
+if [ -z "$THUMB" ]; then
+    thumb="$(echo -n "$jwk" |openssl dgst -sha256 -binary |encode_base64)"
+else
+    thumb="$THUMB"
+fi
 
-# Requesting nonce
+# Requesting ACME nonce
 nonce=$(curl -s -I "$api/directory" |grep Nonce |cut -f 2 -d \ |tr -d '\r\n')
-protected=$(echo -n '{"nonce":"'"$nonce"'"}' |encode_base64)
 
-# Defining registration query
-query='{"resource":"new-reg","contact":["mailto:'"$email"'"],'
-query=$query'"agreement":"'$agreement'"}'
-payload=$(echo -n "$query" |encode_base64)
+# Defining payload and protected data for v1 and v2
+if [ "$type" -eq 1 ]; then
+    header='{"alg":"RS256","jwk":'"$jwk"'}'
+    protected='{"nonce":"'"$nonce"'"}'
+    payload='{"resource":"new-reg","contact":["mailto:'"$email"'"],'
+    payload=$payload'"agreement":"'$agreement'"}'
+
+else
+    protected='{"nonce": "'$nonce'",'
+    protected=''$protected' "url": "'$api/acme/new-acct'",'
+    protected=''$protected' "alg": "RS256", "jwk": '$jwk'}'
+    payload='{"termsOfServiceAgreed": true}'
+fi
+
+# Encoding data
+protected=$(echo -n "$protected" |encode_base64)
+payload=$(echo -n "$payload" |encode_base64)
+
+# Signing request
 signature=$(printf "%s" "$protected.$payload" |\
-    openssl dgst -sha256 -binary -sign "$key" |encode_base64)
-data='{"header":'"$header"',"protected":"'"$protected"'",'
-data=$data'"payload":"'"$payload"'","signature":"'"$signature"'"}'
+    openssl dgst -sha256 -binary -sign "$key" |\
+    encode_base64)
 
-# Sending request to LetsEncrypt API
-answer=$(curl -s -i -d "$data" "$api/acme/new-reg")
-status=$(echo "$answer" |grep HTTP/1.1 |tail -n1 |cut -f2 -d ' ')
+if [ "$type" -eq 1 ]; then
+    data='{"header":'"$header"',"protected":"'"$protected"'",'
+    data=$data'"payload":"'"$payload"'","signature":"'"$signature"'"}'
+
+    answer=$(curl -s -i -d "$data" "$api/acme/new-reg")
+    status=$(echo "$answer" |grep HTTP/1.1 |tail -n1 |cut -f2 -d ' ')
+else
+    data='{"protected":"'"$protected"'",'
+    data=$data'"payload":"'"$payload"'",'
+    data=$data'"signature":"'"$signature"'"}'
+
+    answer=$(curl -s -i -d "$data" "$api/acme/new-acct" \
+        -H "Content-Type: application/jose+json")
+    status=$(echo "$answer" |grep HTTP/1.1 |tail -n1 |cut -f2 -d ' ')
+    kid=$(echo "$answer" |grep Location: |cut -f2 -d ' '|tr -d '\r')
+fi
 
 # Checking http answer status
-if [[ "$status" -ne "201" ]] && [[ "$status" -ne "409" ]]; then
+if [[ "${status:0:2}" -ne "20" ]] && [[ "$status" -ne "409" ]]; then
     check_result $E_CONNECT "LetsEncrypt account registration $status"
 fi
 
@@ -99,12 +156,25 @@ fi
 #----------------------------------------------------------#
 
 # Adding le.conf
-echo "EMAIL='$email'" > $USER_DATA/ssl/le.conf
-echo "EXPONENT='$exponent'" >> $USER_DATA/ssl/le.conf
-echo "MODULUS='$modulus'" >> $USER_DATA/ssl/le.conf
-echo "THUMB='$thumb'" >> $USER_DATA/ssl/le.conf
-chmod 660  $USER_DATA/ssl/le.conf
-
+if [ ! -e "$USER_DATA/ssl/le.conf" ]; then
+    echo "EXPONENT='$exponent'" > $USER_DATA/ssl/le.conf
+    echo "MODULUS='$modulus'" >> $USER_DATA/ssl/le.conf
+    echo "THUMB='$thumb'" >> $USER_DATA/ssl/le.conf
+    if [ "$type" -eq 1]; then
+        echo "EMAIL='$email'" >> $USER_DATA/ssl/le.conf
+    else
+        echo "KID='$kid'" >> $USER_DATA/ssl/le.conf
+    fi
+    chmod 660  $USER_DATA/ssl/le.conf
+else
+    if [ "$type" -eq 1 ]; then
+        sed -i '/^EMAIL=/d' $USER_DATA/ssl/le.conf
+        echo "EMAIL='$email'" >> $USER_DATA/ssl/le.conf
+    else
+        sed -i '/^KID=/d' $USER_DATA/ssl/le.conf
+        echo "KID='$kid'" >> $USER_DATA/ssl/le.conf
+    fi
+fi
 
 # Logging
 log_event "$OK" "$ARGUMENTS"

From d2d399676f77a6a6d91310996157f2e4243dd357 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Tue, 4 Dec 2018 16:27:22 +0200
Subject: [PATCH 0289/2300] ACME v2 support - list user

---
 bin/v-list-letsencrypt-user | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/bin/v-list-letsencrypt-user b/bin/v-list-letsencrypt-user
index cded9600..63bd4be2 100755
--- a/bin/v-list-letsencrypt-user
+++ b/bin/v-list-letsencrypt-user
@@ -23,7 +23,8 @@ json_list() {
         "EMAIL": "'$EMAIL'",
         "EXPONENT": "'$EXPONENT'",
         "MODULUS": "'$MODULUS'",
-        "THUMB: "'$THUMB'"
+        "THUMB: "'$THUMB'",
+        "KID:" "'$KID'"
     }'
     echo '}'
 }
@@ -35,17 +36,18 @@ shell_list() {
     echo "THUMB:          $THUMB"
     echo "EXPONENT:       $EXPONENT"
     echo "MODULUS:        $MODULUS"
+    echo "KID:            $KID"
 }
 
 # PLAIN list function
 plain_list() {
-    echo -e "$user\t$EMAIL\t$EXPONENT\t$MODULUS\t$THUMB"
+    echo -e "$user\t$EMAIL\t$EXPONENT\t$MODULUS\t$THUMB\t$KID"
 }
 
 # CSV list function
 csv_list() {
-    echo "USER,EMAIL,EXPONENT,MODULUS,THUMB"
-    echo "$user,$EMAIL,$EXPONENT,$MODULUS,$THUMB"
+    echo "USER,EMAIL,EXPONENT,MODULUS,THUMB,KID"
+    echo "$user,$EMAIL,$EXPONENT,$MODULUS,$THUMB,$KID"
 }
 
 

From 320455f7c9cecaf95a91a1eab0b7b3573e06efe7 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Tue, 4 Dec 2018 16:29:48 +0200
Subject: [PATCH 0290/2300] ACME v2 support - list user/ typo

---
 bin/v-list-letsencrypt-user | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/bin/v-list-letsencrypt-user b/bin/v-list-letsencrypt-user
index 63bd4be2..6289ecba 100755
--- a/bin/v-list-letsencrypt-user
+++ b/bin/v-list-letsencrypt-user
@@ -23,8 +23,8 @@ json_list() {
         "EMAIL": "'$EMAIL'",
         "EXPONENT": "'$EXPONENT'",
         "MODULUS": "'$MODULUS'",
-        "THUMB: "'$THUMB'",
-        "KID:" "'$KID'"
+        "THUMB": "'$THUMB'",
+        "KID": "'$KID'"
     }'
     echo '}'
 }

From 58c6ca95b18948d9d1099ba7fb1300d3b33b0fcc Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Mon, 10 Dec 2018 14:15:46 +0100
Subject: [PATCH 0291/2300] Fix for suspended domain checking while LE renewing

Logic should be inversed...
If you grep for suspended=no, then variable is NOT empty if it's NOT suspended
Which means it's empty only if it's suspended.
So we must grep for suspended=yes if we consider not-empty result as suspended domain.
@skullwritter

This bug totally brakes LE renewing :)
---
 bin/v-update-letsencrypt-ssl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-update-letsencrypt-ssl b/bin/v-update-letsencrypt-ssl
index 6e26d7e5..dd1f3b7c 100755
--- a/bin/v-update-letsencrypt-ssl
+++ b/bin/v-update-letsencrypt-ssl
@@ -32,7 +32,7 @@ for user in $users; do
     lecounter=0
     for domain in $(search_objects 'web' 'LETSENCRYPT' 'yes' 'DOMAIN'); do
         # Working on Web domain check - if is suspended
-        webSuspended=$(grep "DOMAIN='$domain'" $USER_DATA/web.conf |grep "SUSPENDED='no")
+        webSuspended=$(grep "DOMAIN='$domain'" $USER_DATA/web.conf |grep "SUSPENDED='yes")
         if [ ! -z "$webSuspended" ]; then
                 continue;
         fi;

From 3d8b6a87a77ae8c026e90eb45212349585adc5e3 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Mon, 10 Dec 2018 14:31:10 +0100
Subject: [PATCH 0292/2300] Better handling of calm-down routine while LE
 renewing

Sleep is because https://github.com/serghey-rodin/vesta/issues/1193
---
 bin/v-update-letsencrypt-ssl | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/bin/v-update-letsencrypt-ssl b/bin/v-update-letsencrypt-ssl
index dd1f3b7c..17f8f0f6 100755
--- a/bin/v-update-letsencrypt-ssl
+++ b/bin/v-update-letsencrypt-ssl
@@ -25,11 +25,12 @@ source $VESTA/conf/vesta.conf
 # Defining user list
 users=$($BIN/v-list-users | tail -n+3 | awk '{ print $1 }')
 
+lecounter=0
+
 # Checking users
 for user in $users; do
     USER_DATA=$VESTA/data/users/$user
     # Checking user certificates
-    lecounter=0
     for domain in $(search_objects 'web' 'LETSENCRYPT' 'yes' 'DOMAIN'); do
         # Working on Web domain check - if is suspended
         webSuspended=$(grep "DOMAIN='$domain'" $USER_DATA/web.conf |grep "SUSPENDED='yes")
@@ -46,6 +47,10 @@ for user in $users; do
         expire=$((expire / 86400))
         domain=$(basename $crt |sed -e "s/.crt$//")
         if [[ "$expire" -lt 31 ]]; then
+            if [ $lecounter -gt 0 ]; then
+                sleep 10
+            fi
+            ((lecounter++))
             aliases=$(echo "$crt_data" |grep DNS:)
             aliases=$(echo "$aliases" |sed -e "s/DNS://g" -e "s/,//")
             aliases=$(echo "$aliases" |tr ' ' '\n' |sed "/^$/d")
@@ -62,10 +67,6 @@ for user in $users; do
                     echo "$domain $msg"
                 fi
             fi
-            if [ $lecounter -gt 0 ]; then
-                sleep 10
-            fi
-            ((lecounter++))
         fi
     done
 done

From 60dcc89d3273241c58aa7aef202ecd1319f2ce52 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 10 Dec 2018 14:35:20 +0100
Subject: [PATCH 0293/2300] Fix for sleep while LE renewing

---
 bin/v-update-letsencrypt-ssl | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/bin/v-update-letsencrypt-ssl b/bin/v-update-letsencrypt-ssl
index 6de9638b..96a384a1 100755
--- a/bin/v-update-letsencrypt-ssl
+++ b/bin/v-update-letsencrypt-ssl
@@ -48,7 +48,7 @@ for user in $users; do
         domain=$(basename $crt |sed -e "s/.crt$//")
         if [[ "$expire" -lt 31 ]]; then
             if [ $lecounter -gt 0 ]; then
-                sleep 10
+                sleep 60
             fi
             ((lecounter++))
             aliases=$(echo "$crt_data" |grep DNS:)
@@ -68,10 +68,6 @@ for user in $users; do
                 fi
             fi
         fi
-        if [ $lecounter -gt 0 ]; then
-            sleep 60
-        fi
-        ((lecounter++))
     done
 done
 

From 3a7d7158caffb092bddd3010291d936c35e897ce Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 14 Dec 2018 15:42:32 +0100
Subject: [PATCH 0294/2300] Temporary fix for CSR

---
 bin/v-add-letsencrypt-user | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/bin/v-add-letsencrypt-user b/bin/v-add-letsencrypt-user
index 3b168c40..f233aa4b 100755
--- a/bin/v-add-letsencrypt-user
+++ b/bin/v-add-letsencrypt-user
@@ -162,7 +162,9 @@ if [ ! -e "$USER_DATA/ssl/le.conf" ]; then
     echo "THUMB='$thumb'" >> $USER_DATA/ssl/le.conf
     if [ "$type" -eq 1]; then
         echo "EMAIL='$email'" >> $USER_DATA/ssl/le.conf
-    else
+        echo "KID='$kid'" >> $USER_DATA/ssl/le.conf
+else
+        echo "EMAIL='$email'" >> $USER_DATA/ssl/le.conf
         echo "KID='$kid'" >> $USER_DATA/ssl/le.conf
     fi
     chmod 660  $USER_DATA/ssl/le.conf

From 51d8870ec1105fefb4e532f1f008fa0b03a8855b Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 14 Dec 2018 15:54:24 +0100
Subject: [PATCH 0295/2300] Update v-restart-proxy

---
 bin/v-restart-proxy | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-restart-proxy b/bin/v-restart-proxy
index 3e8df916..f4928a4f 100755
--- a/bin/v-restart-proxy
+++ b/bin/v-restart-proxy
@@ -55,7 +55,7 @@ if [ -f "/usr/local/vesta/web/inc/nginx_proxy" ]; then
   # background restart
   if [ "$1" = 'background' ]; then
       # Restart system
-      sleep 15
+      sleep 20
       service $PROXY_SYSTEM restart >/dev/null 2>&1
       if [ $? -ne 0 ]; then
           send_email_report

From 98b05f1ba2fc438b8f9e35f584ced3460d112419 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 14 Dec 2018 15:55:35 +0100
Subject: [PATCH 0296/2300] Sleep 120 sec while LE renewing

---
 bin/v-update-letsencrypt-ssl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-update-letsencrypt-ssl b/bin/v-update-letsencrypt-ssl
index 96a384a1..d57ae11e 100755
--- a/bin/v-update-letsencrypt-ssl
+++ b/bin/v-update-letsencrypt-ssl
@@ -48,7 +48,7 @@ for user in $users; do
         domain=$(basename $crt |sed -e "s/.crt$//")
         if [[ "$expire" -lt 31 ]]; then
             if [ $lecounter -gt 0 ]; then
-                sleep 60
+                sleep 120
             fi
             ((lecounter++))
             aliases=$(echo "$crt_data" |grep DNS:)

From f1bbd788aa3b2f83219c4590108ec766df656e36 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 14 Dec 2018 16:39:15 +0100
Subject: [PATCH 0297/2300] Sleep 25 before restart nginx

---
 bin/v-restart-proxy | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-restart-proxy b/bin/v-restart-proxy
index f4928a4f..5966ddd6 100755
--- a/bin/v-restart-proxy
+++ b/bin/v-restart-proxy
@@ -55,7 +55,7 @@ if [ -f "/usr/local/vesta/web/inc/nginx_proxy" ]; then
   # background restart
   if [ "$1" = 'background' ]; then
       # Restart system
-      sleep 20
+      sleep 25
       service $PROXY_SYSTEM restart >/dev/null 2>&1
       if [ $? -ne 0 ]; then
           send_email_report

From 4327a3d1bc8f1c5149c0ee046d1abd87267197e4 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 21 Dec 2018 17:28:12 +0100
Subject: [PATCH 0298/2300] Syntax error fix in v-add-letsencrypt-user

---
 bin/v-add-letsencrypt-user | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-add-letsencrypt-user b/bin/v-add-letsencrypt-user
index 3b168c40..6bd3c560 100755
--- a/bin/v-add-letsencrypt-user
+++ b/bin/v-add-letsencrypt-user
@@ -160,7 +160,7 @@ if [ ! -e "$USER_DATA/ssl/le.conf" ]; then
     echo "EXPONENT='$exponent'" > $USER_DATA/ssl/le.conf
     echo "MODULUS='$modulus'" >> $USER_DATA/ssl/le.conf
     echo "THUMB='$thumb'" >> $USER_DATA/ssl/le.conf
-    if [ "$type" -eq 1]; then
+    if [ "$type" -eq 1 ]; then
         echo "EMAIL='$email'" >> $USER_DATA/ssl/le.conf
     else
         echo "KID='$kid'" >> $USER_DATA/ssl/le.conf

From 73cb7667cd236024fad6985ac2d25f7ce8a16b9b Mon Sep 17 00:00:00 2001
From: Marcos 
Date: Mon, 24 Dec 2018 17:44:23 +0100
Subject: [PATCH 0299/2300] Fix conflict

---
 bin/v-backup-user | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-backup-user b/bin/v-backup-user
index a68778f2..59d071bc 100755
--- a/bin/v-backup-user
+++ b/bin/v-backup-user
@@ -229,7 +229,7 @@ if [ ! -z "$WEB_SYSTEM" ] && [ "$WEB" != '*' ]; then
 
         # Backup files
         cd $HOMEDIR/$user/web/$domain
-        tar --anchored -cpf- * ${fargs[@]} |gzip -$BACKUP_GZIP - > $tmpdir/web/$domain/domain_data.tar.gz
+        tar --anchored -cpf- ${fargs[@]} * |gzip -$BACKUP_GZIP - > $tmpdir/web/$domain/domain_data.tar.gz
     done
 
     # Print total

From 49f69ce60d581547259ba4f6d6ecb82ea8906321 Mon Sep 17 00:00:00 2001
From: Marcos 
Date: Mon, 24 Dec 2018 17:51:07 +0100
Subject: [PATCH 0300/2300] Fix conflicts

---
 bin/v-backup-user | 1 -
 1 file changed, 1 deletion(-)

diff --git a/bin/v-backup-user b/bin/v-backup-user
index 59d071bc..cdbc9414 100755
--- a/bin/v-backup-user
+++ b/bin/v-backup-user
@@ -228,7 +228,6 @@ if [ ! -z "$WEB_SYSTEM" ] && [ "$WEB" != '*' ]; then
         set +f
 
         # Backup files
-        cd $HOMEDIR/$user/web/$domain
         tar --anchored -cpf- ${fargs[@]} * |gzip -$BACKUP_GZIP - > $tmpdir/web/$domain/domain_data.tar.gz
     done
 

From f8b4d42b740752e17944370440f37d3105f4b21f Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Wed, 26 Dec 2018 12:54:33 +0200
Subject: [PATCH 0301/2300] Let's Encrypt v2 with wildcard support

---
 bin/v-add-letsencrypt-domain   | 243 ++++++++++++++++++++++++---------
 bin/v-add-letsencrypt-user     | 159 ++++++++-------------
 bin/v-check-letsencrypt-domain | 162 ----------------------
 bin/v-sign-letsencrypt-csr     | 110 ---------------
 bin/v-update-letsencrypt-ssl   |  55 +++-----
 5 files changed, 257 insertions(+), 472 deletions(-)
 delete mode 100755 bin/v-check-letsencrypt-domain
 delete mode 100755 bin/v-sign-letsencrypt-csr

diff --git a/bin/v-add-letsencrypt-domain b/bin/v-add-letsencrypt-domain
index c69a21f1..a6946695 100755
--- a/bin/v-add-letsencrypt-domain
+++ b/bin/v-add-letsencrypt-domain
@@ -1,13 +1,8 @@
 #!/bin/bash
-# info: adding letsencrypt ssl cetificate for domain
-# options: USER DOMAIN [ALIASES] [RESTART] [NOTIFY]
+# info: check letsencrypt domain
+# options: USER DOMAIN [ALIASES]
 #
-# The function turns on SSL support for a domain. Parameter ssl_dir is a path
-# to directory where 2 or 3 ssl files can be found. Certificate file
-# domain.tld.crt and its key domain.tld.key  are mandatory. Certificate
-# authority domain.tld.ca file is optional. If home directory  parameter
-# (ssl_home) is not set, https domain uses public_shtml as separate
-# documentroot directory.
+# The function check and validates domain with Let's Encript
 
 
 #----------------------------------------------------------#
@@ -18,39 +13,67 @@
 user=$1
 domain=$2
 aliases=$3
-restart=$4
-notify=$5
+
+# LE API
+API='https://acme-v02.api.letsencrypt.org'
 
 # Includes
 source $VESTA/func/main.sh
 source $VESTA/func/domain.sh
 source $VESTA/conf/vesta.conf
 
-# Additional argument formatting
-format_domain_idn
+# encode base64
+encode_base64() {
+    cat |base64 |tr '+/' '-_' |tr -d '\r\n='
+}
+
+# Let's Encrypt v2 curl function
+query_le_v2() {
+
+    protected='{"nonce": "'$3'",'
+    protected=''$protected' "url": "'$1'",'
+    protected=''$protected' "alg": "RS256", "kid": "'$KID'"}'
+    content="Content-Type: application/jose+json"
+
+    payload_=$(echo -n "$2" |encode_base64)
+    protected_=$(echo -n "$protected" |encode_base64)
+    signature_=$(printf "%s" "$protected_.$payload_" |\
+        openssl dgst -sha256 -binary -sign $USER_DATA/ssl/user.key |\
+        encode_base64)
+
+    post_data='{"protected":"'"$protected_"'",'
+    post_data=$post_data'"payload":"'"$payload_"'",'
+    post_data=$post_data'"signature":"'"$signature_"'"}'
+
+    curl -s -i -d "$post_data" "$1" -H "$content"
+}
+
 
 
 #----------------------------------------------------------#
 #                    Verifications                         #
 #----------------------------------------------------------#
 
-check_args '2' "$#" 'USER DOMAIN [ALIASES] [RESTART] [NOTIFY]'
-is_format_valid 'user' 'domain'
+check_args '2' "$#" 'USER DOMAIN [ALIASES]'
+is_format_valid 'user' 'domain' 'aliases'
 is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM'
-is_system_enabled "$WEB_SSL" 'SSL_SUPPORT'
 is_object_valid 'user' 'USER' "$user"
 is_object_unsuspended 'user' 'USER' "$user"
 is_object_valid 'web' 'DOMAIN' "$domain"
 is_object_unsuspended 'web' 'DOMAIN' "$domain"
+get_domain_values 'web'
+for alias in $(echo "$aliases" |tr ',' '\n' |sort -u); do
+    check_alias="$(echo $ALIAS |tr ',' '\n' |grep ^$alias$)"
+    if [ -z "$check_alias" ]; then
+        check_result $E_NOTEXIST "domain alias $alias doesn't exist"
+    fi
+done
 
 
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
 
-# Parsing domain data
-get_domain_values 'web'
-
 # Registering LetsEncrypt user account
 $BIN/v-add-letsencrypt-user $user
 if [ "$?" -ne 0  ]; then
@@ -62,53 +85,152 @@ fi
 
 # Parsing LetsEncrypt account data
 source $USER_DATA/ssl/le.conf
-email=$EMAIL
 
-# Validating domain and aliases
-i=1
-for alias in $(echo $domain,$aliases |tr ',' '\n' |sort -u); do
-    $BIN/v-check-letsencrypt-domain $user $alias
-    if [ "$?" -ne 0 ]; then
-        touch $VESTA/data/queue/letsencrypt.pipe
-        sed -i "/ $domain /d" $VESTA/data/queue/letsencrypt.pipe
-        send_notice "LETSENCRYPT" "$alias validation failed"
-        check_result $E_INVALID "LE domain validation" >/dev/null
+# Checking wildcard alias
+if [ "$aliases" = "*.$domain" ]; then
+    wildcard='yes'
+    proto="dns-01"
+    if [ ! -e "$VESTA/data/users/$user/dns/$domain.conf" ]; then
+        check_result $E_NOTEXIST "DNS domain $domain doesn't exist"
+    fi
+else
+    proto="http-01"
+fi
+
+# Requesting nonce / STEP 1
+answer=$(curl -s -I "$API/directory")
+nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n')
+status=$(echo "$answer"|grep HTTP/1.1 |tail -n1 |cut -f 2 -d ' ')
+if [[ "$status" -ne 200 ]]; then
+    check_result $E_CONNECT "Let's Encrypt nonce request status $status"
+fi
+
+# Placing new order / STEP 2
+url="$API/acme/new-order"
+payload='{"identifiers":['
+for identifier in $(echo $domain,$aliases |tr ',' '\n' |sort -u); do
+    payload=$payload'{"type":"dns","value":"'$identifier'"},'
+done
+payload=$(echo "$payload"|sed "s/,$//")
+payload=$payload']}'
+answer=$(query_le_v2 "$url" "$payload" "$nonce")
+nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n')
+authz=$(echo "$answer" |grep "acme/authz" |cut -f2 -d '"')
+finalize=$(echo "$answer" |grep 'finalize":' |cut -f4 -d '"')
+status=$(echo "$answer" |grep HTTP/1.1 |tail -n1 |cut -f2 -d ' ')
+if [[ "$status" -ne 201 ]]; then
+    check_result $E_CONNECT "Let's Encrypt new auth status $status"
+fi
+
+# Requesting authorization token / STEP 3
+for auth in $authz; do
+    payload=''
+    answer=$(query_le_v2 "$auth" "$payload" "$nonce")
+    url=$(echo "$answer" |grep -A3 $proto |grep url |cut -f 4 -d \")
+    token=$(echo "$answer" |grep -A3 $proto |grep token |cut -f 4 -d \")
+    nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n')
+    status=$(echo "$answer"|grep HTTP/1.1 |tail -n1 |cut -f 2 -d ' ')
+    if [[ "$status" -ne 200 ]]; then
+        check_result $E_CONNECT "Let's Encrypt acme/authz bad status $status"
     fi
 
-    # Checking LE limits per account
-    if [ "$i" -gt 100 ]; then
-        touch $VESTA/data/queue/letsencrypt.pipe
-        sed -i "/ $domain /d" $VESTA/data/queue/letsencrypt.pipe
-        send_notice 'LETSENCRYPT' 'Limit of domains per account is reached'
-        check_result $E_LIMIT "LE can't sign more than 100 domains"
+    # Accepting challenge / STEP 4
+    if [ "$wildcard" = 'yes'  ]; then
+        record=$(printf "%s" "$token.$THUMB" |\
+            openssl dgst -sha256 -binary |encode_base64)
+        old_records=$($BIN/v-list-dns-records $user $domain plain|grep 'TXT')
+        old_records=$(echo "$old_records" |grep _acme-challenge |cut -f 1)
+        for old_record in $old_records; do
+            $BIN/v-delete-dns-record $user $domain $old_record
+        done
+        $BIN/v-add-dns-record $user $domain "_acme-challenge" "TXT" $record
+        check_result $? "DNS _acme-challenge record wasn't created"
+    else
+        if [ "$WEB_SYSTEM" = 'nginx' ] || [ ! -z "$PROXY_SYSTEM" ]; then
+            conf="$HOMEDIR/$user/conf/web/nginx.$domain.conf_letsencrypt"
+            sconf="$HOMEDIR/$user/conf/web/snginx.$domain.conf_letsencrypt"
+            if [ ! -e "$conf" ]; then
+                echo 'location ~ "^/\.well-known/acme-challenge/(.*)$" {' \
+                    > $conf
+                echo '    default_type text/plain;' >> $conf
+                echo '    return 200 "$1.'$THUMB'";' >> $conf
+                echo '}' >> $conf
+            fi
+            if [ ! -e "$sconf" ]; then
+                ln -s "$conf" "$sconf"
+            fi
+            $BIN/v-restart-proxy
+            check_result $? "Proxy restart failed" >/dev/null
+
+        else
+            well_known="$HOMEDIR/$user/web/$rdomain/public_html/.well-known"
+            acme_challenge="$well_known/acme-challenge"
+            mkdir -p $acme_challenge
+            echo "$token.$THUMB" > $acme_challenge/$token
+            chown -R $user:$user $well_known
+        fi
+        $BIN/v-restart-web
+        check_result $? "Web restart failed" >/dev/null
+    fi
+
+    # Requesting ACME validation / STEP 5
+    validation_check=$(echo "$answer" |grep '"valid"')
+    if [[ ! -z "$validation_check" ]]; then
+        validation='valid'
+    else
+        validation='pending'
+    fi
+
+    # Doing pol check on status
+    i=1
+    while [ "$validation" = 'pending' ]; do
+        payload='{}'
+        answer=$(query_le_v2 "$url" "$payload" "$nonce")
+        validation=$(echo "$answer"|grep -A1 $proto |tail -n1|cut -f4 -d \")
+        nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n')
+        status=$(echo "$answer"|grep HTTP/1.1 |tail -n1 |cut -f 2 -d ' ')
+        if [[ "$status" -ne 200 ]]; then
+            check_result $E_CONNECT "Let's Encrypt vvalidation status $status"
+        fi
+
+        i=$((i + 1))
+        if [ "$i" -gt 10 ]; then
+            check_result $E_CONNECT "Let's Encrypt domain validation timeout"
+        fi
+        sleep 1
+    done
+    if [ "$validation" = 'invalid' ]; then
+        check_result $E_CONNECT "Let's Encrypt domain verification failed"
     fi
-    i=$((i++))
 done
 
-# Generating CSR
-ssl_dir=$($BIN/v-generate-ssl-cert "$domain" "$email" "US" "California" \
+
+# Generating new ssl certificate
+ssl_dir=$($BIN/v-generate-ssl-cert "$domain" "info@$domain" "US" "California"\
     "San Francisco" "Vesta" "IT" "$aliases" |tail -n1 |awk '{print $2}')
 
-# Signing CSR
-crt=$($BIN/v-sign-letsencrypt-csr $user $domain $ssl_dir)
-if [ "$?" -ne 0 ]; then
-    touch $VESTA/data/queue/letsencrypt.pipe
-    sed -i "/ $domain /d" $VESTA/data/queue/letsencrypt.pipe
-    send_notice "LETSENCRYPT" "$alias validation failed"
-    check_result "$E_INVALID" "LE $domain validation"
+# Sedning CSR to finalize order / STEP 6
+csr=$(openssl req -in $ssl_dir/$domain.csr -outform DER |encode_base64)
+payload='{"csr":"'$csr'"}'
+answer=$(query_le_v2 "$finalize" "$payload" "$nonce")
+nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n')
+status=$(echo "$answer"|grep HTTP/1.1 |tail -n1 |cut -f 2 -d ' ')
+certificate=$(echo "$answer"|grep 'certificate":' |cut -f4 -d '"')
+if [[ "$status" -ne 200 ]]; then
+    check_result $E_CONNECT "Let's Encrypt finalize bad status $status"
 fi
-echo "$crt" > $ssl_dir/$domain.crt
 
-# Dowloading CA certificate
-le_certs='https://letsencrypt.org/certs'
-x1='lets-encrypt-x1-cross-signed.pem.txt'
-x3='lets-encrypt-x3-cross-signed.pem.txt'
-issuer=$(openssl x509 -text -in $ssl_dir/$domain.crt |grep "Issuer:")
-if [ -z "$(echo $issuer|grep X3)" ]; then
-    curl -s $le_certs/$x1 > $ssl_dir/$domain.ca
-else
-    curl -s $le_certs/$x3 > $ssl_dir/$domain.ca
-fi
+# Downloading signed certificate / STEP 7
+curl -s "$certificate" -o $ssl_dir/$domain.pem
+
+# Splitting up downloaded pem
+crt_end=$(grep -n END $ssl_dir/$domain.pem |head -n1 |cut -f1 -d:)
+head -n $crt_end $ssl_dir/$domain.pem > $ssl_dir/$domain.crt
+
+pem_lines=$(wc -l $ssl_dir/$domain.pem |cut -f 1 -d ' ')
+ca_end=$(grep -n  "BEGIN" $ssl_dir/$domain.pem |tail -n1 |cut -f 1 -d :)
+ca_end=$(( pem_lines - crt_end + 1 ))
+tail -n $ca_end $ssl_dir/$domain.pem > $ssl_dir/$domain.ca
 
 # Adding SSL
 ssl_home=$(search_objects 'web' 'LETSENCRYPT' 'yes' 'SSL_HOME')
@@ -140,18 +262,13 @@ update_object_value 'web' 'DOMAIN' "$domain" '$LETSENCRYPT' 'yes'
 #                       Vesta                              #
 #----------------------------------------------------------#
 
-# Restarting web
-$BIN/v-restart-web $restart
-if [ "$?" -ne 0  ]; then
-    send_notice 'LETSENCRYPT' "web server needs to be restarted manually"
-fi
+# Deleteing task from queue
+touch $VESTA/data/queue/letsencrypt.pipe
+sed -i "/ $domain /d" $VESTA/data/queue/letsencrypt.pipe
 
 # Notifying user
 send_notice 'LETSENCRYPT' "$domain SSL has been installed successfully"
 
-# Deleteing task from queue
-touch $VESTA/data/queue/letsencrypt.pipe
-sed -i "/ $domain /d" $VESTA/data/queue/letsencrypt.pipe
 
 # Logging
 log_event "$OK" "$ARGUMENTS"
diff --git a/bin/v-add-letsencrypt-user b/bin/v-add-letsencrypt-user
index 6bd3c560..f3a19163 100755
--- a/bin/v-add-letsencrypt-user
+++ b/bin/v-add-letsencrypt-user
@@ -1,8 +1,8 @@
 #!/bin/bash
 # info: register letsencrypt user account
-# options: USER [TYPE]
+# options: USER
 #
-# The function creates and register LetsEncript account key
+# The function creates and register LetsEncript account 
 
 
 #----------------------------------------------------------#
@@ -11,8 +11,9 @@
 
 # Argument definition
 user=$1
-type=${2-1}
-key_size=4096
+
+# LE API
+API='https://acme-v02.api.letsencrypt.org'
 
 # Includes
 source $VESTA/func/main.sh
@@ -23,22 +24,39 @@ encode_base64() {
     cat |base64 |tr '+/' '-_' |tr -d '\r\n='
 }
 
+# Let's Encrypt v2 curl function
+query_le_v2() {
+    protected='{"nonce": "'$3'",'
+    protected=''$protected' "url": "'$1'",'
+    protected=''$protected' "alg": "RS256", "jwk": '$jwk'}'
+    content="Content-Type: application/jose+json"
+
+    payload_=$(echo -n "$2" |encode_base64)
+    protected_=$(echo -n "$protected" |encode_base64)
+    signature_=$(printf "%s" "$protected_.$payload_" |\
+        openssl dgst -sha256 -binary -sign $USER_DATA/ssl/user.key |\
+        encode_base64)
+
+    post_data='{"protected":"'"$protected_"'",'
+    post_data=$post_data'"payload":"'"$payload_"'",'
+    post_data=$post_data'"signature":"'"$signature_"'"}'
+
+    curl -s -i -d "$post_data" "$1" -H "$content"
+}
+
 
 #----------------------------------------------------------#
 #                    Verifications                         #
 #----------------------------------------------------------#
 
-check_args '1' "$#" 'USER [TYPE]'
+check_args '1' "$#" 'USER'
 is_format_valid 'user'
 is_object_valid 'user' 'USER' "$user"
 if [ -e "$USER_DATA/ssl/le.conf" ]; then
     source "$USER_DATA/ssl/le.conf"
-    if [ "$type" -eq 1 ] && [ ! -z "$EMAIL" ]; then
-        exit
-    fi
-    if [ "$type" -eq 2 ] && [ ! -z "$KID" ]; then
-        exit
-    fi
+fi
+if [ ! -z "$KID" ]; then
+    exit
 fi
 
 
@@ -46,108 +64,57 @@ fi
 #                       Action                             #
 #----------------------------------------------------------#
 
-# Defining LE API endpoint
-if [ "$type" -eq 1 ]; then
-    api='https://acme-v01.api.letsencrypt.org'
-else
-    api='https://acme-v02.api.letsencrypt.org'
-fi
 
 # Defining user email
-if [ $type -eq 1 ]; then
-    email=$(get_user_value '$CONTACT')
+if [[ -z "$EMAIL" ]]; then
+    EMAIL=$(get_user_value '$CONTACT')
 fi
 
 # Defining user agreement
-if [ "$type" -eq 1 ]; then
-    agreement=$(curl -s -I "$api/terms" |grep Location |\
-        cut -f 2 -d \ |tr -d '\r\n')
-else
-    #agreement=$(curl -s "$api/directory" |grep termsOfService |\
-    #    cut -f 4 -d '"')
-    agreement=''
-fi
+agreement=''
 
 # Generating user key
-key="$USER_DATA/ssl/user.key"
-if [ ! -e "$key" ]; then
-    openssl genrsa -out $key $key_size >/dev/null 2>&1
-    chmod 600 $key
+KEY="$USER_DATA/ssl/user.key"
+if [ ! -e "$KEY" ]; then
+    openssl genrsa -out $KEY 4096 >/dev/null 2>&1
+    chmod 600 $KEY
 fi
 
 # Defining key exponent
 if [ -z "$EXPONENT" ]; then
-    exponent=$(openssl pkey -inform pem -in "$key" -noout -text_pub |\
+    EXPONENT=$(openssl pkey -inform pem -in "$KEY" -noout -text_pub |\
         grep Exponent: |cut -f 2 -d '(' |cut -f 1 -d ')' |sed -e 's/x//' |\
         xxd -r -p |encode_base64)
-else
-    exponent="$EXPONENT"
 fi
 
 # Defining key modulus
 if [ -z "$MODULUS" ]; then
-    modulus=$(openssl rsa -in "$key" -modulus -noout |\
+    MODULUS=$(openssl rsa -in "$KEY" -modulus -noout |\
         sed -e 's/^Modulus=//' |xxd -r -p |encode_base64)
-else
-    modulus="$MODULUS"
 fi
 
-# Defining JWK token
-jwk='{"e":"'$exponent'","kty":"RSA","n":"'"$modulus"'"}'
+# Defining JWK
+jwk='{"e":"'$EXPONENT'","kty":"RSA","n":"'"$MODULUS"'"}'
 
 # Defining key thumbnail
 if [ -z "$THUMB" ]; then
-    thumb="$(echo -n "$jwk" |openssl dgst -sha256 -binary |encode_base64)"
-else
-    thumb="$THUMB"
+    THUMB="$(echo -n "$jwk" |openssl dgst -sha256 -binary |encode_base64)"
 fi
 
+
 # Requesting ACME nonce
-nonce=$(curl -s -I "$api/directory" |grep Nonce |cut -f 2 -d \ |tr -d '\r\n')
+nonce=$(curl -s -I "$API/directory" |grep Nonce |cut -f 2 -d \ |tr -d '\r\n')
 
-# Defining payload and protected data for v1 and v2
-if [ "$type" -eq 1 ]; then
-    header='{"alg":"RS256","jwk":'"$jwk"'}'
-    protected='{"nonce":"'"$nonce"'"}'
-    payload='{"resource":"new-reg","contact":["mailto:'"$email"'"],'
-    payload=$payload'"agreement":"'$agreement'"}'
+# Creating ACME account
+url="$API/acme/new-acct"
+payload='{"termsOfServiceAgreed": true}'
+answer=$(query_le_v2 "$url" "$payload" "$nonce")
+kid=$(echo "$answer" |grep Location: |cut -f2 -d ' '|tr -d '\r')
 
-else
-    protected='{"nonce": "'$nonce'",'
-    protected=''$protected' "url": "'$api/acme/new-acct'",'
-    protected=''$protected' "alg": "RS256", "jwk": '$jwk'}'
-    payload='{"termsOfServiceAgreed": true}'
-fi
-
-# Encoding data
-protected=$(echo -n "$protected" |encode_base64)
-payload=$(echo -n "$payload" |encode_base64)
-
-# Signing request
-signature=$(printf "%s" "$protected.$payload" |\
-    openssl dgst -sha256 -binary -sign "$key" |\
-    encode_base64)
-
-if [ "$type" -eq 1 ]; then
-    data='{"header":'"$header"',"protected":"'"$protected"'",'
-    data=$data'"payload":"'"$payload"'","signature":"'"$signature"'"}'
-
-    answer=$(curl -s -i -d "$data" "$api/acme/new-reg")
-    status=$(echo "$answer" |grep HTTP/1.1 |tail -n1 |cut -f2 -d ' ')
-else
-    data='{"protected":"'"$protected"'",'
-    data=$data'"payload":"'"$payload"'",'
-    data=$data'"signature":"'"$signature"'"}'
-
-    answer=$(curl -s -i -d "$data" "$api/acme/new-acct" \
-        -H "Content-Type: application/jose+json")
-    status=$(echo "$answer" |grep HTTP/1.1 |tail -n1 |cut -f2 -d ' ')
-    kid=$(echo "$answer" |grep Location: |cut -f2 -d ' '|tr -d '\r')
-fi
-
-# Checking http answer status
-if [[ "${status:0:2}" -ne "20" ]] && [[ "$status" -ne "409" ]]; then
-    check_result $E_CONNECT "LetsEncrypt account registration $status"
+# Checking answer status
+status=$(echo "$answer" |grep HTTP/1.1 |tail -n1 |cut -f2 -d ' ')
+if [[ "${status:0:2}" -ne "20" ]]; then
+    check_result $E_CONNECT "Let's Encrypt acc registration failed $status"
 fi
 
 
@@ -157,23 +124,15 @@ fi
 
 # Adding le.conf
 if [ ! -e "$USER_DATA/ssl/le.conf" ]; then
-    echo "EXPONENT='$exponent'" > $USER_DATA/ssl/le.conf
-    echo "MODULUS='$modulus'" >> $USER_DATA/ssl/le.conf
-    echo "THUMB='$thumb'" >> $USER_DATA/ssl/le.conf
-    if [ "$type" -eq 1 ]; then
-        echo "EMAIL='$email'" >> $USER_DATA/ssl/le.conf
-    else
-        echo "KID='$kid'" >> $USER_DATA/ssl/le.conf
-    fi
+    echo "EXPONENT='$EXPONENT'" > $USER_DATA/ssl/le.conf
+    echo "MODULUS='$MODULUS'" >> $USER_DATA/ssl/le.conf
+    echo "THUMB='$THUMB'" >> $USER_DATA/ssl/le.conf
+    echo "EMAIL='$EMAIL'" >> $USER_DATA/ssl/le.conf
+    echo "KID='$kid'" >> $USER_DATA/ssl/le.conf
     chmod 660  $USER_DATA/ssl/le.conf
 else
-    if [ "$type" -eq 1 ]; then
-        sed -i '/^EMAIL=/d' $USER_DATA/ssl/le.conf
-        echo "EMAIL='$email'" >> $USER_DATA/ssl/le.conf
-    else
-        sed -i '/^KID=/d' $USER_DATA/ssl/le.conf
-        echo "KID='$kid'" >> $USER_DATA/ssl/le.conf
-    fi
+    sed -i '/^KID=/d' $USER_DATA/ssl/le.conf
+    echo "KID='$kid'" >> $USER_DATA/ssl/le.conf
 fi
 
 # Logging
diff --git a/bin/v-check-letsencrypt-domain b/bin/v-check-letsencrypt-domain
deleted file mode 100755
index 97e24878..00000000
--- a/bin/v-check-letsencrypt-domain
+++ /dev/null
@@ -1,162 +0,0 @@
-#!/bin/bash
-# info: check letsencrypt domain
-# options: USER DOMAIN
-#
-# The function check and validates domain with LetsEncript
-
-
-#----------------------------------------------------------#
-#                    Variable&Function                     #
-#----------------------------------------------------------#
-
-# Argument definition
-user=$1
-domain=$2
-
-# Includes
-source $VESTA/func/main.sh
-source $VESTA/conf/vesta.conf
-
-# encode base64
-encode_base64() {
-    cat |base64 |tr '+/' '-_' |tr -d '\r\n='
-}
-
-# Additional argument formatting
-format_domain_idn
-
-
-#----------------------------------------------------------#
-#                    Verifications                         #
-#----------------------------------------------------------#
-
-check_args '2' "$#" 'USER DOMAIN'
-is_format_valid 'user' 'domain'
-is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM'
-is_object_valid 'user' 'USER' "$user"
-is_object_unsuspended 'user' 'USER' "$user"
-if [ ! -e "$USER_DATA/ssl/le.conf" ]; then
-    check_result $E_NOTEXIST "LetsEncrypt key doesn't exist"
-fi
-rdomain=$(egrep "'$domain'|'$domain,|,$domain,|,$domain'" $USER_DATA/web.conf)
-if [ -z "$rdomain" ]; then
-    check_result $E_NOTEXIST "domain $domain doesn't exist"
-fi
-
-
-#----------------------------------------------------------#
-#                       Action                             #
-#----------------------------------------------------------#
-
-source $USER_DATA/ssl/le.conf
-api='https://acme-v01.api.letsencrypt.org'
-r_domain=$(echo "$rdomain" |cut -f 2 -d \')
-key="$USER_DATA/ssl/user.key"
-exponent="$EXPONENT"
-modulus="$MODULUS"
-thumb="$THUMB"
-
-# Defining JWK header
-header='{"e":"'$exponent'","kty":"RSA","n":"'"$modulus"'"}'
-header='{"alg":"RS256","jwk":'"$header"'}'
-
-# Requesting nonce
-nonce=$(curl -s -I "$api/directory" |grep Nonce |cut -f2 -d \ |tr -d '\r\n')
-protected=$(echo -n '{"nonce":"'"$nonce"'"}' |encode_base64)
-
-# Defining ACME query (request challenge)
-query='{"resource":"new-authz","identifier"'
-query=$query':{"type":"dns","value":"'"$domain_idn"'"}}'
-payload=$(echo -n "$query" |encode_base64)
-signature=$(printf "%s" "$protected.$payload" |\
-    openssl dgst -sha256 -binary -sign "$key" |encode_base64)
-data='{"header":'"$header"',"protected":"'"$protected"'",'
-data=$data'"payload":"'"$payload"'","signature":"'"$signature"'"}'
-
-# Sending request to LetsEncrypt API
-answer=$(curl -s -i -d "$data" "$api/acme/new-authz")
-
-# Checking http answer status
-status=$(echo "$answer" |grep HTTP/1.1 |tail -n1 |cut -f2 -d ' ')
-if [[ "$status" -ne "201" ]]; then
-    check_result $E_CONNECT "LetsEncrypt challenge request $status"
-fi
-
-# Parsing domain nonce,token and uri
-nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n')
-protected=$(echo -n '{"nonce":"'"$nonce"'"}' |encode_base64)
-token=$(echo "$answer" |grep -A 3 http-01 |grep token |cut -f 4 -d \")
-uri=$(echo "$answer" |grep -A 3 http-01 |grep uri |cut -f 4 -d \")
-
-# Adding location wrapper for request challenge
-if [ "$WEB_SYSTEM" = 'nginx' ] || [ "$PROXY_SYSTEM" = 'nginx' ]; then
-    conf="$HOMEDIR/$user/conf/web/nginx.$r_domain.conf_letsencrypt"
-    sconf="$HOMEDIR/$user/conf/web/snginx.$r_domain.conf_letsencrypt"
-    if [ ! -e "$conf" ]; then
-        echo 'location ~ "^/\.well-known/acme-challenge/(.*)$" {' > $conf
-        echo '    default_type text/plain;' >> $conf
-        echo '    return 200 "$1.'$thumb'";' >> $conf
-        echo '}' >> $conf
-    fi
-    if [ ! -e "$sconf" ]; then
-        ln -s "$conf" "$sconf"
-    fi
-else
-    acme="$HOMEDIR/$user/web/$r_domain/public_html/.well-known/acme-challenge"
-    if [ ! -d "$acme" ]; then
-        mkdir -p $acme
-    fi
-    echo "$token.$thumb" > $acme/$token
-    chown -R $user:$user $HOMEDIR/$user/web/$r_domain/public_html/.well-known
-fi
-
-# Restarting web server
-if [ -z "$PROXY_SYSTEM" ]; then
-    $BIN/v-restart-web
-    check_result $? "Proxy restart failed" >/dev/null
-else
-    $BIN/v-restart-proxy
-    $BIN/v-restart-web
-    check_result $? "Web restart failed" >/dev/null
-fi
-
-# Defining ACME query (request validation)
-query='{"resource":"challenge","type":"http-01","keyAuthorization"'
-query=$query':"'$token.$thumb'","token":"'$token'"}'
-payload=$(echo -n "$query" |encode_base64)
-signature=$(printf "%s" "$protected.$payload" |\
-    openssl dgst -sha256 -binary -sign "$key" |encode_base64)
-data='{"header":'"$header"',"protected":"'"$protected"'",'
-data=$data'"payload":"'"$payload"'","signature":"'"$signature"'"}'
-
-# Sending request to LetsEncrypt API
-answer=$(curl -s -i -d "$data" "$uri")
-
-# Checking domain validation status
-i=1
-status=$(echo $answer |tr ',' '\n' |grep status |cut -f 4 -d \")
-location=$(echo "$answer" |grep Location: |awk '{print $2}' |tr -d '\r\n')
-while [ "$status" = 'pending' ]; do
-    answer=$(curl -s -i "$location")
-    detail="$(echo $answer |tr ',' '\n' |grep detail |cut -f 4 -d \")"
-    status=$(echo "$answer" |tr ',' '\n' |grep status |cut -f 4 -d \")
-    sleep 1
-    i=$((i + 1))
-    if [ "$i" -gt 60 ]; then
-        check_result $E_CONNECT "$detail"
-    fi
-done
-if [ "$status" = 'invalid' ]; then
-    detail="$(echo $answer |tr ',' '\n' |grep detail |cut -f 4 -d \")"
-    check_result $E_CONNECT "$detail"
-fi
-
-
-#----------------------------------------------------------#
-#                       Vesta                              #
-#----------------------------------------------------------#
-
-# Logging
-log_event "$OK" "$ARGUMENTS"
-
-exit
diff --git a/bin/v-sign-letsencrypt-csr b/bin/v-sign-letsencrypt-csr
deleted file mode 100755
index 414eb8b3..00000000
--- a/bin/v-sign-letsencrypt-csr
+++ /dev/null
@@ -1,110 +0,0 @@
-#!/bin/bash
-# info: sing letsencrypt csr
-# options: USER DOMAIN CSR_DIR [FORMAT]
-#
-# The function signs certificate request using LetsEncript API
-
-
-#----------------------------------------------------------#
-#                    Variable&Function                     #
-#----------------------------------------------------------#
-
-# Argument definition
-user=$1
-domain=$2
-csr="$3/$domain.csr"
-format=$4
-
-# Includes
-source $VESTA/func/main.sh
-source $VESTA/conf/vesta.conf
-
-# encode base64
-encode_base64() {
-    cat |base64 |tr '+/' '-_' |tr -d '\r\n='
-}
-
-
-#----------------------------------------------------------#
-#                    Verifications                         #
-#----------------------------------------------------------#
-
-check_args '3' "$#" 'USER DOMAIN CSR'
-is_format_valid 'user' 'domain'
-is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM'
-is_object_valid 'user' 'USER' "$user"
-is_object_unsuspended 'user' 'USER' "$user"
-if [ ! -e "$USER_DATA/ssl/le.conf" ]; then
-    check_result $E_NOTEXIST "LetsEncrypt key doesn't exist"
-fi
-check_domain=$(grep -w "$domain'" $USER_DATA/web.conf)
-if [ -z "$check_domain" ]; then
-    check_result $E_NOTEXIST "domain $domain doesn't exist"
-fi
-if [ ! -e "$csr" ]; then
-    check_result $E_NOTEXIST "$csr doesn't exist"
-fi
-
-
-#----------------------------------------------------------#
-#                       Action                             #
-#----------------------------------------------------------#
-
-source $USER_DATA/ssl/le.conf
-api='https://acme-v01.api.letsencrypt.org'
-key="$USER_DATA/ssl/user.key"
-exponent="$EXPONENT"
-modulus="$MODULUS"
-thumb="$THUMB"
-
-# Defining JWK header
-header='{"e":"'$exponent'","kty":"RSA","n":"'"$modulus"'"}'
-header='{"alg":"RS256","jwk":'"$header"'}'
-
-# Requesting nonce
-nonce=$(curl -s -I "$api/directory" |grep Nonce |cut -f2 -d \ |tr -d '\r\n')
-protected=$(echo -n '{"nonce":"'"$nonce"'"}' |encode_base64)
-
-# Defining ACME query (request challenge)
-csr=$(openssl req -in $csr -outform DER |encode_base64)
-query='{"resource":"new-cert","csr":"'$csr'"}'
-payload=$(echo -n "$query" |encode_base64)
-signature=$(printf "%s" "$protected.$payload" |\
-    openssl dgst -sha256 -binary -sign "$key" |encode_base64)
-data='{"header":'"$header"',"protected":"'"$protected"'",'
-data=$data'"payload":"'"$payload"'","signature":"'"$signature"'"}'
-
-# Sending request to LetsEncrypt API
-answer=$(mktemp)
-curl -s -d "$data" "$api/acme/new-cert" -o $answer
-if [ ! -z "$(grep Error $answer)" ]; then
-    detail="$(cat $answer |tr ',' '\n' |grep detail |cut -f 4 -d \")"
-    detail=$(echo "$detail" |awk -F "::" '{print $2}')
-    rm $answer
-    check_result $E_LIMIT "$detail"
-fi
-
-# Printing certificate
-crt=$(cat "$answer" |openssl base64 -e)
-rm $answer
-if [ "$format" != 'json' ]; then
-    echo "-----BEGIN CERTIFICATE-----"
-    echo "$crt"
-    echo "-----END CERTIFICATE-----"
-else
-    echo -e "{\n\t\"$domain\": {\n\t\t\"CRT\":\""
-    echo -n '-----BEGIN CERTIFICATE-----\n'
-    echo -n "$crt" |sed ':a;N;$!ba;s/\n/\\n/g'
-    echo -n '-----END CERTIFICATE-----'
-    echo -e  "\"\n\t\t}\n\t}"
-fi
-
-
-#----------------------------------------------------------#
-#                       Vesta                              #
-#----------------------------------------------------------#
-
-# Logging
-log_event "$OK" "$ARGUMENTS"
-
-exit
diff --git a/bin/v-update-letsencrypt-ssl b/bin/v-update-letsencrypt-ssl
index 17f8f0f6..a5cbc286 100755
--- a/bin/v-update-letsencrypt-ssl
+++ b/bin/v-update-letsencrypt-ssl
@@ -22,51 +22,32 @@ source $VESTA/conf/vesta.conf
 #                       Action                             #
 #----------------------------------------------------------#
 
-# Defining user list
-users=$($BIN/v-list-users | tail -n+3 | awk '{ print $1 }')
-
-lecounter=0
-
-# Checking users
-for user in $users; do
+# Checking user certificates
+for user in $($BIN/v-list-users plain |cut -f 1); do
     USER_DATA=$VESTA/data/users/$user
-    # Checking user certificates
+    lecounter=0
+
     for domain in $(search_objects 'web' 'LETSENCRYPT' 'yes' 'DOMAIN'); do
-        # Working on Web domain check - if is suspended
-        webSuspended=$(grep "DOMAIN='$domain'" $USER_DATA/web.conf |grep "SUSPENDED='yes")
-        if [ ! -z "$webSuspended" ]; then
-                continue;
-        fi;
-        crt="$VESTA/data/users/$user/ssl/$domain.crt"
-        crt_data=$(openssl x509 -text -in "$crt")
-        expire=$(echo "$crt_data" |grep "Not After")
-        expire=$(echo "$expire" |cut -f 2,3,4 -d :)
-        expire=$(date -d "$expire" +%s)
+        crt_data=$(openssl x509 -text -in $USER_DATA/ssl/$domain.crt)
+        not_after=$(echo "$crt_data" |grep "Not After" |cut -f 2,3,4 -d :)
+        expiration=$(date -d "$not_after" +%s)
         now=$(date +%s)
-        expire=$((expire - now))
-        expire=$((expire / 86400))
-        domain=$(basename $crt |sed -e "s/.crt$//")
-        if [[ "$expire" -lt 31 ]]; then
-            if [ $lecounter -gt 0 ]; then
-                sleep 10
-            fi
-            ((lecounter++))
+        seconds_valid=$((expiration - now))
+        days_valid=$((seconds_valid / 86400))
+        if [[ "$days_valid" -lt 31 ]]; then
             aliases=$(echo "$crt_data" |grep DNS:)
             aliases=$(echo "$aliases" |sed -e "s/DNS://g" -e "s/,//")
             aliases=$(echo "$aliases" |tr ' ' '\n' |sed "/^$/d")
             aliases=$(echo "$aliases" |grep -v "^$domain$")
-            if [ ! -z "$aliases" ]; then
-                aliases=$(echo "$aliases" |sed -e ':a;N;$!ba;s/\n/,/g')
-                msg=$($BIN/v-add-letsencrypt-domain $user $domain $aliases)
-                if [ $? -ne 0 ]; then
-                    echo "$domain $msg"
-                fi
-            else
-                msg==$($BIN/v-add-letsencrypt-domain $user $domain)
-                if [ $? -ne 0 ]; then
-                    echo "$domain $msg"
-                fi
+            aliases=$(echo "$aliases" |sed -e ':a;N;$!ba;s/\n/,/g')
+            msg=$($BIN/v-add-letsencrypt-domain $user $domain $aliases)
+            if [ $? -ne 0 ]; then
+                echo "$domain $msg"
             fi
+            if [ $lecounter -gt 0 ]; then
+                sleep 10
+            fi
+            ((lecounter++))
         fi
     done
 done

From 8010f5d80261ed4ba9d2f2094229b283d0ab47be Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Thu, 27 Dec 2018 20:56:14 +0100
Subject: [PATCH 0302/2300] CentOS7: Register /sbin/nologin and
 /usr/sbin/nologin

Fix for https://github.com/serghey-rodin/vesta/issues/1437
---
 install/vst-install-rhel.sh | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/install/vst-install-rhel.sh b/install/vst-install-rhel.sh
index 385534ec..b7c2839e 100755
--- a/install/vst-install-rhel.sh
+++ b/install/vst-install-rhel.sh
@@ -691,6 +691,10 @@ chmod a+x /backup
 # Set directory color
 echo 'LS_COLORS="$LS_COLORS:di=00;33"' >> /etc/profile
 
+# Register /sbin/nologin and /usr/sbin/nologin
+echo "/sbin/nologin" >> /etc/shells
+echo "/usr/sbin/nologin" >> /etc/shells
+
 # Changing default systemd interval
 if [ "$release" -eq '7' ]; then
     # Hi Lennart

From 0d85c88d181a314b22ec1d0489bdfb3269e53fd6 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Thu, 27 Dec 2018 21:10:17 +0100
Subject: [PATCH 0303/2300] Bringing back Better handling of calm-down routine
 while LE renewing

Accidentally overwritten in https://github.com/serghey-rodin/vesta/commit/f8b4d42b740752e17944370440f37d3105f4b21f commit
Original commit: https://github.com/serghey-rodin/vesta/commit/3d8b6a87a77ae8c026e90eb45212349585adc5e3

Calming down is because https://github.com/serghey-rodin/vesta/issues/1193 issue
---
 bin/v-update-letsencrypt-ssl | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/bin/v-update-letsencrypt-ssl b/bin/v-update-letsencrypt-ssl
index a5cbc286..4dd1fcc0 100755
--- a/bin/v-update-letsencrypt-ssl
+++ b/bin/v-update-letsencrypt-ssl
@@ -22,10 +22,11 @@ source $VESTA/conf/vesta.conf
 #                       Action                             #
 #----------------------------------------------------------#
 
+lecounter=0
+
 # Checking user certificates
 for user in $($BIN/v-list-users plain |cut -f 1); do
     USER_DATA=$VESTA/data/users/$user
-    lecounter=0
 
     for domain in $(search_objects 'web' 'LETSENCRYPT' 'yes' 'DOMAIN'); do
         crt_data=$(openssl x509 -text -in $USER_DATA/ssl/$domain.crt)
@@ -35,6 +36,10 @@ for user in $($BIN/v-list-users plain |cut -f 1); do
         seconds_valid=$((expiration - now))
         days_valid=$((seconds_valid / 86400))
         if [[ "$days_valid" -lt 31 ]]; then
+            if [ $lecounter -gt 0 ]; then
+                sleep 10
+            fi
+            ((lecounter++))
             aliases=$(echo "$crt_data" |grep DNS:)
             aliases=$(echo "$aliases" |sed -e "s/DNS://g" -e "s/,//")
             aliases=$(echo "$aliases" |tr ' ' '\n' |sed "/^$/d")
@@ -44,10 +49,6 @@ for user in $($BIN/v-list-users plain |cut -f 1); do
             if [ $? -ne 0 ]; then
                 echo "$domain $msg"
             fi
-            if [ $lecounter -gt 0 ]; then
-                sleep 10
-            fi
-            ((lecounter++))
         fi
     done
 done

From 937efa20543dfd0ee4e08f0f4d2278fc21f739c6 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 11 Jan 2019 00:00:36 +0100
Subject: [PATCH 0304/2300] nice -n 19 for backups

---
 bin/v-backup-users | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/bin/v-backup-users b/bin/v-backup-users
index ed43f8f3..c3ceb7c8 100755
--- a/bin/v-backup-users
+++ b/bin/v-backup-users
@@ -30,6 +30,7 @@ mysqlrepair --all-databases --check --auto-repair > /dev/null 2>&1
 if [ -z "$BACKUP_SYSTEM" ]; then
     exit
 fi
+i_am_in_backup_all_users=1
 for user in $(grep '@' /etc/passwd |cut -f1 -d:); do
     if [ ! -f "$VESTA/data/users/$user/user.conf" ]; then
         continue;
@@ -41,7 +42,7 @@ for user in $(grep '@' /etc/passwd |cut -f1 -d:); do
         echo -e "================================" >> $log
         echo -e "$user" >> $log
         echo -e "--------------------------------\n" >> $log
-        $BIN/v-backup-user $user >> $log 2>&1
+        nice -n 19 $BIN/v-backup-user $user >> $log 2>&1
         echo -e "\n--------------------------------\n\n" >> $log
     fi
 done

From 81fba766953c945859deac315bddcc5ff10ffb89 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 11 Jan 2019 00:09:56 +0100
Subject: [PATCH 0305/2300] Mute wait_for_backup

---
 func/main.sh | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/func/main.sh b/func/main.sh
index 6cad5b13..65c62cc5 100644
--- a/func/main.sh
+++ b/func/main.sh
@@ -12,6 +12,7 @@ WEBTPL=$VESTA/data/templates/web
 DNSTPL=$VESTA/data/templates/dns
 RRD=$VESTA/web/rrd
 SENDMAIL="$VESTA/web/inc/mail-wrapper.php"
+i_am_in_backup_all_users=0
 
 # Return codes
 OK=0
@@ -944,7 +945,11 @@ wait_for_backup_if_it_is_not_time_for_backup() {
     la=$(cat /proc/loadavg |cut -f 1 -d ' ' |cut -f 1 -d '.')
     # i=0
     while [ "$la" -ge "$BACKUP_LA_LIMIT" ]; do
-        echo -e "$(date "+%F %T") Load Average $la"
+        if [ "$i_am_in_backup_all_users" -eq 0 ]; then
+            echo -e "$(date "+%F %T") Load Average $la"
+        else
+            echo -e "$(date "+%F %T") Load Average $la" >> $log
+        fi
         sleep 60
         # if [ "$i" -ge "15" ]; then
             # la_error="LoadAverage $la is above threshold"
@@ -968,7 +973,11 @@ wait_for_backup_if_it_is_not_time_for_backup() {
             # fi
             WAIT_LOOP_ENTERED=1
             current_date_time="`date "+%Y-%m-%d %H:%M:%S"`";
-            echo "$current_date_time - wait to backup user $user - current hour is $hour";
+            if [ "$i_am_in_backup_all_users" -eq 0 ]; then
+                echo "$current_date_time - wait to backup user $user - current hour is $hour"
+            else
+                echo "$current_date_time - wait to backup user $user - current hour is $hour" >> $log
+            fi
             sleep 300
             hour=$(date +"%H");
         done

From 38f5b16019de37a8bc9826fa4c56d863dce91211 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 11 Jan 2019 00:13:08 +0100
Subject: [PATCH 0306/2300] Log mysqlrepair

---
 bin/v-backup-users | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/bin/v-backup-users b/bin/v-backup-users
index c3ceb7c8..41a040cb 100755
--- a/bin/v-backup-users
+++ b/bin/v-backup-users
@@ -22,10 +22,12 @@ source $VESTA/conf/vesta.conf
 #                       Action                             #
 #----------------------------------------------------------#
 
+log=$VESTA/log/backup.log
+
 $BIN/v-check-vesta-license >/dev/null
 
 # Auto-repair all databases before backuping all accounts
-mysqlrepair --all-databases --check --auto-repair > /dev/null 2>&1
+mysqlrepair --all-databases --check --auto-repair >> $log 2>&1
 
 if [ -z "$BACKUP_SYSTEM" ]; then
     exit
@@ -37,7 +39,6 @@ for user in $(grep '@' /etc/passwd |cut -f1 -d:); do
     fi
     wait_for_backup_if_it_is_not_time_for_backup
     check_suspend=$(grep "SUSPENDED='no'" $VESTA/data/users/$user/user.conf)
-    log=$VESTA/log/backup.log
     if [ ! -z "$check_suspend" ]; then
         echo -e "================================" >> $log
         echo -e "$user" >> $log

From f8461813d73a7240c9606dbb7bc09bb1f46c1b26 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 11 Jan 2019 00:22:00 +0100
Subject: [PATCH 0307/2300] Don't make backup before 1 AM

---
 func/main.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/func/main.sh b/func/main.sh
index 65c62cc5..eb1bcd37 100644
--- a/func/main.sh
+++ b/func/main.sh
@@ -966,7 +966,7 @@ wait_for_backup_if_it_is_not_time_for_backup() {
     if pgrep -x "v-backup-users" > /dev/null
     then
         hour=$(date +"%H");
-        while [ "$hour" -gt "6" ]; do
+        while [ "$hour" -gt "6" ] && [ "$hour" -lt "1" ]; do
             # if [ "$WAIT_LOOP_ENTERED" -eq 0 ]; then
                 # do something when enter sleeping state
                 # $BIN/v-restart-web-backend

From a46490af772aa79cb4e5a079970a2446477cf81c Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 11 Jan 2019 00:24:50 +0100
Subject: [PATCH 0308/2300] OR instead AND

---
 func/main.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/func/main.sh b/func/main.sh
index eb1bcd37..ded0eb4b 100644
--- a/func/main.sh
+++ b/func/main.sh
@@ -966,7 +966,7 @@ wait_for_backup_if_it_is_not_time_for_backup() {
     if pgrep -x "v-backup-users" > /dev/null
     then
         hour=$(date +"%H");
-        while [ "$hour" -gt "6" ] && [ "$hour" -lt "1" ]; do
+        while [ "$hour" -gt "6" ] || [ "$hour" -lt "1" ]; do
             # if [ "$WAIT_LOOP_ENTERED" -eq 0 ]; then
                 # do something when enter sleeping state
                 # $BIN/v-restart-web-backend

From 5259f53dd80abc0845e29125c6b150cc32c434c9 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 11 Jan 2019 00:30:47 +0100
Subject: [PATCH 0309/2300] Reseting i_am_in_backup_all_user

---
 bin/v-backup-users | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/bin/v-backup-users b/bin/v-backup-users
index 41a040cb..bf06e5f8 100755
--- a/bin/v-backup-users
+++ b/bin/v-backup-users
@@ -43,7 +43,9 @@ for user in $(grep '@' /etc/passwd |cut -f1 -d:); do
         echo -e "================================" >> $log
         echo -e "$user" >> $log
         echo -e "--------------------------------\n" >> $log
+        i_am_in_backup_all_users=0
         nice -n 19 $BIN/v-backup-user $user >> $log 2>&1
+        i_am_in_backup_all_users=1
         echo -e "\n--------------------------------\n\n" >> $log
     fi
 done

From fcbb523c05bc4512ee0586a77f6e7a1c9949f2a2 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 11 Jan 2019 13:59:15 +0100
Subject: [PATCH 0310/2300] Added ionice to backup

---
 bin/v-backup-users | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/bin/v-backup-users b/bin/v-backup-users
index bf06e5f8..df9cf6ee 100755
--- a/bin/v-backup-users
+++ b/bin/v-backup-users
@@ -27,7 +27,7 @@ log=$VESTA/log/backup.log
 $BIN/v-check-vesta-license >/dev/null
 
 # Auto-repair all databases before backuping all accounts
-mysqlrepair --all-databases --check --auto-repair >> $log 2>&1
+nice -n 19 ionice -c 3 mysqlrepair --all-databases --check --auto-repair >> $log 2>&1
 
 if [ -z "$BACKUP_SYSTEM" ]; then
     exit
@@ -44,7 +44,7 @@ for user in $(grep '@' /etc/passwd |cut -f1 -d:); do
         echo -e "$user" >> $log
         echo -e "--------------------------------\n" >> $log
         i_am_in_backup_all_users=0
-        nice -n 19 $BIN/v-backup-user $user >> $log 2>&1
+        nice -n 19 ionice -c 3 $BIN/v-backup-user $user >> $log 2>&1
         i_am_in_backup_all_users=1
         echo -e "\n--------------------------------\n\n" >> $log
     fi

From 18ec586831c9f06394e4f3184cb44471f2a389b0 Mon Sep 17 00:00:00 2001
From: ifaist0s 
Date: Tue, 22 Jan 2019 12:51:59 +0200
Subject: [PATCH 0311/2300] Use of deprecated directive

FIX: [warn] 31172#31172: the "ssl" directive is deprecated, use the "listen ... ssl" directive instead
CAUSE: http://hg.nginx.org/nginx/rev/46c0c7ef4913
---
 install/ubuntu/16.04/templates/web/nginx/caching.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/16.04/templates/web/nginx/caching.stpl b/install/ubuntu/16.04/templates/web/nginx/caching.stpl
index 5e0e4064..e149b98b 100755
--- a/install/ubuntu/16.04/templates/web/nginx/caching.stpl
+++ b/install/ubuntu/16.04/templates/web/nginx/caching.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From 45a6824990a75d11c8faa578b785b7289cda961a Mon Sep 17 00:00:00 2001
From: ifaist0s 
Date: Tue, 22 Jan 2019 12:52:36 +0200
Subject: [PATCH 0312/2300] Use of deprecated directive

FIX: [warn] 31172#31172: the "ssl" directive is deprecated, use the "listen ... ssl" directive instead
CAUSE: http://hg.nginx.org/nginx/rev/46c0c7ef4913
---
 install/ubuntu/16.04/templates/web/nginx/hosting.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/16.04/templates/web/nginx/hosting.stpl b/install/ubuntu/16.04/templates/web/nginx/hosting.stpl
index d778d633..1ef8994b 100755
--- a/install/ubuntu/16.04/templates/web/nginx/hosting.stpl
+++ b/install/ubuntu/16.04/templates/web/nginx/hosting.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From a72ecfbcfb4d4f23040ae0c1e3191357bb1eb08f Mon Sep 17 00:00:00 2001
From: ifaist0s 
Date: Tue, 22 Jan 2019 12:58:48 +0200
Subject: [PATCH 0313/2300] Use of deprecated directive

FIX: [warn] 31172#31172: the "ssl" directive is deprecated, use the "listen ... ssl" directive instead
CAUSE: http://hg.nginx.org/nginx/rev/46c0c7ef4913
---
 install/ubuntu/16.04/templates/web/nginx/http2.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/16.04/templates/web/nginx/http2.stpl b/install/ubuntu/16.04/templates/web/nginx/http2.stpl
index 72e72a90..f225becd 100644
--- a/install/ubuntu/16.04/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/16.04/templates/web/nginx/http2.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port% http2;
+    listen      %ip%:%proxy_ssl_port% ssl http2;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From 6c072a91c4773203e2d07fd2936dea9f8039b8aa Mon Sep 17 00:00:00 2001
From: ifaist0s 
Date: Tue, 22 Jan 2019 12:59:33 +0200
Subject: [PATCH 0314/2300] Use of deprecated directive

FIX: [warn] 31172#31172: the "ssl" directive is deprecated, use the "listen ... ssl" directive instead
CAUSE: http://hg.nginx.org/nginx/rev/46c0c7ef4913
---
 install/ubuntu/16.04/templates/web/nginx/default.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/16.04/templates/web/nginx/default.stpl b/install/ubuntu/16.04/templates/web/nginx/default.stpl
index fa538060..0e669b3d 100755
--- a/install/ubuntu/16.04/templates/web/nginx/default.stpl
+++ b/install/ubuntu/16.04/templates/web/nginx/default.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From c1fc0208f79488b2e0f3d1ddca2fd18e52eeaf41 Mon Sep 17 00:00:00 2001
From: Dandi Darmawan 
Date: Thu, 24 Jan 2019 18:16:01 +0700
Subject: [PATCH 0315/2300] Fixing Typo

check_result $E_CONNECT "Let's Encrypt vvalidation status $status"  > check_result $E_CONNECT "Let's Encrypt validation status $status"
---
 bin/v-add-letsencrypt-domain | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-add-letsencrypt-domain b/bin/v-add-letsencrypt-domain
index a6946695..56026b9b 100755
--- a/bin/v-add-letsencrypt-domain
+++ b/bin/v-add-letsencrypt-domain
@@ -190,7 +190,7 @@ for auth in $authz; do
         nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n')
         status=$(echo "$answer"|grep HTTP/1.1 |tail -n1 |cut -f 2 -d ' ')
         if [[ "$status" -ne 200 ]]; then
-            check_result $E_CONNECT "Let's Encrypt vvalidation status $status"
+            check_result $E_CONNECT "Let's Encrypt validation status $status"
         fi
 
         i=$((i + 1))

From 2d96e3631f9c5e48c8aa297328060942f7707220 Mon Sep 17 00:00:00 2001
From: devius 
Date: Wed, 6 Feb 2019 17:23:58 +0400
Subject: [PATCH 0316/2300] Add missing translations

I have found and translated last missing Georgian versions for strings
---
 web/inc/i18n/ka.php | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/web/inc/i18n/ka.php b/web/inc/i18n/ka.php
index 0ebf2d11..abbcb479 100644
--- a/web/inc/i18n/ka.php
+++ b/web/inc/i18n/ka.php
@@ -744,14 +744,14 @@ $LANG['ka'] = array(
     'PUB_KEY' => 'PUB_KEY',
     'ISSUER' => 'ISSUER',
 
-    'Use server hostname' => 'Use server hostname',
-    'Use domain hostname' => 'Use domain hostname',
-    'Use STARTTLS' => 'Use STARTTLS',
-    'Use SSL / TLS' => 'Use SSL / TLS',
-    'No encryption' => 'No encryption',
-    'Do not use encryption' => 'Do not use encryption',
+    'Use server hostname' => 'სერვერის hostname-ის გამოყენება',
+    'Use domain hostname' => 'დეომენის hostname-ის გამოყენება',
+    'Use STARTTLS' => 'STARTTLS-ის გამოყენება',
+    'Use SSL / TLS' => 'SSL / TLS-ის გამოყენება',
+    'No encryption' => 'დაშიფრვის გარეშე',
+    'Do not use encryption' => 'არ გამოიყენო დაშიფრვა',
 
-    'maximum characters length, including prefix' => 'maximum %s characters length, including prefix',
+    'maximum characters length, including prefix' => 'დასაშვებია მაქსიმუმ %s სიმბოლო, პრეფიქსის ჩათვლით',
 
-    'Email Credentials' => 'Email Credentials',
+    'Email Credentials' => 'რეკვიზიტების ელ-ფოსტით გაგზავნა',
 );

From d334ddc5016d34fabf79c73d59aeb98d2209c81f Mon Sep 17 00:00:00 2001
From: pablobae <33727260+pablobae@users.noreply.github.com>
Date: Thu, 7 Feb 2019 16:49:43 +0100
Subject: [PATCH 0317/2300] Update v-add-firewall-chain

Obtains the SSH port from the service configuration file (originally it was hardcoded). This allow the correct creation of ssh chain when this service has a custom port.
---
 bin/v-add-firewall-chain | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/bin/v-add-firewall-chain b/bin/v-add-firewall-chain
index c7b826fa..5026d264 100755
--- a/bin/v-add-firewall-chain
+++ b/bin/v-add-firewall-chain
@@ -47,7 +47,13 @@ is_system_enabled "$FIREWALL_SYSTEM" 'FIREWALL_SYSTEM'
 
 # Checking known chains
 case $chain in
-    SSH)        port=22; protocol=TCP ;;
+    SSH)        # Get ssh port by reading ssh config file.
+                sshport=$(grep '^Port ' /etc/ssh/sshd_config | head -1 | cut -d ' ' -f 2)
+                if [ -z "$sshport" ]; then
+                    sshport=22
+                fi
+                port=$sshport; 
+                protocol=TCP ;;
     FTP)        port=21; protocol=TCP  ;;
     MAIL)       port='25,465,587,2525,110,995,143,993'; protocol=TCP  ;;
     DNS)        port=53; protocol=UDP  ;;

From 1725a61491fb5e723b215ca0b55d23db8daa6e49 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Juho=20R=C3=A4s=C3=A4nen?= 
Date: Tue, 12 Feb 2019 22:05:47 +0200
Subject: [PATCH 0318/2300] Finnish translation updated and some changes

New strings translated and some small changes.
---
 web/inc/i18n/fi.php | 302 ++++++++++++++++++++++----------------------
 1 file changed, 151 insertions(+), 151 deletions(-)

diff --git a/web/inc/i18n/fi.php b/web/inc/i18n/fi.php
index aff1375b..f2eddbab 100644
--- a/web/inc/i18n/fi.php
+++ b/web/inc/i18n/fi.php
@@ -2,7 +2,7 @@
 /**
 * Vesta Finnish language file
 * OHakala (onni@koodimonni.fi)
-* RJuho (juho.rasanen@kotikone.fi)
+* RJuho (juho.rasanen@setuppi.fi)
 * theel0ja (theel0ja@theel0ja.info)
 */
 
@@ -40,9 +40,9 @@ $LANG['fi'] = array(
     'MEMORY'  => 'MUISTI',
     'DISK'  => 'LEVY',
     'NETWORK'  => 'VERKKO',
-    'Web Log Manager'  => 'Web Log Manager',
+    'Web Log Manager'  => 'Verkkolokimanageri',
 
-    'no notifications'  => 'no notifications',
+    'no notifications'  => 'ei ilmoituksia',
 
     'Add User' => 'Lisää käyttäjä',
     'Add Domain' => 'Lisää domaini',
@@ -111,7 +111,7 @@ $LANG['fi'] = array(
     'disable autoupdate' => 'älä päivitä automaattisesti',
     'turn on notifications' => 'päälle ilmoitus',
     'turn off notifications' => 'sammuta ilmoitus',
-    'configure' => 'configure',
+    'configure' => 'määritä',
 
     'Adding User' => 'Lisätään käyttäjää',
     'Editing User' => 'Muokataan käyttäjää',
@@ -195,14 +195,14 @@ $LANG['fi'] = array(
     'template' => 'pohjat',
     'SSL Support' => 'SSL-tuki',
     'SSL Home Directory' => 'SSL-kotihakemisto',
-    'Lets Encrypt Support'  => 'Lets Encrypt Support',
+    'Lets Encrypt Support'  => 'Lets Encrypt Tuki',
     'Lets Encrypt'  => 'Lets Encrypt',
-    'Your certificate will be automatically issued in 5 minutes' => 'Your certificate will be automatically issued in 5 minutes',
+    'Your certificate will be automatically issued in 5 minutes' => 'Sertifikaattisi käsitellään viiden minuutin sisään',
     'Proxy Support' => 'Proxy-tuki',
     'Proxy Extensions' => 'Proxy-laajennukset',
     'Web Statistics' => 'Web-tilastot',
     'Additional FTP Account' => 'Ylimääräinen FTP-tili',
-    'Path'  => 'Path',
+    'Path'  => 'Polku',
     'SOA' => 'SOA',
     'TTL' => 'TTL',
     'Expire' => 'Päättyy',
@@ -217,19 +217,19 @@ $LANG['fi'] = array(
     'Autoreply' => 'Automaattinen vastaus',
     'Forward to' => 'Uudelleenohjaa',
     'Do not store forwarded mail' => 'Älä säilytä uudelleenohjattuja viestejä',
-    'IMAP hostname'  => 'IMAP hostname',
-    'IMAP port'  => 'IMAP port',
-    'IMAP security'  => 'IMAP security',
-    'IMAP auth method'  => 'IMAP auth method',
-    'SMTP hostname'  => 'SMTP-hostname',
-    'SMTP port'  => 'SMTP-portti',
-    'SMTP security'  => 'SMTP-turvallisuus',
-    'SMTP auth method'  => 'SMTP auth method',
+    'IMAP hostname'  => 'IMAP osoite',
+    'IMAP port'  => 'IMAP portti',
+    'IMAP security'  => 'IMAP turvallisuus',
+    'IMAP auth method'  => 'IMAP auth-menetelmä',
+    'SMTP hostname'  => 'SMTP osoite',
+    'SMTP port'  => 'SMTP portti',
+    'SMTP security'  => 'SMTP turvallisuus',
+    'SMTP auth method'  => 'SMTP auth-menetelmä',
     'STARTTLS'  => 'STARTTLS',
     'Normal password'  => 'Normaali salasana',
     'database' => 'tietokanta',
     'User' => 'Käyttäjä',
-    'Host' => 'Host',
+    'Host' => 'Isäntä',
     'Charset' => 'Merkistö',
     'Min' => 'Min',
     'Hour' => 'Tunti',
@@ -243,7 +243,7 @@ $LANG['fi'] = array(
     'Domains' => 'Domainit',
     'Status' => 'Tila',
     'shared' => 'jaetut',
-    'dedicated' => 'dedicated',
+    'dedicated' => 'omistautunut',
     'Owner' => 'Omistaja',
     'Users' => 'Käyttäjät',
     'Load Average' => 'Keskimääräinen Käyttöaste',
@@ -268,8 +268,8 @@ $LANG['fi'] = array(
     'database server' => 'tietokantapalvelin',
     'ftp server' => 'ftp-palvelin',
     'job scheduler' => 'ajastettu työ',    //no-idea E: @theel0ja: ajastettu työ would be good.
-    'firewall'  => 'firewall',
-    'brute-force monitor'  => 'brute-force monitor',
+    'firewall'  => 'palomuuri',
+    'brute-force monitor'  => 'raaka voima monitori',
     'CPU' => 'Prosessori',
     'Memory' => 'Muisti',
     'Uptime' => 'Käyttöaika',
@@ -282,7 +282,7 @@ $LANG['fi'] = array(
     'Object' => 'Objekti',
     'Username' => 'Käyttäjä',
     'Password' => 'Salasana',
-    'Email' => 'Email',
+    'Email' => 'Sähköposti',
     'Package' => 'Paketti',
     'Language' => 'Kieli',
     'First Name' => 'Etunimi',
@@ -290,15 +290,15 @@ $LANG['fi'] = array(
     'Send login credentials to email address' => 'Lähetä kirjautumistiedot sähköpostilla.',
     'Default Template' => 'Oletuspohja',
     'Default Name Servers' => 'Oletusnimipalvelimet',
-    'Domain' => 'Domain',
+    'Domain' => 'Domaini',
     'DNS Support' => 'Tarvitsee DNS:n',
     'Mail Support' => 'Tarvitsee sähköpostin',
     'Advanced options' => 'Lisäasetukset',
-    'Basic options'  => 'Basic options',
+    'Basic options'  => 'Perusasetukset',
     'Aliases' => 'Aliakset',
     'SSL Certificate' => 'SSL-sertifikaatti',
     'SSL Key' => 'SSL-avain',
-    'SSL Certificate Authority / Intermediate' => 'SSL Certificate Authority / Intermediate',    //no-idea
+    'SSL Certificate Authority / Intermediate' => 'SSL varmenteen tarjoaja',    //no-idea
     'SSL CSR' => 'SSL CSR',
     'optional' => 'valinnainen',
     'internal' => 'sisäinen',
@@ -311,12 +311,12 @@ $LANG['fi'] = array(
     'YYYY-MM-DD' => 'YYYY-MM-DD',
     'Name servers' => 'Nimipalvelimet',
     'Record' => 'Tietue',
-    'IP or Value' => 'IP or Value',    //no-idea
+    'IP or Value' => 'IP tai Arvo',    //no-idea
     'Priority' => 'Prioriteetti',
     'Record Number' => 'Tietueen numero',
     'in megabytes' => 'megatavuissa',
     'Message' => 'Viesti',
-    'use local-part' => 'use local-part',    //no-idea
+    'use local-part' => 'käytä paikallista osaa',    //no-idea
     'one or more email addresses' => 'yksi tai useampia sähköposteja',
     'Prefix will be automaticaly added to database name and database user' => 'Etuliite %s lisätään automaattisesti tietokannan nimeen ja käyttäjään',
     'Database' => 'Tietokanta',
@@ -324,12 +324,12 @@ $LANG['fi'] = array(
     'Minute' => 'Minuutti',
     'Command' => 'Käsky',
     'Package Name' => 'Paketin nimi',
-    'Netmask' => 'Netmask',    //no-idea
-    'Interface' => 'Interface',    //no-idea
+    'Netmask' => 'Verkkopeite',    //no-idea
+    'Interface' => 'Käyttöliittymä',    //no-idea
     'Shared' => 'Jaettu',
     'Assigned user' => 'Määritetty käyttäjä',
     'Assigned domain' => 'Määritetty domain',
-    'NAT IP association' => 'NAT IP association',    //no-idea
+    'NAT IP association' => 'NAT IP yhteys',    //no-idea
     'shell' => 'shell',
     'web domains' => 'web-domainit',
     'web aliases' => 'web-aliakset',
@@ -351,12 +351,12 @@ $LANG['fi'] = array(
     'username' => 'käyttäjänimi',
     'password' => 'salasana',
     'type' => 'tyyppi',
-    'charset' => 'charset',
+    'charset' => 'merkistö',
     'domain' => 'domain',
     'ip' => 'ip',
     'ip address' => 'ip-osoite',
     'IP address' => 'IP-osoite',
-    'netmask' => 'netmask',
+    'netmask' => 'verkkopeite',
     'interface' => 'yhdyskäytävä',
     'assigned user' => 'omistaja',
     'ns1' => 'ns1',
@@ -385,35 +385,35 @@ $LANG['fi'] = array(
     'Organization' => 'Organisaatio',
     'Action' => 'Toiminta',
     'Protocol' => 'Protokolla',
-    'Port' => 'Port',
+    'Port' => 'Portti',
     'Comment' => 'Kommentti',
     'Banlist' => 'Bannilista',
     'ranges are acceptable' => 'vaihteluvälit ovat hyväksyttäviä',
     'CIDR format is supported' => 'CIDR muotoa tuetaan',
-    'ACCEPT' => 'ACCEPT',
-    'DROP' => 'DROP',
+    'ACCEPT' => 'HYVÄKSY',
+    'DROP' => 'TIPUTA',
     'TCP' => 'TCP',
     'UDP' => 'UDP',
     'ICMP' => 'ICMP',
     'SSH' => 'SSH',
     'FTP' => 'FTP',
     'VESTA' => 'VESTA',
-    'Add one more Name Server' => 'Add one more Name Server',
+    'Add one more Name Server' => 'Lisää vielä yksi nimipalvelin',
 
-    'web domain' => 'web domain',
-    'dns domain' => 'dns domain',
-    'dns record' => 'dns record',
-    'mail domain' => 'mail domain',
-    'mail account' => 'mail account',
-    'cron job' => 'cron job',
+    'web domain' => 'web domaini',
+    'dns domain' => 'dns domaini',
+    'dns record' => 'dns tietue',
+    'mail domain' => 'mail domaini',
+    'mail account' => 'mail tili',
+    'cron job' => 'cron-tehtävä',
 
     'cron' => 'cron',
-    'user dir' => 'user dir',
+    'user dir' => 'käyttäjän hakemisto',
 
-    'unlimited'  => 'unlimited',
+    'unlimited'  => 'rajoittamaton',
     '1 account' => '1 tili',
     '%s accounts' => '%s tiliä',
-    '1 domain' => '1 domain',
+    '1 domain' => '1 domaini',
     '%s domains' => '%s domainia',
     '1 record' => '1 tietue',
     '%s records' => '%s tietuetta',
@@ -423,10 +423,10 @@ $LANG['fi'] = array(
     '%s databases' => '%s tietokantaa',
     '1 cron job' => '1 cron-tehtävä',
     '%s cron jobs' => '%s cron-tehtävää',
-    '1 archive' => '1 archive',
-    '%s archives' => '%s archives',
-    '1 item'  => '1 item',
-    '%s items'  => '%s items',
+    '1 archive' => '1 arkisto',
+    '%s archives' => '%s arkistoa',
+    '1 item'  => '1 kohde',
+    '%s items'  => '%s kohdetta',
     '1 package' => '1 paketti',
     '%s packages' => '%s pakettia',
     '1 IP address' => '1 IP-osoite',
@@ -454,11 +454,11 @@ $LANG['fi'] = array(
     'PACKAGE_CREATED_OK' => 'Paketti %s lisättiin onnistuneesti.',
     'SSL_GENERATED_OK' => 'Sertifikaatti lisättiin onnistuneesti.',
     'RULE_CREATED_OK' => 'Sääntö lisättiin onnistuneesti.',
-    'BANLIST_CREATED_OK' => 'IP address has been banned successfully',
+    'BANLIST_CREATED_OK' => 'IP-osoite on bannattu onnistuneesti',
     'Autoupdate has been successfully enabled' => 'Automaattinen päivitys otettu käyttöön',
     'Autoupdate has been successfully disabled' => 'Automaattinen päivitys poistettu käytöstä',
-    'Cronjob email reporting has been successfully enabled' => 'Cronjob sähköposti raportointi on onnistuneesti mahdollistanut',
-    'Cronjob email reporting has been successfully disabled' => 'Cronjob sähköposti raportointi on onnistuneesti poistettu',
+    'Cronjob email reporting has been successfully enabled' => 'Ajoitettu sähköposti raportointi onnistuneesti aktivoitu',
+    'Cronjob email reporting has been successfully disabled' => 'Ajoitettu sähköposti raportointi onnistuneesti poistettu käytöstä',
     'Changes has been saved.' => 'Muutokset tallennettu.',
     'Confirmation' => 'Hyväksyntä',
     'DELETE_USER_CONFIRMATION' => 'Haluatko varmasti poistaa käyttäjän %s?',
@@ -530,7 +530,7 @@ $LANG['fi'] = array(
     'Confirm Password' => 'Hyväksy salasana',
     'Reset' => 'Nollaa',
     'Reset Code' => 'Nollauskoodi',
-    'RESET_NOTICE' => '',    // should we add something here?
+    'RESET_NOTICE' => '',
     'RESET_CODE_SENT' => 'Salasanan nollauskoodi on lähetetty sähköpostiisi
',
     'MAIL_RESET_SUBJECT' => 'Salana vaihdettiin %s',
     'PASSWORD_RESET_REQUEST' => "Nollataksesi hallintapaneelin salasanan, seuraa tätä linkkiä:\nhttps://%s/reset/?action=confirm&user=%s&code=%s\n\nVaihtoehtoisesti voit mennä https://%s/reset/?action=code&user=%s ja syöttää nollauskoodin:\n%s\n\nJos et varta vasten pyytänyt tätä salasananvaihtoa, mene paniikkiin ja ota yhteyttä ylläpitoon.\n\n--\nVesta-hallintapaneeli\n",
@@ -549,13 +549,13 @@ $LANG['fi'] = array(
     'Dec' => 'Jou',
 
     'Configuring Server' => 'Konfiguroidaan palvelinta',
-    'Hostname' => 'Hostname',
+    'Hostname' => 'Osoite',
     'Time Zone' => 'Aikavyöhyke',
     'Default Language' => 'Oletuskieli',
     'Proxy Server' => 'Välityspalvelin',
     'Web Server' => 'Web Server',
-    'Backend Server' => 'Backend Server',
-    'Backend Pool Mode' => 'Backend Pool Mode',
+    'Backend Server' => 'Taustapalvelin',
+    'Backend Pool Mode' => 'Taustapalvelin Allas Tila',
     'DNS Server' => 'DNS-palvelin',
     'DNS Cluster' => 'DNS-klusteri',
     'MAIL Server' => 'MAIL-palvelin',
@@ -564,39 +564,39 @@ $LANG['fi'] = array(
     'Webmail URL' => 'Webmailin URL',
     'MySQL Support' => 'MySQL Support',
     'phpMyAdmin URL' => 'phpMyAdmin URL',
-    'PostgreSQL Support' => 'PostgreSQL Support',
+    'PostgreSQL Support' => 'PostgreSQL Tuki',
     'phpPgAdmin URL' => 'phpPgAdmin URL',
     'Maximum Number Of Databases' => 'Maksimimäärä tietokantoja',
-    'Current Number Of Databases' => 'Current Number Of Databases',
+    'Current Number Of Databases' => 'Nykyisten tietokantojen lukumäärä',
     'Local backup' => 'Paikallinen varmuuskopio',
-    'Compression level' => 'Compression level',
+    'Compression level' => 'Pakkausaste',
     'Directory' => 'Hakemisto',
-    'Remote backup' => 'Remote backup',
+    'Remote backup' => 'Etävarmuuskopiointi',
     'ftp' => 'FTP',
     'sftp' => 'SFTP',
     'SFTP Chroot' => 'SFTP Chroot',
-    'FileSystem Disk Quota' => 'FileSystem Disk Quota',
-    'Vesta Control Panel Plugins' => 'Vesta Control Panel Plugins',
-    'preview' => 'preview',
-    'Reseller Role' => 'Reseller Role',
-    'Web Config Editor' => 'Web Config Editor',
-    'Template Manager' => 'Template Manager',
-    'Backup Migration Manager' => 'Backup Migration Manager',
+    'FileSystem Disk Quota' => 'FileSystem Levykiintiö',
+    'Vesta Control Panel Plugins' => 'Vesta Hallintapaneeli Lisäosat',
+    'preview' => 'esikatselu',
+    'Reseller Role' => 'Jälleenmyyjän Rooli',
+    'Web Config Editor' => 'Web-määrityseditori',
+    'Template Manager' => 'Pohja Hallinta',
+    'Backup Migration Manager' => 'Varmuuskopion Siirtymänhallinta',
     'FileManager' => 'FileManager',
-    'show: CPU / MEM / NET / DISK' => 'show: CPU / MEM / NET / DISK',
+    'show: CPU / MEM / NET / DISK' => 'näytä: CPU / MEM / NET / DISK',
 
-    'sort by' => 'sort by',
+    'sort by' => 'järjestä',
     'Date' => 'Päivämäärä',
-    'Starred' => 'Starred',
+    'Starred' => 'Tähditetty',
     'Name' => 'Nimi',
 
-    'save to favorites' => 'save to favorites',
+    'save to favorites' => 'tallenna suosikkeihin',
 
     'File Manager' => 'Tiedostonhallinta',
     'size' => 'koko',
     'date' => 'päivämäärä',
     'name' => 'nimi',
-    'Initializing' => 'Initializing',
+    'Initializing' => 'Alustetaan',
     'UPLOAD' => 'LÄHETÄ',
     'NEW FILE' => 'UUSI TIEDOSTO',
     'NEW DIR' => 'UUSI HAKEMISTO',
@@ -609,117 +609,117 @@ $LANG['fi'] = array(
     'EXTRACT' => 'PURA',
     'DOWNLOAD' => 'LATAA',
     'Are you sure?' => 'Oletko varma?',    // unused?
-    'Hit' => 'Hit',
-    'to reload the page' => 'to reload the page',
-    'Directory name cannot be empty' => 'Directory name cannot be empty',
-    'File name cannot be empty' => 'File name cannot be empty',
-    'No file selected' => 'No file selected',
-    'No file or folder selected' => 'No file or folder selected',
-    'File type not supported' => 'File type not supported',
-    'Directory download not available in current version' => 'Directory download not available in current version',
-    'Directory not available' => 'Directory not available',
-    'Done' => 'Done',
+    'Hit' => 'Osuma',
+    'to reload the page' => 'ladataksesi sivu uudelleen',
+    'Directory name cannot be empty' => 'Hakemiston nimi ei voi olla tyhjä',
+    'File name cannot be empty' => 'Tiedostonimi ei voi olla tyhjä',
+    'No file selected' => 'Ei tiedostoa valittuna',
+    'No file or folder selected' => 'Ei tiedostoa tai kansiota valittuna',
+    'File type not supported' => 'Tiedostotyyppiä ei tueta',
+    'Directory download not available in current version' => 'Hakemiston lataus ei ole saatavilla nykyisessä versiossa',
+    'Directory not available' => 'Hakemisto ei ole käytettävissä',
+    'Done' => 'Tehty',
     'Close' => 'Sulje',
     'Copy' => 'Kopioi',
     'Cancel' => 'Peru',
     'Rename' => 'Uudelleennimeä',
     'Move' => 'Siirrä',
-    'Change Rights' => 'Change Rights',
+    'Change Rights' => 'Muuta Oikeuksia',
     'Delete' => 'Poista',
     'Extract' => 'Pura',
     'Create' => 'Luo',
     'Compress' => 'Pakkaa',
     'OK' => 'OK',
-    'YOU ARE COPYING' => 'YOU ARE COPYING',    // unused?
-    'YOU ARE REMOVING' => 'YOU ARE REMOVING',
-    'Delete items' => 'Delete items',
+    'YOU ARE COPYING' => 'OLET KOPIOIMASSA',    // unused?
+    'YOU ARE REMOVING' => 'OLET POISTAMASSA',
+    'Delete items' => 'Poista kohteet',
     'Copy files' => 'Kopioi tiedostoja',
     'Move files' => 'Siirrä tiedostoja',
-    'Are you sure you want to copy' => 'Are you sure you want to copy',
-    'Are you sure you want to move' => 'Are you sure you want to move',
-    'Are you sure you want to delete' => 'Are you sure you want to delete',
-    'into' => 'into',
-    'existing files will be replaced' => 'existing files will be replaced',
-    'Original name' => 'Original name',
+    'Are you sure you want to copy' => 'Haluatko varmasti kopioida',
+    'Are you sure you want to move' => 'Haluatko varmasti siirtää',
+    'Are you sure you want to delete' => 'Haluatko varmasti poistaa',
+    'into' => 'osaksi',
+    'existing files will be replaced' => 'olemassa olevat tiedostot korvataan',
+    'Original name' => 'Alkuperäinen nimi',
     'File' => 'Tiedosto',
     'already exists' => 'on jo olemassa',
     'Create file' => 'Luo tiedosto',
     'Create directory' => 'Luo hakemisto',
-    'read by owner' => 'read by owner',
-    'write by owner' => 'write by owner',
-    'execute/search by owner' => 'execute/search by owner',
-    'read by group' => 'read by group',
-    'write by group' => 'write by group',
-    'execute/search by group' => 'execute/search by group',
-    'read by others' => 'read by others',
-    'write by others' => 'write by others',
-    'execute/search by others' => 'execute/search by others',
+    'read by owner' => 'read by owner', // no idea
+    'write by owner' => 'write by owner', // no idea
+    'execute/search by owner' => 'execute/search by owner', // no idea
+    'read by group' => 'read by group',// no idea
+    'write by group' => 'write by group', // no idea
+    'execute/search by group' => 'execute/search by group', // no idea
+    'read by others' => 'read by others', // no idea
+    'write by others' => 'write by others', // no idea
+    'execute/search by others' => 'execute/search by others', // no idea
 
-    'Shortcuts' => 'Shortcuts',
-    'Add New object' => 'Add New object',
-    'Save Form' => 'Save Form',
-    'Cancel saving form' => 'Cancel saving form',
-    'Go to USER list' => 'Go to USER list',
-    'Go to WEB list' => 'Go to WEB list',
-    'Go to DNS list' => 'Go to DNS list',
-    'Go to MAIL list' => 'Go to MAIL list',
-    'Go to DB list' => 'Go to DB list',
-    'Go to CRON list' => 'Go to CRON list',
-    'Go to BACKUP list' => 'Go to BACKUP list',
-    'Focus on search' => 'Focus on search',
-    'Display/Close shortcuts' => 'Display/Close shortcuts',
-    'Move backward through top menu' => 'Move backward through top menu',
-    'Move forward through top menu' => 'Move forward through top menu',
-    'Enter focused element' => 'Enter focused element',
-    'Move up through elements list' => 'Move up through elements list',
-    'Move down through elements list' => 'Move down through elements list',
+    'Shortcuts' => 'Pikavalinnat',
+    'Add New object' => 'Lisää uusi objekti',
+    'Save Form' => 'Tallenna Lomake',
+    'Cancel saving form' => 'Peruuta tallennuslomake',
+    'Go to USER list' => 'Mene USER listaan',
+    'Go to WEB list' => 'Mene WEB listaan',
+    'Go to DNS list' => 'Mene DNS listaan',
+    'Go to MAIL list' => 'Mene MAIL listaan',
+    'Go to DB list' => 'Mene DB listaan',
+    'Go to CRON list' => 'Mene CRON listaan',
+    'Go to BACKUP list' => 'Mene BACKUP listaan',
+    'Focus on search' => 'Keskity hakuun',
+    'Display/Close shortcuts' => 'Näytä/Piilota pikavalinnat',
+    'Move backward through top menu' => 'Siirrä taaksepäin ylävalikosta',
+    'Move forward through top menu' => 'Siirry eteenpäin ylävalikosta',
+    'Enter focused element' => 'Anna valittuun elementtiin',
+    'Move up through elements list' => 'Siirry ylöspäin elementtien listassa',
+    'Move down through elements list' => 'Siirry alaspäin elementtien listassa',
 
     'Upload' => 'Lähetä',
     'New File' => 'Uusi kansio',
     'New Folder' => 'Uusi hakemisto',
     'Download' => 'Lataa',
     'Archive' => 'Arkisto',
-    'Save File (in text editor)' => 'Save File (in text editor)',
-    'Close Popup / Cancel' => 'Close Popup / Cancel',
-    'Move Cursor Up' => 'Move Cursor Up',
-    'Move Cursor Down' => 'Move Cursor Down',
-    'Switch to Left Tab' => 'Switch to Left Tab',
-    'Switch to Right Tab' => 'Switch to Right Tab',
-    'Switch Tab' => 'Switch Tab',
-    'Go to the Top of the File List' => 'Go to the Top of the File List',
-    'Go to the Last File' => 'Go to the Last File',
-    'Open File / Enter Directory' => 'Open File / Enter Directory',
-    'Edit File' => 'Edit File',
-    'Go to Parent Directory' => 'Go to Parent Directory',
-    'Select Current File' => 'Select Current File',
-    'Select Bunch of Files' => 'Select Bunch of Files',
-    'Add File to the Current Selection' => 'Add File to the Current Selection',
+    'Save File (in text editor)' => 'Tallenna tiedosto (tekstieditorissa)',
+    'Close Popup / Cancel' => 'Sulje ponnahdusikkuna / Peruuta',
+    'Move Cursor Up' => 'Siirrä Osoitin Ylös',
+    'Move Cursor Down' => 'Siirrä Osoitin Alas',
+    'Switch to Left Tab' => 'Vaihda Vasempaan Välilehteen',
+    'Switch to Right Tab' => 'Vaihda Oikeaan Välilehteen',
+    'Switch Tab' => 'Vaihda Välilehteä',
+    'Go to the Top of the File List' => 'Siirry Tiedosto Luettelon Yläreunaan',
+    'Go to the Last File' => 'Siirry Viimeiseen Tiedostoon',
+    'Open File / Enter Directory' => 'Avaa Tiedosto / Anna hakemisto',
+    'Edit File' => 'Muokkaa tiedostoa',
+    'Go to Parent Directory' => 'Mene emohakemistoon',
+    'Select Current File' => 'Valitse Nykyinen Tiedosto',
+    'Select Bunch of Files' => 'Valitse Joukko Tiedostoja',
+    'Add File to the Current Selection' => 'Lisää Tiedosto Nykyiseen Valintaan',
     'Select All Files' => 'Valitse kaikki tiedostot',
     'shortcuts are inspired by magnificent GNU Midnight Commander file manager' =>
-        'shortcuts are inspired by magnificent GNU Midnight Commander file manager',
+        'pikavalinnat inspiroi upea GNU Midnight Commander tiedostonhallinta',
 
     'Licence Key' => 'Lisenssiavain',
-    'Enter License Key' => 'Enter License Key',
+    'Enter License Key' => 'Syötä Lisenssi Avain',
     'Buy Licence' => 'Osta lisenssi',
     'Buy Lifetime License' => 'Osta elinikäinen lisenssi',
-    'Disable and Cancel Licence' => 'Disable and Cancel Licence',
+    'Disable and Cancel Licence' => 'Poista Käytöstä ja Peruuta Lisenssi',
     'Licence Activated' => 'Lisenssi aktivoitu',
     'Licence Deactivated' => 'Lisenssi deaktivoitu',
-    'Restrict users so that they cannot use SSH and access only their home directory.' => 'Restrict users so that they cannot use SSH and access only their home directory.',
-    'Browse, copy, edit, view, and retrieve all of your web domain files using fully featured File Manager.' => 'Browse, copy, edit, view, and retrieve all of your web domain files using fully featured File Manager.',
-    'This is a commercial module, you would need to purchace license key to enable it.' => 'This is a commercial module, you would need to purchace license key to enable it.',
+    'Restrict users so that they cannot use SSH and access only their home directory.' => 'Rajoita käyttäjiä siten, että he eivät voi käyttää SSH:ta ja heillä on pääsy vain kotikansioonsa.',
+    'Browse, copy, edit, view, and retrieve all of your web domain files using fully featured File Manager.' => 'Selaa, kopioi, muokkaa, tarkastele ja hae kaikista web palveluista täysin varustellulla File Managerilla.',
+    'This is a commercial module, you would need to purchace license key to enable it.' => 'Tämä on kaupallinen moduuli, sinun on ostettava lisenssiavain, ottaaksesi se käyttöön.',
 
     'Minutes' => 'Minuutittain',    // fuzzy
     'Hourly' => 'Tunneittain',
     'Run Command' => 'Aja Komento',
     'every month' => 'joka kuukausi',
     'every odd month' => 'joka toinen kuukausi',
-    'every even month' => 'every even month',
+    'every even month' => 'joka parillinen kuukausi',
     'every day' => 'joka päivä',
     'every odd day' => 'joka toinen päivä',
-    'every even day' => 'every even day',
-    'weekdays (5 days)' => 'weekdays (5 days)',
-    'weekend (2 days)' => 'weekend (2 days)',
+    'every even day' => 'joka parillinen päivä',
+    'weekdays (5 days)' => 'arkisin (5 päivää)',
+    'weekend (2 days)' => 'viikonloppu (2 päivää)',
     'Monday' => 'Maanantai',
     'Tuesday' => 'Tiistai',
     'Wednesday' => 'Keskiviikko',
@@ -731,7 +731,7 @@ $LANG['fi'] = array(
     'every two hours' => 'joka toinen tunti',
     'every minute' => 'joka minuutti',
     'every two minutes' => 'joka toinen minuutti',
-    'every' => 'every',
+    'every' => 'joka',
     'Generate' => 'Generoi',
 
     'webalizer' => 'webalizer',
@@ -746,16 +746,16 @@ $LANG['fi'] = array(
     'PUB_KEY' => 'PUB_KEY',
     'ISSUER' => 'ISSUER',
 
-    'Use server hostname' => 'Use server hostname',
-    'Use domain hostname' => 'Use domain hostname',
-    'Use STARTTLS' => 'Use STARTTLS',
-    'Use SSL / TLS' => 'Use SSL / TLS',
-    'No encryption' => 'No encryption',
-    'Do not use encryption' => 'Do not use encryption',
+    'Use server hostname' => 'Käytä palvelimen isäntänimeä',
+    'Use domain hostname' => 'Käytä verkkotunnuksen isäntänimeä',
+    'Use STARTTLS' => 'Käytä STARTTLS',
+    'Use SSL / TLS' => 'Käytä SSL / TLS',
+    'No encryption' => 'Ei salausta',
+    'Do not use encryption' => 'Älä käytä salausta',
 
-    'maximum characters length, including prefix' => 'maximum %s characters length, including prefix',
+    'maximum characters length, including prefix' => 'maksimissaan %s merkkiä pitkä, mukaan lukien etuliite',
 
-    'Email Credentials' => 'Email Credentials',
+    'Email Credentials' => 'Sähköpostitiedot',
 
 // Texts below doesn't exist in en.php
     'traffic' => 'tiedonsiirto',

From bad8ee8042f01d85dad70efd6ab68eac69691aea Mon Sep 17 00:00:00 2001
From: Marcus Viefeld 
Date: Thu, 14 Feb 2019 05:41:16 +0100
Subject: [PATCH 0319/2300] fix german translation, forwarded mail

---
 web/inc/i18n/de.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/inc/i18n/de.php b/web/inc/i18n/de.php
index 43fc857b..e5ee45d0 100644
--- a/web/inc/i18n/de.php
+++ b/web/inc/i18n/de.php
@@ -214,7 +214,7 @@ $LANG['de'] = array(
     'Quota'  => 'Kontingent',
     'Autoreply'  => 'Autoreply',
     'Forward to'  => 'Weiterleiten zu',
-    'Do not store forwarded mail' => 'Weiterleitungs Adresse nicht speichern',
+    'Do not store forwarded mail' => 'Weitergeleitete E-Mails nicht speichern',
     'IMAP hostname'  => 'IMAP hostname',
     'IMAP port'  => 'IMAP port',
     'IMAP security'  => 'IMAP security',

From 0d9218e9fc6e944c9542de081cc1462ca8465f1f Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Thu, 14 Feb 2019 13:24:18 +0200
Subject: [PATCH 0320/2300] in case there is no conf

---
 func/domain.sh | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/func/domain.sh b/func/domain.sh
index cc66aecb..84a7c177 100644
--- a/func/domain.sh
+++ b/func/domain.sh
@@ -285,8 +285,10 @@ del_web_config() {
         if [[ "$2" =~ stpl$ ]]; then
             conf="$HOMEDIR/$user/conf/web/s$1.conf"
         fi
-        get_web_config_lines $WEBTPL/$1/$WEB_BACKEND/$2 $conf
-        sed -i "$top_line,$bottom_line d" $conf
+        if [ -e "$conf" ]; then
+            get_web_config_lines $WEBTPL/$1/$WEB_BACKEND/$2 $conf
+            sed -i "$top_line,$bottom_line d" $conf
+        fi
     fi
     # clean-up for both config styles if there is no more domains
     web_domain=$(grep DOMAIN $USER_DATA/web.conf |wc -l)

From 6b2f651418785c94c8fbb6fa6cb78bae048d9025 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Thu, 14 Feb 2019 17:47:58 +0200
Subject: [PATCH 0321/2300] protection in case there are two or more ips with
 the same nat association

---
 func/ip.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/func/ip.sh b/func/ip.sh
index 605554af..c99a3272 100644
--- a/func/ip.sh
+++ b/func/ip.sh
@@ -141,7 +141,7 @@ get_real_ip() {
     else
         nat=$(grep -H "^NAT='$1'" $VESTA/data/ips/*)
         if [ ! -z "$nat" ]; then
-            echo "$nat" |cut -f 1 -d : |cut -f 7 -d /
+            echo "$nat" |cut -f 1 -d : |cut -f 7 -d / |head -n 1
         fi
     fi
 }

From d15e1037041a59b9f2edebf8744f7ee7fc1721cd Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Thu, 14 Feb 2019 18:29:56 +0100
Subject: [PATCH 0322/2300] Allow admins to run custom script after SSL is put
 to any domain

Useful if you have separated SSLs for each IP address.

If admin add to vesta.conf this:
UPDATE_SSL_SCRIPT='/usr/local/bin/update_ssl_script.sh'
that script will be called after each domain get new SSL or renew old SSL.

Then admin can write custom script that will, for example, copy new SSL to some file that is needed for dovecot or exim, for example...
Passed parameters are $user and $domain ($1 and $2), so custom script can check what domain got new SSL, and then to run custom task...
---
 bin/v-add-web-domain-ssl | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/bin/v-add-web-domain-ssl b/bin/v-add-web-domain-ssl
index 55c4ce41..a006d072 100755
--- a/bin/v-add-web-domain-ssl
+++ b/bin/v-add-web-domain-ssl
@@ -127,6 +127,10 @@ if [ ! -z "$UPDATE_HOSTNAME_SSL" ] && [ "$UPDATE_HOSTNAME_SSL" = "yes" ]; then
     fi
 fi
 
+if [ ! -z "$UPDATE_SSL_SCRIPT" ]; then
+    eval "$UPDATE_SSL_SCRIPT $user $domain"
+fi
+
 # Logging
 log_history "enabled ssl support for $domain"
 log_event "$OK" "$ARGUMENTS"

From 82192a001d62b9db9d997390fd3fe362208aa1d7 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Thu, 14 Feb 2019 18:56:16 +0100
Subject: [PATCH 0323/2300] Allow admins to run custom script after SSL is put
 to any domain

---
 bin/v-add-web-domain-ssl | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/bin/v-add-web-domain-ssl b/bin/v-add-web-domain-ssl
index 55c4ce41..a006d072 100755
--- a/bin/v-add-web-domain-ssl
+++ b/bin/v-add-web-domain-ssl
@@ -127,6 +127,10 @@ if [ ! -z "$UPDATE_HOSTNAME_SSL" ] && [ "$UPDATE_HOSTNAME_SSL" = "yes" ]; then
     fi
 fi
 
+if [ ! -z "$UPDATE_SSL_SCRIPT" ]; then
+    eval "$UPDATE_SSL_SCRIPT $user $domain"
+fi
+
 # Logging
 log_history "enabled ssl support for $domain"
 log_event "$OK" "$ARGUMENTS"

From f4749743ce9938fa72a2f97a658f5d5b064e7b1d Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 15 Feb 2019 01:49:12 +0100
Subject: [PATCH 0324/2300] Do not backup tmp folder

---
 bin/v-backup-user | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-backup-user b/bin/v-backup-user
index d6e5c9b8..0d37d098 100755
--- a/bin/v-backup-user
+++ b/bin/v-backup-user
@@ -477,7 +477,7 @@ if [ "$USER" != '*' ]; then
     set -f
     i=0
 
-    for udir in $(ls -a |egrep -v "^conf$|^web$|^dns$|^mail$|^\.\.$|^\.$"); do
+    for udir in $(ls -a |egrep -v "^conf$|^web$|^dns$|^tmp$|^mail$|^\.\.$|^\.$"); do
         exclusion=$(echo "$USER" |tr ',' '\n' |grep "^$udir$")
         if [ -z "$exclusion" ]; then
             ((i ++))

From 0c387388cbee0407740924d7f9f64dcb4e0986f5 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 15 Feb 2019 02:15:16 +0100
Subject: [PATCH 0325/2300] v-restore-user create empty tmp/

---
 bin/v-restore-user | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/bin/v-restore-user b/bin/v-restore-user
index 55e29e18..d48c01d3 100755
--- a/bin/v-restore-user
+++ b/bin/v-restore-user
@@ -755,6 +755,11 @@ if [ "$udir" != 'no' ]; then
     fi
 fi
 
+# Create tmp/
+mkdir -p $HOMEDIR/$user/tmp
+chmod 700 $HOMEDIR/$user/tmp
+chown -R $user:$user $HOMEDIR/$user/tmp
+
 # Sending mail notification
 subj="$user → restore has been completed"
 cat $tmpdir/restore.log |$SENDMAIL -s "$subj" $email $notify

From 561d7e9f0134d1883e6284df2642dcfe4c2adfb3 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Wed, 20 Feb 2019 17:59:06 +0200
Subject: [PATCH 0326/2300] force flag isn't required when admin group exists
 since it's there by default

---
 install/vst-install-debian.sh | 4 ++--
 install/vst-install-ubuntu.sh | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 87edd88b..a7ea3da5 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -260,7 +260,7 @@ if [ "x$(id -u)" != 'x0' ]; then
 fi
 
 # Checking admin user account
-if [ ! -z "$(grep ^admin: /etc/passwd /etc/group)" ] && [ -z "$force" ]; then
+if [ ! -z "$(grep ^admin: /etc/passwd)" ] && [ -z "$force" ]; then
     echo 'Please remove admin user account before proceeding.'
     echo 'If you want to do it automatically run installer with -f option:'
     echo -e "Example: bash $0 --force\n"
@@ -1236,7 +1236,7 @@ if [ ! -z "$(grep ^admin: /etc/passwd)" ] && [ "$force" = 'yes' ]; then
     mv -f /home/admin  $vst_backups/home/ >/dev/null 2>&1
     rm -f /tmp/sess_* >/dev/null 2>&1
 fi
-if [ ! -z "$(grep ^admin: /etc/group)" ] && [ "$force" = 'yes' ]; then
+if [ ! -z "$(grep ^admin: /etc/group)" ]; then
     groupdel admin > /dev/null 2>&1
 fi
 
diff --git a/install/vst-install-ubuntu.sh b/install/vst-install-ubuntu.sh
index e1ca1044..effa0dcd 100755
--- a/install/vst-install-ubuntu.sh
+++ b/install/vst-install-ubuntu.sh
@@ -240,7 +240,7 @@ if [ "x$(id -u)" != 'x0' ]; then
 fi
 
 # Checking admin user account
-if [ ! -z "$(grep ^admin: /etc/passwd /etc/group)" ] && [ -z "$force" ]; then
+if [ ! -z "$(grep ^admin: /etc/passwd)" ] && [ -z "$force" ]; then
     echo 'Please remove admin user account before proceeding.'
     echo 'If you want to do it automatically run installer with -f option:'
     echo -e "Example: bash $0 --force\n"
@@ -1213,7 +1213,7 @@ if [ ! -z "$(grep ^admin: /etc/passwd)" ] && [ "$force" = 'yes' ]; then
     mv -f /home/admin  $vst_backups/home/ >/dev/null 2>&1
     rm -f /tmp/sess_* >/dev/null 2>&1
 fi
-if [ ! -z "$(grep ^admin: /etc/group)" ] && [ "$force" = 'yes' ]; then
+if [ ! -z "$(grep ^admin: /etc/group)" ]; then
     groupdel admin > /dev/null 2>&1
 fi
 

From d05a02e0b64499c1c4d551c298af780b4a0cc1b9 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Thu, 21 Feb 2019 14:58:13 +0200
Subject: [PATCH 0327/2300] hotfix for dovecot namespace on ubuntu 18.04

---
 .../ubuntu/18.04/dovecot/conf.d/10-mail.conf  |  5 +++++
 install/ubuntu/18.04/dovecot/dovecot.conf     | 20 -------------------
 install/vst-install-ubuntu.sh                 | 13 +++++++++++-
 3 files changed, 17 insertions(+), 21 deletions(-)

diff --git a/install/ubuntu/18.04/dovecot/conf.d/10-mail.conf b/install/ubuntu/18.04/dovecot/conf.d/10-mail.conf
index 55313419..7a20878a 100644
--- a/install/ubuntu/18.04/dovecot/conf.d/10-mail.conf
+++ b/install/ubuntu/18.04/dovecot/conf.d/10-mail.conf
@@ -2,3 +2,8 @@ mail_privileged_group = mail
 mail_access_groups = mail
 mail_location = maildir:%h/mail/%d/%n
 pop3_uidl_format = %08Xu%08Xv
+namespace inbox {
+  inbox = yes
+}
+first_valid_uid = 1000
+mbox_write_locks = fcntl
diff --git a/install/ubuntu/18.04/dovecot/dovecot.conf b/install/ubuntu/18.04/dovecot/dovecot.conf
index 163460ba..0a855351 100644
--- a/install/ubuntu/18.04/dovecot/dovecot.conf
+++ b/install/ubuntu/18.04/dovecot/dovecot.conf
@@ -2,23 +2,3 @@ protocols = imap pop3
 listen = *, ::
 base_dir = /var/run/dovecot/
 !include conf.d/*.conf
-
-namespace inbox {
-    type = private
-    separator = /
-    prefix =
-    inbox = yes
-
-    mailbox Sent {
-        auto = subscribe
-        special_use = \Sent
-    }
-    mailbox Drafts {
-        auto = subscribe
-        special_use = \Drafts
-    }
-    mailbox Trash {
-        auto = subscribe
-        special_use = \Trash
-    }
-}
diff --git a/install/vst-install-ubuntu.sh b/install/vst-install-ubuntu.sh
index effa0dcd..7fe4003e 100755
--- a/install/vst-install-ubuntu.sh
+++ b/install/vst-install-ubuntu.sh
@@ -1087,7 +1087,18 @@ fi
 
 if [ "$dovecot" = 'yes' ]; then
     gpasswd -a dovecot mail
-    cp -rf $vestacp/dovecot /etc/
+    if [[ ${release:0:2} -ge 18 ]]; then
+        cp -r /usr/local/vesta/install/debian/9/dovecot /etc/
+        if [ -z "$(grep yes /etc/dovecot/conf.d/10-mail.conf)" ]; then
+            echo "namespace inbox {" >> /etc/dovecot/conf.d/10-mail.conf
+            echo "  inbox = yes" >> /etc/dovecot/conf.d/10-mail.conf
+            echo "}" >> /etc/dovecot/conf.d/10-mail.conf
+            echo "first_valid_uid = 1000" >> /etc/dovecot/conf.d/10-mail.conf
+            echo "mbox_write_locks = fcntl" >> /etc/dovecot/conf.d/10-mail.conf
+        fi
+    else
+        cp -rf $vestacp/dovecot /etc/
+    fi
     cp -f $vestacp/logrotate/dovecot /etc/logrotate.d/
     chown -R root:root /etc/dovecot*
     update-rc.d dovecot defaults

From bf5aa0fd6ed94bc06db8a81964ae62968b7f561f Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Sat, 23 Feb 2019 11:30:28 +0200
Subject: [PATCH 0328/2300] auto subscribe mail dirs

---
 .../debian/9/dovecot/conf.d/15-mailboxes.conf | 29 +++++++++++++++++++
 .../rhel/7/dovecot/conf.d/15-mailboxes.conf   | 29 +++++++++++++++++++
 .../18.04/dovecot/conf.d/15-mailboxes.conf    | 29 +++++++++++++++++++
 3 files changed, 87 insertions(+)
 create mode 100644 install/debian/9/dovecot/conf.d/15-mailboxes.conf
 create mode 100644 install/rhel/7/dovecot/conf.d/15-mailboxes.conf
 create mode 100644 install/ubuntu/18.04/dovecot/conf.d/15-mailboxes.conf

diff --git a/install/debian/9/dovecot/conf.d/15-mailboxes.conf b/install/debian/9/dovecot/conf.d/15-mailboxes.conf
new file mode 100644
index 00000000..7b2bab97
--- /dev/null
+++ b/install/debian/9/dovecot/conf.d/15-mailboxes.conf
@@ -0,0 +1,29 @@
+## Mailbox definitions
+##
+
+
+# NOTE: Assumes "namespace inbox" has been defined in 10-mail.conf.
+namespace inbox {
+  mailbox Drafts {
+    special_use = \Drafts
+    auto = subscribe
+  }
+
+  mailbox Junk {
+    special_use = \Junk
+    auto = subscribe
+  }
+
+  mailbox Trash {
+    special_use = \Trash
+    auto = subscribe
+  }
+
+  mailbox Sent {
+    special_use = \Sent
+    auto = subscribe
+  }
+  mailbox "Sent Messages" {
+    special_use = \Sent
+  }
+}
diff --git a/install/rhel/7/dovecot/conf.d/15-mailboxes.conf b/install/rhel/7/dovecot/conf.d/15-mailboxes.conf
new file mode 100644
index 00000000..7b2bab97
--- /dev/null
+++ b/install/rhel/7/dovecot/conf.d/15-mailboxes.conf
@@ -0,0 +1,29 @@
+## Mailbox definitions
+##
+
+
+# NOTE: Assumes "namespace inbox" has been defined in 10-mail.conf.
+namespace inbox {
+  mailbox Drafts {
+    special_use = \Drafts
+    auto = subscribe
+  }
+
+  mailbox Junk {
+    special_use = \Junk
+    auto = subscribe
+  }
+
+  mailbox Trash {
+    special_use = \Trash
+    auto = subscribe
+  }
+
+  mailbox Sent {
+    special_use = \Sent
+    auto = subscribe
+  }
+  mailbox "Sent Messages" {
+    special_use = \Sent
+  }
+}
diff --git a/install/ubuntu/18.04/dovecot/conf.d/15-mailboxes.conf b/install/ubuntu/18.04/dovecot/conf.d/15-mailboxes.conf
new file mode 100644
index 00000000..7b2bab97
--- /dev/null
+++ b/install/ubuntu/18.04/dovecot/conf.d/15-mailboxes.conf
@@ -0,0 +1,29 @@
+## Mailbox definitions
+##
+
+
+# NOTE: Assumes "namespace inbox" has been defined in 10-mail.conf.
+namespace inbox {
+  mailbox Drafts {
+    special_use = \Drafts
+    auto = subscribe
+  }
+
+  mailbox Junk {
+    special_use = \Junk
+    auto = subscribe
+  }
+
+  mailbox Trash {
+    special_use = \Trash
+    auto = subscribe
+  }
+
+  mailbox Sent {
+    special_use = \Sent
+    auto = subscribe
+  }
+  mailbox "Sent Messages" {
+    special_use = \Sent
+  }
+}

From b510f55e8854b28f39febdfa6721e56e51d464bf Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Mon, 25 Feb 2019 16:08:40 +0300
Subject: [PATCH 0329/2300] a new pricing for FileManager & SFTP chroot plugin

a new pricing for FileManager & SFTP chroot plugin
---
 web/templates/admin/edit_server.html | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/web/templates/admin/edit_server.html b/web/templates/admin/edit_server.html
index cde031fc..285a16c3 100644
--- a/web/templates/admin/edit_server.html
+++ b/web/templates/admin/edit_server.html
@@ -790,7 +790,7 @@
                                                                     '.__('Buy Licence').' 3$/'.__('month').'
                                                                 
                                                                 
-                                                                    '.__('Buy Lifetime License').' 18$
+                                                                    '.__('Buy Lifetime License').' 21$
                                                                 
                                                             
                                                             2Checkout.com Inc. (Ohio, USA) is a payment facilitator for goods and services provided by vestacp.com.';
@@ -835,10 +835,10 @@
                                                             
                                                             
                                                                 
-                                                                    '.__('Buy Licence').' 5$/'.__('month').'
+                                                                    '.__('Buy Licence').' 3$/'.__('month').'
                                                                 
                                                                 
-                                                                    '.__('Buy Lifetime License').' 50$
+                                                                    '.__('Buy Lifetime License').' 28$
                                                                 
                                                             
                                                             2Checkout.com Inc. (Ohio, USA) is a payment facilitator for goods and services provided by vestacp.com.';

From f4d3f7a85fb56acbe88816b4bbbb93c4c53fe422 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Wed, 27 Feb 2019 14:03:51 +0200
Subject: [PATCH 0330/2300] Full PMA&Roundcube installs + dovecot namespace
 hotfix

---
 install/vst-install-ubuntu.sh | 53 ++++++++++++++++++++++++-----------
 1 file changed, 37 insertions(+), 16 deletions(-)

diff --git a/install/vst-install-ubuntu.sh b/install/vst-install-ubuntu.sh
index 7fe4003e..f66407c3 100755
--- a/install/vst-install-ubuntu.sh
+++ b/install/vst-install-ubuntu.sh
@@ -999,10 +999,18 @@ if [ "$mysql" = 'yes' ]; then
         cp -f $vestacp/pma/apache.conf /etc/phpmyadmin/
         ln -s /etc/phpmyadmin/apache.conf /etc/apache2/conf.d/phpmyadmin.conf
     fi
-    cp -f $vestacp/pma/config.inc.php /etc/phpmyadmin/
+    if [[ ${release:0:2} -ge 18 ]]; then
+        mysql < /usr/share/phpmyadmin/sql/create_tables.sql
+        p=$(grep dbpass /etc/phpmyadmin/config-db.php |cut -f 2 -d "'")
+        mysql -e "GRANT ALL ON phpmyadmin.*
+            TO phpmyadmin@localhost IDENTIFIED BY '$p'"
+    else
+        cp -f $vestacp/pma/config.inc.php /etc/phpmyadmin/
+    fi
     chmod 777 /var/lib/phpmyadmin/tmp
 fi
 
+
 #----------------------------------------------------------#
 #                   Configure PostgreSQL                   #
 #----------------------------------------------------------#
@@ -1147,29 +1155,42 @@ if [ "$exim" = 'yes' ] && [ "$mysql" = 'yes' ]; then
         cp -f $vestacp/roundcube/apache.conf /etc/roundcube/
         ln -s /etc/roundcube/apache.conf /etc/apache2/conf.d/roundcube.conf
     fi
-    cp -f $vestacp/roundcube/main.inc.php /etc/roundcube/
-    cp -f  $vestacp/roundcube/db.inc.php /etc/roundcube/
-    chmod 640 /etc/roundcube/debian-db*
-    chown root:www-data /etc/roundcube/debian-db*
-    cp -f $vestacp/roundcube/vesta.php \
-        /usr/share/roundcube/plugins/password/drivers/
-    cp -f $vestacp/roundcube/config.inc.php /etc/roundcube/plugins/password/
-    r="$(gen_pass)"
-    mysql -e "CREATE DATABASE roundcube"
-    mysql -e "GRANT ALL ON roundcube.*
-        TO roundcube@localhost IDENTIFIED BY '$r'"
-    sed -i "s/%password%/$r/g" /etc/roundcube/db.inc.php
-    touch /var/log/roundcube/errors
-    chmod 640 /var/log/roundcube/errors
-    chown www-data:adm /var/log/roundcube/errors
+
+    if [[ ${release:0:2} -ge 18 ]]; then
+        r=$(grep dbpass= /etc/roundcube/debian-db.php |cut -f 2 -d "'")
+        sed -i "s/default_host.*/default_host'] = 'localhost';/" \
+            /etc/roundcube/config.inc.php
+        sed -i "s/^);/'password');/" /etc/roundcube/config.inc.php
+    else
+        r="$(gen_pass)"
+        cp -f $vestacp/roundcube/main.inc.php /etc/roundcube/
+        cp -f  $vestacp/roundcube/db.inc.php /etc/roundcube/
+        sed -i "s/%password%/$r/g" /etc/roundcube/db.inc.php
+    fi
+
     if [ "$release" = '16.04' ]; then
+        # TBD: should be fixed in config repo
         mv /etc/roundcube/db.inc.php /etc/roundcube/debian-db-roundcube.php
         mv /etc/roundcube/main.inc.php /etc/roundcube/config.inc.php
         chmod 640 /etc/roundcube/debian-db-roundcube.php
         chown root:www-data /etc/roundcube/debian-db-roundcube.php
     fi
 
+    cp -f $vestacp/roundcube/vesta.php \
+        /usr/share/roundcube/plugins/password/drivers/
+    cp -f $vestacp/roundcube/config.inc.php /etc/roundcube/plugins/password/
+
+    mysql -e "CREATE DATABASE roundcube"
+    mysql -e "GRANT ALL ON roundcube.*
+        TO roundcube@localhost IDENTIFIED BY '$r'"
     mysql roundcube < /usr/share/dbconfig-common/data/roundcube/install/mysql
+
+    chmod 640 /etc/roundcube/debian-db*
+    chown root:www-data /etc/roundcube/debian-db*
+    touch /var/log/roundcube/errors
+    chmod 640 /var/log/roundcube/errors
+    chown www-data:adm /var/log/roundcube/errors
+
     php5enmod mcrypt 2>/dev/null
     phpenmod mcrypt 2>/dev/null
     if [ "$apache" = 'yes' ]; then

From 372770931cae3eaa3119fe82c476e4c762135d60 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 14:05:12 +0300
Subject: [PATCH 0331/2300] fix for the use of a deprecated directive in nginx

---
 install/debian/7/templates/web/nginx/caching.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/debian/7/templates/web/nginx/caching.stpl b/install/debian/7/templates/web/nginx/caching.stpl
index 5e0e4064..e149b98b 100755
--- a/install/debian/7/templates/web/nginx/caching.stpl
+++ b/install/debian/7/templates/web/nginx/caching.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From edb3fcc2df4def7f4123c59c9428020cc515025d Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 14:06:25 +0300
Subject: [PATCH 0332/2300] fix for the use of a deprecated directive in nginx

---
 install/debian/7/templates/web/nginx/default.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/debian/7/templates/web/nginx/default.stpl b/install/debian/7/templates/web/nginx/default.stpl
index fa538060..0e669b3d 100755
--- a/install/debian/7/templates/web/nginx/default.stpl
+++ b/install/debian/7/templates/web/nginx/default.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From 21ce107c681b8ee614d879c0d74715119b7dae50 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 14:07:07 +0300
Subject: [PATCH 0333/2300] fix for the use of a deprecated directive in nginx

---
 install/debian/7/templates/web/nginx/hosting.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/debian/7/templates/web/nginx/hosting.stpl b/install/debian/7/templates/web/nginx/hosting.stpl
index d778d633..1ef8994b 100755
--- a/install/debian/7/templates/web/nginx/hosting.stpl
+++ b/install/debian/7/templates/web/nginx/hosting.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From b22802478d9a000b9e3a9891eea938e415716d2f Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 14:07:33 +0300
Subject: [PATCH 0334/2300] fix for the use of a deprecated directive in nginx

---
 install/debian/7/templates/web/nginx/http2.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/debian/7/templates/web/nginx/http2.stpl b/install/debian/7/templates/web/nginx/http2.stpl
index 76dd2f8e..db83fcd7 100644
--- a/install/debian/7/templates/web/nginx/http2.stpl
+++ b/install/debian/7/templates/web/nginx/http2.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port% http2;
+    listen      %ip%:%proxy_ssl_port% ssl http2;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/httpd/domains/%domain%.error.log error;

From 7aa71c6ca08af15bbd3b2b1ac2655826db668730 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 14:10:11 +0300
Subject: [PATCH 0335/2300] fix for the use of a deprecated directive in nginx

---
 install/debian/8/templates/web/nginx/caching.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/debian/8/templates/web/nginx/caching.stpl b/install/debian/8/templates/web/nginx/caching.stpl
index 52641dbe..3c56004d 100755
--- a/install/debian/8/templates/web/nginx/caching.stpl
+++ b/install/debian/8/templates/web/nginx/caching.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From 6a5061a7a9a730372b64d6a8a5d6e7faa015b4da Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 14:11:03 +0300
Subject: [PATCH 0336/2300] fix for the use of a deprecated directive in nginx

---
 install/debian/8/templates/web/nginx/default.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/debian/8/templates/web/nginx/default.stpl b/install/debian/8/templates/web/nginx/default.stpl
index fa538060..0e669b3d 100755
--- a/install/debian/8/templates/web/nginx/default.stpl
+++ b/install/debian/8/templates/web/nginx/default.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From 5b4d89b47fd07037163f558bf8594748359ddcd3 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 14:11:21 +0300
Subject: [PATCH 0337/2300] fix for the use of a deprecated directive in nginx

---
 install/debian/8/templates/web/nginx/hosting.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/debian/8/templates/web/nginx/hosting.stpl b/install/debian/8/templates/web/nginx/hosting.stpl
index d778d633..1ef8994b 100755
--- a/install/debian/8/templates/web/nginx/hosting.stpl
+++ b/install/debian/8/templates/web/nginx/hosting.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From 232dbf0d0937164d7b9556b8bfeccd3fc32505ad Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 14:11:55 +0300
Subject: [PATCH 0338/2300] fix for the use of a deprecated directive in nginx

---
 install/debian/8/templates/web/nginx/http2.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/debian/8/templates/web/nginx/http2.stpl b/install/debian/8/templates/web/nginx/http2.stpl
index 76dd2f8e..db83fcd7 100644
--- a/install/debian/8/templates/web/nginx/http2.stpl
+++ b/install/debian/8/templates/web/nginx/http2.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port% http2;
+    listen      %ip%:%proxy_ssl_port% ssl http2;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/httpd/domains/%domain%.error.log error;

From 7a1cdc689ee1b2e4a81c131c121514004b588032 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 14:13:15 +0300
Subject: [PATCH 0339/2300] fix for the use of a deprecated directive in nginx

---
 install/debian/9/templates/web/nginx/caching.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/debian/9/templates/web/nginx/caching.stpl b/install/debian/9/templates/web/nginx/caching.stpl
index 52641dbe..3c56004d 100755
--- a/install/debian/9/templates/web/nginx/caching.stpl
+++ b/install/debian/9/templates/web/nginx/caching.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From 5ea43b6df656b250aa0ec5e6cf48439143c80881 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 14:39:05 +0300
Subject: [PATCH 0340/2300] fix for the use of a deprecated directive in nginx

---
 install/debian/9/templates/web/nginx/default.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/debian/9/templates/web/nginx/default.stpl b/install/debian/9/templates/web/nginx/default.stpl
index fa538060..0e669b3d 100755
--- a/install/debian/9/templates/web/nginx/default.stpl
+++ b/install/debian/9/templates/web/nginx/default.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From 6bb56a874257672f7388a1255071c4242092f2ce Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 14:39:37 +0300
Subject: [PATCH 0341/2300] fix for the use of a deprecated directive in nginx

---
 install/debian/9/templates/web/nginx/hosting.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/debian/9/templates/web/nginx/hosting.stpl b/install/debian/9/templates/web/nginx/hosting.stpl
index d778d633..1ef8994b 100755
--- a/install/debian/9/templates/web/nginx/hosting.stpl
+++ b/install/debian/9/templates/web/nginx/hosting.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From dc3dec644dc3291880ce31d6ca8c2928125aa8b7 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 14:40:06 +0300
Subject: [PATCH 0342/2300] fix for the use of a deprecated directive in nginx

---
 install/debian/9/templates/web/nginx/http2.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/debian/9/templates/web/nginx/http2.stpl b/install/debian/9/templates/web/nginx/http2.stpl
index 72e72a90..f225becd 100644
--- a/install/debian/9/templates/web/nginx/http2.stpl
+++ b/install/debian/9/templates/web/nginx/http2.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port% http2;
+    listen      %ip%:%proxy_ssl_port% ssl http2;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From 4ed0ca484ca1e7e8249ed8360c240814c1462ad4 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 14:41:35 +0300
Subject: [PATCH 0343/2300] fix for the use of a deprecated directive in nginx

---
 install/rhel/5/templates/web/nginx/caching.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/rhel/5/templates/web/nginx/caching.stpl b/install/rhel/5/templates/web/nginx/caching.stpl
index 67b2f6c2..5e1ac757 100755
--- a/install/rhel/5/templates/web/nginx/caching.stpl
+++ b/install/rhel/5/templates/web/nginx/caching.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From 3ed733669e8fd259feea3c4d412de3a0c62eb4df Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 14:41:55 +0300
Subject: [PATCH 0344/2300] fix for the use of a deprecated directive in nginx

---
 install/rhel/5/templates/web/nginx/default.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/rhel/5/templates/web/nginx/default.stpl b/install/rhel/5/templates/web/nginx/default.stpl
index 53ad8d1b..22bbd55a 100755
--- a/install/rhel/5/templates/web/nginx/default.stpl
+++ b/install/rhel/5/templates/web/nginx/default.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/httpd/domains/%domain%.error.log error;

From 01d9626b6cc1d124c3ecc51980fcd24966515344 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 14:42:38 +0300
Subject: [PATCH 0345/2300] fix for the use of a deprecated directive in nginx

---
 install/rhel/5/templates/web/nginx/hosting.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/rhel/5/templates/web/nginx/hosting.stpl b/install/rhel/5/templates/web/nginx/hosting.stpl
index aca458a4..06abc94e 100755
--- a/install/rhel/5/templates/web/nginx/hosting.stpl
+++ b/install/rhel/5/templates/web/nginx/hosting.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/httpd/domains/%domain%.error.log error;

From 3188ae9999f5e3a3fc72eea4fe41740c03c11874 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 14:42:44 +0300
Subject: [PATCH 0346/2300] fix for the use of a deprecated directive in nginx

---
 install/rhel/5/templates/web/nginx/http2.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/rhel/5/templates/web/nginx/http2.stpl b/install/rhel/5/templates/web/nginx/http2.stpl
index 76dd2f8e..db83fcd7 100644
--- a/install/rhel/5/templates/web/nginx/http2.stpl
+++ b/install/rhel/5/templates/web/nginx/http2.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port% http2;
+    listen      %ip%:%proxy_ssl_port% ssl http2;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/httpd/domains/%domain%.error.log error;

From 48f61fcc2cea45c3fc18f05415f8d7a2f7136304 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 14:47:29 +0300
Subject: [PATCH 0347/2300] fix for the use of a deprecated directive in nginx

---
 install/rhel/6/templates/web/nginx/caching.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/rhel/6/templates/web/nginx/caching.stpl b/install/rhel/6/templates/web/nginx/caching.stpl
index 67b2f6c2..5e1ac757 100755
--- a/install/rhel/6/templates/web/nginx/caching.stpl
+++ b/install/rhel/6/templates/web/nginx/caching.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From 064a16043dfb47dabd9df7b91abe5bf9af77b841 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 14:47:31 +0300
Subject: [PATCH 0348/2300] fix for the use of a deprecated directive in nginx

---
 install/rhel/6/templates/web/nginx/default.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/rhel/6/templates/web/nginx/default.stpl b/install/rhel/6/templates/web/nginx/default.stpl
index 53ad8d1b..22bbd55a 100755
--- a/install/rhel/6/templates/web/nginx/default.stpl
+++ b/install/rhel/6/templates/web/nginx/default.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/httpd/domains/%domain%.error.log error;

From 0226e7b862c68e87ce8027f038c6b07e8741558f Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 14:47:33 +0300
Subject: [PATCH 0349/2300] fix for the use of a deprecated directive in nginx

---
 install/rhel/6/templates/web/nginx/hosting.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/rhel/6/templates/web/nginx/hosting.stpl b/install/rhel/6/templates/web/nginx/hosting.stpl
index aca458a4..06abc94e 100755
--- a/install/rhel/6/templates/web/nginx/hosting.stpl
+++ b/install/rhel/6/templates/web/nginx/hosting.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/httpd/domains/%domain%.error.log error;

From f36148ca017bc1e0768bb2dda733c40c484d5fc3 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 14:47:36 +0300
Subject: [PATCH 0350/2300] fix for the use of a deprecated directive in nginx

---
 install/rhel/6/templates/web/nginx/http2.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/rhel/6/templates/web/nginx/http2.stpl b/install/rhel/6/templates/web/nginx/http2.stpl
index 40e79aef..7874e9b1 100644
--- a/install/rhel/6/templates/web/nginx/http2.stpl
+++ b/install/rhel/6/templates/web/nginx/http2.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port% http2;
+    listen      %ip%:%proxy_ssl_port% ssl http2;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/httpd/domains/%domain%.error.log error;

From 40a8461b28b4e8b030615fcaf3f93f339e62b5a0 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 14:49:56 +0300
Subject: [PATCH 0351/2300] fix for the use of a deprecated directive in nginx

---
 install/rhel/7/templates/web/nginx/caching.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/rhel/7/templates/web/nginx/caching.stpl b/install/rhel/7/templates/web/nginx/caching.stpl
index 67b2f6c2..5e1ac757 100755
--- a/install/rhel/7/templates/web/nginx/caching.stpl
+++ b/install/rhel/7/templates/web/nginx/caching.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From 4f086744be2e012bfe3272977df3b010b281dce8 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 14:50:00 +0300
Subject: [PATCH 0352/2300] fix for the use of a deprecated directive in nginx

---
 install/rhel/7/templates/web/nginx/default.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/rhel/7/templates/web/nginx/default.stpl b/install/rhel/7/templates/web/nginx/default.stpl
index 53ad8d1b..22bbd55a 100755
--- a/install/rhel/7/templates/web/nginx/default.stpl
+++ b/install/rhel/7/templates/web/nginx/default.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/httpd/domains/%domain%.error.log error;

From b289a46cfbe651701c05b04c850564a9475810e6 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 14:50:05 +0300
Subject: [PATCH 0353/2300] fix for the use of a deprecated directive in nginx

---
 install/rhel/7/templates/web/nginx/hosting.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/rhel/7/templates/web/nginx/hosting.stpl b/install/rhel/7/templates/web/nginx/hosting.stpl
index aca458a4..06abc94e 100755
--- a/install/rhel/7/templates/web/nginx/hosting.stpl
+++ b/install/rhel/7/templates/web/nginx/hosting.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/httpd/domains/%domain%.error.log error;

From 75283ef755f467d5479ec9559f9855f3005e9784 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 14:50:10 +0300
Subject: [PATCH 0354/2300] fix for the use of a deprecated directive in nginx

---
 install/rhel/7/templates/web/nginx/http2.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/rhel/7/templates/web/nginx/http2.stpl b/install/rhel/7/templates/web/nginx/http2.stpl
index 76dd2f8e..db83fcd7 100644
--- a/install/rhel/7/templates/web/nginx/http2.stpl
+++ b/install/rhel/7/templates/web/nginx/http2.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port% http2;
+    listen      %ip%:%proxy_ssl_port% ssl http2;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/httpd/domains/%domain%.error.log error;

From faa9d4aa625fedaab492835746b3a6d20130b173 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 15:04:45 +0300
Subject: [PATCH 0355/2300] fix for the use of a deprecated directive in nginx

---
 install/ubuntu/12.10/templates/web/nginx/caching.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/12.10/templates/web/nginx/caching.stpl b/install/ubuntu/12.10/templates/web/nginx/caching.stpl
index 5e0e4064..e149b98b 100755
--- a/install/ubuntu/12.10/templates/web/nginx/caching.stpl
+++ b/install/ubuntu/12.10/templates/web/nginx/caching.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From 37acc7bf319783936553dff7bc09782dc1e6c49e Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 15:04:49 +0300
Subject: [PATCH 0356/2300] fix for the use of a deprecated directive in nginx

---
 install/ubuntu/12.10/templates/web/nginx/default.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/12.10/templates/web/nginx/default.stpl b/install/ubuntu/12.10/templates/web/nginx/default.stpl
index fa538060..0e669b3d 100755
--- a/install/ubuntu/12.10/templates/web/nginx/default.stpl
+++ b/install/ubuntu/12.10/templates/web/nginx/default.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From 68230531b3c48a8a33aea387f9830a8b11fc4abd Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 15:04:53 +0300
Subject: [PATCH 0357/2300] fix for the use of a deprecated directive in nginx

---
 install/ubuntu/12.10/templates/web/nginx/hosting.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/12.10/templates/web/nginx/hosting.stpl b/install/ubuntu/12.10/templates/web/nginx/hosting.stpl
index d778d633..1ef8994b 100755
--- a/install/ubuntu/12.10/templates/web/nginx/hosting.stpl
+++ b/install/ubuntu/12.10/templates/web/nginx/hosting.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From d4497846970bf4734624821eb50b736a511e9ccd Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 15:04:58 +0300
Subject: [PATCH 0358/2300] fix for the use of a deprecated directive in nginx

---
 install/ubuntu/12.10/templates/web/nginx/http2.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/12.10/templates/web/nginx/http2.stpl b/install/ubuntu/12.10/templates/web/nginx/http2.stpl
index 72e72a90..f225becd 100644
--- a/install/ubuntu/12.10/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/12.10/templates/web/nginx/http2.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port% http2;
+    listen      %ip%:%proxy_ssl_port% ssl http2;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From 8ef8d8b722fe4ed3d1bfae9f54c89178656e06a9 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 15:05:00 +0300
Subject: [PATCH 0359/2300] fix for the use of a deprecated directive in nginx

---
 install/ubuntu/13.04/templates/web/nginx/caching.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/13.04/templates/web/nginx/caching.stpl b/install/ubuntu/13.04/templates/web/nginx/caching.stpl
index 5e0e4064..e149b98b 100755
--- a/install/ubuntu/13.04/templates/web/nginx/caching.stpl
+++ b/install/ubuntu/13.04/templates/web/nginx/caching.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From f64e745e20783538f28cd45ca856bf8f07fe851f Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 15:05:02 +0300
Subject: [PATCH 0360/2300] fix for the use of a deprecated directive in nginx

---
 install/ubuntu/13.04/templates/web/nginx/default.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/13.04/templates/web/nginx/default.stpl b/install/ubuntu/13.04/templates/web/nginx/default.stpl
index fa538060..0e669b3d 100755
--- a/install/ubuntu/13.04/templates/web/nginx/default.stpl
+++ b/install/ubuntu/13.04/templates/web/nginx/default.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From 58ddfd4b4dedf23d4c079f42ac8785fda9972742 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 15:05:04 +0300
Subject: [PATCH 0361/2300] fix for the use of a deprecated directive in nginx

---
 install/ubuntu/13.04/templates/web/nginx/hosting.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/13.04/templates/web/nginx/hosting.stpl b/install/ubuntu/13.04/templates/web/nginx/hosting.stpl
index d778d633..1ef8994b 100755
--- a/install/ubuntu/13.04/templates/web/nginx/hosting.stpl
+++ b/install/ubuntu/13.04/templates/web/nginx/hosting.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From dca488c0f7c51caa055e88d70eba7f9462df7d45 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 15:05:06 +0300
Subject: [PATCH 0362/2300] fix for the use of a deprecated directive in nginx

---
 install/ubuntu/13.04/templates/web/nginx/http2.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/13.04/templates/web/nginx/http2.stpl b/install/ubuntu/13.04/templates/web/nginx/http2.stpl
index 72e72a90..f225becd 100644
--- a/install/ubuntu/13.04/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/13.04/templates/web/nginx/http2.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port% http2;
+    listen      %ip%:%proxy_ssl_port% ssl http2;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From 1806c2a3d6136a1e454d0f6e471a07936c3bf48b Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 15:05:09 +0300
Subject: [PATCH 0363/2300] fix for the use of a deprecated directive in nginx

---
 install/ubuntu/13.10/templates/web/nginx/caching.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/13.10/templates/web/nginx/caching.stpl b/install/ubuntu/13.10/templates/web/nginx/caching.stpl
index 5e0e4064..e149b98b 100755
--- a/install/ubuntu/13.10/templates/web/nginx/caching.stpl
+++ b/install/ubuntu/13.10/templates/web/nginx/caching.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From ada32d5535ae4ef4ed9037823da198eb0bb770b4 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 15:05:11 +0300
Subject: [PATCH 0364/2300] fix for the use of a deprecated directive in nginx

---
 install/ubuntu/13.10/templates/web/nginx/default.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/13.10/templates/web/nginx/default.stpl b/install/ubuntu/13.10/templates/web/nginx/default.stpl
index fa538060..0e669b3d 100755
--- a/install/ubuntu/13.10/templates/web/nginx/default.stpl
+++ b/install/ubuntu/13.10/templates/web/nginx/default.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From 6c6520a18c12ea101f9ed4ed438a7c57c25104c3 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 15:05:16 +0300
Subject: [PATCH 0365/2300] fix for the use of a deprecated directive in nginx

---
 install/ubuntu/13.10/templates/web/nginx/hosting.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/13.10/templates/web/nginx/hosting.stpl b/install/ubuntu/13.10/templates/web/nginx/hosting.stpl
index d778d633..1ef8994b 100755
--- a/install/ubuntu/13.10/templates/web/nginx/hosting.stpl
+++ b/install/ubuntu/13.10/templates/web/nginx/hosting.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From cf2dc9ccbde6fb8fe841970326ba70f11957323a Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 15:05:20 +0300
Subject: [PATCH 0366/2300] fix for the use of a deprecated directive in nginx

---
 install/ubuntu/13.10/templates/web/nginx/http2.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/13.10/templates/web/nginx/http2.stpl b/install/ubuntu/13.10/templates/web/nginx/http2.stpl
index 72e72a90..f225becd 100644
--- a/install/ubuntu/13.10/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/13.10/templates/web/nginx/http2.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port% http2;
+    listen      %ip%:%proxy_ssl_port% ssl http2;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From c28167f37a0ca8b12e0df7acf3e19ccf4cbba499 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 15:05:24 +0300
Subject: [PATCH 0367/2300] fix for the use of a deprecated directive in nginx

---
 install/ubuntu/14.04/templates/web/nginx/caching.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/14.04/templates/web/nginx/caching.stpl b/install/ubuntu/14.04/templates/web/nginx/caching.stpl
index 5e0e4064..e149b98b 100755
--- a/install/ubuntu/14.04/templates/web/nginx/caching.stpl
+++ b/install/ubuntu/14.04/templates/web/nginx/caching.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From 1ede3c055c93c7233ffe6293c5a3b162dbe27b27 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 15:05:26 +0300
Subject: [PATCH 0368/2300] fix for the use of a deprecated directive in nginx

---
 install/ubuntu/14.04/templates/web/nginx/default.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/14.04/templates/web/nginx/default.stpl b/install/ubuntu/14.04/templates/web/nginx/default.stpl
index fa538060..0e669b3d 100755
--- a/install/ubuntu/14.04/templates/web/nginx/default.stpl
+++ b/install/ubuntu/14.04/templates/web/nginx/default.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From 8cbba0ed3ec3f78b1cc5c9cf11d344d5a82857a2 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 15:05:29 +0300
Subject: [PATCH 0369/2300] fix for the use of a deprecated directive in nginx

---
 install/ubuntu/14.04/templates/web/nginx/hosting.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/14.04/templates/web/nginx/hosting.stpl b/install/ubuntu/14.04/templates/web/nginx/hosting.stpl
index d778d633..1ef8994b 100755
--- a/install/ubuntu/14.04/templates/web/nginx/hosting.stpl
+++ b/install/ubuntu/14.04/templates/web/nginx/hosting.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From bbf745e0496bbb8eb4d4caad1baf34ed030ca6be Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 15:05:31 +0300
Subject: [PATCH 0370/2300] fix for the use of a deprecated directive in nginx

---
 install/ubuntu/14.04/templates/web/nginx/http2.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/14.04/templates/web/nginx/http2.stpl b/install/ubuntu/14.04/templates/web/nginx/http2.stpl
index 72e72a90..f225becd 100644
--- a/install/ubuntu/14.04/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/14.04/templates/web/nginx/http2.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port% http2;
+    listen      %ip%:%proxy_ssl_port% ssl http2;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From 5230c3d3b0dbd27c6785444f47134f2a9f38a038 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 15:05:35 +0300
Subject: [PATCH 0371/2300] fix for the use of a deprecated directive in nginx

---
 install/ubuntu/14.10/templates/web/nginx/caching.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/14.10/templates/web/nginx/caching.stpl b/install/ubuntu/14.10/templates/web/nginx/caching.stpl
index 5e0e4064..e149b98b 100755
--- a/install/ubuntu/14.10/templates/web/nginx/caching.stpl
+++ b/install/ubuntu/14.10/templates/web/nginx/caching.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From cd3ccf5370607dc5c1dd4cd23a88250f937d14ef Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 15:05:38 +0300
Subject: [PATCH 0372/2300] fix for the use of a deprecated directive in nginx

---
 install/ubuntu/14.10/templates/web/nginx/default.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/14.10/templates/web/nginx/default.stpl b/install/ubuntu/14.10/templates/web/nginx/default.stpl
index fa538060..0e669b3d 100755
--- a/install/ubuntu/14.10/templates/web/nginx/default.stpl
+++ b/install/ubuntu/14.10/templates/web/nginx/default.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From a4b8ebcf885333179712c18fc7565e29b7d33fc7 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 15:05:41 +0300
Subject: [PATCH 0373/2300] fix for the use of a deprecated directive in nginx

---
 install/ubuntu/14.10/templates/web/nginx/hosting.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/14.10/templates/web/nginx/hosting.stpl b/install/ubuntu/14.10/templates/web/nginx/hosting.stpl
index d778d633..1ef8994b 100755
--- a/install/ubuntu/14.10/templates/web/nginx/hosting.stpl
+++ b/install/ubuntu/14.10/templates/web/nginx/hosting.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From 00ab9be534bb67669e2e30e8c21be348b253587a Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 15:05:43 +0300
Subject: [PATCH 0374/2300] fix for the use of a deprecated directive in nginx

---
 install/ubuntu/14.10/templates/web/nginx/http2.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/14.10/templates/web/nginx/http2.stpl b/install/ubuntu/14.10/templates/web/nginx/http2.stpl
index 72e72a90..f225becd 100644
--- a/install/ubuntu/14.10/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/14.10/templates/web/nginx/http2.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port% http2;
+    listen      %ip%:%proxy_ssl_port% ssl http2;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From 49ab4c345c4564fe79c10e2e3f76ddef8ed9d01d Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 15:05:45 +0300
Subject: [PATCH 0375/2300] fix for the use of a deprecated directive in nginx

---
 install/ubuntu/12.04/templates/web/nginx/caching.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/12.04/templates/web/nginx/caching.stpl b/install/ubuntu/12.04/templates/web/nginx/caching.stpl
index 5e0e4064..e149b98b 100755
--- a/install/ubuntu/12.04/templates/web/nginx/caching.stpl
+++ b/install/ubuntu/12.04/templates/web/nginx/caching.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From 579ed37114cb23b3b83cbe9571acda09813d32ad Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 15:05:48 +0300
Subject: [PATCH 0376/2300] fix for the use of a deprecated directive in nginx

---
 install/ubuntu/12.04/templates/web/nginx/default.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/12.04/templates/web/nginx/default.stpl b/install/ubuntu/12.04/templates/web/nginx/default.stpl
index fa538060..0e669b3d 100755
--- a/install/ubuntu/12.04/templates/web/nginx/default.stpl
+++ b/install/ubuntu/12.04/templates/web/nginx/default.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From c11a1b165bf578bd68c7198630a7206fce08f028 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 15:05:49 +0300
Subject: [PATCH 0377/2300] fix for the use of a deprecated directive in nginx

---
 install/ubuntu/12.04/templates/web/nginx/hosting.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/12.04/templates/web/nginx/hosting.stpl b/install/ubuntu/12.04/templates/web/nginx/hosting.stpl
index d778d633..1ef8994b 100755
--- a/install/ubuntu/12.04/templates/web/nginx/hosting.stpl
+++ b/install/ubuntu/12.04/templates/web/nginx/hosting.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From e39623308ef89e1c1173c33bb13898c94a53269b Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 15:05:53 +0300
Subject: [PATCH 0378/2300] fix for the use of a deprecated directive in nginx

---
 install/ubuntu/12.04/templates/web/nginx/http2.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/12.04/templates/web/nginx/http2.stpl b/install/ubuntu/12.04/templates/web/nginx/http2.stpl
index 72e72a90..f225becd 100644
--- a/install/ubuntu/12.04/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/12.04/templates/web/nginx/http2.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port% http2;
+    listen      %ip%:%proxy_ssl_port% ssl http2;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From 19bd87334bda2bc463f962e79c51b5924bb00950 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 15:14:51 +0300
Subject: [PATCH 0379/2300] fix for the use of a deprecated directive in nginx

---
 install/ubuntu/15.04/templates/web/nginx/caching.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/15.04/templates/web/nginx/caching.stpl b/install/ubuntu/15.04/templates/web/nginx/caching.stpl
index 5e0e4064..e149b98b 100755
--- a/install/ubuntu/15.04/templates/web/nginx/caching.stpl
+++ b/install/ubuntu/15.04/templates/web/nginx/caching.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From b1e826b0a64ebc1980fe315a1b8db92892b12bcc Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 15:15:03 +0300
Subject: [PATCH 0380/2300] fix for the use of a deprecated directive in nginx

---
 install/ubuntu/15.04/templates/web/nginx/default.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/15.04/templates/web/nginx/default.stpl b/install/ubuntu/15.04/templates/web/nginx/default.stpl
index fa538060..0e669b3d 100755
--- a/install/ubuntu/15.04/templates/web/nginx/default.stpl
+++ b/install/ubuntu/15.04/templates/web/nginx/default.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From 4a04783d666475b59e973d4499f02565e0eb405b Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 15:15:20 +0300
Subject: [PATCH 0381/2300] fix for the use of a deprecated directive in nginx

---
 install/ubuntu/15.04/templates/web/nginx/hosting.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/15.04/templates/web/nginx/hosting.stpl b/install/ubuntu/15.04/templates/web/nginx/hosting.stpl
index d778d633..1ef8994b 100755
--- a/install/ubuntu/15.04/templates/web/nginx/hosting.stpl
+++ b/install/ubuntu/15.04/templates/web/nginx/hosting.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From f85989fdbf9ea4902914951c57dfcc4f039ad825 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 15:18:03 +0300
Subject: [PATCH 0382/2300] fix for the use of a deprecated directive in nginx

---
 install/ubuntu/15.04/templates/web/nginx/http2.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/15.04/templates/web/nginx/http2.stpl b/install/ubuntu/15.04/templates/web/nginx/http2.stpl
index 72e72a90..f225becd 100644
--- a/install/ubuntu/15.04/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/15.04/templates/web/nginx/http2.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port% http2;
+    listen      %ip%:%proxy_ssl_port% ssl http2;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From a90c85e6b5719a5b046ecbc59924cede3180a5f9 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 15:18:46 +0300
Subject: [PATCH 0383/2300] fix for the use of a deprecated directive in nginx

---
 install/ubuntu/15.10/templates/web/nginx/default.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/15.10/templates/web/nginx/default.stpl b/install/ubuntu/15.10/templates/web/nginx/default.stpl
index fa538060..0e669b3d 100755
--- a/install/ubuntu/15.10/templates/web/nginx/default.stpl
+++ b/install/ubuntu/15.10/templates/web/nginx/default.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From 470b88c764b5972b9424cac62054d4167ce3b314 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 15:19:32 +0300
Subject: [PATCH 0384/2300] fix for the use of a deprecated directive in nginx

---
 install/ubuntu/15.10/templates/web/nginx/caching.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/15.10/templates/web/nginx/caching.stpl b/install/ubuntu/15.10/templates/web/nginx/caching.stpl
index 5e0e4064..e149b98b 100755
--- a/install/ubuntu/15.10/templates/web/nginx/caching.stpl
+++ b/install/ubuntu/15.10/templates/web/nginx/caching.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From a38770a08108fcc3e609897f5cd4648094b2c46e Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 15:19:47 +0300
Subject: [PATCH 0385/2300] fix for the use of a deprecated directive in nginx

---
 install/ubuntu/15.10/templates/web/nginx/hosting.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/15.10/templates/web/nginx/hosting.stpl b/install/ubuntu/15.10/templates/web/nginx/hosting.stpl
index d778d633..1ef8994b 100755
--- a/install/ubuntu/15.10/templates/web/nginx/hosting.stpl
+++ b/install/ubuntu/15.10/templates/web/nginx/hosting.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From c1d1f13a0449aacaa91f6c73ae71eb3aa789aacf Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 15:20:06 +0300
Subject: [PATCH 0386/2300] fix for the use of a deprecated directive in nginx

---
 install/ubuntu/15.10/templates/web/nginx/http2.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/15.10/templates/web/nginx/http2.stpl b/install/ubuntu/15.10/templates/web/nginx/http2.stpl
index 72e72a90..f225becd 100644
--- a/install/ubuntu/15.10/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/15.10/templates/web/nginx/http2.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port% http2;
+    listen      %ip%:%proxy_ssl_port% ssl http2;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From caf0890ca1df0eaab811e1939b2bd3a7fbe8a6a2 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 15:22:01 +0300
Subject: [PATCH 0387/2300] fix for the use of a deprecated directive in nginx

---
 install/ubuntu/16.10/templates/web/nginx/caching.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/16.10/templates/web/nginx/caching.stpl b/install/ubuntu/16.10/templates/web/nginx/caching.stpl
index 5e0e4064..e149b98b 100755
--- a/install/ubuntu/16.10/templates/web/nginx/caching.stpl
+++ b/install/ubuntu/16.10/templates/web/nginx/caching.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From eae7202f528b413b5fc0f0e513b095a43afa35ac Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 15:22:09 +0300
Subject: [PATCH 0388/2300] fix for the use of a deprecated directive in nginx

---
 install/ubuntu/16.10/templates/web/nginx/default.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/16.10/templates/web/nginx/default.stpl b/install/ubuntu/16.10/templates/web/nginx/default.stpl
index fa538060..0e669b3d 100755
--- a/install/ubuntu/16.10/templates/web/nginx/default.stpl
+++ b/install/ubuntu/16.10/templates/web/nginx/default.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From 20027824cfcd632439e0087f7dcaac24bcb14ab7 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 15:22:17 +0300
Subject: [PATCH 0389/2300] fix for the use of a deprecated directive in nginx

---
 install/ubuntu/16.10/templates/web/nginx/hosting.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/16.10/templates/web/nginx/hosting.stpl b/install/ubuntu/16.10/templates/web/nginx/hosting.stpl
index d778d633..1ef8994b 100755
--- a/install/ubuntu/16.10/templates/web/nginx/hosting.stpl
+++ b/install/ubuntu/16.10/templates/web/nginx/hosting.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From d353421ff421becbd2c6bb11c1106a45a5faa230 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 15:22:28 +0300
Subject: [PATCH 0390/2300] fix for the use of a deprecated directive in nginx

---
 install/ubuntu/16.10/templates/web/nginx/http2.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/16.10/templates/web/nginx/http2.stpl b/install/ubuntu/16.10/templates/web/nginx/http2.stpl
index 72e72a90..f225becd 100644
--- a/install/ubuntu/16.10/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/16.10/templates/web/nginx/http2.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port% http2;
+    listen      %ip%:%proxy_ssl_port% ssl http2;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From 4d5ecf05e73e8b2650c59d0dcdd8ea7d40df5014 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 15:23:46 +0300
Subject: [PATCH 0391/2300] fix for the use of a deprecated directive in nginx

---
 install/ubuntu/17.04/templates/web/nginx/caching.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/17.04/templates/web/nginx/caching.stpl b/install/ubuntu/17.04/templates/web/nginx/caching.stpl
index 5e0e4064..e149b98b 100755
--- a/install/ubuntu/17.04/templates/web/nginx/caching.stpl
+++ b/install/ubuntu/17.04/templates/web/nginx/caching.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From b3b1ec3c2e0a10997a1f6e57b8691800a14e447c Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 15:23:50 +0300
Subject: [PATCH 0392/2300] fix for the use of a deprecated directive in nginx

---
 install/ubuntu/17.04/templates/web/nginx/default.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/17.04/templates/web/nginx/default.stpl b/install/ubuntu/17.04/templates/web/nginx/default.stpl
index fa538060..0e669b3d 100755
--- a/install/ubuntu/17.04/templates/web/nginx/default.stpl
+++ b/install/ubuntu/17.04/templates/web/nginx/default.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From 3912de3ed0454f3b67a56e60fef76ac87ffd9ad9 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 15:23:55 +0300
Subject: [PATCH 0393/2300] fix for the use of a deprecated directive in nginx

---
 install/ubuntu/17.04/templates/web/nginx/hosting.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/17.04/templates/web/nginx/hosting.stpl b/install/ubuntu/17.04/templates/web/nginx/hosting.stpl
index d778d633..1ef8994b 100755
--- a/install/ubuntu/17.04/templates/web/nginx/hosting.stpl
+++ b/install/ubuntu/17.04/templates/web/nginx/hosting.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From 12fdd9713e2ec43fd9cb049a93bcf9dd03cecec4 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 15:24:14 +0300
Subject: [PATCH 0394/2300] fix for the use of a deprecated directive in nginx

---
 install/ubuntu/17.04/templates/web/nginx/http2.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/17.04/templates/web/nginx/http2.stpl b/install/ubuntu/17.04/templates/web/nginx/http2.stpl
index 72e72a90..f225becd 100644
--- a/install/ubuntu/17.04/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/17.04/templates/web/nginx/http2.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port% http2;
+    listen      %ip%:%proxy_ssl_port% ssl http2;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From b7a2728ab03cc5d9576ecd21ce74335fde16631e Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 15:25:40 +0300
Subject: [PATCH 0395/2300] fix for the use of a deprecated directive in nginx

---
 install/ubuntu/17.10/templates/web/nginx/caching.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/17.10/templates/web/nginx/caching.stpl b/install/ubuntu/17.10/templates/web/nginx/caching.stpl
index 5e0e4064..e149b98b 100755
--- a/install/ubuntu/17.10/templates/web/nginx/caching.stpl
+++ b/install/ubuntu/17.10/templates/web/nginx/caching.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From 12bc7ab544c0ad4d69947f448203cc0b0f66fdc8 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 15:25:42 +0300
Subject: [PATCH 0396/2300] fix for the use of a deprecated directive in nginx

---
 install/ubuntu/17.10/templates/web/nginx/default.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/17.10/templates/web/nginx/default.stpl b/install/ubuntu/17.10/templates/web/nginx/default.stpl
index fa538060..0e669b3d 100755
--- a/install/ubuntu/17.10/templates/web/nginx/default.stpl
+++ b/install/ubuntu/17.10/templates/web/nginx/default.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From 452a7ad62efc881d86d3fec5cc7f9c35c6190c5c Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 15:25:48 +0300
Subject: [PATCH 0397/2300] fix for the use of a deprecated directive in nginx

---
 install/ubuntu/17.10/templates/web/nginx/hosting.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/17.10/templates/web/nginx/hosting.stpl b/install/ubuntu/17.10/templates/web/nginx/hosting.stpl
index d778d633..1ef8994b 100755
--- a/install/ubuntu/17.10/templates/web/nginx/hosting.stpl
+++ b/install/ubuntu/17.10/templates/web/nginx/hosting.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port%;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From ae1ec05e6617fe2cabde5a09322de95d4aef20e9 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Thu, 28 Feb 2019 15:25:54 +0300
Subject: [PATCH 0398/2300] fix for the use of a deprecated directive in nginx

---
 install/ubuntu/17.10/templates/web/nginx/http2.stpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/ubuntu/17.10/templates/web/nginx/http2.stpl b/install/ubuntu/17.10/templates/web/nginx/http2.stpl
index 72e72a90..f225becd 100644
--- a/install/ubuntu/17.10/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/17.10/templates/web/nginx/http2.stpl
@@ -1,7 +1,6 @@
 server {
-    listen      %ip%:%proxy_ssl_port% http2;
+    listen      %ip%:%proxy_ssl_port% ssl http2;
     server_name %domain_idn% %alias_idn%;
-    ssl         on;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;

From a7b54d60002f6ec79f0182bfc39705e5819a866b Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Thu, 28 Feb 2019 23:47:07 +0200
Subject: [PATCH 0399/2300] Function to search avaiable SSL certificates that
 could be used as main cert

---
 bin/v-search-ssl-certificates | 97 +++++++++++++++++++++++++++++++++++
 1 file changed, 97 insertions(+)
 create mode 100755 bin/v-search-ssl-certificates

diff --git a/bin/v-search-ssl-certificates b/bin/v-search-ssl-certificates
new file mode 100755
index 00000000..5a5c74bf
--- /dev/null
+++ b/bin/v-search-ssl-certificates
@@ -0,0 +1,97 @@
+#!/bin/bash
+# info: search ssl certificates
+# options: [FORMAT]
+#
+# The function to obtain the list of available ssl certificates.
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument definition
+format=${1-shell}
+
+# Includes
+source $VESTA/func/main.sh
+
+# JSON list function
+json_list() {
+    IFS=$'\n'
+    i=1
+    objects=$(echo "$search_cmd" |wc -l)
+    echo "{"
+    for str in $search_cmd; do
+        eval $str
+        echo -n '    "'$i'": {
+        "USER": "'$USER'",
+        "DOMAIN": "'$DOMAIN'"
+    }'
+        if [ "$i" -lt "$objects" ]; then
+            echo ','
+        else
+            echo
+        fi
+        ((i++))
+    done
+    echo '}'
+}
+
+# SHELL list function
+shell_list() {
+    IFS=$'\n'
+    echo "USER   DOMAIN"
+    echo "----   ------"
+    for str in $search_cmd; do
+        eval $str
+        echo "$USER $DOMAIN"
+    done
+}
+
+# PLAIN list function
+plain_list() {
+    IFS=$'\n'
+    for str in $search_cmd; do
+        eval $str
+        echo -e "$USER\t$DOMAIN"
+    done
+}
+
+# CSV list function
+csv_list() {
+    IFS=$'\n'
+    echo "USER,DOMAIN"
+    for str in $search_cmd; do
+        eval $str
+        echo  "$USER,$DOMAIN"
+    done
+}
+
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+search_cmd=$(grep "SSL='yes'" $VESTA/data/users/*/web.conf |\
+    cut -f 1 -d ' ' |\
+    sed -e "s|$VESTA/data/users/|USER='|" -e "s|/web.conf:|' |")
+
+# Listing data
+case $format in
+    json)   json_list ;;
+    plain)  plain_list ;;
+    csv)    csv_list ;;
+    shell)  shell_list |column -t ;;
+esac
+
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+exit

From fde256744d088121c023f3547c0dd49b96a6f13d Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 1 Mar 2019 14:30:05 +0100
Subject: [PATCH 0400/2300] nice and ionice for filemanager operation functions

---
 web/file_manager/fm_core.php | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/web/file_manager/fm_core.php b/web/file_manager/fm_core.php
index 4c552b0c..6adb0f75 100644
--- a/web/file_manager/fm_core.php
+++ b/web/file_manager/fm_core.php
@@ -83,7 +83,7 @@ class FileManager {
         $src = $this->formatFullPath($item);
         $dst = $this->formatFullPath($target_dir);
 
-        exec (VESTA_CMD . "v-copy-fs-file {$this->user} {$src} {$dst}", $output, $return_var);
+        exec (VESTA_CMD . "nice -n 19 ionice -c 3 v-copy-fs-file {$this->user} {$src} {$dst}", $output, $return_var);
 
         $error = self::check_return_code($return_var, $output);
 
@@ -104,7 +104,7 @@ class FileManager {
         $src = $this->formatFullPath($item);
         $dst = $this->formatFullPath($target_dir);
 
-        exec (VESTA_CMD . "v-copy-fs-directory {$this->user} {$src} {$dst}", $output, $return_var);
+        exec (VESTA_CMD . "nice -n 19 ionice -c 3 v-copy-fs-directory {$this->user} {$src} {$dst}", $output, $return_var);
 
         $error = self::check_return_code($return_var, $output);
 
@@ -159,7 +159,7 @@ class FileManager {
 
         $dst_item = $this->formatFullPath($dst_item);
 
-        exec (VESTA_CMD . "v-add-fs-archive {$this->user} {$dst_item} {$items}", $output, $return_var);
+        exec (VESTA_CMD . "nice -n 19 ionice -c 3 v-add-fs-archive {$this->user} {$dst_item} {$items}", $output, $return_var);
 
         $error = self::check_return_code($return_var, $output);
 
@@ -183,7 +183,7 @@ class FileManager {
 
         $dst_item = $this->formatFullPath($dst_item_name);
 
-        exec (VESTA_CMD . "v-copy-fs-file {$this->user} {$src_item} {$dst_item}", $output, $return_var);
+        exec (VESTA_CMD . "nice -n 19 ionice -c 3 v-copy-fs-file {$this->user} {$src_item} {$dst_item}", $output, $return_var);
 
         $error = self::check_return_code($return_var, $output);
 
@@ -219,7 +219,7 @@ class FileManager {
         $item     = $this->formatFullPath($item);
         $dst_item = $this->formatFullPath($target_dir);
 
-        exec (VESTA_CMD . "v-extract-fs-archive {$this->user} {$item} {$dst_item}", $output, $return_var);
+        exec (VESTA_CMD . "nice -n 19 ionice -c 3 v-extract-fs-archive {$this->user} {$item} {$dst_item}", $output, $return_var);
 
         $error = self::check_return_code($return_var, $output);
 

From 9689bc144dcccfa57f7070dccf5149cfcbd9ceab Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 1 Mar 2019 14:34:00 +0100
Subject: [PATCH 0401/2300] Larger LA graph

---
 bin/v-update-sys-rrd-la | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-update-sys-rrd-la b/bin/v-update-sys-rrd-la
index c6343e3d..c8266626 100755
--- a/bin/v-update-sys-rrd-la
+++ b/bin/v-update-sys-rrd-la
@@ -64,7 +64,7 @@ fi
 # Updating graph
 rrdtool graph $RRD/la/$period-la.png \
     --imgformat PNG \
-    --height="150" \
+    --height="350" \
     --width="670" \
     --start "$start" \
     --end "$end" \

From dbd028adc86074fb26355fcf787d2cdae1e2df2a Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 2 Mar 2019 23:16:46 +0100
Subject: [PATCH 0402/2300] Fix for nice and ionice in FileManager

---
 web/file_manager/fm_core.php | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/web/file_manager/fm_core.php b/web/file_manager/fm_core.php
index 6adb0f75..b176f01d 100644
--- a/web/file_manager/fm_core.php
+++ b/web/file_manager/fm_core.php
@@ -83,7 +83,7 @@ class FileManager {
         $src = $this->formatFullPath($item);
         $dst = $this->formatFullPath($target_dir);
 
-        exec (VESTA_CMD . "nice -n 19 ionice -c 3 v-copy-fs-file {$this->user} {$src} {$dst}", $output, $return_var);
+        exec ("nice -n 19 ionice -c 3 ".VESTA_CMD . "v-copy-fs-file {$this->user} {$src} {$dst}", $output, $return_var);
 
         $error = self::check_return_code($return_var, $output);
 
@@ -104,7 +104,7 @@ class FileManager {
         $src = $this->formatFullPath($item);
         $dst = $this->formatFullPath($target_dir);
 
-        exec (VESTA_CMD . "nice -n 19 ionice -c 3 v-copy-fs-directory {$this->user} {$src} {$dst}", $output, $return_var);
+        exec ("nice -n 19 ionice -c 3 ".VESTA_CMD . "v-copy-fs-directory {$this->user} {$src} {$dst}", $output, $return_var);
 
         $error = self::check_return_code($return_var, $output);
 
@@ -159,7 +159,7 @@ class FileManager {
 
         $dst_item = $this->formatFullPath($dst_item);
 
-        exec (VESTA_CMD . "nice -n 19 ionice -c 3 v-add-fs-archive {$this->user} {$dst_item} {$items}", $output, $return_var);
+        exec ("nice -n 19 ionice -c 3 ".VESTA_CMD . "v-add-fs-archive {$this->user} {$dst_item} {$items}", $output, $return_var);
 
         $error = self::check_return_code($return_var, $output);
 
@@ -183,7 +183,7 @@ class FileManager {
 
         $dst_item = $this->formatFullPath($dst_item_name);
 
-        exec (VESTA_CMD . "nice -n 19 ionice -c 3 v-copy-fs-file {$this->user} {$src_item} {$dst_item}", $output, $return_var);
+        exec ("nice -n 19 ionice -c 3 ".VESTA_CMD . "v-copy-fs-file {$this->user} {$src_item} {$dst_item}", $output, $return_var);
 
         $error = self::check_return_code($return_var, $output);
 
@@ -219,7 +219,7 @@ class FileManager {
         $item     = $this->formatFullPath($item);
         $dst_item = $this->formatFullPath($target_dir);
 
-        exec (VESTA_CMD . "nice -n 19 ionice -c 3 v-extract-fs-archive {$this->user} {$item} {$dst_item}", $output, $return_var);
+        exec ("nice -n 19 ionice -c 3 ".VESTA_CMD . "v-extract-fs-archive {$this->user} {$item} {$dst_item}", $output, $return_var);
 
         $error = self::check_return_code($return_var, $output);
 

From 80730aafa477947b2203671ddc3912723b5d45ee Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 2 Mar 2019 23:21:58 +0100
Subject: [PATCH 0403/2300] unzip in debian installer

---
 install/vst-install-debian.sh | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 87edd88b..b4b6c375 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -29,7 +29,7 @@ if [ "$release" -eq 9 ]; then
         flex whois rssh git idn zip sudo bc ftp lsof ntpdate rrdtool quota
         e2fslibs bsdutils e2fsprogs curl imagemagick fail2ban dnsutils
         bsdmainutils cron vesta vesta-nginx vesta-php expect libmail-dkim-perl
-        unrar-free vim-common vesta-ioncube vesta-softaculous net-tools"
+        unrar-free vim-common vesta-ioncube vesta-softaculous net-tools unzip"
 elif [ "$release" -eq 8 ]; then
     software="nginx apache2 apache2-utils apache2.2-common
         apache2-suexec-custom libapache2-mod-ruid2
@@ -42,7 +42,7 @@ elif [ "$release" -eq 8 ]; then
         flex whois rssh git idn zip sudo bc ftp lsof ntpdate rrdtool quota
         e2fslibs bsdutils e2fsprogs curl imagemagick fail2ban dnsutils
         bsdmainutils cron vesta vesta-nginx vesta-php expect libmail-dkim-perl
-        unrar-free vim-common vesta-ioncube vesta-softaculous net-tools"
+        unrar-free vim-common vesta-ioncube vesta-softaculous net-tools unzip"
 else
     software="nginx apache2 apache2-utils apache2.2-common
         apache2-suexec-custom libapache2-mod-ruid2
@@ -55,7 +55,7 @@ else
         flex whois rssh git idn zip sudo bc ftp lsof ntpdate rrdtool quota
         e2fslibs bsdutils e2fsprogs curl imagemagick fail2ban dnsutils
         bsdmainutils cron vesta vesta-nginx vesta-php expect unrar-free
-        vim-common vesta-ioncube vesta-softaculous net-tools"
+        vim-common vesta-ioncube vesta-softaculous net-tools unzip"
 fi
 
 # Defining help function

From eb03d7bab2a27d847cd8b3856f8231c3d7247526 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 2 Mar 2019 23:24:02 +0100
Subject: [PATCH 0404/2300] Added unzip to Debian installer

Needed for FileManager
---
 install/vst-install-debian.sh | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index a7ea3da5..0741a6d6 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -29,7 +29,7 @@ if [ "$release" -eq 9 ]; then
         flex whois rssh git idn zip sudo bc ftp lsof ntpdate rrdtool quota
         e2fslibs bsdutils e2fsprogs curl imagemagick fail2ban dnsutils
         bsdmainutils cron vesta vesta-nginx vesta-php expect libmail-dkim-perl
-        unrar-free vim-common vesta-ioncube vesta-softaculous net-tools"
+        unrar-free vim-common vesta-ioncube vesta-softaculous net-tools unzip"
 elif [ "$release" -eq 8 ]; then
     software="nginx apache2 apache2-utils apache2.2-common
         apache2-suexec-custom libapache2-mod-ruid2
@@ -42,7 +42,7 @@ elif [ "$release" -eq 8 ]; then
         flex whois rssh git idn zip sudo bc ftp lsof ntpdate rrdtool quota
         e2fslibs bsdutils e2fsprogs curl imagemagick fail2ban dnsutils
         bsdmainutils cron vesta vesta-nginx vesta-php expect libmail-dkim-perl
-        unrar-free vim-common vesta-ioncube vesta-softaculous net-tools"
+        unrar-free vim-common vesta-ioncube vesta-softaculous net-tools unzip"
 else
     software="nginx apache2 apache2-utils apache2.2-common
         apache2-suexec-custom libapache2-mod-ruid2
@@ -55,7 +55,7 @@ else
         flex whois rssh git idn zip sudo bc ftp lsof ntpdate rrdtool quota
         e2fslibs bsdutils e2fsprogs curl imagemagick fail2ban dnsutils
         bsdmainutils cron vesta vesta-nginx vesta-php expect unrar-free
-        vim-common vesta-ioncube vesta-softaculous net-tools"
+        vim-common vesta-ioncube vesta-softaculous net-tools unzip"
 fi
 
 # Defining help function

From c1b775443dd50b6db1babfa223b22d3b1c29129e Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Sun, 3 Mar 2019 23:25:16 +0200
Subject: [PATCH 0405/2300] added scripts to copy web domain ssl to vesta and
 exim

---
 bin/v-copy-sys-mail-ssl  | 89 ++++++++++++++++++++++++++++++++++++
 bin/v-copy-sys-vesta-ssl | 97 ++++++++++++++++++++++++++++++++++++++++
 2 files changed, 186 insertions(+)
 create mode 100755 bin/v-copy-sys-mail-ssl
 create mode 100755 bin/v-copy-sys-vesta-ssl

diff --git a/bin/v-copy-sys-mail-ssl b/bin/v-copy-sys-mail-ssl
new file mode 100755
index 00000000..5b52a688
--- /dev/null
+++ b/bin/v-copy-sys-mail-ssl
@@ -0,0 +1,89 @@
+#!/bin/bash
+# info: copy mail ssl certificate
+# options: USER DOMAIN [RESTART]
+#
+# The function copies user domain SSL to mail SSL directory
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument definition
+user=$1
+domain=$2
+restart=$3
+
+# Includes
+source $VESTA/func/main.sh
+source $VESTA/func/domain.sh
+source $VESTA/conf/vesta.conf
+
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '2' "$#" 'USER DOMAIN [RESTART]'
+is_format_valid 'user' 'domain'
+is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM'
+is_object_valid 'user' 'USER' "$user"
+is_object_valid 'web' 'DOMAIN' "$domain"
+is_object_value_exist 'web' 'DOMAIN' "$domain" '$SSL'
+
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Defining certificate location
+dom_crt="/home/$user/conf/web/ssl.$domain.pem"
+dom_key="/home/$user/conf/web/ssl.$domain.key"
+vst_crt="$VESTA/ssl/mail.crt"
+vst_key="$VESTA/ssl/mail.key"
+
+# Checking certificate
+if [ ! -e "$dom_crt" ] || [ ! -e "$dom_key" ]; then
+    check_result $E_NOTEXIST "$domain certificate doesn't exist"
+fi
+
+# Checking difference
+diff $dom_crt $vst_crt >/dev/null 2>&1
+if [ $? -ne 0 ]; then
+    rm -f $vst_crt.old $vst_key.old
+    mv $vst_crt $vst_crt.old
+    mv $vst_key $vst_key.old
+    cp $dom_crt $vst_crt 2>/dev/null
+    cp $dom_key $vst_key 2>/dev/null
+    chown root:mail $vst_crt $vst_key
+else
+    restart=no
+fi
+
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+# Restarting services
+if [ "$restart" != 'no' ]; then
+    if [ ! -z "$MAIL_SYSTEM" ]; then
+        $BIN/v-restart-service $MAIL_SYSTEM
+    fi
+    if [ ! -z "$IMAP_SYSTEM" ]; then
+        $BIN/v-restart-service $IMAP_SYSTEM
+    fi
+fi
+
+# Updating vesta.conf
+if [ -z "$(grep MAIL_CERTIFICATE $VESTA/conf/vesta.conf)" ]; then
+    echo "MAIL_CERTIFICATE='$user:$domain'" >> $VESTA/conf/vesta.conf
+else
+    sed -i "s/MAIL_CERTIFICATE.*/MAIL_CERTIFICATE='$user:$domain'/g" \
+        $VESTA/conf/vesta.conf
+fi
+
+# Logging
+log_event "$OK" "$ARGUMENTS"
+
+exit
diff --git a/bin/v-copy-sys-vesta-ssl b/bin/v-copy-sys-vesta-ssl
new file mode 100755
index 00000000..94a0cdfc
--- /dev/null
+++ b/bin/v-copy-sys-vesta-ssl
@@ -0,0 +1,97 @@
+#!/bin/bash
+# info: copy vesta ssl certificate
+# options: USER DOMAIN [RESTART]
+#
+# The function copies user domain SSL to vesta SSL directory
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument definition
+user=$1
+domain=$2
+restart=$3
+
+# Includes
+source $VESTA/func/main.sh
+source $VESTA/func/domain.sh
+source $VESTA/conf/vesta.conf
+
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '2' "$#" 'USER DOMAIN [RESTART]'
+is_format_valid 'user' 'domain'
+is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM'
+is_object_valid 'user' 'USER' "$user"
+is_object_valid 'web' 'DOMAIN' "$domain"
+is_object_value_exist 'web' 'DOMAIN' "$domain" '$SSL'
+
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Defining certificate location
+dom_crt="/home/$user/conf/web/ssl.$domain.pem"
+dom_key="/home/$user/conf/web/ssl.$domain.key"
+vst_crt="$VESTA/ssl/certificate.crt"
+vst_key="$VESTA/ssl/certificate.key"
+
+# Checking certificate
+if [ ! -e "$dom_crt" ] || [ ! -e "$dom_key" ]; then
+    check_result $E_NOTEXIST "$domain certificate doesn't exist"
+fi
+
+# Checking difference
+diff $dom_crt $vst_crt >/dev/null 2>&1
+if [ $? -ne 0 ]; then
+    rm -f $vst_crt.old $vst_key.old
+    mv $vst_crt $vst_crt.old
+    mv $vst_key $vst_key.old
+    cp $dom_crt $vst_crt 2>/dev/null
+    cp $dom_key $vst_key 2>/dev/null
+    chown root:mail $vst_crt $vst_key
+else
+    restart=no
+fi
+
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+# Restarting services
+if [ "$restart" != 'no' ]; then
+    if [ ! -z "$MAIL_SYSTEM" ]; then
+        $BIN/v-restart-service $MAIL_SYSTEM
+    fi
+    if [ ! -z "$IMAP_SYSTEM" ]; then
+        $BIN/v-restart-service $IMAP_SYSTEM
+    fi
+    if [ ! -z "$FTP_SYSTEM" ]; then
+        $BIN/v-restart-service "$FTP_SYSTEM"
+    fi
+    if [ -e "/var/run/vesta-nginx.pid" ]; then
+        kill -HUP $(cat /var/run/vesta-nginx.pid)
+    else
+        service vesta restart
+    fi
+fi
+
+# Updating vesta.conf
+if [ -z "$(grep VESTA_CERTIFICATE $VESTA/conf/vesta.conf)" ]; then
+    echo "VESTA_CERTIFICATE='$user:$domain'" >> $VESTA/conf/vesta.conf
+else
+    sed -i "s/VESTA_CERTIFICATE.*/VESTA_CERTIFICATE='$user:$domain'/g" \
+        $VESTA/conf/vesta.conf
+fi
+
+# Logging
+log_event "$OK" "$ARGUMENTS"
+
+exit

From 2959165e1aecfbc8a10c9fa7a15744c3f2b375f8 Mon Sep 17 00:00:00 2001
From: myrevery <16082142+myrevery@users.noreply.github.com>
Date: Mon, 11 Mar 2019 06:43:33 +0800
Subject: [PATCH 0406/2300] Update cn.php

Refine some details.
---
 web/inc/i18n/cn.php | 46 ++++++++++++++++++++++-----------------------
 1 file changed, 23 insertions(+), 23 deletions(-)

diff --git a/web/inc/i18n/cn.php b/web/inc/i18n/cn.php
index 62147871..ee9c9747 100644
--- a/web/inc/i18n/cn.php
+++ b/web/inc/i18n/cn.php
@@ -10,7 +10,7 @@
  */
 
 $LANG['cn'] = array(
-    'Packages'  => '预设方案',
+    'Packages'  => '用户方案',
     'IP'  => 'IP 地址',
     'Graphs'  => '资源图表',
     'Statistics'  => '统计信息',
@@ -33,7 +33,7 @@ $LANG['cn'] = array(
     'LOGIN'  => '登录',
     'RESET PASSWORD'  => '重置密码',
     'SEARCH'  => '搜索',
-    'PACKAGE'  => '预设方案',
+    'PACKAGE'  => '用户方案',
     'RRD'  => '资源图表',
     'STATS'  => '统计信息',
     'LOG'  => '系统日志',
@@ -102,7 +102,7 @@ $LANG['cn'] = array(
     'open %s'  => '打开 %s',
     'download'  => '下载',
     'restore'  => '恢复',
-    'configure restore settings'  => '配置恢复选项',
+    'configure restore settings'  => '配置恢复',
     'stop'  => '停止',
     'start'  => '启动',
     'restart'  => '重新启动',
@@ -136,7 +136,7 @@ $LANG['cn'] = array(
     'Editing Package'  => '编辑方案',
     'Adding IP address'  => '添加IP地址',
     'Editing IP Address'  => '编辑IP地址',
-    'Editing Backup Exclusions' => '配置排除的备份项目',
+    'Editing Backup Exclusions' => '配置需排除备份的项目',
     'Generating CSR' => '生成CSR',
     'Listing'  => '列出',
     'Search Results'  => '搜索结果',
@@ -195,7 +195,7 @@ $LANG['cn'] = array(
     'IP Addresses' => 'IP地址',
     'Backups' => '备份',
     'Backup System' => '备份系统',
-    'backup exclusions' => '排除的备份项目',
+    'backup exclusions' => '需排除备份的项目',
     'template' => '模板',
     'SSL Support' => '启用SSL',
     'SSL Home Directory' => 'SSL站点主目录',
@@ -211,7 +211,7 @@ $LANG['cn'] = array(
     'TTL' => 'TTL',
     'Expire' => '过期',
     'Records' => '记录',
-    'Serial'  => 'Serial',
+    'Serial'  => '序号',
     'Catchall email' => '未知收件人聚合邮箱',
     'AntiVirus Support' => '防病毒支持',
     'AntiSpam Support' => '防垃圾邮件支持',
@@ -251,19 +251,19 @@ $LANG['cn'] = array(
     'Owner' => '归属',
     'Users'  => '用户',
     'Load Average'  => '平均负载',
-    'Memory Usage'  => '内存用量',
-    'APACHE2 Usage'  => 'Apache2 用量',
-    'HTTPD Usage'  => 'HTTPD 用量',
-    'NGINX Usage'  => 'NGINX 用量',
-    'MySQL Usage on localhost'  => 'MySQL用量 (localhost)',
-    'PostgreSQL Usage on localhost'  => 'PostgreSQL用量 (localhost)',
-    'Bandwidth Usage eth0'  => '网络流量 (eth0)',
-    'Bandwidth Usage eth1'  => '网络流量 (eth1)',
-    'Bandwidth Usage venet0'  => '网络流量 (venet0)',
-    'Bandwidth Usage venet1'  => '网络流量 (venet1)',
-    'Exim Usage'  => 'Exim 用量',
-    'FTP Usage'  => 'FTP 用量',
-    'SSH Usage'  => 'SSH 用量',
+    'Memory Usage'  => '内存使用情况',
+    'APACHE2 Usage'  => 'Apache2 使用情况',
+    'HTTPD Usage'  => 'HTTPD 使用情况',
+    'NGINX Usage'  => 'NGINX 使用情况',
+    'MySQL Usage on localhost'  => 'MySQL 使用情况 (localhost)',
+    'PostgreSQL Usage on localhost'  => 'PostgreSQL 使用情况 (localhost)',
+    'Bandwidth Usage eth0'  => '网络使用情况 (eth0)',
+    'Bandwidth Usage eth1'  => '网络使用情况 (eth1)',
+    'Bandwidth Usage venet0'  => '网络使用情况 (venet0)',
+    'Bandwidth Usage venet1'  => '网络使用情况 (venet1)',
+    'Exim Usage'  => 'Exim 使用情况',
+    'FTP Usage'  => 'FTP 使用情况',
+    'SSH Usage'  => 'SSH 使用情况',
     'reverse proxy'  => '反向代理',
     'web server'  => 'Web服务',
     'backend server' => '后端服务', //New Keyword for PHP-FPM in SERVER page.
@@ -712,7 +712,7 @@ $LANG['cn'] = array(
     'Disable and Cancel Licence' => '停用并取消许可',
     'Licence Activated' => '许可已激活',
     'Licence Deactivated' => '许可已停用',
-    'Restrict users so that they cannot use SSH and access only their home directory.' => '限制用户，使他们通过 SSH 只能访问自己的主目录。',
+    'Restrict users so that they cannot use SSH and access only their home directory.' => '限制用户，对他们禁用 SSH 且只能访问自己的主目录。',
     'Browse, copy, edit, view, and retrieve all of your web domain files using fully featured File Manager.' => '功能全面的文件管理器，浏览，复制，编辑，查看和检索你的 Web 文件。',
     'This is a commercial module, you would need to purchace license key to enable it.' => '这是商业模块，请购买许可密匙来启用它。',
 
@@ -745,12 +745,12 @@ $LANG['cn'] = array(
     'awstats' => 'AWStats',
 
     'Vesta SSL' => 'Vesta SSL',
-    'SUBJECT' => '颁发给',
+    'SUBJECT' => '使用者',
     'ALIASES' => '可选名称',
-    'NOT_BEFORE' => '有效期从',
+    'NOT_BEFORE' => '有效期自',
     'NOT_AFTER' => '有效期至',
     'SIGNATURE' => '签名算法',
-    'PUB_KEY' => '公钥长度',
+    'PUB_KEY' => '密钥大小',
     'ISSUER' => '颁发者',
 
     'Use server hostname' => '采用服务器主机名',

From 8edf965375c912dd93230ab178dc52f2c653b10c Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Thu, 14 Mar 2019 00:44:06 +0200
Subject: [PATCH 0407/2300] backend: user domain vesta ssl certificate support

---
 ...v-copy-sys-mail-ssl => v-add-sys-mail-ssl} |  23 ++-
 ...copy-sys-vesta-ssl => v-add-sys-vesta-ssl} |   6 +-
 bin/v-add-web-domain-ssl                      |  16 +++
 bin/v-delete-sys-mail-ssl                     |  75 ++++++++++
 bin/v-delete-sys-vesta-ssl                    |  37 +++++
 bin/v-list-sys-config                         |  19 ++-
 bin/v-list-sys-mail-ssl                       | 135 ++++++++++++++++++
 bin/v-search-ssl-certificates                 |  16 +--
 8 files changed, 307 insertions(+), 20 deletions(-)
 rename bin/{v-copy-sys-mail-ssl => v-add-sys-mail-ssl} (77%)
 rename bin/{v-copy-sys-vesta-ssl => v-add-sys-vesta-ssl} (93%)
 create mode 100755 bin/v-delete-sys-mail-ssl
 create mode 100755 bin/v-delete-sys-vesta-ssl
 create mode 100755 bin/v-list-sys-mail-ssl

diff --git a/bin/v-copy-sys-mail-ssl b/bin/v-add-sys-mail-ssl
similarity index 77%
rename from bin/v-copy-sys-mail-ssl
rename to bin/v-add-sys-mail-ssl
index 5b52a688..1ebffdc3 100755
--- a/bin/v-copy-sys-mail-ssl
+++ b/bin/v-add-sys-mail-ssl
@@ -26,7 +26,7 @@ source $VESTA/conf/vesta.conf
 
 check_args '2' "$#" 'USER DOMAIN [RESTART]'
 is_format_valid 'user' 'domain'
-is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM'
+is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM'
 is_object_valid 'user' 'USER' "$user"
 is_object_valid 'web' 'DOMAIN' "$domain"
 is_object_value_exist 'web' 'DOMAIN' "$domain" '$SSL'
@@ -51,8 +51,8 @@ fi
 diff $dom_crt $vst_crt >/dev/null 2>&1
 if [ $? -ne 0 ]; then
     rm -f $vst_crt.old $vst_key.old
-    mv $vst_crt $vst_crt.old
-    mv $vst_key $vst_key.old
+    mv $vst_crt $vst_crt.old >/dev/null 2>&1
+    mv $vst_key $vst_key.old >/dev/null 2>&1
     cp $dom_crt $vst_crt 2>/dev/null
     cp $dom_key $vst_key 2>/dev/null
     chown root:mail $vst_crt $vst_key
@@ -60,6 +60,23 @@ else
     restart=no
 fi
 
+# Updating mail certificate
+case $MAIL_SYSTEM in
+    exim)           conf='/etc/exim/exim.conf';;
+    exim4)          conf='/etc/exim4/exim4.conf.template';;
+esac
+if [ -e "$conf" ]; then
+    sed -e "s|^tls_certificate.*|tls_certificate = $vst_crt|" \
+        -e "s|^tls_privatekey.*|tls_privatekey = $vst_key|" -i $conf
+fi
+
+# Updating imap certificate
+conf="/etc/dovecot/conf.d/10-ssl.conf"
+if [ ! -z "$IMAP_SYSTEM" ] && [ -e "$conf" ]; then
+    sed -e "s|ssl_cert.*|ssl_cert = <$vst_crt|" \
+        -e "s|ssl_key.*|ssl_key = <$vst_key|" -i $conf
+fi
+
 
 #----------------------------------------------------------#
 #                       Vesta                              #
diff --git a/bin/v-copy-sys-vesta-ssl b/bin/v-add-sys-vesta-ssl
similarity index 93%
rename from bin/v-copy-sys-vesta-ssl
rename to bin/v-add-sys-vesta-ssl
index 94a0cdfc..32cd6c14 100755
--- a/bin/v-copy-sys-vesta-ssl
+++ b/bin/v-add-sys-vesta-ssl
@@ -1,5 +1,5 @@
 #!/bin/bash
-# info: copy vesta ssl certificate
+# info: add vesta ssl certificate
 # options: USER DOMAIN [RESTART]
 #
 # The function copies user domain SSL to vesta SSL directory
@@ -67,10 +67,10 @@ fi
 
 # Restarting services
 if [ "$restart" != 'no' ]; then
-    if [ ! -z "$MAIL_SYSTEM" ]; then
+    if [ ! -z "$MAIL_SYSTEM" ] && [ -z "$MAIL_CERTIFICATE" ]; then
         $BIN/v-restart-service $MAIL_SYSTEM
     fi
-    if [ ! -z "$IMAP_SYSTEM" ]; then
+    if [ ! -z "$IMAP_SYSTEM" ] && [ -z "$MAIL_CERTIFICATE" ]; then
         $BIN/v-restart-service $IMAP_SYSTEM
     fi
     if [ ! -z "$FTP_SYSTEM" ]; then
diff --git a/bin/v-add-web-domain-ssl b/bin/v-add-web-domain-ssl
index a006d072..d7a209f1 100755
--- a/bin/v-add-web-domain-ssl
+++ b/bin/v-add-web-domain-ssl
@@ -120,6 +120,22 @@ check_result $? "Web restart failed" >/dev/null
 $BIN/v-restart-proxy $restart
 check_result $? "Proxy restart failed" >/dev/null
 
+# Updating system ssl dependencies
+if [ -z "$VESTA_CERTIFICATE" ]; then
+    crt_user=$(echo "$VESTA_CERTIFICATE" |cut -f 1 -d :)
+    crt_domain=$(echo "$VESTA_CERTIFICATE" |cut -f 2 -d :)
+    if [ "$user" = "$crt_user" ] && [ "$domain" = "$crt_domain" ]; then
+        $BIN/v-add-sys-vesta-ssl $user $domain >/dev/null 2>&1
+    fi
+fi
+if [ -z "$MAIL_CERTIFICATE" ]; then
+    crt_user=$(echo "$MAIL_CERTIFICATE" |cut -f 1 -d :)
+    crt_domain=$(echo "$MAIL_CERTIFICATE" |cut -f 2 -d :)
+    if [ "$user" = "$crt_user" ] && [ "$domain" = "$crt_domain" ]; then
+        $BIN/v-add-sys-mail-ssl $user $domain >/dev/null 2>&1
+    fi
+fi
+
 if [ ! -z "$UPDATE_HOSTNAME_SSL" ] && [ "$UPDATE_HOSTNAME_SSL" = "yes" ]; then
     hostname=$(hostname)
     if [ "$hostname" = "$domain" ]; then
diff --git a/bin/v-delete-sys-mail-ssl b/bin/v-delete-sys-mail-ssl
new file mode 100755
index 00000000..06dab82b
--- /dev/null
+++ b/bin/v-delete-sys-mail-ssl
@@ -0,0 +1,75 @@
+#!/bin/bash
+# info: delete sys vesta user ssl certificate
+# options: NONE
+#
+# The script disables user domain ssl synchronization
+
+
+#----------------------------------------------------------#
+#                  Variable & Function                     #
+#----------------------------------------------------------#
+
+# Includes
+source $VESTA/func/main.sh
+source $VESTA/conf/vesta.conf
+
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+vst_crt="$VESTA/ssl/certificate.crt"
+vst_key="$VESTA/ssl/certificate.key"
+
+# Updating mail certificate
+case $MAIL_SYSTEM in
+    exim)           conf='/etc/exim/exim.conf';;
+    exim4)          conf='/etc/exim4/exim4.conf.template';;
+esac
+if [ -e "$conf" ]; then
+    sed -e "s|^tls_certificate.*|tls_certificate = $vst_crt|" \
+        -e "s|^tls_privatekey.*|tls_privatekey = $vst_key|" -i $conf
+fi
+
+# Updating imap certificate
+conf="/etc/dovecot/conf.d/10-ssl.conf"
+if [ ! -z "$IMAP_SYSTEM" ] && [ -e "$conf" ]; then
+    sed -e "s|ssl_cert.*|ssl_cert = <$vst_crt|" \
+        -e "s|ssl_key.*|ssl_key = <$vst_key|" -i $conf
+fi
+
+# Moving old certificates
+if [ -e "$VESTA/ssl/mail.crt" ]; then
+    mv -f $VESTA/ssl/mail.crt $VESTA/ssl/mail.crt.old
+fi
+if [ -e "VESTA/ssl/mail.key" ]; then
+    mv $VESTA/ssl/mail.key VESTA/ssl/mail.key.old
+fi
+
+# Updating vesta.conf value
+sed -i "/MAIL_CERTIFICATE=/ d" $VESTA/conf/vesta.conf
+
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+# Restarting services
+if [ "$restart" != 'no' ]; then
+    if [ ! -z "$MAIL_SYSTEM" ]; then
+        $BIN/v-restart-service $MAIL_SYSTEM
+    fi
+    if [ ! -z "$IMAP_SYSTEM" ]; then
+        $BIN/v-restart-service $IMAP_SYSTEM
+    fi
+fi
+
+# Logging
+log_event "$OK" "$ARGUMENTS"
+
+exit
diff --git a/bin/v-delete-sys-vesta-ssl b/bin/v-delete-sys-vesta-ssl
new file mode 100755
index 00000000..e90f32b9
--- /dev/null
+++ b/bin/v-delete-sys-vesta-ssl
@@ -0,0 +1,37 @@
+#!/bin/bash
+# info: delete sys vesta user ssl certificate
+# options: NONE
+#
+# The script disables user domain ssl synchronization
+
+
+#----------------------------------------------------------#
+#                  Variable & Function                     #
+#----------------------------------------------------------#
+
+# Includes
+source $VESTA/func/main.sh
+source $VESTA/conf/vesta.conf
+
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Updating vesta.conf value
+sed -i "/VESTA_CERTIFICATE=/ d" $VESTA/conf/vesta.conf
+
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+# Logging
+log_event "$OK" "$ARGUMENTS"
+
+exit
diff --git a/bin/v-list-sys-config b/bin/v-list-sys-config
index 879c3ab3..7764af29 100755
--- a/bin/v-list-sys-config
+++ b/bin/v-list-sys-config
@@ -51,7 +51,9 @@ json_list() {
         "MAIL_URL": "'$MAIL_URL'",
         "DB_PMA_URL": "'$DB_PMA_URL'",
         "DB_PGA_URL": "'$DB_PGA_URL'",
-        "SOFTACULOUS": "'$SOFTACULOUS'"
+        "SOFTACULOUS": "'$SOFTACULOUS'",
+        "MAIL_CERTIFICATE": "'$MAIL_CERTIFICATE'",
+        "VESTA_CERTIFICATE": "'$VESTA_CERTIFICATE'"
     }
 }'
 }
@@ -138,6 +140,12 @@ shell_list() {
     if [ ! -z "$LANGUAGE" ] && [ "$LANGUAGE" != 'en' ]; then
         echo "Language:       $LANGUAGE"
     fi
+    if [ ! -z "$MAIL_CERTIFICATE" ]; then
+        echo "Mail SSL:       $MAIL_CERTIFICATE"
+    fi
+    if [ ! -z "$VESTA_CERTIFICATE" ]; then
+        echo "Vesta SSL:      $VESTA_CERTIFICATE"
+    fi
     echo "Version:        $VERSION"
 }
 
@@ -151,7 +159,8 @@ plain_list() {
     echo -ne "$CRON_SYSTEM\t$DISK_QUOTA\t$FIREWALL_SYSTEM\t"
     echo -ne "$FIREWALL_EXTENSION\t$FILEMANAGER_KEY\t$SFTPJAIL_KEY\t"
     echo -ne "$REPOSITORY\t$VERSION\t$LANGUAGE\t$BACKUP_GZIP\t$BACKUP\t"
-    echo -e "$MAIL_URL\t$DB_PMA_URL\t$DB_PGA_URL"
+    echo -ne "$MAIL_URL\t$DB_PMA_URL\t$DB_PGA_URL\t$MAIL_CERTIFICATE\t"
+    echo -e  "$VESTA_CERTIFICATE"
 }
 
 
@@ -165,7 +174,8 @@ csv_list() {
     echo -n "'CRON_SYSTEM','DISK_QUOTA','FIREWALL_SYSTEM',"
     echo -n "'FIREWALL_EXTENSION','FILEMANAGER_KEY','SFTPJAIL_KEY',"
     echo -n "'REPOSITORY','VERSION','LANGUAGE','BACKUP_GZIP','BACKUP',"
-    echo -n "'MAIL_URL','DB_PMA_URL','DB_PGA_URL'"
+    echo -n "'MAIL_URL','DB_PMA_URL','DB_PGA_URL', 'SOFTACULOUS',"
+    echo -n "'MAIL_CERTIFICATE','VESTA_CERTIFICATE'"
     echo
     echo -n "'$WEB_SYSTEM','$WEB_RGROUPS','$WEB_PORT','$WEB_SSL',"
     echo -n "'$WEB_SSL_PORT','$WEB_BACKEND','$PROXY_SYSTEM','$PROXY_PORT',"
@@ -176,6 +186,7 @@ csv_list() {
     echo -n "'$FIREWALL_EXTENSION','$FILEMANAGER_KEY','$SFTPJAIL_KEY',"
     echo -n "'$REPOSITORY','$VERSION','$LANGUAGE','$BACKUP_GZIP','$BACKUP',"
     echo -n "'$MAIL_URL','$DB_PMA_URL','$DB_PGA_URL', '$SOFTACULOUS'"
+    echo -n "'$MAIL_CERTIFICATE','$VESTA_CERTIFICATE'"
     echo
 }
 
@@ -187,7 +198,7 @@ csv_list() {
 # Listing data
 case $format in
     json)   json_list ;;
-    plain)  shell_list ;;
+    plain)  plain_list ;;
     csv)    csv_list ;;
     shell)  shell_list ;;
 esac
diff --git a/bin/v-list-sys-mail-ssl b/bin/v-list-sys-mail-ssl
new file mode 100755
index 00000000..5da74e08
--- /dev/null
+++ b/bin/v-list-sys-mail-ssl
@@ -0,0 +1,135 @@
+#!/bin/bash
+# info: list mail ssl certificate
+# options: [FORMAT]
+#
+# The function of obtaining mail ssl files.
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument definition
+format=${1-shell}
+
+# Includes
+source $VESTA/func/main.sh
+
+# JSON list function
+json_list() {
+    echo '{'
+    echo -e "\t\"MAIL\": {"
+    echo "        \"CRT\": \"$crt\","
+    echo "        \"KEY\": \"$key\","
+    echo "        \"CA\": \"$ca\","
+    echo "        \"SUBJECT\": \"$subj\","
+    echo "        \"ALIASES\": \"$alt_dns\","
+    echo "        \"NOT_BEFORE\": \"$before\","
+    echo "        \"NOT_AFTER\": \"$after\","
+    echo "        \"SIGNATURE\": \"$signature\","
+    echo "        \"PUB_KEY\": \"$pub_key\","
+    echo "        \"ISSUER\": \"$issuer\""
+    echo -e "\t}\n}"
+}
+
+# SHELL list function
+shell_list() {
+    if [ ! -z "$crt" ]; then
+        echo -e "$crt"
+    fi
+    if [ ! -z "$key" ]; then
+        echo -e "\n$key"
+    fi
+    if [ ! -z "$crt" ]; then
+        echo
+        echo
+        echo "SUBJECT:        $subj"
+        if [ ! -z "$alt_dns" ]; then
+            echo "ALIASES:        ${alt_dns//,/ }"
+        fi
+        echo "VALID FROM:     $before"
+        echo "VALID TIL:      $after"
+        echo "SIGNATURE:      $signature"
+        echo "PUB_KEY:        $pub_key"
+        echo "ISSUER:         $issuer"
+    fi
+}
+
+# PLAIN list function
+plain_list() {
+    if [ ! -z "$crt" ]; then
+        echo -e "$crt"
+    fi
+    if [ ! -z "$key" ]; then
+        echo -e "\n$key"
+    fi
+    if [ ! -z "$ca" ]; then
+        echo -e "\n$ca"
+    fi
+    if [ ! -z "$crt" ]; then
+        echo "$subj"
+        echo "${alt_dns//,/ }"
+        echo "$before"
+        echo "$after"
+        echo "$signature"
+        echo "$pub_key"
+        echo "$issuer"
+    fi
+
+}
+
+# CSV list function
+csv_list() {
+    echo -n "CRT,KEY,CA,SUBJECT,ALIASES,NOT_BEFORE,NOT_AFTER,SIGNATURE,"
+    echo "PUB_KEY,ISSUER"
+    echo -n "\"$crt\",\"$key\",\"$ca\",\"$subj\",\"${alt_dns//,/ }\","
+    echo "\"$before\",\"$after\",\"$signature\",\"$pub_key\",\"$issuer\""
+}
+
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Parsing SSL certificate
+if [ ! -e "$VESTA/ssl/mail.crt" ] || [ ! -e "$VESTA/ssl/mail.key" ]; then
+    exit
+fi
+
+crt=$(cat $VESTA/ssl/mail.crt |sed ':a;N;$!ba;s/\n/\\n/g')
+key=$(cat $VESTA/ssl/mail.key |sed ':a;N;$!ba;s/\n/\\n/g')
+
+
+# Parsing SSL certificate details without CA
+info=$(openssl x509 -text -in $VESTA/ssl/mail.crt)
+subj=$(echo "$info" |grep Subject: |cut -f 2 -d =)
+before=$(echo "$info" |grep Before: |sed -e "s/.*Before: //")
+after=$(echo "$info" |grep "After :" |sed -e "s/.*After : //")
+signature=$(echo "$info" |grep "Algorithm:" |head -n1 )
+signature=$(echo "$signature"| sed -e "s/.*Algorithm: //")
+pub_key=$(echo "$info" |grep Public-Key: |cut -f2 -d \( | tr -d \))
+issuer=$(echo "$info" |grep Issuer: |sed -e "s/.*Issuer: //")
+alt_dns=$(echo "$info" |grep DNS |sed -e 's/DNS:/\n/g' |tr -d ',')
+alt_dns=$(echo "$alt_dns" |tr -d ' ' |sed -e "/^$/d")
+alt_dns=$(echo "$alt_dns" |sed -e ':a;N;$!ba;s/\n/,/g')
+
+# Listing data
+case $format in
+    json)   json_list ;;
+    plain)  plain_list ;;
+    csv)    csv_list ;;
+    shell)  shell_list ;;
+esac
+
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+exit
diff --git a/bin/v-search-ssl-certificates b/bin/v-search-ssl-certificates
index 5a5c74bf..b392e810 100755
--- a/bin/v-search-ssl-certificates
+++ b/bin/v-search-ssl-certificates
@@ -18,23 +18,19 @@ source $VESTA/func/main.sh
 # JSON list function
 json_list() {
     IFS=$'\n'
-    i=1
     objects=$(echo "$search_cmd" |wc -l)
-    echo "{"
+    i=1
+    echo '['
     for str in $search_cmd; do
         eval $str
-        echo -n '    "'$i'": {
-        "USER": "'$USER'",
-        "DOMAIN": "'$DOMAIN'"
-    }'
         if [ "$i" -lt "$objects" ]; then
-            echo ','
+            echo -e  "\t\"$USER:$DOMAIN\","
         else
-            echo
+            echo -e  "\t\"$USER:$DOMAIN\""
         fi
-        ((i++))
+        (( ++i))
     done
-    echo '}'
+    echo "]"
 }
 
 # SHELL list function

From 80ebfc0daa96a8c82ad932390671d0f5cbc30bac Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Thu, 14 Mar 2019 00:44:32 +0200
Subject: [PATCH 0408/2300] frontend: user domain vesta ssl certificate support

---
 web/edit/server/index.php            | 171 ++++++++++++++++++++-----
 web/templates/admin/edit_server.html | 180 ++++++++++++++++++++++++---
 2 files changed, 302 insertions(+), 49 deletions(-)

diff --git a/web/edit/server/index.php b/web/edit/server/index.php
index a505e214..467596f8 100644
--- a/web/edit/server/index.php
+++ b/web/edit/server/index.php
@@ -78,20 +78,43 @@ foreach ($backup_types as $backup_type) {
     }
 }
 
+// List ssl web domains
+exec (VESTA_CMD."v-search-ssl-certificates json", $output, $return_var);
+$v_ssl_domains = json_decode(implode('', $output), true);
+//$v_vesta_certificate
+unset($output);
+
 // List ssl certificate info
 exec (VESTA_CMD."v-list-sys-vesta-ssl json", $output, $return_var);
-$ssl_str = json_decode(implode('', $output), true);
+$v_sys_ssl_str = json_decode(implode('', $output), true);
 unset($output);
-$v_ssl_crt = $ssl_str['VESTA']['CRT'];
-$v_ssl_key = $ssl_str['VESTA']['KEY'];
-$v_ssl_ca = $ssl_str['VESTA']['CA'];
-$v_ssl_subject = $ssl_str['VESTA']['SUBJECT'];
-$v_ssl_aliases = $ssl_str['VESTA']['ALIASES'];
-$v_ssl_not_before = $ssl_str['VESTA']['NOT_BEFORE'];
-$v_ssl_not_after = $ssl_str['VESTA']['NOT_AFTER'];
-$v_ssl_signature = $ssl_str['VESTA']['SIGNATURE'];
-$v_ssl_pub_key = $ssl_str['VESTA']['PUB_KEY'];
-$v_ssl_issuer = $ssl_str['VESTA']['ISSUER'];
+$v_sys_ssl_crt = $v_sys_ssl_str['VESTA']['CRT'];
+$v_sys_ssl_key = $v_sys_ssl_str['VESTA']['KEY'];
+$v_sys_ssl_ca = $v_sys_ssl_str['VESTA']['CA'];
+$v_sys_ssl_subject = $v_sys_ssl_str['VESTA']['SUBJECT'];
+$v_sys_ssl_aliases = $v_sys_ssl_str['VESTA']['ALIASES'];
+$v_sys_ssl_not_before = $v_sys_ssl_str['VESTA']['NOT_BEFORE'];
+$v_sys_ssl_not_after = $v_sys_ssl_str['VESTA']['NOT_AFTER'];
+$v_sys_ssl_signature = $v_sys_ssl_str['VESTA']['SIGNATURE'];
+$v_sys_ssl_pub_key = $v_sys_ssl_str['VESTA']['PUB_KEY'];
+$v_sys_ssl_issuer = $v_sys_ssl_str['VESTA']['ISSUER'];
+
+// List mail ssl certificate info
+if (!empty($_SESSION['VESTA_CERTIFICATE'])); {
+    exec (VESTA_CMD."v-list-sys-mail-ssl json", $output, $return_var);
+    $v_mail_ssl_str = json_decode(implode('', $output), true);
+    unset($output);
+    $v_mail_ssl_crt = $v_mail_ssl_str['MAIL']['CRT'];
+    $v_mail_ssl_key = $v_mail_ssl_str['MAIL']['KEY'];
+    $v_mail_ssl_ca = $v_mail_ssl_str['MAIL']['CA'];
+    $v_mail_ssl_subject = $v_mail_ssl_str['MAIL']['SUBJECT'];
+    $v_mail_ssl_aliases = $v_mail_ssl_str['MAIL']['ALIASES'];
+    $v_mail_ssl_not_before = $v_mail_ssl_str['MAIL']['NOT_BEFORE'];
+    $v_mail_ssl_not_after = $v_mail_ssl_str['MAIL']['NOT_AFTER'];
+    $v_mail_ssl_signature = $v_mail_ssl_str['MAIL']['SIGNATURE'];
+    $v_mail_ssl_pub_key = $v_mail_ssl_str['MAIL']['PUB_KEY'];
+    $v_mail_ssl_issuer = $v_mail_ssl_str['MAIL']['ISSUER'];
+}
 
 // Check POST request
 if (!empty($_POST['save'])) {
@@ -193,6 +216,47 @@ if (!empty($_POST['save'])) {
         }
     }
 
+
+    // Delete Mail Domain SSL certificate
+    if ((!isset($_POST['v_mail_ssl_domain_checkbox'])) && (!empty($_SESSION['MAIL_CERTIFICATE'])) && (empty($_SESSION['error_msg']))) {
+        unset($_SESSION['MAIL_CERTIFICATE']);
+        exec (VESTA_CMD."v-delete-sys-mail-ssl", $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+    }
+
+    // Updating Mail Domain SSL certificate
+    if ((isset($_POST['v_mail_ssl_domain_checkbox'])) && (isset($_POST['v_mail_ssl_domain'])) && (empty($_SESSION['error_msg']))) {
+        if ((!empty($_POST['v_mail_ssl_domain'])) && ($_POST['v_mail_ssl_domain'] != $_SESSION['MAIL_CERTIFICATE'])) {
+            $v_mail_ssl_str = explode(":", $_POST['v_mail_ssl_domain']);
+            $v_mail_ssl_user = escapeshellarg($v_mail_ssl_str[0]);
+            $v_mail_ssl_domain = escapeshellarg($v_mail_ssl_str[1]);
+            exec (VESTA_CMD."v-add-sys-mail-ssl ".$v_mail_ssl_user." ".$v_mail_ssl_domain, $output, $return_var);
+            check_return_code($return_var,$output);
+            unset($output);
+            unset($v_mail_ssl_str);
+
+            if (empty($_SESSION['error_msg'])) {
+                $_SESSION['MAIL_CERTIFICATE'] = $_POST['v_mail_ssl_domain'];
+
+                // List SSL certificate info
+                exec (VESTA_CMD."v-list-sys-mail-ssl json", $output, $return_var);
+                $v_mail_ssl_str = json_decode(implode('', $output), true);
+                unset($output);
+                $v_mail_ssl_crt = $v_mail_ssl_str['MAIL']['CRT'];
+                $v_mail_ssl_key = $v_mail_ssl_str['MAIL']['KEY'];
+                $v_mail_ssl_ca = $v_mail_ssl_str['MAIL']['CA'];
+                $v_mail_ssl_subject = $v_mail_ssl_str['MAIL']['SUBJECT'];
+                $v_mail_ssl_aliases = $v_mail_ssl_str['MAIL']['ALIASES'];
+                $v_mail_ssl_not_before = $v_mail_ssl_str['MAIL']['NOT_BEFORE'];
+                $v_mail_ssl_not_after = $v_mail_ssl_str['MAIL']['NOT_AFTER'];
+                $v_mail_ssl_signature = $v_mail_ssl_str['MAIL']['SIGNATURE'];
+                $v_mail_ssl_pub_key = $v_mail_ssl_str['MAIL']['PUB_KEY'];
+                $v_mail_ssl_issuer = $v_mail_ssl_str['MAIL']['ISSUER'];
+            }
+        }
+    }
+
     // Update webmail url
     if (empty($_SESSION['error_msg'])) {
         if ($_POST['v_mail_url'] != $_SESSION['MAIL_URL']) {
@@ -352,24 +416,67 @@ if (!empty($_POST['save'])) {
         }
     }
 
+
+
+    // Delete WEB Domain SSL certificate
+    if ((!isset($_POST['v_web_ssl_domain_checkbox'])) && (!empty($_SESSION['VESTA_CERTIFICATE'])) && (empty($_SESSION['error_msg']))) {
+        unset($_SESSION['VESTA_CERTIFICATE']);
+        exec (VESTA_CMD."v-delete-sys-vesta-ssl", $output, $return_var);
+        check_return_code($return_var,$output);
+        unset($output);
+    }
+
+    // Updating WEB Domain SSL certificate
+    if ((isset($_POST['v_web_ssl_domain_checkbox'])) && (isset($_POST['v_web_ssl_domain'])) && (empty($_SESSION['error_msg']))) {
+
+        if ((!empty($_POST['v_web_ssl_domain'])) && ($_POST['v_web_ssl_domain'] != $_SESSION['VESTA_CERTIFICATE'])) {
+            $v_web_ssl_str = explode(":", $_POST['v_web_ssl_domain']);
+            $v_web_ssl_user = escapeshellarg($v_web_ssl_str[0]);
+            $v_web_ssl_domain = escapeshellarg($v_web_ssl_str[1]);
+            exec (VESTA_CMD."v-add-sys-vesta-ssl ".$v_web_ssl_user." ".$v_web_ssl_domain, $output, $return_var);
+            check_return_code($return_var,$output);
+            unset($output);
+
+            if (empty($_SESSION['error_msg'])) {
+                $_SESSION['VESTA_CERTIFICATE'] = $_POST['v_web_ssl_domain'];
+
+                // List SSL certificate info
+                exec (VESTA_CMD."v-list-sys-vesta-ssl json", $output, $return_var);
+                $v_sys_ssl_str = json_decode(implode('', $output), true);
+                unset($output);
+                $v_sys_ssl_crt = $v_sys_ssl_str['VESTA']['CRT'];
+                $v_sys_ssl_key = $v_sys_ssl_str['VESTA']['KEY'];
+                $v_sys_ssl_ca = $v_sys_ssl_str['VESTA']['CA'];
+                $v_sys_ssl_subject = $v_sys_ssl_str['VESTA']['SUBJECT'];
+                $v_sys_ssl_aliases = $v_sys_ssl_str['VESTA']['ALIASES'];
+                $v_sys_ssl_not_before = $v_sys_ssl_str['VESTA']['NOT_BEFORE'];
+                $v_sys_ssl_not_after = $v_sys_ssl_str['VESTA']['NOT_AFTER'];
+                $v_sys_ssl_signature = $v_sys_ssl_str['VESTA']['SIGNATURE'];
+                $v_sys_ssl_pub_key = $v_sys_ssl_str['VESTA']['PUB_KEY'];
+                $v_sys_ssl_issuer = $v_sys_ssl_str['VESTA']['ISSUER'];
+            }
+        }
+    }
+
+
     // Update SSL certificate
-    if ((!empty($_POST['v_ssl_crt'])) && (empty($_SESSION['error_msg']))) {
-        if (($v_ssl_crt != str_replace("\r\n", "\n",  $_POST['v_ssl_crt'])) || ($v_ssl_key != str_replace("\r\n", "\n",  $_POST['v_ssl_key']))) {
+    if ((!empty($_POST['v_sys_ssl_crt'])) && (empty($_POST['v_web_ssl_domain'])) && (empty($_SESSION['error_msg']))) {
+        if (($v_sys_ssl_crt != str_replace("\r\n", "\n",  $_POST['v_sys_ssl_crt'])) || ($v_sys_ssl_key != str_replace("\r\n", "\n",  $_POST['v_sys_ssl_key']))) {
             exec ('mktemp -d', $mktemp_output, $return_var);
             $tmpdir = $mktemp_output[0];
 
             // Certificate
-            if (!empty($_POST['v_ssl_crt'])) {
+            if (!empty($_POST['v_sys_ssl_crt'])) {
                 $fp = fopen($tmpdir."/certificate.crt", 'w');
-                fwrite($fp, str_replace("\r\n", "\n",  $_POST['v_ssl_crt']));
+                fwrite($fp, str_replace("\r\n", "\n",  $_POST['v_sys_ssl_crt']));
                 fwrite($fp, "\n");
                 fclose($fp);
             }
 
             // Key
-            if (!empty($_POST['v_ssl_key'])) {
+            if (!empty($_POST['v_sys_ssl_key'])) {
                 $fp = fopen($tmpdir."/certificate.key", 'w');
-                fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_key']));
+                fwrite($fp, str_replace("\r\n", "\n", $_POST['v_sys_ssl_key']));
                 fwrite($fp, "\n");
                 fclose($fp);
             }
@@ -378,20 +485,22 @@ if (!empty($_POST['save'])) {
             check_return_code($return_var,$output);
             unset($output);
 
-            // List ssl certificate info
-            exec (VESTA_CMD."v-list-sys-vesta-ssl json", $output, $return_var);
-            $ssl_str = json_decode(implode('', $output), true);
-            unset($output);
-            $v_ssl_crt = $ssl_str['VESTA']['CRT'];
-            $v_ssl_key = $ssl_str['VESTA']['KEY'];
-            $v_ssl_ca = $ssl_str['VESTA']['CA'];
-            $v_ssl_subject = $ssl_str['VESTA']['SUBJECT'];
-            $v_ssl_aliases = $ssl_str['VESTA']['ALIASES'];
-            $v_ssl_not_before = $ssl_str['VESTA']['NOT_BEFORE'];
-            $v_ssl_not_after = $ssl_str['VESTA']['NOT_AFTER'];
-            $v_ssl_signature = $ssl_str['VESTA']['SIGNATURE'];
-            $v_ssl_pub_key = $ssl_str['VESTA']['PUB_KEY'];
-            $v_ssl_issuer = $ssl_str['VESTA']['ISSUER'];
+            if (empty($_SESSION['error_msg'])) {
+                // List ssl certificate info
+                exec (VESTA_CMD."v-list-sys-vesta-ssl json", $output, $return_var);
+                $v_sys_ssl_str = json_decode(implode('', $output), true);
+                unset($output);
+                $v_sys_ssl_crt = $v_sys_ssl_str['VESTA']['CRT'];
+                $v_sys_ssl_key = $v_sys_ssl_str['VESTA']['KEY'];
+                $v_sys_ssl_ca = $v_sys_ssl_str['VESTA']['CA'];
+                $v_sys_ssl_subject = $v_sys_ssl_str['VESTA']['SUBJECT'];
+                $v_sys_ssl_aliases = $v_sys_ssl_str['VESTA']['ALIASES'];
+                $v_sys_ssl_not_before = $v_sys_ssl_str['VESTA']['NOT_BEFORE'];
+                $v_sys_ssl_not_after = $v_sys_ssl_str['VESTA']['NOT_AFTER'];
+                $v_sys_ssl_signature = $v_sys_ssl_str['VESTA']['SIGNATURE'];
+                $v_sys_ssl_pub_key = $v_sys_ssl_str['VESTA']['PUB_KEY'];
+                $v_sys_ssl_issuer = $v_sys_ssl_str['VESTA']['ISSUER'];
+            }
         }
     }
 
diff --git a/web/templates/admin/edit_server.html b/web/templates/admin/edit_server.html
index 285a16c3..9de86222 100644
--- a/web/templates/admin/edit_server.html
+++ b/web/templates/admin/edit_server.html
@@ -280,13 +280,115 @@
                                                 


                                             
                                         

+                                                
+                                                            onclick="javascript:elementHideShow('mail_ssl');">
+                                                    
+                                                
+                                            

+                                                
+                                                    
+                                                        
+                                                    
+                                                    
+                                                        
+                                                    
+                                                    
+                                                        
+                                                    
+                                                
+                                                            
+                                                        

+                                                            
+                                                            


+                                                        

+                                                            
+                                                                
+                                                                    
+                                                                    
+                                                                
+                                                                
+                                                                
+                                                                    
+                                                                    
+                                                                
+                                                                
+                                                                
+                                                                    
+                                                                    
+                                                                
+                                                                
+                                                                    
+                                                                    
+                                                                
+                                                                
+                                                                    
+                                                                    
+                                                                
+                                                                
+                                                                    
+                                                                    
+                                                                
+                                                                
+                                                                    
+                                                                    
+                                                                
+                                                            
+                                                                        :
+                                                                    
+                                                                        
+                                                                    

+                                                                        :
+                                                                    
+                                                                        
+                                                                    

+                                                                        :
+                                                                    
+                                                                        
+                                                                    

+                                                                        :
+                                                                    
+                                                                        
+                                                                    

+                                                                        :
+                                                                    
+                                                                        
+                                                                    

+                                                                        :
+                                                                    
+                                                                        
+                                                                    

+                                                                        :
+                                                                    
+                                                                        
+                                                                    
+                                                        
+                                            
                                     
                                 
                             
 
 
-
                             
                                 
                                     
@@ -503,7 +605,8 @@
                                                 ">
                                                 


                                             
-                                                                                
+                                        
+                                        
                                             
                                                 
                                                  
@@ -513,9 +616,10 @@
                                         
                                             
                                                 
-                                                    
+                                                    
+                                                        

From a420465b39c6fd8e3cd417dab3bec7eef4b07d2d Mon Sep 17 00:00:00 2001
From: Olgerdas 
Date: Wed, 27 Mar 2019 19:35:10 +0200
Subject: [PATCH 0419/2300] Remove \n from dkim txt output

Some DNS providers (like cloudflare) do not allow in dkim txt record \n char. Fix is removing new line symbols (\n).
---
 bin/v-list-mail-domain-dkim-dns | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-list-mail-domain-dkim-dns b/bin/v-list-mail-domain-dkim-dns
index d7b3e2a6..8623089e 100755
--- a/bin/v-list-mail-domain-dkim-dns
+++ b/bin/v-list-mail-domain-dkim-dns
@@ -67,7 +67,7 @@ is_object_valid 'mail' 'DOMAIN' "$domain"
 
 # Parsing domain keys
 if [ -e "$USER_DATA/mail/$domain.pub" ]; then
-    pub=$(cat $USER_DATA/mail/$domain.pub |grep -v "KEY-----")
+    pub=$(cat $USER_DATA/mail/$domain.pub |grep -v "KEY-----" |tr -d "\n\r")
     pub=$(echo "$pub" |sed ':a;N;$!ba;s/\n/\\n/g')
 else
     pub="DKIM-SUPPORT-IS-NOT-ACTIVATED"

From cd3e1f95856963a5882bc4056f3b3e7fc2dfb72e Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Thu, 28 Mar 2019 14:28:48 +0100
Subject: [PATCH 0420/2300] Requested backups should also wait for night

---
 func/main.sh | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/func/main.sh b/func/main.sh
index 464b9727..3d731e11 100644
--- a/func/main.sh
+++ b/func/main.sh
@@ -967,8 +967,8 @@ wait_for_backup_if_it_is_not_time_for_backup() {
 
     # block backup if current hour is after 6 AM
     WAIT_LOOP_ENTERED=0
-    if pgrep -x "v-backup-users" > /dev/null
-    then
+    # if pgrep -x "v-backup-users" > /dev/null
+    # then
         hour=$(date +"%H");
         while [ "$hour" -gt "6" ] || [ "$hour" -lt "1" ]; do
             # if [ "$WAIT_LOOP_ENTERED" -eq 0 ]; then
@@ -985,5 +985,5 @@ wait_for_backup_if_it_is_not_time_for_backup() {
             sleep 300
             hour=$(date +"%H");
         done
-    fi
+    # fi
 }

From a181433231553ad101ee2ddd6e4b1eb2bbaa6f57 Mon Sep 17 00:00:00 2001
From: myrevery <16082142+myrevery@users.noreply.github.com>
Date: Sun, 31 Mar 2019 05:50:02 +0800
Subject: [PATCH 0421/2300] Update cn.php

Refine some details.
Format code and translate new keywords.
---
 web/inc/i18n/cn.php | 662 ++++++++++++++++++++++----------------------
 1 file changed, 331 insertions(+), 331 deletions(-)

diff --git a/web/inc/i18n/cn.php b/web/inc/i18n/cn.php
index d2c96311..6b6b9d28 100644
--- a/web/inc/i18n/cn.php
+++ b/web/inc/i18n/cn.php
@@ -10,104 +10,104 @@
  */
 
 $LANG['cn'] = array(
-    'Packages'  => '用户方案',
-    'IP'  => 'IP 地址',
-    'Graphs'  => '资源图表',
-    'Statistics'  => '统计信息',
-    'Log'  => '系统日志',
-    'Server'  => '服务器',
-    'Services'  => '系统服务',
+    'Packages' => '用户方案',
+    'IP' => 'IP 地址',
+    'Graphs' => '资源图表',
+    'Statistics' => '统计信息',
+    'Log' => '系统日志',
+    'Server' => '服务器',
+    'Services' => '系统服务',
     'Firewall' => '防火墙',
-    'Updates'  => '系统更新',
-    'Log in'  => '登录',
-    'Log out'  => '登出',
+    'Updates' => '系统更新',
+    'Log in' => '登录',
+    'Log out' => '登出',
 
-    'USER'  => '用户账户',
-    'WEB'  => 'Web 服务',
-    'DNS'  => 'DNS 服务',
-    'MAIL'  => '邮箱服务',
-    'DB'  => '数据库',
-    'CRON'  => '定时任务',
-    'BACKUP'  => '数据备份',
+    'USER' => '用户账户',
+    'WEB' => 'Web 服务',
+    'DNS' => 'DNS 服务',
+    'MAIL' => '邮箱服务',
+    'DB' => '数据库',
+    'CRON' => '定时任务',
+    'BACKUP' => '数据备份',
 
-    'LOGIN'  => '登录',
-    'RESET PASSWORD'  => '重置密码',
-    'SEARCH'  => '搜索',
-    'PACKAGE'  => '用户方案',
-    'RRD'  => '资源图表',
-    'STATS'  => '统计信息',
-    'LOG'  => '系统日志',
-    'UPDATES'  => '系统更新',
-    'FIREWALL'  => '防火墙',
-    'SERVER'  => '服务器',
-    'MEMORY'  => '内存',
-    'DISK'  => '磁盘',
-    'NETWORK'  => '网络',
-    'Web Log Manager'  => 'Web 日志管理',
+    'LOGIN' => '登录',
+    'RESET PASSWORD' => '重置密码',
+    'SEARCH' => '搜索',
+    'PACKAGE' => '用户方案',
+    'RRD' => '资源图表',
+    'STATS' => '统计信息',
+    'LOG' => '系统日志',
+    'UPDATES' => '系统更新',
+    'FIREWALL' => '防火墙',
+    'SERVER' => '服务器',
+    'MEMORY' => '内存',
+    'DISK' => '磁盘',
+    'NETWORK' => '网络',
+    'Web Log Manager' => 'Web 日志管理',
 
-    'no notifications'  => '没有通知',
+    'no notifications' => '没有通知',
 
-    'Add User'  => '添加用户',
-    'Add Domain'  => '添加域名',
+    'Add User' => '添加用户',
+    'Add Domain' => '添加域名',
     'Add Web Domain' => '添加网站域名',
-    'Add DNS Domain'  => '添加DNS域名',
-    'Add DNS Record'  => '添加DNS记录',
-    'Add Mail Domain'  => '添加邮箱域名',
-    'Add Mail Account'  => '添加邮箱账户',
-    'Add Database'  => '添加数据库',
-    'Add Cron Job'  => '添加定时任务',
-    'Create Backup'  => '创建备份',
-    'Configure'  => '配置',
-    'Restore All'  => '全部恢复',
-    'Add Package'  => '添加方案',
-    'Add IP'  => '添加IP地址',
+    'Add DNS Domain' => '添加DNS域名',
+    'Add DNS Record' => '添加DNS记录',
+    'Add Mail Domain' => '添加邮箱域名',
+    'Add Mail Account' => '添加邮箱账户',
+    'Add Database' => '添加数据库',
+    'Add Cron Job' => '添加定时任务',
+    'Create Backup' => '创建备份',
+    'Configure' => '配置',
+    'Restore All' => '全部恢复',
+    'Add Package' => '添加方案',
+    'Add IP' => '添加IP地址',
     'Add Rule' => '添加规则',
     'Ban IP Address' => '封锁IP地址',
-    'Search'  => '搜索',
+    'Search' => '搜索',
     'Add one more FTP Account' => '增加一个FTP账户',
-    'Overall Statistics'  => '整体统计信息',
-    'Daily'  => '按天',
-    'Weekly'  => '按周',
-    'Monthly'  => '按月',
-    'Yearly'  => '按年',
-    'Add'  => '添加',
-    'Back'  => '返回',
-    'Save'  => '保存',
-    'Submit'  => '提交',
+    'Overall Statistics' => '整体统计信息',
+    'Daily' => '按天',
+    'Weekly' => '按周',
+    'Monthly' => '按月',
+    'Yearly' => '按年',
+    'Add' => '添加',
+    'Back' => '返回',
+    'Save' => '保存',
+    'Submit' => '提交',
 
-    'toggle all'  => '批量操作',
-    'apply to selected'  => '应用于选中项的操作',
-    'rebuild'  => '重建',
-    'rebuild web'  => '重建网站',
-    'rebuild dns'  => '重建DNS',
-    'rebuild mail'  => '重建邮箱',
-    'rebuild db'  => '重建数据库',
-    'rebuild cron'  => '重建定时任务',
-    'update counters'  => '更新计数器',
-    'suspend'  => '暂停',
-    'unsuspend'  => '解除暂停',
-    'delete'  => '删除',
-    'show per user'  => '按用户显示',
-    'login as'  => '登录至账户',
-    'logout'  => '登出',
-    'edit'  => '编辑',
-    'open webstats'  => '打开网站统计',
-    'view logs'  => '查看日志',
-    'list records'  => '列出 %s 条记录',
-    'add record'  => '添加记录',
-    'list accounts'  => '列出 %s 个账户',
-    'add account'  => '添加账户',
-    'open webmail'  => '打开网页邮箱',
+    'toggle all' => '批量操作',
+    'apply to selected' => '应用于选中项的操作',
+    'rebuild' => '重建',
+    'rebuild web' => '重建网站',
+    'rebuild dns' => '重建DNS',
+    'rebuild mail' => '重建邮箱',
+    'rebuild db' => '重建数据库',
+    'rebuild cron' => '重建定时任务',
+    'update counters' => '更新计数器',
+    'suspend' => '暂停',
+    'unsuspend' => '解除暂停',
+    'delete' => '删除',
+    'show per user' => '按用户显示',
+    'login as' => '登录至账户',
+    'logout' => '登出',
+    'edit' => '编辑',
+    'open webstats' => '打开网站统计',
+    'view logs' => '查看日志',
+    'list records' => '列出 %s 条记录',
+    'add record' => '添加记录',
+    'list accounts' => '列出 %s 个账户',
+    'add account' => '添加账户',
+    'open webmail' => '打开网页邮箱',
     'list fail2ban' => 'Fail2ban 封锁名单',
-    'open %s'  => '打开 %s',
-    'download'  => '下载',
-    'restore'  => '恢复',
-    'configure restore settings'  => '配置恢复',
-    'stop'  => '停止',
-    'start'  => '启动',
-    'restart'  => '重新启动',
-    'update'  => '更新',
-    'generate'  => '生成',
+    'open %s' => '打开 %s',
+    'download' => '下载',
+    'restore' => '恢复',
+    'configure restore settings' => '配置恢复',
+    'stop' => '停止',
+    'start' => '启动',
+    'restart' => '重新启动',
+    'update' => '更新',
+    'generate' => '生成',
     'Generate CSR' => '生成CSR',
     'reread IP' => '重新读取IP',
     'enable autoupdate' => '启用自动更新',
@@ -116,41 +116,41 @@ $LANG['cn'] = array(
     'turn off notifications' => '停用通知',
     'configure' => '配置',
 
-    'Adding User'  => '添加用户',
-    'Editing User'  => '编辑用户',
-    'Adding Domain'  => '添加域名',
-    'Editing Domain'  => '编辑域名',
-    'Adding DNS Domain'  => '添加DNS域名',
-    'Editing DNS Domain'  => '编辑DNS域名',
-    'Adding DNS Record'  => '添加DNS记录',
-    'Editing DNS Record'  => '编辑DNS记录',
-    'Adding Mail Domain'  => '添加邮箱域名',
-    'Editing Mail Domain'  => '编辑邮箱域名',
-    'Adding Mail Account'  => '添加邮箱账户',
-    'Editing Mail Account'  => '编辑邮箱账户',
-    'Adding database'  => '添加数据库',
-    'Editing Cron Job'  => '编辑定时任务',
-    'Adding Cron Job'  => '添加定时任务',
-    'Editing Database'  => '编辑数据库',
-    'Adding Package'  => '添加方案',
-    'Editing Package'  => '编辑方案',
-    'Adding IP address'  => '添加IP地址',
-    'Editing IP Address'  => '编辑IP地址',
+    'Adding User' => '添加用户',
+    'Editing User' => '编辑用户',
+    'Adding Domain' => '添加域名',
+    'Editing Domain' => '编辑域名',
+    'Adding DNS Domain' => '添加DNS域名',
+    'Editing DNS Domain' => '编辑DNS域名',
+    'Adding DNS Record' => '添加DNS记录',
+    'Editing DNS Record' => '编辑DNS记录',
+    'Adding Mail Domain' => '添加邮箱域名',
+    'Editing Mail Domain' => '编辑邮箱域名',
+    'Adding Mail Account' => '添加邮箱账户',
+    'Editing Mail Account' => '编辑邮箱账户',
+    'Adding database' => '添加数据库',
+    'Editing Cron Job' => '编辑定时任务',
+    'Adding Cron Job' => '添加定时任务',
+    'Editing Database' => '编辑数据库',
+    'Adding Package' => '添加方案',
+    'Editing Package' => '编辑方案',
+    'Adding IP address' => '添加IP地址',
+    'Editing IP Address' => '编辑IP地址',
     'Editing Backup Exclusions' => '配置需排除备份的项目',
     'Generating CSR' => '生成CSR',
-    'Listing'  => '列出',
-    'Search Results'  => '搜索结果',
+    'Listing' => '列出',
+    'Search Results' => '搜索结果',
     'Adding Firewall Rule' => '添加防火墙规则',
     'Editing Firewall Rule' => '编辑防火墙规则',
     'Adding IP Address to Banlist' => '添加IP至封锁名单',
 
-    'active'  => '正常',
-    'spnd'  => '暂停',
-    'suspended'  => '已暂停',
-    'running'  => '运行中',
-    'stopped'  => '已停止',
-    'outdated'  => '可升级新版本',
-    'updated'  => '已是最新版本',
+    'active' => '正常',
+    'spnd' => '暂停',
+    'suspended' => '已暂停',
+    'running' => '运行中',
+    'stopped' => '已停止',
+    'outdated' => '可升级新版本',
+    'updated' => '已是最新版本',
 
     'yes' => '是',
     'no' => '否',
@@ -185,13 +185,13 @@ $LANG['cn'] = array(
     'per domain' => '每域名',
     'DNS Domains' => 'DNS域名',
     'DNS domains' => 'DNS域名',
-    'DNS records'  => 'DNS记录',
+    'DNS records' => 'DNS记录',
     'Name Servers' => 'DNS服务器',
     'Mail Domains' => '邮箱域名',
     'Mail Accounts' => '邮箱账户',
     'Cron Jobs' => '定时任务',
     'SSH Access' => 'SSH权限',
-    'IP Address'  => 'IP地址',
+    'IP Address' => 'IP地址',
     'IP Addresses' => 'IP地址',
     'Backups' => '备份',
     'Backup System' => '备份系统',
@@ -199,19 +199,19 @@ $LANG['cn'] = array(
     'template' => '模板',
     'SSL Support' => '启用SSL',
     'SSL Home Directory' => 'SSL站点主目录',
-    'Lets Encrypt Support'  => '采用 Let's Encrypt',
-    'Lets Encrypt'  => 'Let's Encrypt',
+    'Lets Encrypt Support' => '采用 Let's Encrypt',
+    'Lets Encrypt' => 'Let's Encrypt',
     'Your certificate will be automatically issued in 5 minutes' => '证书将在5分钟内自动完成签发',
     'Proxy Support' => '反向代理',
     'Proxy Extensions' => '需代理的文件扩展名',
     'Web Statistics' => '网站统计',
     'Additional FTP Account' => '额外的FTP账户',
-    'Path'  => '路径',
+    'Path' => '路径',
     'SOA' => 'SOA',
     'TTL' => 'TTL',
     'Expire' => '过期',
     'Records' => '记录',
-    'Serial'  => '序号',
+    'Serial' => '序号',
     'Catchall email' => '未知收件人聚合邮箱',
     'AntiVirus Support' => '防病毒支持',
     'AntiSpam Support' => '防垃圾邮件支持',
@@ -221,16 +221,16 @@ $LANG['cn'] = array(
     'Autoreply' => '自动回复',
     'Forward to' => '转发到',
     'Do not store forwarded mail' => '不保留已转发的邮件',
-    'IMAP hostname'  => 'IMAP 服务器',
-    'IMAP port'  => 'IMAP 端口',
-    'IMAP security'  => 'IMAP 安全性',
-    'IMAP auth method'  => 'IMAP 身份验证',
-    'SMTP hostname'  => 'SMTP 服务器',
-    'SMTP port'  => 'SMTP 端口',
-    'SMTP security'  => 'SMTP 安全性',
-    'SMTP auth method'  => 'SMTP 身份验证',
-    'STARTTLS'  => 'STARTTLS',
-    'Normal password'  => '普通密码',
+    'IMAP hostname' => 'IMAP 服务器',
+    'IMAP port' => 'IMAP 端口',
+    'IMAP security' => 'IMAP 安全类型',
+    'IMAP auth method' => 'IMAP 身份验证',
+    'SMTP hostname' => 'SMTP 服务器',
+    'SMTP port' => 'SMTP 端口',
+    'SMTP security' => 'SMTP 安全类型',
+    'SMTP auth method' => 'SMTP 身份验证',
+    'STARTTLS' => 'STARTTLS',
+    'Normal password' => '普通密码',
     'database' => '数据库',
     'User' => '用户名称',
     'Host' => '主机',
@@ -249,137 +249,137 @@ $LANG['cn'] = array(
     'shared' => '共享',
     'dedicated' => '独立',
     'Owner' => '归属',
-    'Users'  => '用户',
-    'Load Average'  => '平均负载',
-    'Memory Usage'  => '内存使用情况',
-    'APACHE2 Usage'  => 'Apache2 使用情况',
-    'HTTPD Usage'  => 'HTTPD 使用情况',
-    'NGINX Usage'  => 'NGINX 使用情况',
-    'MySQL Usage on localhost'  => 'MySQL 使用情况 (localhost)',
-    'PostgreSQL Usage on localhost'  => 'PostgreSQL 使用情况 (localhost)',
-    'Bandwidth Usage eth0'  => '网络使用情况 (eth0)',
-    'Bandwidth Usage eth1'  => '网络使用情况 (eth1)',
-    'Bandwidth Usage venet0'  => '网络使用情况 (venet0)',
-    'Bandwidth Usage venet1'  => '网络使用情况 (venet1)',
-    'Exim Usage'  => 'Exim 使用情况',
-    'FTP Usage'  => 'FTP 使用情况',
-    'SSH Usage'  => 'SSH 使用情况',
-    'reverse proxy'  => '反向代理',
-    'web server'  => 'Web服务',
+    'Users' => '用户',
+    'Load Average' => '平均负载',
+    'Memory Usage' => '内存使用情况',
+    'APACHE2 Usage' => 'Apache2 使用情况',
+    'HTTPD Usage' => 'HTTPD 使用情况',
+    'NGINX Usage' => 'NGINX 使用情况',
+    'MySQL Usage on localhost' => 'MySQL 使用情况 (localhost)',
+    'PostgreSQL Usage on localhost' => 'PostgreSQL 使用情况 (localhost)',
+    'Bandwidth Usage eth0' => '网络使用情况 (eth0)',
+    'Bandwidth Usage eth1' => '网络使用情况 (eth1)',
+    'Bandwidth Usage venet0' => '网络使用情况 (venet0)',
+    'Bandwidth Usage venet1' => '网络使用情况 (venet1)',
+    'Exim Usage' => 'Exim 使用情况',
+    'FTP Usage' => 'FTP 使用情况',
+    'SSH Usage' => 'SSH 使用情况',
+    'reverse proxy' => '反向代理',
+    'web server' => 'Web服务',
     'backend server' => '后端服务', //New Keyword for PHP-FPM in SERVER page.
-    'dns server'  => 'DNS服务',
-    'mail server'  => '邮箱服务',
-    'pop/imap server'  => 'POP/IMAP服务',
-    'email antivirus'  => '邮箱防病毒',
-    'email antispam'  => '防垃圾邮件',
-    'database server'  => '数据库服务',
-    'ftp server'  => 'FTP服务',
-    'job scheduler'  => '执行定时任务',
-    'firewall'  => '防火墙服务',
-    'brute-force monitor'  => '防范暴力攻击',
-    'CPU'  => 'CPU',
-    'Memory'  => '内存',
-    'Uptime'  => '已运行时间',
-    'core package'  => '核心系统',
-    'php interpreter'  => 'PHP解释器',
-    'internal web server'  => '内部Web服务',
-    'Version'  => '版本',
-    'Release'  => '发布号',
-    'Architecture'  => '架构',
-    'Object'  => '对象',
-    'Username'  => '用户名称',
-    'Password'  => '密码',
-    'Email'  => '电子邮箱',
-    'Package'  => '方案',
-    'Language'  => '语言',
-    'First Name'  => '名字',
-    'Last Name'  => '姓氏',
-    'Send login credentials to email address'  => '将登录信息发送到邮箱',
-    'Default Template'  => '默认模板',
-    'Default Name Servers'  => '默认DNS服务器',
-    'Domain'  => '域名',
-    'DNS Support'  => 'DNS支持',
-    'Mail Support'  => '邮箱支持',
-    'Advanced options'  => '高级选项',
-    'Basic options'  => '基本选项',
-    'Aliases'  => '别名',
-    'SSL Certificate'  => 'SSL证书',
-    'SSL Key'  => 'SSL密钥',
-    'SSL Certificate Authority / Intermediate'  => 'CA证书或中级证书',
+    'dns server' => 'DNS服务',
+    'mail server' => '邮箱服务',
+    'pop/imap server' => 'POP/IMAP服务',
+    'email antivirus' => '邮箱防病毒',
+    'email antispam' => '防垃圾邮件',
+    'database server' => '数据库服务',
+    'ftp server' => 'FTP服务',
+    'job scheduler' => '执行定时任务',
+    'firewall' => '防火墙服务',
+    'brute-force monitor' => '防范暴力攻击',
+    'CPU' => 'CPU',
+    'Memory' => '内存',
+    'Uptime' => '已运行时间',
+    'core package' => '核心系统',
+    'php interpreter' => 'PHP解释器',
+    'internal web server' => '内部Web服务',
+    'Version' => '版本',
+    'Release' => '发布号',
+    'Architecture' => '架构',
+    'Object' => '对象',
+    'Username' => '用户名称',
+    'Password' => '密码',
+    'Email' => '电子邮箱',
+    'Package' => '方案',
+    'Language' => '语言',
+    'First Name' => '名字',
+    'Last Name' => '姓氏',
+    'Send login credentials to email address' => '将登录信息发送到邮箱',
+    'Default Template' => '默认模板',
+    'Default Name Servers' => '默认DNS服务器',
+    'Domain' => '域名',
+    'DNS Support' => 'DNS支持',
+    'Mail Support' => '邮箱支持',
+    'Advanced options' => '高级选项',
+    'Basic options' => '基本选项',
+    'Aliases' => '别名',
+    'SSL Certificate' => 'SSL证书',
+    'SSL Key' => 'SSL密钥',
+    'SSL Certificate Authority / Intermediate' => 'CA证书或中级证书',
     'SSL CSR' => 'SSL CSR',
-    'optional'  => '可选',
+    'optional' => '可选',
     'internal' => '内部',
-    'Statistics Authorization'  => '统计授权',
-    'Statistics Auth'  => '统计验证',
-    'Account'  => '账户',
-    'Prefix will be automaticaly added to username'  => '用户名称将会自动添加 %s 前缀',
-    'Send FTP credentials to email'  => '将FTP登录信息发送到邮箱',
-    'Expiration Date'  => '到期日期',
-    'YYYY-MM-DD'  => 'YYYY-MM-DD',
-    'Name servers'  => 'DNS服务器',
-    'Record'  => '记录',
-    'IP or Value'  => 'IP或值',
-    'Priority'  => '优先级',
+    'Statistics Authorization' => '统计授权',
+    'Statistics Auth' => '统计验证',
+    'Account' => '账户',
+    'Prefix will be automaticaly added to username' => '用户名称将会自动添加 %s 前缀',
+    'Send FTP credentials to email' => '将FTP登录信息发送到邮箱',
+    'Expiration Date' => '到期日期',
+    'YYYY-MM-DD' => 'YYYY-MM-DD',
+    'Name servers' => 'DNS服务器',
+    'Record' => '记录',
+    'IP or Value' => 'IP或值',
+    'Priority' => '优先级',
     'Record Number' => '记录编号',
-    'in megabytes'  => '以MB为单位',
-    'Message'  => '信息',
-    'use local-part'  => '采用 local-part',
-    'one or more email addresses'  => '一个或更多邮箱地址',
-    'Prefix will be automaticaly added to database name and database user'  => '数据库名及用户名将会自动添加 %s 前缀',
-    'Database'  => '数据库名称',
-    'Type'  => '类型',
-    'Minute'  => '分',
-    'Command'  => '指令',
-    'Package Name'  => '方案名称',
-    'Netmask'  => '子网掩码',
-    'Interface'  => '网络接口',
-    'Shared'  => '共享',
-    'Assigned user'  => '指定用户',
-    'Assigned domain'  => '指定域名',
+    'in megabytes' => '以MB为单位',
+    'Message' => '信息',
+    'use local-part' => '使用域内部分',
+    'one or more email addresses' => '一个或更多邮箱地址',
+    'Prefix will be automaticaly added to database name and database user' => '数据库名及用户名将会自动添加 %s 前缀',
+    'Database' => '数据库名称',
+    'Type' => '类型',
+    'Minute' => '分',
+    'Command' => '指令',
+    'Package Name' => '方案名称',
+    'Netmask' => '子网掩码',
+    'Interface' => '网络接口',
+    'Shared' => '共享',
+    'Assigned user' => '指定用户',
+    'Assigned domain' => '指定域名',
     'NAT IP association' => 'NAT IP 关联',
-    'shell'  => 'shell',
-    'web domains'  => '网站域名',
-    'web aliases'  => '网站别名',
-    'dns records'  => 'DNS记录',
-    'mail domains'  => '邮箱域名',
-    'mail accounts'  => '邮箱账户',
-    'accounts'  => '账户',
-    'databases'  => '数据库',
-    'cron jobs'  => '定时任务',
-    'backups'  => '备份',
-    'quota'  => '配额',
-    'day of week'  => '星期几',
-    'cmd'  => '指令',
-    'users'  => '用户',
-    'domains'  => '域名',
-    'aliases'  => '别名',
-    'records'  => '记录',
-    'jobs'  => '任务',
-    'username'  => '用户名称',
-    'password'  => '密码',
-    'type'  => '类型',
-    'charset'  => '编码',
-    'domain'  => '域名',
-    'ip'  => 'IP',
-    'ip address'  => 'IP地址',
-    'IP address'  => 'IP地址',
-    'netmask'  => '子网掩码',
-    'interface'  => '网络接口',
-    'assigned user'  => '指定用户',
-    'ns1'  => 'ns1',
-    'ns2'  => 'ns2',
-    'user'  => '用户',
-    'email'  => '邮箱',
-    'first name'  => '名字',
-    'last name'  => '姓氏',
-    'account'  => '账户',
-    'ssl certificate'  => 'SSL证书',
-    'ssl key'  => 'SSL密钥',
-    'stats user password'  => '统计用户账户密码',
-    'stats username'  => '统计用户名称',
-    'stats password'  => '统计密码',
-    'ftp user password'  => 'FTP用户账户密码',
-    'ftp user'  => 'FTP用户',
+    'shell' => 'shell',
+    'web domains' => '网站域名',
+    'web aliases' => '网站别名',
+    'dns records' => 'DNS记录',
+    'mail domains' => '邮箱域名',
+    'mail accounts' => '邮箱账户',
+    'accounts' => '账户',
+    'databases' => '数据库',
+    'cron jobs' => '定时任务',
+    'backups' => '备份',
+    'quota' => '配额',
+    'day of week' => '星期几',
+    'cmd' => '指令',
+    'users' => '用户',
+    'domains' => '域名',
+    'aliases' => '别名',
+    'records' => '记录',
+    'jobs' => '任务',
+    'username' => '用户名称',
+    'password' => '密码',
+    'type' => '类型',
+    'charset' => '编码',
+    'domain' => '域名',
+    'ip' => 'IP',
+    'ip address' => 'IP地址',
+    'IP address' => 'IP地址',
+    'netmask' => '子网掩码',
+    'interface' => '网络接口',
+    'assigned user' => '指定用户',
+    'ns1' => 'ns1',
+    'ns2' => 'ns2',
+    'user' => '用户',
+    'email' => '邮箱',
+    'first name' => '名字',
+    'last name' => '姓氏',
+    'account' => '账户',
+    'ssl certificate' => 'SSL证书',
+    'ssl key' => 'SSL密钥',
+    'stats user password' => '统计用户账户密码',
+    'stats username' => '统计用户名称',
+    'stats password' => '统计密码',
+    'ftp user password' => 'FTP用户账户密码',
+    'ftp user' => 'FTP用户',
     'Last 70 lines of %s.%s.log' => '%s.%s.log 的最后 70 行',
     'AccessLog' => '访问日志',
     'ErrorLog' => '错误日志',
@@ -417,48 +417,48 @@ $LANG['cn'] = array(
     'cron' => '任务',
     'user dir' => '用户目录',
 
-    'unlimited'  => '无限',
-    '1 account'  => '1 个账户',
-    '%s accounts'  => '%s 个账户',
-    '1 domain'  => '1 个域名',
-    '%s domains'  => '%s 个域名',
-    '1 record'  => '1 条记录',
-    '%s records'  => '%s 条记录',
-    '1 mail account'  => '1 个邮箱账户',
-    '%s mail accounts'  => '%s 个邮箱账户',
-    '1 database'  => '1 个数据库',
-    '%s databases'  => '%s 个数据库',
-    '1 cron job'  => '1 个任务',
-    '%s cron jobs'  => '%s 个任务',
-    '1 archive'  => '1 个存档',
-    '%s archives'  => '%s 个存档',
-    '1 item'  => '1 个项目',
-    '%s items'  => '%s 个项目',
-    '1 package'  => '1 个方案',
-    '%s packages'  => '%s 个方案',
-    '1 IP address'  => '1 个IP地址',
-    '%s IP addresses'  => '%s 个IP地址',
-    '1 month'  => '1 个月',
-    '%s months'  => '%s 个月',
-    '1 log record'  => '1 条日志记录',
-    '%s log records'  => '%s 条日志记录',
-    '1 object'  => '1 个对象',
-    '%s objects'  => '%s 个对象',
+    'unlimited' => '无限',
+    '1 account' => '1 个账户',
+    '%s accounts' => '%s 个账户',
+    '1 domain' => '1 个域名',
+    '%s domains' => '%s 个域名',
+    '1 record' => '1 条记录',
+    '%s records' => '%s 条记录',
+    '1 mail account' => '1 个邮箱账户',
+    '%s mail accounts' => '%s 个邮箱账户',
+    '1 database' => '1 个数据库',
+    '%s databases' => '%s 个数据库',
+    '1 cron job' => '1 个任务',
+    '%s cron jobs' => '%s 个任务',
+    '1 archive' => '1 个存档',
+    '%s archives' => '%s 个存档',
+    '1 item' => '1 个项目',
+    '%s items' => '%s 个项目',
+    '1 package' => '1 个方案',
+    '%s packages' => '%s 个方案',
+    '1 IP address' => '1 个IP地址',
+    '%s IP addresses' => '%s 个IP地址',
+    '1 month' => '1 个月',
+    '%s months' => '%s 个月',
+    '1 log record' => '1 条日志记录',
+    '%s log records' => '%s 条日志记录',
+    '1 object' => '1 个对象',
+    '%s objects' => '%s 个对象',
     'no exclusions' => '没有被排除的项目',
     '1 rule' => '1 条规则',
     '%s rules' => '%s 条规则',
     'There are no currently banned IP' => '目前没有被封锁的IP地址',
 
-    'USER_CREATED_OK'  => '用户 %s 已添加成功',
-    'WEB_DOMAIN_CREATED_OK'  => '网站域名 %s 已添加成功',
-    'DNS_DOMAIN_CREATED_OK'  => 'DNS域名 %s 已添加成功',
-    'DNS_RECORD_CREATED_OK'  => '记录 %s.%s 已添加成功',
-    'MAIL_DOMAIN_CREATED_OK'  => '邮箱域名 %s 已添加成功',
-    'MAIL_ACCOUNT_CREATED_OK'  => '邮箱账户 %s@%s 已添加成功',
-    'DATABASE_CREATED_OK'  => '数据库 %s 已添加成功',
-    'CRON_CREATED_OK'  => '定时任务已添加成功',
-    'IP_CREATED_OK'  => 'IP地址 %s 已添加成功',
-    'PACKAGE_CREATED_OK'  => '方案 %s 已添加成功',
+    'USER_CREATED_OK' => '用户 %s 已添加成功',
+    'WEB_DOMAIN_CREATED_OK' => '网站域名 %s 已添加成功',
+    'DNS_DOMAIN_CREATED_OK' => 'DNS域名 %s 已添加成功',
+    'DNS_RECORD_CREATED_OK' => '记录 %s.%s 已添加成功',
+    'MAIL_DOMAIN_CREATED_OK' => '邮箱域名 %s 已添加成功',
+    'MAIL_ACCOUNT_CREATED_OK' => '邮箱账户 %s@%s 已添加成功',
+    'DATABASE_CREATED_OK' => '数据库 %s 已添加成功',
+    'CRON_CREATED_OK' => '定时任务已添加成功',
+    'IP_CREATED_OK' => 'IP地址 %s 已添加成功',
+    'PACKAGE_CREATED_OK' => '方案 %s 已添加成功',
     'SSL_GENERATED_OK' => 'SSL证书已生成成功',
     'RULE_CREATED_OK' => '规则已创建成功',
     'BANLIST_CREATED_OK' => 'IP地址已封锁成功',
@@ -466,8 +466,8 @@ $LANG['cn'] = array(
     'Autoupdate has been successfully disabled' => '自动更新已成功关闭',
     'Cronjob email reporting has been successfully enabled' => '定时任务的电子邮件报告已成功启用',
     'Cronjob email reporting has been successfully disabled' => '定时任务的电子邮件报告已成功关闭',
-    'Changes has been saved.'  => '已保存更改',
-    'Confirmation'  => '确认',
+    'Changes has been saved.' => '已保存更改',
+    'Confirmation' => '确认',
     'DELETE_USER_CONFIRMATION' => '确定要删除用户 %s 吗？',
     'SUSPEND_USER_CONFIRMATION' => '确定要暂停用户 %s 吗？',
     'UNSUSPEND_USER_CONFIRMATION' => '确定要解除暂停用户 %s 吗？',
@@ -486,31 +486,31 @@ $LANG['cn'] = array(
     'DELETE_CRON_CONFIRMATION' => '确定要删除定时任务吗？',
     'SUSPEND_CRON_CONFIRMATION' => '确定要暂停定时任务吗？',
     'UNSUSPEND_CRON_CONFIRMATION' => '确定要解除暂停定时任务吗？',
-    'DELETE_BACKUP_CONFIRMATION'  => '确定要删除 %s 备份吗？',
+    'DELETE_BACKUP_CONFIRMATION' => '确定要删除 %s 备份吗？',
     'DELETE_EXCLUSION_CONFIRMATION' => '确定要删除 %s 例外吗？',
-    'DELETE_PACKAGE_CONFIRMATION'  => '确定要删除方案 %s 吗？',
-    'DELETE_IP_CONFIRMATION'  => '确定要删除IP地址 %s 吗？',
+    'DELETE_PACKAGE_CONFIRMATION' => '确定要删除方案 %s 吗？',
+    'DELETE_IP_CONFIRMATION' => '确定要删除IP地址 %s 吗？',
     'DELETE_RULE_CONFIRMATION' => '确定要删除规则 #%s 吗？',
     'SUSPEND_RULE_CONFIRMATION' => '确定要暂停规则 #%s 吗？',
     'UNSUSPEND_RULE_CONFIRMATION' => '确定要解除暂停规则 #%s 吗？',
     'LEAVE_PAGE_CONFIRMATION' => '确定要离开当前页吗？',
     'RESTART_CONFIRMATION' => '确定要重新启动 %s 吗？',
-    'Welcome'  => '欢迎',
-    'LOGGED_IN_AS'  => '以 %s 的身份登录',
-    'Error'  => '错误',
-    'Invalid username or password'  => '无效的用户名称或密码',
-    'Invalid username or code'  => '无效的用户名称或验证码.',
-    'Passwords not match'  => '密码错误',
-    'Please enter valid email address.'  => '请输入正确的邮箱',
-    'Field "%s" can not be blank.'  => '"%s" 不能为空',
-    'Password is too short.'  => '密码太短 (至少为6个数字+字母)',
-    'Error code:'  => '错误代码: %s',
-    'SERVICE_ACTION_FAILED'  => '"%s" "%s" 失败',
+    'Welcome' => '欢迎',
+    'LOGGED_IN_AS' => '以 %s 的身份登录',
+    'Error' => '错误',
+    'Invalid username or password' => '无效的用户名称或密码',
+    'Invalid username or code' => '无效的用户名称或验证码.',
+    'Passwords not match' => '密码错误',
+    'Please enter valid email address.' => '请输入正确的邮箱',
+    'Field "%s" can not be blank.' => '"%s" 不能为空',
+    'Password is too short.' => '密码太短 (至少为6个数字+字母)',
+    'Error code:' => '错误代码: %s',
+    'SERVICE_ACTION_FAILED' => '"%s" "%s" 失败',
     'IP address is in use' => 'IP地址在使用中',
-    'BACKUP_SCHEDULED'  => '您的要求已加入队列中，备份完成后会以电子邮件通知您 ',
-    'BACKUP_EXISTS'  => '已经有一个备份正在执行，请等待备份完成后再操作',
-    'RESTORE_SCHEDULED'  => '您的要求已加入队列中，恢复完成后会以电子邮件通知您',
-    'RESTORE_EXISTS'  => '已经有一个恢复正在执行，请等待恢复完成后再操作',
+    'BACKUP_SCHEDULED' => '您的要求已加入队列中，备份完成后会以电子邮件通知您 ',
+    'BACKUP_EXISTS' => '已经有一个备份正在执行，请等待备份完成后再操作',
+    'RESTORE_SCHEDULED' => '您的要求已加入队列中，恢复完成后会以电子邮件通知您',
+    'RESTORE_EXISTS' => '已经有一个恢复正在执行，请等待恢复完成后再操作',
 
     'WEB_EXCLUSIONS' => '输入域名，每行一个。要排除所有域名请使用 *。要排除特定目录使用以下格式: domain.com:public_html/cache:public_html/tmp',
     'DNS_EXCLUSIONS' => '输入域名，每行一个。要排除所有域名请使用 *',
@@ -519,27 +519,27 @@ $LANG['cn'] = array(
     'CRON_EXCLUSIONS' => '要排除所有任务请使用 *',
     'USER_EXCLUSIONS' => '输入目录名称，每行一个。要排除所有目录请使用 *',
 
-    'Welcome to Vesta Control Panel'  => '欢迎来到 Vesta 管理系统',
-    'MAIL_FROM'  => 'Vesta 管理系统 ',
+    'Welcome to Vesta Control Panel' => '欢迎来到 Vesta 管理系统',
+    'MAIL_FROM' => 'Vesta 管理系统 ',
     'GREETINGS_GORDON_FREEMAN' => "您好, %s %s,\n",
     'GREETINGS' => "您好,\n",
     'ACCOUNT_READY' => "您的账户已创建成功，并可以开始使用了！\n\nhttps://%s/login/\n用户名称: %s\n密码: %s\n\n--\nVesta Control Panel\n",
 
-    'FTP login credentials'  => 'FTP 登录信息',
+    'FTP login credentials' => 'FTP 登录信息',
     'FTP_ACCOUNT_READY' => "FTP账户已创建成功，并可以开始使用了！\n\n主机名称: %s\n用户名称: %s_%s\n密码: %s\n\n--\nVesta Control Panel\n",
 
-    'Database Credentials'  => '数据库登录信息',
+    'Database Credentials' => '数据库登录信息',
     'DATABASE_READY' => "数据库已添加成功！\n\n数据库名称: %s\n用户名称: %s\n密码: %s\n%s\n\n--\nVesta Control Panel\n",
 
-    'forgot password'  => '忘记密码',
-    'Confirm'  => '确认',
-    'New Password'  => '新密码',
-    'Confirm Password'  => '确认密码',
-    'Reset'  => '重置',
-    'Reset Code'  => '重置代码',
-    'RESET_NOTICE'  => '',
-    'RESET_CODE_SENT'  => '密码重置代码已发送到您的邮箱
',
-    'MAIL_RESET_SUBJECT'  => '密码重置在 %s',
+    'forgot password' => '忘记密码',
+    'Confirm' => '确认',
+    'New Password' => '新密码',
+    'Confirm Password' => '确认密码',
+    'Reset' => '重置',
+    'Reset Code' => '重置代码',
+    'RESET_NOTICE' => '',
+    'RESET_CODE_SENT' => '密码重置代码已发送到您的邮箱
',
+    'MAIL_RESET_SUBJECT' => '密码重置在 %s',
     'PASSWORD_RESET_REQUEST' => '重置密码请点击链接:\nhttps://%s/reset/?action=confirm&user=%s&code=%s\n\n或者您可以到 https://%s/reset/?action=code&user=%s 输入密码重置代码:\n%s\n\n如果您没有要求重置密码，请忽略此邮件\n\n--\nVesta Control Panel\n',
 
     'Jan' => '01月',
@@ -568,7 +568,7 @@ $LANG['cn'] = array(
     'MAIL Server' => '邮箱服务器',
     'Antivirus' => '防病毒引擎',
     'AntiSpam' => '防垃圾邮件',
-    'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate',
+    'Use Web Domain SSL Certificate' => '采用网站域名SSL证书',
     'Webmail URL' => '网页邮箱网址',
     'MySQL Support' => 'MySQL 支持',
     'phpMyAdmin URL' => '设置 phpMyAdmin 网址',
@@ -704,7 +704,7 @@ $LANG['cn'] = array(
     'Add File to the Current Selection' => '将文件添加到当前选中区内',
     'Select All Files' => '选择所有文件',
     'shortcuts are inspired by magnificent GNU Midnight Commander file manager' =>
-        '快捷键的灵感来自旖旎的 GNU Midnight Commander 文件管理器',
+    '快捷键的灵感来自旖旎的 GNU Midnight Commander 文件管理器',
 
     'Licence Key' => '许可密匙',
     'Enter License Key' => '输入许可密匙',
@@ -755,7 +755,7 @@ $LANG['cn'] = array(
     'ISSUER' => '颁发者',
 
     'Use server hostname' => '采用服务器主机名',
-    'Use domain hostname' => '采用域名',
+    'Use domain hostname' => '采用账户所在域名',
     'Use STARTTLS' => '采用 STARTTLS 加密',
     'Use SSL / TLS' => '采用 SSL / TLS 加密',
     'No encryption' => '不加密',

From f969909866a0ca56c72031e622fb215fd09ea889 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 5 Apr 2019 00:15:43 +0200
Subject: [PATCH 0422/2300] schedule backup nice and ionice

---
 bin/v-schedule-user-backup | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-schedule-user-backup b/bin/v-schedule-user-backup
index dcbcedb6..da8dd62b 100755
--- a/bin/v-schedule-user-backup
+++ b/bin/v-schedule-user-backup
@@ -35,7 +35,7 @@ is_backup_scheduled 'backup'
 
 # Adding backup task to  the queue
 log=$VESTA/log/backup.log
-echo "$BIN/v-backup-user $user yes >> $log 2>&1" >>\
+echo "nice -n 19 ionice -c 3 $BIN/v-backup-user $user yes >> $log 2>&1" >>\
     $VESTA/data/queue/backup.pipe
 
 

From 9400592892f7ee58da40a063ed1a751f7a0f1243 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 5 Apr 2019 00:17:00 +0200
Subject: [PATCH 0423/2300] schedule restore nice and ionice

---
 bin/v-schedule-user-restore | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-schedule-user-restore b/bin/v-schedule-user-restore
index 031b024e..2da94b01 100755
--- a/bin/v-schedule-user-restore
+++ b/bin/v-schedule-user-restore
@@ -43,7 +43,7 @@ is_backup_scheduled 'restore'
 # Adding restore task to  the queue
 log=$VESTA/log/restore.log
 options="'$web' '$dns' '$mail' '$db' '$cron' '$udir'"
-echo "$BIN/v-restore-user $user $backup $options  yes >> $log 2>&1" >>\
+echo "nice -n 19 ionice -c 3 $BIN/v-restore-user $user $backup $options  yes >> $log 2>&1" >>\
     $VESTA/data/queue/backup.pipe
 
 

From 8f2fdfb8d320fb75ba82cdb5ccd91c9c43d6d90c Mon Sep 17 00:00:00 2001
From: Anthony Rossbach 
Date: Mon, 8 Apr 2019 21:47:22 -0700
Subject: [PATCH 0424/2300] Fixes for dumps of large databases

---
 func/db.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/func/db.sh b/func/db.sh
index d397dfec..30018065 100644
--- a/func/db.sh
+++ b/func/db.sh
@@ -55,14 +55,14 @@ mysql_query() {
 
 mysql_dump() {
     err="/tmp/e.mysql"
-    mysqldump --defaults-file=$mycnf --single-transaction -r $1 $2 2> $err
+    mysqldump --defaults-file=$mycnf --single-transaction --max_allowed_packet=100M -r $1 $2 2> $err
     if [ '0' -ne "$?" ]; then
         rm -rf $tmpdir
         if [ "$notify" != 'no' ]; then
             echo -e "Can't dump database $database\n$(cat $err)" |\
                 $SENDMAIL -s "$subj" $email
         fi
-        echo "Error: dump $database failed"
+        echo "Error: dump $database failed\n$(cat $err)"
         log_event  "$E_DB" "$ARGUMENTS"
         exit $E_DB
     fi

From a981ddb468603f571d765c00361765c882001824 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Steen=20Sch=C3=BCtt?=
 <6237359+SteenSchutt@users.noreply.github.com>
Date: Wed, 10 Apr 2019 14:42:10 +0200
Subject: [PATCH 0425/2300] Prevent v-backup-user from excluding folders named
 logs further down the tree

This change will fix issues with files like `public_html/wp-content/plugins/sitepress-multilingual-cms/classes/logs/interface-wpml-log.php` from being excluded, but still exclude the intended main logs directory. Fixes a semi-widespread issue with VestaCP and WPML.
---
 bin/v-backup-user | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-backup-user b/bin/v-backup-user
index 90a42b2e..2e81ada2 100755
--- a/bin/v-backup-user
+++ b/bin/v-backup-user
@@ -223,7 +223,7 @@ if [ ! -z "$WEB_SYSTEM" ] && [ "$WEB" != '*' ]; then
         exlusion=$(echo -e "$WEB" |tr ',' '\n' |grep "^$domain:")
         set -f
         fargs=()
-        fargs+=(--exclude='logs/*')
+        fargs+=(--exclude='./logs/*')
         if [ ! -z "$exlusion" ]; then
             xdirs="$(echo -e "$exlusion" |tr ':' '\n' |grep -v $domain)"
             for xpath in $xdirs; do

From 3cbaab38bf8d2734f1fb969ce4b02fd46452ae67 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luka=20Paunovi=C4=87?= 
Date: Thu, 11 Apr 2019 19:00:56 +0200
Subject: [PATCH 0426/2300] Fix for issue #1286

Fix for issue #1286
---
 bin/v-change-sys-service-config | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/bin/v-change-sys-service-config b/bin/v-change-sys-service-config
index 97c14a17..3d31d6b4 100755
--- a/bin/v-change-sys-service-config
+++ b/bin/v-change-sys-service-config
@@ -95,13 +95,21 @@ if [ "$update" = 'yes' ] && [ "$restart" != 'no' ]; then
 
     if [ "$service" = 'php' ]; then
         if [ "$WEB_SYSTEM" = "nginx" ]; then
-            service=$(ls /etc/init.d/php*fpm* |cut -f 4 -d / |sed -n 1p)
+            if [ $(ps --no-headers -o comm 1) == systemd ]; then
+                service=$(systemctl | grep -o -E "php.*fpm.*\.service")
+		service=${service//.service/}
+            else
+                service=$(ls /etc/init.d/php*fpm* |cut -f 4 -d /)
+            fi
         else
             service=$WEB_SYSTEM
         fi
     fi
 
-    service $service restart >/dev/null 2>&1
+    for single_service in $service; do
+        service $single_service restart >/dev/null 2>&1
+    done <<< "$service"
+
     if [ $? -ne 0 ]; then
         for config in $dst; do
             cat $config.vst.back > $config

From f0c328375f414662a203b4606d65983b7640160d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luka=20Paunovi=C4=87?= 
Date: Thu, 11 Apr 2019 19:02:36 +0200
Subject: [PATCH 0427/2300] Update v-change-sys-service-config

---
 bin/v-change-sys-service-config | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-change-sys-service-config b/bin/v-change-sys-service-config
index 3d31d6b4..0500ecb9 100755
--- a/bin/v-change-sys-service-config
+++ b/bin/v-change-sys-service-config
@@ -97,7 +97,7 @@ if [ "$update" = 'yes' ] && [ "$restart" != 'no' ]; then
         if [ "$WEB_SYSTEM" = "nginx" ]; then
             if [ $(ps --no-headers -o comm 1) == systemd ]; then
                 service=$(systemctl | grep -o -E "php.*fpm.*\.service")
-		service=${service//.service/}
+                service=${service//.service/}
             else
                 service=$(ls /etc/init.d/php*fpm* |cut -f 4 -d /)
             fi

From c28c5d29a3c61bc8110c11349e3f2309cd537cfa Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Fri, 12 Apr 2019 17:20:45 +0300
Subject: [PATCH 0428/2300] setting content type to fix possible XSS attack
 vector

---
 web/file_manager/fm_api.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/file_manager/fm_api.php b/web/file_manager/fm_api.php
index ac5faa3a..cf4eef82 100644
--- a/web/file_manager/fm_api.php
+++ b/web/file_manager/fm_api.php
@@ -1,8 +1,8 @@
 
Date: Mon, 15 Apr 2019 10:51:40 +0300
Subject: [PATCH 0429/2300] removing single quote from escapeshellarg calls

---
 web/edit/server/index.php | 8 ++++----
 web/list/dns/index.php    | 2 +-
 web/list/mail/index.php   | 2 +-
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/web/edit/server/index.php b/web/edit/server/index.php
index 467596f8..defc0b7a 100644
--- a/web/edit/server/index.php
+++ b/web/edit/server/index.php
@@ -209,7 +209,7 @@ if (!empty($_POST['save'])) {
     // Update mysql pasword
     if (empty($_SESSION['error_msg'])) {
         if (!empty($_POST['v_mysql_password'])) {
-            exec (VESTA_CMD."v-change-database-host-password mysql localhost root '".escapeshellarg($_POST['v_mysql_password'])."'", $output, $return_var);
+            exec (VESTA_CMD."v-change-database-host-password mysql localhost root ".escapeshellarg($_POST['v_mysql_password']), $output, $return_var);
             check_return_code($return_var,$output);
             unset($output);
             $v_db_adv = 'yes';
@@ -260,7 +260,7 @@ if (!empty($_POST['save'])) {
     // Update webmail url
     if (empty($_SESSION['error_msg'])) {
         if ($_POST['v_mail_url'] != $_SESSION['MAIL_URL']) {
-            exec (VESTA_CMD."v-change-sys-config-value MAIL_URL '".escapeshellarg($_POST['v_mail_url'])."'", $output, $return_var);
+            exec (VESTA_CMD."v-change-sys-config-value MAIL_URL ".escapeshellarg($_POST['v_mail_url']), $output, $return_var);
             check_return_code($return_var,$output);
             unset($output);
             $v_mail_adv = 'yes';
@@ -270,7 +270,7 @@ if (!empty($_POST['save'])) {
     // Update phpMyAdmin url
     if (empty($_SESSION['error_msg'])) {
         if ($_POST['v_mysql_url'] != $_SESSION['DB_PMA_URL']) {
-            exec (VESTA_CMD."v-change-sys-config-value DB_PMA_URL '".escapeshellarg($_POST['v_mysql_url'])."'", $output, $return_var);
+            exec (VESTA_CMD."v-change-sys-config-value DB_PMA_URL ".escapeshellarg($_POST['v_mysql_url']), $output, $return_var);
             check_return_code($return_var,$output);
             unset($output);
             $v_db_adv = 'yes';
@@ -280,7 +280,7 @@ if (!empty($_POST['save'])) {
     // Update phpPgAdmin url
     if (empty($_SESSION['error_msg'])) {
         if ($_POST['v_pgsql_url'] != $_SESSION['DB_PGA_URL']) {
-            exec (VESTA_CMD."v-change-sys-config-value DB_PGA_URL '".escapeshellarg($_POST['v_pgsql_url'])."'", $output, $return_var);
+            exec (VESTA_CMD."v-change-sys-config-value DB_PGA_URL ".escapeshellarg($_POST['v_pgsql_url']), $output, $return_var);
             check_return_code($return_var,$output);
             unset($output);
             $v_db_adv = 'yes';
diff --git a/web/list/dns/index.php b/web/list/dns/index.php
index df5b4a83..c98b8e47 100644
--- a/web/list/dns/index.php
+++ b/web/list/dns/index.php
@@ -14,7 +14,7 @@ if (empty($_GET['domain'])){
 
     render_page($user, $TAB, 'list_dns');
 } else {
-    exec (VESTA_CMD."v-list-dns-records '".$user."' '".escapeshellarg($_GET['domain'])."' 'json'", $output, $return_var);
+    exec (VESTA_CMD."v-list-dns-records ".$user." ".escapeshellarg($_GET['domain'])." json", $output, $return_var);
     $data = json_decode(implode('', $output), true);
     $data = array_reverse($data, true);
     unset($output);
diff --git a/web/list/mail/index.php b/web/list/mail/index.php
index 6b767768..56c42a73 100644
--- a/web/list/mail/index.php
+++ b/web/list/mail/index.php
@@ -14,7 +14,7 @@ if (empty($_GET['domain'])){
 
     render_page($user, $TAB, 'list_mail');
 } else {
-    exec (VESTA_CMD."v-list-mail-accounts '".$user."' '".escapeshellarg($_GET['domain'])."' json", $output, $return_var);
+    exec (VESTA_CMD."v-list-mail-accounts ".$user." ".escapeshellarg($_GET['domain'])." json", $output, $return_var);
     $data = json_decode(implode('', $output), true);
     $data = array_reverse($data, true);
     unset($output);

From 70319b6a94f08bcf22fe1227372cbaeeabf5e21b Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Mon, 15 Apr 2019 13:33:09 +0300
Subject: [PATCH 0430/2300] full pma install

---
 install/rhel/7/pma/config.inc.conf | 119 ++++++++++++++++-------------
 install/vst-install-rhel.sh        |  12 ++-
 2 files changed, 73 insertions(+), 58 deletions(-)

diff --git a/install/rhel/7/pma/config.inc.conf b/install/rhel/7/pma/config.inc.conf
index 47ae207e..25097eca 100644
--- a/install/rhel/7/pma/config.inc.conf
+++ b/install/rhel/7/pma/config.inc.conf
@@ -4,24 +4,24 @@
  * phpMyAdmin sample configuration, you can use it as base for
  * manual configuration. For easier setup you can use setup/
  *
- * All directives are explained in Documentation.html and on phpMyAdmin
- * wiki .
+ * All directives are explained in documentation in the doc/ folder
+ * or at .
  *
- * @package phpMyAdmin
+ * @package PhpMyAdmin
  */
 
-/*
+/**
  * This is needed for cookie based authentication to encrypt password in
- * cookie
+ * cookie. Needs to be 32 chars long.
  */
 $cfg['blowfish_secret'] = '%blowfish_secret%'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */
 
-/*
+/**
  * Servers configuration
  */
 $i = 0;
 
-/*
+/**
  * First server
  */
 $i++;
@@ -29,44 +29,57 @@ $i++;
 $cfg['Servers'][$i]['auth_type'] = 'cookie';
 /* Server parameters */
 $cfg['Servers'][$i]['host'] = 'localhost';
-$cfg['Servers'][$i]['connect_type'] = 'tcp';
 $cfg['Servers'][$i]['compress'] = false;
-/* Select mysqli if your server has it */
-$cfg['Servers'][$i]['extension'] = 'mysql';
 $cfg['Servers'][$i]['AllowNoPassword'] = false;
 
-/*
+/**
  * phpMyAdmin configuration storage settings.
  */
 
 /* User used to manipulate with storage */
-// $cfg['Servers'][$i]['controluser'] = 'pma';
-// $cfg['Servers'][$i]['controlpass'] = 'pmapass';
+$cfg['Servers'][$i]['controlhost'] = '';
+$cfg['Servers'][$i]['controlport'] = '';
+$cfg['Servers'][$i]['controluser'] = 'phpmyadmin';
+$cfg['Servers'][$i]['controlpass'] = '%phpmyadmin_pass%';
 
 /* Storage database and tables */
-// $cfg['Servers'][$i]['pmadb'] = 'phpmyadmin';
-// $cfg['Servers'][$i]['bookmarktable'] = 'pma_bookmark';
-// $cfg['Servers'][$i]['relation'] = 'pma_relation';
-// $cfg['Servers'][$i]['table_info'] = 'pma_table_info';
-// $cfg['Servers'][$i]['table_coords'] = 'pma_table_coords';
-// $cfg['Servers'][$i]['pdf_pages'] = 'pma_pdf_pages';
-// $cfg['Servers'][$i]['column_info'] = 'pma_column_info';
-// $cfg['Servers'][$i]['history'] = 'pma_history';
-// $cfg['Servers'][$i]['tracking'] = 'pma_tracking';
-// $cfg['Servers'][$i]['designer_coords'] = 'pma_designer_coords';
-// $cfg['Servers'][$i]['userconfig'] = 'pma_userconfig';
-/* Contrib / Swekey authentication */
-// $cfg['Servers'][$i]['auth_swekey_config'] = '/etc/swekey-pma.conf';
+$cfg['Servers'][$i]['pmadb'] = 'phpmyadmin';
+$cfg['Servers'][$i]['bookmarktable'] = 'pma__bookmark';
+$cfg['Servers'][$i]['relation'] = 'pma__relation';
+$cfg['Servers'][$i]['table_info'] = 'pma__table_info';
+$cfg['Servers'][$i]['table_coords'] = 'pma__table_coords';
+$cfg['Servers'][$i]['pdf_pages'] = 'pma__pdf_pages';
+$cfg['Servers'][$i]['column_info'] = 'pma__column_info';
+$cfg['Servers'][$i]['history'] = 'pma__history';
+$cfg['Servers'][$i]['table_uiprefs'] = 'pma__table_uiprefs';
+$cfg['Servers'][$i]['tracking'] = 'pma__tracking';
+$cfg['Servers'][$i]['userconfig'] = 'pma__userconfig';
+$cfg['Servers'][$i]['recent'] = 'pma__recent';
+$cfg['Servers'][$i]['favorite'] = 'pma__favorite';
+$cfg['Servers'][$i]['users'] = 'pma__users';
+$cfg['Servers'][$i]['usergroups'] = 'pma__usergroups';
+$cfg['Servers'][$i]['navigationhiding'] = 'pma__navigationhiding';
+$cfg['Servers'][$i]['savedsearches'] = 'pma__savedsearches';
+$cfg['Servers'][$i]['central_columns'] = 'pma__central_columns';
+$cfg['Servers'][$i]['designer_settings'] = 'pma__designer_settings';
+$cfg['Servers'][$i]['export_templates'] = 'pma__export_templates';
 
-/*
+/**
  * End of servers configuration
  */
 
-/*
+/**
  * Directories for saving/loading files from server
  */
-$cfg['UploadDir'] = '';
-$cfg['SaveDir'] = '';
+$cfg['UploadDir'] = '/var/lib/phpMyAdmin/upload';
+$cfg['SaveDir'] = '/var/lib/phpMyAdmin/save';
+
+/**
+ * Whether to display icons or text or both icons and text in table row
+ * action segment. Value can be either of 'icons', 'text' or 'both'.
+ * default = 'both'
+ */
+//$cfg['RowActionType'] = 'icons';
 
 /**
  * Defines whether a user should be displayed a "show all (records)"
@@ -78,25 +91,21 @@ $cfg['SaveDir'] = '';
 /**
  * Number of rows displayed when browsing a result set. If the result
  * set contains more rows, "Previous" and "Next".
- * default = 30
+ * Possible values: 25, 50, 100, 250, 500
+ * default = 25
  */
 //$cfg['MaxRows'] = 50;
 
 /**
- * Use graphically less intense menu tabs
- * default = false
- */
-//$cfg['LightTabs'] = true;
-
-/**
- * disallow editing of binary fields
+ * Disallow editing of binary fields
  * valid values are:
- *   false  allow editing
- *   'blob' allow editing except for BLOB fields
- *   'all'  disallow editing
- * default = blob
+ *   false    allow editing
+ *   'blob'   allow editing except for BLOB fields
+ *   'noblob' disallow editing except for BLOB fields
+ *   'all'    disallow editing
+ * default = 'blob'
  */
-//$cfg['ProtectBinary'] = 'false';
+//$cfg['ProtectBinary'] = false;
 
 /**
  * Default language to use, if not browser-defined or user-defined
@@ -107,12 +116,6 @@ $cfg['SaveDir'] = '';
 //$cfg['DefaultLang'] = 'en';
 //$cfg['DefaultLang'] = 'de';
 
-/**
- * default display direction (horizontal|vertical|horizontalflipped)
- */
-//$cfg['DefaultDisplay'] = 'vertical';
-
-
 /**
  * How many columns should be used for table display of a database?
  * (a value larger than 1 results in some information being hidden)
@@ -131,13 +134,21 @@ $cfg['SaveDir'] = '';
 
 /**
  * When using DB-based query history, how many entries should be kept?
- *
  * default = 25
  */
 //$cfg['QueryHistoryMax'] = 100;
 
-/*
- * You can find more configuration options in Documentation.html
- * or here: http://wiki.phpmyadmin.net/pma/Config
+/**
+ * Whether or not to query the user before sending the error report to
+ * the phpMyAdmin team when a JavaScript error occurs
+ *
+ * Available options
+ * ('ask' | 'always' | 'never')
+ * default = 'ask'
+ */
+//$cfg['SendErrorReports'] = 'always';
+
+/**
+ * You can find more configuration options in the documentation
+ * in the doc/ folder or at .
  */
-?>
diff --git a/install/vst-install-rhel.sh b/install/vst-install-rhel.sh
index f6147bbc..8badeca8 100755
--- a/install/vst-install-rhel.sh
+++ b/install/vst-install-rhel.sh
@@ -83,9 +83,6 @@ gen_pass() {
     echo "$PASS"
 }
 
-# Defining 32 char blowfish_secret
-blowfish_secret=`openssl rand -base64 32`;
-
 # Defining return code check function
 check_result() {
     if [ $1 -ne 0 ]; then
@@ -1045,8 +1042,15 @@ if [ "$mysql" = 'yes' ]; then
     if [ "$apache" = 'yes' ]; then
         cp -f $vestacp/pma/phpMyAdmin.conf /etc/httpd/conf.d/
     fi
+    mysql < /usr/share/phpMyAdmin/sql/create_tables.sql
+    p=$(gen_pass)
+    mysql -e "GRANT ALL ON phpmyadmin.*
+        TO phpmyadmin@localhost IDENTIFIED BY '$p'"
     cp -f $vestacp/pma/config.inc.conf /etc/phpMyAdmin/config.inc.php
-    sed -i "s#%blowfish_secret#$blowfish_secret#g" /etc/phpMyAdmin/config.inc.php
+    sed -i "s/%blowfish_secret%/$(gen_pass 32)/g" /etc/phpMyAdmin/config.inc.php
+    sed -i "s/%phpmyadmin_pass%/$p/g" /etc/phpMyAdmin/config.inc.php
+    chmod 777 /var/lib/phpMyAdmin/temp
+    chmod 777 /var/lib/phpMyAdmin/save
 fi
 
 

From e674bf14fd401f419223f1dd06a6e381a3c188a2 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Mon, 15 Apr 2019 13:48:23 +0300
Subject: [PATCH 0431/2300] Release 0.9.8-24

---
 src/deb/ioncube/control          |  2 +-
 src/deb/nginx/control            |  2 +-
 src/deb/php/control              |  2 +-
 src/deb/vesta/control            |  2 +-
 src/rpm/specs/vesta-ioncube.spec |  2 +-
 src/rpm/specs/vesta-nginx.spec   |  2 +-
 src/rpm/specs/vesta.spec         | 10 +++++++++-
 upd/add_notifications.sh         |  3 +--
 8 files changed, 16 insertions(+), 9 deletions(-)

diff --git a/src/deb/ioncube/control b/src/deb/ioncube/control
index 9db6cc14..8b264b80 100644
--- a/src/deb/ioncube/control
+++ b/src/deb/ioncube/control
@@ -1,7 +1,7 @@
 Source: vesta-ioncube
 Package: vesta-ioncube
 Priority: optional
-Version: 0.9.8-23
+Version: 0.9.8-24
 Section: admin
 Maintainer: Serghey Rodin 
 Homepage: https://www.ioncube.com
diff --git a/src/deb/nginx/control b/src/deb/nginx/control
index 19ec8bbb..970f8dbe 100644
--- a/src/deb/nginx/control
+++ b/src/deb/nginx/control
@@ -1,7 +1,7 @@
 Source: vesta-nginx
 Package: vesta-nginx
 Priority: optional
-Version: 0.9.8-23
+Version: 0.9.8-24
 Section: admin
 Maintainer: Serghey Rodin 
 Homepage: http://vestacp.com
diff --git a/src/deb/php/control b/src/deb/php/control
index e8702027..3b8055de 100644
--- a/src/deb/php/control
+++ b/src/deb/php/control
@@ -1,7 +1,7 @@
 Source: vesta-php
 Package: vesta-php
 Priority: optional
-Version: 0.9.8-23
+Version: 0.9.8-24
 Section: admin
 Maintainer: Serghey Rodin 
 Homepage: http://vestacp.com
diff --git a/src/deb/vesta/control b/src/deb/vesta/control
index 9f83c2a6..3e7bdd64 100644
--- a/src/deb/vesta/control
+++ b/src/deb/vesta/control
@@ -1,7 +1,7 @@
 Source: vesta
 Package: vesta
 Priority: optional
-Version: 0.9.8-23
+Version: 0.9.8-24
 Section: admin
 Maintainer: Serghey Rodin 
 Homepage: http://vestacp.com
diff --git a/src/rpm/specs/vesta-ioncube.spec b/src/rpm/specs/vesta-ioncube.spec
index 54bb5cf4..4dbf3203 100644
--- a/src/rpm/specs/vesta-ioncube.spec
+++ b/src/rpm/specs/vesta-ioncube.spec
@@ -1,6 +1,6 @@
 Name:           vesta-ioncube
 Version:        0.9.8
-Release:        23
+Release:        24
 Summary:        ionCube Loader
 Group:          System Environment/Base
 License:        "Freely redistributable without restriction"
diff --git a/src/rpm/specs/vesta-nginx.spec b/src/rpm/specs/vesta-nginx.spec
index ca530cc1..8fb887c9 100644
--- a/src/rpm/specs/vesta-nginx.spec
+++ b/src/rpm/specs/vesta-nginx.spec
@@ -1,6 +1,6 @@
 Name:           vesta-nginx
 Version:        0.9.8
-Release:        23
+Release:        24
 Summary:        Vesta Control Panel
 Group:          System Environment/Base
 License:        BSD-like
diff --git a/src/rpm/specs/vesta.spec b/src/rpm/specs/vesta.spec
index 10830d15..d632cc55 100644
--- a/src/rpm/specs/vesta.spec
+++ b/src/rpm/specs/vesta.spec
@@ -1,6 +1,6 @@
 Name:           vesta
 Version:        0.9.8
-Release:        23
+Release:        24
 Summary:        Vesta Control Panel
 Group:          System Environment/Base
 License:        GPL
@@ -68,6 +68,14 @@ fi
 %config(noreplace) %{_vestadir}/web/css/uploadify.css
 
 %changelog
+* Mon Apr 18 2019 Serghey Rodin  - 0.9.8-24
+- Bugfixes
+- Security patches
+- LEv2
+- Server LE
+- i18n updates
+
+
 * Thu Oct 18 2018 Serghey Rodin  - 0.9.8-23
 - Security fixes
 
diff --git a/upd/add_notifications.sh b/upd/add_notifications.sh
index e55c0c74..4aecf68c 100755
--- a/upd/add_notifications.sh
+++ b/upd/add_notifications.sh
@@ -5,5 +5,4 @@ rm -f /usr/local/vesta/data/users/admin/notifications.conf
 /usr/local/vesta/bin/v-add-user-notification admin "File Manager" "Browse, copy, edit, view, and retrieve all your web domain files using a fully featured File Manager. Plugin is available for purchase." 'filemanager'
 /usr/local/vesta/bin/v-add-user-notification admin "Chroot SFTP" "If you want to have SFTP accounts that will be used only to transfer files (and not to SSH), you can  purchase and enable SFTP Chroot"
 /usr/local/vesta/bin/v-add-user-notification admin "Softaculous" "Softaculous is one of the best Auto Installers and it is finally available"
-/usr/local/vesta/bin/v-add-user-notification admin "Release 0.9.8-23" "We've made 1478 commits, fixed 29 bugs and merged 141 pull request. As always for more information please read release notes"
-
+/usr/local/vesta/bin/v-add-user-notification admin "Release 0.9.8-24" "This release is about stability and refinement. We added Let's Encrypt v2 support and added server certificate management tools. For more information please read release notes"

From e1fb811caf73e5d8de49e3d2a0098a1afb0f647f Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Mon, 15 Apr 2019 14:08:16 +0300
Subject: [PATCH 0432/2300] ubuntu 18.10 support

---
 install/ubuntu/18.10/apache2/apache2.conf     |  94 ++
 install/ubuntu/18.10/apache2/status.conf      |   8 +
 install/ubuntu/18.10/bind/named.conf          |  12 +
 install/ubuntu/18.10/clamav/clamd.conf        |  61 ++
 install/ubuntu/18.10/deb_signing.key          |  30 +
 .../ubuntu/18.10/dovecot/conf.d/10-auth.conf  |   4 +
 .../18.10/dovecot/conf.d/10-logging.conf      |   1 +
 .../ubuntu/18.10/dovecot/conf.d/10-mail.conf  |   9 +
 .../18.10/dovecot/conf.d/10-master.conf       |  29 +
 .../ubuntu/18.10/dovecot/conf.d/10-ssl.conf   |   5 +
 .../18.10/dovecot/conf.d/15-mailboxes.conf    |  29 +
 .../ubuntu/18.10/dovecot/conf.d/20-imap.conf  |  58 ++
 .../ubuntu/18.10/dovecot/conf.d/20-pop3.conf  |  91 ++
 .../dovecot/conf.d/auth-passwdfile.conf.ext   |   9 +
 install/ubuntu/18.10/dovecot/dovecot.conf     |   4 +
 install/ubuntu/18.10/exim/dnsbl.conf          |   2 +
 install/ubuntu/18.10/exim/exim4.conf.template | 382 ++++++++
 install/ubuntu/18.10/exim/spam-blocks.conf    |   0
 .../ubuntu/18.10/fail2ban/action.d/vesta.conf |   9 +
 .../ubuntu/18.10/fail2ban/filter.d/vesta.conf |  10 +
 install/ubuntu/18.10/fail2ban/jail.local      |  51 ++
 install/ubuntu/18.10/firewall/ports.conf      |  17 +
 install/ubuntu/18.10/firewall/rules.conf      |  11 +
 install/ubuntu/18.10/logrotate/apache2        |  19 +
 install/ubuntu/18.10/logrotate/dovecot        |  12 +
 install/ubuntu/18.10/logrotate/nginx          |  13 +
 install/ubuntu/18.10/logrotate/vesta          |   7 +
 install/ubuntu/18.10/mysql/my-large.cnf       |  41 +
 install/ubuntu/18.10/mysql/my-medium.cnf      |  40 +
 install/ubuntu/18.10/mysql/my-small.cnf       |  40 +
 install/ubuntu/18.10/nginx/nginx.conf         | 139 +++
 install/ubuntu/18.10/nginx/phpmyadmin.inc     |  18 +
 install/ubuntu/18.10/nginx/phppgadmin.inc     |  11 +
 install/ubuntu/18.10/nginx/status.conf        |   9 +
 install/ubuntu/18.10/nginx/webmail.inc        |  15 +
 install/ubuntu/18.10/packages/default.pkg     |  18 +
 install/ubuntu/18.10/packages/gainsboro.pkg   |  18 +
 install/ubuntu/18.10/packages/palegreen.pkg   |  18 +
 install/ubuntu/18.10/packages/slategrey.pkg   |  18 +
 install/ubuntu/18.10/pga/config.inc.php       | 159 ++++
 install/ubuntu/18.10/pga/phppgadmin.conf      |  31 +
 install/ubuntu/18.10/php-fpm/www.conf         |  11 +
 install/ubuntu/18.10/pma/apache.conf          |  42 +
 install/ubuntu/18.10/pma/config.inc.php       | 146 +++
 install/ubuntu/18.10/postgresql/pg_hba.conf   |  11 +
 install/ubuntu/18.10/proftpd/proftpd.conf     |  32 +
 install/ubuntu/18.10/roundcube/apache.conf    |  40 +
 install/ubuntu/18.10/roundcube/config.inc.php |  33 +
 install/ubuntu/18.10/roundcube/db.inc.php     |  66 ++
 install/ubuntu/18.10/roundcube/main.inc.php   | 850 ++++++++++++++++++
 install/ubuntu/18.10/roundcube/vesta.php      |  72 ++
 install/ubuntu/18.10/sudo/admin               |   8 +
 .../ubuntu/18.10/templates/dns/child-ns.tpl   |  14 +
 .../ubuntu/18.10/templates/dns/default.tpl    |  18 +
 install/ubuntu/18.10/templates/dns/gmail.tpl  |  12 +
 .../18.10/templates/web/apache2/basedir.stpl  |  44 +
 .../18.10/templates/web/apache2/basedir.tpl   |  38 +
 .../18.10/templates/web/apache2/default.stpl  |  43 +
 .../18.10/templates/web/apache2/default.tpl   |  37 +
 .../18.10/templates/web/apache2/hosting.stpl  |  49 +
 .../18.10/templates/web/apache2/hosting.tpl   |  43 +
 .../18.10/templates/web/apache2/phpcgi.sh     |  16 +
 .../18.10/templates/web/apache2/phpcgi.stpl   |  38 +
 .../18.10/templates/web/apache2/phpcgi.tpl    |  31 +
 .../18.10/templates/web/apache2/phpfcgid.sh   |  22 +
 .../18.10/templates/web/apache2/phpfcgid.stpl |  39 +
 .../18.10/templates/web/apache2/phpfcgid.tpl  |  31 +
 .../18.10/templates/web/awstats/awstats.tpl   | 133 +++
 .../18.10/templates/web/awstats/index.tpl     |  10 +
 .../18.10/templates/web/awstats/nav.tpl       |  23 +
 .../18.10/templates/web/nginx/caching.sh      |  19 +
 .../18.10/templates/web/nginx/caching.stpl    |  43 +
 .../18.10/templates/web/nginx/caching.tpl     |  41 +
 .../18.10/templates/web/nginx/default.stpl    |  35 +
 .../18.10/templates/web/nginx/default.tpl     |  33 +
 .../18.10/templates/web/nginx/hosting.sh      |  11 +
 .../18.10/templates/web/nginx/hosting.stpl    |  37 +
 .../18.10/templates/web/nginx/hosting.tpl     |  35 +
 .../18.10/templates/web/nginx/http2.stpl      |  35 +
 .../18.10/templates/web/nginx/http2.tpl       |  33 +
 .../web/nginx/php-fpm/cms_made_simple.stpl    |  55 ++
 .../web/nginx/php-fpm/cms_made_simple.tpl     |  52 ++
 .../web/nginx/php-fpm/codeigniter2.stpl       |  60 ++
 .../web/nginx/php-fpm/codeigniter2.tpl        |  57 ++
 .../web/nginx/php-fpm/codeigniter3.stpl       |  55 ++
 .../web/nginx/php-fpm/codeigniter3.tpl        |  52 ++
 .../web/nginx/php-fpm/datalife_engine.stpl    | 126 +++
 .../web/nginx/php-fpm/datalife_engine.tpl     | 123 +++
 .../templates/web/nginx/php-fpm/default.stpl  |  54 ++
 .../templates/web/nginx/php-fpm/default.tpl   |  51 ++
 .../templates/web/nginx/php-fpm/dokuwiki.stpl |  71 ++
 .../templates/web/nginx/php-fpm/dokuwiki.tpl  |  67 ++
 .../templates/web/nginx/php-fpm/drupal6.stpl  |  84 ++
 .../templates/web/nginx/php-fpm/drupal6.tpl   |  81 ++
 .../templates/web/nginx/php-fpm/drupal7.stpl  |  88 ++
 .../templates/web/nginx/php-fpm/drupal7.tpl   |  85 ++
 .../templates/web/nginx/php-fpm/drupal8.stpl  |  93 ++
 .../templates/web/nginx/php-fpm/drupal8.tpl   |  90 ++
 .../templates/web/nginx/php-fpm/joomla.stpl   |  62 ++
 .../templates/web/nginx/php-fpm/joomla.tpl    |  59 ++
 .../templates/web/nginx/php-fpm/laravel.stpl  |  55 ++
 .../templates/web/nginx/php-fpm/laravel.tpl   |  50 ++
 .../templates/web/nginx/php-fpm/magento.stpl  | 197 ++++
 .../templates/web/nginx/php-fpm/magento.tpl   | 194 ++++
 .../templates/web/nginx/php-fpm/modx.stpl     |  68 ++
 .../templates/web/nginx/php-fpm/modx.tpl      |  65 ++
 .../templates/web/nginx/php-fpm/moodle.stpl   |  89 ++
 .../templates/web/nginx/php-fpm/moodle.tpl    |  87 ++
 .../templates/web/nginx/php-fpm/no-php.stpl   |  46 +
 .../templates/web/nginx/php-fpm/no-php.tpl    |  43 +
 .../templates/web/nginx/php-fpm/odoo.stpl     |  69 ++
 .../templates/web/nginx/php-fpm/odoo.tpl      |  66 ++
 .../templates/web/nginx/php-fpm/opencart.stpl |  58 ++
 .../templates/web/nginx/php-fpm/opencart.tpl  |  54 ++
 .../templates/web/nginx/php-fpm/owncloud.stpl |  84 ++
 .../templates/web/nginx/php-fpm/owncloud.tpl  |  81 ++
 .../templates/web/nginx/php-fpm/piwik.stpl    |  72 ++
 .../templates/web/nginx/php-fpm/piwik.tpl     |  69 ++
 .../templates/web/nginx/php-fpm/pyrocms.stpl  |  65 ++
 .../templates/web/nginx/php-fpm/pyrocms.tpl   |  62 ++
 .../templates/web/nginx/php-fpm/sendy.stpl    |  88 ++
 .../templates/web/nginx/php-fpm/sendy.tpl     |  86 ++
 .../web/nginx/php-fpm/wordpress.stpl          |  54 ++
 .../templates/web/nginx/php-fpm/wordpress.tpl |  51 ++
 .../web/nginx/php-fpm/wordpress2.stpl         |  66 ++
 .../web/nginx/php-fpm/wordpress2.tpl          |  63 ++
 .../web/nginx/php-fpm/wordpress2_rewrite.stpl |  71 ++
 .../web/nginx/php-fpm/wordpress2_rewrite.tpl  |  67 ++
 .../18.10/templates/web/nginx/proxy_ip.tpl    |   9 +
 .../18.10/templates/web/php-fpm/default.tpl   |  21 +
 .../18.10/templates/web/php-fpm/no-php.tpl    |  20 +
 .../18.10/templates/web/php-fpm/socket.tpl    |  24 +
 .../web/skel/document_errors/403.html         |  29 +
 .../web/skel/document_errors/404.html         |  28 +
 .../web/skel/document_errors/50x.html         |  29 +
 .../templates/web/skel/public_html/index.html |  26 +
 .../templates/web/skel/public_html/robots.txt |   3 +
 .../web/skel/public_shtml/index.html          |  26 +
 .../web/skel/public_shtml/robots.txt          |   3 +
 .../18.10/templates/web/suspend/.htaccess     |   2 +
 .../18.10/templates/web/suspend/index.html    |  25 +
 .../templates/web/webalizer/webalizer.tpl     | 110 +++
 install/ubuntu/18.10/vsftpd/vsftpd.conf       |  40 +
 143 files changed, 7806 insertions(+)
 create mode 100644 install/ubuntu/18.10/apache2/apache2.conf
 create mode 100644 install/ubuntu/18.10/apache2/status.conf
 create mode 100644 install/ubuntu/18.10/bind/named.conf
 create mode 100644 install/ubuntu/18.10/clamav/clamd.conf
 create mode 100644 install/ubuntu/18.10/deb_signing.key
 create mode 100644 install/ubuntu/18.10/dovecot/conf.d/10-auth.conf
 create mode 100644 install/ubuntu/18.10/dovecot/conf.d/10-logging.conf
 create mode 100644 install/ubuntu/18.10/dovecot/conf.d/10-mail.conf
 create mode 100644 install/ubuntu/18.10/dovecot/conf.d/10-master.conf
 create mode 100644 install/ubuntu/18.10/dovecot/conf.d/10-ssl.conf
 create mode 100644 install/ubuntu/18.10/dovecot/conf.d/15-mailboxes.conf
 create mode 100644 install/ubuntu/18.10/dovecot/conf.d/20-imap.conf
 create mode 100644 install/ubuntu/18.10/dovecot/conf.d/20-pop3.conf
 create mode 100644 install/ubuntu/18.10/dovecot/conf.d/auth-passwdfile.conf.ext
 create mode 100644 install/ubuntu/18.10/dovecot/dovecot.conf
 create mode 100644 install/ubuntu/18.10/exim/dnsbl.conf
 create mode 100644 install/ubuntu/18.10/exim/exim4.conf.template
 create mode 100644 install/ubuntu/18.10/exim/spam-blocks.conf
 create mode 100644 install/ubuntu/18.10/fail2ban/action.d/vesta.conf
 create mode 100644 install/ubuntu/18.10/fail2ban/filter.d/vesta.conf
 create mode 100644 install/ubuntu/18.10/fail2ban/jail.local
 create mode 100644 install/ubuntu/18.10/firewall/ports.conf
 create mode 100644 install/ubuntu/18.10/firewall/rules.conf
 create mode 100644 install/ubuntu/18.10/logrotate/apache2
 create mode 100644 install/ubuntu/18.10/logrotate/dovecot
 create mode 100644 install/ubuntu/18.10/logrotate/nginx
 create mode 100644 install/ubuntu/18.10/logrotate/vesta
 create mode 100644 install/ubuntu/18.10/mysql/my-large.cnf
 create mode 100644 install/ubuntu/18.10/mysql/my-medium.cnf
 create mode 100644 install/ubuntu/18.10/mysql/my-small.cnf
 create mode 100644 install/ubuntu/18.10/nginx/nginx.conf
 create mode 100644 install/ubuntu/18.10/nginx/phpmyadmin.inc
 create mode 100644 install/ubuntu/18.10/nginx/phppgadmin.inc
 create mode 100644 install/ubuntu/18.10/nginx/status.conf
 create mode 100644 install/ubuntu/18.10/nginx/webmail.inc
 create mode 100644 install/ubuntu/18.10/packages/default.pkg
 create mode 100644 install/ubuntu/18.10/packages/gainsboro.pkg
 create mode 100644 install/ubuntu/18.10/packages/palegreen.pkg
 create mode 100644 install/ubuntu/18.10/packages/slategrey.pkg
 create mode 100644 install/ubuntu/18.10/pga/config.inc.php
 create mode 100644 install/ubuntu/18.10/pga/phppgadmin.conf
 create mode 100644 install/ubuntu/18.10/php-fpm/www.conf
 create mode 100644 install/ubuntu/18.10/pma/apache.conf
 create mode 100644 install/ubuntu/18.10/pma/config.inc.php
 create mode 100644 install/ubuntu/18.10/postgresql/pg_hba.conf
 create mode 100644 install/ubuntu/18.10/proftpd/proftpd.conf
 create mode 100644 install/ubuntu/18.10/roundcube/apache.conf
 create mode 100644 install/ubuntu/18.10/roundcube/config.inc.php
 create mode 100644 install/ubuntu/18.10/roundcube/db.inc.php
 create mode 100644 install/ubuntu/18.10/roundcube/main.inc.php
 create mode 100644 install/ubuntu/18.10/roundcube/vesta.php
 create mode 100644 install/ubuntu/18.10/sudo/admin
 create mode 100755 install/ubuntu/18.10/templates/dns/child-ns.tpl
 create mode 100755 install/ubuntu/18.10/templates/dns/default.tpl
 create mode 100755 install/ubuntu/18.10/templates/dns/gmail.tpl
 create mode 100644 install/ubuntu/18.10/templates/web/apache2/basedir.stpl
 create mode 100644 install/ubuntu/18.10/templates/web/apache2/basedir.tpl
 create mode 100644 install/ubuntu/18.10/templates/web/apache2/default.stpl
 create mode 100644 install/ubuntu/18.10/templates/web/apache2/default.tpl
 create mode 100644 install/ubuntu/18.10/templates/web/apache2/hosting.stpl
 create mode 100644 install/ubuntu/18.10/templates/web/apache2/hosting.tpl
 create mode 100755 install/ubuntu/18.10/templates/web/apache2/phpcgi.sh
 create mode 100644 install/ubuntu/18.10/templates/web/apache2/phpcgi.stpl
 create mode 100644 install/ubuntu/18.10/templates/web/apache2/phpcgi.tpl
 create mode 100755 install/ubuntu/18.10/templates/web/apache2/phpfcgid.sh
 create mode 100644 install/ubuntu/18.10/templates/web/apache2/phpfcgid.stpl
 create mode 100644 install/ubuntu/18.10/templates/web/apache2/phpfcgid.tpl
 create mode 100755 install/ubuntu/18.10/templates/web/awstats/awstats.tpl
 create mode 100755 install/ubuntu/18.10/templates/web/awstats/index.tpl
 create mode 100755 install/ubuntu/18.10/templates/web/awstats/nav.tpl
 create mode 100755 install/ubuntu/18.10/templates/web/nginx/caching.sh
 create mode 100755 install/ubuntu/18.10/templates/web/nginx/caching.stpl
 create mode 100755 install/ubuntu/18.10/templates/web/nginx/caching.tpl
 create mode 100755 install/ubuntu/18.10/templates/web/nginx/default.stpl
 create mode 100755 install/ubuntu/18.10/templates/web/nginx/default.tpl
 create mode 100755 install/ubuntu/18.10/templates/web/nginx/hosting.sh
 create mode 100755 install/ubuntu/18.10/templates/web/nginx/hosting.stpl
 create mode 100755 install/ubuntu/18.10/templates/web/nginx/hosting.tpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/http2.stpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/http2.tpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/cms_made_simple.stpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/cms_made_simple.tpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/codeigniter2.stpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/codeigniter2.tpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/codeigniter3.stpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/codeigniter3.tpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/datalife_engine.stpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/datalife_engine.tpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/default.stpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/default.tpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/dokuwiki.stpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/dokuwiki.tpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal6.stpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal6.tpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal7.stpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal7.tpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal8.stpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal8.tpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/joomla.stpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/joomla.tpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/laravel.stpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/laravel.tpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/magento.stpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/magento.tpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/modx.stpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/modx.tpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/moodle.stpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/moodle.tpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/no-php.stpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/no-php.tpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/odoo.stpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/odoo.tpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/opencart.stpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/opencart.tpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/owncloud.stpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/owncloud.tpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/piwik.stpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/piwik.tpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/pyrocms.stpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/pyrocms.tpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/sendy.stpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/sendy.tpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress.stpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress.tpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress2.stpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress2.tpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl
 create mode 100755 install/ubuntu/18.10/templates/web/nginx/proxy_ip.tpl
 create mode 100644 install/ubuntu/18.10/templates/web/php-fpm/default.tpl
 create mode 100644 install/ubuntu/18.10/templates/web/php-fpm/no-php.tpl
 create mode 100644 install/ubuntu/18.10/templates/web/php-fpm/socket.tpl
 create mode 100755 install/ubuntu/18.10/templates/web/skel/document_errors/403.html
 create mode 100755 install/ubuntu/18.10/templates/web/skel/document_errors/404.html
 create mode 100755 install/ubuntu/18.10/templates/web/skel/document_errors/50x.html
 create mode 100755 install/ubuntu/18.10/templates/web/skel/public_html/index.html
 create mode 100755 install/ubuntu/18.10/templates/web/skel/public_html/robots.txt
 create mode 100755 install/ubuntu/18.10/templates/web/skel/public_shtml/index.html
 create mode 100755 install/ubuntu/18.10/templates/web/skel/public_shtml/robots.txt
 create mode 100755 install/ubuntu/18.10/templates/web/suspend/.htaccess
 create mode 100755 install/ubuntu/18.10/templates/web/suspend/index.html
 create mode 100755 install/ubuntu/18.10/templates/web/webalizer/webalizer.tpl
 create mode 100644 install/ubuntu/18.10/vsftpd/vsftpd.conf

diff --git a/install/ubuntu/18.10/apache2/apache2.conf b/install/ubuntu/18.10/apache2/apache2.conf
new file mode 100644
index 00000000..2756132a
--- /dev/null
+++ b/install/ubuntu/18.10/apache2/apache2.conf
@@ -0,0 +1,94 @@
+# It is split into several files forming the configuration hierarchy outlined
+# below, all located in the /etc/apache2/ directory:
+#
+#	/etc/apache2/
+#	|-- apache2.conf
+#	|	`--  ports.conf
+#	|-- mods-enabled
+#	|	|-- *.load
+#	|	`-- *.conf
+#	|-- conf.d
+#	|	`-- *
+
+# Global configuration
+PidFile ${APACHE_PID_FILE}
+Timeout 30
+KeepAlive Off
+MaxKeepAliveRequests 100
+KeepAliveTimeout 10
+
+
+    StartServers          8
+    MinSpareServers       5
+    MaxSpareServers      20
+    ServerLimit         256
+    MaxClients          200
+    MaxRequestsPerChild 4000
+
+
+
+    StartServers          2
+    MinSpareThreads      25
+    MaxSpareThreads      75 
+    ThreadLimit          64
+    ThreadsPerChild      25
+    MaxClients          200
+    MaxRequestsPerChild 4000
+
+
+
+    StartServers          2
+    MinSpareThreads      25
+    MaxSpareThreads      75 
+    ThreadLimit          64
+    ThreadsPerChild      25
+    MaxClients          200
+    MaxRequestsPerChild 4000
+
+
+# These need to be set in /etc/apache2/envvars
+User ${APACHE_RUN_USER}
+Group ${APACHE_RUN_GROUP}
+#User www-data
+#Group www-data
+
+AccessFileName .htaccess
+
+
+    Order allow,deny
+    Deny from all
+    Satisfy all
+
+
+DefaultType None
+HostnameLookups Off
+
+ErrorLog ${APACHE_LOG_DIR}/error.log
+LogLevel warn
+
+# Include module configuration:
+Include mods-enabled/*.load
+Include mods-enabled/*.conf
+
+# Include list of ports to listen on and which to use for name based vhosts
+Include ports.conf
+
+LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
+LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
+LogFormat "%h %l %u %t \"%r\" %>s %O" common
+LogFormat "%{Referer}i -> %U" referer
+LogFormat "%{User-agent}i" agent
+LogFormat "%b" bytes
+
+Include conf.d/
+
+# Include the virtual host configurations:
+#Include sites-enabled/
+
+ErrorDocument 403 /error/403.html
+ErrorDocument 404 /error/404.html
+ErrorDocument 500 /error/50x.html
+ErrorDocument 501 /error/50x.html
+ErrorDocument 502 /error/50x.html
+ErrorDocument 503 /error/50x.html
+ErrorDocument 506 /error/50x.html
diff --git a/install/ubuntu/18.10/apache2/status.conf b/install/ubuntu/18.10/apache2/status.conf
new file mode 100644
index 00000000..da9d9633
--- /dev/null
+++ b/install/ubuntu/18.10/apache2/status.conf
@@ -0,0 +1,8 @@
+Listen 127.0.0.1:8081
+
+    SetHandler server-status
+    Order deny,allow
+    Deny from all
+    Allow from 127.0.0.1
+    Allow from all
+
diff --git a/install/ubuntu/18.10/bind/named.conf b/install/ubuntu/18.10/bind/named.conf
new file mode 100644
index 00000000..ed6ece88
--- /dev/null
+++ b/install/ubuntu/18.10/bind/named.conf
@@ -0,0 +1,12 @@
+// This is the primary configuration file for the BIND DNS server named.
+//
+// Please read /usr/share/doc/bind9/README.Debian.gz for information on the 
+// structure of BIND configuration files in Debian, *BEFORE* you customize 
+// this configuration file.
+//
+// If you are just adding zones, please do that in /etc/bind/named.conf.local
+
+include "/etc/bind/named.conf.options";
+include "/etc/bind/named.conf.local";
+include "/etc/bind/named.conf.default-zones";
+
diff --git a/install/ubuntu/18.10/clamav/clamd.conf b/install/ubuntu/18.10/clamav/clamd.conf
new file mode 100644
index 00000000..4e04356e
--- /dev/null
+++ b/install/ubuntu/18.10/clamav/clamd.conf
@@ -0,0 +1,61 @@
+#Automatically Generated by clamav-base postinst
+#To reconfigure clamd run #dpkg-reconfigure clamav-base
+#Please read /usr/share/doc/clamav-base/README.Debian.gz for details
+LocalSocket /var/run/clamav/clamd.ctl
+FixStaleSocket true
+LocalSocketGroup clamav
+LocalSocketMode 666
+# TemporaryDirectory is not set to its default /tmp here to make overriding
+# the default with environment variables TMPDIR/TMP/TEMP possible
+User clamav
+# AllowSupplementaryGroups true
+ScanMail true
+ScanArchive true
+ArchiveBlockEncrypted false
+MaxDirectoryRecursion 15
+FollowDirectorySymlinks false
+FollowFileSymlinks false
+ReadTimeout 180
+MaxThreads 12
+MaxConnectionQueueLength 15
+LogSyslog false
+LogFacility LOG_LOCAL6
+LogClean false
+LogVerbose true
+PidFile /var/run/clamav/clamd.pid
+DatabaseDirectory /var/lib/clamav
+SelfCheck 3600
+Foreground false
+Debug false
+ScanPE true
+ScanOLE2 true
+ScanHTML true
+DetectBrokenExecutables false
+ExitOnOOM false
+LeaveTemporaryFiles false
+AlgorithmicDetection true
+ScanELF true
+IdleTimeout 30
+PhishingSignatures true
+PhishingScanURLs true
+PhishingAlwaysBlockSSLMismatch false
+PhishingAlwaysBlockCloak false
+DetectPUA false
+ScanPartialMessages false
+HeuristicScanPrecedence false
+StructuredDataDetection false
+CommandReadTimeout 5
+SendBufTimeout 200
+MaxQueue 100
+ExtendedDetectionInfo true
+OLE2BlockMacros false
+StreamMaxLength 25M
+LogFile /var/log/clamav/clamav.log
+LogTime true
+LogFileUnlock false
+LogFileMaxSize 0
+Bytecode true
+BytecodeSecurity TrustSigned
+BytecodeTimeout 60000
+OfficialDatabaseOnly false
+CrossFilesystems true
diff --git a/install/ubuntu/18.10/deb_signing.key b/install/ubuntu/18.10/deb_signing.key
new file mode 100644
index 00000000..2ad2db8b
--- /dev/null
+++ b/install/ubuntu/18.10/deb_signing.key
@@ -0,0 +1,30 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: GnuPG v1.4.12 (GNU/Linux)
+
+mQENBFJIGbEBCAC8SHOOFo7iDTbnC2GhNZ+uBGCh226Dn1QPoFZNFM/DNakHZ6rD
+G3wzr8++eKz4fJual/VLllE2N9XDPuxbozb3LLkcyY1WzJqtIXbXhFGQ/SuIeT+x
+QY90XU6t2Ckze2c+zUniAWmJ8GSyVmXOoc9JxAQ1u47wvGXLzrjWXc8u8PNRYXuf
+fZplTL+dFu9P0d6lP8FGsV+r9wXvvazpRTz3+H8PKrGCYT55ZQIEdG9Jgamylto2
+oVPFXkwGML+TLw6oeCIBuz2y2vtivphW4MJ3ifQjDj7k3n+DTIxfDFs8lB6VRhhY
+2nMHCrcZC6U2mhmXmr6O4s1fu6irBVx05ejPABEBAAG0IFNlcmdoZXkgUm9kaW4g
+PHNraWRAdmVzdGFjcC5jb20+iQE4BBMBAgAiBQJSSBmxAhsDBgsJCAcDAgYVCAIJ
+CgsEFgIDAQIeAQIXgAAKCRBCxbITCh93FPdqB/93GjV9g+wBfeZYLHQK9MDU2wBb
+VloYOJJae6IvYKYQVAJayD3PbHdpxrF8s9e23vdnmb9jKu6jX6oV54EIyqP2HPiN
+QYc8wcea+eSHerznBixCtoQh8mtdWGFeN71zU/ig7L5qlOVF/EmxDVZTFUeivFxh
+IV6qyBnktQKktE45585yKZyyLtfGoXA54DGK69OtJFh+wdkKEMmUXocMl7wUrxW6
+Cx2CuKeEXEgvwu8mRHQi3S3T9XP456qWEn5dWyMVcP660IzEuZfSJApZusNK7zG3
+WMy0/EuX7xHNY3mcNxTOUN1LsO7iHnhHD9+iKWJo9parGkMZzc92MpjDK/g7uQEN
+BFJIGbEBCAC7k5QEA9WQM7E3ceNaeLMrA9lXfuzaNCcySq7ONdVAa5PxzbSKdHvz
+QFoL1VFqBTYQ038lbil1XqnoM0zvIfAI3LcpS8sq92El/vPxp6jZh2Ari9Uw7x95
+k2cZMgI67g+zQMGdjVRA155nFQRCgg000xU4F7JA6+WsuLlVUmccsDv7YWJExMtC
+YPxiuz5DFu8RALnw4Ckts+dbwsrcvUHhkm9b6RAsdCKjjRpUZjLgdltjH83gUVvt
+i1YmdjjsVpt95dtsaG+ad852g/Rk8EdxNMkjPF6HLA67CLADP9wYaj80yPcPtylS
+ycvPtcclVeHkFBRVM8xZpQd4iD19MWI1ABEBAAGJAR8EGAECAAkFAlJIGbECGwwA
+CgkQQsWyEwofdxQ7tQgAhB0FwTs7L8Qr63DHC2yAnXVxgtTAY1/36CccNXVculyR
++EkLcwahms9AKhz7eQb+Mud+5vH0GRohLp2npgO38CjVUfIP5d+Y6dsthmrkF6p8
+XdV1dVK9vWX+i/YZSw/Mded30Cq4P2Yhq9EaemMT0rtli8lz2NnkZ9dFJZk1lzJC
+CZmRpbjSNWqRU4f7qyh21lYk/OC/0XE8fh8CaO23TZ+6gBionoCztwb7NyC9OArN
+qYlNnbmh9iNqdblykPS3bkjf34n2xyMgnIehNrM89tk8PY4UfNPhgT1TMD9W3Svq
+ynNZvLuF/FIDwDeC1qcfjGbfDn9fXO/lMIIRooQYKQ==
+=J2HJ
+-----END PGP PUBLIC KEY BLOCK-----
diff --git a/install/ubuntu/18.10/dovecot/conf.d/10-auth.conf b/install/ubuntu/18.10/dovecot/conf.d/10-auth.conf
new file mode 100644
index 00000000..dfcc8311
--- /dev/null
+++ b/install/ubuntu/18.10/dovecot/conf.d/10-auth.conf
@@ -0,0 +1,4 @@
+disable_plaintext_auth = no
+auth_verbose = yes
+auth_mechanisms = plain login
+!include auth-passwdfile.conf.ext
diff --git a/install/ubuntu/18.10/dovecot/conf.d/10-logging.conf b/install/ubuntu/18.10/dovecot/conf.d/10-logging.conf
new file mode 100644
index 00000000..a5f207d5
--- /dev/null
+++ b/install/ubuntu/18.10/dovecot/conf.d/10-logging.conf
@@ -0,0 +1 @@
+log_path = /var/log/dovecot.log
diff --git a/install/ubuntu/18.10/dovecot/conf.d/10-mail.conf b/install/ubuntu/18.10/dovecot/conf.d/10-mail.conf
new file mode 100644
index 00000000..7a20878a
--- /dev/null
+++ b/install/ubuntu/18.10/dovecot/conf.d/10-mail.conf
@@ -0,0 +1,9 @@
+mail_privileged_group = mail
+mail_access_groups = mail
+mail_location = maildir:%h/mail/%d/%n
+pop3_uidl_format = %08Xu%08Xv
+namespace inbox {
+  inbox = yes
+}
+first_valid_uid = 1000
+mbox_write_locks = fcntl
diff --git a/install/ubuntu/18.10/dovecot/conf.d/10-master.conf b/install/ubuntu/18.10/dovecot/conf.d/10-master.conf
new file mode 100644
index 00000000..a75a9aaa
--- /dev/null
+++ b/install/ubuntu/18.10/dovecot/conf.d/10-master.conf
@@ -0,0 +1,29 @@
+service imap-login {
+  inet_listener imap {
+  }
+  inet_listener imaps {
+  }
+}
+
+service pop3-login {
+  inet_listener pop3 {
+  }
+  inet_listener pop3s {
+  }
+}
+
+
+service imap {
+}
+
+service pop3 {
+}
+
+service auth {
+  unix_listener auth-client {
+    group = mail
+    mode = 0660
+    user = dovecot
+  }
+  user = dovecot
+}
diff --git a/install/ubuntu/18.10/dovecot/conf.d/10-ssl.conf b/install/ubuntu/18.10/dovecot/conf.d/10-ssl.conf
new file mode 100644
index 00000000..24cbf3e2
--- /dev/null
+++ b/install/ubuntu/18.10/dovecot/conf.d/10-ssl.conf
@@ -0,0 +1,5 @@
+ssl = yes
+ssl_protocols = !SSLv2 !SSLv3
+
+ssl_cert = = 2.1.4)    : %v.%u
+  #  Dovecot v0.99.x     : %v.%u
+  #  tpop3d              : %Mf
+  #
+  # Note that Outlook 2003 seems to have problems with %v.%u format which was
+  # Dovecot's default, so if you're building a new server it would be a good
+  # idea to change this. %08Xu%08Xv should be pretty fail-safe.
+  #
+  #pop3_uidl_format = %08Xu%08Xv
+
+  # Permanently save UIDLs sent to POP3 clients, so pop3_uidl_format changes
+  # won't change those UIDLs. Currently this works only with Maildir.
+  #pop3_save_uidl = no
+
+  # What to do about duplicate UIDLs if they exist?
+  #   allow: Show duplicates to clients.
+  #   rename: Append a temporary -2, -3, etc. counter after the UIDL.
+  #pop3_uidl_duplicates = allow
+
+  # POP3 logout format string:
+  #  %i - total number of bytes read from client
+  #  %o - total number of bytes sent to client
+  #  %t - number of TOP commands
+  #  %p - number of bytes sent to client as a result of TOP command
+  #  %r - number of RETR commands
+  #  %b - number of bytes sent to client as a result of RETR command
+  #  %d - number of deleted messages
+  #  %m - number of messages (before deletion)
+  #  %s - mailbox size in bytes (before deletion)
+  #  %u - old/new UIDL hash. may help finding out if UIDLs changed unexpectedly
+  #pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s
+
+  # Maximum number of POP3 connections allowed for a user from each IP address.
+  # NOTE: The username is compared case-sensitively.
+  #mail_max_userip_connections = 10
+
+  # Space separated list of plugins to load (default is global mail_plugins).
+  #mail_plugins = $mail_plugins
+
+  # Workarounds for various client bugs:
+  #   outlook-no-nuls:
+  #     Outlook and Outlook Express hang if mails contain NUL characters.
+  #     This setting replaces them with 0x80 character.
+  #   oe-ns-eoh:
+  #     Outlook Express and Netscape Mail breaks if end of headers-line is
+  #     missing. This option simply sends it if it's missing.
+  # The list is space-separated.
+  #pop3_client_workarounds = 
+}
diff --git a/install/ubuntu/18.10/dovecot/conf.d/auth-passwdfile.conf.ext b/install/ubuntu/18.10/dovecot/conf.d/auth-passwdfile.conf.ext
new file mode 100644
index 00000000..75e6e115
--- /dev/null
+++ b/install/ubuntu/18.10/dovecot/conf.d/auth-passwdfile.conf.ext
@@ -0,0 +1,9 @@
+passdb {
+  driver = passwd-file
+  args = scheme=MD5-CRYPT username_format=%n /etc/exim4/domains/%d/passwd
+}
+
+userdb {
+  driver = passwd-file
+  args = username_format=%n /etc/exim4/domains/%d/passwd
+}
diff --git a/install/ubuntu/18.10/dovecot/dovecot.conf b/install/ubuntu/18.10/dovecot/dovecot.conf
new file mode 100644
index 00000000..0a855351
--- /dev/null
+++ b/install/ubuntu/18.10/dovecot/dovecot.conf
@@ -0,0 +1,4 @@
+protocols = imap pop3
+listen = *, ::
+base_dir = /var/run/dovecot/
+!include conf.d/*.conf
diff --git a/install/ubuntu/18.10/exim/dnsbl.conf b/install/ubuntu/18.10/exim/dnsbl.conf
new file mode 100644
index 00000000..5166b255
--- /dev/null
+++ b/install/ubuntu/18.10/exim/dnsbl.conf
@@ -0,0 +1,2 @@
+bl.spamcop.net
+zen.spamhaus.org
diff --git a/install/ubuntu/18.10/exim/exim4.conf.template b/install/ubuntu/18.10/exim/exim4.conf.template
new file mode 100644
index 00000000..c904441f
--- /dev/null
+++ b/install/ubuntu/18.10/exim/exim4.conf.template
@@ -0,0 +1,382 @@
+######################################################################
+#                                                                    #
+#          Exim configuration file for Vesta Control Panel           #
+#                                                                    #
+######################################################################
+
+#SPAMASSASSIN = yes
+#SPAM_SCORE = 50
+#CLAMD = yes
+
+add_environment = <; PATH=/bin:/usr/bin
+keep_environment =
+disable_ipv6 = true
+
+domainlist local_domains = dsearch;/etc/exim4/domains/
+domainlist relay_to_domains = dsearch;/etc/exim4/domains/
+hostlist relay_from_hosts = 127.0.0.1
+hostlist whitelist = net-iplsearch;/etc/exim4/white-blocks.conf
+hostlist spammers = net-iplsearch;/etc/exim4/spam-blocks.conf
+no_local_from_check
+untrusted_set_sender = *
+acl_smtp_connect = acl_check_spammers
+acl_smtp_mail = acl_check_mail
+acl_smtp_rcpt = acl_check_rcpt
+acl_smtp_data = acl_check_data
+acl_smtp_mime = acl_check_mime
+
+.ifdef SPAMASSASSIN
+spamd_address = 127.0.0.1 783
+.endif
+
+.ifdef CLAMD
+av_scanner = clamd: /var/run/clamav/clamd.ctl
+.endif
+
+tls_advertise_hosts = *
+tls_certificate = /usr/local/vesta/ssl/certificate.crt
+tls_privatekey = /usr/local/vesta/ssl/certificate.key
+
+daemon_smtp_ports = 25 : 465 : 587 : 2525
+tls_on_connect_ports = 465
+never_users = root
+host_lookup = *
+rfc1413_hosts = *
+rfc1413_query_timeout = 5s
+ignore_bounce_errors_after = 2d
+timeout_frozen_after = 7d
+
+DKIM_DOMAIN = ${lc:${domain:$h_from:}}
+DKIM_FILE = /etc/exim4/domains/${lc:${domain:$h_from:}}/dkim.pem
+DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}
+
+
+
+######################################################################
+#                       ACL CONFIGURATION                            #
+#         Specifies access control lists for incoming SMTP mail      #
+######################################################################
+begin acl
+
+acl_check_spammers:
+  accept  hosts         = +whitelist
+
+  drop    message       = Your host in blacklist on this server.
+          log_message   = Host in blacklist
+          hosts         = +spammers
+
+  accept
+
+
+acl_check_mail:
+  deny    condition     = ${if eq{$sender_helo_name}{}}
+          message       = HELO required before MAIL
+
+  drop    message       = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid
+          condition     = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}}
+          condition     = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}}
+          delay         = 45s
+
+  drop    condition     = ${if isip{$sender_helo_name}}
+          message       = Access denied - Invalid HELO name (See RFC2821 4.1.3)
+
+  drop    condition     = ${if eq{[$interface_address]}{$sender_helo_name}}
+          message       = $interface_address is _my_ address
+
+  accept
+
+
+acl_check_rcpt:
+  accept  hosts         = :
+
+  deny    message       = Restricted characters in address
+          domains       = +local_domains
+          local_parts   = ^[.] : ^.*[@%!/|]
+
+  deny    message       = Restricted characters in address
+          domains       = !+local_domains
+          local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
+
+  require verify        = sender
+
+  accept  hosts         = +relay_from_hosts
+          control       = submission
+
+  accept  authenticated = *
+          control       = submission/domain=
+
+  deny    message       = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
+          hosts         = !+whitelist
+          dnslists      = ${readfile {/etc/exim4/dnsbl.conf}{:}}
+
+  require message       = relay not permitted
+          domains       = +local_domains : +relay_to_domains
+
+  deny    message       = smtp auth required
+         sender_domains = +local_domains
+         !authenticated = *
+
+  require verify        = recipient
+
+.ifdef CLAMD
+  warn    set acl_m0    = no
+
+  warn    condition     = ${if exists {/etc/exim4/domains/$domain/antivirus}{yes}{no}}
+          set acl_m0    = yes
+.endif
+
+.ifdef SPAMASSASSIN
+  warn    set acl_m1    = no
+
+  warn    condition     = ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}}
+          set acl_m1    = yes
+.endif
+
+  accept
+
+
+acl_check_data:
+.ifdef CLAMD
+  deny   message        = Message contains a virus ($malware_name) and has been rejected
+         malware        = *
+         condition      = ${if eq{$acl_m0}{yes}{yes}{no}}
+.endif
+
+.ifdef SPAMASSASSIN
+  warn   !authenticated = *
+         hosts          = !+relay_from_hosts
+         condition      = ${if < {$message_size}{1024K}}
+         condition      = ${if eq{$acl_m1}{yes}{yes}{no}}
+         spam           = debian-spamd:true/defer_ok
+         add_header     = X-Spam-Score: $spam_score_int
+         add_header     = X-Spam-Bar: $spam_bar
+         add_header     = X-Spam-Report: $spam_report
+         set acl_m2     = $spam_score_int
+
+  warn   condition      = ${if !eq{$acl_m2}{} {yes}{no}}
+         condition      = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}}
+         add_header     = X-Spam-Status: Yes
+         message        = SpamAssassin detected spam (from $sender_address to $recipients).
+.endif
+
+  accept
+
+
+acl_check_mime:
+  deny   message        = Blacklisted file extension detected
+         condition      = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}}
+
+  accept
+
+
+
+######################################################################
+#                   AUTHENTICATION CONFIGURATION                     #
+######################################################################
+begin authenticators
+
+dovecot_plain:
+  driver = dovecot
+  public_name = PLAIN
+  server_socket = /var/run/dovecot/auth-client
+  server_set_id = $auth1
+
+dovecot_login:
+  driver = dovecot
+  public_name = LOGIN
+  server_socket = /var/run/dovecot/auth-client
+  server_set_id = $auth1
+
+
+
+######################################################################
+#                      ROUTERS CONFIGURATION                         #
+#               Specifies how addresses are handled                  #
+######################################################################
+begin routers
+
+#smarthost:
+#  driver = manualroute
+#  domains = ! +local_domains
+#  transport = remote_smtp
+#  route_list = * smartrelay.vestacp.com
+#  no_more
+#  no_verify
+
+dnslookup:
+  driver = dnslookup
+  domains = !+local_domains
+  transport = remote_smtp
+  no_more
+
+userforward:
+  driver = redirect
+  check_local_user
+  file = $home/.forward
+  allow_filter
+  no_verify
+  no_expn
+  check_ancestor
+  file_transport = address_file
+  pipe_transport = address_pipe
+  reply_transport = address_reply
+
+procmail:
+  driver = accept
+  check_local_user
+  require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail
+  transport = procmail
+  no_verify
+
+autoreplay:
+  driver = accept
+  require_files = /etc/exim4/domains/$domain/autoreply.${local_part}.msg
+  condition = ${if exists{/etc/exim4/domains/$domain/autoreply.${local_part}.msg}{yes}{no}}
+  retry_use_local_part
+  transport = userautoreply
+  unseen
+
+aliases:
+  driver = redirect
+  headers_add = X-redirected: yes
+  data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}}
+  require_files = /etc/exim4/domains/$domain/aliases
+  redirect_router = dnslookup
+  pipe_transport = address_pipe
+  unseen
+
+localuser_fwd_only:
+  driver = accept
+  transport = devnull
+  condition = ${if exists{/etc/exim4/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/fwd_only}{true}{false}}}}
+
+localuser_spam:
+  driver = accept
+  transport = local_spam_delivery
+  condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{yes}{no_such_user}}}}
+
+localuser:
+  driver = accept
+  transport = local_delivery
+  condition = ${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{true}{false}}
+
+catchall:
+  driver = redirect
+  headers_add = X-redirected: yes
+  require_files = /etc/exim4/domains/$domain/aliases
+  data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}}
+  file_transport = local_delivery
+  redirect_router = dnslookup
+
+terminate_alias:
+  driver = accept
+  transport = devnull
+  condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}{true}{false}}
+
+
+
+######################################################################
+#                      TRANSPORTS CONFIGURATION                      #
+######################################################################
+begin transports
+
+remote_smtp:
+  driver = smtp
+  #helo_data = $sender_address_domain
+  dkim_domain = DKIM_DOMAIN
+  dkim_selector = mail
+  dkim_private_key = DKIM_PRIVATE_KEY
+  dkim_canon = relaxed
+  dkim_strict = 0
+
+procmail:
+  driver = pipe
+  command = "/usr/bin/procmail -d $local_part"
+  return_path_add
+  delivery_date_add
+  envelope_to_add
+  user = $local_part
+  initgroups
+  return_output
+
+local_delivery:
+  driver = appendfile
+  maildir_format
+  maildir_use_size_file
+  user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}
+  group = mail
+  create_directory
+  directory_mode = 770
+  mode = 660
+  use_lockfile = no
+  delivery_date_add
+  envelope_to_add
+  return_path_add
+  directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part"
+  quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M
+  quota_warn_threshold = 75%
+
+local_spam_delivery:
+  driver = appendfile
+  maildir_format
+  maildir_use_size_file
+  user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}
+  group = mail
+  create_directory
+  directory_mode = 770
+  mode = 660
+  use_lockfile = no
+  delivery_date_add
+  envelope_to_add
+  return_path_add
+  directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam"
+  quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M
+  quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part"
+  quota_warn_threshold = 75%
+
+address_pipe:
+  driver = pipe
+  return_output
+
+address_file:
+  driver = appendfile
+  delivery_date_add
+  envelope_to_add
+  return_path_add
+
+address_reply:
+  driver = autoreply
+
+userautoreply:
+  driver = autoreply
+  file = /etc/exim4/domains/$domain/autoreply.${local_part}.msg
+  from = "${local_part}@${domain}"
+  headers = Content-Type: text/plain; charset=utf-8;\nContent-Transfer-Encoding: 8bit
+  subject = "${if def:h_Subject: {Autoreply: \"${rfc2047:$h_Subject:}\"} {Autoreply Message}}"
+  to = "${sender_address}"
+
+devnull:
+  driver = appendfile
+  file = /dev/null
+
+
+
+######################################################################
+#                      RETRY CONFIGURATION                           #
+######################################################################
+begin retry
+
+# Address or Domain    Error       Retries
+# -----------------    -----       -------
+*                      *           F,2h,15m; G,16h,1h,1.5; F,4d,6h
+
+
+
+######################################################################
+#                      REWRITE CONFIGURATION                         #
+######################################################################
+begin rewrite
+
+
+
+######################################################################
diff --git a/install/ubuntu/18.10/exim/spam-blocks.conf b/install/ubuntu/18.10/exim/spam-blocks.conf
new file mode 100644
index 00000000..e69de29b
diff --git a/install/ubuntu/18.10/fail2ban/action.d/vesta.conf b/install/ubuntu/18.10/fail2ban/action.d/vesta.conf
new file mode 100644
index 00000000..0edfc349
--- /dev/null
+++ b/install/ubuntu/18.10/fail2ban/action.d/vesta.conf
@@ -0,0 +1,9 @@
+# Fail2Ban configuration file for vesta
+
+[Definition]
+
+actionstart = /usr/local/vesta/bin/v-add-firewall-chain 
+actionstop = /usr/local/vesta/bin/v-delete-firewall-chain 
+actioncheck = iptables -n -L INPUT | grep -q 'fail2ban-[ \t]'
+actionban = /usr/local/vesta/bin/v-add-firewall-ban  
+actionunban = /usr/local/vesta/bin/v-delete-firewall-ban  
diff --git a/install/ubuntu/18.10/fail2ban/filter.d/vesta.conf b/install/ubuntu/18.10/fail2ban/filter.d/vesta.conf
new file mode 100644
index 00000000..69670a56
--- /dev/null
+++ b/install/ubuntu/18.10/fail2ban/filter.d/vesta.conf
@@ -0,0 +1,10 @@
+# Fail2Ban filter for unsuccesfull Vesta authentication attempts
+#
+
+[INCLUDES]
+before = common.conf
+
+[Definition]
+failregex =  .*  failed to login
+ignoreregex =
+
diff --git a/install/ubuntu/18.10/fail2ban/jail.local b/install/ubuntu/18.10/fail2ban/jail.local
new file mode 100644
index 00000000..013f81c4
--- /dev/null
+++ b/install/ubuntu/18.10/fail2ban/jail.local
@@ -0,0 +1,51 @@
+[DEFAULT]
+ignoreip = 127.0.0.1/8
+
+[ssh-iptables]
+enabled  = true
+filter   = sshd
+action   = vesta[name=SSH]
+logpath  = /var/log/auth.log
+maxretry = 5
+
+[vsftpd-iptables]
+enabled  = false
+filter   = vsftpd
+action   = vesta[name=FTP]
+logpath  = /var/log/vsftpd.log
+maxretry = 5
+
+[exim-iptables]
+enabled = true
+filter  = exim
+action  = vesta[name=MAIL]
+logpath = /var/log/exim4/mainlog
+maxretry = 5
+
+[dovecot-iptables]
+enabled = true
+filter  = dovecot
+action  = vesta[name=MAIL]
+logpath = /var/log/dovecot.log
+maxretry = 5
+
+[mysqld-iptables]
+enabled  = false
+filter   = mysqld-auth
+action   = vesta[name=DB]
+logpath  = /var/log/mysql.log
+maxretry = 5
+
+[vesta-iptables]
+enabled = true
+filter  = vesta
+action  = vesta[name=VESTA]
+logpath = /var/log/vesta/auth.log
+maxretry = 5
+
+[roundcube-auth]
+enabled  = false
+filter   = roundcube-auth
+port     = http,https
+logpath  = /var/log/roundcube/errors
+maxretry = 5
diff --git a/install/ubuntu/18.10/firewall/ports.conf b/install/ubuntu/18.10/firewall/ports.conf
new file mode 100644
index 00000000..b730d012
--- /dev/null
+++ b/install/ubuntu/18.10/firewall/ports.conf
@@ -0,0 +1,17 @@
+PROTOCOL='TCP' PORT='20'
+PROTOCOL='TCP' PORT='21'
+PROTOCOL='TCP' PORT='22'
+PROTOCOL='TCP' PORT='25'
+PROTOCOL='TCP' PORT='53'
+PROTOCOL='UDP' PORT='53'
+PROTOCOL='TCP' PORT='80'
+PROTOCOL='TCP' PORT='443'
+PROTOCOL='TCP' PORT='110'
+PROTOCOL='UDP' PORT='123'
+PROTOCOL='TCP' PORT='143'
+PROTOCOL='TCP' PORT='3306'
+PROTOCOL='TCP' PORT='5432'
+PROTOCOL='TCP' PORT='8080'
+PROTOCOL='TCP' PORT='8433'
+PROTOCOL='TCP' PORT='8083'
+PROTOCOL='TCP' PORT='12000:12100'
diff --git a/install/ubuntu/18.10/firewall/rules.conf b/install/ubuntu/18.10/firewall/rules.conf
new file mode 100644
index 00000000..fba98e1e
--- /dev/null
+++ b/install/ubuntu/18.10/firewall/rules.conf
@@ -0,0 +1,11 @@
+RULE='1' ACTION='ACCEPT' PROTOCOL='ICMP' PORT='0' IP='0.0.0.0/0' COMMENT='PING' SUSPENDED='no' TIME='17:13:48' DATE='2014-09-16'
+RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='0.0.0.0/0' COMMENT='VESTA' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='7' ACTION='ACCEPT' PROTOCOL='TCP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='8' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP='0.0.0.0/0' COMMENT='FTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='17:04:27' DATE='2014-09-24'
+RULE='11' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='0.0.0.0/0' COMMENT='SSH' SUSPENDED='no' TIME='17:14:41' DATE='2014-09-16'
diff --git a/install/ubuntu/18.10/logrotate/apache2 b/install/ubuntu/18.10/logrotate/apache2
new file mode 100644
index 00000000..27629d0d
--- /dev/null
+++ b/install/ubuntu/18.10/logrotate/apache2
@@ -0,0 +1,19 @@
+/var/log/apache2/*.log /var/log/apache2/domains/*log {
+        weekly
+        missingok
+        rotate 52
+        compress
+        delaycompress
+        notifempty
+        create 640 root adm
+        sharedscripts
+        postrotate
+                /etc/init.d/apache2 reload > /dev/null || true
+                [ ! -f /var/run/nginx.pid ] || kill -USR1 `cat /var/run/nginx.pid`
+        endscript
+        prerotate
+                if [ -d /etc/logrotate.d/httpd-prerotate ]; then \
+                        run-parts /etc/logrotate.d/httpd-prerotate; \
+                fi; \
+        endscript
+}
diff --git a/install/ubuntu/18.10/logrotate/dovecot b/install/ubuntu/18.10/logrotate/dovecot
new file mode 100644
index 00000000..ac4fd6e9
--- /dev/null
+++ b/install/ubuntu/18.10/logrotate/dovecot
@@ -0,0 +1,12 @@
+/var/log/dovecot*.log {
+  weekly
+  rotate 4
+  missingok
+  notifempty
+  compress
+  delaycompress
+  sharedscripts
+  postrotate
+    doveadm log reopen
+  endscript
+}
diff --git a/install/ubuntu/18.10/logrotate/nginx b/install/ubuntu/18.10/logrotate/nginx
new file mode 100644
index 00000000..d667f213
--- /dev/null
+++ b/install/ubuntu/18.10/logrotate/nginx
@@ -0,0 +1,13 @@
+/var/log/nginx/*log /var/log/nginx/domains/*log {
+        daily
+        missingok
+        rotate 52
+        compress
+        delaycompress
+        notifempty
+        create 640 nginx adm
+        sharedscripts
+        postrotate
+                [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid`
+        endscript
+}
diff --git a/install/ubuntu/18.10/logrotate/vesta b/install/ubuntu/18.10/logrotate/vesta
new file mode 100644
index 00000000..027a3439
--- /dev/null
+++ b/install/ubuntu/18.10/logrotate/vesta
@@ -0,0 +1,7 @@
+/usr/local/vesta/log/*.log {
+    missingok
+    notifempty
+    size 30k
+    yearly
+    create 0600 root root
+}
diff --git a/install/ubuntu/18.10/mysql/my-large.cnf b/install/ubuntu/18.10/mysql/my-large.cnf
new file mode 100644
index 00000000..7201377c
--- /dev/null
+++ b/install/ubuntu/18.10/mysql/my-large.cnf
@@ -0,0 +1,41 @@
+[client]
+port=3306
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld_safe]
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld]
+user=mysql
+pid-file=/var/run/mysqld/mysqld.pid
+socket=/var/run/mysqld/mysqld.sock
+port=3306
+basedir=/usr
+datadir=/var/lib/mysql
+tmpdir=/tmp
+lc-messages-dir=/usr/share/mysql
+log_error=/var/log/mysql/error.log
+
+symbolic-links=0
+
+skip-external-locking
+key_buffer_size = 256M
+max_allowed_packet = 32M
+table_open_cache = 256
+sort_buffer_size = 1M
+read_buffer_size = 1M
+read_rnd_buffer_size = 4M
+myisam_sort_buffer_size = 64M
+thread_cache_size = 8
+query_cache_size= 16M
+
+#innodb_use_native_aio = 0
+innodb_file_per_table
+
+max_connections=200
+max_user_connections=50
+wait_timeout=10
+interactive_timeout=50
+long_query_time=5
+
+!includedir /etc/mysql/conf.d/
diff --git a/install/ubuntu/18.10/mysql/my-medium.cnf b/install/ubuntu/18.10/mysql/my-medium.cnf
new file mode 100644
index 00000000..1c10ab9a
--- /dev/null
+++ b/install/ubuntu/18.10/mysql/my-medium.cnf
@@ -0,0 +1,40 @@
+[client]
+port=3306
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld_safe]
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld]
+user=mysql
+pid-file=/var/run/mysqld/mysqld.pid
+socket=/var/run/mysqld/mysqld.sock
+port=3306
+basedir=/usr
+datadir=/var/lib/mysql
+tmpdir=/tmp
+lc-messages-dir=/usr/share/mysql
+log_error=/var/log/mysql/error.log
+
+symbolic-links=0
+  
+skip-external-locking
+key_buffer_size = 16M
+max_allowed_packet = 16M
+table_open_cache = 64
+sort_buffer_size = 512K
+net_buffer_length = 8K
+read_buffer_size = 256K
+read_rnd_buffer_size = 512K
+myisam_sort_buffer_size = 8M
+
+#innodb_use_native_aio = 0
+innodb_file_per_table
+
+max_connections=70
+max_user_connections=30
+wait_timeout=10
+interactive_timeout=50
+long_query_time=5
+
+!includedir /etc/mysql/conf.d/
diff --git a/install/ubuntu/18.10/mysql/my-small.cnf b/install/ubuntu/18.10/mysql/my-small.cnf
new file mode 100644
index 00000000..26a80478
--- /dev/null
+++ b/install/ubuntu/18.10/mysql/my-small.cnf
@@ -0,0 +1,40 @@
+[client]
+port=3306
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld_safe]
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld]
+user=mysql
+pid-file=/var/run/mysqld/mysqld.pid
+socket=/var/run/mysqld/mysqld.sock
+port=3306
+basedir=/usr
+datadir=/var/lib/mysql
+tmpdir=/tmp
+lc-messages-dir=/usr/share/mysql
+log_error=/var/log/mysql/error.log
+
+symbolic-links=0
+
+skip-external-locking
+key_buffer_size = 16K
+max_allowed_packet = 1M
+table_open_cache = 4
+sort_buffer_size = 64K
+read_buffer_size = 256K
+read_rnd_buffer_size = 256K
+net_buffer_length = 2K
+thread_stack = 240K
+
+#innodb_use_native_aio = 0
+innodb_file_per_table
+
+max_connections=30
+max_user_connections=20
+wait_timeout=10
+interactive_timeout=50
+long_query_time=5
+
+!includedir /etc/mysql/conf.d/
diff --git a/install/ubuntu/18.10/nginx/nginx.conf b/install/ubuntu/18.10/nginx/nginx.conf
new file mode 100644
index 00000000..dc2cf1dd
--- /dev/null
+++ b/install/ubuntu/18.10/nginx/nginx.conf
@@ -0,0 +1,139 @@
+# Server globals
+user                    www-data;
+worker_processes        auto;
+worker_rlimit_nofile    65535;
+error_log               /var/log/nginx/error.log;
+pid                     /var/run/nginx.pid;
+
+
+# Worker config
+events {
+        worker_connections  1024;
+        use                 epoll;
+        multi_accept        on;
+}
+
+
+http {
+    # Main settings
+    sendfile                        on;
+    tcp_nopush                      on;
+    tcp_nodelay                     on;
+    client_header_timeout           60s;
+    client_body_timeout             60s;
+    client_header_buffer_size       2k;
+    client_body_buffer_size         256k;
+    client_max_body_size            256m;
+    large_client_header_buffers     4 8k;
+    send_timeout                    60s;
+    keepalive_timeout               30s;
+    reset_timedout_connection       on;
+    server_tokens                   off;
+    server_name_in_redirect         off;
+    server_names_hash_max_size      512;
+    server_names_hash_bucket_size   512;
+
+
+    # Log format
+    log_format  main    '$remote_addr - $remote_user [$time_local] $request '
+                        '"$status" $body_bytes_sent "$http_referer" '
+                        '"$http_user_agent" "$http_x_forwarded_for"';
+    log_format  bytes   '$body_bytes_sent';
+    #access_log          /var/log/nginx/access.log main;
+    access_log off;
+
+
+    # Mime settings
+    include             /etc/nginx/mime.types;
+    default_type        application/octet-stream;
+
+
+    # Compression
+    gzip                on;
+    gzip_vary           on;
+    gzip_static         on;
+    gzip_vary           on;
+    gzip_comp_level     6;
+    gzip_min_length     1024;
+    gzip_buffers        16 8k;
+    gzip_types          text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype;
+    gzip_proxied        any;
+    gzip_disable        "MSIE [1-6]\.";
+
+    # Proxy settings
+    proxy_redirect      off;
+    proxy_set_header    Host            $host;
+    proxy_set_header    X-Real-IP       $remote_addr;
+    proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_pass_header   Set-Cookie;
+    proxy_buffers       32 4k;
+    proxy_connect_timeout   30s;
+    proxy_send_timeout  90s;
+    proxy_read_timeout  90s;
+
+        
+    # Cloudflare https://www.cloudflare.com/ips
+    set_real_ip_from   103.21.244.0/22;
+    set_real_ip_from   103.22.200.0/22;
+    set_real_ip_from   103.31.4.0/22;
+    set_real_ip_from   104.16.0.0/12;
+    set_real_ip_from   108.162.192.0/18;
+    set_real_ip_from   131.0.72.0/22;
+    set_real_ip_from   141.101.64.0/18;
+    set_real_ip_from   162.158.0.0/15;
+    set_real_ip_from   172.64.0.0/13;
+    set_real_ip_from   173.245.48.0/20;
+    set_real_ip_from   188.114.96.0/20;
+    set_real_ip_from   190.93.240.0/20;
+    set_real_ip_from   197.234.240.0/22;
+    set_real_ip_from   198.41.128.0/17;
+    #set_real_ip_from   2400:cb00::/32;
+    #set_real_ip_from   2606:4700::/32;
+    #set_real_ip_from   2803:f800::/32;
+    #set_real_ip_from   2405:b500::/32;
+    #set_real_ip_from   2405:8100::/32;
+    #set_real_ip_from   2c0f:f248::/32;
+    #set_real_ip_from   2a06:98c0::/29;
+    real_ip_header     CF-Connecting-IP;
+
+
+    # SSL PCI Compliance
+    ssl_session_cache   shared:SSL:10m;
+    ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
+    ssl_prefer_server_ciphers on;
+    ssl_ciphers        "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
+
+
+    # Error pages
+    error_page          403          /error/403.html;
+    error_page          404          /error/404.html;
+    error_page          502 503 504  /error/50x.html;
+
+
+    # Cache settings
+    proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m;
+    proxy_cache_key "$host$request_uri $cookie_user";
+    proxy_temp_path  /var/cache/nginx/temp;
+    proxy_ignore_headers Expires Cache-Control;
+    proxy_cache_use_stale error timeout invalid_header http_502;
+    proxy_cache_valid any 1d;
+
+
+    # Cache bypass
+    map $http_cookie $no_cache {
+        default 0;
+        ~SESS 1;
+        ~wordpress_logged_in 1;
+    }
+
+
+    # File cache settings
+    open_file_cache          max=10000 inactive=30s;
+    open_file_cache_valid    60s;
+    open_file_cache_min_uses 2;
+    open_file_cache_errors   off;
+
+
+    # Wildcard include
+    include             /etc/nginx/conf.d/*.conf;
+}
diff --git a/install/ubuntu/18.10/nginx/phpmyadmin.inc b/install/ubuntu/18.10/nginx/phpmyadmin.inc
new file mode 100644
index 00000000..1feb8546
--- /dev/null
+++ b/install/ubuntu/18.10/nginx/phpmyadmin.inc
@@ -0,0 +1,18 @@
+location /phpmyadmin {
+    alias /usr/share/phpmyadmin/;
+
+    location ~ /(libraries|setup) {
+        return 404;
+    }
+
+    location ~ ^/phpmyadmin/(.*\.php)$ {
+        alias /usr/share/phpmyadmin/$1;
+        fastcgi_pass 127.0.0.1:9000;
+        fastcgi_index index.php;
+        include fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME $request_filename;
+    }
+    location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
+        root /usr/share/;
+    }
+}
diff --git a/install/ubuntu/18.10/nginx/phppgadmin.inc b/install/ubuntu/18.10/nginx/phppgadmin.inc
new file mode 100644
index 00000000..cd1e5806
--- /dev/null
+++ b/install/ubuntu/18.10/nginx/phppgadmin.inc
@@ -0,0 +1,11 @@
+location /phppgadmin {
+    alias /usr/share/phppgadmin/;
+
+    location ~ ^/phppgadmin/(.*\.php)$ {
+        alias /usr/share/phppgadmin/$1;
+        fastcgi_pass 127.0.0.1:9000;
+        fastcgi_index index.php;
+        include fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME $request_filename;
+    }
+}
diff --git a/install/ubuntu/18.10/nginx/status.conf b/install/ubuntu/18.10/nginx/status.conf
new file mode 100644
index 00000000..c0bcd069
--- /dev/null
+++ b/install/ubuntu/18.10/nginx/status.conf
@@ -0,0 +1,9 @@
+server {
+    listen       127.0.0.1:8084 default;
+    server_name  _;
+    server_name_in_redirect  off;
+    location / {
+        stub_status on;
+        access_log   off;
+   }
+}
diff --git a/install/ubuntu/18.10/nginx/webmail.inc b/install/ubuntu/18.10/nginx/webmail.inc
new file mode 100644
index 00000000..ad66895b
--- /dev/null
+++ b/install/ubuntu/18.10/nginx/webmail.inc
@@ -0,0 +1,15 @@
+location /webmail {
+    alias /var/lib/roundcube/;
+
+    location ~ /(config|temp|logs) {
+        return 404;
+    }
+
+    location ~ ^/webmail/(.*\.php)$ {
+        alias /var/lib/roundcube/$1;
+        fastcgi_pass 127.0.0.1:9000;
+        fastcgi_index index.php;
+        include fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME $request_filename;
+    }
+}
diff --git a/install/ubuntu/18.10/packages/default.pkg b/install/ubuntu/18.10/packages/default.pkg
new file mode 100644
index 00000000..c2a93574
--- /dev/null
+++ b/install/ubuntu/18.10/packages/default.pkg
@@ -0,0 +1,18 @@
+WEB_TEMPLATE='default'
+PROXY_TEMPLATE='default'
+DNS_TEMPLATE='default'
+WEB_DOMAINS='100'
+WEB_ALIASES='100'
+DNS_DOMAINS='100'
+DNS_RECORDS='100'
+MAIL_DOMAINS='100'
+MAIL_ACCOUNTS='100'
+DATABASES='100'
+CRON_JOBS='100'
+DISK_QUOTA='unlimited'
+BANDWIDTH='100000'
+NS='ns1.domain.tld,ns2.domain.tld'
+SHELL='nologin'
+BACKUPS='3'
+TIME='18:00:00'
+DATE='2017-12-28'
diff --git a/install/ubuntu/18.10/packages/gainsboro.pkg b/install/ubuntu/18.10/packages/gainsboro.pkg
new file mode 100644
index 00000000..76d7dae2
--- /dev/null
+++ b/install/ubuntu/18.10/packages/gainsboro.pkg
@@ -0,0 +1,18 @@
+WEB_TEMPLATE='default'
+PROXY_TEMPLATE='default'
+DNS_TEMPLATE='default'
+WEB_DOMAINS='10'
+WEB_ALIASES='10'
+DNS_DOMAINS='10'
+DNS_RECORDS='10'
+MAIL_DOMAINS='10'
+MAIL_ACCOUNTS='10'
+DATABASES='10'
+CRON_JOBS='10'
+DISK_QUOTA='10000'
+BANDWIDTH='10000'
+NS='ns1.domain.tld,ns2.domain.tld'
+SHELL='nologin'
+BACKUPS='1'
+TIME='18:00:00'
+DATE='2017-12-28'
diff --git a/install/ubuntu/18.10/packages/palegreen.pkg b/install/ubuntu/18.10/packages/palegreen.pkg
new file mode 100644
index 00000000..3db5fe57
--- /dev/null
+++ b/install/ubuntu/18.10/packages/palegreen.pkg
@@ -0,0 +1,18 @@
+WEB_TEMPLATE='hosting'
+PROXY_TEMPLATE='hosting'
+DNS_TEMPLATE='default'
+WEB_DOMAINS='50'
+WEB_ALIASES='50'
+DNS_DOMAINS='50'
+DNS_RECORDS='50'
+MAIL_DOMAINS='50'
+MAIL_ACCOUNTS='50'
+DATABASES='50'
+CRON_JOBS='50'
+DISK_QUOTA='50000'
+BANDWIDTH='50000'
+NS='ns1.domain.tld,ns2.domain.tld'
+SHELL='nologin'
+BACKUPS='5'
+TIME='18:00:00'
+DATE='2017-12-28'
diff --git a/install/ubuntu/18.10/packages/slategrey.pkg b/install/ubuntu/18.10/packages/slategrey.pkg
new file mode 100644
index 00000000..d89e796f
--- /dev/null
+++ b/install/ubuntu/18.10/packages/slategrey.pkg
@@ -0,0 +1,18 @@
+WEB_TEMPLATE='default'
+PROXY_TEMPLATE='default'
+DNS_TEMPLATE='default'
+WEB_DOMAINS='100'
+WEB_ALIASES='100'
+DNS_DOMAINS='100'
+DNS_RECORDS='100'
+MAIL_DOMAINS='100'
+MAIL_ACCOUNTS='100'
+DATABASES='100'
+CRON_JOBS='100'
+DISK_QUOTA='10000'
+BANDWIDTH='100000'
+NS='ns1.domain.tld,ns2.domain.tld'
+SHELL='nologin'
+BACKUPS='3'
+TIME='18:00:00'
+DATE='2017-12-28'
diff --git a/install/ubuntu/18.10/pga/config.inc.php b/install/ubuntu/18.10/pga/config.inc.php
new file mode 100644
index 00000000..1eec9776
--- /dev/null
+++ b/install/ubuntu/18.10/pga/config.inc.php
@@ -0,0 +1,159 @@
+
diff --git a/install/ubuntu/18.10/pga/phppgadmin.conf b/install/ubuntu/18.10/pga/phppgadmin.conf
new file mode 100644
index 00000000..f39247d6
--- /dev/null
+++ b/install/ubuntu/18.10/pga/phppgadmin.conf
@@ -0,0 +1,31 @@
+Alias /phppgadmin /usr/share/phppgadmin
+
+
+
+DirectoryIndex index.php
+AllowOverride None
+
+order deny,allow
+deny from all
+allow from 127.0.0.0/255.0.0.0 ::1/128
+allow from all
+
+
+  php_flag magic_quotes_gpc Off
+  php_flag track_vars On
+  php_value include_path .
+
+
+  
+    
+      AddType application/x-httpd-php .php
+      Action application/x-httpd-php /cgi-bin/php
+    
+    
+      AddType application/x-httpd-php .php
+      Action application/x-httpd-php /cgi-bin/php
+    
+  
+
+
+
diff --git a/install/ubuntu/18.10/php-fpm/www.conf b/install/ubuntu/18.10/php-fpm/www.conf
new file mode 100644
index 00000000..3c87f33c
--- /dev/null
+++ b/install/ubuntu/18.10/php-fpm/www.conf
@@ -0,0 +1,11 @@
+[www]
+listen = 127.0.0.1:9000
+listen.allowed_clients = 127.0.0.1
+
+user = www-data
+group = www-data
+
+pm = ondemand
+pm.max_children = 2
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
diff --git a/install/ubuntu/18.10/pma/apache.conf b/install/ubuntu/18.10/pma/apache.conf
new file mode 100644
index 00000000..4da6ce84
--- /dev/null
+++ b/install/ubuntu/18.10/pma/apache.conf
@@ -0,0 +1,42 @@
+# phpMyAdmin default Apache configuration
+
+Alias /phpmyadmin /usr/share/phpmyadmin
+
+
+	Options FollowSymLinks
+	DirectoryIndex index.php
+
+	
+		AddType application/x-httpd-php .php
+
+		php_flag magic_quotes_gpc Off
+		php_flag track_vars On
+		php_flag register_globals Off
+		php_admin_flag allow_url_fopen Off
+		php_value include_path .
+		php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
+		php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext:/usr/share/javascript/
+	
+
+
+
+# Authorize for setup
+
+    
+    AuthType Basic
+    AuthName "phpMyAdmin Setup"
+    AuthUserFile /etc/phpmyadmin/htpasswd.setup
+    
+    Require valid-user
+
+
+# Disallow web access to directories that don't need it
+
+    Order Deny,Allow
+    Deny from All
+
+
+    Order Deny,Allow
+    Deny from All
+
+
diff --git a/install/ubuntu/18.10/pma/config.inc.php b/install/ubuntu/18.10/pma/config.inc.php
new file mode 100644
index 00000000..a643a065
--- /dev/null
+++ b/install/ubuntu/18.10/pma/config.inc.php
@@ -0,0 +1,146 @@
+
+    VRootEngine                 on
+    VRootAlias                  /etc/security/pam_env.conf etc/security/pam_env.conf
+
+
+AuthPAMConfig                   proftpd
+AuthOrder                       mod_auth_pam.c* mod_auth_unix.c
+UseReverseDNS                   off
+User                            proftpd
+Group                           nogroup
+MaxInstances                    20
+UseSendfile                     off
+LogFormat                       default "%h %l %u %t \"%r\" %s %b"
+LogFormat                       auth    "%v [%P] %h %t \"%r\" %s"
+ListOptions                     -a
+RequireValidShell               off
+PassivePorts                    12000 12100
+
+
+  Umask                         002
+  IdentLookups                  off
+  AllowOverwrite                yes
+  
+    AllowAll
+  
+
diff --git a/install/ubuntu/18.10/roundcube/apache.conf b/install/ubuntu/18.10/roundcube/apache.conf
new file mode 100644
index 00000000..a0c87bcc
--- /dev/null
+++ b/install/ubuntu/18.10/roundcube/apache.conf
@@ -0,0 +1,40 @@
+Alias /roundcube/program/js/tiny_mce/ /usr/share/tinymce/www/
+Alias /roundcube /var/lib/roundcube
+Alias /webmail /var/lib/roundcube
+
+# Access to tinymce files
+
+      Options Indexes MultiViews FollowSymLinks
+      AllowOverride None
+      Order allow,deny
+      allow from all
+
+
+
+  Options +FollowSymLinks
+  # This is needed to parse /var/lib/roundcube/.htaccess. See its
+  # content before setting AllowOverride to None.
+  AllowOverride All
+  order allow,deny
+  allow from all
+
+
+# Protecting basic directories:
+
+        Options -FollowSymLinks
+        AllowOverride None
+
+
+
+        Options -FollowSymLinks
+        AllowOverride None
+	Order allow,deny
+	Deny from all
+
+
+
+        Options -FollowSymLinks
+        AllowOverride None
+	Order allow,deny
+	Deny from all
+
diff --git a/install/ubuntu/18.10/roundcube/config.inc.php b/install/ubuntu/18.10/roundcube/config.inc.php
new file mode 100644
index 00000000..0c82b1bc
--- /dev/null
+++ b/install/ubuntu/18.10/roundcube/config.inc.php
@@ -0,0 +1,33 @@
+
diff --git a/install/ubuntu/18.10/roundcube/main.inc.php b/install/ubuntu/18.10/roundcube/main.inc.php
new file mode 100644
index 00000000..32e0d473
--- /dev/null
+++ b/install/ubuntu/18.10/roundcube/main.inc.php
@@ -0,0 +1,850 @@
+/sendmail or to syslog
+$rcmail_config['smtp_log'] = true;
+
+// Log successful logins to /userlogins or to syslog
+$rcmail_config['log_logins'] = false;
+
+// Log session authentication errors to /session or to syslog
+$rcmail_config['log_session'] = false;
+
+// Log SQL queries to /sql or to syslog
+$rcmail_config['sql_debug'] = false;
+
+// Log IMAP conversation to /imap or to syslog
+$rcmail_config['imap_debug'] = false;
+
+// Log LDAP conversation to /ldap or to syslog
+$rcmail_config['ldap_debug'] = false;
+
+// Log SMTP conversation to /smtp or to syslog
+$rcmail_config['smtp_debug'] = false;
+
+// ----------------------------------
+// IMAP
+// ----------------------------------
+
+// the mail host chosen to perform the log-in
+// leave blank to show a textbox at login, give a list of hosts
+// to display a pulldown menu or set one host as string.
+// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls://
+// Supported replacement variables:
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %s - domain name after the '@' from e-mail address provided at login screen
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['default_host'] = 'localhost';
+
+// TCP port used for IMAP connections
+$rcmail_config['default_port'] = 143;
+
+// IMAP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use
+// best server supported one)
+$rcmail_config['imap_auth_type'] = null;
+
+// If you know your imap's folder delimiter, you can specify it here.
+// Otherwise it will be determined automatically
+$rcmail_config['imap_delimiter'] = null;
+
+// If IMAP server doesn't support NAMESPACE extension, but you're
+// using shared folders or personal root folder is non-empty, you'll need to
+// set these options. All can be strings or arrays of strings.
+// Folders need to be ended with directory separator, e.g. "INBOX."
+// (special directory "~" is an exception to this rule)
+// These can be used also to overwrite server's namespaces
+$rcmail_config['imap_ns_personal'] = null;
+$rcmail_config['imap_ns_other']    = null;
+$rcmail_config['imap_ns_shared']   = null;
+
+// By default IMAP capabilities are readed after connection to IMAP server
+// In some cases, e.g. when using IMAP proxy, there's a need to refresh the list
+// after login. Set to True if you've got this case.
+$rcmail_config['imap_force_caps'] = false;
+
+// By default list of subscribed folders is determined using LIST-EXTENDED
+// extension if available. Some servers (dovecot 1.x) returns wrong results
+// for shared namespaces in this case. http://trac.roundcube.net/ticket/1486225
+// Enable this option to force LSUB command usage instead.
+$rcmail_config['imap_force_lsub'] = false;
+
+// Some server configurations (e.g. Courier) doesn't list folders in all namespaces
+// Enable this option to force listing of folders in all namespaces
+$rcmail_config['imap_force_ns'] = false;
+
+// IMAP connection timeout, in seconds. Default: 0 (no limit)
+$rcmail_config['imap_timeout'] = 0;
+
+// Optional IMAP authentication identifier to be used as authorization proxy
+$rcmail_config['imap_auth_cid'] = null;
+
+// Optional IMAP authentication password to be used for imap_auth_cid
+$rcmail_config['imap_auth_pw'] = null;
+
+// Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'.
+$rcmail_config['imap_cache'] = null;
+
+// Enables messages cache. Only 'db' cache is supported.
+$rcmail_config['messages_cache'] = false;
+
+
+// ----------------------------------
+// SMTP
+// ----------------------------------
+
+// SMTP server host (for sending mails).
+// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls://
+// If left blank, the PHP mail() function is used
+// Supported replacement variables:
+// %h - user's IMAP hostname
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %z - IMAP domain (IMAP hostname without the first part)
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['smtp_server'] = '';
+
+// SMTP port (default is 25; use 587 for STARTTLS or 465 for the
+// deprecated SSL over SMTP (aka SMTPS))
+$rcmail_config['smtp_port'] = 25;
+
+// SMTP username (if required) if you use %u as the username Roundcube
+// will use the current username for login
+$rcmail_config['smtp_user'] = '';
+
+// SMTP password (if required) if you use %p as the password Roundcube
+// will use the current user's password for login
+$rcmail_config['smtp_pass'] = '';
+
+// SMTP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use
+// best server supported one)
+$rcmail_config['smtp_auth_type'] = '';
+
+// Optional SMTP authentication identifier to be used as authorization proxy
+$rcmail_config['smtp_auth_cid'] = null;
+
+// Optional SMTP authentication password to be used for smtp_auth_cid
+$rcmail_config['smtp_auth_pw'] = null;
+
+// SMTP HELO host 
+// Hostname to give to the remote server for SMTP 'HELO' or 'EHLO' messages 
+// Leave this blank and you will get the server variable 'server_name' or 
+// localhost if that isn't defined. 
+$rcmail_config['smtp_helo_host'] = '';
+
+// SMTP connection timeout, in seconds. Default: 0 (no limit)
+$rcmail_config['smtp_timeout'] = 0;
+
+// ----------------------------------
+// SYSTEM
+// ----------------------------------
+include_once("/etc/roundcube/debian-db-roundcube.php");
+
+
+// THIS OPTION WILL ALLOW THE INSTALLER TO RUN AND CAN EXPOSE SENSITIVE CONFIG DATA.
+// ONLY ENABLE IT IF YOU'RE REALLY SURE WHAT YOU'RE DOING!
+$rcmail_config['enable_installer'] = false;
+
+// provide an URL where a user can get support for this Roundcube installation
+// PLEASE DO NOT LINK TO THE ROUNDCUBE.NET WEBSITE HERE!
+$rcmail_config['support_url'] = '';
+
+// replace Roundcube logo with this image
+// specify an URL relative to the document root of this Roundcube installation
+$rcmail_config['skin_logo'] = null;
+
+// automatically create a new Roundcube user when log-in the first time.
+// a new user will be created once the IMAP login succeeds.
+// set to false if only registered users can use this service
+$rcmail_config['auto_create_user'] = true;
+
+// use this folder to store log files (must be writeable for apache user)
+// This is used by the 'file' log driver.
+$rcmail_config['log_dir'] = '/var/log/roundcube/';
+
+// use this folder to store temp files (must be writeable for apache user)
+$rcmail_config['temp_dir'] = '/tmp';
+
+// lifetime of message cache
+// possible units: s, m, h, d, w
+$rcmail_config['message_cache_lifetime'] = '10d';
+
+// enforce connections over https
+// with this option enabled, all non-secure connections will be redirected.
+// set the port for the ssl connection as value of this option if it differs from the default 443
+$rcmail_config['force_https'] = false;
+
+// tell PHP that it should work as under secure connection
+// even if it doesn't recognize it as secure ($_SERVER['HTTPS'] is not set)
+// e.g. when you're running Roundcube behind a https proxy
+// this option is mutually exclusive to 'force_https' and only either one of them should be set to true.
+$rcmail_config['use_https'] = false;
+
+// Allow browser-autocompletion on login form.
+// 0 - disabled, 1 - username and host only, 2 - username, host, password
+$rcmail_config['login_autocomplete'] = 0;
+
+// Forces conversion of logins to lower case.
+// 0 - disabled, 1 - only domain part, 2 - domain and local part.
+// If users authentication is not case-sensitive this must be enabled.
+// After enabling it all user records need to be updated, e.g. with query:
+// UPDATE users SET username = LOWER(username);
+$rcmail_config['login_lc'] = 0;
+
+// Includes should be interpreted as PHP files
+$rcmail_config['skin_include_php'] = false;
+
+// display software version on login screen
+$rcmail_config['display_version'] = false;
+
+// Session lifetime in minutes
+// must be greater than 'keep_alive'/60
+$rcmail_config['session_lifetime'] = 10;
+
+// session domain: .example.org
+$rcmail_config['session_domain'] = '';
+
+// session name. Default: 'roundcube_sessid'
+$rcmail_config['session_name'] = null;
+
+// Backend to use for session storage. Can either be 'db' (default) or 'memcache'
+// If set to memcache, a list of servers need to be specified in 'memcache_hosts'
+// Make sure the Memcache extension (http://pecl.php.net/package/memcache) version >= 2.0.0 is installed
+$rcmail_config['session_storage'] = 'db';
+
+// Use these hosts for accessing memcached
+// Define any number of hosts in the form of hostname:port or unix:///path/to/sock.file
+$rcmail_config['memcache_hosts'] = null; // e.g. array( 'localhost:11211', '192.168.1.12:11211', 'unix:///var/tmp/memcached.sock' );
+
+// check client IP in session athorization
+$rcmail_config['ip_check'] = false;
+
+// check referer of incoming requests
+$rcmail_config['referer_check'] = false;
+
+// X-Frame-Options HTTP header value sent to prevent from Clickjacking.
+// Possible values: sameorigin|deny. Set to false in order to disable sending them
+$rcmail_config['x_frame_options'] = 'sameorigin';
+
+// this key is used to encrypt the users imap password which is stored
+// in the session record (and the client cookie if remember password is enabled).
+// please provide a string of exactly 24 chars.
+$rcmail_config['des_key'] = 'vtIOjLZo9kffJoqzpSbm5r1r';
+
+// Automatically add this domain to user names for login
+// Only for IMAP servers that require full e-mail addresses for login
+// Specify an array with 'host' => 'domain' values to support multiple hosts
+// Supported replacement variables:
+// %h - user's IMAP hostname
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %z - IMAP domain (IMAP hostname without the first part)
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['username_domain'] = '';
+
+// This domain will be used to form e-mail addresses of new users
+// Specify an array with 'host' => 'domain' values to support multiple hosts
+// Supported replacement variables:
+// %h - user's IMAP hostname
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %z - IMAP domain (IMAP hostname without the first part)
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['mail_domain'] = '';
+
+// Password charset.
+// Use it if your authentication backend doesn't support UTF-8.
+// Defaults to ISO-8859-1 for backward compatibility
+$rcmail_config['password_charset'] = 'ISO-8859-1';
+
+// How many seconds must pass between emails sent by a user
+$rcmail_config['sendmail_delay'] = 0;
+
+// Maximum number of recipients per message. Default: 0 (no limit)
+$rcmail_config['max_recipients'] = 0; 
+
+// Maximum allowednumber of members of an address group. Default: 0 (no limit)
+// If 'max_recipients' is set this value should be less or equal
+$rcmail_config['max_group_members'] = 0; 
+
+// add this user-agent to message headers when sending
+$rcmail_config['useragent'] = 'Roundcube Webmail';
+
+// use this name to compose page titles
+$rcmail_config['product_name'] = 'Roundcube Webmail';
+
+// try to load host-specific configuration
+// see http://trac.roundcube.net/wiki/Howto_Config for more details
+$rcmail_config['include_host_config'] = false;
+
+// path to a text file which will be added to each sent message
+// paths are relative to the Roundcube root folder
+$rcmail_config['generic_message_footer'] = '';
+
+// path to a text file which will be added to each sent HTML message
+// paths are relative to the Roundcube root folder
+$rcmail_config['generic_message_footer_html'] = '';
+
+// add a received header to outgoing mails containing the creators IP and hostname
+$rcmail_config['http_received_header'] = false;
+
+// Whether or not to encrypt the IP address and the host name
+// these could, in some circles, be considered as sensitive information;
+// however, for the administrator, these could be invaluable help
+// when tracking down issues.
+$rcmail_config['http_received_header_encrypt'] = false;
+
+// This string is used as a delimiter for message headers when sending
+// a message via mail() function. Leave empty for auto-detection
+$rcmail_config['mail_header_delimiter'] = NULL;
+
+// number of chars allowed for line when wrapping text.
+// text wrapping is done when composing/sending messages
+$rcmail_config['line_length'] = 72;
+
+// send plaintext messages as format=flowed
+$rcmail_config['send_format_flowed'] = true;
+
+// don't allow these settings to be overriden by the user
+$rcmail_config['dont_override'] = array();
+
+// Set identities access level:
+// 0 - many identities with possibility to edit all params
+// 1 - many identities with possibility to edit all params but not email address
+// 2 - one identity with possibility to edit all params
+// 3 - one identity with possibility to edit all params but not email address
+$rcmail_config['identities_level'] = 0;
+
+// Mimetypes supported by the browser.
+// attachments of these types will open in a preview window
+// either a comma-separated list or an array: 'text/plain,text/html,text/xml,image/jpeg,image/gif,image/png,application/pdf'
+$rcmail_config['client_mimetypes'] = null;  # null == default
+
+// mime magic database
+$rcmail_config['mime_magic'] = null;
+
+// path to imagemagick identify binary
+$rcmail_config['im_identify_path'] = null;
+
+// path to imagemagick convert binary
+$rcmail_config['im_convert_path'] = null;
+
+// maximum size of uploaded contact photos in pixel
+$rcmail_config['contact_photo_size'] = 160;
+
+// Enable DNS checking for e-mail address validation
+$rcmail_config['email_dns_check'] = false;
+
+// ----------------------------------
+// PLUGINS
+// ----------------------------------
+
+// List of active plugins (in plugins/ directory)
+$rcmail_config['plugins'] = array('password');
+
+// ----------------------------------
+// USER INTERFACE
+// ----------------------------------
+
+// default messages sort column. Use empty value for default server's sorting, 
+// or 'arrival', 'date', 'subject', 'from', 'to', 'fromto', 'size', 'cc'
+$rcmail_config['message_sort_col'] = '';
+
+// default messages sort order
+$rcmail_config['message_sort_order'] = 'DESC';
+
+// These cols are shown in the message list. Available cols are:
+// subject, from, to, fromto, cc, replyto, date, size, status, flag, attachment, 'priority'
+$rcmail_config['list_cols'] = array('subject', 'status', 'fromto', 'date', 'size', 'flag', 'attachment');
+
+// the default locale setting (leave empty for auto-detection)
+// RFC1766 formatted language name like en_US, de_DE, de_CH, fr_FR, pt_BR
+$rcmail_config['language'] = null;
+
+// use this format for date display (date or strftime format)
+$rcmail_config['date_format'] = 'Y-m-d';
+
+// give this choice of date formats to the user to select from
+$rcmail_config['date_formats'] = array('Y-m-d', 'd-m-Y', 'Y/m/d', 'm/d/Y', 'd/m/Y', 'd.m.Y', 'j.n.Y');
+
+// use this format for time display (date or strftime format)
+$rcmail_config['time_format'] = 'H:i';
+
+// give this choice of time formats to the user to select from
+$rcmail_config['time_formats'] = array('G:i', 'H:i', 'g:i a', 'h:i A');
+
+// use this format for short date display (derived from date_format and time_format)
+$rcmail_config['date_short'] = 'D H:i';
+
+// use this format for detailed date/time formatting (derived from date_format and time_format)
+$rcmail_config['date_long'] = 'Y-m-d H:i';
+
+// store draft message is this mailbox
+// leave blank if draft messages should not be stored
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['drafts_mbox'] = 'Drafts';
+
+// store spam messages in this mailbox
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['junk_mbox'] = 'Spam';
+
+// store sent message is this mailbox
+// leave blank if sent messages should not be stored
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['sent_mbox'] = 'Sent';
+
+// move messages to this folder when deleting them
+// leave blank if they should be deleted directly
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['trash_mbox'] = 'Trash';
+
+// display these folders separately in the mailbox list.
+// these folders will also be displayed with localized names
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['default_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash');
+$rcmail_config['default_imap_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash');
+
+// automatically create the above listed default folders on first login
+$rcmail_config['create_default_folders'] = true;
+
+// protect the default folders from renames, deletes, and subscription changes
+$rcmail_config['protect_default_folders'] = true;
+
+// if in your system 0 quota means no limit set this option to true 
+$rcmail_config['quota_zero_as_unlimited'] = true;
+
+// Make use of the built-in spell checker. It is based on GoogieSpell.
+// Since Google only accepts connections over https your PHP installatation
+// requires to be compiled with Open SSL support
+$rcmail_config['enable_spellcheck'] = true;
+
+// Enables spellchecker exceptions dictionary.
+// Setting it to 'shared' will make the dictionary shared by all users.
+$rcmail_config['spellcheck_dictionary'] = false;
+
+// Set the spell checking engine. 'googie' is the default. 'pspell' is also available,
+// but requires the Pspell extensions. When using Nox Spell Server, also set 'googie' here.
+$rcmail_config['spellcheck_engine'] = 'googie';
+
+// For a locally installed Nox Spell Server, please specify the URI to call it.
+// Get Nox Spell Server from http://orangoo.com/labs/?page_id=72
+// Leave empty to use the Google spell checking service, what means
+// that the message content will be sent to Google in order to check spelling
+$rcmail_config['spellcheck_uri'] = '';
+
+// These languages can be selected for spell checking.
+// Configure as a PHP style hash array: array('en'=>'English', 'de'=>'Deutsch');
+// Leave empty for default set of available language.
+$rcmail_config['spellcheck_languages'] = NULL;
+
+// Makes that words with all letters capitalized will be ignored (e.g. GOOGLE)
+$rcmail_config['spellcheck_ignore_caps'] = false;
+
+// Makes that words with numbers will be ignored (e.g. g00gle)
+$rcmail_config['spellcheck_ignore_nums'] = false;
+
+// Makes that words with symbols will be ignored (e.g. g@@gle)
+$rcmail_config['spellcheck_ignore_syms'] = false;
+
+// Use this char/string to separate recipients when composing a new message
+$rcmail_config['recipients_separator'] = ',';
+
+// don't let users set pagesize to more than this value if set
+$rcmail_config['max_pagesize'] = 200;
+
+// Minimal value of user's 'keep_alive' setting (in seconds)
+// Must be less than 'session_lifetime'
+$rcmail_config['min_keep_alive'] = 60;
+
+// Enables files upload indicator. Requires APC installed and enabled apc.rfc1867 option.
+// By default refresh time is set to 1 second. You can set this value to true
+// or any integer value indicating number of seconds.
+$rcmail_config['upload_progress'] = false;
+
+// Specifies for how many seconds the Undo button will be available
+// after object delete action. Currently used with supporting address book sources.
+// Setting it to 0, disables the feature.
+$rcmail_config['undo_timeout'] = 0;
+
+// ----------------------------------
+// ADDRESSBOOK SETTINGS
+// ----------------------------------
+
+// This indicates which type of address book to use. Possible choises:
+// 'sql' (default) and 'ldap'.
+// If set to 'ldap' then it will look at using the first writable LDAP
+// address book as the primary address book and it will not display the
+// SQL address book in the 'Address Book' view.
+$rcmail_config['address_book_type'] = 'sql';
+
+// In order to enable public ldap search, configure an array like the Verisign
+// example further below. if you would like to test, simply uncomment the example.
+// Array key must contain only safe characters, ie. a-zA-Z0-9_
+$rcmail_config['ldap_public'] = array();
+
+// If you are going to use LDAP for individual address books, you will need to 
+// set 'user_specific' to true and use the variables to generate the appropriate DNs to access it.
+//
+// The recommended directory structure for LDAP is to store all the address book entries
+// under the users main entry, e.g.:
+//
+//  o=root
+//   ou=people
+//    uid=user@domain
+//  mail=contact@contactdomain
+//
+// So the base_dn would be uid=%fu,ou=people,o=root
+// The bind_dn would be the same as based_dn or some super user login.
+/* 
+ * example config for Verisign directory
+ *
+$rcmail_config['ldap_public']['Verisign'] = array(
+  'name'          => 'Verisign.com',
+  // Replacement variables supported in host names:
+  // %h - user's IMAP hostname
+  // %n - http hostname ($_SERVER['SERVER_NAME'])
+  // %d - domain (http hostname without the first part)
+  // %z - IMAP domain (IMAP hostname without the first part)
+  // For example %n = mail.domain.tld, %d = domain.tld
+  'hosts'         => array('directory.verisign.com'),
+  'port'          => 389,
+  'use_tls'	      => false,
+  'ldap_version'  => 3,       // using LDAPv3
+  'user_specific' => false,   // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login.
+  // %fu - The full username provided, assumes the username is an email
+  //       address, uses the username_domain value if not an email address.
+  // %u  - The username prior to the '@'.
+  // %d  - The domain name after the '@'.
+  // %dc - The domain name hierarchal string e.g. "dc=test,dc=domain,dc=com"
+  // %dn - DN found by ldap search when search_filter/search_base_dn are used
+  'base_dn'       => '',
+  'bind_dn'       => '',
+  'bind_pass'     => '',
+  // It's possible to bind for an individual address book
+  // The login name is used to search for the DN to bind with
+  'search_base_dn' => '',
+  'search_filter'  => '',   // e.g. '(&(objectClass=posixAccount)(uid=%u))'
+  // DN and password to bind as before searching for bind DN, if anonymous search is not allowed
+  'search_bind_dn' => '',
+  'search_bind_pw' => '',
+  // Default for %dn variable if search doesn't return DN value
+  'search_dn_default' => '',
+  // Optional authentication identifier to be used as SASL authorization proxy
+  // bind_dn need to be empty
+  'auth_cid'       => '',
+  // SASL authentication method (for proxy auth), e.g. DIGEST-MD5
+  'auth_method'    => '',
+  // Indicates if the addressbook shall be hidden from the list.
+  // With this option enabled you can still search/view contacts.
+  'hidden'        => false,
+  // Indicates if the addressbook shall not list contacts but only allows searching.
+  'searchonly'    => false,
+  // Indicates if we can write to the LDAP directory or not.
+  // If writable is true then these fields need to be populated:
+  // LDAP_Object_Classes, required_fields, LDAP_rdn
+  'writable'       => false,
+  // To create a new contact these are the object classes to specify
+  // (or any other classes you wish to use).
+  'LDAP_Object_Classes' => array('top', 'inetOrgPerson'),
+  // The RDN field that is used for new entries, this field needs
+  // to be one of the search_fields, the base of base_dn is appended
+  // to the RDN to insert into the LDAP directory.
+  'LDAP_rdn'       => 'cn',
+  // The required fields needed to build a new contact as required by
+  // the object classes (can include additional fields not required by the object classes).
+  'required_fields' => array('cn', 'sn', 'mail'),
+  'search_fields'   => array('mail', 'cn'),  // fields to search in
+  // mapping of contact fields to directory attributes
+  //   for every attribute one can specify the number of values (limit) allowed.
+  //   default is 1, a wildcard * means unlimited
+  'fieldmap' => array(
+    // Roundcube  => LDAP:limit
+    'name'        => 'cn',
+    'surname'     => 'sn',
+    'firstname'   => 'givenName',
+    'title'       => 'title',
+    'email'       => 'mail:*',
+    'phone:home'  => 'homePhone',
+    'phone:work'  => 'telephoneNumber',
+    'phone:mobile' => 'mobile',
+    'phone:pager' => 'pager',
+    'street'      => 'street',
+    'zipcode'     => 'postalCode',
+    'region'      => 'st',
+    'locality'    => 'l',
+// if you uncomment country, you need to modify 'sub_fields' above
+//    'country'     => 'c',
+    'department'  => 'departmentNumber',
+    'notes'       => 'description',
+// these currently don't work:
+//    'phone:workfax' => 'facsimileTelephoneNumber',
+//    'photo'        => 'jpegPhoto',
+//    'organization' => 'o',
+//    'manager'      => 'manager',
+//    'assistant'    => 'secretary',
+  ),
+  // Map of contact sub-objects (attribute name => objectClass(es)), e.g. 'c' => 'country'
+  'sub_fields' => array(),
+  'sort'          => 'cn',    // The field to sort the listing by.
+  'scope'         => 'sub',   // search mode: sub|base|list
+  'filter'        => '(objectClass=inetOrgPerson)',      // used for basic listing (if not empty) and will be &'d with search queries. example: status=act
+  'fuzzy_search'  => true,    // server allows wildcard search
+  'vlv'           => false,   // Enable Virtual List View to more efficiently fetch paginated data (if server supports it)
+  'numsub_filter' => '(objectClass=organizationalUnit)',   // with VLV, we also use numSubOrdinates to query the total number of records. Set this filter to get all numSubOrdinates attributes for counting
+  'sizelimit'     => '0',     // Enables you to limit the count of entries fetched. Setting this to 0 means no limit.
+  'timelimit'     => '0',     // Sets the number of seconds how long is spend on the search. Setting this to 0 means no limit.
+  'referrals'     => true|false,  // Sets the LDAP_OPT_REFERRALS option. Mostly used in multi-domain Active Directory setups
+
+  // definition for contact groups (uncomment if no groups are supported)
+  // for the groups base_dn, the user replacements %fu, %u, $d and %dc work as for base_dn (see above)
+  // if the groups base_dn is empty, the contact base_dn is used for the groups as well
+  // -> in this case, assure that groups and contacts are separated due to the concernig filters! 
+  'groups'        => array(
+    'base_dn'     => '',
+    'scope'       => 'sub',   // search mode: sub|base|list
+    'filter'      => '(objectClass=groupOfNames)',
+    'object_classes' => array("top", "groupOfNames"),
+    'member_attr'  => 'member',   // name of the member attribute, e.g. uniqueMember
+    'name_attr'    => 'cn',       // attribute to be used as group name
+  ),
+);
+*/
+
+// An ordered array of the ids of the addressbooks that should be searched
+// when populating address autocomplete fields server-side. ex: array('sql','Verisign');
+$rcmail_config['autocomplete_addressbooks'] = array('sql');
+
+// The minimum number of characters required to be typed in an autocomplete field
+// before address books will be searched. Most useful for LDAP directories that
+// may need to do lengthy results building given overly-broad searches
+$rcmail_config['autocomplete_min_length'] = 1;
+
+// Number of parallel autocomplete requests.
+// If there's more than one address book, n parallel (async) requests will be created,
+// where each request will search in one address book. By default (0), all address
+// books are searched in one request.
+$rcmail_config['autocomplete_threads'] = 0;
+
+// Max. numer of entries in autocomplete popup. Default: 15.
+$rcmail_config['autocomplete_max'] = 15;
+
+// show address fields in this order
+// available placeholders: {street}, {locality}, {zipcode}, {country}, {region}
+$rcmail_config['address_template'] = '{street}
{locality} {zipcode}
{country} {region}';
+
+// Matching mode for addressbook search (including autocompletion)
+// 0 - partial (*abc*), default
+// 1 - strict (abc)
+// 2 - prefix (abc*)
+// Note: For LDAP sources fuzzy_search must be enabled to use 'partial' or 'prefix' mode
+$rcmail_config['addressbook_search_mode'] = 0;
+
+// ----------------------------------
+// USER PREFERENCES
+// ----------------------------------
+
+// Use this charset as fallback for message decoding
+//$rcmail_config['default_charset'] = 'ISO-8859-1';
+$rcmail_config['default_charset'] = 'UTF-8';
+
+// skin name: folder from skins/
+$rcmail_config['skin'] = 'larry';
+
+// show up to X items in messages list view
+$rcmail_config['mail_pagesize'] = 50;
+
+// show up to X items in contacts list view
+$rcmail_config['addressbook_pagesize'] = 50;
+
+// sort contacts by this col (preferably either one of name, firstname, surname)
+$rcmail_config['addressbook_sort_col'] = 'surname';
+
+// the way how contact names are displayed in the list
+// 0: display name
+// 1: (prefix) firstname middlename surname (suffix)
+// 2: (prefix) surname firstname middlename (suffix)
+// 3: (prefix) surname, firstname middlename (suffix)
+$rcmail_config['addressbook_name_listing'] = 0;
+
+// use this timezone to display date/time
+// valid timezone identifers are listed here: php.net/manual/en/timezones.php
+// 'auto' will use the browser's timezone settings
+$rcmail_config['timezone'] = 'auto';
+
+// prefer displaying HTML messages
+$rcmail_config['prefer_html'] = true;
+
+// display remote inline images
+// 0 - Never, always ask
+// 1 - Ask if sender is not in address book
+// 2 - Always show inline images
+$rcmail_config['show_images'] = 0;
+
+// compose html formatted messages by default
+// 0 - never, 1 - always, 2 - on reply to HTML message only 
+$rcmail_config['htmleditor'] = 0;
+
+// show pretty dates as standard
+$rcmail_config['prettydate'] = true;
+
+// save compose message every 30 seconds
+$rcmail_config['draft_autosave'] = 30;
+
+// default setting if preview pane is enabled
+$rcmail_config['preview_pane'] = false;
+
+// Mark as read when viewed in preview pane (delay in seconds)
+// Set to -1 if messages in preview pane should not be marked as read
+$rcmail_config['preview_pane_mark_read'] = 0;
+
+// Clear Trash on logout
+$rcmail_config['logout_purge'] = false;
+
+// Compact INBOX on logout
+$rcmail_config['logout_expunge'] = false;
+
+// Display attached images below the message body 
+$rcmail_config['inline_images'] = true;
+
+// Encoding of long/non-ascii attachment names:
+// 0 - Full RFC 2231 compatible
+// 1 - RFC 2047 for 'name' and RFC 2231 for 'filename' parameter (Thunderbird's default)
+// 2 - Full 2047 compatible
+$rcmail_config['mime_param_folding'] = 1;
+
+// Set true if deleted messages should not be displayed
+// This will make the application run slower
+$rcmail_config['skip_deleted'] = false;
+
+// Set true to Mark deleted messages as read as well as deleted
+// False means that a message's read status is not affected by marking it as deleted
+$rcmail_config['read_when_deleted'] = true;
+
+// Set to true to never delete messages immediately
+// Use 'Purge' to remove messages marked as deleted
+$rcmail_config['flag_for_deletion'] = false;
+
+// Default interval for keep-alive/check-recent requests (in seconds)
+// Must be greater than or equal to 'min_keep_alive' and less than 'session_lifetime'
+$rcmail_config['keep_alive'] = 60;
+
+// If true all folders will be checked for recent messages
+$rcmail_config['check_all_folders'] = false;
+
+// If true, after message delete/move, the next message will be displayed
+$rcmail_config['display_next'] = false;
+
+// 0 - Do not expand threads 
+// 1 - Expand all threads automatically 
+// 2 - Expand only threads with unread messages 
+$rcmail_config['autoexpand_threads'] = 0;
+
+// When replying place cursor above original message (top posting)
+$rcmail_config['top_posting'] = false;
+
+// When replying strip original signature from message
+$rcmail_config['strip_existing_sig'] = true;
+
+// Show signature:
+// 0 - Never
+// 1 - Always
+// 2 - New messages only
+// 3 - Forwards and Replies only
+$rcmail_config['show_sig'] = 1;
+
+// When replying or forwarding place sender's signature above existing message
+$rcmail_config['sig_above'] = false;
+
+// Use MIME encoding (quoted-printable) for 8bit characters in message body
+$rcmail_config['force_7bit'] = false;
+
+// Defaults of the search field configuration.
+// The array can contain a per-folder list of header fields which should be considered when searching
+// The entry with key '*' stands for all folders which do not have a specific list set.
+// Please note that folder names should to be in sync with $rcmail_config['default_folders']
+$rcmail_config['search_mods'] = null;  // Example: array('*' => array('subject'=>1, 'from'=>1), 'Sent' => array('subject'=>1, 'to'=>1));
+
+// Defaults of the addressbook search field configuration.
+$rcmail_config['addressbook_search_mods'] = null;  // Example: array('name'=>1, 'firstname'=>1, 'surname'=>1, 'email'=>1, '*'=>1);
+
+// 'Delete always'
+// This setting reflects if mail should be always deleted
+// when moving to Trash fails. This is necessary in some setups
+// when user is over quota and Trash is included in the quota.
+$rcmail_config['delete_always'] = false;
+
+// Directly delete messages in Junk instead of moving to Trash
+$rcmail_config['delete_junk'] = true;
+
+// Behavior if a received message requests a message delivery notification (read receipt)
+// 0 = ask the user, 1 = send automatically, 2 = ignore (never send or ask)
+// 3 = send automatically if sender is in addressbook, otherwise ask the user
+// 4 = send automatically if sender is in addressbook, otherwise ignore
+$rcmail_config['mdn_requests'] = 0;
+
+// Return receipt checkbox default state
+$rcmail_config['mdn_default'] = 0;
+
+// Delivery Status Notification checkbox default state
+$rcmail_config['dsn_default'] = 0;
+
+// Place replies in the folder of the message being replied to
+$rcmail_config['reply_same_folder'] = false;
+
+// Sets default mode of Forward feature to "forward as attachment"
+$rcmail_config['forward_attachment'] = false;
+
+// Defines address book (internal index) to which new contacts will be added
+// By default it is the first writeable addressbook.
+// Note: Use '0' for built-in address book.
+$rcmail_config['default_addressbook'] = null;
+
+// Enables spell checking before sending a message.
+$rcmail_config['spellcheck_before_send'] = false;
+
+// Skip alternative email addresses in autocompletion (show one address per contact)
+$rcmail_config['autocomplete_single'] = false;
+
+// Default font for composed HTML message.
+// Supported values: Andale Mono, Arial, Arial Black, Book Antiqua, Courier New,
+// Georgia, Helvetica, Impact, Tahoma, Terminal, Times New Roman, Trebuchet MS, Verdana
+$rcmail_config['default_font'] = '';
+
+// end of config file
diff --git a/install/ubuntu/18.10/roundcube/vesta.php b/install/ubuntu/18.10/roundcube/vesta.php
new file mode 100644
index 00000000..b4a2a6b6
--- /dev/null
+++ b/install/ubuntu/18.10/roundcube/vesta.php
@@ -0,0 +1,72 @@
+
+ */
+class rcube_vesta_password {
+    function save($curpass, $passwd)
+    {
+        $rcmail = rcmail::get_instance();
+        $vesta_host = $rcmail->config->get('password_vesta_host');
+
+        if (empty($vesta_host))
+        {
+            $vesta_host = 'localhost';
+        }
+
+        $vesta_port = $rcmail->config->get('password_vesta_port');
+        if (empty($vesta_port))
+        {
+            $vesta_port = '8083';
+        }
+
+        $postvars = array(
+          'email' => $_SESSION['username'],
+          'password' => $curpass,
+          'new' => $passwd
+        );
+
+        $postdata = http_build_query($postvars);
+
+        $send  = 'POST /reset/mail/ HTTP/1.1' . PHP_EOL;
+        $send .= 'Host: ' . $vesta_host . PHP_EOL;
+        $send .= 'User-Agent: PHP Script' . PHP_EOL;
+        $send .= 'Content-length: ' . strlen($postdata) . PHP_EOL;
+        $send .= 'Content-type: application/x-www-form-urlencoded' . PHP_EOL;
+        $send .= 'Connection: close' . PHP_EOL;
+        $send .= PHP_EOL;
+        $send .= $postdata . PHP_EOL . PHP_EOL;
+
+        //$fp = fsockopen('ssl://' . $vesta_host, $vesta_port);
+        $errno = "";
+        $errstr = "";
+        $context = stream_context_create();
+        $result = stream_context_set_option($context, 'ssl', 'verify_peer', false);
+        $result = stream_context_set_option($context, 'ssl', 'verify_peer_name', false);
+        $result = stream_context_set_option($context, 'ssl', 'verify_host', false);
+        $result = stream_context_set_option($context, 'ssl', 'allow_self_signed', true);
+
+        $fp = stream_socket_client('ssl://' . $vesta_host . ':'.$vesta_port, $errno, $errstr, 60, STREAM_CLIENT_CONNECT, $context);
+        fputs($fp, $send);
+        $result = fread($fp, 2048);
+        fclose($fp);
+
+        $fp = fopen("/tmp/roundcube.log", 'w');
+        fwrite($fp, "test ok");
+        fwrite($fp, "\n");
+        fclose($fp);
+
+
+        if(strpos($result, 'ok') && !strpos($result, 'error'))
+        {
+            return PASSWORD_SUCCESS;
+        }
+        else {
+            return PASSWORD_ERROR;
+        }
+
+    }
+}
\ No newline at end of file
diff --git a/install/ubuntu/18.10/sudo/admin b/install/ubuntu/18.10/sudo/admin
new file mode 100644
index 00000000..331fa1f2
--- /dev/null
+++ b/install/ubuntu/18.10/sudo/admin
@@ -0,0 +1,8 @@
+# Created by vesta installer
+Defaults env_keep="VESTA"
+Defaults:admin !syslog
+Defaults:admin !requiretty
+Defaults:root !requiretty
+
+# sudo is limited to vesta scripts
+admin   ALL=NOPASSWD:/usr/local/vesta/bin/*
diff --git a/install/ubuntu/18.10/templates/dns/child-ns.tpl b/install/ubuntu/18.10/templates/dns/child-ns.tpl
new file mode 100755
index 00000000..42c046e4
--- /dev/null
+++ b/install/ubuntu/18.10/templates/dns/child-ns.tpl
@@ -0,0 +1,14 @@
+ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns1.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns2.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='4' RECORD='ns1' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='5' RECORD='ns2' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='7' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='8' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='9' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='10' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='11' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='12' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='13' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='14' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%'
diff --git a/install/ubuntu/18.10/templates/dns/default.tpl b/install/ubuntu/18.10/templates/dns/default.tpl
new file mode 100755
index 00000000..e0a37e62
--- /dev/null
+++ b/install/ubuntu/18.10/templates/dns/default.tpl
@@ -0,0 +1,18 @@
+ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='3' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns3%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='4' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns4%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='5' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns5%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='6' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns6%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='7' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns7%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='8' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns8%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='9' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='10' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='11' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='12' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='13' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='14' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='15' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='16' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='17' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='18' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%'
diff --git a/install/ubuntu/18.10/templates/dns/gmail.tpl b/install/ubuntu/18.10/templates/dns/gmail.tpl
new file mode 100755
index 00000000..219c9d24
--- /dev/null
+++ b/install/ubuntu/18.10/templates/dns/gmail.tpl
@@ -0,0 +1,12 @@
+ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='4' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='5' RECORD='localhost' TYPE='A' PRIORITY='' VALUE='127.0.0.1' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='7' RECORD='@' TYPE='MX' PRIORITY='1' VALUE='ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='8' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT1.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='9' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT2.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='10' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT3.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='11' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT4.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='12' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% include:_spf.google.com ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
diff --git a/install/ubuntu/18.10/templates/web/apache2/basedir.stpl b/install/ubuntu/18.10/templates/web/apache2/basedir.stpl
new file mode 100644
index 00000000..d978d4c4
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/apache2/basedir.stpl
@@ -0,0 +1,44 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %sdocroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+        SSLRequireSSL
+        Options +Includes -Indexes +ExecCGI
+        php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+        php_admin_value upload_tmp_dir %home%/%user%/tmp
+        php_admin_value session.save_path %home%/%user%/tmp
+        php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
+    
+    
+        AllowOverride All
+    
+    SSLEngine on
+    SSLVerifyClient none
+    SSLCertificateFile %ssl_crt%
+    SSLCertificateKeyFile %ssl_key%
+    %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+
+    
+        RMode config
+        RUidGid %user% %group%
+        RGroups www-data
+    
+    
+        AssignUserID %user% %group%
+    
+
+    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/18.10/templates/web/apache2/basedir.tpl b/install/ubuntu/18.10/templates/web/apache2/basedir.tpl
new file mode 100644
index 00000000..96c94a1b
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/apache2/basedir.tpl
@@ -0,0 +1,38 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %docroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+        php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+        php_admin_value upload_tmp_dir %home%/%user%/tmp
+        php_admin_value session.save_path %home%/%user%/tmp
+        php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
+    
+    
+        AllowOverride All
+    
+
+    
+        RMode config
+        RUidGid %user% %group%
+        RGroups www-data
+    
+    
+        AssignUserID %user% %group%
+    
+
+    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/18.10/templates/web/apache2/default.stpl b/install/ubuntu/18.10/templates/web/apache2/default.stpl
new file mode 100644
index 00000000..ec34c279
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/apache2/default.stpl
@@ -0,0 +1,43 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %sdocroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+        SSLRequireSSL
+        Options +Includes -Indexes +ExecCGI
+        php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
+        php_admin_value upload_tmp_dir %home%/%user%/tmp
+        php_admin_value session.save_path %home%/%user%/tmp
+    
+    
+        AllowOverride All
+    
+    SSLEngine on
+    SSLVerifyClient none
+    SSLCertificateFile %ssl_crt%
+    SSLCertificateKeyFile %ssl_key%
+    %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+
+    
+        RMode config
+        RUidGid %user% %group%
+        RGroups www-data
+    
+    
+        AssignUserID %user% %group%
+    
+
+    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/18.10/templates/web/apache2/default.tpl b/install/ubuntu/18.10/templates/web/apache2/default.tpl
new file mode 100644
index 00000000..3a227015
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/apache2/default.tpl
@@ -0,0 +1,37 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %docroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+        php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+        php_admin_value upload_tmp_dir %home%/%user%/tmp
+        php_admin_value session.save_path %home%/%user%/tmp
+    
+    
+        AllowOverride All
+    
+
+    
+        RMode config
+        RUidGid %user% %group%
+        RGroups www-data
+    
+    
+        AssignUserID %user% %group%
+    
+
+    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/18.10/templates/web/apache2/hosting.stpl b/install/ubuntu/18.10/templates/web/apache2/hosting.stpl
new file mode 100644
index 00000000..8892072b
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/apache2/hosting.stpl
@@ -0,0 +1,49 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %sdocroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+        SSLRequireSSL
+        Options +Includes -Indexes +ExecCGI
+        php_admin_value upload_max_filesize 10M
+        php_admin_value max_execution_time 20
+        php_admin_value post_max_size  8M
+        php_admin_value memory_limit 32M
+        php_admin_flag mysql.allow_persistent  off
+        php_admin_flag safe_mode off
+        php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
+        php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube
+        php_admin_value upload_tmp_dir %home%/%user%/tmp
+        php_admin_value session.save_path %home%/%user%/tmp
+    
+    
+        AllowOverride All
+    
+    SSLEngine on
+    SSLVerifyClient none
+    SSLCertificateFile %ssl_crt%
+    SSLCertificateKeyFile %ssl_key%
+    %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+    
+        RMode config
+        RUidGid %user% %group%
+        RGroups www-data
+    
+    
+        AssignUserID %user% %group%
+    
+
+    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/18.10/templates/web/apache2/hosting.tpl b/install/ubuntu/18.10/templates/web/apache2/hosting.tpl
new file mode 100644
index 00000000..1eb26910
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/apache2/hosting.tpl
@@ -0,0 +1,43 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %docroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+        php_admin_value upload_max_filesize 10M
+        php_admin_value max_execution_time 20
+        php_admin_value post_max_size  8M
+        php_admin_value memory_limit 32M
+        php_admin_flag mysql.allow_persistent  off
+        php_admin_flag safe_mode off
+        php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
+        php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube
+        php_admin_value upload_tmp_dir %home%/%user%/tmp
+        php_admin_value session.save_path %home%/%user%/tmp
+    
+    
+        AllowOverride All
+    
+    
+        RMode config
+        RUidGid %user% %group%
+        RGroups www-data
+    
+    
+        AssignUserID %user% %group%
+    
+
+    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/18.10/templates/web/apache2/phpcgi.sh b/install/ubuntu/18.10/templates/web/apache2/phpcgi.sh
new file mode 100755
index 00000000..6565e103
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/apache2/phpcgi.sh
@@ -0,0 +1,16 @@
+#!/bin/bash
+# Adding php wrapper
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+wrapper_script='#!/usr/bin/php-cgi -cphp5-cgi.ini'
+wrapper_file="$home_dir/$user/web/$domain/cgi-bin/php"
+
+echo "$wrapper_script" > $wrapper_file
+chown $user:$user $wrapper_file
+chmod -f 751 $wrapper_file
+
+exit 0
diff --git a/install/ubuntu/18.10/templates/web/apache2/phpcgi.stpl b/install/ubuntu/18.10/templates/web/apache2/phpcgi.stpl
new file mode 100644
index 00000000..731355bc
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/apache2/phpcgi.stpl
@@ -0,0 +1,38 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %sdocroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        SSLRequireSSL
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+        php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+        php_admin_value upload_tmp_dir %home%/%user%/tmp
+        php_admin_value session.save_path %home%/%user%/tmp
+        Action phpcgi-script /cgi-bin/php
+        
+            SetHandler phpcgi-script
+        
+    
+    
+        AllowOverride All
+    
+    SSLEngine on
+    SSLVerifyClient none
+    SSLCertificateFile %ssl_crt%
+    SSLCertificateKeyFile %ssl_key%
+    %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+
+    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/18.10/templates/web/apache2/phpcgi.tpl b/install/ubuntu/18.10/templates/web/apache2/phpcgi.tpl
new file mode 100644
index 00000000..c6796d29
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/apache2/phpcgi.tpl
@@ -0,0 +1,31 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %docroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+        php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+        php_admin_value upload_tmp_dir %home%/%user%/tmp
+        php_admin_value session.save_path %home%/%user%/tmp
+        Action phpcgi-script /cgi-bin/php
+        
+            SetHandler phpcgi-script
+        
+    
+    
+        AllowOverride All
+    
+    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/18.10/templates/web/apache2/phpfcgid.sh b/install/ubuntu/18.10/templates/web/apache2/phpfcgid.sh
new file mode 100755
index 00000000..e8058249
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/apache2/phpfcgid.sh
@@ -0,0 +1,22 @@
+#!/bin/bash
+# Adding php wrapper
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+wrapper_script="#!/bin/sh
+PHPRC=/usr/local/lib
+export PHPRC
+export PHP_FCGI_MAX_REQUESTS=1000
+export PHP_FCGI_CHILDREN=20
+exec  /usr/bin/php-cgi
+"
+wrapper_file="$home_dir/$user/web/$domain/cgi-bin/fcgi-starter"
+
+echo "$wrapper_script" > $wrapper_file
+chown $user:$user $wrapper_file
+chmod -f 751 $wrapper_file
+
+exit 0
diff --git a/install/ubuntu/18.10/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/18.10/templates/web/apache2/phpfcgid.stpl
new file mode 100644
index 00000000..156c8a91
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/apache2/phpfcgid.stpl
@@ -0,0 +1,39 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %sdocroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        SSLRequireSSL
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+        php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+        php_admin_value upload_tmp_dir %home%/%user%/tmp
+        php_admin_value session.save_path %home%/%user%/tmp
+        
+          SetHandler fcgid-script
+        
+        FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php
+    
+    
+        AllowOverride All
+    
+    php_admin_value open_basedir none
+    SSLEngine on
+    SSLVerifyClient none
+    SSLCertificateFile %ssl_crt%
+    SSLCertificateKeyFile %ssl_key%
+    %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+
+    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/18.10/templates/web/apache2/phpfcgid.tpl b/install/ubuntu/18.10/templates/web/apache2/phpfcgid.tpl
new file mode 100644
index 00000000..a4c01269
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/apache2/phpfcgid.tpl
@@ -0,0 +1,31 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %docroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+        php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+        php_admin_value upload_tmp_dir %home%/%user%/tmp
+        php_admin_value session.save_path %home%/%user%/tmp
+        
+          SetHandler fcgid-script
+        
+        FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php
+    
+    
+        AllowOverride All
+    
+    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/18.10/templates/web/awstats/awstats.tpl b/install/ubuntu/18.10/templates/web/awstats/awstats.tpl
new file mode 100755
index 00000000..9a92e0fd
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/awstats/awstats.tpl
@@ -0,0 +1,133 @@
+LogFile="/var/log/%web_system%/domains/%domain%.log"
+LogType=W
+LogFormat=1
+LogSeparator=" "
+SiteDomain="%domain_idn%"
+HostAliases="%alias_idn%"
+DirData="%home%/%user%/web/%domain%/stats"
+DirCgi="/vstats"
+DirIcons="/vstats/icon"
+AllowToUpdateStatsFromBrowser=0
+AllowFullYearView=2
+EnableLockForUpdate=1
+DNSStaticCacheFile="dnscache.txt"
+DNSLastUpdateCacheFile="dnscachelastupdate.txt"
+SkipDNSLookupFor=""
+AllowAccessFromWebToAuthenticatedUsersOnly=0
+AllowAccessFromWebToFollowingAuthenticatedUsers=""
+AllowAccessFromWebToFollowingIPAddresses=""
+CreateDirDataIfNotExists=0
+BuildHistoryFormat=text
+BuildReportFormat=html
+SaveDatabaseFilesWithPermissionsForEveryone=0
+PurgeLogFile=0
+ArchiveLogRecords=0
+KeepBackupOfHistoricFiles=1
+DefaultFile="index.php index.html"
+SkipHosts="127.0.0.1
+SkipUserAgents=""
+SkipFiles=""
+SkipReferrersBlackList=""
+OnlyHosts=""
+OnlyUserAgents=""
+OnlyUsers=""
+OnlyFiles=""
+NotPageList="css js class gif jpg jpeg png bmp ico rss xml swf"
+ValidHTTPCodes="200 304"
+ValidSMTPCodes="1 250"
+AuthenticatedUsersNotCaseSensitive=0
+URLNotCaseSensitive=0
+URLWithAnchor=0
+URLQuerySeparators="?;"
+URLWithQuery=0
+URLWithQueryWithOnlyFollowingParameters=""
+URLWithQueryWithoutFollowingParameters=""
+URLReferrerWithQuery=0
+WarningMessages=1
+ErrorMessages=""
+DebugMessages=0
+NbOfLinesForCorruptedLog=50
+WrapperScript=""
+DecodeUA=0
+MiscTrackerUrl="/js/awstats_misc_tracker.js"
+UseFramesWhenCGI=1
+DetailedReportsOnNewWindows=1
+Expires=3600
+MaxRowsInHTMLOutput=1000
+Lang="auto"
+DirLang="./lang"
+ShowMenu=1
+ShowSummary=UVPHB
+ShowMonthStats=UVPHB
+ShowDaysOfMonthStats=VPHB
+ShowDaysOfWeekStats=PHB
+ShowHoursStats=PHB
+ShowDomainsStats=PHB
+ShowHostsStats=PHBL
+ShowAuthenticatedUsers=0
+ShowRobotsStats=HBL
+ShowWormsStats=0
+ShowEMailSenders=0
+ShowEMailReceivers=0
+ShowSessionsStats=1
+ShowPagesStats=PBEX
+ShowFileTypesStats=HB
+ShowFileSizesStats=0
+ShowDownloadsStats=HB
+ShowOSStats=1
+ShowBrowsersStats=1
+ShowScreenSizeStats=0
+ShowOriginStats=PH
+ShowKeyphrasesStats=1
+ShowKeywordsStats=1
+ShowMiscStats=a
+ShowHTTPErrorsStats=1
+ShowSMTPErrorsStats=0
+ShowClusterStats=0
+AddDataArrayMonthStats=1
+AddDataArrayShowDaysOfMonthStats=1
+AddDataArrayShowDaysOfWeekStats=1
+AddDataArrayShowHoursStats=1
+IncludeInternalLinksInOriginSection=0
+MaxNbOfDomain = 10
+MinHitDomain  = 1
+MaxNbOfHostsShown = 10
+MinHitHost    = 1
+MaxNbOfLoginShown = 10
+MinHitLogin   = 1
+MaxNbOfRobotShown = 10
+MinHitRobot   = 1
+MaxNbOfDownloadsShown = 10
+MinHitDownloads = 1
+MaxNbOfPageShown = 10
+MinHitFile    = 1
+MaxNbOfOsShown = 10
+MinHitOs      = 1
+MaxNbOfBrowsersShown = 10
+MinHitBrowser = 1
+MaxNbOfScreenSizesShown = 5
+MinHitScreenSize = 1
+MaxNbOfWindowSizesShown = 5
+MinHitWindowSize = 1
+MaxNbOfRefererShown = 10
+MinHitRefer   = 1
+MaxNbOfKeyphrasesShown = 10
+MinHitKeyphrase = 1
+MaxNbOfKeywordsShown = 10
+MinHitKeyword = 1
+MaxNbOfEMailsShown = 20
+MinHitEMail   = 1
+FirstDayOfWeek=0
+ShowFlagLinks=""
+ShowLinksOnUrl=1
+UseHTTPSLinkForUrl=""
+MaxLengthOfShownURL=64
+HTMLHeadSection=""
+HTMLEndSection=""
+MetaRobot=0
+Logo="awstats_logo6.png"
+LogoLink="http://awstats.sourceforge.net"
+BarWidth   = 260
+BarHeight  = 90
+StyleSheet=""
+ExtraTrackedRowsLimit=500
diff --git a/install/ubuntu/18.10/templates/web/awstats/index.tpl b/install/ubuntu/18.10/templates/web/awstats/index.tpl
new file mode 100755
index 00000000..9df9bb5c
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/awstats/index.tpl
@@ -0,0 +1,10 @@
+
+
+    
+    Awstats log analyzer 
+
+
+    
+    
+
+
diff --git a/install/ubuntu/18.10/templates/web/awstats/nav.tpl b/install/ubuntu/18.10/templates/web/awstats/nav.tpl
new file mode 100755
index 00000000..f29bed68
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/awstats/nav.tpl
@@ -0,0 +1,23 @@
+
+
+    Awstats navigation
+    
+
+
+
-                                                        
-                                                    

+                                                            
+                                                        
                                                     
                                                     
                                                         
@@ -580,13 +684,54 @@
                             

                                 
                                     
-                                         
+                                        
                                     
                                 
                             
                             
                                 
                                     
+                                        
+                                            
+                                        
+                                        
+                                            
+                                        
+
                                         
@@ -604,7 +749,7 @@
                                         
@@ -615,16 +760,16 @@
                                                             :
                                                         
-                                                    
+                                                    
@@ -633,7 +778,7 @@
                                                             :
                                                         
@@ -641,7 +786,7 @@
                                                             :
                                                         
@@ -649,16 +794,15 @@
                                                             :
                                                         
-
                                                     
@@ -666,7 +810,7 @@
                                                             :
                                                         
+                                                
+                                                            onclick="javascript:elementHideShow('domain_ssl');">
+                                                    
+                                                
+                                            

+                                                
+                                                    
+                                                        
+                                                    
+                                                    
+                                                        
+                                                    
+                                                
+                                                            
+                                                        

+                                                            
+                                                            


+                                                        
+                                            

                                             
                                                 
@@ -594,7 +739,7 @@
                                         
                                         
                                             
-                                                <?=htmlentities(trim($v_ssl_crt, "'"))?>
+                                                <?=htmlentities(trim($v_sys_ssl_crt, "'"))?>
                                             
                                         
                                         
                                         
                                             
-                                                <?=htmlentities(trim($v_ssl_key, "'"))?>
+                                                <?=htmlentities(trim($v_sys_ssl_key, "'"))?>
                                             
                                         
                                         
                                                         
-                                                            
+                                                            
                                                         
                                                     

                                                     
                                                         
                                                             :
                                                         
                                                         
-                                                            
+                                                            
                                                         
                                                     
                                                     
                                                         
-                                                            
+                                                            
                                                         
                                                     
                                                     
                                                         
-                                                            
+                                                            
                                                         
                                                     
                                                     
                                                         
-                                                            
+                                                            
                                                         
                                                     

                                                         
                                                             :
                                                         
                                                         
-                                                            
+                                                            
                                                         
                                                     
                                                     
                                                         
-                                                            
+                                                            
                                                         
                                                     
                                                 

From 6a9b7d35078e3dd4aac13cd867fed4d9fe5c9146 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Thu, 14 Mar 2019 14:34:38 +0200
Subject: [PATCH 0409/2300] Use Web Domain SSL Certificate -> i18n

---
 web/inc/i18n/ar.php    | 1 +
 web/inc/i18n/az.php    | 1 +
 web/inc/i18n/bg.php    | 1 +
 web/inc/i18n/bs.php    | 1 +
 web/inc/i18n/cn.php    | 1 +
 web/inc/i18n/cz.php    | 1 +
 web/inc/i18n/da.php    | 1 +
 web/inc/i18n/de.php    | 1 +
 web/inc/i18n/el.php    | 1 +
 web/inc/i18n/en.php    | 1 +
 web/inc/i18n/es.php    | 1 +
 web/inc/i18n/fa.php    | 1 +
 web/inc/i18n/fi.php    | 1 +
 web/inc/i18n/fr.php    | 1 +
 web/inc/i18n/hu.php    | 1 +
 web/inc/i18n/id.php    | 1 +
 web/inc/i18n/it.php    | 1 +
 web/inc/i18n/ja.php    | 1 +
 web/inc/i18n/ka.php    | 1 +
 web/inc/i18n/ko.php    | 1 +
 web/inc/i18n/nl.php    | 1 +
 web/inc/i18n/no.php    | 1 +
 web/inc/i18n/pl.php    | 1 +
 web/inc/i18n/pt-BR.php | 1 +
 web/inc/i18n/pt.php    | 1 +
 web/inc/i18n/ro.php    | 1 +
 web/inc/i18n/ru.php    | 1 +
 web/inc/i18n/se.php    | 1 +
 web/inc/i18n/sr.php    | 1 +
 web/inc/i18n/th.php    | 1 +
 web/inc/i18n/tr.php    | 1 +
 web/inc/i18n/tw.php    | 1 +
 web/inc/i18n/ua.php    | 1 +
 web/inc/i18n/ur.php    | 1 +
 web/inc/i18n/vi.php    | 1 +
 35 files changed, 35 insertions(+)

diff --git a/web/inc/i18n/ar.php b/web/inc/i18n/ar.php
index dd28828e..e50cfec7 100644
--- a/web/inc/i18n/ar.php
+++ b/web/inc/i18n/ar.php
@@ -560,6 +560,7 @@ $LANG['ar'] = array(
     'MAIL Server' => 'مخدم البريد الالكتروني',
     'Antivirus' => 'مضاد الفيروسات',
     'AntiSpam' => 'مضاد البريد المزعج سبام',
+    'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate',
     'Webmail URL' => 'رابط WebMail',
     'MySQL Support' => 'دعم MySQL',
     'phpMyAdmin URL' => 'رابط phpMyAdmin',
diff --git a/web/inc/i18n/az.php b/web/inc/i18n/az.php
index de5a0352..715043a0 100644
--- a/web/inc/i18n/az.php
+++ b/web/inc/i18n/az.php
@@ -540,6 +540,7 @@ $LANG['az'] = array(
     'MAIL Server' => 'MAIL Server',
     'Antivirus' => 'Antivirus',
     'AntiSpam' => 'AntiSpam',
+    'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate',
     'Webmail URL' => 'Vebmail URL',
     'MySQL Support' => 'MySQL dəstək',
     'phpMyAdmin URL' => 'phpMyAdmin URL',
diff --git a/web/inc/i18n/bg.php b/web/inc/i18n/bg.php
index 760b88c1..642e6cfa 100644
--- a/web/inc/i18n/bg.php
+++ b/web/inc/i18n/bg.php
@@ -553,6 +553,7 @@ $LANG['bg'] = array(
     'MAIL Server' => 'Пощенски сървър',
     'Antivirus' => 'Антивирус',
     'AntiSpam' => 'Антиспам',
+    'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate',
     'Webmail URL' => 'Уебмейл адрес',
     'MySQL Support' => 'MySQL поддръжкс',
     'phpMyAdmin URL' => 'phpMyAdmin адрес',
diff --git a/web/inc/i18n/bs.php b/web/inc/i18n/bs.php
index 22d997e5..4e2f32e1 100644
--- a/web/inc/i18n/bs.php
+++ b/web/inc/i18n/bs.php
@@ -559,6 +559,7 @@ $LANG['bs'] = array(
     'MAIL Server' => 'MAIL Server',
     'Antivirus' => 'Antivirus',
     'AntiSpam' => 'AntiSpam',
+    'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate',
     'Webmail URL' => 'Webmail URL',
     'MySQL Support' => 'MySQL Support',
     'phpMyAdmin URL' => 'phpMyAdmin URL',
diff --git a/web/inc/i18n/cn.php b/web/inc/i18n/cn.php
index ee9c9747..d2c96311 100644
--- a/web/inc/i18n/cn.php
+++ b/web/inc/i18n/cn.php
@@ -568,6 +568,7 @@ $LANG['cn'] = array(
     'MAIL Server' => '邮箱服务器',
     'Antivirus' => '防病毒引擎',
     'AntiSpam' => '防垃圾邮件',
+    'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate',
     'Webmail URL' => '网页邮箱网址',
     'MySQL Support' => 'MySQL 支持',
     'phpMyAdmin URL' => '设置 phpMyAdmin 网址',
diff --git a/web/inc/i18n/cz.php b/web/inc/i18n/cz.php
index f9f291bf..9a0cac79 100644
--- a/web/inc/i18n/cz.php
+++ b/web/inc/i18n/cz.php
@@ -560,6 +560,7 @@ $LANG['cz'] = array(
     'MAIL Server' => 'MAIL Server',
     'Antivirus' => 'Antivirus',
     'AntiSpam' => 'AntiSpam',
+    'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate',
     'Webmail URL' => 'Webmail URL',
     'MySQL Support' => 'MySQL Support',
     'phpMyAdmin URL' => 'phpMyAdmin URL',
diff --git a/web/inc/i18n/da.php b/web/inc/i18n/da.php
index 80e78a35..6e0fab72 100644
--- a/web/inc/i18n/da.php
+++ b/web/inc/i18n/da.php
@@ -561,6 +561,7 @@ $LANG['da'] = array(
     'MAIL Server' => 'MAIL Server',
     'Antivirus' => 'Antivirus',
     'AntiSpam' => 'AntiSpam',
+    'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate',
     'Webmail URL' => 'Webmail URL',
     'MySQL Support' => 'MySQL Support',
     'phpMyAdmin URL' => 'phpMyAdmin URL',
diff --git a/web/inc/i18n/de.php b/web/inc/i18n/de.php
index e5ee45d0..17d1101f 100644
--- a/web/inc/i18n/de.php
+++ b/web/inc/i18n/de.php
@@ -559,6 +559,7 @@ $LANG['de'] = array(
     'MAIL Server' => 'MAIL Server',
     'Antivirus' => 'Antivirus',
     'AntiSpam' => 'AntiSpam',
+    'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate',
     'Webmail URL' => 'Webmail URL',
     'MySQL Support' => 'MySQL Support',
     'phpMyAdmin URL' => 'phpMyAdmin URL',
diff --git a/web/inc/i18n/el.php b/web/inc/i18n/el.php
index 7e193523..bef89086 100644
--- a/web/inc/i18n/el.php
+++ b/web/inc/i18n/el.php
@@ -561,6 +561,7 @@ $LANG['el'] = array(
     'MAIL Server' => 'MAIL Server',
     'Antivirus' => 'Antivirus',
     'AntiSpam' => 'AntiSpam',
+    'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate',
     'Webmail URL' => 'Webmail URL',
     'MySQL Support' => 'MySQL Support',
     'phpMyAdmin URL' => 'phpMyAdmin URL',
diff --git a/web/inc/i18n/en.php b/web/inc/i18n/en.php
index ed5c1f2e..d7ae290d 100644
--- a/web/inc/i18n/en.php
+++ b/web/inc/i18n/en.php
@@ -559,6 +559,7 @@ $LANG['en'] = array(
     'MAIL Server' => 'MAIL Server',
     'Antivirus' => 'Antivirus',
     'AntiSpam' => 'AntiSpam',
+    'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate',
     'Webmail URL' => 'Webmail URL',
     'MySQL Support' => 'MySQL Support',
     'phpMyAdmin URL' => 'phpMyAdmin URL',
diff --git a/web/inc/i18n/es.php b/web/inc/i18n/es.php
index 212d78a2..12d3d29c 100644
--- a/web/inc/i18n/es.php
+++ b/web/inc/i18n/es.php
@@ -567,6 +567,7 @@ $LANG['es'] = array(
     'MAIL Server' => 'Servidor de Correo',
     'Antivirus' => 'Antivirus',
     'AntiSpam' => 'AntiSpam',
+    'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate',
     'Webmail URL' => 'Webmail URL',
     'MySQL Support' => 'Soportar MYSQL',
     'phpMyAdmin URL' => 'phpMyAdmin URL',
diff --git a/web/inc/i18n/fa.php b/web/inc/i18n/fa.php
index 57295481..8355691a 100644
--- a/web/inc/i18n/fa.php
+++ b/web/inc/i18n/fa.php
@@ -543,6 +543,7 @@ $LANG['fa'] = array(
     'MAIL Server' => 'سرور پستی',
     'Antivirus' => 'ضد ویروس',
     'AntiSpam' => 'ضد هرزنامه',
+    'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate',
     'Webmail URL' => 'نشانی وب میل',
     'MySQL Support' => 'پشتیبانی MySQL',
     'phpMyAdmin URL' => 'نشانی phpMyAdmin',
diff --git a/web/inc/i18n/fi.php b/web/inc/i18n/fi.php
index f2eddbab..951f8da3 100644
--- a/web/inc/i18n/fi.php
+++ b/web/inc/i18n/fi.php
@@ -561,6 +561,7 @@ $LANG['fi'] = array(
     'MAIL Server' => 'MAIL-palvelin',
     'Antivirus' => 'Antivirus',
     'AntiSpam' => 'AntiSpam',
+    'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate',
     'Webmail URL' => 'Webmailin URL',
     'MySQL Support' => 'MySQL Support',
     'phpMyAdmin URL' => 'phpMyAdmin URL',
diff --git a/web/inc/i18n/fr.php b/web/inc/i18n/fr.php
index c57e6266..4e2e3144 100644
--- a/web/inc/i18n/fr.php
+++ b/web/inc/i18n/fr.php
@@ -559,6 +559,7 @@ $LANG['fr'] = array(
     'MAIL Server' => 'MAIL Server',
     'Antivirus' => 'Antivirus',
     'AntiSpam' => 'AntiSpam',
+    'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate',
     'Webmail URL' => 'Webmail URL',
     'MySQL Support' => 'MySQL Support',
     'phpMyAdmin URL' => 'phpMyAdmin URL',
diff --git a/web/inc/i18n/hu.php b/web/inc/i18n/hu.php
index af461107..1c37f93f 100644
--- a/web/inc/i18n/hu.php
+++ b/web/inc/i18n/hu.php
@@ -563,6 +563,7 @@ $LANG['hu'] = array(
     'MAIL Server' => 'MAIL Server',
     'Antivirus' => 'Antivirus',
     'AntiSpam' => 'AntiSpam',
+    'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate',
     'Webmail URL' => 'Webmail URL',
     'MySQL Support' => 'MySQL Support',
     'phpMyAdmin URL' => 'phpMyAdmin URL',
diff --git a/web/inc/i18n/id.php b/web/inc/i18n/id.php
index 1a55af74..4702b7cc 100644
--- a/web/inc/i18n/id.php
+++ b/web/inc/i18n/id.php
@@ -560,6 +560,7 @@ $LANG['id'] = array(
     'MAIL Server' => 'MAIL Server',
     'Antivirus' => 'Antivirus',
     'AntiSpam' => 'AntiSpam',
+    'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate',
     'Webmail URL' => 'Webmail URL',
     'MySQL Support' => 'MySQL Support',
     'phpMyAdmin URL' => 'phpMyAdmin URL',
diff --git a/web/inc/i18n/it.php b/web/inc/i18n/it.php
index ec7a83d5..1e104c51 100644
--- a/web/inc/i18n/it.php
+++ b/web/inc/i18n/it.php
@@ -560,6 +560,7 @@ $LANG['it'] = array(
     'MAIL Server' => 'MAIL Server',
     'Antivirus' => 'Antivirus',
     'AntiSpam' => 'AntiSpam',
+    'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate',
     'Webmail URL' => 'Webmail URL',
     'MySQL Support' => 'MySQL Support',
     'phpMyAdmin URL' => 'phpMyAdmin URL',
diff --git a/web/inc/i18n/ja.php b/web/inc/i18n/ja.php
index f2836948..a592fd7b 100644
--- a/web/inc/i18n/ja.php
+++ b/web/inc/i18n/ja.php
@@ -559,6 +559,7 @@ $LANG['ja'] = array(
     'MAIL Server' => 'メールサーバー',
     'Antivirus' => 'アンチウイルス',
     'AntiSpam' => 'アンチスパム',
+    'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate',
     'Webmail URL' => 'ウェブメールのURL',
     'MySQL Support' => 'MySQLのサポート',
     'phpMyAdmin URL' => 'phpMyAdminのURL',
diff --git a/web/inc/i18n/ka.php b/web/inc/i18n/ka.php
index abbcb479..1512e06c 100644
--- a/web/inc/i18n/ka.php
+++ b/web/inc/i18n/ka.php
@@ -559,6 +559,7 @@ $LANG['ka'] = array(
     'MAIL Server' => 'ელფოსტის სერვერი',
     'Antivirus' => 'ანტივირუსი',
     'AntiSpam' => 'ანტისპამი',
+    'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate',
     'Webmail URL' => 'ვებფოსტის URL',
     'MySQL Support' => 'MySQL-ის მხარდაჭერა',
     'phpMyAdmin URL' => 'phpMyAdmin-ის URL',
diff --git a/web/inc/i18n/ko.php b/web/inc/i18n/ko.php
index a032f265..1b09de25 100644
--- a/web/inc/i18n/ko.php
+++ b/web/inc/i18n/ko.php
@@ -559,6 +559,7 @@ $LANG['ko'] = array(
     'MAIL Server' => 'MAIL 서버',
     'Antivirus' => '바이러스 필터링',
     'AntiSpam' => '스팸 필터링',
+    'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate',
     'Webmail URL' => '웹메일 주소',
     'MySQL Support' => 'MySQL 지원',
     'phpMyAdmin URL' => 'phpMyAdmin 주소',
diff --git a/web/inc/i18n/nl.php b/web/inc/i18n/nl.php
index fc86a88b..851fe46d 100644
--- a/web/inc/i18n/nl.php
+++ b/web/inc/i18n/nl.php
@@ -563,6 +563,7 @@ $LANG['nl'] = array(
     'MAIL Server' => 'MAIL Server',
     'Antivirus' => 'Antivirus',
     'AntiSpam' => 'AntiSpam',
+    'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate',
     'Webmail URL' => 'Webmail URL',
     'MySQL Support' => 'MySQL Support',
     'phpMyAdmin URL' => 'phpMyAdmin URL',
diff --git a/web/inc/i18n/no.php b/web/inc/i18n/no.php
index 45c23f22..fe026f39 100644
--- a/web/inc/i18n/no.php
+++ b/web/inc/i18n/no.php
@@ -560,6 +560,7 @@ $LANG['no'] = array(
     'MAIL Server' => 'MAIL Server',
     'Antivirus' => 'Antivirus',
     'AntiSpam' => 'AntiSpam',
+    'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate',
     'Webmail URL' => 'Webmail URL',
     'MySQL Support' => 'MySQL Support',
     'phpMyAdmin URL' => 'phpMyAdmin URL',
diff --git a/web/inc/i18n/pl.php b/web/inc/i18n/pl.php
index 23c8016c..e649a22c 100644
--- a/web/inc/i18n/pl.php
+++ b/web/inc/i18n/pl.php
@@ -560,6 +560,7 @@ $LANG['pl'] = array(
     'MAIL Server' => 'MAIL Server',
     'Antivirus' => 'Antivirus',
     'AntiSpam' => 'AntiSpam',
+    'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate',
     'Webmail URL' => 'Webmail URL',
     'MySQL Support' => 'MySQL Support',
     'phpMyAdmin URL' => 'phpMyAdmin URL',
diff --git a/web/inc/i18n/pt-BR.php b/web/inc/i18n/pt-BR.php
index 686af900..303ae53f 100644
--- a/web/inc/i18n/pt-BR.php
+++ b/web/inc/i18n/pt-BR.php
@@ -559,6 +559,7 @@ $LANG['pt-BR'] = array(
     'MAIL Server' => 'Servidor de E-MAIL',
     'Antivirus' => 'Antivirus',
     'AntiSpam' => 'AntiSpam',
+    'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate',
     'Webmail URL' => 'Webmail URL',
     'MySQL Support' => 'Suporte MySQL',
     'phpMyAdmin URL' => 'phpMyAdmin URL',
diff --git a/web/inc/i18n/pt.php b/web/inc/i18n/pt.php
index ec1eb670..02d3bf51 100644
--- a/web/inc/i18n/pt.php
+++ b/web/inc/i18n/pt.php
@@ -559,6 +559,7 @@ $LANG['pt'] = array(
     'MAIL Server' => 'MAIL Server',
     'Antivirus' => 'Antivirus',
     'AntiSpam' => 'AntiSpam',
+    'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate',
     'Webmail URL' => 'Webmail URL',
     'MySQL Support' => 'MySQL Support',
     'phpMyAdmin URL' => 'phpMyAdmin URL',
diff --git a/web/inc/i18n/ro.php b/web/inc/i18n/ro.php
index 0a9e93e3..5b70f5d5 100644
--- a/web/inc/i18n/ro.php
+++ b/web/inc/i18n/ro.php
@@ -561,6 +561,7 @@ $LANG['ro'] = array(
     'MAIL Server' => 'Server MAIL',
     'Antivirus' => 'Antivirus',
     'AntiSpam' => 'AntiSpam',
+    'Use Web Domain SSL Certificate' => 'Foloseşte certificatul SSL din domeniul WEB',
     'Webmail URL' => 'URL Webmail',
     'MySQL Support' => 'Suport MySQL',
     'phpMyAdmin URL' => 'URL phpMyAdmin',
diff --git a/web/inc/i18n/ru.php b/web/inc/i18n/ru.php
index a109056c..58829fad 100644
--- a/web/inc/i18n/ru.php
+++ b/web/inc/i18n/ru.php
@@ -561,6 +561,7 @@ $LANG['ru'] = array(
     'MAIL Server' => 'MAIL Сервер',
     'Antivirus' => 'Антивирус',
     'AntiSpam' => 'АнтиСпам',
+    'Use Web Domain SSL Certificate' => 'Использовать SSL сертификат веб домена',
     'Webmail URL' => 'Webmail URL',
     'MySQL Support' => 'Поддержка MySQL',
     'phpMyAdmin URL' => 'phpMyAdmin URL',
diff --git a/web/inc/i18n/se.php b/web/inc/i18n/se.php
index 87bb1910..96c5af9c 100644
--- a/web/inc/i18n/se.php
+++ b/web/inc/i18n/se.php
@@ -559,6 +559,7 @@ $LANG['se'] = array(
     'MAIL Server' => 'MAIL Server',
     'Antivirus' => 'Antivirus',
     'AntiSpam' => 'AntiSpam',
+    'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate',
     'Webmail URL' => 'Webmail URL',
     'MySQL Support' => 'MySQL Support',
     'phpMyAdmin URL' => 'phpMyAdmin URL',
diff --git a/web/inc/i18n/sr.php b/web/inc/i18n/sr.php
index dc1f315c..759ab6c9 100644
--- a/web/inc/i18n/sr.php
+++ b/web/inc/i18n/sr.php
@@ -559,6 +559,7 @@ $LANG['sr'] = array(
     'MAIL Server' => 'MAIL Server',
     'Antivirus' => 'Antivirus',
     'AntiSpam' => 'AntiSpam',
+    'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate',
     'Webmail URL' => 'Webmail URL',
     'MySQL Support' => 'MySQL podrška',
     'phpMyAdmin URL' => 'phpMyAdmin URL',
diff --git a/web/inc/i18n/th.php b/web/inc/i18n/th.php
index 07beb85e..2878192f 100644
--- a/web/inc/i18n/th.php
+++ b/web/inc/i18n/th.php
@@ -562,6 +562,7 @@ $LANG['th'] = array(
     'MAIL Server' => 'เซิร์ฟเวอร์เมล',
     'Antivirus' => 'ป้องกันไวรัส',
     'AntiSpam' => 'ป้องกันเมลขยะ',
+    'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate',
     'Webmail URL' => 'Webmail URL',
     'MySQL Support' => 'สนับสนุน MySQL',
     'phpMyAdmin URL' => 'phpMyAdmin URL',
diff --git a/web/inc/i18n/tr.php b/web/inc/i18n/tr.php
index 7f2875b9..a7fadc43 100644
--- a/web/inc/i18n/tr.php
+++ b/web/inc/i18n/tr.php
@@ -560,6 +560,7 @@ $LANG['tr'] = array(
     'MAIL Server' => 'MAIL Server',
     'Antivirus' => 'Antivirus',
     'AntiSpam' => 'AntiSpam',
+    'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate',
     'Webmail URL' => 'Webmail URL',
     'MySQL Support' => 'MySQL Support',
     'phpMyAdmin URL' => 'phpMyAdmin URL',
diff --git a/web/inc/i18n/tw.php b/web/inc/i18n/tw.php
index d35cba4a..d421cf87 100644
--- a/web/inc/i18n/tw.php
+++ b/web/inc/i18n/tw.php
@@ -564,6 +564,7 @@ $LANG['tw'] = array(
     'MAIL Server' => 'MAIL 伺服器',
     'Antivirus' => '病毒防護',
     'AntiSpam' => '垃圾郵件防護',
+    'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate',
     'Webmail URL' => 'Webmail 路徑',
     'MySQL Support' => 'MySQL 支援',
     'phpMyAdmin URL' => 'phpMyAdmin 路徑',
diff --git a/web/inc/i18n/ua.php b/web/inc/i18n/ua.php
index cf47496d..136cc73f 100644
--- a/web/inc/i18n/ua.php
+++ b/web/inc/i18n/ua.php
@@ -560,6 +560,7 @@ $LANG['ua'] = array(
     'MAIL Server' => 'MAIL сервер',
     'Antivirus' => 'Антивірус',
     'AntiSpam' => 'АнтиСпам',
+    'Use Web Domain SSL Certificate' => 'Використовувати SSL сертифікат веб домену',
     'Webmail URL' => 'Webmail URL',
     'MySQL Support' => 'Підтримка MySQL',
     'phpMyAdmin URL' => 'phpMyAdmin URL',
diff --git a/web/inc/i18n/ur.php b/web/inc/i18n/ur.php
index d01a401d..960e5631 100644
--- a/web/inc/i18n/ur.php
+++ b/web/inc/i18n/ur.php
@@ -548,6 +548,7 @@ $LANG['ur'] = array(
     'MAIL Server'  => 'میل سرور',
     'Antivirus'  => 'اینٹی وائرس',
     'AntiSpam'  => 'اینٹی سپیم',
+    'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate',
     'Webmail URL'  => 'ویب میل URL',
     'MySQL Support'  => 'ایس کیو ایل کی معاونت کی',
     'phpMyAdmin URL'  => 'phpMyAdmin کے یو آر ایل',
diff --git a/web/inc/i18n/vi.php b/web/inc/i18n/vi.php
index 40d40cbe..2de145b4 100644
--- a/web/inc/i18n/vi.php
+++ b/web/inc/i18n/vi.php
@@ -562,6 +562,7 @@ $LANG['vi'] = array(
     'MAIL Server' => 'Máy chủ MAIL',
     'Antivirus' => 'Trình diệt virus',
     'AntiSpam' => 'Trình chống spam',
+    'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate',
     'Webmail URL' => 'Đường dẫn Webmail',
     'MySQL Support' => 'Hỗ trợ MySQL',
     'phpMyAdmin URL' => 'Đường dẫn phpMyAdmin',

From 180d9101316db6f0d8c2e5f35949dc3f8567c05b Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Thu, 14 Mar 2019 14:58:19 +0200
Subject: [PATCH 0410/2300] inverted trigger condition

---
 bin/v-add-web-domain-ssl | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/bin/v-add-web-domain-ssl b/bin/v-add-web-domain-ssl
index d7a209f1..43e5cce3 100755
--- a/bin/v-add-web-domain-ssl
+++ b/bin/v-add-web-domain-ssl
@@ -121,14 +121,14 @@ $BIN/v-restart-proxy $restart
 check_result $? "Proxy restart failed" >/dev/null
 
 # Updating system ssl dependencies
-if [ -z "$VESTA_CERTIFICATE" ]; then
+if [ ! -z "$VESTA_CERTIFICATE" ]; then
     crt_user=$(echo "$VESTA_CERTIFICATE" |cut -f 1 -d :)
     crt_domain=$(echo "$VESTA_CERTIFICATE" |cut -f 2 -d :)
     if [ "$user" = "$crt_user" ] && [ "$domain" = "$crt_domain" ]; then
         $BIN/v-add-sys-vesta-ssl $user $domain >/dev/null 2>&1
     fi
 fi
-if [ -z "$MAIL_CERTIFICATE" ]; then
+if [ ! -z "$MAIL_CERTIFICATE" ]; then
     crt_user=$(echo "$MAIL_CERTIFICATE" |cut -f 1 -d :)
     crt_domain=$(echo "$MAIL_CERTIFICATE" |cut -f 2 -d :)
     if [ "$user" = "$crt_user" ] && [ "$domain" = "$crt_domain" ]; then

From 1f4080473504e50d4831afd8d2f6a9fea1e9cc7b Mon Sep 17 00:00:00 2001
From: pablobae 
Date: Thu, 14 Mar 2019 16:07:44 +0100
Subject: [PATCH 0411/2300]  Update v-update-firewall

Check sshcustom port  is not needed anymore, because after merging pull 1819, the rules file already contains the ssh port correctly (it's not hardcoded anymore.

Also, if these lines are not removed, we have change ssh port, and we try to add a new rule with port 22 (v-add-firewall-rule DROP 0.0.0.0/0 22 tcp ssh) , these lines will change port 22 to current ssh port on rules.conf file, and we will be blocked.
---
 bin/v-update-firewall | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/bin/v-update-firewall b/bin/v-update-firewall
index da91acc8..46e2073a 100755
--- a/bin/v-update-firewall
+++ b/bin/v-update-firewall
@@ -51,11 +51,6 @@ if [ $? -ne 0 ]; then
     conntrack_ftp='no'
 fi
 
-# Checking custom OpenSSH  port
-sshport=$(grep '^Port ' /etc/ssh/sshd_config | head -1 | cut -d ' ' -f 2)
-if [[ "$sshport" =~ ^[0-9]+$ ]] && [ "$sshport" -ne "22"  ]; then
-    sed -i "s/PORT='22'/PORT=\'$sshport\'/" $rules
-fi
 
 # Creating temporary file
 tmp=$(mktemp)

From aeee40865e51d52c3f190a678ec0393969175376 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luka=20Paunovi=C4=87?= 
Date: Thu, 21 Mar 2019 16:50:29 +0100
Subject: [PATCH 0412/2300] Fixing blowfish_secret length (too short)

phpMyAdmin "screams", we should be using length of 32 characters for blowfish_secret.
---
 install/vst-install-rhel.sh | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/install/vst-install-rhel.sh b/install/vst-install-rhel.sh
index b7c2839e..7adee764 100755
--- a/install/vst-install-rhel.sh
+++ b/install/vst-install-rhel.sh
@@ -83,6 +83,9 @@ gen_pass() {
     echo "$PASS"
 }
 
+# Defining 32 char blowfish_secret
+blowfish_secret=`openssl rand -base64 32`;
+
 # Defining return code check function
 check_result() {
     if [ $1 -ne 0 ]; then
@@ -1043,7 +1046,7 @@ if [ "$mysql" = 'yes' ]; then
         cp -f $vestacp/pma/phpMyAdmin.conf /etc/httpd/conf.d/
     fi
     cp -f $vestacp/pma/config.inc.conf /etc/phpMyAdmin/config.inc.php
-    sed -i "s/%blowfish_secret%/$(gen_pass)/g" /etc/phpMyAdmin/config.inc.php
+    sed -i "s/%blowfish_secret%/$blowfish_secret/g" /etc/phpMyAdmin/config.inc.php
 fi
 
 

From 5d9265f84f062f0b685e3c2819ee5a45ae55cf9c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luka=20Paunovi=C4=87?= 
Date: Thu, 21 Mar 2019 16:52:59 +0100
Subject: [PATCH 0413/2300]  Fixing blowfish_secret length (too short)

Fixing blowfish_secret length (too short)
---
 install/vst-install-amazon.sh | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/install/vst-install-amazon.sh b/install/vst-install-amazon.sh
index 8dbdaa14..e23d9997 100644
--- a/install/vst-install-amazon.sh
+++ b/install/vst-install-amazon.sh
@@ -74,6 +74,9 @@ gen_pass() {
     echo "$PASS"
 }
 
+# Defining 32 char blowfish_secret
+blowfish_secret=`openssl rand -base64 32`;
+
 # Defining return code check function
 check_result() {
     if [ $1 -ne 0 ]; then
@@ -1023,7 +1026,7 @@ if [ "$mysql" = 'yes' ]; then
         cp -f $vestacp/pma/phpMyAdmin.conf /etc/httpd/conf.d/
     fi
     cp -f $vestacp/pma/config.inc.conf /etc/phpMyAdmin/config.inc.php
-    sed -i "s/%blowfish_secret%/$(gen_pass)/g" /etc/phpMyAdmin/config.inc.php
+    sed -i "s/%blowfish_secret%/$blowfish_secret/g" /etc/phpMyAdmin/config.inc.php
 fi
 
 

From a67674c1f2a0c86411aa7d36010190c3beb0522a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luka=20Paunovi=C4=87?= 
Date: Thu, 21 Mar 2019 21:25:27 +0100
Subject: [PATCH 0414/2300] Fixed

fixed
---
 install/vst-install-amazon.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/vst-install-amazon.sh b/install/vst-install-amazon.sh
index e23d9997..2bae6418 100644
--- a/install/vst-install-amazon.sh
+++ b/install/vst-install-amazon.sh
@@ -1026,7 +1026,7 @@ if [ "$mysql" = 'yes' ]; then
         cp -f $vestacp/pma/phpMyAdmin.conf /etc/httpd/conf.d/
     fi
     cp -f $vestacp/pma/config.inc.conf /etc/phpMyAdmin/config.inc.php
-    sed -i "s/%blowfish_secret%/$blowfish_secret/g" /etc/phpMyAdmin/config.inc.php
+    sed -i "s#%blowfish_secret#$blowfish_secret#g" /etc/phpMyAdmin/config.inc.php
 fi
 
 

From 891dac76fcfff724909bebf8062c23b278a68998 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luka=20Paunovi=C4=87?= 
Date: Thu, 21 Mar 2019 21:26:05 +0100
Subject: [PATCH 0415/2300] Update vst-install-rhel.sh

---
 install/vst-install-rhel.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/vst-install-rhel.sh b/install/vst-install-rhel.sh
index 7adee764..f6147bbc 100755
--- a/install/vst-install-rhel.sh
+++ b/install/vst-install-rhel.sh
@@ -1046,7 +1046,7 @@ if [ "$mysql" = 'yes' ]; then
         cp -f $vestacp/pma/phpMyAdmin.conf /etc/httpd/conf.d/
     fi
     cp -f $vestacp/pma/config.inc.conf /etc/phpMyAdmin/config.inc.php
-    sed -i "s/%blowfish_secret%/$blowfish_secret/g" /etc/phpMyAdmin/config.inc.php
+    sed -i "s#%blowfish_secret#$blowfish_secret#g" /etc/phpMyAdmin/config.inc.php
 fi
 
 

From f534560782636691771e7f07756512c243a27bac Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 22 Mar 2019 01:09:39 +0100
Subject: [PATCH 0416/2300] Allow custom $MAX_DBUSER_LEN

echo "MAX_DBUSER_LEN=80" >> /usr/local/vesta/conf/vesta.conf
---
 func/main.sh | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/func/main.sh b/func/main.sh
index ded0eb4b..464b9727 100644
--- a/func/main.sh
+++ b/func/main.sh
@@ -650,8 +650,12 @@ is_date_format_valid() {
 # Database user validator
 is_dbuser_format_valid() {
     exclude="[!|@|#|$|^|&|*|(|)|+|=|{|}|:|,|<|>|?|/|\|\"|'|;|%|\`| ]"
-    if [ 17 -le ${#1} ]; then
-        check_result $E_INVALID "mysql username can be up to 16 characters long"
+    my_max_dbuser_len=16
+    if [ ! -z "$MAX_DBUSER_LEN" ]; then
+        my_max_dbuser_len=$MAX_DBUSER_LEN
+    fi    
+    if [ ${#1} -ge $my_max_dbuser_len ]; then
+        check_result $E_INVALID "mysql username can be up to $my_max_dbuser_len characters long"
     fi
     if [[ "$1" =~ $exclude ]]; then
         check_result $E_INVALID "invalid $2 format :: $1"

From 2210f52b7c2fa9e2b2b52f556d8d3317d7eac636 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 22 Mar 2019 01:25:19 +0100
Subject: [PATCH 0417/2300] Include MAX_DBUSER_LEN in v-list-sys-config

---
 bin/v-list-sys-config | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/bin/v-list-sys-config b/bin/v-list-sys-config
index 879c3ab3..52607672 100755
--- a/bin/v-list-sys-config
+++ b/bin/v-list-sys-config
@@ -51,7 +51,8 @@ json_list() {
         "MAIL_URL": "'$MAIL_URL'",
         "DB_PMA_URL": "'$DB_PMA_URL'",
         "DB_PGA_URL": "'$DB_PGA_URL'",
-        "SOFTACULOUS": "'$SOFTACULOUS'"
+        "SOFTACULOUS": "'$SOFTACULOUS'",
+        "MAX_DBUSER_LEN": "'$MAX_DBUSER_LEN'"
     }
 }'
 }

From 8f03540a1bcdfccacb0492cc2a1b20bd5099cba7 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 22 Mar 2019 01:27:29 +0100
Subject: [PATCH 0418/2300] Adding MAX_DBUSER_LEN in add_db.html template

---
 web/templates/admin/add_db.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/templates/admin/add_db.html b/web/templates/admin/add_db.html
index 74903241..7b180894 100644
--- a/web/templates/admin/add_db.html
+++ b/web/templates/admin/add_db.html
@@ -61,7 +61,7 @@
                                     (".__('maximum characters length, including prefix', 16).")";
+                                        echo "    (".__('maximum characters length, including prefix', $_SESSION['MAX_DBUSER_LEN']).")";
                                     ?>
                                 
                             
+
+    
+    
+
+ 
+        
+    
+    
+
+
diff --git a/install/ubuntu/18.10/templates/web/nginx/caching.sh b/install/ubuntu/18.10/templates/web/nginx/caching.sh
new file mode 100755
index 00000000..09d8efe7
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/caching.sh
@@ -0,0 +1,19 @@
+#!/bin/bash
+
+user=$1
+domain=$2
+ip=$3
+home=$4
+docroot=$5
+
+str="proxy_cache_path /var/cache/nginx/$domain levels=2" 
+str="$str keys_zone=$domain:10m inactive=60m max_size=512m;" 
+conf='/etc/nginx/conf.d/01_caching_pool.conf'
+if [ -e "$conf" ]; then
+    if [ -z "$(grep "=${domain}:" $conf)" ]; then
+        echo "$str" >> $conf
+    fi
+else
+    echo "$str" >> $conf
+fi
+
diff --git a/install/ubuntu/18.10/templates/web/nginx/caching.stpl b/install/ubuntu/18.10/templates/web/nginx/caching.stpl
new file mode 100755
index 00000000..e149b98b
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/caching.stpl
@@ -0,0 +1,43 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl;
+    server_name %domain_idn% %alias_idn%;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass https://%ip%:%web_ssl_port%;
+
+        proxy_cache cache;
+        proxy_cache_valid 15m;
+        proxy_cache_valid 404 1m;
+        proxy_no_cache $no_cache;
+        proxy_cache_bypass $no_cache;
+        proxy_cache_bypass $cookie_session $http_x_update;
+
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            proxy_cache    off;
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/caching.tpl b/install/ubuntu/18.10/templates/web/nginx/caching.tpl
new file mode 100755
index 00000000..36761b65
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/caching.tpl
@@ -0,0 +1,41 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      http://%ip%:%web_port%;
+
+        proxy_cache cache;
+        proxy_cache_valid 15m;
+        proxy_cache_valid 404 1m;
+        proxy_no_cache $no_cache;
+        proxy_cache_bypass $no_cache;
+        proxy_cache_bypass $cookie_session $http_x_update;
+
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            proxy_cache    off;
+            root           %docroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/default.stpl b/install/ubuntu/18.10/templates/web/nginx/default.stpl
new file mode 100755
index 00000000..0e669b3d
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/default.stpl
@@ -0,0 +1,35 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl;
+    server_name %domain_idn% %alias_idn%;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/install/ubuntu/18.10/templates/web/nginx/default.tpl b/install/ubuntu/18.10/templates/web/nginx/default.tpl
new file mode 100755
index 00000000..4d5c774b
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/default.tpl
@@ -0,0 +1,33 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %docroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
+
diff --git a/install/ubuntu/18.10/templates/web/nginx/hosting.sh b/install/ubuntu/18.10/templates/web/nginx/hosting.sh
new file mode 100755
index 00000000..eeed37ef
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/hosting.sh
@@ -0,0 +1,11 @@
+#!/bin/bash
+# Changing public_html permission
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+chmod 755 $docroot
+
+exit 0
diff --git a/install/ubuntu/18.10/templates/web/nginx/hosting.stpl b/install/ubuntu/18.10/templates/web/nginx/hosting.stpl
new file mode 100755
index 00000000..1ef8994b
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/hosting.stpl
@@ -0,0 +1,37 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl;
+    server_name %domain_idn% %alias_idn%;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/install/ubuntu/18.10/templates/web/nginx/hosting.tpl b/install/ubuntu/18.10/templates/web/nginx/hosting.tpl
new file mode 100755
index 00000000..15961c95
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/hosting.tpl
@@ -0,0 +1,35 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %docroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
+
diff --git a/install/ubuntu/18.10/templates/web/nginx/http2.stpl b/install/ubuntu/18.10/templates/web/nginx/http2.stpl
new file mode 100644
index 00000000..f225becd
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/http2.stpl
@@ -0,0 +1,35 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/install/ubuntu/18.10/templates/web/nginx/http2.tpl b/install/ubuntu/18.10/templates/web/nginx/http2.tpl
new file mode 100644
index 00000000..4d5c774b
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/http2.tpl
@@ -0,0 +1,33 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %docroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
+
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/cms_made_simple.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/cms_made_simple.stpl
new file mode 100644
index 00000000..003e9180
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/cms_made_simple.stpl
@@ -0,0 +1,55 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ /index.php?page=$request_uri;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/cms_made_simple.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/cms_made_simple.tpl
new file mode 100644
index 00000000..f9e90393
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/cms_made_simple.tpl
@@ -0,0 +1,52 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        try_files $uri $uri/ /index.php?page=$request_uri;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/codeigniter2.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/codeigniter2.stpl
new file mode 100644
index 00000000..51f1f408
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/codeigniter2.stpl
@@ -0,0 +1,60 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location = /index.php {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param  SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location ~ \.php$ {
+        return 444;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/codeigniter2.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/codeigniter2.tpl
new file mode 100644
index 00000000..d2422be2
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/codeigniter2.tpl
@@ -0,0 +1,57 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location = /index.php {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param  SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location ~ \.php$ {
+        return 444;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/codeigniter3.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/codeigniter3.stpl
new file mode 100644
index 00000000..e8dd8bf6
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/codeigniter3.stpl
@@ -0,0 +1,55 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/codeigniter3.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/codeigniter3.tpl
new file mode 100644
index 00000000..54f81b99
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/codeigniter3.tpl
@@ -0,0 +1,52 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/datalife_engine.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/datalife_engine.stpl
new file mode 100644
index 00000000..96495ee8
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/datalife_engine.stpl
@@ -0,0 +1,126 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last;
+
+        rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last;
+        rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last;
+        rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last;
+        rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last;
+
+        rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last;
+        rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last;
+        rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last;
+        rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last;
+
+        rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last;
+        rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last;
+
+        rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last;
+        rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last;
+
+        rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last;
+        rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last;
+
+        rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last;
+        rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last;
+        rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last;
+        rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last;
+        rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last;
+        rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last;
+
+        rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last;
+        rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last;
+
+        rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last;
+        rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last;
+        rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last;
+
+        rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last;
+        rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last;
+
+        rewrite "^/favorites(/?)+$" /index.php?do=favorites last;
+        rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last;
+
+        rewrite "^/rules.html$" /index.php?do=rules last;
+        rewrite "^/statistics.html$" /index.php?do=stats last;
+        rewrite "^/addnews.html$" /index.php?do=addnews last;
+        rewrite "^/rss.xml$" /engine/rss.php last;
+        rewrite "^/sitemap.xml$" /uploads/sitemap.xml last;
+
+        if (!-d $request_filename) {
+                rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last;
+                rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last;
+        }
+
+        if (!-f $request_filename) {
+                rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last;
+                rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last;
+                rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last;
+        }
+
+        if (!-f $request_filename) {
+                rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/datalife_engine.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/datalife_engine.tpl
new file mode 100644
index 00000000..3ea45347
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/datalife_engine.tpl
@@ -0,0 +1,123 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last;
+
+        rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last;
+        rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last;
+        rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last;
+        rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last;
+
+        rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last;
+        rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last;
+        rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last;
+        rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last;
+
+        rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last;
+        rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last;
+
+        rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last;
+        rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last;
+
+        rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last;
+        rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last;
+
+        rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last;
+        rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last;
+        rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last;
+        rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last;
+        rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last;
+        rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last;
+
+        rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last;
+        rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last;
+
+        rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last;
+        rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last;
+        rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last;
+
+        rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last;
+        rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last;
+
+        rewrite "^/favorites(/?)+$" /index.php?do=favorites last;
+        rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last;
+
+        rewrite "^/rules.html$" /index.php?do=rules last;
+        rewrite "^/statistics.html$" /index.php?do=stats last;
+        rewrite "^/addnews.html$" /index.php?do=addnews last;
+        rewrite "^/rss.xml$" /engine/rss.php last;
+        rewrite "^/sitemap.xml$" /uploads/sitemap.xml last;
+
+        if (!-d $request_filename) {
+                rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last;
+                rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last;
+        }
+
+        if (!-f $request_filename) {
+                rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last;
+                rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last;
+                rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last;
+        }
+
+        if (!-f $request_filename) {
+                rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/default.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/default.stpl
new file mode 100644
index 00000000..38de83d2
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/default.stpl
@@ -0,0 +1,54 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/default.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/default.tpl
new file mode 100644
index 00000000..a8909efb
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/default.tpl
@@ -0,0 +1,51 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/dokuwiki.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/dokuwiki.stpl
new file mode 100644
index 00000000..c9387bfb
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/dokuwiki.stpl
@@ -0,0 +1,71 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        index doku.php;
+        try_files $uri $uri/ @dokuwiki;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location ~ ^/lib.*\.(gif|png|ico|jpg)$ {
+        expires 30d;
+    }
+
+    location ^~ /conf/ { return 403; }
+    location ^~ /data/ { return 403; }
+
+    location @dokuwiki {
+        rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last;
+        rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last;
+        rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last;
+        rewrite ^/(.*) /doku.php?id=$1 last;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/dokuwiki.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/dokuwiki.tpl
new file mode 100644
index 00000000..0a9a75ed
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/dokuwiki.tpl
@@ -0,0 +1,67 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        index doku.php;
+        try_files $uri $uri/ @dokuwiki;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location ~ ^/lib.*\.(gif|png|ico|jpg)$ {
+        expires 30d;
+    }
+
+    location ^~ /conf/ { return 403; }
+    location ^~ /data/ { return 403; }
+    location @dokuwiki {
+        rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last;
+        rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last;
+        rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last;
+        rewrite ^/(.*) /doku.php?id=$1 last;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal6.stpl
new file mode 100644
index 00000000..6b20ba9d
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal6.stpl
@@ -0,0 +1,84 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+   
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }   
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
+        try_files $uri @rewrite;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+
+        location ~ ^/sites/.*/files/imagecache/ {
+            try_files $uri @rewrite;
+        }    
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;             
+            include /etc/nginx/fastcgi_params;
+        }        
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal6.tpl
new file mode 100644
index 00000000..0ae7568b
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal6.tpl
@@ -0,0 +1,81 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+    
+        try_files $uri @rewrite; 
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+
+        location ~ ^/sites/.*/files/imagecache/ {
+            try_files $uri @rewrite;
+        }
+            
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;             
+            include /etc/nginx/fastcgi_params;
+        }        
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal7.stpl
new file mode 100644
index 00000000..041ebba0
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal7.stpl
@@ -0,0 +1,88 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+    
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+    
+        try_files $uri /index.php?$query_string;  
+
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
+
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+        
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal7.tpl
new file mode 100644
index 00000000..6b41f319
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal7.tpl
@@ -0,0 +1,85 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+        
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }  
+
+        try_files $uri /index.php?$query_string;
+
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
+
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }                
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal8.stpl
new file mode 100644
index 00000000..231d9441
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal8.stpl
@@ -0,0 +1,93 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
+        location ~ /vendor/.*\.php$ {
+            deny all;
+            return 404;
+        }          
+        
+        try_files $uri /index.php?$query_string;
+        
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
+
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+        
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
+    }    
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal8.tpl
new file mode 100644
index 00000000..452aa9e6
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal8.tpl
@@ -0,0 +1,90 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }  
+   
+    location / {
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+            allow all;
+            log_not_found off;
+            access_log off;
+        }
+
+        location ~ \..*/.*\.php$ {
+            return 403;
+        }
+
+        location ~ ^/sites/.*/private/ {
+            return 403;
+        }
+        
+        location ~ ^/sites/[^/]+/files/.*\.php$ {
+            deny all;
+        }
+        
+        location ~ /vendor/.*\.php$ {
+            deny all;
+            return 404;
+        }          
+        
+        try_files $uri /index.php?$query_string;
+        
+        location ~ ^/sites/.*/files/styles/ {
+            try_files $uri @rewrite;
+        }
+
+        location ~ ^(/[a-z\-]+)?/system/files/ {
+            try_files $uri /index.php?$query_string;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+            try_files $uri @rewrite;
+            expires max;
+            log_not_found off;
+        }
+
+        location ~ '\.php$|^/update.php' {
+            fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_pass %backend_lsnr%;
+            include /etc/nginx/fastcgi_params;
+        }        
+    }        
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/joomla.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/joomla.stpl
new file mode 100644
index 00000000..886b586e
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/joomla.stpl
@@ -0,0 +1,62 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        # deny running scripts inside writable directories
+        location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ {
+            return 403;
+            error_page 403 /403_error.html;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/joomla.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/joomla.tpl
new file mode 100644
index 00000000..91b7a8f1
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/joomla.tpl
@@ -0,0 +1,59 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        # deny running scripts inside writable directories
+        location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ {
+            return 403;
+            error_page 403 /403_error.html;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/laravel.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/laravel.stpl
new file mode 100644
index 00000000..8e6e8774
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/laravel.stpl
@@ -0,0 +1,55 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%/public;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    
+    location / {
+        try_files $uri $uri/ /index.php?$query_string;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/laravel.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/laravel.tpl
new file mode 100644
index 00000000..d14b0173
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/laravel.tpl
@@ -0,0 +1,50 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%/public;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+    location / {
+        try_files $uri $uri/ /index.php?$query_string;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/magento.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/magento.stpl
new file mode 100644
index 00000000..5d05ea72
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/magento.stpl
@@ -0,0 +1,197 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl;
+    server_name %domain_idn% %alias_idn%;
+
+    root        %sdocroot%/pub;
+    index       index.php;
+    autoindex   off;
+    charset     UTF-8;
+    error_page  404 403 = /errors/404.php;
+    add_header  "X-UA-Compatible" "IE=Edge";
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    # PHP entry point for setup application
+    location ~* ^/setup($|/) {
+        root %sdocroot%;
+
+        location ~ ^/setup/index.php {
+            fastcgi_pass   %backend_lsnr%;
+            fastcgi_index  index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            include        /etc/nginx/fastcgi_params;
+        }
+
+        location ~ ^/setup/(?!pub/). {
+            deny all;
+        }
+
+        location ~ ^/setup/pub/ {
+            add_header X-Frame-Options "SAMEORIGIN";
+        }
+    }
+
+    # PHP entry point for update application
+    location ~* ^/update($|/) {
+        root %sdocroot%;
+
+        location ~ ^/update/index.php {
+            fastcgi_split_path_info ^(/update/index.php)(/.+)$;
+            fastcgi_pass   %backend_lsnr%;
+            fastcgi_index  index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            fastcgi_param  PATH_INFO        $fastcgi_path_info;
+            include        /etc/nginx/fastcgi_params;
+        }
+
+        # Deny everything but index.php
+        location ~ ^/update/(?!pub/). {
+            deny all;
+        }
+
+        location ~ ^/update/pub/ {
+            add_header X-Frame-Options "SAMEORIGIN";
+        }
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+    }
+
+    location /pub/ {
+        location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) {
+            deny all;
+        }
+
+        alias %sdocroot%/pub/;
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /static/ {
+        # Uncomment the following line in production mode
+        # expires max;
+
+        # Remove signature of the static files that is used to overcome the browser cache
+        location ~ ^/static/version {
+            rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last;
+        }
+
+        location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+            add_header Cache-Control "public";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires +1y;
+
+            if (!-f $request_filename) {
+                rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+            }
+        }
+
+        location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+            add_header Cache-Control "no-store";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires    off;
+
+            if (!-f $request_filename) {
+                rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+            }
+        }
+
+        if (!-f $request_filename) {
+            rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+        }
+
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /media/ {
+        try_files $uri $uri/ /get.php?$args;
+
+        location ~ ^/media/theme_customization/.*\.xml {
+            deny all;
+        }
+
+        location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+            add_header Cache-Control "public";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires +1y;
+            try_files $uri $uri/ /get.php?$args;
+        }
+
+        location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+            add_header Cache-Control "no-store";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires    off;
+            try_files $uri $uri/ /get.php?$args;
+        }
+
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /media/customer/ {
+        deny all;
+    }
+
+    location /media/downloadable/ {
+        deny all;
+    }
+
+    location /media/import/ {
+        deny all;
+    }
+
+    # PHP entry point for main application
+    location ~ (index|get|static|report|404|503)\.php$ {
+        try_files $uri =404;
+
+        fastcgi_pass   %backend_lsnr%;
+        fastcgi_buffers 1024 4k;
+        fastcgi_read_timeout 600s;
+        fastcgi_connect_timeout 600s;
+
+        fastcgi_index  index.php;
+        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+        include        /etc/nginx/fastcgi_params;
+    }
+
+    gzip on;
+    gzip_disable "msie6";
+
+    gzip_comp_level 6;
+    gzip_min_length 1100;
+    gzip_buffers 16 8k;
+    gzip_proxied any;
+    gzip_types
+        text/plain
+        text/css
+        text/js
+        text/xml
+        text/javascript
+        application/javascript
+        application/x-javascript
+        application/json
+        application/xml
+        application/xml+rss
+        image/svg+xml;
+    gzip_vary on;
+
+    # Banned locations (only reached if the earlier PHP entry point regexes don't match)
+    location ~* (\.php$|\.htaccess$|\.git) {
+        deny all;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/magento.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/magento.tpl
new file mode 100644
index 00000000..3f292fff
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/magento.tpl
@@ -0,0 +1,194 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+
+    root        %docroot%/pub;
+    index       index.php;
+    autoindex   off;
+    charset     UTF-8;
+    error_page  404 403 = /errors/404.php;
+    add_header  "X-UA-Compatible" "IE=Edge";
+
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    # PHP entry point for setup application
+    location ~* ^/setup($|/) {
+        root %docroot%;
+
+        location ~ ^/setup/index.php {
+            fastcgi_pass   %backend_lsnr%;
+            fastcgi_index  index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            include        /etc/nginx/fastcgi_params;
+        }
+
+        location ~ ^/setup/(?!pub/). {
+            deny all;
+        }
+
+        location ~ ^/setup/pub/ {
+            add_header X-Frame-Options "SAMEORIGIN";
+        }
+    }
+
+    # PHP entry point for update application
+    location ~* ^/update($|/) {
+        root %docroot%;
+
+        location ~ ^/update/index.php {
+            fastcgi_split_path_info ^(/update/index.php)(/.+)$;
+            fastcgi_pass   %backend_lsnr%;
+            fastcgi_index  index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            fastcgi_param  PATH_INFO        $fastcgi_path_info;
+            include        /etc/nginx/fastcgi_params;
+        }
+
+        # Deny everything but index.php
+        location ~ ^/update/(?!pub/). {
+            deny all;
+        }
+
+        location ~ ^/update/pub/ {
+            add_header X-Frame-Options "SAMEORIGIN";
+        }
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+    }
+
+    location /pub/ {
+        location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) {
+            deny all;
+        }
+
+        alias %docroot%/pub/;
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /static/ {
+        # Uncomment the following line in production mode
+        # expires max;
+
+        # Remove signature of the static files that is used to overcome the browser cache
+        location ~ ^/static/version {
+            rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last;
+        }
+
+        location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+            add_header Cache-Control "public";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires +1y;
+
+            if (!-f $request_filename) {
+                rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+            }
+        }
+
+        location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+            add_header Cache-Control "no-store";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires    off;
+
+            if (!-f $request_filename) {
+                rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+            }
+        }
+
+        if (!-f $request_filename) {
+            rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+        }
+
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /media/ {
+        try_files $uri $uri/ /get.php?$args;
+
+        location ~ ^/media/theme_customization/.*\.xml {
+            deny all;
+        }
+
+        location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+            add_header Cache-Control "public";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires +1y;
+            try_files $uri $uri/ /get.php?$args;
+        }
+
+        location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+            add_header Cache-Control "no-store";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires    off;
+            try_files $uri $uri/ /get.php?$args;
+        }
+
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /media/customer/ {
+        deny all;
+    }
+
+    location /media/downloadable/ {
+        deny all;
+    }
+
+    location /media/import/ {
+        deny all;
+    }
+
+    # PHP entry point for main application
+    location ~ (index|get|static|report|404|503)\.php$ {
+        try_files $uri =404;
+
+        fastcgi_pass   %backend_lsnr%;
+        fastcgi_buffers 1024 4k;
+        fastcgi_read_timeout 600s;
+        fastcgi_connect_timeout 600s;
+
+        fastcgi_index  index.php;
+        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+        include        /etc/nginx/fastcgi_params;
+    }
+
+    gzip on;
+    gzip_disable "msie6";
+
+    gzip_comp_level 6;
+    gzip_min_length 1100;
+    gzip_buffers 16 8k;
+    gzip_proxied any;
+    gzip_types
+        text/plain
+        text/css
+        text/js
+        text/xml
+        text/javascript
+        application/javascript
+        application/x-javascript
+        application/json
+        application/xml
+        application/xml+rss
+        image/svg+xml;
+    gzip_vary on;
+
+    # Banned locations (only reached if the earlier PHP entry point regexes don't match)
+    location ~* (\.php$|\.htaccess$|\.git) {
+        deny all;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/modx.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/modx.stpl
new file mode 100644
index 00000000..23ce8eb8
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/modx.stpl
@@ -0,0 +1,68 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+#   if you need to rewrite www to non-www uncomment bellow
+#   if ($host != '%domain%' ) {
+#       rewrite      ^/(.*)$  https://%domain%/$1  permanent;
+#    }
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ @rewrite;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+    }
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
+    location ~ \.php$ {
+        try_files $uri =404;
+        fastcgi_pass %backend_lsnr%;
+        fastcgi_index index.php;
+        fastcgi_param SCRIPT_FILENAME $request_filename;
+        include /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/modx.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/modx.tpl
new file mode 100644
index 00000000..342d3ecf
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/modx.tpl
@@ -0,0 +1,65 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+#   if you need to rewrite www to non-www uncomment bellow
+#   if ($host != '%domain%' ) {
+#       rewrite      ^/(.*)$  http://%domain%/$1  permanent;
+#    }
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ @rewrite;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+    }
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
+    location ~ \.php$ {
+        try_files $uri =404;
+        fastcgi_pass %backend_lsnr%;
+        fastcgi_index index.php;
+        fastcgi_param SCRIPT_FILENAME $request_filename;
+        include /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/moodle.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/moodle.stpl
new file mode 100644
index 00000000..10629c65
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/moodle.stpl
@@ -0,0 +1,89 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+    }
+
+    # No no for private
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    # Block access to "hidden" files and directories whose names begin with a
+    # period. This includes directories used by version control systems such
+    # as Subversion or Git to store control files.
+    location ~ (^|/)\. {
+            return 403;
+        }
+
+    location / {
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $request_filename;
+            fastcgi_intercept_errors on;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/moodle.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/moodle.tpl
new file mode 100644
index 00000000..c20ba648
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/moodle.tpl
@@ -0,0 +1,87 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    # Very rarely should these ever be accessed outside of your lan
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+        }
+
+    # No no for private
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    # Block access to "hidden" files and directories whose names begin with a
+    # period. This includes directories used by version control systems such
+    # as Subversion or Git to store control files.
+    location ~ (^|/)\. {
+        return 403;
+    }
+
+    location / {
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $request_filename;
+            fastcgi_intercept_errors on;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/no-php.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/no-php.stpl
new file mode 100644
index 00000000..7b3aff96
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/no-php.stpl
@@ -0,0 +1,46 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    types {
+            text/html   html htm shtml php php5;
+    }
+
+    location / {
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/no-php.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/no-php.tpl
new file mode 100644
index 00000000..7ff8aa1d
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/no-php.tpl
@@ -0,0 +1,43 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    types {
+            text/html   html htm shtml php php5;
+    }
+
+    location / {
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/odoo.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/odoo.stpl
new file mode 100644
index 00000000..223eb97a
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/odoo.stpl
@@ -0,0 +1,69 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
+    proxy_redirect          off;
+
+    proxy_set_header X-Forwarded-Host $host;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_set_header X-Real-IP $remote_addr;
+
+    proxy_connect_timeout   720;
+    proxy_send_timeout      720;
+    proxy_read_timeout      720;
+    send_timeout            720;
+
+    # Allow "Well-Known URIs" as per RFC 5785
+    location ~* ^/.well-known/ {
+        allow all;
+    }
+
+    location / {
+        proxy_pass http://127.0.0.1:8069;
+    }
+
+    location /longpolling {
+        proxy_pass http://127.0.0.1:8072;
+    }
+    
+    location ~* /web/static/ {
+        proxy_cache_valid 200 60m;
+        proxy_buffering on;
+        expires 864000;
+        proxy_pass http://127.0.0.1:8069;
+    }
+    
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/odoo.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/odoo.tpl
new file mode 100644
index 00000000..b1240aae
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/odoo.tpl
@@ -0,0 +1,66 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+    
+    proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
+    proxy_redirect          off;
+
+    proxy_set_header X-Forwarded-Host $host;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_set_header X-Real-IP $remote_addr;
+
+    proxy_connect_timeout   720;
+    proxy_send_timeout      720;
+    proxy_read_timeout      720;
+    send_timeout            720;
+
+    # Allow "Well-Known URIs" as per RFC 5785
+    location ~* ^/.well-known/ {
+        allow all;
+    }
+
+    location / {
+        proxy_pass http://127.0.0.1:8069;
+    }
+
+    location /longpolling {
+        proxy_pass http://127.0.0.1:8072;
+    }
+    
+    location ~* /web/static/ {
+        proxy_cache_valid 200 60m;
+        proxy_buffering on;
+        expires 864000;
+        proxy_pass http://127.0.0.1:8069;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/opencart.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/opencart.stpl
new file mode 100644
index 00000000..5b6e55e8
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/opencart.stpl
@@ -0,0 +1,58 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ @opencart;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location @opencart {
+        rewrite ^/(.+)$ /index.php?_route_=$1 last;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/opencart.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/opencart.tpl
new file mode 100644
index 00000000..d0a9060b
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/opencart.tpl
@@ -0,0 +1,54 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+    location / {
+        try_files $uri $uri/ @opencart;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location @opencart {
+        rewrite ^/(.+)$ /index.php?_route_=$1 last;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/owncloud.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/owncloud.stpl
new file mode 100644
index 00000000..b43fdc75
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/owncloud.stpl
@@ -0,0 +1,84 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
+    rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
+    rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
+
+    error_page 403 = /core/templates/403.php;
+    error_page 404 = /core/templates/404.php;
+
+    location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){
+        deny all;
+    }
+
+    location / {
+        # The following 2 rules are only needed with webfinger
+        rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
+        rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
+        rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
+        rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
+        rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
+        try_files $uri $uri/ /index.php;
+
+        location ~ \.php(?:$|/) {
+            fastcgi_split_path_info ^(.+\.php)(/.+)$;
+            include         /etc/nginx/fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_param PATH_INFO $fastcgi_path_info;
+            #fastcgi_param HTTPS on;
+            fastcgi_pass    %backend_lsnr%;
+        }
+    }
+
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        expires     max;
+        # Some basic cache-control for static files to be sent to the browser
+        add_header Pragma public;
+        add_header Cache-Control "public, must-revalidate, proxy-revalidate";
+    }
+
+    #error_page  403 /error/404.html;
+    #error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/owncloud.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/owncloud.tpl
new file mode 100644
index 00000000..e3ec31de
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/owncloud.tpl
@@ -0,0 +1,81 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+            access_log off;
+    }
+
+    rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
+    rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
+    rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
+
+    error_page 403 = /core/templates/403.php;
+    error_page 404 = /core/templates/404.php;
+
+    location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){
+        deny all;
+    }
+
+    location / {
+        # The following 2 rules are only needed with webfinger
+        rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
+        rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
+        rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
+        rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
+        rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
+        try_files $uri $uri/ /index.php;
+
+        location ~ \.php(?:$|/) {
+            fastcgi_split_path_info ^(.+\.php)(/.+)$;
+            include         /etc/nginx/fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_param PATH_INFO $fastcgi_path_info;
+            #fastcgi_param HTTPS on;
+            fastcgi_pass    %backend_lsnr%;
+        }
+    }
+
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        expires     max;
+        # Some basic cache-control for static files to be sent to the browser
+        add_header Pragma public;
+        add_header Cache-Control "public, must-revalidate, proxy-revalidate";
+    }
+
+    #error_page  403 /error/404.html;
+    #error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/piwik.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/piwik.stpl
new file mode 100644
index 00000000..0a4a412f
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/piwik.stpl
@@ -0,0 +1,72 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        try_files /favicon.ico =204;
+    }
+
+    location / {
+        try_files $uri /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            valid_referers none blocked %domain_idn% %alias_idn%;
+            if ($invalid_referer)  {
+                return 444;
+            }
+            expires     max;
+        }
+
+        location ~* ^/(?:index|piwik)\.php$ {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return 404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    # Any other attempt to access PHP files returns a 404.
+    location ~* ^.+\.php$ {
+        return 404; 
+    }
+
+    # Return a 404 for all text files.
+    location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ {
+            return 404;
+        }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/piwik.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/piwik.tpl
new file mode 100644
index 00000000..f94fb7de
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/piwik.tpl
@@ -0,0 +1,69 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        try_files /favicon.ico =204;
+    }
+
+    location / {
+        try_files $uri /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            valid_referers none blocked %domain_idn% %alias_idn%;
+            if ($invalid_referer)  {
+                return 444;
+            }
+            expires     max;
+        }
+
+        location ~* ^/(?:index|piwik)\.php$ {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return 404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    # Any other attempt to access PHP files returns a 404.
+    location ~* ^.+\.php$ {
+            return 404; 
+    }
+
+    # Return a 404 for all text files.
+    location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ {
+            return 404;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/pyrocms.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/pyrocms.stpl
new file mode 100644
index 00000000..c9f91854
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/pyrocms.stpl
@@ -0,0 +1,65 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%/public;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location /installer {
+            try_files $uri $uri/ /installer/index.php?$query_string;
+        }
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location = /robots.txt  { access_log off; log_not_found off; }
+    location = /favicon.ico { access_log off; log_not_found off; }
+    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ ~$           { access_log off; log_not_found off; deny all; }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/pyrocms.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/pyrocms.tpl
new file mode 100644
index 00000000..297fe0e8
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/pyrocms.tpl
@@ -0,0 +1,62 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%/public;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location /installer {
+            try_files $uri $uri/ /installer/index.php?$query_string;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location = /robots.txt  { access_log off; log_not_found off; }
+    location = /favicon.ico { access_log off; log_not_found off; }
+    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ ~$           { access_log off; log_not_found off; deny all; }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/sendy.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/sendy.stpl
new file mode 100644
index 00000000..0b351000
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/sendy.stpl
@@ -0,0 +1,88 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+     location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" {
+        deny all;
+    }
+
+    location ~ /(readme.html|license.txt) {
+        deny all;
+    }
+
+    if (!-f $request_filename){
+        rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+        location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ {
+            expires 1d;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            try_files $uri =404;
+            fastcgi_pass %backend_lsnr%;
+            fastcgi_index index.php;
+            include /etc/nginx/fastcgi_params;
+        }
+
+        location /l/ {
+            rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last;
+        }
+
+        location /t/ {
+            rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last;
+        }
+
+        location /w/ {
+            rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last;
+        }
+
+        location /unsubscribe/ {
+            rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last;
+        }
+
+        location /subscribe/ {
+            rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/sendy.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/sendy.tpl
new file mode 100644
index 00000000..b27b427d
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/sendy.tpl
@@ -0,0 +1,86 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" {
+        deny all;
+    }
+
+    location ~ /(readme.html|license.txt) {
+        deny all;
+    }
+
+    if (!-f $request_filename){
+        rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+        location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ {
+            expires 1d;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            try_files $uri =404;
+            fastcgi_pass %backend_lsnr%;
+            fastcgi_index index.php;
+            include /etc/nginx/fastcgi_params;
+        }
+
+        location /l/ {
+            rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last;
+        }
+
+        location /t/ {
+            rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last;
+        }
+
+        location /w/ {
+            rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last;
+        }
+
+        location /unsubscribe/ {
+            rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last;
+        }
+
+        location /subscribe/ {
+            rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress.stpl
new file mode 100644
index 00000000..38de83d2
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress.stpl
@@ -0,0 +1,54 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress.tpl
new file mode 100644
index 00000000..a8909efb
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress.tpl
@@ -0,0 +1,51 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress2.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress2.stpl
new file mode 100644
index 00000000..39cce361
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress2.stpl
@@ -0,0 +1,66 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress2.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress2.tpl
new file mode 100644
index 00000000..bccb8b3d
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress2.tpl
@@ -0,0 +1,63 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl
new file mode 100644
index 00000000..264ca01a
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl
@@ -0,0 +1,71 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        if (!-e $request_filename)
+        {
+            rewrite ^(.+)$ /index.php?q=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain_idn%.conf*;
+} 
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl
new file mode 100644
index 00000000..39e366b7
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl
@@ -0,0 +1,67 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+        
+        if (!-e $request_filename)
+        {
+            rewrite ^(.+)$ /index.php?q=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain_idn%.conf*;
+}
diff --git a/install/ubuntu/18.10/templates/web/nginx/proxy_ip.tpl b/install/ubuntu/18.10/templates/web/nginx/proxy_ip.tpl
new file mode 100755
index 00000000..ae195617
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/proxy_ip.tpl
@@ -0,0 +1,9 @@
+server {
+    listen       %ip%:%proxy_port% default;
+    server_name  _;
+    #access_log  /var/log/nginx/%ip%.log main;
+    location / {
+        proxy_pass  http://%ip%:%web_port%;
+   }
+}
+
diff --git a/install/ubuntu/18.10/templates/web/php-fpm/default.tpl b/install/ubuntu/18.10/templates/web/php-fpm/default.tpl
new file mode 100644
index 00000000..209e1e43
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/php-fpm/default.tpl
@@ -0,0 +1,21 @@
+[%backend%]
+listen = 127.0.0.1:%backend_port%
+listen.allowed_clients = 127.0.0.1
+
+user = %user%
+group = %user%
+
+pm = ondemand
+pm.max_children = 4
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/%user%/tmp
+php_admin_value[session.save_path] = /home/%user%/tmp
+
+env[HOSTNAME] = $HOSTNAME
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/%user%/tmp
+env[TMPDIR] = /home/%user%/tmp
+env[TEMP] = /home/%user%/tmp
diff --git a/install/ubuntu/18.10/templates/web/php-fpm/no-php.tpl b/install/ubuntu/18.10/templates/web/php-fpm/no-php.tpl
new file mode 100644
index 00000000..047c33ed
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/php-fpm/no-php.tpl
@@ -0,0 +1,20 @@
+;[%backend%]
+;listen = /dev/null
+
+;user = %user%
+;group = %user%
+
+;listen.owner = %user%
+;listen.group = www-data
+
+;pm = ondemand
+;pm.max_children = 4
+;pm.max_requests = 4000
+;pm.process_idle_timeout = 10s
+;pm.status_path = /status
+
+;env[HOSTNAME] = $HOSTNAME
+;env[PATH] = /usr/local/bin:/usr/bin:/bin
+;env[TMP] = /home/%user%/tmp
+;env[TMPDIR] = /home/%user%/tmp
+;env[TEMP] = /home/%user%/tmp
diff --git a/install/ubuntu/18.10/templates/web/php-fpm/socket.tpl b/install/ubuntu/18.10/templates/web/php-fpm/socket.tpl
new file mode 100644
index 00000000..a0151084
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/php-fpm/socket.tpl
@@ -0,0 +1,24 @@
+[%backend%]
+listen = /var/run/php/%backend%.sock
+listen.allowed_clients = 127.0.0.1
+
+user = %user%
+group = %user%
+
+listen.owner = %user%
+listen.group = www-data
+
+pm = ondemand
+pm.max_children = 4
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/%user%/tmp
+php_admin_value[session.save_path] = /home/%user%/tmp
+
+env[HOSTNAME] = $HOSTNAME
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/%user%/tmp
+env[TMPDIR] = /home/%user%/tmp
+env[TEMP] = /home/%user%/tmp
diff --git a/install/ubuntu/18.10/templates/web/skel/document_errors/403.html b/install/ubuntu/18.10/templates/web/skel/document_errors/403.html
new file mode 100755
index 00000000..9c3f6baa
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/skel/document_errors/403.html
@@ -0,0 +1,29 @@
+
+
+    403 — Forbidden
+    
+    
+    
+
+
+
+    %domain%
+
+    403
+    Forbidden
+    
+        Unfortunately, you do not have permission to view this
+    
+
+
+
diff --git a/install/ubuntu/18.10/templates/web/skel/document_errors/404.html b/install/ubuntu/18.10/templates/web/skel/document_errors/404.html
new file mode 100755
index 00000000..2cee7708
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/skel/document_errors/404.html
@@ -0,0 +1,28 @@
+
+
+    404 — Not Found
+    
+    
+    
+
+
+
+    %domain%
+    404
+    Page Not Found
+    
+        It seems that the page you were trying to reach does not exist anymore, or maybe it has just moved.
+        You can start again from the home or go back to previous page.
+    
+
+
diff --git a/install/ubuntu/18.10/templates/web/skel/document_errors/50x.html b/install/ubuntu/18.10/templates/web/skel/document_errors/50x.html
new file mode 100755
index 00000000..85ba648b
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/skel/document_errors/50x.html
@@ -0,0 +1,29 @@
+
+
+    500 — Internal Sever Error
+    
+    
+    
+
+
+
+    %domain%
+
+    500
+    Internal Server Error
+    
+        Sorry, something went wrong :(
+    
+
+
+
diff --git a/install/ubuntu/18.10/templates/web/skel/public_html/index.html b/install/ubuntu/18.10/templates/web/skel/public_html/index.html
new file mode 100755
index 00000000..4f5bb724
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/skel/public_html/index.html
@@ -0,0 +1,26 @@
+
+
+    %domain% — Coming Soon
+    
+    
+    
+
+
+
+    %domain%
+    
+        Powered by VESTA
+    
+
+
+
+
diff --git a/install/ubuntu/18.10/templates/web/skel/public_html/robots.txt b/install/ubuntu/18.10/templates/web/skel/public_html/robots.txt
new file mode 100755
index 00000000..00ee83dc
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/skel/public_html/robots.txt
@@ -0,0 +1,3 @@
+# vestacp autogenerated robots.txt
+User-agent: *
+Crawl-delay: 10
diff --git a/install/ubuntu/18.10/templates/web/skel/public_shtml/index.html b/install/ubuntu/18.10/templates/web/skel/public_shtml/index.html
new file mode 100755
index 00000000..4f5bb724
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/skel/public_shtml/index.html
@@ -0,0 +1,26 @@
+
+
+    %domain% — Coming Soon
+    
+    
+    
+
+
+
+    %domain%
+    
+        Powered by VESTA
+    
+
+
+
+
diff --git a/install/ubuntu/18.10/templates/web/skel/public_shtml/robots.txt b/install/ubuntu/18.10/templates/web/skel/public_shtml/robots.txt
new file mode 100755
index 00000000..00ee83dc
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/skel/public_shtml/robots.txt
@@ -0,0 +1,3 @@
+# vestacp autogenerated robots.txt
+User-agent: *
+Crawl-delay: 10
diff --git a/install/ubuntu/18.10/templates/web/suspend/.htaccess b/install/ubuntu/18.10/templates/web/suspend/.htaccess
new file mode 100755
index 00000000..5a6df83f
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/suspend/.htaccess
@@ -0,0 +1,2 @@
+ErrorDocument 403 /index.html
+ErrorDocument 404 /index.html
diff --git a/install/ubuntu/18.10/templates/web/suspend/index.html b/install/ubuntu/18.10/templates/web/suspend/index.html
new file mode 100755
index 00000000..f2d04e1f
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/suspend/index.html
@@ -0,0 +1,25 @@
+
+
+    Website Suspended
+    
+    
+    
+
+
+    SUSPENDED
+    This website has been suspended.
+    
+        Please contact the technical support department.
+    
+
+
diff --git a/install/ubuntu/18.10/templates/web/webalizer/webalizer.tpl b/install/ubuntu/18.10/templates/web/webalizer/webalizer.tpl
new file mode 100755
index 00000000..068adcfb
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/webalizer/webalizer.tpl
@@ -0,0 +1,110 @@
+HostName         %domain_idn%
+LogFile          /var/log/%web_system%/domains/%domain%.log
+OutputDir        %home%/%user%/web/%domain%/stats
+HistoryName      %home%/%user%/web/%domain%/stats/%domain%.hist
+Incremental      yes
+IncrementalName  %home%/%user%/web/%domain%/stats/%domain%.current
+PageType         htm*
+PageType         cgi
+PageType         php
+PageType         shtml
+DNSCache         /var/lib/webalizer/dns_cache.db
+DNSChildren      10
+Quiet            yes
+FoldSeqErr       yes
+IndexAlias       index.php
+HideURL          *.gif
+HideURL          *.GIF
+HideURL          *.jpg
+HideURL          *.JPG
+HideURL          *.png
+HideURL          *.PNG
+HideURL          *.ra
+SearchEngine     abcsearch.          terms=
+SearchEngine     alexa.              q=
+SearchEngine     alltheweb.          q=
+SearchEngine     alltheweb.          query=
+SearchEngine     alot.               q=
+SearchEngine     altavista.          q=
+SearchEngine     aolsearch.          query=
+SearchEngine     aport.ru            r=
+SearchEngine     ask.                q=
+SearchEngine     atlas.cz            q=
+SearchEngine     bbc.                q=
+SearchEngine     bing.               q=
+SearchEngine     blingo.             q=
+SearchEngine     blogs.yandex.ru     text=
+SearchEngine     btopenworld         query=
+SearchEngine     buscador.ya.com     q=
+SearchEngine     busca.              q=
+SearchEngine     business.           query=
+SearchEngine     centrum.cz          q=
+SearchEngine     chiff.              q=
+SearchEngine     clusty.             query=
+SearchEngine     comcast.            q=
+SearchEngine     crawler.            q=
+SearchEngine     cuil.               q=
+SearchEngine     dmoz.               search=
+SearchEngine     dogpile.com         q=
+SearchEngine     dpxml               qkw=
+SearchEngine     eureka.             searchword=
+SearchEngine     euroseek.           string=
+SearchEngine     exalead.            q=
+SearchEngine     excite              search=
+SearchEngine     ezilon.             q=
+SearchEngine     fastbrowsersearch.  q=
+SearchEngine     feedster.com        q=
+SearchEngine     fireball.de         q=
+SearchEngine     fireball.           keyword=
+SearchEngine     freeserve.          q=
+SearchEngine     gigablast.          q=
+SearchEngine     gogo.ru             q=
+SearchEngine     go.mail.ru          q=
+SearchEngine     google.             q=
+SearchEngine     hakia.              q=
+SearchEngine     hotbot.             query=
+SearchEngine     infoseek.           qt=
+SearchEngine     iwon                searchfor=
+SearchEngine     ixquick.com         query=
+SearchEngine     joeant.             keywords=
+SearchEngine     jyxo.cz             s=
+SearchEngine     looksmart.          key=
+SearchEngine     lycos.              query=
+SearchEngine     mamma.              q=
+SearchEngine     metacrawler         q=
+SearchEngine     msn.                MT=
+SearchEngine     msxml               qkw=
+SearchEngine     mysearch.           searchfor=
+SearchEngine     mywebsearch.        searchfor=
+SearchEngine     netscape.           q=
+SearchEngine     nigma.ru            q=
+SearchEngine     northernlight.      qr=
+SearchEngine     ntlworld.           q=
+SearchEngine     orange.             q=
+SearchEngine     overture.           Keywords=
+SearchEngine     punto.ru            text=
+SearchEngine     rambler.            keyword=
+SearchEngine     search.aol.         q=
+SearchEngine     search.babylon.     q=
+SearchEngine     search.centrum.     phrase=
+SearchEngine     search.conduit.     q=
+SearchEngine     search.earthlink    q=
+SearchEngine     search.icq.         q=
+SearchEngine     search.live.com     q=
+SearchEngine     search.rambler.ru   words=
+SearchEngine     search.winamp.      q=
+SearchEngine     searchy.            q=
+SearchEngine     seznam.cz           w=
+SearchEngine     snap.               query=
+SearchEngine     teoma.              q=
+SearchEngine     teradex.com         q=
+SearchEngine     ukplus              key=
+SearchEngine     verizon.            q=
+SearchEngine     virginmedia.        q=
+SearchEngine     voila.              rdata=
+SearchEngine     webcrawler          searchText=
+SearchEngine     web.search.naver.   query=
+SearchEngine     wisenut             q=
+SearchEngine     yahoo.              p=
+SearchEngine     yandex.             text=
+SearchEngine     yodao.              q=
diff --git a/install/ubuntu/18.10/vsftpd/vsftpd.conf b/install/ubuntu/18.10/vsftpd/vsftpd.conf
new file mode 100644
index 00000000..75e0104f
--- /dev/null
+++ b/install/ubuntu/18.10/vsftpd/vsftpd.conf
@@ -0,0 +1,40 @@
+anonymous_enable=NO
+local_enable=YES
+write_enable=YES
+local_umask=022
+anon_umask=022
+anon_upload_enable=NO
+dirmessage_enable=YES
+xferlog_enable=YES
+connect_from_port_20=YES
+xferlog_std_format=YES
+dual_log_enable=YES
+chroot_local_user=YES
+listen=YES
+pam_service_name=vsftpd
+userlist_enable=NO
+tcp_wrappers=YES
+force_dot_files=YES
+ascii_upload_enable=YES
+ascii_download_enable=YES
+allow_writeable_chroot=YES
+seccomp_sandbox=NO
+pasv_enable=YES
+pasv_promiscuous=YES
+pasv_min_port=12000
+pasv_max_port=12100
+max_per_ip=10
+max_clients=100
+use_localtime=YES
+utf8_filesystem=YES
+ssl_enable=YES
+allow_anon_ssl=NO
+require_ssl_reuse=NO
+ssl_ciphers=HIGH
+ssl_tlsv1=YES
+ssl_sslv2=NO
+ssl_sslv3=NO
+force_local_data_ssl=NO
+force_local_logins_ssl=NO
+rsa_cert_file=/usr/local/vesta/ssl/certificate.crt
+rsa_private_key_file=/usr/local/vesta/ssl/certificate.key

From 703a66eb5723bf306e7090cae981461e52df60a8 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Mon, 15 Apr 2019 21:00:12 +0300
Subject: [PATCH 0433/2300] gzip_vary duplicate

---
 install/ubuntu/18.04/nginx/nginx.conf | 1 -
 install/ubuntu/18.10/nginx/nginx.conf | 1 -
 2 files changed, 2 deletions(-)

diff --git a/install/ubuntu/18.04/nginx/nginx.conf b/install/ubuntu/18.04/nginx/nginx.conf
index dc2cf1dd..790aee49 100644
--- a/install/ubuntu/18.04/nginx/nginx.conf
+++ b/install/ubuntu/18.04/nginx/nginx.conf
@@ -50,7 +50,6 @@ http {
 
     # Compression
     gzip                on;
-    gzip_vary           on;
     gzip_static         on;
     gzip_vary           on;
     gzip_comp_level     6;
diff --git a/install/ubuntu/18.10/nginx/nginx.conf b/install/ubuntu/18.10/nginx/nginx.conf
index dc2cf1dd..790aee49 100644
--- a/install/ubuntu/18.10/nginx/nginx.conf
+++ b/install/ubuntu/18.10/nginx/nginx.conf
@@ -50,7 +50,6 @@ http {
 
     # Compression
     gzip                on;
-    gzip_vary           on;
     gzip_static         on;
     gzip_vary           on;
     gzip_comp_level     6;

From 483c4b943b9a37b819fd1e45ee2e1132f7f5804b Mon Sep 17 00:00:00 2001
From: noogen 
Date: Mon, 15 Apr 2019 17:29:31 -0500
Subject: [PATCH 0434/2300] fix  typo and allow user to login on pgsql restore

---
 func/rebuild.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/func/rebuild.sh b/func/rebuild.sh
index 9a1c0f47..352b9083 100644
--- a/func/rebuild.sh
+++ b/func/rebuild.sh
@@ -600,7 +600,7 @@ rebuild_pgsql_database() {
         exit $E_CONNECT
     fi
 
-    query="CREATE ROLE $DBUSER"
+    query="CREATE ROLE $DBUSER WITH LOGIN"
     psql -h $HOST -U $USER -c "$query" > /dev/null 2>&1
 
     query="UPDATE pg_authid SET rolpassword='$MD5' WHERE rolname='$DBUSER'"
@@ -617,7 +617,7 @@ rebuild_pgsql_database() {
     query="GRANT ALL PRIVILEGES ON DATABASE $DB TO $DBUSER"
     psql -h $HOST -U $USER -c "$query" > /dev/null 2>&1
 
-    query="GRANT CONNECT ON DATABASE template1 to $dbuser"
+    query="GRANT CONNECT ON DATABASE template1 to $DBUSER"
     psql -h $HOST -U $USER -c "$query" > /dev/null 2>&1
 }
 

From bef5f876189674531d3380eab6d6d66c68d51df8 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Tue, 16 Apr 2019 12:16:03 +0300
Subject: [PATCH 0435/2300] version up

---
 src/rpm/specs/vesta-php.spec | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/rpm/specs/vesta-php.spec b/src/rpm/specs/vesta-php.spec
index fe5aded9..336e1e77 100644
--- a/src/rpm/specs/vesta-php.spec
+++ b/src/rpm/specs/vesta-php.spec
@@ -1,6 +1,6 @@
 Name:           vesta-php
 Version:        0.9.8
-Release:        23
+Release:        24
 Summary:        Vesta Control Panel
 Group:          System Environment/Base
 License:        GPL

From 425e9f248383adda226114dd3f64c2d23480be01 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Tue, 16 Apr 2019 12:53:58 +0300
Subject: [PATCH 0436/2300] 18$ instead of 21$

---
 web/templates/admin/edit_server.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/templates/admin/edit_server.html b/web/templates/admin/edit_server.html
index 9de86222..59683b6d 100644
--- a/web/templates/admin/edit_server.html
+++ b/web/templates/admin/edit_server.html
@@ -934,7 +934,7 @@
                                                                     '.__('Buy Licence').' 3$/'.__('month').'
                                                                 
                                                                 
-                                                                    '.__('Buy Lifetime License').' 21$
+                                                                    '.__('Buy Lifetime License').' 18$
                                                                 
                                                             
                                                             2Checkout.com Inc. (Ohio, USA) is a payment facilitator for goods and services provided by vestacp.com.';

From 25706abfb30e5b01d6fb604a78df5d2d4da8a7b4 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Wed, 17 Apr 2019 23:28:40 +0300
Subject: [PATCH 0437/2300] replaced rdomain with domain variable

---
 bin/v-add-letsencrypt-domain | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-add-letsencrypt-domain b/bin/v-add-letsencrypt-domain
index 56026b9b..edcf6ae2 100755
--- a/bin/v-add-letsencrypt-domain
+++ b/bin/v-add-letsencrypt-domain
@@ -163,7 +163,7 @@ for auth in $authz; do
             check_result $? "Proxy restart failed" >/dev/null
 
         else
-            well_known="$HOMEDIR/$user/web/$rdomain/public_html/.well-known"
+            well_known="$HOMEDIR/$user/web/$domain/public_html/.well-known"
             acme_challenge="$well_known/acme-challenge"
             mkdir -p $acme_challenge
             echo "$token.$THUMB" > $acme_challenge/$token

From 82b635f8da921a6d3aa914ea0765e5b974022284 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Thu, 18 Apr 2019 15:03:03 +0300
Subject: [PATCH 0438/2300] Print the file name for each match

---
 bin/v-search-ssl-certificates | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-search-ssl-certificates b/bin/v-search-ssl-certificates
index b392e810..c9208830 100755
--- a/bin/v-search-ssl-certificates
+++ b/bin/v-search-ssl-certificates
@@ -73,7 +73,7 @@ csv_list() {
 #                       Action                             #
 #----------------------------------------------------------#
 
-search_cmd=$(grep "SSL='yes'" $VESTA/data/users/*/web.conf |\
+search_cmd=$(grep -H "SSL='yes'" $VESTA/data/users/*/web.conf |\
     cut -f 1 -d ' ' |\
     sed -e "s|$VESTA/data/users/|USER='|" -e "s|/web.conf:|' |")
 

From 35df8ba980a87c9c9a6342fd10ab617933e2f583 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Sat, 20 Apr 2019 00:08:37 +0300
Subject: [PATCH 0439/2300] Jessie backports

---
 install/vst-install-debian.sh | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 0741a6d6..bf7b3c22 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -478,6 +478,17 @@ echo "deb http://$RHOST/$codename/ $codename vesta" > $apt/vesta.list
 wget $CHOST/deb_signing.key -O deb_signing.key
 apt-key add deb_signing.key
 
+# Installing jessie backports
+if [ "$release" -eq 8 ]; then
+    if [ ! -e /etc/apt/apt.conf ]; then
+        echo 'Acquire::Check-Valid-Until "false";' >> /etc/apt/apt.conf
+    fi
+    if [ ! -e /etc/apt/sources.list.d/backports.list ]; then
+        echo "deb http://archive.debian.org/debian jessie-backports main" >\
+            /etc/apt/sources.list.d/vesta.list
+    fi
+fi
+
 
 #----------------------------------------------------------#
 #                         Backup                           #

From af37f5cbefe1a971a9b3d2a5c9b0e18488c2de37 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Sat, 20 Apr 2019 03:06:59 +0300
Subject: [PATCH 0440/2300] fix backport apt name

---
 install/vst-install-debian.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index bf7b3c22..468ec28f 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -485,7 +485,7 @@ if [ "$release" -eq 8 ]; then
     fi
     if [ ! -e /etc/apt/sources.list.d/backports.list ]; then
         echo "deb http://archive.debian.org/debian jessie-backports main" >\
-            /etc/apt/sources.list.d/vesta.list
+            /etc/apt/sources.list.d/backports.list
     fi
 fi
 

From 97a3b4004774a9066a71ad48fd6c1774b878ac40 Mon Sep 17 00:00:00 2001
From: moucho <1095644+moucho@users.noreply.github.com>
Date: Sat, 20 Apr 2019 13:47:38 +0200
Subject: [PATCH 0441/2300] Spanish translation update

---
 web/inc/i18n/es.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/inc/i18n/es.php b/web/inc/i18n/es.php
index 12d3d29c..b6718528 100644
--- a/web/inc/i18n/es.php
+++ b/web/inc/i18n/es.php
@@ -567,7 +567,7 @@ $LANG['es'] = array(
     'MAIL Server' => 'Servidor de Correo',
     'Antivirus' => 'Antivirus',
     'AntiSpam' => 'AntiSpam',
-    'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate',
+    'Use Web Domain SSL Certificate' => 'Usar el Cerfificado SSL de la Web',
     'Webmail URL' => 'Webmail URL',
     'MySQL Support' => 'Soportar MYSQL',
     'phpMyAdmin URL' => 'phpMyAdmin URL',

From 7603cdea7a5c9441c434e654a0c99ef49b51400c Mon Sep 17 00:00:00 2001
From: Sergio 
Date: Sun, 21 Apr 2019 00:11:36 +0200
Subject: [PATCH 0442/2300] Add the validation of the CSRF token. It is missing
 in some cases when it is sent by GET or POST.

---
 web/add/cron/autoupdate/index.php      | 6 ++++++
 web/add/cron/reports/index.php         | 6 ++++++
 web/add/firewall/banlist/index.php     | 6 ++++++
 web/delete/cron/autoupdate/index.php   | 6 ++++++
 web/delete/cron/reports/index.php      | 6 ++++++
 web/restart/service/index.php          | 6 ++++++
 web/restart/system/index.php           | 6 ++++++
 web/templates/admin/list_services.html | 2 +-
 web/update/vesta/index.php             | 6 ++++++
 9 files changed, 49 insertions(+), 1 deletion(-)

diff --git a/web/add/cron/autoupdate/index.php b/web/add/cron/autoupdate/index.php
index 53d50c05..90854d9b 100644
--- a/web/add/cron/autoupdate/index.php
+++ b/web/add/cron/autoupdate/index.php
@@ -5,6 +5,12 @@ ob_start();
 session_start();
 include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
 
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+    header('location: /login/');
+    exit();
+}
+
 if ($_SESSION['user'] == 'admin') {
     exec (VESTA_CMD."v-add-cron-vesta-autoupdate", $output, $return_var);
     $_SESSION['error_msg'] = __('Autoupdate has been successfully enabled');
diff --git a/web/add/cron/reports/index.php b/web/add/cron/reports/index.php
index 4b0424e3..197c5760 100644
--- a/web/add/cron/reports/index.php
+++ b/web/add/cron/reports/index.php
@@ -5,6 +5,12 @@ ob_start();
 session_start();
 include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
 
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+    header('location: /login/');
+    exit();
+}
+
 exec (VESTA_CMD."v-add-cron-reports ".$user, $output, $return_var);
 $_SESSION['error_msg'] = __('Cronjob email reporting has been successfully enabled');
 unset($output);
diff --git a/web/add/firewall/banlist/index.php b/web/add/firewall/banlist/index.php
index 774421e6..a9f616a2 100644
--- a/web/add/firewall/banlist/index.php
+++ b/web/add/firewall/banlist/index.php
@@ -15,6 +15,12 @@ if ($_SESSION['user'] != 'admin') {
 // Check POST request
 if (!empty($_POST['ok'])) {
 
+    // Check token
+    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
+        header('location: /login/');
+        exit();
+    }
+
     // Check empty fields
     if (empty($_POST['v_chain'])) $errors[] = __('banlist');
     if (empty($_POST['v_ip'])) $errors[] = __('ip address');
diff --git a/web/delete/cron/autoupdate/index.php b/web/delete/cron/autoupdate/index.php
index ad670ef0..a58064c0 100644
--- a/web/delete/cron/autoupdate/index.php
+++ b/web/delete/cron/autoupdate/index.php
@@ -5,6 +5,12 @@ ob_start();
 session_start();
 include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
 
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+    header('location: /login/');
+    exit();
+}
+
 if ($_SESSION['user'] == 'admin') {
     exec (VESTA_CMD."v-delete-cron-vesta-autoupdate", $output, $return_var);
     $_SESSION['error_msg'] = __('Autoupdate has been successfully disabled');
diff --git a/web/delete/cron/reports/index.php b/web/delete/cron/reports/index.php
index af7df20f..10d422a8 100644
--- a/web/delete/cron/reports/index.php
+++ b/web/delete/cron/reports/index.php
@@ -5,6 +5,12 @@ ob_start();
 session_start();
 include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
 
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+    header('location: /login/');
+    exit();
+}
+
 exec (VESTA_CMD."v-delete-cron-reports ".$user, $output, $return_var);
 $_SESSION['error_msg'] = __('Cronjob email reporting has been successfully disabled');
 unset($output);
diff --git a/web/restart/service/index.php b/web/restart/service/index.php
index 5f42e5e5..eb07e856 100644
--- a/web/restart/service/index.php
+++ b/web/restart/service/index.php
@@ -5,6 +5,12 @@ ob_start();
 session_start();
 include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
 
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+    header('location: /login/');
+    exit();
+}
+
 if ($_SESSION['user'] == 'admin') {
     if (!empty($_GET['srv'])) {
         if ($_GET['srv'] == 'iptables') {
diff --git a/web/restart/system/index.php b/web/restart/system/index.php
index 4facc5a5..4e09745e 100644
--- a/web/restart/system/index.php
+++ b/web/restart/system/index.php
@@ -5,6 +5,12 @@ ob_start();
 session_start();
 include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
 
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+    header('location: /login/');
+    exit();
+}
+
 if ($_SESSION['user'] == 'admin') {
     if (!empty($_GET['hostname'])) {
         exec (VESTA_CMD."v-restart-system yes", $output, $return_var);
diff --git a/web/templates/admin/list_services.html b/web/templates/admin/list_services.html
index 346370e6..6012d2a3 100644
--- a/web/templates/admin/list_services.html
+++ b/web/templates/admin/list_services.html
@@ -54,7 +54,7 @@
           
             
                 ↵
-                R
+                R
             
             
           
diff --git a/web/update/vesta/index.php b/web/update/vesta/index.php
index a025c7bf..fa7ca2c4 100644
--- a/web/update/vesta/index.php
+++ b/web/update/vesta/index.php
@@ -5,6 +5,12 @@ ob_start();
 session_start();
 include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
 
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+    header('location: /login/');
+    exit();
+}
+
 if ($_SESSION['user'] == 'admin') {
     if (!empty($_GET['pkg'])) {
         $v_pkg = escapeshellarg($_GET['pkg']);

From 0831a198b86a4760e83c0eaec78d84bab7098e6c Mon Sep 17 00:00:00 2001
From: Sergio 
Date: Sun, 21 Apr 2019 01:51:29 +0200
Subject: [PATCH 0443/2300] Fixed several Command Injection.

---
 web/edit/db/index.php   | 2 ++
 web/edit/mail/index.php | 7 +++++--
 web/edit/web/index.php  | 6 ++++--
 3 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/web/edit/db/index.php b/web/edit/db/index.php
index 21d394f0..763717bc 100644
--- a/web/edit/db/index.php
+++ b/web/edit/db/index.php
@@ -42,6 +42,8 @@ if ( $v_suspended == 'yes' ) {
     $v_status =  'active';
 }
 
+$v_database = escapeshellarg($_GET['database']);
+
 // Check POST request
 if (!empty($_POST['save'])) {
     $v_username = $user;
diff --git a/web/edit/mail/index.php b/web/edit/mail/index.php
index 6c673118..6424e3ab 100644
--- a/web/edit/mail/index.php
+++ b/web/edit/mail/index.php
@@ -70,6 +70,9 @@ if ((!empty($_GET['domain'])) && (!empty($_GET['account'])))  {
     $v_date = $data[$v_account]['DATE'];
     $v_time = $data[$v_account]['TIME'];
 
+    $v_domain = escapeshellarg($_GET['domain']);
+    $v_account = escapeshellarg($_GET['account']);
+
     // Parse autoreply
     if ( $v_autoreply == 'yes' ) {
         exec (VESTA_CMD."v-list-mail-account-autoreply ".$user." '".$v_domain."' '".$v_account."' json", $output, $return_var);
@@ -228,7 +231,7 @@ if ((!empty($_POST['save'])) && (!empty($_GET['domain'])) && (!empty($_GET['acco
         $result = array_diff($valiases, $aliases);
         foreach ($result as $alias) {
             if ((empty($_SESSION['error_msg'])) && (!empty($alias))) {
-                exec (VESTA_CMD."v-delete-mail-account-alias ".$v_username." ".$v_domain." ".$v_account." '".$alias."'", $output, $return_var);
+                exec (VESTA_CMD."v-delete-mail-account-alias ".$v_username." ".$v_domain." ".$v_account." '".escapeshellarg($alias)."'", $output, $return_var);
                 check_return_code($return_var,$output);
                 unset($output);
             }
@@ -254,7 +257,7 @@ if ((!empty($_POST['save'])) && (!empty($_GET['domain'])) && (!empty($_GET['acco
         $result = array_diff($vfwd, $fwd);
         foreach ($result as $forward) {
             if ((empty($_SESSION['error_msg'])) && (!empty($forward))) {
-                exec (VESTA_CMD."v-delete-mail-account-forward ".$v_username." ".$v_domain." ".$v_account." '".$forward."'", $output, $return_var);
+                exec (VESTA_CMD."v-delete-mail-account-forward ".$v_username." ".$v_domain." ".$v_account." '".escapeshellarg($forward)."'", $output, $return_var);
                 check_return_code($return_var,$output);
                 unset($output);
             }
diff --git a/web/edit/web/index.php b/web/edit/web/index.php
index edf29e9d..a1d2d70b 100644
--- a/web/edit/web/index.php
+++ b/web/edit/web/index.php
@@ -36,7 +36,7 @@ $v_cgi = $data[$v_domain]['CGI'];
 $v_elog = $data[$v_domain]['ELOG'];
 $v_ssl = $data[$v_domain]['SSL'];
 if (!empty($v_ssl)) {
-    exec (VESTA_CMD."v-list-web-domain-ssl ".$user." '".$v_domain."' json", $output, $return_var);
+    exec (VESTA_CMD."v-list-web-domain-ssl ".$user." '".escapeshellarg($v_domain)."' json", $output, $return_var);
     $ssl_str = json_decode(implode('', $output), true);
     unset($output);
     $v_ssl_crt = $ssl_str[$v_domain]['CRT'];
@@ -129,6 +129,7 @@ if (!empty($_POST['save'])) {
         exec (VESTA_CMD."v-list-dns-domain ".$v_username." ".$v_domain." json", $output, $return_var);
         unset($output);
         if ($return_var == 0 ) {
+            $v_ip = escapeshellarg($_POST['v_ip']);
             exec (VESTA_CMD."v-change-dns-domain-ip ".$v_username." ".$v_domain." ".$v_ip." 'no'", $output, $return_var);
             check_return_code($return_var,$output);
             unset($output);
@@ -142,6 +143,7 @@ if (!empty($_POST['save'])) {
             exec (VESTA_CMD."v-list-dns-domain ".$v_username." '".$v_alias."' json", $output, $return_var);
             unset($output);
             if ($return_var == 0 ) {
+                $v_ip = escapeshellarg($_POST['v_ip']);
                 exec (VESTA_CMD."v-change-dns-domain-ip ".$v_username." '".$v_alias."' ".$v_ip, $output, $return_var);
                 check_return_code($return_var,$output);
                 unset($output);
@@ -367,7 +369,7 @@ if (!empty($_POST['save'])) {
     // Add Lets Encrypt support
     if ((!empty($_POST['v_ssl'])) && ( $v_letsencrypt == 'no' ) && (!empty($_POST['v_letsencrypt'])) && empty($_SESSION['error_msg'])) {
         $l_aliases = str_replace("\n", ',', $v_aliases);
-        exec (VESTA_CMD."v-add-letsencrypt-domain ".$user." ".$v_domain." '".$l_aliases."' 'no'", $output, $return_var);
+        exec (VESTA_CMD."v-add-letsencrypt-domain ".$user." ".$v_domain." '".escapeshellarg($l_aliases)."' 'no'", $output, $return_var);
         check_return_code($return_var,$output);
         unset($output);
         $v_letsencrypt = 'yes';

From 7226a8991f7908825c869f78231107370cb05b21 Mon Sep 17 00:00:00 2001
From: Sergio 
Date: Sun, 21 Apr 2019 02:18:24 +0200
Subject: [PATCH 0444/2300] Fix some XSS.

---
 web/list/directory/index.php           | 4 ++--
 web/templates/admin/list_dns_rec.html  | 4 ++--
 web/templates/admin/list_mail_acc.html | 6 +++---
 web/templates/user/list_mail_acc.html  | 4 ++--
 4 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/web/list/directory/index.php b/web/list/directory/index.php
index 737e19db..12919b14 100644
--- a/web/list/directory/index.php
+++ b/web/list/directory/index.php
@@ -24,8 +24,8 @@ if (empty($panel)) {
     $panel = json_decode(implode('', $output), true);
 }
 
-$path_a = !empty($_REQUEST['dir_a']) ? $_REQUEST['dir_a'] : '';
-$path_b = !empty($_REQUEST['dir_b']) ? $_REQUEST['dir_b'] : '';
+$path_a = !empty($_REQUEST['dir_a']) ? htmlentities($_REQUEST['dir_a']) : '';
+$path_b = !empty($_REQUEST['dir_b']) ? htmlentities($_REQUEST['dir_b']) : '';
 $GLOBAL_JS  = '';
 $GLOBAL_JS .= '';
 $GLOBAL_JS .= '';
diff --git a/web/templates/admin/list_dns_rec.html b/web/templates/admin/list_dns_rec.html
index a74b8574..24f28103 100644
--- a/web/templates/admin/list_dns_rec.html
+++ b/web/templates/admin/list_dns_rec.html
@@ -74,11 +74,11 @@ v_unit_id="" v_section="dns_rec">
           
           
             
-                ↵
+                ↵
               
                 
                    
-                  
+                  
                   
                     
                   
diff --git a/web/templates/admin/list_mail_acc.html b/web/templates/admin/list_mail_acc.html
index 5433d732..13495ff6 100644
--- a/web/templates/admin/list_mail_acc.html
+++ b/web/templates/admin/list_mail_acc.html
@@ -90,11 +90,11 @@ sort-star="
           
             
-                ↵
+                ↵
               
                 
                    
-                  
+                  
                   
                     
                   
@@ -104,7 +104,7 @@ sort-star="
                 
                    
-                  
+                  
                   
                     
                   
diff --git a/web/templates/user/list_mail_acc.html b/web/templates/user/list_mail_acc.html
index c7334fa1..8c5ef567 100644
--- a/web/templates/user/list_mail_acc.html
+++ b/web/templates/user/list_mail_acc.html
@@ -88,11 +88,11 @@ sort-star="
           
             
-                ↵
+                ↵
               
                 
                    
-                  
+                  
                   
                     
                   

From 0713570b87bab57d0f163fce553a54894aa45e13 Mon Sep 17 00:00:00 2001
From: moucho <1095644+moucho@users.noreply.github.com>
Date: Sun, 21 Apr 2019 18:28:34 +0200
Subject: [PATCH 0445/2300] Fix Let's Encrypt for IDN domains

---
 bin/v-add-letsencrypt-domain | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/bin/v-add-letsencrypt-domain b/bin/v-add-letsencrypt-domain
index edcf6ae2..001f71e9 100755
--- a/bin/v-add-letsencrypt-domain
+++ b/bin/v-add-letsencrypt-domain
@@ -22,6 +22,14 @@ source $VESTA/func/main.sh
 source $VESTA/func/domain.sh
 source $VESTA/conf/vesta.conf
 
+# Additional argument formatting
+format_identifier_idn() {
+    identifier_idn=$identifier
+    if [[ "$identifier_idn" = *[![:ascii:]]* ]]; then
+        identifier_idn=$(idn -t --quiet -a $identifier_idn)
+    fi
+}
+
 # encode base64
 encode_base64() {
     cat |base64 |tr '+/' '-_' |tr -d '\r\n='
@@ -109,7 +117,8 @@ fi
 url="$API/acme/new-order"
 payload='{"identifiers":['
 for identifier in $(echo $domain,$aliases |tr ',' '\n' |sort -u); do
-    payload=$payload'{"type":"dns","value":"'$identifier'"},'
+    format_identifier_idn
+    payload=$payload'{"type":"dns","value":"'$identifier_idn'"},'
 done
 payload=$(echo "$payload"|sed "s/,$//")
 payload=$payload']}'
@@ -209,7 +218,7 @@ done
 ssl_dir=$($BIN/v-generate-ssl-cert "$domain" "info@$domain" "US" "California"\
     "San Francisco" "Vesta" "IT" "$aliases" |tail -n1 |awk '{print $2}')
 
-# Sedning CSR to finalize order / STEP 6
+# Sending CSR to finalize order / STEP 6
 csr=$(openssl req -in $ssl_dir/$domain.csr -outform DER |encode_base64)
 payload='{"csr":"'$csr'"}'
 answer=$(query_le_v2 "$finalize" "$payload" "$nonce")

From 5df4dc819f1fbf7051d7f97701beb08c282a15e4 Mon Sep 17 00:00:00 2001
From: moucho <1095644+moucho@users.noreply.github.com>
Date: Mon, 22 Apr 2019 14:47:32 +0200
Subject: [PATCH 0446/2300] Updated Spanish translation

---
 web/inc/i18n/es.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/inc/i18n/es.php b/web/inc/i18n/es.php
index b6718528..6e5ce352 100644
--- a/web/inc/i18n/es.php
+++ b/web/inc/i18n/es.php
@@ -567,7 +567,7 @@ $LANG['es'] = array(
     'MAIL Server' => 'Servidor de Correo',
     'Antivirus' => 'Antivirus',
     'AntiSpam' => 'AntiSpam',
-    'Use Web Domain SSL Certificate' => 'Usar el Cerfificado SSL de la Web',
+    'Use Web Domain SSL Certificate' => 'Utilizar el certificado SSL de un dominio',
     'Webmail URL' => 'Webmail URL',
     'MySQL Support' => 'Soportar MYSQL',
     'phpMyAdmin URL' => 'phpMyAdmin URL',

From f492c1ee2a344c01aa55642b80efc1aec3d37a95 Mon Sep 17 00:00:00 2001
From: Skull Writter <7103685+skullwritter@users.noreply.github.com>
Date: Tue, 23 Apr 2019 14:11:31 +0000
Subject: [PATCH 0447/2300] correcting wildcat

check if alias is the letsencrypt wildcard domain, if not, make the normal checks
---
 bin/v-add-letsencrypt-domain | 16 +++++++++-------
 1 file changed, 9 insertions(+), 7 deletions(-)

diff --git a/bin/v-add-letsencrypt-domain b/bin/v-add-letsencrypt-domain
index edcf6ae2..86faaa3a 100755
--- a/bin/v-add-letsencrypt-domain
+++ b/bin/v-add-letsencrypt-domain
@@ -62,13 +62,15 @@ is_object_unsuspended 'user' 'USER' "$user"
 is_object_valid 'web' 'DOMAIN' "$domain"
 is_object_unsuspended 'web' 'DOMAIN' "$domain"
 get_domain_values 'web'
-for alias in $(echo "$aliases" |tr ',' '\n' |sort -u); do
-    check_alias="$(echo $ALIAS |tr ',' '\n' |grep ^$alias$)"
-    if [ -z "$check_alias" ]; then
-        check_result $E_NOTEXIST "domain alias $alias doesn't exist"
-    fi
-done
-
+# check if alias is the letsencrypt wildcard domain, if not, make the normal checks
+if [[ "$aliases" != "*.$domain" ]]; then
+    for alias in $(echo "$aliases" |tr ',' '\n' |sort -u); do
+        check_alias="$(echo $ALIAS |tr ',' '\n' |grep ^$alias$)"
+        if [ -z "$check_alias" ]; then
+            check_result $E_NOTEXIST "domain alias $alias doesn't exist"
+        fi
+    done
+fi;
 
 #----------------------------------------------------------#
 #                       Action                             #

From 233a3a37774deaa5c0fb2152454f03dad252f3e9 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 27 Apr 2019 16:03:10 +0200
Subject: [PATCH 0448/2300] Adding $ALLOW_BACKUP_ANYTIME

---
 func/main.sh | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/func/main.sh b/func/main.sh
index 3d731e11..6a472e1f 100644
--- a/func/main.sh
+++ b/func/main.sh
@@ -966,9 +966,8 @@ wait_for_backup_if_it_is_not_time_for_backup() {
     done
 
     # block backup if current hour is after 6 AM
-    WAIT_LOOP_ENTERED=0
-    # if pgrep -x "v-backup-users" > /dev/null
-    # then
+    if [ -z "ALLOW_BACKUP_ANYTIME" ]; then
+        WAIT_LOOP_ENTERED=0
         hour=$(date +"%H");
         while [ "$hour" -gt "6" ] || [ "$hour" -lt "1" ]; do
             # if [ "$WAIT_LOOP_ENTERED" -eq 0 ]; then
@@ -985,5 +984,5 @@ wait_for_backup_if_it_is_not_time_for_backup() {
             sleep 300
             hour=$(date +"%H");
         done
-    # fi
+    fi
 }

From caf3e97d5c913656e41277fc82f181e9d392ed00 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 27 Apr 2019 16:04:49 +0200
Subject: [PATCH 0449/2300] Correcting $ALLOW_BACKUP_ANYTIME

---
 func/main.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/func/main.sh b/func/main.sh
index 6a472e1f..3e7b634b 100644
--- a/func/main.sh
+++ b/func/main.sh
@@ -966,7 +966,7 @@ wait_for_backup_if_it_is_not_time_for_backup() {
     done
 
     # block backup if current hour is after 6 AM
-    if [ -z "ALLOW_BACKUP_ANYTIME" ]; then
+    if [ -z "$ALLOW_BACKUP_ANYTIME" ]; then
         WAIT_LOOP_ENTERED=0
         hour=$(date +"%H");
         while [ "$hour" -gt "6" ] || [ "$hour" -lt "1" ]; do

From a62095aa13bce52a1ebe56ed39c3e5df7767a326 Mon Sep 17 00:00:00 2001
From: Maksim Usmanov | Maks 
Date: Sun, 28 Apr 2019 15:57:49 +0200
Subject: [PATCH 0450/2300] Fix Nginx exclusion

This fix 706 in bugs.vesta and #1820 ( same issue )
---
 install/vst-install-rhel.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/install/vst-install-rhel.sh b/install/vst-install-rhel.sh
index 8badeca8..4ea5154c 100755
--- a/install/vst-install-rhel.sh
+++ b/install/vst-install-rhel.sh
@@ -19,10 +19,10 @@ codename="${os}_$release"
 vestacp="$VESTA/install/$VERSION/$release"
 
 # Defining software pack for all distros
-software="awstats bc bind bind-libs bind-utils clamav-server clamav-update
+software="nginx awstats bc bind bind-libs bind-utils clamav-server clamav-update
     curl dovecot e2fsprogs exim expect fail2ban flex freetype ftp GeoIP httpd
     ImageMagick iptables-services jwhois lsof mailx mariadb mariadb-server mc
-    mod_fcgid mod_ruid2 mod_ssl net-tools nginx ntp openssh-clients pcre php
+    mod_fcgid mod_ruid2 mod_ssl net-tools ntp openssh-clients pcre php
     php-bcmath php-cli php-common php-fpm php-gd php-imap php-mbstring
     php-mcrypt phpMyAdmin php-mysql php-pdo phpPgAdmin php-pgsql php-soap
     php-tidy php-xml php-xmlrpc postgresql postgresql-contrib

From 3acd2281699fcaede439da0687d64586525a15a1 Mon Sep 17 00:00:00 2001
From: Maksim Usmanov | Maks 
Date: Sun, 28 Apr 2019 16:03:54 +0200
Subject: [PATCH 0451/2300] Fix for nginx exclude

There are some ways to fix this

First put nginx at the beginig or modify this line

software=$(echo "$software" | sed -e "s/^nginx//")
Replacing it by this one:
software=$(echo "$software" | sed -e "s/nginx//")
Or by this:
software=$(echo "$software" | sed -e "s/ nginx//")
---
 install/vst-install-ubuntu.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/install/vst-install-ubuntu.sh b/install/vst-install-ubuntu.sh
index f66407c3..bf00f768 100755
--- a/install/vst-install-ubuntu.sh
+++ b/install/vst-install-ubuntu.sh
@@ -19,12 +19,12 @@ codename="$(lsb_release -s -c)"
 vestacp="$VESTA/install/$VERSION/$release"
 
 # Defining software pack for all distros
-software="apache2 apache2.2-common apache2-suexec-custom apache2-utils
+software="nginx apache2 apache2.2-common apache2-suexec-custom apache2-utils
     apparmor-utils awstats bc bind9 bsdmainutils bsdutils clamav-daemon
     cron curl dnsutils dovecot-imapd dovecot-pop3d e2fslibs e2fsprogs exim4
     exim4-daemon-heavy expect fail2ban flex ftp git idn imagemagick
     libapache2-mod-fcgid libapache2-mod-php libapache2-mod-rpaf
-    libapache2-mod-ruid2 lsof mc mysql-client mysql-common mysql-server nginx
+    libapache2-mod-ruid2 lsof mc mysql-client mysql-common mysql-server
     ntpdate php-cgi php-common php-curl php-fpm phpmyadmin php-mysql
     phppgadmin php-pgsql postgresql postgresql-contrib proftpd-basic quota
     roundcube-core roundcube-mysql roundcube-plugins rrdtool rssh spamassassin

From f50d8b7d844e4d19c9af5616d8ed1a9c1a9b6baf Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Wed, 8 May 2019 22:47:30 +0300
Subject: [PATCH 0452/2300] added port 654321 to run openssl key-pair test

---
 func/domain.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/func/domain.sh b/func/domain.sh
index 84a7c177..5c3bd946 100644
--- a/func/domain.sh
+++ b/func/domain.sh
@@ -339,7 +339,7 @@ is_web_domain_cert_valid() {
         check_result $E_FORBIDEN "SSL Key is protected (remove pass_phrase)"
     fi
 
-    openssl s_server -quiet -cert $ssl_dir/$domain.crt \
+    openssl s_server -port 654321 -quiet -cert $ssl_dir/$domain.crt \
         -key $ssl_dir/$domain.key >> /dev/null 2>&1 &
     pid=$!
     sleep 0.5

From 6a6cfe969ab21c0e479e925e8b08dfb542fcf67a Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 10 May 2019 23:22:31 +0200
Subject: [PATCH 0453/2300] Introducing ONLY_ONE_FTP_BACKUP variable

---
 bin/v-backup-user | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/bin/v-backup-user b/bin/v-backup-user
index 0d37d098..a1a2665a 100755
--- a/bin/v-backup-user
+++ b/bin/v-backup-user
@@ -636,6 +636,11 @@ ftp_backup() {
     else
         backup_list=$(ftpc "cd $BPATH" "ls" |awk '{print $9}' |grep "^$user\.")
     fi
+    if [ ! -z "$ONLY_ONE_FTP_BACKUP" ]; then
+        TEMP_BACKUPS=$BACKUPS
+        BACKUPS=1
+        echo "=== Set BACKUPS=1"
+    fi
     backups_count=$(echo "$backup_list" |wc -l)
     if [ "$backups_count" -ge "$BACKUPS" ]; then
         backups_rm_number=$((backups_count - BACKUPS + 1))
@@ -650,6 +655,10 @@ ftp_backup() {
             fi
         done
     fi
+    if [ ! -z "$ONLY_ONE_FTP_BACKUP" ]; then
+        BACKUPS=$TEMP_BACKUPS
+        echo "=== Bringing back old value BACKUPS=$BACKUPS"
+    fi
 
     # Uploading backup archive
     if [ "$localbackup" = 'yes' ]; then
@@ -792,6 +801,11 @@ sftp_backup() {
         backup_list=$(sftpc "cd $BPATH" "ls -l" |awk '{print $9}'|grep "^$user\.")
     fi
     backups_count=$(echo "$backup_list" |wc -l)
+    if [ ! -z "$ONLY_ONE_FTP_BACKUP" ]; then
+        TEMP_BACKUPS=$BACKUPS
+        BACKUPS=1
+        echo "=== Set BACKUPS=1"
+    fi
     if [ "$backups_count" -ge "$BACKUPS" ]; then
         backups_rm_number=$((backups_count - BACKUPS + 1))
         for backup in $(echo "$backup_list" |head -n $backups_rm_number); do
@@ -805,6 +819,10 @@ sftp_backup() {
             fi
         done
     fi
+    if [ ! -z "$ONLY_ONE_FTP_BACKUP" ]; then
+        BACKUPS=$TEMP_BACKUPS
+        echo "=== Bringing back old value BACKUPS=$BACKUPS"
+    fi
 
     # Uploading backup archive
     echo "$(date "+%F %T") Uploading $user.$backup_new_date.tar"|tee -a $BACKUP/$user.log

From d563dcd12b6ae90739e45fc512cbac51771e225c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pawe=C5=82=20Suder?= 
Date: Tue, 14 May 2019 08:59:43 +0200
Subject: [PATCH 0454/2300] Fix update of SSL for LetsEncrypt certs

Due to missing /g in sed for parsing aliases from certificate SAN
field there was an issue with doubled alias which is also common
name of issued certficiate.
---
 bin/v-update-letsencrypt-ssl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-update-letsencrypt-ssl b/bin/v-update-letsencrypt-ssl
index 4dd1fcc0..61cc2544 100755
--- a/bin/v-update-letsencrypt-ssl
+++ b/bin/v-update-letsencrypt-ssl
@@ -41,7 +41,7 @@ for user in $($BIN/v-list-users plain |cut -f 1); do
             fi
             ((lecounter++))
             aliases=$(echo "$crt_data" |grep DNS:)
-            aliases=$(echo "$aliases" |sed -e "s/DNS://g" -e "s/,//")
+            aliases=$(echo "$aliases" |sed -e "s/DNS://g" -e "s/,//g")
             aliases=$(echo "$aliases" |tr ' ' '\n' |sed "/^$/d")
             aliases=$(echo "$aliases" |grep -v "^$domain$")
             aliases=$(echo "$aliases" |sed -e ':a;N;$!ba;s/\n/,/g')

From d856c1e080e9c17c3dd84fc9248ac1b3bd816edd Mon Sep 17 00:00:00 2001
From: noogen 
Date: Tue, 14 May 2019 03:38:36 -0500
Subject: [PATCH 0455/2300] fix typo of extra L issue #1509

---
 bin/v-update-sys-rrd-pgsql | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-update-sys-rrd-pgsql b/bin/v-update-sys-rrd-pgsql
index 6e15c9e8..de2fec8f 100755
--- a/bin/v-update-sys-rrd-pgsql
+++ b/bin/v-update-sys-rrd-pgsql
@@ -85,7 +85,7 @@ for host in $hosts; do
         # Parsing data
         q='SELECT SUM(xact_commit + xact_rollback), SUM(numbackends)
                 FROM pg_stat_database;'
-        status=$($sql plsql -d postgres -c "$q" 2>/dev/null); code="$?"
+        status=$($sql psql -d postgres -c "$q" 2>/dev/null); code="$?"
         if [ '0' -ne "$code" ]; then
             active=0
             slow=0

From d24f68a370747d241aa8612cee38f37a13fe3499 Mon Sep 17 00:00:00 2001
From: Christian Oder 
Date: Wed, 15 May 2019 17:07:53 +0200
Subject: [PATCH 0456/2300] v-backup-user: Properly fix userdata backup
 exclusions

So far, no exclusions have been accounted for as fargs has not been passed.
Rework the logic for fargs parsing based on domain exclusions and pass fargs to the tar command.

Also add --anchored based on 37c69b8f4cd087d8d406ab3de766ad11564b978b
---
 bin/v-backup-user | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/bin/v-backup-user b/bin/v-backup-user
index 2797c132..f9fcf6f5 100755
--- a/bin/v-backup-user
+++ b/bin/v-backup-user
@@ -460,11 +460,15 @@ if [ "$USER" != '*' ]; then
     fi
     fargs=()
     for xpath in $(echo "$USER" |tr ',' '\n'); do
-        fargs+=(-not)
-        fargs+=(-path)
-        fargs+=("./$xpath*")
-        echo "$(date "+%F %T") excluding directory $xpath" |\
+        if [ -d "$xpath" ]; then
+            fargs+=(--exclude=$xpath/*)
+            echo "$(date "+%F %T") excluding directory $xpath" |\
             tee -a $BACKUP/$user.log
+        else
+            echo "$(date "+%F %T") excluding file $xpath" |\
+            tee -a $BACKUP/$user.log
+            fargs+=(--exclude=$xpath)
+        fi
     done
 
     IFS=$'\n'
@@ -479,7 +483,7 @@ if [ "$USER" != '*' ]; then
             echo -e "$(date "+%F %T") adding $udir" |tee -a $BACKUP/$user.log
 
             # Backup files and dirs
-            tar -cpf- $udir |gzip -$BACKUP_GZIP - > $tmpdir/user_dir/$udir.tar.gz
+            tar --anchored -cpf- ${fargs[@]} $udir |gzip -$BACKUP_GZIP - > $tmpdir/user_dir/$udir.tar.gz
         fi
     done
     set +f

From a78c7ffc9275ec16afb426d090aee935151669e8 Mon Sep 17 00:00:00 2001
From: Chris Mills 
Date: Fri, 17 May 2019 09:49:58 +0100
Subject: [PATCH 0457/2300] Renewal of cert not removing domain from alias list

---
 bin/v-update-letsencrypt-ssl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-update-letsencrypt-ssl b/bin/v-update-letsencrypt-ssl
index 61cc2544..4e8aec80 100755
--- a/bin/v-update-letsencrypt-ssl
+++ b/bin/v-update-letsencrypt-ssl
@@ -43,7 +43,7 @@ for user in $($BIN/v-list-users plain |cut -f 1); do
             aliases=$(echo "$crt_data" |grep DNS:)
             aliases=$(echo "$aliases" |sed -e "s/DNS://g" -e "s/,//g")
             aliases=$(echo "$aliases" |tr ' ' '\n' |sed "/^$/d")
-            aliases=$(echo "$aliases" |grep -v "^$domain$")
+            aliases=$(echo "$aliases" |grep -v "^$domain,$")
             aliases=$(echo "$aliases" |sed -e ':a;N;$!ba;s/\n/,/g')
             msg=$($BIN/v-add-letsencrypt-domain $user $domain $aliases)
             if [ $? -ne 0 ]; then

From 10fca3053df40b2e750f8aedd158e8a9c82fea62 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 19 May 2019 02:33:55 +0200
Subject: [PATCH 0458/2300] Deleting FPM pool conf when deleting domain

---
 func/domain.sh | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/func/domain.sh b/func/domain.sh
index cc66aecb..7f5f3814 100644
--- a/func/domain.sh
+++ b/func/domain.sh
@@ -271,6 +271,32 @@ replace_web_config() {
 
 # Delete web configuration
 del_web_config() {
+
+    fpmconf="/etc/php5/fpm/pool.d/$domain.conf"
+    if [ -f "$fpmconf" ]; then
+        rm $fpmconf
+    fi
+    fpmconf="/etc/php/5.6/fpm/pool.d/$domain.conf"
+    if [ -f "$fpmconf" ]; then
+        rm $fpmconf
+    fi
+    fpmconf="/etc/php/7.0/fpm/pool.d/$domain.conf"
+    if [ -f "$fpmconf" ]; then
+        rm $fpmconf
+    fi
+    fpmconf="/etc/php/7.1/fpm/pool.d/$domain.conf"
+    if [ -f "$fpmconf" ]; then
+        rm $fpmconf
+    fi
+    fpmconf="/etc/php/7.2/fpm/pool.d/$domain.conf"
+    if [ -f "$fpmconf" ]; then
+        rm $fpmconf
+    fi
+    fpmconf="/etc/php/7.3/fpm/pool.d/$domain.conf"
+    if [ -f "$fpmconf" ]; then
+        rm $fpmconf
+    fi
+
     conf="$HOMEDIR/$user/conf/web/$domain.$1.conf"
     if [[ "$2" =~ stpl$ ]]; then
         conf="$HOMEDIR/$user/conf/web/$domain.$1.ssl.conf"

From a716a3f2cb9490ffe3eaedbbf2ba132975a46b49 Mon Sep 17 00:00:00 2001
From: Roman 
Date: Wed, 22 May 2019 20:10:15 +0300
Subject: [PATCH 0459/2300] Fix v-unsuspend-mail-account

Fix 'Malformed value "unlimitedM"' after unsuspend mail account
---
 bin/v-unsuspend-mail-account | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/bin/v-unsuspend-mail-account b/bin/v-unsuspend-mail-account
index 314c13bc..57e54af5 100755
--- a/bin/v-unsuspend-mail-account
+++ b/bin/v-unsuspend-mail-account
@@ -48,6 +48,9 @@ is_object_suspended "mail/$domain" 'ACCOUNT' "$account"
 if [[ "$MAIL_SYSTEM" =~ exim ]]; then
     md5=$(get_object_value "mail/$domain" 'ACCOUNT' "$account" '$MD5')
     quota=$(get_object_value "mail/$domain" 'ACCOUNT' "$account" '$QUOTA')
+    if [ "$quota" = 'unlimited' ]; then
+        quota=0
+    fi
     sed -i "/^$account:/d" $HOMEDIR/$user/conf/mail/$domain/passwd
     str="$account:$md5:$user:mail::$HOMEDIR/$user:$quota"
     echo $str >> $HOMEDIR/$user/conf/mail/$domain/passwd

From a6d498e7e2088cc5d3b1d88cbcbea6a739d02ef1 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Thu, 23 May 2019 00:12:42 +0300
Subject: [PATCH 0460/2300] added net-tools package for ifconfig command

---
 install/vst-install-ubuntu.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/vst-install-ubuntu.sh b/install/vst-install-ubuntu.sh
index bf00f768..653f7fc1 100755
--- a/install/vst-install-ubuntu.sh
+++ b/install/vst-install-ubuntu.sh
@@ -29,7 +29,7 @@ software="nginx apache2 apache2.2-common apache2-suexec-custom apache2-utils
     phppgadmin php-pgsql postgresql postgresql-contrib proftpd-basic quota
     roundcube-core roundcube-mysql roundcube-plugins rrdtool rssh spamassassin
     sudo vesta vesta-ioncube vesta-nginx vesta-php vesta-softaculous
-    vim-common vsftpd webalizer whois zip"
+    vim-common vsftpd webalizer whois zip net-tools"
 
 # Fix for old releases
 if [[ ${release:0:2} -lt 16 ]]; then

From 7a2025037f463a56d7c535573098e99b5a419167 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 24 May 2019 11:28:45 +0200
Subject: [PATCH 0461/2300] Log FPM conf deleting

---
 func/domain.sh | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/func/domain.sh b/func/domain.sh
index 7f5f3814..8758f3ac 100644
--- a/func/domain.sh
+++ b/func/domain.sh
@@ -275,26 +275,32 @@ del_web_config() {
     fpmconf="/etc/php5/fpm/pool.d/$domain.conf"
     if [ -f "$fpmconf" ]; then
         rm $fpmconf
+        echo "Deleted: $fpmconf" >> /usr/local/vesta/log/system.log
     fi
     fpmconf="/etc/php/5.6/fpm/pool.d/$domain.conf"
     if [ -f "$fpmconf" ]; then
         rm $fpmconf
+        echo "Deleted: $fpmconf" >> /usr/local/vesta/log/system.log
     fi
     fpmconf="/etc/php/7.0/fpm/pool.d/$domain.conf"
     if [ -f "$fpmconf" ]; then
         rm $fpmconf
+        echo "Deleted: $fpmconf" >> /usr/local/vesta/log/system.log
     fi
     fpmconf="/etc/php/7.1/fpm/pool.d/$domain.conf"
     if [ -f "$fpmconf" ]; then
         rm $fpmconf
+        echo "Deleted: $fpmconf" >> /usr/local/vesta/log/system.log
     fi
     fpmconf="/etc/php/7.2/fpm/pool.d/$domain.conf"
     if [ -f "$fpmconf" ]; then
         rm $fpmconf
+        echo "Deleted: $fpmconf" >> /usr/local/vesta/log/system.log
     fi
     fpmconf="/etc/php/7.3/fpm/pool.d/$domain.conf"
     if [ -f "$fpmconf" ]; then
         rm $fpmconf
+        echo "Deleted: $fpmconf" >> /usr/local/vesta/log/system.log
     fi
 
     conf="$HOMEDIR/$user/conf/web/$domain.$1.conf"

From bb1873715230db5e6391bb699915c882e09b724b Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 24 May 2019 11:51:16 +0200
Subject: [PATCH 0462/2300] Wrong place for deleting fpm conf

---
 func/domain.sh | 32 --------------------------------
 1 file changed, 32 deletions(-)

diff --git a/func/domain.sh b/func/domain.sh
index 8758f3ac..cc66aecb 100644
--- a/func/domain.sh
+++ b/func/domain.sh
@@ -271,38 +271,6 @@ replace_web_config() {
 
 # Delete web configuration
 del_web_config() {
-
-    fpmconf="/etc/php5/fpm/pool.d/$domain.conf"
-    if [ -f "$fpmconf" ]; then
-        rm $fpmconf
-        echo "Deleted: $fpmconf" >> /usr/local/vesta/log/system.log
-    fi
-    fpmconf="/etc/php/5.6/fpm/pool.d/$domain.conf"
-    if [ -f "$fpmconf" ]; then
-        rm $fpmconf
-        echo "Deleted: $fpmconf" >> /usr/local/vesta/log/system.log
-    fi
-    fpmconf="/etc/php/7.0/fpm/pool.d/$domain.conf"
-    if [ -f "$fpmconf" ]; then
-        rm $fpmconf
-        echo "Deleted: $fpmconf" >> /usr/local/vesta/log/system.log
-    fi
-    fpmconf="/etc/php/7.1/fpm/pool.d/$domain.conf"
-    if [ -f "$fpmconf" ]; then
-        rm $fpmconf
-        echo "Deleted: $fpmconf" >> /usr/local/vesta/log/system.log
-    fi
-    fpmconf="/etc/php/7.2/fpm/pool.d/$domain.conf"
-    if [ -f "$fpmconf" ]; then
-        rm $fpmconf
-        echo "Deleted: $fpmconf" >> /usr/local/vesta/log/system.log
-    fi
-    fpmconf="/etc/php/7.3/fpm/pool.d/$domain.conf"
-    if [ -f "$fpmconf" ]; then
-        rm $fpmconf
-        echo "Deleted: $fpmconf" >> /usr/local/vesta/log/system.log
-    fi
-
     conf="$HOMEDIR/$user/conf/web/$domain.$1.conf"
     if [[ "$2" =~ stpl$ ]]; then
         conf="$HOMEDIR/$user/conf/web/$domain.$1.ssl.conf"

From 15d44e5a94f4b1c7b491d9cc56f46f1b060a2fca Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 24 May 2019 11:56:11 +0200
Subject: [PATCH 0463/2300] Right place to delete FPM conf

---
 bin/v-delete-web-domain | 32 ++++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)

diff --git a/bin/v-delete-web-domain b/bin/v-delete-web-domain
index 529f5d09..b4885ef3 100755
--- a/bin/v-delete-web-domain
+++ b/bin/v-delete-web-domain
@@ -56,6 +56,38 @@ fi
 get_domain_values 'web'
 local_ip=$(get_real_ip $IP)
 
+# Deleting FPM conf
+fpmconf="/etc/php5/fpm/pool.d/$domain.conf"
+if [ -f "$fpmconf" ]; then
+    rm $fpmconf
+    echo "Deleted: $fpmconf" >> /usr/local/vesta/log/system.log
+fi
+fpmconf="/etc/php/5.6/fpm/pool.d/$domain.conf"
+if [ -f "$fpmconf" ]; then
+    rm $fpmconf
+    echo "Deleted: $fpmconf" >> /usr/local/vesta/log/system.log
+fi
+fpmconf="/etc/php/7.0/fpm/pool.d/$domain.conf"
+if [ -f "$fpmconf" ]; then
+    rm $fpmconf
+    echo "Deleted: $fpmconf" >> /usr/local/vesta/log/system.log
+fi
+fpmconf="/etc/php/7.1/fpm/pool.d/$domain.conf"
+if [ -f "$fpmconf" ]; then
+    rm $fpmconf
+    echo "Deleted: $fpmconf" >> /usr/local/vesta/log/system.log
+fi
+fpmconf="/etc/php/7.2/fpm/pool.d/$domain.conf"
+if [ -f "$fpmconf" ]; then
+    rm $fpmconf
+    echo "Deleted: $fpmconf" >> /usr/local/vesta/log/system.log
+fi
+fpmconf="/etc/php/7.3/fpm/pool.d/$domain.conf"
+if [ -f "$fpmconf" ]; then
+    rm $fpmconf
+    echo "Deleted: $fpmconf" >> /usr/local/vesta/log/system.log
+fi
+
 # Deleting domain from web.conf
 sed -i "/DOMAIN='$domain'/ d" $USER_DATA/web.conf
 

From 9bceb0162259331ea320ced14b9cdff0c3dada81 Mon Sep 17 00:00:00 2001
From: Chris Mills 
Date: Thu, 6 Jun 2019 06:07:44 +0100
Subject: [PATCH 0464/2300] Switched to egrep to support optional comma in
 renewal

---
 bin/v-update-letsencrypt-ssl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-update-letsencrypt-ssl b/bin/v-update-letsencrypt-ssl
index 4e8aec80..459b9879 100755
--- a/bin/v-update-letsencrypt-ssl
+++ b/bin/v-update-letsencrypt-ssl
@@ -43,7 +43,7 @@ for user in $($BIN/v-list-users plain |cut -f 1); do
             aliases=$(echo "$crt_data" |grep DNS:)
             aliases=$(echo "$aliases" |sed -e "s/DNS://g" -e "s/,//g")
             aliases=$(echo "$aliases" |tr ' ' '\n' |sed "/^$/d")
-            aliases=$(echo "$aliases" |grep -v "^$domain,$")
+            aliases=$(echo "$aliases" |egrep -v "^$domain,?$")
             aliases=$(echo "$aliases" |sed -e ':a;N;$!ba;s/\n/,/g')
             msg=$($BIN/v-add-letsencrypt-domain $user $domain $aliases)
             if [ $? -ne 0 ]; then

From a6028ee4e91451946f041cedc8368a88a0747aa2 Mon Sep 17 00:00:00 2001
From: myrevery <16082142+myrevery@users.noreply.github.com>
Date: Mon, 10 Jun 2019 16:10:32 +0800
Subject: [PATCH 0465/2300] Update cn.php

Refine some details.
---
 web/inc/i18n/cn.php | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/web/inc/i18n/cn.php b/web/inc/i18n/cn.php
index 6b6b9d28..903afa60 100644
--- a/web/inc/i18n/cn.php
+++ b/web/inc/i18n/cn.php
@@ -261,6 +261,8 @@ $LANG['cn'] = array(
     'Bandwidth Usage eth1' => '网络使用情况 (eth1)',
     'Bandwidth Usage venet0' => '网络使用情况 (venet0)',
     'Bandwidth Usage venet1' => '网络使用情况 (venet1)',
+    'Bandwidth Usage docker0' => '网络使用情况 (docker0)',
+    'Bandwidth Usage docker1' => '网络使用情况 (docker1)',
     'Exim Usage' => 'Exim 使用情况',
     'FTP Usage' => 'FTP 使用情况',
     'SSH Usage' => 'SSH 使用情况',
@@ -305,7 +307,7 @@ $LANG['cn'] = array(
     'Aliases' => '别名',
     'SSL Certificate' => 'SSL证书',
     'SSL Key' => 'SSL密钥',
-    'SSL Certificate Authority / Intermediate' => 'CA证书或中级证书',
+    'SSL Certificate Authority / Intermediate' => 'SSL CA证书 / 中级证书',
     'SSL CSR' => 'SSL CSR',
     'optional' => '可选',
     'internal' => '内部',
@@ -386,7 +388,7 @@ $LANG['cn'] = array(
     'Download AccessLog' => '下载访问日志',
     'Download ErrorLog' => '下载错误日志',
     'Country' => '国家地区',
-    '2 letter code' => '采用 ISO 3166-1 二位代码 如: 中国CN / 美国US',
+    '2 letter code' => '采用 ISO 3166-1 α-2 二位代码 如: 中国CN / 美国US',
     'State / Province' => '州 / 省级',
     'City / Locality' => '市 / 地区',
     'Organization' => '组织名称',
@@ -704,7 +706,7 @@ $LANG['cn'] = array(
     'Add File to the Current Selection' => '将文件添加到当前选中区内',
     'Select All Files' => '选择所有文件',
     'shortcuts are inspired by magnificent GNU Midnight Commander file manager' =>
-    '快捷键的灵感来自旖旎的 GNU Midnight Commander 文件管理器',
+    '快捷键的灵感来自华丽的 GNU Midnight Commander 文件管理器',
 
     'Licence Key' => '许可密匙',
     'Enter License Key' => '输入许可密匙',

From 0b0bcf6b157c3e1b70cfd9a026845837282cf324 Mon Sep 17 00:00:00 2001
From: darkworks 
Date: Thu, 20 Jun 2019 23:11:23 +0500
Subject: [PATCH 0466/2300] Use Web Domain SSL Certificate -> ur.php

updated ur.php translation
---
 web/inc/i18n/ur.php | 25 ++++++++++++++++++++++++-
 1 file changed, 24 insertions(+), 1 deletion(-)

diff --git a/web/inc/i18n/ur.php b/web/inc/i18n/ur.php
index 960e5631..2c95e821 100644
--- a/web/inc/i18n/ur.php
+++ b/web/inc/i18n/ur.php
@@ -70,6 +70,7 @@ $LANG['ur'] = array(
     'Back'   => 'پیچھے',
     'Save'   => 'محفوظ کریں',
     'Submit'   => 'جمع',
+    
     'toggle all'   => 'تمام ٹاگل',
     'apply to selected'   => 'منتخب شدہ پر لاگو',
     'rebuild'   => 'تعمیر نو',
@@ -108,6 +109,7 @@ $LANG['ur'] = array(
     'enable autoupdate'  => 'آٹو اپ ڈیٹ کو چالو',
     'disable autoupdate'  => 'غیر فعال آٹو اپ ڈیٹ',
     'configure'  => 'ترتیب دے',
+    
     'Adding User'   => 'شامل کرنے صارف',
     'Editing User'   => 'ترمیم صارف',
     'Adding Domain'   => 'ڈومین کو شامل کرنے سے',
@@ -135,6 +137,7 @@ $LANG['ur'] = array(
     'Adding Firewall Rule'  => 'فصیل اصول کو شامل کرنے سے',
     'Editing Firewall Rule'  => 'ترمیم فصیل اصول',
     'Adding IP Address to Banlist'  => 'Banlist کرنے IP ایڈریس کو شامل کرنے سے',
+    
     'active'   => 'فعال',
     'spnd'   => 'معطل',
     'suspended'   => 'معطل',
@@ -142,6 +145,7 @@ $LANG['ur'] = array(
     'stopped'   => 'بند کر دیا',
     'outdated'   => 'فرسودہ',
     'updated'   => 'اپ ڈیٹ',
+    
     'yes'   => 'جی ہاں',
     'no'   => 'نہیں',
     'none'   => 'کوئی بھی',
@@ -392,14 +396,17 @@ $LANG['ur'] = array(
     'FTP'  => 'FTP',
     'VESTA'  => 'Vesta کی',
     'Add one more Name Server'  => 'ایک اور نام سرور شامل کریں',
+    
     'web domain'  => 'ویب ڈومین',
     'dns domain'  => 'DNS ڈومین',
     'dns record'  => 'DNS ریکارڈ',
     'mail domain'  => 'میل ڈومین',
     'mail account'  => 'میل اکاؤنٹ',
     'cron job'  => 'کرون کام',
+    
     'cron'  => 'کرون',
     'user dir'  => 'صارف دیر',
+    
     'unlimited'   => 'لامحدود',
     '1 account'   => '1 اکاؤنٹ',
     '%s accounts'   => '٪s کے اکاؤنٹس',
@@ -494,12 +501,14 @@ $LANG['ur'] = array(
     'BACKUP_EXISTS'   => 'ایک موجودہ بیک اپ کو پہلے ہی چل رہا ہے. کہ بیک اپ کو ختم کرنے کے لئے براہ کرم انتظار کریں.',
     'RESTORE_SCHEDULED'   => 'ٹاسک قطار میں شامل کیا گیا ہے. جب آپ کو بحال مکمل کیا گیا ہے آپ کو ایک ای میل کی اطلاع وصول کریں گے.',
     'RESTORE_EXISTS'   => 'ایک موجودہ بحالی کا کام پہلے سے ہی چل رہا ہے. جو اسے دوبارہ شروع کرنے سے پہلے ختم کرنے کے لئے براہ کرم انتظار کریں.',
+  
     'WEB_EXCLUSIONS'  => 'قسم ڈومین کا نام ہے، ایک فی لائن. تمام ڈومینز استعمال کرتے خارج کرنے کے *. شکل مندرجہ ذیل مخصوص dirs استعمال کو خارج کرنے کے لئے: domain.com:public_html/cache:public_html/tmp',
     'DNS_EXCLUSIONS'  => 'قسم ڈومین کا نام ہے، ایک فی لائن. تمام ڈومینز استعمال کرتے خارج کرنے کے *',
     'MAIL_EXCLUSIONS'  => 'قسم ڈومین کا نام ہے، ایک فی لائن. تمام ڈومینز استعمال کرتے خارج کرنے کے *. شکل مندرجہ ذیل مخصوص اکاؤنٹس کے استعمال کو خارج کرنے کے لئے: domain.com:info:support:postmaster',
     'DB_EXCLUSIONS'  => 'مکمل ڈیٹا بیس کا نام ٹائپ کریں، فی لائن ایک. تمام ڈیٹا بیس کا استعمال کرتے خارج کرنے کے *',
     'CRON_EXCLUSIONS'  => 'تمام ملازمتوں کا استعمال کرتے خارج کرنے کے *',
     'USER_EXCLUSIONS'  => 'قسم ڈائریکٹری کا نام ہے، ایک فی لائن. تمام dirs استعمال کرتے exlude کرنے *',
+ 
     'Welcome to Vesta Control Panel'   => 'Vesta کی کنٹرول پینل میں خوش آمدید',
     'MAIL_FROM'   => ' Vesta کی کنٹرول پینل ',
     'GREETINGS_GORDON_FREEMAN' => "ہیلو, %s %s,\n",
@@ -535,6 +544,7 @@ $LANG['ur'] = array(
     'Oct'  => 'اکتوبر',
     'Nov'  => 'نومبر',
     'Dec'  => 'دسمبر',
+    
     'Configuring Server'  => 'ترتیب سرور',
     'Hostname'  => 'میزبان کا نام',
     'Time Zone'  => 'ٹائم زون',
@@ -548,7 +558,7 @@ $LANG['ur'] = array(
     'MAIL Server'  => 'میل سرور',
     'Antivirus'  => 'اینٹی وائرس',
     'AntiSpam'  => 'اینٹی سپیم',
-    'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate',
+    'Use Web Domain SSL Certificate' => 'ایس ایس ایل ویب ڈومین سرٹیفکیٹ کااستعمال کریں',
     'Webmail URL'  => 'ویب میل URL',
     'MySQL Support'  => 'ایس کیو ایل کی معاونت کی',
     'phpMyAdmin URL'  => 'phpMyAdmin کے یو آر ایل',
@@ -572,11 +582,14 @@ $LANG['ur'] = array(
     'Backup Migration Manager'  => 'بیک اپ مائیگریشن مینیجر',
     'FileManager'  => 'فائل مینیجر',
     'show: CPU / MEM / NET / DISK'  => 'دکھائیں: CPU / MEM / NET / ڈسک',
+    
     'sort by'  => 'بہ ترتیب',
     'Date'  => 'تاریخ',
     'Starred'  => 'ستارے کے نشان',
     'Name'  => 'نام',
+    
     'save to favorites'  => 'پسندیدہ میں محفوظ کریں',
+    
     'File Manager'  => 'فائل منیجر',
     'size'  => 'سائز',
     'date'  => 'تاریخ',
@@ -639,6 +652,7 @@ $LANG['ur'] = array(
     'read by others'  => 'دوسروں کی طرف سے پڑھا',
     'write by others'  => 'دوسروں کی طرف سے لکھ',
     'execute/search by others'  => 'پھانسی دوسروں کی طرف سے / تلاش',
+    
     'Shortcuts'  => 'شارٹ کٹ',
     'Add New object'  => 'نیا اعتراض شامل کریں',
     'Save Form'  => 'فارم محفوظ کریں',
@@ -657,6 +671,7 @@ $LANG['ur'] = array(
     'Enter focused element'  => 'مرکوز عنصر درج',
     'Move up through elements list'  => 'عناصر فہرست کے ذریعے اوپر منتقل کریں',
     'Move down through elements list'  => 'عناصر فہرست کے ذریعے نیچے لے جائیں',
+    
     'Upload'  => 'اپ لوڈ کریں',
     'New File'  => 'نئی فائل',
     'New Folder'  => 'نیا فولڈر',
@@ -680,6 +695,7 @@ $LANG['ur'] = array(
     'Select All Files' => 'تمام فائلوں کو منتخب',
     'shortcuts are inspired by magnificent GNU Midnight Commander file manager' =>
     '.فائل مینیجر Midnight Commander شارٹ کٹ شاندار GNU سے متاثر ہیں',
+    
     'Licence Key'  => 'لائسنس کلید',
     'Enter License Key'  => 'لائسنس کلید درج کریں',
     'Buy Licence'  => 'ابھی لائسنس',
@@ -690,6 +706,7 @@ $LANG['ur'] = array(
     'Restrict users so that they cannot use SSH and access only their home directory.'  => 'وہ SSH اور رسائی صرف ان کے گھر کی ڈائریکٹری کا استعمال نہیں کر سکتے ہیں تاکہ صارفین کو محدود کریں.',
     'Browse, copy, edit, view, and retrieve all of your web domain files using fully featured File Manager.'  => 'براؤز کریں، کاپی، ترمیم، دیکھیں، اور مکمل طور پر نمایاں فائل مینیجر کا استعمال کرتے ہوئے آپ کی ویب ڈومین فائلوں کی تمام بازیافت.',
     'This is a commercial module, you would need to purchace license key to enable it.'  => 'یہ ایک تجارتی ماڈیول ہے، آپ اسے چالو کرنے کے لئے لائسنس کی چابی purchace کرنے کی ضرورت گا.',
+    
     'Minutes'  => 'منٹس',
     'Hourly'  => 'گھنٹہ وار',
     'Run Command'  => 'چلائیں کمان',
@@ -714,8 +731,10 @@ $LANG['ur'] = array(
     'every two minutes'  => 'ہر دو منٹ',
     'every'  => 'ہر کوئی',
     'Generate'  => 'بنائیں',
+    
     'webalizer'  => 'webalizer',
     'awstats'  => 'awstats',
+    
     'Vesta SSL'  => 'Vesta کی SSL',
     'SUBJECT'  => 'مضمون',
     'ALIASES'  => 'عرفیتیں',
@@ -724,14 +743,18 @@ $LANG['ur'] = array(
     'SIGNATURE'  => 'دستخط',
     'PUB_KEY'  => 'PUB_KEY',
     'ISSUER'  => 'ISSUER',
+    
     'Use server hostname'  => 'سرور استعمال میزبان نام',
     'Use domain hostname'  => 'ڈومین کا استعمال میزبان نام',
     'Use STARTTLS'  => 'STARTTLS استعمال',
     'Use SSL'  => 'SSL استعمال کریں',
     'No encryption'  => 'کوئی خفیہ کاری',
     'Do not use encryption'  => 'خفیہ کاری کا استعمال نہ کریں',
+    
     'maximum characters length, including prefix'  => 'زیادہ سے زیادہ ٪s کو حروف لمبائی، سابقہ سم',
+    
     'Email Credentials' => 'ای میل کی سند',
+    
     '%s rule' => 'قواعد %s',
     'MainDomain' => 'اہم ڈومین',
     'SubDomain' => 'ذیلی ڈومین',

From 0829d631c99e05347a29169acb42dad0085e8b11 Mon Sep 17 00:00:00 2001
From: Timo Stramann <21283057+TimoStramann@users.noreply.github.com>
Date: Thu, 4 Jul 2019 02:47:02 +0200
Subject: [PATCH 0467/2300] vBulletin 5 template based on default stpl

---
 .../web/nginx/php-fpm/vbulletin5.stpl         | 105 ++++++++++++++++++
 1 file changed, 105 insertions(+)
 create mode 100644 install/debian/9/templates/web/nginx/php-fpm/vbulletin5.stpl

diff --git a/install/debian/9/templates/web/nginx/php-fpm/vbulletin5.stpl b/install/debian/9/templates/web/nginx/php-fpm/vbulletin5.stpl
new file mode 100644
index 00000000..eebb3e42
--- /dev/null
+++ b/install/debian/9/templates/web/nginx/php-fpm/vbulletin5.stpl
@@ -0,0 +1,105 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    # legacy css being handled separate for performance
+    location = /css\.php {
+        rewrite ^ /core/css.php break;
+    }
+
+    # make install available from presentation
+    location ^~ /install {
+        rewrite ^/install/ /core/install/ break;
+    }
+
+    # any request to not existing item gets redirected through routestring
+    location / {
+        if (!-f $request_filename) {
+            rewrite ^/(.*)$ /index.php?routestring=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+    }
+
+    # make admincp available from presentation
+    location ^~ /admincp {
+        if (!-f $request_filename) {
+            rewrite ^/admincp/(.*)$ /index.php?routestring=admincp/$1 last;
+        }
+    }
+
+    # process any php scripts, not found gets redirected through routestring
+    location ~ \.php$ {
+    # handles legacy scripts
+        if (!-f $request_filename) {
+            rewrite ^/(.*)$ /index.php?routestring=$1 break;
+        }
+
+        fastcgi_split_path_info ^(.+\.php)(.*)$;
+        fastcgi_pass %backend_lsnr%;
+        fastcgi_index index.php;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        include fastcgi_params;
+        fastcgi_param QUERY_STRING $query_string;
+        fastcgi_param REQUEST_METHOD $request_method;
+        fastcgi_param CONTENT_TYPE $content_type;
+        fastcgi_param CONTENT_LENGTH $content_length;
+        fastcgi_intercept_errors on;
+        fastcgi_ignore_client_abort off;
+        fastcgi_connect_timeout 60;
+        fastcgi_send_timeout 180;
+        fastcgi_read_timeout 180;
+        fastcgi_buffers 256 16k;
+        fastcgi_buffer_size 32k;
+        fastcgi_temp_file_write_size 256k;
+
+        include /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain_idn%.conf*;
+}

From de51aa46926399ea26b72b89dd0db67db2c99786 Mon Sep 17 00:00:00 2001
From: Timo Stramann <21283057+TimoStramann@users.noreply.github.com>
Date: Thu, 4 Jul 2019 02:52:16 +0200
Subject: [PATCH 0468/2300] vBulletin 5 template based on default tpl

---
 .../web/nginx/php-fpm/vbulletin5.tpl          | 100 ++++++++++++++++++
 1 file changed, 100 insertions(+)
 create mode 100644 install/debian/9/templates/web/nginx/php-fpm/vbulletin5.tpl

diff --git a/install/debian/9/templates/web/nginx/php-fpm/vbulletin5.tpl b/install/debian/9/templates/web/nginx/php-fpm/vbulletin5.tpl
new file mode 100644
index 00000000..2c5c9988
--- /dev/null
+++ b/install/debian/9/templates/web/nginx/php-fpm/vbulletin5.tpl
@@ -0,0 +1,100 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    # legacy css being handled separate for performance
+    location = /css\.php {
+        rewrite ^ /core/css.php break;
+    }
+
+    # make install available from presentation
+    location ^~ /install {
+        rewrite ^/install/ /core/install/ break;
+    }
+
+    # any request to not existing item gets redirected through routestring
+    location / {
+        if (!-f $request_filename) {
+            rewrite ^/(.*)$ /index.php?routestring=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+    }
+
+    # make admincp available from presentation
+    location ^~ /admincp {
+        if (!-f $request_filename) {
+            rewrite ^/admincp/(.*)$ /index.php?routestring=admincp/$1 last;
+        }
+    }
+
+    # process any php scripts, not found gets redirected through routestring
+    location ~ \.php$ {
+    # handles legacy scripts
+        if (!-f $request_filename) {
+            rewrite ^/(.*)$ /index.php?routestring=$1 break;
+        }
+
+        fastcgi_split_path_info ^(.+\.php)(.*)$;
+        fastcgi_pass %backend_lsnr%;
+        fastcgi_index index.php;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        include fastcgi_params;
+        fastcgi_param QUERY_STRING $query_string;
+        fastcgi_param REQUEST_METHOD $request_method;
+        fastcgi_param CONTENT_TYPE $content_type;
+        fastcgi_param CONTENT_LENGTH $content_length;
+        fastcgi_intercept_errors on;
+        fastcgi_ignore_client_abort off;
+        fastcgi_connect_timeout 60;
+        fastcgi_send_timeout 180;
+        fastcgi_read_timeout 180;
+        fastcgi_buffers 256 16k;
+        fastcgi_buffer_size 32k;
+        fastcgi_temp_file_write_size 256k;
+
+        include /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain_idn%.conf*;
+}

From 8d83d0235e2ee44b9613559cce792b1985b2c3f1 Mon Sep 17 00:00:00 2001
From: Timo Stramann <21283057+TimoStramann@users.noreply.github.com>
Date: Thu, 4 Jul 2019 02:53:03 +0200
Subject: [PATCH 0469/2300] vBulletin 5 template based on default tpl

---
 .../web/nginx/php-fpm/vbulletin5.tpl          | 100 ++++++++++++++++++
 1 file changed, 100 insertions(+)
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/vbulletin5.tpl

diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/vbulletin5.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/vbulletin5.tpl
new file mode 100644
index 00000000..2c5c9988
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/vbulletin5.tpl
@@ -0,0 +1,100 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    # legacy css being handled separate for performance
+    location = /css\.php {
+        rewrite ^ /core/css.php break;
+    }
+
+    # make install available from presentation
+    location ^~ /install {
+        rewrite ^/install/ /core/install/ break;
+    }
+
+    # any request to not existing item gets redirected through routestring
+    location / {
+        if (!-f $request_filename) {
+            rewrite ^/(.*)$ /index.php?routestring=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+    }
+
+    # make admincp available from presentation
+    location ^~ /admincp {
+        if (!-f $request_filename) {
+            rewrite ^/admincp/(.*)$ /index.php?routestring=admincp/$1 last;
+        }
+    }
+
+    # process any php scripts, not found gets redirected through routestring
+    location ~ \.php$ {
+    # handles legacy scripts
+        if (!-f $request_filename) {
+            rewrite ^/(.*)$ /index.php?routestring=$1 break;
+        }
+
+        fastcgi_split_path_info ^(.+\.php)(.*)$;
+        fastcgi_pass %backend_lsnr%;
+        fastcgi_index index.php;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        include fastcgi_params;
+        fastcgi_param QUERY_STRING $query_string;
+        fastcgi_param REQUEST_METHOD $request_method;
+        fastcgi_param CONTENT_TYPE $content_type;
+        fastcgi_param CONTENT_LENGTH $content_length;
+        fastcgi_intercept_errors on;
+        fastcgi_ignore_client_abort off;
+        fastcgi_connect_timeout 60;
+        fastcgi_send_timeout 180;
+        fastcgi_read_timeout 180;
+        fastcgi_buffers 256 16k;
+        fastcgi_buffer_size 32k;
+        fastcgi_temp_file_write_size 256k;
+
+        include /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain_idn%.conf*;
+}

From ef36a47ce0f7f605a96eae588cdc69223241d3b1 Mon Sep 17 00:00:00 2001
From: Timo Stramann <21283057+TimoStramann@users.noreply.github.com>
Date: Thu, 4 Jul 2019 02:53:49 +0200
Subject: [PATCH 0470/2300] vBulletin 5 template based on default stpl

---
 .../web/nginx/php-fpm/vbulletin5.stpl         | 105 ++++++++++++++++++
 1 file changed, 105 insertions(+)
 create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/vbulletin5.stpl

diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/vbulletin5.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/vbulletin5.stpl
new file mode 100644
index 00000000..eebb3e42
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/vbulletin5.stpl
@@ -0,0 +1,105 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    # legacy css being handled separate for performance
+    location = /css\.php {
+        rewrite ^ /core/css.php break;
+    }
+
+    # make install available from presentation
+    location ^~ /install {
+        rewrite ^/install/ /core/install/ break;
+    }
+
+    # any request to not existing item gets redirected through routestring
+    location / {
+        if (!-f $request_filename) {
+            rewrite ^/(.*)$ /index.php?routestring=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+    }
+
+    # make admincp available from presentation
+    location ^~ /admincp {
+        if (!-f $request_filename) {
+            rewrite ^/admincp/(.*)$ /index.php?routestring=admincp/$1 last;
+        }
+    }
+
+    # process any php scripts, not found gets redirected through routestring
+    location ~ \.php$ {
+    # handles legacy scripts
+        if (!-f $request_filename) {
+            rewrite ^/(.*)$ /index.php?routestring=$1 break;
+        }
+
+        fastcgi_split_path_info ^(.+\.php)(.*)$;
+        fastcgi_pass %backend_lsnr%;
+        fastcgi_index index.php;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        include fastcgi_params;
+        fastcgi_param QUERY_STRING $query_string;
+        fastcgi_param REQUEST_METHOD $request_method;
+        fastcgi_param CONTENT_TYPE $content_type;
+        fastcgi_param CONTENT_LENGTH $content_length;
+        fastcgi_intercept_errors on;
+        fastcgi_ignore_client_abort off;
+        fastcgi_connect_timeout 60;
+        fastcgi_send_timeout 180;
+        fastcgi_read_timeout 180;
+        fastcgi_buffers 256 16k;
+        fastcgi_buffer_size 32k;
+        fastcgi_temp_file_write_size 256k;
+
+        include /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain_idn%.conf*;
+}

From 81842cc878157d10d61e5cae5a2e8a26f9906df9 Mon Sep 17 00:00:00 2001
From: Timo Stramann <21283057+TimoStramann@users.noreply.github.com>
Date: Thu, 4 Jul 2019 02:55:10 +0200
Subject: [PATCH 0471/2300] vBulletin 5 template based on default tpl

---
 .../web/nginx/php-fpm/vbulletin5.tpl          | 100 ++++++++++++++++++
 1 file changed, 100 insertions(+)
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/vbulletin5.tpl

diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/vbulletin5.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/vbulletin5.tpl
new file mode 100644
index 00000000..2c5c9988
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/vbulletin5.tpl
@@ -0,0 +1,100 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    # legacy css being handled separate for performance
+    location = /css\.php {
+        rewrite ^ /core/css.php break;
+    }
+
+    # make install available from presentation
+    location ^~ /install {
+        rewrite ^/install/ /core/install/ break;
+    }
+
+    # any request to not existing item gets redirected through routestring
+    location / {
+        if (!-f $request_filename) {
+            rewrite ^/(.*)$ /index.php?routestring=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+    }
+
+    # make admincp available from presentation
+    location ^~ /admincp {
+        if (!-f $request_filename) {
+            rewrite ^/admincp/(.*)$ /index.php?routestring=admincp/$1 last;
+        }
+    }
+
+    # process any php scripts, not found gets redirected through routestring
+    location ~ \.php$ {
+    # handles legacy scripts
+        if (!-f $request_filename) {
+            rewrite ^/(.*)$ /index.php?routestring=$1 break;
+        }
+
+        fastcgi_split_path_info ^(.+\.php)(.*)$;
+        fastcgi_pass %backend_lsnr%;
+        fastcgi_index index.php;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        include fastcgi_params;
+        fastcgi_param QUERY_STRING $query_string;
+        fastcgi_param REQUEST_METHOD $request_method;
+        fastcgi_param CONTENT_TYPE $content_type;
+        fastcgi_param CONTENT_LENGTH $content_length;
+        fastcgi_intercept_errors on;
+        fastcgi_ignore_client_abort off;
+        fastcgi_connect_timeout 60;
+        fastcgi_send_timeout 180;
+        fastcgi_read_timeout 180;
+        fastcgi_buffers 256 16k;
+        fastcgi_buffer_size 32k;
+        fastcgi_temp_file_write_size 256k;
+
+        include /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain_idn%.conf*;
+}

From ce6640010bc9fd6f1adef0b40b3643610152a9d8 Mon Sep 17 00:00:00 2001
From: Timo Stramann <21283057+TimoStramann@users.noreply.github.com>
Date: Thu, 4 Jul 2019 02:55:47 +0200
Subject: [PATCH 0472/2300] vBulletin 5 template based on default tpl

---
 .../web/nginx/php-fpm/vbulletin5.stpl         | 105 ++++++++++++++++++
 1 file changed, 105 insertions(+)
 create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/vbulletin5.stpl

diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/vbulletin5.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/vbulletin5.stpl
new file mode 100644
index 00000000..eebb3e42
--- /dev/null
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/vbulletin5.stpl
@@ -0,0 +1,105 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    # legacy css being handled separate for performance
+    location = /css\.php {
+        rewrite ^ /core/css.php break;
+    }
+
+    # make install available from presentation
+    location ^~ /install {
+        rewrite ^/install/ /core/install/ break;
+    }
+
+    # any request to not existing item gets redirected through routestring
+    location / {
+        if (!-f $request_filename) {
+            rewrite ^/(.*)$ /index.php?routestring=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+    }
+
+    # make admincp available from presentation
+    location ^~ /admincp {
+        if (!-f $request_filename) {
+            rewrite ^/admincp/(.*)$ /index.php?routestring=admincp/$1 last;
+        }
+    }
+
+    # process any php scripts, not found gets redirected through routestring
+    location ~ \.php$ {
+    # handles legacy scripts
+        if (!-f $request_filename) {
+            rewrite ^/(.*)$ /index.php?routestring=$1 break;
+        }
+
+        fastcgi_split_path_info ^(.+\.php)(.*)$;
+        fastcgi_pass %backend_lsnr%;
+        fastcgi_index index.php;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        include fastcgi_params;
+        fastcgi_param QUERY_STRING $query_string;
+        fastcgi_param REQUEST_METHOD $request_method;
+        fastcgi_param CONTENT_TYPE $content_type;
+        fastcgi_param CONTENT_LENGTH $content_length;
+        fastcgi_intercept_errors on;
+        fastcgi_ignore_client_abort off;
+        fastcgi_connect_timeout 60;
+        fastcgi_send_timeout 180;
+        fastcgi_read_timeout 180;
+        fastcgi_buffers 256 16k;
+        fastcgi_buffer_size 32k;
+        fastcgi_temp_file_write_size 256k;
+
+        include /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain_idn%.conf*;
+}

From 632a507b3291abf96fcdef2308de1e279cd90751 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 12 Jul 2019 01:28:59 +0200
Subject: [PATCH 0473/2300] deb10

---
 install/vst-install-debian.sh | 42 ++++++++++++-----------------------
 1 file changed, 14 insertions(+), 28 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index b4b6c375..0c392038 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -14,11 +14,23 @@ VESTA='/usr/local/vesta'
 memory=$(grep 'MemTotal' /proc/meminfo |tr ' ' '\n' |grep [0-9])
 arch=$(uname -i)
 os='debian'
-release=$(cat /etc/debian_version|grep -o [0-9]|head -n1)
+release=$(cat /etc/debian_version | tr "." "\n" | head -n1)
 codename="$(cat /etc/os-release |grep VERSION= |cut -f 2 -d \(|cut -f 1 -d \))"
 vestacp="$VESTA/install/$VERSION/$release"
 
-if [ "$release" -eq 9 ]; then
+if [ "$release" -eq 10 ]; then
+    software="nginx apache2 apache2-utils apache2-suexec-custom
+        libapache2-mod-fcgid libapache2-mod-php php
+        php-common php-cgi php-mysql php-curl php-fpm php-pgsql awstats
+        webalizer vsftpd proftpd-basic bind9 exim4 exim4-daemon-heavy
+        clamav-daemon spamassassin dovecot-imapd dovecot-pop3d roundcube-core
+        roundcube-mysql roundcube-plugins mysql-server mysql-common
+        mysql-client postgresql postgresql-contrib phppgadmin phpmyadmin mc
+        flex whois rssh git idn zip sudo bc ftp lsof ntpdate rrdtool quota
+        e2fslibs bsdutils e2fsprogs curl imagemagick fail2ban dnsutils
+        bsdmainutils cron vesta vesta-nginx vesta-php expect libmail-dkim-perl
+        unrar-free vim-common net-tools unzip"
+elif [ "$release" -eq 9 ]; then
     software="nginx apache2 apache2-utils apache2-suexec-custom
         libapache2-mod-ruid2 libapache2-mod-fcgid libapache2-mod-php php
         php-common php-cgi php-mysql php-curl php-fpm php-pgsql awstats
@@ -30,32 +42,6 @@ if [ "$release" -eq 9 ]; then
         e2fslibs bsdutils e2fsprogs curl imagemagick fail2ban dnsutils
         bsdmainutils cron vesta vesta-nginx vesta-php expect libmail-dkim-perl
         unrar-free vim-common vesta-ioncube vesta-softaculous net-tools unzip"
-elif [ "$release" -eq 8 ]; then
-    software="nginx apache2 apache2-utils apache2.2-common
-        apache2-suexec-custom libapache2-mod-ruid2
-        libapache2-mod-fcgid libapache2-mod-php5 php5 php5-common php5-cgi
-        php5-mysql php5-curl php5-fpm php5-pgsql awstats webalizer vsftpd
-        proftpd-basic bind9 exim4 exim4-daemon-heavy clamav-daemon
-        spamassassin dovecot-imapd dovecot-pop3d roundcube-core
-        roundcube-mysql roundcube-plugins mysql-server mysql-common
-        mysql-client postgresql postgresql-contrib phppgadmin phpMyAdmin mc
-        flex whois rssh git idn zip sudo bc ftp lsof ntpdate rrdtool quota
-        e2fslibs bsdutils e2fsprogs curl imagemagick fail2ban dnsutils
-        bsdmainutils cron vesta vesta-nginx vesta-php expect libmail-dkim-perl
-        unrar-free vim-common vesta-ioncube vesta-softaculous net-tools unzip"
-else
-    software="nginx apache2 apache2-utils apache2.2-common
-        apache2-suexec-custom libapache2-mod-ruid2
-        libapache2-mod-fcgid libapache2-mod-php5 php5 php5-common php5-cgi
-        php5-mysql php5-curl php5-fpm php5-pgsql awstats webalizer vsftpd
-        proftpd-basic proftpd-mod-vroot bind9 exim4 exim4-daemon-heavy
-        clamav-daemon spamassassin dovecot-imapd dovecot-pop3d roundcube-core
-        roundcube-mysql roundcube-plugins mysql-server mysql-common
-        mysql-client postgresql postgresql-contrib phppgadmin phpMyAdmin mc
-        flex whois rssh git idn zip sudo bc ftp lsof ntpdate rrdtool quota
-        e2fslibs bsdutils e2fsprogs curl imagemagick fail2ban dnsutils
-        bsdmainutils cron vesta vesta-nginx vesta-php expect unrar-free
-        vim-common vesta-ioncube vesta-softaculous net-tools unzip"
 fi
 
 # Defining help function

From 842d45f6001daf81c877dd8b0dc97263c0f613d6 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 12 Jul 2019 01:46:43 +0200
Subject: [PATCH 0474/2300] new repo

---
 install/vst-install-debian.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 0c392038..e209f591 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -7,8 +7,8 @@
 #----------------------------------------------------------#
 export PATH=$PATH:/sbin
 export DEBIAN_FRONTEND=noninteractive
-RHOST='apt.vestacp.com'
-CHOST='c.vestacp.com'
+RHOST='vesta.mycity-hosting.com'
+CHOST='c.mycity-hosting.com'
 VERSION='debian'
 VESTA='/usr/local/vesta'
 memory=$(grep 'MemTotal' /proc/meminfo |tr ' ' '\n' |grep [0-9])

From 873c0a97b0ebe22a0595b48610cadb8859c2a66b Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 12 Jul 2019 02:28:23 +0200
Subject: [PATCH 0475/2300] php-fpm in installer

---
 install/vst-install-debian.sh | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index e209f591..a7ea39b0 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -19,8 +19,8 @@ codename="$(cat /etc/os-release |grep VERSION= |cut -f 2 -d \(|cut -f 1 -d \))"
 vestacp="$VESTA/install/$VERSION/$release"
 
 if [ "$release" -eq 10 ]; then
-    software="nginx apache2 apache2-utils apache2-suexec-custom
-        libapache2-mod-fcgid libapache2-mod-php php
+    software="nginx apache2 apache2-utils
+        libapache2-mod-fcgid php-fpm php
         php-common php-cgi php-mysql php-curl php-fpm php-pgsql awstats
         webalizer vsftpd proftpd-basic bind9 exim4 exim4-daemon-heavy
         clamav-daemon spamassassin dovecot-imapd dovecot-pop3d roundcube-core
@@ -857,10 +857,10 @@ if [ "$apache" = 'yes'  ]; then
     cp -f $vestacp/apache2/status.conf /etc/apache2/mods-enabled/
     cp -f  $vestacp/logrotate/apache2 /etc/logrotate.d/
     a2enmod rewrite
-    a2enmod suexec
+    # a2enmod suexec
     a2enmod ssl
     a2enmod actions
-    a2enmod ruid2
+    # a2enmod ruid2
     a2enmod headers
     mkdir -p /etc/apache2/conf.d
     echo > /etc/apache2/conf.d/vesta.conf

From fa5d76fcb7709d4994b704f9dfaf5dc6c3a415ae Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 12 Jul 2019 02:45:17 +0200
Subject: [PATCH 0476/2300] installer -eq 10

---
 install/vst-install-debian.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index a7ea39b0..3d1ba693 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1065,7 +1065,7 @@ if [ "$dovecot" = 'yes' ]; then
     cp -rf $vestacp/dovecot /etc/
     cp -f $vestacp/logrotate/dovecot /etc/logrotate.d/
     chown -R root:root /etc/dovecot*
-    if [ "$release" -eq 9 ]; then
+    if [ "$release" -eq 9 ] || [ "$release" -eq 10 ]; then
         sed -i "s#namespace inbox {#namespace inbox {\n  inbox = yes#" /etc/dovecot/conf.d/15-mailboxes.conf
     fi
     update-rc.d dovecot defaults
@@ -1143,7 +1143,7 @@ if [ "$exim" = 'yes' ] && [ "$mysql" = 'yes' ]; then
         /etc/roundcube/plugins/password/config.inc.php
     mysql roundcube < /usr/share/dbconfig-common/data/roundcube/install/mysql
     chmod a+r /etc/roundcube/main.inc.php
-    if [ "$release" -eq 8 ] || [ "$release" -eq 9 ]; then
+    if [ "$release" -eq 8 ] || [ "$release" -eq 9 ] || [ "$release" -eq 10 ]; then
         mv -f /etc/roundcube/main.inc.php /etc/roundcube/config.inc.php
         mv -f /etc/roundcube/db.inc.php /etc/roundcube/debian-db-roundcube.php
         chmod 640 /etc/roundcube/debian-db-roundcube.php

From 6a9f65d98e212066bd7abdca27f811f7355633e5 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 12 Jul 2019 13:30:37 +0200
Subject: [PATCH 0477/2300] Turning off sending mail

---
 install/vst-install-debian.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 3d1ba693..23ee46d8 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1366,8 +1366,8 @@ Sincerely yours
 vestacp.com team
 " > $tmpfile
 
-send_mail="$VESTA/web/inc/mail-wrapper.php"
-cat $tmpfile | $send_mail -s "Vesta Control Panel" $email
+# send_mail="$VESTA/web/inc/mail-wrapper.php"
+# cat $tmpfile | $send_mail -s "Vesta Control Panel" $email
 
 # Congrats
 echo '======================================================='

From ab26bb3e9cf494e0ed359cefccd1085ec863973b Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 12 Jul 2019 14:21:17 +0200
Subject: [PATCH 0478/2300] deb10 phpmyadmin

---
 install/vst-install-debian.sh | 42 +++++++++++++++++++++++++++++++----
 1 file changed, 38 insertions(+), 4 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 23ee46d8..5570483c 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -24,9 +24,9 @@ if [ "$release" -eq 10 ]; then
         php-common php-cgi php-mysql php-curl php-fpm php-pgsql awstats
         webalizer vsftpd proftpd-basic bind9 exim4 exim4-daemon-heavy
         clamav-daemon spamassassin dovecot-imapd dovecot-pop3d roundcube-core
-        roundcube-mysql roundcube-plugins mysql-server mysql-common
-        mysql-client postgresql postgresql-contrib phppgadmin phpmyadmin mc
-        flex whois rssh git idn zip sudo bc ftp lsof ntpdate rrdtool quota
+        roundcube-mysql roundcube-plugins mariadb-server mariadb-common
+        mariadb-client postgresql postgresql-contrib phppgadmin mc
+        flex whois git idn zip sudo bc ftp lsof ntpdate rrdtool quota
         e2fslibs bsdutils e2fsprogs curl imagemagick fail2ban dnsutils
         bsdmainutils cron vesta vesta-nginx vesta-php expect libmail-dkim-perl
         unrar-free vim-common net-tools unzip"
@@ -623,7 +623,7 @@ echo -e '#!/bin/sh \nexit 101' > /usr/sbin/policy-rc.d
 chmod a+x /usr/sbin/policy-rc.d
 
 # Install apt packages
-apt-get -y install $software
+apt-get --allow-unauthenticated -y install $software
 check_result $? "apt-get install failed"
 
 # Restore  policy
@@ -981,6 +981,40 @@ if [ "$mysql" = 'yes' ]; then
     fi
     cp -f $vestacp/pma/config.inc.php /etc/phpmyadmin/
     chmod 777 /var/lib/phpmyadmin/tmp
+    if [ "$release" -eq 10 ]; then
+      # Code borrowed from HestiaCP
+      pma_v='4.9.0.1'
+      echo "(*) Installing phpMyAdmin version v$pma_v..."
+
+      # Download latest phpmyadmin release
+      wget --quiet https://files.phpmyadmin.net/phpMyAdmin/$pma_v/phpMyAdmin-$pma_v-all-languages.tar.gz
+
+      # Unpack files
+      tar xzf phpMyAdmin-$pma_v-all-languages.tar.gz
+
+      # Delete file to prevent error
+      rm -fr /usr/share/phpmyadmin/doc/html
+
+      # Overwrite old files
+      cp -rf phpMyAdmin-$pma_v-all-languages/* /usr/share/phpmyadmin
+
+      # Set config and log directory
+      sed -i "s|define('CONFIG_DIR', '');|define('CONFIG_DIR', '/etc/phpmyadmin/');|" /usr/share/phpmyadmin/libraries/vendor_config.php
+      sed -i "s|define('TEMP_DIR', './tmp/');|define('TEMP_DIR', '/var/lib/phpmyadmin/tmp/');|" /usr/share/phpmyadmin/libraries/vendor_config.php
+
+      # Create temporary folder and change permission
+      mkdir /usr/share/phpmyadmin/tmp
+      chmod 777 /usr/share/phpmyadmin/tmp
+
+      # Clear Up
+      rm -fr phpMyAdmin-$pma_v-all-languages
+      rm -f phpMyAdmin-$pma_v-all-languages.tar.gz
+      
+      mkdir /root/phpmyadmin
+      wget -nv -O /root/phpmyadmin/pma.sh http://c.mycity-hosting.com/debian/10/pma/pma.sh 
+      wget -nv -O /root/phpmyadmin/create_tables.sql http://c.mycity-hosting.com/debian/10/pma/create_tables.sql
+      bash /root/phpmyadmin/pma.sh
+  fi
 fi
 
 #----------------------------------------------------------#

From 4b184ab7f55ecbefedd804ef1464189e5f57f98d Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 12 Jul 2019 14:33:06 +0200
Subject: [PATCH 0479/2300] deb key

---
 install/vst-install-debian.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 5570483c..ee59f4cf 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -260,7 +260,7 @@ if [ ! -e '/usr/bin/wget' ]; then
 fi
 
 # Checking repository availability
-wget -q "c.vestacp.com/deb_signing.key" -O /dev/null
+wget -q "c.mycity-hosting.com/deb_signing.key" -O /dev/null
 check_result $? "No access to Vesta repository"
 
 # Check installed packages
@@ -623,7 +623,7 @@ echo -e '#!/bin/sh \nexit 101' > /usr/sbin/policy-rc.d
 chmod a+x /usr/sbin/policy-rc.d
 
 # Install apt packages
-apt-get --allow-unauthenticated -y install $software
+apt-get -y install $software
 check_result $? "apt-get install failed"
 
 # Restore  policy

From 792edbe685d637ebcb0bf5258a878f01f608059d Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 12 Jul 2019 15:56:04 +0200
Subject: [PATCH 0480/2300] Removing rssh

---
 install/vst-install-debian.sh | 19 ++++++++++---------
 1 file changed, 10 insertions(+), 9 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index ee59f4cf..d2200d36 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -654,15 +654,16 @@ echo "$(which ntpdate) -s pool.ntp.org" >> /etc/cron.daily/ntpdate
 chmod 775 /etc/cron.daily/ntpdate
 ntpdate -s pool.ntp.org
 
-# Setup rssh
-if [ -z "$(grep /usr/bin/rssh /etc/shells)" ]; then
-    echo /usr/bin/rssh >> /etc/shells
+if [ "$release" -eq 9 ]; then
+  # Setup rssh
+  if [ -z "$(grep /usr/bin/rssh /etc/shells)" ]; then
+      echo /usr/bin/rssh >> /etc/shells
+  fi
+  sed -i 's/#allowscp/allowscp/' /etc/rssh.conf
+  sed -i 's/#allowsftp/allowsftp/' /etc/rssh.conf
+  sed -i 's/#allowrsync/allowrsync/' /etc/rssh.conf
+  chmod 755 /usr/bin/rssh
 fi
-sed -i 's/#allowscp/allowscp/' /etc/rssh.conf
-sed -i 's/#allowsftp/allowsftp/' /etc/rssh.conf
-sed -i 's/#allowrsync/allowrsync/' /etc/rssh.conf
-chmod 755 /usr/bin/rssh
-
 
 #----------------------------------------------------------#
 #                     Configure VESTA                      #
@@ -867,7 +868,7 @@ if [ "$apache" = 'yes'  ]; then
     echo "# Powered by vesta" > /etc/apache2/sites-available/default
     echo "# Powered by vesta" > /etc/apache2/sites-available/default-ssl
     echo "# Powered by vesta" > /etc/apache2/ports.conf
-    echo -e "/home\npublic_html/cgi-bin" > /etc/apache2/suexec/www-data
+    # echo -e "/home\npublic_html/cgi-bin" > /etc/apache2/suexec/www-data
     touch /var/log/apache2/access.log /var/log/apache2/error.log
     mkdir -p /var/log/apache2/domains
     chmod a+x /var/log/apache2

From b33ea7357764d600a8c392d81d43efb24766f7f5 Mon Sep 17 00:00:00 2001
From: myvesta 
Date: Fri, 12 Jul 2019 16:02:33 +0200
Subject: [PATCH 0481/2300] deb10 configs

---
 install/debian/10/apache2/apache2.conf        |  94 ++
 install/debian/10/apache2/status.conf         |   8 +
 install/debian/10/bind/named.conf             |  12 +
 install/debian/10/clamav/clamd.conf           |  60 ++
 install/debian/10/deb_signing.key             |  30 +
 install/debian/10/dovecot/conf.d/10-auth.conf |   4 +
 .../debian/10/dovecot/conf.d/10-logging.conf  |   1 +
 install/debian/10/dovecot/conf.d/10-mail.conf |   4 +
 .../debian/10/dovecot/conf.d/10-master.conf   |  29 +
 install/debian/10/dovecot/conf.d/10-ssl.conf  |   3 +
 install/debian/10/dovecot/conf.d/20-imap.conf |  58 ++
 install/debian/10/dovecot/conf.d/20-pop3.conf |  91 ++
 .../dovecot/conf.d/auth-passwdfile.conf.ext   |   9 +
 install/debian/10/dovecot/dovecot.conf        |   4 +
 install/debian/10/exim/dnsbl.conf             |   2 +
 install/debian/10/exim/exim4.conf.template    | 382 ++++++++
 install/debian/10/exim/spam-blocks.conf       |   0
 .../debian/10/fail2ban/action.d/vesta.conf    |   9 +
 .../debian/10/fail2ban/filter.d/vesta.conf    |  10 +
 install/debian/10/fail2ban/jail.local         |  39 +
 install/debian/10/firewall/ports.conf         |  17 +
 install/debian/10/firewall/rules.conf         |  11 +
 install/debian/10/logrotate/apache2           |  19 +
 install/debian/10/logrotate/dovecot           |  12 +
 install/debian/10/logrotate/nginx             |  13 +
 install/debian/10/logrotate/vesta             |   7 +
 install/debian/10/mysql/my-large.cnf          |  42 +
 install/debian/10/mysql/my-medium.cnf         |  40 +
 install/debian/10/mysql/my-small.cnf          |  40 +
 install/debian/10/nginx/nginx.conf            | 137 +++
 install/debian/10/nginx/phpmyadmin.inc        |  18 +
 install/debian/10/nginx/phppgadmin.inc        |  11 +
 install/debian/10/nginx/status.conf           |   9 +
 install/debian/10/nginx/webmail.inc           |  15 +
 install/debian/10/packages/default.pkg        |  18 +
 install/debian/10/pga/config.inc.php          | 159 ++++
 install/debian/10/pga/phppgadmin.conf         |  31 +
 install/debian/10/php-fpm/www.conf            |  11 +
 install/debian/10/pma/apache.conf             |  42 +
 install/debian/10/pma/config.inc.php          | 146 +++
 install/debian/10/pma/create_tables.sql       | 385 ++++++++
 install/debian/10/pma/pma.sh                  | 146 +++
 install/debian/10/postgresql/pg_hba.conf      |  11 +
 install/debian/10/proftpd/proftpd.conf        |  32 +
 install/debian/10/roundcube/apache.conf       |  40 +
 install/debian/10/roundcube/config.inc.php    |  33 +
 install/debian/10/roundcube/db.inc.php        |  66 ++
 install/debian/10/roundcube/main.inc.php      | 850 ++++++++++++++++++
 install/debian/10/roundcube/vesta.php         |  73 ++
 install/debian/10/sudo/admin                  |   8 +
 install/debian/10/templates/dns/child-ns.tpl  |  14 +
 install/debian/10/templates/dns/default.tpl   |  18 +
 install/debian/10/templates/dns/gmail.tpl     |  12 +
 .../web/apache2/PHP-FPM-73-public.sh          |  87 ++
 .../web/apache2/PHP-FPM-73-public.stpl        |  44 +
 .../web/apache2/PHP-FPM-73-public.tpl         |  38 +
 .../10/templates/web/apache2/PHP-FPM-73.sh    |  86 ++
 .../10/templates/web/apache2/PHP-FPM-73.stpl  |  44 +
 .../10/templates/web/apache2/PHP-FPM-73.tpl   |  38 +
 .../10/templates/web/awstats/awstats.tpl      | 133 +++
 .../debian/10/templates/web/awstats/index.tpl |  10 +
 .../debian/10/templates/web/awstats/nav.tpl   |  23 +
 .../web/nginx/force-https-legacy.stpl         |  38 +
 .../web/nginx/force-https-legacy.tpl          |   8 +
 .../web/nginx/force-https-public.stpl         |  38 +
 .../web/nginx/force-https-public.tpl          |   8 +
 .../10/templates/web/nginx/force-https.stpl   |  38 +
 .../10/templates/web/nginx/force-https.tpl    |   8 +
 .../templates/web/nginx/hosting-public.stpl   |  38 +
 .../10/templates/web/nginx/hosting-public.tpl |  35 +
 .../web/nginx/hosting-webmail-phpmyadmin.stpl |  62 ++
 .../web/nginx/hosting-webmail-phpmyadmin.tpl  |  59 ++
 .../templates/web/nginx/hosting-webmail.stpl  |  50 ++
 .../templates/web/nginx/hosting-webmail.tpl   |  47 +
 .../debian/10/templates/web/nginx/hosting.sh  |  11 +
 .../10/templates/web/nginx/hosting.stpl       |  38 +
 .../debian/10/templates/web/nginx/hosting.tpl |  35 +
 .../web/nginx/php-fpm/cms_made_simple.stpl    |  56 ++
 .../web/nginx/php-fpm/cms_made_simple.tpl     |  52 ++
 .../web/nginx/php-fpm/codeigniter2.stpl       |  61 ++
 .../web/nginx/php-fpm/codeigniter2.tpl        |  57 ++
 .../web/nginx/php-fpm/codeigniter3.stpl       |  56 ++
 .../web/nginx/php-fpm/codeigniter3.tpl        |  52 ++
 .../web/nginx/php-fpm/datalife_engine.stpl    | 127 +++
 .../web/nginx/php-fpm/datalife_engine.tpl     | 123 +++
 .../templates/web/nginx/php-fpm/default.stpl  |  55 ++
 .../templates/web/nginx/php-fpm/default.tpl   |  51 ++
 .../templates/web/nginx/php-fpm/dokuwiki.stpl |  72 ++
 .../templates/web/nginx/php-fpm/dokuwiki.tpl  |  67 ++
 .../templates/web/nginx/php-fpm/drupal6.stpl  |  95 ++
 .../templates/web/nginx/php-fpm/drupal6.tpl   |  91 ++
 .../templates/web/nginx/php-fpm/drupal7.stpl  |  95 ++
 .../templates/web/nginx/php-fpm/drupal7.tpl   |  91 ++
 .../templates/web/nginx/php-fpm/drupal8.stpl  |  95 ++
 .../templates/web/nginx/php-fpm/drupal8.tpl   |  91 ++
 .../templates/web/nginx/php-fpm/joomla.stpl   |  63 ++
 .../10/templates/web/nginx/php-fpm/joomla.tpl |  59 ++
 .../templates/web/nginx/php-fpm/laravel.stpl  |  56 ++
 .../templates/web/nginx/php-fpm/laravel.tpl   |  50 ++
 .../templates/web/nginx/php-fpm/magento.stpl  | 198 ++++
 .../templates/web/nginx/php-fpm/magento.tpl   | 194 ++++
 .../10/templates/web/nginx/php-fpm/modx.stpl  |  69 ++
 .../10/templates/web/nginx/php-fpm/modx.tpl   |  65 ++
 .../templates/web/nginx/php-fpm/moodle.stpl   |  90 ++
 .../10/templates/web/nginx/php-fpm/moodle.tpl |  87 ++
 .../templates/web/nginx/php-fpm/no-php.stpl   |  47 +
 .../10/templates/web/nginx/php-fpm/no-php.tpl |  43 +
 .../10/templates/web/nginx/php-fpm/odoo.stpl  |  70 ++
 .../10/templates/web/nginx/php-fpm/odoo.tpl   |  66 ++
 .../templates/web/nginx/php-fpm/opencart.stpl |  59 ++
 .../templates/web/nginx/php-fpm/opencart.tpl  |  54 ++
 .../templates/web/nginx/php-fpm/owncloud.stpl |  85 ++
 .../templates/web/nginx/php-fpm/owncloud.tpl  |  81 ++
 .../10/templates/web/nginx/php-fpm/piwik.stpl |  73 ++
 .../10/templates/web/nginx/php-fpm/piwik.tpl  |  69 ++
 .../templates/web/nginx/php-fpm/pyrocms.stpl  |  66 ++
 .../templates/web/nginx/php-fpm/pyrocms.tpl   |  62 ++
 .../10/templates/web/nginx/php-fpm/sendy.stpl |  88 ++
 .../10/templates/web/nginx/php-fpm/sendy.tpl  |  86 ++
 .../web/nginx/php-fpm/wordpress.stpl          |  55 ++
 .../templates/web/nginx/php-fpm/wordpress.tpl |  51 ++
 .../web/nginx/php-fpm/wordpress2.stpl         |  67 ++
 .../web/nginx/php-fpm/wordpress2.tpl          |  63 ++
 .../web/nginx/php-fpm/wordpress2_rewrite.stpl |  72 ++
 .../web/nginx/php-fpm/wordpress2_rewrite.tpl  |  67 ++
 .../web/nginx/private-force-https.stpl        |  38 +
 .../web/nginx/private-force-https.tpl         |   8 +
 .../10/templates/web/nginx/private-hosting.sh |  11 +
 .../templates/web/nginx/private-hosting.stpl  |  40 +
 .../templates/web/nginx/private-hosting.tpl   |  37 +
 .../web/nginx/vesta-webmail-phpmyadmin.stpl   |  52 ++
 .../web/nginx/vesta-webmail-phpmyadmin.tpl    |   8 +
 .../debian/10/templates/web/nginx/vesta.stpl  |  32 +
 .../debian/10/templates/web/nginx/vesta.tpl   |   8 +
 .../10/templates/web/php-fpm/default.tpl      |  21 +
 .../10/templates/web/php-fpm/no-php.tpl       |  20 +
 .../10/templates/web/php-fpm/socket.tpl       |  24 +
 .../web/skel/document_errors/403.html         |  29 +
 .../web/skel/document_errors/404.html         |  28 +
 .../web/skel/document_errors/50x.html         |  29 +
 .../templates/web/skel/public_html/index.html |  26 +
 .../templates/web/skel/public_html/robots.txt |   3 +
 .../web/skel/public_shtml/index.html          |  26 +
 .../web/skel/public_shtml/robots.txt          |   3 +
 .../debian/10/templates/web/suspend/.htaccess |   2 +
 .../10/templates/web/suspend/index.html       |  25 +
 .../10/templates/web/webalizer/webalizer.tpl  | 110 +++
 install/debian/10/vsftpd/vsftpd.conf          |  26 +
 148 files changed, 8599 insertions(+)
 create mode 100644 install/debian/10/apache2/apache2.conf
 create mode 100644 install/debian/10/apache2/status.conf
 create mode 100644 install/debian/10/bind/named.conf
 create mode 100644 install/debian/10/clamav/clamd.conf
 create mode 100644 install/debian/10/deb_signing.key
 create mode 100644 install/debian/10/dovecot/conf.d/10-auth.conf
 create mode 100644 install/debian/10/dovecot/conf.d/10-logging.conf
 create mode 100644 install/debian/10/dovecot/conf.d/10-mail.conf
 create mode 100644 install/debian/10/dovecot/conf.d/10-master.conf
 create mode 100644 install/debian/10/dovecot/conf.d/10-ssl.conf
 create mode 100644 install/debian/10/dovecot/conf.d/20-imap.conf
 create mode 100644 install/debian/10/dovecot/conf.d/20-pop3.conf
 create mode 100644 install/debian/10/dovecot/conf.d/auth-passwdfile.conf.ext
 create mode 100644 install/debian/10/dovecot/dovecot.conf
 create mode 100644 install/debian/10/exim/dnsbl.conf
 create mode 100644 install/debian/10/exim/exim4.conf.template
 create mode 100644 install/debian/10/exim/spam-blocks.conf
 create mode 100644 install/debian/10/fail2ban/action.d/vesta.conf
 create mode 100644 install/debian/10/fail2ban/filter.d/vesta.conf
 create mode 100644 install/debian/10/fail2ban/jail.local
 create mode 100644 install/debian/10/firewall/ports.conf
 create mode 100644 install/debian/10/firewall/rules.conf
 create mode 100644 install/debian/10/logrotate/apache2
 create mode 100644 install/debian/10/logrotate/dovecot
 create mode 100644 install/debian/10/logrotate/nginx
 create mode 100644 install/debian/10/logrotate/vesta
 create mode 100644 install/debian/10/mysql/my-large.cnf
 create mode 100644 install/debian/10/mysql/my-medium.cnf
 create mode 100644 install/debian/10/mysql/my-small.cnf
 create mode 100644 install/debian/10/nginx/nginx.conf
 create mode 100644 install/debian/10/nginx/phpmyadmin.inc
 create mode 100644 install/debian/10/nginx/phppgadmin.inc
 create mode 100644 install/debian/10/nginx/status.conf
 create mode 100644 install/debian/10/nginx/webmail.inc
 create mode 100644 install/debian/10/packages/default.pkg
 create mode 100644 install/debian/10/pga/config.inc.php
 create mode 100644 install/debian/10/pga/phppgadmin.conf
 create mode 100644 install/debian/10/php-fpm/www.conf
 create mode 100644 install/debian/10/pma/apache.conf
 create mode 100644 install/debian/10/pma/config.inc.php
 create mode 100644 install/debian/10/pma/create_tables.sql
 create mode 100644 install/debian/10/pma/pma.sh
 create mode 100644 install/debian/10/postgresql/pg_hba.conf
 create mode 100644 install/debian/10/proftpd/proftpd.conf
 create mode 100644 install/debian/10/roundcube/apache.conf
 create mode 100644 install/debian/10/roundcube/config.inc.php
 create mode 100644 install/debian/10/roundcube/db.inc.php
 create mode 100644 install/debian/10/roundcube/main.inc.php
 create mode 100644 install/debian/10/roundcube/vesta.php
 create mode 100644 install/debian/10/sudo/admin
 create mode 100755 install/debian/10/templates/dns/child-ns.tpl
 create mode 100755 install/debian/10/templates/dns/default.tpl
 create mode 100755 install/debian/10/templates/dns/gmail.tpl
 create mode 100755 install/debian/10/templates/web/apache2/PHP-FPM-73-public.sh
 create mode 100644 install/debian/10/templates/web/apache2/PHP-FPM-73-public.stpl
 create mode 100644 install/debian/10/templates/web/apache2/PHP-FPM-73-public.tpl
 create mode 100755 install/debian/10/templates/web/apache2/PHP-FPM-73.sh
 create mode 100644 install/debian/10/templates/web/apache2/PHP-FPM-73.stpl
 create mode 100644 install/debian/10/templates/web/apache2/PHP-FPM-73.tpl
 create mode 100755 install/debian/10/templates/web/awstats/awstats.tpl
 create mode 100755 install/debian/10/templates/web/awstats/index.tpl
 create mode 100755 install/debian/10/templates/web/awstats/nav.tpl
 create mode 100644 install/debian/10/templates/web/nginx/force-https-legacy.stpl
 create mode 100644 install/debian/10/templates/web/nginx/force-https-legacy.tpl
 create mode 100644 install/debian/10/templates/web/nginx/force-https-public.stpl
 create mode 100644 install/debian/10/templates/web/nginx/force-https-public.tpl
 create mode 100644 install/debian/10/templates/web/nginx/force-https.stpl
 create mode 100644 install/debian/10/templates/web/nginx/force-https.tpl
 create mode 100644 install/debian/10/templates/web/nginx/hosting-public.stpl
 create mode 100644 install/debian/10/templates/web/nginx/hosting-public.tpl
 create mode 100644 install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.stpl
 create mode 100644 install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.tpl
 create mode 100644 install/debian/10/templates/web/nginx/hosting-webmail.stpl
 create mode 100644 install/debian/10/templates/web/nginx/hosting-webmail.tpl
 create mode 100755 install/debian/10/templates/web/nginx/hosting.sh
 create mode 100755 install/debian/10/templates/web/nginx/hosting.stpl
 create mode 100755 install/debian/10/templates/web/nginx/hosting.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/cms_made_simple.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/cms_made_simple.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/codeigniter2.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/codeigniter2.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/codeigniter3.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/codeigniter3.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/datalife_engine.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/datalife_engine.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/default.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/default.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/dokuwiki.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/dokuwiki.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/drupal6.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/drupal6.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/drupal7.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/drupal7.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/drupal8.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/drupal8.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/joomla.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/joomla.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/laravel.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/laravel.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/magento.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/magento.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/modx.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/modx.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/moodle.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/moodle.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/no-php.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/no-php.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/odoo.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/odoo.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/opencart.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/opencart.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/owncloud.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/owncloud.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/piwik.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/piwik.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/pyrocms.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/pyrocms.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/sendy.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/sendy.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/wordpress.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/wordpress.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/wordpress2.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/wordpress2.tpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl
 create mode 100644 install/debian/10/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl
 create mode 100644 install/debian/10/templates/web/nginx/private-force-https.stpl
 create mode 100644 install/debian/10/templates/web/nginx/private-force-https.tpl
 create mode 100755 install/debian/10/templates/web/nginx/private-hosting.sh
 create mode 100644 install/debian/10/templates/web/nginx/private-hosting.stpl
 create mode 100644 install/debian/10/templates/web/nginx/private-hosting.tpl
 create mode 100644 install/debian/10/templates/web/nginx/vesta-webmail-phpmyadmin.stpl
 create mode 100644 install/debian/10/templates/web/nginx/vesta-webmail-phpmyadmin.tpl
 create mode 100644 install/debian/10/templates/web/nginx/vesta.stpl
 create mode 100644 install/debian/10/templates/web/nginx/vesta.tpl
 create mode 100644 install/debian/10/templates/web/php-fpm/default.tpl
 create mode 100644 install/debian/10/templates/web/php-fpm/no-php.tpl
 create mode 100644 install/debian/10/templates/web/php-fpm/socket.tpl
 create mode 100755 install/debian/10/templates/web/skel/document_errors/403.html
 create mode 100755 install/debian/10/templates/web/skel/document_errors/404.html
 create mode 100755 install/debian/10/templates/web/skel/document_errors/50x.html
 create mode 100755 install/debian/10/templates/web/skel/public_html/index.html
 create mode 100755 install/debian/10/templates/web/skel/public_html/robots.txt
 create mode 100755 install/debian/10/templates/web/skel/public_shtml/index.html
 create mode 100755 install/debian/10/templates/web/skel/public_shtml/robots.txt
 create mode 100755 install/debian/10/templates/web/suspend/.htaccess
 create mode 100755 install/debian/10/templates/web/suspend/index.html
 create mode 100755 install/debian/10/templates/web/webalizer/webalizer.tpl
 create mode 100644 install/debian/10/vsftpd/vsftpd.conf

diff --git a/install/debian/10/apache2/apache2.conf b/install/debian/10/apache2/apache2.conf
new file mode 100644
index 00000000..2756132a
--- /dev/null
+++ b/install/debian/10/apache2/apache2.conf
@@ -0,0 +1,94 @@
+# It is split into several files forming the configuration hierarchy outlined
+# below, all located in the /etc/apache2/ directory:
+#
+#	/etc/apache2/
+#	|-- apache2.conf
+#	|	`--  ports.conf
+#	|-- mods-enabled
+#	|	|-- *.load
+#	|	`-- *.conf
+#	|-- conf.d
+#	|	`-- *
+
+# Global configuration
+PidFile ${APACHE_PID_FILE}
+Timeout 30
+KeepAlive Off
+MaxKeepAliveRequests 100
+KeepAliveTimeout 10
+
+
+    StartServers          8
+    MinSpareServers       5
+    MaxSpareServers      20
+    ServerLimit         256
+    MaxClients          200
+    MaxRequestsPerChild 4000
+
+
+
+    StartServers          2
+    MinSpareThreads      25
+    MaxSpareThreads      75 
+    ThreadLimit          64
+    ThreadsPerChild      25
+    MaxClients          200
+    MaxRequestsPerChild 4000
+
+
+
+    StartServers          2
+    MinSpareThreads      25
+    MaxSpareThreads      75 
+    ThreadLimit          64
+    ThreadsPerChild      25
+    MaxClients          200
+    MaxRequestsPerChild 4000
+
+
+# These need to be set in /etc/apache2/envvars
+User ${APACHE_RUN_USER}
+Group ${APACHE_RUN_GROUP}
+#User www-data
+#Group www-data
+
+AccessFileName .htaccess
+
+
+    Order allow,deny
+    Deny from all
+    Satisfy all
+
+
+DefaultType None
+HostnameLookups Off
+
+ErrorLog ${APACHE_LOG_DIR}/error.log
+LogLevel warn
+
+# Include module configuration:
+Include mods-enabled/*.load
+Include mods-enabled/*.conf
+
+# Include list of ports to listen on and which to use for name based vhosts
+Include ports.conf
+
+LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
+LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
+LogFormat "%h %l %u %t \"%r\" %>s %O" common
+LogFormat "%{Referer}i -> %U" referer
+LogFormat "%{User-agent}i" agent
+LogFormat "%b" bytes
+
+Include conf.d/
+
+# Include the virtual host configurations:
+#Include sites-enabled/
+
+ErrorDocument 403 /error/403.html
+ErrorDocument 404 /error/404.html
+ErrorDocument 500 /error/50x.html
+ErrorDocument 501 /error/50x.html
+ErrorDocument 502 /error/50x.html
+ErrorDocument 503 /error/50x.html
+ErrorDocument 506 /error/50x.html
diff --git a/install/debian/10/apache2/status.conf b/install/debian/10/apache2/status.conf
new file mode 100644
index 00000000..da9d9633
--- /dev/null
+++ b/install/debian/10/apache2/status.conf
@@ -0,0 +1,8 @@
+Listen 127.0.0.1:8081
+
+    SetHandler server-status
+    Order deny,allow
+    Deny from all
+    Allow from 127.0.0.1
+    Allow from all
+
diff --git a/install/debian/10/bind/named.conf b/install/debian/10/bind/named.conf
new file mode 100644
index 00000000..ed6ece88
--- /dev/null
+++ b/install/debian/10/bind/named.conf
@@ -0,0 +1,12 @@
+// This is the primary configuration file for the BIND DNS server named.
+//
+// Please read /usr/share/doc/bind9/README.Debian.gz for information on the 
+// structure of BIND configuration files in Debian, *BEFORE* you customize 
+// this configuration file.
+//
+// If you are just adding zones, please do that in /etc/bind/named.conf.local
+
+include "/etc/bind/named.conf.options";
+include "/etc/bind/named.conf.local";
+include "/etc/bind/named.conf.default-zones";
+
diff --git a/install/debian/10/clamav/clamd.conf b/install/debian/10/clamav/clamd.conf
new file mode 100644
index 00000000..504cf8f3
--- /dev/null
+++ b/install/debian/10/clamav/clamd.conf
@@ -0,0 +1,60 @@
+#Automatically Generated by clamav-base postinst
+#To reconfigure clamd run #dpkg-reconfigure clamav-base
+#Please read /usr/share/doc/clamav-base/README.Debian.gz for details
+LocalSocket /var/run/clamav/clamd.ctl
+FixStaleSocket true
+LocalSocketGroup clamav
+LocalSocketMode 666
+# TemporaryDirectory is not set to its default /tmp here to make overriding
+# the default with environment variables TMPDIR/TMP/TEMP possible
+User clamav
+# AllowSupplementaryGroups true
+ScanMail true
+ScanArchive true
+ArchiveBlockEncrypted false
+MaxDirectoryRecursion 15
+FollowDirectorySymlinks false
+FollowFileSymlinks false
+ReadTimeout 180
+MaxThreads 12
+MaxConnectionQueueLength 15
+LogSyslog false
+LogFacility LOG_LOCAL6
+LogClean false
+LogVerbose true
+PidFile /var/run/clamav/clamd.pid
+DatabaseDirectory /var/lib/clamav
+SelfCheck 3600
+Foreground false
+Debug false
+ScanPE true
+ScanOLE2 true
+ScanHTML true
+ExitOnOOM false
+LeaveTemporaryFiles false
+AlgorithmicDetection true
+ScanELF true
+IdleTimeout 30
+PhishingSignatures true
+PhishingScanURLs true
+PhishingAlwaysBlockSSLMismatch false
+PhishingAlwaysBlockCloak false
+DetectPUA false
+ScanPartialMessages false
+HeuristicScanPrecedence false
+StructuredDataDetection false
+CommandReadTimeout 5
+SendBufTimeout 200
+MaxQueue 100
+ExtendedDetectionInfo true
+OLE2BlockMacros false
+StreamMaxLength 25M
+LogFile /var/log/clamav/clamav.log
+LogTime true
+LogFileUnlock false
+LogFileMaxSize 0
+Bytecode true
+BytecodeSecurity TrustSigned
+BytecodeTimeout 60000
+OfficialDatabaseOnly false
+CrossFilesystems true
diff --git a/install/debian/10/deb_signing.key b/install/debian/10/deb_signing.key
new file mode 100644
index 00000000..2ad2db8b
--- /dev/null
+++ b/install/debian/10/deb_signing.key
@@ -0,0 +1,30 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: GnuPG v1.4.12 (GNU/Linux)
+
+mQENBFJIGbEBCAC8SHOOFo7iDTbnC2GhNZ+uBGCh226Dn1QPoFZNFM/DNakHZ6rD
+G3wzr8++eKz4fJual/VLllE2N9XDPuxbozb3LLkcyY1WzJqtIXbXhFGQ/SuIeT+x
+QY90XU6t2Ckze2c+zUniAWmJ8GSyVmXOoc9JxAQ1u47wvGXLzrjWXc8u8PNRYXuf
+fZplTL+dFu9P0d6lP8FGsV+r9wXvvazpRTz3+H8PKrGCYT55ZQIEdG9Jgamylto2
+oVPFXkwGML+TLw6oeCIBuz2y2vtivphW4MJ3ifQjDj7k3n+DTIxfDFs8lB6VRhhY
+2nMHCrcZC6U2mhmXmr6O4s1fu6irBVx05ejPABEBAAG0IFNlcmdoZXkgUm9kaW4g
+PHNraWRAdmVzdGFjcC5jb20+iQE4BBMBAgAiBQJSSBmxAhsDBgsJCAcDAgYVCAIJ
+CgsEFgIDAQIeAQIXgAAKCRBCxbITCh93FPdqB/93GjV9g+wBfeZYLHQK9MDU2wBb
+VloYOJJae6IvYKYQVAJayD3PbHdpxrF8s9e23vdnmb9jKu6jX6oV54EIyqP2HPiN
+QYc8wcea+eSHerznBixCtoQh8mtdWGFeN71zU/ig7L5qlOVF/EmxDVZTFUeivFxh
+IV6qyBnktQKktE45585yKZyyLtfGoXA54DGK69OtJFh+wdkKEMmUXocMl7wUrxW6
+Cx2CuKeEXEgvwu8mRHQi3S3T9XP456qWEn5dWyMVcP660IzEuZfSJApZusNK7zG3
+WMy0/EuX7xHNY3mcNxTOUN1LsO7iHnhHD9+iKWJo9parGkMZzc92MpjDK/g7uQEN
+BFJIGbEBCAC7k5QEA9WQM7E3ceNaeLMrA9lXfuzaNCcySq7ONdVAa5PxzbSKdHvz
+QFoL1VFqBTYQ038lbil1XqnoM0zvIfAI3LcpS8sq92El/vPxp6jZh2Ari9Uw7x95
+k2cZMgI67g+zQMGdjVRA155nFQRCgg000xU4F7JA6+WsuLlVUmccsDv7YWJExMtC
+YPxiuz5DFu8RALnw4Ckts+dbwsrcvUHhkm9b6RAsdCKjjRpUZjLgdltjH83gUVvt
+i1YmdjjsVpt95dtsaG+ad852g/Rk8EdxNMkjPF6HLA67CLADP9wYaj80yPcPtylS
+ycvPtcclVeHkFBRVM8xZpQd4iD19MWI1ABEBAAGJAR8EGAECAAkFAlJIGbECGwwA
+CgkQQsWyEwofdxQ7tQgAhB0FwTs7L8Qr63DHC2yAnXVxgtTAY1/36CccNXVculyR
++EkLcwahms9AKhz7eQb+Mud+5vH0GRohLp2npgO38CjVUfIP5d+Y6dsthmrkF6p8
+XdV1dVK9vWX+i/YZSw/Mded30Cq4P2Yhq9EaemMT0rtli8lz2NnkZ9dFJZk1lzJC
+CZmRpbjSNWqRU4f7qyh21lYk/OC/0XE8fh8CaO23TZ+6gBionoCztwb7NyC9OArN
+qYlNnbmh9iNqdblykPS3bkjf34n2xyMgnIehNrM89tk8PY4UfNPhgT1TMD9W3Svq
+ynNZvLuF/FIDwDeC1qcfjGbfDn9fXO/lMIIRooQYKQ==
+=J2HJ
+-----END PGP PUBLIC KEY BLOCK-----
diff --git a/install/debian/10/dovecot/conf.d/10-auth.conf b/install/debian/10/dovecot/conf.d/10-auth.conf
new file mode 100644
index 00000000..dfcc8311
--- /dev/null
+++ b/install/debian/10/dovecot/conf.d/10-auth.conf
@@ -0,0 +1,4 @@
+disable_plaintext_auth = no
+auth_verbose = yes
+auth_mechanisms = plain login
+!include auth-passwdfile.conf.ext
diff --git a/install/debian/10/dovecot/conf.d/10-logging.conf b/install/debian/10/dovecot/conf.d/10-logging.conf
new file mode 100644
index 00000000..a5f207d5
--- /dev/null
+++ b/install/debian/10/dovecot/conf.d/10-logging.conf
@@ -0,0 +1 @@
+log_path = /var/log/dovecot.log
diff --git a/install/debian/10/dovecot/conf.d/10-mail.conf b/install/debian/10/dovecot/conf.d/10-mail.conf
new file mode 100644
index 00000000..55313419
--- /dev/null
+++ b/install/debian/10/dovecot/conf.d/10-mail.conf
@@ -0,0 +1,4 @@
+mail_privileged_group = mail
+mail_access_groups = mail
+mail_location = maildir:%h/mail/%d/%n
+pop3_uidl_format = %08Xu%08Xv
diff --git a/install/debian/10/dovecot/conf.d/10-master.conf b/install/debian/10/dovecot/conf.d/10-master.conf
new file mode 100644
index 00000000..a75a9aaa
--- /dev/null
+++ b/install/debian/10/dovecot/conf.d/10-master.conf
@@ -0,0 +1,29 @@
+service imap-login {
+  inet_listener imap {
+  }
+  inet_listener imaps {
+  }
+}
+
+service pop3-login {
+  inet_listener pop3 {
+  }
+  inet_listener pop3s {
+  }
+}
+
+
+service imap {
+}
+
+service pop3 {
+}
+
+service auth {
+  unix_listener auth-client {
+    group = mail
+    mode = 0660
+    user = dovecot
+  }
+  user = dovecot
+}
diff --git a/install/debian/10/dovecot/conf.d/10-ssl.conf b/install/debian/10/dovecot/conf.d/10-ssl.conf
new file mode 100644
index 00000000..3aaff6ee
--- /dev/null
+++ b/install/debian/10/dovecot/conf.d/10-ssl.conf
@@ -0,0 +1,3 @@
+ssl = yes
+ssl_cert = = 2.1.4)    : %v.%u
+  #  Dovecot v0.99.x     : %v.%u
+  #  tpop3d              : %Mf
+  #
+  # Note that Outlook 2003 seems to have problems with %v.%u format which was
+  # Dovecot's default, so if you're building a new server it would be a good
+  # idea to change this. %08Xu%08Xv should be pretty fail-safe.
+  #
+  #pop3_uidl_format = %08Xu%08Xv
+
+  # Permanently save UIDLs sent to POP3 clients, so pop3_uidl_format changes
+  # won't change those UIDLs. Currently this works only with Maildir.
+  #pop3_save_uidl = no
+
+  # What to do about duplicate UIDLs if they exist?
+  #   allow: Show duplicates to clients.
+  #   rename: Append a temporary -2, -3, etc. counter after the UIDL.
+  #pop3_uidl_duplicates = allow
+
+  # POP3 logout format string:
+  #  %i - total number of bytes read from client
+  #  %o - total number of bytes sent to client
+  #  %t - number of TOP commands
+  #  %p - number of bytes sent to client as a result of TOP command
+  #  %r - number of RETR commands
+  #  %b - number of bytes sent to client as a result of RETR command
+  #  %d - number of deleted messages
+  #  %m - number of messages (before deletion)
+  #  %s - mailbox size in bytes (before deletion)
+  #  %u - old/new UIDL hash. may help finding out if UIDLs changed unexpectedly
+  #pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s
+
+  # Maximum number of POP3 connections allowed for a user from each IP address.
+  # NOTE: The username is compared case-sensitively.
+  #mail_max_userip_connections = 10
+
+  # Space separated list of plugins to load (default is global mail_plugins).
+  #mail_plugins = $mail_plugins
+
+  # Workarounds for various client bugs:
+  #   outlook-no-nuls:
+  #     Outlook and Outlook Express hang if mails contain NUL characters.
+  #     This setting replaces them with 0x80 character.
+  #   oe-ns-eoh:
+  #     Outlook Express and Netscape Mail breaks if end of headers-line is
+  #     missing. This option simply sends it if it's missing.
+  # The list is space-separated.
+  #pop3_client_workarounds = 
+}
diff --git a/install/debian/10/dovecot/conf.d/auth-passwdfile.conf.ext b/install/debian/10/dovecot/conf.d/auth-passwdfile.conf.ext
new file mode 100644
index 00000000..75e6e115
--- /dev/null
+++ b/install/debian/10/dovecot/conf.d/auth-passwdfile.conf.ext
@@ -0,0 +1,9 @@
+passdb {
+  driver = passwd-file
+  args = scheme=MD5-CRYPT username_format=%n /etc/exim4/domains/%d/passwd
+}
+
+userdb {
+  driver = passwd-file
+  args = username_format=%n /etc/exim4/domains/%d/passwd
+}
diff --git a/install/debian/10/dovecot/dovecot.conf b/install/debian/10/dovecot/dovecot.conf
new file mode 100644
index 00000000..0a855351
--- /dev/null
+++ b/install/debian/10/dovecot/dovecot.conf
@@ -0,0 +1,4 @@
+protocols = imap pop3
+listen = *, ::
+base_dir = /var/run/dovecot/
+!include conf.d/*.conf
diff --git a/install/debian/10/exim/dnsbl.conf b/install/debian/10/exim/dnsbl.conf
new file mode 100644
index 00000000..5166b255
--- /dev/null
+++ b/install/debian/10/exim/dnsbl.conf
@@ -0,0 +1,2 @@
+bl.spamcop.net
+zen.spamhaus.org
diff --git a/install/debian/10/exim/exim4.conf.template b/install/debian/10/exim/exim4.conf.template
new file mode 100644
index 00000000..bfb98e0b
--- /dev/null
+++ b/install/debian/10/exim/exim4.conf.template
@@ -0,0 +1,382 @@
+######################################################################
+#                                                                    #
+#          Exim configuration file for Vesta Control Panel           #
+#                                                                    #
+######################################################################
+
+#SPAMASSASSIN = yes
+#SPAM_SCORE = 50
+#CLAMD =  yes
+
+disable_ipv6=true
+add_environment=<; PATH=/bin:/usr/bin
+keep_environment=
+
+domainlist local_domains = dsearch;/etc/exim4/domains/
+domainlist relay_to_domains = dsearch;/etc/exim4/domains/
+hostlist relay_from_hosts = 127.0.0.1
+hostlist whitelist = net-iplsearch;/etc/exim4/white-blocks.conf
+hostlist spammers = net-iplsearch;/etc/exim4/spam-blocks.conf
+no_local_from_check
+untrusted_set_sender = *
+acl_smtp_connect = acl_check_spammers
+acl_smtp_mail = acl_check_mail
+acl_smtp_rcpt = acl_check_rcpt
+acl_smtp_data = acl_check_data
+acl_smtp_mime = acl_check_mime
+
+.ifdef SPAMASSASSIN
+spamd_address = 127.0.0.1 783
+.endif
+
+.ifdef CLAMD
+av_scanner = clamd: /var/run/clamav/clamd.ctl
+.endif
+
+tls_advertise_hosts = *
+tls_certificate = /usr/local/vesta/ssl/certificate.crt
+tls_privatekey = /usr/local/vesta/ssl/certificate.key
+
+daemon_smtp_ports = 25 : 465 : 587 : 2525
+tls_on_connect_ports = 465
+never_users = root
+host_lookup = *
+rfc1413_hosts = *
+rfc1413_query_timeout = 5s
+ignore_bounce_errors_after = 2d
+timeout_frozen_after = 7d
+
+DKIM_DOMAIN = ${lc:${domain:$h_from:}}
+DKIM_FILE = /etc/exim4/domains/${lc:${domain:$h_from:}}/dkim.pem
+DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}
+
+
+
+######################################################################
+#                       ACL CONFIGURATION                            #
+#         Specifies access control lists for incoming SMTP mail      #
+######################################################################
+begin acl
+
+acl_check_spammers:
+  accept  hosts         = +whitelist
+
+  drop    message       = Your host in blacklist on this server.
+          log_message   = Host in blacklist
+          hosts         = +spammers
+
+  accept
+
+
+acl_check_mail:
+  deny    condition     = ${if eq{$sender_helo_name}{}}
+          message       = HELO required before MAIL
+
+  drop    message       = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid
+          condition     = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}}
+          condition     = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}}
+          delay         = 45s
+
+  drop    condition     = ${if isip{$sender_helo_name}}
+          message       = Access denied - Invalid HELO name (See RFC2821 4.1.3)
+
+  drop    condition     = ${if eq{[$interface_address]}{$sender_helo_name}}
+          message       = $interface_address is _my_ address
+
+  accept
+
+
+acl_check_rcpt:
+  accept  hosts         = :
+
+  deny    message       = Restricted characters in address
+          domains       = +local_domains
+          local_parts   = ^[.] : ^.*[@%!/|]
+
+  deny    message       = Restricted characters in address
+          domains       = !+local_domains
+          local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
+
+  require verify        = sender
+
+  accept  hosts         = +relay_from_hosts
+          control       = submission
+
+  accept  authenticated = *
+          control       = submission/domain=
+
+  deny    message       = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
+          hosts         = !+whitelist
+          dnslists      = ${readfile {/etc/exim4/dnsbl.conf}{:}}
+
+  require message       = relay not permitted
+          domains       = +local_domains : +relay_to_domains
+
+  deny    message       = smtp auth requried
+         sender_domains = +local_domains
+         !authenticated = *
+
+  require verify        = recipient
+
+.ifdef CLAMD
+  warn    set acl_m0    = no
+
+  warn    condition     = ${if exists {/etc/exim4/domains/$domain/antivirus}{yes}{no}}
+          set acl_m0    = yes
+.endif
+
+.ifdef SPAMASSASSIN
+  warn    set acl_m1    = no
+
+  warn    condition     = ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}}
+          set acl_m1    = yes
+.endif
+
+  accept
+
+
+acl_check_data:
+.ifdef CLAMD
+  deny   message        = Message contains a virus ($malware_name) and has been rejected
+         malware        = *
+         condition      = ${if eq{$acl_m0}{yes}{yes}{no}}
+.endif
+
+.ifdef SPAMASSASSIN
+  warn   !authenticated = *
+         hosts          = !+relay_from_hosts
+         condition      = ${if < {$message_size}{100K}}
+         condition      = ${if eq{$acl_m1}{yes}{yes}{no}}
+         spam           = nobody:true/defer_ok
+         add_header     = X-Spam-Score: $spam_score_int
+         add_header     = X-Spam-Bar: $spam_bar
+         add_header     = X-Spam-Report: $spam_report
+         set acl_m2     = $spam_score_int
+
+  warn   condition      = ${if !eq{$acl_m2}{} {yes}{no}}
+         condition      = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}}
+         add_header     = X-Spam-Status: Yes
+         message        = SpamAssassin detected spam (from $sender_address to $recipients).
+.endif
+
+  accept
+
+
+acl_check_mime:
+  deny   message        = Blacklisted file extension detected
+         condition      = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}}
+
+  accept
+
+
+
+######################################################################
+#                   AUTHENTICATION CONFIGURATION                     #
+######################################################################
+begin authenticators
+
+dovecot_plain:
+  driver = dovecot
+  public_name = PLAIN
+  server_socket = /var/run/dovecot/auth-client
+  server_set_id = $auth1
+
+dovecot_login:
+  driver = dovecot
+  public_name = LOGIN
+  server_socket = /var/run/dovecot/auth-client
+  server_set_id = $auth1
+
+
+
+######################################################################
+#                      ROUTERS CONFIGURATION                         #
+#               Specifies how addresses are handled                  #
+######################################################################
+begin routers
+
+#smarthost:
+#  driver = manualroute
+#  domains = ! +local_domains
+#  transport = remote_smtp
+#  route_list = * smartrelay.vestacp.com
+#  no_more
+#  no_verify
+
+dnslookup:
+  driver = dnslookup
+  domains = !+local_domains
+  transport = remote_smtp
+  no_more
+
+userforward:
+  driver = redirect
+  check_local_user
+  file = $home/.forward
+  allow_filter
+  no_verify
+  no_expn
+  check_ancestor
+  file_transport = address_file
+  pipe_transport = address_pipe
+  reply_transport = address_reply
+
+procmail:
+  driver = accept
+  check_local_user
+  require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail
+  transport = procmail
+  no_verify
+
+autoreplay:
+  driver = accept
+  require_files = /etc/exim4/domains/$domain/autoreply.${local_part}.msg
+  condition = ${if exists{/etc/exim4/domains/$domain/autoreply.${local_part}.msg}{yes}{no}}
+  retry_use_local_part
+  transport = userautoreply
+  unseen
+
+aliases:
+  driver = redirect
+  headers_add = X-redirected: yes
+  data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}}
+  require_files = /etc/exim4/domains/$domain/aliases
+  redirect_router = dnslookup
+  pipe_transport = address_pipe
+  unseen
+
+localuser_fwd_only:
+  driver = accept
+  transport = devnull
+  condition = ${if exists{/etc/exim4/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/fwd_only}{true}{false}}}}
+
+localuser_spam:
+  driver = accept
+  transport = local_spam_delivery
+  condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{yes}{no_such_user}}}}
+
+localuser:
+  driver = accept
+  transport = local_delivery
+  condition = ${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{true}{false}}
+
+catchall:
+  driver = redirect
+  headers_add = X-redirected: yes
+  require_files = /etc/exim4/domains/$domain/aliases
+  data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}}
+  file_transport = local_delivery
+  redirect_router = dnslookup
+
+terminate_alias:
+  driver = accept
+  transport = devnull
+  condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}{true}{false}}
+
+
+
+######################################################################
+#                      TRANSPORTS CONFIGURATION                      #
+######################################################################
+begin transports
+
+remote_smtp:
+  driver = smtp
+  #helo_data = $sender_address_domain
+  dkim_domain = DKIM_DOMAIN
+  dkim_selector = mail
+  dkim_private_key = DKIM_PRIVATE_KEY
+  dkim_canon = relaxed
+  dkim_strict = 0
+
+procmail:
+  driver = pipe
+  command = "/usr/bin/procmail -d $local_part"
+  return_path_add
+  delivery_date_add
+  envelope_to_add
+  user = $local_part
+  initgroups
+  return_output
+
+local_delivery:
+  driver = appendfile
+  maildir_format
+  maildir_use_size_file
+  user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}
+  group = mail
+  create_directory
+  directory_mode = 770
+  mode = 660
+  use_lockfile = no
+  delivery_date_add
+  envelope_to_add
+  return_path_add
+  directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part"
+  quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M
+  quota_warn_threshold = 75%
+
+local_spam_delivery:
+  driver = appendfile
+  maildir_format
+  maildir_use_size_file
+  user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}
+  group = mail
+  create_directory
+  directory_mode = 770
+  mode = 660
+  use_lockfile = no
+  delivery_date_add
+  envelope_to_add
+  return_path_add
+  directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam"
+  quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M
+  quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part"
+  quota_warn_threshold = 75%
+
+address_pipe:
+  driver = pipe
+  return_output
+
+address_file:
+  driver = appendfile
+  delivery_date_add
+  envelope_to_add
+  return_path_add
+
+address_reply:
+  driver = autoreply
+
+userautoreply:
+  driver = autoreply
+  file = /etc/exim4/domains/$domain/autoreply.${local_part}.msg
+  from = "${local_part}@${domain}"
+  headers = Content-Type: text/plain; charset=utf-8;\nContent-Transfer-Encoding: 8bit
+  subject = "${if def:h_Subject: {Autoreply: \"${rfc2047:$h_Subject:}\"} {Autoreply Message}}"
+  to = "${sender_address}"
+
+devnull:
+  driver = appendfile
+  file = /dev/null
+
+
+
+######################################################################
+#                      RETRY CONFIGURATION                           #
+######################################################################
+begin retry
+
+# Address or Domain    Error       Retries
+# -----------------    -----       -------
+*                      *           F,2h,15m; G,16h,1h,1.5; F,4d,6h
+
+
+
+######################################################################
+#                      REWRITE CONFIGURATION                         #
+######################################################################
+begin rewrite
+
+
+
+######################################################################
diff --git a/install/debian/10/exim/spam-blocks.conf b/install/debian/10/exim/spam-blocks.conf
new file mode 100644
index 00000000..e69de29b
diff --git a/install/debian/10/fail2ban/action.d/vesta.conf b/install/debian/10/fail2ban/action.d/vesta.conf
new file mode 100644
index 00000000..0edfc349
--- /dev/null
+++ b/install/debian/10/fail2ban/action.d/vesta.conf
@@ -0,0 +1,9 @@
+# Fail2Ban configuration file for vesta
+
+[Definition]
+
+actionstart = /usr/local/vesta/bin/v-add-firewall-chain 
+actionstop = /usr/local/vesta/bin/v-delete-firewall-chain 
+actioncheck = iptables -n -L INPUT | grep -q 'fail2ban-[ \t]'
+actionban = /usr/local/vesta/bin/v-add-firewall-ban  
+actionunban = /usr/local/vesta/bin/v-delete-firewall-ban  
diff --git a/install/debian/10/fail2ban/filter.d/vesta.conf b/install/debian/10/fail2ban/filter.d/vesta.conf
new file mode 100644
index 00000000..36ec1001
--- /dev/null
+++ b/install/debian/10/fail2ban/filter.d/vesta.conf
@@ -0,0 +1,10 @@
+# Fail2Ban filter for unsuccessful Vesta authentication attempts
+#
+
+[INCLUDES]
+before = common.conf
+
+[Definition]
+failregex =  .*  failed to login
+ignoreregex =
+
diff --git a/install/debian/10/fail2ban/jail.local b/install/debian/10/fail2ban/jail.local
new file mode 100644
index 00000000..eccea068
--- /dev/null
+++ b/install/debian/10/fail2ban/jail.local
@@ -0,0 +1,39 @@
+[ssh-iptables]
+enabled  = true
+filter   = sshd
+action   = vesta[name=SSH]
+logpath  = /var/log/auth.log
+maxretry = 5
+
+[vsftpd-iptables]
+enabled  = false
+filter   = vsftpd
+action   = vesta[name=FTP]
+logpath  = /var/log/vsftpd.log
+maxretry = 5
+
+[exim-iptables]
+enabled = true
+filter  = exim
+action  = vesta[name=MAIL]
+logpath = /var/log/exim4/mainlog
+
+[dovecot-iptables]
+enabled = true
+filter  = dovecot
+action  = vesta[name=MAIL]
+logpath = /var/log/dovecot.log
+
+[mysqld-iptables]
+enabled  = false
+filter   = mysqld-auth
+action   = vesta[name=DB]
+logpath  = /var/log/mysql.log
+maxretry = 5
+
+[vesta-iptables]
+enabled = true
+filter  = vesta
+action  = vesta[name=VESTA]
+logpath = /var/log/vesta/auth.log
+maxretry = 5
diff --git a/install/debian/10/firewall/ports.conf b/install/debian/10/firewall/ports.conf
new file mode 100644
index 00000000..b730d012
--- /dev/null
+++ b/install/debian/10/firewall/ports.conf
@@ -0,0 +1,17 @@
+PROTOCOL='TCP' PORT='20'
+PROTOCOL='TCP' PORT='21'
+PROTOCOL='TCP' PORT='22'
+PROTOCOL='TCP' PORT='25'
+PROTOCOL='TCP' PORT='53'
+PROTOCOL='UDP' PORT='53'
+PROTOCOL='TCP' PORT='80'
+PROTOCOL='TCP' PORT='443'
+PROTOCOL='TCP' PORT='110'
+PROTOCOL='UDP' PORT='123'
+PROTOCOL='TCP' PORT='143'
+PROTOCOL='TCP' PORT='3306'
+PROTOCOL='TCP' PORT='5432'
+PROTOCOL='TCP' PORT='8080'
+PROTOCOL='TCP' PORT='8433'
+PROTOCOL='TCP' PORT='8083'
+PROTOCOL='TCP' PORT='12000:12100'
diff --git a/install/debian/10/firewall/rules.conf b/install/debian/10/firewall/rules.conf
new file mode 100644
index 00000000..fba98e1e
--- /dev/null
+++ b/install/debian/10/firewall/rules.conf
@@ -0,0 +1,11 @@
+RULE='1' ACTION='ACCEPT' PROTOCOL='ICMP' PORT='0' IP='0.0.0.0/0' COMMENT='PING' SUSPENDED='no' TIME='17:13:48' DATE='2014-09-16'
+RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='0.0.0.0/0' COMMENT='VESTA' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='7' ACTION='ACCEPT' PROTOCOL='TCP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='8' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP='0.0.0.0/0' COMMENT='FTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='17:04:27' DATE='2014-09-24'
+RULE='11' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='0.0.0.0/0' COMMENT='SSH' SUSPENDED='no' TIME='17:14:41' DATE='2014-09-16'
diff --git a/install/debian/10/logrotate/apache2 b/install/debian/10/logrotate/apache2
new file mode 100644
index 00000000..27629d0d
--- /dev/null
+++ b/install/debian/10/logrotate/apache2
@@ -0,0 +1,19 @@
+/var/log/apache2/*.log /var/log/apache2/domains/*log {
+        weekly
+        missingok
+        rotate 52
+        compress
+        delaycompress
+        notifempty
+        create 640 root adm
+        sharedscripts
+        postrotate
+                /etc/init.d/apache2 reload > /dev/null || true
+                [ ! -f /var/run/nginx.pid ] || kill -USR1 `cat /var/run/nginx.pid`
+        endscript
+        prerotate
+                if [ -d /etc/logrotate.d/httpd-prerotate ]; then \
+                        run-parts /etc/logrotate.d/httpd-prerotate; \
+                fi; \
+        endscript
+}
diff --git a/install/debian/10/logrotate/dovecot b/install/debian/10/logrotate/dovecot
new file mode 100644
index 00000000..ac4fd6e9
--- /dev/null
+++ b/install/debian/10/logrotate/dovecot
@@ -0,0 +1,12 @@
+/var/log/dovecot*.log {
+  weekly
+  rotate 4
+  missingok
+  notifempty
+  compress
+  delaycompress
+  sharedscripts
+  postrotate
+    doveadm log reopen
+  endscript
+}
diff --git a/install/debian/10/logrotate/nginx b/install/debian/10/logrotate/nginx
new file mode 100644
index 00000000..d667f213
--- /dev/null
+++ b/install/debian/10/logrotate/nginx
@@ -0,0 +1,13 @@
+/var/log/nginx/*log /var/log/nginx/domains/*log {
+        daily
+        missingok
+        rotate 52
+        compress
+        delaycompress
+        notifempty
+        create 640 nginx adm
+        sharedscripts
+        postrotate
+                [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid`
+        endscript
+}
diff --git a/install/debian/10/logrotate/vesta b/install/debian/10/logrotate/vesta
new file mode 100644
index 00000000..027a3439
--- /dev/null
+++ b/install/debian/10/logrotate/vesta
@@ -0,0 +1,7 @@
+/usr/local/vesta/log/*.log {
+    missingok
+    notifempty
+    size 30k
+    yearly
+    create 0600 root root
+}
diff --git a/install/debian/10/mysql/my-large.cnf b/install/debian/10/mysql/my-large.cnf
new file mode 100644
index 00000000..d0bab390
--- /dev/null
+++ b/install/debian/10/mysql/my-large.cnf
@@ -0,0 +1,42 @@
+[client]
+port=3306
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld_safe]
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld]
+user=mysql
+pid-file=/var/run/mysqld/mysqld.pid
+socket=/var/run/mysqld/mysqld.sock
+port=3306
+basedir=/usr
+datadir=/var/lib/mysql
+tmpdir=/tmp
+lc-messages-dir=/usr/share/mysql
+log_error=/var/log/mysql/error.log
+
+symbolic-links=0
+
+skip-external-locking
+key_buffer_size = 256M
+max_allowed_packet = 32M
+table_open_cache = 256
+sort_buffer_size = 1M
+read_buffer_size = 1M
+read_rnd_buffer_size = 4M
+myisam_sort_buffer_size = 64M
+thread_cache_size = 8
+query_cache_size= 16M
+thread_concurrency = 8
+
+#innodb_use_native_aio = 0
+innodb_file_per_table
+
+max_connections=200
+max_user_connections=50
+wait_timeout=10
+interactive_timeout=50
+long_query_time=5
+
+!includedir /etc/mysql/conf.d/
diff --git a/install/debian/10/mysql/my-medium.cnf b/install/debian/10/mysql/my-medium.cnf
new file mode 100644
index 00000000..1c10ab9a
--- /dev/null
+++ b/install/debian/10/mysql/my-medium.cnf
@@ -0,0 +1,40 @@
+[client]
+port=3306
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld_safe]
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld]
+user=mysql
+pid-file=/var/run/mysqld/mysqld.pid
+socket=/var/run/mysqld/mysqld.sock
+port=3306
+basedir=/usr
+datadir=/var/lib/mysql
+tmpdir=/tmp
+lc-messages-dir=/usr/share/mysql
+log_error=/var/log/mysql/error.log
+
+symbolic-links=0
+  
+skip-external-locking
+key_buffer_size = 16M
+max_allowed_packet = 16M
+table_open_cache = 64
+sort_buffer_size = 512K
+net_buffer_length = 8K
+read_buffer_size = 256K
+read_rnd_buffer_size = 512K
+myisam_sort_buffer_size = 8M
+
+#innodb_use_native_aio = 0
+innodb_file_per_table
+
+max_connections=70
+max_user_connections=30
+wait_timeout=10
+interactive_timeout=50
+long_query_time=5
+
+!includedir /etc/mysql/conf.d/
diff --git a/install/debian/10/mysql/my-small.cnf b/install/debian/10/mysql/my-small.cnf
new file mode 100644
index 00000000..26a80478
--- /dev/null
+++ b/install/debian/10/mysql/my-small.cnf
@@ -0,0 +1,40 @@
+[client]
+port=3306
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld_safe]
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld]
+user=mysql
+pid-file=/var/run/mysqld/mysqld.pid
+socket=/var/run/mysqld/mysqld.sock
+port=3306
+basedir=/usr
+datadir=/var/lib/mysql
+tmpdir=/tmp
+lc-messages-dir=/usr/share/mysql
+log_error=/var/log/mysql/error.log
+
+symbolic-links=0
+
+skip-external-locking
+key_buffer_size = 16K
+max_allowed_packet = 1M
+table_open_cache = 4
+sort_buffer_size = 64K
+read_buffer_size = 256K
+read_rnd_buffer_size = 256K
+net_buffer_length = 2K
+thread_stack = 240K
+
+#innodb_use_native_aio = 0
+innodb_file_per_table
+
+max_connections=30
+max_user_connections=20
+wait_timeout=10
+interactive_timeout=50
+long_query_time=5
+
+!includedir /etc/mysql/conf.d/
diff --git a/install/debian/10/nginx/nginx.conf b/install/debian/10/nginx/nginx.conf
new file mode 100644
index 00000000..1eef1672
--- /dev/null
+++ b/install/debian/10/nginx/nginx.conf
@@ -0,0 +1,137 @@
+# Server globals
+user                    www-data;
+worker_processes        auto;
+worker_rlimit_nofile    65535;
+timer_resolution         50ms; #In order to free some CPU cycles
+error_log               /var/log/nginx/error.log crit;
+pid                     /var/run/nginx.pid;
+
+
+# Worker config
+events {
+        worker_connections  1024;
+        use                 epoll;
+        multi_accept        on;
+}
+
+
+http {
+    # Main settings
+    sendfile                        on;
+    tcp_nopush                      on;
+    tcp_nodelay                     on;
+    client_header_timeout           1m;
+    client_body_timeout             1m;
+    client_header_buffer_size       2k;
+    client_body_buffer_size         256k;
+    client_max_body_size            256m;
+    large_client_header_buffers     4   8k;
+    send_timeout                    30;
+    keepalive_timeout               60 60;
+    reset_timedout_connection       on;
+    server_tokens                   off;
+    server_name_in_redirect         off;
+    server_names_hash_max_size      512;
+    server_names_hash_bucket_size   512;
+
+
+    # Log format
+    log_format  main    '$remote_addr - $remote_user [$time_local] $request '
+                        '"$status" $body_bytes_sent "$http_referer" '
+                        '"$http_user_agent" "$http_x_forwarded_for"';
+    log_format  bytes   '$body_bytes_sent';
+    #access_log          /var/log/nginx/access.log main;
+    access_log off;
+
+
+    # Mime settings
+    include             /etc/nginx/mime.types;
+    default_type        application/octet-stream;
+
+
+    # Compression
+    gzip                on;
+    gzip_comp_level     9;
+    gzip_min_length     512;
+    gzip_buffers        8 64k;
+    gzip_types          text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype;
+    gzip_proxied        any;
+    gzip_disable        "MSIE [1-6]\.";
+
+    # Proxy settings
+    proxy_redirect      off;
+    proxy_set_header    Host            $host;
+    proxy_set_header    X-Real-IP       $remote_addr;
+    proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_pass_header   Set-Cookie;
+    proxy_connect_timeout   90;
+    proxy_send_timeout  90;
+    proxy_read_timeout  90;
+    proxy_buffers       32 4k;
+
+
+    # Cloudflare https://www.cloudflare.com/ips
+    set_real_ip_from 103.21.244.0/22;
+    set_real_ip_from 103.22.200.0/22;
+    set_real_ip_from 103.31.4.0/22;
+    set_real_ip_from 104.16.0.0/12;
+    set_real_ip_from 108.162.192.0/18;
+    set_real_ip_from 131.0.72.0/22;
+    set_real_ip_from 141.101.64.0/18;
+    set_real_ip_from 162.158.0.0/15;
+    set_real_ip_from 172.64.0.0/13;
+    set_real_ip_from 173.245.48.0/20;
+    set_real_ip_from 188.114.96.0/20;
+    set_real_ip_from 190.93.240.0/20;
+    set_real_ip_from 197.234.240.0/22;
+    set_real_ip_from 198.41.128.0/17;
+    set_real_ip_from 2400:cb00::/32;
+    set_real_ip_from 2606:4700::/32;
+    set_real_ip_from 2803:f800::/32;
+    set_real_ip_from 2405:b500::/32;
+    set_real_ip_from 2405:8100::/32;
+    set_real_ip_from 2c0f:f248::/32;
+    set_real_ip_from 2a06:98c0::/29;
+    real_ip_header     CF-Connecting-IP;
+
+
+    # SSL PCI Compliance
+    ssl_session_cache   shared:SSL:10m;
+    ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
+    ssl_prefer_server_ciphers on;
+    ssl_ciphers        "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
+
+
+    # Error pages
+    error_page          403          /error/403.html;
+    error_page          404          /error/404.html;
+    error_page          502 503 504  /error/50x.html;
+
+
+    # Cache settings
+    proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m;
+    proxy_cache_key "$host$request_uri $cookie_user";
+    proxy_temp_path  /var/cache/nginx/temp;
+    proxy_ignore_headers Expires Cache-Control;
+    proxy_cache_use_stale error timeout invalid_header http_502;
+    proxy_cache_valid any 1d;
+
+
+    # Cache bypass
+    map $http_cookie $no_cache {
+        default 0;
+        ~SESS 1;
+        ~wordpress_logged_in 1;
+    }
+
+
+    # File cache settings
+    open_file_cache          max=10000 inactive=30s;
+    open_file_cache_valid    60s;
+    open_file_cache_min_uses 2;
+    open_file_cache_errors   off;
+
+
+    # Wildcard include
+    include             /etc/nginx/conf.d/*.conf;
+}
diff --git a/install/debian/10/nginx/phpmyadmin.inc b/install/debian/10/nginx/phpmyadmin.inc
new file mode 100644
index 00000000..1feb8546
--- /dev/null
+++ b/install/debian/10/nginx/phpmyadmin.inc
@@ -0,0 +1,18 @@
+location /phpmyadmin {
+    alias /usr/share/phpmyadmin/;
+
+    location ~ /(libraries|setup) {
+        return 404;
+    }
+
+    location ~ ^/phpmyadmin/(.*\.php)$ {
+        alias /usr/share/phpmyadmin/$1;
+        fastcgi_pass 127.0.0.1:9000;
+        fastcgi_index index.php;
+        include fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME $request_filename;
+    }
+    location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
+        root /usr/share/;
+    }
+}
diff --git a/install/debian/10/nginx/phppgadmin.inc b/install/debian/10/nginx/phppgadmin.inc
new file mode 100644
index 00000000..cd1e5806
--- /dev/null
+++ b/install/debian/10/nginx/phppgadmin.inc
@@ -0,0 +1,11 @@
+location /phppgadmin {
+    alias /usr/share/phppgadmin/;
+
+    location ~ ^/phppgadmin/(.*\.php)$ {
+        alias /usr/share/phppgadmin/$1;
+        fastcgi_pass 127.0.0.1:9000;
+        fastcgi_index index.php;
+        include fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME $request_filename;
+    }
+}
diff --git a/install/debian/10/nginx/status.conf b/install/debian/10/nginx/status.conf
new file mode 100644
index 00000000..c0bcd069
--- /dev/null
+++ b/install/debian/10/nginx/status.conf
@@ -0,0 +1,9 @@
+server {
+    listen       127.0.0.1:8084 default;
+    server_name  _;
+    server_name_in_redirect  off;
+    location / {
+        stub_status on;
+        access_log   off;
+   }
+}
diff --git a/install/debian/10/nginx/webmail.inc b/install/debian/10/nginx/webmail.inc
new file mode 100644
index 00000000..ad66895b
--- /dev/null
+++ b/install/debian/10/nginx/webmail.inc
@@ -0,0 +1,15 @@
+location /webmail {
+    alias /var/lib/roundcube/;
+
+    location ~ /(config|temp|logs) {
+        return 404;
+    }
+
+    location ~ ^/webmail/(.*\.php)$ {
+        alias /var/lib/roundcube/$1;
+        fastcgi_pass 127.0.0.1:9000;
+        fastcgi_index index.php;
+        include fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME $request_filename;
+    }
+}
diff --git a/install/debian/10/packages/default.pkg b/install/debian/10/packages/default.pkg
new file mode 100644
index 00000000..de293236
--- /dev/null
+++ b/install/debian/10/packages/default.pkg
@@ -0,0 +1,18 @@
+WEB_TEMPLATE='PHP-FPM-73'
+PROXY_TEMPLATE='hosting'
+DNS_TEMPLATE='default'
+WEB_DOMAINS='unlimited'
+WEB_ALIASES='unlimited'
+DNS_DOMAINS='unlimited'
+DNS_RECORDS='unlimited'
+MAIL_DOMAINS='unlimited'
+MAIL_ACCOUNTS='unlimited'
+DATABASES='unlimited'
+CRON_JOBS='unlimited'
+DISK_QUOTA='unlimited'
+BANDWIDTH='unlimited'
+NS='YOURHOSTNAME1,YOURHOSTNAME2'
+SHELL='nologin'
+BACKUPS='2'
+TIME='18:00:00'
+DATE='2017-12-28'
diff --git a/install/debian/10/pga/config.inc.php b/install/debian/10/pga/config.inc.php
new file mode 100644
index 00000000..1eec9776
--- /dev/null
+++ b/install/debian/10/pga/config.inc.php
@@ -0,0 +1,159 @@
+
diff --git a/install/debian/10/pga/phppgadmin.conf b/install/debian/10/pga/phppgadmin.conf
new file mode 100644
index 00000000..f39247d6
--- /dev/null
+++ b/install/debian/10/pga/phppgadmin.conf
@@ -0,0 +1,31 @@
+Alias /phppgadmin /usr/share/phppgadmin
+
+
+
+DirectoryIndex index.php
+AllowOverride None
+
+order deny,allow
+deny from all
+allow from 127.0.0.0/255.0.0.0 ::1/128
+allow from all
+
+
+  php_flag magic_quotes_gpc Off
+  php_flag track_vars On
+  php_value include_path .
+
+
+  
+    
+      AddType application/x-httpd-php .php
+      Action application/x-httpd-php /cgi-bin/php
+    
+    
+      AddType application/x-httpd-php .php
+      Action application/x-httpd-php /cgi-bin/php
+    
+  
+
+
+
diff --git a/install/debian/10/php-fpm/www.conf b/install/debian/10/php-fpm/www.conf
new file mode 100644
index 00000000..3c87f33c
--- /dev/null
+++ b/install/debian/10/php-fpm/www.conf
@@ -0,0 +1,11 @@
+[www]
+listen = 127.0.0.1:9000
+listen.allowed_clients = 127.0.0.1
+
+user = www-data
+group = www-data
+
+pm = ondemand
+pm.max_children = 2
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
diff --git a/install/debian/10/pma/apache.conf b/install/debian/10/pma/apache.conf
new file mode 100644
index 00000000..2a8f69e2
--- /dev/null
+++ b/install/debian/10/pma/apache.conf
@@ -0,0 +1,42 @@
+# phpMyAdmin default Apache configuration
+
+Alias /phpmyadmin /usr/share/phpmyadmin
+
+
+	Options FollowSymLinks
+	DirectoryIndex index.php
+
+	
+		AddType application/x-httpd-php .php
+
+		php_flag magic_quotes_gpc Off
+		php_flag track_vars On
+		php_flag register_globals Off
+		php_admin_flag allow_url_fopen Off
+		php_value include_path .
+		php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
+		php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext
+	
+
+
+
+# Authorize for setup
+
+    
+    AuthType Basic
+    AuthName "phpMyAdmin Setup"
+    AuthUserFile /etc/phpmyadmin/htpasswd.setup
+    
+    Require valid-user
+
+
+# Disallow web access to directories that don't need it
+
+    Order Deny,Allow
+    Deny from All
+
+
+    Order Deny,Allow
+    Deny from All
+
+
diff --git a/install/debian/10/pma/config.inc.php b/install/debian/10/pma/config.inc.php
new file mode 100644
index 00000000..eafc6d67
--- /dev/null
+++ b/install/debian/10/pma/config.inc.php
@@ -0,0 +1,146 @@
+> $pmapath1
+sed -i '/savedsearches/d' $pmapath1
+sed -i '/navigationhiding/d' $pmapath1
+sed -i '/users/d' $pmapath1
+sed -i '/controlpass/d' $pmapath1
+sed -i '/favorite/d' $pmapath1
+sed -i '/usergroups/d' $pmapath1
+sed -i '/central_columns/d' $pmapath1
+sed -i '/designer_settings/d' $pmapath1
+sed -i '/export_templates/d' $pmapath1
+echo "\$cfg['Servers'][\$i]['favorite'] = 'pma__favorite';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['usergroups'] = 'pma__usergroups';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['central_columns'] = 'pma__central_columns';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['designer_settings'] = 'pma__designer_settings';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['export_templates'] = 'pma__export_templates';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['savedsearches'] = 'pma__savedsearches';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['navigationhiding'] = 'pma__navigationhiding';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['users'] = 'pma__users';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['usergroups'] = 'pma__usergroups';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['pmadb'] = 'phpmyadmin';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['controluser'] = 'pma';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['controlpass'] = '$PASS';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['bookmarktable'] = 'pma__bookmark';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['relation'] = 'pma__relation';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['userconfig'] = 'pma__userconfig';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['table_info'] = 'pma__table_info';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['column_info'] = 'pma__column_info';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['history'] = 'pma__history';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['recent'] = 'pma__recent';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['table_uiprefs'] = 'pma__table_uiprefs';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['tracking'] = 'pma__tracking';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['table_coords'] = 'pma__table_coords';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['pdf_pages'] = 'pma__pdf_pages';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['designer_coords'] = 'pma__designer_coords';" >> $pmapath1
+
+sed -i '/pmadb/d' $pmapath2
+sed -i '/controluser/d' $pmapath2
+sed -i '/bookmarktable/d' $pmapath2
+sed -i '/relation/d' $pmapath2
+sed -i '/userconfig/d' $pmapath2
+sed -i '/table_info/d' $pmapath2
+sed -i '/column_info/d' $pmapath2
+sed -i '/history/d' $pmapath2
+sed -i '/recent/d' $pmapath2
+sed -i '/table_uiprefs/d' $pmapath2
+sed -i '/tracking/d' $pmapath2
+sed -i '/table_coords/d' $pmapath2
+sed -i '/pdf_pages/d' $pmapath2
+sed -i '/designer_coords/d' $pmapath2
+sed -i '/controlpass/d' $pmapath2
+sed -i '/savedsearches/d' $pmapath2
+sed -i '/navigationhiding/d' $pmapath2
+sed -i '/users/d' $pmapath2
+sed -i '/controlpass/d' $pmapath2
+sed -i '/favorite/d' $pmapath2
+sed -i '/usergroups/d' $pmapath2
+sed -i '/central_columns/d' $pmapath2
+sed -i '/designer_settings/d' $pmapath2
+sed -i '/export_templates/d' $pmapath2
+echo "\$cfg['Servers'][\$i]['favorite'] = 'pma__favorite';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['usergroups'] = 'pma__usergroups';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['central_columns'] = 'pma__central_columns';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['designer_settings'] = 'pma__designer_settings';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['export_templates'] = 'pma__export_templates';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['savedsearches'] = 'pma__savedsearches';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['navigationhiding'] = 'pma__navigationhiding';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['users'] = 'pma__users';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['usergroups'] = 'pma__usergroups';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['pmadb'] = 'phpmyadmin';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['controluser'] = 'pma';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['controlpass'] = '$PASS';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['bookmarktable'] = 'pma__bookmark';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['relation'] = 'pma__relation';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['userconfig'] = 'pma__userconfig';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['table_info'] = 'pma__table_info';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['column_info'] = 'pma__column_info';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['history'] = 'pma__history';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['recent'] = 'pma__recent';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['table_uiprefs'] = 'pma__table_uiprefs';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['tracking'] = 'pma__tracking';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['table_coords'] = 'pma__table_coords';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['pdf_pages'] = 'pma__pdf_pages';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['designer_coords'] = 'pma__designer_coords';" >> $pmapath2
+
+#SOME WORK with DATABASE (table / user)
+PMADB=phpmyadmin
+PMAUSER=pma
+
+#DROP USER and TABLE
+mysql -uroot <
+    VRootEngine                 on
+    VRootAlias                  /etc/security/pam_env.conf etc/security/pam_env.conf
+
+
+AuthPAMConfig                   proftpd
+AuthOrder                       mod_auth_pam.c* mod_auth_unix.c
+UseReverseDNS                   off
+User                            proftpd
+Group                           nogroup
+MaxInstances                    20
+UseSendfile                     off
+LogFormat                       default "%h %l %u %t \"%r\" %s %b"
+LogFormat                       auth    "%v [%P] %h %t \"%r\" %s"
+ListOptions                     -a
+RequireValidShell               off
+PassivePorts                    12000 12100
+
+
+  Umask                         002
+  IdentLookups                  off
+  AllowOverwrite                yes
+  
+    AllowAll
+  
+
diff --git a/install/debian/10/roundcube/apache.conf b/install/debian/10/roundcube/apache.conf
new file mode 100644
index 00000000..a0c87bcc
--- /dev/null
+++ b/install/debian/10/roundcube/apache.conf
@@ -0,0 +1,40 @@
+Alias /roundcube/program/js/tiny_mce/ /usr/share/tinymce/www/
+Alias /roundcube /var/lib/roundcube
+Alias /webmail /var/lib/roundcube
+
+# Access to tinymce files
+
+      Options Indexes MultiViews FollowSymLinks
+      AllowOverride None
+      Order allow,deny
+      allow from all
+
+
+
+  Options +FollowSymLinks
+  # This is needed to parse /var/lib/roundcube/.htaccess. See its
+  # content before setting AllowOverride to None.
+  AllowOverride All
+  order allow,deny
+  allow from all
+
+
+# Protecting basic directories:
+
+        Options -FollowSymLinks
+        AllowOverride None
+
+
+
+        Options -FollowSymLinks
+        AllowOverride None
+	Order allow,deny
+	Deny from all
+
+
+
+        Options -FollowSymLinks
+        AllowOverride None
+	Order allow,deny
+	Deny from all
+
diff --git a/install/debian/10/roundcube/config.inc.php b/install/debian/10/roundcube/config.inc.php
new file mode 100644
index 00000000..0c82b1bc
--- /dev/null
+++ b/install/debian/10/roundcube/config.inc.php
@@ -0,0 +1,33 @@
+
diff --git a/install/debian/10/roundcube/main.inc.php b/install/debian/10/roundcube/main.inc.php
new file mode 100644
index 00000000..97cdbf2d
--- /dev/null
+++ b/install/debian/10/roundcube/main.inc.php
@@ -0,0 +1,850 @@
+/sendmail or to syslog
+$rcmail_config['smtp_log'] = true;
+
+// Log successful logins to /userlogins or to syslog
+$rcmail_config['log_logins'] = false;
+
+// Log session authentication errors to /session or to syslog
+$rcmail_config['log_session'] = false;
+
+// Log SQL queries to /sql or to syslog
+$rcmail_config['sql_debug'] = false;
+
+// Log IMAP conversation to /imap or to syslog
+$rcmail_config['imap_debug'] = false;
+
+// Log LDAP conversation to /ldap or to syslog
+$rcmail_config['ldap_debug'] = false;
+
+// Log SMTP conversation to /smtp or to syslog
+$rcmail_config['smtp_debug'] = false;
+
+// ----------------------------------
+// IMAP
+// ----------------------------------
+
+// the mail host chosen to perform the log-in
+// leave blank to show a textbox at login, give a list of hosts
+// to display a pulldown menu or set one host as string.
+// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls://
+// Supported replacement variables:
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %s - domain name after the '@' from e-mail address provided at login screen
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['default_host'] = 'localhost';
+
+// TCP port used for IMAP connections
+$rcmail_config['default_port'] = 143;
+
+// IMAP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use
+// best server supported one)
+$rcmail_config['imap_auth_type'] = null;
+
+// If you know your imap's folder delimiter, you can specify it here.
+// Otherwise it will be determined automatically
+$rcmail_config['imap_delimiter'] = null;
+
+// If IMAP server doesn't support NAMESPACE extension, but you're
+// using shared folders or personal root folder is non-empty, you'll need to
+// set these options. All can be strings or arrays of strings.
+// Folders need to be ended with directory separator, e.g. "INBOX."
+// (special directory "~" is an exception to this rule)
+// These can be used also to overwrite server's namespaces
+$rcmail_config['imap_ns_personal'] = null;
+$rcmail_config['imap_ns_other']    = null;
+$rcmail_config['imap_ns_shared']   = null;
+
+// By default IMAP capabilities are readed after connection to IMAP server
+// In some cases, e.g. when using IMAP proxy, there's a need to refresh the list
+// after login. Set to True if you've got this case.
+$rcmail_config['imap_force_caps'] = false;
+
+// By default list of subscribed folders is determined using LIST-EXTENDED
+// extension if available. Some servers (dovecot 1.x) returns wrong results
+// for shared namespaces in this case. http://trac.roundcube.net/ticket/1486225
+// Enable this option to force LSUB command usage instead.
+$rcmail_config['imap_force_lsub'] = false;
+
+// Some server configurations (e.g. Courier) doesn't list folders in all namespaces
+// Enable this option to force listing of folders in all namespaces
+$rcmail_config['imap_force_ns'] = false;
+
+// IMAP connection timeout, in seconds. Default: 0 (no limit)
+$rcmail_config['imap_timeout'] = 0;
+
+// Optional IMAP authentication identifier to be used as authorization proxy
+$rcmail_config['imap_auth_cid'] = null;
+
+// Optional IMAP authentication password to be used for imap_auth_cid
+$rcmail_config['imap_auth_pw'] = null;
+
+// Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'.
+$rcmail_config['imap_cache'] = null;
+
+// Enables messages cache. Only 'db' cache is supported.
+$rcmail_config['messages_cache'] = false;
+
+
+// ----------------------------------
+// SMTP
+// ----------------------------------
+
+// SMTP server host (for sending mails).
+// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls://
+// If left blank, the PHP mail() function is used
+// Supported replacement variables:
+// %h - user's IMAP hostname
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %z - IMAP domain (IMAP hostname without the first part)
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['smtp_server'] = '';
+
+// SMTP port (default is 25; use 587 for STARTTLS or 465 for the
+// deprecated SSL over SMTP (aka SMTPS))
+$rcmail_config['smtp_port'] = 25;
+
+// SMTP username (if required) if you use %u as the username Roundcube
+// will use the current username for login
+$rcmail_config['smtp_user'] = '';
+
+// SMTP password (if required) if you use %p as the password Roundcube
+// will use the current user's password for login
+$rcmail_config['smtp_pass'] = '';
+
+// SMTP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use
+// best server supported one)
+$rcmail_config['smtp_auth_type'] = '';
+
+// Optional SMTP authentication identifier to be used as authorization proxy
+$rcmail_config['smtp_auth_cid'] = null;
+
+// Optional SMTP authentication password to be used for smtp_auth_cid
+$rcmail_config['smtp_auth_pw'] = null;
+
+// SMTP HELO host 
+// Hostname to give to the remote server for SMTP 'HELO' or 'EHLO' messages 
+// Leave this blank and you will get the server variable 'server_name' or 
+// localhost if that isn't defined. 
+$rcmail_config['smtp_helo_host'] = '';
+
+// SMTP connection timeout, in seconds. Default: 0 (no limit)
+$rcmail_config['smtp_timeout'] = 0;
+
+// ----------------------------------
+// SYSTEM
+// ----------------------------------
+include_once("/etc/roundcube/debian-db-roundcube.php");
+
+
+// THIS OPTION WILL ALLOW THE INSTALLER TO RUN AND CAN EXPOSE SENSITIVE CONFIG DATA.
+// ONLY ENABLE IT IF YOU'RE REALLY SURE WHAT YOU'RE DOING!
+$rcmail_config['enable_installer'] = false;
+
+// provide an URL where a user can get support for this Roundcube installation
+// PLEASE DO NOT LINK TO THE ROUNDCUBE.NET WEBSITE HERE!
+$rcmail_config['support_url'] = '';
+
+// replace Roundcube logo with this image
+// specify an URL relative to the document root of this Roundcube installation
+$rcmail_config['skin_logo'] = null;
+
+// automatically create a new Roundcube user when log-in the first time.
+// a new user will be created once the IMAP login succeeds.
+// set to false if only registered users can use this service
+$rcmail_config['auto_create_user'] = true;
+
+// use this folder to store log files (must be writeable for apache user)
+// This is used by the 'file' log driver.
+$rcmail_config['log_dir'] = '/var/log/roundcubemail/';
+
+// use this folder to store temp files (must be writeable for apache user)
+$rcmail_config['temp_dir'] = '/tmp';
+
+// lifetime of message cache
+// possible units: s, m, h, d, w
+$rcmail_config['message_cache_lifetime'] = '10d';
+
+// enforce connections over https
+// with this option enabled, all non-secure connections will be redirected.
+// set the port for the ssl connection as value of this option if it differs from the default 443
+$rcmail_config['force_https'] = false;
+
+// tell PHP that it should work as under secure connection
+// even if it doesn't recognize it as secure ($_SERVER['HTTPS'] is not set)
+// e.g. when you're running Roundcube behind a https proxy
+// this option is mutually exclusive to 'force_https' and only either one of them should be set to true.
+$rcmail_config['use_https'] = false;
+
+// Allow browser-autocompletion on login form.
+// 0 - disabled, 1 - username and host only, 2 - username, host, password
+$rcmail_config['login_autocomplete'] = 0;
+
+// Forces conversion of logins to lower case.
+// 0 - disabled, 1 - only domain part, 2 - domain and local part.
+// If users authentication is not case-sensitive this must be enabled.
+// After enabling it all user records need to be updated, e.g. with query:
+// UPDATE users SET username = LOWER(username);
+$rcmail_config['login_lc'] = 0;
+
+// Includes should be interpreted as PHP files
+$rcmail_config['skin_include_php'] = false;
+
+// display software version on login screen
+$rcmail_config['display_version'] = false;
+
+// Session lifetime in minutes
+// must be greater than 'keep_alive'/60
+$rcmail_config['session_lifetime'] = 10;
+
+// session domain: .example.org
+$rcmail_config['session_domain'] = '';
+
+// session name. Default: 'roundcube_sessid'
+$rcmail_config['session_name'] = null;
+
+// Backend to use for session storage. Can either be 'db' (default) or 'memcache'
+// If set to memcache, a list of servers need to be specified in 'memcache_hosts'
+// Make sure the Memcache extension (http://pecl.php.net/package/memcache) version >= 2.0.0 is installed
+$rcmail_config['session_storage'] = 'db';
+
+// Use these hosts for accessing memcached
+// Define any number of hosts in the form of hostname:port or unix:///path/to/sock.file
+$rcmail_config['memcache_hosts'] = null; // e.g. array( 'localhost:11211', '192.168.1.12:11211', 'unix:///var/tmp/memcached.sock' );
+
+// check client IP in session athorization
+$rcmail_config['ip_check'] = false;
+
+// check referer of incoming requests
+$rcmail_config['referer_check'] = false;
+
+// X-Frame-Options HTTP header value sent to prevent from Clickjacking.
+// Possible values: sameorigin|deny. Set to false in order to disable sending them
+$rcmail_config['x_frame_options'] = 'sameorigin';
+
+// this key is used to encrypt the users imap password which is stored
+// in the session record (and the client cookie if remember password is enabled).
+// please provide a string of exactly 24 chars.
+$rcmail_config['des_key'] = 'vtIOjLZo9kffJoqzpSbm5r1r';
+
+// Automatically add this domain to user names for login
+// Only for IMAP servers that require full e-mail addresses for login
+// Specify an array with 'host' => 'domain' values to support multiple hosts
+// Supported replacement variables:
+// %h - user's IMAP hostname
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %z - IMAP domain (IMAP hostname without the first part)
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['username_domain'] = '';
+
+// This domain will be used to form e-mail addresses of new users
+// Specify an array with 'host' => 'domain' values to support multiple hosts
+// Supported replacement variables:
+// %h - user's IMAP hostname
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %z - IMAP domain (IMAP hostname without the first part)
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['mail_domain'] = '';
+
+// Password charset.
+// Use it if your authentication backend doesn't support UTF-8.
+// Defaults to ISO-8859-1 for backward compatibility
+$rcmail_config['password_charset'] = 'ISO-8859-1';
+
+// How many seconds must pass between emails sent by a user
+$rcmail_config['sendmail_delay'] = 0;
+
+// Maximum number of recipients per message. Default: 0 (no limit)
+$rcmail_config['max_recipients'] = 0; 
+
+// Maximum allowednumber of members of an address group. Default: 0 (no limit)
+// If 'max_recipients' is set this value should be less or equal
+$rcmail_config['max_group_members'] = 0; 
+
+// add this user-agent to message headers when sending
+$rcmail_config['useragent'] = 'Roundcube Webmail/'.RCMAIL_VERSION;
+
+// use this name to compose page titles
+$rcmail_config['product_name'] = 'Roundcube Webmail';
+
+// try to load host-specific configuration
+// see http://trac.roundcube.net/wiki/Howto_Config for more details
+$rcmail_config['include_host_config'] = false;
+
+// path to a text file which will be added to each sent message
+// paths are relative to the Roundcube root folder
+$rcmail_config['generic_message_footer'] = '';
+
+// path to a text file which will be added to each sent HTML message
+// paths are relative to the Roundcube root folder
+$rcmail_config['generic_message_footer_html'] = '';
+
+// add a received header to outgoing mails containing the creators IP and hostname
+$rcmail_config['http_received_header'] = false;
+
+// Whether or not to encrypt the IP address and the host name
+// these could, in some circles, be considered as sensitive information;
+// however, for the administrator, these could be invaluable help
+// when tracking down issues.
+$rcmail_config['http_received_header_encrypt'] = false;
+
+// This string is used as a delimiter for message headers when sending
+// a message via mail() function. Leave empty for auto-detection
+$rcmail_config['mail_header_delimiter'] = NULL;
+
+// number of chars allowed for line when wrapping text.
+// text wrapping is done when composing/sending messages
+$rcmail_config['line_length'] = 72;
+
+// send plaintext messages as format=flowed
+$rcmail_config['send_format_flowed'] = true;
+
+// don't allow these settings to be overriden by the user
+$rcmail_config['dont_override'] = array();
+
+// Set identities access level:
+// 0 - many identities with possibility to edit all params
+// 1 - many identities with possibility to edit all params but not email address
+// 2 - one identity with possibility to edit all params
+// 3 - one identity with possibility to edit all params but not email address
+$rcmail_config['identities_level'] = 0;
+
+// Mimetypes supported by the browser.
+// attachments of these types will open in a preview window
+// either a comma-separated list or an array: 'text/plain,text/html,text/xml,image/jpeg,image/gif,image/png,application/pdf'
+$rcmail_config['client_mimetypes'] = null;  # null == default
+
+// mime magic database
+$rcmail_config['mime_magic'] = null;
+
+// path to imagemagick identify binary
+$rcmail_config['im_identify_path'] = null;
+
+// path to imagemagick convert binary
+$rcmail_config['im_convert_path'] = null;
+
+// maximum size of uploaded contact photos in pixel
+$rcmail_config['contact_photo_size'] = 160;
+
+// Enable DNS checking for e-mail address validation
+$rcmail_config['email_dns_check'] = false;
+
+// ----------------------------------
+// PLUGINS
+// ----------------------------------
+
+// List of active plugins (in plugins/ directory)
+$rcmail_config['plugins'] = array('password');
+
+// ----------------------------------
+// USER INTERFACE
+// ----------------------------------
+
+// default messages sort column. Use empty value for default server's sorting, 
+// or 'arrival', 'date', 'subject', 'from', 'to', 'fromto', 'size', 'cc'
+$rcmail_config['message_sort_col'] = '';
+
+// default messages sort order
+$rcmail_config['message_sort_order'] = 'DESC';
+
+// These cols are shown in the message list. Available cols are:
+// subject, from, to, fromto, cc, replyto, date, size, status, flag, attachment, 'priority'
+$rcmail_config['list_cols'] = array('subject', 'status', 'fromto', 'date', 'size', 'flag', 'attachment');
+
+// the default locale setting (leave empty for auto-detection)
+// RFC1766 formatted language name like en_US, de_DE, de_CH, fr_FR, pt_BR
+$rcmail_config['language'] = null;
+
+// use this format for date display (date or strftime format)
+$rcmail_config['date_format'] = 'Y-m-d';
+
+// give this choice of date formats to the user to select from
+$rcmail_config['date_formats'] = array('Y-m-d', 'd-m-Y', 'Y/m/d', 'm/d/Y', 'd/m/Y', 'd.m.Y', 'j.n.Y');
+
+// use this format for time display (date or strftime format)
+$rcmail_config['time_format'] = 'H:i';
+
+// give this choice of time formats to the user to select from
+$rcmail_config['time_formats'] = array('G:i', 'H:i', 'g:i a', 'h:i A');
+
+// use this format for short date display (derived from date_format and time_format)
+$rcmail_config['date_short'] = 'D H:i';
+
+// use this format for detailed date/time formatting (derived from date_format and time_format)
+$rcmail_config['date_long'] = 'Y-m-d H:i';
+
+// store draft message is this mailbox
+// leave blank if draft messages should not be stored
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['drafts_mbox'] = 'Drafts';
+
+// store spam messages in this mailbox
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['junk_mbox'] = 'Spam';
+
+// store sent message is this mailbox
+// leave blank if sent messages should not be stored
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['sent_mbox'] = 'Sent';
+
+// move messages to this folder when deleting them
+// leave blank if they should be deleted directly
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['trash_mbox'] = 'Trash';
+
+// display these folders separately in the mailbox list.
+// these folders will also be displayed with localized names
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['default_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash');
+$rcmail_config['default_imap_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash');
+
+// automatically create the above listed default folders on first login
+$rcmail_config['create_default_folders'] = true;
+
+// protect the default folders from renames, deletes, and subscription changes
+$rcmail_config['protect_default_folders'] = true;
+
+// if in your system 0 quota means no limit set this option to true 
+$rcmail_config['quota_zero_as_unlimited'] = false;
+
+// Make use of the built-in spell checker. It is based on GoogieSpell.
+// Since Google only accepts connections over https your PHP installatation
+// requires to be compiled with Open SSL support
+$rcmail_config['enable_spellcheck'] = true;
+
+// Enables spellchecker exceptions dictionary.
+// Setting it to 'shared' will make the dictionary shared by all users.
+$rcmail_config['spellcheck_dictionary'] = false;
+
+// Set the spell checking engine. 'googie' is the default. 'pspell' is also available,
+// but requires the Pspell extensions. When using Nox Spell Server, also set 'googie' here.
+$rcmail_config['spellcheck_engine'] = 'googie';
+
+// For a locally installed Nox Spell Server, please specify the URI to call it.
+// Get Nox Spell Server from http://orangoo.com/labs/?page_id=72
+// Leave empty to use the Google spell checking service, what means
+// that the message content will be sent to Google in order to check spelling
+$rcmail_config['spellcheck_uri'] = '';
+
+// These languages can be selected for spell checking.
+// Configure as a PHP style hash array: array('en'=>'English', 'de'=>'Deutsch');
+// Leave empty for default set of available language.
+$rcmail_config['spellcheck_languages'] = NULL;
+
+// Makes that words with all letters capitalized will be ignored (e.g. GOOGLE)
+$rcmail_config['spellcheck_ignore_caps'] = false;
+
+// Makes that words with numbers will be ignored (e.g. g00gle)
+$rcmail_config['spellcheck_ignore_nums'] = false;
+
+// Makes that words with symbols will be ignored (e.g. g@@gle)
+$rcmail_config['spellcheck_ignore_syms'] = false;
+
+// Use this char/string to separate recipients when composing a new message
+$rcmail_config['recipients_separator'] = ',';
+
+// don't let users set pagesize to more than this value if set
+$rcmail_config['max_pagesize'] = 200;
+
+// Minimal value of user's 'keep_alive' setting (in seconds)
+// Must be less than 'session_lifetime'
+$rcmail_config['min_keep_alive'] = 60;
+
+// Enables files upload indicator. Requires APC installed and enabled apc.rfc1867 option.
+// By default refresh time is set to 1 second. You can set this value to true
+// or any integer value indicating number of seconds.
+$rcmail_config['upload_progress'] = false;
+
+// Specifies for how many seconds the Undo button will be available
+// after object delete action. Currently used with supporting address book sources.
+// Setting it to 0, disables the feature.
+$rcmail_config['undo_timeout'] = 0;
+
+// ----------------------------------
+// ADDRESSBOOK SETTINGS
+// ----------------------------------
+
+// This indicates which type of address book to use. Possible choises:
+// 'sql' (default) and 'ldap'.
+// If set to 'ldap' then it will look at using the first writable LDAP
+// address book as the primary address book and it will not display the
+// SQL address book in the 'Address Book' view.
+$rcmail_config['address_book_type'] = 'sql';
+
+// In order to enable public ldap search, configure an array like the Verisign
+// example further below. if you would like to test, simply uncomment the example.
+// Array key must contain only safe characters, ie. a-zA-Z0-9_
+$rcmail_config['ldap_public'] = array();
+
+// If you are going to use LDAP for individual address books, you will need to 
+// set 'user_specific' to true and use the variables to generate the appropriate DNs to access it.
+//
+// The recommended directory structure for LDAP is to store all the address book entries
+// under the users main entry, e.g.:
+//
+//  o=root
+//   ou=people
+//    uid=user@domain
+//  mail=contact@contactdomain
+//
+// So the base_dn would be uid=%fu,ou=people,o=root
+// The bind_dn would be the same as based_dn or some super user login.
+/* 
+ * example config for Verisign directory
+ *
+$rcmail_config['ldap_public']['Verisign'] = array(
+  'name'          => 'Verisign.com',
+  // Replacement variables supported in host names:
+  // %h - user's IMAP hostname
+  // %n - http hostname ($_SERVER['SERVER_NAME'])
+  // %d - domain (http hostname without the first part)
+  // %z - IMAP domain (IMAP hostname without the first part)
+  // For example %n = mail.domain.tld, %d = domain.tld
+  'hosts'         => array('directory.verisign.com'),
+  'port'          => 389,
+  'use_tls'	      => false,
+  'ldap_version'  => 3,       // using LDAPv3
+  'user_specific' => false,   // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login.
+  // %fu - The full username provided, assumes the username is an email
+  //       address, uses the username_domain value if not an email address.
+  // %u  - The username prior to the '@'.
+  // %d  - The domain name after the '@'.
+  // %dc - The domain name hierarchal string e.g. "dc=test,dc=domain,dc=com"
+  // %dn - DN found by ldap search when search_filter/search_base_dn are used
+  'base_dn'       => '',
+  'bind_dn'       => '',
+  'bind_pass'     => '',
+  // It's possible to bind for an individual address book
+  // The login name is used to search for the DN to bind with
+  'search_base_dn' => '',
+  'search_filter'  => '',   // e.g. '(&(objectClass=posixAccount)(uid=%u))'
+  // DN and password to bind as before searching for bind DN, if anonymous search is not allowed
+  'search_bind_dn' => '',
+  'search_bind_pw' => '',
+  // Default for %dn variable if search doesn't return DN value
+  'search_dn_default' => '',
+  // Optional authentication identifier to be used as SASL authorization proxy
+  // bind_dn need to be empty
+  'auth_cid'       => '',
+  // SASL authentication method (for proxy auth), e.g. DIGEST-MD5
+  'auth_method'    => '',
+  // Indicates if the addressbook shall be hidden from the list.
+  // With this option enabled you can still search/view contacts.
+  'hidden'        => false,
+  // Indicates if the addressbook shall not list contacts but only allows searching.
+  'searchonly'    => false,
+  // Indicates if we can write to the LDAP directory or not.
+  // If writable is true then these fields need to be populated:
+  // LDAP_Object_Classes, required_fields, LDAP_rdn
+  'writable'       => false,
+  // To create a new contact these are the object classes to specify
+  // (or any other classes you wish to use).
+  'LDAP_Object_Classes' => array('top', 'inetOrgPerson'),
+  // The RDN field that is used for new entries, this field needs
+  // to be one of the search_fields, the base of base_dn is appended
+  // to the RDN to insert into the LDAP directory.
+  'LDAP_rdn'       => 'cn',
+  // The required fields needed to build a new contact as required by
+  // the object classes (can include additional fields not required by the object classes).
+  'required_fields' => array('cn', 'sn', 'mail'),
+  'search_fields'   => array('mail', 'cn'),  // fields to search in
+  // mapping of contact fields to directory attributes
+  //   for every attribute one can specify the number of values (limit) allowed.
+  //   default is 1, a wildcard * means unlimited
+  'fieldmap' => array(
+    // Roundcube  => LDAP:limit
+    'name'        => 'cn',
+    'surname'     => 'sn',
+    'firstname'   => 'givenName',
+    'title'       => 'title',
+    'email'       => 'mail:*',
+    'phone:home'  => 'homePhone',
+    'phone:work'  => 'telephoneNumber',
+    'phone:mobile' => 'mobile',
+    'phone:pager' => 'pager',
+    'street'      => 'street',
+    'zipcode'     => 'postalCode',
+    'region'      => 'st',
+    'locality'    => 'l',
+// if you uncomment country, you need to modify 'sub_fields' above
+//    'country'     => 'c',
+    'department'  => 'departmentNumber',
+    'notes'       => 'description',
+// these currently don't work:
+//    'phone:workfax' => 'facsimileTelephoneNumber',
+//    'photo'        => 'jpegPhoto',
+//    'organization' => 'o',
+//    'manager'      => 'manager',
+//    'assistant'    => 'secretary',
+  ),
+  // Map of contact sub-objects (attribute name => objectClass(es)), e.g. 'c' => 'country'
+  'sub_fields' => array(),
+  'sort'          => 'cn',    // The field to sort the listing by.
+  'scope'         => 'sub',   // search mode: sub|base|list
+  'filter'        => '(objectClass=inetOrgPerson)',      // used for basic listing (if not empty) and will be &'d with search queries. example: status=act
+  'fuzzy_search'  => true,    // server allows wildcard search
+  'vlv'           => false,   // Enable Virtual List View to more efficiently fetch paginated data (if server supports it)
+  'numsub_filter' => '(objectClass=organizationalUnit)',   // with VLV, we also use numSubOrdinates to query the total number of records. Set this filter to get all numSubOrdinates attributes for counting
+  'sizelimit'     => '0',     // Enables you to limit the count of entries fetched. Setting this to 0 means no limit.
+  'timelimit'     => '0',     // Sets the number of seconds how long is spend on the search. Setting this to 0 means no limit.
+  'referrals'     => true|false,  // Sets the LDAP_OPT_REFERRALS option. Mostly used in multi-domain Active Directory setups
+
+  // definition for contact groups (uncomment if no groups are supported)
+  // for the groups base_dn, the user replacements %fu, %u, $d and %dc work as for base_dn (see above)
+  // if the groups base_dn is empty, the contact base_dn is used for the groups as well
+  // -> in this case, assure that groups and contacts are separated due to the concernig filters! 
+  'groups'        => array(
+    'base_dn'     => '',
+    'scope'       => 'sub',   // search mode: sub|base|list
+    'filter'      => '(objectClass=groupOfNames)',
+    'object_classes' => array("top", "groupOfNames"),
+    'member_attr'  => 'member',   // name of the member attribute, e.g. uniqueMember
+    'name_attr'    => 'cn',       // attribute to be used as group name
+  ),
+);
+*/
+
+// An ordered array of the ids of the addressbooks that should be searched
+// when populating address autocomplete fields server-side. ex: array('sql','Verisign');
+$rcmail_config['autocomplete_addressbooks'] = array('sql');
+
+// The minimum number of characters required to be typed in an autocomplete field
+// before address books will be searched. Most useful for LDAP directories that
+// may need to do lengthy results building given overly-broad searches
+$rcmail_config['autocomplete_min_length'] = 1;
+
+// Number of parallel autocomplete requests.
+// If there's more than one address book, n parallel (async) requests will be created,
+// where each request will search in one address book. By default (0), all address
+// books are searched in one request.
+$rcmail_config['autocomplete_threads'] = 0;
+
+// Max. numer of entries in autocomplete popup. Default: 15.
+$rcmail_config['autocomplete_max'] = 15;
+
+// show address fields in this order
+// available placeholders: {street}, {locality}, {zipcode}, {country}, {region}
+$rcmail_config['address_template'] = '{street}
{locality} {zipcode}
{country} {region}';
+
+// Matching mode for addressbook search (including autocompletion)
+// 0 - partial (*abc*), default
+// 1 - strict (abc)
+// 2 - prefix (abc*)
+// Note: For LDAP sources fuzzy_search must be enabled to use 'partial' or 'prefix' mode
+$rcmail_config['addressbook_search_mode'] = 0;
+
+// ----------------------------------
+// USER PREFERENCES
+// ----------------------------------
+
+// Use this charset as fallback for message decoding
+//$rcmail_config['default_charset'] = 'ISO-8859-1';
+$rcmail_config['default_charset'] = 'UTF-8';
+
+// skin name: folder from skins/
+$rcmail_config['skin'] = 'larry';
+
+// show up to X items in messages list view
+$rcmail_config['mail_pagesize'] = 50;
+
+// show up to X items in contacts list view
+$rcmail_config['addressbook_pagesize'] = 50;
+
+// sort contacts by this col (preferably either one of name, firstname, surname)
+$rcmail_config['addressbook_sort_col'] = 'surname';
+
+// the way how contact names are displayed in the list
+// 0: display name
+// 1: (prefix) firstname middlename surname (suffix)
+// 2: (prefix) surname firstname middlename (suffix)
+// 3: (prefix) surname, firstname middlename (suffix)
+$rcmail_config['addressbook_name_listing'] = 0;
+
+// use this timezone to display date/time
+// valid timezone identifers are listed here: php.net/manual/en/timezones.php
+// 'auto' will use the browser's timezone settings
+$rcmail_config['timezone'] = 'auto';
+
+// prefer displaying HTML messages
+$rcmail_config['prefer_html'] = true;
+
+// display remote inline images
+// 0 - Never, always ask
+// 1 - Ask if sender is not in address book
+// 2 - Always show inline images
+$rcmail_config['show_images'] = 0;
+
+// compose html formatted messages by default
+// 0 - never, 1 - always, 2 - on reply to HTML message only 
+$rcmail_config['htmleditor'] = 0;
+
+// show pretty dates as standard
+$rcmail_config['prettydate'] = true;
+
+// save compose message every 300 seconds (5min)
+$rcmail_config['draft_autosave'] = 300;
+
+// default setting if preview pane is enabled
+$rcmail_config['preview_pane'] = false;
+
+// Mark as read when viewed in preview pane (delay in seconds)
+// Set to -1 if messages in preview pane should not be marked as read
+$rcmail_config['preview_pane_mark_read'] = 0;
+
+// Clear Trash on logout
+$rcmail_config['logout_purge'] = false;
+
+// Compact INBOX on logout
+$rcmail_config['logout_expunge'] = false;
+
+// Display attached images below the message body 
+$rcmail_config['inline_images'] = true;
+
+// Encoding of long/non-ascii attachment names:
+// 0 - Full RFC 2231 compatible
+// 1 - RFC 2047 for 'name' and RFC 2231 for 'filename' parameter (Thunderbird's default)
+// 2 - Full 2047 compatible
+$rcmail_config['mime_param_folding'] = 1;
+
+// Set true if deleted messages should not be displayed
+// This will make the application run slower
+$rcmail_config['skip_deleted'] = false;
+
+// Set true to Mark deleted messages as read as well as deleted
+// False means that a message's read status is not affected by marking it as deleted
+$rcmail_config['read_when_deleted'] = true;
+
+// Set to true to never delete messages immediately
+// Use 'Purge' to remove messages marked as deleted
+$rcmail_config['flag_for_deletion'] = false;
+
+// Default interval for keep-alive/check-recent requests (in seconds)
+// Must be greater than or equal to 'min_keep_alive' and less than 'session_lifetime'
+$rcmail_config['keep_alive'] = 60;
+
+// If true all folders will be checked for recent messages
+$rcmail_config['check_all_folders'] = false;
+
+// If true, after message delete/move, the next message will be displayed
+$rcmail_config['display_next'] = false;
+
+// 0 - Do not expand threads 
+// 1 - Expand all threads automatically 
+// 2 - Expand only threads with unread messages 
+$rcmail_config['autoexpand_threads'] = 0;
+
+// When replying place cursor above original message (top posting)
+$rcmail_config['top_posting'] = false;
+
+// When replying strip original signature from message
+$rcmail_config['strip_existing_sig'] = true;
+
+// Show signature:
+// 0 - Never
+// 1 - Always
+// 2 - New messages only
+// 3 - Forwards and Replies only
+$rcmail_config['show_sig'] = 1;
+
+// When replying or forwarding place sender's signature above existing message
+$rcmail_config['sig_above'] = false;
+
+// Use MIME encoding (quoted-printable) for 8bit characters in message body
+$rcmail_config['force_7bit'] = false;
+
+// Defaults of the search field configuration.
+// The array can contain a per-folder list of header fields which should be considered when searching
+// The entry with key '*' stands for all folders which do not have a specific list set.
+// Please note that folder names should to be in sync with $rcmail_config['default_folders']
+$rcmail_config['search_mods'] = null;  // Example: array('*' => array('subject'=>1, 'from'=>1), 'Sent' => array('subject'=>1, 'to'=>1));
+
+// Defaults of the addressbook search field configuration.
+$rcmail_config['addressbook_search_mods'] = null;  // Example: array('name'=>1, 'firstname'=>1, 'surname'=>1, 'email'=>1, '*'=>1);
+
+// 'Delete always'
+// This setting reflects if mail should be always deleted
+// when moving to Trash fails. This is necessary in some setups
+// when user is over quota and Trash is included in the quota.
+$rcmail_config['delete_always'] = false;
+
+// Directly delete messages in Junk instead of moving to Trash
+$rcmail_config['delete_junk'] = true;
+
+// Behavior if a received message requests a message delivery notification (read receipt)
+// 0 = ask the user, 1 = send automatically, 2 = ignore (never send or ask)
+// 3 = send automatically if sender is in addressbook, otherwise ask the user
+// 4 = send automatically if sender is in addressbook, otherwise ignore
+$rcmail_config['mdn_requests'] = 0;
+
+// Return receipt checkbox default state
+$rcmail_config['mdn_default'] = 0;
+
+// Delivery Status Notification checkbox default state
+$rcmail_config['dsn_default'] = 0;
+
+// Place replies in the folder of the message being replied to
+$rcmail_config['reply_same_folder'] = false;
+
+// Sets default mode of Forward feature to "forward as attachment"
+$rcmail_config['forward_attachment'] = false;
+
+// Defines address book (internal index) to which new contacts will be added
+// By default it is the first writeable addressbook.
+// Note: Use '0' for built-in address book.
+$rcmail_config['default_addressbook'] = null;
+
+// Enables spell checking before sending a message.
+$rcmail_config['spellcheck_before_send'] = false;
+
+// Skip alternative email addresses in autocompletion (show one address per contact)
+$rcmail_config['autocomplete_single'] = false;
+
+// Default font for composed HTML message.
+// Supported values: Andale Mono, Arial, Arial Black, Book Antiqua, Courier New,
+// Georgia, Helvetica, Impact, Tahoma, Terminal, Times New Roman, Trebuchet MS, Verdana
+$rcmail_config['default_font'] = '';
+
+// end of config file
diff --git a/install/debian/10/roundcube/vesta.php b/install/debian/10/roundcube/vesta.php
new file mode 100644
index 00000000..b3dd167f
--- /dev/null
+++ b/install/debian/10/roundcube/vesta.php
@@ -0,0 +1,73 @@
+
+ */
+class rcube_vesta_password {
+    function save($curpass, $passwd)
+    {
+        $rcmail = rcmail::get_instance();
+        $vesta_host = $rcmail->config->get('password_vesta_host');
+
+        if (empty($vesta_host))
+        {
+            $vesta_host = 'localhost';
+        }
+
+        $vesta_port = $rcmail->config->get('password_vesta_port');
+        if (empty($vesta_port))
+        {
+            $vesta_port = '8083';
+        }
+
+        $postvars = array(
+          'email' => $_SESSION['username'],
+          'password' => $curpass,
+          'new' => $passwd
+        );
+
+        $postdata = http_build_query($postvars);
+
+        $send  = 'POST /reset/mail/ HTTP/1.1' . PHP_EOL;
+        $send .= 'Host: ' . $vesta_host . PHP_EOL;
+        $send .= 'User-Agent: PHP Script' . PHP_EOL;
+        $send .= 'Content-length: ' . strlen($postdata) . PHP_EOL;
+        $send .= 'Content-type: application/x-www-form-urlencoded' . PHP_EOL;
+        $send .= 'Connection: close' . PHP_EOL;
+        $send .= PHP_EOL;
+        $send .= $postdata . PHP_EOL . PHP_EOL;
+
+        //$fp = fsockopen('ssl://' . $vesta_host, $vesta_port);
+        $errno = "";
+        $errstr = "";
+        $context = stream_context_create();
+
+        $result = stream_context_set_option($context, 'ssl', 'verify_peer', false);
+        $result = stream_context_set_option($context, 'ssl', 'verify_peer_name', false);
+        $result = stream_context_set_option($context, 'ssl', 'verify_host', false);
+        $result = stream_context_set_option($context, 'ssl', 'allow_self_signed', true);
+
+        $fp = stream_socket_client('ssl://' . $vesta_host . ':'.$vesta_port, $errno, $errstr, 60, STREAM_CLIENT_CONNECT, $context);
+        fputs($fp, $send);
+        $result = fread($fp, 2048);
+        fclose($fp);
+
+        $fp = fopen("/tmp/roundcube.log", 'w');
+        fwrite($fp, "test ok");
+        fwrite($fp, "\n");
+        fclose($fp);
+
+
+        if(strpos($result, 'ok') && !strpos($result, 'error'))
+        {
+            return PASSWORD_SUCCESS;
+        }
+        else {
+            return PASSWORD_ERROR;
+        }
+
+    }
+}
diff --git a/install/debian/10/sudo/admin b/install/debian/10/sudo/admin
new file mode 100644
index 00000000..4226bdd4
--- /dev/null
+++ b/install/debian/10/sudo/admin
@@ -0,0 +1,8 @@
+# Created by vesta installer
+Defaults env_keep="VESTA"
+Defaults:admin !syslog
+Defaults:admin !requiretty
+Defaults:root !requiretty
+
+admin   ALL=(ALL)       ALL
+admin   ALL=NOPASSWD:/usr/local/vesta/bin/*
diff --git a/install/debian/10/templates/dns/child-ns.tpl b/install/debian/10/templates/dns/child-ns.tpl
new file mode 100755
index 00000000..42c046e4
--- /dev/null
+++ b/install/debian/10/templates/dns/child-ns.tpl
@@ -0,0 +1,14 @@
+ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns1.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns2.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='4' RECORD='ns1' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='5' RECORD='ns2' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='7' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='8' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='9' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='10' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='11' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='12' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='13' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='14' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%'
diff --git a/install/debian/10/templates/dns/default.tpl b/install/debian/10/templates/dns/default.tpl
new file mode 100755
index 00000000..e0a37e62
--- /dev/null
+++ b/install/debian/10/templates/dns/default.tpl
@@ -0,0 +1,18 @@
+ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='3' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns3%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='4' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns4%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='5' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns5%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='6' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns6%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='7' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns7%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='8' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns8%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='9' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='10' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='11' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='12' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='13' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='14' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='15' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='16' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='17' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='18' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%'
diff --git a/install/debian/10/templates/dns/gmail.tpl b/install/debian/10/templates/dns/gmail.tpl
new file mode 100755
index 00000000..219c9d24
--- /dev/null
+++ b/install/debian/10/templates/dns/gmail.tpl
@@ -0,0 +1,12 @@
+ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='4' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='5' RECORD='localhost' TYPE='A' PRIORITY='' VALUE='127.0.0.1' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='7' RECORD='@' TYPE='MX' PRIORITY='1' VALUE='ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='8' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT1.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='9' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT2.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='10' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT3.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='11' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT4.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='12' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% include:_spf.google.com ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
diff --git a/install/debian/10/templates/web/apache2/PHP-FPM-73-public.sh b/install/debian/10/templates/web/apache2/PHP-FPM-73-public.sh
new file mode 100755
index 00000000..ce8ce02b
--- /dev/null
+++ b/install/debian/10/templates/web/apache2/PHP-FPM-73-public.sh
@@ -0,0 +1,87 @@
+#!/bin/bash
+# Adding php pool conf
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+pool_conf="[$2]
+
+listen = /run/php/php7.3-fpm-$2.sock
+listen.owner = $1
+listen.group = $1
+listen.mode = 0666
+
+user = $1
+group = $1
+
+pm = ondemand
+pm.max_children = 16
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/$1/tmp
+php_admin_value[session.save_path] = /home/$1/tmp
+php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
+php_admin_value[upload_max_filesize] = 80M
+php_admin_value[max_execution_time] = 20
+php_admin_value[post_max_size] = 80M
+php_admin_value[memory_limit] = 256M
+php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
+php_admin_flag[mysql.allow_persistent] = off
+php_admin_flag[safe_mode] = off
+
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/$1/tmp
+env[TMPDIR] = /home/$1/tmp
+env[TEMP] = /home/$1/tmp
+"
+
+pool_file_56="/etc/php/5.6/fpm/pool.d/$2.conf"
+pool_file_70="/etc/php/7.0/fpm/pool.d/$2.conf"
+pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
+pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
+pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
+
+if [ -f "$pool_file_56" ]; then
+    rm $pool_file_56
+    service php5.6-fpm restart
+fi
+
+if [ -f "$pool_file_70" ]; then
+    rm $pool_file_70
+    service php7.0-fpm restart
+fi
+
+if [ -f "$pool_file_71" ]; then
+    rm $pool_file_71
+    service php7.1-fpm restart
+fi
+
+if [ -f "$pool_file_72" ]; then
+    rm $pool_file_72
+    service php7.2-fpm restart
+fi
+
+write_file=0
+if [ ! -f "$pool_file_73" ]; then
+  write_file=1
+else
+  user_count=$(grep -c "/home/$1/" $pool_file_73)
+  if [ $user_count -eq 0 ]; then
+    write_file=1
+  fi
+fi
+
+if [ $write_file -eq 1 ]; then
+    echo "$pool_conf" > $pool_file_73
+    service php7.3-fpm restart
+fi
+
+if [ -f "/etc/php/7.3/fpm/pool.d/www.conf" ]; then
+    rm /etc/php/7.3/fpm/pool.d/www.conf
+fi
+
+exit 0
\ No newline at end of file
diff --git a/install/debian/10/templates/web/apache2/PHP-FPM-73-public.stpl b/install/debian/10/templates/web/apache2/PHP-FPM-73-public.stpl
new file mode 100644
index 00000000..9660c234
--- /dev/null
+++ b/install/debian/10/templates/web/apache2/PHP-FPM-73-public.stpl
@@ -0,0 +1,44 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %sdocroot%/public
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+    
+    
+        AllowOverride All
+        SSLRequireSSL
+        Options +Includes -Indexes +ExecCGI
+	
+    SSLEngine on
+    SSLVerifyClient none
+    SSLCertificateFile %ssl_crt%
+    SSLCertificateKeyFile %ssl_key%
+    %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+#    
+#        RMode config
+#        RUidGid %user% %group%
+#        RGroups www-data
+#    
+#    
+#        AssignUserID %user% %group%
+#    
+
+    
+        SetHandler "proxy:unix:/run/php/php7.3-fpm-%domain%.sock|fcgi://localhost/"
+    
+    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
+
+    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/install/debian/10/templates/web/apache2/PHP-FPM-73-public.tpl b/install/debian/10/templates/web/apache2/PHP-FPM-73-public.tpl
new file mode 100644
index 00000000..892c0d1f
--- /dev/null
+++ b/install/debian/10/templates/web/apache2/PHP-FPM-73-public.tpl
@@ -0,0 +1,38 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %docroot%/public
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+    
+    
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+    
+#    
+#        RMode config
+#        RUidGid %user% %group%
+#        RGroups www-data
+#    
+#    
+#        AssignUserID %user% %group%
+#    
+
+    
+        SetHandler "proxy:unix:/run/php/php7.3-fpm-%domain%.sock|fcgi://localhost/"
+    
+    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
+
+    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/install/debian/10/templates/web/apache2/PHP-FPM-73.sh b/install/debian/10/templates/web/apache2/PHP-FPM-73.sh
new file mode 100755
index 00000000..aa7b6dbe
--- /dev/null
+++ b/install/debian/10/templates/web/apache2/PHP-FPM-73.sh
@@ -0,0 +1,86 @@
+#!/bin/bash
+# Adding php pool conf
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+pool_conf="[$2]
+
+listen = /run/php/php7.3-fpm-$2.sock
+listen.owner = $1
+listen.group = $1
+listen.mode = 0666
+
+user = $1
+group = $1
+
+pm = ondemand
+pm.max_children = 16
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/$1/tmp
+php_admin_value[session.save_path] = /home/$1/tmp
+php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
+php_admin_value[upload_max_filesize] = 80M
+php_admin_value[max_execution_time] = 20
+php_admin_value[post_max_size] = 80M
+php_admin_value[memory_limit] = 256M
+php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
+php_admin_flag[mysql.allow_persistent] = off
+php_admin_flag[safe_mode] = off
+
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/$1/tmp
+env[TMPDIR] = /home/$1/tmp
+env[TEMP] = /home/$1/tmp
+"
+
+pool_file_56="/etc/php/5.6/fpm/pool.d/$2.conf"
+pool_file_70="/etc/php/7.0/fpm/pool.d/$2.conf"
+pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
+pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
+pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
+
+if [ -f "$pool_file_56" ]; then
+    rm $pool_file_56
+    service php5.6-fpm restart
+fi
+
+if [ -f "$pool_file_70" ]; then
+    rm $pool_file_70
+    service php7.0-fpm restart
+fi
+
+if [ -f "$pool_file_71" ]; then
+    rm $pool_file_71
+    service php7.1-fpm restart
+fi
+
+if [ -f "$pool_file_72" ]; then
+    rm $pool_file_72
+    service php7.2-fpm restart
+fi
+
+write_file=0
+if [ ! -f "$pool_file_73" ]; then
+  write_file=1
+else
+  user_count=$(grep -c "/home/$1/" $pool_file_73)
+  if [ $user_count -eq 0 ]; then
+    write_file=1
+  fi
+fi
+if [ $write_file -eq 1 ]; then
+    echo "$pool_conf" > $pool_file_73
+    service php7.3-fpm restart
+fi
+
+if [ -f "/etc/php/7.3/fpm/pool.d/www.conf" ]; then
+    rm /etc/php/7.3/fpm/pool.d/www.conf
+fi
+
+exit 0
\ No newline at end of file
diff --git a/install/debian/10/templates/web/apache2/PHP-FPM-73.stpl b/install/debian/10/templates/web/apache2/PHP-FPM-73.stpl
new file mode 100644
index 00000000..28224413
--- /dev/null
+++ b/install/debian/10/templates/web/apache2/PHP-FPM-73.stpl
@@ -0,0 +1,44 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %sdocroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+    
+    
+        AllowOverride All
+        SSLRequireSSL
+        Options +Includes -Indexes +ExecCGI
+	
+    SSLEngine on
+    SSLVerifyClient none
+    SSLCertificateFile %ssl_crt%
+    SSLCertificateKeyFile %ssl_key%
+    %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+#    
+#        RMode config
+#        RUidGid %user% %group%
+#        RGroups www-data
+#    
+#    
+#        AssignUserID %user% %group%
+#    
+
+    
+        SetHandler "proxy:unix:/run/php/php7.3-fpm-%domain%.sock|fcgi://localhost/"
+    
+    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
+
+    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/install/debian/10/templates/web/apache2/PHP-FPM-73.tpl b/install/debian/10/templates/web/apache2/PHP-FPM-73.tpl
new file mode 100644
index 00000000..7bec5e73
--- /dev/null
+++ b/install/debian/10/templates/web/apache2/PHP-FPM-73.tpl
@@ -0,0 +1,38 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %docroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+    
+    
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+    
+#    
+#        RMode config
+#        RUidGid %user% %group%
+#        RGroups www-data
+#    
+#    
+#        AssignUserID %user% %group%
+#    
+
+    
+        SetHandler "proxy:unix:/run/php/php7.3-fpm-%domain%.sock|fcgi://localhost/"
+    
+    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
+
+    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/install/debian/10/templates/web/awstats/awstats.tpl b/install/debian/10/templates/web/awstats/awstats.tpl
new file mode 100755
index 00000000..9a92e0fd
--- /dev/null
+++ b/install/debian/10/templates/web/awstats/awstats.tpl
@@ -0,0 +1,133 @@
+LogFile="/var/log/%web_system%/domains/%domain%.log"
+LogType=W
+LogFormat=1
+LogSeparator=" "
+SiteDomain="%domain_idn%"
+HostAliases="%alias_idn%"
+DirData="%home%/%user%/web/%domain%/stats"
+DirCgi="/vstats"
+DirIcons="/vstats/icon"
+AllowToUpdateStatsFromBrowser=0
+AllowFullYearView=2
+EnableLockForUpdate=1
+DNSStaticCacheFile="dnscache.txt"
+DNSLastUpdateCacheFile="dnscachelastupdate.txt"
+SkipDNSLookupFor=""
+AllowAccessFromWebToAuthenticatedUsersOnly=0
+AllowAccessFromWebToFollowingAuthenticatedUsers=""
+AllowAccessFromWebToFollowingIPAddresses=""
+CreateDirDataIfNotExists=0
+BuildHistoryFormat=text
+BuildReportFormat=html
+SaveDatabaseFilesWithPermissionsForEveryone=0
+PurgeLogFile=0
+ArchiveLogRecords=0
+KeepBackupOfHistoricFiles=1
+DefaultFile="index.php index.html"
+SkipHosts="127.0.0.1
+SkipUserAgents=""
+SkipFiles=""
+SkipReferrersBlackList=""
+OnlyHosts=""
+OnlyUserAgents=""
+OnlyUsers=""
+OnlyFiles=""
+NotPageList="css js class gif jpg jpeg png bmp ico rss xml swf"
+ValidHTTPCodes="200 304"
+ValidSMTPCodes="1 250"
+AuthenticatedUsersNotCaseSensitive=0
+URLNotCaseSensitive=0
+URLWithAnchor=0
+URLQuerySeparators="?;"
+URLWithQuery=0
+URLWithQueryWithOnlyFollowingParameters=""
+URLWithQueryWithoutFollowingParameters=""
+URLReferrerWithQuery=0
+WarningMessages=1
+ErrorMessages=""
+DebugMessages=0
+NbOfLinesForCorruptedLog=50
+WrapperScript=""
+DecodeUA=0
+MiscTrackerUrl="/js/awstats_misc_tracker.js"
+UseFramesWhenCGI=1
+DetailedReportsOnNewWindows=1
+Expires=3600
+MaxRowsInHTMLOutput=1000
+Lang="auto"
+DirLang="./lang"
+ShowMenu=1
+ShowSummary=UVPHB
+ShowMonthStats=UVPHB
+ShowDaysOfMonthStats=VPHB
+ShowDaysOfWeekStats=PHB
+ShowHoursStats=PHB
+ShowDomainsStats=PHB
+ShowHostsStats=PHBL
+ShowAuthenticatedUsers=0
+ShowRobotsStats=HBL
+ShowWormsStats=0
+ShowEMailSenders=0
+ShowEMailReceivers=0
+ShowSessionsStats=1
+ShowPagesStats=PBEX
+ShowFileTypesStats=HB
+ShowFileSizesStats=0
+ShowDownloadsStats=HB
+ShowOSStats=1
+ShowBrowsersStats=1
+ShowScreenSizeStats=0
+ShowOriginStats=PH
+ShowKeyphrasesStats=1
+ShowKeywordsStats=1
+ShowMiscStats=a
+ShowHTTPErrorsStats=1
+ShowSMTPErrorsStats=0
+ShowClusterStats=0
+AddDataArrayMonthStats=1
+AddDataArrayShowDaysOfMonthStats=1
+AddDataArrayShowDaysOfWeekStats=1
+AddDataArrayShowHoursStats=1
+IncludeInternalLinksInOriginSection=0
+MaxNbOfDomain = 10
+MinHitDomain  = 1
+MaxNbOfHostsShown = 10
+MinHitHost    = 1
+MaxNbOfLoginShown = 10
+MinHitLogin   = 1
+MaxNbOfRobotShown = 10
+MinHitRobot   = 1
+MaxNbOfDownloadsShown = 10
+MinHitDownloads = 1
+MaxNbOfPageShown = 10
+MinHitFile    = 1
+MaxNbOfOsShown = 10
+MinHitOs      = 1
+MaxNbOfBrowsersShown = 10
+MinHitBrowser = 1
+MaxNbOfScreenSizesShown = 5
+MinHitScreenSize = 1
+MaxNbOfWindowSizesShown = 5
+MinHitWindowSize = 1
+MaxNbOfRefererShown = 10
+MinHitRefer   = 1
+MaxNbOfKeyphrasesShown = 10
+MinHitKeyphrase = 1
+MaxNbOfKeywordsShown = 10
+MinHitKeyword = 1
+MaxNbOfEMailsShown = 20
+MinHitEMail   = 1
+FirstDayOfWeek=0
+ShowFlagLinks=""
+ShowLinksOnUrl=1
+UseHTTPSLinkForUrl=""
+MaxLengthOfShownURL=64
+HTMLHeadSection=""
+HTMLEndSection=""
+MetaRobot=0
+Logo="awstats_logo6.png"
+LogoLink="http://awstats.sourceforge.net"
+BarWidth   = 260
+BarHeight  = 90
+StyleSheet=""
+ExtraTrackedRowsLimit=500
diff --git a/install/debian/10/templates/web/awstats/index.tpl b/install/debian/10/templates/web/awstats/index.tpl
new file mode 100755
index 00000000..9df9bb5c
--- /dev/null
+++ b/install/debian/10/templates/web/awstats/index.tpl
@@ -0,0 +1,10 @@
+
+
+    
+    Awstats log analyzer 
+
+
+    
+    
+
+
diff --git a/install/debian/10/templates/web/awstats/nav.tpl b/install/debian/10/templates/web/awstats/nav.tpl
new file mode 100755
index 00000000..f29bed68
--- /dev/null
+++ b/install/debian/10/templates/web/awstats/nav.tpl
@@ -0,0 +1,23 @@
+
+
+    Awstats navigation
+    
+
+
+
+
+    
+    
+
+ 
+        
+    
+    
+
+
diff --git a/install/debian/10/templates/web/nginx/force-https-legacy.stpl b/install/debian/10/templates/web/nginx/force-https-legacy.stpl
new file mode 100644
index 00000000..e2bf9061
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/force-https-legacy.stpl
@@ -0,0 +1,38 @@
+server {
+    listen      %ip%:%proxy_ssl_port% http2;
+    server_name %domain_idn% %alias_idn%;
+    # ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+    include %home%/%user%/conf/web/s%proxy_system%.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/force-https-legacy.tpl b/install/debian/10/templates/web/nginx/force-https-legacy.tpl
new file mode 100644
index 00000000..851ac0dc
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/force-https-legacy.tpl
@@ -0,0 +1,8 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    location / {
+        rewrite ^(.*) https://%domain_idn%$1 permanent;
+    }
+include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+}
diff --git a/install/debian/10/templates/web/nginx/force-https-public.stpl b/install/debian/10/templates/web/nginx/force-https-public.stpl
new file mode 100644
index 00000000..86828f5e
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/force-https-public.stpl
@@ -0,0 +1,38 @@
+server {
+    listen      %ip%:%proxy_ssl_port% http2;
+    server_name %domain_idn% %alias_idn%;
+    # ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%/public;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%/public;
+
+    include %home%/%user%/conf/web/snginx.%domain_idn%.conf*;
+}
+
diff --git a/install/debian/10/templates/web/nginx/force-https-public.tpl b/install/debian/10/templates/web/nginx/force-https-public.tpl
new file mode 100644
index 00000000..851ac0dc
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/force-https-public.tpl
@@ -0,0 +1,8 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    location / {
+        rewrite ^(.*) https://%domain_idn%$1 permanent;
+    }
+include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+}
diff --git a/install/debian/10/templates/web/nginx/force-https.stpl b/install/debian/10/templates/web/nginx/force-https.stpl
new file mode 100644
index 00000000..d8da2530
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/force-https.stpl
@@ -0,0 +1,38 @@
+server {
+    listen      %ip%:%proxy_ssl_port% http2;
+    server_name %domain_idn% %alias_idn%;
+    # ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+    include %home%/%user%/conf/web/s%proxy_system%.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/force-https.tpl b/install/debian/10/templates/web/nginx/force-https.tpl
new file mode 100644
index 00000000..851ac0dc
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/force-https.tpl
@@ -0,0 +1,8 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    location / {
+        rewrite ^(.*) https://%domain_idn%$1 permanent;
+    }
+include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+}
diff --git a/install/debian/10/templates/web/nginx/hosting-public.stpl b/install/debian/10/templates/web/nginx/hosting-public.stpl
new file mode 100644
index 00000000..86828f5e
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/hosting-public.stpl
@@ -0,0 +1,38 @@
+server {
+    listen      %ip%:%proxy_ssl_port% http2;
+    server_name %domain_idn% %alias_idn%;
+    # ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%/public;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%/public;
+
+    include %home%/%user%/conf/web/snginx.%domain_idn%.conf*;
+}
+
diff --git a/install/debian/10/templates/web/nginx/hosting-public.tpl b/install/debian/10/templates/web/nginx/hosting-public.tpl
new file mode 100644
index 00000000..9ff417ba
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/hosting-public.tpl
@@ -0,0 +1,35 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %docroot%/public;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%/public;
+
+    include %home%/%user%/conf/web/nginx.%domain_idn%.conf*;
+}
+
diff --git a/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.stpl b/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.stpl
new file mode 100644
index 00000000..706c705b
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.stpl
@@ -0,0 +1,62 @@
+server {
+    listen      %ip%:%proxy_ssl_port% http2;
+    server_name %domain_idn% %alias_idn%;
+    # ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /webmail {
+        disable_symlinks off;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           /var/lib/roundcube;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /phpmyadmin {
+        disable_symlinks off;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           /usr/share;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.tpl b/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.tpl
new file mode 100644
index 00000000..7085e047
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.tpl
@@ -0,0 +1,59 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %docroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /webmail {
+        disable_symlinks off;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           /var/lib/roundcube;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /phpmyadmin {
+        disable_symlinks off;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           /usr/share;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
+
diff --git a/install/debian/10/templates/web/nginx/hosting-webmail.stpl b/install/debian/10/templates/web/nginx/hosting-webmail.stpl
new file mode 100644
index 00000000..95c1571c
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/hosting-webmail.stpl
@@ -0,0 +1,50 @@
+server {
+    listen      %ip%:%proxy_ssl_port% http2;
+    server_name %domain_idn% %alias_idn%;
+    # ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /webmail {
+        disable_symlinks off;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           /var/lib/roundcube;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/install/debian/10/templates/web/nginx/hosting-webmail.tpl b/install/debian/10/templates/web/nginx/hosting-webmail.tpl
new file mode 100644
index 00000000..976737c7
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/hosting-webmail.tpl
@@ -0,0 +1,47 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %docroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /webmail {
+        disable_symlinks off;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           /var/lib/roundcube;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
+
diff --git a/install/debian/10/templates/web/nginx/hosting.sh b/install/debian/10/templates/web/nginx/hosting.sh
new file mode 100755
index 00000000..eeed37ef
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/hosting.sh
@@ -0,0 +1,11 @@
+#!/bin/bash
+# Changing public_html permission
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+chmod 755 $docroot
+
+exit 0
diff --git a/install/debian/10/templates/web/nginx/hosting.stpl b/install/debian/10/templates/web/nginx/hosting.stpl
new file mode 100755
index 00000000..e4de8c81
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/hosting.stpl
@@ -0,0 +1,38 @@
+server {
+    listen      %ip%:%proxy_ssl_port% http2;
+    server_name %domain_idn% %alias_idn%;
+    # ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/install/debian/10/templates/web/nginx/hosting.tpl b/install/debian/10/templates/web/nginx/hosting.tpl
new file mode 100755
index 00000000..15961c95
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/hosting.tpl
@@ -0,0 +1,35 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %docroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
+
diff --git a/install/debian/10/templates/web/nginx/php-fpm/cms_made_simple.stpl b/install/debian/10/templates/web/nginx/php-fpm/cms_made_simple.stpl
new file mode 100644
index 00000000..d85bcce3
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/cms_made_simple.stpl
@@ -0,0 +1,56 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ /index.php?page=$request_uri;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/cms_made_simple.tpl b/install/debian/10/templates/web/nginx/php-fpm/cms_made_simple.tpl
new file mode 100644
index 00000000..f9e90393
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/cms_made_simple.tpl
@@ -0,0 +1,52 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        try_files $uri $uri/ /index.php?page=$request_uri;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/codeigniter2.stpl b/install/debian/10/templates/web/nginx/php-fpm/codeigniter2.stpl
new file mode 100644
index 00000000..9c24c3ea
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/codeigniter2.stpl
@@ -0,0 +1,61 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location = /index.php {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param  SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location ~ \.php$ {
+        return 444;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/codeigniter2.tpl b/install/debian/10/templates/web/nginx/php-fpm/codeigniter2.tpl
new file mode 100644
index 00000000..d2422be2
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/codeigniter2.tpl
@@ -0,0 +1,57 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location = /index.php {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param  SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location ~ \.php$ {
+        return 444;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/codeigniter3.stpl b/install/debian/10/templates/web/nginx/php-fpm/codeigniter3.stpl
new file mode 100644
index 00000000..d7186314
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/codeigniter3.stpl
@@ -0,0 +1,56 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/codeigniter3.tpl b/install/debian/10/templates/web/nginx/php-fpm/codeigniter3.tpl
new file mode 100644
index 00000000..54f81b99
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/codeigniter3.tpl
@@ -0,0 +1,52 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/datalife_engine.stpl b/install/debian/10/templates/web/nginx/php-fpm/datalife_engine.stpl
new file mode 100644
index 00000000..4f0b9ec7
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/datalife_engine.stpl
@@ -0,0 +1,127 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last;
+
+        rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last;
+        rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last;
+        rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last;
+        rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last;
+
+        rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last;
+        rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last;
+        rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last;
+        rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last;
+
+        rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last;
+        rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last;
+
+        rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last;
+        rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last;
+
+        rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last;
+        rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last;
+
+        rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last;
+        rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last;
+        rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last;
+        rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last;
+        rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last;
+        rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last;
+
+        rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last;
+        rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last;
+
+        rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last;
+        rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last;
+        rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last;
+
+        rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last;
+        rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last;
+
+        rewrite "^/favorites(/?)+$" /index.php?do=favorites last;
+        rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last;
+
+        rewrite "^/rules.html$" /index.php?do=rules last;
+        rewrite "^/statistics.html$" /index.php?do=stats last;
+        rewrite "^/addnews.html$" /index.php?do=addnews last;
+        rewrite "^/rss.xml$" /engine/rss.php last;
+        rewrite "^/sitemap.xml$" /uploads/sitemap.xml last;
+
+        if (!-d $request_filename) {
+                rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last;
+                rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last;
+        }
+
+        if (!-f $request_filename) {
+                rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last;
+                rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last;
+                rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last;
+        }
+
+        if (!-f $request_filename) {
+                rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/datalife_engine.tpl b/install/debian/10/templates/web/nginx/php-fpm/datalife_engine.tpl
new file mode 100644
index 00000000..3ea45347
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/datalife_engine.tpl
@@ -0,0 +1,123 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last;
+
+        rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last;
+        rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last;
+        rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last;
+        rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last;
+
+        rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last;
+        rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last;
+        rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last;
+        rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last;
+
+        rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last;
+        rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last;
+
+        rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last;
+        rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last;
+
+        rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last;
+        rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last;
+
+        rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last;
+        rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last;
+        rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last;
+        rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last;
+        rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last;
+        rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last;
+
+        rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last;
+        rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last;
+
+        rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last;
+        rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last;
+        rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last;
+
+        rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last;
+        rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last;
+
+        rewrite "^/favorites(/?)+$" /index.php?do=favorites last;
+        rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last;
+
+        rewrite "^/rules.html$" /index.php?do=rules last;
+        rewrite "^/statistics.html$" /index.php?do=stats last;
+        rewrite "^/addnews.html$" /index.php?do=addnews last;
+        rewrite "^/rss.xml$" /engine/rss.php last;
+        rewrite "^/sitemap.xml$" /uploads/sitemap.xml last;
+
+        if (!-d $request_filename) {
+                rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last;
+                rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last;
+        }
+
+        if (!-f $request_filename) {
+                rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last;
+                rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last;
+                rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last;
+        }
+
+        if (!-f $request_filename) {
+                rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/default.stpl b/install/debian/10/templates/web/nginx/php-fpm/default.stpl
new file mode 100644
index 00000000..5cb55311
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/default.stpl
@@ -0,0 +1,55 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/default.tpl b/install/debian/10/templates/web/nginx/php-fpm/default.tpl
new file mode 100644
index 00000000..a8909efb
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/default.tpl
@@ -0,0 +1,51 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/dokuwiki.stpl b/install/debian/10/templates/web/nginx/php-fpm/dokuwiki.stpl
new file mode 100644
index 00000000..f85032ba
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/dokuwiki.stpl
@@ -0,0 +1,72 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        index doku.php;
+        try_files $uri $uri/ @dokuwiki;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location ~ ^/lib.*\.(gif|png|ico|jpg)$ {
+        expires 30d;
+    }
+
+    location ^~ /conf/ { return 403; }
+    location ^~ /data/ { return 403; }
+
+    location @dokuwiki {
+        rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last;
+        rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last;
+        rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last;
+        rewrite ^/(.*) /doku.php?id=$1 last;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/dokuwiki.tpl b/install/debian/10/templates/web/nginx/php-fpm/dokuwiki.tpl
new file mode 100644
index 00000000..0a9a75ed
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/dokuwiki.tpl
@@ -0,0 +1,67 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        index doku.php;
+        try_files $uri $uri/ @dokuwiki;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location ~ ^/lib.*\.(gif|png|ico|jpg)$ {
+        expires 30d;
+    }
+
+    location ^~ /conf/ { return 403; }
+    location ^~ /data/ { return 403; }
+    location @dokuwiki {
+        rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last;
+        rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last;
+        rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last;
+        rewrite ^/(.*) /doku.php?id=$1 last;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/drupal6.stpl b/install/debian/10/templates/web/nginx/php-fpm/drupal6.stpl
new file mode 100644
index 00000000..0af7ce84
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/drupal6.stpl
@@ -0,0 +1,95 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+    }
+
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
+    location / {
+        try_files $uri @rewrite;
+    }
+
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
+
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }    
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/drupal6.tpl b/install/debian/10/templates/web/nginx/php-fpm/drupal6.tpl
new file mode 100644
index 00000000..d1096bff
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/drupal6.tpl
@@ -0,0 +1,91 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+        }
+
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+
+    location / {
+        try_files $uri @rewrite;
+    }
+
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
+
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }
+        
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/drupal7.stpl b/install/debian/10/templates/web/nginx/php-fpm/drupal7.stpl
new file mode 100644
index 00000000..030ea952
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/drupal7.stpl
@@ -0,0 +1,95 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+    }
+
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
+    location / {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
+
+    location ~ ^/sites/.*/files/styles/ {
+        try_files $uri @rewrite;
+    }
+
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/drupal7.tpl b/install/debian/10/templates/web/nginx/php-fpm/drupal7.tpl
new file mode 100644
index 00000000..c9729795
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/drupal7.tpl
@@ -0,0 +1,91 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+        }
+
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
+    location / {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
+
+    location ~ ^/sites/.*/files/styles/ {
+        try_files $uri @rewrite;
+    }
+
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/drupal8.stpl b/install/debian/10/templates/web/nginx/php-fpm/drupal8.stpl
new file mode 100644
index 00000000..030ea952
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/drupal8.stpl
@@ -0,0 +1,95 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+    }
+
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
+    location / {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
+
+    location ~ ^/sites/.*/files/styles/ {
+        try_files $uri @rewrite;
+    }
+
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/drupal8.tpl b/install/debian/10/templates/web/nginx/php-fpm/drupal8.tpl
new file mode 100644
index 00000000..c9729795
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/drupal8.tpl
@@ -0,0 +1,91 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+        }
+
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
+    location / {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
+
+    location ~ ^/sites/.*/files/styles/ {
+        try_files $uri @rewrite;
+    }
+
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/joomla.stpl b/install/debian/10/templates/web/nginx/php-fpm/joomla.stpl
new file mode 100644
index 00000000..704405f3
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/joomla.stpl
@@ -0,0 +1,63 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        # deny running scripts inside writable directories
+        location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ {
+            return 403;
+            error_page 403 /403_error.html;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/joomla.tpl b/install/debian/10/templates/web/nginx/php-fpm/joomla.tpl
new file mode 100644
index 00000000..91b7a8f1
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/joomla.tpl
@@ -0,0 +1,59 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        # deny running scripts inside writable directories
+        location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ {
+            return 403;
+            error_page 403 /403_error.html;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/laravel.stpl b/install/debian/10/templates/web/nginx/php-fpm/laravel.stpl
new file mode 100644
index 00000000..477f6f01
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/laravel.stpl
@@ -0,0 +1,56 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%/public;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    
+    location / {
+        try_files $uri $uri/ /index.php?$query_string;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/laravel.tpl b/install/debian/10/templates/web/nginx/php-fpm/laravel.tpl
new file mode 100644
index 00000000..d14b0173
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/laravel.tpl
@@ -0,0 +1,50 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%/public;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+    location / {
+        try_files $uri $uri/ /index.php?$query_string;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/magento.stpl b/install/debian/10/templates/web/nginx/php-fpm/magento.stpl
new file mode 100644
index 00000000..fdab43aa
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/magento.stpl
@@ -0,0 +1,198 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+
+    root        %sdocroot%/pub;
+    index       index.php;
+    autoindex   off;
+    charset     UTF-8;
+    error_page  404 403 = /errors/404.php;
+    add_header  "X-UA-Compatible" "IE=Edge";
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    # PHP entry point for setup application
+    location ~* ^/setup($|/) {
+        root %sdocroot%;
+
+        location ~ ^/setup/index.php {
+            fastcgi_pass   %backend_lsnr%;
+            fastcgi_index  index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            include        /etc/nginx/fastcgi_params;
+        }
+
+        location ~ ^/setup/(?!pub/). {
+            deny all;
+        }
+
+        location ~ ^/setup/pub/ {
+            add_header X-Frame-Options "SAMEORIGIN";
+        }
+    }
+
+    # PHP entry point for update application
+    location ~* ^/update($|/) {
+        root %sdocroot%;
+
+        location ~ ^/update/index.php {
+            fastcgi_split_path_info ^(/update/index.php)(/.+)$;
+            fastcgi_pass   %backend_lsnr%;
+            fastcgi_index  index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            fastcgi_param  PATH_INFO        $fastcgi_path_info;
+            include        /etc/nginx/fastcgi_params;
+        }
+
+        # Deny everything but index.php
+        location ~ ^/update/(?!pub/). {
+            deny all;
+        }
+
+        location ~ ^/update/pub/ {
+            add_header X-Frame-Options "SAMEORIGIN";
+        }
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+    }
+
+    location /pub/ {
+        location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) {
+            deny all;
+        }
+
+        alias %sdocroot%/pub/;
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /static/ {
+        # Uncomment the following line in production mode
+        # expires max;
+
+        # Remove signature of the static files that is used to overcome the browser cache
+        location ~ ^/static/version {
+            rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last;
+        }
+
+        location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+            add_header Cache-Control "public";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires +1y;
+
+            if (!-f $request_filename) {
+                rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+            }
+        }
+
+        location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+            add_header Cache-Control "no-store";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires    off;
+
+            if (!-f $request_filename) {
+                rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+            }
+        }
+
+        if (!-f $request_filename) {
+            rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+        }
+
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /media/ {
+        try_files $uri $uri/ /get.php?$args;
+
+        location ~ ^/media/theme_customization/.*\.xml {
+            deny all;
+        }
+
+        location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+            add_header Cache-Control "public";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires +1y;
+            try_files $uri $uri/ /get.php?$args;
+        }
+
+        location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+            add_header Cache-Control "no-store";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires    off;
+            try_files $uri $uri/ /get.php?$args;
+        }
+
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /media/customer/ {
+        deny all;
+    }
+
+    location /media/downloadable/ {
+        deny all;
+    }
+
+    location /media/import/ {
+        deny all;
+    }
+
+    # PHP entry point for main application
+    location ~ (index|get|static|report|404|503)\.php$ {
+        try_files $uri =404;
+
+        fastcgi_pass   %backend_lsnr%;
+        fastcgi_buffers 1024 4k;
+        fastcgi_read_timeout 600s;
+        fastcgi_connect_timeout 600s;
+
+        fastcgi_index  index.php;
+        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+        include        /etc/nginx/fastcgi_params;
+    }
+
+    gzip on;
+    gzip_disable "msie6";
+
+    gzip_comp_level 6;
+    gzip_min_length 1100;
+    gzip_buffers 16 8k;
+    gzip_proxied any;
+    gzip_types
+        text/plain
+        text/css
+        text/js
+        text/xml
+        text/javascript
+        application/javascript
+        application/x-javascript
+        application/json
+        application/xml
+        application/xml+rss
+        image/svg+xml;
+    gzip_vary on;
+
+    # Banned locations (only reached if the earlier PHP entry point regexes don't match)
+    location ~* (\.php$|\.htaccess$|\.git) {
+        deny all;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/magento.tpl b/install/debian/10/templates/web/nginx/php-fpm/magento.tpl
new file mode 100644
index 00000000..3f292fff
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/magento.tpl
@@ -0,0 +1,194 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+
+    root        %docroot%/pub;
+    index       index.php;
+    autoindex   off;
+    charset     UTF-8;
+    error_page  404 403 = /errors/404.php;
+    add_header  "X-UA-Compatible" "IE=Edge";
+
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    # PHP entry point for setup application
+    location ~* ^/setup($|/) {
+        root %docroot%;
+
+        location ~ ^/setup/index.php {
+            fastcgi_pass   %backend_lsnr%;
+            fastcgi_index  index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            include        /etc/nginx/fastcgi_params;
+        }
+
+        location ~ ^/setup/(?!pub/). {
+            deny all;
+        }
+
+        location ~ ^/setup/pub/ {
+            add_header X-Frame-Options "SAMEORIGIN";
+        }
+    }
+
+    # PHP entry point for update application
+    location ~* ^/update($|/) {
+        root %docroot%;
+
+        location ~ ^/update/index.php {
+            fastcgi_split_path_info ^(/update/index.php)(/.+)$;
+            fastcgi_pass   %backend_lsnr%;
+            fastcgi_index  index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            fastcgi_param  PATH_INFO        $fastcgi_path_info;
+            include        /etc/nginx/fastcgi_params;
+        }
+
+        # Deny everything but index.php
+        location ~ ^/update/(?!pub/). {
+            deny all;
+        }
+
+        location ~ ^/update/pub/ {
+            add_header X-Frame-Options "SAMEORIGIN";
+        }
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+    }
+
+    location /pub/ {
+        location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) {
+            deny all;
+        }
+
+        alias %docroot%/pub/;
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /static/ {
+        # Uncomment the following line in production mode
+        # expires max;
+
+        # Remove signature of the static files that is used to overcome the browser cache
+        location ~ ^/static/version {
+            rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last;
+        }
+
+        location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+            add_header Cache-Control "public";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires +1y;
+
+            if (!-f $request_filename) {
+                rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+            }
+        }
+
+        location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+            add_header Cache-Control "no-store";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires    off;
+
+            if (!-f $request_filename) {
+                rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+            }
+        }
+
+        if (!-f $request_filename) {
+            rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+        }
+
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /media/ {
+        try_files $uri $uri/ /get.php?$args;
+
+        location ~ ^/media/theme_customization/.*\.xml {
+            deny all;
+        }
+
+        location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+            add_header Cache-Control "public";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires +1y;
+            try_files $uri $uri/ /get.php?$args;
+        }
+
+        location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+            add_header Cache-Control "no-store";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires    off;
+            try_files $uri $uri/ /get.php?$args;
+        }
+
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /media/customer/ {
+        deny all;
+    }
+
+    location /media/downloadable/ {
+        deny all;
+    }
+
+    location /media/import/ {
+        deny all;
+    }
+
+    # PHP entry point for main application
+    location ~ (index|get|static|report|404|503)\.php$ {
+        try_files $uri =404;
+
+        fastcgi_pass   %backend_lsnr%;
+        fastcgi_buffers 1024 4k;
+        fastcgi_read_timeout 600s;
+        fastcgi_connect_timeout 600s;
+
+        fastcgi_index  index.php;
+        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+        include        /etc/nginx/fastcgi_params;
+    }
+
+    gzip on;
+    gzip_disable "msie6";
+
+    gzip_comp_level 6;
+    gzip_min_length 1100;
+    gzip_buffers 16 8k;
+    gzip_proxied any;
+    gzip_types
+        text/plain
+        text/css
+        text/js
+        text/xml
+        text/javascript
+        application/javascript
+        application/x-javascript
+        application/json
+        application/xml
+        application/xml+rss
+        image/svg+xml;
+    gzip_vary on;
+
+    # Banned locations (only reached if the earlier PHP entry point regexes don't match)
+    location ~* (\.php$|\.htaccess$|\.git) {
+        deny all;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/modx.stpl b/install/debian/10/templates/web/nginx/php-fpm/modx.stpl
new file mode 100644
index 00000000..f410ab77
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/modx.stpl
@@ -0,0 +1,69 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+#   if you need to rewrite www to non-www uncomment bellow
+#   if ($host != '%domain%' ) {
+#       rewrite      ^/(.*)$  https://%domain%/$1  permanent;
+#    }
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ @rewrite;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+    }
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
+    location ~ \.php$ {
+        try_files $uri =404;
+        fastcgi_pass %backend_lsnr%;
+        fastcgi_index index.php;
+        fastcgi_param SCRIPT_FILENAME $request_filename;
+        include /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/modx.tpl b/install/debian/10/templates/web/nginx/php-fpm/modx.tpl
new file mode 100644
index 00000000..342d3ecf
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/modx.tpl
@@ -0,0 +1,65 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+#   if you need to rewrite www to non-www uncomment bellow
+#   if ($host != '%domain%' ) {
+#       rewrite      ^/(.*)$  http://%domain%/$1  permanent;
+#    }
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ @rewrite;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+    }
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
+    location ~ \.php$ {
+        try_files $uri =404;
+        fastcgi_pass %backend_lsnr%;
+        fastcgi_index index.php;
+        fastcgi_param SCRIPT_FILENAME $request_filename;
+        include /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/moodle.stpl b/install/debian/10/templates/web/nginx/php-fpm/moodle.stpl
new file mode 100644
index 00000000..f15a68c5
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/moodle.stpl
@@ -0,0 +1,90 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+    }
+
+    # No no for private
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    # Block access to "hidden" files and directories whose names begin with a
+    # period. This includes directories used by version control systems such
+    # as Subversion or Git to store control files.
+    location ~ (^|/)\. {
+            return 403;
+        }
+
+    location / {
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $request_filename;
+            fastcgi_intercept_errors on;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/moodle.tpl b/install/debian/10/templates/web/nginx/php-fpm/moodle.tpl
new file mode 100644
index 00000000..c20ba648
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/moodle.tpl
@@ -0,0 +1,87 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    # Very rarely should these ever be accessed outside of your lan
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+        }
+
+    # No no for private
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    # Block access to "hidden" files and directories whose names begin with a
+    # period. This includes directories used by version control systems such
+    # as Subversion or Git to store control files.
+    location ~ (^|/)\. {
+        return 403;
+    }
+
+    location / {
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $request_filename;
+            fastcgi_intercept_errors on;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/no-php.stpl b/install/debian/10/templates/web/nginx/php-fpm/no-php.stpl
new file mode 100644
index 00000000..bc8b53a3
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/no-php.stpl
@@ -0,0 +1,47 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    types {
+            text/html   html htm shtml php php5;
+    }
+
+    location / {
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/no-php.tpl b/install/debian/10/templates/web/nginx/php-fpm/no-php.tpl
new file mode 100644
index 00000000..7ff8aa1d
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/no-php.tpl
@@ -0,0 +1,43 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    types {
+            text/html   html htm shtml php php5;
+    }
+
+    location / {
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/odoo.stpl b/install/debian/10/templates/web/nginx/php-fpm/odoo.stpl
new file mode 100644
index 00000000..d6697d7a
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/odoo.stpl
@@ -0,0 +1,70 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
+    proxy_redirect          off;
+
+    proxy_set_header X-Forwarded-Host $host;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_set_header X-Real-IP $remote_addr;
+
+    proxy_connect_timeout   720;
+    proxy_send_timeout      720;
+    proxy_read_timeout      720;
+    send_timeout            720;
+
+    # Allow "Well-Known URIs" as per RFC 5785
+    location ~* ^/.well-known/ {
+        allow all;
+    }
+
+    location / {
+        proxy_pass http://127.0.0.1:8069;
+    }
+
+    location /longpolling {
+        proxy_pass http://127.0.0.1:8072;
+    }
+    
+    location ~* /web/static/ {
+        proxy_cache_valid 200 60m;
+        proxy_buffering on;
+        expires 864000;
+        proxy_pass http://127.0.0.1:8069;
+    }
+    
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/odoo.tpl b/install/debian/10/templates/web/nginx/php-fpm/odoo.tpl
new file mode 100644
index 00000000..b1240aae
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/odoo.tpl
@@ -0,0 +1,66 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+    
+    proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
+    proxy_redirect          off;
+
+    proxy_set_header X-Forwarded-Host $host;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_set_header X-Real-IP $remote_addr;
+
+    proxy_connect_timeout   720;
+    proxy_send_timeout      720;
+    proxy_read_timeout      720;
+    send_timeout            720;
+
+    # Allow "Well-Known URIs" as per RFC 5785
+    location ~* ^/.well-known/ {
+        allow all;
+    }
+
+    location / {
+        proxy_pass http://127.0.0.1:8069;
+    }
+
+    location /longpolling {
+        proxy_pass http://127.0.0.1:8072;
+    }
+    
+    location ~* /web/static/ {
+        proxy_cache_valid 200 60m;
+        proxy_buffering on;
+        expires 864000;
+        proxy_pass http://127.0.0.1:8069;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/opencart.stpl b/install/debian/10/templates/web/nginx/php-fpm/opencart.stpl
new file mode 100644
index 00000000..908b9aeb
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/opencart.stpl
@@ -0,0 +1,59 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ @opencart;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location @opencart {
+        rewrite ^/(.+)$ /index.php?_route_=$1 last;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/opencart.tpl b/install/debian/10/templates/web/nginx/php-fpm/opencart.tpl
new file mode 100644
index 00000000..d0a9060b
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/opencart.tpl
@@ -0,0 +1,54 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+    location / {
+        try_files $uri $uri/ @opencart;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location @opencart {
+        rewrite ^/(.+)$ /index.php?_route_=$1 last;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/owncloud.stpl b/install/debian/10/templates/web/nginx/php-fpm/owncloud.stpl
new file mode 100644
index 00000000..891566b9
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/owncloud.stpl
@@ -0,0 +1,85 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
+    rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
+    rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
+
+    error_page 403 = /core/templates/403.php;
+    error_page 404 = /core/templates/404.php;
+
+    location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){
+        deny all;
+    }
+
+    location / {
+        # The following 2 rules are only needed with webfinger
+        rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
+        rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
+        rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
+        rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
+        rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
+        try_files $uri $uri/ /index.php;
+
+        location ~ \.php(?:$|/) {
+            fastcgi_split_path_info ^(.+\.php)(/.+)$;
+            include         /etc/nginx/fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_param PATH_INFO $fastcgi_path_info;
+            #fastcgi_param HTTPS on;
+            fastcgi_pass    %backend_lsnr%;
+        }
+    }
+
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        expires     max;
+        # Some basic cache-control for static files to be sent to the browser
+        add_header Pragma public;
+        add_header Cache-Control "public, must-revalidate, proxy-revalidate";
+    }
+
+    #error_page  403 /error/404.html;
+    #error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/owncloud.tpl b/install/debian/10/templates/web/nginx/php-fpm/owncloud.tpl
new file mode 100644
index 00000000..e3ec31de
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/owncloud.tpl
@@ -0,0 +1,81 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+            access_log off;
+    }
+
+    rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
+    rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
+    rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
+
+    error_page 403 = /core/templates/403.php;
+    error_page 404 = /core/templates/404.php;
+
+    location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){
+        deny all;
+    }
+
+    location / {
+        # The following 2 rules are only needed with webfinger
+        rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
+        rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
+        rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
+        rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
+        rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
+        try_files $uri $uri/ /index.php;
+
+        location ~ \.php(?:$|/) {
+            fastcgi_split_path_info ^(.+\.php)(/.+)$;
+            include         /etc/nginx/fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_param PATH_INFO $fastcgi_path_info;
+            #fastcgi_param HTTPS on;
+            fastcgi_pass    %backend_lsnr%;
+        }
+    }
+
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        expires     max;
+        # Some basic cache-control for static files to be sent to the browser
+        add_header Pragma public;
+        add_header Cache-Control "public, must-revalidate, proxy-revalidate";
+    }
+
+    #error_page  403 /error/404.html;
+    #error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/piwik.stpl b/install/debian/10/templates/web/nginx/php-fpm/piwik.stpl
new file mode 100644
index 00000000..78c1bb78
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/piwik.stpl
@@ -0,0 +1,73 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        try_files /favicon.ico =204;
+    }
+
+    location / {
+        try_files $uri /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            valid_referers none blocked %domain_idn% %alias_idn%;
+            if ($invalid_referer)  {
+                return 444;
+            }
+            expires     max;
+        }
+
+        location ~* ^/(?:index|piwik)\.php$ {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return 404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    # Any other attempt to access PHP files returns a 404.
+    location ~* ^.+\.php$ {
+        return 404; 
+    }
+
+    # Return a 404 for all text files.
+    location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ {
+            return 404;
+        }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/piwik.tpl b/install/debian/10/templates/web/nginx/php-fpm/piwik.tpl
new file mode 100644
index 00000000..f94fb7de
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/piwik.tpl
@@ -0,0 +1,69 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        try_files /favicon.ico =204;
+    }
+
+    location / {
+        try_files $uri /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            valid_referers none blocked %domain_idn% %alias_idn%;
+            if ($invalid_referer)  {
+                return 444;
+            }
+            expires     max;
+        }
+
+        location ~* ^/(?:index|piwik)\.php$ {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return 404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    # Any other attempt to access PHP files returns a 404.
+    location ~* ^.+\.php$ {
+            return 404; 
+    }
+
+    # Return a 404 for all text files.
+    location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ {
+            return 404;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/pyrocms.stpl b/install/debian/10/templates/web/nginx/php-fpm/pyrocms.stpl
new file mode 100644
index 00000000..5ffc9ed5
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/pyrocms.stpl
@@ -0,0 +1,66 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%/public;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location /installer {
+            try_files $uri $uri/ /installer/index.php?$query_string;
+        }
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location = /robots.txt  { access_log off; log_not_found off; }
+    location = /favicon.ico { access_log off; log_not_found off; }
+    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ ~$           { access_log off; log_not_found off; deny all; }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/pyrocms.tpl b/install/debian/10/templates/web/nginx/php-fpm/pyrocms.tpl
new file mode 100644
index 00000000..297fe0e8
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/pyrocms.tpl
@@ -0,0 +1,62 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%/public;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location /installer {
+            try_files $uri $uri/ /installer/index.php?$query_string;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location = /robots.txt  { access_log off; log_not_found off; }
+    location = /favicon.ico { access_log off; log_not_found off; }
+    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ ~$           { access_log off; log_not_found off; deny all; }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/sendy.stpl b/install/debian/10/templates/web/nginx/php-fpm/sendy.stpl
new file mode 100644
index 00000000..0b351000
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/sendy.stpl
@@ -0,0 +1,88 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+     location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" {
+        deny all;
+    }
+
+    location ~ /(readme.html|license.txt) {
+        deny all;
+    }
+
+    if (!-f $request_filename){
+        rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+        location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ {
+            expires 1d;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            try_files $uri =404;
+            fastcgi_pass %backend_lsnr%;
+            fastcgi_index index.php;
+            include /etc/nginx/fastcgi_params;
+        }
+
+        location /l/ {
+            rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last;
+        }
+
+        location /t/ {
+            rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last;
+        }
+
+        location /w/ {
+            rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last;
+        }
+
+        location /unsubscribe/ {
+            rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last;
+        }
+
+        location /subscribe/ {
+            rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/sendy.tpl b/install/debian/10/templates/web/nginx/php-fpm/sendy.tpl
new file mode 100644
index 00000000..b27b427d
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/sendy.tpl
@@ -0,0 +1,86 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" {
+        deny all;
+    }
+
+    location ~ /(readme.html|license.txt) {
+        deny all;
+    }
+
+    if (!-f $request_filename){
+        rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+        location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ {
+            expires 1d;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            try_files $uri =404;
+            fastcgi_pass %backend_lsnr%;
+            fastcgi_index index.php;
+            include /etc/nginx/fastcgi_params;
+        }
+
+        location /l/ {
+            rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last;
+        }
+
+        location /t/ {
+            rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last;
+        }
+
+        location /w/ {
+            rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last;
+        }
+
+        location /unsubscribe/ {
+            rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last;
+        }
+
+        location /subscribe/ {
+            rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/wordpress.stpl b/install/debian/10/templates/web/nginx/php-fpm/wordpress.stpl
new file mode 100644
index 00000000..5cb55311
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/wordpress.stpl
@@ -0,0 +1,55 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/wordpress.tpl b/install/debian/10/templates/web/nginx/php-fpm/wordpress.tpl
new file mode 100644
index 00000000..a8909efb
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/wordpress.tpl
@@ -0,0 +1,51 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/wordpress2.stpl b/install/debian/10/templates/web/nginx/php-fpm/wordpress2.stpl
new file mode 100644
index 00000000..e0aeb524
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/wordpress2.stpl
@@ -0,0 +1,67 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/wordpress2.tpl b/install/debian/10/templates/web/nginx/php-fpm/wordpress2.tpl
new file mode 100644
index 00000000..bccb8b3d
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/wordpress2.tpl
@@ -0,0 +1,63 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/debian/10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl
new file mode 100644
index 00000000..0d933b30
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl
@@ -0,0 +1,72 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        if (!-e $request_filename)
+        {
+            rewrite ^(.+)$ /index.php?q=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain_idn%.conf*;
+} 
diff --git a/install/debian/10/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl b/install/debian/10/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl
new file mode 100644
index 00000000..39e366b7
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl
@@ -0,0 +1,67 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+        
+        if (!-e $request_filename)
+        {
+            rewrite ^(.+)$ /index.php?q=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain_idn%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/private-force-https.stpl b/install/debian/10/templates/web/nginx/private-force-https.stpl
new file mode 100644
index 00000000..7296bd71
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/private-force-https.stpl
@@ -0,0 +1,38 @@
+server {
+    listen      %ip%:%proxy_ssl_port% http2;
+    server_name %domain_idn% %alias_idn%;
+    # ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        auth_basic           "Restricted area";
+        auth_basic_user_file /etc/nginx/.htpasswd;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+    include %home%/%user%/conf/web/s%proxy_system%.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/private-force-https.tpl b/install/debian/10/templates/web/nginx/private-force-https.tpl
new file mode 100644
index 00000000..851ac0dc
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/private-force-https.tpl
@@ -0,0 +1,8 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    location / {
+        rewrite ^(.*) https://%domain_idn%$1 permanent;
+    }
+include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+}
diff --git a/install/debian/10/templates/web/nginx/private-hosting.sh b/install/debian/10/templates/web/nginx/private-hosting.sh
new file mode 100755
index 00000000..abc9155d
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/private-hosting.sh
@@ -0,0 +1,11 @@
+#!/bin/bash
+# Changing public_html permission
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+chmod 755 $docroot
+
+exit 0
diff --git a/install/debian/10/templates/web/nginx/private-hosting.stpl b/install/debian/10/templates/web/nginx/private-hosting.stpl
new file mode 100644
index 00000000..6ac66cbf
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/private-hosting.stpl
@@ -0,0 +1,40 @@
+server {
+    listen      %ip%:%proxy_ssl_port% http2;
+    server_name %domain_idn% %alias_idn%;
+    # ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        auth_basic           "Restricted area";
+        auth_basic_user_file /etc/nginx/.htpasswd;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/snginx.%domain_idn%.conf*;
+}
+
diff --git a/install/debian/10/templates/web/nginx/private-hosting.tpl b/install/debian/10/templates/web/nginx/private-hosting.tpl
new file mode 100644
index 00000000..aa483ec9
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/private-hosting.tpl
@@ -0,0 +1,37 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        auth_basic           "Restricted area";
+        auth_basic_user_file /etc/nginx/.htpasswd;
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %docroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/nginx.%domain_idn%.conf*;
+}
+
diff --git a/install/debian/10/templates/web/nginx/vesta-webmail-phpmyadmin.stpl b/install/debian/10/templates/web/nginx/vesta-webmail-phpmyadmin.stpl
new file mode 100644
index 00000000..3f5e8fa6
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/vesta-webmail-phpmyadmin.stpl
@@ -0,0 +1,52 @@
+server {
+    listen      %ip%:%proxy_ssl_port% http2;
+    server_name %domain_idn% %alias_idn%;
+    # ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+    access_log     /var/log/%web_system%/domains/%domain%.log combined;
+
+    location / {
+        proxy_pass      https://%ip%:12383;
+    }
+
+    location /webmail {
+        disable_symlinks off;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           /var/lib/roundcube;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /phpmyadmin {
+        disable_symlinks off;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           /usr/share;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /phpmyadmin/ {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/snginx.%domain_idn%.conf*;
+}
+
diff --git a/install/debian/10/templates/web/nginx/vesta-webmail-phpmyadmin.tpl b/install/debian/10/templates/web/nginx/vesta-webmail-phpmyadmin.tpl
new file mode 100644
index 00000000..851ac0dc
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/vesta-webmail-phpmyadmin.tpl
@@ -0,0 +1,8 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    location / {
+        rewrite ^(.*) https://%domain_idn%$1 permanent;
+    }
+include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+}
diff --git a/install/debian/10/templates/web/nginx/vesta.stpl b/install/debian/10/templates/web/nginx/vesta.stpl
new file mode 100644
index 00000000..4bf7d854
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/vesta.stpl
@@ -0,0 +1,32 @@
+server {
+    listen      %ip%:%proxy_ssl_port% http2;
+    server_name %domain_idn% %alias_idn%;
+    # ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+    access_log     /var/log/%web_system%/domains/%domain%.log combined;
+
+    location / {
+        proxy_pass      https://%ip%:8083;
+    }
+
+    location /webmail/ {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location /phpmyadmin/ {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/snginx.%domain_idn%.conf*;
+}
+
diff --git a/install/debian/10/templates/web/nginx/vesta.tpl b/install/debian/10/templates/web/nginx/vesta.tpl
new file mode 100644
index 00000000..851ac0dc
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/vesta.tpl
@@ -0,0 +1,8 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    location / {
+        rewrite ^(.*) https://%domain_idn%$1 permanent;
+    }
+include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+}
diff --git a/install/debian/10/templates/web/php-fpm/default.tpl b/install/debian/10/templates/web/php-fpm/default.tpl
new file mode 100644
index 00000000..209e1e43
--- /dev/null
+++ b/install/debian/10/templates/web/php-fpm/default.tpl
@@ -0,0 +1,21 @@
+[%backend%]
+listen = 127.0.0.1:%backend_port%
+listen.allowed_clients = 127.0.0.1
+
+user = %user%
+group = %user%
+
+pm = ondemand
+pm.max_children = 4
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/%user%/tmp
+php_admin_value[session.save_path] = /home/%user%/tmp
+
+env[HOSTNAME] = $HOSTNAME
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/%user%/tmp
+env[TMPDIR] = /home/%user%/tmp
+env[TEMP] = /home/%user%/tmp
diff --git a/install/debian/10/templates/web/php-fpm/no-php.tpl b/install/debian/10/templates/web/php-fpm/no-php.tpl
new file mode 100644
index 00000000..047c33ed
--- /dev/null
+++ b/install/debian/10/templates/web/php-fpm/no-php.tpl
@@ -0,0 +1,20 @@
+;[%backend%]
+;listen = /dev/null
+
+;user = %user%
+;group = %user%
+
+;listen.owner = %user%
+;listen.group = www-data
+
+;pm = ondemand
+;pm.max_children = 4
+;pm.max_requests = 4000
+;pm.process_idle_timeout = 10s
+;pm.status_path = /status
+
+;env[HOSTNAME] = $HOSTNAME
+;env[PATH] = /usr/local/bin:/usr/bin:/bin
+;env[TMP] = /home/%user%/tmp
+;env[TMPDIR] = /home/%user%/tmp
+;env[TEMP] = /home/%user%/tmp
diff --git a/install/debian/10/templates/web/php-fpm/socket.tpl b/install/debian/10/templates/web/php-fpm/socket.tpl
new file mode 100644
index 00000000..a0151084
--- /dev/null
+++ b/install/debian/10/templates/web/php-fpm/socket.tpl
@@ -0,0 +1,24 @@
+[%backend%]
+listen = /var/run/php/%backend%.sock
+listen.allowed_clients = 127.0.0.1
+
+user = %user%
+group = %user%
+
+listen.owner = %user%
+listen.group = www-data
+
+pm = ondemand
+pm.max_children = 4
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/%user%/tmp
+php_admin_value[session.save_path] = /home/%user%/tmp
+
+env[HOSTNAME] = $HOSTNAME
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/%user%/tmp
+env[TMPDIR] = /home/%user%/tmp
+env[TEMP] = /home/%user%/tmp
diff --git a/install/debian/10/templates/web/skel/document_errors/403.html b/install/debian/10/templates/web/skel/document_errors/403.html
new file mode 100755
index 00000000..9c3f6baa
--- /dev/null
+++ b/install/debian/10/templates/web/skel/document_errors/403.html
@@ -0,0 +1,29 @@
+
+
+    403 — Forbidden
+    
+    
+    
+
+
+
+    %domain%
+
+    403
+    Forbidden
+    
+        Unfortunately, you do not have permission to view this
+    
+
+
+
diff --git a/install/debian/10/templates/web/skel/document_errors/404.html b/install/debian/10/templates/web/skel/document_errors/404.html
new file mode 100755
index 00000000..2cee7708
--- /dev/null
+++ b/install/debian/10/templates/web/skel/document_errors/404.html
@@ -0,0 +1,28 @@
+
+
+    404 — Not Found
+    
+    
+    
+
+
+
+    %domain%
+    404
+    Page Not Found
+    
+        It seems that the page you were trying to reach does not exist anymore, or maybe it has just moved.
+        You can start again from the home or go back to previous page.
+    
+
+
diff --git a/install/debian/10/templates/web/skel/document_errors/50x.html b/install/debian/10/templates/web/skel/document_errors/50x.html
new file mode 100755
index 00000000..85ba648b
--- /dev/null
+++ b/install/debian/10/templates/web/skel/document_errors/50x.html
@@ -0,0 +1,29 @@
+
+
+    500 — Internal Sever Error
+    
+    
+    
+
+
+
+    %domain%
+
+    500
+    Internal Server Error
+    
+        Sorry, something went wrong :(
+    
+
+
+
diff --git a/install/debian/10/templates/web/skel/public_html/index.html b/install/debian/10/templates/web/skel/public_html/index.html
new file mode 100755
index 00000000..4f5bb724
--- /dev/null
+++ b/install/debian/10/templates/web/skel/public_html/index.html
@@ -0,0 +1,26 @@
+
+
+    %domain% — Coming Soon
+    
+    
+    
+
+
+
+    %domain%
+    
+        Powered by VESTA
+    
+
+
+
+
diff --git a/install/debian/10/templates/web/skel/public_html/robots.txt b/install/debian/10/templates/web/skel/public_html/robots.txt
new file mode 100755
index 00000000..00ee83dc
--- /dev/null
+++ b/install/debian/10/templates/web/skel/public_html/robots.txt
@@ -0,0 +1,3 @@
+# vestacp autogenerated robots.txt
+User-agent: *
+Crawl-delay: 10
diff --git a/install/debian/10/templates/web/skel/public_shtml/index.html b/install/debian/10/templates/web/skel/public_shtml/index.html
new file mode 100755
index 00000000..4f5bb724
--- /dev/null
+++ b/install/debian/10/templates/web/skel/public_shtml/index.html
@@ -0,0 +1,26 @@
+
+
+    %domain% — Coming Soon
+    
+    
+    
+
+
+
+    %domain%
+    
+        Powered by VESTA
+    
+
+
+
+
diff --git a/install/debian/10/templates/web/skel/public_shtml/robots.txt b/install/debian/10/templates/web/skel/public_shtml/robots.txt
new file mode 100755
index 00000000..00ee83dc
--- /dev/null
+++ b/install/debian/10/templates/web/skel/public_shtml/robots.txt
@@ -0,0 +1,3 @@
+# vestacp autogenerated robots.txt
+User-agent: *
+Crawl-delay: 10
diff --git a/install/debian/10/templates/web/suspend/.htaccess b/install/debian/10/templates/web/suspend/.htaccess
new file mode 100755
index 00000000..5a6df83f
--- /dev/null
+++ b/install/debian/10/templates/web/suspend/.htaccess
@@ -0,0 +1,2 @@
+ErrorDocument 403 /index.html
+ErrorDocument 404 /index.html
diff --git a/install/debian/10/templates/web/suspend/index.html b/install/debian/10/templates/web/suspend/index.html
new file mode 100755
index 00000000..f2d04e1f
--- /dev/null
+++ b/install/debian/10/templates/web/suspend/index.html
@@ -0,0 +1,25 @@
+
+
+    Website Suspended
+    
+    
+    
+
+
+    SUSPENDED
+    This website has been suspended.
+    
+        Please contact the technical support department.
+    
+
+
diff --git a/install/debian/10/templates/web/webalizer/webalizer.tpl b/install/debian/10/templates/web/webalizer/webalizer.tpl
new file mode 100755
index 00000000..068adcfb
--- /dev/null
+++ b/install/debian/10/templates/web/webalizer/webalizer.tpl
@@ -0,0 +1,110 @@
+HostName         %domain_idn%
+LogFile          /var/log/%web_system%/domains/%domain%.log
+OutputDir        %home%/%user%/web/%domain%/stats
+HistoryName      %home%/%user%/web/%domain%/stats/%domain%.hist
+Incremental      yes
+IncrementalName  %home%/%user%/web/%domain%/stats/%domain%.current
+PageType         htm*
+PageType         cgi
+PageType         php
+PageType         shtml
+DNSCache         /var/lib/webalizer/dns_cache.db
+DNSChildren      10
+Quiet            yes
+FoldSeqErr       yes
+IndexAlias       index.php
+HideURL          *.gif
+HideURL          *.GIF
+HideURL          *.jpg
+HideURL          *.JPG
+HideURL          *.png
+HideURL          *.PNG
+HideURL          *.ra
+SearchEngine     abcsearch.          terms=
+SearchEngine     alexa.              q=
+SearchEngine     alltheweb.          q=
+SearchEngine     alltheweb.          query=
+SearchEngine     alot.               q=
+SearchEngine     altavista.          q=
+SearchEngine     aolsearch.          query=
+SearchEngine     aport.ru            r=
+SearchEngine     ask.                q=
+SearchEngine     atlas.cz            q=
+SearchEngine     bbc.                q=
+SearchEngine     bing.               q=
+SearchEngine     blingo.             q=
+SearchEngine     blogs.yandex.ru     text=
+SearchEngine     btopenworld         query=
+SearchEngine     buscador.ya.com     q=
+SearchEngine     busca.              q=
+SearchEngine     business.           query=
+SearchEngine     centrum.cz          q=
+SearchEngine     chiff.              q=
+SearchEngine     clusty.             query=
+SearchEngine     comcast.            q=
+SearchEngine     crawler.            q=
+SearchEngine     cuil.               q=
+SearchEngine     dmoz.               search=
+SearchEngine     dogpile.com         q=
+SearchEngine     dpxml               qkw=
+SearchEngine     eureka.             searchword=
+SearchEngine     euroseek.           string=
+SearchEngine     exalead.            q=
+SearchEngine     excite              search=
+SearchEngine     ezilon.             q=
+SearchEngine     fastbrowsersearch.  q=
+SearchEngine     feedster.com        q=
+SearchEngine     fireball.de         q=
+SearchEngine     fireball.           keyword=
+SearchEngine     freeserve.          q=
+SearchEngine     gigablast.          q=
+SearchEngine     gogo.ru             q=
+SearchEngine     go.mail.ru          q=
+SearchEngine     google.             q=
+SearchEngine     hakia.              q=
+SearchEngine     hotbot.             query=
+SearchEngine     infoseek.           qt=
+SearchEngine     iwon                searchfor=
+SearchEngine     ixquick.com         query=
+SearchEngine     joeant.             keywords=
+SearchEngine     jyxo.cz             s=
+SearchEngine     looksmart.          key=
+SearchEngine     lycos.              query=
+SearchEngine     mamma.              q=
+SearchEngine     metacrawler         q=
+SearchEngine     msn.                MT=
+SearchEngine     msxml               qkw=
+SearchEngine     mysearch.           searchfor=
+SearchEngine     mywebsearch.        searchfor=
+SearchEngine     netscape.           q=
+SearchEngine     nigma.ru            q=
+SearchEngine     northernlight.      qr=
+SearchEngine     ntlworld.           q=
+SearchEngine     orange.             q=
+SearchEngine     overture.           Keywords=
+SearchEngine     punto.ru            text=
+SearchEngine     rambler.            keyword=
+SearchEngine     search.aol.         q=
+SearchEngine     search.babylon.     q=
+SearchEngine     search.centrum.     phrase=
+SearchEngine     search.conduit.     q=
+SearchEngine     search.earthlink    q=
+SearchEngine     search.icq.         q=
+SearchEngine     search.live.com     q=
+SearchEngine     search.rambler.ru   words=
+SearchEngine     search.winamp.      q=
+SearchEngine     searchy.            q=
+SearchEngine     seznam.cz           w=
+SearchEngine     snap.               query=
+SearchEngine     teoma.              q=
+SearchEngine     teradex.com         q=
+SearchEngine     ukplus              key=
+SearchEngine     verizon.            q=
+SearchEngine     virginmedia.        q=
+SearchEngine     voila.              rdata=
+SearchEngine     webcrawler          searchText=
+SearchEngine     web.search.naver.   query=
+SearchEngine     wisenut             q=
+SearchEngine     yahoo.              p=
+SearchEngine     yandex.             text=
+SearchEngine     yodao.              q=
diff --git a/install/debian/10/vsftpd/vsftpd.conf b/install/debian/10/vsftpd/vsftpd.conf
new file mode 100644
index 00000000..1ca1a992
--- /dev/null
+++ b/install/debian/10/vsftpd/vsftpd.conf
@@ -0,0 +1,26 @@
+anonymous_enable=NO
+local_enable=YES
+write_enable=YES
+local_umask=022
+anon_umask=022
+anon_upload_enable=NO
+dirmessage_enable=YES
+xferlog_enable=YES
+connect_from_port_20=YES
+xferlog_std_format=YES
+dual_log_enable=YES
+chroot_local_user=YES
+listen=YES
+pam_service_name=vsftpd
+userlist_enable=NO
+tcp_wrappers=YES
+force_dot_files=YES
+ascii_upload_enable=YES
+ascii_download_enable=YES
+#allow_writable_chroot=YES
+allow_writeable_chroot=YES
+seccomp_sandbox=NO
+pasv_enable=YES
+pasv_max_port=12100
+pasv_min_port=12000
+use_localtime=YES

From 8e60da8a05585bf3d049a8a922a4fc388749ca45 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 12 Jul 2019 16:36:12 +0200
Subject: [PATCH 0482/2300] --allow-unauthenticated apt

---
 install/vst-install-debian.sh | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index d2200d36..90f016ff 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -7,6 +7,9 @@
 #----------------------------------------------------------#
 export PATH=$PATH:/sbin
 export DEBIAN_FRONTEND=noninteractive
+
+ALLOW_INSECURE_APT=1
+
 RHOST='vesta.mycity-hosting.com'
 CHOST='c.mycity-hosting.com'
 VERSION='debian'
@@ -616,14 +619,22 @@ fi
 #----------------------------------------------------------#
 
 # Update system packages
-apt-get update
+if [ $ALLOW_INSECURE_APT -eq 1 ]; then
+  apt-get -o Acquire::AllowInsecureRepositories=true -o Acquire::AllowDowngradeToInsecureRepositories=true update
+else
+  apt-get update
+fi
 
 # Disable daemon autostart /usr/share/doc/sysv-rc/README.policy-rc.d.gz
 echo -e '#!/bin/sh \nexit 101' > /usr/sbin/policy-rc.d
 chmod a+x /usr/sbin/policy-rc.d
 
 # Install apt packages
-apt-get -y install $software
+if [ $ALLOW_INSECURE_APT -eq 1 ]; then
+  apt-get --allow-unauthenticated -y install $software
+else
+  apt-get -y install $software
+fi
 check_result $? "apt-get install failed"
 
 # Restore  policy

From 73e547b6c25a3de2edda88e6f42d7861576948b5 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 12 Jul 2019 16:41:33 +0200
Subject: [PATCH 0483/2300] ALLOW_INSECURE_APT=0

---
 install/vst-install-debian.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 90f016ff..d04ea636 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -8,7 +8,7 @@
 export PATH=$PATH:/sbin
 export DEBIAN_FRONTEND=noninteractive
 
-ALLOW_INSECURE_APT=1
+ALLOW_INSECURE_APT=0
 
 RHOST='vesta.mycity-hosting.com'
 CHOST='c.mycity-hosting.com'

From dc930753da0abb3afdf111358ef5268c4cf7482e Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 13 Jul 2019 03:20:47 +0200
Subject: [PATCH 0484/2300] new repos

---
 install/vst-install-debian.sh | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index d04ea636..e6ae615d 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -10,8 +10,8 @@ export DEBIAN_FRONTEND=noninteractive
 
 ALLOW_INSECURE_APT=0
 
-RHOST='vesta.mycity-hosting.com'
-CHOST='c.mycity-hosting.com'
+RHOST='apt.vesta.hostingpanel.dev'
+CHOST='c.vesta.hostingpanel.dev'
 VERSION='debian'
 VESTA='/usr/local/vesta'
 memory=$(grep 'MemTotal' /proc/meminfo |tr ' ' '\n' |grep [0-9])
@@ -263,7 +263,7 @@ if [ ! -e '/usr/bin/wget' ]; then
 fi
 
 # Checking repository availability
-wget -q "c.mycity-hosting.com/deb_signing.key" -O /dev/null
+wget -q "apt.vesta.hostingpanel.dev/deb_signing.key" -O /dev/null
 check_result $? "No access to Vesta repository"
 
 # Check installed packages
@@ -1023,8 +1023,8 @@ if [ "$mysql" = 'yes' ]; then
       rm -f phpMyAdmin-$pma_v-all-languages.tar.gz
       
       mkdir /root/phpmyadmin
-      wget -nv -O /root/phpmyadmin/pma.sh http://c.mycity-hosting.com/debian/10/pma/pma.sh 
-      wget -nv -O /root/phpmyadmin/create_tables.sql http://c.mycity-hosting.com/debian/10/pma/create_tables.sql
+      wget -nv -O /root/phpmyadmin/pma.sh http://c.vesta.hostingpanel.dev/debian/10/pma/pma.sh 
+      wget -nv -O /root/phpmyadmin/create_tables.sql http://c.vesta.hostingpanel.dev/debian/10/pma/create_tables.sql
       bash /root/phpmyadmin/pma.sh
   fi
 fi

From aba1210e7f5039249d26203c76b5b3868056aa91 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 13 Jul 2019 23:26:02 +0200
Subject: [PATCH 0485/2300] phpmyadmin fix

---
 install/vst-install-debian.sh | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index e6ae615d..6ddab7ad 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -988,6 +988,9 @@ if [ "$mysql" = 'yes' ]; then
 
     # Configuring phpMyAdmin
     if [ "$apache" = 'yes' ]; then
+        if [ "$release" -eq 10 ]; then
+            mkdir /etc/phpmyadmin
+        fi
         cp -f $vestacp/pma/apache.conf /etc/phpmyadmin/
         ln -s /etc/phpmyadmin/apache.conf /etc/apache2/conf.d/phpmyadmin.conf
     fi
@@ -995,11 +998,15 @@ if [ "$mysql" = 'yes' ]; then
     chmod 777 /var/lib/phpmyadmin/tmp
     if [ "$release" -eq 10 ]; then
       # Code borrowed from HestiaCP
+      mkdir /root/phpmyadmin
+      
       pma_v='4.9.0.1'
       echo "(*) Installing phpMyAdmin version v$pma_v..."
 
+      cd /root/phpmyadmin
+
       # Download latest phpmyadmin release
-      wget --quiet https://files.phpmyadmin.net/phpMyAdmin/$pma_v/phpMyAdmin-$pma_v-all-languages.tar.gz
+      wget -nv -O phpMyAdmin-$pma_v-all-languages.tar.gz https://files.phpmyadmin.net/phpMyAdmin/$pma_v/phpMyAdmin-$pma_v-all-languages.tar.gz
 
       # Unpack files
       tar xzf phpMyAdmin-$pma_v-all-languages.tar.gz
@@ -1022,7 +1029,6 @@ if [ "$mysql" = 'yes' ]; then
       rm -fr phpMyAdmin-$pma_v-all-languages
       rm -f phpMyAdmin-$pma_v-all-languages.tar.gz
       
-      mkdir /root/phpmyadmin
       wget -nv -O /root/phpmyadmin/pma.sh http://c.vesta.hostingpanel.dev/debian/10/pma/pma.sh 
       wget -nv -O /root/phpmyadmin/create_tables.sql http://c.vesta.hostingpanel.dev/debian/10/pma/create_tables.sql
       bash /root/phpmyadmin/pma.sh

From be5f180d2f76d22301a9d4724226d313b72fe474 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 13 Jul 2019 23:29:38 +0200
Subject: [PATCH 0486/2300] Removing insecure apt option

---
 install/vst-install-debian.sh | 8 +-------
 1 file changed, 1 insertion(+), 7 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 6ddab7ad..be2617a4 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -8,8 +8,6 @@
 export PATH=$PATH:/sbin
 export DEBIAN_FRONTEND=noninteractive
 
-ALLOW_INSECURE_APT=0
-
 RHOST='apt.vesta.hostingpanel.dev'
 CHOST='c.vesta.hostingpanel.dev'
 VERSION='debian'
@@ -630,11 +628,7 @@ echo -e '#!/bin/sh \nexit 101' > /usr/sbin/policy-rc.d
 chmod a+x /usr/sbin/policy-rc.d
 
 # Install apt packages
-if [ $ALLOW_INSECURE_APT -eq 1 ]; then
-  apt-get --allow-unauthenticated -y install $software
-else
-  apt-get -y install $software
-fi
+apt-get -y install $software
 check_result $? "apt-get install failed"
 
 # Restore  policy

From 710cc25148e7f6aaf194f88a04dd2a025ca6f58c Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 13 Jul 2019 23:36:22 +0200
Subject: [PATCH 0487/2300] softaculous=no by default

---
 install/vst-install-debian.sh | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index be2617a4..ca6a1c7b 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -63,7 +63,7 @@ help() {
   -t, --spamassassin      Install SpamAssassin  [yes|no]  default: yes
   -i, --iptables          Install Iptables      [yes|no]  default: yes
   -b, --fail2ban          Install Fail2ban      [yes|no]  default: yes
-  -o, --softaculous       Install Softaculous   [yes|no]  default: yes
+  -o, --softaculous       Install Softaculous   [yes|no]  default: no
   -q, --quota             Filesystem Quota      [yes|no]  default: no
   -l, --lang              Default language                default: en
   -y, --interactive       Interactive install   [yes|no]  default: yes
@@ -202,8 +202,8 @@ done
 set_default_value 'nginx' 'yes'
 set_default_value 'apache' 'yes'
 set_default_value 'phpfpm' 'no'
-set_default_value 'vsftpd' 'yes'
-set_default_value 'proftpd' 'no'
+set_default_value 'vsftpd' 'no'
+set_default_value 'proftpd' 'yes'
 set_default_value 'named' 'yes'
 set_default_value 'mysql' 'yes'
 set_default_value 'postgresql' 'no'
@@ -219,7 +219,7 @@ else
 fi
 set_default_value 'iptables' 'yes'
 set_default_value 'fail2ban' 'yes'
-set_default_value 'softaculous' 'yes'
+set_default_value 'softaculous' 'no'
 set_default_value 'quota' 'no'
 set_default_value 'interactive' 'yes'
 set_default_lang 'en'

From cce2122fb51f481c0692b7d1ef4d1f1634151e63 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 14 Jul 2019 01:10:06 +0200
Subject: [PATCH 0488/2300] gen_pass() in pma.sh

---
 install/debian/10/pma/pma.sh | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/install/debian/10/pma/pma.sh b/install/debian/10/pma/pma.sh
index 81878b02..53ec9982 100644
--- a/install/debian/10/pma/pma.sh
+++ b/install/debian/10/pma/pma.sh
@@ -10,6 +10,17 @@
 # Changed some lines to fit to Hestia Configuration.
 #
 
+# Defining password-gen function
+gen_pass() {
+    MATRIX='0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'
+    LENGTH=10
+    while [ ${n:=1} -le $LENGTH ]; do
+        PASS="$PASS${MATRIX:$(($RANDOM%${#MATRIX})):1}"
+        let n+=1
+    done
+    echo "$PASS"
+}
+
 PASS=$(gen_pass)
 
 #ubuntu phpmyadmin path
@@ -143,4 +154,4 @@ FLUSH PRIVILEGES;
 MYSQL_PMA3
 
 #MYSQL DB and TABLES ADDITION
-mysql -uroot < /root/phpmyadmin/create_tables.sql
\ No newline at end of file
+mysql -uroot < /root/phpmyadmin/create_tables.sql

From 834a2be4551de5a6072660f35610e0f56589f30e Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 14 Jul 2019 01:42:21 +0200
Subject: [PATCH 0489/2300] Installation fixes

---
 install/vst-install-debian.sh | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index ca6a1c7b..7e0f7a42 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -556,10 +556,10 @@ if [ "$apache" = 'no' ]; then
     software=$(echo "$software" | sed -e "s/libapache2-mod-php5//")
     software=$(echo "$software" | sed -e "s/libapache2-mod-php//")
 fi
-if [ "$phpfpm" = 'no' ]; then
-    software=$(echo "$software" | sed -e "s/php5-fpm//")
-    software=$(echo "$software" | sed -e "s/php-fpm//")
-fi
+# if [ "$phpfpm" = 'no' ]; then
+    # software=$(echo "$software" | sed -e "s/php5-fpm//")
+    # software=$(echo "$software" | sed -e "s/php-fpm//")
+# fi
 if [ "$vsftpd" = 'no' ]; then
     software=$(echo "$software" | sed -e "s/vsftpd//")
 fi
@@ -984,6 +984,7 @@ if [ "$mysql" = 'yes' ]; then
     if [ "$apache" = 'yes' ]; then
         if [ "$release" -eq 10 ]; then
             mkdir /etc/phpmyadmin
+            mkdir -p /var/lib/phpmyadmin/tmp
         fi
         cp -f $vestacp/pma/apache.conf /etc/phpmyadmin/
         ln -s /etc/phpmyadmin/apache.conf /etc/apache2/conf.d/phpmyadmin.conf
@@ -993,6 +994,7 @@ if [ "$mysql" = 'yes' ]; then
     if [ "$release" -eq 10 ]; then
       # Code borrowed from HestiaCP
       mkdir /root/phpmyadmin
+      mkdir /usr/share/phpmyadmin
       
       pma_v='4.9.0.1'
       echo "(*) Installing phpMyAdmin version v$pma_v..."

From bef9a5b8fde94911fc4ec798dc52108b3b1d8c4f Mon Sep 17 00:00:00 2001
From: myvesta 
Date: Sun, 14 Jul 2019 02:00:41 +0200
Subject: [PATCH 0490/2300] proxy-ip.tpl

---
 install/debian/10/templates/web/nginx/proxy_ip.tpl | 9 +++++++++
 1 file changed, 9 insertions(+)
 create mode 100755 install/debian/10/templates/web/nginx/proxy_ip.tpl

diff --git a/install/debian/10/templates/web/nginx/proxy_ip.tpl b/install/debian/10/templates/web/nginx/proxy_ip.tpl
new file mode 100755
index 00000000..ae195617
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/proxy_ip.tpl
@@ -0,0 +1,9 @@
+server {
+    listen       %ip%:%proxy_port% default;
+    server_name  _;
+    #access_log  /var/log/nginx/%ip%.log main;
+    location / {
+        proxy_pass  http://%ip%:%web_port%;
+   }
+}
+

From ba02f6f7c65b536a1fffecce2bba178a60a2bea4 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 14 Jul 2019 02:35:15 +0200
Subject: [PATCH 0491/2300] installation fixes

---
 install/vst-install-debian.sh | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 7e0f7a42..073f19ea 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -868,6 +868,7 @@ if [ "$apache" = 'yes'  ]; then
     a2enmod actions
     # a2enmod ruid2
     a2enmod headers
+    a2enmod proxy_fcgi setenvif
     mkdir -p /etc/apache2/conf.d
     echo > /etc/apache2/conf.d/vesta.conf
     echo "# Powered by vesta" > /etc/apache2/sites-available/default
@@ -917,7 +918,7 @@ if [ -z "$ZONE" ]; then
 fi
 for pconf in $(find /etc/php* -name php.ini); do
     sed -i "s/;date.timezone =/date.timezone = $ZONE/g" $pconf
-    sed -i 's%_open_tag = Off%_open_tag = On%g' $pconf
+    # sed -i 's%_open_tag = Off%_open_tag = On%g' $pconf
 done
 
 
@@ -1331,7 +1332,7 @@ fi
 # Configuring mysql host
 if [ "$mysql" = 'yes' ]; then
     $VESTA/bin/v-add-database-host mysql localhost root $mpass
-    $VESTA/bin/v-add-database admin default default $(gen_pass) mysql
+    # $VESTA/bin/v-add-database admin default default $(gen_pass) mysql
 fi
 
 # Configuring pgsql host
@@ -1344,6 +1345,14 @@ fi
 $VESTA/bin/v-add-domain admin $servername
 check_result $? "can't create $servername domain"
 
+if [ "$release" -eq 10 ]; then
+  if [ -f "/etc/php/7.3/fpm/pool.d/$servername.conf" ]; then
+    sed -i "/^group =/c\group = www-data" /etc/php/7.3/fpm/pool.d/$servername.conf
+    sed -i "/max_execution_time/c\php_admin_value[max_execution_time] = 900" /etc/php/7.3/fpm/pool.d/$servername.conf
+    service php7.3-fpm restart
+  fi
+fi
+
 # Adding cron jobs
 command="sudo $VESTA/bin/v-update-sys-queue disk"
 $VESTA/bin/v-add-cron-job 'admin' '15' '02' '*' '*' '*' "$command"

From 6cff4053c026b31fa1a1a9b871b9b79f475e3185 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 14 Jul 2019 02:55:14 +0200
Subject: [PATCH 0492/2300] Vesta data sessions permissions

---
 install/vst-install-debian.sh | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 073f19ea..e35cb531 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -703,7 +703,6 @@ chmod -R 750 $VESTA/data/queue
 chmod 660 $VESTA/log/*
 rm -f /var/log/vesta
 ln -s $VESTA/log /var/log/vesta
-chown admin:admin $VESTA/data/sessions
 chmod 770 $VESTA/data/sessions
 
 # Generating vesta configuration
@@ -1289,6 +1288,9 @@ if [ "$exim" = 'yes' ] && [ "$mysql" = 'yes' ]; then
     chown admin:admin /var/log/roundcube
 fi
 
+# Vesta data sessions permissions
+chown admin:admin $VESTA/data/sessions
+
 # Configuring system ips
 $VESTA/bin/v-update-sys-ip
 

From 0517fe57e48530910e9d09c9534ad9b55b7d49d3 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 14 Jul 2019 04:07:01 +0200
Subject: [PATCH 0493/2300] version up

---
 src/deb/php/control | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/deb/php/control b/src/deb/php/control
index e8702027..7ce0a96c 100644
--- a/src/deb/php/control
+++ b/src/deb/php/control
@@ -1,10 +1,10 @@
 Source: vesta-php
 Package: vesta-php
 Priority: optional
-Version: 0.9.8-23
+Version: 0.9.8-24
 Section: admin
-Maintainer: Serghey Rodin 
-Homepage: http://vestacp.com
+Maintainer: Predrag Damnjanovic 
+Homepage: http://vesta.hostingpanel.dev
 Architecture: amd64
 Depends: vesta
 Description: Vesta php-fpm

From 8ac896f2ae0c34ebd5c98f103225b7279ef0400e Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 14 Jul 2019 04:21:00 +0200
Subject: [PATCH 0494/2300] empty php postinst

---
 src/deb/php/postinst | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/deb/php/postinst b/src/deb/php/postinst
index c9b3b1d2..212f2328 100755
--- a/src/deb/php/postinst
+++ b/src/deb/php/postinst
@@ -1,8 +1,8 @@
 #!/bin/bash
 
 # Run triggers only on updates
-if [ -e /usr/local/vesta/ioncube/ioncube.sh ]; then
-    /usr/local/vesta/ioncube/ioncube.sh add
-fi
+# if [ -e /usr/local/vesta/ioncube/ioncube.sh ]; then
+#     /usr/local/vesta/ioncube/ioncube.sh add
+# fi
 
 exit 0

From 3bf5860ce93641c1d97f468d691b0c9aceacb31e Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 14 Jul 2019 04:26:21 +0200
Subject: [PATCH 0495/2300] Create copyright

---
 src/deb/php/copyright | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)
 create mode 100644 src/deb/php/copyright

diff --git a/src/deb/php/copyright b/src/deb/php/copyright
new file mode 100644
index 00000000..7ae0df31
--- /dev/null
+++ b/src/deb/php/copyright
@@ -0,0 +1,30 @@
+Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: vesta-php
+Source: http://vesta.hostingpanel.dev
+
+Files: *
+Copyright: 2019 MyVesta 
+License: GPL-3.0+
+Remarks: Hestia is a fork from VestaCP, special thanks to vestacp.com and Serghey Rodin
+
+License: GPL-3.0+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+ .
+ This package is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ GNU General Public License for more details.
+ .
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see .
+ .
+ On Debian systems, the complete text of the GNU General
+ Public License version 3 can be found in /usr/share/common-licenses/GPL-3.
+
+# Please also look if there are files or directories which have a
+# different copyright/license attached and list them here.
+# Please avoid to pick license terms that are more restrictive than the
+# packaged work, as it may make Debian's contributions unacceptable upstream.

From 04c4d369a433f2abd38b10b07943a64718f6fb98 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 14 Jul 2019 04:32:55 +0200
Subject: [PATCH 0496/2300] Create php-fpm.conf

---
 src/deb/php/php-fpm.conf | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)
 create mode 100644 src/deb/php/php-fpm.conf

diff --git a/src/deb/php/php-fpm.conf b/src/deb/php/php-fpm.conf
new file mode 100644
index 00000000..d9a04795
--- /dev/null
+++ b/src/deb/php/php-fpm.conf
@@ -0,0 +1,34 @@
+[global]
+pid = /var/run/vesta-php.pid
+daemonize = yes
+
+[www]
+user = admin
+group = admin
+listen = /var/run/vesta-php.sock
+listen.owner = admin
+listen.group = admin
+listen.mode = 0660
+
+pm = dynamic
+pm.max_children = 5
+pm.start_servers = 2
+pm.min_spare_servers = 1
+pm.max_spare_servers = 3
+
+env[HOSTNAME] = $HOSTNAME
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /tmp
+env[TMPDIR] = /tmp
+env[TEMP] = /tmp
+env[VESTA] = $VESTA
+env[LANG] = en_US.UTF-8
+php_flag[display_errors] = off
+php_admin_value[error_log] = /usr/local/vesta/log/fpm-php.log
+php_admin_flag[log_errors] = on
+php_admin_value[memory_limit] = 256M
+php_admin_value[post_max_size] = 512M
+php_admin_value[upload_max_filesize] = 512M
+php_admin_value[max_execution_time] = 600
+php_admin_value[max_input_time] = 600
+php_admin_value[session.save_path] = /usr/local/vesta/data/sessions

From 325add4749340134f6f792cb1c1c5257339ac850 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 14 Jul 2019 07:04:50 +0200
Subject: [PATCH 0497/2300] Vesta FPM date.timezone = GMT

---
 src/deb/php/php-fpm.conf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/deb/php/php-fpm.conf b/src/deb/php/php-fpm.conf
index d9a04795..494edc13 100644
--- a/src/deb/php/php-fpm.conf
+++ b/src/deb/php/php-fpm.conf
@@ -32,3 +32,4 @@ php_admin_value[upload_max_filesize] = 512M
 php_admin_value[max_execution_time] = 600
 php_admin_value[max_input_time] = 600
 php_admin_value[session.save_path] = /usr/local/vesta/data/sessions
+php_admin_value[date.timezone] = GMT

From 9c42ce85de30cc0615092689e37043576518b071 Mon Sep 17 00:00:00 2001
From: myrevery <16082142+myrevery@users.noreply.github.com>
Date: Mon, 15 Jul 2019 06:17:02 -0700
Subject: [PATCH 0498/2300] Update cn.php

Refine some details.
---
 web/inc/i18n/cn.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/web/inc/i18n/cn.php b/web/inc/i18n/cn.php
index 903afa60..dd39bc10 100644
--- a/web/inc/i18n/cn.php
+++ b/web/inc/i18n/cn.php
@@ -98,7 +98,7 @@ $LANG['cn'] = array(
     'list accounts' => '列出 %s 个账户',
     'add account' => '添加账户',
     'open webmail' => '打开网页邮箱',
-    'list fail2ban' => 'Fail2ban 封锁名单',
+    'list fail2ban' => 'Fail2ban 封锁列表',
     'open %s' => '打开 %s',
     'download' => '下载',
     'restore' => '恢复',
@@ -142,7 +142,7 @@ $LANG['cn'] = array(
     'Search Results' => '搜索结果',
     'Adding Firewall Rule' => '添加防火墙规则',
     'Editing Firewall Rule' => '编辑防火墙规则',
-    'Adding IP Address to Banlist' => '添加IP至封锁名单',
+    'Adding IP Address to Banlist' => '添加IP至封锁列表',
 
     'active' => '正常',
     'spnd' => '暂停',
@@ -765,5 +765,5 @@ $LANG['cn'] = array(
 
     'maximum characters length, including prefix' => '包含前缀最多 %s 个字符',
 
-    'Email Credentials' => '电子邮件证书',
+    'Email Credentials' => '电子邮件凭据',
 );

From f28c7aaefada04512b43b9e62c1c86d2fa87accb Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Wed, 17 Jul 2019 20:54:19 +0200
Subject: [PATCH 0499/2300] Set nameservers in installer

---
 install/vst-install-debian.sh | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index e35cb531..40870631 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -805,6 +805,10 @@ cp -rf $vestacp/packages $VESTA/data/
 # Installing templates
 cp -rf $vestacp/templates $VESTA/data/
 
+# Set nameservers
+sed -i "s/YOURHOSTNAME1/ns1.$servername/" /usr/local/vesta/data/packages/default.pkg
+sed -i "s/YOURHOSTNAME2/ns2.$servername/" /usr/local/vesta/data/packages/default.pkg
+
 # Copying index.html to default documentroot
 cp $VESTA/data/templates/web/skel/public_html/index.html /var/www/
 sed -i 's/%domain%/It worked!/g' /var/www/index.html

From 1c64b8b321573384446cfd3af7ef26161c2819ee Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Wed, 17 Jul 2019 21:34:23 +0200
Subject: [PATCH 0500/2300] nginx version up

---
 src/deb/nginx/control | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/deb/nginx/control b/src/deb/nginx/control
index 19ec8bbb..0a82be1f 100644
--- a/src/deb/nginx/control
+++ b/src/deb/nginx/control
@@ -1,10 +1,10 @@
 Source: vesta-nginx
 Package: vesta-nginx
 Priority: optional
-Version: 0.9.8-23
+Version: 0.9.8-24
 Section: admin
-Maintainer: Serghey Rodin 
-Homepage: http://vestacp.com
+Maintainer: Predrag Damnjanovic 
+Homepage: http://vesta.hostingpanel.dev
 Architecture: amd64
 Depends: vesta
 Description: Vesta Nginx

From 7326aad784759ff4bb5505cc83fd2dfa1a2cb518 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Wed, 17 Jul 2019 21:44:24 +0200
Subject: [PATCH 0501/2300] create copyright

---
 src/deb/nginx/copyright | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)
 create mode 100644 src/deb/nginx/copyright

diff --git a/src/deb/nginx/copyright b/src/deb/nginx/copyright
new file mode 100644
index 00000000..4a9369f7
--- /dev/null
+++ b/src/deb/nginx/copyright
@@ -0,0 +1,30 @@
+Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: vesta-nginx
+Source: http://vesta.hostingpanel.dev
+
+Files: *
+Copyright: 2019 MyVesta 
+License: GPL-3.0+
+Remarks: Hestia is a fork from VestaCP, special thanks to vestacp.com and Serghey Rodin
+
+License: GPL-3.0+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+ .
+ This package is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ GNU General Public License for more details.
+ .
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see .
+ .
+ On Debian systems, the complete text of the GNU General
+ Public License version 3 can be found in /usr/share/common-licenses/GPL-3.
+
+# Please also look if there are files or directories which have a
+# different copyright/license attached and list them here.
+# Please avoid to pick license terms that are more restrictive than the
+# packaged work, as it may make Debian's contributions unacceptable upstream.

From 968f7fb5464ac075be05afb2d55f42d427d78846 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Wed, 17 Jul 2019 21:49:54 +0200
Subject: [PATCH 0502/2300] Create nginx.conf

---
 src/deb/nginx/nginx.conf | 128 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 128 insertions(+)
 create mode 100644 src/deb/nginx/nginx.conf

diff --git a/src/deb/nginx/nginx.conf b/src/deb/nginx/nginx.conf
new file mode 100644
index 00000000..75e94f2c
--- /dev/null
+++ b/src/deb/nginx/nginx.conf
@@ -0,0 +1,128 @@
+user                    admin;
+worker_processes        1;
+error_log               /usr/local/vesta/log/nginx-error.log;
+pid                     /var/run/vesta-nginx.pid;
+
+events {
+        worker_connections  128;
+        use                 epoll;
+}
+
+http {
+    # Main settings
+    sendfile                        on;
+    tcp_nopush                      on;
+    tcp_nodelay                     on;
+    client_header_timeout           1m;
+    client_body_timeout             3m;
+    client_header_buffer_size       2k;
+    client_body_buffer_size         256k;
+    client_max_body_size            256m;
+    large_client_header_buffers     4   8k;
+    send_timeout                    30;
+    keepalive_timeout               60 60;
+    reset_timedout_connection       on;
+    server_tokens                   off;
+    server_name_in_redirect         off;
+    server_names_hash_max_size      512;
+    server_names_hash_bucket_size   512;
+
+
+    # Log format
+    log_format  main    '$remote_addr - $remote_user [$time_local] $request '
+                        '"$status" $body_bytes_sent "$http_referer" '
+                        '"$http_user_agent" "$http_x_forwarded_for"';
+    log_format  bytes   '$body_bytes_sent';
+    access_log          /usr/local/vesta/log/nginx-access.log main;
+
+
+    # SSL PCI Compliance
+    ssl_protocols               TLSv1.2 TLSv1.1 TLSv1;
+    ssl_ciphers                 EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
+    ssl_session_cache           shared:SSL:10m;
+    ssl_prefer_server_ciphers   on;
+
+
+    # Mime settings
+    include             /usr/local/vesta/nginx/conf/mime.types;
+    default_type        application/octet-stream;
+
+
+    # Compression
+    gzip                on;
+    gzip_comp_level     9;
+    gzip_min_length     512;
+    gzip_buffers        8 64k;
+    gzip_types          text/plain text/css text/javascript
+                        application/x-javascript application/javascript;
+    gzip_proxied        any;
+
+
+    # Proxy settings
+    proxy_redirect      off;
+    proxy_set_header    Host            $host;
+    proxy_set_header    X-Real-IP       $remote_addr;
+    proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_pass_header   Set-Cookie;
+    proxy_connect_timeout   90;
+    proxy_send_timeout  90;
+    proxy_read_timeout  90;
+    proxy_buffers       32 4k;
+    fastcgi_read_timeout 300;
+
+    # Error pages
+    error_page          403          /error/403.html;
+    error_page          404          /error/404.html;
+    error_page          502 503 504  /error/50x.html;
+
+
+    # Vhost
+    server {
+        listen          12383;
+        server_name     _;
+        root            /usr/local/vesta/web;
+        charset         utf-8;
+
+        # Fix error "The plain HTTP request was sent to HTTPS port"
+        error_page      497 https://$host:$server_port$request_uri;
+
+        ssl                  on;
+        ssl_certificate      /usr/local/vesta/ssl/certificate.crt;
+        ssl_certificate_key  /usr/local/vesta/ssl/certificate.key;
+        ssl_session_cache    shared:SSL:10m;
+        ssl_session_timeout  10m;
+
+        error_page      404     /error/404/index.html;
+        error_page      403     /error/index.html;
+        error_page      500     /error/index.html;
+
+        location / {
+            expires max;
+            index   index.php;
+        }
+
+        location /error/ {
+            expires max;
+            index   index.html;
+        }
+
+        location /rrd/ {
+            expires off;
+            internal;
+        }
+
+        location /backup/ {
+            root    /;
+            internal;
+        }
+
+        location ~ \.php$ {
+            include         /usr/local/vesta/nginx/conf/fastcgi_params;
+            fastcgi_param   SCRIPT_FILENAME /usr/local/vesta/web/$fastcgi_script_name;
+            fastcgi_param   QUERY_STRING    $query_string;
+            fastcgi_pass    unix:/var/run/vesta-php.sock;
+            fastcgi_intercept_errors        on;
+            break;
+        }
+    }
+}

From 70ee7404f3dce7ac2c791ec394e4db3a1f22d105 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Wed, 17 Jul 2019 22:10:08 +0200
Subject: [PATCH 0503/2300] Adding ns1 and  ns2 to installer

---
 install/vst-install-debian.sh | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 40870631..710de4e9 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1351,6 +1351,10 @@ fi
 $VESTA/bin/v-add-domain admin $servername
 check_result $? "can't create $servername domain"
 
+# Adding ns1 and ns2 A records
+/usr/local/vesta/bin/v-add-dns-record 'admin' "$servername" 'ns1' 'A' "$pub_ip"
+/usr/local/vesta/bin/v-add-dns-record 'admin' "$servername" 'ns2' 'A' "$pub_ip"
+
 if [ "$release" -eq 10 ]; then
   if [ -f "/etc/php/7.3/fpm/pool.d/$servername.conf" ]; then
     sed -i "/^group =/c\group = www-data" /etc/php/7.3/fpm/pool.d/$servername.conf

From e54e1feb37ca0d501d0b82855246dbfb1a98d3b9 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Wed, 17 Jul 2019 22:49:54 +0200
Subject: [PATCH 0504/2300] port 8083

---
 src/deb/nginx/nginx.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/nginx/nginx.conf b/src/deb/nginx/nginx.conf
index 75e94f2c..0a427f07 100644
--- a/src/deb/nginx/nginx.conf
+++ b/src/deb/nginx/nginx.conf
@@ -78,7 +78,7 @@ http {
 
     # Vhost
     server {
-        listen          12383;
+        listen          8083;
         server_name     _;
         root            /usr/local/vesta/web;
         charset         utf-8;

From 3a786e9ee1e8f7459b35a50f48f16871d2317fe4 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Thu, 18 Jul 2019 00:26:33 +0200
Subject: [PATCH 0505/2300] blowfish secret

---
 install/vst-install-debian.sh | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 710de4e9..711f12f1 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -81,7 +81,7 @@ help() {
 # Defining password-gen function
 gen_pass() {
     MATRIX='0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'
-    LENGTH=10
+    LENGTH=32
     while [ ${n:=1} -le $LENGTH ]; do
         PASS="$PASS${MATRIX:$(($RANDOM%${#MATRIX})):1}"
         let n+=1
@@ -1032,6 +1032,8 @@ if [ "$mysql" = 'yes' ]; then
       wget -nv -O /root/phpmyadmin/pma.sh http://c.vesta.hostingpanel.dev/debian/10/pma/pma.sh 
       wget -nv -O /root/phpmyadmin/create_tables.sql http://c.vesta.hostingpanel.dev/debian/10/pma/create_tables.sql
       bash /root/phpmyadmin/pma.sh
+      blowfish=$(gen_pass)
+      echo "\$cfg['blowfish_secret'] = '$blowfish';" >> /etc/phpmyadmin/config.inc.php
   fi
 fi
 

From 881d620cd6c49b1c102eed9cce39cf5af16e5fdf Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Thu, 18 Jul 2019 03:29:14 +0200
Subject: [PATCH 0506/2300] Update v-update-sys-vesta-all

---
 bin/v-update-sys-vesta-all | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-update-sys-vesta-all b/bin/v-update-sys-vesta-all
index b43fc793..75bc036f 100755
--- a/bin/v-update-sys-vesta-all
+++ b/bin/v-update-sys-vesta-all
@@ -22,7 +22,7 @@ source $VESTA/conf/vesta.conf
 #----------------------------------------------------------#
 
 # Starting update loop
-for package in vesta vesta-nginx vesta-php vesta-ioncube vesta-softaculous; do
+for package in vesta vesta-nginx vesta-php; do
     $BIN/v-update-sys-vesta "$package"
 done
 

From f30c41240af5692f21066c792610ce883a1eca42 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 18 Jul 2019 15:28:39 +0200
Subject: [PATCH 0507/2300] Update postinst

---
 src/deb/vesta/postinst | 34 ++++------------------------------
 1 file changed, 4 insertions(+), 30 deletions(-)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index 516df08b..131e36ec 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -5,35 +5,9 @@ if [ ! -e "/usr/local/vesta/data/users/admin" ]; then
     exit
 fi
 
-# Run SUDO trigger
-if [ -x "/usr/local/vesta/upd/add_sudo.sh" ]; then
-    /usr/local/vesta/upd/add_sudo.sh
-fi
-
-# Run Notification trigger
-if [ -x "/usr/local/vesta/upd/add_notifications.sh" ]; then
-    /usr/local/vesta/upd/add_notifications.sh
-fi
-
-# Run session save path trigger
-if [ -x "/usr/local/vesta/upd/fix_sessions.sh" ]; then
-    /usr/local/vesta/upd/fix_sessions.sh
-fi
-
-if [ -x /usr/local/vesta/upd/fix_nginx_auth.sh ]; then
-    /usr/local/vesta/upd/fix_nginx_auth.sh
-fi
-
-if [ -x /usr/local/vesta/upd/fix_roundcube.sh ]; then
-    /usr/local/vesta/upd/fix_roundcube.sh
-fi
-
-if [ -x /usr/local/vesta/upd/limit_sudo.sh ]; then
-    /usr/local/vesta/upd/limit_sudo.sh
-fi
-
-if [ -x /usr/local/vesta/upd/fix_dhcprenew.sh ]; then
-    /usr/local/vesta/upd/fix_dhcprenew.sh
-fi
+# Run triggers
+# if [ -x "/usr/local/vesta/upd/sonething.sh" ]; then
+#    /usr/local/vesta/upd/something.sh
+# fi
 
 exit 0

From b72b6153aead14422c352620e3ea291dd57adcc6 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 18 Jul 2019 15:30:20 +0200
Subject: [PATCH 0508/2300] Update copyright

---
 src/deb/vesta/copyright | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/deb/vesta/copyright b/src/deb/vesta/copyright
index 4adbe88e..53e623e3 100644
--- a/src/deb/vesta/copyright
+++ b/src/deb/vesta/copyright
@@ -1,10 +1,11 @@
 Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
-Upstream-Name: vesta
-Source: http://vestacp.com
+Upstream-Name: vesta-php
+Source: http://vesta.hostingpanel.dev
 
 Files: *
-Copyright: 2013 Serghey Rodin 
+Copyright: 2019 MyVesta 
 License: GPL-3.0+
+Remarks: MyVesta is a fork from VestaCP, special thanks to vestacp.com and Serghey Rodin
 
 License: GPL-3.0+
  This program is free software: you can redistribute it and/or modify
@@ -27,4 +28,3 @@ License: GPL-3.0+
 # different copyright/license attached and list them here.
 # Please avoid to pick license terms that are more restrictive than the
 # packaged work, as it may make Debian's contributions unacceptable upstream.
-

From 83ec58d5133adafe2ae329c158e613bfe324360d Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 18 Jul 2019 15:31:07 +0200
Subject: [PATCH 0509/2300] Update copyright

---
 src/deb/php/copyright | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/php/copyright b/src/deb/php/copyright
index 7ae0df31..53e623e3 100644
--- a/src/deb/php/copyright
+++ b/src/deb/php/copyright
@@ -5,7 +5,7 @@ Source: http://vesta.hostingpanel.dev
 Files: *
 Copyright: 2019 MyVesta 
 License: GPL-3.0+
-Remarks: Hestia is a fork from VestaCP, special thanks to vestacp.com and Serghey Rodin
+Remarks: MyVesta is a fork from VestaCP, special thanks to vestacp.com and Serghey Rodin
 
 License: GPL-3.0+
  This program is free software: you can redistribute it and/or modify

From 97954f4db5b6d8ea76576005cf53cfe791e8c328 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 18 Jul 2019 15:33:23 +0200
Subject: [PATCH 0510/2300] Update copyright

---
 src/deb/nginx/copyright | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/nginx/copyright b/src/deb/nginx/copyright
index 4a9369f7..6436d28e 100644
--- a/src/deb/nginx/copyright
+++ b/src/deb/nginx/copyright
@@ -5,7 +5,7 @@ Source: http://vesta.hostingpanel.dev
 Files: *
 Copyright: 2019 MyVesta 
 License: GPL-3.0+
-Remarks: Hestia is a fork from VestaCP, special thanks to vestacp.com and Serghey Rodin
+Remarks: MyVesta is a fork from VestaCP, special thanks to vestacp.com and Serghey Rodin
 
 License: GPL-3.0+
  This program is free software: you can redistribute it and/or modify

From 05b71e4fb652b4e40b1f01241544a6f3ddee829c Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 18 Jul 2019 15:35:12 +0200
Subject: [PATCH 0511/2300] Update conffiles

---
 src/deb/vesta/conffiles | 10 +---------
 1 file changed, 1 insertion(+), 9 deletions(-)

diff --git a/src/deb/vesta/conffiles b/src/deb/vesta/conffiles
index a4af675a..78913555 100644
--- a/src/deb/vesta/conffiles
+++ b/src/deb/vesta/conffiles
@@ -1,9 +1 @@
-/usr/local/vesta/web/images/sprite.png
-/usr/local/vesta/web/images/favicon.ico
-/usr/local/vesta/web/css/file_manager.css
-/usr/local/vesta/web/css/file_manager_editor.css
-/usr/local/vesta/web/css/jquery.arcticmodal.css
-/usr/local/vesta/web/css/jquery-custom-dialogs.css
-/usr/local/vesta/web/css/jquery.fileupload.css
-/usr/local/vesta/web/css/styles.min.css
-/usr/local/vesta/web/css/uploadify.css
+/usr/local/vesta/conf/vesta.conf

From eddb8f7c21144854bf690e273d173249e97fa977 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 18 Jul 2019 15:38:52 +0200
Subject: [PATCH 0512/2300] Update control

---
 src/deb/php/control | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/php/control b/src/deb/php/control
index 7ce0a96c..19241c72 100644
--- a/src/deb/php/control
+++ b/src/deb/php/control
@@ -11,4 +11,4 @@ Description: Vesta php-fpm
  Vesta is an open source hosting control panel.
  Vesta has a clean and focused interface without the clutter.
  Vesta has the latest of very innovative technologies.
-
+ MyVesta is a fork from VestaCP, special thanks to vestacp.com and Serghey Rodin

From 3951d5fd8d93b0d2a4646ecf02899ebc326f498e Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 18 Jul 2019 15:39:15 +0200
Subject: [PATCH 0513/2300] Update control

---
 src/deb/vesta/control | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/src/deb/vesta/control b/src/deb/vesta/control
index 9f83c2a6..775615dd 100644
--- a/src/deb/vesta/control
+++ b/src/deb/vesta/control
@@ -1,13 +1,14 @@
 Source: vesta
 Package: vesta
 Priority: optional
-Version: 0.9.8-23
+Version: 0.9.8-24
 Section: admin
-Maintainer: Serghey Rodin 
-Homepage: http://vestacp.com
+Maintainer: Predrag Damnjanovic 
+Homepage: http://vesta.hostingpanel.dev
 Architecture: amd64
 Depends: bash, awk, sed
 Description: Vesta
  Vesta is an open source hosting control panel.
  Vesta has a clean and focused interface without the clutter.
  Vesta has the latest of very innovative technologies.
+ MyVesta is a fork from VestaCP, special thanks to vestacp.com and Serghey Rodin

From 2cd3171275f1e395ee69aa4eb366ee70a7edd781 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 18 Jul 2019 15:40:11 +0200
Subject: [PATCH 0514/2300] Update control

---
 src/deb/nginx/control | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/nginx/control b/src/deb/nginx/control
index 0a82be1f..0e7c86ea 100644
--- a/src/deb/nginx/control
+++ b/src/deb/nginx/control
@@ -11,4 +11,4 @@ Description: Vesta Nginx
  Vesta is an open source hosting control panel.
  Vesta has a clean and focused interface without the clutter.
  Vesta has the latest of very innovative technologies.
-
+ MyVesta is a fork from VestaCP, special thanks to vestacp.com and Serghey Rodin

From 9b702509e32246a1a0dc5296b4c1673e7c0ab103 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 18 Jul 2019 16:51:03 +0200
Subject: [PATCH 0515/2300] Sending mail fix

---
 src/deb/php/php-fpm.conf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/deb/php/php-fpm.conf b/src/deb/php/php-fpm.conf
index 494edc13..d09550f7 100644
--- a/src/deb/php/php-fpm.conf
+++ b/src/deb/php/php-fpm.conf
@@ -33,3 +33,4 @@ php_admin_value[max_execution_time] = 600
 php_admin_value[max_input_time] = 600
 php_admin_value[session.save_path] = /usr/local/vesta/data/sessions
 php_admin_value[date.timezone] = GMT
+php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i

From 36e2586c765e57ebd68fb2b155a190567b811e40 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 19 Jul 2019 15:20:24 +0200
Subject: [PATCH 0516/2300] Adding script that compile Vesta .deb packages

---
 src/deb/vesta_compile.sh | 381 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 381 insertions(+)
 create mode 100644 src/deb/vesta_compile.sh

diff --git a/src/deb/vesta_compile.sh b/src/deb/vesta_compile.sh
new file mode 100644
index 00000000..7d835e8b
--- /dev/null
+++ b/src/deb/vesta_compile.sh
@@ -0,0 +1,381 @@
+#!/bin/bash
+
+# Autocompile Script for VestaCP deb Files.
+# Made for MyVesta fork.
+# Autocompile script borrowed from HestiaCP, special thanks to Raphael Schneeberger
+
+wait_to_press_enter=1
+run_apt_update_and_install=1
+add_deb_to_apt_repo=0
+
+function press_enter {
+    if [ $wait_to_prss_enter -eq 1 ]; then
+        read -p "$1"
+    else
+        echo $1
+    fi
+}
+
+# Set compiling directory
+BUILD_DIR='/usr/src'
+INSTALL_DIR='/usr/local/vesta'
+
+# Set git repository raw path
+GIT_REP='https://raw.githubusercontent.com/myvesta/vesta/master/src/deb'
+
+PATH_OF_APT_REPO='/var/www/html/buster'
+
+# Set Version for compiling
+VESTA_V='0.9.8-24_amd64'
+NGINX_V='1.17.1'
+OPENSSL_V='1.1.1c'
+PCRE_V='8.43'
+ZLIB_V='1.2.11'
+PHP_V='5.6.40'
+
+# Generate Links for sourcecode
+VESTA='https://github.com/myvesta/vesta/archive/master.zip'
+NGINX='https://nginx.org/download/nginx-'$NGINX_V'.tar.gz'
+OPENSSL='https://www.openssl.org/source/openssl-'$OPENSSL_V'.tar.gz'
+PCRE='https://ftp.pcre.org/pub/pcre/pcre-'$PCRE_V'.tar.gz'
+ZLIB='https://www.zlib.net/zlib-'$ZLIB_V'.tar.gz'
+PHP='http://de2.php.net/distributions/php-'$PHP_V'.tar.gz'
+
+# Set package dependencies for compiling
+SOFTWARE='build-essential libxml2-dev libz-dev libcurl4-gnutls-dev unzip openssl libssl-dev pkg-config'
+
+# Install needed software
+if [ $run_apt_update_and_install -eq 1 ]; then
+  echo "Update system repository..."
+  
+  apt-get -qq update
+  echo "Installing dependencies for compilation..."
+  apt-get -qq install -y $SOFTWARE
+  
+  # Fix for Debian PHP Envroiment
+  if [ ! -e /usr/local/include/curl ]; then
+      ln -s /usr/include/x86_64-linux-gnu/curl /usr/local/include/curl
+  fi
+  press_enter "=== Press enter to continue ==============================================================================="
+fi
+
+
+# Set packages to compile
+for arg; do
+  case "$1" in
+    --all)
+      NGINX_B='true'
+      PHP_B='true'
+      VESTA_B='true'
+      ;;
+    --nginx)
+      NGINX_B='true'
+      ;;
+    --php)
+      PHP_B='true'
+      ;;
+    --vesta)
+      VESTA_B='true'
+      ;;
+    *)
+      NOARGUMENT='true'
+      ;;
+  esac
+done
+
+if [[ $# -eq 0 ]] ; then
+  echo "!!! Please run with argument --all, --vesta, --nginx or --php !!!"
+  exit 1
+fi
+
+
+#################################################################################
+#
+# Building vesta-nginx
+#
+#################################################################################
+
+if [ "$NGINX_B" = true ] ; then
+  echo "======= Building vesta-nginx ======="
+
+  echo "=== Change to build directory"
+  cd $BUILD_DIR
+  
+  BUILDING_NOW=0
+  # Check if target directory exist
+  if [ ! -d $BUILD_DIR/vesta-nginx_$VESTA_V ]; then
+  	#mv $BUILD_DIR/vesta-nginx_$VESTA_V $BUILD_DIR/vesta-nginx_$VESTA_V-$(timestamp)
+  	# rm -r $BUILD_DIR/vesta-nginx_$VESTA_V
+    # fi
+  
+    BUILDING_NOW=1
+    echo "=== Create directory"
+    mkdir $BUILD_DIR/vesta-nginx_$VESTA_V
+    
+    press_enter "=== Download and unpack source files"
+    wget -nv -qO- $NGINX | tar xz
+    wget -nv -qO- $OPENSSL | tar xz
+    wget -nv -qO- $PCRE | tar xz
+    wget -nv -qO- $ZLIB | tar xz
+    
+    echo "=== Change to nginx directory"
+    cd nginx-$NGINX_V
+    
+    press_enter "=== Press enter to configure nginx"
+    ./configure 	--prefix=/usr/local/vesta/nginx \
+    		--with-http_ssl_module \
+    		--with-openssl=../openssl-$OPENSSL_V \
+    		--with-openssl-opt=enable-ec_nistp_64_gcc_128 \
+    		--with-openssl-opt=no-nextprotoneg \
+    		--with-openssl-opt=no-weak-ssl-ciphers \
+    		--with-openssl-opt=no-ssl3 \
+    		--with-pcre=../pcre-$PCRE_V \
+    	        --with-pcre-jit \
+    		--with-zlib=../zlib-$ZLIB_V
+    
+    # Check install directory and move if exists
+    if [ -d $INSTALL_DIR ]; then
+    	#mv $INSTALL_DIR $INSTALL_DIR$(timestamp)
+    	rm -r $INSTALL_DIR
+    fi
+    
+    press_enter "=== Press enter to make && make install"
+    make && make install
+    
+    press_enter "=== Press enter to clear up unused files"
+    cd $BUILD_DIR
+    rm -r nginx-$NGINX_V openssl-$OPENSSL_V pcre-$PCRE_V zlib-$ZLIB_V
+  fi
+  
+  press_enter "=== Press enter to Prepare Deb Package Folder Structure"
+  cd vesta-nginx_$VESTA_V/
+  mkdir -p usr/local/vesta etc/init.d DEBIAN
+  
+  press_enter "=== Press enter to Download control, postinst and postrm files"
+  cd DEBIAN
+  wget -nv $GIT_REP/nginx/control -O control
+  wget -nv $GIT_REP/nginx/copyright -O copyright
+  wget -nv $GIT_REP/nginx/postinst -O postinst
+  wget -nv $GIT_REP/nginx/postrm -O postrm
+  chmod +x postinst postrm
+  
+  cd ..
+  if [ $BUILDING_NOW -eq 1 ]; then
+    echo "=== Move nginx directory"
+    mv /usr/local/vesta/nginx usr/local/vesta/
+  fi
+  
+  echo "=== Get Service File"
+  cd etc/init.d
+  wget -nv $GIT_REP/nginx/vesta
+  chmod +x vesta
+  
+  echo "=== Get nginx.conf"
+  cd ../../
+  wget -nv $GIT_REP/nginx/nginx.conf -O usr/local/vesta/nginx/conf/nginx.conf
+  
+  if [ $BUILDING_NOW -eq 1 ]; then
+    echo "=== copy binary"
+    cp usr/local/vesta/nginx/sbin/nginx usr/local/vesta/nginx/sbin/vesta-nginx
+  fi
+  
+  press_enter "=== Press enter to build the package"
+  cd /usr/src
+  dpkg-deb --build vesta-nginx_$VESTA_V
+    
+  if [ $add_deb_to_apt_repo -eq 1 ]; then
+    press_enter "=== Press enter to sign the package ==============================================================================="
+    
+    export GPG_TTY=$(tty)
+    dpkg-sig --sign builder vesta-nginx_$VESTA_V.deb
+    cd $PATH_OF_APT_REPO
+    
+    press_enter "=== Press enter to add to repo ==============================================================================="
+    
+    reprepro --ask-passphrase -Vb . remove buster vesta-nginx
+    reprepro --ask-passphrase -Vb . includedeb buster $BUILD_DIR/vesta-nginx_$VESTA_V.deb
+  fi
+
+  # clear up the source folder
+  # rm -r vesta-nginx_$VESTA_V
+fi
+
+#################################################################################
+#
+# Building vesta-php
+#
+#################################################################################
+
+
+if [ "$PHP_B" = true ] ; then
+  echo "======= Building vesta-php ======="
+  echo "=== Change to build directory: $BUILD_DIR"
+  cd $BUILD_DIR
+  
+  BUILDING_NOW=0
+  # Check if target directory exist
+  if [ ! -d $BUILD_DIR/vesta-php_$VESTA_V ]; then
+      # #mv $BUILD_DIR/vesta-php_$VESTA_V $BUILD_DIR/vesta-php_$VESTA_V-$(timestamp)
+  	  # rm -r $BUILD_DIR/vesta-php_$VESTA_V
+    # fi
+	BUILDING_NOW=1
+    
+    echo "=== Create directory: $BUILD_DIR/vesta-php_$VESTA_V"
+    mkdir $BUILD_DIR/vesta-php_$VESTA_V
+    
+    echo "=== Download and unpack source files"
+    wget -nv -qO- $PHP | tar xz
+    
+    echo "=== Change to php directory php-$PHP_V"
+    cd php-$PHP_V
+    
+    press_enter "=== Press enter to continue ==============================================================================="
+    
+    echo "=== Configure PHP"
+    ./configure --prefix=/usr/local/vesta/php \
+                --enable-fpm \
+                --with-zlib \
+                --with-fpm-user=admin \
+                --with-fpm-group=admin \
+                --with-mysql \
+                --with-mysqli \
+                --with-curl \
+                --enable-mbstring
+    
+    press_enter "=== Press enter to Create the files and install them ==============================================================================="
+    
+    make && make install
+    
+    press_enter "=== Press enter to continue ==============================================================================="
+    
+    echo "=== Clear up unused files: $BUILD_DIR/php-$PHP_V"
+    cd $BUILD_DIR
+    rm -r php-$PHP_V
+  fi
+  
+  echo "=== Prepare Deb Package Folder Structure: $BUILD_DIR/vesta-php_$VESTA_V/usr/local/vesta and $BUILD_DIR/vesta-php_$VESTA_V/DEBIAN"
+  cd vesta-php_$VESTA_V/
+  mkdir -p usr/local/vesta/php DEBIAN
+  
+  echo "=== Download control, postinst and postrm files"
+  cd DEBIAN
+  wget -nv $GIT_REP/php/postinst -O postinst
+  chmod 0755 postinst
+  wget -nv $GIT_REP/php/control -O control
+  wget -nv $GIT_REP/php/copyright -O copyright
+ 
+  press_enter "=== Press enter to move php directory ==============================================================================="
+  cd ..
+  
+  if [ $BUILDING_NOW -eq 1 ]; then
+    echo "=== Moving php directory"
+    mv /usr/local/vesta/php usr/local/vesta/
+    press_enter "=== Done, press enter ==============================================================================="
+  fi
+
+  echo "=== Get php-fpm.conf"
+  wget -nv $GIT_REP/php/php-fpm.conf -O usr/local/vesta/php/etc/php-fpm.conf
+  
+  if [ $BUILDING_NOW -eq 1 ]; then
+    echo "=== copy binary"
+    cp usr/local/vesta/php/sbin/php-fpm usr/local/vesta/php/sbin/vesta-php
+  fi
+  
+  press_enter "=== Press enter to build the package ==============================================================================="
+
+  echo "=== build the package"
+  cd /usr/src
+  if [ -f "vesta-php_$VESTA_V.deb" ]; then
+    rm vesta-php_$VESTA_V.deb
+  fi
+  dpkg-deb --build vesta-php_$VESTA_V
+  
+  if [ $add_deb_to_apt_repo -eq 1 ]; then
+    press_enter "=== Press enter to sign the package ==============================================================================="
+    
+    export GPG_TTY=$(tty)
+    dpkg-sig --sign builder vesta-php_$VESTA_V.deb
+    
+    press_enter "=== Press enter to add to repo ==============================================================================="
+    
+    cd $PATH_OF_APT_REPO
+    reprepro --ask-passphrase -Vb . remove buster vesta-php
+    reprepro --ask-passphrase -Vb . includedeb buster $BUILD_DIR/vesta-php_$VESTA_V.deb
+  fi
+
+  # clear up the source folder
+  # rm -r vesta-php_$VESTA_V
+  
+  echo "=== All done"
+fi
+
+#################################################################################
+#
+# Building vesta
+#
+#################################################################################
+
+if [ "$VESTA_B" = true ] ; then
+  # Change to build directory
+  cd $BUILD_DIR
+  
+  # Check if target directory exist
+  if [ -d $BUILD_DIR/vesta_$VESTA_V ]; then
+  	rm -r $BUILD_DIR/vesta_$VESTA_V
+  fi
+  if [ -d $BUILD_DIR/vesta-master ]; then
+  	rm -r $BUILD_DIR/vesta-master
+  fi
+  
+  # Create directory
+  mkdir $BUILD_DIR/vesta_$VESTA_V
+  
+  # Download and unpack source files
+  wget -nv $VESTA
+  unzip -q master.zip
+  rm master.zip
+  
+  # Prepare Deb Package Folder Structure
+  cd vesta_$VESTA_V/
+  mkdir -p usr/local/vesta DEBIAN
+  
+  # Download control, postinst and postrm files
+  cd DEBIAN
+  wget -nv $GIT_REP/vesta/control
+  wget -nv $GIT_REP/vesta/copyright
+  wget -nv $GIT_REP/vesta/postinst
+  
+  # Set permission
+  chmod +x postinst
+ 
+  # Move needed directories
+  cd $BUILD_DIR/vesta-master
+  mv bin func install upd web $BUILD_DIR/vesta_$VESTA_V/usr/local/vesta/
+   
+  # Set permission
+  cd $BUILD_DIR/vesta_$VESTA_V/usr/local/vesta/bin
+  chmod +x *
+  
+  press_enter "=== Press enter to build the package ==============================================================================="
+  # build the package
+  cd /usr/src
+  dpkg-deb --build vesta_$VESTA_V
+
+  if [ $add_deb_to_apt_repo -eq 1 ]; then
+    press_enter "=== Press enter to sign the package ==============================================================================="
+    
+    export GPG_TTY=$(tty)
+    dpkg-sig --sign builder vesta_$VESTA_V.deb
+    
+    press_enter "=== Press enter to add to repo ==============================================================================="
+    
+    cd $PATH_OF_APT_REPO
+    reprepro --ask-passphrase -Vb . remove buster vesta
+    reprepro --ask-passphrase -Vb . includedeb buster $BUILD_DIR/vesta_$VESTA_V.deb
+  fi
+  
+  # clear up the source folder
+  cd /usr/src
+  rm -r vesta_$VESTA_V
+  rm -r vesta-master
+fi

From d74ac9980a2cbfcebc145e86fe4d26ed85b9a7bc Mon Sep 17 00:00:00 2001
From: Dmitry Bannik 
Date: Sat, 20 Jul 2019 02:36:30 +0300
Subject: [PATCH 0517/2300] fixed add sftp server backup

---
 bin/v-add-backup-host | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/bin/v-add-backup-host b/bin/v-add-backup-host
index 4e727229..bccaa03e 100755
--- a/bin/v-add-backup-host
+++ b/bin/v-add-backup-host
@@ -38,8 +38,7 @@ EOF
 sftpc() {
     expect -f "-" <
Date: Mon, 22 Jul 2019 14:26:20 +0200
Subject: [PATCH 0518/2300] apparmor check

---
 install/vst-install-debian.sh | 18 ++++++++++++++----
 1 file changed, 14 insertions(+), 4 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 711f12f1..dc8ce605 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -260,6 +260,14 @@ if [ ! -e '/usr/bin/wget' ]; then
     check_result $? "Can't install wget"
 fi
 
+# Check if apparmor is installed
+# This check is borrowed from HestiaCP
+if [ $(dpkg-query -W -f='${Status}' apparmor 2>/dev/null | grep -c "ok installed") -eq 0 ]; then
+    apparmor='no'
+else
+    apparmor='yes'
+fi
+
 # Checking repository availability
 wget -q "apt.vesta.hostingpanel.dev/deb_signing.key" -O /dev/null
 check_result $? "No access to Vesta repository"
@@ -1065,10 +1073,12 @@ if [ "$named" = 'yes' ]; then
     chown root:bind /etc/bind/named.conf
     chmod 640 /etc/bind/named.conf
     aa-complain /usr/sbin/named 2>/dev/null
-    echo "/home/** rwm," >> /etc/apparmor.d/local/usr.sbin.named 2>/dev/null
-    service apparmor status >/dev/null 2>&1
-    if [ $? -ne 0 ]; then
-        service apparmor restart
+    if [ "$apparmor" = 'yes' ]; then
+      echo "/home/** rwm," >> /etc/apparmor.d/local/usr.sbin.named 2>/dev/null
+      service apparmor status >/dev/null 2>&1
+      if [ $? -ne 0 ]; then
+          service apparmor restart
+      fi
     fi
     update-rc.d bind9 defaults
     service bind9 start

From f0b47b32203e6b16dcd68fc13fe458c40ff78edd Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Mon, 22 Jul 2019 16:55:55 +0300
Subject: [PATCH 0519/2300] rfc2324 partial support:  any attempt to brew
 coffee with a teapot should result in the error code 418 - I'm a teapot

---
 func/main.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/func/main.sh b/func/main.sh
index 94505606..d0b26d5e 100644
--- a/func/main.sh
+++ b/func/main.sh
@@ -35,6 +35,7 @@ E_DB=17
 E_RRD=18
 E_UPDATE=19
 E_RESTART=20
+E_TEAPOT=418
 
 # Event string for logger
 for ((I=1; I <= $# ; I++)); do

From dbb8b8c6745233bf3af52f301e8d58e21920ac40 Mon Sep 17 00:00:00 2001
From: Sergey Kovalets 
Date: Fri, 26 Jul 2019 02:23:40 +0300
Subject: [PATCH 0520/2300] Create vsftpd.conf

---
 install/rhel/8/vsftpd/vsftpd.conf | 40 +++++++++++++++++++++++++++++++
 1 file changed, 40 insertions(+)
 create mode 100644 install/rhel/8/vsftpd/vsftpd.conf

diff --git a/install/rhel/8/vsftpd/vsftpd.conf b/install/rhel/8/vsftpd/vsftpd.conf
new file mode 100644
index 00000000..75e0104f
--- /dev/null
+++ b/install/rhel/8/vsftpd/vsftpd.conf
@@ -0,0 +1,40 @@
+anonymous_enable=NO
+local_enable=YES
+write_enable=YES
+local_umask=022
+anon_umask=022
+anon_upload_enable=NO
+dirmessage_enable=YES
+xferlog_enable=YES
+connect_from_port_20=YES
+xferlog_std_format=YES
+dual_log_enable=YES
+chroot_local_user=YES
+listen=YES
+pam_service_name=vsftpd
+userlist_enable=NO
+tcp_wrappers=YES
+force_dot_files=YES
+ascii_upload_enable=YES
+ascii_download_enable=YES
+allow_writeable_chroot=YES
+seccomp_sandbox=NO
+pasv_enable=YES
+pasv_promiscuous=YES
+pasv_min_port=12000
+pasv_max_port=12100
+max_per_ip=10
+max_clients=100
+use_localtime=YES
+utf8_filesystem=YES
+ssl_enable=YES
+allow_anon_ssl=NO
+require_ssl_reuse=NO
+ssl_ciphers=HIGH
+ssl_tlsv1=YES
+ssl_sslv2=NO
+ssl_sslv3=NO
+force_local_data_ssl=NO
+force_local_logins_ssl=NO
+rsa_cert_file=/usr/local/vesta/ssl/certificate.crt
+rsa_private_key_file=/usr/local/vesta/ssl/certificate.key

From bb44f4197b4e5de219bc00197f89517c7e92bc2a Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Tue, 30 Jul 2019 18:32:30 +0300
Subject: [PATCH 0521/2300] hardering user validation

---
 func/main.sh | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/func/main.sh b/func/main.sh
index d0b26d5e..edbaa664 100644
--- a/func/main.sh
+++ b/func/main.sh
@@ -213,7 +213,8 @@ is_object_new() {
 # Check if object is valid
 is_object_valid() {
     if [ $2 = 'USER' ]; then
-        if [ ! -d "$VESTA/data/users/$3" ]; then
+        user_vst_dir=$(basename $3)
+        if [ ! -d "$VESTA/data/users/$user_vst_dir" ]; then
             check_result $E_NOTEXIST "$1 $3 doesn't exist"
         fi
     else

From 718a64c5af9346995cfb846b1c2ef0dd61b4efc4 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 30 Jul 2019 21:37:56 +0200
Subject: [PATCH 0522/2300] Additional format check

---
 func/main.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/func/main.sh b/func/main.sh
index 3e7b634b..a9f9e0ec 100644
--- a/func/main.sh
+++ b/func/main.sh
@@ -213,6 +213,7 @@ is_object_new() {
 # Check if object is valid
 is_object_valid() {
     if [ $2 = 'USER' ]; then
+        is_user_format_valid $3
         if [ ! -d "$VESTA/data/users/$3" ]; then
             check_result $E_NOTEXIST "$1 $3 doesn't exist"
         fi

From 019a03958821242d5081cc4942e76755a42a22e0 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 30 Jul 2019 22:06:47 +0200
Subject: [PATCH 0523/2300] Update main.sh

---
 func/main.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/func/main.sh b/func/main.sh
index a9f9e0ec..7483bdb8 100644
--- a/func/main.sh
+++ b/func/main.sh
@@ -213,7 +213,7 @@ is_object_new() {
 # Check if object is valid
 is_object_valid() {
     if [ $2 = 'USER' ]; then
-        is_user_format_valid $3
+        is_user_format_valid $3 'user'
         if [ ! -d "$VESTA/data/users/$3" ]; then
             check_result $E_NOTEXIST "$1 $3 doesn't exist"
         fi

From 37d370390a71315f69b1443d352e2bf4098630d2 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 30 Jul 2019 23:18:40 +0200
Subject: [PATCH 0524/2300] Update UploadHandler.php

---
 web/upload/UploadHandler.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/upload/UploadHandler.php b/web/upload/UploadHandler.php
index a5e0b07c..88388304 100755
--- a/web/upload/UploadHandler.php
+++ b/web/upload/UploadHandler.php
@@ -1116,7 +1116,7 @@ class UploadHandler
             $file_path = $this->get_upload_path($file->name);
             $append_file = $content_range && is_file($file_path) &&
                 $file->size > $this->get_file_size($file_path);
-            if ($uploaded_file && is_uploaded_file($uploaded_file)) {
+            if ($uploaded_file && is_uploaded_file($uploaded_file) && strpos($file_path, "'")===false && strpos($file_path, '"')===false) {
                 chmod($uploaded_file, 0644);
                 exec (VESTA_CMD . "v-copy-fs-file ". USERNAME ." {$uploaded_file} '{$file_path}'", $output, $return_var);
                 $error = check_return_code($return_var, $output);

From c9bf443c6aaa8ea684d459e83cfd9a7af9b58828 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Wed, 31 Jul 2019 00:46:04 +0300
Subject: [PATCH 0525/2300] added user format valdation

---
 bin/v-delete-user-favourites    | 2 ++
 bin/v-list-dns-domain           | 1 +
 bin/v-list-letsencrypt-user     | 1 +
 bin/v-list-mail-domain-dkim-dns | 1 +
 bin/v-list-user                 | 1 +
 bin/v-list-user-backup          | 1 +
 bin/v-list-user-stats           | 1 +
 bin/v-list-web-domain           | 1 +
 bin/v-list-web-domain-ssl       | 1 +
 bin/v-list-web-domains          | 1 +
 10 files changed, 11 insertions(+)

diff --git a/bin/v-delete-user-favourites b/bin/v-delete-user-favourites
index 374fa430..28a8dd97 100755
--- a/bin/v-delete-user-favourites
+++ b/bin/v-delete-user-favourites
@@ -32,6 +32,8 @@ case $system in
     DNS_REC)    is_format_valid 'id' ;;
     *)          is_format_valid 'object'
 esac
+
+is_format_valid 'user'
 is_object_valid 'user' 'USER' "$user"
 is_object_unsuspended 'user' 'USER' "$user"
 
diff --git a/bin/v-list-dns-domain b/bin/v-list-dns-domain
index f72943f9..c9c3f1ea 100755
--- a/bin/v-list-dns-domain
+++ b/bin/v-list-dns-domain
@@ -71,6 +71,7 @@ csv_list() {
 #----------------------------------------------------------#
 
 check_args '2' "$#" 'USER DOMAIN [FORMAT]'
+is_format_valid 'user' 'domain'
 is_object_valid 'user' 'USER' "$user"
 is_object_valid 'dns' 'DOMAIN' "$domain"
 
diff --git a/bin/v-list-letsencrypt-user b/bin/v-list-letsencrypt-user
index 6289ecba..f6e2c774 100755
--- a/bin/v-list-letsencrypt-user
+++ b/bin/v-list-letsencrypt-user
@@ -56,6 +56,7 @@ csv_list() {
 #----------------------------------------------------------#
 
 check_args '1' "$#" 'USER [FORMAT]'
+is_format_valid 'user'
 is_object_valid 'user' 'USER' "$user"
 if [ ! -e "$USER_DATA/ssl/le.conf" ]; then
     check_result $E_NOTEXIST "LetsEncrypt user account doesn't exist"
diff --git a/bin/v-list-mail-domain-dkim-dns b/bin/v-list-mail-domain-dkim-dns
index 8623089e..d9f9d5ba 100755
--- a/bin/v-list-mail-domain-dkim-dns
+++ b/bin/v-list-mail-domain-dkim-dns
@@ -57,6 +57,7 @@ csv_list() {
 #----------------------------------------------------------#
 
 check_args '2' "$#" 'USER DOMAIN [FORMAT]'
+is_format_valid 'user' 'domain'
 is_object_valid 'user' 'USER' "$user"
 is_object_valid 'mail' 'DOMAIN' "$domain"
 
diff --git a/bin/v-list-user b/bin/v-list-user
index 05649f91..57b48bb3 100755
--- a/bin/v-list-user
+++ b/bin/v-list-user
@@ -154,6 +154,7 @@ csv_list() {
 #----------------------------------------------------------#
 
 check_args '1' "$#" 'USER [FORMAT]'
+is_format_valid 'user'
 is_object_valid 'user' 'USER' "$user"
 
 
diff --git a/bin/v-list-user-backup b/bin/v-list-user-backup
index 2e0a98d0..8ee8a41b 100755
--- a/bin/v-list-user-backup
+++ b/bin/v-list-user-backup
@@ -75,6 +75,7 @@ csv_list() {
 #----------------------------------------------------------#
 
 check_args '2' "$#" 'USER BACKUP [FORMAT]'
+is_format_valid 'user'
 is_object_valid 'user' 'USER' "$user"
 is_object_valid 'backup' 'BACKUP' "$backup"
 
diff --git a/bin/v-list-user-stats b/bin/v-list-user-stats
index 11b867af..0fa7dc90 100755
--- a/bin/v-list-user-stats
+++ b/bin/v-list-user-stats
@@ -115,6 +115,7 @@ csv_list() {
 #----------------------------------------------------------#
 
 check_args '1' "$#" 'USER [FORMAT]'
+is_format_valid 'user'
 is_object_valid 'user' 'USER' "$user"
 
 
diff --git a/bin/v-list-web-domain b/bin/v-list-web-domain
index e0f9492c..7e33a4ab 100755
--- a/bin/v-list-web-domain
+++ b/bin/v-list-web-domain
@@ -110,6 +110,7 @@ csv_list() {
 #----------------------------------------------------------#
 
 check_args '2' "$#" 'USER DOMAIN [FORMAT]'
+is_format_valid 'user' 'domain'
 is_object_valid 'user' 'USER' "$user"
 is_object_valid 'web' 'DOMAIN' "$domain"
 
diff --git a/bin/v-list-web-domain-ssl b/bin/v-list-web-domain-ssl
index 99fd5cf8..d637cf89 100755
--- a/bin/v-list-web-domain-ssl
+++ b/bin/v-list-web-domain-ssl
@@ -98,6 +98,7 @@ csv_list() {
 #----------------------------------------------------------#
 
 check_args '2' "$#" 'USER DOMAIN [FORMAT]'
+is_format_valid 'user' 'domain'
 is_object_valid 'user' 'USER' "$user"
 is_object_valid 'web' 'DOMAIN' "$domain"
 
diff --git a/bin/v-list-web-domains b/bin/v-list-web-domains
index a31199fa..23de5fb4 100755
--- a/bin/v-list-web-domains
+++ b/bin/v-list-web-domains
@@ -100,6 +100,7 @@ csv_list() {
 #----------------------------------------------------------#
 
 check_args '1' "$#" 'USER [FORMAT]'
+is_format_valid 'user'
 is_object_valid 'user' 'USER' "$user"
 
 

From b17b4b205df0c01dada54d9684cfaa94b924064a Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Wed, 7 Aug 2019 18:46:40 +0300
Subject: [PATCH 0526/2300] removed unnecessary single quotes for security
 reasons / thanks to Andrea Cardaci

---
 web/add/ip/index.php                 |  6 ++--
 web/add/web/index.php                | 10 +++----
 web/edit/backup/exclusions/index.php |  2 +-
 web/edit/cron/index.php              |  2 +-
 web/edit/db/index.php                |  2 +-
 web/edit/dns/index.php               | 12 ++++----
 web/edit/firewall/index.php          |  2 +-
 web/edit/ip/index.php                |  8 ++---
 web/edit/mail/index.php              |  8 ++---
 web/edit/package/index.php           |  6 ++--
 web/edit/server/index.php            | 10 +++----
 web/edit/web/index.php               | 45 +++++++++++++++-------------
 web/list/stats/index.php             |  2 +-
 web/reset/mail/index.php             | 10 +++----
 web/upload/UploadHandler.php         |  2 +-
 15 files changed, 65 insertions(+), 62 deletions(-)

diff --git a/web/add/ip/index.php b/web/add/ip/index.php
index 8746ed08..73f56b38 100644
--- a/web/add/ip/index.php
+++ b/web/add/ip/index.php
@@ -57,7 +57,7 @@ if (!empty($_POST['ok'])) {
 
     // Add IP
     if (empty($_SESSION['error_msg'])) {
-        exec (VESTA_CMD."v-add-sys-ip ".$v_ip." ".$v_netmask." ".$v_interface."  ".$v_owner." '".$ip_status."' ".$v_name." ".$v_nat, $output, $return_var);
+        exec (VESTA_CMD."v-add-sys-ip ".$v_ip." ".$v_netmask." ".$v_interface."  ".$v_owner." ".$ip_status." ".$v_name." ".$v_nat, $output, $return_var);
         check_return_code($return_var,$output);
         unset($output);
         $v_owner = $_POST['v_owner'];
@@ -75,12 +75,12 @@ if (!empty($_POST['ok'])) {
 }
 
 // List network interfaces
-exec (VESTA_CMD."v-list-sys-interfaces 'json'", $output, $return_var);
+exec (VESTA_CMD."v-list-sys-interfaces json", $output, $return_var);
 $interfaces = json_decode(implode('', $output), true);
 unset($output);
 
 // List users
-exec (VESTA_CMD."v-list-sys-users 'json'", $output, $return_var);
+exec (VESTA_CMD."v-list-sys-users json", $output, $return_var);
 $users = json_decode(implode('', $output), true);
 unset($output);
 
diff --git a/web/add/web/index.php b/web/add/web/index.php
index e6448c91..d77b8f40 100644
--- a/web/add/web/index.php
+++ b/web/add/web/index.php
@@ -118,7 +118,7 @@ if (!empty($_POST['ok'])) {
 
     // Add web domain
     if (empty($_SESSION['error_msg'])) {
-        exec (VESTA_CMD."v-add-web-domain ".$user." ".$v_domain." ".$v_ip." 'no' ".$aliases." ".$proxy_ext, $output, $return_var);
+        exec (VESTA_CMD."v-add-web-domain ".$user." ".$v_domain." ".$v_ip." no ".$aliases." ".$proxy_ext, $output, $return_var);
         check_return_code($return_var,$output);
         unset($output);
         $domain_added = empty($_SESSION['error_msg']);
@@ -126,7 +126,7 @@ if (!empty($_POST['ok'])) {
 
     // Add DNS domain
     if (($_POST['v_dns'] == 'on') && (empty($_SESSION['error_msg']))) {
-        exec (VESTA_CMD."v-add-dns-domain ".$user." ".$v_domain." ".$v_public_ip." '' '' '' '' '' '' '' '' 'no'", $output, $return_var);
+        exec (VESTA_CMD."v-add-dns-domain ".$user." ".$v_domain." ".$v_public_ip." '' '' '' '' '' '' '' '' no", $output, $return_var);
         check_return_code($return_var,$output);
         unset($output);
     }
@@ -136,7 +136,7 @@ if (!empty($_POST['ok'])) {
         foreach ($aliases_arr as $alias) {
             if ($alias != "www.".$_POST['v_domain']) {
                 $alias = escapeshellarg($alias);
-                exec (VESTA_CMD."v-add-dns-on-web-alias ".$user." ".$alias." ".$v_ip." 'no'", $output, $return_var);
+                exec (VESTA_CMD."v-add-dns-on-web-alias ".$user." ".$alias." ".$v_ip." no", $output, $return_var);
                 check_return_code($return_var,$output);
                 unset($output);
             }
@@ -153,7 +153,7 @@ if (!empty($_POST['ok'])) {
     // Delete proxy support
     if ((!empty($_SESSION['PROXY_SYSTEM'])) && ($_POST['v_proxy'] == 'off')  && (empty($_SESSION['error_msg']))) {
         $ext = escapeshellarg($ext);
-        exec (VESTA_CMD."v-delete-web-domain-proxy ".$user." ".$v_domain." 'no'", $output, $return_var);
+        exec (VESTA_CMD."v-delete-web-domain-proxy ".$user." ".$v_domain." no", $output, $return_var);
         check_return_code($return_var,$output);
         unset($output);
     }
@@ -195,7 +195,7 @@ if (!empty($_POST['ok'])) {
              }
 
              $v_ssl_home = escapeshellarg($_POST['v_ssl_home']);
-             exec (VESTA_CMD."v-add-web-domain-ssl ".$user." ".$v_domain." ".$tmpdir." ".$v_ssl_home." 'no'", $output, $return_var);
+             exec (VESTA_CMD."v-add-web-domain-ssl ".$user." ".$v_domain." ".$tmpdir." ".$v_ssl_home." no", $output, $return_var);
              check_return_code($return_var,$output);
              unset($output);
          }
diff --git a/web/edit/backup/exclusions/index.php b/web/edit/backup/exclusions/index.php
index bbbb4b3e..f4b854b0 100644
--- a/web/edit/backup/exclusions/index.php
+++ b/web/edit/backup/exclusions/index.php
@@ -12,7 +12,7 @@ if (($_SESSION['user'] == 'admin') && (!empty($_GET['user']))) {
 }
 
 // List backup exclustions
-exec (VESTA_CMD."v-list-user-backup-exclusions ".$user." 'json'", $output, $return_var);
+exec (VESTA_CMD."v-list-user-backup-exclusions ".$user." json", $output, $return_var);
 check_return_code($return_var,$output);
 $data = json_decode(implode('', $output), true);
 unset($output);
diff --git a/web/edit/cron/index.php b/web/edit/cron/index.php
index 3d8e9922..9f7ffb34 100644
--- a/web/edit/cron/index.php
+++ b/web/edit/cron/index.php
@@ -20,7 +20,7 @@ if (empty($_GET['job'])) {
 
 // List cron job
 $v_job = escapeshellarg($_GET['job']);
-exec (VESTA_CMD."v-list-cron-job ".$user." ".$v_job." 'json'", $output, $return_var);
+exec (VESTA_CMD."v-list-cron-job ".$user." ".$v_job." json", $output, $return_var);
 check_return_code($return_var,$output);
 
 $data = json_decode(implode('', $output), true);
diff --git a/web/edit/db/index.php b/web/edit/db/index.php
index 763717bc..232f6322 100644
--- a/web/edit/db/index.php
+++ b/web/edit/db/index.php
@@ -20,7 +20,7 @@ if (($_SESSION['user'] == 'admin') && (!empty($_GET['user']))) {
 
 // List datbase
 $v_database = escapeshellarg($_GET['database']);
-exec (VESTA_CMD."v-list-database ".$user." ".$v_database." 'json'", $output, $return_var);
+exec (VESTA_CMD."v-list-database ".$user." ".$v_database." json", $output, $return_var);
 check_return_code($return_var,$output);
 $data = json_decode(implode('', $output), true);
 unset($output);
diff --git a/web/edit/dns/index.php b/web/edit/dns/index.php
index 3c2e1e5c..b8cbc4db 100644
--- a/web/edit/dns/index.php
+++ b/web/edit/dns/index.php
@@ -52,7 +52,7 @@ if ((!empty($_GET['domain'])) && (empty($_GET['record_id'])))  {
 if ((!empty($_GET['domain'])) && (!empty($_GET['record_id'])))  {
     $v_domain = escapeshellarg($_GET['domain']);
     $v_record_id = escapeshellarg($_GET['record_id']);
-    exec (VESTA_CMD."v-list-dns-records ".$user." ".$v_domain." 'json'", $output, $return_var);
+    exec (VESTA_CMD."v-list-dns-records ".$user." ".$v_domain." json", $output, $return_var);
     check_return_code($return_var,$output);
     $data = json_decode(implode('', $output), true);
     unset($output);
@@ -88,7 +88,7 @@ if ((!empty($_POST['save'])) && (!empty($_GET['domain'])) && (empty($_GET['recor
     // Change domain IP
     if (($v_ip != $_POST['v_ip']) && (empty($_SESSION['error_msg']))) {
         $v_ip = escapeshellarg($_POST['v_ip']);
-        exec (VESTA_CMD."v-change-dns-domain-ip ".$v_username." ".$v_domain." ".$v_ip." 'no'", $output, $return_var);
+        exec (VESTA_CMD."v-change-dns-domain-ip ".$v_username." ".$v_domain." ".$v_ip." no", $output, $return_var);
         check_return_code($return_var,$output);
         $restart_dns = 'yes';
         unset($output);
@@ -97,7 +97,7 @@ if ((!empty($_POST['save'])) && (!empty($_GET['domain'])) && (empty($_GET['recor
     // Change domain template
     if (($v_template != $_POST['v_template']) && (empty($_SESSION['error_msg']))) {
         $v_template = escapeshellarg($_POST['v_template']);
-        exec (VESTA_CMD."v-change-dns-domain-tpl ".$v_username." ".$v_domain." ".$v_template." 'no'", $output, $return_var);
+        exec (VESTA_CMD."v-change-dns-domain-tpl ".$v_username." ".$v_domain." ".$v_template." no", $output, $return_var);
         check_return_code($return_var,$output);
         unset($output);
         $restart_dns = 'yes';
@@ -106,7 +106,7 @@ if ((!empty($_POST['save'])) && (!empty($_GET['domain'])) && (empty($_GET['recor
     // Change SOA record
     if (($v_soa != $_POST['v_soa']) && (empty($_SESSION['error_msg']))) {
         $v_soa = escapeshellarg($_POST['v_soa']);
-        exec (VESTA_CMD."v-change-dns-domain-soa ".$v_username." ".$v_domain." ".$v_soa." 'no'", $output, $return_var);
+        exec (VESTA_CMD."v-change-dns-domain-soa ".$v_username." ".$v_domain." ".$v_soa." no", $output, $return_var);
         check_return_code($return_var,$output);
         unset($output);
         $restart_dns = 'yes';
@@ -115,7 +115,7 @@ if ((!empty($_POST['save'])) && (!empty($_GET['domain'])) && (empty($_GET['recor
     // Change expiriation date
     if (($v_exp != $_POST['v_exp']) && (empty($_SESSION['error_msg']))) {
         $v_exp = escapeshellarg($_POST['v_exp']);
-        exec (VESTA_CMD."v-change-dns-domain-exp ".$v_username." ".$v_domain." ".$v_exp." 'no'", $output, $return_var);
+        exec (VESTA_CMD."v-change-dns-domain-exp ".$v_username." ".$v_domain." ".$v_exp." no", $output, $return_var);
         check_return_code($return_var,$output);
         unset($output);
     }
@@ -123,7 +123,7 @@ if ((!empty($_POST['save'])) && (!empty($_GET['domain'])) && (empty($_GET['recor
     // Change domain ttl
     if (($v_ttl != $_POST['v_ttl']) && (empty($_SESSION['error_msg']))) {
         $v_ttl = escapeshellarg($_POST['v_ttl']);
-        exec (VESTA_CMD."v-change-dns-domain-ttl ".$v_username." ".$v_domain." ".$v_ttl." 'no'", $output, $return_var);
+        exec (VESTA_CMD."v-change-dns-domain-ttl ".$v_username." ".$v_domain." ".$v_ttl." no", $output, $return_var);
         check_return_code($return_var,$output);
         unset($output);
         $restart_dns = 'yes';
diff --git a/web/edit/firewall/index.php b/web/edit/firewall/index.php
index 18b4be4c..67e039d4 100644
--- a/web/edit/firewall/index.php
+++ b/web/edit/firewall/index.php
@@ -20,7 +20,7 @@ if (empty($_GET['rule'])) {
 
 // List rule
 $v_rule = escapeshellarg($_GET['rule']);
-exec (VESTA_CMD."v-list-firewall-rule ".$v_rule." 'json'", $output, $return_var);
+exec (VESTA_CMD."v-list-firewall-rule ".$v_rule." json", $output, $return_var);
 check_return_code($return_var,$output);
 $data = json_decode(implode('', $output), true);
 unset($output);
diff --git a/web/edit/ip/index.php b/web/edit/ip/index.php
index b9eaa581..c7ec6d7a 100644
--- a/web/edit/ip/index.php
+++ b/web/edit/ip/index.php
@@ -20,7 +20,7 @@ if (empty($_GET['ip'])) {
 
 // List ip
 $v_ip = escapeshellarg($_GET['ip']);
-exec (VESTA_CMD."v-list-sys-ip ".$v_ip." 'json'", $output, $return_var);
+exec (VESTA_CMD."v-list-sys-ip ".$v_ip." json", $output, $return_var);
 check_return_code($return_var,$output);
 $data = json_decode(implode('', $output), true);
 unset($output);
@@ -45,7 +45,7 @@ if ( $v_suspended == 'yes' ) {
 }
 
 // List users
-exec (VESTA_CMD."v-list-sys-users 'json'", $output, $return_var);
+exec (VESTA_CMD."v-list-sys-users json", $output, $return_var);
 $users = json_decode(implode('', $output), true);
 unset($output);
 
@@ -55,13 +55,13 @@ if (!empty($_POST['save'])) {
 
     // Change Status
     if (($v_ipstatus == 'shared') && (empty($_POST['v_shared'])) && (empty($_SESSION['error_msg']))) {
-        exec (VESTA_CMD."v-change-sys-ip-status ".$v_ip." 'dedicated'", $output, $return_var);
+        exec (VESTA_CMD."v-change-sys-ip-status ".$v_ip." dedicated", $output, $return_var);
         check_return_code($return_var,$output);
         unset($output);
         $v_dedicated = 'yes';
     }
     if (($v_ipstatus == 'dedicated') && (!empty($_POST['v_shared'])) && (empty($_SESSION['error_msg']))) {
-        exec (VESTA_CMD."v-change-sys-ip-status ".$v_ip." 'shared'", $output, $return_var);
+        exec (VESTA_CMD."v-change-sys-ip-status ".$v_ip." shared", $output, $return_var);
         check_return_code($return_var,$output);
         unset($output);
         unset($v_dedicated);
diff --git a/web/edit/mail/index.php b/web/edit/mail/index.php
index 6424e3ab..e4451fc5 100644
--- a/web/edit/mail/index.php
+++ b/web/edit/mail/index.php
@@ -45,7 +45,7 @@ if ((!empty($_GET['domain'])) && (empty($_GET['account'])))  {
 if ((!empty($_GET['domain'])) && (!empty($_GET['account'])))  {
     $v_domain = escapeshellarg($_GET['domain']);
     $v_account = escapeshellarg($_GET['account']);
-    exec (VESTA_CMD."v-list-mail-account ".$user." ".$v_domain." ".$v_account." 'json'", $output, $return_var);
+    exec (VESTA_CMD."v-list-mail-account ".$user." ".$v_domain." ".$v_account." json", $output, $return_var);
     $data = json_decode(implode('', $output), true);
     unset($output);
 
@@ -75,7 +75,7 @@ if ((!empty($_GET['domain'])) && (!empty($_GET['account'])))  {
 
     // Parse autoreply
     if ( $v_autoreply == 'yes' ) {
-        exec (VESTA_CMD."v-list-mail-account-autoreply ".$user." '".$v_domain."' '".$v_account."' json", $output, $return_var);
+        exec (VESTA_CMD."v-list-mail-account-autoreply ".$user." ".$v_domain." ".$v_account." json", $output, $return_var);
         $autoreply_str = json_decode(implode('', $output), true);
         unset($output);
         $v_autoreply_message = $autoreply_str[$v_account]['MSG'];
@@ -231,7 +231,7 @@ if ((!empty($_POST['save'])) && (!empty($_GET['domain'])) && (!empty($_GET['acco
         $result = array_diff($valiases, $aliases);
         foreach ($result as $alias) {
             if ((empty($_SESSION['error_msg'])) && (!empty($alias))) {
-                exec (VESTA_CMD."v-delete-mail-account-alias ".$v_username." ".$v_domain." ".$v_account." '".escapeshellarg($alias)."'", $output, $return_var);
+                exec (VESTA_CMD."v-delete-mail-account-alias ".$v_username." ".$v_domain." ".$v_account." ".escapeshellarg($alias), $output, $return_var);
                 check_return_code($return_var,$output);
                 unset($output);
             }
@@ -257,7 +257,7 @@ if ((!empty($_POST['save'])) && (!empty($_GET['domain'])) && (!empty($_GET['acco
         $result = array_diff($vfwd, $fwd);
         foreach ($result as $forward) {
             if ((empty($_SESSION['error_msg'])) && (!empty($forward))) {
-                exec (VESTA_CMD."v-delete-mail-account-forward ".$v_username." ".$v_domain." ".$v_account." '".escapeshellarg($forward)."'", $output, $return_var);
+                exec (VESTA_CMD."v-delete-mail-account-forward ".$v_username." ".$v_domain." ".$v_account." ".escapeshellarg($forward), $output, $return_var);
                 check_return_code($return_var,$output);
                 unset($output);
             }
diff --git a/web/edit/package/index.php b/web/edit/package/index.php
index 763bfdf4..e8d4eddc 100644
--- a/web/edit/package/index.php
+++ b/web/edit/package/index.php
@@ -22,7 +22,7 @@ if (empty($_GET['package'])) {
 
 // List package
 $v_package = escapeshellarg($_GET['package']);
-exec (VESTA_CMD."v-list-user-package ".$v_package." 'json'", $output, $return_var);
+exec (VESTA_CMD."v-list-user-package ".$v_package." json", $output, $return_var);
 $data = json_decode(implode('', $output), true);
 unset($output);
 
@@ -203,7 +203,7 @@ if (!empty($_POST['save'])) {
     fclose($fp);
 
     // Save changes
-    exec (VESTA_CMD."v-add-user-package ".$tmpdir." ".$v_package." 'yes'", $output, $return_var);
+    exec (VESTA_CMD."v-add-user-package ".$tmpdir." ".$v_package." yes", $output, $return_var);
     check_return_code($return_var,$output);
     unset($output);
 
@@ -212,7 +212,7 @@ if (!empty($_POST['save'])) {
     unset($output);
 
     // Propogate new package
-    exec (VESTA_CMD."v-update-user-package ".$v_package." 'json'", $output, $return_var);
+    exec (VESTA_CMD."v-update-user-package ".$v_package." json", $output, $return_var);
     check_return_code($return_var,$output);
     unset($output);
 
diff --git a/web/edit/server/index.php b/web/edit/server/index.php
index defc0b7a..0743ab17 100644
--- a/web/edit/server/index.php
+++ b/web/edit/server/index.php
@@ -339,7 +339,7 @@ if (!empty($_POST['save'])) {
             $v_backup_username = escapeshellarg($_POST['v_backup_username']);
             $v_backup_password = escapeshellarg($_POST['v_backup_password']);
             $v_backup_bpath = escapeshellarg($_POST['v_backup_bpath']);
-            exec (VESTA_CMD."v-add-backup-host '". $v_backup_type ."' '". $v_backup_host ."' '". $v_backup_username ."' '". $v_backup_password ."' '". $v_backup_bpath ."'", $output, $return_var);
+            exec (VESTA_CMD."v-add-backup-host ".$v_backup_type." ".$v_backup_host ." ".$v_backup_username." ".$v_backup_password." ".$v_backup_bpath, $output, $return_var);
             check_return_code($return_var,$output);
             unset($output);
             if (empty($_SESSION['error_msg'])) $v_backup_host = $_POST['v_backup_host'];
@@ -356,7 +356,7 @@ if (!empty($_POST['save'])) {
     // Change remote backup host type
     if (empty($_SESSION['error_msg'])) {
         if ((!empty($_POST['v_backup_host'])) && ($_POST['v_backup_type'] != $v_backup_type)) {
-            exec (VESTA_CMD."v-delete-backup-host '". $v_backup_type ."'", $output, $return_var);
+            exec (VESTA_CMD."v-delete-backup-host ". $v_backup_type, $output, $return_var);
             unset($output);
 
             $v_backup_host = escapeshellarg($_POST['v_backup_host']);
@@ -364,7 +364,7 @@ if (!empty($_POST['save'])) {
             $v_backup_username = escapeshellarg($_POST['v_backup_username']);
             $v_backup_password = escapeshellarg($_POST['v_backup_password']);
             $v_backup_bpath = escapeshellarg($_POST['v_backup_bpath']);
-            exec (VESTA_CMD."v-add-backup-host '". $v_backup_type ."' '". $v_backup_host ."' '". $v_backup_username ."' '". $v_backup_password ."' '". $v_backup_bpath ."'", $output, $return_var);
+            exec (VESTA_CMD."v-add-backup-host ".$v_backup_type." ".$v_backup_host." ".$v_backup_username." ".$v_backup_password." ".$v_backup_bpath, $output, $return_var);
             check_return_code($return_var,$output);
             unset($output);
             if (empty($_SESSION['error_msg'])) $v_backup_host = $_POST['v_backup_host'];
@@ -386,7 +386,7 @@ if (!empty($_POST['save'])) {
                 $v_backup_username = escapeshellarg($_POST['v_backup_username']);
                 $v_backup_password = escapeshellarg($_POST['v_backup_password']);
                 $v_backup_bpath = escapeshellarg($_POST['v_backup_bpath']);
-                exec (VESTA_CMD."v-add-backup-host '". $v_backup_type ."' '". $v_backup_host ."' '". $v_backup_username ."' '". $v_backup_password ."' '". $v_backup_bpath ."'", $output, $return_var);
+                exec (VESTA_CMD."v-add-backup-host ".$v_backup_type." ".$v_backup_host." ".$v_backup_username." ".$v_backup_password." ".$v_backup_bpath, $output, $return_var);
                 check_return_code($return_var,$output);
                 unset($output);
                 if (empty($_SESSION['error_msg'])) $v_backup_host = $_POST['v_backup_host'];
@@ -403,7 +403,7 @@ if (!empty($_POST['save'])) {
     // Delete remote backup host
     if (empty($_SESSION['error_msg'])) {
         if ((empty($_POST['v_backup_host'])) && (!empty($v_backup_host))) {
-            exec (VESTA_CMD."v-delete-backup-host '". $v_backup_type ."'", $output, $return_var);
+            exec (VESTA_CMD."v-delete-backup-host ". $v_backup_type, $output, $return_var);
             check_return_code($return_var,$output);
             unset($output);
             if (empty($_SESSION['error_msg'])) $v_backup_host = '';
diff --git a/web/edit/web/index.php b/web/edit/web/index.php
index a1d2d70b..6c703e7d 100644
--- a/web/edit/web/index.php
+++ b/web/edit/web/index.php
@@ -36,7 +36,7 @@ $v_cgi = $data[$v_domain]['CGI'];
 $v_elog = $data[$v_domain]['ELOG'];
 $v_ssl = $data[$v_domain]['SSL'];
 if (!empty($v_ssl)) {
-    exec (VESTA_CMD."v-list-web-domain-ssl ".$user." '".escapeshellarg($v_domain)."' json", $output, $return_var);
+    exec (VESTA_CMD."v-list-web-domain-ssl ".$user." ".escapeshellarg($v_domain)." json", $output, $return_var);
     $ssl_str = json_decode(implode('', $output), true);
     unset($output);
     $v_ssl_crt = $ssl_str[$v_domain]['CRT'];
@@ -117,7 +117,7 @@ if (!empty($_POST['save'])) {
     // Change web domain IP
     if (($v_ip != $_POST['v_ip']) && (empty($_SESSION['error_msg']))) {
         $v_ip = escapeshellarg($_POST['v_ip']);
-        exec (VESTA_CMD."v-change-web-domain-ip ".$v_username." ".$v_domain." ".$v_ip." 'no'", $output, $return_var);
+        exec (VESTA_CMD."v-change-web-domain-ip ".$v_username." ".$v_domain." ".$v_ip." no", $output, $return_var);
         check_return_code($return_var,$output);
         $restart_web = 'yes';
         $restart_proxy = 'yes';
@@ -130,7 +130,7 @@ if (!empty($_POST['save'])) {
         unset($output);
         if ($return_var == 0 ) {
             $v_ip = escapeshellarg($_POST['v_ip']);
-            exec (VESTA_CMD."v-change-dns-domain-ip ".$v_username." ".$v_domain." ".$v_ip." 'no'", $output, $return_var);
+            exec (VESTA_CMD."v-change-dns-domain-ip ".$v_username." ".$v_domain." ".$v_ip." no", $output, $return_var);
             check_return_code($return_var,$output);
             unset($output);
             $restart_dns = 'yes';
@@ -140,11 +140,12 @@ if (!empty($_POST['save'])) {
     // Change dns ip for each alias
     if (($v_ip != $_POST['v_ip']) && (empty($_SESSION['error_msg']))) {
         foreach($valiases as $v_alias ){
-            exec (VESTA_CMD."v-list-dns-domain ".$v_username." '".$v_alias."' json", $output, $return_var);
+            $v_alias = escapeshellarg($v_alias);
+            exec (VESTA_CMD."v-list-dns-domain ".$v_username." ".$v_alias." json", $output, $return_var);
             unset($output);
             if ($return_var == 0 ) {
                 $v_ip = escapeshellarg($_POST['v_ip']);
-                exec (VESTA_CMD."v-change-dns-domain-ip ".$v_username." '".$v_alias."' ".$v_ip, $output, $return_var);
+                exec (VESTA_CMD."v-change-dns-domain-ip ".$v_username." ".$v_alias." ".$v_ip, $output, $return_var);
                 check_return_code($return_var,$output);
                 unset($output);
                 $restart_dns = 'yes';
@@ -155,7 +156,7 @@ if (!empty($_POST['save'])) {
     // Change template (admin only)
     if (($v_template != $_POST['v_template']) && ( $_SESSION['user'] == 'admin') && (empty($_SESSION['error_msg']))) {
         $v_template = escapeshellarg($_POST['v_template']);
-        exec (VESTA_CMD."v-change-web-domain-tpl ".$v_username." ".$v_domain." ".$v_template." 'no'", $output, $return_var);
+        exec (VESTA_CMD."v-change-web-domain-tpl ".$v_username." ".$v_domain." ".$v_template." no", $output, $return_var);
         check_return_code($return_var,$output);
         unset($output);
         $restart_web = 'yes';
@@ -175,7 +176,8 @@ if (!empty($_POST['save'])) {
                 $restart_web = 'yes';
                 $restart_proxy = 'yes';
                 $v_template = escapeshellarg($_POST['v_template']);
-                exec (VESTA_CMD."v-delete-web-domain-alias ".$v_username." ".$v_domain." '".$alias."' 'no'", $output, $return_var);
+                $alias = escapeshellarg($alias);
+                exec (VESTA_CMD."v-delete-web-domain-alias ".$v_username." ".$v_domain." ".$alias." no", $output, $return_var);
                 check_return_code($return_var,$output);
                 unset($output);
 
@@ -183,7 +185,7 @@ if (!empty($_POST['save'])) {
                     exec (VESTA_CMD."v-list-dns-domain ".$v_username." ".$v_domain, $output, $return_var);
                     unset($output);
                     if ($return_var == 0) {
-                        exec (VESTA_CMD."v-delete-dns-on-web-alias ".$v_username." ".$v_domain." '".$alias."' 'no'", $output, $return_var);
+                        exec (VESTA_CMD."v-delete-dns-on-web-alias ".$v_username." ".$v_domain." ".$alias." no", $output, $return_var);
                         check_return_code($return_var,$output);
                         unset($output);
                         $restart_dns = 'yes';
@@ -198,14 +200,15 @@ if (!empty($_POST['save'])) {
                 $restart_web = 'yes';
                 $restart_proxy = 'yes';
                 $v_template = escapeshellarg($_POST['v_template']);
-                exec (VESTA_CMD."v-add-web-domain-alias ".$v_username." ".$v_domain." ".escapeshellarg($alias)." 'no'", $output, $return_var);
+                $alias = escapeshellarg($alias);
+                exec (VESTA_CMD."v-add-web-domain-alias ".$v_username." ".$v_domain." ".$alias." no", $output, $return_var);
                 check_return_code($return_var,$output);
                 unset($output);
                 if (empty($_SESSION['error_msg'])) {
                     exec (VESTA_CMD."v-list-dns-domain ".$v_username." ".$v_domain, $output, $return_var);
                     unset($output);
                     if ($return_var == 0) {
-                        exec (VESTA_CMD."v-add-dns-on-web-alias ".$v_username." ".escapeshellarg($alias)." ".$v_ip." no", $output, $return_var);
+                        exec (VESTA_CMD."v-add-dns-on-web-alias ".$v_username." ".$alias." ".$v_ip." no", $output, $return_var);
                         check_return_code($return_var,$output);
                     unset($output);
                         $restart_dns = 'yes';
@@ -225,7 +228,7 @@ if (!empty($_POST['save'])) {
 
     // Delete proxy support
     if ((!empty($_SESSION['PROXY_SYSTEM'])) && (!empty($v_proxy)) && (empty($_POST['v_proxy'])) && (empty($_SESSION['error_msg']))) {
-        exec (VESTA_CMD."v-delete-web-domain-proxy ".$v_username." ".$v_domain." 'no'", $output, $return_var);
+        exec (VESTA_CMD."v-delete-web-domain-proxy ".$v_username." ".$v_domain." no", $output, $return_var);
         check_return_code($return_var,$output);
         unset($output);
         unset($v_proxy);
@@ -242,7 +245,7 @@ if (!empty($_POST['save'])) {
         if (( $v_proxy_template != $_POST['v_proxy_template']) || ($v_proxy_ext != $ext)) {
             $ext = str_replace(', ', ",", $ext);
             if (!empty($_POST['v_proxy_template'])) $v_proxy_template = $_POST['v_proxy_template'];
-            exec (VESTA_CMD."v-change-web-domain-proxy-tpl ".$v_username." ".$v_domain." ".escapeshellarg($v_proxy_template)." ".escapeshellarg($ext)." 'no'", $output, $return_var);
+            exec (VESTA_CMD."v-change-web-domain-proxy-tpl ".$v_username." ".$v_domain." ".escapeshellarg($v_proxy_template)." ".escapeshellarg($ext)." no", $output, $return_var);
             check_return_code($return_var,$output);
             $v_proxy_ext = str_replace(',', ', ', $ext);
             unset($output);
@@ -261,7 +264,7 @@ if (!empty($_POST['save'])) {
             $ext = str_replace(' ', ",", $ext);
             $v_proxy_ext = str_replace(',', ', ', $ext);
         }
-        exec (VESTA_CMD."v-add-web-domain-proxy ".$v_username." ".$v_domain." ".escapeshellarg($v_proxy_template)." ".escapeshellarg($ext)." 'no'", $output, $return_var);
+        exec (VESTA_CMD."v-add-web-domain-proxy ".$v_username." ".$v_domain." ".escapeshellarg($v_proxy_template)." ".escapeshellarg($ext)." no", $output, $return_var);
         check_return_code($return_var,$output);
         unset($output);
         $restart_proxy = 'yes';
@@ -271,7 +274,7 @@ if (!empty($_POST['save'])) {
     if (( $v_ssl == 'yes') && (!empty($_POST['v_ssl'])) && (empty($_SESSION['error_msg']))) {
         if ( $v_ssl_home != $_POST['v_ssl_home'] ) {
             $v_ssl_home = escapeshellarg($_POST['v_ssl_home']);
-            exec (VESTA_CMD."v-change-web-domain-sslhome ".$user." ".$v_domain." ".$v_ssl_home." 'no'", $output, $return_var);
+            exec (VESTA_CMD."v-change-web-domain-sslhome ".$user." ".$v_domain." ".$v_ssl_home." no", $output, $return_var);
             check_return_code($return_var,$output);
             $v_ssl_home = $_POST['v_ssl_home'];
             $restart_web = 'yes';
@@ -310,13 +313,13 @@ if (!empty($_POST['save'])) {
                 fclose($fp);
             }
 
-            exec (VESTA_CMD."v-change-web-domain-sslcert ".$user." ".$v_domain." ".$tmpdir." 'no'", $output, $return_var);
+            exec (VESTA_CMD."v-change-web-domain-sslcert ".$user." ".$v_domain." ".$tmpdir." no", $output, $return_var);
             check_return_code($return_var,$output);
             unset($output);
             $restart_web = 'yes';
             $restart_proxy = 'yes';
 
-            exec (VESTA_CMD."v-list-web-domain-ssl ".$user." '".$v_domain."' json", $output, $return_var);
+            exec (VESTA_CMD."v-list-web-domain-ssl ".$user." ".$v_domain." json", $output, $return_var);
             $ssl_str = json_decode(implode('', $output), true);
             unset($output);
             $v_ssl_crt = $ssl_str[$v_domain]['CRT'];
@@ -340,7 +343,7 @@ if (!empty($_POST['save'])) {
 
     // Delete Lets Encrypt support
     if (( $v_letsencrypt == 'yes' ) && (empty($_POST['v_letsencrypt'])) && (empty($_SESSION['error_msg']))) {
-        exec (VESTA_CMD."v-delete-letsencrypt-domain ".$user." ".$v_domain." 'no'", $output, $return_var);
+        exec (VESTA_CMD."v-delete-letsencrypt-domain ".$user." ".$v_domain." no", $output, $return_var);
         check_return_code($return_var,$output);
         unset($output);
         $v_ssl_crt = '';
@@ -355,7 +358,7 @@ if (!empty($_POST['save'])) {
 
     // Delete SSL certificate
     if (( $v_ssl == 'yes' ) && (empty($_POST['v_ssl'])) && (empty($_SESSION['error_msg']))) {
-        exec (VESTA_CMD."v-delete-web-domain-ssl ".$v_username." ".$v_domain." 'no'", $output, $return_var);
+        exec (VESTA_CMD."v-delete-web-domain-ssl ".$v_username." ".$v_domain." no", $output, $return_var);
         check_return_code($return_var,$output);
         unset($output);
         $v_ssl_crt = '';
@@ -369,7 +372,7 @@ if (!empty($_POST['save'])) {
     // Add Lets Encrypt support
     if ((!empty($_POST['v_ssl'])) && ( $v_letsencrypt == 'no' ) && (!empty($_POST['v_letsencrypt'])) && empty($_SESSION['error_msg'])) {
         $l_aliases = str_replace("\n", ',', $v_aliases);
-        exec (VESTA_CMD."v-add-letsencrypt-domain ".$user." ".$v_domain." '".escapeshellarg($l_aliases)."' 'no'", $output, $return_var);
+        exec (VESTA_CMD."v-add-letsencrypt-domain ".$user." ".$v_domain." ".escapeshellarg($l_aliases)." no", $output, $return_var);
         check_return_code($return_var,$output);
         unset($output);
         $v_letsencrypt = 'yes';
@@ -417,14 +420,14 @@ if (!empty($_POST['save'])) {
                 fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_ca']));
                 fclose($fp);
             }
-            exec (VESTA_CMD."v-add-web-domain-ssl ".$user." ".$v_domain." ".$tmpdir." ".$v_ssl_home." 'no'", $output, $return_var);
+            exec (VESTA_CMD."v-add-web-domain-ssl ".$user." ".$v_domain." ".$tmpdir." ".$v_ssl_home." no", $output, $return_var);
             check_return_code($return_var,$output);
             unset($output);
             $v_ssl = 'yes';
             $restart_web = 'yes';
             $restart_proxy = 'yes';
 
-            exec (VESTA_CMD."v-list-web-domain-ssl ".$user." '".$v_domain."' json", $output, $return_var);
+            exec (VESTA_CMD."v-list-web-domain-ssl ".$user." ".$v_domain." json", $output, $return_var);
             $ssl_str = json_decode(implode('', $output), true);
             unset($output);
             $v_ssl_crt = $ssl_str[$_POST['v_domain']]['CRT'];
diff --git a/web/list/stats/index.php b/web/list/stats/index.php
index c758705a..3c730632 100644
--- a/web/list/stats/index.php
+++ b/web/list/stats/index.php
@@ -20,7 +20,7 @@ if ($user == 'admin') {
         unset($output);
     }
 
-    exec (VESTA_CMD."v-list-sys-users 'json'", $output, $return_var);
+    exec (VESTA_CMD."v-list-sys-users json", $output, $return_var);
     $users = json_decode(implode('', $output), true);
     unset($output);
 } else {
diff --git a/web/reset/mail/index.php b/web/reset/mail/index.php
index 5350f9b9..2e7d8c72 100644
--- a/web/reset/mail/index.php
+++ b/web/reset/mail/index.php
@@ -124,15 +124,15 @@ if ((!empty($_POST['email'])) && (!empty($_POST['password'])) && (!empty($_POST[
     $v_password = $_POST['password'];
 
     // Get domain owner
-    exec (VESTA_CMD."v-search-domain-owner ".$v_domain." 'mail'", $output, $return_var);
-    if ($return_var == 0) {
-        $v_user = $output[0];
+    exec (VESTA_CMD."v-search-domain-owner ".$v_domain." mail", $output, $return_var);
+    if (($return_var == 0) && (!empty($output[0]))) {
+        $v_user = escapeshellarg($output[0]);
     }
     unset($output);
 
     // Get current md5 hash
     if (!empty($v_user)) {
-        exec (VESTA_CMD."v-get-mail-account-value '".$v_user."' ".$v_domain." ".$v_account." 'md5'", $output, $return_var);
+        exec (VESTA_CMD."v-get-mail-account-value ".$v_user." ".$v_domain." ".$v_account." md5", $output, $return_var);
         if ($return_var == 0) {
             $v_hash = $output[0];
         }
@@ -151,7 +151,7 @@ if ((!empty($_POST['email'])) && (!empty($_POST['password'])) && (!empty($_POST[
             $fp = fopen($v_new_password, "w");
             fwrite($fp, $_POST['new']."\n");
             fclose($fp);
-            exec (VESTA_CMD."v-change-mail-account-password '".$v_user."' ".$v_domain." ".$v_account." ".$v_new_password, $output, $return_var);
+            exec (VESTA_CMD."v-change-mail-account-password ".$v_user." ".$v_domain." ".$v_account." ".$v_new_password, $output, $return_var);
             if ($return_var == 0) {
                 echo "ok";
                 exit;
diff --git a/web/upload/UploadHandler.php b/web/upload/UploadHandler.php
index a5e0b07c..aedd747c 100755
--- a/web/upload/UploadHandler.php
+++ b/web/upload/UploadHandler.php
@@ -1118,7 +1118,7 @@ class UploadHandler
                 $file->size > $this->get_file_size($file_path);
             if ($uploaded_file && is_uploaded_file($uploaded_file)) {
                 chmod($uploaded_file, 0644);
-                exec (VESTA_CMD . "v-copy-fs-file ". USERNAME ." {$uploaded_file} '{$file_path}'", $output, $return_var);
+                exec (VESTA_CMD . "v-copy-fs-file ". USERNAME ." ".$uploaded_file." ".escapeshellarg($file_path), $output, $return_var);
                 $error = check_return_code($return_var, $output);
                 if ($return_var != 0) {
                     $file->error = 'Error while saving file ';

From 1a02521f76e9c9f31e195555e7519ef614f6fed6 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Thu, 8 Aug 2019 14:13:35 +0300
Subject: [PATCH 0527/2300] Resolved merge conflict with tmp dir.

---
 install/rhel/7/pma/config.inc.conf | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/install/rhel/7/pma/config.inc.conf b/install/rhel/7/pma/config.inc.conf
index 25097eca..8f3e0a7b 100644
--- a/install/rhel/7/pma/config.inc.conf
+++ b/install/rhel/7/pma/config.inc.conf
@@ -74,6 +74,13 @@ $cfg['Servers'][$i]['export_templates'] = 'pma__export_templates';
 $cfg['UploadDir'] = '/var/lib/phpMyAdmin/upload';
 $cfg['SaveDir'] = '/var/lib/phpMyAdmin/save';
 
+/*
+ * Temp dir for faster beahivour
+ *
+*/
+$cfg['TempDir']  = '/tmp';
+
+
 /**
  * Whether to display icons or text or both icons and text in table row
  * action segment. Value can be either of 'icons', 'text' or 'both'.

From 3e2178bb6ecfe14660bed47659de7cf23e1deed3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luka=20Paunovi=C4=87?= 
Date: Thu, 21 Mar 2019 18:14:19 +0100
Subject: [PATCH 0528/2300] Update config.inc.conf

---
 install/rhel/6/pma/config.inc.conf | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/install/rhel/6/pma/config.inc.conf b/install/rhel/6/pma/config.inc.conf
index 47ae207e..3b636258 100644
--- a/install/rhel/6/pma/config.inc.conf
+++ b/install/rhel/6/pma/config.inc.conf
@@ -16,6 +16,12 @@
  */
 $cfg['blowfish_secret'] = '%blowfish_secret%'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */
 
+/*
+ * Temp dir for faster beahivour
+ *
+*/
+$cfg['TempDir']  = '/tmp';
+
 /*
  * Servers configuration
  */

From 880496962a3bb094b21dea92a1f6b5b2e2bfe59e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luka=20Paunovi=C4=87?= 
Date: Thu, 21 Mar 2019 18:14:38 +0100
Subject: [PATCH 0529/2300] Update config.inc.conf

---
 install/rhel/6/pma/config.inc.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/rhel/6/pma/config.inc.conf b/install/rhel/6/pma/config.inc.conf
index 3b636258..f7584089 100644
--- a/install/rhel/6/pma/config.inc.conf
+++ b/install/rhel/6/pma/config.inc.conf
@@ -19,7 +19,7 @@ $cfg['blowfish_secret'] = '%blowfish_secret%'; /* YOU MUST FILL IN THIS FOR COOK
 /*
  * Temp dir for faster beahivour
  *
-*/
+ */
 $cfg['TempDir']  = '/tmp';
 
 /*

From a745eb02d8e6b0719f538c8504128ec70d617390 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luka=20Paunovi=C4=87?= 
Date: Thu, 21 Mar 2019 18:14:51 +0100
Subject: [PATCH 0530/2300] Update config.inc.conf

---
 install/rhel/7/pma/config.inc.conf | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/install/rhel/7/pma/config.inc.conf b/install/rhel/7/pma/config.inc.conf
index 8f3e0a7b..d2ab6946 100644
--- a/install/rhel/7/pma/config.inc.conf
+++ b/install/rhel/7/pma/config.inc.conf
@@ -16,7 +16,17 @@
  */
 $cfg['blowfish_secret'] = '%blowfish_secret%'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */
 
+<<<<<<< HEAD
 /**
+=======
+/*
+ * Temp dir for faster beahivour
+ *
+ */
+$cfg['TempDir']  = '/tmp';
+
+/*
+>>>>>>> Update config.inc.conf
  * Servers configuration
  */
 $i = 0;

From cb8cd40b1306648a4bbde9bbb60654de50e44203 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luka=20Paunovi=C4=87?= 
Date: Thu, 21 Mar 2019 18:15:09 +0100
Subject: [PATCH 0531/2300] Update config.inc.conf

---
 install/rhel/5/pma/config.inc.conf | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/install/rhel/5/pma/config.inc.conf b/install/rhel/5/pma/config.inc.conf
index 47ae207e..f7584089 100644
--- a/install/rhel/5/pma/config.inc.conf
+++ b/install/rhel/5/pma/config.inc.conf
@@ -16,6 +16,12 @@
  */
 $cfg['blowfish_secret'] = '%blowfish_secret%'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */
 
+/*
+ * Temp dir for faster beahivour
+ *
+ */
+$cfg['TempDir']  = '/tmp';
+
 /*
  * Servers configuration
  */

From 57fb5a759fe6cf8e877f8e7da5b506049a4cdfa1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luka=20Paunovi=C4=87?= 
Date: Thu, 21 Mar 2019 18:17:10 +0100
Subject: [PATCH 0532/2300] Update config.inc.php

---
 install/debian/7/pma/config.inc.php | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/install/debian/7/pma/config.inc.php b/install/debian/7/pma/config.inc.php
index a643a065..4b6a3a6b 100644
--- a/install/debian/7/pma/config.inc.php
+++ b/install/debian/7/pma/config.inc.php
@@ -137,6 +137,13 @@ if (!empty($dbname)) {
 $cfg['UploadDir'] = '';
 $cfg['SaveDir'] = '';
 
+/*
+ * Temp dir for faster beahivour
+ *
+ */
+$cfg['TempDir']  = '/tmp';
+
+
 /* Support additional configurations */
 foreach (glob('/etc/phpmyadmin/conf.d/*.php') as $filename)
 {

From fe6f93fabae947b2066e1e645a6e962c6ff43a9b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luka=20Paunovi=C4=87?= 
Date: Thu, 21 Mar 2019 18:17:29 +0100
Subject: [PATCH 0533/2300] Update config.inc.php

---
 install/debian/8/pma/config.inc.php | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/install/debian/8/pma/config.inc.php b/install/debian/8/pma/config.inc.php
index eafc6d67..a3803697 100644
--- a/install/debian/8/pma/config.inc.php
+++ b/install/debian/8/pma/config.inc.php
@@ -137,6 +137,13 @@ if (!empty($dbname)) {
 $cfg['UploadDir'] = '';
 $cfg['SaveDir'] = '';
 
+/*
+ * Temp dir for faster beahivour
+ *
+ */
+$cfg['TempDir']  = '/tmp';
+
+
 /* Support additional configurations */
 foreach (glob('/etc/phpmyadmin/conf.d/*.php') as $filename)
 {

From 7f8313b48fa9ccfd30731016e7c321feaf6fa3b1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luka=20Paunovi=C4=87?= 
Date: Thu, 21 Mar 2019 18:17:37 +0100
Subject: [PATCH 0534/2300] Update config.inc.php

---
 install/debian/9/pma/config.inc.php | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/install/debian/9/pma/config.inc.php b/install/debian/9/pma/config.inc.php
index eafc6d67..a3803697 100644
--- a/install/debian/9/pma/config.inc.php
+++ b/install/debian/9/pma/config.inc.php
@@ -137,6 +137,13 @@ if (!empty($dbname)) {
 $cfg['UploadDir'] = '';
 $cfg['SaveDir'] = '';
 
+/*
+ * Temp dir for faster beahivour
+ *
+ */
+$cfg['TempDir']  = '/tmp';
+
+
 /* Support additional configurations */
 foreach (glob('/etc/phpmyadmin/conf.d/*.php') as $filename)
 {

From bebd854b6052f2511b895698ba2e11e07f8762dd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luka=20Paunovi=C4=87?= 
Date: Thu, 21 Mar 2019 18:18:08 +0100
Subject: [PATCH 0535/2300] Update config.inc.php

---
 install/ubuntu/18.04/pma/config.inc.php | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/install/ubuntu/18.04/pma/config.inc.php b/install/ubuntu/18.04/pma/config.inc.php
index a643a065..36093369 100644
--- a/install/ubuntu/18.04/pma/config.inc.php
+++ b/install/ubuntu/18.04/pma/config.inc.php
@@ -137,6 +137,12 @@ if (!empty($dbname)) {
 $cfg['UploadDir'] = '';
 $cfg['SaveDir'] = '';
 
+/*
+ * Temp dir for faster beahivour
+ *
+ */
+$cfg['TempDir']  = '/tmp';
+
 /* Support additional configurations */
 foreach (glob('/etc/phpmyadmin/conf.d/*.php') as $filename)
 {

From 0d66d22150741ae0c9ef70cf8f4a2470783446c2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luka=20Paunovi=C4=87?= 
Date: Thu, 21 Mar 2019 18:18:39 +0100
Subject: [PATCH 0536/2300] Update config.inc.php

---
 install/ubuntu/17.10/pma/config.inc.php | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/install/ubuntu/17.10/pma/config.inc.php b/install/ubuntu/17.10/pma/config.inc.php
index a643a065..36093369 100644
--- a/install/ubuntu/17.10/pma/config.inc.php
+++ b/install/ubuntu/17.10/pma/config.inc.php
@@ -137,6 +137,12 @@ if (!empty($dbname)) {
 $cfg['UploadDir'] = '';
 $cfg['SaveDir'] = '';
 
+/*
+ * Temp dir for faster beahivour
+ *
+ */
+$cfg['TempDir']  = '/tmp';
+
 /* Support additional configurations */
 foreach (glob('/etc/phpmyadmin/conf.d/*.php') as $filename)
 {

From ed8d38228bc7c7de0651cee30d742f28c22c061b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luka=20Paunovi=C4=87?= 
Date: Thu, 21 Mar 2019 18:18:59 +0100
Subject: [PATCH 0537/2300] Update config.inc.php

---
 install/ubuntu/17.04/pma/config.inc.php | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/install/ubuntu/17.04/pma/config.inc.php b/install/ubuntu/17.04/pma/config.inc.php
index a643a065..36093369 100644
--- a/install/ubuntu/17.04/pma/config.inc.php
+++ b/install/ubuntu/17.04/pma/config.inc.php
@@ -137,6 +137,12 @@ if (!empty($dbname)) {
 $cfg['UploadDir'] = '';
 $cfg['SaveDir'] = '';
 
+/*
+ * Temp dir for faster beahivour
+ *
+ */
+$cfg['TempDir']  = '/tmp';
+
 /* Support additional configurations */
 foreach (glob('/etc/phpmyadmin/conf.d/*.php') as $filename)
 {

From c83a925c9accb5872fd7c64a5a87857c10f12ae7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luka=20Paunovi=C4=87?= 
Date: Thu, 21 Mar 2019 18:19:17 +0100
Subject: [PATCH 0538/2300] Update config.inc.php

---
 install/ubuntu/16.10/pma/config.inc.php | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/install/ubuntu/16.10/pma/config.inc.php b/install/ubuntu/16.10/pma/config.inc.php
index a643a065..36093369 100644
--- a/install/ubuntu/16.10/pma/config.inc.php
+++ b/install/ubuntu/16.10/pma/config.inc.php
@@ -137,6 +137,12 @@ if (!empty($dbname)) {
 $cfg['UploadDir'] = '';
 $cfg['SaveDir'] = '';
 
+/*
+ * Temp dir for faster beahivour
+ *
+ */
+$cfg['TempDir']  = '/tmp';
+
 /* Support additional configurations */
 foreach (glob('/etc/phpmyadmin/conf.d/*.php') as $filename)
 {

From aa8ba1aff1418f98bff0d5e1b109eb49a4715855 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luka=20Paunovi=C4=87?= 
Date: Thu, 21 Mar 2019 18:19:40 +0100
Subject: [PATCH 0539/2300] Update config.inc.php

---
 install/ubuntu/16.04/pma/config.inc.php | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/install/ubuntu/16.04/pma/config.inc.php b/install/ubuntu/16.04/pma/config.inc.php
index d8a903e4..fb131d65 100644
--- a/install/ubuntu/16.04/pma/config.inc.php
+++ b/install/ubuntu/16.04/pma/config.inc.php
@@ -139,6 +139,12 @@ if (!empty($dbname)) {
 $cfg['UploadDir'] = '';
 $cfg['SaveDir'] = '';
 
+/*
+ * Temp dir for faster beahivour
+ *
+ */
+$cfg['TempDir']  = '/tmp';
+
 /* Support additional configurations */
 foreach (glob('/etc/phpmyadmin/conf.d/*.php') as $filename)
 {

From 8d3473c914a9a9719cd9f57c1dd87655488aba89 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luka=20Paunovi=C4=87?= 
Date: Thu, 21 Mar 2019 18:20:08 +0100
Subject: [PATCH 0540/2300] Update config.inc.php

---
 install/ubuntu/15.10/pma/config.inc.php | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/install/ubuntu/15.10/pma/config.inc.php b/install/ubuntu/15.10/pma/config.inc.php
index a643a065..36093369 100644
--- a/install/ubuntu/15.10/pma/config.inc.php
+++ b/install/ubuntu/15.10/pma/config.inc.php
@@ -137,6 +137,12 @@ if (!empty($dbname)) {
 $cfg['UploadDir'] = '';
 $cfg['SaveDir'] = '';
 
+/*
+ * Temp dir for faster beahivour
+ *
+ */
+$cfg['TempDir']  = '/tmp';
+
 /* Support additional configurations */
 foreach (glob('/etc/phpmyadmin/conf.d/*.php') as $filename)
 {

From ea2f42e6892436b6dd39bfaf861740b43a23bb1e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luka=20Paunovi=C4=87?= 
Date: Thu, 21 Mar 2019 18:20:21 +0100
Subject: [PATCH 0541/2300] Update config.inc.php

---
 install/ubuntu/15.04/pma/config.inc.php | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/install/ubuntu/15.04/pma/config.inc.php b/install/ubuntu/15.04/pma/config.inc.php
index a643a065..36093369 100644
--- a/install/ubuntu/15.04/pma/config.inc.php
+++ b/install/ubuntu/15.04/pma/config.inc.php
@@ -137,6 +137,12 @@ if (!empty($dbname)) {
 $cfg['UploadDir'] = '';
 $cfg['SaveDir'] = '';
 
+/*
+ * Temp dir for faster beahivour
+ *
+ */
+$cfg['TempDir']  = '/tmp';
+
 /* Support additional configurations */
 foreach (glob('/etc/phpmyadmin/conf.d/*.php') as $filename)
 {

From 9ab4927ec2d33b46ce143a3659bd0fbcb70cfadd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luka=20Paunovi=C4=87?= 
Date: Thu, 21 Mar 2019 18:20:34 +0100
Subject: [PATCH 0542/2300] Update config.inc.php

---
 install/ubuntu/14.10/pma/config.inc.php | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/install/ubuntu/14.10/pma/config.inc.php b/install/ubuntu/14.10/pma/config.inc.php
index a643a065..36093369 100644
--- a/install/ubuntu/14.10/pma/config.inc.php
+++ b/install/ubuntu/14.10/pma/config.inc.php
@@ -137,6 +137,12 @@ if (!empty($dbname)) {
 $cfg['UploadDir'] = '';
 $cfg['SaveDir'] = '';
 
+/*
+ * Temp dir for faster beahivour
+ *
+ */
+$cfg['TempDir']  = '/tmp';
+
 /* Support additional configurations */
 foreach (glob('/etc/phpmyadmin/conf.d/*.php') as $filename)
 {

From f23697217b69f66bd0c69550c4228bb9c7dc3568 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luka=20Paunovi=C4=87?= 
Date: Thu, 21 Mar 2019 18:20:46 +0100
Subject: [PATCH 0543/2300] Update config.inc.php

---
 install/ubuntu/14.04/pma/config.inc.php | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/install/ubuntu/14.04/pma/config.inc.php b/install/ubuntu/14.04/pma/config.inc.php
index a643a065..36093369 100644
--- a/install/ubuntu/14.04/pma/config.inc.php
+++ b/install/ubuntu/14.04/pma/config.inc.php
@@ -137,6 +137,12 @@ if (!empty($dbname)) {
 $cfg['UploadDir'] = '';
 $cfg['SaveDir'] = '';
 
+/*
+ * Temp dir for faster beahivour
+ *
+ */
+$cfg['TempDir']  = '/tmp';
+
 /* Support additional configurations */
 foreach (glob('/etc/phpmyadmin/conf.d/*.php') as $filename)
 {

From 6d09433447900c306e332c2b13f8b6df89e7675b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luka=20Paunovi=C4=87?= 
Date: Thu, 21 Mar 2019 18:20:59 +0100
Subject: [PATCH 0544/2300] Update config.inc.php

---
 install/ubuntu/13.10/pma/config.inc.php | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/install/ubuntu/13.10/pma/config.inc.php b/install/ubuntu/13.10/pma/config.inc.php
index a643a065..36093369 100644
--- a/install/ubuntu/13.10/pma/config.inc.php
+++ b/install/ubuntu/13.10/pma/config.inc.php
@@ -137,6 +137,12 @@ if (!empty($dbname)) {
 $cfg['UploadDir'] = '';
 $cfg['SaveDir'] = '';
 
+/*
+ * Temp dir for faster beahivour
+ *
+ */
+$cfg['TempDir']  = '/tmp';
+
 /* Support additional configurations */
 foreach (glob('/etc/phpmyadmin/conf.d/*.php') as $filename)
 {

From b16e9b1d4db5637f2393d8e15fdcd3742f85dad2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luka=20Paunovi=C4=87?= 
Date: Thu, 21 Mar 2019 18:21:09 +0100
Subject: [PATCH 0545/2300] Update config.inc.php

---
 install/ubuntu/13.04/pma/config.inc.php | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/install/ubuntu/13.04/pma/config.inc.php b/install/ubuntu/13.04/pma/config.inc.php
index a643a065..36093369 100644
--- a/install/ubuntu/13.04/pma/config.inc.php
+++ b/install/ubuntu/13.04/pma/config.inc.php
@@ -137,6 +137,12 @@ if (!empty($dbname)) {
 $cfg['UploadDir'] = '';
 $cfg['SaveDir'] = '';
 
+/*
+ * Temp dir for faster beahivour
+ *
+ */
+$cfg['TempDir']  = '/tmp';
+
 /* Support additional configurations */
 foreach (glob('/etc/phpmyadmin/conf.d/*.php') as $filename)
 {

From 25e66d471e8e1385b152ef645e07a323b37d07d8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luka=20Paunovi=C4=87?= 
Date: Thu, 21 Mar 2019 18:21:22 +0100
Subject: [PATCH 0546/2300] Update config.inc.php

---
 install/ubuntu/12.10/pma/config.inc.php | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/install/ubuntu/12.10/pma/config.inc.php b/install/ubuntu/12.10/pma/config.inc.php
index a643a065..36093369 100644
--- a/install/ubuntu/12.10/pma/config.inc.php
+++ b/install/ubuntu/12.10/pma/config.inc.php
@@ -137,6 +137,12 @@ if (!empty($dbname)) {
 $cfg['UploadDir'] = '';
 $cfg['SaveDir'] = '';
 
+/*
+ * Temp dir for faster beahivour
+ *
+ */
+$cfg['TempDir']  = '/tmp';
+
 /* Support additional configurations */
 foreach (glob('/etc/phpmyadmin/conf.d/*.php') as $filename)
 {

From 02955ddb479802d468e1290832773602ad2f1aa8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luka=20Paunovi=C4=87?= 
Date: Thu, 21 Mar 2019 18:21:35 +0100
Subject: [PATCH 0547/2300] Update config.inc.php

---
 install/ubuntu/12.04/pma/config.inc.php | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/install/ubuntu/12.04/pma/config.inc.php b/install/ubuntu/12.04/pma/config.inc.php
index a643a065..36093369 100644
--- a/install/ubuntu/12.04/pma/config.inc.php
+++ b/install/ubuntu/12.04/pma/config.inc.php
@@ -137,6 +137,12 @@ if (!empty($dbname)) {
 $cfg['UploadDir'] = '';
 $cfg['SaveDir'] = '';
 
+/*
+ * Temp dir for faster beahivour
+ *
+ */
+$cfg['TempDir']  = '/tmp';
+
 /* Support additional configurations */
 foreach (glob('/etc/phpmyadmin/conf.d/*.php') as $filename)
 {

From 8728f4b00d77b2395ce2199f06858ad1f5bef390 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Thu, 8 Aug 2019 14:20:35 +0300
Subject: [PATCH 0548/2300] deleted merge artifacts

---
 install/rhel/7/pma/config.inc.conf | 2 --
 1 file changed, 2 deletions(-)

diff --git a/install/rhel/7/pma/config.inc.conf b/install/rhel/7/pma/config.inc.conf
index d2ab6946..1a65fd6c 100644
--- a/install/rhel/7/pma/config.inc.conf
+++ b/install/rhel/7/pma/config.inc.conf
@@ -16,7 +16,6 @@
  */
 $cfg['blowfish_secret'] = '%blowfish_secret%'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */
 
-<<<<<<< HEAD
 /**
 =======
 /*
@@ -26,7 +25,6 @@ $cfg['blowfish_secret'] = '%blowfish_secret%'; /* YOU MUST FILL IN THIS FOR COOK
 $cfg['TempDir']  = '/tmp';
 
 /*
->>>>>>> Update config.inc.conf
  * Servers configuration
  */
 $i = 0;

From 743476ad73e4cd3b6efc4be61ed190d5f8dfc28d Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Thu, 8 Aug 2019 18:39:56 +0300
Subject: [PATCH 0549/2300] added sudo call for directory creation and restore

---
 bin/v-add-web-domain |  4 ++--
 bin/v-restore-user   | 28 ++++++++++++++++++----------
 func/rebuild.sh      |  5 +++--
 3 files changed, 23 insertions(+), 14 deletions(-)

diff --git a/bin/v-add-web-domain b/bin/v-add-web-domain
index 2846242c..8a71cc9f 100755
--- a/bin/v-add-web-domain
+++ b/bin/v-add-web-domain
@@ -63,7 +63,7 @@ fi
 source $USER_DATA/user.conf
 
 # Creating domain directories
-mkdir -p $HOMEDIR/$user/web/$domain \
+sudo -u $user mkdir -p $HOMEDIR/$user/web/$domain \
       $HOMEDIR/$user/web/$domain/public_html \
       $HOMEDIR/$user/web/$domain/public_shtml \
       $HOMEDIR/$user/web/$domain/document_errors \
@@ -80,7 +80,7 @@ ln -f -s /var/log/$WEB_SYSTEM/domains/$domain.*log \
     $HOMEDIR/$user/web/$domain/logs/
 
 # Adding domain skeleton
-cp -r $WEBTPL/skel/* $HOMEDIR/$user/web/$domain/ >/dev/null 2>&1
+sudo -u $user cp -r $WEBTPL/skel/* $HOMEDIR/$user/web/$domain/ >/dev/null 2>&1
 for file in $(find "$HOMEDIR/$user/web/$domain/" -type f); do
     sed -i "s/%domain%/$domain/g" $file
 done
diff --git a/bin/v-restore-user b/bin/v-restore-user
index 55e29e18..bd3d86bb 100755
--- a/bin/v-restore-user
+++ b/bin/v-restore-user
@@ -406,15 +406,21 @@ if [ "$web" != 'no' ] && [ ! -z "$WEB_SYSTEM" ]; then
         fi
 
         # Restoring web domain data
-        tar -xzpf $tmpdir/web/$domain/domain_data.tar.gz \
-            -C $HOMEDIR/$user/web/$domain/
-        if [ "$?" -ne 0 ]; then
-            rm -rf $tmpdir
-            error="can't unpack $domain data tarball"
-            echo "$error" |$SENDMAIL -s "$subj" $email $notify
-            sed -i "/ $user /d" $VESTA/data/queue/backup.pipe
-            check_result "$E_PARSING" "$error"
+        chown $user $tmpdir
+        chmod u+w $HOMEDIR/$user/web/$domain
+        sudo -u $user tar -xzpf $tmpdir/web/$domain/domain_data.tar.gz \
+            -C $HOMEDIR/$user/web/$domain/ --exclude=logs/* \
+            2> $HOMEDIR/$user/web/$domain/restore_errors.log
+        if [ -e "$HOMEDIR/$user/web/$domain/restore_errors.log" ]; then
+            chown $user:$user $HOMEDIR/$user/web/$domain/restore_errors.log
         fi
+        #if [ "$?" -ne 0 ]; then
+        #    rm -rf $tmpdir
+        #    error="can't unpack $domain data tarball"
+        #    echo "$error" |$SENDMAIL -s "$subj" $email $notify
+        #    sed -i "/ $user /d" $VESTA/data/queue/backup.pipe
+        #    check_result "$E_PARSING" "$error"
+        #fi
 
         # Applying Fix for tar < 1.24
         find $HOMEDIR/$user/web/$domain -type d \
@@ -586,13 +592,15 @@ if [ "$mail" != 'no' ] && [ ! -z "$MAIL_SYSTEM" ]; then
 
         # Rebuilding mail config
         rebuild_mail_domain_conf
-        
+
         domain_idn=$domain
         format_domain_idn
 
         # Restoring emails
         if [ -e "$tmpdir/mail/$domain/accounts.tar.gz" ]; then
-            tar -xzpf $tmpdir/mail/$domain/accounts.tar.gz \
+            chown $user $tmpdir
+            chmod u+w $HOMEDIR/$user/mail/$domain_idn
+            sudo -u $user tar -xzpf $tmpdir/mail/$domain/accounts.tar.gz \
                 -C $HOMEDIR/$user/mail/$domain_idn/
             if [ "$?" -ne 0 ]; then
                 rm -rf $tmpdir
diff --git a/func/rebuild.sh b/func/rebuild.sh
index 352b9083..cf743d65 100644
--- a/func/rebuild.sh
+++ b/func/rebuild.sh
@@ -152,7 +152,7 @@ rebuild_web_domain_conf() {
     prepare_web_domain_values
 
     # Rebuilding domain directories
-    mkdir -p $HOMEDIR/$user/web/$domain \
+    sudo -u $user mkdir -p $HOMEDIR/$user/web/$domain \
         $HOMEDIR/$user/web/$domain/public_html \
         $HOMEDIR/$user/web/$domain/public_shtml \
         $HOMEDIR/$user/web/$domain/document_errors \
@@ -178,7 +178,8 @@ rebuild_web_domain_conf() {
 
     # Propagating html skeleton
     if [ ! -e "$WEBTPL/skel/document_errors/" ]; then
-        cp -r $WEBTPL/skel/document_errors/ $HOMEDIR/$user/web/$domain/
+        sudo -u $user cp -r $WEBTPL/skel/document_errors/ \
+            $HOMEDIR/$user/web/$domain/
     fi
 
     # Set folder permissions

From 26c0d3c3f267e4356c3bc1c1691a786bb1f4dac0 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Thu, 8 Aug 2019 19:59:21 +0300
Subject: [PATCH 0550/2300] fixed delimiter format for plain output

---
 bin/v-delete-mail-domain | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-delete-mail-domain b/bin/v-delete-mail-domain
index f3541edb..ee727aa9 100755
--- a/bin/v-delete-mail-domain
+++ b/bin/v-delete-mail-domain
@@ -56,7 +56,7 @@ fi
 # Deleting dkim dns record
 if [ "$DKIM" = 'yes' ] && [ -e "$USER_DATA/dns/$domain.conf" ]; then
     records=$($BIN/v-list-dns-records $user $domain plain)
-    dkim_records=$(echo "$records" |grep -w '_domainkey' | cut -f 1 -d ' ')
+    dkim_records=$(echo "$records" |grep -w '_domainkey' |cut -f 1)
     for id in $dkim_records; do
         $BIN/v-delete-dns-record $user $domain $id
     done

From e43bc8d804bf1067479f682acae2ff65111cb5ae Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 10 Aug 2019 18:21:36 +0200
Subject: [PATCH 0551/2300] Update v-list-sys-config

---
 bin/v-list-sys-config | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-list-sys-config b/bin/v-list-sys-config
index 4f52e4a6..127f2176 100644
--- a/bin/v-list-sys-config
+++ b/bin/v-list-sys-config
@@ -52,7 +52,7 @@ json_list() {
         "DB_PMA_URL": "'$DB_PMA_URL'",
         "DB_PGA_URL": "'$DB_PGA_URL'",
         "SOFTACULOUS": "'$SOFTACULOUS'",
-        "MAX_DBUSER_LEN": "'$MAX_DBUSER_LEN'"
+        "MAX_DBUSER_LEN": "'$MAX_DBUSER_LEN'",
         "MAIL_CERTIFICATE": "'$MAIL_CERTIFICATE'",
         "VESTA_CERTIFICATE": "'$VESTA_CERTIFICATE'"
     }

From 8369e7084b3b4fc34aff5fdf6d8702231fe4d929 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 10 Aug 2019 18:32:00 +0200
Subject: [PATCH 0552/2300] Update vst-install-debian.sh

---
 install/vst-install-debian.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 5ce97eac..cbea8e73 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -42,7 +42,7 @@ elif [ "$release" -eq 9 ]; then
         flex whois rssh git idn zip sudo bc ftp lsof ntpdate rrdtool quota
         e2fslibs bsdutils e2fsprogs curl imagemagick fail2ban dnsutils
         bsdmainutils cron vesta vesta-nginx vesta-php expect libmail-dkim-perl
-        unrar-free vim-common vesta-ioncube vesta-softaculous net-tools unzip"
+        unrar-free vim-common net-tools unzip"
 fi
 
 # Defining help function

From 8314a4e1c3f06c5f5052bd19ce12e8e524f1e351 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 10 Aug 2019 18:46:06 +0200
Subject: [PATCH 0553/2300] Create 15-mailboxes.conf

---
 .../10/dovecot/conf.d/15-mailboxes.conf       | 29 +++++++++++++++++++
 1 file changed, 29 insertions(+)
 create mode 100644 install/debian/10/dovecot/conf.d/15-mailboxes.conf

diff --git a/install/debian/10/dovecot/conf.d/15-mailboxes.conf b/install/debian/10/dovecot/conf.d/15-mailboxes.conf
new file mode 100644
index 00000000..7b2bab97
--- /dev/null
+++ b/install/debian/10/dovecot/conf.d/15-mailboxes.conf
@@ -0,0 +1,29 @@
+## Mailbox definitions
+##
+
+
+# NOTE: Assumes "namespace inbox" has been defined in 10-mail.conf.
+namespace inbox {
+  mailbox Drafts {
+    special_use = \Drafts
+    auto = subscribe
+  }
+
+  mailbox Junk {
+    special_use = \Junk
+    auto = subscribe
+  }
+
+  mailbox Trash {
+    special_use = \Trash
+    auto = subscribe
+  }
+
+  mailbox Sent {
+    special_use = \Sent
+    auto = subscribe
+  }
+  mailbox "Sent Messages" {
+    special_use = \Sent
+  }
+}

From c1b8699ffba4909ab100e190da3cb0b27c94a4cd Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 10 Aug 2019 19:46:45 +0200
Subject: [PATCH 0554/2300] static files for c subdomain

---
 src/static.tar.gz | Bin 0 -> 3028 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)
 create mode 100644 src/static.tar.gz

diff --git a/src/static.tar.gz b/src/static.tar.gz
new file mode 100644
index 0000000000000000000000000000000000000000..0d33c96f587d548e7332d0a407fe39f8b08aeb6d
GIT binary patch
literal 3028
zcmV;_3oG;=iwFRY0#9841MORTTolzFKR!s@e4$s(;#1?o3Lz}BJNpnt!vGa|#w*`C
zursi*JA=Ekyh^WeO9_F}d@x?jQZz-gtLDu>ElksL6j3oF@#eKO^NO0cd^4RhN*b+E
zpJb~~^ZjFIXV35a&hIhb-|x&Yr~^T}1BWo`_0kcd^-=n+A@o|pfNL}cE&SbR)ZhTq
zx4&rsIP4s0!!TfDS?=fL+8Y0pLLF#hQ&`Tf=5pK3J(OUBPIu4zYj6$FXf;}#fFA}U
zfLDQ0X8;)9UIyKbzj*$=uxtuOAT1I1d+Bggz%nZh*Q&^TG#bQpyOsthOGiof7%7z1D9BJv4-5<+DXXzo7
znNz2-R(~vk%Hk+%3T4AIK|y*j@M`A{0CWWYNIhB|bV~HCI@XMT95MdgEBkv_oe$qR
z!?f!0T_O1yFFp|Jzk9G}>9-H}dHU6!!R0Tx{jYmO_=)Lh!5a%=l)8q9crv*xc~|3(
z+=9cF;6bxKIQ4e^J}>{M3&q1afMLH|Wd9s!;eU#SWHQ@_{%!JKtJSsUzuu^q`R@wc
z;s5Ir{~`Hr4YU{MJKV+jj(v(>TC?|D&lTlwH_Y91eCzd|vm<26x)d$^=crt+o#_7y
z`oF$4|8++B{?8?7-TzVZ=lQ#vKX6Sg=rnFf)z*u6w~)0SiQDwB
zv++B7)%qx^nUZ%Feg5F{OWyqE!Ldwre>Y#x-X-fQdcPk$^qIJd|9`qQIlSS_<)U-U
z;_=$5vp0Ioys#y<-@JyBu5v;78MN@M(+PE!5@eJloS3Z
zb$)q%|D7IqagWZ?%MzE0K`%tr9g4rv;h9;M&HTCi_dfeX
zf28~0Yo~0=@IN%FE=ynCJ??{=^TTEm*flZK*vp>UQ!WOr@WcL}Ol`02f7|?roNwL#
zah=S6SHL;{X_|J${r`{nANdfx|M%+kO-3&wp?dlLW8a#~jWPYQ3tr|Pa5MUadots!
zf!F7s)sKq1*y-!s4=d)avh?$fc>`-Get-4Qf{=&mljk2lkaXj#d9`yp%Pjw;XyHFh
zQkIRf+bPriuL5oGUyExDt^2=0Pssdt1@7?w^sVQAQUwr2S`-OU1n5i*jfPf2vjFk{tprs=U2rl$4xw{Y{on?O=K=B$E=!|w$kPN*
z1LQ8W0uB;1+#~S>fZju+pezq)9uPbLC>SVMa5fAF^dF$uAeW#rXf(7EpirTOp>C)e
z>H;WoXc$#qSbJ$2pg=vMA61MIFVCM^jNa
z07?S#kVl%3(E#NH*})^lNHstyLee~1M|$!LGX?_*{e#QGGt>&Cs{u&)22w_Wlrtb@
z1xRrRQe=S?J0L{|Nd5!KLm>G8BrAbr2ar|*k}e=g!{H_X8Ud&Vpb~&W0CE6G0w4?k
zB>)~!_BRYSH8nLhHda?xS5{UQ78d5@KHqongsr}KYG{$CPsb~}iz*^Y`-*EOUG4ehXpo#T
z!OUOqm{S@^epvC*iFqOaH0rmPM-+tCE*ll(esc)1CboA-$tg>^>daHClY^r6UDIXM
zu9;Fjbg6=>$Y9m(dhZ1d1ByPK
zc4^|?SKd04p$dLtaknM2p7S2!5i)yZ2l)}e-B1VO>LB%yKg9bVdL3cZ8xj9;9j=kz
z|8NCb@^4G0EbVm>{F?k5jnex+=#>yT|1Q9f@=vq2R4O2y!dt%PaFe{ast
z7sV0F&U;SXIe%{VGc$a>_F4?qrV}T&tvnsO&fC-NWY)1qu5N#9_HfA#l`
zd{xDipL*r=RAMu&7=C%4>SP1{oM&18D?R#;Wh%#=^;cJDhuAjKQU2-sd&N*O?-u6y
z;X8CE6RWe=9v;vza98u>a-6zS;B)w2*#@KA-ir~@H}+H}r%rrx_T#Fg@{d$cnxgw|
z2q;)~H2BEE$>F6DC;35d&OK`P+M54-X829I?qE#K%8-hZC!;qt6=XC9SI3?#eR+@{
zv*?2|&vE$!mUlV7cU#V(4_~rc#+`k%gzd6)e8z$Wt1cBf{9d^>c{kHNy7wx_rb*nz
zqRc$yrJ(-)+h%Xeqsm4#<)@cg73<564?o4(kFtq<19ShK&~5Clx_8|6Z48Qjbn42_
zX4;33EslKJIGkBlUpL{SaR6u%}_L
z!=5)qx0(1qu8BTdRyT|B=bjkU0Dn#Yhg*NN|1)TGa{qS)TID~>
z#?oAt3Es0a_wPASTm2us?5)x23`U(^4-YW^I=BOn`@bs?#ge9I*5t5Im{V9;)6{I_
zyE;{oK-sb>TMTKvhpci`Vx01}RD_9QIHyu9BMD-+WJ8FB
zO(iYqtesPYQ8ekWaJQ8>TSbu^52u8qeXMhPp~!75NYJUsOl%-&vMNS8xb(P@(V>tO
z<}@c_w^<{}#oA0x4MIS{B%#dIEYhk@^}BQKV9dENz)5y0o`U|^sj!#?XBN}6^xs(b
zQ2!%aM%!3N*3ZZ>Y#NeKM3cD@4CDZlO4*&sX>qh<0>zkU^F1ySWL6ZLHj1@bN#}9I
zFw?C_V@g#zrm|ov2d3h%NlKM%k`hzdF;$APO%*6o=%`d>V-r~E+tTd+0Mmg
zab}ir>IxP>D&nc>4zrC)CM{-D0=(z3IPoQpwA;xIGu*J;ZyWq%>Awz}?88T$ZkRd~c
W3>h+H$dDn!W%wSWoQ-k-Pyhg6UHusV

literal 0
HcmV?d00001


From 412b447399291ec7db13811fd71d3051009a3a74 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 10 Aug 2019 20:32:04 +0200
Subject: [PATCH 0555/2300] Update deb_signing.key

---
 install/debian/10/deb_signing.key | 65 ++++++++++++++++++-------------
 1 file changed, 38 insertions(+), 27 deletions(-)

diff --git a/install/debian/10/deb_signing.key b/install/debian/10/deb_signing.key
index 2ad2db8b..9debc008 100644
--- a/install/debian/10/deb_signing.key
+++ b/install/debian/10/deb_signing.key
@@ -1,30 +1,41 @@
 -----BEGIN PGP PUBLIC KEY BLOCK-----
-Version: GnuPG v1.4.12 (GNU/Linux)
 
-mQENBFJIGbEBCAC8SHOOFo7iDTbnC2GhNZ+uBGCh226Dn1QPoFZNFM/DNakHZ6rD
-G3wzr8++eKz4fJual/VLllE2N9XDPuxbozb3LLkcyY1WzJqtIXbXhFGQ/SuIeT+x
-QY90XU6t2Ckze2c+zUniAWmJ8GSyVmXOoc9JxAQ1u47wvGXLzrjWXc8u8PNRYXuf
-fZplTL+dFu9P0d6lP8FGsV+r9wXvvazpRTz3+H8PKrGCYT55ZQIEdG9Jgamylto2
-oVPFXkwGML+TLw6oeCIBuz2y2vtivphW4MJ3ifQjDj7k3n+DTIxfDFs8lB6VRhhY
-2nMHCrcZC6U2mhmXmr6O4s1fu6irBVx05ejPABEBAAG0IFNlcmdoZXkgUm9kaW4g
-PHNraWRAdmVzdGFjcC5jb20+iQE4BBMBAgAiBQJSSBmxAhsDBgsJCAcDAgYVCAIJ
-CgsEFgIDAQIeAQIXgAAKCRBCxbITCh93FPdqB/93GjV9g+wBfeZYLHQK9MDU2wBb
-VloYOJJae6IvYKYQVAJayD3PbHdpxrF8s9e23vdnmb9jKu6jX6oV54EIyqP2HPiN
-QYc8wcea+eSHerznBixCtoQh8mtdWGFeN71zU/ig7L5qlOVF/EmxDVZTFUeivFxh
-IV6qyBnktQKktE45585yKZyyLtfGoXA54DGK69OtJFh+wdkKEMmUXocMl7wUrxW6
-Cx2CuKeEXEgvwu8mRHQi3S3T9XP456qWEn5dWyMVcP660IzEuZfSJApZusNK7zG3
-WMy0/EuX7xHNY3mcNxTOUN1LsO7iHnhHD9+iKWJo9parGkMZzc92MpjDK/g7uQEN
-BFJIGbEBCAC7k5QEA9WQM7E3ceNaeLMrA9lXfuzaNCcySq7ONdVAa5PxzbSKdHvz
-QFoL1VFqBTYQ038lbil1XqnoM0zvIfAI3LcpS8sq92El/vPxp6jZh2Ari9Uw7x95
-k2cZMgI67g+zQMGdjVRA155nFQRCgg000xU4F7JA6+WsuLlVUmccsDv7YWJExMtC
-YPxiuz5DFu8RALnw4Ckts+dbwsrcvUHhkm9b6RAsdCKjjRpUZjLgdltjH83gUVvt
-i1YmdjjsVpt95dtsaG+ad852g/Rk8EdxNMkjPF6HLA67CLADP9wYaj80yPcPtylS
-ycvPtcclVeHkFBRVM8xZpQd4iD19MWI1ABEBAAGJAR8EGAECAAkFAlJIGbECGwwA
-CgkQQsWyEwofdxQ7tQgAhB0FwTs7L8Qr63DHC2yAnXVxgtTAY1/36CccNXVculyR
-+EkLcwahms9AKhz7eQb+Mud+5vH0GRohLp2npgO38CjVUfIP5d+Y6dsthmrkF6p8
-XdV1dVK9vWX+i/YZSw/Mded30Cq4P2Yhq9EaemMT0rtli8lz2NnkZ9dFJZk1lzJC
-CZmRpbjSNWqRU4f7qyh21lYk/OC/0XE8fh8CaO23TZ+6gBionoCztwb7NyC9OArN
-qYlNnbmh9iNqdblykPS3bkjf34n2xyMgnIehNrM89tk8PY4UfNPhgT1TMD9W3Svq
-ynNZvLuF/FIDwDeC1qcfjGbfDn9fXO/lMIIRooQYKQ==
-=J2HJ
+mQGNBF0pEcYBDADE5M0hqORpLBNuCtGaDzX7b7pRNCpWG0zBqjfXf6GSNCZFmoT8
+ag0DJqhEgt9+MK8StYPvZJNrnhEfT3z8twRfvnFGl6SIHMidInmDOJG8Y6btUPc4
+pylXYgAMnRUzT3eXaHcn/UGNQ1NR3DwUaL8wqGpurMkxqmoeHsvn6sHO5v7PiAW1
+xSFVyrMLDEAQASdif6Zfmjm4WaxJF3p8BxCcmfmMIC+UXiRVn5jrib1J0yC5AQZf
+uPHcnZZIynYphcNV9fOC0VFpxxtdWz3cdtJQNEuM/bV5qEowlULgopQQVn4W7I3/
+6Hy4RSS+B5mSinKF7Na666sKiBbOqWNWHpGi9YEGfD+3bE36Gd/B3FaMKDc/zDn7
+5eWFgxBT89ASHNzKULKpNwOzRMwBDj6nZySFzr2lMNH9SAQ6xL5i2/L49SXu2wsI
+FisvNzSFpflyseiHpda2DbQ3U9Uk36Ixy8OrHFcRHW/an4mPuae+FHjI3+TYJPbM
+DINOKGlDAHpXIEUAEQEAAbQuUHJlZHJhZyBEYW1uamFub3ZpYyA8cHJlZHJhZ0Bo
+b3N0aW5ncGFuZWwuZGV2PokB1AQTAQoAPhYhBKkALHMylGR2fdARrXm+rmsIksKF
+BQJdKRHGAhsDBQkDwmcABQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJEHm+rmsI
+ksKF8ywL+gM1e/22lvq+q6mElPZBPtpa6rHgvPlm9pKdp/vdpV/x7bXWOiE/xClK
+F5+ULBbudeWiiJi6e6aUKSYTtEFku6qJLBe64gX4EfjOYjBdYqbmGr0I+s2F/awB
+jBqg/97XB5JnUVis9762VU9CltvRjHjhd/s5HM4lCta0bSjPkRyFASONPDLx0y/L
+1ESXyHgTBOHOotQrnH0l4RQmTEcjN1jyGsHqbt6D5Km5DrteI9uFt2MWjOAOB6Fc
+noiGJCaLGffw7aJ0CwKWySUPaXgTiLYWwJW3KIIh/IgKtLfhteAwImxMxLiQDLk2
+p6jO4h+I6k+n3e+u/Bd7/zK2PbpoEqgw2NzfAFX6qkJKQgtps1oP2IwEi64BbFTd
+uOjJjfYLKuFgwilHe0mdrUusjQy8HSBhezpciTlalDOJtrjF3DHiIvp3WUPXsS7o
+vswoR8SH7yJTH5dP7lrfFEeQ8TBBq+f+d3uAQVBXi8ETyflHnws9LHMR8J3QuadK
+y6OESuMzPrkBjQRdKRHGAQwAyqeIfU2TL36ddAKAmNvDlMwYAcxlsq619KbIuFPK
+h3nW1bXYwhFGjOwSFrIhFPT8cG69S4yvVDwkN1BeCefEA35PJdwy9FLERHFApEbO
+C2WUrbqYovd26W/xdAlHXsphsD0p64ntYkqJzYWGKAQ/6LO0esoesRl5iTSda7WG
+pHX/2LXiSl91gqysWZIaB8LoJaACkoti9N/FFH/Li08ez3Am2mxciX5yGdcba290
+rEvzgxwi00KdhNTE7ZT8FmpiUDxdm5kninRRklk6FAfEaQ1sLffhhZkcaNF+cmSV
+ijU8TCmoTpkAoyOddWri1zZBgeDQh7CGaNbx3n/6EZVKwPajFgDuVA/n9YVKyG9O
+AGpgK5p3pn7yrBCdDEOl+pun/NsEaUm3mrRpQvEZoVCLYkVfdYaXpgTcifVYJnt3
+/8xbYYM6qMXM/ajiUQrAWaYBylzF5uc0WaK3w0feb1KdEV8o0+BgpOxUQtUfM88m
+GMCLb+2S2DQY2ay4tImgIjKVABEBAAGJAbwEGAEKACYWIQSpACxzMpRkdn3QEa15
+vq5rCJLChQUCXSkRxgIbDAUJA8JnAAAKCRB5vq5rCJLChRWJDACNA2AOuB5wuJOY
+pm9fXB5uwtvqbqd7Q3219o5236F7Imw81afxcu2RDZDh6DXHmW3YnICq4ffyYjWW
+1jQrZJo7uemlc+Vkqvq/XFS5T/DbaWwZCYj5uN6BbsfmfoLpa7QYvUu2vsNM6UD6
+DmrWeLIWAv9VS/RHAFgzs5Rre3EjD5NrWVOttOmwqeMJC06Nf9JUqE7o5DDQ6avG
+Hy+7KMYHSJf6dtH7lYNI0tq3/qxkNr7xF5c7FO5J/hv0wOeilExEJEiSrBfVXrhJ
+tOs6B1qE6liD6IoMSPHZDZESzU/PJG+UbzxYpi3rtqcte/qXS7QzOnv77rFK0VmF
+pHGSkDCoUmxbSIGrju8D9MeXuj5ygS7LoqpdxifCfnxa50VJk10+ucyiW4yUjBZv
+7SjBioKXx4cW7TDjPcZ7XrsCKftipZxr8d7BvSRESgRdBI/p8md3sf9e7vw4V4d0
+ME0RikTA0b3qYO0RroUPcs/FD6PcvJ4SiWNwWqIU6DbtFh1ojo0=
+=mMOx
 -----END PGP PUBLIC KEY BLOCK-----

From a244f1984b0c261bfb59600178acc783782d6f1b Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 11 Aug 2019 23:50:08 +0200
Subject: [PATCH 0556/2300] Enhanced compiler script

---
 src/deb/vesta_compile.sh | 404 ++++++++++++++++++++++-----------------
 1 file changed, 228 insertions(+), 176 deletions(-)

diff --git a/src/deb/vesta_compile.sh b/src/deb/vesta_compile.sh
index 7d835e8b..ad3fb403 100644
--- a/src/deb/vesta_compile.sh
+++ b/src/deb/vesta_compile.sh
@@ -8,25 +8,24 @@ wait_to_press_enter=1
 run_apt_update_and_install=1
 add_deb_to_apt_repo=0
 
-function press_enter {
-    if [ $wait_to_prss_enter -eq 1 ]; then
-        read -p "$1"
-    else
-        echo $1
-    fi
-}
+DEB_NAME='buster'
+DEB_VER='10'
+VESTA_VER='0.9.8-25'
 
 # Set compiling directory
-BUILD_DIR='/usr/src'
-INSTALL_DIR='/usr/local/vesta'
+BUILD_DIR="/usr/src/$DEB_NAME"
+INSTALL_DIR="/usr/local/vesta/$DEB_NAME"
 
 # Set git repository raw path
-GIT_REP='https://raw.githubusercontent.com/myvesta/vesta/master/src/deb'
+GIT_SRC='https://raw.githubusercontent.com/myvesta/vesta/master/src'
+GIT_REP="$GIT_REP/deb"
 
-PATH_OF_APT_REPO='/var/www/html/buster'
+PATH_OF_C_WEB_FOLDER="/var/www/c.vesta.hostingpanel.dev/html"
+PATH_OF_C_WEB_FOLDER_FOR_SPECIFIC_DEB_VER="$PATH_OF_C_WEB_FOLDER/debian/$DEB_VER"
+PATH_OF_APT_REPO="/var/www/apt.vesta.hostingpanel.dev/html/$DEB_NAME"
 
 # Set Version for compiling
-VESTA_V='0.9.8-24_amd64'
+VESTA_V=$VESTA_VER"_amd64"
 NGINX_V='1.17.1'
 OPENSSL_V='1.1.1c'
 PCRE_V='8.43'
@@ -34,7 +33,6 @@ ZLIB_V='1.2.11'
 PHP_V='5.6.40'
 
 # Generate Links for sourcecode
-VESTA='https://github.com/myvesta/vesta/archive/master.zip'
 NGINX='https://nginx.org/download/nginx-'$NGINX_V'.tar.gz'
 OPENSSL='https://www.openssl.org/source/openssl-'$OPENSSL_V'.tar.gz'
 PCRE='https://ftp.pcre.org/pub/pcre/pcre-'$PCRE_V'.tar.gz'
@@ -42,7 +40,38 @@ ZLIB='https://www.zlib.net/zlib-'$ZLIB_V'.tar.gz'
 PHP='http://de2.php.net/distributions/php-'$PHP_V'.tar.gz'
 
 # Set package dependencies for compiling
-SOFTWARE='build-essential libxml2-dev libz-dev libcurl4-gnutls-dev unzip openssl libssl-dev pkg-config'
+SOFTWARE='build-essential libxml2-dev libz-dev libcurl4-gnutls-dev unzip openssl libssl-dev pkg-config reprepro dpkg-sig'
+
+function press_enter {
+    if [ $wait_to_press_enter -eq 1 ]; then
+        read -p "$1"
+    else
+        echo $1
+    fi
+}
+
+function make_deb_package_and_add_to_repo {
+  press_enter "=== Press enter to build the package"
+  cd $BUILD_DIR
+  if [ -f "$1_$VESTA_V.deb" ]; then
+    rm $1_$VESTA_V.deb
+  fi
+  dpkg-deb --build $1_$VESTA_V
+  
+  if [ $add_deb_to_apt_repo -eq 1 ]; then
+    press_enter "=== Press enter to sign the package ==============================================================================="
+    
+    export GPG_TTY=$(tty)
+    dpkg-sig --sign builder $1_$VESTA_V.deb
+	mkdir -p $PATH_OF_APT_REPO
+    cd $PATH_OF_APT_REPO
+    
+    press_enter "=== Press enter to add to repo ==============================================================================="
+    
+    reprepro --ask-passphrase -Vb . remove $DEB_NAME $1
+    reprepro --ask-passphrase -Vb . includedeb $DEB_NAME $BUILD_DIR/$1_$VESTA_V.deb
+  fi
+}
 
 # Install needed software
 if [ $run_apt_update_and_install -eq 1 ]; then
@@ -67,6 +96,9 @@ for arg; do
       NGINX_B='true'
       PHP_B='true'
       VESTA_B='true'
+      VESTAGIT_B='true'
+	  CWEB_B='true'
+	  APTWEB_B='true'
       ;;
     --nginx)
       NGINX_B='true'
@@ -77,17 +109,99 @@ for arg; do
     --vesta)
       VESTA_B='true'
       ;;
+    --vestagit)
+      VESTAGIT_B='true'
+      ;;
+    --cweb)
+      CWEB_B='true'
+      ;;
+    --aptweb)
+      APTWEB_B='true'
+      ;;
     *)
       NOARGUMENT='true'
       ;;
   esac
 done
 
-if [[ $# -eq 0 ]] ; then
-  echo "!!! Please run with argument --all, --vesta, --nginx or --php !!!"
+if [ $# -eq 0 ]; then
+  echo "!!! Please run with argument --vesta, --nginx, --php, --vestagit, --cweb, --aptweb or --all"
   exit 1
 fi
 
+if [ "$CWEB_B" = true ]; then
+  VESTAGIT_B='true'
+fi
+if [ "$VESTA_B" = true ]; then
+  VESTAGIT_B='true'
+fi
+
+#################################################################################
+#
+# Get latest vesta from git
+#
+#################################################################################
+
+if [ "$VESTAGIT_B" = true ]; then
+  echo "======= Get latest vesta from git ======="
+  cd /root
+  rm -rf vesta/
+  git clone https://github.com/myvesta/vesta.git
+fi
+
+#################################################################################
+#
+# Building c subdomain web folder
+#
+#################################################################################
+
+if [ "$CWEB_B" = true ]; then
+  echo "======= Building c subdomain web folder ======="
+  
+  echo "Removing: $PATH_OF_C_WEB_FOLDER"
+  rm -rf $PATH_OF_C_WEB_FOLDER
+  echo "=== Whole C folder removed"
+
+  echo "=== Making folder $PATH_OF_C_WEB_FOLDER"
+  mkdir -p $PATH_OF_C_WEB_FOLDER
+  cd $PATH_OF_C_WEB_FOLDER
+  
+  echo "=== Copying and extracting static files"
+
+  cp /root/vesta/src/static.tar.gz $PATH_OF_C_WEB_FOLDER/static.tar.gz
+  tar -xzf static.tar.gz
+  rm static.tar.gz
+  
+  echo "=== Copying files"
+  mkdir -p $PATH_OF_C_WEB_FOLDER_FOR_SPECIFIC_DEB_VER
+  cp -rf /root/vesta/install/debian/$DEB_VER/* $PATH_OF_C_WEB_FOLDER_FOR_SPECIFIC_DEB_VER
+  cd $PATH_OF_C_WEB_FOLDER_FOR_SPECIFIC_DEB_VER
+  
+  if [ -f "packages.tar.gz" ]; then
+    rm packages.tar.gz
+  fi
+  tar -czf packages.tar.gz packages/
+  
+  if [ -f "templates.tar.gz" ]; then
+    rm templates.tar.gz
+  fi
+  tar -czf templates.tar.gz templates/
+  
+  if [ -f "firewall.tar.gz" ]; then
+    rm firewall.tar.gz
+  fi
+  tar -czf firewall.tar.gz firewall/
+
+  if [ -f "fail2ban.tar.gz" ]; then
+    rm fail2ban.tar.gz
+  fi
+  tar -czf fail2ban.tar.gz fail2ban/
+
+  if [ -f "dovecot.tar.gz" ]; then
+    rm dovecot.tar.gz
+  fi
+  tar -czf dovecot.tar.gz dovecot/
+fi
 
 #################################################################################
 #
@@ -95,7 +209,7 @@ fi
 #
 #################################################################################
 
-if [ "$NGINX_B" = true ] ; then
+if [ "$NGINX_B" = true ]; then
   echo "======= Building vesta-nginx ======="
 
   echo "=== Change to build directory"
@@ -103,16 +217,15 @@ if [ "$NGINX_B" = true ] ; then
   
   BUILDING_NOW=0
   # Check if target directory exist
-  if [ ! -d $BUILD_DIR/vesta-nginx_$VESTA_V ]; then
-  	#mv $BUILD_DIR/vesta-nginx_$VESTA_V $BUILD_DIR/vesta-nginx_$VESTA_V-$(timestamp)
-  	# rm -r $BUILD_DIR/vesta-nginx_$VESTA_V
-    # fi
-  
+  if [ ! -d "$BUILD_DIR/nginx-$NGINX_V" ] || [ ! -d "$INSTALL_DIR/nginx" ]; then
     BUILDING_NOW=1
-    echo "=== Create directory"
-    mkdir $BUILD_DIR/vesta-nginx_$VESTA_V
     
-    press_enter "=== Download and unpack source files"
+    press_enter "=== Press enter to download and unpack source files"
+
+	rm -rf nginx-$NGINX_V
+	rm -rf openssl-$OPENSSL_V
+	rm -rf pcre-$PCRE_V
+	rm -rf zlib-$ZLIB_V
     wget -nv -qO- $NGINX | tar xz
     wget -nv -qO- $OPENSSL | tar xz
     wget -nv -qO- $PCRE | tar xz
@@ -122,7 +235,7 @@ if [ "$NGINX_B" = true ] ; then
     cd nginx-$NGINX_V
     
     press_enter "=== Press enter to configure nginx"
-    ./configure 	--prefix=/usr/local/vesta/nginx \
+    ./configure 	--prefix=$INSTALL_DIR/nginx \
     		--with-http_ssl_module \
     		--with-openssl=../openssl-$OPENSSL_V \
     		--with-openssl-opt=enable-ec_nistp_64_gcc_128 \
@@ -133,71 +246,56 @@ if [ "$NGINX_B" = true ] ; then
     	        --with-pcre-jit \
     		--with-zlib=../zlib-$ZLIB_V
     
-    # Check install directory and move if exists
-    if [ -d $INSTALL_DIR ]; then
-    	#mv $INSTALL_DIR $INSTALL_DIR$(timestamp)
-    	rm -r $INSTALL_DIR
+    # Check install directory and remove if exists
+    if [ -d $INSTALL_DIR/nginx ]; then
+    	rm -rf $INSTALL_DIR/nginx
     fi
     
     press_enter "=== Press enter to make && make install"
     make && make install
-    
-    press_enter "=== Press enter to clear up unused files"
-    cd $BUILD_DIR
-    rm -r nginx-$NGINX_V openssl-$OPENSSL_V pcre-$PCRE_V zlib-$ZLIB_V
+
   fi
   
   press_enter "=== Press enter to Prepare Deb Package Folder Structure"
-  cd vesta-nginx_$VESTA_V/
-  mkdir -p usr/local/vesta etc/init.d DEBIAN
+  if [ -d "$BUILD_DIR/vesta-nginx_$VESTA_V" ]; then
+    rm -rf $BUILD_DIR/vesta-nginx_$VESTA_V
+  fi
+  echo "=== Create directory"
+  mkdir $BUILD_DIR/vesta-nginx_$VESTA_V
+
+  cd $BUILD_DIR/vesta-nginx_$VESTA_V/
+  mkdir -p usr/local/vesta/nginx etc/init.d DEBIAN
   
   press_enter "=== Press enter to Download control, postinst and postrm files"
-  cd DEBIAN
-  wget -nv $GIT_REP/nginx/control -O control
-  wget -nv $GIT_REP/nginx/copyright -O copyright
-  wget -nv $GIT_REP/nginx/postinst -O postinst
-  wget -nv $GIT_REP/nginx/postrm -O postrm
-  chmod +x postinst postrm
+  # Copying control, postinst and postrm files
+  cp -rf /root/vesta/src/deb/nginx/* $BUILD_DIR/vesta-nginx_$VESTA_V/DEBIAN
+  rm $BUILD_DIR/vesta-nginx_$VESTA_V/DEBIAN/nginx.conf
+  rm $BUILD_DIR/vesta-nginx_$VESTA_V/DEBIAN/vesta
   
-  cd ..
-  if [ $BUILDING_NOW -eq 1 ]; then
-    echo "=== Move nginx directory"
-    mv /usr/local/vesta/nginx usr/local/vesta/
-  fi
+  # Set version
+  sed -i "/Version: /c\Version: $VESTA_VER" $BUILD_DIR/vesta-nginx_$VESTA_V/DEBIAN/control
+
+  # Set permission
+  chmod +x $BUILD_DIR/vesta-nginx_$VESTA_V/DEBIAN/postinst
+
+  echo "=== Copying nginx directory"
+  cp -rf $INSTALL_DIR/nginx/* usr/local/vesta/nginx
   
   echo "=== Get Service File"
-  cd etc/init.d
-  wget -nv $GIT_REP/nginx/vesta
+  cd $BUILD_DIR/vesta-nginx_$VESTA_V/etc/init.d
+  cp /root/vesta/src/deb/nginx/vesta vesta
   chmod +x vesta
   
   echo "=== Get nginx.conf"
-  cd ../../
-  wget -nv $GIT_REP/nginx/nginx.conf -O usr/local/vesta/nginx/conf/nginx.conf
+  cd $BUILD_DIR/vesta-nginx_$VESTA_V
+  cp /root/vesta/src/deb/nginx/nginx.conf $BUILD_DIR/vesta-nginx_$VESTA_V/usr/local/vesta/nginx/conf/nginx.conf
   
-  if [ $BUILDING_NOW -eq 1 ]; then
-    echo "=== copy binary"
-    cp usr/local/vesta/nginx/sbin/nginx usr/local/vesta/nginx/sbin/vesta-nginx
-  fi
+  # if [ $BUILDING_NOW -eq 1 ]; then
+  echo "=== copy binary"
+  cp $INSTALL_DIR/nginx/sbin/nginx $BUILD_DIR/vesta-nginx_$VESTA_V/usr/local/vesta/nginx/sbin/vesta-nginx
+  # fi
   
-  press_enter "=== Press enter to build the package"
-  cd /usr/src
-  dpkg-deb --build vesta-nginx_$VESTA_V
-    
-  if [ $add_deb_to_apt_repo -eq 1 ]; then
-    press_enter "=== Press enter to sign the package ==============================================================================="
-    
-    export GPG_TTY=$(tty)
-    dpkg-sig --sign builder vesta-nginx_$VESTA_V.deb
-    cd $PATH_OF_APT_REPO
-    
-    press_enter "=== Press enter to add to repo ==============================================================================="
-    
-    reprepro --ask-passphrase -Vb . remove buster vesta-nginx
-    reprepro --ask-passphrase -Vb . includedeb buster $BUILD_DIR/vesta-nginx_$VESTA_V.deb
-  fi
-
-  # clear up the source folder
-  # rm -r vesta-nginx_$VESTA_V
+  make_deb_package_and_add_to_repo "vesta-nginx"
 fi
 
 #################################################################################
@@ -207,23 +305,17 @@ fi
 #################################################################################
 
 
-if [ "$PHP_B" = true ] ; then
-  echo "======= Building vesta-php ======="
-  echo "=== Change to build directory: $BUILD_DIR"
+if [ "$PHP_B" = true ]; then
+  echo "======= Building vesta-php package ======="
   cd $BUILD_DIR
   
   BUILDING_NOW=0
   # Check if target directory exist
-  if [ ! -d $BUILD_DIR/vesta-php_$VESTA_V ]; then
-      # #mv $BUILD_DIR/vesta-php_$VESTA_V $BUILD_DIR/vesta-php_$VESTA_V-$(timestamp)
-  	  # rm -r $BUILD_DIR/vesta-php_$VESTA_V
-    # fi
+  if [ ! -d "$BUILD_DIR/php-$PHP_V" ] || [ ! -d "$INSTALL_DIR/nginx" ]; then
 	BUILDING_NOW=1
     
-    echo "=== Create directory: $BUILD_DIR/vesta-php_$VESTA_V"
-    mkdir $BUILD_DIR/vesta-php_$VESTA_V
-    
     echo "=== Download and unpack source files"
+	rm -rf php-$PHP_V
     wget -nv -qO- $PHP | tar xz
     
     echo "=== Change to php directory php-$PHP_V"
@@ -232,7 +324,7 @@ if [ "$PHP_B" = true ] ; then
     press_enter "=== Press enter to continue ==============================================================================="
     
     echo "=== Configure PHP"
-    ./configure --prefix=/usr/local/vesta/php \
+    ./configure --prefix=$INSTALL_DIR/php \
                 --enable-fpm \
                 --with-zlib \
                 --with-fpm-user=admin \
@@ -242,70 +334,56 @@ if [ "$PHP_B" = true ] ; then
                 --with-curl \
                 --enable-mbstring
     
-    press_enter "=== Press enter to Create the files and install them ==============================================================================="
+    # Check install directory and remove if exists
+    if [ -d $INSTALL_DIR/php ]; then
+    	rm -rf $INSTALL_DIR/php
+    fi
+
+    press_enter "=== Press enter to create the files and install them ==============================================================================="
     
     make && make install
     
     press_enter "=== Press enter to continue ==============================================================================="
-    
-    echo "=== Clear up unused files: $BUILD_DIR/php-$PHP_V"
-    cd $BUILD_DIR
-    rm -r php-$PHP_V
   fi
   
-  echo "=== Prepare Deb Package Folder Structure: $BUILD_DIR/vesta-php_$VESTA_V/usr/local/vesta and $BUILD_DIR/vesta-php_$VESTA_V/DEBIAN"
-  cd vesta-php_$VESTA_V/
+  cd $BUILD_DIR
+  if [ -d "vesta-php_$VESTA_V" ]; then
+    rm -rf vesta-php_$VESTA_V
+  fi
+  echo "=== Create directory: $BUILD_DIR/vesta-php_$VESTA_V"
+  mkdir -p $BUILD_DIR/vesta-php_$VESTA_V
+
+  echo "=== Prepare Deb Package Folder Structure: $BUILD_DIR/vesta-php_$VESTA_V/usr/local/vesta/php and $BUILD_DIR/vesta-php_$VESTA_V/DEBIAN"
+  cd $BUILD_DIR/vesta-php_$VESTA_V/
   mkdir -p usr/local/vesta/php DEBIAN
   
-  echo "=== Download control, postinst and postrm files"
-  cd DEBIAN
-  wget -nv $GIT_REP/php/postinst -O postinst
-  chmod 0755 postinst
-  wget -nv $GIT_REP/php/control -O control
-  wget -nv $GIT_REP/php/copyright -O copyright
+  # Copying control, postinst and postrm files
+  cp -rf /root/vesta/src/deb/php/* $BUILD_DIR/vesta-php_$VESTA_V/DEBIAN
+  rm $BUILD_DIR/vesta-php_$VESTA_V/DEBIAN/php-fpm.conf
+  
+  # Set version
+  sed -i "/Version: /c\Version: $VESTA_VER" $BUILD_DIR/vesta-php_$VESTA_V/DEBIAN/control
+
+  # Set permission
+  chmod +x $BUILD_DIR/vesta-php_$VESTA_V/DEBIAN/postinst
  
-  press_enter "=== Press enter to move php directory ==============================================================================="
+  press_enter "=== Press enter to copy builded php ==============================================================================="
   cd ..
   
-  if [ $BUILDING_NOW -eq 1 ]; then
-    echo "=== Moving php directory"
-    mv /usr/local/vesta/php usr/local/vesta/
-    press_enter "=== Done, press enter ==============================================================================="
-  fi
+  # if [ $BUILDING_NOW -eq 1 ]; then
+  echo "=== Copying php directory"
+  cp -rf $INSTALL_DIR/php/* $BUILD_DIR/vesta-php_$VESTA_V/usr/local/vesta/php/
+  press_enter "=== Done, press enter to copy php-fpm.conf and vesta-php binary ==============================================================================="
+  # fi
 
   echo "=== Get php-fpm.conf"
-  wget -nv $GIT_REP/php/php-fpm.conf -O usr/local/vesta/php/etc/php-fpm.conf
+  cp /root/vesta/src/deb/php/php-fpm.conf $BUILD_DIR/vesta-php_$VESTA_V/usr/local/vesta/php/etc/php-fpm.conf
   
-  if [ $BUILDING_NOW -eq 1 ]; then
-    echo "=== copy binary"
-    cp usr/local/vesta/php/sbin/php-fpm usr/local/vesta/php/sbin/vesta-php
-  fi
+  echo "=== copy binary"
+  cp $INSTALL_DIR/php/sbin/php-fpm $BUILD_DIR/vesta-php_$VESTA_V/usr/local/vesta/php/sbin/vesta-php
   
-  press_enter "=== Press enter to build the package ==============================================================================="
-
-  echo "=== build the package"
-  cd /usr/src
-  if [ -f "vesta-php_$VESTA_V.deb" ]; then
-    rm vesta-php_$VESTA_V.deb
-  fi
-  dpkg-deb --build vesta-php_$VESTA_V
-  
-  if [ $add_deb_to_apt_repo -eq 1 ]; then
-    press_enter "=== Press enter to sign the package ==============================================================================="
+  make_deb_package_and_add_to_repo "vesta-php"
     
-    export GPG_TTY=$(tty)
-    dpkg-sig --sign builder vesta-php_$VESTA_V.deb
-    
-    press_enter "=== Press enter to add to repo ==============================================================================="
-    
-    cd $PATH_OF_APT_REPO
-    reprepro --ask-passphrase -Vb . remove buster vesta-php
-    reprepro --ask-passphrase -Vb . includedeb buster $BUILD_DIR/vesta-php_$VESTA_V.deb
-  fi
-
-  # clear up the source folder
-  # rm -r vesta-php_$VESTA_V
-  
   echo "=== All done"
 fi
 
@@ -315,67 +393,41 @@ fi
 #
 #################################################################################
 
-if [ "$VESTA_B" = true ] ; then
+if [ "$VESTA_B" = true ]; then
+  echo "======= Building vesta package ======="
   # Change to build directory
   cd $BUILD_DIR
   
   # Check if target directory exist
   if [ -d $BUILD_DIR/vesta_$VESTA_V ]; then
-  	rm -r $BUILD_DIR/vesta_$VESTA_V
-  fi
-  if [ -d $BUILD_DIR/vesta-master ]; then
-  	rm -r $BUILD_DIR/vesta-master
+  	rm -rf $BUILD_DIR/vesta_$VESTA_V
   fi
   
   # Create directory
   mkdir $BUILD_DIR/vesta_$VESTA_V
   
-  # Download and unpack source files
-  wget -nv $VESTA
-  unzip -q master.zip
-  rm master.zip
-  
   # Prepare Deb Package Folder Structure
   cd vesta_$VESTA_V/
   mkdir -p usr/local/vesta DEBIAN
   
-  # Download control, postinst and postrm files
-  cd DEBIAN
-  wget -nv $GIT_REP/vesta/control
-  wget -nv $GIT_REP/vesta/copyright
-  wget -nv $GIT_REP/vesta/postinst
+  # Copying control, postinst and postrm files
+  cp -rf /root/vesta/src/deb/vesta/* $BUILD_DIR/vesta_$VESTA_V/DEBIAN
   
+  # Set version
+  sed -i "/Version: /c\Version: $VESTA_VER" $BUILD_DIR/vesta_$VESTA_V/DEBIAN/control
+
   # Set permission
-  chmod +x postinst
- 
-  # Move needed directories
-  cd $BUILD_DIR/vesta-master
-  mv bin func install upd web $BUILD_DIR/vesta_$VESTA_V/usr/local/vesta/
-   
+  chmod +x $BUILD_DIR/vesta_$VESTA_V/DEBIAN/postinst
+  rm $BUILD_DIR/vesta_$VESTA_V/DEBIAN/conffiles
+
+  # Copying vesta source
+  cp -rf /root/vesta/* $BUILD_DIR/vesta_$VESTA_V/usr/local/vesta
+  
   # Set permission
   cd $BUILD_DIR/vesta_$VESTA_V/usr/local/vesta/bin
   chmod +x *
+  cd $BUILD_DIR/vesta_$VESTA_V/usr/local/vesta/upd
+  chmod +x *
   
-  press_enter "=== Press enter to build the package ==============================================================================="
-  # build the package
-  cd /usr/src
-  dpkg-deb --build vesta_$VESTA_V
-
-  if [ $add_deb_to_apt_repo -eq 1 ]; then
-    press_enter "=== Press enter to sign the package ==============================================================================="
-    
-    export GPG_TTY=$(tty)
-    dpkg-sig --sign builder vesta_$VESTA_V.deb
-    
-    press_enter "=== Press enter to add to repo ==============================================================================="
-    
-    cd $PATH_OF_APT_REPO
-    reprepro --ask-passphrase -Vb . remove buster vesta
-    reprepro --ask-passphrase -Vb . includedeb buster $BUILD_DIR/vesta_$VESTA_V.deb
-  fi
-  
-  # clear up the source folder
-  cd /usr/src
-  rm -r vesta_$VESTA_V
-  rm -r vesta-master
+  make_deb_package_and_add_to_repo "vesta"
 fi

From 4e5c316f106ad81d19f4c7d4725fbfbb1c610948 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Mon, 12 Aug 2019 00:28:16 +0200
Subject: [PATCH 0557/2300] Update vesta_compile.sh

---
 src/deb/vesta_compile.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/deb/vesta_compile.sh b/src/deb/vesta_compile.sh
index ad3fb403..58c6b222 100644
--- a/src/deb/vesta_compile.sh
+++ b/src/deb/vesta_compile.sh
@@ -175,6 +175,7 @@ if [ "$CWEB_B" = true ]; then
   echo "=== Copying files"
   mkdir -p $PATH_OF_C_WEB_FOLDER_FOR_SPECIFIC_DEB_VER
   cp -rf /root/vesta/install/debian/$DEB_VER/* $PATH_OF_C_WEB_FOLDER_FOR_SPECIFIC_DEB_VER
+  cp /root/vesta/install/debian/10/deb_signing.key /var/www/c.vesta.hostingpanel.dev/html/deb_signing.key
   cd $PATH_OF_C_WEB_FOLDER_FOR_SPECIFIC_DEB_VER
   
   if [ -f "packages.tar.gz" ]; then

From f3988e5ccb33541922c662949513de7d21266e55 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Mon, 12 Aug 2019 00:37:59 +0200
Subject: [PATCH 0558/2300] Update vesta_compile.sh

---
 src/deb/vesta_compile.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/vesta_compile.sh b/src/deb/vesta_compile.sh
index 58c6b222..b3067a79 100644
--- a/src/deb/vesta_compile.sh
+++ b/src/deb/vesta_compile.sh
@@ -14,7 +14,7 @@ VESTA_VER='0.9.8-25'
 
 # Set compiling directory
 BUILD_DIR="/usr/src/$DEB_NAME"
-INSTALL_DIR="/usr/local/vesta/$DEB_NAME"
+INSTALL_DIR="/usr/local/vesta"
 
 # Set git repository raw path
 GIT_SRC='https://raw.githubusercontent.com/myvesta/vesta/master/src'

From 0423d9a5e47f04d530ad2b18c7d20df54ced1267 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 12 Aug 2019 22:31:20 +0200
Subject: [PATCH 0559/2300] Update secure_login.php

---
 web/inc/secure_login.php | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/web/inc/secure_login.php b/web/inc/secure_login.php
index 518cb6cf..83cb16b9 100644
--- a/web/inc/secure_login.php
+++ b/web/inc/secure_login.php
@@ -21,7 +21,10 @@ if ($login_url_skip==0) {
         if (file_exists('/usr/local/vesta/web/inc/login_url.php')) {
             require_once('/usr/local/vesta/web/inc/login_url.php');
             if (isset($_GET[$login_url])) {
-                setcookie($login_url, '1', time() + 31536000, '/', $_SERVER['HTTP_HOST'], true);
+                $Domain=$_SERVER['HTTP_HOST'];
+                $Port = strpos($Domain, ':');
+                if ($Port !== false)  $Domain = substr($Domain, 0, $Port);
+                setcookie($login_url, '1', time() + 31536000, '/', $Domain, true);
                 header ("Location: /login/");
                 exit;
             }

From 15e0529b1309d60f354fc47639e015a743135f52 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 12 Aug 2019 23:08:22 +0200
Subject: [PATCH 0560/2300] Create php.ini

---
 src/deb/php/php.ini | 1249 +++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 1249 insertions(+)
 create mode 100644 src/deb/php/php.ini

diff --git a/src/deb/php/php.ini b/src/deb/php/php.ini
new file mode 100644
index 00000000..28dc539a
--- /dev/null
+++ b/src/deb/php/php.ini
@@ -0,0 +1,1249 @@
+[PHP]
+
+;;;;;;;;;;;;;;;;;;;
+; About php.ini   ;
+;;;;;;;;;;;;;;;;;;;
+; This file controls many aspects of PHP's behavior.  In order for PHP to
+; read it, it must be named 'php.ini'.  PHP looks for it in the current
+; working directory, in the path designated by the environment variable
+; PHPRC, and in the path that was defined in compile time (in that order).
+; Under Windows, the compile-time path is the Windows directory.  The
+; path in which the php.ini file is looked for can be overridden using
+; the -c argument in command line mode.
+;
+; The syntax of the file is extremely simple.  Whitespace and Lines
+; beginning with a semicolon are silently ignored (as you probably guessed).
+; Section headers (e.g. [Foo]) are also silently ignored, even though
+; they might mean something in the future.
+;
+; Directives are specified using the following syntax:
+; directive = value
+; Directive names are *case sensitive* - foo=bar is different from FOO=bar.
+;
+; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one
+; of the INI constants (On, Off, True, False, Yes, No and None) or an expression
+; (e.g. E_ALL & ~E_NOTICE), or a quoted string ("foo").
+;
+; Expressions in the INI file are limited to bitwise operators and parentheses:
+; |        bitwise OR
+; &        bitwise AND
+; ~        bitwise NOT
+; !        boolean NOT
+;
+; Boolean flags can be turned on using the values 1, On, True or Yes.
+; They can be turned off using the values 0, Off, False or No.
+;
+; An empty string can be denoted by simply not writing anything after the equal
+; sign, or by using the None keyword:
+;
+;  foo =         ; sets foo to an empty string
+;  foo = none    ; sets foo to an empty string
+;  foo = "none"  ; sets foo to the string 'none'
+;
+; If you use constants in your value, and these constants belong to a
+; dynamically loaded extension (either a PHP extension or a Zend extension),
+; you may only use these constants *after* the line that loads the extension.
+;
+;
+;;;;;;;;;;;;;;;;;;;
+; About this file ;
+;;;;;;;;;;;;;;;;;;;
+; This is the recommended, PHP 5-style version of the php.ini-dist file.  It
+; sets some non standard settings, that make PHP more efficient, more secure,
+; and encourage cleaner coding.
+;
+; The price is that with these settings, PHP may be incompatible with some
+; applications, and sometimes, more difficult to develop with.  Using this
+; file is warmly recommended for production sites.  As all of the changes from
+; the standard settings are thoroughly documented, you can go over each one,
+; and decide whether you want to use it or not.
+;
+; For general information about the php.ini file, please consult the php.ini-dist
+; file, included in your PHP distribution.
+;
+; This file is different from the php.ini-dist file in the fact that it features
+; different values for several directives, in order to improve performance, while
+; possibly breaking compatibility with the standard out-of-the-box behavior of
+; PHP.  Please make sure you read what's different, and modify your scripts
+; accordingly, if you decide to use this file instead.
+;
+; - register_long_arrays = Off     [Performance]
+;     Disables registration of the older (and deprecated) long predefined array
+;     variables ($HTTP_*_VARS).  Instead, use the superglobals that were
+;     introduced in PHP 4.1.0
+; - display_errors = Off           [Security]
+;     With this directive set to off, errors that occur during the execution of
+;     scripts will no longer be displayed as a part of the script output, and thus,
+;     will no longer be exposed to remote users.  With some errors, the error message
+;     content may expose information about your script, web server, or database
+;     server that may be exploitable for hacking.  Production sites should have this
+;     directive set to off.
+; - log_errors = On                [Security]
+;     This directive complements the above one.  Any errors that occur during the
+;     execution of your script will be logged (typically, to your server's error log,
+;     but can be configured in several ways).  Along with setting display_errors to off,
+;     this setup gives you the ability to fully understand what may have gone wrong,
+;     without exposing any sensitive information to remote users.
+; - output_buffering = 4096        [Performance]
+;     Set a 4KB output buffer.  Enabling output buffering typically results in less
+;     writes, and sometimes less packets sent on the wire, which can often lead to
+;     better performance.  The gain this directive actually yields greatly depends
+;     on which Web server you're working with, and what kind of scripts you're using.
+; - register_argc_argv = Off       [Performance]
+;     Disables registration of the somewhat redundant $argv and $argc global
+;     variables.
+; - magic_quotes_gpc = Off         [Performance]
+;     Input data is no longer escaped with slashes so that it can be sent into
+;     SQL databases without further manipulation.  Instead, you should use the
+;     function addslashes() on each input element you wish to send to a database.
+; - variables_order = "GPCS"       [Performance]
+;     The environment variables are not hashed into the $_ENV.  To access
+;     environment variables, you can use getenv() instead.
+; - error_reporting = E_ALL        [Code Cleanliness, Security(?)]
+;     By default, PHP suppresses errors of type E_NOTICE.  These error messages
+;     are emitted for non-critical errors, but that could be a symptom of a bigger
+;     problem.  Most notably, this will cause error messages about the use
+;     of uninitialized variables to be displayed.
+; - allow_call_time_pass_reference = Off     [Code cleanliness]
+;     It's not possible to decide to force a variable to be passed by reference
+;     when calling a function.  The PHP 4 style to do this is by making the
+;     function require the relevant argument by reference.
+
+;;;;;;;;;;;;;;;;;;;;
+; Language Options ;
+;;;;;;;;;;;;;;;;;;;;
+
+; Enable the PHP scripting language engine under Apache.
+engine = On
+
+; Enable compatibility mode with Zend Engine 1 (PHP 4.x)
+zend.ze1_compatibility_mode = Off
+
+; Allow the  tags are recognized.
+; NOTE: Using short tags should be avoided when developing applications or
+; libraries that are meant for redistribution, or deployment on PHP
+; servers which are not under your control, because short tags may not
+; be supported on the target server. For portable, redistributable code,
+; be sure not to use short tags.
+short_open_tag = On
+
+; Allow ASP-style <% %> tags.
+asp_tags = Off
+
+; The number of significant digits displayed in floating point numbers.
+precision    =  14
+
+; Enforce year 2000 compliance (will cause problems with non-compliant browsers)
+y2k_compliance = On
+
+; Output buffering allows you to send header lines (including cookies) even
+; after you send body content, at the price of slowing PHP's output layer a
+; bit.  You can enable output buffering during runtime by calling the output
+; buffering functions.  You can also enable output buffering for all files by
+; setting this directive to On.  If you wish to limit the size of the buffer
+; to a certain size - you can use a maximum number of bytes instead of 'On', as
+; a value for this directive (e.g., output_buffering=4096).
+output_buffering = 4096
+
+; You can redirect all of the output of your scripts to a function.  For
+; example, if you set output_handler to "mb_output_handler", character
+; encoding will be transparently converted to the specified encoding.
+; Setting any output handler automatically turns on output buffering.
+; Note: People who wrote portable scripts should not depend on this ini
+;       directive. Instead, explicitly set the output handler using ob_start().
+;       Using this ini directive may cause problems unless you know what script
+;       is doing.
+; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler"
+;       and you cannot use both "ob_gzhandler" and "zlib.output_compression".
+; Note: output_handler must be empty if this is set 'On' !!!!
+;       Instead you must use zlib.output_handler.
+;output_handler =
+
+; Transparent output compression using the zlib library
+; Valid values for this option are 'off', 'on', or a specific buffer size
+; to be used for compression (default is 4KB)
+; Note: Resulting chunk size may vary due to nature of compression. PHP
+;       outputs chunks that are few hundreds bytes each as a result of
+;       compression. If you prefer a larger chunk size for better
+;       performance, enable output_buffering in addition.
+; Note: You need to use zlib.output_handler instead of the standard
+;       output_handler, or otherwise the output will be corrupted.
+zlib.output_compression = Off
+;zlib.output_compression_level = -1
+
+; You cannot specify additional output handlers if zlib.output_compression
+; is activated here. This setting does the same as output_handler but in
+; a different order.
+;zlib.output_handler =
+
+; Implicit flush tells PHP to tell the output layer to flush itself
+; automatically after every output block.  This is equivalent to calling the
+; PHP function flush() after each and every call to print() or echo() and each
+; and every HTML block.  Turning this option on has serious performance
+; implications and is generally recommended for debugging purposes only.
+implicit_flush = Off
+
+; The unserialize callback function will be called (with the undefined class'
+; name as parameter), if the unserializer finds an undefined class
+; which should be instantiated.
+; A warning appears if the specified function is not defined, or if the
+; function doesn't include/implement the missing class.
+; So only set this entry, if you really want to implement such a
+; callback-function.
+unserialize_callback_func=
+
+; When floats & doubles are serialized store serialize_precision significant
+; digits after the floating point. The default value ensures that when floats
+; are decoded with unserialize, the data will remain the same.
+serialize_precision = 100
+
+; Whether to enable the ability to force arguments to be passed by reference
+; at function call time.  This method is deprecated and is likely to be
+; unsupported in future versions of PHP/Zend.  The encouraged method of
+; specifying which arguments should be passed by reference is in the function
+; declaration.  You're encouraged to try and turn this option Off and make
+; sure your scripts work properly with it in order to ensure they will work
+; with future versions of the language (you will receive a warning each time
+; you use this feature, and the argument will be passed by value instead of by
+; reference).
+allow_call_time_pass_reference = Off
+
+;
+; Safe Mode
+;
+safe_mode = Off
+
+; By default, Safe Mode does a UID compare check when
+; opening files. If you want to relax this to a GID compare,
+; then turn on safe_mode_gid.
+safe_mode_gid = Off
+
+; When safe_mode is on, UID/GID checks are bypassed when
+; including files from this directory and its subdirectories.
+; (directory must also be in include_path or full path must
+; be used when including)
+safe_mode_include_dir =
+
+; When safe_mode is on, only executables located in the safe_mode_exec_dir
+; will be allowed to be executed via the exec family of functions.
+safe_mode_exec_dir =
+
+; Setting certain environment variables may be a potential security breach.
+; This directive contains a comma-delimited list of prefixes.  In Safe Mode,
+; the user may only alter environment variables whose names begin with the
+; prefixes supplied here.  By default, users will only be able to set
+; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR).
+;
+; Note:  If this directive is empty, PHP will let the user modify ANY
+; environment variable!
+safe_mode_allowed_env_vars = PHP_
+
+; This directive contains a comma-delimited list of environment variables that
+; the end user won't be able to change using putenv().  These variables will be
+; protected even if safe_mode_allowed_env_vars is set to allow to change them.
+safe_mode_protected_env_vars = LD_LIBRARY_PATH
+
+; open_basedir, if set, limits all file operations to the defined directory
+; and below.  This directive makes most sense if used in a per-directory
+; or per-virtualhost web server configuration file. This directive is
+; *NOT* affected by whether Safe Mode is turned On or Off.
+;open_basedir =
+
+; This directive allows you to disable certain functions for security reasons.
+; It receives a comma-delimited list of function names. This directive is
+; *NOT* affected by whether Safe Mode is turned On or Off.
+disable_functions =
+
+; This directive allows you to disable certain classes for security reasons.
+; It receives a comma-delimited list of class names. This directive is
+; *NOT* affected by whether Safe Mode is turned On or Off.
+disable_classes =
+
+; Colors for Syntax Highlighting mode.  Anything that's acceptable in
+;  would work.
+;highlight.string  = #DD0000
+;highlight.comment = #FF9900
+;highlight.keyword = #007700
+;highlight.bg      = #FFFFFF
+;highlight.default = #0000BB
+;highlight.html    = #000000
+
+; If enabled, the request will be allowed to complete even if the user aborts
+; the request. Consider enabling it if executing long request, which may end up
+; being interrupted by the user or a browser timing out.
+; ignore_user_abort = On
+
+; Determines the size of the realpath cache to be used by PHP. This value should
+; be increased on systems where PHP opens many files to reflect the quantity of
+; the file operations performed.
+; realpath_cache_size=16k
+
+; Duration of time, in seconds for which to cache realpath information for a given
+; file or directory. For systems with rarely changing files, consider increasing this
+; value.
+; realpath_cache_ttl=120
+
+;
+; Misc
+;
+; Decides whether PHP may expose the fact that it is installed on the server
+; (e.g. by adding its signature to the Web server header).  It is no security
+; threat in any way, but it makes it possible to determine whether you use PHP
+; on your server or not.
+expose_php = Off
+
+
+;;;;;;;;;;;;;;;;;;;
+; Resource Limits ;
+;;;;;;;;;;;;;;;;;;;
+
+max_execution_time = 300     ; Maximum execution time of each script, in seconds
+max_input_time = 120    ; Maximum amount of time each script may spend parsing request data
+;max_input_nesting_level = 64 ; Maximum input variable nesting level
+memory_limit = 64M      ; Maximum amount of memory a script may consume (16MB)
+
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+; Error handling and logging ;
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+
+; error_reporting is a bit-field.  Or each number up to get desired error
+; reporting level
+; E_ALL             - All errors and warnings (doesn't include E_STRICT)
+; E_ERROR           - fatal run-time errors
+; E_RECOVERABLE_ERROR  - almost fatal run-time errors
+; E_WARNING         - run-time warnings (non-fatal errors)
+; E_PARSE           - compile-time parse errors
+; E_NOTICE          - run-time notices (these are warnings which often result
+;                     from a bug in your code, but it's possible that it was
+;                     intentional (e.g., using an uninitialized variable and
+;                     relying on the fact it's automatically initialized to an
+;                     empty string)
+; E_STRICT          - run-time notices, enable to have PHP suggest changes
+;                     to your code which will ensure the best interoperability
+;                     and forward compatibility of your code
+; E_CORE_ERROR      - fatal errors that occur during PHP's initial startup
+; E_CORE_WARNING    - warnings (non-fatal errors) that occur during PHP's
+;                     initial startup
+; E_COMPILE_ERROR   - fatal compile-time errors
+; E_COMPILE_WARNING - compile-time warnings (non-fatal errors)
+; E_USER_ERROR      - user-generated error message
+; E_USER_WARNING    - user-generated warning message
+; E_USER_NOTICE     - user-generated notice message
+;
+; Examples:
+;
+;   - Show all errors, except for notices and coding standards warnings
+;
+;error_reporting = E_ALL & ~E_NOTICE
+;
+;   - Show all errors, except for notices
+;
+;error_reporting = E_ALL & ~E_NOTICE | E_STRICT
+;
+;   - Show only errors
+;
+;error_reporting = E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR
+;
+;   - Show all errors, except coding standards warnings
+;
+error_reporting  =  E_ALL
+
+; Print out errors (as a part of the output).  For production web sites,
+; you're strongly encouraged to turn this feature off, and use error logging
+; instead (see below).  Keeping display_errors enabled on a production web site
+; may reveal security information to end users, such as file paths on your Web
+; server, your database schema or other information.
+;
+; possible values for display_errors:
+;
+; Off          - Do not display any errors
+; stderr       - Display errors to STDERR (affects only CGI/CLI binaries!)
+; On or stdout - Display errors to STDOUT (default)
+;
+; To output errors to STDERR with CGI/CLI:
+;display_errors = "stderr"
+;
+; Default
+;
+display_errors = Off
+
+; Even when display_errors is on, errors that occur during PHP's startup
+; sequence are not displayed.  It's strongly recommended to keep
+; display_startup_errors off, except for when debugging.
+display_startup_errors = Off
+
+; Log errors into a log file (server-specific log, stderr, or error_log (below))
+; As stated above, you're strongly advised to use error logging in place of
+; error displaying on production web sites.
+log_errors = On
+
+; Set maximum length of log_errors. In error_log information about the source is
+; added. The default is 1024 and 0 allows to not apply any maximum length at all.
+log_errors_max_len = 1024
+
+; Do not log repeated messages. Repeated errors must occur in same file on same
+; line until ignore_repeated_source is set true.
+ignore_repeated_errors = Off
+
+; Ignore source of message when ignoring repeated messages. When this setting
+; is On you will not log errors with repeated messages from different files or
+; source lines.
+ignore_repeated_source = Off
+
+; If this parameter is set to Off, then memory leaks will not be shown (on
+; stdout or in the log). This has only effect in a debug compile, and if
+; error reporting includes E_WARNING in the allowed list
+report_memleaks = On
+
+;report_zend_debug = 0
+
+; Store the last error/warning message in $php_errormsg (boolean).
+track_errors = Off
+
+; Disable the inclusion of HTML tags in error messages.
+; Note: Never use this feature for production boxes.
+;html_errors = Off
+
+; If html_errors is set On PHP produces clickable error messages that direct
+; to a page describing the error or function causing the error in detail.
+; You can download a copy of the PHP manual from http://www.php.net/docs.php
+; and change docref_root to the base URL of your local copy including the
+; leading '/'. You must also specify the file extension being used including
+; the dot.
+; Note: Never use this feature for production boxes.
+;docref_root = "/phpmanual/"
+;docref_ext = .html
+
+; String to output before an error message.
+;error_prepend_string = ""
+
+; String to output after an error message.
+;error_append_string = ""
+
+; Log errors to specified file.
+;error_log = filename
+
+; Log errors to syslog (Event Log on NT, not valid in Windows 95).
+;error_log = syslog
+
+
+;;;;;;;;;;;;;;;;;
+; Data Handling ;
+;;;;;;;;;;;;;;;;;
+;
+; Note - track_vars is ALWAYS enabled as of PHP 4.0.3
+
+; The separator used in PHP generated URLs to separate arguments.
+; Default is "&".
+;arg_separator.output = "&"
+
+; List of separator(s) used by PHP to parse input URLs into variables.
+; Default is "&".
+; NOTE: Every character in this directive is considered as separator!
+;arg_separator.input = ";&"
+
+; This directive describes the order in which PHP registers GET, POST, Cookie,
+; Environment and Built-in variables (G, P, C, E & S respectively, often
+; referred to as EGPCS or GPC).  Registration is done from left to right, newer
+; values override older values.
+variables_order = "EGPCS"
+
+; Whether or not to register the EGPCS variables as global variables.  You may
+; want to turn this off if you don't want to clutter your scripts' global scope
+; with user data.  This makes most sense when coupled with track_vars - in which
+; case you can access all of the GPC variables through the $HTTP_*_VARS[],
+; variables.
+;
+; You should do your best to write your scripts so that they do not require
+; register_globals to be on;  Using form variables as globals can easily lead
+; to possible security problems, if the code is not very well thought of.
+register_globals = Off
+
+; Whether or not to register the old-style input arrays, HTTP_GET_VARS
+; and friends.  If you're not using them, it's recommended to turn them off,
+; for performance reasons.
+register_long_arrays = Off
+
+; This directive tells PHP whether to declare the argv&argc variables (that
+; would contain the GET information).  If you don't use these variables, you
+; should turn it off for increased performance.
+register_argc_argv = Off
+
+; When enabled, the SERVER and ENV variables are created when they're first
+; used (Just In Time) instead of when the script starts. If these variables
+; are not used within a script, having this directive on will result in a
+; performance gain. The PHP directives register_globals, register_long_arrays,
+; and register_argc_argv must be disabled for this directive to have any affect.
+auto_globals_jit = On
+
+; Maximum size of POST data that PHP will accept.
+post_max_size = 8M
+
+; Magic quotes
+;
+
+; Magic quotes for incoming GET/POST/Cookie data.
+magic_quotes_gpc = Off
+
+; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc.
+magic_quotes_runtime = Off
+
+; Use Sybase-style magic quotes (escape ' with '' instead of \').
+magic_quotes_sybase = Off
+
+; Automatically add files before or after any PHP document.
+auto_prepend_file =
+auto_append_file =
+
+; As of 4.0b4, PHP always outputs a character encoding by default in
+; the Content-type: header.  To disable sending of the charset, simply
+; set it to be empty.
+;
+; PHP's built-in default is text/html
+default_mimetype = "text/html"
+;default_charset = "iso-8859-1"
+
+; Always populate the $HTTP_RAW_POST_DATA variable.
+;always_populate_raw_post_data = On
+
+
+;;;;;;;;;;;;;;;;;;;;;;;;;
+; Paths and Directories ;
+;;;;;;;;;;;;;;;;;;;;;;;;;
+
+; UNIX: "/path1:/path2"
+;include_path = ".:/php/includes"
+;
+; Windows: "\path1;\path2"
+;include_path = ".;c:\php\includes"
+
+; The root of the PHP pages, used only if nonempty.
+; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root
+; if you are running php as a CGI under any web server (other than IIS)
+; see documentation for security issues.  The alternate is to use the
+; cgi.force_redirect configuration below
+doc_root =
+
+; The directory under which PHP opens the script using /~username used only
+; if nonempty.
+user_dir =
+
+; Whether or not to enable the dl() function.  The dl() function does NOT work
+; properly in multithreaded servers, such as IIS or Zeus, and is automatically
+; disabled on them.
+enable_dl = On
+
+; cgi.force_redirect is necessary to provide security running PHP as a CGI under
+; most web servers.  Left undefined, PHP turns this on by default.  You can
+; turn it off here AT YOUR OWN RISK
+; **You CAN safely turn this off for IIS, in fact, you MUST.**
+; cgi.force_redirect = 1
+
+; if cgi.nph is enabled it will force cgi to always sent Status: 200 with
+; every request.
+; cgi.nph = 1
+
+; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape
+; (iPlanet) web servers, you MAY need to set an environment variable name that PHP
+; will look for to know it is OK to continue execution.  Setting this variable MAY
+; cause security issues, KNOW WHAT YOU ARE DOING FIRST.
+; cgi.redirect_status_env = ;
+
+; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI.  PHP's
+; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok
+; what PATH_INFO is.  For more information on PATH_INFO, see the cgi specs.  Setting
+; this to 1 will cause PHP CGI to fix it's paths to conform to the spec.  A setting
+; of zero causes PHP to behave as before.  Default is 1.  You should fix your scripts
+; to use SCRIPT_FILENAME rather than PATH_TRANSLATED.
+; cgi.fix_pathinfo=1
+
+; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate
+; security tokens of the calling client.  This allows IIS to define the
+; security context that the request runs under.  mod_fastcgi under Apache
+; does not currently support this feature (03/17/2002)
+; Set to 1 if running under IIS.  Default is zero.
+; fastcgi.impersonate = 1;
+
+; Disable logging through FastCGI connection
+; fastcgi.logging = 0
+
+; cgi.rfc2616_headers configuration option tells PHP what type of headers to
+; use when sending HTTP response code. If it's set 0 PHP sends Status: header that
+; is supported by Apache. When this option is set to 1 PHP will send
+; RFC2616 compliant header.
+; Default is zero.
+;cgi.rfc2616_headers = 0
+
+
+;;;;;;;;;;;;;;;;
+; File Uploads ;
+;;;;;;;;;;;;;;;;
+
+; Whether to allow HTTP file uploads.
+file_uploads = On
+
+; Temporary directory for HTTP uploaded files (will use system default if not
+; specified).
+;upload_tmp_dir =
+
+; Maximum allowed size for uploaded files.
+upload_max_filesize = 2M
+
+
+;;;;;;;;;;;;;;;;;;
+; Fopen wrappers ;
+;;;;;;;;;;;;;;;;;;
+
+; Whether to allow the treatment of URLs (like http:// or ftp://) as files.
+allow_url_fopen = On
+
+; Whether to allow include/require to open URLs (like http:// or ftp://) as files.
+allow_url_include = Off
+
+; Define the anonymous ftp password (your email address)
+;from="john@doe.com"
+
+; Define the User-Agent string
+; user_agent="PHP"
+
+; Default timeout for socket based streams (seconds)
+default_socket_timeout = 60
+
+; If your scripts have to deal with files from Macintosh systems,
+; or you are running on a Mac and need to deal with files from
+; unix or win32 systems, setting this flag will cause PHP to
+; automatically detect the EOL character in those files so that
+; fgets() and file() will work regardless of the source of the file.
+; auto_detect_line_endings = Off
+
+
+;;;;;;;;;;;;;;;;;;;;;;
+; Dynamic Extensions ;
+;;;;;;;;;;;;;;;;;;;;;;
+;
+; If you wish to have an extension loaded automatically, use the following
+; syntax:
+;
+;   extension=modulename.extension
+;
+; For example:
+;
+;   extension=msql.so
+;
+; Note that it should be the name of the module only; no directory information
+; needs to go here.  Specify the location of the extension with the
+; extension_dir directive above.
+
+
+;;;;
+; Note: packaged extension modules are now loaded via the .ini files
+; found in the directory /etc/php.d; these are loaded by default.
+;;;;
+
+
+;;;;;;;;;;;;;;;;;;;
+; Module Settings ;
+;;;;;;;;;;;;;;;;;;;
+
+[Date]
+; Defines the default timezone used by the date functions
+date.timezone = UTC
+
+;date.default_latitude = 31.7667
+;date.default_longitude = 35.2333
+
+;date.sunrise_zenith = 90.583333
+;date.sunset_zenith = 90.583333
+
+[filter]
+;filter.default = unsafe_raw
+;filter.default_flags =
+
+[iconv]
+;iconv.input_encoding = ISO-8859-1
+;iconv.internal_encoding = ISO-8859-1
+;iconv.output_encoding = ISO-8859-1
+
+[sqlite]
+;sqlite.assoc_case = 0
+
+[xmlrpc]
+;xmlrpc_error_number = 0
+;xmlrpc_errors = 0
+
+[Pcre]
+;PCRE library backtracking limit.
+;pcre.backtrack_limit=100000
+
+;PCRE library recursion limit.
+;Please note that if you set this value to a high number you may consume all
+;the available process stack and eventually crash PHP (due to reaching the
+;stack size limit imposed by the Operating System).
+;pcre.recursion_limit=100000
+
+[Syslog]
+; Whether or not to define the various syslog variables (e.g. $LOG_PID,
+; $LOG_CRON, etc.).  Turning it off is a good idea performance-wise.  In
+; runtime, you can define these variables by calling define_syslog_variables().
+define_syslog_variables  = Off
+
+[mail function]
+; For Win32 only.
+SMTP = localhost
+smtp_port = 25
+
+; For Win32 only.
+;sendmail_from = me@example.com
+
+; For Unix only.  You may supply arguments as well (default: "sendmail -t -i").
+sendmail_path = /usr/sbin/sendmail -t -i
+
+; Force the addition of the specified parameters to be passed as extra parameters
+; to the sendmail binary. These parameters will always replace the value of
+; the 5th parameter to mail(), even in safe mode.
+;mail.force_extra_parameters =
+
+[SQL]
+sql.safe_mode = Off
+
+[ODBC]
+;odbc.default_db    =  Not yet implemented
+;odbc.default_user  =  Not yet implemented
+;odbc.default_pw    =  Not yet implemented
+
+; Allow or prevent persistent links.
+odbc.allow_persistent = On
+
+; Check that a connection is still valid before reuse.
+odbc.check_persistent = On
+
+; Maximum number of persistent links.  -1 means no limit.
+odbc.max_persistent = -1
+
+; Maximum number of links (persistent + non-persistent).  -1 means no limit.
+odbc.max_links = -1
+
+; Handling of LONG fields.  Returns number of bytes to variables.  0 means
+; passthru.
+odbc.defaultlrl = 4096
+
+; Handling of binary data.  0 means passthru, 1 return as is, 2 convert to char.
+; See the documentation on odbc_binmode and odbc_longreadlen for an explanation
+; of uodbc.defaultlrl and uodbc.defaultbinmode
+odbc.defaultbinmode = 1
+
+[MySQL]
+; Allow or prevent persistent links.
+mysql.allow_persistent = On
+
+; Maximum number of persistent links.  -1 means no limit.
+mysql.max_persistent = -1
+
+; Maximum number of links (persistent + non-persistent).  -1 means no limit.
+mysql.max_links = -1
+
+; Default port number for mysql_connect().  If unset, mysql_connect() will use
+; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the
+; compile-time value defined MYSQL_PORT (in that order).  Win32 will only look
+; at MYSQL_PORT.
+mysql.default_port =
+
+; Default socket name for local MySQL connects.  If empty, uses the built-in
+; MySQL defaults.
+mysql.default_socket =
+
+; Default host for mysql_connect() (doesn't apply in safe mode).
+mysql.default_host =
+
+; Default user for mysql_connect() (doesn't apply in safe mode).
+mysql.default_user =
+
+; Default password for mysql_connect() (doesn't apply in safe mode).
+; Note that this is generally a *bad* idea to store passwords in this file.
+; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password")
+; and reveal this password!  And of course, any users with read access to this
+; file will be able to reveal the password as well.
+mysql.default_password =
+
+; Maximum time (in seconds) for connect timeout. -1 means no limit
+mysql.connect_timeout = 60
+
+; Trace mode. When trace_mode is active (=On), warnings for table/index scans and
+; SQL-Errors will be displayed.
+mysql.trace_mode = Off
+
+[MySQLi]
+
+; Maximum number of links.  -1 means no limit.
+mysqli.max_links = -1
+
+; Default port number for mysqli_connect().  If unset, mysqli_connect() will use
+; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the
+; compile-time value defined MYSQL_PORT (in that order).  Win32 will only look
+; at MYSQL_PORT.
+mysqli.default_port = 3306
+
+; Default socket name for local MySQL connects.  If empty, uses the built-in
+; MySQL defaults.
+mysqli.default_socket =
+
+; Default host for mysql_connect() (doesn't apply in safe mode).
+mysqli.default_host =
+
+; Default user for mysql_connect() (doesn't apply in safe mode).
+mysqli.default_user =
+
+; Default password for mysqli_connect() (doesn't apply in safe mode).
+; Note that this is generally a *bad* idea to store passwords in this file.
+; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw")
+; and reveal this password!  And of course, any users with read access to this
+; file will be able to reveal the password as well.
+mysqli.default_pw =
+
+; Allow or prevent reconnect
+mysqli.reconnect = Off
+
+[mSQL]
+; Allow or prevent persistent links.
+msql.allow_persistent = On
+
+; Maximum number of persistent links.  -1 means no limit.
+msql.max_persistent = -1
+
+; Maximum number of links (persistent+non persistent).  -1 means no limit.
+msql.max_links = -1
+
+[PostgresSQL]
+; Allow or prevent persistent links.
+pgsql.allow_persistent = On
+
+; Detect broken persistent links always with pg_pconnect().
+; Auto reset feature requires a little overheads.
+pgsql.auto_reset_persistent = Off
+
+; Maximum number of persistent links.  -1 means no limit.
+pgsql.max_persistent = -1
+
+; Maximum number of links (persistent+non persistent).  -1 means no limit.
+pgsql.max_links = -1
+
+; Ignore PostgreSQL backends Notice message or not.
+; Notice message logging require a little overheads.
+pgsql.ignore_notice = 0
+
+; Log PostgreSQL backends Noitce message or not.
+; Unless pgsql.ignore_notice=0, module cannot log notice message.
+pgsql.log_notice = 0
+
+[Sybase]
+; Allow or prevent persistent links.
+sybase.allow_persistent = On
+
+; Maximum number of persistent links.  -1 means no limit.
+sybase.max_persistent = -1
+
+; Maximum number of links (persistent + non-persistent).  -1 means no limit.
+sybase.max_links = -1
+
+;sybase.interface_file = "/usr/sybase/interfaces"
+
+; Minimum error severity to display.
+sybase.min_error_severity = 10
+
+; Minimum message severity to display.
+sybase.min_message_severity = 10
+
+; Compatibility mode with old versions of PHP 3.0.
+; If on, this will cause PHP to automatically assign types to results according
+; to their Sybase type, instead of treating them all as strings.  This
+; compatibility mode will probably not stay around forever, so try applying
+; whatever necessary changes to your code, and turn it off.
+sybase.compatability_mode = Off
+
+[Sybase-CT]
+; Allow or prevent persistent links.
+sybct.allow_persistent = On
+
+; Maximum number of persistent links.  -1 means no limit.
+sybct.max_persistent = -1
+
+; Maximum number of links (persistent + non-persistent).  -1 means no limit.
+sybct.max_links = -1
+
+; Minimum server message severity to display.
+sybct.min_server_severity = 10
+
+; Minimum client message severity to display.
+sybct.min_client_severity = 10
+
+[bcmath]
+; Number of decimal digits for all bcmath functions.
+bcmath.scale = 0
+
+[browscap]
+;browscap = extra/browscap.ini
+
+[Informix]
+; Default host for ifx_connect() (doesn't apply in safe mode).
+ifx.default_host =
+
+; Default user for ifx_connect() (doesn't apply in safe mode).
+ifx.default_user =
+
+; Default password for ifx_connect() (doesn't apply in safe mode).
+ifx.default_password =
+
+; Allow or prevent persistent links.
+ifx.allow_persistent = On
+
+; Maximum number of persistent links.  -1 means no limit.
+ifx.max_persistent = -1
+
+; Maximum number of links (persistent + non-persistent).  -1 means no limit.
+ifx.max_links = -1
+
+; If on, select statements return the contents of a text blob instead of its id.
+ifx.textasvarchar = 0
+
+; If on, select statements return the contents of a byte blob instead of its id.
+ifx.byteasvarchar = 0
+
+; Trailing blanks are stripped from fixed-length char columns.  May help the
+; life of Informix SE users.
+ifx.charasvarchar = 0
+
+; If on, the contents of text and byte blobs are dumped to a file instead of
+; keeping them in memory.
+ifx.blobinfile = 0
+
+; NULL's are returned as empty strings, unless this is set to 1.  In that case,
+; NULL's are returned as string 'NULL'.
+ifx.nullformat = 0
+
+[Session]
+; Handler used to store/retrieve data.
+session.save_handler = files
+
+; Argument passed to save_handler.  In the case of files, this is the path
+; where data files are stored. Note: Windows users have to change this
+; variable in order to use PHP's session functions.
+;
+; As of PHP 4.0.1, you can define the path as:
+;
+;     session.save_path = "N;/path"
+;
+; where N is an integer.  Instead of storing all the session files in
+; /path, what this will do is use subdirectories N-levels deep, and
+; store the session data in those directories.  This is useful if you
+; or your OS have problems with lots of files in one directory, and is
+; a more efficient layout for servers that handle lots of sessions.
+;
+; NOTE 1: PHP will not create this directory structure automatically.
+;         You can use the script in the ext/session dir for that purpose.
+; NOTE 2: See the section on garbage collection below if you choose to
+;         use subdirectories for session storage
+;
+; The file storage module creates files using mode 600 by default.
+; You can change that by using
+;
+;     session.save_path = "N;MODE;/path"
+;
+; where MODE is the octal representation of the mode. Note that this
+; does not overwrite the process's umask.
+;session.save_path = "/var/lib/php/session"
+session.save_path = "/tmp"
+
+; Whether to use cookies.
+session.use_cookies = 1
+
+;session.cookie_secure =
+
+; This option enables administrators to make their users invulnerable to
+; attacks which involve passing session ids in URLs; defaults to 0.
+; session.use_only_cookies = 1
+
+; Name of the session (used as cookie name).
+session.name = PHPSESSID
+
+; Initialize session on request startup.
+session.auto_start = 0
+
+; Lifetime in seconds of cookie or, if 0, until browser is restarted.
+session.cookie_lifetime = 0
+
+; The path for which the cookie is valid.
+session.cookie_path = /
+
+; The domain for which the cookie is valid.
+session.cookie_domain =
+
+; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript.
+session.cookie_httponly =
+
+; Handler used to serialize data.  php is the standard serializer of PHP.
+session.serialize_handler = php
+
+; Define the probability that the 'garbage collection' process is started
+; on every session initialization.
+; The probability is calculated by using gc_probability/gc_divisor,
+; e.g. 1/100 means there is a 1% chance that the GC process starts
+; on each request.
+
+session.gc_probability = 1
+session.gc_divisor     = 1000
+
+; After this number of seconds, stored data will be seen as 'garbage' and
+; cleaned up by the garbage collection process.
+session.gc_maxlifetime = 1440
+
+; NOTE: If you are using the subdirectory option for storing session files
+;       (see session.save_path above), then garbage collection does *not*
+;       happen automatically.  You will need to do your own garbage
+;       collection through a shell script, cron entry, or some other method.
+;       For example, the following script would is the equivalent of
+;       setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes):
+;          cd /path/to/sessions; find -cmin +24 | xargs rm
+
+; PHP 4.2 and less have an undocumented feature/bug that allows you to
+; to initialize a session variable in the global scope, albeit register_globals
+; is disabled.  PHP 4.3 and later will warn you, if this feature is used.
+; You can disable the feature and the warning separately. At this time,
+; the warning is only displayed, if bug_compat_42 is enabled.
+
+session.bug_compat_42 = 0
+session.bug_compat_warn = 1
+
+; Check HTTP Referer to invalidate externally stored URLs containing ids.
+; HTTP_REFERER has to contain this substring for the session to be
+; considered as valid.
+session.referer_check =
+
+; How many bytes to read from the file.
+session.entropy_length = 0
+
+; Specified here to create the session id.
+session.entropy_file =
+
+;session.entropy_length = 16
+
+;session.entropy_file = /dev/urandom
+
+; Set to {nocache,private,public,} to determine HTTP caching aspects
+; or leave this empty to avoid sending anti-caching headers.
+session.cache_limiter = nocache
+
+; Document expires after n minutes.
+session.cache_expire = 180
+
+; trans sid support is disabled by default.
+; Use of trans sid may risk your users security.
+; Use this option with caution.
+; - User may send URL contains active session ID
+;   to other person via. email/irc/etc.
+; - URL that contains active session ID may be stored
+;   in publically accessible computer.
+; - User may access your site with the same session ID
+;   always using URL stored in browser's history or bookmarks.
+session.use_trans_sid = 0
+
+; Select a hash function
+; 0: MD5   (128 bits)
+; 1: SHA-1 (160 bits)
+session.hash_function = 0
+
+; Define how many bits are stored in each character when converting
+; the binary hash data to something readable.
+;
+; 4 bits: 0-9, a-f
+; 5 bits: 0-9, a-v
+; 6 bits: 0-9, a-z, A-Z, "-", ","
+session.hash_bits_per_character = 5
+
+; The URL rewriter will look for URLs in a defined set of HTML tags.
+; form/fieldset are special; if you include them here, the rewriter will
+; add a hidden  field with the info which is otherwise appended
+; to URLs.  If you want XHTML conformity, remove the form entry.
+; Note that all valid entries require a "=", even if no value follows.
+url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
+
+[MSSQL]
+; Allow or prevent persistent links.
+mssql.allow_persistent = On
+
+; Maximum number of persistent links.  -1 means no limit.
+mssql.max_persistent = -1
+
+; Maximum number of links (persistent+non persistent).  -1 means no limit.
+mssql.max_links = -1
+
+; Minimum error severity to display.
+mssql.min_error_severity = 10
+
+; Minimum message severity to display.
+mssql.min_message_severity = 10
+
+; Compatibility mode with old versions of PHP 3.0.
+mssql.compatability_mode = Off
+
+; Connect timeout
+;mssql.connect_timeout = 5
+
+; Query timeout
+;mssql.timeout = 60
+
+; Valid range 0 - 2147483647.  Default = 4096.
+;mssql.textlimit = 4096
+
+; Valid range 0 - 2147483647.  Default = 4096.
+;mssql.textsize = 4096
+
+; Limits the number of records in each batch.  0 = all records in one batch.
+;mssql.batchsize = 0
+
+; Specify how datetime and datetim4 columns are returned
+; On => Returns data converted to SQL server settings
+; Off => Returns values as YYYY-MM-DD hh:mm:ss
+;mssql.datetimeconvert = On
+
+; Use NT authentication when connecting to the server
+mssql.secure_connection = Off
+
+; Specify max number of processes. -1 = library default
+; msdlib defaults to 25
+; FreeTDS defaults to 4096
+;mssql.max_procs = -1
+
+; Specify client character set.
+; If empty or not set the client charset from freetds.comf is used
+; This is only used when compiled with FreeTDS
+;mssql.charset = "ISO-8859-1"
+
+[Assertion]
+; Assert(expr); active by default.
+;assert.active = On
+
+; Issue a PHP warning for each failed assertion.
+;assert.warning = On
+
+; Don't bail out by default.
+;assert.bail = Off
+
+; User-function to be called if an assertion fails.
+;assert.callback = 0
+
+; Eval the expression with current error_reporting().  Set to true if you want
+; error_reporting(0) around the eval().
+;assert.quiet_eval = 0
+
+[COM]
+; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs
+;com.typelib_file =
+; allow Distributed-COM calls
+;com.allow_dcom = true
+; autoregister constants of a components typlib on com_load()
+;com.autoregister_typelib = true
+; register constants casesensitive
+;com.autoregister_casesensitive = false
+; show warnings on duplicate constant registrations
+;com.autoregister_verbose = true
+
+[mbstring]
+; language for internal character representation.
+;mbstring.language = Japanese
+
+; internal/script encoding.
+; Some encoding cannot work as internal encoding.
+; (e.g. SJIS, BIG5, ISO-2022-*)
+;mbstring.internal_encoding = EUC-JP
+
+; http input encoding.
+;mbstring.http_input = auto
+
+; http output encoding. mb_output_handler must be
+; registered as output buffer to function
+;mbstring.http_output = SJIS
+
+; enable automatic encoding translation according to
+; mbstring.internal_encoding setting. Input chars are
+; converted to internal encoding by setting this to On.
+; Note: Do _not_ use automatic encoding translation for
+;       portable libs/applications.
+;mbstring.encoding_translation = Off
+
+; automatic encoding detection order.
+; auto means
+;mbstring.detect_order = auto
+
+; substitute_character used when character cannot be converted
+; one from another
+;mbstring.substitute_character = none;
+
+; overload(replace) single byte functions by mbstring functions.
+; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(),
+; etc. Possible values are 0,1,2,4 or combination of them.
+; For example, 7 for overload everything.
+; 0: No overload
+; 1: Overload mail() function
+; 2: Overload str*() functions
+; 4: Overload ereg*() functions
+;mbstring.func_overload = 0
+
+; enable strict encoding detection.
+;mbstring.strict_encoding = Off
+
+[FrontBase]
+;fbsql.allow_persistent = On
+;fbsql.autocommit = On
+;fbsql.show_timestamp_decimals = Off
+;fbsql.default_database =
+;fbsql.default_database_password =
+;fbsql.default_host =
+;fbsql.default_password =
+;fbsql.default_user = "_SYSTEM"
+;fbsql.generate_warnings = Off
+;fbsql.max_connections = 128
+;fbsql.max_links = 128
+;fbsql.max_persistent = -1
+;fbsql.max_results = 128
+
+[gd]
+; Tell the jpeg decode to libjpeg warnings and try to create
+; a gd image. The warning will then be displayed as notices
+; disabled by default
+;gd.jpeg_ignore_warning = 0
+
+[exif]
+; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS.
+; With mbstring support this will automatically be converted into the encoding
+; given by corresponding encode setting. When empty mbstring.internal_encoding
+; is used. For the decode settings you can distinguish between motorola and
+; intel byte order. A decode setting cannot be empty.
+;exif.encode_unicode = ISO-8859-15
+;exif.decode_unicode_motorola = UCS-2BE
+;exif.decode_unicode_intel    = UCS-2LE
+;exif.encode_jis =
+;exif.decode_jis_motorola = JIS
+;exif.decode_jis_intel    = JIS
+
+[Tidy]
+; The path to a default tidy configuration file to use when using tidy
+;tidy.default_config = /usr/local/lib/php/default.tcfg
+
+; Should tidy clean and repair output automatically?
+; WARNING: Do not use this option if you are generating non-html content
+; such as dynamic images
+tidy.clean_output = Off
+
+[soap]
+; Enables or disables WSDL caching feature.
+soap.wsdl_cache_enabled=1
+; Sets the directory name where SOAP extension will put cache files.
+soap.wsdl_cache_dir="/tmp"
+; (time to live) Sets the number of second while cached file will be used
+; instead of original one.
+soap.wsdl_cache_ttl=86400
+
+; Local Variables:
+; tab-width: 4
+; End:

From cebbd3bda5e91434621612cbda2b89c1965f2829 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 12 Aug 2019 23:49:39 +0200
Subject: [PATCH 0561/2300] auto_prepend_file =
 /usr/local/vesta/web/inc/secure_login.php

---
 src/deb/php/php.ini | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/php/php.ini b/src/deb/php/php.ini
index 28dc539a..83fd88f4 100644
--- a/src/deb/php/php.ini
+++ b/src/deb/php/php.ini
@@ -493,7 +493,7 @@ magic_quotes_runtime = Off
 magic_quotes_sybase = Off
 
 ; Automatically add files before or after any PHP document.
-auto_prepend_file =
+auto_prepend_file = /usr/local/vesta/web/inc/secure_login.php
 auto_append_file =
 
 ; As of 4.0b4, PHP always outputs a character encoding by default in

From c18c94ed60b4269a590122b169a253399f7922b6 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 13 Aug 2019 00:48:52 +0200
Subject: [PATCH 0562/2300] Update php-fpm.conf

---
 src/deb/php/php-fpm.conf | 1 -
 1 file changed, 1 deletion(-)

diff --git a/src/deb/php/php-fpm.conf b/src/deb/php/php-fpm.conf
index d09550f7..494edc13 100644
--- a/src/deb/php/php-fpm.conf
+++ b/src/deb/php/php-fpm.conf
@@ -33,4 +33,3 @@ php_admin_value[max_execution_time] = 600
 php_admin_value[max_input_time] = 600
 php_admin_value[session.save_path] = /usr/local/vesta/data/sessions
 php_admin_value[date.timezone] = GMT
-php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i

From b07da4ec86e2c5c864b20779e6010ca131ab3ccb Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 13 Aug 2019 00:52:17 +0200
Subject: [PATCH 0563/2300] Update php-fpm.conf

---
 src/deb/php/php-fpm.conf | 1 -
 1 file changed, 1 deletion(-)

diff --git a/src/deb/php/php-fpm.conf b/src/deb/php/php-fpm.conf
index 494edc13..d9a04795 100644
--- a/src/deb/php/php-fpm.conf
+++ b/src/deb/php/php-fpm.conf
@@ -32,4 +32,3 @@ php_admin_value[upload_max_filesize] = 512M
 php_admin_value[max_execution_time] = 600
 php_admin_value[max_input_time] = 600
 php_admin_value[session.save_path] = /usr/local/vesta/data/sessions
-php_admin_value[date.timezone] = GMT

From 04360b978bc473495529edc8e4e0451fae0d72dd Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 13 Aug 2019 00:55:14 +0200
Subject: [PATCH 0564/2300] Update vesta_compile.sh

---
 src/deb/vesta_compile.sh | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/src/deb/vesta_compile.sh b/src/deb/vesta_compile.sh
index b3067a79..a30dacd5 100644
--- a/src/deb/vesta_compile.sh
+++ b/src/deb/vesta_compile.sh
@@ -135,6 +135,12 @@ fi
 if [ "$VESTA_B" = true ]; then
   VESTAGIT_B='true'
 fi
+if [ "$PHP_B" = true ]; then
+  VESTAGIT_B='true'
+fi
+if [ "$NGINX_B" = true ]; then
+  VESTAGIT_B='true'
+fi
 
 #################################################################################
 #
@@ -361,6 +367,7 @@ if [ "$PHP_B" = true ]; then
   # Copying control, postinst and postrm files
   cp -rf /root/vesta/src/deb/php/* $BUILD_DIR/vesta-php_$VESTA_V/DEBIAN
   rm $BUILD_DIR/vesta-php_$VESTA_V/DEBIAN/php-fpm.conf
+  rm $BUILD_DIR/vesta-php_$VESTA_V/DEBIAN/php.ini
   
   # Set version
   sed -i "/Version: /c\Version: $VESTA_VER" $BUILD_DIR/vesta-php_$VESTA_V/DEBIAN/control
@@ -379,6 +386,7 @@ if [ "$PHP_B" = true ]; then
 
   echo "=== Get php-fpm.conf"
   cp /root/vesta/src/deb/php/php-fpm.conf $BUILD_DIR/vesta-php_$VESTA_V/usr/local/vesta/php/etc/php-fpm.conf
+  cp /root/vesta/src/deb/php/php.ini $BUILD_DIR/vesta-php_$VESTA_V/usr/local/vesta/php/lib/php.ini
   
   echo "=== copy binary"
   cp $INSTALL_DIR/php/sbin/php-fpm $BUILD_DIR/vesta-php_$VESTA_V/usr/local/vesta/php/sbin/vesta-php

From ab1badd35ec7afdb806ce59c70e3b3a57381d3dc Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 13 Aug 2019 20:32:40 +0200
Subject: [PATCH 0565/2300] Add files via upload

---
 src/static.tar.gz | Bin 3028 -> 3023 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)

diff --git a/src/static.tar.gz b/src/static.tar.gz
index 0d33c96f587d548e7332d0a407fe39f8b08aeb6d..fe082fd66873675c2244da860d64b2994b4a6143 100644
GIT binary patch
literal 3023
zcmV;=3o!H_iwFSw0aIN71MORTTolzFKcXaVzR;^?@u_iPl@ONMoqdR)K|Bu>324WZZS3`ouZe{VEuH2~AM
zzi9wC>>O#sFkoX@?&sv%8vm0*9cW|ISzO9ChX2#p-8n;wg3_iaYHdbMYxU3
zw*;6d3t2c6)8LBV+W{HB3F<&|2FuvnwF~^R`VSj`9yj8sPG~f^)+pD1SD+>TG;1+Y
zHg%?%zW-~qRsRVctpB)12fIFj6Y%#Mt%S{7B06eF5cxOI7wiH+gb;W^6nUC}
z_(5nub9_pc*^ZGm4ufB22II0QEZ324F=t>V)=HWgH5NnV!GV#E%q+_8kL94NtWe6#
zsWVusKbB18a+EclvSFH_AUzmxwNnQG+<-q)k5&gAQ+&6cXvRN|9`kO~!CqT0MDCty
zTJ`vz(4y=Y9|-r~JJ_r2+lPBU{c4YpikIB~*DX5o)RfGSjm7awU0rk%nO2^*r+!yK
z@li|2!08{HdAsOmb*=fYH|k~ny8?Ik
z|GLC~Nd8*`?Zx>HcX8gW_nep3>_6XQdBxjxvp1dGcD=`pXqmDuMGOBqs(@=J`u~Fd
zuW!wNol!pjxdg5IKWhFwe|Pf-uBinbM-SP$?GoNKbnO!F9p>O_&red7TS`B1pAylK
zw7X~ZAVn2Z`p&}7AAElCo8LS*imB@7?(5a7blr+x?}rS1CUM38Ki!rVS$FPA$$4hc
z812@E8{MZ}+>+3DZe3{?xuEn%z&ZbEns&wc|400fc?h2Wy?cI>-IGYJT6XZnx8@3CeBZp{m$?Vrjee0{%xG)i
z^?42YsKiShzb^Q2#oSevzP|BqV0CleUp=%q^r70cc_$C0-uP;6_3TbE%YP|a_z#nm
zYoqLT%5?v$KpXtm;u=Hi{%_C|GXGtHJN!R;>-nEl0Ys4&MM4w-x)KCY;6;HJ1ws@6
z8sr67Bt)JTc|zm?lBETa=0%zoX+op{no0;F!HWbf5`;(qs7VBZ2zU|DA|ONnkYc17
z>VlJ@G(hVh@Pa@K0wD+hEeo%BUf^kgCj=fKE8rl_3p6dzgg^si6qF@+fuIF~5C{Nm
zgi{5;3xE~?Apn3(Mm|8Jp_R}qfIL7eLDf(foD7gd=o(c&xB=pMfc%5Y(x@ErG{MsV
zxeKj;g9HutNIU_c_s}RP%LAGR1P=fT1_~CO4Z{Kb2PihkC8!J<4Xp$yRA^zS8>)u7
z0E!$MMwJ)VUYZ6dkkCK4EP;wKO#m2I=q|JZ4$^>tBt>CHS>cf^3N%1bN3rA4R1^+?
zl7KwqktSp`KsiBn@JKOI4N!`ZG>_Jip8Ud$!9YU);Ii-vwF2pG08+kzlu;n%3`ki4
zQrv+QSs=v@NYMe3|3LB(NIn3`N+8(*q?LfA3rNy%xDkMQ0IC3}1Yi~b`2eH>5CMP^
z08c3U8-^Pj8|&-qtE#FhD=TNsnw6iQpPHH)5fPzODm^{XykGN+1)gE7t0BPxC
z&HP2rnPq|GhbulhH8=F1M*WV8=;H9|rBOj1H-`{w5_*M}p0Q-9&ONm{EhzTDHC=Y~
znu%3ImnewJsS>*DFp`3&(4oe|bSegtqg)PcA23o?9@sy8WbHnm2i6VDGX>9Iw`}Ruvff#*aj%s!bw%&Z-2I|B
zeCY+RNxSFG?sjgfulIh7!P9u
zk&4+%zdHD>xZGor_(DpT>sz&}4!vrK%&QOjy36~?r>9(8EUu}&y3_RED~GhUpHV+^MneVYAPOd^j~=fqx=3#(Q!BSRi^)R8N}X`fLa&
zUV1#_*n$a>Wznbkfp5+}Zuj0+^n6a_O}gfA{LYo3D@vb?+tgT`T^~}FaJuZ}fqu-w
z56Znp7xiD(`NIC~`A0r{$!Zzh@MtO9dC8dU`SVv@p5^d+<=TY3Ot-jRs~nrgbC*hT
z3YC|G`uT64vAvKgk7_K+Dzhrqm!BMVhO-}MQ~CrJ{5!eps693BxF6UU6!++)m7h(s
z4;wWn=4sVZFaP}d`k0#?Hj%{jrSSDZ(LqJFv)-XH@PAwr2W?s1EGC_QV$9Qho=G~<_vXw;*n;at8}qt$do~4MkW5xL)?X@Gu)NE`
zK0m$TJ{Qk+&i^=O5%6{W%`W37XsQ1uD&0&n?Xv^?HT@rM{n7rJ@Wm=fYYG#~HLpFq3*bLH=
z#o9SV1Vxh$3wK+IvsDynNpMOe+Q&M#7mD20f&`t4Ov46{CaWUM!DS_e#f3vsm@}P-
z-DZs>mtZqFH3$I(lY}ypa!IQ?!|%?ugE1Gt0H@liBntXtry}B$omouN(tl&!L;a6z
z8DV1`xj!Svu$f3g5l0q8GmryJ24#09r@?WwW-`T?X!AYp5@c5_n;FI0tfccmVwmYx
zs4=A~3sYGzl><|8*m$MNHeQLT?3gND*`^8MkWvgW1j{L?9z>Plq2!Do_#|t_TTiG4uDXI5K3&kRd~c3>h+H$dDmJh71`p
RWXNz8z6Zcki_`#6002x^_`?7I

literal 3028
zcmV;_3oG;=iwFRY0#9841MORTTolzFKR!s@e4$s(;#1?o3Lz}BJNpnt!vGa|#w*`C
zursi*JA=Ekyh^WeO9_F}d@x?jQZz-gtLDu>ElksL6j3oF@#eKO^NO0cd^4RhN*b+E
zpJb~~^ZjFIXV35a&hIhb-|x&Yr~^T}1BWo`_0kcd^-=n+A@o|pfNL}cE&SbR)ZhTq
zx4&rsIP4s0!!TfDS?=fL+8Y0pLLF#hQ&`Tf=5pK3J(OUBPIu4zYj6$FXf;}#fFA}U
zfLDQ0X8;)9UIyKbzj*$=uxtuOAT1I1d+Bggz%nZh*Q&^TG#bQpyOsthOGiof7%7z1D9BJv4-5<+DXXzo7
znNz2-R(~vk%Hk+%3T4AIK|y*j@M`A{0CWWYNIhB|bV~HCI@XMT95MdgEBkv_oe$qR
z!?f!0T_O1yFFp|Jzk9G}>9-H}dHU6!!R0Tx{jYmO_=)Lh!5a%=l)8q9crv*xc~|3(
z+=9cF;6bxKIQ4e^J}>{M3&q1afMLH|Wd9s!;eU#SWHQ@_{%!JKtJSsUzuu^q`R@wc
z;s5Ir{~`Hr4YU{MJKV+jj(v(>TC?|D&lTlwH_Y91eCzd|vm<26x)d$^=crt+o#_7y
z`oF$4|8++B{?8?7-TzVZ=lQ#vKX6Sg=rnFf)z*u6w~)0SiQDwB
zv++B7)%qx^nUZ%Feg5F{OWyqE!Ldwre>Y#x-X-fQdcPk$^qIJd|9`qQIlSS_<)U-U
z;_=$5vp0Ioys#y<-@JyBu5v;78MN@M(+PE!5@eJloS3Z
zb$)q%|D7IqagWZ?%MzE0K`%tr9g4rv;h9;M&HTCi_dfeX
zf28~0Yo~0=@IN%FE=ynCJ??{=^TTEm*flZK*vp>UQ!WOr@WcL}Ol`02f7|?roNwL#
zah=S6SHL;{X_|J${r`{nANdfx|M%+kO-3&wp?dlLW8a#~jWPYQ3tr|Pa5MUadots!
zf!F7s)sKq1*y-!s4=d)avh?$fc>`-Get-4Qf{=&mljk2lkaXj#d9`yp%Pjw;XyHFh
zQkIRf+bPriuL5oGUyExDt^2=0Pssdt1@7?w^sVQAQUwr2S`-OU1n5i*jfPf2vjFk{tprs=U2rl$4xw{Y{on?O=K=B$E=!|w$kPN*
z1LQ8W0uB;1+#~S>fZju+pezq)9uPbLC>SVMa5fAF^dF$uAeW#rXf(7EpirTOp>C)e
z>H;WoXc$#qSbJ$2pg=vMA61MIFVCM^jNa
z07?S#kVl%3(E#NH*})^lNHstyLee~1M|$!LGX?_*{e#QGGt>&Cs{u&)22w_Wlrtb@
z1xRrRQe=S?J0L{|Nd5!KLm>G8BrAbr2ar|*k}e=g!{H_X8Ud&Vpb~&W0CE6G0w4?k
zB>)~!_BRYSH8nLhHda?xS5{UQ78d5@KHqongsr}KYG{$CPsb~}iz*^Y`-*EOUG4ehXpo#T
z!OUOqm{S@^epvC*iFqOaH0rmPM-+tCE*ll(esc)1CboA-$tg>^>daHClY^r6UDIXM
zu9;Fjbg6=>$Y9m(dhZ1d1ByPK
zc4^|?SKd04p$dLtaknM2p7S2!5i)yZ2l)}e-B1VO>LB%yKg9bVdL3cZ8xj9;9j=kz
z|8NCb@^4G0EbVm>{F?k5jnex+=#>yT|1Q9f@=vq2R4O2y!dt%PaFe{ast
z7sV0F&U;SXIe%{VGc$a>_F4?qrV}T&tvnsO&fC-NWY)1qu5N#9_HfA#l`
zd{xDipL*r=RAMu&7=C%4>SP1{oM&18D?R#;Wh%#=^;cJDhuAjKQU2-sd&N*O?-u6y
z;X8CE6RWe=9v;vza98u>a-6zS;B)w2*#@KA-ir~@H}+H}r%rrx_T#Fg@{d$cnxgw|
z2q;)~H2BEE$>F6DC;35d&OK`P+M54-X829I?qE#K%8-hZC!;qt6=XC9SI3?#eR+@{
zv*?2|&vE$!mUlV7cU#V(4_~rc#+`k%gzd6)e8z$Wt1cBf{9d^>c{kHNy7wx_rb*nz
zqRc$yrJ(-)+h%Xeqsm4#<)@cg73<564?o4(kFtq<19ShK&~5Clx_8|6Z48Qjbn42_
zX4;33EslKJIGkBlUpL{SaR6u%}_L
z!=5)qx0(1qu8BTdRyT|B=bjkU0Dn#Yhg*NN|1)TGa{qS)TID~>
z#?oAt3Es0a_wPASTm2us?5)x23`U(^4-YW^I=BOn`@bs?#ge9I*5t5Im{V9;)6{I_
zyE;{oK-sb>TMTKvhpci`Vx01}RD_9QIHyu9BMD-+WJ8FB
zO(iYqtesPYQ8ekWaJQ8>TSbu^52u8qeXMhPp~!75NYJUsOl%-&vMNS8xb(P@(V>tO
z<}@c_w^<{}#oA0x4MIS{B%#dIEYhk@^}BQKV9dENz)5y0o`U|^sj!#?XBN}6^xs(b
zQ2!%aM%!3N*3ZZ>Y#NeKM3cD@4CDZlO4*&sX>qh<0>zkU^F1ySWL6ZLHj1@bN#}9I
zFw?C_V@g#zrm|ov2d3h%NlKM%k`hzdF;$APO%*6o=%`d>V-r~E+tTd+0Mmg
zab}ir>IxP>D&nc>4zrC)CM{-D0=(z3IPoQpwA;xIGu*J;ZyWq%>Awz}?88T$ZkRd~c
W3>h+H$dDn!W%wSWoQ-k-Pyhg6UHusV


From 868dd8b146e76ea3c83c26855ae2f60b22d989d2 Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Thu, 15 Aug 2019 21:42:57 +0300
Subject: [PATCH 0566/2300] Release 0.9.8-25

---
 src/deb/ioncube/control              | 2 +-
 src/deb/nginx/control                | 2 +-
 src/deb/php/control                  | 2 +-
 src/deb/softaculous/control          | 2 +-
 src/deb/vesta/control                | 2 +-
 src/rpm/specs/vesta-ioncube.spec     | 2 +-
 src/rpm/specs/vesta-nginx.spec       | 2 +-
 src/rpm/specs/vesta-php.spec         | 2 +-
 src/rpm/specs/vesta-softaculous.spec | 2 +-
 src/rpm/specs/vesta.spec             | 7 +++++--
 upd/add_notifications.sh             | 2 +-
 11 files changed, 15 insertions(+), 12 deletions(-)

diff --git a/src/deb/ioncube/control b/src/deb/ioncube/control
index 8b264b80..eb6cbe88 100644
--- a/src/deb/ioncube/control
+++ b/src/deb/ioncube/control
@@ -1,7 +1,7 @@
 Source: vesta-ioncube
 Package: vesta-ioncube
 Priority: optional
-Version: 0.9.8-24
+Version: 0.9.8-25
 Section: admin
 Maintainer: Serghey Rodin 
 Homepage: https://www.ioncube.com
diff --git a/src/deb/nginx/control b/src/deb/nginx/control
index 970f8dbe..8ee25b92 100644
--- a/src/deb/nginx/control
+++ b/src/deb/nginx/control
@@ -1,7 +1,7 @@
 Source: vesta-nginx
 Package: vesta-nginx
 Priority: optional
-Version: 0.9.8-24
+Version: 0.9.8-25
 Section: admin
 Maintainer: Serghey Rodin 
 Homepage: http://vestacp.com
diff --git a/src/deb/php/control b/src/deb/php/control
index 3b8055de..55f27612 100644
--- a/src/deb/php/control
+++ b/src/deb/php/control
@@ -1,7 +1,7 @@
 Source: vesta-php
 Package: vesta-php
 Priority: optional
-Version: 0.9.8-24
+Version: 0.9.8-25
 Section: admin
 Maintainer: Serghey Rodin 
 Homepage: http://vestacp.com
diff --git a/src/deb/softaculous/control b/src/deb/softaculous/control
index f47048a6..9c5ad99c 100644
--- a/src/deb/softaculous/control
+++ b/src/deb/softaculous/control
@@ -1,7 +1,7 @@
 Source: vesta-softaculous
 Package: vesta-softaculous
 Priority: optional
-Version: 0.9.8-24
+Version: 0.9.8-25
 Section: admin
 Maintainer: Serghey Rodin 
 Homepage: https://www.softaculous.com
diff --git a/src/deb/vesta/control b/src/deb/vesta/control
index 3e7bdd64..2a6ddaf2 100644
--- a/src/deb/vesta/control
+++ b/src/deb/vesta/control
@@ -1,7 +1,7 @@
 Source: vesta
 Package: vesta
 Priority: optional
-Version: 0.9.8-24
+Version: 0.9.8-25
 Section: admin
 Maintainer: Serghey Rodin 
 Homepage: http://vestacp.com
diff --git a/src/rpm/specs/vesta-ioncube.spec b/src/rpm/specs/vesta-ioncube.spec
index 4dbf3203..868d84bd 100644
--- a/src/rpm/specs/vesta-ioncube.spec
+++ b/src/rpm/specs/vesta-ioncube.spec
@@ -1,6 +1,6 @@
 Name:           vesta-ioncube
 Version:        0.9.8
-Release:        24
+Release:        25
 Summary:        ionCube Loader
 Group:          System Environment/Base
 License:        "Freely redistributable without restriction"
diff --git a/src/rpm/specs/vesta-nginx.spec b/src/rpm/specs/vesta-nginx.spec
index 8fb887c9..3d3ab4bd 100644
--- a/src/rpm/specs/vesta-nginx.spec
+++ b/src/rpm/specs/vesta-nginx.spec
@@ -1,6 +1,6 @@
 Name:           vesta-nginx
 Version:        0.9.8
-Release:        24
+Release:        25
 Summary:        Vesta Control Panel
 Group:          System Environment/Base
 License:        BSD-like
diff --git a/src/rpm/specs/vesta-php.spec b/src/rpm/specs/vesta-php.spec
index 336e1e77..ee07bbd0 100644
--- a/src/rpm/specs/vesta-php.spec
+++ b/src/rpm/specs/vesta-php.spec
@@ -1,6 +1,6 @@
 Name:           vesta-php
 Version:        0.9.8
-Release:        24
+Release:        25
 Summary:        Vesta Control Panel
 Group:          System Environment/Base
 License:        GPL
diff --git a/src/rpm/specs/vesta-softaculous.spec b/src/rpm/specs/vesta-softaculous.spec
index 86baeb29..23b8cf16 100644
--- a/src/rpm/specs/vesta-softaculous.spec
+++ b/src/rpm/specs/vesta-softaculous.spec
@@ -1,6 +1,6 @@
 Name:           vesta-softaculous
 Version:        0.9.8
-Release:        24
+Release:        25
 Summary:        Vesta Control Panel
 Group:          System Environment/Base
 License:        Softaculous License
diff --git a/src/rpm/specs/vesta.spec b/src/rpm/specs/vesta.spec
index d632cc55..d0b59e6a 100644
--- a/src/rpm/specs/vesta.spec
+++ b/src/rpm/specs/vesta.spec
@@ -1,6 +1,6 @@
 Name:           vesta
 Version:        0.9.8
-Release:        24
+Release:        25
 Summary:        Vesta Control Panel
 Group:          System Environment/Base
 License:        GPL
@@ -68,6 +68,10 @@ fi
 %config(noreplace) %{_vestadir}/web/css/uploadify.css
 
 %changelog
+* Thu Aug 15 2019 Serghey Rodin  - 0.9.8-25
+- Security bugfixes
+- LEv2 idn fix
+
 * Mon Apr 18 2019 Serghey Rodin  - 0.9.8-24
 - Bugfixes
 - Security patches
@@ -75,7 +79,6 @@ fi
 - Server LE
 - i18n updates
 
-
 * Thu Oct 18 2018 Serghey Rodin  - 0.9.8-23
 - Security fixes
 
diff --git a/upd/add_notifications.sh b/upd/add_notifications.sh
index 4aecf68c..06882d29 100755
--- a/upd/add_notifications.sh
+++ b/upd/add_notifications.sh
@@ -5,4 +5,4 @@ rm -f /usr/local/vesta/data/users/admin/notifications.conf
 /usr/local/vesta/bin/v-add-user-notification admin "File Manager" "Browse, copy, edit, view, and retrieve all your web domain files using a fully featured File Manager. Plugin is available for purchase." 'filemanager'
 /usr/local/vesta/bin/v-add-user-notification admin "Chroot SFTP" "If you want to have SFTP accounts that will be used only to transfer files (and not to SSH), you can  purchase and enable SFTP Chroot"
 /usr/local/vesta/bin/v-add-user-notification admin "Softaculous" "Softaculous is one of the best Auto Installers and it is finally available"
-/usr/local/vesta/bin/v-add-user-notification admin "Release 0.9.8-24" "This release is about stability and refinement. We added Let's Encrypt v2 support and added server certificate management tools. For more information please read release notes"
+/usr/local/vesta/bin/v-add-user-notification admin "Release 0.9.8-25" "This release is about stability and refinement. We added Let's Encrypt v2 support and added server certificate management tools. For more information please read release notes"

From d2b9837df566ef81abea6f2d57a339a219de4a3c Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 17 Aug 2019 01:20:19 +0200
Subject: [PATCH 0567/2300] Update vesta_compile.sh

---
 src/deb/vesta_compile.sh | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/src/deb/vesta_compile.sh b/src/deb/vesta_compile.sh
index a30dacd5..55a5f00c 100644
--- a/src/deb/vesta_compile.sh
+++ b/src/deb/vesta_compile.sh
@@ -40,7 +40,7 @@ ZLIB='https://www.zlib.net/zlib-'$ZLIB_V'.tar.gz'
 PHP='http://de2.php.net/distributions/php-'$PHP_V'.tar.gz'
 
 # Set package dependencies for compiling
-SOFTWARE='build-essential libxml2-dev libz-dev libcurl4-gnutls-dev unzip openssl libssl-dev pkg-config reprepro dpkg-sig'
+SOFTWARE='build-essential libxml2-dev libz-dev libcurl4-gnutls-dev unzip openssl libssl-dev pkg-config reprepro dpkg-sig git'
 
 function press_enter {
     if [ $wait_to_press_enter -eq 1 ]; then
@@ -142,6 +142,10 @@ if [ "$NGINX_B" = true ]; then
   VESTAGIT_B='true'
 fi
 
+if [ ! -d "$BUILD_DIR" ]; then
+  mkdir -p $BUILD_DIR
+fi
+
 #################################################################################
 #
 # Get latest vesta from git
@@ -303,6 +307,8 @@ if [ "$NGINX_B" = true ]; then
   # fi
   
   make_deb_package_and_add_to_repo "vesta-nginx"
+
+  echo "=== All done"
 fi
 
 #################################################################################
@@ -439,4 +445,6 @@ if [ "$VESTA_B" = true ]; then
   chmod +x *
   
   make_deb_package_and_add_to_repo "vesta"
+
+  echo "=== All done"
 fi

From 57862aaae698ae6436bf7c3193596a70ee221019 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 17 Aug 2019 01:32:35 +0200
Subject: [PATCH 0568/2300] Update vesta_compile.sh

---
 src/deb/vesta_compile.sh | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/src/deb/vesta_compile.sh b/src/deb/vesta_compile.sh
index 55a5f00c..6ff63aee 100644
--- a/src/deb/vesta_compile.sh
+++ b/src/deb/vesta_compile.sh
@@ -4,14 +4,19 @@
 # Made for MyVesta fork.
 # Autocompile script borrowed from HestiaCP, special thanks to Raphael Schneeberger
 
-wait_to_press_enter=1
-run_apt_update_and_install=1
+build_deb_package=1
 add_deb_to_apt_repo=0
 
 DEB_NAME='buster'
 DEB_VER='10'
 VESTA_VER='0.9.8-25'
 
+MAIN_TARGET_DEB_NAME='buster'
+
+run_apt_update_and_install=1
+wait_to_press_enter=1
+
+###############
 # Set compiling directory
 BUILD_DIR="/usr/src/$DEB_NAME"
 INSTALL_DIR="/usr/local/vesta"

From 48e6e497daddff0673d4e6d28f0ad685fcc79085 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 17 Aug 2019 01:50:55 +0200
Subject: [PATCH 0569/2300] Update vesta_compile.sh

---
 src/deb/vesta_compile.sh | 428 ++++++++++++++++++++-------------------
 1 file changed, 225 insertions(+), 203 deletions(-)

diff --git a/src/deb/vesta_compile.sh b/src/deb/vesta_compile.sh
index 6ff63aee..3716130f 100644
--- a/src/deb/vesta_compile.sh
+++ b/src/deb/vesta_compile.sh
@@ -7,18 +7,20 @@
 build_deb_package=1
 add_deb_to_apt_repo=0
 
-DEB_NAME='buster'
+TARGET_DEB_NAME='buster'
 DEB_VER='10'
 VESTA_VER='0.9.8-25'
 
-MAIN_TARGET_DEB_NAME='buster'
+TARGET_DEB_NAME_MAIN='buster'
 
 run_apt_update_and_install=1
 wait_to_press_enter=1
 
 ###############
+
 # Set compiling directory
-BUILD_DIR="/usr/src/$DEB_NAME"
+BUILD_DIR="/usr/src/$TARGET_DEB_NAME"
+BUILD_DIR_MAIN="/usr/src/$TARGET_DEB_NAME_MAIN"
 INSTALL_DIR="/usr/local/vesta"
 
 # Set git repository raw path
@@ -26,8 +28,8 @@ GIT_SRC='https://raw.githubusercontent.com/myvesta/vesta/master/src'
 GIT_REP="$GIT_REP/deb"
 
 PATH_OF_C_WEB_FOLDER="/var/www/c.vesta.hostingpanel.dev/html"
-PATH_OF_C_WEB_FOLDER_FOR_SPECIFIC_DEB_VER="$PATH_OF_C_WEB_FOLDER/debian/$DEB_VER"
-PATH_OF_APT_REPO="/var/www/apt.vesta.hostingpanel.dev/html/$DEB_NAME"
+PATH_OF_C_WEB_FOLDER_FOR_SPECIFIC_DEB_VER="$PATH_OF_C_WEB_FOLDER/debian/$TARGET_DEB_VER"
+PATH_OF_APT_REPO="/var/www/apt.vesta.hostingpanel.dev/html/$TARGET_DEB_NAME"
 
 # Set Version for compiling
 VESTA_V=$VESTA_VER"_amd64"
@@ -55,27 +57,27 @@ function press_enter {
     fi
 }
 
-function make_deb_package_and_add_to_repo {
+function make_deb_package {
   press_enter "=== Press enter to build the package"
   cd $BUILD_DIR
   if [ -f "$1_$VESTA_V.deb" ]; then
     rm $1_$VESTA_V.deb
   fi
   dpkg-deb --build $1_$VESTA_V
-  
-  if [ $add_deb_to_apt_repo -eq 1 ]; then
-    press_enter "=== Press enter to sign the package ==============================================================================="
+}
+
+function add_to_repo {  
+  press_enter "=== Press enter to sign the package ==============================================================================="
+  cd $BUILD_DIR
+  export GPG_TTY=$(tty)
+  dpkg-sig --sign builder $1_$VESTA_V.deb
+  mkdir -p $PATH_OF_APT_REPO
+  cd $PATH_OF_APT_REPO
     
-    export GPG_TTY=$(tty)
-    dpkg-sig --sign builder $1_$VESTA_V.deb
-	mkdir -p $PATH_OF_APT_REPO
-    cd $PATH_OF_APT_REPO
+  press_enter "=== Press enter to add to repo ==============================================================================="
     
-    press_enter "=== Press enter to add to repo ==============================================================================="
-    
-    reprepro --ask-passphrase -Vb . remove $DEB_NAME $1
-    reprepro --ask-passphrase -Vb . includedeb $DEB_NAME $BUILD_DIR/$1_$VESTA_V.deb
-  fi
+  reprepro --ask-passphrase -Vb . remove $TARGET_DEB_NAME $1
+  reprepro --ask-passphrase -Vb . includedeb $TARGET_DEB_NAME $BUILD_DIR/$1_$VESTA_V.deb
 }
 
 # Install needed software
@@ -189,7 +191,7 @@ if [ "$CWEB_B" = true ]; then
   
   echo "=== Copying files"
   mkdir -p $PATH_OF_C_WEB_FOLDER_FOR_SPECIFIC_DEB_VER
-  cp -rf /root/vesta/install/debian/$DEB_VER/* $PATH_OF_C_WEB_FOLDER_FOR_SPECIFIC_DEB_VER
+  cp -rf /root/vesta/install/debian/$TARGET_DEB_VER/* $PATH_OF_C_WEB_FOLDER_FOR_SPECIFIC_DEB_VER
   cp /root/vesta/install/debian/10/deb_signing.key /var/www/c.vesta.hostingpanel.dev/html/deb_signing.key
   cd $PATH_OF_C_WEB_FOLDER_FOR_SPECIFIC_DEB_VER
   
@@ -226,92 +228,97 @@ fi
 #################################################################################
 
 if [ "$NGINX_B" = true ]; then
-  echo "======= Building vesta-nginx ======="
-
-  echo "=== Change to build directory"
-  cd $BUILD_DIR
-  
-  BUILDING_NOW=0
-  # Check if target directory exist
-  if [ ! -d "$BUILD_DIR/nginx-$NGINX_V" ] || [ ! -d "$INSTALL_DIR/nginx" ]; then
-    BUILDING_NOW=1
+  if [ $build_deb_package -eq 1 ]; then
+    echo "======= Building vesta-nginx ======="
     
-    press_enter "=== Press enter to download and unpack source files"
-
-	rm -rf nginx-$NGINX_V
-	rm -rf openssl-$OPENSSL_V
-	rm -rf pcre-$PCRE_V
-	rm -rf zlib-$ZLIB_V
-    wget -nv -qO- $NGINX | tar xz
-    wget -nv -qO- $OPENSSL | tar xz
-    wget -nv -qO- $PCRE | tar xz
-    wget -nv -qO- $ZLIB | tar xz
+    echo "=== Change to build directory"
+    cd $BUILD_DIR
     
-    echo "=== Change to nginx directory"
-    cd nginx-$NGINX_V
+    BUILDING_NOW=0
+    # Check if target directory exist
+    if [ ! -d "$BUILD_DIR/nginx-$NGINX_V" ] || [ ! -d "$INSTALL_DIR/nginx" ]; then
+      BUILDING_NOW=1
+      
+      press_enter "=== Press enter to download and unpack source files"
     
-    press_enter "=== Press enter to configure nginx"
-    ./configure 	--prefix=$INSTALL_DIR/nginx \
-    		--with-http_ssl_module \
-    		--with-openssl=../openssl-$OPENSSL_V \
-    		--with-openssl-opt=enable-ec_nistp_64_gcc_128 \
-    		--with-openssl-opt=no-nextprotoneg \
-    		--with-openssl-opt=no-weak-ssl-ciphers \
-    		--with-openssl-opt=no-ssl3 \
-    		--with-pcre=../pcre-$PCRE_V \
-    	        --with-pcre-jit \
-    		--with-zlib=../zlib-$ZLIB_V
+	  rm -rf nginx-$NGINX_V
+	  rm -rf openssl-$OPENSSL_V
+	  rm -rf pcre-$PCRE_V
+	  rm -rf zlib-$ZLIB_V
+      wget -nv -qO- $NGINX | tar xz
+      wget -nv -qO- $OPENSSL | tar xz
+      wget -nv -qO- $PCRE | tar xz
+      wget -nv -qO- $ZLIB | tar xz
+      
+      echo "=== Change to nginx directory"
+      cd nginx-$NGINX_V
+      
+      press_enter "=== Press enter to configure nginx"
+      ./configure 	--prefix=$INSTALL_DIR/nginx \
+      		--with-http_ssl_module \
+      		--with-openssl=../openssl-$OPENSSL_V \
+      		--with-openssl-opt=enable-ec_nistp_64_gcc_128 \
+      		--with-openssl-opt=no-nextprotoneg \
+      		--with-openssl-opt=no-weak-ssl-ciphers \
+      		--with-openssl-opt=no-ssl3 \
+      		--with-pcre=../pcre-$PCRE_V \
+      	        --with-pcre-jit \
+      		--with-zlib=../zlib-$ZLIB_V
+      
+      # Check install directory and remove if exists
+      if [ -d $INSTALL_DIR/nginx ]; then
+      	rm -rf $INSTALL_DIR/nginx
+      fi
+      
+      press_enter "=== Press enter to make && make install"
+      make && make install
     
-    # Check install directory and remove if exists
-    if [ -d $INSTALL_DIR/nginx ]; then
-    	rm -rf $INSTALL_DIR/nginx
     fi
     
-    press_enter "=== Press enter to make && make install"
-    make && make install
-
+    press_enter "=== Press enter to Prepare Deb Package Folder Structure"
+    if [ -d "$BUILD_DIR/vesta-nginx_$VESTA_V" ]; then
+      rm -rf $BUILD_DIR/vesta-nginx_$VESTA_V
+    fi
+    echo "=== Create directory"
+    mkdir $BUILD_DIR/vesta-nginx_$VESTA_V
+    
+    cd $BUILD_DIR/vesta-nginx_$VESTA_V/
+    mkdir -p usr/local/vesta/nginx etc/init.d DEBIAN
+    
+    press_enter "=== Press enter to Download control, postinst and postrm files"
+    # Copying control, postinst and postrm files
+    cp -rf /root/vesta/src/deb/nginx/* $BUILD_DIR/vesta-nginx_$VESTA_V/DEBIAN
+    rm $BUILD_DIR/vesta-nginx_$VESTA_V/DEBIAN/nginx.conf
+    rm $BUILD_DIR/vesta-nginx_$VESTA_V/DEBIAN/vesta
+    
+    # Set version
+    sed -i "/Version: /c\Version: $VESTA_VER" $BUILD_DIR/vesta-nginx_$VESTA_V/DEBIAN/control
+    
+    # Set permission
+    chmod +x $BUILD_DIR/vesta-nginx_$VESTA_V/DEBIAN/postinst
+    
+    echo "=== Copying nginx directory"
+    cp -rf $INSTALL_DIR/nginx/* usr/local/vesta/nginx
+    
+    echo "=== Get Service File"
+    cd $BUILD_DIR/vesta-nginx_$VESTA_V/etc/init.d
+    cp /root/vesta/src/deb/nginx/vesta vesta
+    chmod +x vesta
+    
+    echo "=== Get nginx.conf"
+    cd $BUILD_DIR/vesta-nginx_$VESTA_V
+    cp /root/vesta/src/deb/nginx/nginx.conf $BUILD_DIR/vesta-nginx_$VESTA_V/usr/local/vesta/nginx/conf/nginx.conf
+    
+    # if [ $BUILDING_NOW -eq 1 ]; then
+    echo "=== copy binary"
+    cp $INSTALL_DIR/nginx/sbin/nginx $BUILD_DIR/vesta-nginx_$VESTA_V/usr/local/vesta/nginx/sbin/vesta-nginx
+    # fi
+    
+    make_deb_package "vesta-nginx"
   fi
-  
-  press_enter "=== Press enter to Prepare Deb Package Folder Structure"
-  if [ -d "$BUILD_DIR/vesta-nginx_$VESTA_V" ]; then
-    rm -rf $BUILD_DIR/vesta-nginx_$VESTA_V
+  if [ $add_deb_to_apt_repo -eq 1 ]; then
+    add_to_repo "vesta-nginx"
   fi
-  echo "=== Create directory"
-  mkdir $BUILD_DIR/vesta-nginx_$VESTA_V
-
-  cd $BUILD_DIR/vesta-nginx_$VESTA_V/
-  mkdir -p usr/local/vesta/nginx etc/init.d DEBIAN
-  
-  press_enter "=== Press enter to Download control, postinst and postrm files"
-  # Copying control, postinst and postrm files
-  cp -rf /root/vesta/src/deb/nginx/* $BUILD_DIR/vesta-nginx_$VESTA_V/DEBIAN
-  rm $BUILD_DIR/vesta-nginx_$VESTA_V/DEBIAN/nginx.conf
-  rm $BUILD_DIR/vesta-nginx_$VESTA_V/DEBIAN/vesta
-  
-  # Set version
-  sed -i "/Version: /c\Version: $VESTA_VER" $BUILD_DIR/vesta-nginx_$VESTA_V/DEBIAN/control
-
-  # Set permission
-  chmod +x $BUILD_DIR/vesta-nginx_$VESTA_V/DEBIAN/postinst
-
-  echo "=== Copying nginx directory"
-  cp -rf $INSTALL_DIR/nginx/* usr/local/vesta/nginx
-  
-  echo "=== Get Service File"
-  cd $BUILD_DIR/vesta-nginx_$VESTA_V/etc/init.d
-  cp /root/vesta/src/deb/nginx/vesta vesta
-  chmod +x vesta
-  
-  echo "=== Get nginx.conf"
-  cd $BUILD_DIR/vesta-nginx_$VESTA_V
-  cp /root/vesta/src/deb/nginx/nginx.conf $BUILD_DIR/vesta-nginx_$VESTA_V/usr/local/vesta/nginx/conf/nginx.conf
-  
-  # if [ $BUILDING_NOW -eq 1 ]; then
-  echo "=== copy binary"
-  cp $INSTALL_DIR/nginx/sbin/nginx $BUILD_DIR/vesta-nginx_$VESTA_V/usr/local/vesta/nginx/sbin/vesta-nginx
-  # fi
-  
-  make_deb_package_and_add_to_repo "vesta-nginx"
 
   echo "=== All done"
 fi
@@ -324,85 +331,90 @@ fi
 
 
 if [ "$PHP_B" = true ]; then
-  echo "======= Building vesta-php package ======="
-  cd $BUILD_DIR
-  
-  BUILDING_NOW=0
-  # Check if target directory exist
-  if [ ! -d "$BUILD_DIR/php-$PHP_V" ] || [ ! -d "$INSTALL_DIR/nginx" ]; then
-	BUILDING_NOW=1
+  if [ $build_deb_package -eq 1 ]; then
+    echo "======= Building vesta-php package ======="
+    cd $BUILD_DIR
     
-    echo "=== Download and unpack source files"
-	rm -rf php-$PHP_V
-    wget -nv -qO- $PHP | tar xz
+    BUILDING_NOW=0
+    # Check if target directory exist
+    if [ ! -d "$BUILD_DIR/php-$PHP_V" ] || [ ! -d "$INSTALL_DIR/nginx" ]; then
+	  BUILDING_NOW=1
+      
+      echo "=== Download and unpack source files"
+	  rm -rf php-$PHP_V
+      wget -nv -qO- $PHP | tar xz
+      
+      echo "=== Change to php directory php-$PHP_V"
+      cd php-$PHP_V
+      
+      press_enter "=== Press enter to continue ==============================================================================="
+      
+      echo "=== Configure PHP"
+      ./configure --prefix=$INSTALL_DIR/php \
+                  --enable-fpm \
+                  --with-zlib \
+                  --with-fpm-user=admin \
+                  --with-fpm-group=admin \
+                  --with-mysql \
+                  --with-mysqli \
+                  --with-curl \
+                  --enable-mbstring
+      
+      # Check install directory and remove if exists
+      if [ -d $INSTALL_DIR/php ]; then
+      	rm -rf $INSTALL_DIR/php
+      fi
     
-    echo "=== Change to php directory php-$PHP_V"
-    cd php-$PHP_V
-    
-    press_enter "=== Press enter to continue ==============================================================================="
-    
-    echo "=== Configure PHP"
-    ./configure --prefix=$INSTALL_DIR/php \
-                --enable-fpm \
-                --with-zlib \
-                --with-fpm-user=admin \
-                --with-fpm-group=admin \
-                --with-mysql \
-                --with-mysqli \
-                --with-curl \
-                --enable-mbstring
-    
-    # Check install directory and remove if exists
-    if [ -d $INSTALL_DIR/php ]; then
-    	rm -rf $INSTALL_DIR/php
+      press_enter "=== Press enter to create the files and install them ==============================================================================="
+      
+      make && make install
+      
+      press_enter "=== Press enter to continue ==============================================================================="
     fi
-
-    press_enter "=== Press enter to create the files and install them ==============================================================================="
     
-    make && make install
+    cd $BUILD_DIR
+    if [ -d "vesta-php_$VESTA_V" ]; then
+      rm -rf vesta-php_$VESTA_V
+    fi
+    echo "=== Create directory: $BUILD_DIR/vesta-php_$VESTA_V"
+    mkdir -p $BUILD_DIR/vesta-php_$VESTA_V
     
-    press_enter "=== Press enter to continue ==============================================================================="
+    echo "=== Prepare Deb Package Folder Structure: $BUILD_DIR/vesta-php_$VESTA_V/usr/local/vesta/php and $BUILD_DIR/vesta-php_$VESTA_V/DEBIAN"
+    cd $BUILD_DIR/vesta-php_$VESTA_V/
+    mkdir -p usr/local/vesta/php DEBIAN
+    
+    # Copying control, postinst and postrm files
+    cp -rf /root/vesta/src/deb/php/* $BUILD_DIR/vesta-php_$VESTA_V/DEBIAN
+    rm $BUILD_DIR/vesta-php_$VESTA_V/DEBIAN/php-fpm.conf
+    rm $BUILD_DIR/vesta-php_$VESTA_V/DEBIAN/php.ini
+    
+    # Set version
+    sed -i "/Version: /c\Version: $VESTA_VER" $BUILD_DIR/vesta-php_$VESTA_V/DEBIAN/control
+    
+    # Set permission
+    chmod +x $BUILD_DIR/vesta-php_$VESTA_V/DEBIAN/postinst
+    
+    press_enter "=== Press enter to copy builded php ==============================================================================="
+    cd ..
+    
+    # if [ $BUILDING_NOW -eq 1 ]; then
+    echo "=== Copying php directory"
+    cp -rf $INSTALL_DIR/php/* $BUILD_DIR/vesta-php_$VESTA_V/usr/local/vesta/php/
+    press_enter "=== Done, press enter to copy php-fpm.conf and vesta-php binary ==============================================================================="
+    # fi
+    
+    echo "=== Get php-fpm.conf"
+    cp /root/vesta/src/deb/php/php-fpm.conf $BUILD_DIR/vesta-php_$VESTA_V/usr/local/vesta/php/etc/php-fpm.conf
+    cp /root/vesta/src/deb/php/php.ini $BUILD_DIR/vesta-php_$VESTA_V/usr/local/vesta/php/lib/php.ini
+    
+    echo "=== copy binary"
+    cp $INSTALL_DIR/php/sbin/php-fpm $BUILD_DIR/vesta-php_$VESTA_V/usr/local/vesta/php/sbin/vesta-php
+  
+    make_deb_package "vesta-php"
   fi
-  
-  cd $BUILD_DIR
-  if [ -d "vesta-php_$VESTA_V" ]; then
-    rm -rf vesta-php_$VESTA_V
+  if [ $add_deb_to_apt_repo -eq 1 ]; then
+    add_to_repo "vesta-php"
   fi
-  echo "=== Create directory: $BUILD_DIR/vesta-php_$VESTA_V"
-  mkdir -p $BUILD_DIR/vesta-php_$VESTA_V
-
-  echo "=== Prepare Deb Package Folder Structure: $BUILD_DIR/vesta-php_$VESTA_V/usr/local/vesta/php and $BUILD_DIR/vesta-php_$VESTA_V/DEBIAN"
-  cd $BUILD_DIR/vesta-php_$VESTA_V/
-  mkdir -p usr/local/vesta/php DEBIAN
-  
-  # Copying control, postinst and postrm files
-  cp -rf /root/vesta/src/deb/php/* $BUILD_DIR/vesta-php_$VESTA_V/DEBIAN
-  rm $BUILD_DIR/vesta-php_$VESTA_V/DEBIAN/php-fpm.conf
-  rm $BUILD_DIR/vesta-php_$VESTA_V/DEBIAN/php.ini
-  
-  # Set version
-  sed -i "/Version: /c\Version: $VESTA_VER" $BUILD_DIR/vesta-php_$VESTA_V/DEBIAN/control
-
-  # Set permission
-  chmod +x $BUILD_DIR/vesta-php_$VESTA_V/DEBIAN/postinst
- 
-  press_enter "=== Press enter to copy builded php ==============================================================================="
-  cd ..
-  
-  # if [ $BUILDING_NOW -eq 1 ]; then
-  echo "=== Copying php directory"
-  cp -rf $INSTALL_DIR/php/* $BUILD_DIR/vesta-php_$VESTA_V/usr/local/vesta/php/
-  press_enter "=== Done, press enter to copy php-fpm.conf and vesta-php binary ==============================================================================="
-  # fi
-
-  echo "=== Get php-fpm.conf"
-  cp /root/vesta/src/deb/php/php-fpm.conf $BUILD_DIR/vesta-php_$VESTA_V/usr/local/vesta/php/etc/php-fpm.conf
-  cp /root/vesta/src/deb/php/php.ini $BUILD_DIR/vesta-php_$VESTA_V/usr/local/vesta/php/lib/php.ini
-  
-  echo "=== copy binary"
-  cp $INSTALL_DIR/php/sbin/php-fpm $BUILD_DIR/vesta-php_$VESTA_V/usr/local/vesta/php/sbin/vesta-php
-  
-  make_deb_package_and_add_to_repo "vesta-php"
     
   echo "=== All done"
 fi
@@ -414,42 +426,52 @@ fi
 #################################################################################
 
 if [ "$VESTA_B" = true ]; then
-  echo "======= Building vesta package ======="
-  # Change to build directory
-  cd $BUILD_DIR
+  if [ $build_deb_package -eq 1 ]; then
+    echo "======= Building vesta package ======="
+    # Change to build directory
+    cd $BUILD_DIR
+    
+    # Check if target directory exist
+    if [ -d $BUILD_DIR/vesta_$VESTA_V ]; then
+    	rm -rf $BUILD_DIR/vesta_$VESTA_V
+    fi
+    
+    # Create directory
+    mkdir $BUILD_DIR/vesta_$VESTA_V
+    
+    # Prepare Deb Package Folder Structure
+    cd vesta_$VESTA_V/
+    mkdir -p usr/local/vesta DEBIAN
+    
+    # Copying control, postinst and postrm files
+    cp -rf /root/vesta/src/deb/vesta/* $BUILD_DIR/vesta_$VESTA_V/DEBIAN
+    
+    # Set version
+    sed -i "/Version: /c\Version: $VESTA_VER" $BUILD_DIR/vesta_$VESTA_V/DEBIAN/control
   
-  # Check if target directory exist
-  if [ -d $BUILD_DIR/vesta_$VESTA_V ]; then
-  	rm -rf $BUILD_DIR/vesta_$VESTA_V
+    # Set permission
+    chmod +x $BUILD_DIR/vesta_$VESTA_V/DEBIAN/postinst
+    rm $BUILD_DIR/vesta_$VESTA_V/DEBIAN/conffiles
+  
+    # Copying vesta source
+    cp -rf /root/vesta/* $BUILD_DIR/vesta_$VESTA_V/usr/local/vesta
+    
+    # Set permission
+    cd $BUILD_DIR/vesta_$VESTA_V/usr/local/vesta/bin
+    chmod +x *
+    cd $BUILD_DIR/vesta_$VESTA_V/usr/local/vesta/upd
+    chmod +x *
+    
+    make_deb_package "vesta"
+  fi
+  if [ $add_deb_to_apt_repo -eq 1 ]; then
+    if [ "$TARGET_DEB_NAME_MAIN" != "$TARGET_DEB_NAME" ]; then
+      cd $BUILD_DIR
+      rm vesta_$VESTA_V.deb
+      cp $BUILD_DIR_MAIN/vesta_$VESTA_V.deb $BUILD_DIR/vesta_$VESTA_V.deb
+	fi
+    add_to_repo "vesta"
   fi
-  
-  # Create directory
-  mkdir $BUILD_DIR/vesta_$VESTA_V
-  
-  # Prepare Deb Package Folder Structure
-  cd vesta_$VESTA_V/
-  mkdir -p usr/local/vesta DEBIAN
-  
-  # Copying control, postinst and postrm files
-  cp -rf /root/vesta/src/deb/vesta/* $BUILD_DIR/vesta_$VESTA_V/DEBIAN
-  
-  # Set version
-  sed -i "/Version: /c\Version: $VESTA_VER" $BUILD_DIR/vesta_$VESTA_V/DEBIAN/control
-
-  # Set permission
-  chmod +x $BUILD_DIR/vesta_$VESTA_V/DEBIAN/postinst
-  rm $BUILD_DIR/vesta_$VESTA_V/DEBIAN/conffiles
-
-  # Copying vesta source
-  cp -rf /root/vesta/* $BUILD_DIR/vesta_$VESTA_V/usr/local/vesta
-  
-  # Set permission
-  cd $BUILD_DIR/vesta_$VESTA_V/usr/local/vesta/bin
-  chmod +x *
-  cd $BUILD_DIR/vesta_$VESTA_V/usr/local/vesta/upd
-  chmod +x *
-  
-  make_deb_package_and_add_to_repo "vesta"
 
   echo "=== All done"
 fi

From b4ca738affa3d333565e3a653e2b3c7c11dc3f9a Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 17 Aug 2019 02:52:24 +0200
Subject: [PATCH 0570/2300] Vesta compiling script, ver 1.0

---
 src/deb/vesta_compile.sh | 118 ++++++++++++++++++++++++++++-----------
 1 file changed, 86 insertions(+), 32 deletions(-)

diff --git a/src/deb/vesta_compile.sh b/src/deb/vesta_compile.sh
index 3716130f..302f9860 100644
--- a/src/deb/vesta_compile.sh
+++ b/src/deb/vesta_compile.sh
@@ -12,11 +12,15 @@ DEB_VER='10'
 VESTA_VER='0.9.8-25'
 
 TARGET_DEB_NAME_MAIN='buster'
+TARGET_DEB_VER_MAIN='10'
 
 run_apt_update_and_install=1
 wait_to_press_enter=1
 
 ###############
+# Note: first run --apt_repo before turning add_deb_to_apt_repo=1
+
+MAINTAINER_EMAIL='predrag@hostingpanel.dev'
 
 # Set compiling directory
 BUILD_DIR="/usr/src/$TARGET_DEB_NAME"
@@ -27,9 +31,12 @@ INSTALL_DIR="/usr/local/vesta"
 GIT_SRC='https://raw.githubusercontent.com/myvesta/vesta/master/src'
 GIT_REP="$GIT_REP/deb"
 
-PATH_OF_C_WEB_FOLDER="/var/www/c.vesta.hostingpanel.dev/html"
-PATH_OF_C_WEB_FOLDER_FOR_SPECIFIC_DEB_VER="$PATH_OF_C_WEB_FOLDER/debian/$TARGET_DEB_VER"
-PATH_OF_APT_REPO="/var/www/apt.vesta.hostingpanel.dev/html/$TARGET_DEB_NAME"
+C_WEB_ADDRESS="c.vesta.hostingpanel.dev"
+PATH_OF_C_WEB_FOLDER_ROOT="/var/www/$C_WEB_ADDRESS/html"
+PATH_OF_C_WEB_FOLDER="$PATH_OF_C_WEB_FOLDER_ROOT/debian/$TARGET_DEB_VER"
+APT_WEB_ADDRESS="apt.vesta.hostingpanel.dev"
+PATH_OF_APT_REPO_ROOT="/var/www/$APT_WEB_ADDRESS/html"
+PATH_OF_APT_REPO="$PATH_OF_APT_REPO_ROOT/$TARGET_DEB_NAME"
 
 # Set Version for compiling
 VESTA_V=$VESTA_VER"_amd64"
@@ -71,11 +78,12 @@ function add_to_repo {
   cd $BUILD_DIR
   export GPG_TTY=$(tty)
   dpkg-sig --sign builder $1_$VESTA_V.deb
-  mkdir -p $PATH_OF_APT_REPO
-  cd $PATH_OF_APT_REPO
-    
+  
   press_enter "=== Press enter to add to repo ==============================================================================="
     
+  mkdir -p $PATH_OF_APT_REPO
+  cd $PATH_OF_APT_REPO
+  echo "=== cd $PATH_OF_APT_REPO"
   reprepro --ask-passphrase -Vb . remove $TARGET_DEB_NAME $1
   reprepro --ask-passphrase -Vb . includedeb $TARGET_DEB_NAME $BUILD_DIR/$1_$VESTA_V.deb
 }
@@ -116,13 +124,13 @@ for arg; do
     --vesta)
       VESTA_B='true'
       ;;
-    --vestagit)
+    --git_clone)
       VESTAGIT_B='true'
       ;;
-    --cweb)
+    --c)
       CWEB_B='true'
       ;;
-    --aptweb)
+    --apt_repo)
       APTWEB_B='true'
       ;;
     *)
@@ -132,21 +140,26 @@ for arg; do
 done
 
 if [ $# -eq 0 ]; then
-  echo "!!! Please run with argument --vesta, --nginx, --php, --vestagit, --cweb, --aptweb or --all"
+  echo "!!! Please run with argument --vesta, --nginx, --php, --git_clone, --c, --apt or --all"
   exit 1
 fi
 
-if [ "$CWEB_B" = true ]; then
-  VESTAGIT_B='true'
-fi
-if [ "$VESTA_B" = true ]; then
-  VESTAGIT_B='true'
-fi
-if [ "$PHP_B" = true ]; then
-  VESTAGIT_B='true'
-fi
-if [ "$NGINX_B" = true ]; then
-  VESTAGIT_B='true'
+if [ $build_deb_package -eq 1 ]; then
+  if [ "$APTWEB_B" = true ]; then
+    VESTAGIT_B='true'
+  fi
+  if [ "$CWEB_B" = true ]; then
+    VESTAGIT_B='true'
+  fi
+  if [ "$VESTA_B" = true ]; then
+    VESTAGIT_B='true'
+  fi
+  if [ "$PHP_B" = true ]; then
+    VESTAGIT_B='true'
+  fi
+  if [ "$NGINX_B" = true ]; then
+    VESTAGIT_B='true'
+  fi
 fi
 
 if [ ! -d "$BUILD_DIR" ]; then
@@ -164,6 +177,7 @@ if [ "$VESTAGIT_B" = true ]; then
   cd /root
   rm -rf vesta/
   git clone https://github.com/myvesta/vesta.git
+  echo "=== Git cloning done"
 fi
 
 #################################################################################
@@ -172,28 +186,65 @@ fi
 #
 #################################################################################
 
+if [ "$APTWEB_B" = true ]; then
+  echo "======= Building apt subdomain web folder ======="
+
+  mkdir -p $PATH_OF_APT_REPO
+  cd $PATH_OF_APT_REPO
+  
+  mkdir conf && cd conf
+  cat <distributions
+Origin: $APT_WEB_ADDRESS
+Label: myvesta apt repository
+Codename: $TARGET_DEB_NAME
+Architectures: amd64 source
+Components: vesta
+Description: myvesta debian package repo
+SignWith: yes
+Pull: $TARGET_DEB_NAME
+EOF
+  
+  if [ ! -d "/root/.gnupg" ]; then
+    gpg --gen-key
+    gpg --armor --export $MAINTAINER_EMAIL --output $MAINTAINER_EMAIL.gpg.key
+    press_enter "*** please copy above generated key to your clipboard and then paste it after pressing enter now ***"
+    vi $PATH_OF_APT_REPO_ROOT/deb_signing.key
+	cp $PATH_OF_APT_REPO_ROOT/deb_signing.key $PATH_OF_C_WEB_FOLDER_ROOT/deb_signing.key
+  fi
+
+  echo "=== All done"
+fi
+ 
+#################################################################################
+#
+# Building c subdomain web folder
+#
+#################################################################################
+
 if [ "$CWEB_B" = true ]; then
   echo "======= Building c subdomain web folder ======="
   
-  echo "Removing: $PATH_OF_C_WEB_FOLDER"
-  rm -rf $PATH_OF_C_WEB_FOLDER
+  echo "Removing: $PATH_OF_C_WEB_FOLDER_ROOT"
+  rm -rf $PATH_OF_C_WEB_FOLDER_ROOT
   echo "=== Whole C folder removed"
 
-  echo "=== Making folder $PATH_OF_C_WEB_FOLDER"
-  mkdir -p $PATH_OF_C_WEB_FOLDER
-  cd $PATH_OF_C_WEB_FOLDER
+  echo "=== Making folder $PATH_OF_C_WEB_FOLDER_ROOT"
+  mkdir -p $PATH_OF_C_WEB_FOLDER_ROOT
+  cd $PATH_OF_C_WEB_FOLDER_ROOT
   
   echo "=== Copying and extracting static files"
 
-  cp /root/vesta/src/static.tar.gz $PATH_OF_C_WEB_FOLDER/static.tar.gz
+  cp /root/vesta/src/static.tar.gz $PATH_OF_C_WEB_FOLDER_ROOT/static.tar.gz
   tar -xzf static.tar.gz
   rm static.tar.gz
   
   echo "=== Copying files"
-  mkdir -p $PATH_OF_C_WEB_FOLDER_FOR_SPECIFIC_DEB_VER
-  cp -rf /root/vesta/install/debian/$TARGET_DEB_VER/* $PATH_OF_C_WEB_FOLDER_FOR_SPECIFIC_DEB_VER
-  cp /root/vesta/install/debian/10/deb_signing.key /var/www/c.vesta.hostingpanel.dev/html/deb_signing.key
-  cd $PATH_OF_C_WEB_FOLDER_FOR_SPECIFIC_DEB_VER
+  mkdir -p $PATH_OF_C_WEB_FOLDER
+  cp -rf /root/vesta/install/debian/$TARGET_DEB_VER/* $PATH_OF_C_WEB_FOLDER
+  if [ ! -f "$PATH_OF_C_WEB_FOLDER_ROOT/deb_signing.key" ]; then
+    cp /root/vesta/install/debian/$TARGET_DEB_VER_MAIN/deb_signing.key $PATH_OF_C_WEB_FOLDER_ROOT/deb_signing.key
+  fi
+  cd $PATH_OF_C_WEB_FOLDER
   
   if [ -f "packages.tar.gz" ]; then
     rm packages.tar.gz
@@ -219,6 +270,7 @@ if [ "$CWEB_B" = true ]; then
     rm dovecot.tar.gz
   fi
   tar -czf dovecot.tar.gz dovecot/
+  echo "=== All done"
 fi
 
 #################################################################################
@@ -467,7 +519,9 @@ if [ "$VESTA_B" = true ]; then
   if [ $add_deb_to_apt_repo -eq 1 ]; then
     if [ "$TARGET_DEB_NAME_MAIN" != "$TARGET_DEB_NAME" ]; then
       cd $BUILD_DIR
-      rm vesta_$VESTA_V.deb
+	  if [ -f "vesta_$VESTA_V.deb" ]; then
+        rm vesta_$VESTA_V.deb
+	  fi
       cp $BUILD_DIR_MAIN/vesta_$VESTA_V.deb $BUILD_DIR/vesta_$VESTA_V.deb
 	fi
     add_to_repo "vesta"

From 84392aa52a13031ab4d8bf9d7ec53c97d5eec8f4 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 17 Aug 2019 12:42:26 +0200
Subject: [PATCH 0571/2300] Replacing ns1.domain.tld and ns2.domain.tld with
 real nameservers

---
 install/vst-install-debian.sh | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index cbea8e73..5a3bd7a4 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -827,6 +827,8 @@ cp -rf $vestacp/templates $VESTA/data/
 # Set nameservers
 sed -i "s/YOURHOSTNAME1/ns1.$servername/" /usr/local/vesta/data/packages/default.pkg
 sed -i "s/YOURHOSTNAME2/ns2.$servername/" /usr/local/vesta/data/packages/default.pkg
+sed -i "s/ns1.domain.tld/ns1.$servername/" /usr/local/vesta/data/packages/default.pkg
+sed -i "s/ns2.domain.tld/ns2.$servername/" /usr/local/vesta/data/packages/default.pkg
 
 # Copying index.html to default documentroot
 cp $VESTA/data/templates/web/skel/public_html/index.html /var/www/

From 69c6e910fac526041ef71abd8c755e50a7296f4d Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 17 Aug 2019 15:30:40 +0200
Subject: [PATCH 0572/2300] Trigger custom post-update script after update

---
 src/deb/vesta/postinst | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index 131e36ec..9d47da77 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -6,8 +6,8 @@ if [ ! -e "/usr/local/vesta/data/users/admin" ]; then
 fi
 
 # Run triggers
-# if [ -x "/usr/local/vesta/upd/sonething.sh" ]; then
-#    /usr/local/vesta/upd/something.sh
-# fi
+if [ -x "/root/vesta-patch.sh" ]; then
+    /root/vesta-patch.sh
+fi
 
 exit 0

From b168ef14d972185263db2250609bdc82325536c5 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 17 Aug 2019 16:04:48 +0200
Subject: [PATCH 0573/2300] Update vesta_compile.sh

---
 src/deb/vesta_compile.sh | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/src/deb/vesta_compile.sh b/src/deb/vesta_compile.sh
index 302f9860..e263ba0a 100644
--- a/src/deb/vesta_compile.sh
+++ b/src/deb/vesta_compile.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Autocompile Script for VestaCP deb Files.
+# Autocompile Script for VestaCP deb files - ver 1.0
 # Made for MyVesta fork.
 # Autocompile script borrowed from HestiaCP, special thanks to Raphael Schneeberger
 
@@ -8,7 +8,7 @@ build_deb_package=1
 add_deb_to_apt_repo=0
 
 TARGET_DEB_NAME='buster'
-DEB_VER='10'
+TARGET_DEB_VER='10'
 VESTA_VER='0.9.8-25'
 
 TARGET_DEB_NAME_MAIN='buster'
@@ -20,6 +20,14 @@ wait_to_press_enter=1
 ###############
 # Note: first run --apt_repo before turning add_deb_to_apt_repo=1
 
+if [ $# -gt 1 ]; then
+    TARGET_DEB_NAME=$2
+fi
+
+if [ $# -gt 2 ]; then
+    TARGET_DEB_VER=$3
+fi
+
 MAINTAINER_EMAIL='predrag@hostingpanel.dev'
 
 # Set compiling directory
@@ -71,6 +79,8 @@ function make_deb_package {
     rm $1_$VESTA_V.deb
   fi
   dpkg-deb --build $1_$VESTA_V
+  echo "=== Building done."
+  echo "=== Your .deb package is here: $BUILD_DIR/$1_$VESTA_V.deb"
 }
 
 function add_to_repo {  
@@ -209,7 +219,7 @@ EOF
     gpg --armor --export $MAINTAINER_EMAIL --output $MAINTAINER_EMAIL.gpg.key
     press_enter "*** please copy above generated key to your clipboard and then paste it after pressing enter now ***"
     vi $PATH_OF_APT_REPO_ROOT/deb_signing.key
-	cp $PATH_OF_APT_REPO_ROOT/deb_signing.key $PATH_OF_C_WEB_FOLDER_ROOT/deb_signing.key
+    cp $PATH_OF_APT_REPO_ROOT/deb_signing.key $PATH_OF_C_WEB_FOLDER_ROOT/deb_signing.key
   fi
 
   echo "=== All done"

From 0c503c7e3296df385850306fce8db5cd58ebfcc3 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 17 Aug 2019 18:50:16 +0200
Subject: [PATCH 0574/2300] Update vesta_compile.sh

---
 src/deb/vesta_compile.sh | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/deb/vesta_compile.sh b/src/deb/vesta_compile.sh
index e263ba0a..bc5c83ff 100644
--- a/src/deb/vesta_compile.sh
+++ b/src/deb/vesta_compile.sh
@@ -281,6 +281,8 @@ if [ "$CWEB_B" = true ]; then
   fi
   tar -czf dovecot.tar.gz dovecot/
   echo "=== All done"
+  
+  cp /root/vesta/install/vst-install-debian.sh $PATH_OF_C_WEB_FOLDER_ROOT/vst-install-debian.sh
 fi
 
 #################################################################################

From b2934fd617c3eafb727a9d880c1bd7906382010b Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 17 Aug 2019 18:58:54 +0200
Subject: [PATCH 0575/2300] Update vesta_compile.sh

---
 src/deb/vesta_compile.sh | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/deb/vesta_compile.sh b/src/deb/vesta_compile.sh
index bc5c83ff..9b4134d9 100644
--- a/src/deb/vesta_compile.sh
+++ b/src/deb/vesta_compile.sh
@@ -11,9 +11,6 @@ TARGET_DEB_NAME='buster'
 TARGET_DEB_VER='10'
 VESTA_VER='0.9.8-25'
 
-TARGET_DEB_NAME_MAIN='buster'
-TARGET_DEB_VER_MAIN='10'
-
 run_apt_update_and_install=1
 wait_to_press_enter=1
 
@@ -30,6 +27,9 @@ fi
 
 MAINTAINER_EMAIL='predrag@hostingpanel.dev'
 
+TARGET_DEB_NAME_MAIN='buster'
+TARGET_DEB_VER_MAIN='10'
+
 # Set compiling directory
 BUILD_DIR="/usr/src/$TARGET_DEB_NAME"
 BUILD_DIR_MAIN="/usr/src/$TARGET_DEB_NAME_MAIN"

From 0287e6d956b3f2e16e0efd900bdebece4fc1b916 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 17 Aug 2019 19:00:44 +0200
Subject: [PATCH 0576/2300] Update vesta_compile.sh

---
 src/deb/vesta_compile.sh | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/deb/vesta_compile.sh b/src/deb/vesta_compile.sh
index 9b4134d9..7f4d8bbc 100644
--- a/src/deb/vesta_compile.sh
+++ b/src/deb/vesta_compile.sh
@@ -134,13 +134,13 @@ for arg; do
     --vesta)
       VESTA_B='true'
       ;;
-    --git_clone)
+    --git)
       VESTAGIT_B='true'
       ;;
     --c)
       CWEB_B='true'
       ;;
-    --apt_repo)
+    --apt)
       APTWEB_B='true'
       ;;
     *)
@@ -150,7 +150,7 @@ for arg; do
 done
 
 if [ $# -eq 0 ]; then
-  echo "!!! Please run with argument --vesta, --nginx, --php, --git_clone, --c, --apt or --all"
+  echo "!!! Please run with argument --vesta, --nginx, --php, --git, --c, --apt or --all"
   exit 1
 fi
 

From 59a959c4b296bcf1f8119d8f5b8c3067d89f59b9 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 17 Aug 2019 19:02:34 +0200
Subject: [PATCH 0577/2300] Update vesta_compile.sh

---
 src/deb/vesta_compile.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/vesta_compile.sh b/src/deb/vesta_compile.sh
index 7f4d8bbc..e8baba7a 100644
--- a/src/deb/vesta_compile.sh
+++ b/src/deb/vesta_compile.sh
@@ -15,7 +15,7 @@ run_apt_update_and_install=1
 wait_to_press_enter=1
 
 ###############
-# Note: first run --apt_repo before turning add_deb_to_apt_repo=1
+# Note: first run --apt before turning add_deb_to_apt_repo=1
 
 if [ $# -gt 1 ]; then
     TARGET_DEB_NAME=$2

From d5ef538af67856f9a4ed32a63c20414e1adcc8b6 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 17 Aug 2019 19:26:15 +0200
Subject: [PATCH 0578/2300] Update vesta_compile.sh

---
 src/deb/vesta_compile.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/vesta_compile.sh b/src/deb/vesta_compile.sh
index e8baba7a..5782dbc1 100644
--- a/src/deb/vesta_compile.sh
+++ b/src/deb/vesta_compile.sh
@@ -250,7 +250,7 @@ if [ "$CWEB_B" = true ]; then
   
   echo "=== Copying files"
   mkdir -p $PATH_OF_C_WEB_FOLDER
-  cp -rf /root/vesta/install/debian/$TARGET_DEB_VER/* $PATH_OF_C_WEB_FOLDER
+  cp -rf /root/vesta/install/debian/* $PATH_OF_C_WEB_FOLDER_ROOT/debian
   if [ ! -f "$PATH_OF_C_WEB_FOLDER_ROOT/deb_signing.key" ]; then
     cp /root/vesta/install/debian/$TARGET_DEB_VER_MAIN/deb_signing.key $PATH_OF_C_WEB_FOLDER_ROOT/deb_signing.key
   fi

From 1613744d0a7f5cb11ceb44b0f1b86c04b899f0d1 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 17 Aug 2019 19:34:04 +0200
Subject: [PATCH 0579/2300] Update vst-install-debian.sh

---
 install/vst-install-debian.sh | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 5a3bd7a4..d1167db1 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -636,11 +636,7 @@ fi
 #----------------------------------------------------------#
 
 # Update system packages
-if [ $ALLOW_INSECURE_APT -eq 1 ]; then
-  apt-get -o Acquire::AllowInsecureRepositories=true -o Acquire::AllowDowngradeToInsecureRepositories=true update
-else
-  apt-get update
-fi
+apt-get update
 
 # Disable daemon autostart /usr/share/doc/sysv-rc/README.policy-rc.d.gz
 echo -e '#!/bin/sh \nexit 101' > /usr/sbin/policy-rc.d

From 0634c42b2607ef2099a938faacb74a6b514e3553 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 17 Aug 2019 19:50:01 +0200
Subject: [PATCH 0580/2300] Update vst-install-debian.sh

---
 install/vst-install-debian.sh | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index d1167db1..86c656f5 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -44,6 +44,20 @@ elif [ "$release" -eq 9 ]; then
         bsdmainutils cron vesta vesta-nginx vesta-php expect libmail-dkim-perl
         unrar-free vim-common net-tools unzip"
 fi
+elif [ "$release" -eq 8 ]; then
+    software="nginx apache2 apache2-utils apache2.2-common
+        apache2-suexec-custom libapache2-mod-ruid2
+        libapache2-mod-fcgid libapache2-mod-php5 php5 php5-common php5-cgi
+        php5-mysql php5-curl php5-fpm php5-pgsql awstats webalizer vsftpd
+        proftpd-basic bind9 exim4 exim4-daemon-heavy clamav-daemon
+        spamassassin dovecot-imapd dovecot-pop3d roundcube-core
+        roundcube-mysql roundcube-plugins mysql-server mysql-common
+        mysql-client postgresql postgresql-contrib phppgadmin phpMyAdmin mc
+        flex whois rssh git idn zip sudo bc ftp lsof ntpdate rrdtool quota
+        e2fslibs bsdutils e2fsprogs curl imagemagick fail2ban dnsutils
+        bsdmainutils cron vesta vesta-nginx vesta-php expect libmail-dkim-perl
+        unrar-free vim-common vesta-ioncube vesta-softaculous net-tools unzip"
+fi
 
 # Defining help function
 help() {

From fd4cb7c026e07718de5fdc2cc11e791a8b0d42f6 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 17 Aug 2019 19:50:38 +0200
Subject: [PATCH 0581/2300] Update vst-install-debian.sh

---
 install/vst-install-debian.sh | 1 -
 1 file changed, 1 deletion(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 86c656f5..93dda4d3 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -43,7 +43,6 @@ elif [ "$release" -eq 9 ]; then
         e2fslibs bsdutils e2fsprogs curl imagemagick fail2ban dnsutils
         bsdmainutils cron vesta vesta-nginx vesta-php expect libmail-dkim-perl
         unrar-free vim-common net-tools unzip"
-fi
 elif [ "$release" -eq 8 ]; then
     software="nginx apache2 apache2-utils apache2.2-common
         apache2-suexec-custom libapache2-mod-ruid2

From a7c533ecd472afb63a578527f72bcdc0edb7053a Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 17 Aug 2019 20:03:41 +0200
Subject: [PATCH 0582/2300] Update vst-install-debian.sh

---
 install/vst-install-debian.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 93dda4d3..0d81e099 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -55,7 +55,7 @@ elif [ "$release" -eq 8 ]; then
         flex whois rssh git idn zip sudo bc ftp lsof ntpdate rrdtool quota
         e2fslibs bsdutils e2fsprogs curl imagemagick fail2ban dnsutils
         bsdmainutils cron vesta vesta-nginx vesta-php expect libmail-dkim-perl
-        unrar-free vim-common vesta-ioncube vesta-softaculous net-tools unzip"
+        unrar-free vim-common net-tools unzip"
 fi
 
 # Defining help function

From 76fb13bc41ae7c6051596eb4a21439ca274a6d26 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 17 Aug 2019 20:09:12 +0200
Subject: [PATCH 0583/2300] Update vesta_compile.sh

---
 src/deb/vesta_compile.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/vesta_compile.sh b/src/deb/vesta_compile.sh
index 5782dbc1..8d4da441 100644
--- a/src/deb/vesta_compile.sh
+++ b/src/deb/vesta_compile.sh
@@ -48,7 +48,7 @@ PATH_OF_APT_REPO="$PATH_OF_APT_REPO_ROOT/$TARGET_DEB_NAME"
 
 # Set Version for compiling
 VESTA_V=$VESTA_VER"_amd64"
-NGINX_V='1.17.1'
+NGINX_V='1.17.3'
 OPENSSL_V='1.1.1c'
 PCRE_V='8.43'
 ZLIB_V='1.2.11'

From 5e9f7dcbbc1256f142cf48b4cfb38aac0d576ce1 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 17 Aug 2019 20:16:50 +0200
Subject: [PATCH 0584/2300] Update vst-install-debian.sh

---
 install/vst-install-debian.sh | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 0d81e099..eb7f40a4 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -838,6 +838,8 @@ sed -i "s/YOURHOSTNAME1/ns1.$servername/" /usr/local/vesta/data/packages/default
 sed -i "s/YOURHOSTNAME2/ns2.$servername/" /usr/local/vesta/data/packages/default.pkg
 sed -i "s/ns1.domain.tld/ns1.$servername/" /usr/local/vesta/data/packages/default.pkg
 sed -i "s/ns2.domain.tld/ns2.$servername/" /usr/local/vesta/data/packages/default.pkg
+sed -i "s/ns1.example.com/ns1.$servername/" /usr/local/vesta/data/packages/default.pkg
+sed -i "s/ns2.example.com/ns2.$servername/" /usr/local/vesta/data/packages/default.pkg
 
 # Copying index.html to default documentroot
 cp $VESTA/data/templates/web/skel/public_html/index.html /var/www/

From d0ec79ca1e9245375381fe5d23b8eef28d173031 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 17 Aug 2019 22:50:45 +0200
Subject: [PATCH 0585/2300] Update vesta_compile.sh

---
 src/deb/vesta_compile.sh | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/deb/vesta_compile.sh b/src/deb/vesta_compile.sh
index 8d4da441..edfacdcd 100644
--- a/src/deb/vesta_compile.sh
+++ b/src/deb/vesta_compile.sh
@@ -20,10 +20,15 @@ wait_to_press_enter=1
 if [ $# -gt 1 ]; then
     TARGET_DEB_NAME=$2
 fi
-
 if [ $# -gt 2 ]; then
     TARGET_DEB_VER=$3
 fi
+if [ $# -gt 3 ]; then
+    build_deb_package=$4
+fi
+if [ $# -gt 4 ]; then
+    add_deb_to_apt_repo=$5
+fi
 
 MAINTAINER_EMAIL='predrag@hostingpanel.dev'
 

From 1882aa3d8ab3dc7e41285cc8e8d456d0efb3e087 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 17 Aug 2019 23:19:40 +0200
Subject: [PATCH 0586/2300] Update README.md

---
 README.md | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/README.md b/README.md
index a16fe83e..d49c12f4 100644
--- a/README.md
+++ b/README.md
@@ -1,12 +1,17 @@
-[Vesta Control Panel](http://vestacp.com/)
+MyVesta Control Panel
 ==================================================
 
-[![Join the chat at https://gitter.im/vesta-cp/Lobby](https://badges.gitter.im/vesta-cp/Lobby.svg)](https://gitter.im/vesta-cp/Lobby?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
-
+* MyVesta is a fork of VestaCP
+* Focused on security and stability
+* Therefore, only Debian is supported - keeping focus on ONE eco-system - not wasting energy on compatibility with other Linux distributions
+* It will always be synchronized with official VestaCP commits
+* Youi can by all commercial plugins only on official vestacp.com - we will not take their earnings - we are not making this because of money
 * Vesta is an open source hosting control panel.
 * Vesta has a clean and focused interface without the clutter.
 * Vesta has the latest of very innovative technologies.
 
+Special thanks to vestacp.com and Serghey Rodin for open-source VestaCP project
+
 How to install (2 step)
 ----------------------------
 Connect to your server as root via SSH
@@ -16,7 +21,7 @@ ssh root@your.server
 
 Download the installation script, and run it:
 ```bash
-curl http://vestacp.com/pub/vst-install.sh | bash
+curl http://c.vesta.hostingpanel.dev/vst-install-debian.sh | bash
 ```
 
 How to install (3 step)
@@ -29,7 +34,7 @@ ssh root@your.server
 
 Download the installation script:
 ```bash
-curl -O http://vestacp.com/pub/vst-install.sh
+curl -O http://c.vesta.hostingpanel.dev/vst-install-debian.sh
 ```
 Then run it:
 ```bash

From 6d7a53267cead077bb78dbcf8089447c7109262e Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 17 Aug 2019 23:23:15 +0200
Subject: [PATCH 0587/2300] Update README.md

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index d49c12f4..ac85019d 100644
--- a/README.md
+++ b/README.md
@@ -5,7 +5,7 @@ MyVesta Control Panel
 * Focused on security and stability
 * Therefore, only Debian is supported - keeping focus on ONE eco-system - not wasting energy on compatibility with other Linux distributions
 * It will always be synchronized with official VestaCP commits
-* Youi can by all commercial plugins only on official vestacp.com - we will not take their earnings - we are not making this because of money
+* All VestaCP commercial plugins can be purchased only on official vestacp.com - we will not take their earnings - we are not making this because of money
 * Vesta is an open source hosting control panel.
 * Vesta has a clean and focused interface without the clutter.
 * Vesta has the latest of very innovative technologies.

From aec12a51190a51b422b645041f3a164d49c622a6 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 17 Aug 2019 23:26:29 +0200
Subject: [PATCH 0588/2300] Update README.md

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index ac85019d..4c1a1da5 100644
--- a/README.md
+++ b/README.md
@@ -38,7 +38,7 @@ curl -O http://c.vesta.hostingpanel.dev/vst-install-debian.sh
 ```
 Then run it:
 ```bash
-bash vst-install.sh
+bash vst-install-debian.sh
 ```
 
 License

From e82ad200b7168c42e8b0bb1b7cc228cc19cfc847 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 18 Aug 2019 16:37:00 +0200
Subject: [PATCH 0589/2300] Translated added string in sr.php

---
 web/inc/i18n/sr.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/web/inc/i18n/sr.php b/web/inc/i18n/sr.php
index 759ab6c9..2b91b293 100644
--- a/web/inc/i18n/sr.php
+++ b/web/inc/i18n/sr.php
@@ -1,7 +1,7 @@
  'MAIL Server',
     'Antivirus' => 'Antivirus',
     'AntiSpam' => 'AntiSpam',
-    'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate',
+    'Use Web Domain SSL Certificate' => 'Koristi Web Domain SSL sertifikat',
     'Webmail URL' => 'Webmail URL',
     'MySQL Support' => 'MySQL podrška',
     'phpMyAdmin URL' => 'phpMyAdmin URL',

From 181a99d5d72bdcbe90e114104c46cafce6a7d845 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 20 Aug 2019 20:11:43 +0200
Subject: [PATCH 0590/2300] Update secure_login.php

---
 web/inc/secure_login.php | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/web/inc/secure_login.php b/web/inc/secure_login.php
index 83cb16b9..bf302792 100644
--- a/web/inc/secure_login.php
+++ b/web/inc/secure_login.php
@@ -1,10 +1,4 @@
 
Date: Tue, 20 Aug 2019 20:18:37 +0200
Subject: [PATCH 0591/2300] Update README.md

---
 README.md | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/README.md b/README.md
index 4c1a1da5..aa7f264c 100644
--- a/README.md
+++ b/README.md
@@ -6,6 +6,28 @@ MyVesta Control Panel
 * Therefore, only Debian is supported - keeping focus on ONE eco-system - not wasting energy on compatibility with other Linux distributions
 * It will always be synchronized with official VestaCP commits
 * All VestaCP commercial plugins can be purchased only on official vestacp.com - we will not take their earnings - we are not making this because of money
+
+Features
+==================================================
+
+1) Apache is on mpm_event by default, PHP is running in PHP-FPM
+
+2) You can totally "lock" VestsCP so it can be accessed only via https://serverhost:8083/?MY-SECRET-URL
+
+After installation just execute:
+```
+echo " /usr/local/vesta/web/inc/login_url.php
+```
+Literally no one PHP script will be alive before you access that URL, so even if there is some zero-day exploit - hacker will not be able to access it without knowing your secret URL.
+You can see how mechanism was built by looking at:
+- https://github.com/myvesta/vesta/blob/master/src/deb/php/php.ini#L496
+- https://github.com/myvesta/vesta/blob/master/web/inc/secure_login.php
+
+3) We disabled dangerous PHP functions in php.ini, so even if customer's CMS was compromised, hacker will not be able to execute shell from PHP.
+
+About VestaCP
+==================================================
+
 * Vesta is an open source hosting control panel.
 * Vesta has a clean and focused interface without the clutter.
 * Vesta has the latest of very innovative technologies.

From 73a7008b4ac7774c5dec4775fce64490d16b7507 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 20 Aug 2019 21:00:45 +0200
Subject: [PATCH 0592/2300] Update README.md

---
 README.md | 23 +++++++++++------------
 1 file changed, 11 insertions(+), 12 deletions(-)

diff --git a/README.md b/README.md
index aa7f264c..4643c8d8 100644
--- a/README.md
+++ b/README.md
@@ -10,20 +10,19 @@ MyVesta Control Panel
 Features
 ==================================================
 
-1) Apache is on mpm_event by default, PHP is running in PHP-FPM
+> + Apache is on mpm_event by default, PHP is running in PHP-FPM
 
-2) You can totally "lock" VestsCP so it can be accessed only via https://serverhost:8083/?MY-SECRET-URL
+> + You can totally "lock" VestsCP so it can be accessed only via https://serverhost:8083/?MY-SECRET-URL
+> After installation just execute:
+> ```
+> echo " /usr/local/vesta/web/inc/login_url.php
+> ```
+> Literally no one PHP script will be alive before you access that URL, so even if there is some zero-day exploit - hacker will not be able to access it without knowing your secret URL.
+> You can see how mechanism was built by looking at:
+>   + https://github.com/myvesta/vesta/blob/master/src/deb/php/php.ini#L496
+>   + https://github.com/myvesta/vesta/blob/master/web/inc/secure_login.php
 
-After installation just execute:
-```
-echo " /usr/local/vesta/web/inc/login_url.php
-```
-Literally no one PHP script will be alive before you access that URL, so even if there is some zero-day exploit - hacker will not be able to access it without knowing your secret URL.
-You can see how mechanism was built by looking at:
-- https://github.com/myvesta/vesta/blob/master/src/deb/php/php.ini#L496
-- https://github.com/myvesta/vesta/blob/master/web/inc/secure_login.php
-
-3) We disabled dangerous PHP functions in php.ini, so even if customer's CMS was compromised, hacker will not be able to execute shell from PHP.
+> + We disabled dangerous PHP functions in php.ini, so even if customer's CMS was compromised, hacker will not be able to execute shell from PHP.
 
 About VestaCP
 ==================================================

From 4c916e4ddda4a597a0e3c090dc3e20fdaaca8a83 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 20 Aug 2019 21:06:36 +0200
Subject: [PATCH 0593/2300] Update README.md

---
 README.md | 20 +++++++++-----------
 1 file changed, 9 insertions(+), 11 deletions(-)

diff --git a/README.md b/README.md
index 4643c8d8..e2a5ad5c 100644
--- a/README.md
+++ b/README.md
@@ -10,19 +10,17 @@ MyVesta Control Panel
 Features
 ==================================================
 
-> + Apache is on mpm_event by default, PHP is running in PHP-FPM
++ Apache is on mpm_event by default, PHP is running in PHP-FPM
 
-> + You can totally "lock" VestsCP so it can be accessed only via https://serverhost:8083/?MY-SECRET-URL
-> After installation just execute:
-> ```
-> echo " /usr/local/vesta/web/inc/login_url.php
-> ```
-> Literally no one PHP script will be alive before you access that URL, so even if there is some zero-day exploit - hacker will not be able to access it without knowing your secret URL.
-> You can see how mechanism was built by looking at:
->   + https://github.com/myvesta/vesta/blob/master/src/deb/php/php.ini#L496
->   + https://github.com/myvesta/vesta/blob/master/web/inc/secure_login.php
++ You can totally "lock" VestsCP so it can be accessed only via https://serverhost:8083/?MY-SECRET-URL
+    + After installation just execute:
+    + `echo " /usr/local/vesta/web/inc/login_url.php`
+    + Literally no one PHP script will be alive before you access that URL, so even if there is some zero-day exploit - hacker will not be able to access it without knowing your secret URL.
+    + You can see how mechanism was built by looking at:
+      + https://github.com/myvesta/vesta/blob/master/src/deb/php/php.ini#L496
+      + https://github.com/myvesta/vesta/blob/master/web/inc/secure_login.php
 
-> + We disabled dangerous PHP functions in php.ini, so even if customer's CMS was compromised, hacker will not be able to execute shell from PHP.
++ We disabled dangerous PHP functions in php.ini, so even if customer's CMS was compromised, hacker will not be able to execute shell from PHP.
 
 About VestaCP
 ==================================================

From bf7ae3c0d410ed435d3675708f56f2dc74c87e26 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 20 Aug 2019 21:09:14 +0200
Subject: [PATCH 0594/2300] Update README.md

---
 README.md | 38 ++++++++++----------------------------
 1 file changed, 10 insertions(+), 28 deletions(-)

diff --git a/README.md b/README.md
index e2a5ad5c..332e999d 100644
--- a/README.md
+++ b/README.md
@@ -22,35 +22,8 @@ Features
 
 + We disabled dangerous PHP functions in php.ini, so even if customer's CMS was compromised, hacker will not be able to execute shell from PHP.
 
-About VestaCP
-==================================================
-
-* Vesta is an open source hosting control panel.
-* Vesta has a clean and focused interface without the clutter.
-* Vesta has the latest of very innovative technologies.
-
-Special thanks to vestacp.com and Serghey Rodin for open-source VestaCP project
-
-How to install (2 step)
+How to install
 ----------------------------
-Connect to your server as root via SSH
-```bash
-ssh root@your.server
-```
-
-Download the installation script, and run it:
-```bash
-curl http://c.vesta.hostingpanel.dev/vst-install-debian.sh | bash
-```
-
-How to install (3 step)
-----------------------------
-If the above example does not work, try this 3 step method:
-Connect to your server as root via SSH
-```bash
-ssh root@your.server
-```
-
 Download the installation script:
 ```bash
 curl -O http://c.vesta.hostingpanel.dev/vst-install-debian.sh
@@ -60,6 +33,15 @@ Then run it:
 bash vst-install-debian.sh
 ```
 
+About VestaCP
+==================================================
+
+* Vesta is an open source hosting control panel.
+* Vesta has a clean and focused interface without the clutter.
+* Vesta has the latest of very innovative technologies.
+
+Special thanks to vestacp.com and Serghey Rodin for open-source VestaCP project
+
 License
 ----------------------------
 Vesta is licensed under  [GPL v3 ](https://github.com/serghey-rodin/vesta/blob/master/LICENSE) license

From db1f2c71c3e5413258bee2d6f31daab83788faf7 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 20 Aug 2019 21:13:37 +0200
Subject: [PATCH 0595/2300] Update README.md

---
 README.md | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 332e999d..82e2f58e 100644
--- a/README.md
+++ b/README.md
@@ -10,12 +10,14 @@ MyVesta Control Panel
 Features
 ==================================================
 
-+ Apache is on mpm_event by default, PHP is running in PHP-FPM
++ Support for Debian 10
+
++ Apache is on mpm_event by default, PHP is running in PHP-FPM, which is the best PHP-stack solution
 
 + You can totally "lock" VestsCP so it can be accessed only via https://serverhost:8083/?MY-SECRET-URL
     + After installation just execute:
     + `echo " /usr/local/vesta/web/inc/login_url.php`
-    + Literally no one PHP script will be alive before you access that URL, so even if there is some zero-day exploit - hacker will not be able to access it without knowing your secret URL.
+    + Literally no one PHP script will be alive before you access that URL, so even if there is some zero-day exploit - hacker will not be able to access it without knowing your secret URL. PHP scripts from VestaCP will be simlpy dead - nothing will interact with someone who don't know your secret-URL.
     + You can see how mechanism was built by looking at:
       + https://github.com/myvesta/vesta/blob/master/src/deb/php/php.ini#L496
       + https://github.com/myvesta/vesta/blob/master/web/inc/secure_login.php

From 311acac5a62d19fb1ab3bafb4c169ef121bb8323 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 20 Aug 2019 21:17:19 +0200
Subject: [PATCH 0596/2300] Update README.md

---
 README.md | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 82e2f58e..32de827e 100644
--- a/README.md
+++ b/README.md
@@ -12,8 +12,6 @@ Features
 
 + Support for Debian 10
 
-+ Apache is on mpm_event by default, PHP is running in PHP-FPM, which is the best PHP-stack solution
-
 + You can totally "lock" VestsCP so it can be accessed only via https://serverhost:8083/?MY-SECRET-URL
     + After installation just execute:
     + `echo " /usr/local/vesta/web/inc/login_url.php`
@@ -24,6 +22,10 @@ Features
 
 + We disabled dangerous PHP functions in php.ini, so even if customer's CMS was compromised, hacker will not be able to execute shell from PHP.
 
++ Apache is on mpm_event by default, PHP is running in PHP-FPM, which is the best PHP-stack solution
+
++ Support for multi-PHP versions - https://forum.vestacp.com/viewtopic.php?t=17129
+
 How to install
 ----------------------------
 Download the installation script:

From 6496d9588b69dbfe9028b2f9466e7d4ff027e2f9 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 20 Aug 2019 21:21:55 +0200
Subject: [PATCH 0597/2300] Update README.md

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 32de827e..b79138f1 100644
--- a/README.md
+++ b/README.md
@@ -22,7 +22,7 @@ Features
 
 + We disabled dangerous PHP functions in php.ini, so even if customer's CMS was compromised, hacker will not be able to execute shell from PHP.
 
-+ Apache is on mpm_event by default, PHP is running in PHP-FPM, which is the best PHP-stack solution
++ Apache is fully switched to mpm_event mode, PHP is running in PHP-FPM, which is the most stable PHP-stack solution
 
 + Support for multi-PHP versions - https://forum.vestacp.com/viewtopic.php?t=17129
 

From 4f1a338a62522d91644d908b29ce2b61d7b4f2d7 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 20 Aug 2019 21:27:49 +0200
Subject: [PATCH 0598/2300] Update README.md

---
 README.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index b79138f1..6c84c466 100644
--- a/README.md
+++ b/README.md
@@ -5,7 +5,8 @@ MyVesta Control Panel
 * Focused on security and stability
 * Therefore, only Debian is supported - keeping focus on ONE eco-system - not wasting energy on compatibility with other Linux distributions
 * It will always be synchronized with official VestaCP commits
-* All VestaCP commercial plugins can be purchased only on official vestacp.com - we will not take their earnings - we are not making this because of money
+* All VestaCP commercial plugins can be purchased only on official vestacp.com - we will not take their earnings - we are not making this fork because of money - but because a freedom to enhance security and features
+* All features that is added here will be offered to official VestaCP through pull-requests
 
 Features
 ==================================================

From 6dfa512dc1e099a57af9f6ba80ec2b27e7633c89 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 20 Aug 2019 21:53:16 +0200
Subject: [PATCH 0599/2300] Update README.md

---
 README.md | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 6c84c466..30ba31d7 100644
--- a/README.md
+++ b/README.md
@@ -14,7 +14,7 @@ Features
 + Support for Debian 10
 
 + You can totally "lock" VestsCP so it can be accessed only via https://serverhost:8083/?MY-SECRET-URL
-    + After installation just execute:
+    + After MyVesta installation just execute:
     + `echo " /usr/local/vesta/web/inc/login_url.php`
     + Literally no one PHP script will be alive before you access that URL, so even if there is some zero-day exploit - hacker will not be able to access it without knowing your secret URL. PHP scripts from VestaCP will be simlpy dead - nothing will interact with someone who don't know your secret-URL.
     + You can see how mechanism was built by looking at:
@@ -27,6 +27,11 @@ Features
 
 + Support for multi-PHP versions - https://forum.vestacp.com/viewtopic.php?t=17129
 
++ You can compile Vesta binaries by yourself - https://github.com/myvesta/vesta/blob/master/src/deb/vesta_compile.sh
+    + You can even create your own APT repositorium in a minute
+    + We are using latest nginx version for vesta-nginx package
+    + With your own APT infrastructure you can take a security of Vesta-installer infrastructure in your own hands, you have full control of your Vesta code
+
 How to install
 ----------------------------
 Download the installation script:

From d3c86aa1c36a3dea3aca93af7f344f099fb7a4a9 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 20 Aug 2019 22:02:24 +0200
Subject: [PATCH 0600/2300] Create php-fpm.conf

---
 src/deb/for-download/php/php-fpm.conf | 34 +++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)
 create mode 100644 src/deb/for-download/php/php-fpm.conf

diff --git a/src/deb/for-download/php/php-fpm.conf b/src/deb/for-download/php/php-fpm.conf
new file mode 100644
index 00000000..d9a04795
--- /dev/null
+++ b/src/deb/for-download/php/php-fpm.conf
@@ -0,0 +1,34 @@
+[global]
+pid = /var/run/vesta-php.pid
+daemonize = yes
+
+[www]
+user = admin
+group = admin
+listen = /var/run/vesta-php.sock
+listen.owner = admin
+listen.group = admin
+listen.mode = 0660
+
+pm = dynamic
+pm.max_children = 5
+pm.start_servers = 2
+pm.min_spare_servers = 1
+pm.max_spare_servers = 3
+
+env[HOSTNAME] = $HOSTNAME
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /tmp
+env[TMPDIR] = /tmp
+env[TEMP] = /tmp
+env[VESTA] = $VESTA
+env[LANG] = en_US.UTF-8
+php_flag[display_errors] = off
+php_admin_value[error_log] = /usr/local/vesta/log/fpm-php.log
+php_admin_flag[log_errors] = on
+php_admin_value[memory_limit] = 256M
+php_admin_value[post_max_size] = 512M
+php_admin_value[upload_max_filesize] = 512M
+php_admin_value[max_execution_time] = 600
+php_admin_value[max_input_time] = 600
+php_admin_value[session.save_path] = /usr/local/vesta/data/sessions

From fe21fed10d51d165027fd9d4090260e235842867 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 20 Aug 2019 22:02:42 +0200
Subject: [PATCH 0601/2300] Delete php-fpm.conf

---
 src/deb/php/php-fpm.conf | 34 ----------------------------------
 1 file changed, 34 deletions(-)
 delete mode 100644 src/deb/php/php-fpm.conf

diff --git a/src/deb/php/php-fpm.conf b/src/deb/php/php-fpm.conf
deleted file mode 100644
index d9a04795..00000000
--- a/src/deb/php/php-fpm.conf
+++ /dev/null
@@ -1,34 +0,0 @@
-[global]
-pid = /var/run/vesta-php.pid
-daemonize = yes
-
-[www]
-user = admin
-group = admin
-listen = /var/run/vesta-php.sock
-listen.owner = admin
-listen.group = admin
-listen.mode = 0660
-
-pm = dynamic
-pm.max_children = 5
-pm.start_servers = 2
-pm.min_spare_servers = 1
-pm.max_spare_servers = 3
-
-env[HOSTNAME] = $HOSTNAME
-env[PATH] = /usr/local/bin:/usr/bin:/bin
-env[TMP] = /tmp
-env[TMPDIR] = /tmp
-env[TEMP] = /tmp
-env[VESTA] = $VESTA
-env[LANG] = en_US.UTF-8
-php_flag[display_errors] = off
-php_admin_value[error_log] = /usr/local/vesta/log/fpm-php.log
-php_admin_flag[log_errors] = on
-php_admin_value[memory_limit] = 256M
-php_admin_value[post_max_size] = 512M
-php_admin_value[upload_max_filesize] = 512M
-php_admin_value[max_execution_time] = 600
-php_admin_value[max_input_time] = 600
-php_admin_value[session.save_path] = /usr/local/vesta/data/sessions

From 8f0f393a6ed30d103dba02955ec0a1919692c936 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 20 Aug 2019 22:03:37 +0200
Subject: [PATCH 0602/2300] Create php.ini

---
 src/deb/for-download/php/php.ini | 1249 ++++++++++++++++++++++++++++++
 1 file changed, 1249 insertions(+)
 create mode 100644 src/deb/for-download/php/php.ini

diff --git a/src/deb/for-download/php/php.ini b/src/deb/for-download/php/php.ini
new file mode 100644
index 00000000..83fd88f4
--- /dev/null
+++ b/src/deb/for-download/php/php.ini
@@ -0,0 +1,1249 @@
+[PHP]
+
+;;;;;;;;;;;;;;;;;;;
+; About php.ini   ;
+;;;;;;;;;;;;;;;;;;;
+; This file controls many aspects of PHP's behavior.  In order for PHP to
+; read it, it must be named 'php.ini'.  PHP looks for it in the current
+; working directory, in the path designated by the environment variable
+; PHPRC, and in the path that was defined in compile time (in that order).
+; Under Windows, the compile-time path is the Windows directory.  The
+; path in which the php.ini file is looked for can be overridden using
+; the -c argument in command line mode.
+;
+; The syntax of the file is extremely simple.  Whitespace and Lines
+; beginning with a semicolon are silently ignored (as you probably guessed).
+; Section headers (e.g. [Foo]) are also silently ignored, even though
+; they might mean something in the future.
+;
+; Directives are specified using the following syntax:
+; directive = value
+; Directive names are *case sensitive* - foo=bar is different from FOO=bar.
+;
+; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one
+; of the INI constants (On, Off, True, False, Yes, No and None) or an expression
+; (e.g. E_ALL & ~E_NOTICE), or a quoted string ("foo").
+;
+; Expressions in the INI file are limited to bitwise operators and parentheses:
+; |        bitwise OR
+; &        bitwise AND
+; ~        bitwise NOT
+; !        boolean NOT
+;
+; Boolean flags can be turned on using the values 1, On, True or Yes.
+; They can be turned off using the values 0, Off, False or No.
+;
+; An empty string can be denoted by simply not writing anything after the equal
+; sign, or by using the None keyword:
+;
+;  foo =         ; sets foo to an empty string
+;  foo = none    ; sets foo to an empty string
+;  foo = "none"  ; sets foo to the string 'none'
+;
+; If you use constants in your value, and these constants belong to a
+; dynamically loaded extension (either a PHP extension or a Zend extension),
+; you may only use these constants *after* the line that loads the extension.
+;
+;
+;;;;;;;;;;;;;;;;;;;
+; About this file ;
+;;;;;;;;;;;;;;;;;;;
+; This is the recommended, PHP 5-style version of the php.ini-dist file.  It
+; sets some non standard settings, that make PHP more efficient, more secure,
+; and encourage cleaner coding.
+;
+; The price is that with these settings, PHP may be incompatible with some
+; applications, and sometimes, more difficult to develop with.  Using this
+; file is warmly recommended for production sites.  As all of the changes from
+; the standard settings are thoroughly documented, you can go over each one,
+; and decide whether you want to use it or not.
+;
+; For general information about the php.ini file, please consult the php.ini-dist
+; file, included in your PHP distribution.
+;
+; This file is different from the php.ini-dist file in the fact that it features
+; different values for several directives, in order to improve performance, while
+; possibly breaking compatibility with the standard out-of-the-box behavior of
+; PHP.  Please make sure you read what's different, and modify your scripts
+; accordingly, if you decide to use this file instead.
+;
+; - register_long_arrays = Off     [Performance]
+;     Disables registration of the older (and deprecated) long predefined array
+;     variables ($HTTP_*_VARS).  Instead, use the superglobals that were
+;     introduced in PHP 4.1.0
+; - display_errors = Off           [Security]
+;     With this directive set to off, errors that occur during the execution of
+;     scripts will no longer be displayed as a part of the script output, and thus,
+;     will no longer be exposed to remote users.  With some errors, the error message
+;     content may expose information about your script, web server, or database
+;     server that may be exploitable for hacking.  Production sites should have this
+;     directive set to off.
+; - log_errors = On                [Security]
+;     This directive complements the above one.  Any errors that occur during the
+;     execution of your script will be logged (typically, to your server's error log,
+;     but can be configured in several ways).  Along with setting display_errors to off,
+;     this setup gives you the ability to fully understand what may have gone wrong,
+;     without exposing any sensitive information to remote users.
+; - output_buffering = 4096        [Performance]
+;     Set a 4KB output buffer.  Enabling output buffering typically results in less
+;     writes, and sometimes less packets sent on the wire, which can often lead to
+;     better performance.  The gain this directive actually yields greatly depends
+;     on which Web server you're working with, and what kind of scripts you're using.
+; - register_argc_argv = Off       [Performance]
+;     Disables registration of the somewhat redundant $argv and $argc global
+;     variables.
+; - magic_quotes_gpc = Off         [Performance]
+;     Input data is no longer escaped with slashes so that it can be sent into
+;     SQL databases without further manipulation.  Instead, you should use the
+;     function addslashes() on each input element you wish to send to a database.
+; - variables_order = "GPCS"       [Performance]
+;     The environment variables are not hashed into the $_ENV.  To access
+;     environment variables, you can use getenv() instead.
+; - error_reporting = E_ALL        [Code Cleanliness, Security(?)]
+;     By default, PHP suppresses errors of type E_NOTICE.  These error messages
+;     are emitted for non-critical errors, but that could be a symptom of a bigger
+;     problem.  Most notably, this will cause error messages about the use
+;     of uninitialized variables to be displayed.
+; - allow_call_time_pass_reference = Off     [Code cleanliness]
+;     It's not possible to decide to force a variable to be passed by reference
+;     when calling a function.  The PHP 4 style to do this is by making the
+;     function require the relevant argument by reference.
+
+;;;;;;;;;;;;;;;;;;;;
+; Language Options ;
+;;;;;;;;;;;;;;;;;;;;
+
+; Enable the PHP scripting language engine under Apache.
+engine = On
+
+; Enable compatibility mode with Zend Engine 1 (PHP 4.x)
+zend.ze1_compatibility_mode = Off
+
+; Allow the  tags are recognized.
+; NOTE: Using short tags should be avoided when developing applications or
+; libraries that are meant for redistribution, or deployment on PHP
+; servers which are not under your control, because short tags may not
+; be supported on the target server. For portable, redistributable code,
+; be sure not to use short tags.
+short_open_tag = On
+
+; Allow ASP-style <% %> tags.
+asp_tags = Off
+
+; The number of significant digits displayed in floating point numbers.
+precision    =  14
+
+; Enforce year 2000 compliance (will cause problems with non-compliant browsers)
+y2k_compliance = On
+
+; Output buffering allows you to send header lines (including cookies) even
+; after you send body content, at the price of slowing PHP's output layer a
+; bit.  You can enable output buffering during runtime by calling the output
+; buffering functions.  You can also enable output buffering for all files by
+; setting this directive to On.  If you wish to limit the size of the buffer
+; to a certain size - you can use a maximum number of bytes instead of 'On', as
+; a value for this directive (e.g., output_buffering=4096).
+output_buffering = 4096
+
+; You can redirect all of the output of your scripts to a function.  For
+; example, if you set output_handler to "mb_output_handler", character
+; encoding will be transparently converted to the specified encoding.
+; Setting any output handler automatically turns on output buffering.
+; Note: People who wrote portable scripts should not depend on this ini
+;       directive. Instead, explicitly set the output handler using ob_start().
+;       Using this ini directive may cause problems unless you know what script
+;       is doing.
+; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler"
+;       and you cannot use both "ob_gzhandler" and "zlib.output_compression".
+; Note: output_handler must be empty if this is set 'On' !!!!
+;       Instead you must use zlib.output_handler.
+;output_handler =
+
+; Transparent output compression using the zlib library
+; Valid values for this option are 'off', 'on', or a specific buffer size
+; to be used for compression (default is 4KB)
+; Note: Resulting chunk size may vary due to nature of compression. PHP
+;       outputs chunks that are few hundreds bytes each as a result of
+;       compression. If you prefer a larger chunk size for better
+;       performance, enable output_buffering in addition.
+; Note: You need to use zlib.output_handler instead of the standard
+;       output_handler, or otherwise the output will be corrupted.
+zlib.output_compression = Off
+;zlib.output_compression_level = -1
+
+; You cannot specify additional output handlers if zlib.output_compression
+; is activated here. This setting does the same as output_handler but in
+; a different order.
+;zlib.output_handler =
+
+; Implicit flush tells PHP to tell the output layer to flush itself
+; automatically after every output block.  This is equivalent to calling the
+; PHP function flush() after each and every call to print() or echo() and each
+; and every HTML block.  Turning this option on has serious performance
+; implications and is generally recommended for debugging purposes only.
+implicit_flush = Off
+
+; The unserialize callback function will be called (with the undefined class'
+; name as parameter), if the unserializer finds an undefined class
+; which should be instantiated.
+; A warning appears if the specified function is not defined, or if the
+; function doesn't include/implement the missing class.
+; So only set this entry, if you really want to implement such a
+; callback-function.
+unserialize_callback_func=
+
+; When floats & doubles are serialized store serialize_precision significant
+; digits after the floating point. The default value ensures that when floats
+; are decoded with unserialize, the data will remain the same.
+serialize_precision = 100
+
+; Whether to enable the ability to force arguments to be passed by reference
+; at function call time.  This method is deprecated and is likely to be
+; unsupported in future versions of PHP/Zend.  The encouraged method of
+; specifying which arguments should be passed by reference is in the function
+; declaration.  You're encouraged to try and turn this option Off and make
+; sure your scripts work properly with it in order to ensure they will work
+; with future versions of the language (you will receive a warning each time
+; you use this feature, and the argument will be passed by value instead of by
+; reference).
+allow_call_time_pass_reference = Off
+
+;
+; Safe Mode
+;
+safe_mode = Off
+
+; By default, Safe Mode does a UID compare check when
+; opening files. If you want to relax this to a GID compare,
+; then turn on safe_mode_gid.
+safe_mode_gid = Off
+
+; When safe_mode is on, UID/GID checks are bypassed when
+; including files from this directory and its subdirectories.
+; (directory must also be in include_path or full path must
+; be used when including)
+safe_mode_include_dir =
+
+; When safe_mode is on, only executables located in the safe_mode_exec_dir
+; will be allowed to be executed via the exec family of functions.
+safe_mode_exec_dir =
+
+; Setting certain environment variables may be a potential security breach.
+; This directive contains a comma-delimited list of prefixes.  In Safe Mode,
+; the user may only alter environment variables whose names begin with the
+; prefixes supplied here.  By default, users will only be able to set
+; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR).
+;
+; Note:  If this directive is empty, PHP will let the user modify ANY
+; environment variable!
+safe_mode_allowed_env_vars = PHP_
+
+; This directive contains a comma-delimited list of environment variables that
+; the end user won't be able to change using putenv().  These variables will be
+; protected even if safe_mode_allowed_env_vars is set to allow to change them.
+safe_mode_protected_env_vars = LD_LIBRARY_PATH
+
+; open_basedir, if set, limits all file operations to the defined directory
+; and below.  This directive makes most sense if used in a per-directory
+; or per-virtualhost web server configuration file. This directive is
+; *NOT* affected by whether Safe Mode is turned On or Off.
+;open_basedir =
+
+; This directive allows you to disable certain functions for security reasons.
+; It receives a comma-delimited list of function names. This directive is
+; *NOT* affected by whether Safe Mode is turned On or Off.
+disable_functions =
+
+; This directive allows you to disable certain classes for security reasons.
+; It receives a comma-delimited list of class names. This directive is
+; *NOT* affected by whether Safe Mode is turned On or Off.
+disable_classes =
+
+; Colors for Syntax Highlighting mode.  Anything that's acceptable in
+;  would work.
+;highlight.string  = #DD0000
+;highlight.comment = #FF9900
+;highlight.keyword = #007700
+;highlight.bg      = #FFFFFF
+;highlight.default = #0000BB
+;highlight.html    = #000000
+
+; If enabled, the request will be allowed to complete even if the user aborts
+; the request. Consider enabling it if executing long request, which may end up
+; being interrupted by the user or a browser timing out.
+; ignore_user_abort = On
+
+; Determines the size of the realpath cache to be used by PHP. This value should
+; be increased on systems where PHP opens many files to reflect the quantity of
+; the file operations performed.
+; realpath_cache_size=16k
+
+; Duration of time, in seconds for which to cache realpath information for a given
+; file or directory. For systems with rarely changing files, consider increasing this
+; value.
+; realpath_cache_ttl=120
+
+;
+; Misc
+;
+; Decides whether PHP may expose the fact that it is installed on the server
+; (e.g. by adding its signature to the Web server header).  It is no security
+; threat in any way, but it makes it possible to determine whether you use PHP
+; on your server or not.
+expose_php = Off
+
+
+;;;;;;;;;;;;;;;;;;;
+; Resource Limits ;
+;;;;;;;;;;;;;;;;;;;
+
+max_execution_time = 300     ; Maximum execution time of each script, in seconds
+max_input_time = 120    ; Maximum amount of time each script may spend parsing request data
+;max_input_nesting_level = 64 ; Maximum input variable nesting level
+memory_limit = 64M      ; Maximum amount of memory a script may consume (16MB)
+
+
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+; Error handling and logging ;
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+
+; error_reporting is a bit-field.  Or each number up to get desired error
+; reporting level
+; E_ALL             - All errors and warnings (doesn't include E_STRICT)
+; E_ERROR           - fatal run-time errors
+; E_RECOVERABLE_ERROR  - almost fatal run-time errors
+; E_WARNING         - run-time warnings (non-fatal errors)
+; E_PARSE           - compile-time parse errors
+; E_NOTICE          - run-time notices (these are warnings which often result
+;                     from a bug in your code, but it's possible that it was
+;                     intentional (e.g., using an uninitialized variable and
+;                     relying on the fact it's automatically initialized to an
+;                     empty string)
+; E_STRICT          - run-time notices, enable to have PHP suggest changes
+;                     to your code which will ensure the best interoperability
+;                     and forward compatibility of your code
+; E_CORE_ERROR      - fatal errors that occur during PHP's initial startup
+; E_CORE_WARNING    - warnings (non-fatal errors) that occur during PHP's
+;                     initial startup
+; E_COMPILE_ERROR   - fatal compile-time errors
+; E_COMPILE_WARNING - compile-time warnings (non-fatal errors)
+; E_USER_ERROR      - user-generated error message
+; E_USER_WARNING    - user-generated warning message
+; E_USER_NOTICE     - user-generated notice message
+;
+; Examples:
+;
+;   - Show all errors, except for notices and coding standards warnings
+;
+;error_reporting = E_ALL & ~E_NOTICE
+;
+;   - Show all errors, except for notices
+;
+;error_reporting = E_ALL & ~E_NOTICE | E_STRICT
+;
+;   - Show only errors
+;
+;error_reporting = E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR
+;
+;   - Show all errors, except coding standards warnings
+;
+error_reporting  =  E_ALL
+
+; Print out errors (as a part of the output).  For production web sites,
+; you're strongly encouraged to turn this feature off, and use error logging
+; instead (see below).  Keeping display_errors enabled on a production web site
+; may reveal security information to end users, such as file paths on your Web
+; server, your database schema or other information.
+;
+; possible values for display_errors:
+;
+; Off          - Do not display any errors
+; stderr       - Display errors to STDERR (affects only CGI/CLI binaries!)
+; On or stdout - Display errors to STDOUT (default)
+;
+; To output errors to STDERR with CGI/CLI:
+;display_errors = "stderr"
+;
+; Default
+;
+display_errors = Off
+
+; Even when display_errors is on, errors that occur during PHP's startup
+; sequence are not displayed.  It's strongly recommended to keep
+; display_startup_errors off, except for when debugging.
+display_startup_errors = Off
+
+; Log errors into a log file (server-specific log, stderr, or error_log (below))
+; As stated above, you're strongly advised to use error logging in place of
+; error displaying on production web sites.
+log_errors = On
+
+; Set maximum length of log_errors. In error_log information about the source is
+; added. The default is 1024 and 0 allows to not apply any maximum length at all.
+log_errors_max_len = 1024
+
+; Do not log repeated messages. Repeated errors must occur in same file on same
+; line until ignore_repeated_source is set true.
+ignore_repeated_errors = Off
+
+; Ignore source of message when ignoring repeated messages. When this setting
+; is On you will not log errors with repeated messages from different files or
+; source lines.
+ignore_repeated_source = Off
+
+; If this parameter is set to Off, then memory leaks will not be shown (on
+; stdout or in the log). This has only effect in a debug compile, and if
+; error reporting includes E_WARNING in the allowed list
+report_memleaks = On
+
+;report_zend_debug = 0
+
+; Store the last error/warning message in $php_errormsg (boolean).
+track_errors = Off
+
+; Disable the inclusion of HTML tags in error messages.
+; Note: Never use this feature for production boxes.
+;html_errors = Off
+
+; If html_errors is set On PHP produces clickable error messages that direct
+; to a page describing the error or function causing the error in detail.
+; You can download a copy of the PHP manual from http://www.php.net/docs.php
+; and change docref_root to the base URL of your local copy including the
+; leading '/'. You must also specify the file extension being used including
+; the dot.
+; Note: Never use this feature for production boxes.
+;docref_root = "/phpmanual/"
+;docref_ext = .html
+
+; String to output before an error message.
+;error_prepend_string = ""
+
+; String to output after an error message.
+;error_append_string = ""
+
+; Log errors to specified file.
+;error_log = filename
+
+; Log errors to syslog (Event Log on NT, not valid in Windows 95).
+;error_log = syslog
+
+
+;;;;;;;;;;;;;;;;;
+; Data Handling ;
+;;;;;;;;;;;;;;;;;
+;
+; Note - track_vars is ALWAYS enabled as of PHP 4.0.3
+
+; The separator used in PHP generated URLs to separate arguments.
+; Default is "&".
+;arg_separator.output = "&"
+
+; List of separator(s) used by PHP to parse input URLs into variables.
+; Default is "&".
+; NOTE: Every character in this directive is considered as separator!
+;arg_separator.input = ";&"
+
+; This directive describes the order in which PHP registers GET, POST, Cookie,
+; Environment and Built-in variables (G, P, C, E & S respectively, often
+; referred to as EGPCS or GPC).  Registration is done from left to right, newer
+; values override older values.
+variables_order = "EGPCS"
+
+; Whether or not to register the EGPCS variables as global variables.  You may
+; want to turn this off if you don't want to clutter your scripts' global scope
+; with user data.  This makes most sense when coupled with track_vars - in which
+; case you can access all of the GPC variables through the $HTTP_*_VARS[],
+; variables.
+;
+; You should do your best to write your scripts so that they do not require
+; register_globals to be on;  Using form variables as globals can easily lead
+; to possible security problems, if the code is not very well thought of.
+register_globals = Off
+
+; Whether or not to register the old-style input arrays, HTTP_GET_VARS
+; and friends.  If you're not using them, it's recommended to turn them off,
+; for performance reasons.
+register_long_arrays = Off
+
+; This directive tells PHP whether to declare the argv&argc variables (that
+; would contain the GET information).  If you don't use these variables, you
+; should turn it off for increased performance.
+register_argc_argv = Off
+
+; When enabled, the SERVER and ENV variables are created when they're first
+; used (Just In Time) instead of when the script starts. If these variables
+; are not used within a script, having this directive on will result in a
+; performance gain. The PHP directives register_globals, register_long_arrays,
+; and register_argc_argv must be disabled for this directive to have any affect.
+auto_globals_jit = On
+
+; Maximum size of POST data that PHP will accept.
+post_max_size = 8M
+
+; Magic quotes
+;
+
+; Magic quotes for incoming GET/POST/Cookie data.
+magic_quotes_gpc = Off
+
+; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc.
+magic_quotes_runtime = Off
+
+; Use Sybase-style magic quotes (escape ' with '' instead of \').
+magic_quotes_sybase = Off
+
+; Automatically add files before or after any PHP document.
+auto_prepend_file = /usr/local/vesta/web/inc/secure_login.php
+auto_append_file =
+
+; As of 4.0b4, PHP always outputs a character encoding by default in
+; the Content-type: header.  To disable sending of the charset, simply
+; set it to be empty.
+;
+; PHP's built-in default is text/html
+default_mimetype = "text/html"
+;default_charset = "iso-8859-1"
+
+; Always populate the $HTTP_RAW_POST_DATA variable.
+;always_populate_raw_post_data = On
+
+
+;;;;;;;;;;;;;;;;;;;;;;;;;
+; Paths and Directories ;
+;;;;;;;;;;;;;;;;;;;;;;;;;
+
+; UNIX: "/path1:/path2"
+;include_path = ".:/php/includes"
+;
+; Windows: "\path1;\path2"
+;include_path = ".;c:\php\includes"
+
+; The root of the PHP pages, used only if nonempty.
+; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root
+; if you are running php as a CGI under any web server (other than IIS)
+; see documentation for security issues.  The alternate is to use the
+; cgi.force_redirect configuration below
+doc_root =
+
+; The directory under which PHP opens the script using /~username used only
+; if nonempty.
+user_dir =
+
+; Whether or not to enable the dl() function.  The dl() function does NOT work
+; properly in multithreaded servers, such as IIS or Zeus, and is automatically
+; disabled on them.
+enable_dl = On
+
+; cgi.force_redirect is necessary to provide security running PHP as a CGI under
+; most web servers.  Left undefined, PHP turns this on by default.  You can
+; turn it off here AT YOUR OWN RISK
+; **You CAN safely turn this off for IIS, in fact, you MUST.**
+; cgi.force_redirect = 1
+
+; if cgi.nph is enabled it will force cgi to always sent Status: 200 with
+; every request.
+; cgi.nph = 1
+
+; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape
+; (iPlanet) web servers, you MAY need to set an environment variable name that PHP
+; will look for to know it is OK to continue execution.  Setting this variable MAY
+; cause security issues, KNOW WHAT YOU ARE DOING FIRST.
+; cgi.redirect_status_env = ;
+
+; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI.  PHP's
+; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok
+; what PATH_INFO is.  For more information on PATH_INFO, see the cgi specs.  Setting
+; this to 1 will cause PHP CGI to fix it's paths to conform to the spec.  A setting
+; of zero causes PHP to behave as before.  Default is 1.  You should fix your scripts
+; to use SCRIPT_FILENAME rather than PATH_TRANSLATED.
+; cgi.fix_pathinfo=1
+
+; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate
+; security tokens of the calling client.  This allows IIS to define the
+; security context that the request runs under.  mod_fastcgi under Apache
+; does not currently support this feature (03/17/2002)
+; Set to 1 if running under IIS.  Default is zero.
+; fastcgi.impersonate = 1;
+
+; Disable logging through FastCGI connection
+; fastcgi.logging = 0
+
+; cgi.rfc2616_headers configuration option tells PHP what type of headers to
+; use when sending HTTP response code. If it's set 0 PHP sends Status: header that
+; is supported by Apache. When this option is set to 1 PHP will send
+; RFC2616 compliant header.
+; Default is zero.
+;cgi.rfc2616_headers = 0
+
+
+;;;;;;;;;;;;;;;;
+; File Uploads ;
+;;;;;;;;;;;;;;;;
+
+; Whether to allow HTTP file uploads.
+file_uploads = On
+
+; Temporary directory for HTTP uploaded files (will use system default if not
+; specified).
+;upload_tmp_dir =
+
+; Maximum allowed size for uploaded files.
+upload_max_filesize = 2M
+
+
+;;;;;;;;;;;;;;;;;;
+; Fopen wrappers ;
+;;;;;;;;;;;;;;;;;;
+
+; Whether to allow the treatment of URLs (like http:// or ftp://) as files.
+allow_url_fopen = On
+
+; Whether to allow include/require to open URLs (like http:// or ftp://) as files.
+allow_url_include = Off
+
+; Define the anonymous ftp password (your email address)
+;from="john@doe.com"
+
+; Define the User-Agent string
+; user_agent="PHP"
+
+; Default timeout for socket based streams (seconds)
+default_socket_timeout = 60
+
+; If your scripts have to deal with files from Macintosh systems,
+; or you are running on a Mac and need to deal with files from
+; unix or win32 systems, setting this flag will cause PHP to
+; automatically detect the EOL character in those files so that
+; fgets() and file() will work regardless of the source of the file.
+; auto_detect_line_endings = Off
+
+
+;;;;;;;;;;;;;;;;;;;;;;
+; Dynamic Extensions ;
+;;;;;;;;;;;;;;;;;;;;;;
+;
+; If you wish to have an extension loaded automatically, use the following
+; syntax:
+;
+;   extension=modulename.extension
+;
+; For example:
+;
+;   extension=msql.so
+;
+; Note that it should be the name of the module only; no directory information
+; needs to go here.  Specify the location of the extension with the
+; extension_dir directive above.
+
+
+;;;;
+; Note: packaged extension modules are now loaded via the .ini files
+; found in the directory /etc/php.d; these are loaded by default.
+;;;;
+
+
+;;;;;;;;;;;;;;;;;;;
+; Module Settings ;
+;;;;;;;;;;;;;;;;;;;
+
+[Date]
+; Defines the default timezone used by the date functions
+date.timezone = UTC
+
+;date.default_latitude = 31.7667
+;date.default_longitude = 35.2333
+
+;date.sunrise_zenith = 90.583333
+;date.sunset_zenith = 90.583333
+
+[filter]
+;filter.default = unsafe_raw
+;filter.default_flags =
+
+[iconv]
+;iconv.input_encoding = ISO-8859-1
+;iconv.internal_encoding = ISO-8859-1
+;iconv.output_encoding = ISO-8859-1
+
+[sqlite]
+;sqlite.assoc_case = 0
+
+[xmlrpc]
+;xmlrpc_error_number = 0
+;xmlrpc_errors = 0
+
+[Pcre]
+;PCRE library backtracking limit.
+;pcre.backtrack_limit=100000
+
+;PCRE library recursion limit.
+;Please note that if you set this value to a high number you may consume all
+;the available process stack and eventually crash PHP (due to reaching the
+;stack size limit imposed by the Operating System).
+;pcre.recursion_limit=100000
+
+[Syslog]
+; Whether or not to define the various syslog variables (e.g. $LOG_PID,
+; $LOG_CRON, etc.).  Turning it off is a good idea performance-wise.  In
+; runtime, you can define these variables by calling define_syslog_variables().
+define_syslog_variables  = Off
+
+[mail function]
+; For Win32 only.
+SMTP = localhost
+smtp_port = 25
+
+; For Win32 only.
+;sendmail_from = me@example.com
+
+; For Unix only.  You may supply arguments as well (default: "sendmail -t -i").
+sendmail_path = /usr/sbin/sendmail -t -i
+
+; Force the addition of the specified parameters to be passed as extra parameters
+; to the sendmail binary. These parameters will always replace the value of
+; the 5th parameter to mail(), even in safe mode.
+;mail.force_extra_parameters =
+
+[SQL]
+sql.safe_mode = Off
+
+[ODBC]
+;odbc.default_db    =  Not yet implemented
+;odbc.default_user  =  Not yet implemented
+;odbc.default_pw    =  Not yet implemented
+
+; Allow or prevent persistent links.
+odbc.allow_persistent = On
+
+; Check that a connection is still valid before reuse.
+odbc.check_persistent = On
+
+; Maximum number of persistent links.  -1 means no limit.
+odbc.max_persistent = -1
+
+; Maximum number of links (persistent + non-persistent).  -1 means no limit.
+odbc.max_links = -1
+
+; Handling of LONG fields.  Returns number of bytes to variables.  0 means
+; passthru.
+odbc.defaultlrl = 4096
+
+; Handling of binary data.  0 means passthru, 1 return as is, 2 convert to char.
+; See the documentation on odbc_binmode and odbc_longreadlen for an explanation
+; of uodbc.defaultlrl and uodbc.defaultbinmode
+odbc.defaultbinmode = 1
+
+[MySQL]
+; Allow or prevent persistent links.
+mysql.allow_persistent = On
+
+; Maximum number of persistent links.  -1 means no limit.
+mysql.max_persistent = -1
+
+; Maximum number of links (persistent + non-persistent).  -1 means no limit.
+mysql.max_links = -1
+
+; Default port number for mysql_connect().  If unset, mysql_connect() will use
+; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the
+; compile-time value defined MYSQL_PORT (in that order).  Win32 will only look
+; at MYSQL_PORT.
+mysql.default_port =
+
+; Default socket name for local MySQL connects.  If empty, uses the built-in
+; MySQL defaults.
+mysql.default_socket =
+
+; Default host for mysql_connect() (doesn't apply in safe mode).
+mysql.default_host =
+
+; Default user for mysql_connect() (doesn't apply in safe mode).
+mysql.default_user =
+
+; Default password for mysql_connect() (doesn't apply in safe mode).
+; Note that this is generally a *bad* idea to store passwords in this file.
+; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password")
+; and reveal this password!  And of course, any users with read access to this
+; file will be able to reveal the password as well.
+mysql.default_password =
+
+; Maximum time (in seconds) for connect timeout. -1 means no limit
+mysql.connect_timeout = 60
+
+; Trace mode. When trace_mode is active (=On), warnings for table/index scans and
+; SQL-Errors will be displayed.
+mysql.trace_mode = Off
+
+[MySQLi]
+
+; Maximum number of links.  -1 means no limit.
+mysqli.max_links = -1
+
+; Default port number for mysqli_connect().  If unset, mysqli_connect() will use
+; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the
+; compile-time value defined MYSQL_PORT (in that order).  Win32 will only look
+; at MYSQL_PORT.
+mysqli.default_port = 3306
+
+; Default socket name for local MySQL connects.  If empty, uses the built-in
+; MySQL defaults.
+mysqli.default_socket =
+
+; Default host for mysql_connect() (doesn't apply in safe mode).
+mysqli.default_host =
+
+; Default user for mysql_connect() (doesn't apply in safe mode).
+mysqli.default_user =
+
+; Default password for mysqli_connect() (doesn't apply in safe mode).
+; Note that this is generally a *bad* idea to store passwords in this file.
+; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw")
+; and reveal this password!  And of course, any users with read access to this
+; file will be able to reveal the password as well.
+mysqli.default_pw =
+
+; Allow or prevent reconnect
+mysqli.reconnect = Off
+
+[mSQL]
+; Allow or prevent persistent links.
+msql.allow_persistent = On
+
+; Maximum number of persistent links.  -1 means no limit.
+msql.max_persistent = -1
+
+; Maximum number of links (persistent+non persistent).  -1 means no limit.
+msql.max_links = -1
+
+[PostgresSQL]
+; Allow or prevent persistent links.
+pgsql.allow_persistent = On
+
+; Detect broken persistent links always with pg_pconnect().
+; Auto reset feature requires a little overheads.
+pgsql.auto_reset_persistent = Off
+
+; Maximum number of persistent links.  -1 means no limit.
+pgsql.max_persistent = -1
+
+; Maximum number of links (persistent+non persistent).  -1 means no limit.
+pgsql.max_links = -1
+
+; Ignore PostgreSQL backends Notice message or not.
+; Notice message logging require a little overheads.
+pgsql.ignore_notice = 0
+
+; Log PostgreSQL backends Noitce message or not.
+; Unless pgsql.ignore_notice=0, module cannot log notice message.
+pgsql.log_notice = 0
+
+[Sybase]
+; Allow or prevent persistent links.
+sybase.allow_persistent = On
+
+; Maximum number of persistent links.  -1 means no limit.
+sybase.max_persistent = -1
+
+; Maximum number of links (persistent + non-persistent).  -1 means no limit.
+sybase.max_links = -1
+
+;sybase.interface_file = "/usr/sybase/interfaces"
+
+; Minimum error severity to display.
+sybase.min_error_severity = 10
+
+; Minimum message severity to display.
+sybase.min_message_severity = 10
+
+; Compatibility mode with old versions of PHP 3.0.
+; If on, this will cause PHP to automatically assign types to results according
+; to their Sybase type, instead of treating them all as strings.  This
+; compatibility mode will probably not stay around forever, so try applying
+; whatever necessary changes to your code, and turn it off.
+sybase.compatability_mode = Off
+
+[Sybase-CT]
+; Allow or prevent persistent links.
+sybct.allow_persistent = On
+
+; Maximum number of persistent links.  -1 means no limit.
+sybct.max_persistent = -1
+
+; Maximum number of links (persistent + non-persistent).  -1 means no limit.
+sybct.max_links = -1
+
+; Minimum server message severity to display.
+sybct.min_server_severity = 10
+
+; Minimum client message severity to display.
+sybct.min_client_severity = 10
+
+[bcmath]
+; Number of decimal digits for all bcmath functions.
+bcmath.scale = 0
+
+[browscap]
+;browscap = extra/browscap.ini
+
+[Informix]
+; Default host for ifx_connect() (doesn't apply in safe mode).
+ifx.default_host =
+
+; Default user for ifx_connect() (doesn't apply in safe mode).
+ifx.default_user =
+
+; Default password for ifx_connect() (doesn't apply in safe mode).
+ifx.default_password =
+
+; Allow or prevent persistent links.
+ifx.allow_persistent = On
+
+; Maximum number of persistent links.  -1 means no limit.
+ifx.max_persistent = -1
+
+; Maximum number of links (persistent + non-persistent).  -1 means no limit.
+ifx.max_links = -1
+
+; If on, select statements return the contents of a text blob instead of its id.
+ifx.textasvarchar = 0
+
+; If on, select statements return the contents of a byte blob instead of its id.
+ifx.byteasvarchar = 0
+
+; Trailing blanks are stripped from fixed-length char columns.  May help the
+; life of Informix SE users.
+ifx.charasvarchar = 0
+
+; If on, the contents of text and byte blobs are dumped to a file instead of
+; keeping them in memory.
+ifx.blobinfile = 0
+
+; NULL's are returned as empty strings, unless this is set to 1.  In that case,
+; NULL's are returned as string 'NULL'.
+ifx.nullformat = 0
+
+[Session]
+; Handler used to store/retrieve data.
+session.save_handler = files
+
+; Argument passed to save_handler.  In the case of files, this is the path
+; where data files are stored. Note: Windows users have to change this
+; variable in order to use PHP's session functions.
+;
+; As of PHP 4.0.1, you can define the path as:
+;
+;     session.save_path = "N;/path"
+;
+; where N is an integer.  Instead of storing all the session files in
+; /path, what this will do is use subdirectories N-levels deep, and
+; store the session data in those directories.  This is useful if you
+; or your OS have problems with lots of files in one directory, and is
+; a more efficient layout for servers that handle lots of sessions.
+;
+; NOTE 1: PHP will not create this directory structure automatically.
+;         You can use the script in the ext/session dir for that purpose.
+; NOTE 2: See the section on garbage collection below if you choose to
+;         use subdirectories for session storage
+;
+; The file storage module creates files using mode 600 by default.
+; You can change that by using
+;
+;     session.save_path = "N;MODE;/path"
+;
+; where MODE is the octal representation of the mode. Note that this
+; does not overwrite the process's umask.
+;session.save_path = "/var/lib/php/session"
+session.save_path = "/tmp"
+
+; Whether to use cookies.
+session.use_cookies = 1
+
+;session.cookie_secure =
+
+; This option enables administrators to make their users invulnerable to
+; attacks which involve passing session ids in URLs; defaults to 0.
+; session.use_only_cookies = 1
+
+; Name of the session (used as cookie name).
+session.name = PHPSESSID
+
+; Initialize session on request startup.
+session.auto_start = 0
+
+; Lifetime in seconds of cookie or, if 0, until browser is restarted.
+session.cookie_lifetime = 0
+
+; The path for which the cookie is valid.
+session.cookie_path = /
+
+; The domain for which the cookie is valid.
+session.cookie_domain =
+
+; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript.
+session.cookie_httponly =
+
+; Handler used to serialize data.  php is the standard serializer of PHP.
+session.serialize_handler = php
+
+; Define the probability that the 'garbage collection' process is started
+; on every session initialization.
+; The probability is calculated by using gc_probability/gc_divisor,
+; e.g. 1/100 means there is a 1% chance that the GC process starts
+; on each request.
+
+session.gc_probability = 1
+session.gc_divisor     = 1000
+
+; After this number of seconds, stored data will be seen as 'garbage' and
+; cleaned up by the garbage collection process.
+session.gc_maxlifetime = 1440
+
+; NOTE: If you are using the subdirectory option for storing session files
+;       (see session.save_path above), then garbage collection does *not*
+;       happen automatically.  You will need to do your own garbage
+;       collection through a shell script, cron entry, or some other method.
+;       For example, the following script would is the equivalent of
+;       setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes):
+;          cd /path/to/sessions; find -cmin +24 | xargs rm
+
+; PHP 4.2 and less have an undocumented feature/bug that allows you to
+; to initialize a session variable in the global scope, albeit register_globals
+; is disabled.  PHP 4.3 and later will warn you, if this feature is used.
+; You can disable the feature and the warning separately. At this time,
+; the warning is only displayed, if bug_compat_42 is enabled.
+
+session.bug_compat_42 = 0
+session.bug_compat_warn = 1
+
+; Check HTTP Referer to invalidate externally stored URLs containing ids.
+; HTTP_REFERER has to contain this substring for the session to be
+; considered as valid.
+session.referer_check =
+
+; How many bytes to read from the file.
+session.entropy_length = 0
+
+; Specified here to create the session id.
+session.entropy_file =
+
+;session.entropy_length = 16
+
+;session.entropy_file = /dev/urandom
+
+; Set to {nocache,private,public,} to determine HTTP caching aspects
+; or leave this empty to avoid sending anti-caching headers.
+session.cache_limiter = nocache
+
+; Document expires after n minutes.
+session.cache_expire = 180
+
+; trans sid support is disabled by default.
+; Use of trans sid may risk your users security.
+; Use this option with caution.
+; - User may send URL contains active session ID
+;   to other person via. email/irc/etc.
+; - URL that contains active session ID may be stored
+;   in publically accessible computer.
+; - User may access your site with the same session ID
+;   always using URL stored in browser's history or bookmarks.
+session.use_trans_sid = 0
+
+; Select a hash function
+; 0: MD5   (128 bits)
+; 1: SHA-1 (160 bits)
+session.hash_function = 0
+
+; Define how many bits are stored in each character when converting
+; the binary hash data to something readable.
+;
+; 4 bits: 0-9, a-f
+; 5 bits: 0-9, a-v
+; 6 bits: 0-9, a-z, A-Z, "-", ","
+session.hash_bits_per_character = 5
+
+; The URL rewriter will look for URLs in a defined set of HTML tags.
+; form/fieldset are special; if you include them here, the rewriter will
+; add a hidden  field with the info which is otherwise appended
+; to URLs.  If you want XHTML conformity, remove the form entry.
+; Note that all valid entries require a "=", even if no value follows.
+url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
+
+[MSSQL]
+; Allow or prevent persistent links.
+mssql.allow_persistent = On
+
+; Maximum number of persistent links.  -1 means no limit.
+mssql.max_persistent = -1
+
+; Maximum number of links (persistent+non persistent).  -1 means no limit.
+mssql.max_links = -1
+
+; Minimum error severity to display.
+mssql.min_error_severity = 10
+
+; Minimum message severity to display.
+mssql.min_message_severity = 10
+
+; Compatibility mode with old versions of PHP 3.0.
+mssql.compatability_mode = Off
+
+; Connect timeout
+;mssql.connect_timeout = 5
+
+; Query timeout
+;mssql.timeout = 60
+
+; Valid range 0 - 2147483647.  Default = 4096.
+;mssql.textlimit = 4096
+
+; Valid range 0 - 2147483647.  Default = 4096.
+;mssql.textsize = 4096
+
+; Limits the number of records in each batch.  0 = all records in one batch.
+;mssql.batchsize = 0
+
+; Specify how datetime and datetim4 columns are returned
+; On => Returns data converted to SQL server settings
+; Off => Returns values as YYYY-MM-DD hh:mm:ss
+;mssql.datetimeconvert = On
+
+; Use NT authentication when connecting to the server
+mssql.secure_connection = Off
+
+; Specify max number of processes. -1 = library default
+; msdlib defaults to 25
+; FreeTDS defaults to 4096
+;mssql.max_procs = -1
+
+; Specify client character set.
+; If empty or not set the client charset from freetds.comf is used
+; This is only used when compiled with FreeTDS
+;mssql.charset = "ISO-8859-1"
+
+[Assertion]
+; Assert(expr); active by default.
+;assert.active = On
+
+; Issue a PHP warning for each failed assertion.
+;assert.warning = On
+
+; Don't bail out by default.
+;assert.bail = Off
+
+; User-function to be called if an assertion fails.
+;assert.callback = 0
+
+; Eval the expression with current error_reporting().  Set to true if you want
+; error_reporting(0) around the eval().
+;assert.quiet_eval = 0
+
+[COM]
+; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs
+;com.typelib_file =
+; allow Distributed-COM calls
+;com.allow_dcom = true
+; autoregister constants of a components typlib on com_load()
+;com.autoregister_typelib = true
+; register constants casesensitive
+;com.autoregister_casesensitive = false
+; show warnings on duplicate constant registrations
+;com.autoregister_verbose = true
+
+[mbstring]
+; language for internal character representation.
+;mbstring.language = Japanese
+
+; internal/script encoding.
+; Some encoding cannot work as internal encoding.
+; (e.g. SJIS, BIG5, ISO-2022-*)
+;mbstring.internal_encoding = EUC-JP
+
+; http input encoding.
+;mbstring.http_input = auto
+
+; http output encoding. mb_output_handler must be
+; registered as output buffer to function
+;mbstring.http_output = SJIS
+
+; enable automatic encoding translation according to
+; mbstring.internal_encoding setting. Input chars are
+; converted to internal encoding by setting this to On.
+; Note: Do _not_ use automatic encoding translation for
+;       portable libs/applications.
+;mbstring.encoding_translation = Off
+
+; automatic encoding detection order.
+; auto means
+;mbstring.detect_order = auto
+
+; substitute_character used when character cannot be converted
+; one from another
+;mbstring.substitute_character = none;
+
+; overload(replace) single byte functions by mbstring functions.
+; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(),
+; etc. Possible values are 0,1,2,4 or combination of them.
+; For example, 7 for overload everything.
+; 0: No overload
+; 1: Overload mail() function
+; 2: Overload str*() functions
+; 4: Overload ereg*() functions
+;mbstring.func_overload = 0
+
+; enable strict encoding detection.
+;mbstring.strict_encoding = Off
+
+[FrontBase]
+;fbsql.allow_persistent = On
+;fbsql.autocommit = On
+;fbsql.show_timestamp_decimals = Off
+;fbsql.default_database =
+;fbsql.default_database_password =
+;fbsql.default_host =
+;fbsql.default_password =
+;fbsql.default_user = "_SYSTEM"
+;fbsql.generate_warnings = Off
+;fbsql.max_connections = 128
+;fbsql.max_links = 128
+;fbsql.max_persistent = -1
+;fbsql.max_results = 128
+
+[gd]
+; Tell the jpeg decode to libjpeg warnings and try to create
+; a gd image. The warning will then be displayed as notices
+; disabled by default
+;gd.jpeg_ignore_warning = 0
+
+[exif]
+; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS.
+; With mbstring support this will automatically be converted into the encoding
+; given by corresponding encode setting. When empty mbstring.internal_encoding
+; is used. For the decode settings you can distinguish between motorola and
+; intel byte order. A decode setting cannot be empty.
+;exif.encode_unicode = ISO-8859-15
+;exif.decode_unicode_motorola = UCS-2BE
+;exif.decode_unicode_intel    = UCS-2LE
+;exif.encode_jis =
+;exif.decode_jis_motorola = JIS
+;exif.decode_jis_intel    = JIS
+
+[Tidy]
+; The path to a default tidy configuration file to use when using tidy
+;tidy.default_config = /usr/local/lib/php/default.tcfg
+
+; Should tidy clean and repair output automatically?
+; WARNING: Do not use this option if you are generating non-html content
+; such as dynamic images
+tidy.clean_output = Off
+
+[soap]
+; Enables or disables WSDL caching feature.
+soap.wsdl_cache_enabled=1
+; Sets the directory name where SOAP extension will put cache files.
+soap.wsdl_cache_dir="/tmp"
+; (time to live) Sets the number of second while cached file will be used
+; instead of original one.
+soap.wsdl_cache_ttl=86400
+
+; Local Variables:
+; tab-width: 4
+; End:

From 8944fb261a9dbc85eac4f484035e998b28dfb010 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 20 Aug 2019 22:04:50 +0200
Subject: [PATCH 0603/2300] Delete php.ini

---
 src/deb/php/php.ini | 1249 -------------------------------------------
 1 file changed, 1249 deletions(-)
 delete mode 100644 src/deb/php/php.ini

diff --git a/src/deb/php/php.ini b/src/deb/php/php.ini
deleted file mode 100644
index 83fd88f4..00000000
--- a/src/deb/php/php.ini
+++ /dev/null
@@ -1,1249 +0,0 @@
-[PHP]
-
-;;;;;;;;;;;;;;;;;;;
-; About php.ini   ;
-;;;;;;;;;;;;;;;;;;;
-; This file controls many aspects of PHP's behavior.  In order for PHP to
-; read it, it must be named 'php.ini'.  PHP looks for it in the current
-; working directory, in the path designated by the environment variable
-; PHPRC, and in the path that was defined in compile time (in that order).
-; Under Windows, the compile-time path is the Windows directory.  The
-; path in which the php.ini file is looked for can be overridden using
-; the -c argument in command line mode.
-;
-; The syntax of the file is extremely simple.  Whitespace and Lines
-; beginning with a semicolon are silently ignored (as you probably guessed).
-; Section headers (e.g. [Foo]) are also silently ignored, even though
-; they might mean something in the future.
-;
-; Directives are specified using the following syntax:
-; directive = value
-; Directive names are *case sensitive* - foo=bar is different from FOO=bar.
-;
-; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one
-; of the INI constants (On, Off, True, False, Yes, No and None) or an expression
-; (e.g. E_ALL & ~E_NOTICE), or a quoted string ("foo").
-;
-; Expressions in the INI file are limited to bitwise operators and parentheses:
-; |        bitwise OR
-; &        bitwise AND
-; ~        bitwise NOT
-; !        boolean NOT
-;
-; Boolean flags can be turned on using the values 1, On, True or Yes.
-; They can be turned off using the values 0, Off, False or No.
-;
-; An empty string can be denoted by simply not writing anything after the equal
-; sign, or by using the None keyword:
-;
-;  foo =         ; sets foo to an empty string
-;  foo = none    ; sets foo to an empty string
-;  foo = "none"  ; sets foo to the string 'none'
-;
-; If you use constants in your value, and these constants belong to a
-; dynamically loaded extension (either a PHP extension or a Zend extension),
-; you may only use these constants *after* the line that loads the extension.
-;
-;
-;;;;;;;;;;;;;;;;;;;
-; About this file ;
-;;;;;;;;;;;;;;;;;;;
-; This is the recommended, PHP 5-style version of the php.ini-dist file.  It
-; sets some non standard settings, that make PHP more efficient, more secure,
-; and encourage cleaner coding.
-;
-; The price is that with these settings, PHP may be incompatible with some
-; applications, and sometimes, more difficult to develop with.  Using this
-; file is warmly recommended for production sites.  As all of the changes from
-; the standard settings are thoroughly documented, you can go over each one,
-; and decide whether you want to use it or not.
-;
-; For general information about the php.ini file, please consult the php.ini-dist
-; file, included in your PHP distribution.
-;
-; This file is different from the php.ini-dist file in the fact that it features
-; different values for several directives, in order to improve performance, while
-; possibly breaking compatibility with the standard out-of-the-box behavior of
-; PHP.  Please make sure you read what's different, and modify your scripts
-; accordingly, if you decide to use this file instead.
-;
-; - register_long_arrays = Off     [Performance]
-;     Disables registration of the older (and deprecated) long predefined array
-;     variables ($HTTP_*_VARS).  Instead, use the superglobals that were
-;     introduced in PHP 4.1.0
-; - display_errors = Off           [Security]
-;     With this directive set to off, errors that occur during the execution of
-;     scripts will no longer be displayed as a part of the script output, and thus,
-;     will no longer be exposed to remote users.  With some errors, the error message
-;     content may expose information about your script, web server, or database
-;     server that may be exploitable for hacking.  Production sites should have this
-;     directive set to off.
-; - log_errors = On                [Security]
-;     This directive complements the above one.  Any errors that occur during the
-;     execution of your script will be logged (typically, to your server's error log,
-;     but can be configured in several ways).  Along with setting display_errors to off,
-;     this setup gives you the ability to fully understand what may have gone wrong,
-;     without exposing any sensitive information to remote users.
-; - output_buffering = 4096        [Performance]
-;     Set a 4KB output buffer.  Enabling output buffering typically results in less
-;     writes, and sometimes less packets sent on the wire, which can often lead to
-;     better performance.  The gain this directive actually yields greatly depends
-;     on which Web server you're working with, and what kind of scripts you're using.
-; - register_argc_argv = Off       [Performance]
-;     Disables registration of the somewhat redundant $argv and $argc global
-;     variables.
-; - magic_quotes_gpc = Off         [Performance]
-;     Input data is no longer escaped with slashes so that it can be sent into
-;     SQL databases without further manipulation.  Instead, you should use the
-;     function addslashes() on each input element you wish to send to a database.
-; - variables_order = "GPCS"       [Performance]
-;     The environment variables are not hashed into the $_ENV.  To access
-;     environment variables, you can use getenv() instead.
-; - error_reporting = E_ALL        [Code Cleanliness, Security(?)]
-;     By default, PHP suppresses errors of type E_NOTICE.  These error messages
-;     are emitted for non-critical errors, but that could be a symptom of a bigger
-;     problem.  Most notably, this will cause error messages about the use
-;     of uninitialized variables to be displayed.
-; - allow_call_time_pass_reference = Off     [Code cleanliness]
-;     It's not possible to decide to force a variable to be passed by reference
-;     when calling a function.  The PHP 4 style to do this is by making the
-;     function require the relevant argument by reference.
-
-;;;;;;;;;;;;;;;;;;;;
-; Language Options ;
-;;;;;;;;;;;;;;;;;;;;
-
-; Enable the PHP scripting language engine under Apache.
-engine = On
-
-; Enable compatibility mode with Zend Engine 1 (PHP 4.x)
-zend.ze1_compatibility_mode = Off
-
-; Allow the  tags are recognized.
-; NOTE: Using short tags should be avoided when developing applications or
-; libraries that are meant for redistribution, or deployment on PHP
-; servers which are not under your control, because short tags may not
-; be supported on the target server. For portable, redistributable code,
-; be sure not to use short tags.
-short_open_tag = On
-
-; Allow ASP-style <% %> tags.
-asp_tags = Off
-
-; The number of significant digits displayed in floating point numbers.
-precision    =  14
-
-; Enforce year 2000 compliance (will cause problems with non-compliant browsers)
-y2k_compliance = On
-
-; Output buffering allows you to send header lines (including cookies) even
-; after you send body content, at the price of slowing PHP's output layer a
-; bit.  You can enable output buffering during runtime by calling the output
-; buffering functions.  You can also enable output buffering for all files by
-; setting this directive to On.  If you wish to limit the size of the buffer
-; to a certain size - you can use a maximum number of bytes instead of 'On', as
-; a value for this directive (e.g., output_buffering=4096).
-output_buffering = 4096
-
-; You can redirect all of the output of your scripts to a function.  For
-; example, if you set output_handler to "mb_output_handler", character
-; encoding will be transparently converted to the specified encoding.
-; Setting any output handler automatically turns on output buffering.
-; Note: People who wrote portable scripts should not depend on this ini
-;       directive. Instead, explicitly set the output handler using ob_start().
-;       Using this ini directive may cause problems unless you know what script
-;       is doing.
-; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler"
-;       and you cannot use both "ob_gzhandler" and "zlib.output_compression".
-; Note: output_handler must be empty if this is set 'On' !!!!
-;       Instead you must use zlib.output_handler.
-;output_handler =
-
-; Transparent output compression using the zlib library
-; Valid values for this option are 'off', 'on', or a specific buffer size
-; to be used for compression (default is 4KB)
-; Note: Resulting chunk size may vary due to nature of compression. PHP
-;       outputs chunks that are few hundreds bytes each as a result of
-;       compression. If you prefer a larger chunk size for better
-;       performance, enable output_buffering in addition.
-; Note: You need to use zlib.output_handler instead of the standard
-;       output_handler, or otherwise the output will be corrupted.
-zlib.output_compression = Off
-;zlib.output_compression_level = -1
-
-; You cannot specify additional output handlers if zlib.output_compression
-; is activated here. This setting does the same as output_handler but in
-; a different order.
-;zlib.output_handler =
-
-; Implicit flush tells PHP to tell the output layer to flush itself
-; automatically after every output block.  This is equivalent to calling the
-; PHP function flush() after each and every call to print() or echo() and each
-; and every HTML block.  Turning this option on has serious performance
-; implications and is generally recommended for debugging purposes only.
-implicit_flush = Off
-
-; The unserialize callback function will be called (with the undefined class'
-; name as parameter), if the unserializer finds an undefined class
-; which should be instantiated.
-; A warning appears if the specified function is not defined, or if the
-; function doesn't include/implement the missing class.
-; So only set this entry, if you really want to implement such a
-; callback-function.
-unserialize_callback_func=
-
-; When floats & doubles are serialized store serialize_precision significant
-; digits after the floating point. The default value ensures that when floats
-; are decoded with unserialize, the data will remain the same.
-serialize_precision = 100
-
-; Whether to enable the ability to force arguments to be passed by reference
-; at function call time.  This method is deprecated and is likely to be
-; unsupported in future versions of PHP/Zend.  The encouraged method of
-; specifying which arguments should be passed by reference is in the function
-; declaration.  You're encouraged to try and turn this option Off and make
-; sure your scripts work properly with it in order to ensure they will work
-; with future versions of the language (you will receive a warning each time
-; you use this feature, and the argument will be passed by value instead of by
-; reference).
-allow_call_time_pass_reference = Off
-
-;
-; Safe Mode
-;
-safe_mode = Off
-
-; By default, Safe Mode does a UID compare check when
-; opening files. If you want to relax this to a GID compare,
-; then turn on safe_mode_gid.
-safe_mode_gid = Off
-
-; When safe_mode is on, UID/GID checks are bypassed when
-; including files from this directory and its subdirectories.
-; (directory must also be in include_path or full path must
-; be used when including)
-safe_mode_include_dir =
-
-; When safe_mode is on, only executables located in the safe_mode_exec_dir
-; will be allowed to be executed via the exec family of functions.
-safe_mode_exec_dir =
-
-; Setting certain environment variables may be a potential security breach.
-; This directive contains a comma-delimited list of prefixes.  In Safe Mode,
-; the user may only alter environment variables whose names begin with the
-; prefixes supplied here.  By default, users will only be able to set
-; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR).
-;
-; Note:  If this directive is empty, PHP will let the user modify ANY
-; environment variable!
-safe_mode_allowed_env_vars = PHP_
-
-; This directive contains a comma-delimited list of environment variables that
-; the end user won't be able to change using putenv().  These variables will be
-; protected even if safe_mode_allowed_env_vars is set to allow to change them.
-safe_mode_protected_env_vars = LD_LIBRARY_PATH
-
-; open_basedir, if set, limits all file operations to the defined directory
-; and below.  This directive makes most sense if used in a per-directory
-; or per-virtualhost web server configuration file. This directive is
-; *NOT* affected by whether Safe Mode is turned On or Off.
-;open_basedir =
-
-; This directive allows you to disable certain functions for security reasons.
-; It receives a comma-delimited list of function names. This directive is
-; *NOT* affected by whether Safe Mode is turned On or Off.
-disable_functions =
-
-; This directive allows you to disable certain classes for security reasons.
-; It receives a comma-delimited list of class names. This directive is
-; *NOT* affected by whether Safe Mode is turned On or Off.
-disable_classes =
-
-; Colors for Syntax Highlighting mode.  Anything that's acceptable in
-;  would work.
-;highlight.string  = #DD0000
-;highlight.comment = #FF9900
-;highlight.keyword = #007700
-;highlight.bg      = #FFFFFF
-;highlight.default = #0000BB
-;highlight.html    = #000000
-
-; If enabled, the request will be allowed to complete even if the user aborts
-; the request. Consider enabling it if executing long request, which may end up
-; being interrupted by the user or a browser timing out.
-; ignore_user_abort = On
-
-; Determines the size of the realpath cache to be used by PHP. This value should
-; be increased on systems where PHP opens many files to reflect the quantity of
-; the file operations performed.
-; realpath_cache_size=16k
-
-; Duration of time, in seconds for which to cache realpath information for a given
-; file or directory. For systems with rarely changing files, consider increasing this
-; value.
-; realpath_cache_ttl=120
-
-;
-; Misc
-;
-; Decides whether PHP may expose the fact that it is installed on the server
-; (e.g. by adding its signature to the Web server header).  It is no security
-; threat in any way, but it makes it possible to determine whether you use PHP
-; on your server or not.
-expose_php = Off
-
-
-;;;;;;;;;;;;;;;;;;;
-; Resource Limits ;
-;;;;;;;;;;;;;;;;;;;
-
-max_execution_time = 300     ; Maximum execution time of each script, in seconds
-max_input_time = 120    ; Maximum amount of time each script may spend parsing request data
-;max_input_nesting_level = 64 ; Maximum input variable nesting level
-memory_limit = 64M      ; Maximum amount of memory a script may consume (16MB)
-
-
-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-; Error handling and logging ;
-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-
-; error_reporting is a bit-field.  Or each number up to get desired error
-; reporting level
-; E_ALL             - All errors and warnings (doesn't include E_STRICT)
-; E_ERROR           - fatal run-time errors
-; E_RECOVERABLE_ERROR  - almost fatal run-time errors
-; E_WARNING         - run-time warnings (non-fatal errors)
-; E_PARSE           - compile-time parse errors
-; E_NOTICE          - run-time notices (these are warnings which often result
-;                     from a bug in your code, but it's possible that it was
-;                     intentional (e.g., using an uninitialized variable and
-;                     relying on the fact it's automatically initialized to an
-;                     empty string)
-; E_STRICT          - run-time notices, enable to have PHP suggest changes
-;                     to your code which will ensure the best interoperability
-;                     and forward compatibility of your code
-; E_CORE_ERROR      - fatal errors that occur during PHP's initial startup
-; E_CORE_WARNING    - warnings (non-fatal errors) that occur during PHP's
-;                     initial startup
-; E_COMPILE_ERROR   - fatal compile-time errors
-; E_COMPILE_WARNING - compile-time warnings (non-fatal errors)
-; E_USER_ERROR      - user-generated error message
-; E_USER_WARNING    - user-generated warning message
-; E_USER_NOTICE     - user-generated notice message
-;
-; Examples:
-;
-;   - Show all errors, except for notices and coding standards warnings
-;
-;error_reporting = E_ALL & ~E_NOTICE
-;
-;   - Show all errors, except for notices
-;
-;error_reporting = E_ALL & ~E_NOTICE | E_STRICT
-;
-;   - Show only errors
-;
-;error_reporting = E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR
-;
-;   - Show all errors, except coding standards warnings
-;
-error_reporting  =  E_ALL
-
-; Print out errors (as a part of the output).  For production web sites,
-; you're strongly encouraged to turn this feature off, and use error logging
-; instead (see below).  Keeping display_errors enabled on a production web site
-; may reveal security information to end users, such as file paths on your Web
-; server, your database schema or other information.
-;
-; possible values for display_errors:
-;
-; Off          - Do not display any errors
-; stderr       - Display errors to STDERR (affects only CGI/CLI binaries!)
-; On or stdout - Display errors to STDOUT (default)
-;
-; To output errors to STDERR with CGI/CLI:
-;display_errors = "stderr"
-;
-; Default
-;
-display_errors = Off
-
-; Even when display_errors is on, errors that occur during PHP's startup
-; sequence are not displayed.  It's strongly recommended to keep
-; display_startup_errors off, except for when debugging.
-display_startup_errors = Off
-
-; Log errors into a log file (server-specific log, stderr, or error_log (below))
-; As stated above, you're strongly advised to use error logging in place of
-; error displaying on production web sites.
-log_errors = On
-
-; Set maximum length of log_errors. In error_log information about the source is
-; added. The default is 1024 and 0 allows to not apply any maximum length at all.
-log_errors_max_len = 1024
-
-; Do not log repeated messages. Repeated errors must occur in same file on same
-; line until ignore_repeated_source is set true.
-ignore_repeated_errors = Off
-
-; Ignore source of message when ignoring repeated messages. When this setting
-; is On you will not log errors with repeated messages from different files or
-; source lines.
-ignore_repeated_source = Off
-
-; If this parameter is set to Off, then memory leaks will not be shown (on
-; stdout or in the log). This has only effect in a debug compile, and if
-; error reporting includes E_WARNING in the allowed list
-report_memleaks = On
-
-;report_zend_debug = 0
-
-; Store the last error/warning message in $php_errormsg (boolean).
-track_errors = Off
-
-; Disable the inclusion of HTML tags in error messages.
-; Note: Never use this feature for production boxes.
-;html_errors = Off
-
-; If html_errors is set On PHP produces clickable error messages that direct
-; to a page describing the error or function causing the error in detail.
-; You can download a copy of the PHP manual from http://www.php.net/docs.php
-; and change docref_root to the base URL of your local copy including the
-; leading '/'. You must also specify the file extension being used including
-; the dot.
-; Note: Never use this feature for production boxes.
-;docref_root = "/phpmanual/"
-;docref_ext = .html
-
-; String to output before an error message.
-;error_prepend_string = ""
-
-; String to output after an error message.
-;error_append_string = ""
-
-; Log errors to specified file.
-;error_log = filename
-
-; Log errors to syslog (Event Log on NT, not valid in Windows 95).
-;error_log = syslog
-
-
-;;;;;;;;;;;;;;;;;
-; Data Handling ;
-;;;;;;;;;;;;;;;;;
-;
-; Note - track_vars is ALWAYS enabled as of PHP 4.0.3
-
-; The separator used in PHP generated URLs to separate arguments.
-; Default is "&".
-;arg_separator.output = "&"
-
-; List of separator(s) used by PHP to parse input URLs into variables.
-; Default is "&".
-; NOTE: Every character in this directive is considered as separator!
-;arg_separator.input = ";&"
-
-; This directive describes the order in which PHP registers GET, POST, Cookie,
-; Environment and Built-in variables (G, P, C, E & S respectively, often
-; referred to as EGPCS or GPC).  Registration is done from left to right, newer
-; values override older values.
-variables_order = "EGPCS"
-
-; Whether or not to register the EGPCS variables as global variables.  You may
-; want to turn this off if you don't want to clutter your scripts' global scope
-; with user data.  This makes most sense when coupled with track_vars - in which
-; case you can access all of the GPC variables through the $HTTP_*_VARS[],
-; variables.
-;
-; You should do your best to write your scripts so that they do not require
-; register_globals to be on;  Using form variables as globals can easily lead
-; to possible security problems, if the code is not very well thought of.
-register_globals = Off
-
-; Whether or not to register the old-style input arrays, HTTP_GET_VARS
-; and friends.  If you're not using them, it's recommended to turn them off,
-; for performance reasons.
-register_long_arrays = Off
-
-; This directive tells PHP whether to declare the argv&argc variables (that
-; would contain the GET information).  If you don't use these variables, you
-; should turn it off for increased performance.
-register_argc_argv = Off
-
-; When enabled, the SERVER and ENV variables are created when they're first
-; used (Just In Time) instead of when the script starts. If these variables
-; are not used within a script, having this directive on will result in a
-; performance gain. The PHP directives register_globals, register_long_arrays,
-; and register_argc_argv must be disabled for this directive to have any affect.
-auto_globals_jit = On
-
-; Maximum size of POST data that PHP will accept.
-post_max_size = 8M
-
-; Magic quotes
-;
-
-; Magic quotes for incoming GET/POST/Cookie data.
-magic_quotes_gpc = Off
-
-; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc.
-magic_quotes_runtime = Off
-
-; Use Sybase-style magic quotes (escape ' with '' instead of \').
-magic_quotes_sybase = Off
-
-; Automatically add files before or after any PHP document.
-auto_prepend_file = /usr/local/vesta/web/inc/secure_login.php
-auto_append_file =
-
-; As of 4.0b4, PHP always outputs a character encoding by default in
-; the Content-type: header.  To disable sending of the charset, simply
-; set it to be empty.
-;
-; PHP's built-in default is text/html
-default_mimetype = "text/html"
-;default_charset = "iso-8859-1"
-
-; Always populate the $HTTP_RAW_POST_DATA variable.
-;always_populate_raw_post_data = On
-
-
-;;;;;;;;;;;;;;;;;;;;;;;;;
-; Paths and Directories ;
-;;;;;;;;;;;;;;;;;;;;;;;;;
-
-; UNIX: "/path1:/path2"
-;include_path = ".:/php/includes"
-;
-; Windows: "\path1;\path2"
-;include_path = ".;c:\php\includes"
-
-; The root of the PHP pages, used only if nonempty.
-; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root
-; if you are running php as a CGI under any web server (other than IIS)
-; see documentation for security issues.  The alternate is to use the
-; cgi.force_redirect configuration below
-doc_root =
-
-; The directory under which PHP opens the script using /~username used only
-; if nonempty.
-user_dir =
-
-; Whether or not to enable the dl() function.  The dl() function does NOT work
-; properly in multithreaded servers, such as IIS or Zeus, and is automatically
-; disabled on them.
-enable_dl = On
-
-; cgi.force_redirect is necessary to provide security running PHP as a CGI under
-; most web servers.  Left undefined, PHP turns this on by default.  You can
-; turn it off here AT YOUR OWN RISK
-; **You CAN safely turn this off for IIS, in fact, you MUST.**
-; cgi.force_redirect = 1
-
-; if cgi.nph is enabled it will force cgi to always sent Status: 200 with
-; every request.
-; cgi.nph = 1
-
-; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape
-; (iPlanet) web servers, you MAY need to set an environment variable name that PHP
-; will look for to know it is OK to continue execution.  Setting this variable MAY
-; cause security issues, KNOW WHAT YOU ARE DOING FIRST.
-; cgi.redirect_status_env = ;
-
-; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI.  PHP's
-; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok
-; what PATH_INFO is.  For more information on PATH_INFO, see the cgi specs.  Setting
-; this to 1 will cause PHP CGI to fix it's paths to conform to the spec.  A setting
-; of zero causes PHP to behave as before.  Default is 1.  You should fix your scripts
-; to use SCRIPT_FILENAME rather than PATH_TRANSLATED.
-; cgi.fix_pathinfo=1
-
-; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate
-; security tokens of the calling client.  This allows IIS to define the
-; security context that the request runs under.  mod_fastcgi under Apache
-; does not currently support this feature (03/17/2002)
-; Set to 1 if running under IIS.  Default is zero.
-; fastcgi.impersonate = 1;
-
-; Disable logging through FastCGI connection
-; fastcgi.logging = 0
-
-; cgi.rfc2616_headers configuration option tells PHP what type of headers to
-; use when sending HTTP response code. If it's set 0 PHP sends Status: header that
-; is supported by Apache. When this option is set to 1 PHP will send
-; RFC2616 compliant header.
-; Default is zero.
-;cgi.rfc2616_headers = 0
-
-
-;;;;;;;;;;;;;;;;
-; File Uploads ;
-;;;;;;;;;;;;;;;;
-
-; Whether to allow HTTP file uploads.
-file_uploads = On
-
-; Temporary directory for HTTP uploaded files (will use system default if not
-; specified).
-;upload_tmp_dir =
-
-; Maximum allowed size for uploaded files.
-upload_max_filesize = 2M
-
-
-;;;;;;;;;;;;;;;;;;
-; Fopen wrappers ;
-;;;;;;;;;;;;;;;;;;
-
-; Whether to allow the treatment of URLs (like http:// or ftp://) as files.
-allow_url_fopen = On
-
-; Whether to allow include/require to open URLs (like http:// or ftp://) as files.
-allow_url_include = Off
-
-; Define the anonymous ftp password (your email address)
-;from="john@doe.com"
-
-; Define the User-Agent string
-; user_agent="PHP"
-
-; Default timeout for socket based streams (seconds)
-default_socket_timeout = 60
-
-; If your scripts have to deal with files from Macintosh systems,
-; or you are running on a Mac and need to deal with files from
-; unix or win32 systems, setting this flag will cause PHP to
-; automatically detect the EOL character in those files so that
-; fgets() and file() will work regardless of the source of the file.
-; auto_detect_line_endings = Off
-
-
-;;;;;;;;;;;;;;;;;;;;;;
-; Dynamic Extensions ;
-;;;;;;;;;;;;;;;;;;;;;;
-;
-; If you wish to have an extension loaded automatically, use the following
-; syntax:
-;
-;   extension=modulename.extension
-;
-; For example:
-;
-;   extension=msql.so
-;
-; Note that it should be the name of the module only; no directory information
-; needs to go here.  Specify the location of the extension with the
-; extension_dir directive above.
-
-
-;;;;
-; Note: packaged extension modules are now loaded via the .ini files
-; found in the directory /etc/php.d; these are loaded by default.
-;;;;
-
-
-;;;;;;;;;;;;;;;;;;;
-; Module Settings ;
-;;;;;;;;;;;;;;;;;;;
-
-[Date]
-; Defines the default timezone used by the date functions
-date.timezone = UTC
-
-;date.default_latitude = 31.7667
-;date.default_longitude = 35.2333
-
-;date.sunrise_zenith = 90.583333
-;date.sunset_zenith = 90.583333
-
-[filter]
-;filter.default = unsafe_raw
-;filter.default_flags =
-
-[iconv]
-;iconv.input_encoding = ISO-8859-1
-;iconv.internal_encoding = ISO-8859-1
-;iconv.output_encoding = ISO-8859-1
-
-[sqlite]
-;sqlite.assoc_case = 0
-
-[xmlrpc]
-;xmlrpc_error_number = 0
-;xmlrpc_errors = 0
-
-[Pcre]
-;PCRE library backtracking limit.
-;pcre.backtrack_limit=100000
-
-;PCRE library recursion limit.
-;Please note that if you set this value to a high number you may consume all
-;the available process stack and eventually crash PHP (due to reaching the
-;stack size limit imposed by the Operating System).
-;pcre.recursion_limit=100000
-
-[Syslog]
-; Whether or not to define the various syslog variables (e.g. $LOG_PID,
-; $LOG_CRON, etc.).  Turning it off is a good idea performance-wise.  In
-; runtime, you can define these variables by calling define_syslog_variables().
-define_syslog_variables  = Off
-
-[mail function]
-; For Win32 only.
-SMTP = localhost
-smtp_port = 25
-
-; For Win32 only.
-;sendmail_from = me@example.com
-
-; For Unix only.  You may supply arguments as well (default: "sendmail -t -i").
-sendmail_path = /usr/sbin/sendmail -t -i
-
-; Force the addition of the specified parameters to be passed as extra parameters
-; to the sendmail binary. These parameters will always replace the value of
-; the 5th parameter to mail(), even in safe mode.
-;mail.force_extra_parameters =
-
-[SQL]
-sql.safe_mode = Off
-
-[ODBC]
-;odbc.default_db    =  Not yet implemented
-;odbc.default_user  =  Not yet implemented
-;odbc.default_pw    =  Not yet implemented
-
-; Allow or prevent persistent links.
-odbc.allow_persistent = On
-
-; Check that a connection is still valid before reuse.
-odbc.check_persistent = On
-
-; Maximum number of persistent links.  -1 means no limit.
-odbc.max_persistent = -1
-
-; Maximum number of links (persistent + non-persistent).  -1 means no limit.
-odbc.max_links = -1
-
-; Handling of LONG fields.  Returns number of bytes to variables.  0 means
-; passthru.
-odbc.defaultlrl = 4096
-
-; Handling of binary data.  0 means passthru, 1 return as is, 2 convert to char.
-; See the documentation on odbc_binmode and odbc_longreadlen for an explanation
-; of uodbc.defaultlrl and uodbc.defaultbinmode
-odbc.defaultbinmode = 1
-
-[MySQL]
-; Allow or prevent persistent links.
-mysql.allow_persistent = On
-
-; Maximum number of persistent links.  -1 means no limit.
-mysql.max_persistent = -1
-
-; Maximum number of links (persistent + non-persistent).  -1 means no limit.
-mysql.max_links = -1
-
-; Default port number for mysql_connect().  If unset, mysql_connect() will use
-; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the
-; compile-time value defined MYSQL_PORT (in that order).  Win32 will only look
-; at MYSQL_PORT.
-mysql.default_port =
-
-; Default socket name for local MySQL connects.  If empty, uses the built-in
-; MySQL defaults.
-mysql.default_socket =
-
-; Default host for mysql_connect() (doesn't apply in safe mode).
-mysql.default_host =
-
-; Default user for mysql_connect() (doesn't apply in safe mode).
-mysql.default_user =
-
-; Default password for mysql_connect() (doesn't apply in safe mode).
-; Note that this is generally a *bad* idea to store passwords in this file.
-; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password")
-; and reveal this password!  And of course, any users with read access to this
-; file will be able to reveal the password as well.
-mysql.default_password =
-
-; Maximum time (in seconds) for connect timeout. -1 means no limit
-mysql.connect_timeout = 60
-
-; Trace mode. When trace_mode is active (=On), warnings for table/index scans and
-; SQL-Errors will be displayed.
-mysql.trace_mode = Off
-
-[MySQLi]
-
-; Maximum number of links.  -1 means no limit.
-mysqli.max_links = -1
-
-; Default port number for mysqli_connect().  If unset, mysqli_connect() will use
-; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the
-; compile-time value defined MYSQL_PORT (in that order).  Win32 will only look
-; at MYSQL_PORT.
-mysqli.default_port = 3306
-
-; Default socket name for local MySQL connects.  If empty, uses the built-in
-; MySQL defaults.
-mysqli.default_socket =
-
-; Default host for mysql_connect() (doesn't apply in safe mode).
-mysqli.default_host =
-
-; Default user for mysql_connect() (doesn't apply in safe mode).
-mysqli.default_user =
-
-; Default password for mysqli_connect() (doesn't apply in safe mode).
-; Note that this is generally a *bad* idea to store passwords in this file.
-; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw")
-; and reveal this password!  And of course, any users with read access to this
-; file will be able to reveal the password as well.
-mysqli.default_pw =
-
-; Allow or prevent reconnect
-mysqli.reconnect = Off
-
-[mSQL]
-; Allow or prevent persistent links.
-msql.allow_persistent = On
-
-; Maximum number of persistent links.  -1 means no limit.
-msql.max_persistent = -1
-
-; Maximum number of links (persistent+non persistent).  -1 means no limit.
-msql.max_links = -1
-
-[PostgresSQL]
-; Allow or prevent persistent links.
-pgsql.allow_persistent = On
-
-; Detect broken persistent links always with pg_pconnect().
-; Auto reset feature requires a little overheads.
-pgsql.auto_reset_persistent = Off
-
-; Maximum number of persistent links.  -1 means no limit.
-pgsql.max_persistent = -1
-
-; Maximum number of links (persistent+non persistent).  -1 means no limit.
-pgsql.max_links = -1
-
-; Ignore PostgreSQL backends Notice message or not.
-; Notice message logging require a little overheads.
-pgsql.ignore_notice = 0
-
-; Log PostgreSQL backends Noitce message or not.
-; Unless pgsql.ignore_notice=0, module cannot log notice message.
-pgsql.log_notice = 0
-
-[Sybase]
-; Allow or prevent persistent links.
-sybase.allow_persistent = On
-
-; Maximum number of persistent links.  -1 means no limit.
-sybase.max_persistent = -1
-
-; Maximum number of links (persistent + non-persistent).  -1 means no limit.
-sybase.max_links = -1
-
-;sybase.interface_file = "/usr/sybase/interfaces"
-
-; Minimum error severity to display.
-sybase.min_error_severity = 10
-
-; Minimum message severity to display.
-sybase.min_message_severity = 10
-
-; Compatibility mode with old versions of PHP 3.0.
-; If on, this will cause PHP to automatically assign types to results according
-; to their Sybase type, instead of treating them all as strings.  This
-; compatibility mode will probably not stay around forever, so try applying
-; whatever necessary changes to your code, and turn it off.
-sybase.compatability_mode = Off
-
-[Sybase-CT]
-; Allow or prevent persistent links.
-sybct.allow_persistent = On
-
-; Maximum number of persistent links.  -1 means no limit.
-sybct.max_persistent = -1
-
-; Maximum number of links (persistent + non-persistent).  -1 means no limit.
-sybct.max_links = -1
-
-; Minimum server message severity to display.
-sybct.min_server_severity = 10
-
-; Minimum client message severity to display.
-sybct.min_client_severity = 10
-
-[bcmath]
-; Number of decimal digits for all bcmath functions.
-bcmath.scale = 0
-
-[browscap]
-;browscap = extra/browscap.ini
-
-[Informix]
-; Default host for ifx_connect() (doesn't apply in safe mode).
-ifx.default_host =
-
-; Default user for ifx_connect() (doesn't apply in safe mode).
-ifx.default_user =
-
-; Default password for ifx_connect() (doesn't apply in safe mode).
-ifx.default_password =
-
-; Allow or prevent persistent links.
-ifx.allow_persistent = On
-
-; Maximum number of persistent links.  -1 means no limit.
-ifx.max_persistent = -1
-
-; Maximum number of links (persistent + non-persistent).  -1 means no limit.
-ifx.max_links = -1
-
-; If on, select statements return the contents of a text blob instead of its id.
-ifx.textasvarchar = 0
-
-; If on, select statements return the contents of a byte blob instead of its id.
-ifx.byteasvarchar = 0
-
-; Trailing blanks are stripped from fixed-length char columns.  May help the
-; life of Informix SE users.
-ifx.charasvarchar = 0
-
-; If on, the contents of text and byte blobs are dumped to a file instead of
-; keeping them in memory.
-ifx.blobinfile = 0
-
-; NULL's are returned as empty strings, unless this is set to 1.  In that case,
-; NULL's are returned as string 'NULL'.
-ifx.nullformat = 0
-
-[Session]
-; Handler used to store/retrieve data.
-session.save_handler = files
-
-; Argument passed to save_handler.  In the case of files, this is the path
-; where data files are stored. Note: Windows users have to change this
-; variable in order to use PHP's session functions.
-;
-; As of PHP 4.0.1, you can define the path as:
-;
-;     session.save_path = "N;/path"
-;
-; where N is an integer.  Instead of storing all the session files in
-; /path, what this will do is use subdirectories N-levels deep, and
-; store the session data in those directories.  This is useful if you
-; or your OS have problems with lots of files in one directory, and is
-; a more efficient layout for servers that handle lots of sessions.
-;
-; NOTE 1: PHP will not create this directory structure automatically.
-;         You can use the script in the ext/session dir for that purpose.
-; NOTE 2: See the section on garbage collection below if you choose to
-;         use subdirectories for session storage
-;
-; The file storage module creates files using mode 600 by default.
-; You can change that by using
-;
-;     session.save_path = "N;MODE;/path"
-;
-; where MODE is the octal representation of the mode. Note that this
-; does not overwrite the process's umask.
-;session.save_path = "/var/lib/php/session"
-session.save_path = "/tmp"
-
-; Whether to use cookies.
-session.use_cookies = 1
-
-;session.cookie_secure =
-
-; This option enables administrators to make their users invulnerable to
-; attacks which involve passing session ids in URLs; defaults to 0.
-; session.use_only_cookies = 1
-
-; Name of the session (used as cookie name).
-session.name = PHPSESSID
-
-; Initialize session on request startup.
-session.auto_start = 0
-
-; Lifetime in seconds of cookie or, if 0, until browser is restarted.
-session.cookie_lifetime = 0
-
-; The path for which the cookie is valid.
-session.cookie_path = /
-
-; The domain for which the cookie is valid.
-session.cookie_domain =
-
-; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript.
-session.cookie_httponly =
-
-; Handler used to serialize data.  php is the standard serializer of PHP.
-session.serialize_handler = php
-
-; Define the probability that the 'garbage collection' process is started
-; on every session initialization.
-; The probability is calculated by using gc_probability/gc_divisor,
-; e.g. 1/100 means there is a 1% chance that the GC process starts
-; on each request.
-
-session.gc_probability = 1
-session.gc_divisor     = 1000
-
-; After this number of seconds, stored data will be seen as 'garbage' and
-; cleaned up by the garbage collection process.
-session.gc_maxlifetime = 1440
-
-; NOTE: If you are using the subdirectory option for storing session files
-;       (see session.save_path above), then garbage collection does *not*
-;       happen automatically.  You will need to do your own garbage
-;       collection through a shell script, cron entry, or some other method.
-;       For example, the following script would is the equivalent of
-;       setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes):
-;          cd /path/to/sessions; find -cmin +24 | xargs rm
-
-; PHP 4.2 and less have an undocumented feature/bug that allows you to
-; to initialize a session variable in the global scope, albeit register_globals
-; is disabled.  PHP 4.3 and later will warn you, if this feature is used.
-; You can disable the feature and the warning separately. At this time,
-; the warning is only displayed, if bug_compat_42 is enabled.
-
-session.bug_compat_42 = 0
-session.bug_compat_warn = 1
-
-; Check HTTP Referer to invalidate externally stored URLs containing ids.
-; HTTP_REFERER has to contain this substring for the session to be
-; considered as valid.
-session.referer_check =
-
-; How many bytes to read from the file.
-session.entropy_length = 0
-
-; Specified here to create the session id.
-session.entropy_file =
-
-;session.entropy_length = 16
-
-;session.entropy_file = /dev/urandom
-
-; Set to {nocache,private,public,} to determine HTTP caching aspects
-; or leave this empty to avoid sending anti-caching headers.
-session.cache_limiter = nocache
-
-; Document expires after n minutes.
-session.cache_expire = 180
-
-; trans sid support is disabled by default.
-; Use of trans sid may risk your users security.
-; Use this option with caution.
-; - User may send URL contains active session ID
-;   to other person via. email/irc/etc.
-; - URL that contains active session ID may be stored
-;   in publically accessible computer.
-; - User may access your site with the same session ID
-;   always using URL stored in browser's history or bookmarks.
-session.use_trans_sid = 0
-
-; Select a hash function
-; 0: MD5   (128 bits)
-; 1: SHA-1 (160 bits)
-session.hash_function = 0
-
-; Define how many bits are stored in each character when converting
-; the binary hash data to something readable.
-;
-; 4 bits: 0-9, a-f
-; 5 bits: 0-9, a-v
-; 6 bits: 0-9, a-z, A-Z, "-", ","
-session.hash_bits_per_character = 5
-
-; The URL rewriter will look for URLs in a defined set of HTML tags.
-; form/fieldset are special; if you include them here, the rewriter will
-; add a hidden  field with the info which is otherwise appended
-; to URLs.  If you want XHTML conformity, remove the form entry.
-; Note that all valid entries require a "=", even if no value follows.
-url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
-
-[MSSQL]
-; Allow or prevent persistent links.
-mssql.allow_persistent = On
-
-; Maximum number of persistent links.  -1 means no limit.
-mssql.max_persistent = -1
-
-; Maximum number of links (persistent+non persistent).  -1 means no limit.
-mssql.max_links = -1
-
-; Minimum error severity to display.
-mssql.min_error_severity = 10
-
-; Minimum message severity to display.
-mssql.min_message_severity = 10
-
-; Compatibility mode with old versions of PHP 3.0.
-mssql.compatability_mode = Off
-
-; Connect timeout
-;mssql.connect_timeout = 5
-
-; Query timeout
-;mssql.timeout = 60
-
-; Valid range 0 - 2147483647.  Default = 4096.
-;mssql.textlimit = 4096
-
-; Valid range 0 - 2147483647.  Default = 4096.
-;mssql.textsize = 4096
-
-; Limits the number of records in each batch.  0 = all records in one batch.
-;mssql.batchsize = 0
-
-; Specify how datetime and datetim4 columns are returned
-; On => Returns data converted to SQL server settings
-; Off => Returns values as YYYY-MM-DD hh:mm:ss
-;mssql.datetimeconvert = On
-
-; Use NT authentication when connecting to the server
-mssql.secure_connection = Off
-
-; Specify max number of processes. -1 = library default
-; msdlib defaults to 25
-; FreeTDS defaults to 4096
-;mssql.max_procs = -1
-
-; Specify client character set.
-; If empty or not set the client charset from freetds.comf is used
-; This is only used when compiled with FreeTDS
-;mssql.charset = "ISO-8859-1"
-
-[Assertion]
-; Assert(expr); active by default.
-;assert.active = On
-
-; Issue a PHP warning for each failed assertion.
-;assert.warning = On
-
-; Don't bail out by default.
-;assert.bail = Off
-
-; User-function to be called if an assertion fails.
-;assert.callback = 0
-
-; Eval the expression with current error_reporting().  Set to true if you want
-; error_reporting(0) around the eval().
-;assert.quiet_eval = 0
-
-[COM]
-; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs
-;com.typelib_file =
-; allow Distributed-COM calls
-;com.allow_dcom = true
-; autoregister constants of a components typlib on com_load()
-;com.autoregister_typelib = true
-; register constants casesensitive
-;com.autoregister_casesensitive = false
-; show warnings on duplicate constant registrations
-;com.autoregister_verbose = true
-
-[mbstring]
-; language for internal character representation.
-;mbstring.language = Japanese
-
-; internal/script encoding.
-; Some encoding cannot work as internal encoding.
-; (e.g. SJIS, BIG5, ISO-2022-*)
-;mbstring.internal_encoding = EUC-JP
-
-; http input encoding.
-;mbstring.http_input = auto
-
-; http output encoding. mb_output_handler must be
-; registered as output buffer to function
-;mbstring.http_output = SJIS
-
-; enable automatic encoding translation according to
-; mbstring.internal_encoding setting. Input chars are
-; converted to internal encoding by setting this to On.
-; Note: Do _not_ use automatic encoding translation for
-;       portable libs/applications.
-;mbstring.encoding_translation = Off
-
-; automatic encoding detection order.
-; auto means
-;mbstring.detect_order = auto
-
-; substitute_character used when character cannot be converted
-; one from another
-;mbstring.substitute_character = none;
-
-; overload(replace) single byte functions by mbstring functions.
-; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(),
-; etc. Possible values are 0,1,2,4 or combination of them.
-; For example, 7 for overload everything.
-; 0: No overload
-; 1: Overload mail() function
-; 2: Overload str*() functions
-; 4: Overload ereg*() functions
-;mbstring.func_overload = 0
-
-; enable strict encoding detection.
-;mbstring.strict_encoding = Off
-
-[FrontBase]
-;fbsql.allow_persistent = On
-;fbsql.autocommit = On
-;fbsql.show_timestamp_decimals = Off
-;fbsql.default_database =
-;fbsql.default_database_password =
-;fbsql.default_host =
-;fbsql.default_password =
-;fbsql.default_user = "_SYSTEM"
-;fbsql.generate_warnings = Off
-;fbsql.max_connections = 128
-;fbsql.max_links = 128
-;fbsql.max_persistent = -1
-;fbsql.max_results = 128
-
-[gd]
-; Tell the jpeg decode to libjpeg warnings and try to create
-; a gd image. The warning will then be displayed as notices
-; disabled by default
-;gd.jpeg_ignore_warning = 0
-
-[exif]
-; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS.
-; With mbstring support this will automatically be converted into the encoding
-; given by corresponding encode setting. When empty mbstring.internal_encoding
-; is used. For the decode settings you can distinguish between motorola and
-; intel byte order. A decode setting cannot be empty.
-;exif.encode_unicode = ISO-8859-15
-;exif.decode_unicode_motorola = UCS-2BE
-;exif.decode_unicode_intel    = UCS-2LE
-;exif.encode_jis =
-;exif.decode_jis_motorola = JIS
-;exif.decode_jis_intel    = JIS
-
-[Tidy]
-; The path to a default tidy configuration file to use when using tidy
-;tidy.default_config = /usr/local/lib/php/default.tcfg
-
-; Should tidy clean and repair output automatically?
-; WARNING: Do not use this option if you are generating non-html content
-; such as dynamic images
-tidy.clean_output = Off
-
-[soap]
-; Enables or disables WSDL caching feature.
-soap.wsdl_cache_enabled=1
-; Sets the directory name where SOAP extension will put cache files.
-soap.wsdl_cache_dir="/tmp"
-; (time to live) Sets the number of second while cached file will be used
-; instead of original one.
-soap.wsdl_cache_ttl=86400
-
-; Local Variables:
-; tab-width: 4
-; End:

From 943df737203a1732083c7faf03f92e0a97086502 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 20 Aug 2019 22:05:57 +0200
Subject: [PATCH 0604/2300] Update README.md

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 30ba31d7..7397d813 100644
--- a/README.md
+++ b/README.md
@@ -18,7 +18,7 @@ Features
     + `echo " /usr/local/vesta/web/inc/login_url.php`
     + Literally no one PHP script will be alive before you access that URL, so even if there is some zero-day exploit - hacker will not be able to access it without knowing your secret URL. PHP scripts from VestaCP will be simlpy dead - nothing will interact with someone who don't know your secret-URL.
     + You can see how mechanism was built by looking at:
-      + https://github.com/myvesta/vesta/blob/master/src/deb/php/php.ini#L496
+      + https://github.com/myvesta/vesta/blob/master/src/deb/for-download/php/php.ini#L496
       + https://github.com/myvesta/vesta/blob/master/web/inc/secure_login.php
 
 + We disabled dangerous PHP functions in php.ini, so even if customer's CMS was compromised, hacker will not be able to execute shell from PHP.

From deb3a0eeae11a35ddd1db58bd0fc44a0c8cdb8d0 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 20 Aug 2019 22:10:30 +0200
Subject: [PATCH 0605/2300] Create nginx.conf

---
 src/deb/for-download/nginx/nginx.conf | 128 ++++++++++++++++++++++++++
 1 file changed, 128 insertions(+)
 create mode 100644 src/deb/for-download/nginx/nginx.conf

diff --git a/src/deb/for-download/nginx/nginx.conf b/src/deb/for-download/nginx/nginx.conf
new file mode 100644
index 00000000..0a427f07
--- /dev/null
+++ b/src/deb/for-download/nginx/nginx.conf
@@ -0,0 +1,128 @@
+user                    admin;
+worker_processes        1;
+error_log               /usr/local/vesta/log/nginx-error.log;
+pid                     /var/run/vesta-nginx.pid;
+
+events {
+        worker_connections  128;
+        use                 epoll;
+}
+
+http {
+    # Main settings
+    sendfile                        on;
+    tcp_nopush                      on;
+    tcp_nodelay                     on;
+    client_header_timeout           1m;
+    client_body_timeout             3m;
+    client_header_buffer_size       2k;
+    client_body_buffer_size         256k;
+    client_max_body_size            256m;
+    large_client_header_buffers     4   8k;
+    send_timeout                    30;
+    keepalive_timeout               60 60;
+    reset_timedout_connection       on;
+    server_tokens                   off;
+    server_name_in_redirect         off;
+    server_names_hash_max_size      512;
+    server_names_hash_bucket_size   512;
+
+
+    # Log format
+    log_format  main    '$remote_addr - $remote_user [$time_local] $request '
+                        '"$status" $body_bytes_sent "$http_referer" '
+                        '"$http_user_agent" "$http_x_forwarded_for"';
+    log_format  bytes   '$body_bytes_sent';
+    access_log          /usr/local/vesta/log/nginx-access.log main;
+
+
+    # SSL PCI Compliance
+    ssl_protocols               TLSv1.2 TLSv1.1 TLSv1;
+    ssl_ciphers                 EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
+    ssl_session_cache           shared:SSL:10m;
+    ssl_prefer_server_ciphers   on;
+
+
+    # Mime settings
+    include             /usr/local/vesta/nginx/conf/mime.types;
+    default_type        application/octet-stream;
+
+
+    # Compression
+    gzip                on;
+    gzip_comp_level     9;
+    gzip_min_length     512;
+    gzip_buffers        8 64k;
+    gzip_types          text/plain text/css text/javascript
+                        application/x-javascript application/javascript;
+    gzip_proxied        any;
+
+
+    # Proxy settings
+    proxy_redirect      off;
+    proxy_set_header    Host            $host;
+    proxy_set_header    X-Real-IP       $remote_addr;
+    proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_pass_header   Set-Cookie;
+    proxy_connect_timeout   90;
+    proxy_send_timeout  90;
+    proxy_read_timeout  90;
+    proxy_buffers       32 4k;
+    fastcgi_read_timeout 300;
+
+    # Error pages
+    error_page          403          /error/403.html;
+    error_page          404          /error/404.html;
+    error_page          502 503 504  /error/50x.html;
+
+
+    # Vhost
+    server {
+        listen          8083;
+        server_name     _;
+        root            /usr/local/vesta/web;
+        charset         utf-8;
+
+        # Fix error "The plain HTTP request was sent to HTTPS port"
+        error_page      497 https://$host:$server_port$request_uri;
+
+        ssl                  on;
+        ssl_certificate      /usr/local/vesta/ssl/certificate.crt;
+        ssl_certificate_key  /usr/local/vesta/ssl/certificate.key;
+        ssl_session_cache    shared:SSL:10m;
+        ssl_session_timeout  10m;
+
+        error_page      404     /error/404/index.html;
+        error_page      403     /error/index.html;
+        error_page      500     /error/index.html;
+
+        location / {
+            expires max;
+            index   index.php;
+        }
+
+        location /error/ {
+            expires max;
+            index   index.html;
+        }
+
+        location /rrd/ {
+            expires off;
+            internal;
+        }
+
+        location /backup/ {
+            root    /;
+            internal;
+        }
+
+        location ~ \.php$ {
+            include         /usr/local/vesta/nginx/conf/fastcgi_params;
+            fastcgi_param   SCRIPT_FILENAME /usr/local/vesta/web/$fastcgi_script_name;
+            fastcgi_param   QUERY_STRING    $query_string;
+            fastcgi_pass    unix:/var/run/vesta-php.sock;
+            fastcgi_intercept_errors        on;
+            break;
+        }
+    }
+}

From fb28e8dea78cfa8c60aa3143e948d4244f65bf46 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 20 Aug 2019 22:12:10 +0200
Subject: [PATCH 0606/2300] Delete nginx.conf

---
 src/deb/nginx/nginx.conf | 128 ---------------------------------------
 1 file changed, 128 deletions(-)
 delete mode 100644 src/deb/nginx/nginx.conf

diff --git a/src/deb/nginx/nginx.conf b/src/deb/nginx/nginx.conf
deleted file mode 100644
index 0a427f07..00000000
--- a/src/deb/nginx/nginx.conf
+++ /dev/null
@@ -1,128 +0,0 @@
-user                    admin;
-worker_processes        1;
-error_log               /usr/local/vesta/log/nginx-error.log;
-pid                     /var/run/vesta-nginx.pid;
-
-events {
-        worker_connections  128;
-        use                 epoll;
-}
-
-http {
-    # Main settings
-    sendfile                        on;
-    tcp_nopush                      on;
-    tcp_nodelay                     on;
-    client_header_timeout           1m;
-    client_body_timeout             3m;
-    client_header_buffer_size       2k;
-    client_body_buffer_size         256k;
-    client_max_body_size            256m;
-    large_client_header_buffers     4   8k;
-    send_timeout                    30;
-    keepalive_timeout               60 60;
-    reset_timedout_connection       on;
-    server_tokens                   off;
-    server_name_in_redirect         off;
-    server_names_hash_max_size      512;
-    server_names_hash_bucket_size   512;
-
-
-    # Log format
-    log_format  main    '$remote_addr - $remote_user [$time_local] $request '
-                        '"$status" $body_bytes_sent "$http_referer" '
-                        '"$http_user_agent" "$http_x_forwarded_for"';
-    log_format  bytes   '$body_bytes_sent';
-    access_log          /usr/local/vesta/log/nginx-access.log main;
-
-
-    # SSL PCI Compliance
-    ssl_protocols               TLSv1.2 TLSv1.1 TLSv1;
-    ssl_ciphers                 EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
-    ssl_session_cache           shared:SSL:10m;
-    ssl_prefer_server_ciphers   on;
-
-
-    # Mime settings
-    include             /usr/local/vesta/nginx/conf/mime.types;
-    default_type        application/octet-stream;
-
-
-    # Compression
-    gzip                on;
-    gzip_comp_level     9;
-    gzip_min_length     512;
-    gzip_buffers        8 64k;
-    gzip_types          text/plain text/css text/javascript
-                        application/x-javascript application/javascript;
-    gzip_proxied        any;
-
-
-    # Proxy settings
-    proxy_redirect      off;
-    proxy_set_header    Host            $host;
-    proxy_set_header    X-Real-IP       $remote_addr;
-    proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
-    proxy_pass_header   Set-Cookie;
-    proxy_connect_timeout   90;
-    proxy_send_timeout  90;
-    proxy_read_timeout  90;
-    proxy_buffers       32 4k;
-    fastcgi_read_timeout 300;
-
-    # Error pages
-    error_page          403          /error/403.html;
-    error_page          404          /error/404.html;
-    error_page          502 503 504  /error/50x.html;
-
-
-    # Vhost
-    server {
-        listen          8083;
-        server_name     _;
-        root            /usr/local/vesta/web;
-        charset         utf-8;
-
-        # Fix error "The plain HTTP request was sent to HTTPS port"
-        error_page      497 https://$host:$server_port$request_uri;
-
-        ssl                  on;
-        ssl_certificate      /usr/local/vesta/ssl/certificate.crt;
-        ssl_certificate_key  /usr/local/vesta/ssl/certificate.key;
-        ssl_session_cache    shared:SSL:10m;
-        ssl_session_timeout  10m;
-
-        error_page      404     /error/404/index.html;
-        error_page      403     /error/index.html;
-        error_page      500     /error/index.html;
-
-        location / {
-            expires max;
-            index   index.php;
-        }
-
-        location /error/ {
-            expires max;
-            index   index.html;
-        }
-
-        location /rrd/ {
-            expires off;
-            internal;
-        }
-
-        location /backup/ {
-            root    /;
-            internal;
-        }
-
-        location ~ \.php$ {
-            include         /usr/local/vesta/nginx/conf/fastcgi_params;
-            fastcgi_param   SCRIPT_FILENAME /usr/local/vesta/web/$fastcgi_script_name;
-            fastcgi_param   QUERY_STRING    $query_string;
-            fastcgi_pass    unix:/var/run/vesta-php.sock;
-            fastcgi_intercept_errors        on;
-            break;
-        }
-    }
-}

From a1f3c60a8e1333e6f413b093e0c65626158cfc07 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 20 Aug 2019 22:13:06 +0200
Subject: [PATCH 0607/2300] Create vesta

---
 src/deb/for-download/nginx/vesta | 95 ++++++++++++++++++++++++++++++++
 1 file changed, 95 insertions(+)
 create mode 100644 src/deb/for-download/nginx/vesta

diff --git a/src/deb/for-download/nginx/vesta b/src/deb/for-download/nginx/vesta
new file mode 100644
index 00000000..31ccae53
--- /dev/null
+++ b/src/deb/for-download/nginx/vesta
@@ -0,0 +1,95 @@
+#!/bin/sh
+
+### BEGIN INIT INFO
+# Provides:       vesta
+#                 internal nginx
+#                 internal php-fpm
+# Required-Start:    $local_fs $remote_fs $network $syslog
+# Required-Stop:     $local_fs $remote_fs $network $syslog
+# Default-Start:     2 3 4 5
+# Default-Stop:      0 1 6
+# Short-Description: starts the vesta control panel
+# Description:       starts nginx and php-fpm using start-stop-daemon
+### END INIT INFO
+
+PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
+NGINX_DAEMON=/usr/local/vesta/nginx/sbin/vesta-nginx
+NGINX_NAME=vesta-nginx
+NGINX_DESC=vesta-nginx
+NGINX_PID=/var/run/vesta-nginx.pid
+
+PHP_DAEMON=/usr/local/vesta/php/sbin/vesta-php
+PHP_NAME=vesta-php
+PHP_DESC=vesta-php
+PHP_PID=/var/run/vesta-php.pid
+PHP_CONF=/usr/local/vesta/php/etc/php-fpm.conf
+
+set -e
+
+. /lib/lsb/init-functions
+
+. /etc/profile.d/vesta.sh
+
+start_nginx() {
+    start-stop-daemon --start --quiet --pidfile $NGINX_PID \
+        --retry 5 --exec $NGINX_DAEMON --oknodo
+}
+
+start_php() {
+    start-stop-daemon --start --quiet --pidfile $PHP_PID \
+        --retry 5 --exec $PHP_DAEMON --oknodo
+}
+
+stop_nginx() {
+    start-stop-daemon --stop --quiet --pidfile $NGINX_PID \
+        --retry 5 --oknodo --exec $NGINX_DAEMON
+}
+
+stop_php() {
+    start-stop-daemon --stop --quiet --pidfile $PHP_PID \
+        --retry 5 --oknodo --exec $PHP_DAEMON
+}
+
+case "$1" in
+    start)
+        log_daemon_msg "Starting $NGINX_DESC" "$NGINX_NAME"
+        start_nginx
+        log_end_msg $?
+        log_daemon_msg "Starting $PHP_DESC" "$PHP_NAME"
+        start_php
+        log_end_msg $?
+        ;;
+
+    stop)
+        log_daemon_msg "Stopping $NGINX_DESC" "$NGINX_NAME"
+        stop_nginx
+        log_end_msg $?
+        log_daemon_msg "Stopping $PHP_DESC" "$PHP_NAME"
+        stop_php
+        log_end_msg $?
+        ;;
+
+    restart|force-reload|reload|configtest|testconfig)
+        log_daemon_msg "Restarting $NGINX_DESC" "$NGINX_NAME"
+        stop_nginx
+        stop_php
+        sleep 1
+        start_nginx
+        log_end_msg $?
+        log_daemon_msg "Restarting $PHP_DESC" "$PHP_NAME"
+        start_php
+        log_end_msg $?
+        ;;
+
+    status)
+        status_of_proc -p $NGINX_PID "$NGINX_DAEMON" vesta-nginx
+        status_of_proc -p $PHP_PID "$PHP_DAEMON" vesta-php
+        ;;
+
+    *)
+        echo "Usage: Vesta {start|stop|restart|status}" >&2
+        exit 1
+        ;;
+esac
+
+exit 0

From 3ff583c7371d792d185db5c05ce8b0c32c568354 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 20 Aug 2019 22:14:00 +0200
Subject: [PATCH 0608/2300] Delete vesta

---
 src/deb/nginx/vesta | 95 ---------------------------------------------
 1 file changed, 95 deletions(-)
 delete mode 100755 src/deb/nginx/vesta

diff --git a/src/deb/nginx/vesta b/src/deb/nginx/vesta
deleted file mode 100755
index 31ccae53..00000000
--- a/src/deb/nginx/vesta
+++ /dev/null
@@ -1,95 +0,0 @@
-#!/bin/sh
-
-### BEGIN INIT INFO
-# Provides:       vesta
-#                 internal nginx
-#                 internal php-fpm
-# Required-Start:    $local_fs $remote_fs $network $syslog
-# Required-Stop:     $local_fs $remote_fs $network $syslog
-# Default-Start:     2 3 4 5
-# Default-Stop:      0 1 6
-# Short-Description: starts the vesta control panel
-# Description:       starts nginx and php-fpm using start-stop-daemon
-### END INIT INFO
-
-PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
-NGINX_DAEMON=/usr/local/vesta/nginx/sbin/vesta-nginx
-NGINX_NAME=vesta-nginx
-NGINX_DESC=vesta-nginx
-NGINX_PID=/var/run/vesta-nginx.pid
-
-PHP_DAEMON=/usr/local/vesta/php/sbin/vesta-php
-PHP_NAME=vesta-php
-PHP_DESC=vesta-php
-PHP_PID=/var/run/vesta-php.pid
-PHP_CONF=/usr/local/vesta/php/etc/php-fpm.conf
-
-set -e
-
-. /lib/lsb/init-functions
-
-. /etc/profile.d/vesta.sh
-
-start_nginx() {
-    start-stop-daemon --start --quiet --pidfile $NGINX_PID \
-        --retry 5 --exec $NGINX_DAEMON --oknodo
-}
-
-start_php() {
-    start-stop-daemon --start --quiet --pidfile $PHP_PID \
-        --retry 5 --exec $PHP_DAEMON --oknodo
-}
-
-stop_nginx() {
-    start-stop-daemon --stop --quiet --pidfile $NGINX_PID \
-        --retry 5 --oknodo --exec $NGINX_DAEMON
-}
-
-stop_php() {
-    start-stop-daemon --stop --quiet --pidfile $PHP_PID \
-        --retry 5 --oknodo --exec $PHP_DAEMON
-}
-
-case "$1" in
-    start)
-        log_daemon_msg "Starting $NGINX_DESC" "$NGINX_NAME"
-        start_nginx
-        log_end_msg $?
-        log_daemon_msg "Starting $PHP_DESC" "$PHP_NAME"
-        start_php
-        log_end_msg $?
-        ;;
-
-    stop)
-        log_daemon_msg "Stopping $NGINX_DESC" "$NGINX_NAME"
-        stop_nginx
-        log_end_msg $?
-        log_daemon_msg "Stopping $PHP_DESC" "$PHP_NAME"
-        stop_php
-        log_end_msg $?
-        ;;
-
-    restart|force-reload|reload|configtest|testconfig)
-        log_daemon_msg "Restarting $NGINX_DESC" "$NGINX_NAME"
-        stop_nginx
-        stop_php
-        sleep 1
-        start_nginx
-        log_end_msg $?
-        log_daemon_msg "Restarting $PHP_DESC" "$PHP_NAME"
-        start_php
-        log_end_msg $?
-        ;;
-
-    status)
-        status_of_proc -p $NGINX_PID "$NGINX_DAEMON" vesta-nginx
-        status_of_proc -p $PHP_PID "$PHP_DAEMON" vesta-php
-        ;;
-
-    *)
-        echo "Usage: Vesta {start|stop|restart|status}" >&2
-        exit 1
-        ;;
-esac
-
-exit 0

From 54590c47af773869f78b00411f5f72e2df38f9e7 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 20 Aug 2019 22:19:04 +0200
Subject: [PATCH 0609/2300] Update vesta_compile.sh

---
 src/deb/vesta_compile.sh | 12 ++++--------
 1 file changed, 4 insertions(+), 8 deletions(-)

diff --git a/src/deb/vesta_compile.sh b/src/deb/vesta_compile.sh
index edfacdcd..a7fd97d7 100644
--- a/src/deb/vesta_compile.sh
+++ b/src/deb/vesta_compile.sh
@@ -357,8 +357,6 @@ if [ "$NGINX_B" = true ]; then
     press_enter "=== Press enter to Download control, postinst and postrm files"
     # Copying control, postinst and postrm files
     cp -rf /root/vesta/src/deb/nginx/* $BUILD_DIR/vesta-nginx_$VESTA_V/DEBIAN
-    rm $BUILD_DIR/vesta-nginx_$VESTA_V/DEBIAN/nginx.conf
-    rm $BUILD_DIR/vesta-nginx_$VESTA_V/DEBIAN/vesta
     
     # Set version
     sed -i "/Version: /c\Version: $VESTA_VER" $BUILD_DIR/vesta-nginx_$VESTA_V/DEBIAN/control
@@ -371,12 +369,12 @@ if [ "$NGINX_B" = true ]; then
     
     echo "=== Get Service File"
     cd $BUILD_DIR/vesta-nginx_$VESTA_V/etc/init.d
-    cp /root/vesta/src/deb/nginx/vesta vesta
+    cp /root/vesta/src/deb/for-download/nginx/vesta vesta
     chmod +x vesta
     
     echo "=== Get nginx.conf"
     cd $BUILD_DIR/vesta-nginx_$VESTA_V
-    cp /root/vesta/src/deb/nginx/nginx.conf $BUILD_DIR/vesta-nginx_$VESTA_V/usr/local/vesta/nginx/conf/nginx.conf
+    cp /root/vesta/src/deb/for-download/nginx/nginx.conf $BUILD_DIR/vesta-nginx_$VESTA_V/usr/local/vesta/nginx/conf/nginx.conf
     
     # if [ $BUILDING_NOW -eq 1 ]; then
     echo "=== copy binary"
@@ -454,8 +452,6 @@ if [ "$PHP_B" = true ]; then
     
     # Copying control, postinst and postrm files
     cp -rf /root/vesta/src/deb/php/* $BUILD_DIR/vesta-php_$VESTA_V/DEBIAN
-    rm $BUILD_DIR/vesta-php_$VESTA_V/DEBIAN/php-fpm.conf
-    rm $BUILD_DIR/vesta-php_$VESTA_V/DEBIAN/php.ini
     
     # Set version
     sed -i "/Version: /c\Version: $VESTA_VER" $BUILD_DIR/vesta-php_$VESTA_V/DEBIAN/control
@@ -473,8 +469,8 @@ if [ "$PHP_B" = true ]; then
     # fi
     
     echo "=== Get php-fpm.conf"
-    cp /root/vesta/src/deb/php/php-fpm.conf $BUILD_DIR/vesta-php_$VESTA_V/usr/local/vesta/php/etc/php-fpm.conf
-    cp /root/vesta/src/deb/php/php.ini $BUILD_DIR/vesta-php_$VESTA_V/usr/local/vesta/php/lib/php.ini
+    cp /root/vesta/src/deb/for-download/php/php-fpm.conf $BUILD_DIR/vesta-php_$VESTA_V/usr/local/vesta/php/etc/php-fpm.conf
+    cp /root/vesta/src/deb/for-download/php/php.ini $BUILD_DIR/vesta-php_$VESTA_V/usr/local/vesta/php/lib/php.ini
     
     echo "=== copy binary"
     cp $INSTALL_DIR/php/sbin/php-fpm $BUILD_DIR/vesta-php_$VESTA_V/usr/local/vesta/php/sbin/vesta-php

From 6f662ec5731cd6f4ce7af41a47bf0226bb3866d2 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 20 Aug 2019 22:52:36 +0200
Subject: [PATCH 0610/2300] Create php7.0-vps.patch

---
 install/debian/9/php/php7.0-vps.patch | 78 +++++++++++++++++++++++++++
 1 file changed, 78 insertions(+)
 create mode 100644 install/debian/9/php/php7.0-vps.patch

diff --git a/install/debian/9/php/php7.0-vps.patch b/install/debian/9/php/php7.0-vps.patch
new file mode 100644
index 00000000..42670598
--- /dev/null
+++ b/install/debian/9/php/php7.0-vps.patch
@@ -0,0 +1,78 @@
+--- origin/etc/php/7.0/apache2/php.ini	2018-02-07 15:46:09.000000000 +0100
++++ vesta/etc/php/7.0/apache2/php.ini	2018-02-07 17:27:08.000000000 +0100
+@@ -296,7 +296,8 @@
+ ; This directive allows you to disable certain functions for security reasons.
+ ; It receives a comma-delimited list of function names.
+ ; http://php.net/disable-functions
+-disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
++; disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
++disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,exec,system,passthru,shell_exec,proc_open,popen
+ 
+ ; This directive allows you to disable certain classes for security reasons.
+ ; It receives a comma-delimited list of class names.
+@@ -382,11 +383,11 @@
+ ;max_input_nesting_level = 64
+ 
+ ; How many GET/POST/COOKIE input variables may be accepted
+-; max_input_vars = 1000
++max_input_vars = 6000
+ 
+ ; Maximum amount of memory a script may consume (128MB)
+ ; http://php.net/memory-limit
+-memory_limit = 128M
++memory_limit = 256M
+ 
+ ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+ ; Error handling and logging ;
+@@ -653,7 +654,7 @@
+ ; Its value may be 0 to disable the limit. It is ignored if POST data reading
+ ; is disabled through enable_post_data_reading.
+ ; http://php.net/post-max-size
+-post_max_size = 8M
++post_max_size = 60M
+ 
+ ; Automatically add files before PHP document.
+ ; http://php.net/auto-prepend-file
+@@ -806,7 +807,7 @@
+ 
+ ; Maximum allowed size for uploaded files.
+ ; http://php.net/upload-max-filesize
+-upload_max_filesize = 2M
++upload_max_filesize = 50M
+ 
+ ; Maximum number of files that can be uploaded via a single request
+ max_file_uploads = 20
+@@ -1038,7 +1039,7 @@
+ 
+ ; The path to a log file that will log all mail() calls. Log entries include
+ ; the full path of the script, line number, To address and headers.
+-;mail.log =
++mail.log = /var/log/php-mail.log
+ ; Log mail to syslog (Event Log on Windows).
+ ;mail.log = syslog
+ 
+@@ -1764,20 +1765,20 @@
+ 
+ [opcache]
+ ; Determines if Zend OPCache is enabled
+-;opcache.enable=0
++opcache.enable=1
+ 
+ ; Determines if Zend OPCache is enabled for the CLI version of PHP
+-;opcache.enable_cli=0
++opcache.enable_cli=0
+ 
+ ; The OPcache shared memory storage size.
+-;opcache.memory_consumption=64
++opcache.memory_consumption=512
+ 
+ ; The amount of memory for interned strings in Mbytes.
+ ;opcache.interned_strings_buffer=4
+ 
+ ; The maximum number of keys (scripts) in the OPcache hash table.
+ ; Only numbers between 200 and 1000000 are allowed.
+-;opcache.max_accelerated_files=2000
++opcache.max_accelerated_files=100000
+ 
+ ; The maximum percentage of "wasted" memory until a restart is scheduled.
+ ;opcache.max_wasted_percentage=5

From c5845ea8eaa41b0c23e081e29b61d3eba4783eb7 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 20 Aug 2019 22:54:47 +0200
Subject: [PATCH 0611/2300] Create php7.0-dedi.patch

---
 install/debian/9/php/php7.0-dedi.patch | 78 ++++++++++++++++++++++++++
 1 file changed, 78 insertions(+)
 create mode 100644 install/debian/9/php/php7.0-dedi.patch

diff --git a/install/debian/9/php/php7.0-dedi.patch b/install/debian/9/php/php7.0-dedi.patch
new file mode 100644
index 00000000..04af8325
--- /dev/null
+++ b/install/debian/9/php/php7.0-dedi.patch
@@ -0,0 +1,78 @@
+--- origin/etc/php/7.0/apache2/php.ini	2018-02-07 15:46:09.000000000 +0100
++++ vesta/etc/php/7.0/apache2/php.ini	2018-02-07 17:29:58.531325409 +0100
+@@ -296,7 +296,8 @@
+ ; This directive allows you to disable certain functions for security reasons.
+ ; It receives a comma-delimited list of function names.
+ ; http://php.net/disable-functions
+-disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
++; disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
++disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,exec,system,passthru,shell_exec,proc_open,popen
+ 
+ ; This directive allows you to disable certain classes for security reasons.
+ ; It receives a comma-delimited list of class names.
+@@ -382,11 +383,11 @@
+ ;max_input_nesting_level = 64
+ 
+ ; How many GET/POST/COOKIE input variables may be accepted
+-; max_input_vars = 1000
++max_input_vars = 6000
+ 
+ ; Maximum amount of memory a script may consume (128MB)
+ ; http://php.net/memory-limit
+-memory_limit = 128M
++memory_limit = 256M
+ 
+ ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+ ; Error handling and logging ;
+@@ -653,7 +654,7 @@
+ ; Its value may be 0 to disable the limit. It is ignored if POST data reading
+ ; is disabled through enable_post_data_reading.
+ ; http://php.net/post-max-size
+-post_max_size = 8M
++post_max_size = 60M
+ 
+ ; Automatically add files before PHP document.
+ ; http://php.net/auto-prepend-file
+@@ -806,7 +807,7 @@
+ 
+ ; Maximum allowed size for uploaded files.
+ ; http://php.net/upload-max-filesize
+-upload_max_filesize = 2M
++upload_max_filesize = 50M
+ 
+ ; Maximum number of files that can be uploaded via a single request
+ max_file_uploads = 20
+@@ -1038,7 +1039,7 @@
+ 
+ ; The path to a log file that will log all mail() calls. Log entries include
+ ; the full path of the script, line number, To address and headers.
+-;mail.log =
++mail.log = /var/log/php-mail.log
+ ; Log mail to syslog (Event Log on Windows).
+ ;mail.log = syslog
+ 
+@@ -1764,20 +1765,20 @@
+ 
+ [opcache]
+ ; Determines if Zend OPCache is enabled
+-;opcache.enable=0
++opcache.enable=1
+ 
+ ; Determines if Zend OPCache is enabled for the CLI version of PHP
+-;opcache.enable_cli=0
++opcache.enable_cli=0
+ 
+ ; The OPcache shared memory storage size.
+-;opcache.memory_consumption=64
++opcache.memory_consumption=2048
+ 
+ ; The amount of memory for interned strings in Mbytes.
+ ;opcache.interned_strings_buffer=4
+ 
+ ; The maximum number of keys (scripts) in the OPcache hash table.
+ ; Only numbers between 200 and 1000000 are allowed.
+-;opcache.max_accelerated_files=2000
++opcache.max_accelerated_files=100000
+ 
+ ; The maximum percentage of "wasted" memory until a restart is scheduled.
+ ;opcache.max_wasted_percentage=5

From b07f758003aa416dd97b51608ff8bab40433c1f6 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 20 Aug 2019 23:00:56 +0200
Subject: [PATCH 0612/2300] Create php7.3-vps.patch

---
 install/debian/10/php/php7.3-vps.patch | 78 ++++++++++++++++++++++++++
 1 file changed, 78 insertions(+)
 create mode 100644 install/debian/10/php/php7.3-vps.patch

diff --git a/install/debian/10/php/php7.3-vps.patch b/install/debian/10/php/php7.3-vps.patch
new file mode 100644
index 00000000..803b93e8
--- /dev/null
+++ b/install/debian/10/php/php7.3-vps.patch
@@ -0,0 +1,78 @@
+--- /etc/php/7.3/fpm/php.ini.orig	2019-07-18 16:11:18.856589963 +0200
++++ /etc/php/7.3/fpm/php.ini	2019-07-18 17:45:51.000000000 +0200
+@@ -312,7 +312,8 @@
+ ; This directive allows you to disable certain functions for security reasons.
+ ; It receives a comma-delimited list of function names.
+ ; http://php.net/disable-functions
+-disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,
++; disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,
++disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,exec,system,passthru,shell_exec,proc_open,popen
+ 
+ ; This directive allows you to disable certain classes for security reasons.
+ ; It receives a comma-delimited list of class names.
+@@ -399,11 +400,11 @@
+ ;max_input_nesting_level = 64
+ 
+ ; How many GET/POST/COOKIE input variables may be accepted
+-;max_input_vars = 1000
++max_input_vars = 6000
+ 
+ ; Maximum amount of memory a script may consume (128MB)
+ ; http://php.net/memory-limit
+-memory_limit = 128M
++memory_limit = 256M
+ 
+ ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+ ; Error handling and logging ;
+@@ -690,7 +691,7 @@
+ ; Its value may be 0 to disable the limit. It is ignored if POST data reading
+ ; is disabled through enable_post_data_reading.
+ ; http://php.net/post-max-size
+-post_max_size = 8M
++post_max_size = 60M
+ 
+ ; Automatically add files before PHP document.
+ ; http://php.net/auto-prepend-file
+@@ -842,7 +843,7 @@
+ 
+ ; Maximum allowed size for uploaded files.
+ ; http://php.net/upload-max-filesize
+-upload_max_filesize = 2M
++upload_max_filesize = 50M
+ 
+ ; Maximum number of files that can be uploaded via a single request
+ max_file_uploads = 20
+@@ -1087,7 +1088,7 @@
+ 
+ ; The path to a log file that will log all mail() calls. Log entries include
+ ; the full path of the script, line number, To address and headers.
+-;mail.log =
++mail.log = /var/log/php-mail.log
+ ; Log mail to syslog (Event Log on Windows).
+ ;mail.log = syslog
+ 
+@@ -1791,20 +1792,20 @@
+ 
+ [opcache]
+ ; Determines if Zend OPCache is enabled
+-;opcache.enable=1
++opcache.enable=1
+ 
+ ; Determines if Zend OPCache is enabled for the CLI version of PHP
+-;opcache.enable_cli=0
++opcache.enable_cli=0
+ 
+ ; The OPcache shared memory storage size.
+-;opcache.memory_consumption=128
++opcache.memory_consumption=512
+ 
+ ; The amount of memory for interned strings in Mbytes.
+ ;opcache.interned_strings_buffer=8
+ 
+ ; The maximum number of keys (scripts) in the OPcache hash table.
+ ; Only numbers between 200 and 1000000 are allowed.
+-;opcache.max_accelerated_files=10000
++opcache.max_accelerated_files=100000
+ 
+ ; The maximum percentage of "wasted" memory until a restart is scheduled.
+ ;opcache.max_wasted_percentage=5

From abb84aa403cdacba3869940f5dcbdd317f4f4d6d Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 20 Aug 2019 23:02:26 +0200
Subject: [PATCH 0613/2300] Create php7.3-dedi.patch

---
 install/debian/10/php/php7.3-dedi.patch | 78 +++++++++++++++++++++++++
 1 file changed, 78 insertions(+)
 create mode 100644 install/debian/10/php/php7.3-dedi.patch

diff --git a/install/debian/10/php/php7.3-dedi.patch b/install/debian/10/php/php7.3-dedi.patch
new file mode 100644
index 00000000..c044e002
--- /dev/null
+++ b/install/debian/10/php/php7.3-dedi.patch
@@ -0,0 +1,78 @@
+--- /etc/php/7.3/fpm/php.ini.orig	2019-07-18 16:11:18.856589963 +0200
++++ /etc/php/7.3/fpm/php.ini	2019-07-18 17:45:51.000000000 +0200
+@@ -312,7 +312,8 @@
+ ; This directive allows you to disable certain functions for security reasons.
+ ; It receives a comma-delimited list of function names.
+ ; http://php.net/disable-functions
+-disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,
++; disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,
++disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,exec,system,passthru,shell_exec,proc_open,popen
+ 
+ ; This directive allows you to disable certain classes for security reasons.
+ ; It receives a comma-delimited list of class names.
+@@ -399,11 +400,11 @@
+ ;max_input_nesting_level = 64
+ 
+ ; How many GET/POST/COOKIE input variables may be accepted
+-;max_input_vars = 1000
++max_input_vars = 6000
+ 
+ ; Maximum amount of memory a script may consume (128MB)
+ ; http://php.net/memory-limit
+-memory_limit = 128M
++memory_limit = 256M
+ 
+ ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+ ; Error handling and logging ;
+@@ -690,7 +691,7 @@
+ ; Its value may be 0 to disable the limit. It is ignored if POST data reading
+ ; is disabled through enable_post_data_reading.
+ ; http://php.net/post-max-size
+-post_max_size = 8M
++post_max_size = 60M
+ 
+ ; Automatically add files before PHP document.
+ ; http://php.net/auto-prepend-file
+@@ -842,7 +843,7 @@
+ 
+ ; Maximum allowed size for uploaded files.
+ ; http://php.net/upload-max-filesize
+-upload_max_filesize = 2M
++upload_max_filesize = 50M
+ 
+ ; Maximum number of files that can be uploaded via a single request
+ max_file_uploads = 20
+@@ -1087,7 +1088,7 @@
+ 
+ ; The path to a log file that will log all mail() calls. Log entries include
+ ; the full path of the script, line number, To address and headers.
+-;mail.log =
++mail.log = /var/log/php-mail.log
+ ; Log mail to syslog (Event Log on Windows).
+ ;mail.log = syslog
+ 
+@@ -1791,20 +1792,20 @@
+ 
+ [opcache]
+ ; Determines if Zend OPCache is enabled
+-;opcache.enable=1
++opcache.enable=1
+ 
+ ; Determines if Zend OPCache is enabled for the CLI version of PHP
+-;opcache.enable_cli=0
++opcache.enable_cli=0
+ 
+ ; The OPcache shared memory storage size.
+-;opcache.memory_consumption=128
++opcache.memory_consumption=2048
+ 
+ ; The amount of memory for interned strings in Mbytes.
+ ;opcache.interned_strings_buffer=8
+ 
+ ; The maximum number of keys (scripts) in the OPcache hash table.
+ ; Only numbers between 200 and 1000000 are allowed.
+-;opcache.max_accelerated_files=10000
++opcache.max_accelerated_files=100000
+ 
+ ; The maximum percentage of "wasted" memory until a restart is scheduled.
+ ;opcache.max_wasted_percentage=5

From 70397a79fb22da78261f9dd32951493577336afd Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 20 Aug 2019 23:05:25 +0200
Subject: [PATCH 0614/2300] Securing php.ini

---
 install/vst-install-debian.sh | 43 ++++++++++++++++++++++++++++++++++-
 1 file changed, 42 insertions(+), 1 deletion(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index eb7f40a4..2d6affd3 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1140,7 +1140,6 @@ if [ "$exim" = 'yes' ]; then
 
     update-rc.d exim4 defaults
     service exim4 start
-    check_result $? "exim4 start failed"
 fi
 
 
@@ -1442,6 +1441,48 @@ $VESTA/upd/add_notifications.sh
 $VESTA/bin/v-add-cron-vesta-autoupdate
 
 
+#----------------------------------------------------------#
+#                   Custom work                            #
+#----------------------------------------------------------#
+
+echo "=== Installing additional PHP libs"
+if [ "$release" -eq 9 ]; then
+  apt-get -y install php7.0-apcu php7.0-mbstring php7.0-bcmath php7.0-curl php7.0-gd php7.0-intl php7.0-mcrypt php7.0-mysql php7.0-mysqlnd php7.0-pdo php7.0-soap php7.0-json php7.0-xml php7.0-zip php7.0-memcache php7.0-memcached php7.0-zip
+fi
+if [ "$release" -eq 10 ]; then
+  apt-get -y install php7.3-apcu php7.3-mbstring php7.3-bcmath php7.3-curl php7.3-gd php7.3-intl php7.3-mysql php7.3-mysqlnd php7.3-pdo php7.3-soap php7.3-json php7.3-xml php7.3-zip php7.3-memcache php7.3-memcached php7.3-zip
+fi
+
+touch /var/log/php-mail.log
+chmod a=rw /var/log/php-mail.log
+
+if [ "$release" -eq 9 ]; then
+  if [ $memory -lt 10000000 ]; then
+    echo "=== Patching php7.0-vps"
+    mkdir -p /root/vesta-temp-dl/vesta/patch
+    cp $vestacp/php/php7.0-vps.patch /root/vesta-temp-dl/vesta/patch/php7.0-vps.patch
+    patch -p1 --directory=/ < /root/vesta-temp-dl/vesta/patch/php7.0-vps.patch
+  fi
+  if [ $memory -gt 9999999 ]; then
+    echo "=== Patching php7.0-dedi"
+    mkdir -p /root/vesta-temp-dl/vesta/patch
+    cp $vestacp/php/php7.0-dedi.patch /root/vesta-temp-dl/vesta/patch/php7.0-dedi.patch
+    patch -p1 --directory=/ < /root/vesta-temp-dl/vesta/patch/php7.0-dedi.patch
+  fi
+fi
+if [ "$release" -eq 10 ]; then
+  if [ $memory -lt 10000000 ]; then
+    echo "=== Patching php7.3-vps"
+    patch /etc/php/7.3/fpm/php.ini < $vestacp/php/php7.3-vps.patch
+  fi
+  if [ $memory -gt 9999999 ]; then
+    echo "=== Patching php7.3-dedi"
+    patch /etc/php/7.3/fpm/php.ini < $vestacp/php/php7.3-dedi.patch
+  fi
+  service php7.3-fpm restart
+fi
+
+
 #----------------------------------------------------------#
 #                   Vesta Access Info                      #
 #----------------------------------------------------------#

From c4c720838d08beab5963d8a63c368009866dce5b Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 20 Aug 2019 23:26:35 +0200
Subject: [PATCH 0615/2300] Update README.md

---
 README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README.md b/README.md
index 7397d813..29f8c66a 100644
--- a/README.md
+++ b/README.md
@@ -24,6 +24,7 @@ Features
 + We disabled dangerous PHP functions in php.ini, so even if customer's CMS was compromised, hacker will not be able to execute shell from PHP.
 
 + Apache is fully switched to mpm_event mode, PHP is running in PHP-FPM, which is the most stable PHP-stack solution
+    + OPCache is turned on by default
 
 + Support for multi-PHP versions - https://forum.vestacp.com/viewtopic.php?t=17129
 

From 169ddfcbac487d18472045a2f909264a3909df28 Mon Sep 17 00:00:00 2001
From: flackjap 
Date: Tue, 20 Aug 2019 23:58:50 +0200
Subject: [PATCH 0616/2300] Update README.md

Grammar and eloquence suggestions
---
 README.md | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/README.md b/README.md
index 29f8c66a..27344d70 100644
--- a/README.md
+++ b/README.md
@@ -5,8 +5,8 @@ MyVesta Control Panel
 * Focused on security and stability
 * Therefore, only Debian is supported - keeping focus on ONE eco-system - not wasting energy on compatibility with other Linux distributions
 * It will always be synchronized with official VestaCP commits
-* All VestaCP commercial plugins can be purchased only on official vestacp.com - we will not take their earnings - we are not making this fork because of money - but because a freedom to enhance security and features
-* All features that is added here will be offered to official VestaCP through pull-requests
+* VestaCP commercial plugins will be still only available for purchase on official vestacp.com website - we will NOT take their earnings, since we are not making this fork for monetary reasons. Instead, we are doing this with open source in mind - to enhance security and to build new features, without being interlocked with official VestaCP release cycles, and without affecting or heavily diverting from the VestaCP's planned development milestones
+* With previous in mind, all features that are added in this fork, will be offered to official VestaCP through pull-request mechanisms
 
 Features
 ==================================================
@@ -16,14 +16,14 @@ Features
 + You can totally "lock" VestsCP so it can be accessed only via https://serverhost:8083/?MY-SECRET-URL
     + After MyVesta installation just execute:
     + `echo " /usr/local/vesta/web/inc/login_url.php`
-    + Literally no one PHP script will be alive before you access that URL, so even if there is some zero-day exploit - hacker will not be able to access it without knowing your secret URL. PHP scripts from VestaCP will be simlpy dead - nothing will interact with someone who don't know your secret-URL.
-    + You can see how mechanism was built by looking at:
+    + Literally no PHP scripts will be alive (won't be able to get executed), unless you access the URL with that parameter. Thus, when it happens that, let's say, some zero-day exploit pops up - hacker will not be able to access it without knowing your secret URL. PHP scripts from VestaCP will be simply dead - noone will be able to interact with your panel unless he has the secret URL.
+    + You can see for yourself how mechanism was built by looking at:
       + https://github.com/myvesta/vesta/blob/master/src/deb/for-download/php/php.ini#L496
       + https://github.com/myvesta/vesta/blob/master/web/inc/secure_login.php
 
-+ We disabled dangerous PHP functions in php.ini, so even if customer's CMS was compromised, hacker will not be able to execute shell from PHP.
++ We disabled dangerous PHP functions in php.ini, so even if, for example, customer's CMS gets compromised, hacker will not be able to execute shell scripts from PHP.
 
-+ Apache is fully switched to mpm_event mode, PHP is running in PHP-FPM, which is the most stable PHP-stack solution
++ Apache is fully switched to mpm_event mode, while PHP is running in PHP-FPM, which is the most stable PHP-stack solution
     + OPCache is turned on by default
 
 + Support for multi-PHP versions - https://forum.vestacp.com/viewtopic.php?t=17129
@@ -31,7 +31,7 @@ Features
 + You can compile Vesta binaries by yourself - https://github.com/myvesta/vesta/blob/master/src/deb/vesta_compile.sh
     + You can even create your own APT repositorium in a minute
     + We are using latest nginx version for vesta-nginx package
-    + With your own APT infrastructure you can take a security of Vesta-installer infrastructure in your own hands, you have full control of your Vesta code
+    + With your own APT infrastructure you can take a security of Vesta-installer infrastructure in your own hands, you have full control of your Vesta code (this way you can rest assured that there's 0% chance that you'll install malicious packages from repositories that may get hacked)
 
 How to install
 ----------------------------

From a0f940da35486399ca91c32b63ecbcdc14a6f327 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Wed, 21 Aug 2019 00:03:35 +0200
Subject: [PATCH 0617/2300] Update README.md

---
 README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 27344d70..be5925dd 100644
--- a/README.md
+++ b/README.md
@@ -11,12 +11,12 @@ MyVesta Control Panel
 Features
 ==================================================
 
-+ Support for Debian 10
++ Support for Debian 10 (previous releases are also supported)
 
 + You can totally "lock" VestsCP so it can be accessed only via https://serverhost:8083/?MY-SECRET-URL
     + After MyVesta installation just execute:
     + `echo " /usr/local/vesta/web/inc/login_url.php`
-    + Literally no PHP scripts will be alive (won't be able to get executed), unless you access the URL with that parameter. Thus, when it happens that, let's say, some zero-day exploit pops up - hacker will not be able to access it without knowing your secret URL. PHP scripts from VestaCP will be simply dead - noone will be able to interact with your panel unless he has the secret URL.
+    + Literally no PHP scripts will be alive (won't be able to get executed), unless you access the URL with that parameter. Thus, when it happens that, let's say, some zero-day exploit pops up - hacker will not be able to access it without knowing your secret URL. PHP scripts from VestaCP will be simply dead - no one will be able to interact with your panel unless he has the secret URL.
     + You can see for yourself how mechanism was built by looking at:
       + https://github.com/myvesta/vesta/blob/master/src/deb/for-download/php/php.ini#L496
       + https://github.com/myvesta/vesta/blob/master/web/inc/secure_login.php

From d6c8c10d0686d66f64ad0fd826277cc2fd279fc9 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Wed, 21 Aug 2019 00:05:04 +0200
Subject: [PATCH 0618/2300] Update README.md

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index be5925dd..0a876b94 100644
--- a/README.md
+++ b/README.md
@@ -21,7 +21,7 @@ Features
       + https://github.com/myvesta/vesta/blob/master/src/deb/for-download/php/php.ini#L496
       + https://github.com/myvesta/vesta/blob/master/web/inc/secure_login.php
 
-+ We disabled dangerous PHP functions in php.ini, so even if, for example, customer's CMS gets compromised, hacker will not be able to execute shell scripts from PHP.
++ We disabled dangerous PHP functions in php.ini, so even if, for example, customer's CMS gets compromised, hacker will not be able to execute "shell" from PHP.
 
 + Apache is fully switched to mpm_event mode, while PHP is running in PHP-FPM, which is the most stable PHP-stack solution
     + OPCache is turned on by default

From a699f9aecf5967cf6babb26568756581542517b3 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Wed, 21 Aug 2019 00:14:01 +0200
Subject: [PATCH 0619/2300] Update README.md

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 0a876b94..38ae49e9 100644
--- a/README.md
+++ b/README.md
@@ -5,7 +5,7 @@ MyVesta Control Panel
 * Focused on security and stability
 * Therefore, only Debian is supported - keeping focus on ONE eco-system - not wasting energy on compatibility with other Linux distributions
 * It will always be synchronized with official VestaCP commits
-* VestaCP commercial plugins will be still only available for purchase on official vestacp.com website - we will NOT take their earnings, since we are not making this fork for monetary reasons. Instead, we are doing this with open source in mind - to enhance security and to build new features, without being interlocked with official VestaCP release cycles, and without affecting or heavily diverting from the VestaCP's planned development milestones
+* VestaCP commercial plugins will be only available for purchase on official vestacp.com website - we will NOT take their earnings, since we are not making this fork for monetary reasons. Instead, we are doing this with open source in mind - to enhance security and to build new features, without being interlocked with official VestaCP release cycles, and without affecting or heavily diverting from the VestaCP's planned development milestones
 * With previous in mind, all features that are added in this fork, will be offered to official VestaCP through pull-request mechanisms
 
 Features

From e13fb654248e1afb600012878d26121a1a778116 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Wed, 21 Aug 2019 00:37:19 +0200
Subject: [PATCH 0620/2300] Update vesta_compile.sh

---
 src/deb/vesta_compile.sh | 60 ++++++++++++++++++++++++----------------
 1 file changed, 36 insertions(+), 24 deletions(-)

diff --git a/src/deb/vesta_compile.sh b/src/deb/vesta_compile.sh
index a7fd97d7..18ce6c92 100644
--- a/src/deb/vesta_compile.sh
+++ b/src/deb/vesta_compile.sh
@@ -127,8 +127,8 @@ for arg; do
       PHP_B='true'
       VESTA_B='true'
       VESTAGIT_B='true'
-	  CWEB_B='true'
-	  APTWEB_B='true'
+      CWEB_B='true'
+      APTWEB_B='true'
       ;;
     --nginx)
       NGINX_B='true'
@@ -142,6 +142,9 @@ for arg; do
     --git)
       VESTAGIT_B='true'
       ;;
+    --git)
+      VESTAGIT_B='true'
+      ;;
     --c)
       CWEB_B='true'
       ;;
@@ -175,6 +178,15 @@ if [ $build_deb_package -eq 1 ]; then
   if [ "$NGINX_B" = true ]; then
     VESTAGIT_B='true'
   fi
+  
+  if [ "$CWEB_B" = true ]; then
+    if [ $# -gt 1 ]; then
+      if [ $2 = "--nogit" ]; then
+        VESTAGIT_B='false'
+      fi
+    fi
+  fi
+
 fi
 
 if [ ! -d "$BUILD_DIR" ]; then
@@ -310,10 +322,10 @@ if [ "$NGINX_B" = true ]; then
       
       press_enter "=== Press enter to download and unpack source files"
     
-	  rm -rf nginx-$NGINX_V
-	  rm -rf openssl-$OPENSSL_V
-	  rm -rf pcre-$PCRE_V
-	  rm -rf zlib-$ZLIB_V
+      rm -rf nginx-$NGINX_V
+      rm -rf openssl-$OPENSSL_V
+      rm -rf pcre-$PCRE_V
+      rm -rf zlib-$ZLIB_V
       wget -nv -qO- $NGINX | tar xz
       wget -nv -qO- $OPENSSL | tar xz
       wget -nv -qO- $PCRE | tar xz
@@ -323,20 +335,20 @@ if [ "$NGINX_B" = true ]; then
       cd nginx-$NGINX_V
       
       press_enter "=== Press enter to configure nginx"
-      ./configure 	--prefix=$INSTALL_DIR/nginx \
-      		--with-http_ssl_module \
-      		--with-openssl=../openssl-$OPENSSL_V \
-      		--with-openssl-opt=enable-ec_nistp_64_gcc_128 \
-      		--with-openssl-opt=no-nextprotoneg \
-      		--with-openssl-opt=no-weak-ssl-ciphers \
-      		--with-openssl-opt=no-ssl3 \
-      		--with-pcre=../pcre-$PCRE_V \
-      	        --with-pcre-jit \
-      		--with-zlib=../zlib-$ZLIB_V
+      ./configure     --prefix=$INSTALL_DIR/nginx \
+              --with-http_ssl_module \
+              --with-openssl=../openssl-$OPENSSL_V \
+              --with-openssl-opt=enable-ec_nistp_64_gcc_128 \
+              --with-openssl-opt=no-nextprotoneg \
+              --with-openssl-opt=no-weak-ssl-ciphers \
+              --with-openssl-opt=no-ssl3 \
+              --with-pcre=../pcre-$PCRE_V \
+                  --with-pcre-jit \
+              --with-zlib=../zlib-$ZLIB_V
       
       # Check install directory and remove if exists
       if [ -d $INSTALL_DIR/nginx ]; then
-      	rm -rf $INSTALL_DIR/nginx
+          rm -rf $INSTALL_DIR/nginx
       fi
       
       press_enter "=== Press enter to make && make install"
@@ -405,10 +417,10 @@ if [ "$PHP_B" = true ]; then
     BUILDING_NOW=0
     # Check if target directory exist
     if [ ! -d "$BUILD_DIR/php-$PHP_V" ] || [ ! -d "$INSTALL_DIR/nginx" ]; then
-	  BUILDING_NOW=1
+      BUILDING_NOW=1
       
       echo "=== Download and unpack source files"
-	  rm -rf php-$PHP_V
+      rm -rf php-$PHP_V
       wget -nv -qO- $PHP | tar xz
       
       echo "=== Change to php directory php-$PHP_V"
@@ -429,7 +441,7 @@ if [ "$PHP_B" = true ]; then
       
       # Check install directory and remove if exists
       if [ -d $INSTALL_DIR/php ]; then
-      	rm -rf $INSTALL_DIR/php
+          rm -rf $INSTALL_DIR/php
       fi
     
       press_enter "=== Press enter to create the files and install them ==============================================================================="
@@ -498,7 +510,7 @@ if [ "$VESTA_B" = true ]; then
     
     # Check if target directory exist
     if [ -d $BUILD_DIR/vesta_$VESTA_V ]; then
-    	rm -rf $BUILD_DIR/vesta_$VESTA_V
+        rm -rf $BUILD_DIR/vesta_$VESTA_V
     fi
     
     # Create directory
@@ -532,11 +544,11 @@ if [ "$VESTA_B" = true ]; then
   if [ $add_deb_to_apt_repo -eq 1 ]; then
     if [ "$TARGET_DEB_NAME_MAIN" != "$TARGET_DEB_NAME" ]; then
       cd $BUILD_DIR
-	  if [ -f "vesta_$VESTA_V.deb" ]; then
+      if [ -f "vesta_$VESTA_V.deb" ]; then
         rm vesta_$VESTA_V.deb
-	  fi
+      fi
       cp $BUILD_DIR_MAIN/vesta_$VESTA_V.deb $BUILD_DIR/vesta_$VESTA_V.deb
-	fi
+    fi
     add_to_repo "vesta"
   fi
 

From 2c242d152dc84b10c9290a4443e96706503fa9cb Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Wed, 21 Aug 2019 01:33:39 +0200
Subject: [PATCH 0621/2300] Update secure_login.php

---
 web/inc/secure_login.php | 28 +++++++++++++++-------------
 1 file changed, 15 insertions(+), 13 deletions(-)

diff --git a/web/inc/secure_login.php b/web/inc/secure_login.php
index bf302792..28e6cb00 100644
--- a/web/inc/secure_login.php
+++ b/web/inc/secure_login.php
@@ -1,28 +1,30 @@
 
Date: Wed, 21 Aug 2019 01:35:38 +0200
Subject: [PATCH 0622/2300] Update secure_login.php

---
 web/inc/secure_login.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/inc/secure_login.php b/web/inc/secure_login.php
index 28e6cb00..4cb5aef2 100644
--- a/web/inc/secure_login.php
+++ b/web/inc/secure_login.php
@@ -9,7 +9,7 @@ if ($_SERVER['SCRIPT_FILENAME']=='/usr/local/vesta/web//reset/mail/set-ar.php')
 if ($_SERVER['SCRIPT_FILENAME']=='/usr/local/vesta/web/reset/mail/get-ar.php') $skip_login_url_check=1;
 if ($_SERVER['SCRIPT_FILENAME']=='/usr/local/vesta/web//reset/mail/get-ar.php') $skip_login_url_check=1;
 
-if (substr($_SERVER['SCRIPT_FILENAME'], 0, 21)=='/usr/local/vesta/bin/') $skip_login_url_check=1; // allow executing PHP scripts from v-* bash scripts
+if (substr($_SERVER['SCRIPT_FILENAME'], 0, 21)=='/usr/local/vesta/bin/') $skip_login_url_check=1; // allow executing v-* PHP scripts
 
 if ($skip_login_url_check==0) {
     if (!isset($login_url_loaded)) {

From 052031d1039a6e668658bd053f352ac93a57cb2f Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Wed, 21 Aug 2019 02:05:12 +0200
Subject: [PATCH 0623/2300] Update secure_login.php

---
 web/inc/secure_login.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/inc/secure_login.php b/web/inc/secure_login.php
index 4cb5aef2..46393d79 100644
--- a/web/inc/secure_login.php
+++ b/web/inc/secure_login.php
@@ -9,7 +9,7 @@ if ($_SERVER['SCRIPT_FILENAME']=='/usr/local/vesta/web//reset/mail/set-ar.php')
 if ($_SERVER['SCRIPT_FILENAME']=='/usr/local/vesta/web/reset/mail/get-ar.php') $skip_login_url_check=1;
 if ($_SERVER['SCRIPT_FILENAME']=='/usr/local/vesta/web//reset/mail/get-ar.php') $skip_login_url_check=1;
 
-if (substr($_SERVER['SCRIPT_FILENAME'], 0, 21)=='/usr/local/vesta/bin/') $skip_login_url_check=1; // allow executing v-* PHP scripts
+if (substr($_SERVER['SCRIPT_FILENAME'], 0, 21)=='/usr/local/vesta/bin/') $skip_login_url_check=1; // allow executing v-* PHP scripts from bash
 
 if ($skip_login_url_check==0) {
     if (!isset($login_url_loaded)) {

From e821948b8ba2ec8cbd2066656bb786740dfda942 Mon Sep 17 00:00:00 2001
From: flackjap 
Date: Wed, 21 Aug 2019 10:03:36 +0200
Subject: [PATCH 0624/2300] Typos in readme

---
 README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 38ae49e9..84f44366 100644
--- a/README.md
+++ b/README.md
@@ -13,7 +13,7 @@ Features
 
 + Support for Debian 10 (previous releases are also supported)
 
-+ You can totally "lock" VestsCP so it can be accessed only via https://serverhost:8083/?MY-SECRET-URL
++ You can totally "lock" VestaCP so it can be accessed only via https://serverhost:8083/?MY-SECRET-URL
     + After MyVesta installation just execute:
     + `echo " /usr/local/vesta/web/inc/login_url.php`
     + Literally no PHP scripts will be alive (won't be able to get executed), unless you access the URL with that parameter. Thus, when it happens that, let's say, some zero-day exploit pops up - hacker will not be able to access it without knowing your secret URL. PHP scripts from VestaCP will be simply dead - no one will be able to interact with your panel unless he has the secret URL.
@@ -31,7 +31,7 @@ Features
 + You can compile Vesta binaries by yourself - https://github.com/myvesta/vesta/blob/master/src/deb/vesta_compile.sh
     + You can even create your own APT repositorium in a minute
     + We are using latest nginx version for vesta-nginx package
-    + With your own APT infrastructure you can take a security of Vesta-installer infrastructure in your own hands, you have full control of your Vesta code (this way you can rest assured that there's 0% chance that you'll install malicious packages from repositories that may get hacked)
+    + With your own APT infrastructure you can take security of Vesta-installer infrastructure in your own hands. You will have full control of your Vesta code (this way you can rest assured that there's 0% chance that you'll install malicious packages from repositories that may get hacked)
 
 How to install
 ----------------------------

From 1b1851997887df3d321f52474c3768c224d0d406 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 23 Aug 2019 16:11:54 +0200
Subject: [PATCH 0625/2300] Auto-generating LE SSL for hostname

---
 install/vst-install-debian.sh | 34 ++++++++++++++++++++++++++++------
 1 file changed, 28 insertions(+), 6 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 2d6affd3..7f0c51f9 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1482,17 +1482,39 @@ if [ "$release" -eq 10 ]; then
   service php7.3-fpm restart
 fi
 
+# Comparing hostname and ip
+make_ssl=0
+host_ip=$(host $servername | head -n 1 | awk '{print $NF}')
+if [ "$host_ip" = "$ip" ]; then
+    ip="$servername"
+    make_ssl=1
+fi
+
+# Generating LE SSL
+www_host="www.$servername"
+www_host_ip=$(host $www_host | head -n 1 | awk '{print $NF}')
+if [ "$www_host_ip" != "$ip" ]; then
+    echo "=== Deleting www to server hostname"
+    v-delete-web-domain-alias 'admin' "$servername" "$www_host" 'no'
+    v-delete-dns-on-web-alias 'admin' "$servername" "$www_host" 'no'
+    www_host=""
+fi
+
+echo "Hostname $servername is pointing to $host_ip"
+
+if [ $make_ssl -eq 1 ]; then
+    echo "=== Generating HOSTNAME SSL"
+    v-add-letsencrypt-domain 'admin' "$servername" "$www_host" 'yes'
+    v-update-host-certificate 'admin' "$servername"
+else
+    echo "=== We will not generate SSL because of this"
+fi
+echo "UPDATE_HOSTNAME_SSL='yes'" >> /usr/local/vesta/conf/vesta.conf
 
 #----------------------------------------------------------#
 #                   Vesta Access Info                      #
 #----------------------------------------------------------#
 
-# Comparing hostname and ip
-host_ip=$(host $servername| head -n 1 | awk '{print $NF}')
-if [ "$host_ip" = "$ip" ]; then
-    ip="$servername"
-fi
-
 # Sending notification to admin email
 echo -e "Congratulations, you have just successfully installed \
 Vesta Control Panel

From 75c921832bebb96a77f13b3ce7ceda657e333c00 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 23 Aug 2019 17:33:31 +0200
Subject: [PATCH 0626/2300] Update README.md

---
 README.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/README.md b/README.md
index 84f44366..7703edb1 100644
--- a/README.md
+++ b/README.md
@@ -28,6 +28,8 @@ Features
 
 + Support for multi-PHP versions - https://forum.vestacp.com/viewtopic.php?t=17129
 
++ Auto-generating LetsEncrypt SSL for server hostname (signed SSL for Vesta 8083 port, for dovecot (IMAP & POP3) and for Exim (SMTP))
+
 + You can compile Vesta binaries by yourself - https://github.com/myvesta/vesta/blob/master/src/deb/vesta_compile.sh
     + You can even create your own APT repositorium in a minute
     + We are using latest nginx version for vesta-nginx package

From 0d621b0991a98050c5d079f0e4d1447516900bdd Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 23 Aug 2019 18:58:42 +0200
Subject: [PATCH 0627/2300] Exim conf enhancements

---
 install/debian/10/exim/exim4.conf.template | 44 ++++++++++++++++------
 1 file changed, 33 insertions(+), 11 deletions(-)

diff --git a/install/debian/10/exim/exim4.conf.template b/install/debian/10/exim/exim4.conf.template
index bfb98e0b..67647934 100644
--- a/install/debian/10/exim/exim4.conf.template
+++ b/install/debian/10/exim/exim4.conf.template
@@ -4,9 +4,9 @@
 #                                                                    #
 ######################################################################
 
-#SPAMASSASSIN = yes
-#SPAM_SCORE = 50
-#CLAMD =  yes
+SPAMASSASSIN = yes
+SPAM_SCORE = 50
+CLAMD =  yes
 
 disable_ipv6=true
 add_environment=<; PATH=/bin:/usr/bin
@@ -42,7 +42,7 @@ tls_on_connect_ports = 465
 never_users = root
 host_lookup = *
 rfc1413_hosts = *
-rfc1413_query_timeout = 5s
+rfc1413_query_timeout = 0s
 ignore_bounce_errors_after = 2d
 timeout_frozen_after = 7d
 
@@ -56,8 +56,20 @@ DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}
 #                       ACL CONFIGURATION                            #
 #         Specifies access control lists for incoming SMTP mail      #
 ######################################################################
+
+acl_not_smtp = acl_not_smtp
+
 begin acl
 
+acl_not_smtp:
+  deny message = Web site is sending too much emails [limitlog]: deny / account / $authenticated_id / $sender_rate / $sender_rate_period
+  ratelimit = 40 / 1h / $authenticated_id
+
+  warn ratelimit = 0 / 1h / strict / $authenticated_id
+  log_message = Sender rate [limitlog]: log / account / $authenticated_id / $sender_rate / $sender_rate_period
+
+  accept
+
 acl_check_spammers:
   accept  hosts         = +whitelist
 
@@ -74,6 +86,7 @@ acl_check_mail:
 
   drop    message       = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid
           condition     = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}}
+          condition     = ${if match{${lc:$sender_host_name}}{.telenor.rs}{false}{true}}
           condition     = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}}
           delay         = 45s
 
@@ -89,6 +102,12 @@ acl_check_mail:
 acl_check_rcpt:
   accept  hosts         = :
 
+  deny message = Email account is sending too much emails [limitlog]: deny / email / $authenticated_id / $sender_rate / $sender_rate_period
+  ratelimit = 40 / 1h / $authenticated_id
+
+  warn ratelimit = 0 / 1h / strict / $authenticated_id
+  log_message = Sender rate [limitlog]: log / email / $authenticated_id / $sender_rate / $sender_rate_period
+
   deny    message       = Restricted characters in address
           domains       = +local_domains
           local_parts   = ^[.] : ^.*[@%!/|]
@@ -136,9 +155,12 @@ acl_check_rcpt:
 
 
 acl_check_data:
+
+  deny senders = /etc/exim4/deny_senders
+
 .ifdef CLAMD
   deny   message        = Message contains a virus ($malware_name) and has been rejected
-         malware        = *
+         malware        = */defer_ok
          condition      = ${if eq{$acl_m0}{yes}{yes}{no}}
 .endif
 
@@ -164,7 +186,7 @@ acl_check_data:
 
 acl_check_mime:
   deny   message        = Blacklisted file extension detected
-         condition      = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}}
+         condition      = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh|\.jar)$\N}{1}{0}}
 
   accept
 
@@ -209,6 +231,11 @@ dnslookup:
   transport = remote_smtp
   no_more
 
+localuser_spam:
+  driver = accept
+  transport = local_spam_delivery
+  condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{yes}{no_such_user}}}}
+
 userforward:
   driver = redirect
   check_local_user
@@ -250,11 +277,6 @@ localuser_fwd_only:
   transport = devnull
   condition = ${if exists{/etc/exim4/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/fwd_only}{true}{false}}}}
 
-localuser_spam:
-  driver = accept
-  transport = local_spam_delivery
-  condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{yes}{no_such_user}}}}
-
 localuser:
   driver = accept
   transport = local_delivery

From f1a1c0e0a684096e99b4cb145fa6d5b2e9205722 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 23 Aug 2019 18:59:43 +0200
Subject: [PATCH 0628/2300] Create deny_senders

---
 install/debian/10/exim/deny_senders | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 install/debian/10/exim/deny_senders

diff --git a/install/debian/10/exim/deny_senders b/install/debian/10/exim/deny_senders
new file mode 100644
index 00000000..8b137891
--- /dev/null
+++ b/install/debian/10/exim/deny_senders
@@ -0,0 +1 @@
+

From a1c95d029094cb836b1dc4f4ce6bc6d6469553e2 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 23 Aug 2019 19:01:47 +0200
Subject: [PATCH 0629/2300] installer: copy exim4 deny_senders

---
 install/vst-install-debian.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 7f0c51f9..5f491b90 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1118,6 +1118,7 @@ if [ "$exim" = 'yes' ]; then
     cp -f $vestacp/exim/exim4.conf.template /etc/exim4/
     cp -f $vestacp/exim/dnsbl.conf /etc/exim4/
     cp -f $vestacp/exim/spam-blocks.conf /etc/exim4/
+    cp -f $vestacp/exim/deny_senders /etc/exim4/
     touch /etc/exim4/white-blocks.conf
 
     if [ "$spamd" = 'yes' ]; then

From 69496e093498284f45d1003258a95184099a4f32 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 23 Aug 2019 19:46:33 +0200
Subject: [PATCH 0630/2300] Create deny_senders

---
 install/debian/9/exim/deny_senders | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 install/debian/9/exim/deny_senders

diff --git a/install/debian/9/exim/deny_senders b/install/debian/9/exim/deny_senders
new file mode 100644
index 00000000..8b137891
--- /dev/null
+++ b/install/debian/9/exim/deny_senders
@@ -0,0 +1 @@
+

From 7b50f5f3f17e629637199cdec56879d3426db42d Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 23 Aug 2019 19:47:52 +0200
Subject: [PATCH 0631/2300] Update exim4.conf.template

---
 install/debian/9/exim/exim4.conf.template | 44 +++++++++++++++++------
 1 file changed, 33 insertions(+), 11 deletions(-)

diff --git a/install/debian/9/exim/exim4.conf.template b/install/debian/9/exim/exim4.conf.template
index bfb98e0b..67647934 100644
--- a/install/debian/9/exim/exim4.conf.template
+++ b/install/debian/9/exim/exim4.conf.template
@@ -4,9 +4,9 @@
 #                                                                    #
 ######################################################################
 
-#SPAMASSASSIN = yes
-#SPAM_SCORE = 50
-#CLAMD =  yes
+SPAMASSASSIN = yes
+SPAM_SCORE = 50
+CLAMD =  yes
 
 disable_ipv6=true
 add_environment=<; PATH=/bin:/usr/bin
@@ -42,7 +42,7 @@ tls_on_connect_ports = 465
 never_users = root
 host_lookup = *
 rfc1413_hosts = *
-rfc1413_query_timeout = 5s
+rfc1413_query_timeout = 0s
 ignore_bounce_errors_after = 2d
 timeout_frozen_after = 7d
 
@@ -56,8 +56,20 @@ DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}
 #                       ACL CONFIGURATION                            #
 #         Specifies access control lists for incoming SMTP mail      #
 ######################################################################
+
+acl_not_smtp = acl_not_smtp
+
 begin acl
 
+acl_not_smtp:
+  deny message = Web site is sending too much emails [limitlog]: deny / account / $authenticated_id / $sender_rate / $sender_rate_period
+  ratelimit = 40 / 1h / $authenticated_id
+
+  warn ratelimit = 0 / 1h / strict / $authenticated_id
+  log_message = Sender rate [limitlog]: log / account / $authenticated_id / $sender_rate / $sender_rate_period
+
+  accept
+
 acl_check_spammers:
   accept  hosts         = +whitelist
 
@@ -74,6 +86,7 @@ acl_check_mail:
 
   drop    message       = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid
           condition     = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}}
+          condition     = ${if match{${lc:$sender_host_name}}{.telenor.rs}{false}{true}}
           condition     = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}}
           delay         = 45s
 
@@ -89,6 +102,12 @@ acl_check_mail:
 acl_check_rcpt:
   accept  hosts         = :
 
+  deny message = Email account is sending too much emails [limitlog]: deny / email / $authenticated_id / $sender_rate / $sender_rate_period
+  ratelimit = 40 / 1h / $authenticated_id
+
+  warn ratelimit = 0 / 1h / strict / $authenticated_id
+  log_message = Sender rate [limitlog]: log / email / $authenticated_id / $sender_rate / $sender_rate_period
+
   deny    message       = Restricted characters in address
           domains       = +local_domains
           local_parts   = ^[.] : ^.*[@%!/|]
@@ -136,9 +155,12 @@ acl_check_rcpt:
 
 
 acl_check_data:
+
+  deny senders = /etc/exim4/deny_senders
+
 .ifdef CLAMD
   deny   message        = Message contains a virus ($malware_name) and has been rejected
-         malware        = *
+         malware        = */defer_ok
          condition      = ${if eq{$acl_m0}{yes}{yes}{no}}
 .endif
 
@@ -164,7 +186,7 @@ acl_check_data:
 
 acl_check_mime:
   deny   message        = Blacklisted file extension detected
-         condition      = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}}
+         condition      = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh|\.jar)$\N}{1}{0}}
 
   accept
 
@@ -209,6 +231,11 @@ dnslookup:
   transport = remote_smtp
   no_more
 
+localuser_spam:
+  driver = accept
+  transport = local_spam_delivery
+  condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{yes}{no_such_user}}}}
+
 userforward:
   driver = redirect
   check_local_user
@@ -250,11 +277,6 @@ localuser_fwd_only:
   transport = devnull
   condition = ${if exists{/etc/exim4/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/fwd_only}{true}{false}}}}
 
-localuser_spam:
-  driver = accept
-  transport = local_spam_delivery
-  condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{yes}{no_such_user}}}}
-
 localuser:
   driver = accept
   transport = local_delivery

From 3dc748f533a57744e894bf168f9b7f19fa2b7739 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 23 Aug 2019 19:49:59 +0200
Subject: [PATCH 0632/2300] Update exim4.conf.template

---
 install/debian/9/exim/exim4.conf.template | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/install/debian/9/exim/exim4.conf.template b/install/debian/9/exim/exim4.conf.template
index 67647934..12b41e40 100644
--- a/install/debian/9/exim/exim4.conf.template
+++ b/install/debian/9/exim/exim4.conf.template
@@ -4,9 +4,9 @@
 #                                                                    #
 ######################################################################
 
-SPAMASSASSIN = yes
-SPAM_SCORE = 50
-CLAMD =  yes
+#SPAMASSASSIN = yes
+#SPAM_SCORE = 50
+#CLAMD =  yes
 
 disable_ipv6=true
 add_environment=<; PATH=/bin:/usr/bin

From aa0b8866c0cc6193cfc2d5e28625a7a2a8ee5a9d Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 23 Aug 2019 19:50:51 +0200
Subject: [PATCH 0633/2300] Update exim4.conf.template

---
 install/debian/10/exim/exim4.conf.template | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/install/debian/10/exim/exim4.conf.template b/install/debian/10/exim/exim4.conf.template
index 67647934..12b41e40 100644
--- a/install/debian/10/exim/exim4.conf.template
+++ b/install/debian/10/exim/exim4.conf.template
@@ -4,9 +4,9 @@
 #                                                                    #
 ######################################################################
 
-SPAMASSASSIN = yes
-SPAM_SCORE = 50
-CLAMD =  yes
+#SPAMASSASSIN = yes
+#SPAM_SCORE = 50
+#CLAMD =  yes
 
 disable_ipv6=true
 add_environment=<; PATH=/bin:/usr/bin

From d2061fa6232195013ef0b465a04d8ab7aa903cd8 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 23 Aug 2019 19:51:42 +0200
Subject: [PATCH 0634/2300] Update exim4.conf.template

---
 install/debian/8/exim/exim4.conf.template | 38 ++++++++++++++++++-----
 1 file changed, 30 insertions(+), 8 deletions(-)

diff --git a/install/debian/8/exim/exim4.conf.template b/install/debian/8/exim/exim4.conf.template
index bfb98e0b..12b41e40 100644
--- a/install/debian/8/exim/exim4.conf.template
+++ b/install/debian/8/exim/exim4.conf.template
@@ -42,7 +42,7 @@ tls_on_connect_ports = 465
 never_users = root
 host_lookup = *
 rfc1413_hosts = *
-rfc1413_query_timeout = 5s
+rfc1413_query_timeout = 0s
 ignore_bounce_errors_after = 2d
 timeout_frozen_after = 7d
 
@@ -56,8 +56,20 @@ DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}
 #                       ACL CONFIGURATION                            #
 #         Specifies access control lists for incoming SMTP mail      #
 ######################################################################
+
+acl_not_smtp = acl_not_smtp
+
 begin acl
 
+acl_not_smtp:
+  deny message = Web site is sending too much emails [limitlog]: deny / account / $authenticated_id / $sender_rate / $sender_rate_period
+  ratelimit = 40 / 1h / $authenticated_id
+
+  warn ratelimit = 0 / 1h / strict / $authenticated_id
+  log_message = Sender rate [limitlog]: log / account / $authenticated_id / $sender_rate / $sender_rate_period
+
+  accept
+
 acl_check_spammers:
   accept  hosts         = +whitelist
 
@@ -74,6 +86,7 @@ acl_check_mail:
 
   drop    message       = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid
           condition     = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}}
+          condition     = ${if match{${lc:$sender_host_name}}{.telenor.rs}{false}{true}}
           condition     = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}}
           delay         = 45s
 
@@ -89,6 +102,12 @@ acl_check_mail:
 acl_check_rcpt:
   accept  hosts         = :
 
+  deny message = Email account is sending too much emails [limitlog]: deny / email / $authenticated_id / $sender_rate / $sender_rate_period
+  ratelimit = 40 / 1h / $authenticated_id
+
+  warn ratelimit = 0 / 1h / strict / $authenticated_id
+  log_message = Sender rate [limitlog]: log / email / $authenticated_id / $sender_rate / $sender_rate_period
+
   deny    message       = Restricted characters in address
           domains       = +local_domains
           local_parts   = ^[.] : ^.*[@%!/|]
@@ -136,9 +155,12 @@ acl_check_rcpt:
 
 
 acl_check_data:
+
+  deny senders = /etc/exim4/deny_senders
+
 .ifdef CLAMD
   deny   message        = Message contains a virus ($malware_name) and has been rejected
-         malware        = *
+         malware        = */defer_ok
          condition      = ${if eq{$acl_m0}{yes}{yes}{no}}
 .endif
 
@@ -164,7 +186,7 @@ acl_check_data:
 
 acl_check_mime:
   deny   message        = Blacklisted file extension detected
-         condition      = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}}
+         condition      = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh|\.jar)$\N}{1}{0}}
 
   accept
 
@@ -209,6 +231,11 @@ dnslookup:
   transport = remote_smtp
   no_more
 
+localuser_spam:
+  driver = accept
+  transport = local_spam_delivery
+  condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{yes}{no_such_user}}}}
+
 userforward:
   driver = redirect
   check_local_user
@@ -250,11 +277,6 @@ localuser_fwd_only:
   transport = devnull
   condition = ${if exists{/etc/exim4/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/fwd_only}{true}{false}}}}
 
-localuser_spam:
-  driver = accept
-  transport = local_spam_delivery
-  condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{yes}{no_such_user}}}}
-
 localuser:
   driver = accept
   transport = local_delivery

From f3acaf92972865714252e7a88845dd426d326471 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 23 Aug 2019 19:52:48 +0200
Subject: [PATCH 0635/2300] Create deny_senders

---
 install/debian/8/exim/deny_senders | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 install/debian/8/exim/deny_senders

diff --git a/install/debian/8/exim/deny_senders b/install/debian/8/exim/deny_senders
new file mode 100644
index 00000000..8b137891
--- /dev/null
+++ b/install/debian/8/exim/deny_senders
@@ -0,0 +1 @@
+

From 4fade0fbc902af1413f0511137e827d3a203a8a1 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 24 Aug 2019 00:09:28 +0200
Subject: [PATCH 0636/2300] Optimizing ClamAV

---
 install/debian/10/clamav/clamd.conf | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/install/debian/10/clamav/clamd.conf b/install/debian/10/clamav/clamd.conf
index 504cf8f3..c636b6d3 100644
--- a/install/debian/10/clamav/clamd.conf
+++ b/install/debian/10/clamav/clamd.conf
@@ -20,7 +20,7 @@ MaxThreads 12
 MaxConnectionQueueLength 15
 LogSyslog false
 LogFacility LOG_LOCAL6
-LogClean false
+LogClean true
 LogVerbose true
 PidFile /var/run/clamav/clamd.pid
 DatabaseDirectory /var/lib/clamav
@@ -48,7 +48,8 @@ SendBufTimeout 200
 MaxQueue 100
 ExtendedDetectionInfo true
 OLE2BlockMacros false
-StreamMaxLength 25M
+StreamMaxLength 2M
+MaxFileSize 2M
 LogFile /var/log/clamav/clamav.log
 LogTime true
 LogFileUnlock false

From a96a39dbbb028f9b31bdb72b725687a6b67205b4 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 24 Aug 2019 00:11:03 +0200
Subject: [PATCH 0637/2300] Optimizing ClamAV

---
 install/debian/9/clamav/clamd.conf | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/install/debian/9/clamav/clamd.conf b/install/debian/9/clamav/clamd.conf
index 4e04356e..3fe6454f 100644
--- a/install/debian/9/clamav/clamd.conf
+++ b/install/debian/9/clamav/clamd.conf
@@ -20,7 +20,7 @@ MaxThreads 12
 MaxConnectionQueueLength 15
 LogSyslog false
 LogFacility LOG_LOCAL6
-LogClean false
+LogClean true
 LogVerbose true
 PidFile /var/run/clamav/clamd.pid
 DatabaseDirectory /var/lib/clamav
@@ -49,7 +49,8 @@ SendBufTimeout 200
 MaxQueue 100
 ExtendedDetectionInfo true
 OLE2BlockMacros false
-StreamMaxLength 25M
+StreamMaxLength 2M
+MaxFileSize 2M
 LogFile /var/log/clamav/clamav.log
 LogTime true
 LogFileUnlock false

From c39d80f15ec4e76c847997508172c2919fd9b2f1 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 24 Aug 2019 00:12:31 +0200
Subject: [PATCH 0638/2300] Optimizing ClamAV

---
 install/debian/8/clamav/clamd.conf | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/install/debian/8/clamav/clamd.conf b/install/debian/8/clamav/clamd.conf
index 4e04356e..3fe6454f 100644
--- a/install/debian/8/clamav/clamd.conf
+++ b/install/debian/8/clamav/clamd.conf
@@ -20,7 +20,7 @@ MaxThreads 12
 MaxConnectionQueueLength 15
 LogSyslog false
 LogFacility LOG_LOCAL6
-LogClean false
+LogClean true
 LogVerbose true
 PidFile /var/run/clamav/clamd.pid
 DatabaseDirectory /var/lib/clamav
@@ -49,7 +49,8 @@ SendBufTimeout 200
 MaxQueue 100
 ExtendedDetectionInfo true
 OLE2BlockMacros false
-StreamMaxLength 25M
+StreamMaxLength 2M
+MaxFileSize 2M
 LogFile /var/log/clamav/clamav.log
 LogTime true
 LogFileUnlock false

From 8b39d8e847578a19a247c6ea41d8adf997082140 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 24 Aug 2019 00:55:10 +0200
Subject: [PATCH 0639/2300] Put secured login URL in welcome mail while
 creating user

---
 web/add/user/index.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/web/add/user/index.php b/web/add/user/index.php
index 2cc79287..914eb3dd 100644
--- a/web/add/user/index.php
+++ b/web/add/user/index.php
@@ -93,6 +93,7 @@ if (!empty($_POST['ok'])) {
             $mailtext = _translate($_POST['v_language'],'GREETINGS');
         }
         $mailtext .= _translate($_POST['v_language'],'ACCOUNT_READY',$_SERVER['HTTP_HOST'],$_POST['v_username'],$_POST['v_password']);
+        if (isset($login_url)) $mailtext=str_replace('/login/', '/?'.$login_url, $mailtext);
         send_email($to, $subject, $mailtext, $from);
     }
 

From 6343b3e20d88b1dec693db1288fff360b7ac0f4e Mon Sep 17 00:00:00 2001
From: myvesta 
Date: Sat, 24 Aug 2019 02:00:22 +0200
Subject: [PATCH 0640/2300] Introducing v-change-vesta-port

---
 bin/v-add-letsencrypt-user |  0
 bin/v-change-vesta-port    | 49 ++++++++++++++++++++++++++++++++++++++
 bin/v-list-sys-config      |  0
 3 files changed, 49 insertions(+)
 mode change 100644 => 100755 bin/v-add-letsencrypt-user
 create mode 100755 bin/v-change-vesta-port
 mode change 100644 => 100755 bin/v-list-sys-config

diff --git a/bin/v-add-letsencrypt-user b/bin/v-add-letsencrypt-user
old mode 100644
new mode 100755
diff --git a/bin/v-change-vesta-port b/bin/v-change-vesta-port
new file mode 100755
index 00000000..53beef2d
--- /dev/null
+++ b/bin/v-change-vesta-port
@@ -0,0 +1,49 @@
+#!/bin/bash
+# info: change vesta port
+# options: port
+#
+# Function change vesta port
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+whoami=$(whoami)
+if [ "$whoami" != "root" ] && [ "$whoami" != "admin" ] ; then
+    echo "You must be root or admin to execute this script";
+    exit 1;
+fi
+
+
+# Argument definition
+port=$1
+
+re='^[0-9]+$'
+if ! [[ $port =~ $re ]] ; then
+    echo "error: Not a number" >&2; exit 1
+fi
+
+if [ ! -f "$VESTA/conf/port.conf" ]; then
+    oldport=8083
+else
+    oldport=`cat $VESTA/conf/port.conf`
+fi
+
+sed -i "s|$oldport;|$port;|g" /usr/local/vesta/nginx/conf/nginx.conf
+sed -i "s|'$oldport'|'$port'|g" /etc/roundcube/plugins/password/config.inc.php
+sed -i "s|'$oldport'|'$port'|g" /usr/local/vesta/data/firewall/rules.conf
+$VESTA/bin/v-update-firewall
+systemctl restart fail2ban.service
+systemctl restart vesta
+
+echo "$port" > $VESTA/conf/port.conf
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+# Logging
+log_event "$OK" "$ARGUMENTS"
+
+exit 0;
diff --git a/bin/v-list-sys-config b/bin/v-list-sys-config
old mode 100644
new mode 100755

From f9b68027da01ed349c26befef7dfd5791297728b Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 24 Aug 2019 02:17:24 +0200
Subject: [PATCH 0641/2300] Update v-change-vesta-port

---
 bin/v-change-vesta-port | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/bin/v-change-vesta-port b/bin/v-change-vesta-port
index 53beef2d..16e47ca3 100755
--- a/bin/v-change-vesta-port
+++ b/bin/v-change-vesta-port
@@ -15,6 +15,9 @@ if [ "$whoami" != "root" ] && [ "$whoami" != "admin" ] ; then
     exit 1;
 fi
 
+if [ -z "$VESTA" ]; then
+    VESTA="/usr/local/vesta"
+fi
 
 # Argument definition
 port=$1

From 72029bb578052814d1eb32762a815485ac3d60c6 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 24 Aug 2019 02:20:02 +0200
Subject: [PATCH 0642/2300] Update v-change-vesta-port

---
 bin/v-change-vesta-port | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/bin/v-change-vesta-port b/bin/v-change-vesta-port
index 16e47ca3..40d4dff7 100755
--- a/bin/v-change-vesta-port
+++ b/bin/v-change-vesta-port
@@ -33,9 +33,11 @@ else
     oldport=`cat $VESTA/conf/port.conf`
 fi
 
-sed -i "s|$oldport;|$port;|g" /usr/local/vesta/nginx/conf/nginx.conf
-sed -i "s|'$oldport'|'$port'|g" /etc/roundcube/plugins/password/config.inc.php
-sed -i "s|'$oldport'|'$port'|g" /usr/local/vesta/data/firewall/rules.conf
+sed -i "s|$oldport;|$port;|g" $VESTA/nginx/conf/nginx.conf
+if [ -f "/etc/roundcube/plugins/password/config.inc.php" ]; then
+    sed -i "s|'$oldport'|'$port'|g" /etc/roundcube/plugins/password/config.inc.php
+fi
+sed -i "s|'$oldport'|'$port'|g" $VESTA/data/firewall/rules.conf
 $VESTA/bin/v-update-firewall
 systemctl restart fail2ban.service
 systemctl restart vesta

From 9eedd3e1b204431906ce869ba323991f9151c1fa Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 24 Aug 2019 02:31:37 +0200
Subject: [PATCH 0643/2300] Not creating default admin database

---
 install/vst-install-debian.sh | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 5f491b90..9db820de 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1372,10 +1372,10 @@ if [ "$apache" = 'yes' ] && [ "$nginx"  = 'yes' ] ; then
 fi
 
 # Configuring mysql host
-if [ "$mysql" = 'yes' ]; then
-    $VESTA/bin/v-add-database-host mysql localhost root $mpass
-    # $VESTA/bin/v-add-database admin default default $(gen_pass) mysql
-fi
+# if [ "$mysql" = 'yes' ]; then
+#     $VESTA/bin/v-add-database-host mysql localhost root $mpass
+#     # $VESTA/bin/v-add-database admin default default $(gen_pass) mysql
+# fi
 
 # Configuring pgsql host
 if [ "$postgresql" = 'yes' ]; then

From 40739f3105e5f9cf930b13b346b0c5f663d59088 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 24 Aug 2019 02:37:28 +0200
Subject: [PATCH 0644/2300] Update v-change-vesta-port

---
 bin/v-change-vesta-port | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/bin/v-change-vesta-port b/bin/v-change-vesta-port
index 40d4dff7..be955013 100755
--- a/bin/v-change-vesta-port
+++ b/bin/v-change-vesta-port
@@ -6,7 +6,7 @@
 
 
 #----------------------------------------------------------#
-#                    Variable&Function                     #
+#              Variable & Verifications                    #
 #----------------------------------------------------------#
 
 whoami=$(whoami)
@@ -19,6 +19,9 @@ if [ -z "$VESTA" ]; then
     VESTA="/usr/local/vesta"
 fi
 
+# Includes
+source $VESTA/func/main.sh
+
 # Argument definition
 port=$1
 
@@ -33,6 +36,10 @@ else
     oldport=`cat $VESTA/conf/port.conf`
 fi
 
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
 sed -i "s|$oldport;|$port;|g" $VESTA/nginx/conf/nginx.conf
 if [ -f "/etc/roundcube/plugins/password/config.inc.php" ]; then
     sed -i "s|'$oldport'|'$port'|g" /etc/roundcube/plugins/password/config.inc.php

From 5afd45bc70429d2b1f0e9f5d4eaa628949840017 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 24 Aug 2019 02:50:28 +0200
Subject: [PATCH 0645/2300] Update README.md

---
 README.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/README.md b/README.md
index 7703edb1..7c89aa73 100644
--- a/README.md
+++ b/README.md
@@ -30,6 +30,8 @@ Features
 
 + Auto-generating LetsEncrypt SSL for server hostname (signed SSL for Vesta 8083 port, for dovecot (IMAP & POP3) and for Exim (SMTP))
 
++ Changing Vesta port using one command line: **v-change-vesta-port [number]**
+
 + You can compile Vesta binaries by yourself - https://github.com/myvesta/vesta/blob/master/src/deb/vesta_compile.sh
     + You can even create your own APT repositorium in a minute
     + We are using latest nginx version for vesta-nginx package

From 105f8c25410e36c99662407993d1872a6d01d339 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 24 Aug 2019 03:35:59 +0200
Subject: [PATCH 0646/2300] Update v-change-vesta-port

---
 bin/v-change-vesta-port | 47 +++++++++++++++++++++--------------------
 1 file changed, 24 insertions(+), 23 deletions(-)

diff --git a/bin/v-change-vesta-port b/bin/v-change-vesta-port
index be955013..1d96023c 100755
--- a/bin/v-change-vesta-port
+++ b/bin/v-change-vesta-port
@@ -2,11 +2,30 @@
 # info: change vesta port
 # options: port
 #
-# Function change vesta port
-
+# Function will change vesta port
 
 #----------------------------------------------------------#
-#              Variable & Verifications                    #
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument definition
+port=$1
+
+if [ -z "$VESTA" ]; then
+    VESTA="/usr/local/vesta"
+fi
+
+if [ ! -f "$VESTA/conf/port.conf" ]; then
+    oldport=8083
+else
+    oldport=`cat $VESTA/conf/port.conf`
+fi
+
+# Includes
+source $VESTA/func/main.sh
+
+#----------------------------------------------------------#
+#                    Verifications                         #
 #----------------------------------------------------------#
 
 whoami=$(whoami)
@@ -15,26 +34,8 @@ if [ "$whoami" != "root" ] && [ "$whoami" != "admin" ] ; then
     exit 1;
 fi
 
-if [ -z "$VESTA" ]; then
-    VESTA="/usr/local/vesta"
-fi
-
-# Includes
-source $VESTA/func/main.sh
-
-# Argument definition
-port=$1
-
-re='^[0-9]+$'
-if ! [[ $port =~ $re ]] ; then
-    echo "error: Not a number" >&2; exit 1
-fi
-
-if [ ! -f "$VESTA/conf/port.conf" ]; then
-    oldport=8083
-else
-    oldport=`cat $VESTA/conf/port.conf`
-fi
+check_args '1' "$#" 'PORT'
+is_int_format_valid "$port" 'port number'
 
 #----------------------------------------------------------#
 #                       Action                             #

From e902b0180b6e78c3cc7365ef6f1fee363b6127cf Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 24 Aug 2019 15:55:29 +0200
Subject: [PATCH 0647/2300] Update v-change-vesta-port

---
 bin/v-change-vesta-port | 16 ++++++----------
 1 file changed, 6 insertions(+), 10 deletions(-)

diff --git a/bin/v-change-vesta-port b/bin/v-change-vesta-port
index 1d96023c..f3951fdc 100755
--- a/bin/v-change-vesta-port
+++ b/bin/v-change-vesta-port
@@ -15,23 +15,19 @@ if [ -z "$VESTA" ]; then
     VESTA="/usr/local/vesta"
 fi
 
-if [ ! -f "$VESTA/conf/port.conf" ]; then
+# Get current vesta port by reading nginx.conf
+oldport=$(grep 'listen' $VESTA/nginx/conf/nginx.conf | awk '{print $2}' | sed "s|;||")
+if [ -z "$oldport" ]; then
     oldport=8083
-else
-    oldport=`cat $VESTA/conf/port.conf`
 fi
 
-# Includes
-source $VESTA/func/main.sh
-
 #----------------------------------------------------------#
 #                    Verifications                         #
 #----------------------------------------------------------#
 
-whoami=$(whoami)
-if [ "$whoami" != "root" ] && [ "$whoami" != "admin" ] ; then
-    echo "You must be root or admin to execute this script";
-    exit 1;
+# Checking permissions
+if [ "$(id -u)" != '0' ]; then
+    check_result $E_FORBIDEN "You must be root to execute this script"
 fi
 
 check_args '1' "$#" 'PORT'

From 5eeead791e1d6caa430beac658d845c1317840e6 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 24 Aug 2019 15:58:20 +0200
Subject: [PATCH 0648/2300] Update v-change-vesta-port

---
 bin/v-change-vesta-port | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/bin/v-change-vesta-port b/bin/v-change-vesta-port
index f3951fdc..906b6d55 100755
--- a/bin/v-change-vesta-port
+++ b/bin/v-change-vesta-port
@@ -21,6 +21,9 @@ if [ -z "$oldport" ]; then
     oldport=8083
 fi
 
+# Includes
+source $VESTA/func/main.sh
+
 #----------------------------------------------------------#
 #                    Verifications                         #
 #----------------------------------------------------------#

From 0ed4207c9ec6641f8ce17af9e07f3f7f807fa711 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 24 Aug 2019 16:10:34 +0200
Subject: [PATCH 0649/2300] Update v-change-vesta-port

---
 bin/v-change-vesta-port | 2 --
 1 file changed, 2 deletions(-)

diff --git a/bin/v-change-vesta-port b/bin/v-change-vesta-port
index 906b6d55..09cff31d 100755
--- a/bin/v-change-vesta-port
+++ b/bin/v-change-vesta-port
@@ -49,8 +49,6 @@ $VESTA/bin/v-update-firewall
 systemctl restart fail2ban.service
 systemctl restart vesta
 
-echo "$port" > $VESTA/conf/port.conf
-
 #----------------------------------------------------------#
 #                       Vesta                              #
 #----------------------------------------------------------#

From 84ef0a118fd73351126fb0e0da3392fe282eb789 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 24 Aug 2019 16:13:03 +0200
Subject: [PATCH 0650/2300] Changing /usr/local/vesta to $VESTA

---
 bin/v-add-firewall-chain | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-add-firewall-chain b/bin/v-add-firewall-chain
index 5026d264..0bac12da 100755
--- a/bin/v-add-firewall-chain
+++ b/bin/v-add-firewall-chain
@@ -22,7 +22,7 @@ protocol=$(echo $protocol|tr '[:lower:]' '[:upper:]')
 iptables="/sbin/iptables"
 
 # Get vesta port by reading nginx.conf
-vestaport=$(grep 'listen' /usr/local/vesta/nginx/conf/nginx.conf | awk '{print $2}' | sed "s|;||")
+vestaport=$(grep 'listen' $VESTA/nginx/conf/nginx.conf | awk '{print $2}' | sed "s|;||")
 if [ -z "$vestaport" ]; then
     vestaport=8083
 fi

From 5fe990d98730df5db0a2e15027b6ef3dc9e1abe4 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 24 Aug 2019 18:20:44 +0200
Subject: [PATCH 0651/2300] Asking for secret URL and Vesta port during
 installation

---
 install/vst-install-debian.sh | 48 +++++++++++++++++++++++++++++------
 1 file changed, 40 insertions(+), 8 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 9db820de..dd87ec6e 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -83,6 +83,8 @@ help() {
   -s, --hostname          Set hostname
   -e, --email             Set admin email
   -p, --password          Set admin password
+  -u, --secret_url        Set secret url for hosting panel
+  -1, --port              Set Vesta port
   -f, --force             Force installation
   -h, --help              Print this help
 
@@ -170,6 +172,8 @@ for arg; do
         --interactive)          args="${args}-y " ;;
         --hostname)             args="${args}-s " ;;
         --email)                args="${args}-e " ;;
+        --secret_url)           args="${args}-u " ;;
+        --port)                 args="${args}-1 " ;;
         --password)             args="${args}-p " ;;
         --force)                args="${args}-f " ;;
         --help)                 args="${args}-h " ;;
@@ -204,6 +208,8 @@ while getopts "a:n:w:v:j:k:m:g:d:x:z:c:t:i:b:r:o:q:l:y:s:e:p:fh" Option; do
         y) interactive=$OPTARG ;;       # Interactive install
         s) servername=$OPTARG ;;        # Hostname
         e) email=$OPTARG ;;             # Admin email
+        e) secret_url=$OPTARG ;;        # Secret URL for hosting panel
+        e) port=$OPTARG ;;              # Vesta port
         p) vpass=$OPTARG ;;             # Admin password
         f) force='yes' ;;               # Force install
         h) help ;;                      # Help
@@ -411,6 +417,16 @@ if [ "$interactive" = 'yes' ]; then
         read -p 'Please enter admin email address: ' email
     fi
 
+    # Asking for secret URL
+    if [ -z "$secret_url" ]; then
+        read -p 'Please enter secret URL address for hosting panel (press enter for none): ' secret_url
+    fi
+
+    # Asking for Vesta port
+    if [ -z "$port" ]; then
+        read -p 'Please enter Vesta port number (press enter for 8083): ' port
+    fi
+
     # Asking to set FQDN hostname
     if [ -z "$servername" ]; then
         read -p "Please enter FQDN hostname [$(hostname)]: " servername
@@ -444,6 +460,11 @@ if [ -z "$email" ]; then
     email="admin@$servername"
 fi
 
+# Set port if it wasn't set
+if [ -z "$port" ]; then
+    port="8083"
+fi
+
 # Defining backup directory
 vst_backups="/root/vst_install_backups/$(date +%s)"
 echo "Installation backup directory: $vst_backups"
@@ -1496,8 +1517,8 @@ www_host="www.$servername"
 www_host_ip=$(host $www_host | head -n 1 | awk '{print $NF}')
 if [ "$www_host_ip" != "$ip" ]; then
     echo "=== Deleting www to server hostname"
-    v-delete-web-domain-alias 'admin' "$servername" "$www_host" 'no'
-    v-delete-dns-on-web-alias 'admin' "$servername" "$www_host" 'no'
+    $VESTA/bin/v-delete-web-domain-alias 'admin' "$servername" "$www_host" 'no'
+    $VESTA/bin/v-delete-dns-on-web-alias 'admin' "$servername" "$www_host" 'no'
     www_host=""
 fi
 
@@ -1505,12 +1526,23 @@ echo "Hostname $servername is pointing to $host_ip"
 
 if [ $make_ssl -eq 1 ]; then
     echo "=== Generating HOSTNAME SSL"
-    v-add-letsencrypt-domain 'admin' "$servername" "$www_host" 'yes'
-    v-update-host-certificate 'admin' "$servername"
+    $VESTA/bin/v-add-letsencrypt-domain 'admin' "$servername" "$www_host" 'yes'
+    $VESTA/bin/v-update-host-certificate 'admin' "$servername"
 else
     echo "=== We will not generate SSL because of this"
 fi
-echo "UPDATE_HOSTNAME_SSL='yes'" >> /usr/local/vesta/conf/vesta.conf
+echo "UPDATE_HOSTNAME_SSL='yes'" >> $VESTA/conf/vesta.conf
+
+# Secret URL
+secretquery=''
+if [ ! -z "$secret_url" ]; then
+    echo " $VESTA/web/inc/login_url.php
+    secretquery="?$secret_url"
+fi
+
+if [ "$port" != "8083" ]; then
+    $VESTA/bin/v-change-vesta-port $port
+fi
 
 #----------------------------------------------------------#
 #                   Vesta Access Info                      #
@@ -1520,7 +1552,7 @@ echo "UPDATE_HOSTNAME_SSL='yes'" >> /usr/local/vesta/conf/vesta.conf
 echo -e "Congratulations, you have just successfully installed \
 Vesta Control Panel
 
-    https://$ip:8083
+    https://$ip:$port/$secret_url
     username: admin
     password: $vpass
 
@@ -1533,8 +1565,8 @@ Sincerely yours
 vestacp.com team
 " > $tmpfile
 
-# send_mail="$VESTA/web/inc/mail-wrapper.php"
-# cat $tmpfile | $send_mail -s "Vesta Control Panel" $email
+send_mail="$VESTA/web/inc/mail-wrapper.php"
+cat $tmpfile | $send_mail -s "Vesta Control Panel" $email
 
 # Congrats
 echo '======================================================='

From 53f1c6b2bbe7180e48545c14c43939531da9ea41 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 24 Aug 2019 18:23:19 +0200
Subject: [PATCH 0652/2300] Update vst-install-debian.sh

---
 install/vst-install-debian.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index dd87ec6e..d6b0bc47 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1552,7 +1552,7 @@ fi
 echo -e "Congratulations, you have just successfully installed \
 Vesta Control Panel
 
-    https://$ip:$port/$secret_url
+    https://$ip:$port/$secretquery
     username: admin
     password: $vpass
 

From 77d66b44205a11fd9d2d79fe0dc49c73d987be97 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 24 Aug 2019 23:43:59 +0200
Subject: [PATCH 0653/2300] Update README.md

---
 README.md | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 7c89aa73..cb073d87 100644
--- a/README.md
+++ b/README.md
@@ -14,8 +14,7 @@ Features
 + Support for Debian 10 (previous releases are also supported)
 
 + You can totally "lock" VestaCP so it can be accessed only via https://serverhost:8083/?MY-SECRET-URL
-    + After MyVesta installation just execute:
-    + `echo " /usr/local/vesta/web/inc/login_url.php`
+    + During installation you will be asked for secret URL for your hosting panel
     + Literally no PHP scripts will be alive (won't be able to get executed), unless you access the URL with that parameter. Thus, when it happens that, let's say, some zero-day exploit pops up - hacker will not be able to access it without knowing your secret URL. PHP scripts from VestaCP will be simply dead - no one will be able to interact with your panel unless he has the secret URL.
     + You can see for yourself how mechanism was built by looking at:
       + https://github.com/myvesta/vesta/blob/master/src/deb/for-download/php/php.ini#L496

From f75843cef02ea4764e71f2bb319cd5e7cf0ed1b0 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 24 Aug 2019 23:45:22 +0200
Subject: [PATCH 0654/2300] Update README.md

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index cb073d87..a878fb65 100644
--- a/README.md
+++ b/README.md
@@ -29,7 +29,7 @@ Features
 
 + Auto-generating LetsEncrypt SSL for server hostname (signed SSL for Vesta 8083 port, for dovecot (IMAP & POP3) and for Exim (SMTP))
 
-+ Changing Vesta port using one command line: **v-change-vesta-port [number]**
++ Changing Vesta port during installation or later using one command line: **v-change-vesta-port [number]**
 
 + You can compile Vesta binaries by yourself - https://github.com/myvesta/vesta/blob/master/src/deb/vesta_compile.sh
     + You can even create your own APT repositorium in a minute

From 952115a9a83142554cc043fdbf025af080865a88 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 24 Aug 2019 23:50:53 +0200
Subject: [PATCH 0655/2300] Update README.md

---
 README.md | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index a878fb65..f9a9cee2 100644
--- a/README.md
+++ b/README.md
@@ -14,11 +14,13 @@ Features
 + Support for Debian 10 (previous releases are also supported)
 
 + You can totally "lock" VestaCP so it can be accessed only via https://serverhost:8083/?MY-SECRET-URL
-    + During installation you will be asked for secret URL for your hosting panel
+    + During installation you will be asked to choose secret URL for your hosting panel
     + Literally no PHP scripts will be alive (won't be able to get executed), unless you access the URL with that parameter. Thus, when it happens that, let's say, some zero-day exploit pops up - hacker will not be able to access it without knowing your secret URL. PHP scripts from VestaCP will be simply dead - no one will be able to interact with your panel unless he has the secret URL.
     + You can see for yourself how mechanism was built by looking at:
       + https://github.com/myvesta/vesta/blob/master/src/deb/for-download/php/php.ini#L496
       + https://github.com/myvesta/vesta/blob/master/web/inc/secure_login.php
+    + If you didn't set secret URL during installation, you can do it anytime, just execute in SSH:
+    + `echo " /usr/local/vesta/web/inc/login_url.php`
 
 + We disabled dangerous PHP functions in php.ini, so even if, for example, customer's CMS gets compromised, hacker will not be able to execute "shell" from PHP.
 
@@ -29,7 +31,7 @@ Features
 
 + Auto-generating LetsEncrypt SSL for server hostname (signed SSL for Vesta 8083 port, for dovecot (IMAP & POP3) and for Exim (SMTP))
 
-+ Changing Vesta port during installation or later using one command line: **v-change-vesta-port [number]**
++ You can change Vesta port during installation or later using one command line: **v-change-vesta-port [number]**
 
 + You can compile Vesta binaries by yourself - https://github.com/myvesta/vesta/blob/master/src/deb/vesta_compile.sh
     + You can even create your own APT repositorium in a minute

From 92229c2597f377b9ebe8487c47a3b2d1c0c4e06f Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 25 Aug 2019 00:29:48 +0200
Subject: [PATCH 0656/2300] max_length_of_MySQL_username=80

---
 install/vst-install-debian.sh | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index d6b0bc47..ab2ead26 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1536,14 +1536,21 @@ echo "UPDATE_HOSTNAME_SSL='yes'" >> $VESTA/conf/vesta.conf
 # Secret URL
 secretquery=''
 if [ ! -z "$secret_url" ]; then
+    echo "=== Set secret URL: $secret_url"
     echo " $VESTA/web/inc/login_url.php
     secretquery="?$secret_url"
 fi
 
 if [ "$port" != "8083" ]; then
+    echo "=== Set Vesta port: $port"
     $VESTA/bin/v-change-vesta-port $port
 fi
 
+echo "=== Set URL for phpmyadmin and max_length_of_MySQL_username=80"
+echo "DB_PMA_URL='https://$servername/phpmyadmin/'" >> $VESTA/conf/vesta.conf
+echo "MAX_DBUSER_LEN=80" >> $VESTA/conf/vesta.conf
+
+
 #----------------------------------------------------------#
 #                   Vesta Access Info                      #
 #----------------------------------------------------------#

From c923cabc19533b25b759f75d4fb6a766096f2915 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 25 Aug 2019 02:10:51 +0200
Subject: [PATCH 0657/2300] Warning when server hostname is not pointing to
 server IP

---
 install/vst-install-debian.sh | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index ab2ead26..845ffd5d 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1507,6 +1507,12 @@ fi
 # Comparing hostname and ip
 make_ssl=0
 host_ip=$(host $servername | head -n 1 | awk '{print $NF}')
+if [ "$host_ip" != "$ip" ]; then
+    echo "***** PROBLEM: Hostname $servername is not pointing to your server (IP address $ip)"
+    echo "Without pointing your hostname to your IP, LetsEncrypt SSL will not be generated for your server hostname."
+    read -p "Try to point your hostname $servername to IP address $ip and then press ENTER."
+    host_ip=$(host $servername | head -n 1 | awk '{print $NF}')
+fi
 if [ "$host_ip" = "$ip" ]; then
     ip="$servername"
     make_ssl=1

From 2e11fb79f12539cc08655a8b9a4df6b0e469fad4 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 25 Aug 2019 02:15:31 +0200
Subject: [PATCH 0658/2300] Update vst-install-debian.sh

---
 install/vst-install-debian.sh | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 845ffd5d..3b59bed6 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -184,7 +184,7 @@ done
 eval set -- "$args"
 
 # Parsing arguments
-while getopts "a:n:w:v:j:k:m:g:d:x:z:c:t:i:b:r:o:q:l:y:s:e:p:fh" Option; do
+while getopts "a:n:w:v:j:k:m:g:d:x:z:c:t:i:b:r:o:q:l:y:s:e:p:u:1:fh" Option; do
     case $Option in
         a) apache=$OPTARG ;;            # Apache
         n) nginx=$OPTARG ;;             # Nginx
@@ -208,8 +208,8 @@ while getopts "a:n:w:v:j:k:m:g:d:x:z:c:t:i:b:r:o:q:l:y:s:e:p:fh" Option; do
         y) interactive=$OPTARG ;;       # Interactive install
         s) servername=$OPTARG ;;        # Hostname
         e) email=$OPTARG ;;             # Admin email
-        e) secret_url=$OPTARG ;;        # Secret URL for hosting panel
-        e) port=$OPTARG ;;              # Vesta port
+        u) secret_url=$OPTARG ;;        # Secret URL for hosting panel
+        1) port=$OPTARG ;;              # Vesta port
         p) vpass=$OPTARG ;;             # Admin password
         f) force='yes' ;;               # Force install
         h) help ;;                      # Help

From c73a75e6343fa73deb8c1c6b7ee2ee4732d84bb5 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 25 Aug 2019 03:29:55 +0200
Subject: [PATCH 0659/2300] Update vst-install-debian.sh

---
 install/vst-install-debian.sh | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 3b59bed6..69be604f 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1393,10 +1393,10 @@ if [ "$apache" = 'yes' ] && [ "$nginx"  = 'yes' ] ; then
 fi
 
 # Configuring mysql host
-# if [ "$mysql" = 'yes' ]; then
-#     $VESTA/bin/v-add-database-host mysql localhost root $mpass
-#     # $VESTA/bin/v-add-database admin default default $(gen_pass) mysql
-# fi
+if [ "$mysql" = 'yes' ]; then
+     $VESTA/bin/v-add-database-host mysql localhost root $mpass
+     # $VESTA/bin/v-add-database admin default default $(gen_pass) mysql
+fi
 
 # Configuring pgsql host
 if [ "$postgresql" = 'yes' ]; then

From f3b15c5834b1e08b1a6f9aafd85c79be0182bbf2 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 25 Aug 2019 22:30:20 +0200
Subject: [PATCH 0660/2300] install gnupg2 if it's not installed

---
 install/vst-install-debian.sh | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 69be604f..21e8558e 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -279,6 +279,11 @@ if [ ! -e '/usr/bin/wget' ]; then
     check_result $? "Can't install wget"
 fi
 
+# Check if gnupg2 is installed
+if [ $(dpkg-query -W -f='${Status}' gnupg2 2>/dev/null | grep -c "ok installed") -eq 0 ]; then
+    apt -y install gnupg2
+fi
+
 # Check if apparmor is installed
 # This check is borrowed from HestiaCP
 if [ $(dpkg-query -W -f='${Status}' apparmor 2>/dev/null | grep -c "ok installed") -eq 0 ]; then

From 84088251415c9dd52bd84b90532cc23eeb110405 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 25 Aug 2019 22:59:14 +0200
Subject: [PATCH 0661/2300] Update vst-install-debian.sh

---
 install/vst-install-debian.sh | 34 ++++++++++++++++++++++------------
 1 file changed, 22 insertions(+), 12 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 21e8558e..d6b17c70 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1515,24 +1515,32 @@ host_ip=$(host $servername | head -n 1 | awk '{print $NF}')
 if [ "$host_ip" != "$ip" ]; then
     echo "***** PROBLEM: Hostname $servername is not pointing to your server (IP address $ip)"
     echo "Without pointing your hostname to your IP, LetsEncrypt SSL will not be generated for your server hostname."
-    read -p "Try to point your hostname $servername to IP address $ip and then press ENTER."
+    echo "Try to point your hostname $servername to IP address $ip and then press ENTER."
+    echo "For forcing LetsEncrypt installation press f and then ENTER."
+    read -p "If we detect that hostname is still not pointing to your IP, installer will skip LetsEncrypt installation." answer
     host_ip=$(host $servername | head -n 1 | awk '{print $NF}')
 fi
+if [ "$answer" = "f" ]; then
+    make_ssl=1
+fi
 if [ "$host_ip" = "$ip" ]; then
     ip="$servername"
     make_ssl=1
 fi
 
-# Generating LE SSL
-www_host="www.$servername"
-www_host_ip=$(host $www_host | head -n 1 | awk '{print $NF}')
-if [ "$www_host_ip" != "$ip" ]; then
-    echo "=== Deleting www to server hostname"
-    $VESTA/bin/v-delete-web-domain-alias 'admin' "$servername" "$www_host" 'no'
-    $VESTA/bin/v-delete-dns-on-web-alias 'admin' "$servername" "$www_host" 'no'
-    www_host=""
+if [ $make_ssl -eq 1 ]; then
+    # Check if www is also pointing to our IP
+    www_host="www.$servername"
+    www_host_ip=$(host $www_host | head -n 1 | awk '{print $NF}')
+    if [ "$www_host_ip" != "$ip" ]; then
+        echo "=== Deleting www to server hostname"
+        $VESTA/bin/v-delete-web-domain-alias 'admin' "$servername" "$www_host" 'no'
+        $VESTA/bin/v-delete-dns-on-web-alias 'admin' "$servername" "$www_host" 'no'
+        www_host=""
+   fi
 fi
 
+echo "==="
 echo "Hostname $servername is pointing to $host_ip"
 
 if [ $make_ssl -eq 1 ]; then
@@ -1540,8 +1548,9 @@ if [ $make_ssl -eq 1 ]; then
     $VESTA/bin/v-add-letsencrypt-domain 'admin' "$servername" "$www_host" 'yes'
     $VESTA/bin/v-update-host-certificate 'admin' "$servername"
 else
-    echo "=== We will not generate SSL because of this"
+    echo "We will not generate SSL because of this"
 fi
+echo "==="
 echo "UPDATE_HOSTNAME_SSL='yes'" >> $VESTA/conf/vesta.conf
 
 # Secret URL
@@ -1557,10 +1566,11 @@ if [ "$port" != "8083" ]; then
     $VESTA/bin/v-change-vesta-port $port
 fi
 
-echo "=== Set URL for phpmyadmin and max_length_of_MySQL_username=80"
+echo "=== Set URL for phpmyadmin"
 echo "DB_PMA_URL='https://$servername/phpmyadmin/'" >> $VESTA/conf/vesta.conf
+echo "=== Set max_length_of_MySQL_username=80"
 echo "MAX_DBUSER_LEN=80" >> $VESTA/conf/vesta.conf
-
+echo "================================================================"
 
 #----------------------------------------------------------#
 #                   Vesta Access Info                      #

From 2036f4b1189650486d29a552d974bb3ba5c5e13a Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 25 Aug 2019 23:01:33 +0200
Subject: [PATCH 0662/2300] Update vst-install-debian.sh

---
 install/vst-install-debian.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index d6b17c70..52c0fdd3 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1516,8 +1516,8 @@ if [ "$host_ip" != "$ip" ]; then
     echo "***** PROBLEM: Hostname $servername is not pointing to your server (IP address $ip)"
     echo "Without pointing your hostname to your IP, LetsEncrypt SSL will not be generated for your server hostname."
     echo "Try to point your hostname $servername to IP address $ip and then press ENTER."
-    echo "For forcing LetsEncrypt installation press f and then ENTER."
-    read -p "If we detect that hostname is still not pointing to your IP, installer will skip LetsEncrypt installation." answer
+    echo "If we detect that hostname is still not pointing to your IP, installer will skip LetsEncrypt installation."
+    read -p "For forcing LetsEncrypt installation press f and then ENTER." answer
     host_ip=$(host $servername | head -n 1 | awk '{print $NF}')
 fi
 if [ "$answer" = "f" ]; then

From 697f80fceb70251ed93c2c9c291ed059064f02d3 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Mon, 26 Aug 2019 20:04:12 +0200
Subject: [PATCH 0663/2300] Removing TLSv1 from /etc/nginx/nginx.conf

---
 install/debian/10/nginx/nginx.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/debian/10/nginx/nginx.conf b/install/debian/10/nginx/nginx.conf
index 1eef1672..405362c8 100644
--- a/install/debian/10/nginx/nginx.conf
+++ b/install/debian/10/nginx/nginx.conf
@@ -97,7 +97,7 @@ http {
 
     # SSL PCI Compliance
     ssl_session_cache   shared:SSL:10m;
-    ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
+    ssl_protocols       TLSv1.1 TLSv1.2;
     ssl_prefer_server_ciphers on;
     ssl_ciphers        "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
 

From 725aedd7ed075d0640b14c955555121da2c8768a Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Mon, 26 Aug 2019 20:06:42 +0200
Subject: [PATCH 0664/2300] Update nginx.conf

---
 install/debian/9/nginx/nginx.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/debian/9/nginx/nginx.conf b/install/debian/9/nginx/nginx.conf
index e8967d8e..65520501 100644
--- a/install/debian/9/nginx/nginx.conf
+++ b/install/debian/9/nginx/nginx.conf
@@ -98,7 +98,7 @@ http {
 
     # SSL PCI Compliance
     ssl_session_cache   shared:SSL:10m;
-    ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
+    ssl_protocols       TLSv1.1 TLSv1.2;
     ssl_prefer_server_ciphers on;
     ssl_ciphers        "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
 

From f4f6ff78e2f9d4e8a349a01b040e8d5d4387afa6 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Mon, 26 Aug 2019 20:07:41 +0200
Subject: [PATCH 0665/2300] Update nginx.conf

---
 install/debian/8/nginx/nginx.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/debian/8/nginx/nginx.conf b/install/debian/8/nginx/nginx.conf
index e8967d8e..65520501 100644
--- a/install/debian/8/nginx/nginx.conf
+++ b/install/debian/8/nginx/nginx.conf
@@ -98,7 +98,7 @@ http {
 
     # SSL PCI Compliance
     ssl_session_cache   shared:SSL:10m;
-    ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
+    ssl_protocols       TLSv1.1 TLSv1.2;
     ssl_prefer_server_ciphers on;
     ssl_ciphers        "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
 

From 7daee89badbeb0d6c6c928687fe1e50a459670e6 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Mon, 26 Aug 2019 20:09:19 +0200
Subject: [PATCH 0666/2300] Removing TLSv1 from vesta nginx.conf

---
 src/deb/for-download/nginx/nginx.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/for-download/nginx/nginx.conf b/src/deb/for-download/nginx/nginx.conf
index 0a427f07..3bd1034b 100644
--- a/src/deb/for-download/nginx/nginx.conf
+++ b/src/deb/for-download/nginx/nginx.conf
@@ -37,7 +37,7 @@ http {
 
 
     # SSL PCI Compliance
-    ssl_protocols               TLSv1.2 TLSv1.1 TLSv1;
+    ssl_protocols               TLSv1.1 TLSv1.2;
     ssl_ciphers                 EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
     ssl_session_cache           shared:SSL:10m;
     ssl_prefer_server_ciphers   on;

From 9ed52415c393d95e88c08902b6f5a0d86a5389dc Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Mon, 26 Aug 2019 20:42:05 +0200
Subject: [PATCH 0667/2300] Avoid changing DNS during install if bind is not
 installed

---
 install/vst-install-debian.sh | 18 +++++++++++-------
 1 file changed, 11 insertions(+), 7 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 52c0fdd3..a300b76b 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1515,9 +1515,9 @@ host_ip=$(host $servername | head -n 1 | awk '{print $NF}')
 if [ "$host_ip" != "$ip" ]; then
     echo "***** PROBLEM: Hostname $servername is not pointing to your server (IP address $ip)"
     echo "Without pointing your hostname to your IP, LetsEncrypt SSL will not be generated for your server hostname."
-    echo "Try to point your hostname $servername to IP address $ip and then press ENTER."
-    echo "If we detect that hostname is still not pointing to your IP, installer will skip LetsEncrypt installation."
-    read -p "For forcing LetsEncrypt installation press f and then ENTER." answer
+    echo "Try to setup an A record in your DNS, pointing your hostname $servername to IP address $ip and then press ENTER."
+    echo "If we detect that hostname is still not pointing to your IP, installer will not add LetsEncrypt SSL certificate to your hosting panel (unsigned SSL will be used instead)."
+    read -p "To force to try anyway to add LetsEncrypt, press f and then ENTER." answer
     host_ip=$(host $servername | head -n 1 | awk '{print $NF}')
 fi
 if [ "$answer" = "f" ]; then
@@ -1533,9 +1533,11 @@ if [ $make_ssl -eq 1 ]; then
     www_host="www.$servername"
     www_host_ip=$(host $www_host | head -n 1 | awk '{print $NF}')
     if [ "$www_host_ip" != "$ip" ]; then
-        echo "=== Deleting www to server hostname"
-        $VESTA/bin/v-delete-web-domain-alias 'admin' "$servername" "$www_host" 'no'
-        $VESTA/bin/v-delete-dns-on-web-alias 'admin' "$servername" "$www_host" 'no'
+        if [ "$named" = 'yes' ]; then
+            echo "=== Deleting www to server hostname"
+            $VESTA/bin/v-delete-web-domain-alias 'admin' "$servername" "$www_host" 'no'
+            $VESTA/bin/v-delete-dns-on-web-alias 'admin' "$servername" "$www_host" 'no'
+        fi
         www_host=""
    fi
 fi
@@ -1568,7 +1570,9 @@ fi
 
 echo "=== Set URL for phpmyadmin"
 echo "DB_PMA_URL='https://$servername/phpmyadmin/'" >> $VESTA/conf/vesta.conf
-echo "=== Set max_length_of_MySQL_username=80"
+if [ "$release" -eq 10 ]; then
+    echo "=== Set max_length_of_MySQL_username=80"
+fi
 echo "MAX_DBUSER_LEN=80" >> $VESTA/conf/vesta.conf
 echo "================================================================"
 

From b1b47a2dd65fe924c559ac3a14d749cc3e1c7ec3 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Mon, 26 Aug 2019 21:56:58 +0200
Subject: [PATCH 0668/2300] Avoid changing DNS during install if bind is not
 installed

---
 install/vst-install-debian.sh | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index a300b76b..3dd3352a 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1413,9 +1413,11 @@ fi
 $VESTA/bin/v-add-domain admin $servername
 check_result $? "can't create $servername domain"
 
-# Adding ns1 and ns2 A records
-/usr/local/vesta/bin/v-add-dns-record 'admin' "$servername" 'ns1' 'A' "$pub_ip"
-/usr/local/vesta/bin/v-add-dns-record 'admin' "$servername" 'ns2' 'A' "$pub_ip"
+if [ "$named" = 'yes' ]; then
+    # Adding ns1 and ns2 A records
+    /usr/local/vesta/bin/v-add-dns-record 'admin' "$servername" 'ns1' 'A' "$pub_ip"
+    /usr/local/vesta/bin/v-add-dns-record 'admin' "$servername" 'ns2' 'A' "$pub_ip"
+fi
 
 if [ "$release" -eq 10 ]; then
   if [ -f "/etc/php/7.3/fpm/pool.d/$servername.conf" ]; then

From 56224663e7f9fdc3d56698fd25cc2d43695ffdcf Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Wed, 28 Aug 2019 23:33:32 +0200
Subject: [PATCH 0669/2300] Update README.md

---
 README.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/README.md b/README.md
index f9a9cee2..f458dc59 100644
--- a/README.md
+++ b/README.md
@@ -33,6 +33,8 @@ Features
 
 + You can change Vesta port during installation or later using one command line: **v-change-vesta-port [number]**
 
++ Limit maximum number of sent emails (per hour) per mail account and per hosting account.
+
 + You can compile Vesta binaries by yourself - https://github.com/myvesta/vesta/blob/master/src/deb/vesta_compile.sh
     + You can even create your own APT repositorium in a minute
     + We are using latest nginx version for vesta-nginx package

From 596c61c2375e02829049115fda1d7bde2eed978e Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Wed, 28 Aug 2019 23:36:17 +0200
Subject: [PATCH 0670/2300] Update README.md

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index f458dc59..93e11917 100644
--- a/README.md
+++ b/README.md
@@ -33,7 +33,7 @@ Features
 
 + You can change Vesta port during installation or later using one command line: **v-change-vesta-port [number]**
 
-+ Limit maximum number of sent emails (per hour) per mail account and per hosting account.
++ You can limit maximum number of sent emails (per hour) per mail account and per hosting account.
 
 + You can compile Vesta binaries by yourself - https://github.com/myvesta/vesta/blob/master/src/deb/vesta_compile.sh
     + You can even create your own APT repositorium in a minute

From 1a65c4774bb13795e03473daf0fc3d5feacd1b46 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Thu, 29 Aug 2019 00:05:23 +0200
Subject: [PATCH 0671/2300] Update README.md

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 93e11917..e62e6aa8 100644
--- a/README.md
+++ b/README.md
@@ -15,7 +15,7 @@ Features
 
 + You can totally "lock" VestaCP so it can be accessed only via https://serverhost:8083/?MY-SECRET-URL
     + During installation you will be asked to choose secret URL for your hosting panel
-    + Literally no PHP scripts will be alive (won't be able to get executed), unless you access the URL with that parameter. Thus, when it happens that, let's say, some zero-day exploit pops up - hacker will not be able to access it without knowing your secret URL. PHP scripts from VestaCP will be simply dead - no one will be able to interact with your panel unless he has the secret URL.
+    + Literally no PHP scripts will be alive on hosting panel (won't be able to get executed), unless you access the hosting panel with secret URL parameter. Thus, when it happens that, let's say, some zero-day exploit pops up - hacker will not be able to access it without knowing your secret URL. PHP scripts from VestaCP will be simply dead - no one will be able to interact with your panel unless he has the secret URL.
     + You can see for yourself how mechanism was built by looking at:
       + https://github.com/myvesta/vesta/blob/master/src/deb/for-download/php/php.ini#L496
       + https://github.com/myvesta/vesta/blob/master/web/inc/secure_login.php

From 847481d45e9c17d9e0f2e238ef259bf84c4ec3fb Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Thu, 29 Aug 2019 00:54:25 +0200
Subject: [PATCH 0672/2300] Update README.md

---
 README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README.md b/README.md
index e62e6aa8..9eef99ad 100644
--- a/README.md
+++ b/README.md
@@ -39,6 +39,7 @@ Features
     + You can even create your own APT repositorium in a minute
     + We are using latest nginx version for vesta-nginx package
     + With your own APT infrastructure you can take security of Vesta-installer infrastructure in your own hands. You will have full control of your Vesta code (this way you can rest assured that there's 0% chance that you'll install malicious packages from repositories that may get hacked)
+    + Binaries that you compile is 100% compatible with official VestaCP from vestacp.com, so you can run official VestaCP code with your own binaries (in case you don't want source code from this fork)
 
 How to install
 ----------------------------

From 31ff92eb7aa405a0a058517261cb5a42ce4fc3c6 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 3 Sep 2019 03:19:20 +0200
Subject: [PATCH 0673/2300] Create cpanel-import.sh

---
 src/deb/for-download/tools/cpanel-import.sh | 357 ++++++++++++++++++++
 1 file changed, 357 insertions(+)
 create mode 100644 src/deb/for-download/tools/cpanel-import.sh

diff --git a/src/deb/for-download/tools/cpanel-import.sh b/src/deb/for-download/tools/cpanel-import.sh
new file mode 100644
index 00000000..04d4f3c2
--- /dev/null
+++ b/src/deb/for-download/tools/cpanel-import.sh
@@ -0,0 +1,357 @@
+#!/bin/bash
+# Author / Idea: Maks Usmanov - Skamasle and good people who help to improve: 
+# Thanks to https://github.com/Skamasle/sk-import-cpanel-backup-to-vestacp/graphs/contributors
+# Github: https://github.com/Skamasle/sk-import-cpanel-backup-to-vestacp
+# Run at your own risk
+# This script take cpanel full backup and import it in vestacp account
+# This script can import databases and database users and password, 
+# Import domains, subdomains and website files
+# This script import also mail accounts and mails into accounts if previous cpanel run dovecot
+# Mail password not are restored this was reset by new one.
+###########
+# If you need restore main database user read line 160 or above
+###########
+if [ $# -lt 1 ]; then
+    echo "usage: bash $0 cpanel-backup.tar.gz"
+    echo "or"
+    echo "usage: bash $0 cpanel-backup.tar.gz MX"
+    exit 1
+fi
+if [[ $PATH != *"/usr/local/vesta/bin"* ]]; then
+    VESTA=/usr/local/vesta
+    export VESTA
+    
+    PATH=$PATH:/usr/local/vesta/bin
+    export PATH
+fi
+if [ ! -e /usr/bin/rsync ] || [ ! -e /usr/bin/file ] ; then
+	echo "#######################################"
+	echo "rsync not installed, try install it"
+	echo "This script need: rsync, file"
+	echo "#######################################"
+	if  [ -e /etc/redhat-release ]; then
+		echo "Run: yum install rsync file"
+	else
+		echo "Run: apt-get install rsync file"
+	fi
+	exit 3
+fi
+# Put this to 0 if you want use bash -x to debug it
+sk_debug=1
+sk_vesta_package=default
+#
+# Only for gen_password but I dont like it, a lot of lt
+# maybe will use it for other functions :)
+source /usr/local/vesta/func/main.sh 
+sk_file=$1
+sk_tmp=sk_tmp
+# I see than this is stupid, not know why is here.
+sk_file_name=$(ls $sk_file)
+tput setaf 2
+echo "Checking provided file..."
+tput sgr0 
+if file $sk_file |grep -q -c "gzip compressed data," ; then
+	tput setaf 2
+	echo "OK - Gziped File"
+	tput sgr0 	
+	if [ ! -d /root/${sk_tmp} ]; then
+		echo "Creating tmp.."
+		mkdir /root/${sk_tmp}
+	fi
+	echo "Extracting backup..."
+	if [ "$sk_debug" != 0 ]; then
+		tar xzvf $sk_file -C /root/${sk_tmp} 2>&1 |
+     		   while read sk_extracted_file; do
+       				ex=$((ex+1))
+       				echo -en "wait... $ex files extracted\r"
+       		   done
+		else
+			tar xzf $sk_file -C /root/${sk_tmp}
+	fi
+		if [ $? -eq 0 ];then
+			tput setaf 2
+			echo "Backup extracted without errors..."
+			tput sgr0 
+		else
+			echo "Error on backup extraction, check your file, try extract it manually"
+			echo "Remove tmp"
+			rm -rf "/root/${sk_tmp}"
+			exit 1
+		fi
+	else
+	echo "Error 3 not-gzip - no stantard cpanel backup provided of file not installed ( Try yum install file, or apt-get install file )"
+	rm -rf "/root/${sk_tmp}"
+	exit 3
+fi
+cd /root/${sk_tmp}/*
+sk_importer_in=$(pwd)
+echo "Access tmp directory $sk_importer_in"
+echo "Get prefix..."
+sk_dead_prefix=$(cat meta/dbprefix)
+if [ $sk_dead_prefix = 1 ]; then
+	echo "Error 666 - I dont like your prefix, I dont want do this job"
+	exit 666
+else
+	echo "I like your prefix, start working"
+fi
+main_domain1=$(grep main_domain userdata/main |cut -d " " -f2)
+if [ "$(ls -A mysql)" ]; then
+	sk_cp_user=$(ls mysql |grep sql | grep -v roundcube.sql |head -n1 |cut -d "_" -f1)
+	if [ -z "$sk_cp_user" ]; then
+		 	sk_cp_user=$(grep "user:" userdata/${main_domain1} | cut -d " " -f2)
+	fi
+	echo "$sk_cp_user" > sk_db_prefix
+	tput setaf 2
+	echo "Get user: $sk_cp_user"
+	tput sgr0
+	sk_restore_dbs=0
+else
+	sk_restore_dbs=1
+# get real cPanel user if no databases exist
+	sk_cp_user=$(grep "user:" userdata/${main_domain1} | cut -d " " -f2)
+fi
+# So get real user, may be we need it after -- oh yes, not remember where but this save my day march 19 2017 on 0.5
+sk_real_cp_user=$(grep "user:" userdata/${main_domain1} | cut -d " " -f2)
+if /usr/local/vesta/bin/v-list-users | grep -q -w $sk_cp_user ;then
+	echo "User alredy exist on your server, maybe on vestacp or in your /etc/passwd"
+	echo "**"
+	echo "Grep your /etc/passwd"
+	grep -q -w $sk_cp_user /etc/passwd
+	echo "**"
+	echo "Stop Working, clening..."
+	rm -rf /root/${sk_tmp}
+	exit 21
+else
+	echo "Generate random password for $sk_cp_user and create Vestacp Account ..."
+	sk_password=$(generate_password)
+	/usr/local/vesta/bin/v-add-user $sk_cp_user $sk_password administrator@${main_domain1} $sk_vesta_package $sk_cp_user $sk_cp_user
+	if [ $? != 0 ]; then
+		tput setaf 2
+		echo "Stop Working... Cant create user...if is fresh install of vestacp try reboot or reopen session check bug https://bugs.vestacp.com/issues/138"
+		tput sgr0
+		rm -rf "/root/${sk_tmp}"
+		exit 4
+		fi
+fi
+
+### Start with Databases
+mysql -e "SET GLOBAL max_allowed_packet=1073741824;"
+tput setaf 2
+echo "Start with Databases"
+tput sgr0 
+sed -i 's/\\//g' mysql.sql
+sed -i "s/\`/'/g" mysql.sql
+
+## User / Password
+grep "GRANT USAGE ON" mysql.sql | awk -F "'" '{ print $2, $6 }' | uniq > user_password_db
+# User and database
+grep "GRANT" mysql.sql |grep -v "USAGE ON"  > u_db
+cat u_db | awk -F "'" '{ print $2, $4 }' | sort | uniq  > uni_u_db
+sed -i "s/$sk_dead_prefix //g" user_password_db
+# Get database list
+sk_db_list=$(grep -m 1 Database: mysql/*.create | awk '{ print  $5 }')
+mysql -e "SHOW DATABASES" > server_dbs
+for sk_dbr in $sk_db_list
+	do
+		grep -w $sk_dbr server_dbs	
+		if [ $? == "1" ]; then
+			echo " Create and restore ${sk_dbr} "
+			mysql < mysql/${sk_dbr}.create
+			sed -i "s/utf8mb4_unicode_520_ci/utf8mb4_unicode_ci/g" mysql/${sk_dbr}.sql
+			mysql ${sk_dbr} < mysql/${sk_dbr}.sql
+		else
+			echo "Error: Cant restore database $sk_dbr alredy exists in mysql server"
+		fi
+done
+
+cat uni_u_db | while read db userdb
+do
+	grep -w $userdb user_password_db |while read user end_user_pass
+		do
+# default cpanel user has all database privileges
+# if you use default user in your config files to connect with database
+# you will need remove && [ "$userdb" != "$sk_cp_user" ] to restore main user, but
+# this will cause database duplication in db.conf and will interfer with vestacp backups 
+			if [ "$userdb" == "$user" ] && [ "$userdb" != "$sk_cp_user" ] && [ "$userdb" != "$sk_real_cp_user" ] ; then
+				echo "DB='$db' DBUSER='$userdb' MD5='$end_user_pass' HOST='localhost' TYPE='mysql' CHARSET='UTF8' U_DISK='0' SUSPENDED='no' TIME='$TIME' DATE='$DATE'" >> /usr/local/vesta/data/users/${sk_cp_user}/db.conf
+			fi
+		done
+done
+
+# Leave vesta restore passwords and create users
+tput setaf 2
+echo "Rebuild databases files for $sk_cp_user"
+tput sgr0 
+/usr/local/vesta/bin/v-rebuild-databases $sk_cp_user
+
+## end mysql
+
+skaddons=$(cat addons |cut -d "=" -f1)
+sed -i 's/_/./g; s/=/ /g' addons
+echo "Converting addons domains, subdomains and some other fun"
+cp sds sk_sds
+cp sds2 sk_sds2
+sed -i 's/_/./g' sk_sds
+sed -i 's/public_html/public@html/g; s/_/./g; s/public@html/public_html/g; s/=/ /g; s/$sk_default_sub/@/g' sk_sds2
+cat addons | while read sk_addon_domain sk_addon_sub
+do
+	echo "Converting default subdomain: $sk_addon_sub in domain: $sk_addon_domain"
+	sed -i -e "s/$sk_addon_sub/$sk_addon_domain/g" sk_sds
+	sed -i -e "s/$sk_addon_sub/$sk_addon_domain/g" sk_sds2
+	mv userdata/$sk_addon_sub userdata/${sk_addon_domain}
+done
+
+tput setaf 2
+echo "Start restoring domains"
+tput sgr0
+function get_domain_path() {
+		while read sk_domain path
+	do
+		if [ -e userdata/${sk_domain} ];then
+			/usr/local/vesta/bin/v-add-domain $sk_cp_user $sk_domain
+			echo "Restoring $sk_domain..."
+			rm -f /home/${sk_cp_user}/web/${sk_domain}/public_html/index.html
+			if [ "$sk_debug" != 0 ]; then
+				rsync -av homedir/${path}/ /home/${sk_cp_user}/web/${sk_domain}/public_html 2>&1 | 
+    			while read sk_file_dm; do
+       			 	sk_sync=$((sk_sync+1))
+       			 	echo -en "-- $sk_sync restored files\r"
+				done
+			echo " "
+			else
+				rsync homedir/${path}/ /home/${sk_cp_user}/web/${sk_domain}/public_html
+			fi
+			chown $sk_cp_user:$sk_cp_user -R /home/${sk_cp_user}/web/${sk_domain}/public_html
+			chmod 751 /home/${sk_cp_user}/web/${sk_domain}/public_html
+			echo "$sk_domain" >> exclude_path
+		fi
+done
+
+} 
+get_domain_path < sk_sds2
+
+/usr/local/vesta/bin/v-add-domain $sk_cp_user $main_domain1
+# need it for restore main domain
+if [ ! -e exclude_path ];then
+	touch exclude_path
+fi
+echo "Restore main domain: $main_domain1"
+rm -f /home/${sk_cp_user}/web/${main_domain1}/public_html/index.html
+if [ "$sk_debug" != 0 ]; then
+	rsync -av --exclude-from='exclude_path' homedir/public_html/ /home/${sk_cp_user}/web/${main_domain1}/public_html 2>&1 | 
+    		while read sk_file_dm; do
+       			 sk_sync=$((sk_sync+1))
+       			 echo -en "-- $sk_sync restored files\r"
+			done
+		echo " "
+else
+	rsync --exclude-from='exclude_path' homedir/public_html/ /home/${sk_cp_user}/web/${main_domain1}/public_html 2>&1
+fi
+chown $sk_cp_user:$sk_cp_user -R /home/${sk_cp_user}/web/${main_domain1}/public_html
+chmod 751 /home/${sk_cp_user}/web/${main_domain1}/public_html
+rm -f sk_sds2 sk_sds
+
+##################
+# mail
+tput setaf 2
+echo "Start Restoring Mails"
+tput sgr0
+sk_cod=$(date +%s) # Just for numbers and create another file if acccount was restored before.
+sk_mdir=${sk_importer_in}/homedir/mail
+cd $sk_mdir
+for sk_maild in $(ls -1)
+do
+if [[ "$sk_maild" != "cur" && "$sk_maild" != "new" && "$sk_maild" != "tmp"  ]]; then
+	if [ -d "$sk_maild" ]; then
+		for sk_mail_account in $(ls $sk_maild/)
+		 do
+					
+					echo "Create and restore mail account: $sk_mail_account@$sk_maild"
+					sk_mail_pass1=$(generate_password)		
+					/usr/local/vesta/bin/v-add-mail-account $sk_cp_user $sk_maild $sk_mail_account $sk_mail_pass1
+					mv ${sk_maild}/${sk_mail_account} /home/${sk_cp_user}/mail/${sk_maild}
+					chown ${sk_cp_user}:mail -R /home/${sk_cp_user}/mail/${sk_maild}
+					find /home/${sk_cp_user}/mail/${sk_maild} -type f -name 'dovecot*' -delete
+					echo "${sk_mail_account}@${sk_maild} | $sk_mail_pass1"	>> /root/sk_mail_password_${sk_cp_user}-${sk_cod}
+		done
+	fi
+#else
+# this only detect default dirs account new, cur, tmp etc
+# maybe can do something with this, but on most cpanel default account have only spam.
+fi
+done
+echo "All mail accounts restored"
+############# ssl functions <(°-°)>
+tput setaf 2
+echo "Restoring SSL for domains"
+tput sgr0
+
+mv  ${sk_importer_in}/sslkeys/* ${sk_importer_in}/sslcerts/
+if ls -1 ${sk_importer_in}/ssl/* >/dev/null 2>&1; then
+        mv  ${sk_importer_in}/ssl/* ${sk_importer_in}/sslcerts/
+else
+        echo "No SSL Cert. found..."
+fi
+
+
+sk_domains=$(/usr/local/vesta/bin/v-list-web-domains $sk_cp_user plain |awk '{ print  $1 }')
+
+for ssl in $sk_domains
+do
+	if [ -e ${sk_importer_in}/sslcerts/${ssl}.key ]; then
+		echo "Found SSL for ${ssl}, restoring..."
+		/usr/local/vesta/bin/v-add-web-domain-ssl $sk_cp_user $ssl ${sk_importer_in}/sslcerts/
+	fi
+done
+function sk_restore_pass () {
+sk_actual_pass=$(grep -w "^$sk_cp_user:" /etc/shadow |tr ":" " " | awk '{ print  $2 }' )
+sk_new_pass=$(cat $sk_importer_in/shadow)
+# need replace I hope you have installed it as in most systems...  
+# sed is a hero but replace is easy and not need space // :D
+replace "$sk_cp_user:$sk_actual_pass" "$sk_cp_user:$sk_new_pass" -- /etc/shadow
+tput setaf 5
+echo "Old  cPanel password restored in $sk_cp_user vesta account"
+tput sgr0
+}
+function sk_fix_mx () {
+tput setaf 2
+	echo "Start With MX Records"
+tput sgr0
+cd $sk_importer_in/dnszones
+for sk_mx in $sk_domains 
+do
+	if [ -e $sk_mx.db ]; then
+		sk_id=$(grep MX /usr/local/vesta/data/users/${sk_cp_user}/dns/${sk_mx}.conf |tr "'" " " | cut -d " " -f 2)
+		/usr/local/vesta/bin/v-delete-dns-record $sk_cp_user $sk_mx $sk_id
+		grep MX ${sk_mx}.db |  awk '{for(sk=NF;sk>=1;sk--) printf "%s ", $sk;print ""}' | while read value pri ns rest
+			do
+				if [ "$ns" == "MX" ];then
+					if [ "$value" == "$sk_mx" ] || [ "$value" == "$sk_mx." ];then 
+						value=mail.$value
+					fi
+					/usr/local/vesta/bin/v-add-dns-record $sk_cp_user $sk_mx @ MX $value $pri
+					if [[ "$?" -ge "1" ]]; then
+						/usr/local/vesta/bin/v-add-dns-record $sk_cp_user $sk_mx @ MX mail.${sk_mx} 0
+					fi
+					echo "MX fixed in $sk_mx"
+				fi
+			done
+	fi	
+done
+}
+if [ "$2" == "MX" ];then
+# Need some fixed so run if you want try it, marked as experimental
+	sk_fix_mx
+fi
+sk_restore_pass
+
+echo "Remove tmp files"
+rm -rf "/root/${sk_tmp}"
+tput setaf 4
+echo "##############################"
+echo "cPanel Backup restored"
+echo "Review your content and report any fail"
+echo "I reset mail password not posible restore it yet."
+echo "Check your new passwords runing: cat /root/sk_mail_password_${sk_cp_user}-${sk_cod}"
+echo "##############################"
+tput sgr0

From aec47bf55055b57a32b42f7c0f15e3d2d939d23a Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 3 Sep 2019 03:20:06 +0200
Subject: [PATCH 0674/2300] Create cpanel-import-godaddy.sh

---
 .../tools/cpanel-import-godaddy.sh            | 357 ++++++++++++++++++
 1 file changed, 357 insertions(+)
 create mode 100644 src/deb/for-download/tools/cpanel-import-godaddy.sh

diff --git a/src/deb/for-download/tools/cpanel-import-godaddy.sh b/src/deb/for-download/tools/cpanel-import-godaddy.sh
new file mode 100644
index 00000000..04d4f3c2
--- /dev/null
+++ b/src/deb/for-download/tools/cpanel-import-godaddy.sh
@@ -0,0 +1,357 @@
+#!/bin/bash
+# Author / Idea: Maks Usmanov - Skamasle and good people who help to improve: 
+# Thanks to https://github.com/Skamasle/sk-import-cpanel-backup-to-vestacp/graphs/contributors
+# Github: https://github.com/Skamasle/sk-import-cpanel-backup-to-vestacp
+# Run at your own risk
+# This script take cpanel full backup and import it in vestacp account
+# This script can import databases and database users and password, 
+# Import domains, subdomains and website files
+# This script import also mail accounts and mails into accounts if previous cpanel run dovecot
+# Mail password not are restored this was reset by new one.
+###########
+# If you need restore main database user read line 160 or above
+###########
+if [ $# -lt 1 ]; then
+    echo "usage: bash $0 cpanel-backup.tar.gz"
+    echo "or"
+    echo "usage: bash $0 cpanel-backup.tar.gz MX"
+    exit 1
+fi
+if [[ $PATH != *"/usr/local/vesta/bin"* ]]; then
+    VESTA=/usr/local/vesta
+    export VESTA
+    
+    PATH=$PATH:/usr/local/vesta/bin
+    export PATH
+fi
+if [ ! -e /usr/bin/rsync ] || [ ! -e /usr/bin/file ] ; then
+	echo "#######################################"
+	echo "rsync not installed, try install it"
+	echo "This script need: rsync, file"
+	echo "#######################################"
+	if  [ -e /etc/redhat-release ]; then
+		echo "Run: yum install rsync file"
+	else
+		echo "Run: apt-get install rsync file"
+	fi
+	exit 3
+fi
+# Put this to 0 if you want use bash -x to debug it
+sk_debug=1
+sk_vesta_package=default
+#
+# Only for gen_password but I dont like it, a lot of lt
+# maybe will use it for other functions :)
+source /usr/local/vesta/func/main.sh 
+sk_file=$1
+sk_tmp=sk_tmp
+# I see than this is stupid, not know why is here.
+sk_file_name=$(ls $sk_file)
+tput setaf 2
+echo "Checking provided file..."
+tput sgr0 
+if file $sk_file |grep -q -c "gzip compressed data," ; then
+	tput setaf 2
+	echo "OK - Gziped File"
+	tput sgr0 	
+	if [ ! -d /root/${sk_tmp} ]; then
+		echo "Creating tmp.."
+		mkdir /root/${sk_tmp}
+	fi
+	echo "Extracting backup..."
+	if [ "$sk_debug" != 0 ]; then
+		tar xzvf $sk_file -C /root/${sk_tmp} 2>&1 |
+     		   while read sk_extracted_file; do
+       				ex=$((ex+1))
+       				echo -en "wait... $ex files extracted\r"
+       		   done
+		else
+			tar xzf $sk_file -C /root/${sk_tmp}
+	fi
+		if [ $? -eq 0 ];then
+			tput setaf 2
+			echo "Backup extracted without errors..."
+			tput sgr0 
+		else
+			echo "Error on backup extraction, check your file, try extract it manually"
+			echo "Remove tmp"
+			rm -rf "/root/${sk_tmp}"
+			exit 1
+		fi
+	else
+	echo "Error 3 not-gzip - no stantard cpanel backup provided of file not installed ( Try yum install file, or apt-get install file )"
+	rm -rf "/root/${sk_tmp}"
+	exit 3
+fi
+cd /root/${sk_tmp}/*
+sk_importer_in=$(pwd)
+echo "Access tmp directory $sk_importer_in"
+echo "Get prefix..."
+sk_dead_prefix=$(cat meta/dbprefix)
+if [ $sk_dead_prefix = 1 ]; then
+	echo "Error 666 - I dont like your prefix, I dont want do this job"
+	exit 666
+else
+	echo "I like your prefix, start working"
+fi
+main_domain1=$(grep main_domain userdata/main |cut -d " " -f2)
+if [ "$(ls -A mysql)" ]; then
+	sk_cp_user=$(ls mysql |grep sql | grep -v roundcube.sql |head -n1 |cut -d "_" -f1)
+	if [ -z "$sk_cp_user" ]; then
+		 	sk_cp_user=$(grep "user:" userdata/${main_domain1} | cut -d " " -f2)
+	fi
+	echo "$sk_cp_user" > sk_db_prefix
+	tput setaf 2
+	echo "Get user: $sk_cp_user"
+	tput sgr0
+	sk_restore_dbs=0
+else
+	sk_restore_dbs=1
+# get real cPanel user if no databases exist
+	sk_cp_user=$(grep "user:" userdata/${main_domain1} | cut -d " " -f2)
+fi
+# So get real user, may be we need it after -- oh yes, not remember where but this save my day march 19 2017 on 0.5
+sk_real_cp_user=$(grep "user:" userdata/${main_domain1} | cut -d " " -f2)
+if /usr/local/vesta/bin/v-list-users | grep -q -w $sk_cp_user ;then
+	echo "User alredy exist on your server, maybe on vestacp or in your /etc/passwd"
+	echo "**"
+	echo "Grep your /etc/passwd"
+	grep -q -w $sk_cp_user /etc/passwd
+	echo "**"
+	echo "Stop Working, clening..."
+	rm -rf /root/${sk_tmp}
+	exit 21
+else
+	echo "Generate random password for $sk_cp_user and create Vestacp Account ..."
+	sk_password=$(generate_password)
+	/usr/local/vesta/bin/v-add-user $sk_cp_user $sk_password administrator@${main_domain1} $sk_vesta_package $sk_cp_user $sk_cp_user
+	if [ $? != 0 ]; then
+		tput setaf 2
+		echo "Stop Working... Cant create user...if is fresh install of vestacp try reboot or reopen session check bug https://bugs.vestacp.com/issues/138"
+		tput sgr0
+		rm -rf "/root/${sk_tmp}"
+		exit 4
+		fi
+fi
+
+### Start with Databases
+mysql -e "SET GLOBAL max_allowed_packet=1073741824;"
+tput setaf 2
+echo "Start with Databases"
+tput sgr0 
+sed -i 's/\\//g' mysql.sql
+sed -i "s/\`/'/g" mysql.sql
+
+## User / Password
+grep "GRANT USAGE ON" mysql.sql | awk -F "'" '{ print $2, $6 }' | uniq > user_password_db
+# User and database
+grep "GRANT" mysql.sql |grep -v "USAGE ON"  > u_db
+cat u_db | awk -F "'" '{ print $2, $4 }' | sort | uniq  > uni_u_db
+sed -i "s/$sk_dead_prefix //g" user_password_db
+# Get database list
+sk_db_list=$(grep -m 1 Database: mysql/*.create | awk '{ print  $5 }')
+mysql -e "SHOW DATABASES" > server_dbs
+for sk_dbr in $sk_db_list
+	do
+		grep -w $sk_dbr server_dbs	
+		if [ $? == "1" ]; then
+			echo " Create and restore ${sk_dbr} "
+			mysql < mysql/${sk_dbr}.create
+			sed -i "s/utf8mb4_unicode_520_ci/utf8mb4_unicode_ci/g" mysql/${sk_dbr}.sql
+			mysql ${sk_dbr} < mysql/${sk_dbr}.sql
+		else
+			echo "Error: Cant restore database $sk_dbr alredy exists in mysql server"
+		fi
+done
+
+cat uni_u_db | while read db userdb
+do
+	grep -w $userdb user_password_db |while read user end_user_pass
+		do
+# default cpanel user has all database privileges
+# if you use default user in your config files to connect with database
+# you will need remove && [ "$userdb" != "$sk_cp_user" ] to restore main user, but
+# this will cause database duplication in db.conf and will interfer with vestacp backups 
+			if [ "$userdb" == "$user" ] && [ "$userdb" != "$sk_cp_user" ] && [ "$userdb" != "$sk_real_cp_user" ] ; then
+				echo "DB='$db' DBUSER='$userdb' MD5='$end_user_pass' HOST='localhost' TYPE='mysql' CHARSET='UTF8' U_DISK='0' SUSPENDED='no' TIME='$TIME' DATE='$DATE'" >> /usr/local/vesta/data/users/${sk_cp_user}/db.conf
+			fi
+		done
+done
+
+# Leave vesta restore passwords and create users
+tput setaf 2
+echo "Rebuild databases files for $sk_cp_user"
+tput sgr0 
+/usr/local/vesta/bin/v-rebuild-databases $sk_cp_user
+
+## end mysql
+
+skaddons=$(cat addons |cut -d "=" -f1)
+sed -i 's/_/./g; s/=/ /g' addons
+echo "Converting addons domains, subdomains and some other fun"
+cp sds sk_sds
+cp sds2 sk_sds2
+sed -i 's/_/./g' sk_sds
+sed -i 's/public_html/public@html/g; s/_/./g; s/public@html/public_html/g; s/=/ /g; s/$sk_default_sub/@/g' sk_sds2
+cat addons | while read sk_addon_domain sk_addon_sub
+do
+	echo "Converting default subdomain: $sk_addon_sub in domain: $sk_addon_domain"
+	sed -i -e "s/$sk_addon_sub/$sk_addon_domain/g" sk_sds
+	sed -i -e "s/$sk_addon_sub/$sk_addon_domain/g" sk_sds2
+	mv userdata/$sk_addon_sub userdata/${sk_addon_domain}
+done
+
+tput setaf 2
+echo "Start restoring domains"
+tput sgr0
+function get_domain_path() {
+		while read sk_domain path
+	do
+		if [ -e userdata/${sk_domain} ];then
+			/usr/local/vesta/bin/v-add-domain $sk_cp_user $sk_domain
+			echo "Restoring $sk_domain..."
+			rm -f /home/${sk_cp_user}/web/${sk_domain}/public_html/index.html
+			if [ "$sk_debug" != 0 ]; then
+				rsync -av homedir/${path}/ /home/${sk_cp_user}/web/${sk_domain}/public_html 2>&1 | 
+    			while read sk_file_dm; do
+       			 	sk_sync=$((sk_sync+1))
+       			 	echo -en "-- $sk_sync restored files\r"
+				done
+			echo " "
+			else
+				rsync homedir/${path}/ /home/${sk_cp_user}/web/${sk_domain}/public_html
+			fi
+			chown $sk_cp_user:$sk_cp_user -R /home/${sk_cp_user}/web/${sk_domain}/public_html
+			chmod 751 /home/${sk_cp_user}/web/${sk_domain}/public_html
+			echo "$sk_domain" >> exclude_path
+		fi
+done
+
+} 
+get_domain_path < sk_sds2
+
+/usr/local/vesta/bin/v-add-domain $sk_cp_user $main_domain1
+# need it for restore main domain
+if [ ! -e exclude_path ];then
+	touch exclude_path
+fi
+echo "Restore main domain: $main_domain1"
+rm -f /home/${sk_cp_user}/web/${main_domain1}/public_html/index.html
+if [ "$sk_debug" != 0 ]; then
+	rsync -av --exclude-from='exclude_path' homedir/public_html/ /home/${sk_cp_user}/web/${main_domain1}/public_html 2>&1 | 
+    		while read sk_file_dm; do
+       			 sk_sync=$((sk_sync+1))
+       			 echo -en "-- $sk_sync restored files\r"
+			done
+		echo " "
+else
+	rsync --exclude-from='exclude_path' homedir/public_html/ /home/${sk_cp_user}/web/${main_domain1}/public_html 2>&1
+fi
+chown $sk_cp_user:$sk_cp_user -R /home/${sk_cp_user}/web/${main_domain1}/public_html
+chmod 751 /home/${sk_cp_user}/web/${main_domain1}/public_html
+rm -f sk_sds2 sk_sds
+
+##################
+# mail
+tput setaf 2
+echo "Start Restoring Mails"
+tput sgr0
+sk_cod=$(date +%s) # Just for numbers and create another file if acccount was restored before.
+sk_mdir=${sk_importer_in}/homedir/mail
+cd $sk_mdir
+for sk_maild in $(ls -1)
+do
+if [[ "$sk_maild" != "cur" && "$sk_maild" != "new" && "$sk_maild" != "tmp"  ]]; then
+	if [ -d "$sk_maild" ]; then
+		for sk_mail_account in $(ls $sk_maild/)
+		 do
+					
+					echo "Create and restore mail account: $sk_mail_account@$sk_maild"
+					sk_mail_pass1=$(generate_password)		
+					/usr/local/vesta/bin/v-add-mail-account $sk_cp_user $sk_maild $sk_mail_account $sk_mail_pass1
+					mv ${sk_maild}/${sk_mail_account} /home/${sk_cp_user}/mail/${sk_maild}
+					chown ${sk_cp_user}:mail -R /home/${sk_cp_user}/mail/${sk_maild}
+					find /home/${sk_cp_user}/mail/${sk_maild} -type f -name 'dovecot*' -delete
+					echo "${sk_mail_account}@${sk_maild} | $sk_mail_pass1"	>> /root/sk_mail_password_${sk_cp_user}-${sk_cod}
+		done
+	fi
+#else
+# this only detect default dirs account new, cur, tmp etc
+# maybe can do something with this, but on most cpanel default account have only spam.
+fi
+done
+echo "All mail accounts restored"
+############# ssl functions <(°-°)>
+tput setaf 2
+echo "Restoring SSL for domains"
+tput sgr0
+
+mv  ${sk_importer_in}/sslkeys/* ${sk_importer_in}/sslcerts/
+if ls -1 ${sk_importer_in}/ssl/* >/dev/null 2>&1; then
+        mv  ${sk_importer_in}/ssl/* ${sk_importer_in}/sslcerts/
+else
+        echo "No SSL Cert. found..."
+fi
+
+
+sk_domains=$(/usr/local/vesta/bin/v-list-web-domains $sk_cp_user plain |awk '{ print  $1 }')
+
+for ssl in $sk_domains
+do
+	if [ -e ${sk_importer_in}/sslcerts/${ssl}.key ]; then
+		echo "Found SSL for ${ssl}, restoring..."
+		/usr/local/vesta/bin/v-add-web-domain-ssl $sk_cp_user $ssl ${sk_importer_in}/sslcerts/
+	fi
+done
+function sk_restore_pass () {
+sk_actual_pass=$(grep -w "^$sk_cp_user:" /etc/shadow |tr ":" " " | awk '{ print  $2 }' )
+sk_new_pass=$(cat $sk_importer_in/shadow)
+# need replace I hope you have installed it as in most systems...  
+# sed is a hero but replace is easy and not need space // :D
+replace "$sk_cp_user:$sk_actual_pass" "$sk_cp_user:$sk_new_pass" -- /etc/shadow
+tput setaf 5
+echo "Old  cPanel password restored in $sk_cp_user vesta account"
+tput sgr0
+}
+function sk_fix_mx () {
+tput setaf 2
+	echo "Start With MX Records"
+tput sgr0
+cd $sk_importer_in/dnszones
+for sk_mx in $sk_domains 
+do
+	if [ -e $sk_mx.db ]; then
+		sk_id=$(grep MX /usr/local/vesta/data/users/${sk_cp_user}/dns/${sk_mx}.conf |tr "'" " " | cut -d " " -f 2)
+		/usr/local/vesta/bin/v-delete-dns-record $sk_cp_user $sk_mx $sk_id
+		grep MX ${sk_mx}.db |  awk '{for(sk=NF;sk>=1;sk--) printf "%s ", $sk;print ""}' | while read value pri ns rest
+			do
+				if [ "$ns" == "MX" ];then
+					if [ "$value" == "$sk_mx" ] || [ "$value" == "$sk_mx." ];then 
+						value=mail.$value
+					fi
+					/usr/local/vesta/bin/v-add-dns-record $sk_cp_user $sk_mx @ MX $value $pri
+					if [[ "$?" -ge "1" ]]; then
+						/usr/local/vesta/bin/v-add-dns-record $sk_cp_user $sk_mx @ MX mail.${sk_mx} 0
+					fi
+					echo "MX fixed in $sk_mx"
+				fi
+			done
+	fi	
+done
+}
+if [ "$2" == "MX" ];then
+# Need some fixed so run if you want try it, marked as experimental
+	sk_fix_mx
+fi
+sk_restore_pass
+
+echo "Remove tmp files"
+rm -rf "/root/${sk_tmp}"
+tput setaf 4
+echo "##############################"
+echo "cPanel Backup restored"
+echo "Review your content and report any fail"
+echo "I reset mail password not posible restore it yet."
+echo "Check your new passwords runing: cat /root/sk_mail_password_${sk_cp_user}-${sk_cod}"
+echo "##############################"
+tput sgr0

From 08d8c646192eb9a4cf2811f357ee6e887841b097 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 3 Sep 2019 03:21:32 +0200
Subject: [PATCH 0675/2300] Update cpanel-import-godaddy.sh

---
 .../tools/cpanel-import-godaddy.sh            | 50 +++++++++++++++++--
 1 file changed, 45 insertions(+), 5 deletions(-)

diff --git a/src/deb/for-download/tools/cpanel-import-godaddy.sh b/src/deb/for-download/tools/cpanel-import-godaddy.sh
index 04d4f3c2..5e66e0a4 100644
--- a/src/deb/for-download/tools/cpanel-import-godaddy.sh
+++ b/src/deb/for-download/tools/cpanel-import-godaddy.sh
@@ -11,6 +11,9 @@
 ###########
 # If you need restore main database user read line 160 or above
 ###########
+
+MYUSERNAME="mintontherock"
+
 if [ $# -lt 1 ]; then
     echo "usage: bash $0 cpanel-backup.tar.gz"
     echo "or"
@@ -88,12 +91,14 @@ sk_importer_in=$(pwd)
 echo "Access tmp directory $sk_importer_in"
 echo "Get prefix..."
 sk_dead_prefix=$(cat meta/dbprefix)
+sk_dead_prefix="$MYUSERNAME"
 if [ $sk_dead_prefix = 1 ]; then
 	echo "Error 666 - I dont like your prefix, I dont want do this job"
 	exit 666
 else
 	echo "I like your prefix, start working"
 fi
+
 main_domain1=$(grep main_domain userdata/main |cut -d " " -f2)
 if [ "$(ls -A mysql)" ]; then
 	sk_cp_user=$(ls mysql |grep sql | grep -v roundcube.sql |head -n1 |cut -d "_" -f1)
@@ -110,6 +115,7 @@ else
 # get real cPanel user if no databases exist
 	sk_cp_user=$(grep "user:" userdata/${main_domain1} | cut -d " " -f2)
 fi
+sk_cp_user="$MYUSERNAME"
 # So get real user, may be we need it after -- oh yes, not remember where but this save my day march 19 2017 on 0.5
 sk_real_cp_user=$(grep "user:" userdata/${main_domain1} | cut -d " " -f2)
 if /usr/local/vesta/bin/v-list-users | grep -q -w $sk_cp_user ;then
@@ -142,23 +148,53 @@ tput sgr0
 sed -i 's/\\//g' mysql.sql
 sed -i "s/\`/'/g" mysql.sql
 
+sed -i "s/GRANT USAGE ON *.* TO \'/GRANT USAGE ON *.* TO \'${sk_cp_user}_/g" mysql.sql
+sed -i "s/GRANT ALL PRIVILEGES ON \'/GRANT ALL PRIVILEGES ON \'${sk_cp_user}_/g" mysql.sql
+sed -i "s/\'.* TO \'/\'.* TO \'${sk_cp_user}_/g" mysql.sql
+echo "-----------------"
+echo "mysql.sql:"
+cat mysql.sql
+
 ## User / Password
 grep "GRANT USAGE ON" mysql.sql | awk -F "'" '{ print $2, $6 }' | uniq > user_password_db
+echo "-----------------"
+echo "user_password_db:"
+cat user_password_db
+
 # User and database
 grep "GRANT" mysql.sql |grep -v "USAGE ON"  > u_db
+echo "-----------------"
+echo "u_db:"
+cat u_db
+
 cat u_db | awk -F "'" '{ print $2, $4 }' | sort | uniq  > uni_u_db
+echo "-----------------"
+echo "uni_u_db:"
+cat uni_u_db
+
 sed -i "s/$sk_dead_prefix //g" user_password_db
+echo "-----------------"
+echo "user_password_db:"
+cat user_password_db
+
 # Get database list
 sk_db_list=$(grep -m 1 Database: mysql/*.create | awk '{ print  $5 }')
+sk_db_list=$(echo "${sk_cp_user}_$sk_db_list" | sed "s| | ${sk_cp_user}_|g")
+echo "-----------------"
+echo "sk_db_list:"
+echo $sk_db_list
 mysql -e "SHOW DATABASES" > server_dbs
 for sk_dbr in $sk_db_list
 	do
 		grep -w $sk_dbr server_dbs	
 		if [ $? == "1" ]; then
-			echo " Create and restore ${sk_dbr} "
+			echo " Create and restore ${sk_cp_user}_${sk_dbr} "
+			echo "sed -i s/${sk_dbr}/${sk_cp_user}_${sk_dbr}/g mysql/${sk_dbr}.create"
+			sed -i "s/${sk_dbr}/${sk_cp_user}_${sk_dbr}/g" mysql/${sk_dbr}.create
 			mysql < mysql/${sk_dbr}.create
 			sed -i "s/utf8mb4_unicode_520_ci/utf8mb4_unicode_ci/g" mysql/${sk_dbr}.sql
-			mysql ${sk_dbr} < mysql/${sk_dbr}.sql
+			mysql ${sk_cp_user}_${sk_dbr} < mysql/${sk_dbr}.sql
+			echo "---------------"
 		else
 			echo "Error: Cant restore database $sk_dbr alredy exists in mysql server"
 		fi
@@ -172,9 +208,10 @@ do
 # if you use default user in your config files to connect with database
 # you will need remove && [ "$userdb" != "$sk_cp_user" ] to restore main user, but
 # this will cause database duplication in db.conf and will interfer with vestacp backups 
-			if [ "$userdb" == "$user" ] && [ "$userdb" != "$sk_cp_user" ] && [ "$userdb" != "$sk_real_cp_user" ] ; then
-				echo "DB='$db' DBUSER='$userdb' MD5='$end_user_pass' HOST='localhost' TYPE='mysql' CHARSET='UTF8' U_DISK='0' SUSPENDED='no' TIME='$TIME' DATE='$DATE'" >> /usr/local/vesta/data/users/${sk_cp_user}/db.conf
-			fi
+			# if [ "$userdb" == "$user" ] && [ "$userdb" != "$sk_cp_user" ] && [ "$userdb" != "$sk_real_cp_user" ] ; then
+				echo "DB='${sk_cp_user}_$db' DBUSER='${sk_cp_user}_$userdb' MD5='$end_user_pass' HOST='localhost' TYPE='mysql' CHARSET='UTF8' U_DISK='0' SUSPENDED='no' TIME='$TIME' DATE='$DATE'"
+				echo "DB='${sk_cp_user}_$db' DBUSER='${sk_cp_user}_$userdb' MD5='$end_user_pass' HOST='localhost' TYPE='mysql' CHARSET='UTF8' U_DISK='0' SUSPENDED='no' TIME='$TIME' DATE='$DATE'" >> /usr/local/vesta/data/users/${sk_cp_user}/db.conf
+			# fi
 		done
 done
 
@@ -345,6 +382,9 @@ if [ "$2" == "MX" ];then
 fi
 sk_restore_pass
 
+find /home/${sk_cp_user}/web/*/public_html/ -type f -name "wp-config.php" -exec sed -i "s|define('DB_NAME', '|define('DB_NAME', '${sk_cp_user}_|g" {} \;
+find /home/${sk_cp_user}/web/*/public_html/ -type f -name "wp-config.php" -exec sed -i "s|define('DB_USER', '|define('DB_USER', '${sk_cp_user}_|g" {} \;
+
 echo "Remove tmp files"
 rm -rf "/root/${sk_tmp}"
 tput setaf 4

From 6e8302dacf39c1ce7519d3d8d735b7f0786af08a Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 3 Sep 2019 23:21:18 +0200
Subject: [PATCH 0676/2300] Update cpanel-import-godaddy.sh

---
 src/deb/for-download/tools/cpanel-import-godaddy.sh | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/deb/for-download/tools/cpanel-import-godaddy.sh b/src/deb/for-download/tools/cpanel-import-godaddy.sh
index 5e66e0a4..1088208b 100644
--- a/src/deb/for-download/tools/cpanel-import-godaddy.sh
+++ b/src/deb/for-download/tools/cpanel-import-godaddy.sh
@@ -12,7 +12,7 @@
 # If you need restore main database user read line 160 or above
 ###########
 
-MYUSERNAME="mintontherock"
+MYUSERNAME="ENTER-HERE-DESIRED-DESTINATION-USERNAME"
 
 if [ $# -lt 1 ]; then
     echo "usage: bash $0 cpanel-backup.tar.gz"
@@ -384,6 +384,8 @@ sk_restore_pass
 
 find /home/${sk_cp_user}/web/*/public_html/ -type f -name "wp-config.php" -exec sed -i "s|define('DB_NAME', '|define('DB_NAME', '${sk_cp_user}_|g" {} \;
 find /home/${sk_cp_user}/web/*/public_html/ -type f -name "wp-config.php" -exec sed -i "s|define('DB_USER', '|define('DB_USER', '${sk_cp_user}_|g" {} \;
+find /home/${sk_cp_user}/web/*/public_html/ -type f -name "wp-config.php" -exec sed -i "s|define(' DB_NAME', '|define( 'DB_NAME', '${sk_cp_user}_|g" {} \;
+find /home/${sk_cp_user}/web/*/public_html/ -type f -name "wp-config.php" -exec sed -i "s|define(' DB_USER', '|define( 'DB_USER', '${sk_cp_user}_|g" {} \;
 
 echo "Remove tmp files"
 rm -rf "/root/${sk_tmp}"

From 85ea9804d61df4b1fc9dfb14932460dfcd86714d Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Wed, 4 Sep 2019 01:02:26 +0200
Subject: [PATCH 0677/2300] Update cpanel-import-godaddy.sh

---
 src/deb/for-download/tools/cpanel-import-godaddy.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/deb/for-download/tools/cpanel-import-godaddy.sh b/src/deb/for-download/tools/cpanel-import-godaddy.sh
index 1088208b..fd62ee22 100644
--- a/src/deb/for-download/tools/cpanel-import-godaddy.sh
+++ b/src/deb/for-download/tools/cpanel-import-godaddy.sh
@@ -384,8 +384,8 @@ sk_restore_pass
 
 find /home/${sk_cp_user}/web/*/public_html/ -type f -name "wp-config.php" -exec sed -i "s|define('DB_NAME', '|define('DB_NAME', '${sk_cp_user}_|g" {} \;
 find /home/${sk_cp_user}/web/*/public_html/ -type f -name "wp-config.php" -exec sed -i "s|define('DB_USER', '|define('DB_USER', '${sk_cp_user}_|g" {} \;
-find /home/${sk_cp_user}/web/*/public_html/ -type f -name "wp-config.php" -exec sed -i "s|define(' DB_NAME', '|define( 'DB_NAME', '${sk_cp_user}_|g" {} \;
-find /home/${sk_cp_user}/web/*/public_html/ -type f -name "wp-config.php" -exec sed -i "s|define(' DB_USER', '|define( 'DB_USER', '${sk_cp_user}_|g" {} \;
+find /home/${sk_cp_user}/web/*/public_html/ -type f -name "wp-config.php" -exec sed -i "s|define( 'DB_NAME', '|define( 'DB_NAME', '${sk_cp_user}_|g" {} \;
+find /home/${sk_cp_user}/web/*/public_html/ -type f -name "wp-config.php" -exec sed -i "s|define( 'DB_USER', '|define( 'DB_USER', '${sk_cp_user}_|g" {} \;
 
 echo "Remove tmp files"
 rm -rf "/root/${sk_tmp}"

From deddf58c3c2bf72bdacfb8762fc31b10aa51f394 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Thu, 5 Sep 2019 21:24:43 +0200
Subject: [PATCH 0678/2300] ProxyTimeout 900 in Apache

---
 install/debian/10/apache2/apache2.conf | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/install/debian/10/apache2/apache2.conf b/install/debian/10/apache2/apache2.conf
index 2756132a..2be3e50d 100644
--- a/install/debian/10/apache2/apache2.conf
+++ b/install/debian/10/apache2/apache2.conf
@@ -12,7 +12,8 @@
 
 # Global configuration
 PidFile ${APACHE_PID_FILE}
-Timeout 30
+Timeout 900
+ProxyTimeout 900
 KeepAlive Off
 MaxKeepAliveRequests 100
 KeepAliveTimeout 10

From 10f2dacedbfb655b5bcb9e9c2b9f20078c36044d Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Thu, 5 Sep 2019 21:27:32 +0200
Subject: [PATCH 0679/2300] proxy_read_timeout 900 in nginx

---
 install/debian/10/nginx/nginx.conf | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/install/debian/10/nginx/nginx.conf b/install/debian/10/nginx/nginx.conf
index 405362c8..16686b08 100644
--- a/install/debian/10/nginx/nginx.conf
+++ b/install/debian/10/nginx/nginx.conf
@@ -64,10 +64,12 @@ http {
     proxy_set_header    X-Real-IP       $remote_addr;
     proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
     proxy_pass_header   Set-Cookie;
-    proxy_connect_timeout   90;
-    proxy_send_timeout  90;
-    proxy_read_timeout  90;
-    proxy_buffers       32 4k;
+    proxy_connect_timeout   900;
+    proxy_send_timeout  900;
+    proxy_read_timeout  900;
+    proxy_buffer_size   128k;
+    proxy_buffers   4 256k;
+    proxy_busy_buffers_size   256k;
 
 
     # Cloudflare https://www.cloudflare.com/ips

From e0c417c5e417f434fa23b342bd196b63d58eac83 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Thu, 5 Sep 2019 21:31:45 +0200
Subject: [PATCH 0680/2300] Update vst-install-debian.sh

---
 install/vst-install-debian.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 3dd3352a..1ef4d9af 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -929,6 +929,7 @@ if [ "$apache" = 'yes'  ]; then
     a2enmod actions
     # a2enmod ruid2
     a2enmod headers
+    a2enmod expires
     a2enmod proxy_fcgi setenvif
     mkdir -p /etc/apache2/conf.d
     echo > /etc/apache2/conf.d/vesta.conf

From 374412f862e4a2a11eef3ba22a966c205798a793 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 6 Sep 2019 00:11:12 +0200
Subject: [PATCH 0681/2300] php-fpm request_terminate_timeout = 30s

---
 install/debian/10/templates/web/apache2/PHP-FPM-73.sh | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/install/debian/10/templates/web/apache2/PHP-FPM-73.sh b/install/debian/10/templates/web/apache2/PHP-FPM-73.sh
index aa7b6dbe..546fb7c3 100755
--- a/install/debian/10/templates/web/apache2/PHP-FPM-73.sh
+++ b/install/debian/10/templates/web/apache2/PHP-FPM-73.sh
@@ -18,6 +18,7 @@ group = $1
 
 pm = ondemand
 pm.max_children = 16
+request_terminate_timeout = 30s
 pm.max_requests = 4000
 pm.process_idle_timeout = 10s
 pm.status_path = /status
@@ -83,4 +84,4 @@ if [ -f "/etc/php/7.3/fpm/pool.d/www.conf" ]; then
     rm /etc/php/7.3/fpm/pool.d/www.conf
 fi
 
-exit 0
\ No newline at end of file
+exit 0

From 0f9e47a7b8b98d35f72102d72ca5a3ba1910b19a Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 6 Sep 2019 00:12:10 +0200
Subject: [PATCH 0682/2300] php-fpm request_terminate_timeout = 30s

---
 install/debian/10/templates/web/apache2/PHP-FPM-73-public.sh | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/install/debian/10/templates/web/apache2/PHP-FPM-73-public.sh b/install/debian/10/templates/web/apache2/PHP-FPM-73-public.sh
index ce8ce02b..cc55b61e 100755
--- a/install/debian/10/templates/web/apache2/PHP-FPM-73-public.sh
+++ b/install/debian/10/templates/web/apache2/PHP-FPM-73-public.sh
@@ -18,6 +18,7 @@ group = $1
 
 pm = ondemand
 pm.max_children = 16
+request_terminate_timeout = 30s
 pm.max_requests = 4000
 pm.process_idle_timeout = 10s
 pm.status_path = /status
@@ -84,4 +85,4 @@ if [ -f "/etc/php/7.3/fpm/pool.d/www.conf" ]; then
     rm /etc/php/7.3/fpm/pool.d/www.conf
 fi
 
-exit 0
\ No newline at end of file
+exit 0

From 79e7d50d78c3374f221b78cb8c6f65e5bc047659 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 7 Sep 2019 21:47:51 +0200
Subject: [PATCH 0683/2300] Multi PHP installer

---
 .../for-download/tools/multi-php-install.sh   | 180 ++++++++++++++++++
 1 file changed, 180 insertions(+)
 create mode 100644 src/deb/for-download/tools/multi-php-install.sh

diff --git a/src/deb/for-download/tools/multi-php-install.sh b/src/deb/for-download/tools/multi-php-install.sh
new file mode 100644
index 00000000..fdf4d17b
--- /dev/null
+++ b/src/deb/for-download/tools/multi-php-install.sh
@@ -0,0 +1,180 @@
+#!/bin/bash
+
+debian_version=$(cat /etc/debian_version | tr "." "\n" | head -n1)
+inst_repo=0
+inst_56=0
+inst_70=0
+inst_71=0
+inst_72=0
+inst_73=0
+
+if [ $# -gt 0 ]; then
+    inst_repo=$1
+fi
+if [ $# -gt 1 ]; then
+    inst_56=$2
+fi
+if [ $# -gt 2 ]; then
+    inst_70=$3
+fi
+if [ $# -gt 3 ]; then
+    inst_71=$4
+fi
+if [ $# -gt 4 ]; then
+    inst_72=$5
+fi
+if [ $# -gt 5 ]; then
+    inst_73=$6
+fi
+
+if [ $inst_56 -eq 1 ] || [ $inst_70 -eq 1 ] || [ $inst_71 -eq 1 ] || [ $inst_72 -eq 1 ] || [ $inst_73 -eq 1 ]; then
+    inst_repo=1
+fi
+
+wait_to_press_enter=0
+if [ -f "/root/wait_to_press_enter" ]; then
+  wait_to_press_enter=1
+fi
+
+function press_enter {
+    if [ $wait_to_press_enter -eq 1 ]; then
+        read -p "$1"
+    else
+        echo $1
+    fi
+}
+
+
+# echo "parameters=$#"
+echo "debian_version=$debian_version"
+echo "inst_repo=$inst_repo"
+echo "inst_56=$inst_56"
+echo "inst_70=$inst_70"
+echo "inst_71=$inst_71"
+echo "inst_72=$inst_72"
+echo "inst_73=$inst_73"
+echo "wait_to_press_enter=$wait_to_press_enter"
+
+press_enter "=== Press enter to continue ==============================================================================="
+
+apt-get update
+if [ "$inst_repo" -eq 1 ]; then
+press_enter "=== Press enter to install sury.org repo ==============================================================================="
+apt-get -y install apt-transport-https ca-certificates
+wget -nv -O /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg
+if [ $debian_version -eq 9 ]; then
+  sh -c 'echo "deb https://packages.sury.org/php/ stretch main" > /etc/apt/sources.list.d/php.list'
+fi
+if [ $debian_version -eq 10 ]; then
+  sh -c 'echo "deb https://packages.sury.org/php/ buster main" > /etc/apt/sources.list.d/php.list'
+fi
+apt-get update
+apt-get upgrade -y
+press_enter "=== Press enter to continue ==============================================================================="
+fi
+
+echo "=== Enabling proxy_fcgi setenvif"
+a2enmod proxy_fcgi setenvif
+service apache2 restart
+
+
+if [ "$inst_56" -eq 1 ]; then
+press_enter "=== Press enter to install PHP 5.6 ==============================================================================="
+apt-get -y install php5.6-mbstring php5.6-bcmath php5.6-cli php5.6-curl php5.6-fpm php5.6-gd php5.6-intl php5.6-mcrypt php5.6-mysql php5.6-soap php5.6-xml php5.6-zip php5.6-memcache php5.6-memcached
+update-rc.d php5.6-fpm defaults
+a2enconf php5.6-fpm
+systemctl restart apache2
+cp -r /etc/php/5.6/ /root/vst_install_backups/php5.6/
+# rm -f /etc/php/5.6/fpm/pool.d/*
+wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-56.stpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-56.stpl
+wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-56.tpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-56.tpl
+wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-56.sh -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-56.sh
+chmod a+x /usr/local/vesta/data/templates/web/apache2/PHP-FPM-56.sh
+patch -p1 --directory=/ < /root/vesta-temp-dl/vesta/patch/php5-deb9.patch
+press_enter "=== Press enter to continue ==============================================================================="
+fi
+
+if [ "$inst_70" -eq 1 ]; then
+press_enter "=== Press enter to install PHP 7.0 ==============================================================================="
+apt-get -y install php7.0-mbstring php7.0-bcmath php7.0-cli php7.0-curl php7.0-fpm php7.0-gd php7.0-intl php7.0-mcrypt php7.0-mysql php7.0-soap php7.0-xml php7.0-zip php7.0-memcache php7.0-memcached
+update-rc.d php7.0-fpm defaults
+a2enconf php7.0-fpm
+systemctl restart apache2
+cp -r /etc/php/7.0/ /root/vst_install_backups/php7.0/
+# rm -f /etc/php/7.0/fpm/pool.d/*
+wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-70.stpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-70.stpl
+wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-70.tpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-70.tpl
+wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-70.sh -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-70.sh
+chmod a+x /usr/local/vesta/data/templates/web/apache2/PHP-FPM-70.sh
+if [ $debian_version -eq 9 ]; then
+  cp /etc/php/7.0/apache2/php.ini /etc/php/7.0/fpm/php.ini
+fi
+if [ $debian_version -eq 10 ]; then
+  cp /etc/php/7.3/fpm/php.ini /etc/php/7.0/fpm/php.ini
+fi
+press_enter "=== Press enter to continue ==============================================================================="
+fi
+
+if [ "$inst_71" -eq 1 ]; then
+press_enter "=== Press enter to install PHP 7.1 ==============================================================================="
+apt-get -y install php7.1-mbstring php7.1-bcmath php7.1-cli php7.1-curl php7.1-fpm php7.1-gd php7.1-intl php7.1-mcrypt php7.1-mysql php7.1-soap php7.1-xml php7.1-zip php7.1-memcache php7.1-memcached
+update-rc.d php7.1-fpm defaults
+a2enconf php7.1-fpm
+systemctl restart apache2
+cp -r /etc/php/7.1/ /root/vst_install_backups/php7.1/
+# rm -f /etc/php/7.1/fpm/pool.d/*
+wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-71.stpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-71.stpl
+wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-71.tpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-71.tpl
+wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-71.sh -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-71.sh
+chmod a+x /usr/local/vesta/data/templates/web/apache2/PHP-FPM-71.sh
+if [ $debian_version -eq 9 ]; then
+  cp /etc/php/7.0/apache2/php.ini /etc/php/7.1/fpm/php.ini
+fi
+if [ $debian_version -eq 10 ]; then
+  cp /etc/php/7.3/fpm/php.ini /etc/php/7.1/fpm/php.ini
+fi
+press_enter "=== Press enter to continue ==============================================================================="
+fi
+
+if [ "$inst_72" -eq 1 ]; then
+press_enter "=== Press enter to install PHP 7.2 ==============================================================================="
+apt-get -y install php7.2-mbstring php7.2-bcmath php7.2-cli php7.2-curl php7.2-fpm php7.2-gd php7.2-intl php7.2-mysql php7.2-soap php7.2-xml php7.2-zip php7.2-memcache php7.2-memcached
+update-rc.d php7.2-fpm defaults
+a2enconf php7.2-fpm
+systemctl restart apache2
+cp -r /etc/php/7.2/ /root/vst_install_backups/php7.2/
+# rm -f /etc/php/7.2/fpm/pool.d/*
+wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-72.stpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-72.stpl
+wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-72.tpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-72.tpl
+wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-72.sh -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-72.sh
+chmod a+x /usr/local/vesta/data/templates/web/apache2/PHP-FPM-72.sh
+if [ $debian_version -eq 9 ]; then
+  cp /etc/php/7.0/apache2/php.ini /etc/php/7.2/fpm/php.ini
+fi
+if [ $debian_version -eq 10 ]; then
+  cp /etc/php/7.3/fpm/php.ini /etc/php/7.2/fpm/php.ini
+fi
+press_enter "=== Press enter to continue ==============================================================================="
+fi
+
+if [ "$inst_73" -eq 1 ]; then
+press_enter "=== Press enter to install PHP 7.3 ==============================================================================="
+apt-get -y install php7.3-mbstring php7.3-bcmath php7.3-cli php7.3-curl php7.3-fpm php7.3-gd php7.3-intl php7.3-mysql php7.3-soap php7.3-xml php7.3-zip php7.3-memcache php7.3-memcached
+update-rc.d php7.3-fpm defaults
+a2enconf php7.3-fpm
+systemctl restart apache2
+cp -r /etc/php/7.3/ /root/vst_install_backups/php7.3/
+# rm -f /etc/php/7.3/fpm/pool.d/*
+wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-73.stpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-73.stpl
+wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-73.tpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-73.tpl
+wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-73.sh -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-73.sh
+wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-73-public.stpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-73-public.stpl
+wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-73-public.tpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-73-public.tpl
+wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-73-public.sh -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-73-public.sh
+chmod a+x /usr/local/vesta/data/templates/web/apache2/PHP-FPM-73.sh
+chmod a+x /usr/local/vesta/data/templates/web/apache2/PHP-FPM-73-public.sh
+if [ $debian_version -eq 9 ]; then
+  cp /etc/php/7.0/apache2/php.ini /etc/php/7.3/fpm/php.ini
+fi
+press_enter "=== Press enter to continue ==============================================================================="
+fi

From 5ee11280be4831c8f6bf4a9c9d4a89b9c036eea4 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 7 Sep 2019 21:50:44 +0200
Subject: [PATCH 0684/2300] Update README.md

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 9eef99ad..51a967cc 100644
--- a/README.md
+++ b/README.md
@@ -27,7 +27,7 @@ Features
 + Apache is fully switched to mpm_event mode, while PHP is running in PHP-FPM, which is the most stable PHP-stack solution
     + OPCache is turned on by default
 
-+ Support for multi-PHP versions - https://forum.vestacp.com/viewtopic.php?t=17129
++ Support for multi-PHP versions - https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/multi-php-install.sh
 
 + Auto-generating LetsEncrypt SSL for server hostname (signed SSL for Vesta 8083 port, for dovecot (IMAP & POP3) and for Exim (SMTP))
 

From 3535097788d7ba3eb8d964e561bf380ca622a602 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 10 Sep 2019 17:02:19 +0200
Subject: [PATCH 0685/2300] MySQL port blocked by default from outside

---
 install/debian/10/firewall/rules.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/debian/10/firewall/rules.conf b/install/debian/10/firewall/rules.conf
index fba98e1e..6da5a1c4 100644
--- a/install/debian/10/firewall/rules.conf
+++ b/install/debian/10/firewall/rules.conf
@@ -1,6 +1,6 @@
 RULE='1' ACTION='ACCEPT' PROTOCOL='ICMP' PORT='0' IP='0.0.0.0/0' COMMENT='PING' SUSPENDED='no' TIME='17:13:48' DATE='2014-09-16'
 RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='0.0.0.0/0' COMMENT='VESTA' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
-RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT='DB' SUSPENDED='yes' TIME='07:40:16' DATE='2014-05-25'
 RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
 RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
 RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'

From 69ca62abb1cfc549e59e715dbb86ed2a8ddc33e9 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 10 Sep 2019 17:06:17 +0200
Subject: [PATCH 0686/2300] New CloudFlare IPs

tnx to Luka Paunovic
---
 install/debian/10/nginx/nginx.conf | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/install/debian/10/nginx/nginx.conf b/install/debian/10/nginx/nginx.conf
index 16686b08..04513104 100644
--- a/install/debian/10/nginx/nginx.conf
+++ b/install/debian/10/nginx/nginx.conf
@@ -72,28 +72,28 @@ http {
     proxy_busy_buffers_size   256k;
 
 
-    # Cloudflare https://www.cloudflare.com/ips
+# Cloudflare https://www.cloudflare.com/ips
+    set_real_ip_from 173.245.48.0/20;
     set_real_ip_from 103.21.244.0/22;
     set_real_ip_from 103.22.200.0/22;
     set_real_ip_from 103.31.4.0/22;
-    set_real_ip_from 104.16.0.0/12;
-    set_real_ip_from 108.162.192.0/18;
-    set_real_ip_from 131.0.72.0/22;
     set_real_ip_from 141.101.64.0/18;
-    set_real_ip_from 162.158.0.0/15;
-    set_real_ip_from 172.64.0.0/13;
-    set_real_ip_from 173.245.48.0/20;
-    set_real_ip_from 188.114.96.0/20;
+    set_real_ip_from 108.162.192.0/18;
     set_real_ip_from 190.93.240.0/20;
+    set_real_ip_from 188.114.96.0/20;
     set_real_ip_from 197.234.240.0/22;
     set_real_ip_from 198.41.128.0/17;
+    set_real_ip_from 162.158.0.0/15;
+    set_real_ip_from 104.16.0.0/12;
+    set_real_ip_from 172.64.0.0/13;
+    set_real_ip_from 131.0.72.0/22;
     set_real_ip_from 2400:cb00::/32;
     set_real_ip_from 2606:4700::/32;
     set_real_ip_from 2803:f800::/32;
     set_real_ip_from 2405:b500::/32;
     set_real_ip_from 2405:8100::/32;
-    set_real_ip_from 2c0f:f248::/32;
     set_real_ip_from 2a06:98c0::/29;
+    set_real_ip_from 2c0f:f248::/32;
     real_ip_header     CF-Connecting-IP;
 
 

From d688b63a409ba9cf9f7a0e8d2e1e77fb21123ab4 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 10 Sep 2019 17:07:15 +0200
Subject: [PATCH 0687/2300] Update nginx.conf

---
 install/debian/10/nginx/nginx.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/debian/10/nginx/nginx.conf b/install/debian/10/nginx/nginx.conf
index 04513104..ccf657de 100644
--- a/install/debian/10/nginx/nginx.conf
+++ b/install/debian/10/nginx/nginx.conf
@@ -72,7 +72,7 @@ http {
     proxy_busy_buffers_size   256k;
 
 
-# Cloudflare https://www.cloudflare.com/ips
+    # Cloudflare https://www.cloudflare.com/ips
     set_real_ip_from 173.245.48.0/20;
     set_real_ip_from 103.21.244.0/22;
     set_real_ip_from 103.22.200.0/22;

From 5b51edd081df138c1a5b87b9c727548a7b98d390 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 10 Sep 2019 17:08:32 +0200
Subject: [PATCH 0688/2300] New CloudFlare IPs

Tnx to Luka Paunovic
---
 install/debian/9/nginx/nginx.conf | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/install/debian/9/nginx/nginx.conf b/install/debian/9/nginx/nginx.conf
index 65520501..745e1082 100644
--- a/install/debian/9/nginx/nginx.conf
+++ b/install/debian/9/nginx/nginx.conf
@@ -72,27 +72,27 @@ http {
 
 
     # Cloudflare https://www.cloudflare.com/ips
+    set_real_ip_from 173.245.48.0/20;
     set_real_ip_from 103.21.244.0/22;
     set_real_ip_from 103.22.200.0/22;
     set_real_ip_from 103.31.4.0/22;
-    set_real_ip_from 104.16.0.0/12;
-    set_real_ip_from 108.162.192.0/18;
-    set_real_ip_from 131.0.72.0/22;
     set_real_ip_from 141.101.64.0/18;
-    set_real_ip_from 162.158.0.0/15;
-    set_real_ip_from 172.64.0.0/13;
-    set_real_ip_from 173.245.48.0/20;
-    set_real_ip_from 188.114.96.0/20;
+    set_real_ip_from 108.162.192.0/18;
     set_real_ip_from 190.93.240.0/20;
+    set_real_ip_from 188.114.96.0/20;
     set_real_ip_from 197.234.240.0/22;
     set_real_ip_from 198.41.128.0/17;
+    set_real_ip_from 162.158.0.0/15;
+    set_real_ip_from 104.16.0.0/12;
+    set_real_ip_from 172.64.0.0/13;
+    set_real_ip_from 131.0.72.0/22;
     set_real_ip_from 2400:cb00::/32;
     set_real_ip_from 2606:4700::/32;
     set_real_ip_from 2803:f800::/32;
     set_real_ip_from 2405:b500::/32;
     set_real_ip_from 2405:8100::/32;
-    set_real_ip_from 2c0f:f248::/32;
     set_real_ip_from 2a06:98c0::/29;
+    set_real_ip_from 2c0f:f248::/32;
     real_ip_header     CF-Connecting-IP;
 
 

From a564d335cb08a35aa8112a0ec502491298c7aa9d Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 10 Sep 2019 18:46:15 +0200
Subject: [PATCH 0689/2300] testing LE with TLSv1

---
 install/debian/10/nginx/nginx.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/debian/10/nginx/nginx.conf b/install/debian/10/nginx/nginx.conf
index ccf657de..a28a7b2b 100644
--- a/install/debian/10/nginx/nginx.conf
+++ b/install/debian/10/nginx/nginx.conf
@@ -99,7 +99,7 @@ http {
 
     # SSL PCI Compliance
     ssl_session_cache   shared:SSL:10m;
-    ssl_protocols       TLSv1.1 TLSv1.2;
+    ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
     ssl_prefer_server_ciphers on;
     ssl_ciphers        "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
 

From 9bde61d150d8c4e207a17e16ae686cf4fc842f13 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 10 Sep 2019 19:47:10 +0200
Subject: [PATCH 0690/2300] Update hosting.stpl

---
 install/debian/10/templates/web/nginx/hosting.stpl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/debian/10/templates/web/nginx/hosting.stpl b/install/debian/10/templates/web/nginx/hosting.stpl
index e4de8c81..d62b5171 100755
--- a/install/debian/10/templates/web/nginx/hosting.stpl
+++ b/install/debian/10/templates/web/nginx/hosting.stpl
@@ -1,5 +1,5 @@
 server {
-    listen      %ip%:%proxy_ssl_port% http2;
+    listen      %ip%:%proxy_ssl_port% ssl http2;
     server_name %domain_idn% %alias_idn%;
     # ssl         on;
     ssl_certificate      %ssl_pem%;

From 93ecc5d040062a1322ed52ae1faea2e889b95355 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 10 Sep 2019 19:49:13 +0200
Subject: [PATCH 0691/2300] Update force-https-legacy.stpl

---
 install/debian/10/templates/web/nginx/force-https-legacy.stpl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/debian/10/templates/web/nginx/force-https-legacy.stpl b/install/debian/10/templates/web/nginx/force-https-legacy.stpl
index e2bf9061..56278e86 100644
--- a/install/debian/10/templates/web/nginx/force-https-legacy.stpl
+++ b/install/debian/10/templates/web/nginx/force-https-legacy.stpl
@@ -1,5 +1,5 @@
 server {
-    listen      %ip%:%proxy_ssl_port% http2;
+    listen      %ip%:%proxy_ssl_port% ssl http2;
     server_name %domain_idn% %alias_idn%;
     # ssl         on;
     ssl_certificate      %ssl_pem%;

From 4f4af970cef0fa477ee715ab802f20e9b6c14f61 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 10 Sep 2019 19:50:01 +0200
Subject: [PATCH 0692/2300] Update force-https-public.stpl

---
 install/debian/10/templates/web/nginx/force-https-public.stpl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/debian/10/templates/web/nginx/force-https-public.stpl b/install/debian/10/templates/web/nginx/force-https-public.stpl
index 86828f5e..8f0d3fe3 100644
--- a/install/debian/10/templates/web/nginx/force-https-public.stpl
+++ b/install/debian/10/templates/web/nginx/force-https-public.stpl
@@ -1,5 +1,5 @@
 server {
-    listen      %ip%:%proxy_ssl_port% http2;
+    listen      %ip%:%proxy_ssl_port% ssl http2;
     server_name %domain_idn% %alias_idn%;
     # ssl         on;
     ssl_certificate      %ssl_pem%;

From 1d081977376dac6667a96f364e18529acfbfb0fa Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 10 Sep 2019 19:50:45 +0200
Subject: [PATCH 0693/2300] Update force-https.stpl

---
 install/debian/10/templates/web/nginx/force-https.stpl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/debian/10/templates/web/nginx/force-https.stpl b/install/debian/10/templates/web/nginx/force-https.stpl
index d8da2530..7da96e46 100644
--- a/install/debian/10/templates/web/nginx/force-https.stpl
+++ b/install/debian/10/templates/web/nginx/force-https.stpl
@@ -1,5 +1,5 @@
 server {
-    listen      %ip%:%proxy_ssl_port% http2;
+    listen      %ip%:%proxy_ssl_port% ssl http2;
     server_name %domain_idn% %alias_idn%;
     # ssl         on;
     ssl_certificate      %ssl_pem%;

From aaec339c69f96f7c25318d38249f7f7973cf5170 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 10 Sep 2019 19:51:28 +0200
Subject: [PATCH 0694/2300] Update hosting-public.stpl

---
 install/debian/10/templates/web/nginx/hosting-public.stpl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/debian/10/templates/web/nginx/hosting-public.stpl b/install/debian/10/templates/web/nginx/hosting-public.stpl
index 86828f5e..8f0d3fe3 100644
--- a/install/debian/10/templates/web/nginx/hosting-public.stpl
+++ b/install/debian/10/templates/web/nginx/hosting-public.stpl
@@ -1,5 +1,5 @@
 server {
-    listen      %ip%:%proxy_ssl_port% http2;
+    listen      %ip%:%proxy_ssl_port% ssl http2;
     server_name %domain_idn% %alias_idn%;
     # ssl         on;
     ssl_certificate      %ssl_pem%;

From 53eb920e204ed5e0479ed90ebdbe565f826de3d2 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 10 Sep 2019 19:52:15 +0200
Subject: [PATCH 0695/2300] Update hosting-webmail-phpmyadmin.stpl

---
 .../10/templates/web/nginx/hosting-webmail-phpmyadmin.stpl      | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.stpl b/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.stpl
index 706c705b..4fadbbfc 100644
--- a/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.stpl
+++ b/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.stpl
@@ -1,5 +1,5 @@
 server {
-    listen      %ip%:%proxy_ssl_port% http2;
+    listen      %ip%:%proxy_ssl_port% ssl http2;
     server_name %domain_idn% %alias_idn%;
     # ssl         on;
     ssl_certificate      %ssl_pem%;

From 055d0a6c5c5fda5780c64af36bb6a51ec8c7355d Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 10 Sep 2019 19:53:15 +0200
Subject: [PATCH 0696/2300] Update hosting-webmail.stpl

---
 install/debian/10/templates/web/nginx/hosting-webmail.stpl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/debian/10/templates/web/nginx/hosting-webmail.stpl b/install/debian/10/templates/web/nginx/hosting-webmail.stpl
index 95c1571c..e3b36324 100644
--- a/install/debian/10/templates/web/nginx/hosting-webmail.stpl
+++ b/install/debian/10/templates/web/nginx/hosting-webmail.stpl
@@ -1,5 +1,5 @@
 server {
-    listen      %ip%:%proxy_ssl_port% http2;
+    listen      %ip%:%proxy_ssl_port% ssl http2;
     server_name %domain_idn% %alias_idn%;
     # ssl         on;
     ssl_certificate      %ssl_pem%;

From 86a4ec909c143b44d7015270b2b92985b8a0f329 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 10 Sep 2019 19:53:56 +0200
Subject: [PATCH 0697/2300] Update private-force-https.stpl

---
 install/debian/10/templates/web/nginx/private-force-https.stpl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/debian/10/templates/web/nginx/private-force-https.stpl b/install/debian/10/templates/web/nginx/private-force-https.stpl
index 7296bd71..bdb7eedb 100644
--- a/install/debian/10/templates/web/nginx/private-force-https.stpl
+++ b/install/debian/10/templates/web/nginx/private-force-https.stpl
@@ -1,5 +1,5 @@
 server {
-    listen      %ip%:%proxy_ssl_port% http2;
+    listen      %ip%:%proxy_ssl_port% ssl http2;
     server_name %domain_idn% %alias_idn%;
     # ssl         on;
     ssl_certificate      %ssl_pem%;

From 5a60b7b3608c3a7f6bfebec2f1c2f5ef0f12a26f Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 10 Sep 2019 19:54:41 +0200
Subject: [PATCH 0698/2300] Update private-hosting.stpl

---
 install/debian/10/templates/web/nginx/private-hosting.stpl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/debian/10/templates/web/nginx/private-hosting.stpl b/install/debian/10/templates/web/nginx/private-hosting.stpl
index 6ac66cbf..be3a3f2b 100644
--- a/install/debian/10/templates/web/nginx/private-hosting.stpl
+++ b/install/debian/10/templates/web/nginx/private-hosting.stpl
@@ -1,5 +1,5 @@
 server {
-    listen      %ip%:%proxy_ssl_port% http2;
+    listen      %ip%:%proxy_ssl_port% ssl http2;
     server_name %domain_idn% %alias_idn%;
     # ssl         on;
     ssl_certificate      %ssl_pem%;

From 40fafca705eb4755ea05a2f280f1644ebdaa9ed2 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 10 Sep 2019 19:55:20 +0200
Subject: [PATCH 0699/2300] Update vesta-webmail-phpmyadmin.stpl

---
 .../debian/10/templates/web/nginx/vesta-webmail-phpmyadmin.stpl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/debian/10/templates/web/nginx/vesta-webmail-phpmyadmin.stpl b/install/debian/10/templates/web/nginx/vesta-webmail-phpmyadmin.stpl
index 3f5e8fa6..66d21339 100644
--- a/install/debian/10/templates/web/nginx/vesta-webmail-phpmyadmin.stpl
+++ b/install/debian/10/templates/web/nginx/vesta-webmail-phpmyadmin.stpl
@@ -1,5 +1,5 @@
 server {
-    listen      %ip%:%proxy_ssl_port% http2;
+    listen      %ip%:%proxy_ssl_port% ssl http2;
     server_name %domain_idn% %alias_idn%;
     # ssl         on;
     ssl_certificate      %ssl_pem%;

From 789552b48eeed5286b3b33248edd594229aa073a Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 10 Sep 2019 19:55:55 +0200
Subject: [PATCH 0700/2300] Update vesta.stpl

---
 install/debian/10/templates/web/nginx/vesta.stpl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/debian/10/templates/web/nginx/vesta.stpl b/install/debian/10/templates/web/nginx/vesta.stpl
index 4bf7d854..62597734 100644
--- a/install/debian/10/templates/web/nginx/vesta.stpl
+++ b/install/debian/10/templates/web/nginx/vesta.stpl
@@ -1,5 +1,5 @@
 server {
-    listen      %ip%:%proxy_ssl_port% http2;
+    listen      %ip%:%proxy_ssl_port% ssl http2;
     server_name %domain_idn% %alias_idn%;
     # ssl         on;
     ssl_certificate      %ssl_pem%;

From 244f94f53e1694678d2785e29b79b987dd650c81 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 10 Sep 2019 20:32:59 +0200
Subject: [PATCH 0701/2300] Removing again TLSv1

---
 install/debian/10/nginx/nginx.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/debian/10/nginx/nginx.conf b/install/debian/10/nginx/nginx.conf
index a28a7b2b..ccf657de 100644
--- a/install/debian/10/nginx/nginx.conf
+++ b/install/debian/10/nginx/nginx.conf
@@ -99,7 +99,7 @@ http {
 
     # SSL PCI Compliance
     ssl_session_cache   shared:SSL:10m;
-    ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
+    ssl_protocols       TLSv1.1 TLSv1.2;
     ssl_prefer_server_ciphers on;
     ssl_ciphers        "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
 

From 65c24af9d5aea4cb763bf54333a0d7de02f935dd Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Wed, 11 Sep 2019 23:48:33 +0200
Subject: [PATCH 0702/2300] Update secure_login.php

---
 web/inc/secure_login.php | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/web/inc/secure_login.php b/web/inc/secure_login.php
index 46393d79..7ab32ae0 100644
--- a/web/inc/secure_login.php
+++ b/web/inc/secure_login.php
@@ -8,6 +8,8 @@ if ($_SERVER['SCRIPT_FILENAME']=='/usr/local/vesta/web/reset/mail/set-ar.php') $
 if ($_SERVER['SCRIPT_FILENAME']=='/usr/local/vesta/web//reset/mail/set-ar.php') $skip_login_url_check=1;
 if ($_SERVER['SCRIPT_FILENAME']=='/usr/local/vesta/web/reset/mail/get-ar.php') $skip_login_url_check=1;
 if ($_SERVER['SCRIPT_FILENAME']=='/usr/local/vesta/web//reset/mail/get-ar.php') $skip_login_url_check=1;
+if (substr($_SERVER['SCRIPT_FILENAME'], 0, 28)=='/usr/local/vesta/web/custom/') $login_url_skip=1; // custom scripts like git webhooks
+if (substr($_SERVER['SCRIPT_FILENAME'], 0, 29)=='/usr/local/vesta/web//custom/') $login_url_skip=1;
 
 if (substr($_SERVER['SCRIPT_FILENAME'], 0, 21)=='/usr/local/vesta/bin/') $skip_login_url_check=1; // allow executing v-* PHP scripts from bash
 

From a0f5caee58ed451e9f3ed132c5a41c0f51dac99b Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Mon, 23 Sep 2019 15:07:31 +0200
Subject: [PATCH 0703/2300] Do not try_files if static file not exists

---
 install/debian/10/templates/web/nginx/hosting.stpl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/debian/10/templates/web/nginx/hosting.stpl b/install/debian/10/templates/web/nginx/hosting.stpl
index d62b5171..0c456c5e 100755
--- a/install/debian/10/templates/web/nginx/hosting.stpl
+++ b/install/debian/10/templates/web/nginx/hosting.stpl
@@ -13,7 +13,7 @@ server {
             access_log     /var/log/%web_system%/domains/%domain%.log combined;
             access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
             expires        max;
-            try_files      $uri @fallback;
+            # try_files      $uri @fallback;
         }
     }
 

From 908bdd5b333abd35d225292f9694fdaa7071c1e7 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Mon, 23 Sep 2019 15:08:16 +0200
Subject: [PATCH 0704/2300] Do not try_files if static file not exists

---
 install/debian/10/templates/web/nginx/hosting.tpl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/debian/10/templates/web/nginx/hosting.tpl b/install/debian/10/templates/web/nginx/hosting.tpl
index 15961c95..262417b1 100755
--- a/install/debian/10/templates/web/nginx/hosting.tpl
+++ b/install/debian/10/templates/web/nginx/hosting.tpl
@@ -10,7 +10,7 @@ server {
             access_log     /var/log/%web_system%/domains/%domain%.log combined;
             access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
             expires        max;
-            try_files      $uri @fallback;
+            # try_files      $uri @fallback;
         }
     }
 

From a03a01eecc418f4f1cbdead28e50a31407c179e7 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Mon, 23 Sep 2019 15:09:38 +0200
Subject: [PATCH 0705/2300] Do not try_files if static file not exists

---
 install/debian/10/templates/web/nginx/private-hosting.tpl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/debian/10/templates/web/nginx/private-hosting.tpl b/install/debian/10/templates/web/nginx/private-hosting.tpl
index aa483ec9..da70045f 100644
--- a/install/debian/10/templates/web/nginx/private-hosting.tpl
+++ b/install/debian/10/templates/web/nginx/private-hosting.tpl
@@ -12,7 +12,7 @@ server {
             access_log     /var/log/%web_system%/domains/%domain%.log combined;
             access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
             expires        max;
-            try_files      $uri @fallback;
+            # try_files      $uri @fallback;
         }
     }
 

From acc62c1f1e20d5787204b02a2f72ca3c12f9e5ec Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Mon, 23 Sep 2019 15:10:05 +0200
Subject: [PATCH 0706/2300] Do not try_files if static file not exists

---
 install/debian/10/templates/web/nginx/private-hosting.stpl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/debian/10/templates/web/nginx/private-hosting.stpl b/install/debian/10/templates/web/nginx/private-hosting.stpl
index be3a3f2b..d7326a46 100644
--- a/install/debian/10/templates/web/nginx/private-hosting.stpl
+++ b/install/debian/10/templates/web/nginx/private-hosting.stpl
@@ -15,7 +15,7 @@ server {
             access_log     /var/log/%web_system%/domains/%domain%.log combined;
             access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
             expires        max;
-            try_files      $uri @fallback;
+            # try_files      $uri @fallback;
         }
     }
 

From 8ce0bde89ebba11b377199af47011acdade6cd05 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Mon, 23 Sep 2019 15:10:40 +0200
Subject: [PATCH 0707/2300] Do not try_files if static file not exists

---
 install/debian/10/templates/web/nginx/private-force-https.stpl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/debian/10/templates/web/nginx/private-force-https.stpl b/install/debian/10/templates/web/nginx/private-force-https.stpl
index bdb7eedb..38532e6b 100644
--- a/install/debian/10/templates/web/nginx/private-force-https.stpl
+++ b/install/debian/10/templates/web/nginx/private-force-https.stpl
@@ -15,7 +15,7 @@ server {
             access_log     /var/log/%web_system%/domains/%domain%.log combined;
             access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
             expires        max;
-            try_files      $uri @fallback;
+            # try_files      $uri @fallback;
         }
     }
 

From eb6f79c6a93f63edc75a1ab06b30c15bcd9e0c99 Mon Sep 17 00:00:00 2001
From: myvesta 
Date: Mon, 23 Sep 2019 15:22:23 +0200
Subject: [PATCH 0708/2300] hosting legacy nginx tpl

---
 .../10/templates/web/nginx/hosting-legacy.sh  | 11 ++++
 ...sting-webmail.stpl => hosting-legacy.stpl} | 14 +----
 ...hosting-webmail.tpl => hosting-legacy.tpl} | 14 +----
 .../web/nginx/hosting-webmail-phpmyadmin.stpl | 62 -------------------
 .../web/nginx/hosting-webmail-phpmyadmin.tpl  | 59 ------------------
 .../10/templates/web/nginx/hosting.stpl       |  0
 .../debian/10/templates/web/nginx/hosting.tpl |  0
 .../10/templates/web/nginx/proxy_ip.tpl       |  0
 .../web/nginx/vesta-webmail-phpmyadmin.stpl   | 52 ----------------
 .../web/nginx/vesta-webmail-phpmyadmin.tpl    |  8 ---
 .../debian/10/templates/web/nginx/vesta.stpl  | 32 ----------
 .../debian/10/templates/web/nginx/vesta.tpl   |  8 ---
 12 files changed, 13 insertions(+), 247 deletions(-)
 create mode 100755 install/debian/10/templates/web/nginx/hosting-legacy.sh
 rename install/debian/10/templates/web/nginx/{hosting-webmail.stpl => hosting-legacy.stpl} (68%)
 rename install/debian/10/templates/web/nginx/{hosting-webmail.tpl => hosting-legacy.tpl} (66%)
 delete mode 100644 install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.stpl
 delete mode 100644 install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.tpl
 mode change 100755 => 100644 install/debian/10/templates/web/nginx/hosting.stpl
 mode change 100755 => 100644 install/debian/10/templates/web/nginx/hosting.tpl
 mode change 100755 => 100644 install/debian/10/templates/web/nginx/proxy_ip.tpl
 delete mode 100644 install/debian/10/templates/web/nginx/vesta-webmail-phpmyadmin.stpl
 delete mode 100644 install/debian/10/templates/web/nginx/vesta-webmail-phpmyadmin.tpl
 delete mode 100644 install/debian/10/templates/web/nginx/vesta.stpl
 delete mode 100644 install/debian/10/templates/web/nginx/vesta.tpl

diff --git a/install/debian/10/templates/web/nginx/hosting-legacy.sh b/install/debian/10/templates/web/nginx/hosting-legacy.sh
new file mode 100755
index 00000000..eeed37ef
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/hosting-legacy.sh
@@ -0,0 +1,11 @@
+#!/bin/bash
+# Changing public_html permission
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+chmod 755 $docroot
+
+exit 0
diff --git a/install/debian/10/templates/web/nginx/hosting-webmail.stpl b/install/debian/10/templates/web/nginx/hosting-legacy.stpl
similarity index 68%
rename from install/debian/10/templates/web/nginx/hosting-webmail.stpl
rename to install/debian/10/templates/web/nginx/hosting-legacy.stpl
index e3b36324..d62b5171 100644
--- a/install/debian/10/templates/web/nginx/hosting-webmail.stpl
+++ b/install/debian/10/templates/web/nginx/hosting-legacy.stpl
@@ -13,19 +13,7 @@ server {
             access_log     /var/log/%web_system%/domains/%domain%.log combined;
             access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
             expires        max;
-            # try_files      $uri @fallback;
-        }
-    }
-
-    location /webmail {
-        disable_symlinks off;
-        proxy_pass      https://%ip%:%web_ssl_port%;
-        location ~* ^.+\.(%proxy_extentions%)$ {
-            root           /var/lib/roundcube;
-            access_log     /var/log/%web_system%/domains/%domain%.log combined;
-            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
-            expires        max;
-            # try_files      $uri @fallback;
+            try_files      $uri @fallback;
         }
     }
 
diff --git a/install/debian/10/templates/web/nginx/hosting-webmail.tpl b/install/debian/10/templates/web/nginx/hosting-legacy.tpl
similarity index 66%
rename from install/debian/10/templates/web/nginx/hosting-webmail.tpl
rename to install/debian/10/templates/web/nginx/hosting-legacy.tpl
index 976737c7..15961c95 100644
--- a/install/debian/10/templates/web/nginx/hosting-webmail.tpl
+++ b/install/debian/10/templates/web/nginx/hosting-legacy.tpl
@@ -10,19 +10,7 @@ server {
             access_log     /var/log/%web_system%/domains/%domain%.log combined;
             access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
             expires        max;
-            # try_files      $uri @fallback;
-        }
-    }
-
-    location /webmail {
-        disable_symlinks off;
-        proxy_pass      https://%ip%:%web_ssl_port%;
-        location ~* ^.+\.(%proxy_extentions%)$ {
-            root           /var/lib/roundcube;
-            access_log     /var/log/%web_system%/domains/%domain%.log combined;
-            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
-            expires        max;
-            # try_files      $uri @fallback;
+            try_files      $uri @fallback;
         }
     }
 
diff --git a/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.stpl b/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.stpl
deleted file mode 100644
index 4fadbbfc..00000000
--- a/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.stpl
+++ /dev/null
@@ -1,62 +0,0 @@
-server {
-    listen      %ip%:%proxy_ssl_port% ssl http2;
-    server_name %domain_idn% %alias_idn%;
-    # ssl         on;
-    ssl_certificate      %ssl_pem%;
-    ssl_certificate_key  %ssl_key%;
-    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
-
-    location / {
-        proxy_pass      https://%ip%:%web_ssl_port%;
-        location ~* ^.+\.(%proxy_extentions%)$ {
-            root           %sdocroot%;
-            access_log     /var/log/%web_system%/domains/%domain%.log combined;
-            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
-            expires        max;
-            # try_files      $uri @fallback;
-        }
-    }
-
-    location /webmail {
-        disable_symlinks off;
-        proxy_pass      https://%ip%:%web_ssl_port%;
-        location ~* ^.+\.(%proxy_extentions%)$ {
-            root           /var/lib/roundcube;
-            access_log     /var/log/%web_system%/domains/%domain%.log combined;
-            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
-            expires        max;
-            # try_files      $uri @fallback;
-        }
-    }
-
-    location /phpmyadmin {
-        disable_symlinks off;
-        proxy_pass      https://%ip%:%web_ssl_port%;
-        location ~* ^.+\.(%proxy_extentions%)$ {
-            root           /usr/share;
-            access_log     /var/log/%web_system%/domains/%domain%.log combined;
-            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
-            expires        max;
-            # try_files      $uri @fallback;
-        }
-    }
-
-    location /error/ {
-        alias   %home%/%user%/web/%domain%/document_errors/;
-    }
-
-    location @fallback {
-        proxy_pass      https://%ip%:%web_ssl_port%;
-    }
-
-    location ~ /\.ht    {return 404;}
-    location ~ /\.svn/  {return 404;}
-    location ~ /\.git/  {return 404;}
-    location ~ /\.hg/   {return 404;}
-    location ~ /\.bzr/  {return 404;}
-
-    disable_symlinks if_not_owner from=%docroot%;
-
-    include %home%/%user%/conf/web/snginx.%domain%.conf*;
-}
-
diff --git a/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.tpl b/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.tpl
deleted file mode 100644
index 7085e047..00000000
--- a/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.tpl
+++ /dev/null
@@ -1,59 +0,0 @@
-server {
-    listen      %ip%:%proxy_port%;
-    server_name %domain_idn% %alias_idn%;
-    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
-
-    location / {
-        proxy_pass      http://%ip%:%web_port%;
-        location ~* ^.+\.(%proxy_extentions%)$ {
-            root           %docroot%;
-            access_log     /var/log/%web_system%/domains/%domain%.log combined;
-            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
-            expires        max;
-            # try_files      $uri @fallback;
-        }
-    }
-
-    location /webmail {
-        disable_symlinks off;
-        proxy_pass      https://%ip%:%web_ssl_port%;
-        location ~* ^.+\.(%proxy_extentions%)$ {
-            root           /var/lib/roundcube;
-            access_log     /var/log/%web_system%/domains/%domain%.log combined;
-            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
-            expires        max;
-            # try_files      $uri @fallback;
-        }
-    }
-
-    location /phpmyadmin {
-        disable_symlinks off;
-        proxy_pass      https://%ip%:%web_ssl_port%;
-        location ~* ^.+\.(%proxy_extentions%)$ {
-            root           /usr/share;
-            access_log     /var/log/%web_system%/domains/%domain%.log combined;
-            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
-            expires        max;
-            # try_files      $uri @fallback;
-        }
-    }
-
-    location /error/ {
-        alias   %home%/%user%/web/%domain%/document_errors/;
-    }
-
-    location @fallback {
-        proxy_pass      http://%ip%:%web_port%;
-    }
-
-    location ~ /\.ht    {return 404;}
-    location ~ /\.svn/  {return 404;}
-    location ~ /\.git/  {return 404;}
-    location ~ /\.hg/   {return 404;}
-    location ~ /\.bzr/  {return 404;}
-
-    disable_symlinks if_not_owner from=%docroot%;
-
-    include %home%/%user%/conf/web/nginx.%domain%.conf*;
-}
-
diff --git a/install/debian/10/templates/web/nginx/hosting.stpl b/install/debian/10/templates/web/nginx/hosting.stpl
old mode 100755
new mode 100644
diff --git a/install/debian/10/templates/web/nginx/hosting.tpl b/install/debian/10/templates/web/nginx/hosting.tpl
old mode 100755
new mode 100644
diff --git a/install/debian/10/templates/web/nginx/proxy_ip.tpl b/install/debian/10/templates/web/nginx/proxy_ip.tpl
old mode 100755
new mode 100644
diff --git a/install/debian/10/templates/web/nginx/vesta-webmail-phpmyadmin.stpl b/install/debian/10/templates/web/nginx/vesta-webmail-phpmyadmin.stpl
deleted file mode 100644
index 66d21339..00000000
--- a/install/debian/10/templates/web/nginx/vesta-webmail-phpmyadmin.stpl
+++ /dev/null
@@ -1,52 +0,0 @@
-server {
-    listen      %ip%:%proxy_ssl_port% ssl http2;
-    server_name %domain_idn% %alias_idn%;
-    # ssl         on;
-    ssl_certificate      %ssl_pem%;
-    ssl_certificate_key  %ssl_key%;
-    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
-    access_log     /var/log/%web_system%/domains/%domain%.log combined;
-
-    location / {
-        proxy_pass      https://%ip%:12383;
-    }
-
-    location /webmail {
-        disable_symlinks off;
-        proxy_pass      https://%ip%:%web_ssl_port%;
-        location ~* ^.+\.(%proxy_extentions%)$ {
-            root           /var/lib/roundcube;
-            access_log     /var/log/%web_system%/domains/%domain%.log combined;
-            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
-            expires        max;
-            # try_files      $uri @fallback;
-        }
-    }
-
-    location /phpmyadmin {
-        disable_symlinks off;
-        proxy_pass      https://%ip%:%web_ssl_port%;
-        location ~* ^.+\.(%proxy_extentions%)$ {
-            root           /usr/share;
-            access_log     /var/log/%web_system%/domains/%domain%.log combined;
-            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
-            expires        max;
-            # try_files      $uri @fallback;
-        }
-    }
-
-    location /phpmyadmin/ {
-        proxy_pass      https://%ip%:%web_ssl_port%;
-    }
-
-    location ~ /\.ht    {return 404;}
-    location ~ /\.svn/  {return 404;}
-    location ~ /\.git/  {return 404;}
-    location ~ /\.hg/   {return 404;}
-    location ~ /\.bzr/  {return 404;}
-
-    disable_symlinks if_not_owner from=%docroot%;
-
-    include %home%/%user%/conf/web/snginx.%domain_idn%.conf*;
-}
-
diff --git a/install/debian/10/templates/web/nginx/vesta-webmail-phpmyadmin.tpl b/install/debian/10/templates/web/nginx/vesta-webmail-phpmyadmin.tpl
deleted file mode 100644
index 851ac0dc..00000000
--- a/install/debian/10/templates/web/nginx/vesta-webmail-phpmyadmin.tpl
+++ /dev/null
@@ -1,8 +0,0 @@
-server {
-    listen      %ip%:%proxy_port%;
-    server_name %domain_idn% %alias_idn%;
-    location / {
-        rewrite ^(.*) https://%domain_idn%$1 permanent;
-    }
-include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
-}
diff --git a/install/debian/10/templates/web/nginx/vesta.stpl b/install/debian/10/templates/web/nginx/vesta.stpl
deleted file mode 100644
index 62597734..00000000
--- a/install/debian/10/templates/web/nginx/vesta.stpl
+++ /dev/null
@@ -1,32 +0,0 @@
-server {
-    listen      %ip%:%proxy_ssl_port% ssl http2;
-    server_name %domain_idn% %alias_idn%;
-    # ssl         on;
-    ssl_certificate      %ssl_pem%;
-    ssl_certificate_key  %ssl_key%;
-    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
-    access_log     /var/log/%web_system%/domains/%domain%.log combined;
-
-    location / {
-        proxy_pass      https://%ip%:8083;
-    }
-
-    location /webmail/ {
-        proxy_pass      https://%ip%:%web_ssl_port%;
-    }
-
-    location /phpmyadmin/ {
-        proxy_pass      https://%ip%:%web_ssl_port%;
-    }
-
-    location ~ /\.ht    {return 404;}
-    location ~ /\.svn/  {return 404;}
-    location ~ /\.git/  {return 404;}
-    location ~ /\.hg/   {return 404;}
-    location ~ /\.bzr/  {return 404;}
-
-    disable_symlinks if_not_owner from=%docroot%;
-
-    include %home%/%user%/conf/web/snginx.%domain_idn%.conf*;
-}
-
diff --git a/install/debian/10/templates/web/nginx/vesta.tpl b/install/debian/10/templates/web/nginx/vesta.tpl
deleted file mode 100644
index 851ac0dc..00000000
--- a/install/debian/10/templates/web/nginx/vesta.tpl
+++ /dev/null
@@ -1,8 +0,0 @@
-server {
-    listen      %ip%:%proxy_port%;
-    server_name %domain_idn% %alias_idn%;
-    location / {
-        rewrite ^(.*) https://%domain_idn%$1 permanent;
-    }
-include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
-}

From 6d414b14ff8e17112a8f2763e0cb3a236555467f Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Mon, 23 Sep 2019 15:38:35 +0200
Subject: [PATCH 0709/2300] Symlink missing templates

---
 install/vst-install-debian.sh | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 1ef4d9af..376a4d48 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -859,6 +859,18 @@ cp -rf $vestacp/packages $VESTA/data/
 # Installing templates
 cp -rf $vestacp/templates $VESTA/data/
 
+# Symlink missing templates
+ln -s /usr/local/vesta/data/templates/web/nginx/hosting.sh /usr/local/vesta/data/templates/web/nginx/default.sh
+ln -s /usr/local/vesta/data/templates/web/nginx/hosting.tpl /usr/local/vesta/data/templates/web/nginx/default.tpl
+ln -s /usr/local/vesta/data/templates/web/nginx/hosting.stpl /usr/local/vesta/data/templates/web/nginx/default.stpl
+
+ln -s /usr/local/vesta/data/templates/web/apache2/PHP-FPM-73.sh /usr/local/vesta/data/templates/web/apache2/hosting.sh
+ln -s /usr/local/vesta/data/templates/web/apache2/PHP-FPM-73.tpl /usr/local/vesta/data/templates/web/apache2/hosting.tpl
+ln -s /usr/local/vesta/data/templates/web/apache2/PHP-FPM-73.stpl /usr/local/vesta/data/templates/web/apache2/hosting.stpl
+ln -s /usr/local/vesta/data/templates/web/apache2/PHP-FPM-73.sh /usr/local/vesta/data/templates/web/apache2/default.sh
+ln -s /usr/local/vesta/data/templates/web/apache2/PHP-FPM-73.tpl /usr/local/vesta/data/templates/web/apache2/default.tpl
+ln -s /usr/local/vesta/data/templates/web/apache2/PHP-FPM-73.stpl /usr/local/vesta/data/templates/web/apache2/default.stpl
+
 # Set nameservers
 sed -i "s/YOURHOSTNAME1/ns1.$servername/" /usr/local/vesta/data/packages/default.pkg
 sed -i "s/YOURHOSTNAME2/ns2.$servername/" /usr/local/vesta/data/packages/default.pkg

From 890df7a19ddaf01bf7eeb66479bbd1f5549144a7 Mon Sep 17 00:00:00 2001
From: myvesta 
Date: Mon, 23 Sep 2019 15:47:45 +0200
Subject: [PATCH 0710/2300] hosting webmail phpmyadmin nginx tpl

---
 .../web/nginx/hosting-webmail-phpmyadmin.stpl | 62 +++++++++++++++++++
 .../web/nginx/hosting-webmail-phpmyadmin.tpl  | 59 ++++++++++++++++++
 2 files changed, 121 insertions(+)
 create mode 100644 install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.stpl
 create mode 100644 install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.tpl

diff --git a/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.stpl b/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.stpl
new file mode 100644
index 00000000..4fadbbfc
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.stpl
@@ -0,0 +1,62 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    # ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /webmail {
+        disable_symlinks off;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           /var/lib/roundcube;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /phpmyadmin {
+        disable_symlinks off;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           /usr/share;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.tpl b/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.tpl
new file mode 100644
index 00000000..7085e047
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.tpl
@@ -0,0 +1,59 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %docroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /webmail {
+        disable_symlinks off;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           /var/lib/roundcube;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /phpmyadmin {
+        disable_symlinks off;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           /usr/share;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
+

From 3f7e7915f03412d562afe69e68e0146f56eebc09 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Mon, 23 Sep 2019 16:58:59 +0200
Subject: [PATCH 0711/2300] Making roundcube and phpmyadmin works with new
 hosting tpl

---
 install/vst-install-debian.sh | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 376a4d48..25c0ac41 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1437,6 +1437,8 @@ if [ "$release" -eq 10 ]; then
     sed -i "/^group =/c\group = www-data" /etc/php/7.3/fpm/pool.d/$servername.conf
     sed -i "/max_execution_time/c\php_admin_value[max_execution_time] = 900" /etc/php/7.3/fpm/pool.d/$servername.conf
     service php7.3-fpm restart
+    ln -s /var/lib/roundcube /var/lib/roundcube/webmail
+    /usr/local/vesta/bin/v-change-web-domain-proxy-tpl 'admin' "$servername" 'hosting-webmail-phpmyadmin' 'jpg,jpeg,gif,png,ico,svg,css,zip,tgz,gz,rar,bz2,doc,xls,exe,pdf,ppt,txt,odt,ods,odp,odf,tar,wav,bmp,rtf,js,mp3,avi,mpeg,flv,html,htm' 'no'
   fi
 fi
 

From 165814403050030f53aeb670296351bfa3a39ec0 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Mon, 23 Sep 2019 17:31:05 +0200
Subject: [PATCH 0712/2300] Add woff, woff2, xml extension as static file,
 removing html, htm

---
 bin/v-add-web-domain-proxy | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/bin/v-add-web-domain-proxy b/bin/v-add-web-domain-proxy
index 9bd42746..f9ff4142 100755
--- a/bin/v-add-web-domain-proxy
+++ b/bin/v-add-web-domain-proxy
@@ -14,8 +14,7 @@
 user=$1
 domain=$2
 template=$3
-default_extentions="jpg,jpeg,gif,png,ico,svg,css,zip,tgz,gz,rar,bz2,doc,xls,\
-exe,pdf,ppt,txt,odt,ods,odp,odf,tar,wav,bmp,rtf,js,mp3,avi,mpeg,flv,html,htm"
+default_extentions="jpg,jpeg,gif,png,ico,svg,css,zip,tgz,gz,rar,bz2,doc,xls,exe,pdf,ppt,txt,odt,ods,odp,odf,tar,wav,bmp,rtf,js,mp3,avi,mpeg,flv,woff,woff2,xml"
 extentions=${4-$default_extentions}
 restart="$5"
 

From 6b1f3a0e5df409a53dce59db7df1384b9bd38931 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Mon, 23 Sep 2019 17:34:06 +0200
Subject: [PATCH 0713/2300] Add woff, woff2, xml extension as static file,
 removing html, htm

---
 bin/v-add-web-domain | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-add-web-domain b/bin/v-add-web-domain
index 8a71cc9f..8e7daf35 100755
--- a/bin/v-add-web-domain
+++ b/bin/v-add-web-domain
@@ -137,7 +137,7 @@ if [ ! -z "$PROXY_SYSTEM" ]; then
     if [ -z "$proxy_ext" ]; then
         PROXY_EXT="jpg,jpeg,gif,png,ico,svg,css,zip,tgz,gz,rar,bz2,doc,xls"
         PROXY_EXT="$PROXY_EXT,exe,pdf,ppt,txt,odt,ods,odp,odf,tar,wav,bmp"
-        PROXY_EXT="$PROXY_EXT,rtf,js,mp3,avi,mpeg,flv,html,htm"
+        PROXY_EXT="$PROXY_EXT,rtf,js,mp3,avi,mpeg,flv,woff,woff2,xml"
     fi
     add_web_config "$PROXY_SYSTEM" "$PROXY_TEMPLATE.tpl"
 fi

From 1632c27355f3878a9261f14cbfdf795f5e022367 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Mon, 23 Sep 2019 17:35:53 +0200
Subject: [PATCH 0714/2300] Add woff, woff2, xml extension as static file,
 removing html, htm

---
 bin/v-change-web-domain-proxy-tpl | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/bin/v-change-web-domain-proxy-tpl b/bin/v-change-web-domain-proxy-tpl
index 4d022cb9..36c09843 100755
--- a/bin/v-change-web-domain-proxy-tpl
+++ b/bin/v-change-web-domain-proxy-tpl
@@ -14,8 +14,7 @@ user=$1
 domain=$2
 domain_idn=$2
 template=$3
-default_extentions="jpg,jpeg,gif,png,ico,svg,css,zip,tgz,gz,rar,bz2,doc,xls,\
-exe,pdf,ppt,txt,odt,ods,odp,odf,tar,wav,bmp,rtf,js,mp3,avi,mpeg,flv,html,htm"
+default_extentions="jpg,jpeg,gif,png,ico,svg,css,zip,tgz,gz,rar,bz2,doc,xls,exe,pdf,ppt,txt,odt,ods,odp,odf,tar,wav,bmp,rtf,js,mp3,avi,mpeg,flv,woff,woff2,xml"
 extentions=${4-$default_extentions}
 restart="$5"
 

From d08790457acdf74393f8cdf76d97ad5f21821d5e Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Mon, 23 Sep 2019 18:09:01 +0200
Subject: [PATCH 0715/2300] Add woff, woff2, xml extension as static file,
 removing html, htm

---
 web/templates/admin/add_web.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/templates/admin/add_web.html b/web/templates/admin/add_web.html
index 56f25edc..236e47fa 100644
--- a/web/templates/admin/add_web.html
+++ b/web/templates/admin/add_web.html
@@ -114,7 +114,7 @@
                                     
                                     
                                         
-                                            <?php if (!empty($v_proxy_ext)) { echo htmlentities(trim($v_proxy_ext, "'"));} else { echo 'jpeg, jpg, png, gif, bmp, ico, svg, tif, tiff, css, js, htm, html, ttf, otf, webp, woff, txt, csv, rtf, doc, docx, xls, xlsx, ppt, pptx, odf, odp, ods, odt, pdf, psd, ai, eot, eps, ps, zip, tar, tgz, gz, rar, bz2, 7z, aac, m4a, mp3, mp4, ogg, wav, wma, 3gp, avi, flv, m4v, mkv, mov, mp4, mpeg, mpg, wmv, exe, iso, dmg, swf'; }  ?>
+                                            <?php if (!empty($v_proxy_ext)) { echo htmlentities(trim($v_proxy_ext, "'"));} else { echo 'jpeg, jpg, png, gif, bmp, ico, svg, tif, tiff, css, js, ttf, otf, webp, txt, csv, rtf, doc, docx, xls, xlsx, ppt, pptx, odf, odp, ods, odt, pdf, psd, ai, eot, eps, ps, zip, tar, tgz, gz, rar, bz2, 7z, aac, m4a, mp3, mp4, ogg, wav, wma, 3gp, avi, flv, m4v, mkv, mov, mp4, mpeg, mpg, wmv, exe, iso, dmg, swf, woff, woff2, xml'; }  ?>
                                         
                                     
                                 

From 395234b94ca8394361819f46bb28f7e857248672 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Mon, 23 Sep 2019 18:13:59 +0200
Subject: [PATCH 0716/2300] Add woff, woff2, xml extension as static file,
 removing html, htm

---
 install/vst-install-debian.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 25c0ac41..ccecc6db 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1438,7 +1438,7 @@ if [ "$release" -eq 10 ]; then
     sed -i "/max_execution_time/c\php_admin_value[max_execution_time] = 900" /etc/php/7.3/fpm/pool.d/$servername.conf
     service php7.3-fpm restart
     ln -s /var/lib/roundcube /var/lib/roundcube/webmail
-    /usr/local/vesta/bin/v-change-web-domain-proxy-tpl 'admin' "$servername" 'hosting-webmail-phpmyadmin' 'jpg,jpeg,gif,png,ico,svg,css,zip,tgz,gz,rar,bz2,doc,xls,exe,pdf,ppt,txt,odt,ods,odp,odf,tar,wav,bmp,rtf,js,mp3,avi,mpeg,flv,html,htm' 'no'
+    /usr/local/vesta/bin/v-change-web-domain-proxy-tpl 'admin' "$servername" 'hosting-webmail-phpmyadmin' 'jpg,jpeg,gif,png,ico,svg,css,zip,tgz,gz,rar,bz2,doc,xls,exe,pdf,ppt,txt,odt,ods,odp,odf,tar,wav,bmp,rtf,js,mp3,avi,mpeg,flv,woff,woff2,xml' 'no'
   fi
 fi
 

From ae328a0935168aa83e2768714bebfb6c2295aa7f Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Tue, 24 Sep 2019 01:08:17 +0300
Subject: [PATCH 0717/2300] added support for HTTP/2 Let's Encrypt servers

---
 bin/v-add-letsencrypt-domain | 20 ++++++++++----------
 bin/v-add-letsencrypt-user   |  6 +++---
 2 files changed, 13 insertions(+), 13 deletions(-)

diff --git a/bin/v-add-letsencrypt-domain b/bin/v-add-letsencrypt-domain
index 6a12af87..59d51c61 100755
--- a/bin/v-add-letsencrypt-domain
+++ b/bin/v-add-letsencrypt-domain
@@ -109,8 +109,8 @@ fi
 
 # Requesting nonce / STEP 1
 answer=$(curl -s -I "$API/directory")
-nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n')
-status=$(echo "$answer"|grep HTTP/1.1 |tail -n1 |cut -f 2 -d ' ')
+nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n')
+status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ')
 if [[ "$status" -ne 200 ]]; then
     check_result $E_CONNECT "Let's Encrypt nonce request status $status"
 fi
@@ -125,10 +125,10 @@ done
 payload=$(echo "$payload"|sed "s/,$//")
 payload=$payload']}'
 answer=$(query_le_v2 "$url" "$payload" "$nonce")
-nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n')
+nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n')
 authz=$(echo "$answer" |grep "acme/authz" |cut -f2 -d '"')
 finalize=$(echo "$answer" |grep 'finalize":' |cut -f4 -d '"')
-status=$(echo "$answer" |grep HTTP/1.1 |tail -n1 |cut -f2 -d ' ')
+status=$(echo "$answer" |grep HTTP/ |tail -n1 |cut -f2 -d ' ')
 if [[ "$status" -ne 201 ]]; then
     check_result $E_CONNECT "Let's Encrypt new auth status $status"
 fi
@@ -139,8 +139,8 @@ for auth in $authz; do
     answer=$(query_le_v2 "$auth" "$payload" "$nonce")
     url=$(echo "$answer" |grep -A3 $proto |grep url |cut -f 4 -d \")
     token=$(echo "$answer" |grep -A3 $proto |grep token |cut -f 4 -d \")
-    nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n')
-    status=$(echo "$answer"|grep HTTP/1.1 |tail -n1 |cut -f 2 -d ' ')
+    nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n')
+    status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ')
     if [[ "$status" -ne 200 ]]; then
         check_result $E_CONNECT "Let's Encrypt acme/authz bad status $status"
     fi
@@ -198,8 +198,8 @@ for auth in $authz; do
         payload='{}'
         answer=$(query_le_v2 "$url" "$payload" "$nonce")
         validation=$(echo "$answer"|grep -A1 $proto |tail -n1|cut -f4 -d \")
-        nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n')
-        status=$(echo "$answer"|grep HTTP/1.1 |tail -n1 |cut -f 2 -d ' ')
+        nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n')
+        status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ')
         if [[ "$status" -ne 200 ]]; then
             check_result $E_CONNECT "Let's Encrypt validation status $status"
         fi
@@ -224,8 +224,8 @@ ssl_dir=$($BIN/v-generate-ssl-cert "$domain" "info@$domain" "US" "California"\
 csr=$(openssl req -in $ssl_dir/$domain.csr -outform DER |encode_base64)
 payload='{"csr":"'$csr'"}'
 answer=$(query_le_v2 "$finalize" "$payload" "$nonce")
-nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n')
-status=$(echo "$answer"|grep HTTP/1.1 |tail -n1 |cut -f 2 -d ' ')
+nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n')
+status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ')
 certificate=$(echo "$answer"|grep 'certificate":' |cut -f4 -d '"')
 if [[ "$status" -ne 200 ]]; then
     check_result $E_CONNECT "Let's Encrypt finalize bad status $status"
diff --git a/bin/v-add-letsencrypt-user b/bin/v-add-letsencrypt-user
index f3a19163..11aec113 100755
--- a/bin/v-add-letsencrypt-user
+++ b/bin/v-add-letsencrypt-user
@@ -103,16 +103,16 @@ fi
 
 
 # Requesting ACME nonce
-nonce=$(curl -s -I "$API/directory" |grep Nonce |cut -f 2 -d \ |tr -d '\r\n')
+nonce=$(curl -s -I "$API/directory" |grep -i nonce |cut -f2 -d\ |tr -d '\r\n')
 
 # Creating ACME account
 url="$API/acme/new-acct"
 payload='{"termsOfServiceAgreed": true}'
 answer=$(query_le_v2 "$url" "$payload" "$nonce")
-kid=$(echo "$answer" |grep Location: |cut -f2 -d ' '|tr -d '\r')
+kid=$(echo "$answer" |grep -i location: |cut -f2 -d ' '|tr -d '\r')
 
 # Checking answer status
-status=$(echo "$answer" |grep HTTP/1.1 |tail -n1 |cut -f2 -d ' ')
+status=$(echo "$answer" |grep HTTP/ |tail -n1 |cut -f2 -d ' ')
 if [[ "${status:0:2}" -ne "20" ]]; then
     check_result $E_CONNECT "Let's Encrypt acc registration failed $status"
 fi

From 54908c53d674ea19dadc74d0a43419a6c19f1807 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 25 Sep 2019 15:51:21 +0200
Subject: [PATCH 0718/2300] Switch to vesta port if it connection came via
 nginx proxy

---
 web/inc/main.php | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/web/inc/main.php b/web/inc/main.php
index dfa482a1..63b3b8b1 100644
--- a/web/inc/main.php
+++ b/web/inc/main.php
@@ -1,5 +1,10 @@
 
Date: Sat, 28 Sep 2019 22:39:52 +0200
Subject: [PATCH 0719/2300] Create allow-index.php

---
 web/inc/allow-index.php | 9 +++++++++
 1 file changed, 9 insertions(+)
 create mode 100644 web/inc/allow-index.php

diff --git a/web/inc/allow-index.php b/web/inc/allow-index.php
new file mode 100644
index 00000000..47fa5e15
--- /dev/null
+++ b/web/inc/allow-index.php
@@ -0,0 +1,9 @@
+ 
Date: Sun, 29 Sep 2019 00:09:07 +0300
Subject: [PATCH 0720/2300] Release 0.9.8-26

---
 src/deb/ioncube/control              | 2 +-
 src/deb/nginx/control                | 2 +-
 src/deb/php/control                  | 2 +-
 src/deb/softaculous/control          | 2 +-
 src/deb/vesta/control                | 2 +-
 src/rpm/specs/vesta-ioncube.spec     | 2 +-
 src/rpm/specs/vesta-nginx.spec       | 2 +-
 src/rpm/specs/vesta-php.spec         | 2 +-
 src/rpm/specs/vesta-softaculous.spec | 2 +-
 src/rpm/specs/vesta.spec             | 5 ++++-
 upd/add_notifications.sh             | 2 +-
 11 files changed, 14 insertions(+), 11 deletions(-)

diff --git a/src/deb/ioncube/control b/src/deb/ioncube/control
index eb6cbe88..e8dcc311 100644
--- a/src/deb/ioncube/control
+++ b/src/deb/ioncube/control
@@ -1,7 +1,7 @@
 Source: vesta-ioncube
 Package: vesta-ioncube
 Priority: optional
-Version: 0.9.8-25
+Version: 0.9.8-26
 Section: admin
 Maintainer: Serghey Rodin 
 Homepage: https://www.ioncube.com
diff --git a/src/deb/nginx/control b/src/deb/nginx/control
index 8ee25b92..2313022f 100644
--- a/src/deb/nginx/control
+++ b/src/deb/nginx/control
@@ -1,7 +1,7 @@
 Source: vesta-nginx
 Package: vesta-nginx
 Priority: optional
-Version: 0.9.8-25
+Version: 0.9.8-26
 Section: admin
 Maintainer: Serghey Rodin 
 Homepage: http://vestacp.com
diff --git a/src/deb/php/control b/src/deb/php/control
index 55f27612..9bcbec41 100644
--- a/src/deb/php/control
+++ b/src/deb/php/control
@@ -1,7 +1,7 @@
 Source: vesta-php
 Package: vesta-php
 Priority: optional
-Version: 0.9.8-25
+Version: 0.9.8-26
 Section: admin
 Maintainer: Serghey Rodin 
 Homepage: http://vestacp.com
diff --git a/src/deb/softaculous/control b/src/deb/softaculous/control
index 9c5ad99c..121cebed 100644
--- a/src/deb/softaculous/control
+++ b/src/deb/softaculous/control
@@ -1,7 +1,7 @@
 Source: vesta-softaculous
 Package: vesta-softaculous
 Priority: optional
-Version: 0.9.8-25
+Version: 0.9.8-26
 Section: admin
 Maintainer: Serghey Rodin 
 Homepage: https://www.softaculous.com
diff --git a/src/deb/vesta/control b/src/deb/vesta/control
index 2a6ddaf2..505b2797 100644
--- a/src/deb/vesta/control
+++ b/src/deb/vesta/control
@@ -1,7 +1,7 @@
 Source: vesta
 Package: vesta
 Priority: optional
-Version: 0.9.8-25
+Version: 0.9.8-26
 Section: admin
 Maintainer: Serghey Rodin 
 Homepage: http://vestacp.com
diff --git a/src/rpm/specs/vesta-ioncube.spec b/src/rpm/specs/vesta-ioncube.spec
index 868d84bd..c3ac1187 100644
--- a/src/rpm/specs/vesta-ioncube.spec
+++ b/src/rpm/specs/vesta-ioncube.spec
@@ -1,6 +1,6 @@
 Name:           vesta-ioncube
 Version:        0.9.8
-Release:        25
+Release:        26
 Summary:        ionCube Loader
 Group:          System Environment/Base
 License:        "Freely redistributable without restriction"
diff --git a/src/rpm/specs/vesta-nginx.spec b/src/rpm/specs/vesta-nginx.spec
index 3d3ab4bd..f3250c9e 100644
--- a/src/rpm/specs/vesta-nginx.spec
+++ b/src/rpm/specs/vesta-nginx.spec
@@ -1,6 +1,6 @@
 Name:           vesta-nginx
 Version:        0.9.8
-Release:        25
+Release:        26
 Summary:        Vesta Control Panel
 Group:          System Environment/Base
 License:        BSD-like
diff --git a/src/rpm/specs/vesta-php.spec b/src/rpm/specs/vesta-php.spec
index ee07bbd0..4272db6a 100644
--- a/src/rpm/specs/vesta-php.spec
+++ b/src/rpm/specs/vesta-php.spec
@@ -1,6 +1,6 @@
 Name:           vesta-php
 Version:        0.9.8
-Release:        25
+Release:        26
 Summary:        Vesta Control Panel
 Group:          System Environment/Base
 License:        GPL
diff --git a/src/rpm/specs/vesta-softaculous.spec b/src/rpm/specs/vesta-softaculous.spec
index 23b8cf16..c094ae78 100644
--- a/src/rpm/specs/vesta-softaculous.spec
+++ b/src/rpm/specs/vesta-softaculous.spec
@@ -1,6 +1,6 @@
 Name:           vesta-softaculous
 Version:        0.9.8
-Release:        25
+Release:        26
 Summary:        Vesta Control Panel
 Group:          System Environment/Base
 License:        Softaculous License
diff --git a/src/rpm/specs/vesta.spec b/src/rpm/specs/vesta.spec
index d0b59e6a..07c53d1c 100644
--- a/src/rpm/specs/vesta.spec
+++ b/src/rpm/specs/vesta.spec
@@ -1,6 +1,6 @@
 Name:           vesta
 Version:        0.9.8
-Release:        25
+Release:        26
 Summary:        Vesta Control Panel
 Group:          System Environment/Base
 License:        GPL
@@ -68,6 +68,9 @@ fi
 %config(noreplace) %{_vestadir}/web/css/uploadify.css
 
 %changelog
+* Sat 29 2019 Serghey Rodin  - 0.9.8-26
+- Let's Encrypt HTTP/2 support
+
 * Thu Aug 15 2019 Serghey Rodin  - 0.9.8-25
 - Security bugfixes
 - LEv2 idn fix
diff --git a/upd/add_notifications.sh b/upd/add_notifications.sh
index 06882d29..46974585 100755
--- a/upd/add_notifications.sh
+++ b/upd/add_notifications.sh
@@ -5,4 +5,4 @@ rm -f /usr/local/vesta/data/users/admin/notifications.conf
 /usr/local/vesta/bin/v-add-user-notification admin "File Manager" "Browse, copy, edit, view, and retrieve all your web domain files using a fully featured File Manager. Plugin is available for purchase." 'filemanager'
 /usr/local/vesta/bin/v-add-user-notification admin "Chroot SFTP" "If you want to have SFTP accounts that will be used only to transfer files (and not to SSH), you can  purchase and enable SFTP Chroot"
 /usr/local/vesta/bin/v-add-user-notification admin "Softaculous" "Softaculous is one of the best Auto Installers and it is finally available"
-/usr/local/vesta/bin/v-add-user-notification admin "Release 0.9.8-25" "This release is about stability and refinement. We added Let's Encrypt v2 support and added server certificate management tools. For more information please read release notes"
+/usr/local/vesta/bin/v-add-user-notification admin "Release 0.9.8-26" "This release adds support for Lets Encrypt HTTP/2. For more information please read release notes"

From 270d29ff0679cfd1d94e21771eba3941187286cb Mon Sep 17 00:00:00 2001
From: Serghey Rodin 
Date: Sun, 29 Sep 2019 00:17:54 +0300
Subject: [PATCH 0721/2300] added month to the release log date

---
 src/rpm/specs/vesta.spec | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/rpm/specs/vesta.spec b/src/rpm/specs/vesta.spec
index 07c53d1c..904bdc4e 100644
--- a/src/rpm/specs/vesta.spec
+++ b/src/rpm/specs/vesta.spec
@@ -68,7 +68,7 @@ fi
 %config(noreplace) %{_vestadir}/web/css/uploadify.css
 
 %changelog
-* Sat 29 2019 Serghey Rodin  - 0.9.8-26
+* Sat Sep 29 2019 Serghey Rodin  - 0.9.8-26
 - Let's Encrypt HTTP/2 support
 
 * Thu Aug 15 2019 Serghey Rodin  - 0.9.8-25

From f0fa7bdd2bcc084c32a58c193463e835539077e2 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 28 Sep 2019 23:55:19 +0200
Subject: [PATCH 0722/2300] Moving to myvestacp.com

---
 src/deb/vesta_compile.sh | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/deb/vesta_compile.sh b/src/deb/vesta_compile.sh
index 18ce6c92..239b1ffd 100644
--- a/src/deb/vesta_compile.sh
+++ b/src/deb/vesta_compile.sh
@@ -30,7 +30,7 @@ if [ $# -gt 4 ]; then
     add_deb_to_apt_repo=$5
 fi
 
-MAINTAINER_EMAIL='predrag@hostingpanel.dev'
+MAINTAINER_EMAIL='predrag@myvestacp.com'
 
 TARGET_DEB_NAME_MAIN='buster'
 TARGET_DEB_VER_MAIN='10'
@@ -44,10 +44,10 @@ INSTALL_DIR="/usr/local/vesta"
 GIT_SRC='https://raw.githubusercontent.com/myvesta/vesta/master/src'
 GIT_REP="$GIT_REP/deb"
 
-C_WEB_ADDRESS="c.vesta.hostingpanel.dev"
+C_WEB_ADDRESS="c.myvestacp.com"
 PATH_OF_C_WEB_FOLDER_ROOT="/var/www/$C_WEB_ADDRESS/html"
 PATH_OF_C_WEB_FOLDER="$PATH_OF_C_WEB_FOLDER_ROOT/debian/$TARGET_DEB_VER"
-APT_WEB_ADDRESS="apt.vesta.hostingpanel.dev"
+APT_WEB_ADDRESS="apt.myvestacp.com"
 PATH_OF_APT_REPO_ROOT="/var/www/$APT_WEB_ADDRESS/html"
 PATH_OF_APT_REPO="$PATH_OF_APT_REPO_ROOT/$TARGET_DEB_NAME"
 

From 9fcdce0e1dc85f3223e8c6dbe870e2c26b704dac Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 28 Sep 2019 23:58:24 +0200
Subject: [PATCH 0723/2300] Moving to myvestacp.com

---
 install/vst-install-debian.sh | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index ccecc6db..276e5210 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -8,8 +8,8 @@
 export PATH=$PATH:/sbin
 export DEBIAN_FRONTEND=noninteractive
 
-RHOST='apt.vesta.hostingpanel.dev'
-CHOST='c.vesta.hostingpanel.dev'
+RHOST='apt.myvestacp.com'
+CHOST='c.myvestacp.com'
 VERSION='debian'
 VESTA='/usr/local/vesta'
 memory=$(grep 'MemTotal' /proc/meminfo |tr ' ' '\n' |grep [0-9])
@@ -293,7 +293,7 @@ else
 fi
 
 # Checking repository availability
-wget -q "apt.vesta.hostingpanel.dev/deb_signing.key" -O /dev/null
+wget -q "apt.myvestacp.com/deb_signing.key" -O /dev/null
 check_result $? "No access to Vesta repository"
 
 # Check installed packages
@@ -1100,8 +1100,8 @@ if [ "$mysql" = 'yes' ]; then
       rm -fr phpMyAdmin-$pma_v-all-languages
       rm -f phpMyAdmin-$pma_v-all-languages.tar.gz
       
-      wget -nv -O /root/phpmyadmin/pma.sh http://c.vesta.hostingpanel.dev/debian/10/pma/pma.sh 
-      wget -nv -O /root/phpmyadmin/create_tables.sql http://c.vesta.hostingpanel.dev/debian/10/pma/create_tables.sql
+      wget -nv -O /root/phpmyadmin/pma.sh http://c.myvestacp.com/debian/10/pma/pma.sh 
+      wget -nv -O /root/phpmyadmin/create_tables.sql http://c.myvestacp.com/debian/10/pma/create_tables.sql
       bash /root/phpmyadmin/pma.sh
       blowfish=$(gen_pass)
       echo "\$cfg['blowfish_secret'] = '$blowfish';" >> /etc/phpmyadmin/config.inc.php

From add0c9756b081677d32207ba3e45bbaf844993b1 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 29 Sep 2019 00:22:20 +0200
Subject: [PATCH 0724/2300] Create latest.txt

---
 src/deb/latest.txt | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 src/deb/latest.txt

diff --git a/src/deb/latest.txt b/src/deb/latest.txt
new file mode 100644
index 00000000..6d1b9e6c
--- /dev/null
+++ b/src/deb/latest.txt
@@ -0,0 +1 @@
+vesta-0.9.8-25

From 9365252623cc43c3f875c44a026c83c1c78a1137 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 29 Sep 2019 00:30:38 +0200
Subject: [PATCH 0725/2300] Changing URL for latest version

---
 bin/v-list-sys-vesta-updates | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-list-sys-vesta-updates b/bin/v-list-sys-vesta-updates
index adcd6a1a..62e2013b 100755
--- a/bin/v-list-sys-vesta-updates
+++ b/bin/v-list-sys-vesta-updates
@@ -61,7 +61,7 @@ shell_list() {
 #----------------------------------------------------------#
 
 # Checking official latest version
-latest=$(wget -q -T 1 -t 1 http://c.vestacp.com/latest.txt -O -)
+latest=$(wget -q -T 1 -t 1 http://c.myvestacp.com/latest.txt -O -)
 
 # Checking installed vesta version
 if [ -d "/etc/sysconfig" ]; then

From b0f14c48448fef3e6ffa5340faf77ba6f7cb301f Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 29 Sep 2019 00:35:10 +0200
Subject: [PATCH 0726/2300] Moving to myvestacp.com

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 51a967cc..fb5dfd27 100644
--- a/README.md
+++ b/README.md
@@ -45,7 +45,7 @@ How to install
 ----------------------------
 Download the installation script:
 ```bash
-curl -O http://c.vesta.hostingpanel.dev/vst-install-debian.sh
+curl -O http://c.myvestacp.com/vst-install-debian.sh
 ```
 Then run it:
 ```bash

From 8e81b7cf19f0754f035bba78de1ca51e175e5ccd Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 29 Sep 2019 00:37:43 +0200
Subject: [PATCH 0727/2300] Copy latest.txt

---
 src/deb/vesta_compile.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/deb/vesta_compile.sh b/src/deb/vesta_compile.sh
index 239b1ffd..4cbde785 100644
--- a/src/deb/vesta_compile.sh
+++ b/src/deb/vesta_compile.sh
@@ -271,6 +271,7 @@ if [ "$CWEB_B" = true ]; then
   if [ ! -f "$PATH_OF_C_WEB_FOLDER_ROOT/deb_signing.key" ]; then
     cp /root/vesta/install/debian/$TARGET_DEB_VER_MAIN/deb_signing.key $PATH_OF_C_WEB_FOLDER_ROOT/deb_signing.key
   fi
+  cp /root/vesta/src/deb/latest.txt $PATH_OF_C_WEB_FOLDER_ROOT/latest.txt
   cd $PATH_OF_C_WEB_FOLDER
   
   if [ -f "packages.tar.gz" ]; then

From d1cba4e5ccfc825e0ba93cd777e6e84a1ce8b2c2 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 29 Sep 2019 00:50:08 +0200
Subject: [PATCH 0728/2300] Moving to myvestacp.com

---
 src/deb/vesta/postinst | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index 9d47da77..93dfad7e 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -10,4 +10,11 @@ if [ -x "/root/vesta-patch.sh" ]; then
     /root/vesta-patch.sh
 fi
 
+check_apt=$(grep -c 'vesta.hostingpanel.dev' /etc/apt/sources.list.d/vesta.list)
+if [ "$check_apt" -eq 1 ]; then
+    wget -O - http://apt.myvestacp.com/deb_signing.key | sudo apt-key add -
+    codename="$(cat /etc/os-release |grep VERSION= |cut -f 2 -d \(|cut -f 1 -d \))"
+    echo "deb http://apt.myvestacp.com/$codename/ $codename vesta" > /etc/apt/sources.list.d/vesta.list
+fi
+
 exit 0

From 50cc5d5b35a1580d0c3f1574ce1dd1d3b514432a Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 29 Sep 2019 19:23:25 +0200
Subject: [PATCH 0729/2300] convert-vesta-to-myvesta.sh

---
 .../for-download/tools/convert-vesta-to-myvesta.sh   | 12 ++++++++++++
 1 file changed, 12 insertions(+)
 create mode 100644 src/deb/for-download/tools/convert-vesta-to-myvesta.sh

diff --git a/src/deb/for-download/tools/convert-vesta-to-myvesta.sh b/src/deb/for-download/tools/convert-vesta-to-myvesta.sh
new file mode 100644
index 00000000..0154297f
--- /dev/null
+++ b/src/deb/for-download/tools/convert-vesta-to-myvesta.sh
@@ -0,0 +1,12 @@
+#!/bin/bash
+
+# *** Debian only ***
+
+wget -O - http://apt.myvestacp.com/deb_signing.key | sudo apt-key add -
+codename="$(cat /etc/os-release |grep VERSION= |cut -f 2 -d \(|cut -f 1 -d \))"
+echo "deb http://apt.myvestacp.com/$codename/ $codename vesta" > /etc/apt/sources.list.d/vesta.list
+apt update
+apt install -y vesta vesta-php vesta-nginx
+
+service vesta stop
+service vesta start

From f6bca2a8e1d210e77bf34d0844ab0ba1e2adc68e Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 30 Sep 2019 14:11:31 +0200
Subject: [PATCH 0730/2300] Moving to myvestacp.com

---
 src/deb/vesta/control | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/deb/vesta/control b/src/deb/vesta/control
index f326eb76..5659128e 100644
--- a/src/deb/vesta/control
+++ b/src/deb/vesta/control
@@ -3,8 +3,8 @@ Package: vesta
 Priority: optional
 Version: 0.9.8-25
 Section: admin
-Maintainer: Predrag Damnjanovic 
-Homepage: http://vesta.hostingpanel.dev
+Maintainer: Predrag Damnjanovic 
+Homepage: http://myvestacp.com
 Architecture: amd64
 Depends: bash, awk, sed
 Description: Vesta

From f477c754180ade19420735f5ac7f719aced70dc0 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 30 Sep 2019 18:37:30 +0200
Subject: [PATCH 0731/2300] Trigger for /root/update_firewall_custom.sh

---
 bin/v-update-firewall | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/bin/v-update-firewall b/bin/v-update-firewall
index 46e2073a..db20b1f2 100755
--- a/bin/v-update-firewall
+++ b/bin/v-update-firewall
@@ -72,6 +72,10 @@ for ip in $(ls $VESTA/data/ips); do
 done
 echo "$iptables -A INPUT -s 127.0.0.1 -j ACCEPT" >> $tmp
 
+if [ -x "/root/update_firewall_custom.sh" ]
+    /root/update_firewall_custom.sh 1
+fi
+
 # Pasring iptables rules
 IFS=$'\n'
 for line in $(sort -r -n -k 2 -t \' $rules); do

From 41f4778c7e316e0914ede93a0a5cfd84b4b9ee3f Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 30 Sep 2019 18:41:32 +0200
Subject: [PATCH 0732/2300] Syntax fix for update_firewall_custom.sh

---
 bin/v-update-firewall | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-update-firewall b/bin/v-update-firewall
index db20b1f2..817d07ef 100755
--- a/bin/v-update-firewall
+++ b/bin/v-update-firewall
@@ -72,7 +72,7 @@ for ip in $(ls $VESTA/data/ips); do
 done
 echo "$iptables -A INPUT -s 127.0.0.1 -j ACCEPT" >> $tmp
 
-if [ -x "/root/update_firewall_custom.sh" ]
+if [ -x "/root/update_firewall_custom.sh" ]; then
     /root/update_firewall_custom.sh 1
 fi
 

From 8652b25dd0b9d2b11a6e502ae1355aa49e86bd11 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 30 Sep 2019 18:47:33 +0200
Subject: [PATCH 0733/2300] Fix for update_firewall_custom.sh

---
 bin/v-update-firewall | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/bin/v-update-firewall b/bin/v-update-firewall
index 817d07ef..d2d06355 100755
--- a/bin/v-update-firewall
+++ b/bin/v-update-firewall
@@ -72,8 +72,9 @@ for ip in $(ls $VESTA/data/ips); do
 done
 echo "$iptables -A INPUT -s 127.0.0.1 -j ACCEPT" >> $tmp
 
+# Triger for custom iptables commands
 if [ -x "/root/update_firewall_custom.sh" ]; then
-    /root/update_firewall_custom.sh 1
+    /root/update_firewall_custom.sh "$tmp" "1"
 fi
 
 # Pasring iptables rules

From b8e08b6ad8b70fc50f1f84af2abcc17990fee6f1 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 30 Sep 2019 18:52:26 +0200
Subject: [PATCH 0734/2300] Moving to myvestacp.com

---
 src/deb/nginx/copyright | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/deb/nginx/copyright b/src/deb/nginx/copyright
index 6436d28e..5f58e6bd 100644
--- a/src/deb/nginx/copyright
+++ b/src/deb/nginx/copyright
@@ -1,9 +1,9 @@
 Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
 Upstream-Name: vesta-nginx
-Source: http://vesta.hostingpanel.dev
+Source: http://myvestacp.com
 
 Files: *
-Copyright: 2019 MyVesta 
+Copyright: 2019 MyVesta 
 License: GPL-3.0+
 Remarks: MyVesta is a fork from VestaCP, special thanks to vestacp.com and Serghey Rodin
 

From 679893e71b5f4972884e01bd7af03e158fdbd503 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 30 Sep 2019 18:53:23 +0200
Subject: [PATCH 0735/2300] Moving to myvestacp.com

---
 src/deb/nginx/control | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/deb/nginx/control b/src/deb/nginx/control
index 177158bc..67818481 100644
--- a/src/deb/nginx/control
+++ b/src/deb/nginx/control
@@ -3,8 +3,8 @@ Package: vesta-nginx
 Priority: optional
 Version: 0.9.8-25
 Section: admin
-Maintainer: Predrag Damnjanovic 
-Homepage: http://vesta.hostingpanel.dev
+Maintainer: Predrag Damnjanovic 
+Homepage: http://myvestacp.com
 Architecture: amd64
 Depends: vesta
 Description: Vesta Nginx

From 96c1dd2276c8c5d8db301c4f6ed397bbc2ad8cab Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 30 Sep 2019 18:54:51 +0200
Subject: [PATCH 0736/2300] Moving to myvestacp.com

---
 src/deb/vesta/copyright | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/deb/vesta/copyright b/src/deb/vesta/copyright
index 53e623e3..8845a756 100644
--- a/src/deb/vesta/copyright
+++ b/src/deb/vesta/copyright
@@ -1,9 +1,9 @@
 Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
-Upstream-Name: vesta-php
-Source: http://vesta.hostingpanel.dev
+Upstream-Name: vesta
+Source: http://myvestacp.com
 
 Files: *
-Copyright: 2019 MyVesta 
+Copyright: 2019 MyVesta 
 License: GPL-3.0+
 Remarks: MyVesta is a fork from VestaCP, special thanks to vestacp.com and Serghey Rodin
 

From 6d1f189de13696fc8b8123b89d895c9d773a6ad4 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 30 Sep 2019 18:56:29 +0200
Subject: [PATCH 0737/2300] Moving to myvestacp.com

---
 src/deb/php/copyright | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/deb/php/copyright b/src/deb/php/copyright
index 53e623e3..af8b3c23 100644
--- a/src/deb/php/copyright
+++ b/src/deb/php/copyright
@@ -1,9 +1,9 @@
 Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
 Upstream-Name: vesta-php
-Source: http://vesta.hostingpanel.dev
+Source: http://myvestacp.com
 
 Files: *
-Copyright: 2019 MyVesta 
+Copyright: 2019 MyVesta 
 License: GPL-3.0+
 Remarks: MyVesta is a fork from VestaCP, special thanks to vestacp.com and Serghey Rodin
 

From 98ca075bdee64d1de24c8121dc7b127d84f05f34 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 30 Sep 2019 18:57:35 +0200
Subject: [PATCH 0738/2300] Moving to myvestacp.com

---
 src/deb/php/control | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/deb/php/control b/src/deb/php/control
index 6e268179..aafb1adc 100644
--- a/src/deb/php/control
+++ b/src/deb/php/control
@@ -3,8 +3,8 @@ Package: vesta-php
 Priority: optional
 Version: 0.9.8-25
 Section: admin
-Maintainer: Predrag Damnjanovic 
-Homepage: http://vesta.hostingpanel.dev
+Maintainer: Predrag Damnjanovic 
+Homepage: http://myvestacp.com
 Architecture: amd64
 Depends: vesta
 Description: Vesta php-fpm

From 91136300ea932480092a84e79335bb29d84ac571 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 1 Oct 2019 11:32:30 +0200
Subject: [PATCH 0739/2300] Moving to myvestacp.com

---
 install/vst-install-debian.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 276e5210..d72782b2 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1611,7 +1611,7 @@ Thank you.
 
 --
 Sincerely yours
-vestacp.com team
+myvestacp.com team
 " > $tmpfile
 
 send_mail="$VESTA/web/inc/mail-wrapper.php"

From b951743e563bba9b4efb16343a773216c263efdd Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 1 Oct 2019 13:40:13 +0200
Subject: [PATCH 0740/2300] Deleting blanko in allow-index.php

---
 web/inc/allow-index.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/inc/allow-index.php b/web/inc/allow-index.php
index 47fa5e15..7e73ee7e 100644
--- a/web/inc/allow-index.php
+++ b/web/inc/allow-index.php
@@ -1,4 +1,4 @@
- 
Date: Tue, 1 Oct 2019 21:18:38 +0700
Subject: [PATCH 0741/2300] update id.php

---
 web/inc/i18n/id.php | 100 ++++++++++++++++++++++----------------------
 1 file changed, 50 insertions(+), 50 deletions(-)

diff --git a/web/inc/i18n/id.php b/web/inc/i18n/id.php
index 4702b7cc..dd870f0d 100644
--- a/web/inc/i18n/id.php
+++ b/web/inc/i18n/id.php
@@ -158,10 +158,10 @@ $LANG['id'] = array(
     'minute'  => 'menit',
     'hour'  => 'jam',
     'day'  => 'hari',
-    'days'  => ' hari',
-    'hours'  => ' jam',
-    'minutes'  => ' menit',
-    'month'  => ' bulan',
+    'days'  => 'hari',
+    'hours'  => 'jam',
+    'minutes'  => 'menit',
+    'month'  => 'bulan',
     'package'  => 'paket',
     'Bandwidth'  => 'Bandwidth',
     'Disk'  => 'Diska',
@@ -196,7 +196,7 @@ $LANG['id'] = array(
     'SSL Home Directory'  => 'Direktori Home SSL',
     'Lets Encrypt Support'  => 'Dukungan Lets Encrypt',
     'Lets Encrypt'  => 'Lets Encrypt',
-    'Your certificate will be automatically issued in 5 minutes' => 'Sertifikat anda akan otomatis didapat dalam 5 menit',
+    'Your certificate will be automatically issued in 5 minutes' => 'Sertifikat anda akan otomatis diterbitkan dalam 5 menit',
     'Proxy Support'  => 'Dukungan Proxy',
     'Proxy Extensions'  => 'Ekstensi Proxy',
     'Web Statistics'  => 'Statistik Web',
@@ -219,11 +219,11 @@ $LANG['id'] = array(
     'IMAP hostname'  => 'hostname IMAP',
     'IMAP port'  => 'port IMAP',
     'IMAP security'  => 'keamanan IMAP',
-    'IMAP auth method'  => 'metode autentikasi IMAP',
+    'IMAP auth method'  => 'metode otentikasi IMAP',
     'SMTP hostname'  => 'hostname SMTP',
     'SMTP port'  => 'port SMTP',
     'SMTP security'  => 'keamanan SMTP',
-    'SMTP auth method'  => 'metode autentikasi SMTP',
+    'SMTP auth method'  => 'metode otentikasi SMTP',
     'STARTTLS'  => 'STARTTLS',
     'Normal password'  => 'kata sandi',
     'database'  => 'basis data',
@@ -237,7 +237,7 @@ $LANG['id'] = array(
     'Day of week'  => 'Hari dalam Minggu',
     'local'  => 'lokal',
     'Run Time'  => 'Run Time',
-    'Backup Size'  => 'Ukuran Backup',
+    'Backup Size'  => 'Ukuran Cadangan',
     'SYS'  => 'SYS',
     'Domains'  => 'Domains',
     'Status'  => 'Status',
@@ -268,25 +268,25 @@ $LANG['id'] = array(
     'ftp server'  => 'server ftp',
     'job scheduler'  => 'jadwal pekerjaan',
     'firewall'  => 'firewall',
-    'brute-force monitor'  => 'brute-force monitor',
+    'brute-force monitor'  => 'pantau brute-force',
     'CPU'  => 'CPU',
     'Memory'  => 'Memori',
     'Uptime'  => 'Uptime',
     'core package'  => 'paket inti',
     'php interpreter'  => 'php interpreter',
-    'internal web server'  => 'internal web server',
+    'internal web server'  => 'server web internal',
     'Version'  => 'Versi',
     'Release'  => 'Rilis',
     'Architecture'  => 'Arsitektur',
     'Object'  => 'Objek',
     'Username'  => 'Nama Pengguna',
     'Password'  => 'Kata sandi',
-    'Email'  => 'Email',
+    'Email'  => 'Surel',
     'Package'  => 'Paket',
     'Language'  => 'Bahasa',
     'First Name'  => 'Nama Depan',
     'Last Name'  => 'Nama Belakang',
-    'Send login credentials to email address'  => 'Kirim kredensial login ke alamat email',
+    'Send login credentials to email address'  => 'Kirim kredensial login ke alamat surel',
     'Default Template'  => 'Template Standar',
     'Default Name Servers'  => 'Name Servers Standar',
     'Domain'  => 'Domain',
@@ -300,13 +300,13 @@ $LANG['id'] = array(
     'SSL Certificate Authority / Intermediate'  => 'Otoritas Sertifikat SSL / Menengah',
     'SSL CSR' => 'SSL CSR',
     'optional'  => 'opsi',
-    'internal' => 'intern',
+    'internal' => 'internal',
     'Statistics Authorization'  => 'Statistik Otoritas',
     'Statistics Auth'  => 'Statistik Otoritas',
     'Account'  => 'Pengguna',
-    'Prefix will be automaticaly added to username'  => 'Prefix %s nantinya ditambahin otomatis ke nama pengguna',
-    'Send FTP credentials to email'  => 'Kirim kredensial FTP ke email',
-    'Expiration Date'  => 'Tanggal Kadaluarsa',
+    'Prefix will be automaticaly added to username'  => 'Prefix %s akan otomatis ditambahkan ke nama pengguna',
+    'Send FTP credentials to email'  => 'Kirim kredensial FTP ke surel',
+    'Expiration Date'  => 'Tanggal Kadaluwarsa',
     'YYYY-MM-DD'  => 'YYYY-MM-DD',
     'Name servers'  => 'Name server',
     'Record'  => 'Record',
@@ -316,7 +316,7 @@ $LANG['id'] = array(
     'in megabytes'  => 'dalam megabytes',
     'Message'  => 'Pesan',
     'use local-part'  => 'gunakan part lokal',
-    'one or more email addresses'  => 'satu atau lebih alamat email',
+    'one or more email addresses'  => 'satu atau lebih alamat surel',
     'Prefix will be automaticaly added to database name and database user'  => 'Prefix  %s akan otomatis ditambahkan ke nama basis data dan pengguna basis data',
     'Database'  => 'Basis Data',
     'Type'  => 'Jenis',
@@ -407,7 +407,7 @@ $LANG['id'] = array(
     'cron job' => 'cron job',
 
     'cron' => 'cron',
-    'user dir' => 'dir pengguna',
+    'user dir' => 'direktori pengguna',
 
     'unlimited'  => 'tidak terbatas',
     '1 account'  => '1 pengguna',
@@ -489,14 +489,14 @@ $LANG['id'] = array(
     'RESTART_CONFIRMATION' => 'Apakah anda yakin ingin me-restart %s?',
     'Welcome'  => 'Selamat Datang',
     'LOGGED_IN_AS'  => 'Masuk sebagai pengguna %s',
-    'Error'  => 'Kesalahan',
+    'Error'  => 'Galat',
     'Invalid username or password'  => 'Nama pengguna atau kata sandi salah',
     'Invalid username or code'  => 'Kode atau nama pengguna salah',
     'Passwords not match'  => 'Kata sandi tidak sama',
     'Please enter valid email address.'  => 'Masukkan alamat surel yang valid.',
     'Field "%s" can not be blank.'  => 'Field "%s" tidak boleh kosong.',
     'Password is too short.'  => 'Kata sandi terlalu pendek (minimal 6 karakter)',
-    'Error code:'  => 'Kode kesalahan: %s',
+    'Error code:'  => 'Kode galat: %s',
     'SERVICE_ACTION_FAILED'  => '"%s" "%s" gagal',
     'IP address is in use' => 'Alamat IP sudah digunakan',
     'BACKUP_SCHEDULED'  => 'Tugas sudah ditambahkan ke antrian. email pemberitahuan akan dikirim ketika cadangan telah siap diunduh.',
@@ -560,11 +560,11 @@ $LANG['id'] = array(
     'MAIL Server' => 'MAIL Server',
     'Antivirus' => 'Antivirus',
     'AntiSpam' => 'AntiSpam',
-    'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate',
+    'Use Web Domain SSL Certificate' => 'Gunakan Sertifikat SSL Domain Web',
     'Webmail URL' => 'Webmail URL',
-    'MySQL Support' => 'MySQL Support',
+    'MySQL Support' => 'Dukungan MySQL',
     'phpMyAdmin URL' => 'phpMyAdmin URL',
-    'PostgreSQL Support' => 'PostgreSQL Support',
+    'PostgreSQL Support' => 'Dukungan PostgreSQL',
     'phpPgAdmin URL' => 'phpPgAdmin URL',
     'Maximum Number Of Databases' => 'Jumlah maximal basis data',
     'Current Number Of Databases' => 'Jumlah database saat ini',
@@ -581,7 +581,7 @@ $LANG['id'] = array(
     'Reseller Role' => 'Aturan Reseller',
     'Web Config Editor' => 'Web Config Editor',
     'Template Manager' => 'Template Manager',
-    'Backup Migration Manager' => 'Backup Migration Manager',
+    'Backup Migration Manager' => 'Manajer Migrasi Cadangan',
     'FileManager' => 'FileManager',
     'show: CPU / MEM / NET / DISK' => 'tampilkan: CPU / MEM / NET / DISK',
 
@@ -598,7 +598,7 @@ $LANG['id'] = array(
     'name' => 'nama',
     'Initializing' => 'Inisialisasi',
     'UPLOAD' => 'UNGGAH',
-    'NEW FILE' => 'FILE BARU',
+    'NEW FILE' => 'BERKAS BARU',
     'NEW DIR' => 'DIREKTORI BARU',
     'DELETE' => 'HAPUS',
     'RENAME' => 'GANTI',
@@ -612,10 +612,10 @@ $LANG['id'] = array(
     'Hit' => 'Hit',
     'to reload the page' => 'untuk memuat ulang halaman',
     'Directory name cannot be empty' => 'Nama Direktori tidak boleh kosong',
-    'File name cannot be empty' => 'Nama File tidak boleh kosong',
-    'No file selected' => 'Tidak ada file yang dipilih',
-    'No file or folder selected' => 'Tidak ada file atau folder yg dipilih',
-    'File type not supported' => 'Tipe file tidak didukung',
+    'File name cannot be empty' => 'Nama berkas tidak boleh kosong',
+    'No file selected' => 'Tidak ada berkas yang dipilih',
+    'No file or folder selected' => 'Tidak ada berkas atau folder yg dipilih',
+    'File type not supported' => 'Tipe berkas tidak didukung',
     'Directory download not available in current version' => 'Direktori Unduh tidak tersedia di versi ini',
     'Directory not available' => 'Direktori tidak tersedia',
     'Done' => 'Selesai',
@@ -633,21 +633,21 @@ $LANG['id'] = array(
     'YOU ARE COPYING' => 'ANDA MENYALIN',
     'YOU ARE REMOVING' => 'ANDA MENGHAPUS',
     'Delete items' => 'Hapus item',
-    'Copy files' => 'Salin file',
-    'Move files' => 'Pindah file',
+    'Copy files' => 'Salin berkas',
+    'Move files' => 'Pindah berkas',
     'Are you sure you want to copy' => 'Apakah anda yakin ingin menyalin',
     'Are you sure you want to move' => 'Apakah anda yakin ingin memindahkan',
     'Are you sure you want to delete' => 'Aapakah anda Yakin ingin menghapus',
     'into' => 'ke',
-    'existing files will be replaced' => 'file yang sudah ada akan diganti',
+    'existing files will be replaced' => 'berkas yang sudah ada akan diganti',
     'Original name' => 'Nama orisinal',
-    'File' => 'File',
+    'File' => 'Berkas',
     'already exists' => 'sudah ada',
-    'Create file' => 'Buat file',
+    'Create file' => 'Buat berkas',
     'Create directory' => 'Buat direktori',
-    'read by owner' => 'dibaca oleh owner',
-    'write by owner' => 'ditulis oleh owner',
-    'execute/search by owner' => 'eksekusi/cari oleh owner',
+    'read by owner' => 'dibaca oleh pemilik',
+    'write by owner' => 'ditulis oleh pemilik',
+    'execute/search by owner' => 'eksekusi/cari oleh pemilik',
     'read by group' => 'dibaca oleh grup',
     'write by group' => 'ditulis oleh grup',
     'execute/search by group' => 'ekseskusi/cari oleh grup',
@@ -671,30 +671,30 @@ $LANG['id'] = array(
     'Move backward through top menu' => 'Pindah ke sebelumnya lewat menu atas',
     'Move forward through top menu' => 'Pindah ke setelahnya lewat menu atas',
     'Enter focused element' => 'Masuk ke fokus elemen',
-    'Move up through elements list' => 'Move up through elements list',
-    'Move down through elements list' => 'Move down through elements list',
+    'Move up through elements list' => 'Pindah ke atas melalui daftar elemen',
+    'Move down through elements list' => 'Pindah ke bawah melalui daftar elemen',
 
     'Upload' => 'Unggah',
-    'New File' => 'File baru',
+    'New File' => 'Berkas baru',
     'New Folder' => 'Folder baru',
     'Download' => 'Unduh',
     'Archive' => 'Arsip',
-    'Save File (in text editor)' => 'Simpan File (di text editor)',
+    'Save File (in text editor)' => 'Simpan berkas (di penyunting teks)',
     'Close Popup / Cancel' => 'Tutup Popup / Batal',
     'Move Cursor Up' => 'Pindahkan kursor keatas',
     'Move Cursor Down' => 'Pindahkan kursor kebawah',
     'Switch to Left Tab' => 'Pindah ke tab kiri',
     'Switch to Right Tab' => 'Pindah ke tab kanan',
     'Switch Tab' => 'Pindah Tab',
-    'Go to the Top of the File List' => 'Pindah Ke atas dari Daftar File',
-    'Go to the Last File' => 'Pindah File terakhir',
-    'Open File / Enter Directory' => 'Buka File/Masuk ke Direktori',
-    'Edit File' => 'Sunting File',
+    'Go to the Top of the File List' => 'Pindah Ke atas dari Daftar Berkas',
+    'Go to the Last File' => 'Pindah Berkas terakhir',
+    'Open File / Enter Directory' => 'Buka Berkas/Masuk ke Direktori',
+    'Edit File' => 'Sunting Berkas',
     'Go to Parent Directory' => 'Ke Direktori Induk',
-    'Select Current File' => 'Pilih File ini',
-    'Select Bunch of Files' => 'Pilih Bunch of Files',
-    'Add File to the Current Selection' => 'Tambahkan File di Seleksi ini',
-    'Select All Files' => 'Pilih semua file',
+    'Select Current File' => 'Pilih Berkas ini',
+    'Select Bunch of Files' => 'Pilih banyak berkas',
+    'Add File to the Current Selection' => 'Tambahkan Berkas diseleksi ini',
+    'Select All Files' => 'Pilih semua berkas',
     'shortcuts are inspired by magnificent GNU Midnight Commander file manager' =>
         'pintasan terinspirasi oleh magnificent GNU Midnight Commander file manager',
 
@@ -706,7 +706,7 @@ $LANG['id'] = array(
     'Licence Activated' => 'Lisensi telah aktif',
     'Licence Deactivated' => 'Lisensi telah di nonaktifkan',
     'Restrict users so that they cannot use SSH and access only their home directory.' => 'Batasi pengguna agar tidak dapat menggunakan SSH dan hanya dapat mengakses direktori home.',
-    'Browse, copy, edit, view, and retrieve all of your web domain files using fully featured File Manager.' => 'Jelajahi, salin, sunting, lihat dan dapatkan semua file web anda menggunakan File Manager.',
+    'Browse, copy, edit, view, and retrieve all of your web domain files using fully featured File Manager.' => 'Jelajahi, salin, sunting, lihat dan dapatkan semua berkas web anda menggunakan File Manager.',
     'This is a commercial module, you would need to purchace license key to enable it.' => 'Ini modul komersial, anda perlu membayar lisensi untuk mengaktifkannya.',
 
     'Minutes' => 'Permenit',

From ec8631b2d21222956a82ddf623cab87151de81de Mon Sep 17 00:00:00 2001
From: Robin Dirksen 
Date: Tue, 1 Oct 2019 16:28:03 +0200
Subject: [PATCH 0742/2300] Update nl.php

---
 web/inc/i18n/nl.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/inc/i18n/nl.php b/web/inc/i18n/nl.php
index 851fe46d..b5d68ec4 100644
--- a/web/inc/i18n/nl.php
+++ b/web/inc/i18n/nl.php
@@ -758,5 +758,5 @@ $LANG['nl'] = array(
 
     'maximum characters length, including prefix' => 'maximaal %s karakters lang, inclusief prefix',
 
-    'Email Credentials' => 'Email Credentials',
+    'Email Credentials' => 'E-mailreferenties',
 );

From 1fd0078a66b2dbb2cb7e77bdf227d1f2a73d4765 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 1 Oct 2019 21:45:53 +0200
Subject: [PATCH 0743/2300] deb10 dovecot inbox = yes

---
 install/debian/10/dovecot/conf.d/15-mailboxes.conf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/install/debian/10/dovecot/conf.d/15-mailboxes.conf b/install/debian/10/dovecot/conf.d/15-mailboxes.conf
index 7b2bab97..9014bdab 100644
--- a/install/debian/10/dovecot/conf.d/15-mailboxes.conf
+++ b/install/debian/10/dovecot/conf.d/15-mailboxes.conf
@@ -4,6 +4,7 @@
 
 # NOTE: Assumes "namespace inbox" has been defined in 10-mail.conf.
 namespace inbox {
+  inbox = yes
   mailbox Drafts {
     special_use = \Drafts
     auto = subscribe

From f767d140066ea29fb5ac868cca24648043188596 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 1 Oct 2019 21:46:46 +0200
Subject: [PATCH 0744/2300] deb9 dovecot inbox = yes

---
 install/debian/9/dovecot/conf.d/15-mailboxes.conf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/install/debian/9/dovecot/conf.d/15-mailboxes.conf b/install/debian/9/dovecot/conf.d/15-mailboxes.conf
index 7b2bab97..9014bdab 100644
--- a/install/debian/9/dovecot/conf.d/15-mailboxes.conf
+++ b/install/debian/9/dovecot/conf.d/15-mailboxes.conf
@@ -4,6 +4,7 @@
 
 # NOTE: Assumes "namespace inbox" has been defined in 10-mail.conf.
 namespace inbox {
+  inbox = yes
   mailbox Drafts {
     special_use = \Drafts
     auto = subscribe

From 9089595a5276d2f8d643789b838074a0b2158549 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 1 Oct 2019 21:48:09 +0200
Subject: [PATCH 0745/2300] Removing inbox = yes from installer

---
 install/vst-install-debian.sh | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index d72782b2..8283679e 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1192,9 +1192,6 @@ if [ "$dovecot" = 'yes' ]; then
     cp -rf $vestacp/dovecot /etc/
     cp -f $vestacp/logrotate/dovecot /etc/logrotate.d/
     chown -R root:root /etc/dovecot*
-    if [ "$release" -eq 9 ] || [ "$release" -eq 10 ]; then
-        sed -i "s#namespace inbox {#namespace inbox {\n  inbox = yes#" /etc/dovecot/conf.d/15-mailboxes.conf
-    fi
     update-rc.d dovecot defaults
     service dovecot start
     check_result $? "dovecot start failed"

From 4eb6fed51fab6ef6666edfc1377cfc0a2252b34c Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 1 Oct 2019 21:55:31 +0200
Subject: [PATCH 0746/2300] New phpmyadmin version

---
 install/vst-install-debian.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 8283679e..2dba1b91 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1071,7 +1071,7 @@ if [ "$mysql" = 'yes' ]; then
       mkdir /root/phpmyadmin
       mkdir /usr/share/phpmyadmin
       
-      pma_v='4.9.0.1'
+      pma_v='4.9.1'
       echo "(*) Installing phpMyAdmin version v$pma_v..."
 
       cd /root/phpmyadmin

From b625cd51cc788219a5f87a12a7dd4cd4c9afa273 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 2 Oct 2019 12:05:06 +0200
Subject: [PATCH 0747/2300] MultiPHP for DEB8

---
 src/deb/for-download/tools/multi-php-install.sh | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/deb/for-download/tools/multi-php-install.sh b/src/deb/for-download/tools/multi-php-install.sh
index fdf4d17b..24583536 100644
--- a/src/deb/for-download/tools/multi-php-install.sh
+++ b/src/deb/for-download/tools/multi-php-install.sh
@@ -62,6 +62,9 @@ if [ "$inst_repo" -eq 1 ]; then
 press_enter "=== Press enter to install sury.org repo ==============================================================================="
 apt-get -y install apt-transport-https ca-certificates
 wget -nv -O /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg
+if [ $debian_version -eq 8 ]; then
+  sh -c 'echo "deb https://packages.sury.org/php/ jessie main" > /etc/apt/sources.list.d/php.list'
+fi
 if [ $debian_version -eq 9 ]; then
   sh -c 'echo "deb https://packages.sury.org/php/ stretch main" > /etc/apt/sources.list.d/php.list'
 fi

From f0782d1f826e30f00ca888008c8225b13d4b8734 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Thu, 3 Oct 2019 16:15:36 +0200
Subject: [PATCH 0748/2300] Fixing broken autoreply output

Broken in https://github.com/serghey-rodin/vesta/commit/0831a198b86a4760e83c0eaec78d84bab7098e6c#diff-f07da7937954ae08bdb2e7379655ae29
@sergio-nadal
---
 web/edit/mail/index.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/web/edit/mail/index.php b/web/edit/mail/index.php
index e4451fc5..44f122f1 100644
--- a/web/edit/mail/index.php
+++ b/web/edit/mail/index.php
@@ -72,13 +72,14 @@ if ((!empty($_GET['domain'])) && (!empty($_GET['account'])))  {
 
     $v_domain = escapeshellarg($_GET['domain']);
     $v_account = escapeshellarg($_GET['account']);
+    $v_account_without_quotas = $_GET['account'];
 
     // Parse autoreply
     if ( $v_autoreply == 'yes' ) {
         exec (VESTA_CMD."v-list-mail-account-autoreply ".$user." ".$v_domain." ".$v_account." json", $output, $return_var);
         $autoreply_str = json_decode(implode('', $output), true);
         unset($output);
-        $v_autoreply_message = $autoreply_str[$v_account]['MSG'];
+        $v_autoreply_message = $autoreply_str[$v_account_without_quotas]['MSG'];
         $v_autoreply_message=str_replace("\\n", "\n", $v_autoreply_message);
     }
 }

From 9d2ca4b592eb309c93860f2fce5d1e14609a7938 Mon Sep 17 00:00:00 2001
From: David Olsen 
Date: Mon, 7 Oct 2019 10:40:56 +0200
Subject: [PATCH 0749/2300] Only exclude logs folder from root, not in webdata

Restoring should not exclude logs in any folder down the tree. This causes errors when restoring wordpress with certain plugins that have folders named "logs". This change aligns the restore with the backup function https://github.com/serghey-rodin/vesta/blob/master/bin/v-backup-user#L226

You could also omit the exclusion entirely, as this folder you are excluding should never be in the backup.
---
 bin/v-restore-user | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-restore-user b/bin/v-restore-user
index bd3d86bb..c7a5bec3 100755
--- a/bin/v-restore-user
+++ b/bin/v-restore-user
@@ -409,7 +409,7 @@ if [ "$web" != 'no' ] && [ ! -z "$WEB_SYSTEM" ]; then
         chown $user $tmpdir
         chmod u+w $HOMEDIR/$user/web/$domain
         sudo -u $user tar -xzpf $tmpdir/web/$domain/domain_data.tar.gz \
-            -C $HOMEDIR/$user/web/$domain/ --exclude=logs/* \
+            -C $HOMEDIR/$user/web/$domain/ --exclude=./logs/* \
             2> $HOMEDIR/$user/web/$domain/restore_errors.log
         if [ -e "$HOMEDIR/$user/web/$domain/restore_errors.log" ]; then
             chown $user:$user $HOMEDIR/$user/web/$domain/restore_errors.log

From 94ca263036b870bce2af63409e4038e1f5b34147 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Thu, 31 Oct 2019 13:47:52 +0100
Subject: [PATCH 0750/2300] Multi PHP support for PHP 7.4

---
 .../for-download/tools/multi-php-install.sh   | 41 +++++++++++++++++--
 1 file changed, 38 insertions(+), 3 deletions(-)

diff --git a/src/deb/for-download/tools/multi-php-install.sh b/src/deb/for-download/tools/multi-php-install.sh
index 24583536..2de69640 100644
--- a/src/deb/for-download/tools/multi-php-install.sh
+++ b/src/deb/for-download/tools/multi-php-install.sh
@@ -1,12 +1,20 @@
 #!/bin/bash
 
-debian_version=$(cat /etc/debian_version | tr "." "\n" | head -n1)
-inst_repo=0
+#########################################################################
+# First enter 1 below for desired PHP versions and then run this script #
+#########################################################################
+
 inst_56=0
 inst_70=0
 inst_71=0
 inst_72=0
 inst_73=0
+inst_74=0
+
+#######################################################################
+
+inst_repo=0
+debian_version=$(cat /etc/debian_version | tr "." "\n" | head -n1)
 
 if [ $# -gt 0 ]; then
     inst_repo=$1
@@ -26,8 +34,11 @@ fi
 if [ $# -gt 5 ]; then
     inst_73=$6
 fi
+if [ $# -gt 6 ]; then
+    inst_74=$7
+fi
 
-if [ $inst_56 -eq 1 ] || [ $inst_70 -eq 1 ] || [ $inst_71 -eq 1 ] || [ $inst_72 -eq 1 ] || [ $inst_73 -eq 1 ]; then
+if [ $inst_56 -eq 1 ] || [ $inst_70 -eq 1 ] || [ $inst_71 -eq 1 ] || [ $inst_72 -eq 1 ] || [ $inst_73 -eq 1 ] || [ $inst_74 -eq 1 ]; then
     inst_repo=1
 fi
 
@@ -181,3 +192,27 @@ if [ $debian_version -eq 9 ]; then
 fi
 press_enter "=== Press enter to continue ==============================================================================="
 fi
+
+if [ "$inst_74" -eq 1 ]; then
+    press_enter "=== Press enter to install PHP 7.4 ==============================================================================="
+    apt-get -y install php7.4-mbstring php7.4-bcmath php7.4-cli php7.4-curl php7.4-fpm php7.4-gd php7.4-intl php7.4-mysql php7.4-soap php7.4-xml php7.4-zip php7.4-memcache php7.4-memcached
+    update-rc.d php7.4-fpm defaults
+    a2enconf php7.4-fpm
+    systemctl restart apache2
+    cp -r /etc/php/7.4/ /root/vst_install_backups/php7.4/
+    wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-74.stpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-74.stpl
+    wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-74.tpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-74.tpl
+    wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-74.sh -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-74.sh
+    wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-74-public.stpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-74-public.stpl
+    wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-74-public.tpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-74-public.tpl
+    wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-74-public.sh -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-74-public.sh
+    chmod a+x /usr/local/vesta/data/templates/web/apache2/PHP-FPM-74.sh
+    chmod a+x /usr/local/vesta/data/templates/web/apache2/PHP-FPM-74-public.sh
+    if [ $debian_version -eq 9 ]; then
+        cp /etc/php/7.0/apache2/php.ini /etc/php/7.4/fpm/php.ini
+    fi
+    if [ $debian_version -eq 10 ]; then
+        cp /etc/php/7.3/fpm/php.ini /etc/php/7.4/fpm/php.ini
+    fi
+    press_enter "=== Press enter to continue ==============================================================================="
+fi

From 5a57c0911a699e2f11b667c5ea88c85568d07df8 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Thu, 31 Oct 2019 14:06:32 +0100
Subject: [PATCH 0751/2300] Update multi-php-install.sh

---
 src/deb/for-download/tools/multi-php-install.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/deb/for-download/tools/multi-php-install.sh b/src/deb/for-download/tools/multi-php-install.sh
index 2de69640..b309ea08 100644
--- a/src/deb/for-download/tools/multi-php-install.sh
+++ b/src/deb/for-download/tools/multi-php-install.sh
@@ -64,6 +64,7 @@ echo "inst_70=$inst_70"
 echo "inst_71=$inst_71"
 echo "inst_72=$inst_72"
 echo "inst_73=$inst_73"
+echo "inst_74=$inst_74"
 echo "wait_to_press_enter=$wait_to_press_enter"
 
 press_enter "=== Press enter to continue ==============================================================================="

From 2d6887b7257062cead84235f83de993619ec8eeb Mon Sep 17 00:00:00 2001
From: myvesta 
Date: Thu, 31 Oct 2019 14:42:34 +0100
Subject: [PATCH 0752/2300] php-fpm apache templates

---
 .../tools/apache-fpm-tpl/PHP-FPM-56.sh        | 92 +++++++++++++++++++
 .../tools/apache-fpm-tpl/PHP-FPM-56.stpl      | 44 +++++++++
 .../tools/apache-fpm-tpl/PHP-FPM-56.tpl       | 38 ++++++++
 .../tools/apache-fpm-tpl/PHP-FPM-70.sh        | 92 +++++++++++++++++++
 .../tools/apache-fpm-tpl/PHP-FPM-70.stpl      | 44 +++++++++
 .../tools/apache-fpm-tpl/PHP-FPM-70.tpl       | 38 ++++++++
 .../tools/apache-fpm-tpl/PHP-FPM-71.sh        | 92 +++++++++++++++++++
 .../tools/apache-fpm-tpl/PHP-FPM-71.stpl      | 44 +++++++++
 .../tools/apache-fpm-tpl/PHP-FPM-71.tpl       | 38 ++++++++
 .../tools/apache-fpm-tpl/PHP-FPM-72.sh        | 92 +++++++++++++++++++
 .../tools/apache-fpm-tpl/PHP-FPM-72.stpl      | 44 +++++++++
 .../tools/apache-fpm-tpl/PHP-FPM-72.tpl       | 38 ++++++++
 .../tools/apache-fpm-tpl/PHP-FPM-73-public.sh | 92 +++++++++++++++++++
 .../apache-fpm-tpl/PHP-FPM-73-public.stpl     | 44 +++++++++
 .../apache-fpm-tpl/PHP-FPM-73-public.tpl      | 38 ++++++++
 .../tools/apache-fpm-tpl/PHP-FPM-73.sh        | 92 +++++++++++++++++++
 .../tools/apache-fpm-tpl/PHP-FPM-73.stpl      | 44 +++++++++
 .../tools/apache-fpm-tpl/PHP-FPM-73.tpl       | 38 ++++++++
 .../tools/apache-fpm-tpl/PHP-FPM-74-public.sh | 92 +++++++++++++++++++
 .../apache-fpm-tpl/PHP-FPM-74-public.stpl     | 44 +++++++++
 .../apache-fpm-tpl/PHP-FPM-74-public.tpl      | 38 ++++++++
 .../tools/apache-fpm-tpl/PHP-FPM-74.sh        | 92 +++++++++++++++++++
 .../tools/apache-fpm-tpl/PHP-FPM-74.stpl      | 44 +++++++++
 .../tools/apache-fpm-tpl/PHP-FPM-74.tpl       | 38 ++++++++
 24 files changed, 1392 insertions(+)
 create mode 100755 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-56.sh
 create mode 100644 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-56.stpl
 create mode 100644 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-56.tpl
 create mode 100755 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-70.sh
 create mode 100644 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-70.stpl
 create mode 100644 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-70.tpl
 create mode 100755 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-71.sh
 create mode 100644 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-71.stpl
 create mode 100644 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-71.tpl
 create mode 100755 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-72.sh
 create mode 100644 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-72.stpl
 create mode 100644 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-72.tpl
 create mode 100755 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73-public.sh
 create mode 100644 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73-public.stpl
 create mode 100644 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73-public.tpl
 create mode 100755 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73.sh
 create mode 100644 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73.stpl
 create mode 100644 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73.tpl
 create mode 100755 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74-public.sh
 create mode 100644 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74-public.stpl
 create mode 100644 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74-public.tpl
 create mode 100755 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74.sh
 create mode 100644 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74.stpl
 create mode 100644 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74.tpl

diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-56.sh b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-56.sh
new file mode 100755
index 00000000..9ffaadf3
--- /dev/null
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-56.sh
@@ -0,0 +1,92 @@
+#!/bin/bash
+# Adding php pool conf
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+pool_conf="[$2]
+
+listen = /run/php/php5.6-fpm-$2.sock
+listen.owner = $1
+listen.group = $1
+listen.mode = 0666
+
+user = $1
+group = $1
+
+pm = ondemand
+pm.max_children = 16
+request_terminate_timeout = 30s
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/$1/tmp
+php_admin_value[session.save_path] = /home/$1/tmp
+php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
+php_admin_value[upload_max_filesize] = 80M
+php_admin_value[max_execution_time] = 20
+php_admin_value[post_max_size] = 80M
+php_admin_value[memory_limit] = 256M
+php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
+php_admin_flag[mysql.allow_persistent] = off
+php_admin_flag[safe_mode] = off
+
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/$1/tmp
+env[TMPDIR] = /home/$1/tmp
+env[TEMP] = /home/$1/tmp
+"
+
+pool_file_56="/etc/php/5.6/fpm/pool.d/$2.conf"
+pool_file_70="/etc/php/7.0/fpm/pool.d/$2.conf"
+pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
+pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
+pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
+pool_file_74="/etc/php/7.4/fpm/pool.d/$2.conf"
+
+write_file=0
+if [ ! -f "$pool_file_56" ]; then
+  write_file=1
+else
+  user_count=$(grep -c "/home/$1/" $pool_file_56)
+  if [ $user_count -eq 0 ]; then
+    write_file=1
+  fi
+fi
+if [ $write_file -eq 1 ]; then
+    echo "$pool_conf" > $pool_file_56
+    service php5.6-fpm restart
+fi
+if [ -f "/etc/php/5.6/fpm/pool.d/www.conf" ]; then
+    rm /etc/php/5.6/fpm/pool.d/www.conf
+fi
+
+if [ -f "$pool_file_70" ]; then
+    rm $pool_file_70
+    service php7.0-fpm restart
+fi
+
+if [ -f "$pool_file_71" ]; then
+    rm $pool_file_71
+    service php7.1-fpm restart
+fi
+
+if [ -f "$pool_file_72" ]; then
+    rm $pool_file_72
+    service php7.2-fpm restart
+fi
+
+if [ -f "$pool_file_73" ]; then
+    rm $pool_file_73
+    service php7.3-fpm restart
+fi
+
+if [ -f "$pool_file_74" ]; then
+    rm $pool_file_74
+    service php7.4-fpm restart
+fi
+
+exit 0
\ No newline at end of file
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-56.stpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-56.stpl
new file mode 100644
index 00000000..eb5631db
--- /dev/null
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-56.stpl
@@ -0,0 +1,44 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %sdocroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+    
+    
+        AllowOverride All
+        SSLRequireSSL
+        Options +Includes -Indexes +ExecCGI
+	
+    SSLEngine on
+    SSLVerifyClient none
+    SSLCertificateFile %ssl_crt%
+    SSLCertificateKeyFile %ssl_key%
+    %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+#    
+#        RMode config
+#        RUidGid %user% %group%
+#        RGroups www-data
+#    
+#    
+#        AssignUserID %user% %group%
+#    
+
+    
+        SetHandler "proxy:unix:/run/php/php5.6-fpm-%domain%.sock|fcgi://localhost/"
+    
+    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
+
+    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-56.tpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-56.tpl
new file mode 100644
index 00000000..cd4e797d
--- /dev/null
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-56.tpl
@@ -0,0 +1,38 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %docroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+    
+    
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+    
+#    
+#        RMode config
+#        RUidGid %user% %group%
+#        RGroups www-data
+#    
+#    
+#        AssignUserID %user% %group%
+#    
+
+    
+        SetHandler "proxy:unix:/run/php/php5.6-fpm-%domain%.sock|fcgi://localhost/"
+    
+    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
+
+    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-70.sh b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-70.sh
new file mode 100755
index 00000000..7ae49492
--- /dev/null
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-70.sh
@@ -0,0 +1,92 @@
+#!/bin/bash
+# Adding php pool conf
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+pool_conf="[$2]
+
+listen = /run/php/php7.0-fpm-$2.sock
+listen.owner = $1
+listen.group = $1
+listen.mode = 0666
+
+user = $1
+group = $1
+
+pm = ondemand
+pm.max_children = 16
+request_terminate_timeout = 30s
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/$1/tmp
+php_admin_value[session.save_path] = /home/$1/tmp
+php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
+php_admin_value[upload_max_filesize] = 80M
+php_admin_value[max_execution_time] = 20
+php_admin_value[post_max_size] = 80M
+php_admin_value[memory_limit] = 256M
+php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
+php_admin_flag[mysql.allow_persistent] = off
+php_admin_flag[safe_mode] = off
+
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/$1/tmp
+env[TMPDIR] = /home/$1/tmp
+env[TEMP] = /home/$1/tmp
+"
+
+pool_file_56="/etc/php/5.6/fpm/pool.d/$2.conf"
+pool_file_70="/etc/php/7.0/fpm/pool.d/$2.conf"
+pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
+pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
+pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
+pool_file_74="/etc/php/7.4/fpm/pool.d/$2.conf"
+
+if [ -f "$pool_file_56" ]; then
+    rm $pool_file_56
+    service php5.6-fpm restart
+fi
+
+write_file=0
+if [ ! -f "$pool_file_70" ]; then
+  write_file=1
+else
+  user_count=$(grep -c "/home/$1/" $pool_file_70)
+  if [ $user_count -eq 0 ]; then
+    write_file=1
+  fi
+fi
+if [ $write_file -eq 1 ]; then
+    echo "$pool_conf" > $pool_file_70
+    service php7.0-fpm restart
+fi
+if [ -f "/etc/php/7.0/fpm/pool.d/www.conf" ]; then
+    rm /etc/php/7.0/fpm/pool.d/www.conf
+fi
+
+if [ -f "$pool_file_71" ]; then
+    rm $pool_file_71
+    service php7.1-fpm restart
+fi
+
+if [ -f "$pool_file_72" ]; then
+    rm $pool_file_72
+    service php7.2-fpm restart
+fi
+
+if [ -f "$pool_file_73" ]; then
+    rm $pool_file_73
+    service php7.3-fpm restart
+fi
+
+if [ -f "$pool_file_74" ]; then
+    rm $pool_file_74
+    service php7.4-fpm restart
+fi
+
+exit 0
\ No newline at end of file
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-70.stpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-70.stpl
new file mode 100644
index 00000000..38285302
--- /dev/null
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-70.stpl
@@ -0,0 +1,44 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %sdocroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+    
+    
+        AllowOverride All
+        SSLRequireSSL
+        Options +Includes -Indexes +ExecCGI
+	
+    SSLEngine on
+    SSLVerifyClient none
+    SSLCertificateFile %ssl_crt%
+    SSLCertificateKeyFile %ssl_key%
+    %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+#    
+#        RMode config
+#        RUidGid %user% %group%
+#        RGroups www-data
+#    
+#    
+#        AssignUserID %user% %group%
+#    
+
+    
+        SetHandler "proxy:unix:/run/php/php7.0-fpm-%domain%.sock|fcgi://localhost/"
+    
+    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
+
+    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-70.tpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-70.tpl
new file mode 100644
index 00000000..7d30d39c
--- /dev/null
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-70.tpl
@@ -0,0 +1,38 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %docroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+    
+    
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+    
+#    
+#        RMode config
+#        RUidGid %user% %group%
+#        RGroups www-data
+#    
+#    
+#        AssignUserID %user% %group%
+#    
+
+    
+        SetHandler "proxy:unix:/run/php/php7.0-fpm-%domain%.sock|fcgi://localhost/"
+    
+    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
+
+    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-71.sh b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-71.sh
new file mode 100755
index 00000000..72853906
--- /dev/null
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-71.sh
@@ -0,0 +1,92 @@
+#!/bin/bash
+# Adding php pool conf
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+pool_conf="[$2]
+
+listen = /run/php/php7.1-fpm-$2.sock
+listen.owner = $1
+listen.group = $1
+listen.mode = 0666
+
+user = $1
+group = $1
+
+pm = ondemand
+pm.max_children = 16
+request_terminate_timeout = 30s
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/$1/tmp
+php_admin_value[session.save_path] = /home/$1/tmp
+php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
+php_admin_value[upload_max_filesize] = 80M
+php_admin_value[max_execution_time] = 20
+php_admin_value[post_max_size] = 80M
+php_admin_value[memory_limit] = 256M
+php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
+php_admin_flag[mysql.allow_persistent] = off
+php_admin_flag[safe_mode] = off
+
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/$1/tmp
+env[TMPDIR] = /home/$1/tmp
+env[TEMP] = /home/$1/tmp
+"
+
+pool_file_56="/etc/php/5.6/fpm/pool.d/$2.conf"
+pool_file_70="/etc/php/7.0/fpm/pool.d/$2.conf"
+pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
+pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
+pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
+pool_file_74="/etc/php/7.4/fpm/pool.d/$2.conf"
+
+if [ -f "$pool_file_56" ]; then
+    rm $pool_file_56
+    service php5.6-fpm restart
+fi
+
+if [ -f "$pool_file_70" ]; then
+    rm $pool_file_70
+    service php7.0-fpm restart
+fi
+
+write_file=0
+if [ ! -f "$pool_file_71" ]; then
+  write_file=1
+else
+  user_count=$(grep -c "/home/$1/" $pool_file_71)
+  if [ $user_count -eq 0 ]; then
+    write_file=1
+  fi
+fi
+if [ $write_file -eq 1 ]; then
+    echo "$pool_conf" > $pool_file_71
+    service php7.1-fpm restart
+fi
+if [ -f "/etc/php/7.1/fpm/pool.d/www.conf" ]; then
+    rm /etc/php/7.1/fpm/pool.d/www.conf
+fi
+
+if [ -f "$pool_file_72" ]; then
+    rm $pool_file_72
+    service php7.2-fpm restart
+fi
+
+if [ -f "$pool_file_73" ]; then
+    rm $pool_file_73
+    service php7.3-fpm restart
+fi
+
+if [ -f "$pool_file_74" ]; then
+    rm $pool_file_74
+    service php7.4-fpm restart
+fi
+
+exit 0
\ No newline at end of file
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-71.stpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-71.stpl
new file mode 100644
index 00000000..c5d284f7
--- /dev/null
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-71.stpl
@@ -0,0 +1,44 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %sdocroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+    
+    
+        AllowOverride All
+        SSLRequireSSL
+        Options +Includes -Indexes +ExecCGI
+	
+    SSLEngine on
+    SSLVerifyClient none
+    SSLCertificateFile %ssl_crt%
+    SSLCertificateKeyFile %ssl_key%
+    %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+#    
+#        RMode config
+#        RUidGid %user% %group%
+#        RGroups www-data
+#    
+#    
+#        AssignUserID %user% %group%
+#    
+
+    
+        SetHandler "proxy:unix:/run/php/php7.1-fpm-%domain%.sock|fcgi://localhost/"
+    
+    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
+
+    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-71.tpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-71.tpl
new file mode 100644
index 00000000..695b9937
--- /dev/null
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-71.tpl
@@ -0,0 +1,38 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %docroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+    
+    
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+    
+#    
+#        RMode config
+#        RUidGid %user% %group%
+#        RGroups www-data
+#    
+#    
+#        AssignUserID %user% %group%
+#    
+
+    
+        SetHandler "proxy:unix:/run/php/php7.1-fpm-%domain%.sock|fcgi://localhost/"
+    
+    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
+
+    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-72.sh b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-72.sh
new file mode 100755
index 00000000..8322eb88
--- /dev/null
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-72.sh
@@ -0,0 +1,92 @@
+#!/bin/bash
+# Adding php pool conf
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+pool_conf="[$2]
+
+listen = /run/php/php7.2-fpm-$2.sock
+listen.owner = $1
+listen.group = $1
+listen.mode = 0666
+
+user = $1
+group = $1
+
+pm = ondemand
+pm.max_children = 16
+request_terminate_timeout = 30s
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/$1/tmp
+php_admin_value[session.save_path] = /home/$1/tmp
+php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
+php_admin_value[upload_max_filesize] = 80M
+php_admin_value[max_execution_time] = 20
+php_admin_value[post_max_size] = 80M
+php_admin_value[memory_limit] = 256M
+php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
+php_admin_flag[mysql.allow_persistent] = off
+php_admin_flag[safe_mode] = off
+
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/$1/tmp
+env[TMPDIR] = /home/$1/tmp
+env[TEMP] = /home/$1/tmp
+"
+
+pool_file_56="/etc/php/5.6/fpm/pool.d/$2.conf"
+pool_file_70="/etc/php/7.0/fpm/pool.d/$2.conf"
+pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
+pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
+pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
+pool_file_74="/etc/php/7.4/fpm/pool.d/$2.conf"
+
+if [ -f "$pool_file_56" ]; then
+    rm $pool_file_56
+    service php5.6-fpm restart
+fi
+
+if [ -f "$pool_file_70" ]; then
+    rm $pool_file_70
+    service php7.0-fpm restart
+fi
+
+if [ -f "$pool_file_71" ]; then
+    rm $pool_file_71
+    service php7.1-fpm restart
+fi
+
+write_file=0
+if [ ! -f "$pool_file_72" ]; then
+  write_file=1
+else
+  user_count=$(grep -c "/home/$1/" $pool_file_72)
+  if [ $user_count -eq 0 ]; then
+    write_file=1
+  fi
+fi
+if [ $write_file -eq 1 ]; then
+    echo "$pool_conf" > $pool_file_72
+    service php7.2-fpm restart
+fi
+if [ -f "/etc/php/7.2/fpm/pool.d/www.conf" ]; then
+    rm /etc/php/7.2/fpm/pool.d/www.conf
+fi
+
+if [ -f "$pool_file_73" ]; then
+    rm $pool_file_73
+    service php7.3-fpm restart
+fi
+
+if [ -f "$pool_file_74" ]; then
+    rm $pool_file_74
+    service php7.4-fpm restart
+fi
+
+exit 0
\ No newline at end of file
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-72.stpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-72.stpl
new file mode 100644
index 00000000..2b4363b4
--- /dev/null
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-72.stpl
@@ -0,0 +1,44 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %sdocroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+    
+    
+        AllowOverride All
+        SSLRequireSSL
+        Options +Includes -Indexes +ExecCGI
+	
+    SSLEngine on
+    SSLVerifyClient none
+    SSLCertificateFile %ssl_crt%
+    SSLCertificateKeyFile %ssl_key%
+    %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+#    
+#        RMode config
+#        RUidGid %user% %group%
+#        RGroups www-data
+#    
+#    
+#        AssignUserID %user% %group%
+#    
+
+    
+        SetHandler "proxy:unix:/run/php/php7.2-fpm-%domain%.sock|fcgi://localhost/"
+    
+    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
+
+    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-72.tpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-72.tpl
new file mode 100644
index 00000000..be2ca7ae
--- /dev/null
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-72.tpl
@@ -0,0 +1,38 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %docroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+    
+    
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+    
+#    
+#        RMode config
+#        RUidGid %user% %group%
+#        RGroups www-data
+#    
+#    
+#        AssignUserID %user% %group%
+#    
+
+    
+        SetHandler "proxy:unix:/run/php/php7.2-fpm-%domain%.sock|fcgi://localhost/"
+    
+    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
+
+    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73-public.sh b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73-public.sh
new file mode 100755
index 00000000..1cddda74
--- /dev/null
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73-public.sh
@@ -0,0 +1,92 @@
+#!/bin/bash
+# Adding php pool conf
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+pool_conf="[$2]
+
+listen = /run/php/php7.3-fpm-$2.sock
+listen.owner = $1
+listen.group = $1
+listen.mode = 0666
+
+user = $1
+group = $1
+
+pm = ondemand
+pm.max_children = 16
+request_terminate_timeout = 30s
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/$1/tmp
+php_admin_value[session.save_path] = /home/$1/tmp
+php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
+php_admin_value[upload_max_filesize] = 80M
+php_admin_value[max_execution_time] = 20
+php_admin_value[post_max_size] = 80M
+php_admin_value[memory_limit] = 256M
+php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
+php_admin_flag[mysql.allow_persistent] = off
+php_admin_flag[safe_mode] = off
+
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/$1/tmp
+env[TMPDIR] = /home/$1/tmp
+env[TEMP] = /home/$1/tmp
+"
+
+pool_file_56="/etc/php/5.6/fpm/pool.d/$2.conf"
+pool_file_70="/etc/php/7.0/fpm/pool.d/$2.conf"
+pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
+pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
+pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
+pool_file_74="/etc/php/7.4/fpm/pool.d/$2.conf"
+
+if [ -f "$pool_file_56" ]; then
+    rm $pool_file_56
+    service php5.6-fpm restart
+fi
+
+if [ -f "$pool_file_70" ]; then
+    rm $pool_file_70
+    service php7.0-fpm restart
+fi
+
+if [ -f "$pool_file_71" ]; then
+    rm $pool_file_71
+    service php7.1-fpm restart
+fi
+
+if [ -f "$pool_file_72" ]; then
+    rm $pool_file_72
+    service php7.2-fpm restart
+fi
+
+write_file=0
+if [ ! -f "$pool_file_73" ]; then
+  write_file=1
+else
+  user_count=$(grep -c "/home/$1/" $pool_file_73)
+  if [ $user_count -eq 0 ]; then
+    write_file=1
+  fi
+fi
+if [ $write_file -eq 1 ]; then
+    echo "$pool_conf" > $pool_file_73
+    service php7.3-fpm restart
+fi
+if [ -f "/etc/php/7.3/fpm/pool.d/www.conf" ]; then
+    rm /etc/php/7.3/fpm/pool.d/www.conf
+fi
+
+if [ -f "$pool_file_74" ]; then
+    rm $pool_file_74
+    service php7.4-fpm restart
+fi
+
+exit 0
\ No newline at end of file
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73-public.stpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73-public.stpl
new file mode 100644
index 00000000..9660c234
--- /dev/null
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73-public.stpl
@@ -0,0 +1,44 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %sdocroot%/public
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+    
+    
+        AllowOverride All
+        SSLRequireSSL
+        Options +Includes -Indexes +ExecCGI
+	
+    SSLEngine on
+    SSLVerifyClient none
+    SSLCertificateFile %ssl_crt%
+    SSLCertificateKeyFile %ssl_key%
+    %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+#    
+#        RMode config
+#        RUidGid %user% %group%
+#        RGroups www-data
+#    
+#    
+#        AssignUserID %user% %group%
+#    
+
+    
+        SetHandler "proxy:unix:/run/php/php7.3-fpm-%domain%.sock|fcgi://localhost/"
+    
+    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
+
+    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73-public.tpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73-public.tpl
new file mode 100644
index 00000000..892c0d1f
--- /dev/null
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73-public.tpl
@@ -0,0 +1,38 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %docroot%/public
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+    
+    
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+    
+#    
+#        RMode config
+#        RUidGid %user% %group%
+#        RGroups www-data
+#    
+#    
+#        AssignUserID %user% %group%
+#    
+
+    
+        SetHandler "proxy:unix:/run/php/php7.3-fpm-%domain%.sock|fcgi://localhost/"
+    
+    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
+
+    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73.sh b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73.sh
new file mode 100755
index 00000000..1cddda74
--- /dev/null
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73.sh
@@ -0,0 +1,92 @@
+#!/bin/bash
+# Adding php pool conf
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+pool_conf="[$2]
+
+listen = /run/php/php7.3-fpm-$2.sock
+listen.owner = $1
+listen.group = $1
+listen.mode = 0666
+
+user = $1
+group = $1
+
+pm = ondemand
+pm.max_children = 16
+request_terminate_timeout = 30s
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/$1/tmp
+php_admin_value[session.save_path] = /home/$1/tmp
+php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
+php_admin_value[upload_max_filesize] = 80M
+php_admin_value[max_execution_time] = 20
+php_admin_value[post_max_size] = 80M
+php_admin_value[memory_limit] = 256M
+php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
+php_admin_flag[mysql.allow_persistent] = off
+php_admin_flag[safe_mode] = off
+
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/$1/tmp
+env[TMPDIR] = /home/$1/tmp
+env[TEMP] = /home/$1/tmp
+"
+
+pool_file_56="/etc/php/5.6/fpm/pool.d/$2.conf"
+pool_file_70="/etc/php/7.0/fpm/pool.d/$2.conf"
+pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
+pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
+pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
+pool_file_74="/etc/php/7.4/fpm/pool.d/$2.conf"
+
+if [ -f "$pool_file_56" ]; then
+    rm $pool_file_56
+    service php5.6-fpm restart
+fi
+
+if [ -f "$pool_file_70" ]; then
+    rm $pool_file_70
+    service php7.0-fpm restart
+fi
+
+if [ -f "$pool_file_71" ]; then
+    rm $pool_file_71
+    service php7.1-fpm restart
+fi
+
+if [ -f "$pool_file_72" ]; then
+    rm $pool_file_72
+    service php7.2-fpm restart
+fi
+
+write_file=0
+if [ ! -f "$pool_file_73" ]; then
+  write_file=1
+else
+  user_count=$(grep -c "/home/$1/" $pool_file_73)
+  if [ $user_count -eq 0 ]; then
+    write_file=1
+  fi
+fi
+if [ $write_file -eq 1 ]; then
+    echo "$pool_conf" > $pool_file_73
+    service php7.3-fpm restart
+fi
+if [ -f "/etc/php/7.3/fpm/pool.d/www.conf" ]; then
+    rm /etc/php/7.3/fpm/pool.d/www.conf
+fi
+
+if [ -f "$pool_file_74" ]; then
+    rm $pool_file_74
+    service php7.4-fpm restart
+fi
+
+exit 0
\ No newline at end of file
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73.stpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73.stpl
new file mode 100644
index 00000000..28224413
--- /dev/null
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73.stpl
@@ -0,0 +1,44 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %sdocroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+    
+    
+        AllowOverride All
+        SSLRequireSSL
+        Options +Includes -Indexes +ExecCGI
+	
+    SSLEngine on
+    SSLVerifyClient none
+    SSLCertificateFile %ssl_crt%
+    SSLCertificateKeyFile %ssl_key%
+    %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+#    
+#        RMode config
+#        RUidGid %user% %group%
+#        RGroups www-data
+#    
+#    
+#        AssignUserID %user% %group%
+#    
+
+    
+        SetHandler "proxy:unix:/run/php/php7.3-fpm-%domain%.sock|fcgi://localhost/"
+    
+    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
+
+    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73.tpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73.tpl
new file mode 100644
index 00000000..7bec5e73
--- /dev/null
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73.tpl
@@ -0,0 +1,38 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %docroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+    
+    
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+    
+#    
+#        RMode config
+#        RUidGid %user% %group%
+#        RGroups www-data
+#    
+#    
+#        AssignUserID %user% %group%
+#    
+
+    
+        SetHandler "proxy:unix:/run/php/php7.3-fpm-%domain%.sock|fcgi://localhost/"
+    
+    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
+
+    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74-public.sh b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74-public.sh
new file mode 100755
index 00000000..64cbaaf6
--- /dev/null
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74-public.sh
@@ -0,0 +1,92 @@
+#!/bin/bash
+# Adding php pool conf
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+pool_conf="[$2]
+
+listen = /run/php/php7.4-fpm-$2.sock
+listen.owner = $1
+listen.group = $1
+listen.mode = 0666
+
+user = $1
+group = $1
+
+pm = ondemand
+pm.max_children = 16
+request_terminate_timeout = 30s
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/$1/tmp
+php_admin_value[session.save_path] = /home/$1/tmp
+php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
+php_admin_value[upload_max_filesize] = 80M
+php_admin_value[max_execution_time] = 20
+php_admin_value[post_max_size] = 80M
+php_admin_value[memory_limit] = 256M
+php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
+php_admin_flag[mysql.allow_persistent] = off
+php_admin_flag[safe_mode] = off
+
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/$1/tmp
+env[TMPDIR] = /home/$1/tmp
+env[TEMP] = /home/$1/tmp
+"
+
+pool_file_56="/etc/php/5.6/fpm/pool.d/$2.conf"
+pool_file_70="/etc/php/7.0/fpm/pool.d/$2.conf"
+pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
+pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
+pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
+pool_file_74="/etc/php/7.4/fpm/pool.d/$2.conf"
+
+if [ -f "$pool_file_56" ]; then
+    rm $pool_file_56
+    service php5.6-fpm restart
+fi
+
+if [ -f "$pool_file_70" ]; then
+    rm $pool_file_70
+    service php7.0-fpm restart
+fi
+
+if [ -f "$pool_file_71" ]; then
+    rm $pool_file_71
+    service php7.1-fpm restart
+fi
+
+if [ -f "$pool_file_72" ]; then
+    rm $pool_file_72
+    service php7.2-fpm restart
+fi
+
+if [ -f "$pool_file_73" ]; then
+    rm $pool_file_73
+    service php7-3-fpm restart
+fi
+
+write_file=0
+if [ ! -f "$pool_file_74" ]; then
+  write_file=1
+else
+  user_count=$(grep -c "/home/$1/" $pool_file_74)
+  if [ $user_count -eq 0 ]; then
+    write_file=1
+  fi
+fi
+if [ $write_file -eq 1 ]; then
+    echo "$pool_conf" > $pool_file_74
+    service php7.4-fpm restart
+fi
+if [ -f "/etc/php/7.4/fpm/pool.d/www.conf" ]; then
+    rm /etc/php/7.4/fpm/pool.d/www.conf
+fi
+
+exit 0
\ No newline at end of file
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74-public.stpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74-public.stpl
new file mode 100644
index 00000000..fdbc26f9
--- /dev/null
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74-public.stpl
@@ -0,0 +1,44 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %sdocroot%/public
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+    
+    
+        AllowOverride All
+        SSLRequireSSL
+        Options +Includes -Indexes +ExecCGI
+	
+    SSLEngine on
+    SSLVerifyClient none
+    SSLCertificateFile %ssl_crt%
+    SSLCertificateKeyFile %ssl_key%
+    %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+#    
+#        RMode config
+#        RUidGid %user% %group%
+#        RGroups www-data
+#    
+#    
+#        AssignUserID %user% %group%
+#    
+
+    
+        SetHandler "proxy:unix:/run/php/php7.4-fpm-%domain%.sock|fcgi://localhost/"
+    
+    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
+
+    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74-public.tpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74-public.tpl
new file mode 100644
index 00000000..614f20c3
--- /dev/null
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74-public.tpl
@@ -0,0 +1,38 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %docroot%/public
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+    
+    
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+    
+#    
+#        RMode config
+#        RUidGid %user% %group%
+#        RGroups www-data
+#    
+#    
+#        AssignUserID %user% %group%
+#    
+
+    
+        SetHandler "proxy:unix:/run/php/php7.4-fpm-%domain%.sock|fcgi://localhost/"
+    
+    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
+
+    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74.sh b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74.sh
new file mode 100755
index 00000000..64cbaaf6
--- /dev/null
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74.sh
@@ -0,0 +1,92 @@
+#!/bin/bash
+# Adding php pool conf
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+pool_conf="[$2]
+
+listen = /run/php/php7.4-fpm-$2.sock
+listen.owner = $1
+listen.group = $1
+listen.mode = 0666
+
+user = $1
+group = $1
+
+pm = ondemand
+pm.max_children = 16
+request_terminate_timeout = 30s
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/$1/tmp
+php_admin_value[session.save_path] = /home/$1/tmp
+php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
+php_admin_value[upload_max_filesize] = 80M
+php_admin_value[max_execution_time] = 20
+php_admin_value[post_max_size] = 80M
+php_admin_value[memory_limit] = 256M
+php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
+php_admin_flag[mysql.allow_persistent] = off
+php_admin_flag[safe_mode] = off
+
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/$1/tmp
+env[TMPDIR] = /home/$1/tmp
+env[TEMP] = /home/$1/tmp
+"
+
+pool_file_56="/etc/php/5.6/fpm/pool.d/$2.conf"
+pool_file_70="/etc/php/7.0/fpm/pool.d/$2.conf"
+pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
+pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
+pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
+pool_file_74="/etc/php/7.4/fpm/pool.d/$2.conf"
+
+if [ -f "$pool_file_56" ]; then
+    rm $pool_file_56
+    service php5.6-fpm restart
+fi
+
+if [ -f "$pool_file_70" ]; then
+    rm $pool_file_70
+    service php7.0-fpm restart
+fi
+
+if [ -f "$pool_file_71" ]; then
+    rm $pool_file_71
+    service php7.1-fpm restart
+fi
+
+if [ -f "$pool_file_72" ]; then
+    rm $pool_file_72
+    service php7.2-fpm restart
+fi
+
+if [ -f "$pool_file_73" ]; then
+    rm $pool_file_73
+    service php7-3-fpm restart
+fi
+
+write_file=0
+if [ ! -f "$pool_file_74" ]; then
+  write_file=1
+else
+  user_count=$(grep -c "/home/$1/" $pool_file_74)
+  if [ $user_count -eq 0 ]; then
+    write_file=1
+  fi
+fi
+if [ $write_file -eq 1 ]; then
+    echo "$pool_conf" > $pool_file_74
+    service php7.4-fpm restart
+fi
+if [ -f "/etc/php/7.4/fpm/pool.d/www.conf" ]; then
+    rm /etc/php/7.4/fpm/pool.d/www.conf
+fi
+
+exit 0
\ No newline at end of file
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74.stpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74.stpl
new file mode 100644
index 00000000..df607247
--- /dev/null
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74.stpl
@@ -0,0 +1,44 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %sdocroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+    
+    
+        AllowOverride All
+        SSLRequireSSL
+        Options +Includes -Indexes +ExecCGI
+	
+    SSLEngine on
+    SSLVerifyClient none
+    SSLCertificateFile %ssl_crt%
+    SSLCertificateKeyFile %ssl_key%
+    %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+#    
+#        RMode config
+#        RUidGid %user% %group%
+#        RGroups www-data
+#    
+#    
+#        AssignUserID %user% %group%
+#    
+
+    
+        SetHandler "proxy:unix:/run/php/php7.4-fpm-%domain%.sock|fcgi://localhost/"
+    
+    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
+
+    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74.tpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74.tpl
new file mode 100644
index 00000000..7b6e2cb5
--- /dev/null
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74.tpl
@@ -0,0 +1,38 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %docroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+    
+    
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+    
+#    
+#        RMode config
+#        RUidGid %user% %group%
+#        RGroups www-data
+#    
+#    
+#        AssignUserID %user% %group%
+#    
+
+    
+        SetHandler "proxy:unix:/run/php/php7.4-fpm-%domain%.sock|fcgi://localhost/"
+    
+    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
+
+    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+

From 8983b418def56b1540e44111038326527cc08729 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Thu, 31 Oct 2019 14:52:23 +0100
Subject: [PATCH 0753/2300] Copy tools folder to c subdomain

---
 src/deb/vesta_compile.sh | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/deb/vesta_compile.sh b/src/deb/vesta_compile.sh
index 4cbde785..3ee3c74f 100644
--- a/src/deb/vesta_compile.sh
+++ b/src/deb/vesta_compile.sh
@@ -301,6 +301,9 @@ if [ "$CWEB_B" = true ]; then
   echo "=== All done"
   
   cp /root/vesta/install/vst-install-debian.sh $PATH_OF_C_WEB_FOLDER_ROOT/vst-install-debian.sh
+  
+  mkdir $PATH_OF_C_WEB_FOLDER_ROOT/tools
+  cp -rf /root/vesta/src/deb/for-download/tools/* $PATH_OF_C_WEB_FOLDER_ROOT/tools
 fi
 
 #################################################################################

From 72c1aa3830f516c0df68fee0add2c356d1d7ed09 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Thu, 31 Oct 2019 14:57:17 +0100
Subject: [PATCH 0754/2300] Moved tpls to official c subdomain

---
 .../for-download/tools/multi-php-install.sh   | 48 +++++++++----------
 1 file changed, 24 insertions(+), 24 deletions(-)

diff --git a/src/deb/for-download/tools/multi-php-install.sh b/src/deb/for-download/tools/multi-php-install.sh
index b309ea08..e76d5ba0 100644
--- a/src/deb/for-download/tools/multi-php-install.sh
+++ b/src/deb/for-download/tools/multi-php-install.sh
@@ -101,9 +101,9 @@ a2enconf php5.6-fpm
 systemctl restart apache2
 cp -r /etc/php/5.6/ /root/vst_install_backups/php5.6/
 # rm -f /etc/php/5.6/fpm/pool.d/*
-wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-56.stpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-56.stpl
-wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-56.tpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-56.tpl
-wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-56.sh -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-56.sh
+wget -nv https://c.myvestacp.com/tools/apache-fpm-tpl/PHP-FPM-56.stpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-56.stpl
+wget -nv https://c.myvestacp.com/tools/apache-fpm-tpl/PHP-FPM-56.tpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-56.tpl
+wget -nv https://c.myvestacp.com/tools/apache-fpm-tpl/PHP-FPM-56.sh -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-56.sh
 chmod a+x /usr/local/vesta/data/templates/web/apache2/PHP-FPM-56.sh
 patch -p1 --directory=/ < /root/vesta-temp-dl/vesta/patch/php5-deb9.patch
 press_enter "=== Press enter to continue ==============================================================================="
@@ -117,9 +117,9 @@ a2enconf php7.0-fpm
 systemctl restart apache2
 cp -r /etc/php/7.0/ /root/vst_install_backups/php7.0/
 # rm -f /etc/php/7.0/fpm/pool.d/*
-wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-70.stpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-70.stpl
-wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-70.tpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-70.tpl
-wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-70.sh -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-70.sh
+wget -nv https://c.myvestacp.com/tools/apache-fpm-tpl/PHP-FPM-70.stpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-70.stpl
+wget -nv https://c.myvestacp.com/tools/apache-fpm-tpl/PHP-FPM-70.tpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-70.tpl
+wget -nv https://c.myvestacp.com/tools/apache-fpm-tpl/PHP-FPM-70.sh -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-70.sh
 chmod a+x /usr/local/vesta/data/templates/web/apache2/PHP-FPM-70.sh
 if [ $debian_version -eq 9 ]; then
   cp /etc/php/7.0/apache2/php.ini /etc/php/7.0/fpm/php.ini
@@ -138,9 +138,9 @@ a2enconf php7.1-fpm
 systemctl restart apache2
 cp -r /etc/php/7.1/ /root/vst_install_backups/php7.1/
 # rm -f /etc/php/7.1/fpm/pool.d/*
-wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-71.stpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-71.stpl
-wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-71.tpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-71.tpl
-wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-71.sh -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-71.sh
+wget -nv https://c.myvestacp.com/tools/apache-fpm-tpl/PHP-FPM-71.stpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-71.stpl
+wget -nv https://c.myvestacp.com/tools/apache-fpm-tpl/PHP-FPM-71.tpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-71.tpl
+wget -nv https://c.myvestacp.com/tools/apache-fpm-tpl/PHP-FPM-71.sh -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-71.sh
 chmod a+x /usr/local/vesta/data/templates/web/apache2/PHP-FPM-71.sh
 if [ $debian_version -eq 9 ]; then
   cp /etc/php/7.0/apache2/php.ini /etc/php/7.1/fpm/php.ini
@@ -159,9 +159,9 @@ a2enconf php7.2-fpm
 systemctl restart apache2
 cp -r /etc/php/7.2/ /root/vst_install_backups/php7.2/
 # rm -f /etc/php/7.2/fpm/pool.d/*
-wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-72.stpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-72.stpl
-wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-72.tpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-72.tpl
-wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-72.sh -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-72.sh
+wget -nv https://c.myvestacp.com/tools/apache-fpm-tpl/PHP-FPM-72.stpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-72.stpl
+wget -nv https://c.myvestacp.com/tools/apache-fpm-tpl/PHP-FPM-72.tpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-72.tpl
+wget -nv https://c.myvestacp.com/tools/apache-fpm-tpl/PHP-FPM-72.sh -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-72.sh
 chmod a+x /usr/local/vesta/data/templates/web/apache2/PHP-FPM-72.sh
 if [ $debian_version -eq 9 ]; then
   cp /etc/php/7.0/apache2/php.ini /etc/php/7.2/fpm/php.ini
@@ -180,12 +180,12 @@ a2enconf php7.3-fpm
 systemctl restart apache2
 cp -r /etc/php/7.3/ /root/vst_install_backups/php7.3/
 # rm -f /etc/php/7.3/fpm/pool.d/*
-wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-73.stpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-73.stpl
-wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-73.tpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-73.tpl
-wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-73.sh -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-73.sh
-wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-73-public.stpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-73-public.stpl
-wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-73-public.tpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-73-public.tpl
-wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-73-public.sh -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-73-public.sh
+wget -nv https://c.myvestacp.com/tools/apache-fpm-tpl/PHP-FPM-73.stpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-73.stpl
+wget -nv https://c.myvestacp.com/tools/apache-fpm-tpl/PHP-FPM-73.tpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-73.tpl
+wget -nv https://c.myvestacp.com/tools/apache-fpm-tpl/PHP-FPM-73.sh -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-73.sh
+wget -nv https://c.myvestacp.com/tools/apache-fpm-tpl/PHP-FPM-73-public.stpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-73-public.stpl
+wget -nv https://c.myvestacp.com/tools/apache-fpm-tpl/PHP-FPM-73-public.tpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-73-public.tpl
+wget -nv https://c.myvestacp.com/tools/apache-fpm-tpl/PHP-FPM-73-public.sh -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-73-public.sh
 chmod a+x /usr/local/vesta/data/templates/web/apache2/PHP-FPM-73.sh
 chmod a+x /usr/local/vesta/data/templates/web/apache2/PHP-FPM-73-public.sh
 if [ $debian_version -eq 9 ]; then
@@ -201,12 +201,12 @@ if [ "$inst_74" -eq 1 ]; then
     a2enconf php7.4-fpm
     systemctl restart apache2
     cp -r /etc/php/7.4/ /root/vst_install_backups/php7.4/
-    wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-74.stpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-74.stpl
-    wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-74.tpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-74.tpl
-    wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-74.sh -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-74.sh
-    wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-74-public.stpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-74-public.stpl
-    wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-74-public.tpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-74-public.tpl
-    wget -nv http://dl.mycity.tech/vesta/php-fpm-tpl/PHP-FPM-74-public.sh -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-74-public.sh
+    wget -nv https://c.myvestacp.com/tools/apache-fpm-tpl/PHP-FPM-74.stpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-74.stpl
+    wget -nv https://c.myvestacp.com/tools/apache-fpm-tpl/PHP-FPM-74.tpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-74.tpl
+    wget -nv https://c.myvestacp.com/tools/apache-fpm-tpl/PHP-FPM-74.sh -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-74.sh
+    wget -nv https://c.myvestacp.com/tools/apache-fpm-tpl/PHP-FPM-74-public.stpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-74-public.stpl
+    wget -nv https://c.myvestacp.com/tools/apache-fpm-tpl/PHP-FPM-74-public.tpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-74-public.tpl
+    wget -nv https://c.myvestacp.com/tools/apache-fpm-tpl/PHP-FPM-74-public.sh -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-74-public.sh
     chmod a+x /usr/local/vesta/data/templates/web/apache2/PHP-FPM-74.sh
     chmod a+x /usr/local/vesta/data/templates/web/apache2/PHP-FPM-74-public.sh
     if [ $debian_version -eq 9 ]; then

From ef8151bd81a3b47b864a567ac076e9459f3eacaf Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Thu, 31 Oct 2019 15:12:24 +0100
Subject: [PATCH 0755/2300] Temporary removing php7.4-memcached

---
 src/deb/for-download/tools/multi-php-install.sh | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/deb/for-download/tools/multi-php-install.sh b/src/deb/for-download/tools/multi-php-install.sh
index e76d5ba0..69184ced 100644
--- a/src/deb/for-download/tools/multi-php-install.sh
+++ b/src/deb/for-download/tools/multi-php-install.sh
@@ -196,7 +196,8 @@ fi
 
 if [ "$inst_74" -eq 1 ]; then
     press_enter "=== Press enter to install PHP 7.4 ==============================================================================="
-    apt-get -y install php7.4-mbstring php7.4-bcmath php7.4-cli php7.4-curl php7.4-fpm php7.4-gd php7.4-intl php7.4-mysql php7.4-soap php7.4-xml php7.4-zip php7.4-memcache php7.4-memcached
+    apt-get -y install php7.4-mbstring php7.4-bcmath php7.4-cli php7.4-curl php7.4-fpm php7.4-gd php7.4-intl php7.4-mysql php7.4-soap php7.4-xml php7.4-zip
+    # php7.4-memcache php7.4-memcached
     update-rc.d php7.4-fpm defaults
     a2enconf php7.4-fpm
     systemctl restart apache2

From 0461f03644d94a50e3dfa0ced90bb4ab506be731 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Thu, 7 Nov 2019 20:55:03 +0100
Subject: [PATCH 0756/2300] Removing old PHP sessions files

---
 install/vst-install-debian.sh | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 2dba1b91..31d57359 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1590,6 +1590,9 @@ fi
 echo "MAX_DBUSER_LEN=80" >> $VESTA/conf/vesta.conf
 echo "================================================================"
 
+# Removing old PHP sessions files
+crontab -l | { cat; echo "10 2 * * 6 sudo find /home/*/tmp/ -type f -mtime +5 -exec rm {} \;"; } | crontab -
+
 #----------------------------------------------------------#
 #                   Vesta Access Info                      #
 #----------------------------------------------------------#

From 2e6a660b59c6385aced01bea31a4cbcd750735cb Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Thu, 7 Nov 2019 21:02:08 +0100
Subject: [PATCH 0757/2300] Update postinst

---
 src/deb/vesta/postinst | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index 93dfad7e..093447ea 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -17,4 +17,6 @@ if [ "$check_apt" -eq 1 ]; then
     echo "deb http://apt.myvestacp.com/$codename/ $codename vesta" > /etc/apt/sources.list.d/vesta.list
 fi
 
+crontab -l | { cat; echo "10 2 * * 6 sudo find /home/*/tmp/ -type f -mtime +5 -exec rm {} \;"; } | crontab -
+
 exit 0

From 40f8c5c5c77768a452c2d84a6bf8fa916d950b17 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Wed, 13 Nov 2019 14:13:31 +0100
Subject: [PATCH 0758/2300] apparmor fix

---
 install/vst-install-debian.sh | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 31d57359..aa0d4e6a 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1137,7 +1137,9 @@ if [ "$named" = 'yes' ]; then
     chmod 640 /etc/bind/named.conf
     aa-complain /usr/sbin/named 2>/dev/null
     if [ "$apparmor" = 'yes' ]; then
-      echo "/home/** rwm," >> /etc/apparmor.d/local/usr.sbin.named 2>/dev/null
+      # echo "/home/** rwm," >> /etc/apparmor.d/local/usr.sbin.named 2>/dev/null
+      sed -i "s#/etc/bind/\*\* rw,#/etc/bind/\*\* rw,\n  /home/\*\* rwm,#g" /etc/apparmor.d/usr.sbin.named
+      sed -i "s#/etc/bind/\*\* r,#/etc/bind/\*\* rw,\n  /home/\*\* rwm,#g" /etc/apparmor.d/usr.sbin.named
       service apparmor status >/dev/null 2>&1
       if [ $? -ne 0 ]; then
           service apparmor restart

From 818745df1b1aea18a00f2c3015c382d788b22c83 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Thu, 14 Nov 2019 12:44:11 +0100
Subject: [PATCH 0759/2300] Support for longer username of email accounts

---
 func/main.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/func/main.sh b/func/main.sh
index dd9d81b8..8c46895c 100644
--- a/func/main.sh
+++ b/func/main.sh
@@ -525,7 +525,7 @@ is_user_format_valid() {
             check_result $E_INVALID "invalid $2 format :: $1"
         fi
     else
-        if ! [[ "$1" =~ ^[[:alnum:]][-|\.|_[:alnum:]]{0,28}[[:alnum:]]$ ]]
+        if ! [[ "$1" =~ ^[[:alnum:]][-|\.|_[:alnum:]]{0,64}[[:alnum:]]$ ]]
             then
             check_result $E_INVALID "invalid $2 format :: $1"
         fi

From d4332cafc875e2eecd96cfb724130105403b8099 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 15 Nov 2019 14:29:14 +0100
Subject: [PATCH 0760/2300] clamav-freshclam notification fix

---
 src/deb/vesta/postinst | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index 093447ea..efadbc8b 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -19,4 +19,10 @@ fi
 
 crontab -l | { cat; echo "10 2 * * 6 sudo find /home/*/tmp/ -type f -mtime +5 -exec rm {} \;"; } | crontab -
 
+touch /var/lib/clamav/clamd.sock
+chown clamav:clamav /var/lib/clamav/clamd.sock
+sed -i "s#/var/run/clamav/clamd.ctl#/var/lib/clamav/clamd.sock#g" /etc/clamav/clamd.conf
+systemctl restart clamav-daemon
+systemctl restart clamav-freshclam
+
 exit 0

From 63c364d2a319aff8344dbb418b202479b16a35ae Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 15 Nov 2019 14:31:28 +0100
Subject: [PATCH 0761/2300] New clamd.sock (deb10)

---
 install/debian/10/clamav/clamd.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/debian/10/clamav/clamd.conf b/install/debian/10/clamav/clamd.conf
index c636b6d3..10ebbac3 100644
--- a/install/debian/10/clamav/clamd.conf
+++ b/install/debian/10/clamav/clamd.conf
@@ -1,7 +1,7 @@
 #Automatically Generated by clamav-base postinst
 #To reconfigure clamd run #dpkg-reconfigure clamav-base
 #Please read /usr/share/doc/clamav-base/README.Debian.gz for details
-LocalSocket /var/run/clamav/clamd.ctl
+LocalSocket /var/lib/clamav/clamd.sock
 FixStaleSocket true
 LocalSocketGroup clamav
 LocalSocketMode 666

From c58c43dfc4d97cd0ea51d35241a2058b8b5f48f5 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 15 Nov 2019 14:32:36 +0100
Subject: [PATCH 0762/2300] New clamd.sock (deb9)

---
 install/debian/9/clamav/clamd.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/debian/9/clamav/clamd.conf b/install/debian/9/clamav/clamd.conf
index 3fe6454f..84c4807e 100644
--- a/install/debian/9/clamav/clamd.conf
+++ b/install/debian/9/clamav/clamd.conf
@@ -1,7 +1,7 @@
 #Automatically Generated by clamav-base postinst
 #To reconfigure clamd run #dpkg-reconfigure clamav-base
 #Please read /usr/share/doc/clamav-base/README.Debian.gz for details
-LocalSocket /var/run/clamav/clamd.ctl
+LocalSocket /var/lib/clamav/clamd.sock
 FixStaleSocket true
 LocalSocketGroup clamav
 LocalSocketMode 666

From 14b1bdf78ad90228b17d2cabc86e76bc7d22ccdc Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 15 Nov 2019 14:33:33 +0100
Subject: [PATCH 0763/2300] New clamd.sock (deb8)

---
 install/debian/8/clamav/clamd.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/debian/8/clamav/clamd.conf b/install/debian/8/clamav/clamd.conf
index 3fe6454f..84c4807e 100644
--- a/install/debian/8/clamav/clamd.conf
+++ b/install/debian/8/clamav/clamd.conf
@@ -1,7 +1,7 @@
 #Automatically Generated by clamav-base postinst
 #To reconfigure clamd run #dpkg-reconfigure clamav-base
 #Please read /usr/share/doc/clamav-base/README.Debian.gz for details
-LocalSocket /var/run/clamav/clamd.ctl
+LocalSocket /var/lib/clamav/clamd.sock
 FixStaleSocket true
 LocalSocketGroup clamav
 LocalSocketMode 666

From b2701563a60652083d4ebab8e6fe0a355b48aac5 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 15 Nov 2019 14:39:07 +0100
Subject: [PATCH 0764/2300] clamav installer notification fix

---
 install/vst-install-debian.sh | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index aa0d4e6a..b08d60b8 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1208,6 +1208,8 @@ if [ "$clamd" = 'yes' ]; then
     gpasswd -a clamav mail
     gpasswd -a clamav Debian-exim
     cp -f $vestacp/clamav/clamd.conf /etc/clamav/
+    touch /var/lib/clamav/clamd.sock
+    chown clamav:clamav /var/lib/clamav/clamd.sock
     /usr/bin/freshclam
     update-rc.d clamav-daemon defaults
     if [ ! -d "/var/run/clamav" ]; then

From 0620dd094d273ebe2c52e7eecd051c0f4751d756 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 15 Nov 2019 14:44:43 +0100
Subject: [PATCH 0765/2300] Version up

---
 src/deb/latest.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/latest.txt b/src/deb/latest.txt
index 6d1b9e6c..1d217a32 100644
--- a/src/deb/latest.txt
+++ b/src/deb/latest.txt
@@ -1 +1 @@
-vesta-0.9.8-25
+vesta-0.9.8-26-2

From 6f5fff279080724ce3919513cafc91831943a18d Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 15 Nov 2019 14:45:42 +0100
Subject: [PATCH 0766/2300] Version up

---
 src/deb/vesta/control | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/vesta/control b/src/deb/vesta/control
index 0cb5f67d..ebe0fa5c 100644
--- a/src/deb/vesta/control
+++ b/src/deb/vesta/control
@@ -1,7 +1,7 @@
 Source: vesta
 Package: vesta
 Priority: optional
-Version: 0.9.8-26
+Version: 0.9.8-26-2
 Section: admin
 Maintainer: Predrag Damnjanovic 
 Homepage: http://myvestacp.com

From 9d4d002bd3afd7edd719cbcac000408efdf3b2f5 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 15 Nov 2019 15:18:41 +0100
Subject: [PATCH 0767/2300] Support for sub-release

---
 bin/v-list-sys-vesta-updates | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/bin/v-list-sys-vesta-updates b/bin/v-list-sys-vesta-updates
index 62e2013b..69fcf9f8 100755
--- a/bin/v-list-sys-vesta-updates
+++ b/bin/v-list-sys-vesta-updates
@@ -78,6 +78,10 @@ else
     ARCH=$(echo "$dpkg_data"|grep Architecture |cut -f 2 -d ' ')
     VERSION=$(echo "$dpkg_data"|grep ^Version |cut -f 2 -d ' '|cut -f 1 -d \-)
     RELEASE=$(echo "$dpkg_data"|grep ^Version |cut -f 2 -d ' '|cut -f 2 -d \-)
+    SUBRELEASE=$(echo "$dpkg_data"|grep ^Version |cut -f 2 -d ' '|cut -f 3 -d \-)
+    if [ ! -z "$SUBRELEASE" ]; then
+        RELEASE="$RELEASE-$SUBRELEASE"
+    fi
     DATE=$(date -d @$pkg_date +"%F")
     TIME=$(date -d @$pkg_date +"%T")
 fi

From 4eb2e6a7bac88b50deca6fd6aa63b3ecdcdf9498 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 15 Nov 2019 15:34:15 +0100
Subject: [PATCH 0768/2300] Better check if session cron already added

---
 src/deb/vesta/postinst | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index efadbc8b..cd650c1f 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -17,7 +17,12 @@ if [ "$check_apt" -eq 1 ]; then
     echo "deb http://apt.myvestacp.com/$codename/ $codename vesta" > /etc/apt/sources.list.d/vesta.list
 fi
 
-crontab -l | { cat; echo "10 2 * * 6 sudo find /home/*/tmp/ -type f -mtime +5 -exec rm {} \;"; } | crontab -
+
+check_cron=$(grep -c '6 sudo find /home/' /var/spool/cron/crontabs/root)
+if [ "$check_cron" -eq 0 ]; then
+    crontab -l | { cat; echo "10 2 * * 6 sudo find /home/*/tmp/ -type f -mtime +5 -exec rm {} \;"; } | crontab -
+fi
+
 
 touch /var/lib/clamav/clamd.sock
 chown clamav:clamav /var/lib/clamav/clamd.sock

From fe0746ec2806e7c841e02b381d3f6a0022add4b0 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 15 Nov 2019 15:54:44 +0100
Subject: [PATCH 0769/2300] Info about nameservers

---
 install/vst-install-debian.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index b08d60b8..f36a7aa1 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1534,6 +1534,7 @@ if [ "$host_ip" != "$ip" ]; then
     echo "***** PROBLEM: Hostname $servername is not pointing to your server (IP address $ip)"
     echo "Without pointing your hostname to your IP, LetsEncrypt SSL will not be generated for your server hostname."
     echo "Try to setup an A record in your DNS, pointing your hostname $servername to IP address $ip and then press ENTER."
+    echo "(or register ns1.$servername and ns2.$servername as DNS Nameservers and put those Nameservers on $servername domain)"
     echo "If we detect that hostname is still not pointing to your IP, installer will not add LetsEncrypt SSL certificate to your hosting panel (unsigned SSL will be used instead)."
     read -p "To force to try anyway to add LetsEncrypt, press f and then ENTER." answer
     host_ip=$(host $servername | head -n 1 | awk '{print $NF}')

From 776975ac02bf2b898efd7422c9466135a5cef716 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 26 Nov 2019 21:43:14 +0100
Subject: [PATCH 0770/2300] clamd.sock fix for exim

---
 src/deb/vesta/postinst | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index cd650c1f..97a9400e 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -27,6 +27,7 @@ fi
 touch /var/lib/clamav/clamd.sock
 chown clamav:clamav /var/lib/clamav/clamd.sock
 sed -i "s#/var/run/clamav/clamd.ctl#/var/lib/clamav/clamd.sock#g" /etc/clamav/clamd.conf
+sed -i "s#/var/run/clamav/clamd.ctl#/var/lib/clamav/clamd.sock#g" /etc/exim4/exim4.conf.template
 systemctl restart clamav-daemon
 systemctl restart clamav-freshclam
 

From 471b77f9be187ac8e5f5ef57538e6ad01755227e Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 26 Nov 2019 21:44:03 +0100
Subject: [PATCH 0771/2300] Version up

---
 src/deb/vesta/control | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/vesta/control b/src/deb/vesta/control
index ebe0fa5c..f2dfd9ce 100644
--- a/src/deb/vesta/control
+++ b/src/deb/vesta/control
@@ -1,7 +1,7 @@
 Source: vesta
 Package: vesta
 Priority: optional
-Version: 0.9.8-26-2
+Version: 0.9.8-26-3
 Section: admin
 Maintainer: Predrag Damnjanovic 
 Homepage: http://myvestacp.com

From 43a9c7544591eaff38bae4922b0dfeb7786e7d25 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 26 Nov 2019 21:44:54 +0100
Subject: [PATCH 0772/2300] Version up

---
 src/deb/latest.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/latest.txt b/src/deb/latest.txt
index 1d217a32..0ac75b61 100644
--- a/src/deb/latest.txt
+++ b/src/deb/latest.txt
@@ -1 +1 @@
-vesta-0.9.8-26-2
+vesta-0.9.8-26-3

From 6663edc11306f326c71ad92e34313643d15a7075 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 26 Nov 2019 21:46:51 +0100
Subject: [PATCH 0773/2300] update postinst

---
 src/deb/vesta/postinst | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index 97a9400e..bca5865c 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -30,5 +30,6 @@ sed -i "s#/var/run/clamav/clamd.ctl#/var/lib/clamav/clamd.sock#g" /etc/clamav/cl
 sed -i "s#/var/run/clamav/clamd.ctl#/var/lib/clamav/clamd.sock#g" /etc/exim4/exim4.conf.template
 systemctl restart clamav-daemon
 systemctl restart clamav-freshclam
+systemctl restart exim4
 
 exit 0

From f6a8bb073f07ae1d0ce8372a5c091bdc5a8759c9 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 26 Nov 2019 21:49:16 +0100
Subject: [PATCH 0774/2300] clamd.sock fix exim4 deb10

---
 install/debian/10/exim/exim4.conf.template | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/debian/10/exim/exim4.conf.template b/install/debian/10/exim/exim4.conf.template
index 12b41e40..c1f285ea 100644
--- a/install/debian/10/exim/exim4.conf.template
+++ b/install/debian/10/exim/exim4.conf.template
@@ -30,7 +30,7 @@ spamd_address = 127.0.0.1 783
 .endif
 
 .ifdef CLAMD
-av_scanner = clamd: /var/run/clamav/clamd.ctl
+av_scanner = clamd: /var/lib/clamav/clamd.sock
 .endif
 
 tls_advertise_hosts = *

From 07731f93bbf9c63833168dde6bdfb300c13501e7 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 26 Nov 2019 21:51:41 +0100
Subject: [PATCH 0775/2300] exim4 clamd.sock fix deb9

---
 install/debian/9/exim/exim4.conf.template | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/debian/9/exim/exim4.conf.template b/install/debian/9/exim/exim4.conf.template
index 12b41e40..c1f285ea 100644
--- a/install/debian/9/exim/exim4.conf.template
+++ b/install/debian/9/exim/exim4.conf.template
@@ -30,7 +30,7 @@ spamd_address = 127.0.0.1 783
 .endif
 
 .ifdef CLAMD
-av_scanner = clamd: /var/run/clamav/clamd.ctl
+av_scanner = clamd: /var/lib/clamav/clamd.sock
 .endif
 
 tls_advertise_hosts = *

From ef3b9529bac236fb3a06914ae1da3a9509379005 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 26 Nov 2019 21:53:14 +0100
Subject: [PATCH 0776/2300] exim4 clamd.sock fix deb8

---
 install/debian/8/exim/exim4.conf.template | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/debian/8/exim/exim4.conf.template b/install/debian/8/exim/exim4.conf.template
index 12b41e40..c1f285ea 100644
--- a/install/debian/8/exim/exim4.conf.template
+++ b/install/debian/8/exim/exim4.conf.template
@@ -30,7 +30,7 @@ spamd_address = 127.0.0.1 783
 .endif
 
 .ifdef CLAMD
-av_scanner = clamd: /var/run/clamav/clamd.ctl
+av_scanner = clamd: /var/lib/clamav/clamd.sock
 .endif
 
 tls_advertise_hosts = *

From e9cd93e3f753daeabba575e3a63351b793aff865 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Mon, 16 Dec 2019 21:23:12 +0100
Subject: [PATCH 0777/2300] exim-without-limits

---
 .../exim-without-limits/exim4.conf.template   | 387 ++++++++++++++++++
 1 file changed, 387 insertions(+)
 create mode 100644 src/deb/for-download/tools/exim-without-limits/exim4.conf.template

diff --git a/src/deb/for-download/tools/exim-without-limits/exim4.conf.template b/src/deb/for-download/tools/exim-without-limits/exim4.conf.template
new file mode 100644
index 00000000..a973039f
--- /dev/null
+++ b/src/deb/for-download/tools/exim-without-limits/exim4.conf.template
@@ -0,0 +1,387 @@
+######################################################################
+#                                                                    #
+#          Exim configuration file for Vesta Control Panel           #
+#                                                                    #
+######################################################################
+
+#SPAMASSASSIN = yes
+#SPAM_SCORE = 50
+#CLAMD =  yes
+
+disable_ipv6=true
+add_environment=<; PATH=/bin:/usr/bin
+keep_environment=
+
+domainlist local_domains = dsearch;/etc/exim4/domains/
+domainlist relay_to_domains = dsearch;/etc/exim4/domains/
+hostlist relay_from_hosts = 127.0.0.1
+hostlist whitelist = net-iplsearch;/etc/exim4/white-blocks.conf
+hostlist spammers = net-iplsearch;/etc/exim4/spam-blocks.conf
+no_local_from_check
+untrusted_set_sender = *
+acl_smtp_connect = acl_check_spammers
+acl_smtp_mail = acl_check_mail
+acl_smtp_rcpt = acl_check_rcpt
+acl_smtp_data = acl_check_data
+acl_smtp_mime = acl_check_mime
+
+.ifdef SPAMASSASSIN
+spamd_address = 127.0.0.1 783
+.endif
+
+.ifdef CLAMD
+av_scanner = clamd: /var/lib/clamav/clamd.sock
+.endif
+
+tls_advertise_hosts = *
+tls_certificate = /usr/local/vesta/ssl/certificate.crt
+tls_privatekey = /usr/local/vesta/ssl/certificate.key
+
+daemon_smtp_ports = 25 : 465 : 587 : 2525
+tls_on_connect_ports = 465
+never_users = root
+host_lookup = *
+rfc1413_hosts = *
+rfc1413_query_timeout = 0s
+ignore_bounce_errors_after = 2d
+timeout_frozen_after = 7d
+
+DKIM_DOMAIN = ${lc:${domain:$h_from:}}
+DKIM_FILE = /etc/exim4/domains/${lc:${domain:$h_from:}}/dkim.pem
+DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}
+
+
+
+######################################################################
+#                       ACL CONFIGURATION                            #
+#         Specifies access control lists for incoming SMTP mail      #
+######################################################################
+
+begin acl
+
+acl_check_spammers:
+  accept  hosts         = +whitelist
+
+  drop    message       = Your host in blacklist on this server.
+          log_message   = Host in blacklist
+          hosts         = +spammers
+
+  accept
+
+
+acl_check_mail:
+  deny    condition     = ${if eq{$sender_helo_name}{}}
+          message       = HELO required before MAIL
+
+  drop    message       = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid
+          condition     = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}}
+          condition     = ${if match{${lc:$sender_host_name}}{.telenor.rs}{false}{true}}
+          condition     = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}}
+          delay         = 45s
+
+  drop    condition     = ${if isip{$sender_helo_name}}
+          message       = Access denied - Invalid HELO name (See RFC2821 4.1.3)
+
+  drop    condition     = ${if eq{[$interface_address]}{$sender_helo_name}}
+          message       = $interface_address is _my_ address
+
+  accept
+
+
+acl_check_rcpt:
+  accept  hosts         = :
+
+  deny    message       = Restricted characters in address
+          domains       = +local_domains
+          local_parts   = ^[.] : ^.*[@%!/|]
+
+  deny    message       = Restricted characters in address
+          domains       = !+local_domains
+          local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
+
+  require verify        = sender
+
+  accept  hosts         = +relay_from_hosts
+          control       = submission
+
+  accept  authenticated = *
+          control       = submission/domain=
+
+  deny    message       = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
+          hosts         = !+whitelist
+          dnslists      = ${readfile {/etc/exim4/dnsbl.conf}{:}}
+
+  require message       = relay not permitted
+          domains       = +local_domains : +relay_to_domains
+
+  deny    message       = smtp auth requried
+         sender_domains = +local_domains
+         !authenticated = *
+
+  require verify        = recipient
+
+.ifdef CLAMD
+  warn    set acl_m0    = no
+
+  warn    condition     = ${if exists {/etc/exim4/domains/$domain/antivirus}{yes}{no}}
+          set acl_m0    = yes
+.endif
+
+.ifdef SPAMASSASSIN
+  warn    set acl_m1    = no
+
+  warn    condition     = ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}}
+          set acl_m1    = yes
+.endif
+
+  accept
+
+
+acl_check_data:
+
+  deny senders = /etc/exim4/deny_senders
+
+.ifdef CLAMD
+  deny   message        = Message contains a virus ($malware_name) and has been rejected
+         malware        = */defer_ok
+         condition      = ${if eq{$acl_m0}{yes}{yes}{no}}
+.endif
+
+.ifdef SPAMASSASSIN
+  warn   !authenticated = *
+         hosts          = !+relay_from_hosts
+         condition      = ${if < {$message_size}{100K}}
+         condition      = ${if eq{$acl_m1}{yes}{yes}{no}}
+         spam           = nobody:true/defer_ok
+         add_header     = X-Spam-Score: $spam_score_int
+         add_header     = X-Spam-Bar: $spam_bar
+         add_header     = X-Spam-Report: $spam_report
+         set acl_m2     = $spam_score_int
+
+  warn   condition      = ${if !eq{$acl_m2}{} {yes}{no}}
+         condition      = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}}
+         add_header     = X-Spam-Status: Yes
+         message        = SpamAssassin detected spam (from $sender_address to $recipients).
+.endif
+
+  accept
+
+
+acl_check_mime:
+  deny   message        = Blacklisted file extension detected
+         condition      = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh|\.jar)$\N}{1}{0}}
+
+  accept
+
+
+
+######################################################################
+#                   AUTHENTICATION CONFIGURATION                     #
+######################################################################
+begin authenticators
+
+dovecot_plain:
+  driver = dovecot
+  public_name = PLAIN
+  server_socket = /var/run/dovecot/auth-client
+  server_set_id = $auth1
+
+dovecot_login:
+  driver = dovecot
+  public_name = LOGIN
+  server_socket = /var/run/dovecot/auth-client
+  server_set_id = $auth1
+
+
+
+######################################################################
+#                      ROUTERS CONFIGURATION                         #
+#               Specifies how addresses are handled                  #
+######################################################################
+begin routers
+
+#smarthost:
+#  driver = manualroute
+#  domains = ! +local_domains
+#  transport = remote_smtp
+#  route_list = * smartrelay.vestacp.com
+#  no_more
+#  no_verify
+
+dnslookup:
+  driver = dnslookup
+  domains = !+local_domains
+  transport = remote_smtp
+  no_more
+
+localuser_spam:
+  driver = accept
+  transport = local_spam_delivery
+  condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{yes}{no_such_user}}}}
+
+userforward:
+  driver = redirect
+  check_local_user
+  file = $home/.forward
+  allow_filter
+  no_verify
+  no_expn
+  check_ancestor
+  file_transport = address_file
+  pipe_transport = address_pipe
+  reply_transport = address_reply
+
+procmail:
+  driver = accept
+  check_local_user
+  require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail
+  transport = procmail
+  no_verify
+
+autoreplay:
+  driver = accept
+  require_files = /etc/exim4/domains/$domain/autoreply.${local_part}.msg
+  condition = ${if exists{/etc/exim4/domains/$domain/autoreply.${local_part}.msg}{yes}{no}}
+  retry_use_local_part
+  transport = userautoreply
+  unseen
+
+aliases:
+  driver = redirect
+  headers_add = X-redirected: yes
+  data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}}
+  require_files = /etc/exim4/domains/$domain/aliases
+  redirect_router = dnslookup
+  pipe_transport = address_pipe
+  unseen
+
+localuser_fwd_only:
+  driver = accept
+  transport = devnull
+  condition = ${if exists{/etc/exim4/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/fwd_only}{true}{false}}}}
+
+localuser:
+  driver = accept
+  transport = local_delivery
+  condition = ${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{true}{false}}
+
+catchall:
+  driver = redirect
+  headers_add = X-redirected: yes
+  require_files = /etc/exim4/domains/$domain/aliases
+  data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}}
+  file_transport = local_delivery
+  redirect_router = dnslookup
+
+terminate_alias:
+  driver = accept
+  transport = devnull
+  condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}{true}{false}}
+
+
+
+######################################################################
+#                      TRANSPORTS CONFIGURATION                      #
+######################################################################
+begin transports
+
+remote_smtp:
+  driver = smtp
+  #helo_data = $sender_address_domain
+  dkim_domain = DKIM_DOMAIN
+  dkim_selector = mail
+  dkim_private_key = DKIM_PRIVATE_KEY
+  dkim_canon = relaxed
+  dkim_strict = 0
+
+procmail:
+  driver = pipe
+  command = "/usr/bin/procmail -d $local_part"
+  return_path_add
+  delivery_date_add
+  envelope_to_add
+  user = $local_part
+  initgroups
+  return_output
+
+local_delivery:
+  driver = appendfile
+  maildir_format
+  maildir_use_size_file
+  user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}
+  group = mail
+  create_directory
+  directory_mode = 770
+  mode = 660
+  use_lockfile = no
+  delivery_date_add
+  envelope_to_add
+  return_path_add
+  directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part"
+  quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M
+  quota_warn_threshold = 75%
+
+local_spam_delivery:
+  driver = appendfile
+  maildir_format
+  maildir_use_size_file
+  user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}
+  group = mail
+  create_directory
+  directory_mode = 770
+  mode = 660
+  use_lockfile = no
+  delivery_date_add
+  envelope_to_add
+  return_path_add
+  directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam"
+  quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M
+  quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part"
+  quota_warn_threshold = 75%
+
+address_pipe:
+  driver = pipe
+  return_output
+
+address_file:
+  driver = appendfile
+  delivery_date_add
+  envelope_to_add
+  return_path_add
+
+address_reply:
+  driver = autoreply
+
+userautoreply:
+  driver = autoreply
+  file = /etc/exim4/domains/$domain/autoreply.${local_part}.msg
+  from = "${local_part}@${domain}"
+  headers = Content-Type: text/plain; charset=utf-8;\nContent-Transfer-Encoding: 8bit
+  subject = "${if def:h_Subject: {Autoreply: \"${rfc2047:$h_Subject:}\"} {Autoreply Message}}"
+  to = "${sender_address}"
+
+devnull:
+  driver = appendfile
+  file = /dev/null
+
+
+
+######################################################################
+#                      RETRY CONFIGURATION                           #
+######################################################################
+begin retry
+
+# Address or Domain    Error       Retries
+# -----------------    -----       -------
+*                      *           F,2h,15m; G,16h,1h,1.5; F,4d,6h
+
+
+
+######################################################################
+#                      REWRITE CONFIGURATION                         #
+######################################################################
+begin rewrite
+
+
+
+######################################################################

From 56ccb71ea80eedcb384a18e0aafea400ea40910c Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 29 Dec 2019 20:08:42 +0100
Subject: [PATCH 0778/2300] Removing xml from proxy extensions list

---
 web/templates/admin/add_web.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/templates/admin/add_web.html b/web/templates/admin/add_web.html
index 236e47fa..8130fe20 100644
--- a/web/templates/admin/add_web.html
+++ b/web/templates/admin/add_web.html
@@ -114,7 +114,7 @@
                                     
                                     
                                         
-                                            <?php if (!empty($v_proxy_ext)) { echo htmlentities(trim($v_proxy_ext, "'"));} else { echo 'jpeg, jpg, png, gif, bmp, ico, svg, tif, tiff, css, js, ttf, otf, webp, txt, csv, rtf, doc, docx, xls, xlsx, ppt, pptx, odf, odp, ods, odt, pdf, psd, ai, eot, eps, ps, zip, tar, tgz, gz, rar, bz2, 7z, aac, m4a, mp3, mp4, ogg, wav, wma, 3gp, avi, flv, m4v, mkv, mov, mp4, mpeg, mpg, wmv, exe, iso, dmg, swf, woff, woff2, xml'; }  ?>
+                                            <?php if (!empty($v_proxy_ext)) { echo htmlentities(trim($v_proxy_ext, "'"));} else { echo 'jpeg, jpg, png, gif, bmp, ico, svg, tif, tiff, css, js, ttf, otf, webp, txt, csv, rtf, doc, docx, xls, xlsx, ppt, pptx, odf, odp, ods, odt, pdf, psd, ai, eot, eps, ps, zip, tar, tgz, gz, rar, bz2, 7z, aac, m4a, mp3, mp4, ogg, wav, wma, 3gp, avi, flv, m4v, mkv, mov, mp4, mpeg, mpg, wmv, exe, iso, dmg, swf, woff, woff2'; }  ?>
                                         
                                     
                                 

From 1d84e8bfcde820921b30cc8aa2512f829961cb6e Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 29 Dec 2019 20:10:18 +0100
Subject: [PATCH 0779/2300] Removing xml from proxy extensions list

---
 install/vst-install-debian.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index f36a7aa1..f9d43752 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1439,7 +1439,7 @@ if [ "$release" -eq 10 ]; then
     sed -i "/max_execution_time/c\php_admin_value[max_execution_time] = 900" /etc/php/7.3/fpm/pool.d/$servername.conf
     service php7.3-fpm restart
     ln -s /var/lib/roundcube /var/lib/roundcube/webmail
-    /usr/local/vesta/bin/v-change-web-domain-proxy-tpl 'admin' "$servername" 'hosting-webmail-phpmyadmin' 'jpg,jpeg,gif,png,ico,svg,css,zip,tgz,gz,rar,bz2,doc,xls,exe,pdf,ppt,txt,odt,ods,odp,odf,tar,wav,bmp,rtf,js,mp3,avi,mpeg,flv,woff,woff2,xml' 'no'
+    /usr/local/vesta/bin/v-change-web-domain-proxy-tpl 'admin' "$servername" 'hosting-webmail-phpmyadmin' 'jpg,jpeg,gif,png,ico,svg,css,zip,tgz,gz,rar,bz2,doc,xls,exe,pdf,ppt,txt,odt,ods,odp,odf,tar,wav,bmp,rtf,js,mp3,avi,mpeg,flv,woff,woff2' 'no'
   fi
 fi
 

From f68edcb5c1cb4e902f30c1e0129f8be6623d8023 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 29 Dec 2019 20:13:10 +0100
Subject: [PATCH 0780/2300] Removing xml from proxy extensions list

---
 bin/v-add-web-domain | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-add-web-domain b/bin/v-add-web-domain
index 8e7daf35..b3d80de3 100755
--- a/bin/v-add-web-domain
+++ b/bin/v-add-web-domain
@@ -137,7 +137,7 @@ if [ ! -z "$PROXY_SYSTEM" ]; then
     if [ -z "$proxy_ext" ]; then
         PROXY_EXT="jpg,jpeg,gif,png,ico,svg,css,zip,tgz,gz,rar,bz2,doc,xls"
         PROXY_EXT="$PROXY_EXT,exe,pdf,ppt,txt,odt,ods,odp,odf,tar,wav,bmp"
-        PROXY_EXT="$PROXY_EXT,rtf,js,mp3,avi,mpeg,flv,woff,woff2,xml"
+        PROXY_EXT="$PROXY_EXT,rtf,js,mp3,avi,mpeg,flv,woff,woff2"
     fi
     add_web_config "$PROXY_SYSTEM" "$PROXY_TEMPLATE.tpl"
 fi

From e9afaa1bacaf5043acad024b7de8131011ec5a16 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 29 Dec 2019 20:16:00 +0100
Subject: [PATCH 0781/2300] Removing xml from proxy extensions list

---
 bin/v-add-web-domain-proxy | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-add-web-domain-proxy b/bin/v-add-web-domain-proxy
index f9ff4142..330fa677 100755
--- a/bin/v-add-web-domain-proxy
+++ b/bin/v-add-web-domain-proxy
@@ -14,7 +14,7 @@
 user=$1
 domain=$2
 template=$3
-default_extentions="jpg,jpeg,gif,png,ico,svg,css,zip,tgz,gz,rar,bz2,doc,xls,exe,pdf,ppt,txt,odt,ods,odp,odf,tar,wav,bmp,rtf,js,mp3,avi,mpeg,flv,woff,woff2,xml"
+default_extentions="jpg,jpeg,gif,png,ico,svg,css,zip,tgz,gz,rar,bz2,doc,xls,exe,pdf,ppt,txt,odt,ods,odp,odf,tar,wav,bmp,rtf,js,mp3,avi,mpeg,flv,woff,woff2"
 extentions=${4-$default_extentions}
 restart="$5"
 

From 19a0812367559cc358af5b6f2ab26096f6e61591 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 29 Dec 2019 20:17:41 +0100
Subject: [PATCH 0782/2300] Removing xml from proxy extensions list

---
 bin/v-change-web-domain-proxy-tpl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-change-web-domain-proxy-tpl b/bin/v-change-web-domain-proxy-tpl
index 36c09843..93f67723 100755
--- a/bin/v-change-web-domain-proxy-tpl
+++ b/bin/v-change-web-domain-proxy-tpl
@@ -14,7 +14,7 @@ user=$1
 domain=$2
 domain_idn=$2
 template=$3
-default_extentions="jpg,jpeg,gif,png,ico,svg,css,zip,tgz,gz,rar,bz2,doc,xls,exe,pdf,ppt,txt,odt,ods,odp,odf,tar,wav,bmp,rtf,js,mp3,avi,mpeg,flv,woff,woff2,xml"
+default_extentions="jpg,jpeg,gif,png,ico,svg,css,zip,tgz,gz,rar,bz2,doc,xls,exe,pdf,ppt,txt,odt,ods,odp,odf,tar,wav,bmp,rtf,js,mp3,avi,mpeg,flv,woff,woff2"
 extentions=${4-$default_extentions}
 restart="$5"
 

From 1bdd8dd6b140bb7b5b8bdcaa091bd84d3a56ad4c Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 31 Dec 2019 17:35:53 +0100
Subject: [PATCH 0783/2300] Allow mail symlink to HDD

---
 bin/v-add-mail-domain | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/bin/v-add-mail-domain b/bin/v-add-mail-domain
index 6681035f..7c9dbc36 100755
--- a/bin/v-add-mail-domain
+++ b/bin/v-add-mail-domain
@@ -45,7 +45,16 @@ is_object_valid 'user' 'USER' "$user"
 is_object_unsuspended 'user' 'USER' "$user"
 is_domain_new 'mail' "$domain"
 is_package_full 'MAIL_DOMAINS'
-is_dir_symlink $HOMEDIR/$user/mail
+# Allow mail symlink to HDD
+check_symlink=1
+symlink=$(readlink $HOMEDIR/$user/mail)
+if [ "$symlink" = "/hdd/home/$user/mail" ]; then
+    check_symlink=0
+fi
+
+if [ $check_symlink -eq 1 ]; then
+    is_dir_symlink $HOMEDIR/$user/mail
+fi
 
 
 #----------------------------------------------------------#

From b4da32ef5463b1a1150c4dcaf4b5ba2de9965a99 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Thu, 2 Jan 2020 18:48:19 +0100
Subject: [PATCH 0784/2300] Turning off MariaDB SQL strict mode

---
 install/debian/10/mysql/my-small.cnf | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/install/debian/10/mysql/my-small.cnf b/install/debian/10/mysql/my-small.cnf
index 26a80478..bd53770b 100644
--- a/install/debian/10/mysql/my-small.cnf
+++ b/install/debian/10/mysql/my-small.cnf
@@ -37,4 +37,6 @@ wait_timeout=10
 interactive_timeout=50
 long_query_time=5
 
+sql_mode=ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION
+
 !includedir /etc/mysql/conf.d/

From 70d699c5aaf7fe751ceaebc440182fc300b44f69 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Thu, 2 Jan 2020 18:49:15 +0100
Subject: [PATCH 0785/2300] Turning off MariaDB SQL strict mode

---
 install/debian/10/mysql/my-medium.cnf | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/install/debian/10/mysql/my-medium.cnf b/install/debian/10/mysql/my-medium.cnf
index 1c10ab9a..3aa8fe22 100644
--- a/install/debian/10/mysql/my-medium.cnf
+++ b/install/debian/10/mysql/my-medium.cnf
@@ -37,4 +37,6 @@ wait_timeout=10
 interactive_timeout=50
 long_query_time=5
 
+sql_mode=ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION
+
 !includedir /etc/mysql/conf.d/

From 515ceb2160cada9ae770a7be280088ea259089b8 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Thu, 2 Jan 2020 18:54:59 +0100
Subject: [PATCH 0786/2300] Turning off MariaDB SQL strict mode

---
 install/debian/10/mysql/my-large.cnf | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/install/debian/10/mysql/my-large.cnf b/install/debian/10/mysql/my-large.cnf
index d0bab390..febfda66 100644
--- a/install/debian/10/mysql/my-large.cnf
+++ b/install/debian/10/mysql/my-large.cnf
@@ -39,4 +39,6 @@ wait_timeout=10
 interactive_timeout=50
 long_query_time=5
 
+sql_mode=ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION
+
 !includedir /etc/mysql/conf.d/

From 3ab4bcf6e8bbdf29b9bfc063d9a7fcc849bb9037 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 4 Jan 2020 14:04:00 +0100
Subject: [PATCH 0787/2300] Create install-softaculous.sh

---
 .../for-download/tools/install-softaculous.sh | 29 +++++++++++++++++++
 1 file changed, 29 insertions(+)
 create mode 100644 src/deb/for-download/tools/install-softaculous.sh

diff --git a/src/deb/for-download/tools/install-softaculous.sh b/src/deb/for-download/tools/install-softaculous.sh
new file mode 100644
index 00000000..23e2c728
--- /dev/null
+++ b/src/deb/for-download/tools/install-softaculous.sh
@@ -0,0 +1,29 @@
+#!/bin/bash
+
+if [ -f "/usr/local/vesta/web/inc/login_url.php" ]; then
+    mv /usr/local/vesta/web/inc/login_url.php /usr/local/vesta/web/inc/login_url.php-bak
+fi
+
+source /etc/profile
+PATH=$PATH:/usr/local/vesta/bin && export PATH
+
+sed -i '/SOFTACULOUS/d' /usr/local/vesta/conf/vesta.conf
+
+rm -rf /var/softaculous/
+rm -rf /usr/local/vesta/softaculous/
+rm -rf /usr/local/vesta/web/softaculous/
+
+apt update
+
+apt install --reinstall vesta-php
+
+apt install --reinstall vesta-ioncube vesta-softaculous
+
+service vesta stop
+service vesta start
+
+/usr/local/vesta/bin/v-add-vesta-softaculous
+
+if [ -f "/usr/local/vesta/web/inc/login_url.php-bak" ]; then
+    mv /usr/local/vesta/web/inc/login_url.php-bak /usr/local/vesta/web/inc/login_url.php
+fi

From 2dc2fe5682b5155237203225f697e6b2958651a1 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 4 Jan 2020 14:35:10 +0100
Subject: [PATCH 0788/2300] Update install-softaculous.sh

---
 src/deb/for-download/tools/install-softaculous.sh | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/deb/for-download/tools/install-softaculous.sh b/src/deb/for-download/tools/install-softaculous.sh
index 23e2c728..ba586930 100644
--- a/src/deb/for-download/tools/install-softaculous.sh
+++ b/src/deb/for-download/tools/install-softaculous.sh
@@ -27,3 +27,8 @@ service vesta start
 if [ -f "/usr/local/vesta/web/inc/login_url.php-bak" ]; then
     mv /usr/local/vesta/web/inc/login_url.php-bak /usr/local/vesta/web/inc/login_url.php
 fi
+
+echo "=== Softaculous installation done ==="
+echo "Wait for about 5 minutes so softaculous-cron download all packages."
+echo "You can check if it is still downloading packages by running command:"
+echo 'ps -Af | grep "cron.php"  | grep -v "grep"'

From 71e59e50097fc87838017ab67798d6bf92b02bf0 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 4 Jan 2020 14:59:20 +0100
Subject: [PATCH 0789/2300] Update postinst

---
 src/deb/nginx/postinst | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/deb/nginx/postinst b/src/deb/nginx/postinst
index 82b7c290..cd330afb 100755
--- a/src/deb/nginx/postinst
+++ b/src/deb/nginx/postinst
@@ -9,3 +9,6 @@ fi
 # Touch and set permisions on default log files on installation
 update-rc.d vesta defaults >/dev/null
 invoke-rc.d vesta start || true
+
+service vesta stop
+service vesta start

From 96f7a4f480ffb0361ff22966c72711e39f56453f Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 4 Jan 2020 15:06:06 +0100
Subject: [PATCH 0790/2300] Update postinst

---
 src/deb/nginx/postinst | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/deb/nginx/postinst b/src/deb/nginx/postinst
index cd330afb..8563d2aa 100755
--- a/src/deb/nginx/postinst
+++ b/src/deb/nginx/postinst
@@ -10,5 +10,6 @@ fi
 update-rc.d vesta defaults >/dev/null
 invoke-rc.d vesta start || true
 
+echo "=== Restarting vesta ==="
 service vesta stop
 service vesta start

From 1a71d90e9a7ac40498ffc4df221ed65bb9485598 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 4 Jan 2020 15:17:45 +0100
Subject: [PATCH 0791/2300] Update vesta_compile.sh

---
 src/deb/vesta_compile.sh | 19 ++++++++++---------
 1 file changed, 10 insertions(+), 9 deletions(-)

diff --git a/src/deb/vesta_compile.sh b/src/deb/vesta_compile.sh
index 3ee3c74f..8dd05711 100644
--- a/src/deb/vesta_compile.sh
+++ b/src/deb/vesta_compile.sh
@@ -9,10 +9,10 @@ add_deb_to_apt_repo=0
 
 TARGET_DEB_NAME='buster'
 TARGET_DEB_VER='10'
-VESTA_VER='0.9.8-25'
+VESTA_VER='0.9.8-26-4'
 
 run_apt_update_and_install=1
-wait_to_press_enter=1
+wait_to_press_enter=0
 
 ###############
 # Note: first run --apt before turning add_deb_to_apt_repo=1
@@ -30,7 +30,7 @@ if [ $# -gt 4 ]; then
     add_deb_to_apt_repo=$5
 fi
 
-MAINTAINER_EMAIL='predrag@myvestacp.com'
+MAINTAINER_EMAIL='predrag@hostingpanel.dev'
 
 TARGET_DEB_NAME_MAIN='buster'
 TARGET_DEB_VER_MAIN='10'
@@ -53,8 +53,8 @@ PATH_OF_APT_REPO="$PATH_OF_APT_REPO_ROOT/$TARGET_DEB_NAME"
 
 # Set Version for compiling
 VESTA_V=$VESTA_VER"_amd64"
-NGINX_V='1.17.3'
-OPENSSL_V='1.1.1c'
+NGINX_V='1.17.7'
+OPENSSL_V='1.1.1d'
 PCRE_V='8.43'
 ZLIB_V='1.2.11'
 PHP_V='5.6.40'
@@ -420,7 +420,7 @@ if [ "$PHP_B" = true ]; then
     
     BUILDING_NOW=0
     # Check if target directory exist
-    if [ ! -d "$BUILD_DIR/php-$PHP_V" ] || [ ! -d "$INSTALL_DIR/nginx" ]; then
+    if [ ! -d "$BUILD_DIR/php-$PHP_V" ]; then
       BUILDING_NOW=1
       
       echo "=== Download and unpack source files"
@@ -430,7 +430,7 @@ if [ "$PHP_B" = true ]; then
       echo "=== Change to php directory php-$PHP_V"
       cd php-$PHP_V
       
-      press_enter "=== Press enter to continue ==============================================================================="
+      press_enter "=== Press enter to configure PHP ==============================================================================="
       
       echo "=== Configure PHP"
       ./configure --prefix=$INSTALL_DIR/php \
@@ -441,14 +441,15 @@ if [ "$PHP_B" = true ]; then
                   --with-mysql \
                   --with-mysqli \
                   --with-curl \
-                  --enable-mbstring
+                  --enable-mbstring \
+				  --with-mysql-sock=/var/run/mysqld/mysqld.sock
       
       # Check install directory and remove if exists
       if [ -d $INSTALL_DIR/php ]; then
           rm -rf $INSTALL_DIR/php
       fi
     
-      press_enter "=== Press enter to create the files and install them ==============================================================================="
+      press_enter "=== Press enter to compile PHP ==============================================================================="
       
       make && make install
       

From 430cdd41ff41220c1c048e578eb15c2118fa792d Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 4 Jan 2020 15:19:49 +0100
Subject: [PATCH 0792/2300] Update vesta_compile.sh

---
 src/deb/vesta_compile.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/deb/vesta_compile.sh b/src/deb/vesta_compile.sh
index 8dd05711..1140f1a6 100644
--- a/src/deb/vesta_compile.sh
+++ b/src/deb/vesta_compile.sh
@@ -12,7 +12,7 @@ TARGET_DEB_VER='10'
 VESTA_VER='0.9.8-26-4'
 
 run_apt_update_and_install=1
-wait_to_press_enter=0
+wait_to_press_enter=1
 
 ###############
 # Note: first run --apt before turning add_deb_to_apt_repo=1
@@ -30,7 +30,7 @@ if [ $# -gt 4 ]; then
     add_deb_to_apt_repo=$5
 fi
 
-MAINTAINER_EMAIL='predrag@hostingpanel.dev'
+MAINTAINER_EMAIL='predrag@myvestacp.com'
 
 TARGET_DEB_NAME_MAIN='buster'
 TARGET_DEB_VER_MAIN='10'

From 2106a46d62e81ca54ddc822590b687cf6c9dd851 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 4 Jan 2020 21:30:54 +0100
Subject: [PATCH 0793/2300] Update postinst

---
 src/deb/nginx/postinst | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/deb/nginx/postinst b/src/deb/nginx/postinst
index 8563d2aa..a5733266 100755
--- a/src/deb/nginx/postinst
+++ b/src/deb/nginx/postinst
@@ -10,6 +10,11 @@ fi
 update-rc.d vesta defaults >/dev/null
 invoke-rc.d vesta start || true
 
+# Run triggers only on updates
+if [ ! -e "/usr/local/vesta/data/users/admin" ]; then
+    exit
+fi
+
 echo "=== Restarting vesta ==="
 service vesta stop
 service vesta start

From 436669607e0979f396348c63784d3384b24b145a Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 5 Jan 2020 15:54:54 +0100
Subject: [PATCH 0794/2300] Allow softaculous in secure_login

---
 web/inc/secure_login.php | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/web/inc/secure_login.php b/web/inc/secure_login.php
index 7ab32ae0..0b0b2993 100644
--- a/web/inc/secure_login.php
+++ b/web/inc/secure_login.php
@@ -12,6 +12,9 @@ if (substr($_SERVER['SCRIPT_FILENAME'], 0, 28)=='/usr/local/vesta/web/custom/')
 if (substr($_SERVER['SCRIPT_FILENAME'], 0, 29)=='/usr/local/vesta/web//custom/') $login_url_skip=1;
 
 if (substr($_SERVER['SCRIPT_FILENAME'], 0, 21)=='/usr/local/vesta/bin/') $skip_login_url_check=1; // allow executing v-* PHP scripts from bash
+if (substr($_SERVER['SCRIPT_FILENAME'], 0, 29)=='/usr/local/vesta/softaculous/') $skip_login_url_check=1; // allow softaculous
+if (substr($_SERVER['SCRIPT_FILENAME'], 0, 33)=='/usr/local/vesta/web/softaculous/') $skip_login_url_check=1; // allow softaculous
+if (substr($_SERVER['SCRIPT_FILENAME'], 0, 34)=='/usr/local/vesta/web//softaculous/') $skip_login_url_check=1; // allow softaculous
 
 if ($skip_login_url_check==0) {
     if (!isset($login_url_loaded)) {

From 3dd6c186fc73a486a75929f4c17ba0a3a3ba4e47 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 7 Jan 2020 15:33:58 +0100
Subject: [PATCH 0795/2300] apparmor install fix

---
 install/vst-install-debian.sh | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index f9d43752..fae75490 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1140,10 +1140,10 @@ if [ "$named" = 'yes' ]; then
       # echo "/home/** rwm," >> /etc/apparmor.d/local/usr.sbin.named 2>/dev/null
       sed -i "s#/etc/bind/\*\* rw,#/etc/bind/\*\* rw,\n  /home/\*\* rwm,#g" /etc/apparmor.d/usr.sbin.named
       sed -i "s#/etc/bind/\*\* r,#/etc/bind/\*\* rw,\n  /home/\*\* rwm,#g" /etc/apparmor.d/usr.sbin.named
-      service apparmor status >/dev/null 2>&1
-      if [ $? -ne 0 ]; then
+      # service apparmor status >/dev/null 2>&1
+      # if [ $? -ne 0 ]; then
           service apparmor restart
-      fi
+      # fi
     fi
     update-rc.d bind9 defaults
     service bind9 start

From f4b64b4b4ea635e2f1b02203e2cf99ca2e3ba592 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 7 Jan 2020 23:26:03 +0100
Subject: [PATCH 0796/2300] Allow whitelisting specific IP to avoid secret_url

---
 web/inc/secure_login.php | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/web/inc/secure_login.php b/web/inc/secure_login.php
index 0b0b2993..a13b5570 100644
--- a/web/inc/secure_login.php
+++ b/web/inc/secure_login.php
@@ -4,6 +4,9 @@ $skip_login_url_check=0;
 if ($_SERVER['SCRIPT_FILENAME']=='/usr/local/vesta/web/reset/mail/index.php') $skip_login_url_check=1; // it's accessible only from localhost
 if ($_SERVER['SCRIPT_FILENAME']=='/usr/local/vesta/web//reset/mail/index.php') $skip_login_url_check=1;
 
+if ($_SERVER['SCRIPT_FILENAME']=='/usr/local/vesta/web/api/index.php') $skip_login_url_check=1; // api has its own security check
+if ($_SERVER['SCRIPT_FILENAME']=='/usr/local/vesta/web//api/index.php') $skip_login_url_check=1;
+
 if ($_SERVER['SCRIPT_FILENAME']=='/usr/local/vesta/web/reset/mail/set-ar.php') $skip_login_url_check=1; // commercial addon for changing auto-reply from Roundcube, not included in this fork, also accessible only from localhost
 if ($_SERVER['SCRIPT_FILENAME']=='/usr/local/vesta/web//reset/mail/set-ar.php') $skip_login_url_check=1;
 if ($_SERVER['SCRIPT_FILENAME']=='/usr/local/vesta/web/reset/mail/get-ar.php') $skip_login_url_check=1;
@@ -16,6 +19,16 @@ if (substr($_SERVER['SCRIPT_FILENAME'], 0, 29)=='/usr/local/vesta/softaculous/')
 if (substr($_SERVER['SCRIPT_FILENAME'], 0, 33)=='/usr/local/vesta/web/softaculous/') $skip_login_url_check=1; // allow softaculous
 if (substr($_SERVER['SCRIPT_FILENAME'], 0, 34)=='/usr/local/vesta/web//softaculous/') $skip_login_url_check=1; // allow softaculous
 
+$check_file="/usr/local/vesta/conf_web/allow_ip_for_secret_url.conf";
+if (file_exists($check_file)) {
+    $file_content=file($check_file);
+    if (is_array($file_content)) {
+        foreach ($file_content as $line) {
+            if (trim($line) == $_SERVER['REMOTE_ADDR']) {$skip_login_url_check=1; break;}
+        }
+    }
+}
+
 if ($skip_login_url_check==0) {
     if (!isset($login_url_loaded)) {
         $login_url_loaded=1;

From b40ebe07e2a6304e9c0435cd6002fda553df36fb Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 7 Jan 2020 23:43:14 +0100
Subject: [PATCH 0797/2300] Allow whitelisting specific IP for /api/

---
 web/api/index.php | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/web/api/index.php b/web/api/index.php
index d8a5b910..08f51fc9 100644
--- a/web/api/index.php
+++ b/web/api/index.php
@@ -1,6 +1,18 @@
 
Date: Tue, 7 Jan 2020 23:44:22 +0100
Subject: [PATCH 0798/2300] version up

---
 src/deb/latest.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/latest.txt b/src/deb/latest.txt
index 0ac75b61..1edb2e24 100644
--- a/src/deb/latest.txt
+++ b/src/deb/latest.txt
@@ -1 +1 @@
-vesta-0.9.8-26-3
+vesta-0.9.8-26-4

From 6d34e2b1b054c01d87f21118f22aa7301dd7423c Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 7 Jan 2020 23:45:14 +0100
Subject: [PATCH 0799/2300] Version up

---
 src/deb/vesta/control | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/vesta/control b/src/deb/vesta/control
index f2dfd9ce..75720ec5 100644
--- a/src/deb/vesta/control
+++ b/src/deb/vesta/control
@@ -1,7 +1,7 @@
 Source: vesta
 Package: vesta
 Priority: optional
-Version: 0.9.8-26-3
+Version: 0.9.8-26-4
 Section: admin
 Maintainer: Predrag Damnjanovic 
 Homepage: http://myvestacp.com

From 99abd5ed05547a306670bdb332918ab199ced53a Mon Sep 17 00:00:00 2001
From: Josh Marshall 
Date: Thu, 9 Jan 2020 00:52:10 +1000
Subject: [PATCH 0800/2300] Bugfix deleting a PostgreSQL database

Was just a typo
---
 func/db.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/func/db.sh b/func/db.sh
index 30018065..b0ff73b9 100644
--- a/func/db.sh
+++ b/func/db.sh
@@ -322,7 +322,7 @@ delete_pgsql_database() {
     psql_connect $HOST
 
     query="REVOKE ALL PRIVILEGES ON DATABASE $database FROM $DBUSER"
-    psql_qyery "$query" > /dev/null
+    psql_query "$query" > /dev/null
 
     query="DROP DATABASE $database"
     psql_query "$query" > /dev/null

From 8244e94be889410c63a7ee789db1d9ca7fec1867 Mon Sep 17 00:00:00 2001
From: flackjap 
Date: Sat, 11 Jan 2020 17:56:12 +0100
Subject: [PATCH 0801/2300] Update README.md

Syntax and grammar improvements.
---
 README.md | 28 ++++++++++++++--------------
 1 file changed, 14 insertions(+), 14 deletions(-)

diff --git a/README.md b/README.md
index fb5dfd27..3cb49b49 100644
--- a/README.md
+++ b/README.md
@@ -3,28 +3,28 @@ MyVesta Control Panel
 
 * MyVesta is a fork of VestaCP
 * Focused on security and stability
-* Therefore, only Debian is supported - keeping focus on ONE eco-system - not wasting energy on compatibility with other Linux distributions
-* It will always be synchronized with official VestaCP commits
+* Therefore, only Debian is supported - keeping focus on only one eco-system - not wasting energy on compatibility with other Linux distributions
+* However, it will be always synchronized with official VestaCP commits
 * VestaCP commercial plugins will be only available for purchase on official vestacp.com website - we will NOT take their earnings, since we are not making this fork for monetary reasons. Instead, we are doing this with open source in mind - to enhance security and to build new features, without being interlocked with official VestaCP release cycles, and without affecting or heavily diverting from the VestaCP's planned development milestones
-* With previous in mind, all features that are added in this fork, will be offered to official VestaCP through pull-request mechanisms
+* With previous in mind, all features that are built for this fork (MyVesta), will be offered to official VestaCP, via pull requests
 
 Features
 ==================================================
 
 + Support for Debian 10 (previous releases are also supported)
 
-+ You can totally "lock" VestaCP so it can be accessed only via https://serverhost:8083/?MY-SECRET-URL
-    + During installation you will be asked to choose secret URL for your hosting panel
-    + Literally no PHP scripts will be alive on hosting panel (won't be able to get executed), unless you access the hosting panel with secret URL parameter. Thus, when it happens that, let's say, some zero-day exploit pops up - hacker will not be able to access it without knowing your secret URL. PHP scripts from VestaCP will be simply dead - no one will be able to interact with your panel unless he has the secret URL.
-    + You can see for yourself how mechanism was built by looking at:
++ You can completely "lock" VestaCP so it can be accessed only via https://serverhost:8083/?MY-SECRET-URL
+    + During installation you will be asked to choose a secret URL for your hosting panel
+    + Literally no PHP scripts will be alive on your hosting panel (won't be able to get executed), unless you access the hosting panel with secret URL parameter. Thus, when it happens that, let's say, some zero-day exploit pops up - attackers won't be able to access it without knowing your secret URL. PHP scripts from VestaCP will be simply dead - no one will be able to interact with your panel unless they have the secret URL.
+    + You can see for yourself how this mechanism was built by looking at:
       + https://github.com/myvesta/vesta/blob/master/src/deb/for-download/php/php.ini#L496
       + https://github.com/myvesta/vesta/blob/master/web/inc/secure_login.php
-    + If you didn't set secret URL during installation, you can do it anytime, just execute in SSH:
+    + If you didn't set the secret URL during installation, you can do it anytime. Just execute in shell:
     + `echo " /usr/local/vesta/web/inc/login_url.php`
 
-+ We disabled dangerous PHP functions in php.ini, so even if, for example, customer's CMS gets compromised, hacker will not be able to execute "shell" from PHP.
++ We disabled dangerous PHP functions in php.ini, so even if, for example, your customer's CMS gets compromised, hacker will not be able to execute shell scripts from within PHP.
 
-+ Apache is fully switched to mpm_event mode, while PHP is running in PHP-FPM, which is the most stable PHP-stack solution
++ Apache is fully switched to mpm_event mode, while PHP is running in PHP-FPM mode, which is the most stable PHP-stack solution
     + OPCache is turned on by default
 
 + Support for multi-PHP versions - https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/multi-php-install.sh
@@ -33,13 +33,13 @@ Features
 
 + You can change Vesta port during installation or later using one command line: **v-change-vesta-port [number]**
 
-+ You can limit maximum number of sent emails (per hour) per mail account and per hosting account.
++ You can limit the maximum number of sent emails (per hour) per mail account and per hosting account.
 
 + You can compile Vesta binaries by yourself - https://github.com/myvesta/vesta/blob/master/src/deb/vesta_compile.sh
-    + You can even create your own APT repositorium in a minute
+    + You can even create your own APT repository in a minute
     + We are using latest nginx version for vesta-nginx package
     + With your own APT infrastructure you can take security of Vesta-installer infrastructure in your own hands. You will have full control of your Vesta code (this way you can rest assured that there's 0% chance that you'll install malicious packages from repositories that may get hacked)
-    + Binaries that you compile is 100% compatible with official VestaCP from vestacp.com, so you can run official VestaCP code with your own binaries (in case you don't want source code from this fork)
+    + Binaries that you compile are 100% compatible with official VestaCP from vestacp.com, so you can run official VestaCP code with your own binaries (in case you don't want the source code from this fork)
 
 How to install
 ----------------------------
@@ -56,7 +56,7 @@ About VestaCP
 ==================================================
 
 * Vesta is an open source hosting control panel.
-* Vesta has a clean and focused interface without the clutter.
+* Vesta has a clean and focused interface without clutter.
 * Vesta has the latest of very innovative technologies.
 
 Special thanks to vestacp.com and Serghey Rodin for open-source VestaCP project

From 373feb37cd895ae38ad054162965b2976caa8d06 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 11 Jan 2020 17:58:25 +0100
Subject: [PATCH 0802/2300] Note about secret URL

---
 install/vst-install-debian.sh | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index fae75490..04475e5a 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -424,7 +424,9 @@ if [ "$interactive" = 'yes' ]; then
 
     # Asking for secret URL
     if [ -z "$secret_url" ]; then
-        read -p 'Please enter secret URL address for hosting panel (press enter for none): ' secret_url
+        echo 'Please enter secret URL address for hosting panel (or press enter for none).'
+        echo 'Secret URL must be without special characters, just letters and numbers. Example: mysecret8205'
+        read -p 'Enter secret URL address:' secret_url
     fi
 
     # Asking for Vesta port

From 86ce76cbae01c293133d44bc4fe367119c7d58d8 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 11 Jan 2020 17:59:28 +0100
Subject: [PATCH 0803/2300] Update vst-install-debian.sh

---
 install/vst-install-debian.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 04475e5a..2567e67d 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -426,7 +426,7 @@ if [ "$interactive" = 'yes' ]; then
     if [ -z "$secret_url" ]; then
         echo 'Please enter secret URL address for hosting panel (or press enter for none).'
         echo 'Secret URL must be without special characters, just letters and numbers. Example: mysecret8205'
-        read -p 'Enter secret URL address:' secret_url
+        read -p 'Enter secret URL address: ' secret_url
     fi
 
     # Asking for Vesta port

From e8f52886b014505e8323219b17d4f23e7877873f Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 11 Jan 2020 19:00:57 +0100
Subject: [PATCH 0804/2300] mkdir -p /var/lib/clamav in installer

---
 install/vst-install-debian.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 2567e67d..b7374390 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1210,6 +1210,7 @@ if [ "$clamd" = 'yes' ]; then
     gpasswd -a clamav mail
     gpasswd -a clamav Debian-exim
     cp -f $vestacp/clamav/clamd.conf /etc/clamav/
+    mkdir -p /var/lib/clamav
     touch /var/lib/clamav/clamd.sock
     chown clamav:clamav /var/lib/clamav/clamd.sock
     /usr/bin/freshclam

From a607cf9ccd4c5f1b048884372d4e2c47f0d35c53 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 19 Jan 2020 17:55:08 +0100
Subject: [PATCH 0805/2300] v-clone-website

---
 src/deb/for-download/tools/v-clone-website | 267 +++++++++++++++++++++
 1 file changed, 267 insertions(+)
 create mode 100644 src/deb/for-download/tools/v-clone-website

diff --git a/src/deb/for-download/tools/v-clone-website b/src/deb/for-download/tools/v-clone-website
new file mode 100644
index 00000000..b5bb6015
--- /dev/null
+++ b/src/deb/for-download/tools/v-clone-website
@@ -0,0 +1,267 @@
+#!/bin/bash
+
+# Migration tool that will copy whole site from one domain to another (sub)domain (on the same server), changing URL in database (it's careful with serialized arrays in database).
+# Useful for making staging copy in one command-line.
+# Automatic detection of WordPress, automaticaly read DB user, DB name, DB pass, automatic cloning to new database, automatic changing wp-config.php file.
+
+if [ $# -lt 2 ]; then
+    echo "USAGE: v-clone-website FROM_DOMAIN TO_DOMAIN [FROM_DATABASE_NAME] [FROM_DATABASE_USERNAME] [FROM_DATABASE_PASSWORD] [FROM_CONFIG_FILE] [TO_USER] [TO_DATABASE_NAME] [TO_DATABASE_USERNAME] [TO_DATABASE_PASSWORD]"
+    exit 1
+fi
+
+FROM_DOMAIN=''
+TO_DOMAIN=''
+FROM_DATABASE_NAME=''
+FROM_DATABASE_USERNAME=''
+FROM_DATABASE_PASSWORD=''
+FROM_CONFIG_FILE=''
+TO_DATABASE_NAME=''
+TO_DATABASE_USERNAME=''
+TO_DATABASE_PASSWORD=''
+
+if [ -z "$VESTA" ]; then
+    VESTA="/usr/local/vesta"
+fi
+
+if [ ! -f "/root/Search-Replace-DB-master/srdb.cli.php" ]; then
+    echo "Please download https://interconnectit.com/products/search-and-replace-for-wordpress-databases/ and extract to /root/Search-Replace-DB-master/"
+    exit 11
+fi
+if [ ! -f "/usr/bin/php7.0" ]; then
+    echo "Please download https://c.myvestacp.com/tools/multi-php-install.sh and install php 7.0"
+    exit 12
+fi
+
+FROM_DOMAIN=$1
+FROM_USER=$($VESTA/bin/v-search-domain-owner "$FROM_DOMAIN")
+if [ -z "$FROM_USER" ]; then
+    echo "Error: domain $FROM_DOMAIN does not exists"
+    exit 2
+fi
+
+if [ -z "$2" ]; then
+    echo "Error: TO_DOMAIN is empty"
+    exit 2
+fi
+
+FROM_FOLDER="/home/$FROM_USER/web/$FROM_DOMAIN/public_html"
+CHECK_PUBLIC_SHTML=$($VESTA/bin/v-list-web-domain "$FROM_USER" "$FROM_DOMAIN" | grep 'SSL:' | grep -c 'single')
+if [ $CHECK_PUBLIC_SHTML -eq 1 ]; then
+    FROM_FOLDER="/home/$FROM_USER/web/$FROM_DOMAIN/public_shtml"
+fi
+
+
+if [ $# -ge 6 ]; then
+    FROM_CONFIG_FILE="$6"
+    FROM_CONFIG_FILE_FULL_PATH="$FROM_FOLDER/$6"
+fi
+if [ -z "$FROM_CONFIG_FILE" ]; then
+    FROM_CONFIG_FILE="wp-config.php"
+    FROM_CONFIG_FILE_FULL_PATH="$FROM_FOLDER/$FROM_CONFIG_FILE"
+fi
+if [ ! -f "$FROM_CONFIG_FILE_FULL_PATH" ]; then
+    echo "Error: FROM_CONFIG_FILE_FULL_PATH $FROM_CONFIG_FILE_FULL_PATH does not exists"
+    exit 3
+fi
+
+if [ -f "$FROM_CONFIG_FILE_FULL_PATH" ]; then
+    FROM_DATABASE_NAME=$(grep 'DB_NAME' $FROM_CONFIG_FILE_FULL_PATH | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
+    FROM_DATABASE_USERNAME=$(grep 'DB_USER' $FROM_CONFIG_FILE_FULL_PATH | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
+    FROM_DATABASE_PASSWORD=$(grep 'DB_PASSWORD' $FROM_CONFIG_FILE_FULL_PATH | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
+fi
+if [ $# -ge 3 ]; then
+    if [ ! -z "$3" ]; then
+        FROM_DATABASE_NAME=$3
+    fi
+fi
+if [ $# -ge 4 ]; then
+    if [ ! -z "$4" ]; then
+        FROM_DATABASE_USERNAME=$4
+    fi
+fi
+if [ $# -ge 5 ]; then
+    if [ ! -z "$5" ]; then
+        FROM_DATABASE_PASSWORD=$5
+    fi
+fi
+if [ -z "$FROM_DATABASE_NAME" ]; then
+    echo "Error: FROM_DATABASE_NAME $FROM_DATABASE_NAME is empty"
+    exit 4
+fi
+if [ -z "$FROM_DATABASE_USERNAME" ]; then
+    echo "Error: FROM_DATABASE_USERNAME $FROM_DATABASE_USERNAME is empty"
+    exit 5
+fi
+if [ -z "$FROM_DATABASE_PASSWORD" ]; then
+    echo "Error: FROM_DATABASE_PASSWORD $FROM_DATABASE_PASSWORD is empty"
+    exit 6
+fi
+
+FROM_USER_LEN=${#FROM_USER}
+FROM_USER_LEN=$((FROM_USER_LEN+1))
+
+object=$(grep "DB='$FROM_DATABASE_NAME'" $VESTA/data/users/$FROM_USER/db.conf)
+if [ -z "$object" ]; then
+    echo "Error: database $FROM_DATABASE_NAME does not exists"
+    exit 7
+fi
+
+FROM_DATABASE_NAME_WITHOUT_PREFIX=${FROM_DATABASE_NAME:FROM_USER_LEN}
+FROM_DATABASE_USERNAME_WITHOUT_PREFIX=${FROM_DATABASE_USERNAME:FROM_USER_LEN}
+
+
+# ----------- TO -------------
+
+
+TO_DOMAIN=$2
+TO_USER=$($VESTA/bin/v-search-domain-owner "$TO_DOMAIN")
+CREATE_TO_DOMAIN=0
+if [ -z "$TO_USER" ]; then
+    TO_USER=$FROM_USER
+    CREATE_TO_DOMAIN=1
+fi
+
+TO_FOLDER="/home/$TO_USER/web/$TO_DOMAIN/public_html"
+CHECK_PUBLIC_SHTML=$($VESTA/bin/v-list-web-domain "$TO_USER" "$TO_DOMAIN" | grep 'SSL:' | grep -c 'single')
+if [ $CHECK_PUBLIC_SHTML -eq 1 ]; then
+    TO_FOLDER="/home/$TO_USER/web/$TO_DOMAIN/public_shtml"
+fi
+
+TO_CONFIG_FILE_FULL_PATH="$TO_FOLDER/$FROM_CONFIG_FILE"
+
+if [ $# -ge 7 ]; then
+    if [ ! -z "$7" ]; then
+        TO_DATABASE_NAME=$7
+    fi
+fi
+if [ $# -ge 8 ]; then
+    if [ ! -z "$8" ]; then
+        TO_DATABASE_USERNAME=$8
+    fi
+fi
+if [ $# -ge 9 ]; then
+    if [ ! -z "$9" ]; then
+        TO_DATABASE_PASSWORD=$9
+    fi
+fi
+
+if [ -z "$TO_DATABASE_NAME" ]; then
+    LENGTH_OF_TO_DATABASE_NAME=${#FROM_DATABASE_NAME}
+    START_FROM=$((LENGTH_OF_TO_DATABASE_NAME-9))
+    CHECK_PREFIX=${FROM_DATABASE_NAME:START_FROM}
+    if [ "$CHECK_PREFIX" = "_migrated" ]; then
+        TO_DATABASE_NAME="${TO_USER}_${FROM_DATABASE_NAME_WITHOUT_PREFIX}"
+        LENGTH_OF_TO_DATABASE_NAME=${#TO_DATABASE_NAME}
+        CUT_TO=$((LENGTH_OF_TO_DATABASE_NAME-9))
+        TO_DATABASE_NAME=${TO_DATABASE_NAME:0:CUT_TO}
+    else
+        TO_DATABASE_NAME="${TO_USER}_${FROM_DATABASE_NAME_WITHOUT_PREFIX}_migrated"
+    fi
+fi
+if [ -z "$TO_DATABASE_USERNAME" ]; then
+    LENGTH_OF_TO_DATABASE_USERNAME=${#FROM_DATABASE_USERNAME}
+    START_FROM=$((LENGTH_OF_TO_DATABASE_USERNAME-9))
+    CHECK_PREFIX=${FROM_DATABASE_USERNAME:START_FROM}
+    if [ "$CHECK_PREFIX" = "_migrated" ]; then
+        TO_DATABASE_USERNAME="${TO_USER}_${FROM_DATABASE_USERNAME_WITHOUT_PREFIX}"
+        LENGTH_OF_TO_DATABASE_USERNAME=${#TO_DATABASE_USERNAME}
+        CUT_TO=$((LENGTH_OF_TO_DATABASE_USERNAME-9))
+        TO_DATABASE_USERNAME=${TO_DATABASE_USERNAME:0:CUT_TO}
+    else
+        TO_DATABASE_USERNAME="${TO_USER}_${FROM_DATABASE_USERNAME_WITHOUT_PREFIX}_migrated"
+    fi
+fi
+if [ -z "$TO_DATABASE_PASSWORD" ]; then
+    TO_DATABASE_PASSWORD=$FROM_DATABASE_PASSWORD
+fi
+if [ -z "$TO_DATABASE_NAME" ]; then
+    echo "Error: TO_DATABASE_NAME $TO_DATABASE_NAME is empty"
+    exit 8
+fi
+if [ -z "$TO_DATABASE_USERNAME" ]; then
+    echo "Error: TO_DATABASE_USERNAME $TO_DATABASE_USERNAME is empty"
+    exit 9
+fi
+if [ -z "$TO_DATABASE_PASSWORD" ]; then
+    echo "Error: TO_DATABASE_PASSWORD $TO_DATABASE_PASSWORD is empty"
+    exit 10
+fi
+
+TO_USER_LEN=${#TO_USER}
+TO_USER_LEN=$((TO_USER_LEN+1))
+
+TO_DATABASE_NAME_WITHOUT_PREFIX=${TO_DATABASE_NAME:TO_USER_LEN}
+TO_DATABASE_USERNAME_WITHOUT_PREFIX=${TO_DATABASE_USERNAME:TO_USER_LEN}
+
+
+# ----------- PRINT -------------
+
+
+echo "==============================================================================="
+echo "FROM_DOMAIN = $FROM_DOMAIN"
+echo "FROM_USER = $FROM_USER"
+echo "TO_DOMAIN = $TO_DOMAIN"
+echo "TO_USER = $TO_USER"
+echo "FROM_FOLDER = $FROM_FOLDER"
+echo "TO_FOLDER = $TO_FOLDER"
+echo "FROM_DATABASE_NAME = $FROM_DATABASE_NAME"
+echo "FROM_DATABASE_USERNAME = $FROM_DATABASE_USERNAME"
+echo "FROM_DATABASE_PASSWORD = $FROM_DATABASE_PASSWORD"
+echo "FROM_DATABASE_NAME_WITHOUT_PREFIX = $FROM_DATABASE_NAME_WITHOUT_PREFIX"
+echo "FROM_DATABASE_USERNAME_WITHOUT_PREFIX = $FROM_DATABASE_USERNAME_WITHOUT_PREFIX"
+echo "FROM_CONFIG_FILE_FULL_PATH = $FROM_CONFIG_FILE_FULL_PATH"
+echo "TO_CONFIG_FILE_FULL_PATH = $TO_CONFIG_FILE_FULL_PATH"
+echo "TO_DATABASE_NAME = $TO_DATABASE_NAME"
+echo "TO_DATABASE_USERNAME = $TO_DATABASE_USERNAME"
+echo "TO_DATABASE_PASSWORD = $TO_DATABASE_PASSWORD"
+echo "TO_DATABASE_NAME_WITHOUT_PREFIX = $TO_DATABASE_NAME_WITHOUT_PREFIX"
+echo "TO_DATABASE_USERNAME_WITHOUT_PREFIX = $TO_DATABASE_USERNAME_WITHOUT_PREFIX"
+echo "==============================================================================="
+read -p "=== Press Enter to continue ==="
+
+
+# ----------- ACTION -------------
+
+if [ $CREATE_TO_DOMAIN -eq 1 ]; then
+    echo "=== Create domain $TO_DOMAIN"
+    $VESTA/bin/v-add-domain "$TO_USER" "$TO_DOMAIN"
+    rm $TO_FOLDER/index.html
+fi
+
+
+object=$(grep "DB='$TO_DATABASE_NAME'" $VESTA/data/users/$TO_USER/db.conf)
+if [ -z "$object" ]; then
+    echo "=== Create database $TO_DATABASE_NAME"
+    $VESTA/bin/v-add-database "$TO_USER" "$TO_DATABASE_NAME_WITHOUT_PREFIX" "$TO_DATABASE_USERNAME_WITHOUT_PREFIX" "$TO_DATABASE_PASSWORD" 'mysql' 'localhost' 'utf8'
+fi
+
+echo "=== Dumping database $FROM_DATABASE_NAME"
+if [ -d "/root/temp" ]; then
+    rm -rf /root/temp
+fi
+mkdir -p /root/temp
+cd /root/temp
+mysqldump $FROM_DATABASE_NAME > $FROM_DATABASE_NAME.sql
+echo "=== Importing to database $TO_DATABASE_NAME"
+mysql $TO_DATABASE_NAME < $FROM_DATABASE_NAME.sql
+
+echo "=== Copying files from $FROM_FOLDER to folder $TO_FOLDER"
+rsync -a $FROM_FOLDER/ $TO_FOLDER/
+echo "=== Chowning to  $TO_USER:$TO_USER in folder $TO_FOLDER"
+chown -R $TO_USER:$TO_USER $TO_FOLDER
+
+echo "=== Replacing $FROM_DATABASE_NAME to $TO_DATABASE_NAME in $TO_CONFIG_FILE_FULL_PATH"
+sed -i "s|$FROM_DATABASE_NAME|$TO_DATABASE_NAME|g" $TO_CONFIG_FILE_FULL_PATH
+echo "=== Replacing $FROM_DATABASE_USERNAME to $TO_DATABASE_USERNAME in $TO_CONFIG_FILE_FULL_PATH"
+sed -i "s|$FROM_DATABASE_USERNAME|$TO_DATABASE_USERNAME|g" $TO_CONFIG_FILE_FULL_PATH
+echo "=== Replacing $FROM_DATABASE_PASSWORD to $TO_DATABASE_PASSWORD in $TO_CONFIG_FILE_FULL_PATH"
+sed -i "s|$FROM_DATABASE_PASSWORD|$TO_DATABASE_PASSWORD|g" $TO_CONFIG_FILE_FULL_PATH
+
+echo "=== Replacing $FROM_DOMAIN to $TO_DOMAIN in folder $TO_FOLDER"
+grep -rl "$FROM_DOMAIN" $FROM_FOLDER | xargs sed -i "s#$FROM_DOMAIN#$TO_DOMAIN#g"
+
+echo "=== Replacing $FROM_DOMAIN to $TO_DOMAIN in database $TO_DATABASE_NAME"
+php7.0 /root/Search-Replace-DB-master/srdb.cli.php -h localhost -n "$TO_DATABASE_NAME" -u "$TO_DATABASE_USERNAME" -p "$TO_DATABASE_PASSWORD" -s "$FROM_DOMAIN" -r "$TO_DOMAIN"
+
+echo "===== DONE ===="
+echo "You can visit http://$TO_DOMAIN/"
\ No newline at end of file

From 180898fde8cd45ce1638edfb9db281ca4c03066d Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 19 Jan 2020 22:57:37 +0100
Subject: [PATCH 0806/2300] create_wp

---
 src/deb/for-download/tools/create_wp_http  | 104 +++++++++++++++++++
 src/deb/for-download/tools/create_wp_https | 112 +++++++++++++++++++++
 2 files changed, 216 insertions(+)
 create mode 100644 src/deb/for-download/tools/create_wp_http
 create mode 100644 src/deb/for-download/tools/create_wp_https

diff --git a/src/deb/for-download/tools/create_wp_http b/src/deb/for-download/tools/create_wp_http
new file mode 100644
index 00000000..a3d69cf4
--- /dev/null
+++ b/src/deb/for-download/tools/create_wp_http
@@ -0,0 +1,104 @@
+#!/bin/bash
+
+if [ $# -lt 1 ]; then
+    echo usage: create_wp_http domain [db_name] [email]
+    exit 1
+fi
+
+domain=$1
+
+PATH=$PATH:/usr/local/vesta/bin
+export PATH
+
+user=$(/usr/local/vesta/bin/v-search-domain-owner $domain)
+
+START_DB="wp";
+if [ $# -gt 1 ]; then
+    START_DB=$2
+fi
+
+email="info@$domain";
+if [ $# -gt 2 ]; then
+    email=$3
+fi
+
+if [ ! -d "/home/$user" ]; then
+    echo "User doesn't exist";
+    exit 1;
+fi
+
+if [ ! -d "/home/$user/web/$domain/public_html" ]; then
+    echo "Domain doesn't exist";
+    exit 1;
+fi
+
+WORKINGDIR="/home/$user/web/$domain/public_html"
+# FILE=latest.tar.gz
+
+rm -rf $WORKINGDIR/*
+
+#DBUSERSUF=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 5 | head -n 1)
+DBUSERSUF="$START_DB";
+DBUSERSUFB="$START_DB";
+DBUSER=$user\_$DBUSERSUFB;
+DB_OK=0;
+if [ ! -d "/var/lib/mysql/$DBUSER" ]; then
+    DB_OK=1;
+fi
+
+if [ "$DB_OK" -eq "0" ]; then
+i=1;
+while [ $i -lt 99 ]
+do
+i=$((i+1));
+DBUSERSUF="${DBUSERSUFB}${i}";
+DBUSER=$user\_$DBUSERSUF;
+if [ ! -d "/var/lib/mysql/$DBUSER" ]; then
+break;
+fi
+done
+fi
+
+PASSWDDB=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 8 | head -n 1)
+
+v-add-database $user $DBUSERSUF $DBUSERSUF $PASSWDDB mysql
+
+cd /home/$user
+
+rm -rf /home/$user/wp
+curl -O https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar
+chmod +x wp-cli.phar
+sudo mv wp-cli.phar wp
+
+cd /home/$user/web/$domain/public_html
+
+sudo -H -u$user /home/$user/wp core download
+sudo -H -u$user /home/$user/wp core config --dbname=$DBUSER --dbuser=$DBUSER --dbpass=$PASSWDDB
+
+password=$(LC_CTYPE=C tr -dc A-Za-z0-9_\!\@\#\$\%\^\&\*\(\)-+= < /dev/urandom | head -c 12)
+
+sudo -H -u$user /home/$user/wp core install --url="$domain" --title="$domain" --admin_user="admin" --admin_password="$password" --admin_email="$email" --path=$WORKINGDIR
+
+#FIX za https://github.com/wp-cli/wp-cli/issues/2632
+
+mysql -u$DBUSER -p$PASSWDDB -e "USE $DBUSER; update wp_options set option_value = 'http://$domain' where option_name = 'siteurl'; update wp_options set option_value = 'http://$domain' where option_name = 'home';"
+
+# clear
+
+echo "================================================================="
+echo "Installation is complete. Your username/password is listed below."
+echo ""
+echo "Site: http://$domain/"
+echo ""
+echo "Login: http://$domain/wp-admin/"
+echo "Username: admin"
+echo "Password: $password"
+echo ""
+echo "================================================================="
+
+chown -R $user:$user $WORKINGDIR
+
+rm -rf /home/$user/wp
+
+echo "create_wp: Done."
+exit 0
\ No newline at end of file
diff --git a/src/deb/for-download/tools/create_wp_https b/src/deb/for-download/tools/create_wp_https
new file mode 100644
index 00000000..d65902c6
--- /dev/null
+++ b/src/deb/for-download/tools/create_wp_https
@@ -0,0 +1,112 @@
+#!/bin/bash
+
+if [ $# -lt 1 ]; then
+    echo usage: create_wp_https domain [db_name] [email]
+    exit 1
+fi
+
+domain=$1
+
+PATH=$PATH:/usr/local/vesta/bin
+export PATH
+
+user=$(/usr/local/vesta/bin/v-search-domain-owner $domain)
+
+START_DB="wp";
+if [ $# -gt 1 ]; then
+    START_DB=$2
+fi
+
+email="info@$domain";
+if [ $# -gt 2 ]; then
+    email=$3
+fi
+
+if [ ! -d "/home/$user" ]; then
+    echo "User doesn't exist";
+    exit 1;
+fi
+
+if [ ! -d "/home/$user/web/$domain/public_html" ]; then
+    echo "Domain doesn't exist";
+    exit 1;
+fi
+
+if [ ! -f "/home/$user/conf/web/ssl.$domain.pem" ]; then
+    v-add-letsencrypt-domain "$user" "$domain" "www.$domain" "yes"
+
+    if [ -f "/usr/local/vesta/data/templates/web/nginx/force-https.stpl" ]; then
+        v-change-web-domain-proxy-tpl  "$user" "$domain" "force-https" "jpeg,jpg,png,gif,bmp,ico,svg,tif,tiff,css,js,ttf,otf,webp,txt,csv,rtf,doc,docx,xls,xlsx,ppt,pptx,odf,odp,ods,odt,pdf,psd,ai,eot,eps,ps,zip,tar,tgz,gz,rar,bz2,7z,aac,m4a,mp3,mp4,ogg,wav,wma,3gp,avi,flv,m4v,mkv,mov,mpeg,mpg,wmv,exe,iso,dmg,swf,woff,woff2,xml" "yes"
+    fi
+fi
+
+WORKINGDIR="/home/$user/web/$domain/public_html"
+# FILE=latest.tar.gz
+
+rm -rf $WORKINGDIR/*
+
+#DBUSERSUF=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 5 | head -n 1)
+DBUSERSUF="$START_DB";
+DBUSERSUFB="$START_DB";
+DBUSER=$user\_$DBUSERSUFB;
+DB_OK=0;
+if [ ! -d "/var/lib/mysql/$DBUSER" ]; then
+    DB_OK=1;
+fi
+
+if [ "$DB_OK" -eq "0" ]; then
+i=1;
+while [ $i -lt 99 ]
+do
+i=$((i+1));
+DBUSERSUF="${DBUSERSUFB}${i}";
+DBUSER=$user\_$DBUSERSUF;
+if [ ! -d "/var/lib/mysql/$DBUSER" ]; then
+break;
+fi
+done
+fi
+
+PASSWDDB=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 8 | head -n 1)
+
+v-add-database $user $DBUSERSUF $DBUSERSUF $PASSWDDB mysql
+
+cd /home/$user
+
+rm -rf /home/$user/wp
+curl -O https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar
+chmod +x wp-cli.phar
+sudo mv wp-cli.phar wp
+
+cd /home/$user/web/$domain/public_html
+
+sudo -H -u$user /home/$user/wp core download
+sudo -H -u$user /home/$user/wp core config --dbname=$DBUSER --dbuser=$DBUSER --dbpass=$PASSWDDB
+
+password=$(LC_CTYPE=C tr -dc A-Za-z0-9_\!\@\#\$\%\^\&\*\(\)-+= < /dev/urandom | head -c 12)
+
+sudo -H -u$user /home/$user/wp core install --url="$domain" --title="$domain" --admin_user="admin" --admin_password="$password" --admin_email="$email" --path=$WORKINGDIR
+
+#FIX za https://github.com/wp-cli/wp-cli/issues/2632
+
+mysql -u$DBUSER -p$PASSWDDB -e "USE $DBUSER; update wp_options set option_value = 'https://$domain' where option_name = 'siteurl'; update wp_options set option_value = 'https://$domain' where option_name = 'home';"
+
+# clear
+
+echo "================================================================="
+echo "Installation is complete. Your username/password is listed below."
+echo ""
+echo "Site: https://$domain/"
+echo ""
+echo "Login: https://$domain/wp-admin/"
+echo "Username: admin"
+echo "Password: $password"
+echo ""
+echo "================================================================="
+
+chown -R $user:$user $WORKINGDIR
+
+rm -rf /home/$user/wp
+
+echo "create_wp: Done."
+exit 0
\ No newline at end of file

From be6d976d8a6471f089b95713dbcf745f9f08735a Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 19 Jan 2020 23:00:46 +0100
Subject: [PATCH 0807/2300] Update create_wp_https

---
 src/deb/for-download/tools/create_wp_https | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/deb/for-download/tools/create_wp_https b/src/deb/for-download/tools/create_wp_https
index d65902c6..b440df0e 100644
--- a/src/deb/for-download/tools/create_wp_https
+++ b/src/deb/for-download/tools/create_wp_https
@@ -1,5 +1,8 @@
 #!/bin/bash
 
+# WordPress installer in one command line
+# Credits to Luka Paunović for wp-cli implememtation
+
 if [ $# -lt 1 ]; then
     echo usage: create_wp_https domain [db_name] [email]
     exit 1
@@ -109,4 +112,4 @@ chown -R $user:$user $WORKINGDIR
 rm -rf /home/$user/wp
 
 echo "create_wp: Done."
-exit 0
\ No newline at end of file
+exit 0

From 70171a4598fbf0e87a29e2366cfc96d1b659adf7 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Mon, 20 Jan 2020 01:00:20 +0100
Subject: [PATCH 0808/2300] v-clone-website: switching to wp-cli for WP sites

---
 src/deb/for-download/tools/v-clone-website | 78 +++++++++++++++-------
 1 file changed, 53 insertions(+), 25 deletions(-)

diff --git a/src/deb/for-download/tools/v-clone-website b/src/deb/for-download/tools/v-clone-website
index b5bb6015..9856029a 100644
--- a/src/deb/for-download/tools/v-clone-website
+++ b/src/deb/for-download/tools/v-clone-website
@@ -23,25 +23,20 @@ if [ -z "$VESTA" ]; then
     VESTA="/usr/local/vesta"
 fi
 
-if [ ! -f "/root/Search-Replace-DB-master/srdb.cli.php" ]; then
-    echo "Please download https://interconnectit.com/products/search-and-replace-for-wordpress-databases/ and extract to /root/Search-Replace-DB-master/"
-    exit 11
+if [ -z "$1" ]; then
+    echo "Error: FROM_DOMAIN is empty"
+    exit 2
 fi
-if [ ! -f "/usr/bin/php7.0" ]; then
-    echo "Please download https://c.myvestacp.com/tools/multi-php-install.sh and install php 7.0"
-    exit 12
+if [ -z "$2" ]; then
+    echo "Error: TO_DOMAIN is empty"
+    exit 3
 fi
 
 FROM_DOMAIN=$1
 FROM_USER=$($VESTA/bin/v-search-domain-owner "$FROM_DOMAIN")
 if [ -z "$FROM_USER" ]; then
     echo "Error: domain $FROM_DOMAIN does not exists"
-    exit 2
-fi
-
-if [ -z "$2" ]; then
-    echo "Error: TO_DOMAIN is empty"
-    exit 2
+    exit 4
 fi
 
 FROM_FOLDER="/home/$FROM_USER/web/$FROM_DOMAIN/public_html"
@@ -61,10 +56,15 @@ if [ -z "$FROM_CONFIG_FILE" ]; then
 fi
 if [ ! -f "$FROM_CONFIG_FILE_FULL_PATH" ]; then
     echo "Error: FROM_CONFIG_FILE_FULL_PATH $FROM_CONFIG_FILE_FULL_PATH does not exists"
-    exit 3
+    exit 5
 fi
 
-if [ -f "$FROM_CONFIG_FILE_FULL_PATH" ]; then
+IT_IS_WP=0
+if [ -f "$FROM_FOLDER/wp-config.php" ]; then
+    IT_IS_WP=1
+fi
+
+if [ $IT_IS_WP -eq 1 ]; then
     FROM_DATABASE_NAME=$(grep 'DB_NAME' $FROM_CONFIG_FILE_FULL_PATH | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
     FROM_DATABASE_USERNAME=$(grep 'DB_USER' $FROM_CONFIG_FILE_FULL_PATH | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
     FROM_DATABASE_PASSWORD=$(grep 'DB_PASSWORD' $FROM_CONFIG_FILE_FULL_PATH | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
@@ -86,15 +86,15 @@ if [ $# -ge 5 ]; then
 fi
 if [ -z "$FROM_DATABASE_NAME" ]; then
     echo "Error: FROM_DATABASE_NAME $FROM_DATABASE_NAME is empty"
-    exit 4
+    exit 6
 fi
 if [ -z "$FROM_DATABASE_USERNAME" ]; then
     echo "Error: FROM_DATABASE_USERNAME $FROM_DATABASE_USERNAME is empty"
-    exit 5
+    exit 7
 fi
 if [ -z "$FROM_DATABASE_PASSWORD" ]; then
     echo "Error: FROM_DATABASE_PASSWORD $FROM_DATABASE_PASSWORD is empty"
-    exit 6
+    exit 8
 fi
 
 FROM_USER_LEN=${#FROM_USER}
@@ -103,7 +103,7 @@ FROM_USER_LEN=$((FROM_USER_LEN+1))
 object=$(grep "DB='$FROM_DATABASE_NAME'" $VESTA/data/users/$FROM_USER/db.conf)
 if [ -z "$object" ]; then
     echo "Error: database $FROM_DATABASE_NAME does not exists"
-    exit 7
+    exit 9
 fi
 
 FROM_DATABASE_NAME_WITHOUT_PREFIX=${FROM_DATABASE_NAME:FROM_USER_LEN}
@@ -176,15 +176,15 @@ if [ -z "$TO_DATABASE_PASSWORD" ]; then
 fi
 if [ -z "$TO_DATABASE_NAME" ]; then
     echo "Error: TO_DATABASE_NAME $TO_DATABASE_NAME is empty"
-    exit 8
+    exit 10
 fi
 if [ -z "$TO_DATABASE_USERNAME" ]; then
     echo "Error: TO_DATABASE_USERNAME $TO_DATABASE_USERNAME is empty"
-    exit 9
+    exit 11
 fi
 if [ -z "$TO_DATABASE_PASSWORD" ]; then
     echo "Error: TO_DATABASE_PASSWORD $TO_DATABASE_PASSWORD is empty"
-    exit 10
+    exit 12
 fi
 
 TO_USER_LEN=${#TO_USER}
@@ -194,6 +194,24 @@ TO_DATABASE_NAME_WITHOUT_PREFIX=${TO_DATABASE_NAME:TO_USER_LEN}
 TO_DATABASE_USERNAME_WITHOUT_PREFIX=${TO_DATABASE_USERNAME:TO_USER_LEN}
 
 
+# ----------- CHECK -------------
+
+if [ $IT_IS_WP -eq 0 ]; then
+    if [ ! -f "/root/Search-Replace-DB-master/srdb.cli.php" ]; then
+        echo "Please download https://interconnectit.com/products/search-and-replace-for-wordpress-databases/ and extract to /root/Search-Replace-DB-master/"
+        exit 13
+    fi
+    if [ ! -f "/usr/bin/php7.0" ]; then
+        echo "Please download https://c.myvestacp.com/tools/multi-php-install.sh and install php 7.0"
+        exit 14
+    fi
+else
+    echo "=== Downloading latest wp-cli"
+    wget -nv https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar -O /usr/local/bin/wp
+    chmod +x /usr/local/bin/wp
+fi
+
+
 # ----------- PRINT -------------
 
 
@@ -204,13 +222,14 @@ echo "TO_DOMAIN = $TO_DOMAIN"
 echo "TO_USER = $TO_USER"
 echo "FROM_FOLDER = $FROM_FOLDER"
 echo "TO_FOLDER = $TO_FOLDER"
+echo "IT_IS_WP = $IT_IS_WP"
+echo "FROM_CONFIG_FILE_FULL_PATH = $FROM_CONFIG_FILE_FULL_PATH"
+echo "TO_CONFIG_FILE_FULL_PATH = $TO_CONFIG_FILE_FULL_PATH"
 echo "FROM_DATABASE_NAME = $FROM_DATABASE_NAME"
 echo "FROM_DATABASE_USERNAME = $FROM_DATABASE_USERNAME"
 echo "FROM_DATABASE_PASSWORD = $FROM_DATABASE_PASSWORD"
 echo "FROM_DATABASE_NAME_WITHOUT_PREFIX = $FROM_DATABASE_NAME_WITHOUT_PREFIX"
 echo "FROM_DATABASE_USERNAME_WITHOUT_PREFIX = $FROM_DATABASE_USERNAME_WITHOUT_PREFIX"
-echo "FROM_CONFIG_FILE_FULL_PATH = $FROM_CONFIG_FILE_FULL_PATH"
-echo "TO_CONFIG_FILE_FULL_PATH = $TO_CONFIG_FILE_FULL_PATH"
 echo "TO_DATABASE_NAME = $TO_DATABASE_NAME"
 echo "TO_DATABASE_USERNAME = $TO_DATABASE_USERNAME"
 echo "TO_DATABASE_PASSWORD = $TO_DATABASE_PASSWORD"
@@ -261,7 +280,16 @@ echo "=== Replacing $FROM_DOMAIN to $TO_DOMAIN in folder $TO_FOLDER"
 grep -rl "$FROM_DOMAIN" $FROM_FOLDER | xargs sed -i "s#$FROM_DOMAIN#$TO_DOMAIN#g"
 
 echo "=== Replacing $FROM_DOMAIN to $TO_DOMAIN in database $TO_DATABASE_NAME"
-php7.0 /root/Search-Replace-DB-master/srdb.cli.php -h localhost -n "$TO_DATABASE_NAME" -u "$TO_DATABASE_USERNAME" -p "$TO_DATABASE_PASSWORD" -s "$FROM_DOMAIN" -r "$TO_DOMAIN"
+if [ $IT_IS_WP -eq 0 ]; then
+    php7.0 /root/Search-Replace-DB-master/srdb.cli.php -h localhost -n "$TO_DATABASE_NAME" -u "$TO_DATABASE_USERNAME" -p "$TO_DATABASE_PASSWORD" -s "$FROM_DOMAIN" -r "$TO_DOMAIN"
+else
+    cd $TO_FOLDER
+    sudo -H -u$TO_USER wp search-replace "$FROM_DOMAIN" "$TO_DOMAIN" --precise --all-tables --skip-columns=guid
+    if [ -f "$TO_FOLDER/index.html" ]; then
+        echo "=== Removing $TO_FOLDER/index.html"
+        rm $TO_FOLDER/index.html
+    fi
+fi
 
 echo "===== DONE ===="
-echo "You can visit http://$TO_DOMAIN/"
\ No newline at end of file
+echo "You can visit http://$TO_DOMAIN/"

From 040a7e735d4b4204e262c96a69606e7310025bc1 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 24 Jan 2020 18:38:59 +0100
Subject: [PATCH 0809/2300] php7.4-memcache php7.4-memcached

---
 src/deb/for-download/tools/multi-php-install.sh | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/src/deb/for-download/tools/multi-php-install.sh b/src/deb/for-download/tools/multi-php-install.sh
index 69184ced..e76d5ba0 100644
--- a/src/deb/for-download/tools/multi-php-install.sh
+++ b/src/deb/for-download/tools/multi-php-install.sh
@@ -196,8 +196,7 @@ fi
 
 if [ "$inst_74" -eq 1 ]; then
     press_enter "=== Press enter to install PHP 7.4 ==============================================================================="
-    apt-get -y install php7.4-mbstring php7.4-bcmath php7.4-cli php7.4-curl php7.4-fpm php7.4-gd php7.4-intl php7.4-mysql php7.4-soap php7.4-xml php7.4-zip
-    # php7.4-memcache php7.4-memcached
+    apt-get -y install php7.4-mbstring php7.4-bcmath php7.4-cli php7.4-curl php7.4-fpm php7.4-gd php7.4-intl php7.4-mysql php7.4-soap php7.4-xml php7.4-zip php7.4-memcache php7.4-memcached
     update-rc.d php7.4-fpm defaults
     a2enconf php7.4-fpm
     systemctl restart apache2

From 19b2b0c9dc75938fc25bd8304c908cd69b2c9d63 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 2 Feb 2020 00:17:58 +0100
Subject: [PATCH 0810/2300] Update multi-php-install.sh

---
 .../for-download/tools/multi-php-install.sh   | 23 +++++++++++--------
 1 file changed, 13 insertions(+), 10 deletions(-)

diff --git a/src/deb/for-download/tools/multi-php-install.sh b/src/deb/for-download/tools/multi-php-install.sh
index e76d5ba0..059fc217 100644
--- a/src/deb/for-download/tools/multi-php-install.sh
+++ b/src/deb/for-download/tools/multi-php-install.sh
@@ -69,10 +69,10 @@ echo "wait_to_press_enter=$wait_to_press_enter"
 
 press_enter "=== Press enter to continue ==============================================================================="
 
-apt-get update
+apt update
 if [ "$inst_repo" -eq 1 ]; then
 press_enter "=== Press enter to install sury.org repo ==============================================================================="
-apt-get -y install apt-transport-https ca-certificates
+apt -y install apt-transport-https ca-certificates
 wget -nv -O /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg
 if [ $debian_version -eq 8 ]; then
   sh -c 'echo "deb https://packages.sury.org/php/ jessie main" > /etc/apt/sources.list.d/php.list'
@@ -83,8 +83,8 @@ fi
 if [ $debian_version -eq 10 ]; then
   sh -c 'echo "deb https://packages.sury.org/php/ buster main" > /etc/apt/sources.list.d/php.list'
 fi
-apt-get update
-apt-get upgrade -y
+apt update
+apt upgrade -y
 press_enter "=== Press enter to continue ==============================================================================="
 fi
 
@@ -95,7 +95,7 @@ service apache2 restart
 
 if [ "$inst_56" -eq 1 ]; then
 press_enter "=== Press enter to install PHP 5.6 ==============================================================================="
-apt-get -y install php5.6-mbstring php5.6-bcmath php5.6-cli php5.6-curl php5.6-fpm php5.6-gd php5.6-intl php5.6-mcrypt php5.6-mysql php5.6-soap php5.6-xml php5.6-zip php5.6-memcache php5.6-memcached
+apt -y install php5.6-mbstring php5.6-bcmath php5.6-cli php5.6-curl php5.6-fpm php5.6-gd php5.6-intl php5.6-mcrypt php5.6-mysql php5.6-soap php5.6-xml php5.6-zip php5.6-memcache php5.6-memcached
 update-rc.d php5.6-fpm defaults
 a2enconf php5.6-fpm
 systemctl restart apache2
@@ -111,7 +111,7 @@ fi
 
 if [ "$inst_70" -eq 1 ]; then
 press_enter "=== Press enter to install PHP 7.0 ==============================================================================="
-apt-get -y install php7.0-mbstring php7.0-bcmath php7.0-cli php7.0-curl php7.0-fpm php7.0-gd php7.0-intl php7.0-mcrypt php7.0-mysql php7.0-soap php7.0-xml php7.0-zip php7.0-memcache php7.0-memcached
+apt -y install php7.0-mbstring php7.0-bcmath php7.0-cli php7.0-curl php7.0-fpm php7.0-gd php7.0-intl php7.0-mcrypt php7.0-mysql php7.0-soap php7.0-xml php7.0-zip php7.0-memcache php7.0-memcached
 update-rc.d php7.0-fpm defaults
 a2enconf php7.0-fpm
 systemctl restart apache2
@@ -132,7 +132,7 @@ fi
 
 if [ "$inst_71" -eq 1 ]; then
 press_enter "=== Press enter to install PHP 7.1 ==============================================================================="
-apt-get -y install php7.1-mbstring php7.1-bcmath php7.1-cli php7.1-curl php7.1-fpm php7.1-gd php7.1-intl php7.1-mcrypt php7.1-mysql php7.1-soap php7.1-xml php7.1-zip php7.1-memcache php7.1-memcached
+apt -y install php7.1-mbstring php7.1-bcmath php7.1-cli php7.1-curl php7.1-fpm php7.1-gd php7.1-intl php7.1-mcrypt php7.1-mysql php7.1-soap php7.1-xml php7.1-zip php7.1-memcache php7.1-memcached
 update-rc.d php7.1-fpm defaults
 a2enconf php7.1-fpm
 systemctl restart apache2
@@ -153,7 +153,7 @@ fi
 
 if [ "$inst_72" -eq 1 ]; then
 press_enter "=== Press enter to install PHP 7.2 ==============================================================================="
-apt-get -y install php7.2-mbstring php7.2-bcmath php7.2-cli php7.2-curl php7.2-fpm php7.2-gd php7.2-intl php7.2-mysql php7.2-soap php7.2-xml php7.2-zip php7.2-memcache php7.2-memcached
+apt -y install php7.2-mbstring php7.2-bcmath php7.2-cli php7.2-curl php7.2-fpm php7.2-gd php7.2-intl php7.2-mysql php7.2-soap php7.2-xml php7.2-zip php7.2-memcache php7.2-memcached
 update-rc.d php7.2-fpm defaults
 a2enconf php7.2-fpm
 systemctl restart apache2
@@ -174,7 +174,7 @@ fi
 
 if [ "$inst_73" -eq 1 ]; then
 press_enter "=== Press enter to install PHP 7.3 ==============================================================================="
-apt-get -y install php7.3-mbstring php7.3-bcmath php7.3-cli php7.3-curl php7.3-fpm php7.3-gd php7.3-intl php7.3-mysql php7.3-soap php7.3-xml php7.3-zip php7.3-memcache php7.3-memcached
+apt -y install php7.3-mbstring php7.3-bcmath php7.3-cli php7.3-curl php7.3-fpm php7.3-gd php7.3-intl php7.3-mysql php7.3-soap php7.3-xml php7.3-zip php7.3-memcache php7.3-memcached
 update-rc.d php7.3-fpm defaults
 a2enconf php7.3-fpm
 systemctl restart apache2
@@ -196,7 +196,7 @@ fi
 
 if [ "$inst_74" -eq 1 ]; then
     press_enter "=== Press enter to install PHP 7.4 ==============================================================================="
-    apt-get -y install php7.4-mbstring php7.4-bcmath php7.4-cli php7.4-curl php7.4-fpm php7.4-gd php7.4-intl php7.4-mysql php7.4-soap php7.4-xml php7.4-zip php7.4-memcache php7.4-memcached
+    apt -y install php7.4-mbstring php7.4-bcmath php7.4-cli php7.4-curl php7.4-fpm php7.4-gd php7.4-intl php7.4-mysql php7.4-soap php7.4-xml php7.4-zip php7.4-memcache php7.4-memcached
     update-rc.d php7.4-fpm defaults
     a2enconf php7.4-fpm
     systemctl restart apache2
@@ -217,3 +217,6 @@ if [ "$inst_74" -eq 1 ]; then
     fi
     press_enter "=== Press enter to continue ==============================================================================="
 fi
+
+apt update
+apt upgrade -y

From b5db512b8b7d5a7b79c76961f9dfbe942103a235 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 2 Feb 2020 14:54:39 +0100
Subject: [PATCH 0811/2300] Update v-clone-website

---
 src/deb/for-download/tools/v-clone-website | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/src/deb/for-download/tools/v-clone-website b/src/deb/for-download/tools/v-clone-website
index 9856029a..a342a179 100644
--- a/src/deb/for-download/tools/v-clone-website
+++ b/src/deb/for-download/tools/v-clone-website
@@ -206,9 +206,11 @@ if [ $IT_IS_WP -eq 0 ]; then
         exit 14
     fi
 else
-    echo "=== Downloading latest wp-cli"
-    wget -nv https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar -O /usr/local/bin/wp
-    chmod +x /usr/local/bin/wp
+    if [ ! -f "/usr/local/bin/wp" ]; then
+        echo "=== Downloading latest wp-cli"
+        wget -nv https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar -O /usr/local/bin/wp
+        chmod +x /usr/local/bin/wp
+    fi
 fi
 
 

From 393fb7445a6bb48c12341becddeb478477d13494 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 2 Feb 2020 15:04:23 +0100
Subject: [PATCH 0812/2300] Update v-clone-website

---
 src/deb/for-download/tools/v-clone-website | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/for-download/tools/v-clone-website b/src/deb/for-download/tools/v-clone-website
index a342a179..7c6ba6ae 100644
--- a/src/deb/for-download/tools/v-clone-website
+++ b/src/deb/for-download/tools/v-clone-website
@@ -279,7 +279,7 @@ echo "=== Replacing $FROM_DATABASE_PASSWORD to $TO_DATABASE_PASSWORD in $TO_CONF
 sed -i "s|$FROM_DATABASE_PASSWORD|$TO_DATABASE_PASSWORD|g" $TO_CONFIG_FILE_FULL_PATH
 
 echo "=== Replacing $FROM_DOMAIN to $TO_DOMAIN in folder $TO_FOLDER"
-grep -rl "$FROM_DOMAIN" $FROM_FOLDER | xargs sed -i "s#$FROM_DOMAIN#$TO_DOMAIN#g"
+grep -rl "$FROM_DOMAIN" $TO_FOLDER | xargs sed -i "s#$FROM_DOMAIN#$TO_DOMAIN#g"
 
 echo "=== Replacing $FROM_DOMAIN to $TO_DOMAIN in database $TO_DATABASE_NAME"
 if [ $IT_IS_WP -eq 0 ]; then

From 72939b1fdfb4b45e5d76ccacb9907bafeb3fb3a8 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 2 Feb 2020 15:28:54 +0100
Subject: [PATCH 0813/2300] Update create_wp_https

---
 src/deb/for-download/tools/create_wp_https | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/src/deb/for-download/tools/create_wp_https b/src/deb/for-download/tools/create_wp_https
index b440df0e..a375af27 100644
--- a/src/deb/for-download/tools/create_wp_https
+++ b/src/deb/for-download/tools/create_wp_https
@@ -37,9 +37,10 @@ fi
 
 if [ ! -f "/home/$user/conf/web/ssl.$domain.pem" ]; then
     v-add-letsencrypt-domain "$user" "$domain" "www.$domain" "yes"
-
+fi
+if [ -f "/home/$user/conf/web/ssl.$domain.pem" ]; then
     if [ -f "/usr/local/vesta/data/templates/web/nginx/force-https.stpl" ]; then
-        v-change-web-domain-proxy-tpl  "$user" "$domain" "force-https" "jpeg,jpg,png,gif,bmp,ico,svg,tif,tiff,css,js,ttf,otf,webp,txt,csv,rtf,doc,docx,xls,xlsx,ppt,pptx,odf,odp,ods,odt,pdf,psd,ai,eot,eps,ps,zip,tar,tgz,gz,rar,bz2,7z,aac,m4a,mp3,mp4,ogg,wav,wma,3gp,avi,flv,m4v,mkv,mov,mpeg,mpg,wmv,exe,iso,dmg,swf,woff,woff2,xml" "yes"
+        v-change-web-domain-proxy-tpl  "$user" "$domain" "force-https" "jpeg,jpg,png,gif,bmp,ico,svg,tif,tiff,css,js,ttf,otf,webp,txt,csv,rtf,doc,docx,xls,xlsx,ppt,pptx,odf,odp,ods,odt,pdf,psd,ai,eot,eps,ps,zip,tar,tgz,gz,rar,bz2,7z,aac,m4a,mp3,mp4,ogg,wav,wma,3gp,avi,flv,m4v,mkv,mov,mpeg,mpg,wmv,exe,iso,dmg,swf,woff,woff2" "yes"
     fi
 fi
 
@@ -111,5 +112,5 @@ chown -R $user:$user $WORKINGDIR
 
 rm -rf /home/$user/wp
 
-echo "create_wp: Done."
+echo "create_wp_https: Done."
 exit 0

From abacfa71b9e569b86a5f7fd417e0d75e21d4a390 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 2 Feb 2020 15:34:26 +0100
Subject: [PATCH 0814/2300] Update create_wp_https

---
 src/deb/for-download/tools/create_wp_https | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/deb/for-download/tools/create_wp_https b/src/deb/for-download/tools/create_wp_https
index a375af27..edfb58c5 100644
--- a/src/deb/for-download/tools/create_wp_https
+++ b/src/deb/for-download/tools/create_wp_https
@@ -42,6 +42,9 @@ if [ -f "/home/$user/conf/web/ssl.$domain.pem" ]; then
     if [ -f "/usr/local/vesta/data/templates/web/nginx/force-https.stpl" ]; then
         v-change-web-domain-proxy-tpl  "$user" "$domain" "force-https" "jpeg,jpg,png,gif,bmp,ico,svg,tif,tiff,css,js,ttf,otf,webp,txt,csv,rtf,doc,docx,xls,xlsx,ppt,pptx,odf,odp,ods,odt,pdf,psd,ai,eot,eps,ps,zip,tar,tgz,gz,rar,bz2,7z,aac,m4a,mp3,mp4,ogg,wav,wma,3gp,avi,flv,m4v,mkv,mov,mpeg,mpg,wmv,exe,iso,dmg,swf,woff,woff2" "yes"
     fi
+else
+    echo "Error: Can not generate SSL."
+    exit 20
 fi
 
 WORKINGDIR="/home/$user/web/$domain/public_html"

From ee308a3f4f3a617b856e8388582da811e2c827e9 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 2 Feb 2020 16:55:46 +0100
Subject: [PATCH 0815/2300] Create v-migrate-site-to-https

---
 .../tools/v-migrate-site-to-https             | 172 ++++++++++++++++++
 1 file changed, 172 insertions(+)
 create mode 100644 src/deb/for-download/tools/v-migrate-site-to-https

diff --git a/src/deb/for-download/tools/v-migrate-site-to-https b/src/deb/for-download/tools/v-migrate-site-to-https
new file mode 100644
index 00000000..ede8f926
--- /dev/null
+++ b/src/deb/for-download/tools/v-migrate-site-to-https
@@ -0,0 +1,172 @@
+#!/bin/bash
+
+# Tool that will replace http to https URLs in database, install SSL and switch to force-https proxy template
+# Automatic detection of WordPress, automaticaly read DB user, DB name and DB pass.
+
+if [ $# -lt 1 ]; then
+    echo "USAGE: v-migrate-site-to-https DOMAIN [DATABASE_NAME] [DATABASE_USERNAME] [DATABASE_PASSWORD]"
+    exit 1
+fi
+
+FROM_DOMAIN=''
+FROM_DATABASE_NAME=''
+FROM_DATABASE_USERNAME=''
+FROM_DATABASE_PASSWORD=''
+
+if [ -z "$VESTA" ]; then
+    VESTA="/usr/local/vesta"
+fi
+
+if [ -z "$1" ]; then
+    echo "Error: DOMAIN is empty"
+    exit 2
+fi
+
+FROM_DOMAIN=$1
+FROM_USER=$($VESTA/bin/v-search-domain-owner "$FROM_DOMAIN")
+if [ -z "$FROM_USER" ]; then
+    echo "Error: domain $FROM_DOMAIN does not exists"
+    exit 4
+fi
+
+FROM_FOLDER="/home/$FROM_USER/web/$FROM_DOMAIN/public_html"
+CHECK_PUBLIC_SHTML=$($VESTA/bin/v-list-web-domain "$FROM_USER" "$FROM_DOMAIN" | grep 'SSL:' | grep -c 'single')
+if [ $CHECK_PUBLIC_SHTML -eq 1 ]; then
+    FROM_FOLDER="/home/$FROM_USER/web/$FROM_DOMAIN/public_shtml"
+fi
+
+FROM_CONFIG_FILE="wp-config.php"
+FROM_CONFIG_FILE_FULL_PATH="$FROM_FOLDER/$FROM_CONFIG_FILE"
+if [ ! -f "$FROM_CONFIG_FILE_FULL_PATH" ]; then
+    echo "Error: CONFIG_FILE_FULL_PATH $FROM_CONFIG_FILE_FULL_PATH does not exists"
+    exit 5
+fi
+
+IT_IS_WP=0
+if [ -f "$FROM_FOLDER/wp-config.php" ]; then
+    IT_IS_WP=1
+fi
+
+if [ $IT_IS_WP -eq 1 ]; then
+    FROM_DATABASE_NAME=$(grep 'DB_NAME' $FROM_CONFIG_FILE_FULL_PATH | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
+    FROM_DATABASE_USERNAME=$(grep 'DB_USER' $FROM_CONFIG_FILE_FULL_PATH | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
+    FROM_DATABASE_PASSWORD=$(grep 'DB_PASSWORD' $FROM_CONFIG_FILE_FULL_PATH | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
+fi
+if [ $# -ge 2 ]; then
+    if [ ! -z "$2" ]; then
+        FROM_DATABASE_NAME=$3
+    fi
+fi
+if [ $# -ge 3 ]; then
+    if [ ! -z "$3" ]; then
+        FROM_DATABASE_USERNAME=$4
+    fi
+fi
+if [ $# -ge 4 ]; then
+    if [ ! -z "$4" ]; then
+        FROM_DATABASE_PASSWORD=$5
+    fi
+fi
+if [ -z "$FROM_DATABASE_NAME" ]; then
+    echo "Error: DATABASE_NAME $FROM_DATABASE_NAME is empty"
+    exit 6
+fi
+if [ -z "$FROM_DATABASE_USERNAME" ]; then
+    echo "Error: DATABASE_USERNAME $FROM_DATABASE_USERNAME is empty"
+    exit 7
+fi
+if [ -z "$FROM_DATABASE_PASSWORD" ]; then
+    echo "Error: DATABASE_PASSWORD $FROM_DATABASE_PASSWORD is empty"
+    exit 8
+fi
+
+object=$(grep "DB='$FROM_DATABASE_NAME'" $VESTA/data/users/$FROM_USER/db.conf)
+if [ -z "$object" ]; then
+    echo "Error: database $FROM_DATABASE_NAME does not exists"
+    exit 9
+fi
+
+# ----------- CHECK -------------
+
+FROM_REPLACE1="http://$FROM_DOMAIN"
+TO_REPLACE1="https://$FROM_DOMAIN"
+FROM_REPLACE2="http://www.$FROM_DOMAIN"
+TO_REPLACE2="https://www.$FROM_DOMAIN"
+
+if [ $IT_IS_WP -eq 0 ]; then
+    if [ ! -f "/root/Search-Replace-DB-master/srdb.cli.php" ]; then
+        echo "Please download https://interconnectit.com/products/search-and-replace-for-wordpress-databases/ and extract to /root/Search-Replace-DB-master/"
+        exit 13
+    fi
+    if [ ! -f "/usr/bin/php7.0" ]; then
+        echo "Please download https://c.myvestacp.com/tools/multi-php-install.sh and install php 7.0"
+        exit 14
+    fi
+else
+    if [ ! -f "/usr/local/bin/wp" ]; then
+        echo "=== Downloading latest wp-cli"
+        wget -nv https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar -O /usr/local/bin/wp
+        chmod +x /usr/local/bin/wp
+    fi
+fi
+
+
+# ----------- PRINT -------------
+
+
+echo "==============================================================================="
+echo "FROM_REPLACE1 = $FROM_REPLACE1"
+echo "TO_REPLACE1   = $TO_REPLACE1"
+echo "FROM_REPLACE2 = $FROM_REPLACE2"
+echo "TO_REPLACE2   = $TO_REPLACE2"
+echo "----"
+echo "FROM_DOMAIN = $FROM_DOMAIN"
+echo "FROM_USER = $FROM_USER"
+echo "FROM_FOLDER = $FROM_FOLDER"
+echo "IT_IS_WP = $IT_IS_WP"
+echo "FROM_CONFIG_FILE_FULL_PATH = $FROM_CONFIG_FILE_FULL_PATH"
+echo "FROM_DATABASE_NAME = $FROM_DATABASE_NAME"
+echo "FROM_DATABASE_USERNAME = $FROM_DATABASE_USERNAME"
+echo "FROM_DATABASE_PASSWORD = $FROM_DATABASE_PASSWORD"
+echo "==============================================================================="
+read -p "=== Press Enter to continue ==="
+
+
+# ----------- ACTION -------------
+
+domain=$FROM_DOMAIN
+user=$FROM_USER
+
+if [ ! -f "/home/$user/conf/web/ssl.$domain.pem" ]; then
+    v-add-letsencrypt-domain "$user" "$domain" "www.$domain" "yes"
+fi
+if [ -f "/home/$user/conf/web/ssl.$domain.pem" ]; then
+    if [ -f "/usr/local/vesta/data/templates/web/nginx/force-https.stpl" ]; then
+        v-change-web-domain-proxy-tpl  "$user" "$domain" "force-https" "jpeg,jpg,png,gif,bmp,ico,svg,tif,tiff,css,js,ttf,otf,webp,txt,csv,rtf,doc,docx,xls,xlsx,ppt,pptx,odf,odp,ods,odt,pdf,psd,ai,eot,eps,ps,zip,tar,tgz,gz,rar,bz2,7z,aac,m4a,mp3,mp4,ogg,wav,wma,3gp,avi,flv,m4v,mkv,mov,mpeg,mpg,wmv,exe,iso,dmg,swf,woff,woff2" "yes"
+    fi
+else
+    echo "Error: Can not generate SSL."
+    exit 20
+fi
+
+echo "=== Replacing $FROM_REPLACE1 to $TO_REPLACE1 in folder $TO_FOLDER"
+grep -rl "$FROM_DOMAIN" $FROM_FOLDER | xargs sed -i "s#$FROM_REPLACE1#$TO_REPLACE1#g"
+
+echo "=== Replacing $FROM_REPLACE2 to $TO_REPLACE2 in folder $TO_FOLDER"
+grep -rl "$FROM_DOMAIN" $FROM_FOLDER | xargs sed -i "s#$FROM_REPLACE2#$TO_REPLACE2#g"
+
+if [ $IT_IS_WP -eq 0 ]; then
+    echo "=== Replacing $FROM_REPLACE1 to $TO_REPLACE1 in database $FROM_DATABASE_NAME"
+    php7.0 /root/Search-Replace-DB-master/srdb.cli.php -h localhost -n "$FROM_DATABASE_NAME" -u "$FROM_DATABASE_USERNAME" -p "$FROM_DATABASE_PASSWORD" -s "$FROM_REPLACE1" -r "$TO_REPLACE1"
+    echo "=== Replacing $FROM_REPLACE2 to $TO_REPLACE2 in database $FROM_DATABASE_NAME"
+    php7.0 /root/Search-Replace-DB-master/srdb.cli.php -h localhost -n "$FROM_DATABASE_NAME" -u "$FROM_DATABASE_USERNAME" -p "$FROM_DATABASE_PASSWORD" -s "$FROM_REPLACE2" -r "$TO_REPLACE2"
+else
+    cd $FROM_FOLDER
+    echo "=== Replacing $FROM_REPLACE1 to $TO_REPLACE1 in database $FROM_DATABASE_NAME"
+    sudo -H -u$FROM_USER wp search-replace "$FROM_REPLACE1" "$TO_REPLACE1" --precise --all-tables --skip-columns=guid
+    echo "=== Replacing $FROM_REPLACE2 to $TO_REPLACE2 in database $FROM_DATABASE_NAME"
+    sudo -H -u$FROM_USER wp search-replace "$FROM_REPLACE2" "$TO_REPLACE2" --precise --all-tables --skip-columns=guid
+fi
+
+echo "===== DONE ===="
+echo "You can visit $TO_REPLACE1"

From 14cb0a988dfcc3762af3e8da129dc521b018c6cf Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Mon, 3 Feb 2020 11:13:21 +0100
Subject: [PATCH 0816/2300] Exim compatibility with Loopia

---
 install/debian/10/exim/exim4.conf.template | 1 +
 1 file changed, 1 insertion(+)

diff --git a/install/debian/10/exim/exim4.conf.template b/install/debian/10/exim/exim4.conf.template
index c1f285ea..95e9bc48 100644
--- a/install/debian/10/exim/exim4.conf.template
+++ b/install/debian/10/exim/exim4.conf.template
@@ -310,6 +310,7 @@ remote_smtp:
   dkim_private_key = DKIM_PRIVATE_KEY
   dkim_canon = relaxed
   dkim_strict = 0
+  hosts_try_chunking = !93.188.3.0/24
 
 procmail:
   driver = pipe

From dc00af4d6111708242bd531399b7fdcb57323158 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Mon, 3 Feb 2020 11:16:37 +0100
Subject: [PATCH 0817/2300] Exim compatibility with Loopia

---
 .../for-download/tools/exim-without-limits/exim4.conf.template  | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/deb/for-download/tools/exim-without-limits/exim4.conf.template b/src/deb/for-download/tools/exim-without-limits/exim4.conf.template
index a973039f..dcc889fe 100644
--- a/src/deb/for-download/tools/exim-without-limits/exim4.conf.template
+++ b/src/deb/for-download/tools/exim-without-limits/exim4.conf.template
@@ -4,6 +4,7 @@
 #                                                                    #
 ######################################################################
 
+# Uncomment these 3 lines if you have ClamAV or Spamassassin
 #SPAMASSASSIN = yes
 #SPAM_SCORE = 50
 #CLAMD =  yes
@@ -293,6 +294,7 @@ remote_smtp:
   dkim_private_key = DKIM_PRIVATE_KEY
   dkim_canon = relaxed
   dkim_strict = 0
+  hosts_try_chunking = !93.188.3.0/24
 
 procmail:
   driver = pipe

From 97d3fc3be22fc8fca08b34e4345dc99e28ba747c Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 4 Feb 2020 11:20:57 +0100
Subject: [PATCH 0818/2300] Update hosting-webmail-phpmyadmin.tpl

---
 .../10/templates/web/nginx/hosting-webmail-phpmyadmin.tpl     | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.tpl b/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.tpl
index 7085e047..5f601672 100644
--- a/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.tpl
+++ b/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.tpl
@@ -16,7 +16,7 @@ server {
 
     location /webmail {
         disable_symlinks off;
-        proxy_pass      https://%ip%:%web_ssl_port%;
+        proxy_pass      http://%ip%:%web_port%;
         location ~* ^.+\.(%proxy_extentions%)$ {
             root           /var/lib/roundcube;
             access_log     /var/log/%web_system%/domains/%domain%.log combined;
@@ -28,7 +28,7 @@ server {
 
     location /phpmyadmin {
         disable_symlinks off;
-        proxy_pass      https://%ip%:%web_ssl_port%;
+        proxy_pass      http://%ip%:%web_port%;
         location ~* ^.+\.(%proxy_extentions%)$ {
             root           /usr/share;
             access_log     /var/log/%web_system%/domains/%domain%.log combined;

From 9224872c5cb7f6880a35cf6c60f40389924616d3 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 4 Feb 2020 11:24:59 +0100
Subject: [PATCH 0819/2300] Update main.inc.php

---
 install/debian/10/roundcube/main.inc.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/debian/10/roundcube/main.inc.php b/install/debian/10/roundcube/main.inc.php
index 97cdbf2d..55a4e082 100644
--- a/install/debian/10/roundcube/main.inc.php
+++ b/install/debian/10/roundcube/main.inc.php
@@ -209,7 +209,7 @@ $rcmail_config['message_cache_lifetime'] = '10d';
 // enforce connections over https
 // with this option enabled, all non-secure connections will be redirected.
 // set the port for the ssl connection as value of this option if it differs from the default 443
-$rcmail_config['force_https'] = false;
+$rcmail_config['force_https'] = true;
 
 // tell PHP that it should work as under secure connection
 // even if it doesn't recognize it as secure ($_SERVER['HTTPS'] is not set)

From 341e7d65997e88a187bc0d355db9ba658af0db9d Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Thu, 6 Feb 2020 19:34:48 +0100
Subject: [PATCH 0820/2300] php5.6.patch

---
 src/deb/for-download/tools/php5.6.patch | 84 +++++++++++++++++++++++++
 1 file changed, 84 insertions(+)
 create mode 100644 src/deb/for-download/tools/php5.6.patch

diff --git a/src/deb/for-download/tools/php5.6.patch b/src/deb/for-download/tools/php5.6.patch
new file mode 100644
index 00000000..ab103618
--- /dev/null
+++ b/src/deb/for-download/tools/php5.6.patch
@@ -0,0 +1,84 @@
+--- origin/etc/php/5.6/fpm/php.ini	2016-10-03 13:42:37.000000000 +0200
++++ vesta/etc/php/5.6/fpm/php.ini	2016-09-30 14:10:49.000000000 +0200
+@@ -295,12 +295,13 @@
+ ; and below.  This directive makes most sense if used in a per-directory
+ ; or per-virtualhost web server configuration file.
+ ; http://php.net/open-basedir
+-;open_basedir =
++;open_basedir = 
+ 
+ ; This directive allows you to disable certain functions for security reasons.
+ ; It receives a comma-delimited list of function names.
+ ; http://php.net/disable-functions
+-disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
++; disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
++disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,exec,system,passthru,shell_exec,proc_open,popen
+ 
+ ; This directive allows you to disable certain classes for security reasons.
+ ; It receives a comma-delimited list of class names.
+@@ -386,7 +387,7 @@
+ ;max_input_nesting_level = 64
+ 
+ ; How many GET/POST/COOKIE input variables may be accepted
+-; max_input_vars = 1000
++max_input_vars = 6000
+ 
+ ; Maximum amount of memory a script may consume (128MB)
+ ; http://php.net/memory-limit
+@@ -657,7 +658,7 @@
+ ; Its value may be 0 to disable the limit. It is ignored if POST data reading
+ ; is disabled through enable_post_data_reading.
+ ; http://php.net/post-max-size
+-post_max_size = 8M
++post_max_size = 60M
+ 
+ ; Automatically add files before PHP document.
+ ; http://php.net/auto-prepend-file
+@@ -802,11 +803,11 @@
+ ; Temporary directory for HTTP uploaded files (will use system default if not
+ ; specified).
+ ; http://php.net/upload-tmp-dir
+-;upload_tmp_dir =
++upload_tmp_dir = 
+ 
+ ; Maximum allowed size for uploaded files.
+ ; http://php.net/upload-max-filesize
+-upload_max_filesize = 2M
++upload_max_filesize = 50M
+ 
+ ; Maximum number of files that can be uploaded via a single request
+ max_file_uploads = 20
+@@ -993,7 +994,7 @@
+ 
+ ; The path to a log file that will log all mail() calls. Log entries include
+ ; the full path of the script, line number, To address and headers.
+-;mail.log =
++mail.log = /var/log/php-mail.log
+ ; Log mail to syslog (Event Log on Windows).
+ ;mail.log = syslog
+ 
+@@ -1903,20 +1903,20 @@
+ 
+ [opcache]
+ ; Determines if Zend OPCache is enabled
+-;opcache.enable=0
++opcache.enable=1
+ 
+ ; Determines if Zend OPCache is enabled for the CLI version of PHP
+-;opcache.enable_cli=0
++opcache.enable_cli=0
+ 
+ ; The OPcache shared memory storage size.
+-;opcache.memory_consumption=64
++opcache.memory_consumption=2048
+ 
+ ; The amount of memory for interned strings in Mbytes.
+ ;opcache.interned_strings_buffer=4
+ 
+ ; The maximum number of keys (scripts) in the OPcache hash table.
+ ; Only numbers between 200 and 100000 are allowed.
+-;opcache.max_accelerated_files=2000
++opcache.max_accelerated_files=100000
+ 
+ ; The maximum percentage of "wasted" memory until a restart is scheduled.
+ ;opcache.max_wasted_percentage=5

From b6379cf8ff1481fdc3b3534c1a6b53423597f0a9 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Thu, 6 Feb 2020 19:41:23 +0100
Subject: [PATCH 0821/2300] php5.6 php.ini fix

---
 src/deb/for-download/tools/multi-php-install.sh | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/deb/for-download/tools/multi-php-install.sh b/src/deb/for-download/tools/multi-php-install.sh
index 059fc217..7d2c559a 100644
--- a/src/deb/for-download/tools/multi-php-install.sh
+++ b/src/deb/for-download/tools/multi-php-install.sh
@@ -105,7 +105,10 @@ wget -nv https://c.myvestacp.com/tools/apache-fpm-tpl/PHP-FPM-56.stpl -O /usr/lo
 wget -nv https://c.myvestacp.com/tools/apache-fpm-tpl/PHP-FPM-56.tpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-56.tpl
 wget -nv https://c.myvestacp.com/tools/apache-fpm-tpl/PHP-FPM-56.sh -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-56.sh
 chmod a+x /usr/local/vesta/data/templates/web/apache2/PHP-FPM-56.sh
-patch -p1 --directory=/ < /root/vesta-temp-dl/vesta/patch/php5-deb9.patch
+mkdir -p /root/vesta-temp-dl/vesta/patch
+wget -nv https://c.myvestacp.com/tools/php5.6.patch -O /root/vesta-temp-dl/vesta/patch/php5.6.patch
+patch -p1 --directory=/ < /root/vesta-temp-dl/vesta/patch/php5.6.patch
+rm -rf /root/vesta-temp-dl
 press_enter "=== Press enter to continue ==============================================================================="
 fi
 

From d4de5165b1bab7763f690c1b8126a7b7f9f2da4d Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Thu, 6 Feb 2020 19:54:35 +0100
Subject: [PATCH 0822/2300] Create php5.6.patch

---
 .../for-download/tools/patches/php5.6.patch   | 84 +++++++++++++++++++
 1 file changed, 84 insertions(+)
 create mode 100644 src/deb/for-download/tools/patches/php5.6.patch

diff --git a/src/deb/for-download/tools/patches/php5.6.patch b/src/deb/for-download/tools/patches/php5.6.patch
new file mode 100644
index 00000000..ab103618
--- /dev/null
+++ b/src/deb/for-download/tools/patches/php5.6.patch
@@ -0,0 +1,84 @@
+--- origin/etc/php/5.6/fpm/php.ini	2016-10-03 13:42:37.000000000 +0200
++++ vesta/etc/php/5.6/fpm/php.ini	2016-09-30 14:10:49.000000000 +0200
+@@ -295,12 +295,13 @@
+ ; and below.  This directive makes most sense if used in a per-directory
+ ; or per-virtualhost web server configuration file.
+ ; http://php.net/open-basedir
+-;open_basedir =
++;open_basedir = 
+ 
+ ; This directive allows you to disable certain functions for security reasons.
+ ; It receives a comma-delimited list of function names.
+ ; http://php.net/disable-functions
+-disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
++; disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
++disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,exec,system,passthru,shell_exec,proc_open,popen
+ 
+ ; This directive allows you to disable certain classes for security reasons.
+ ; It receives a comma-delimited list of class names.
+@@ -386,7 +387,7 @@
+ ;max_input_nesting_level = 64
+ 
+ ; How many GET/POST/COOKIE input variables may be accepted
+-; max_input_vars = 1000
++max_input_vars = 6000
+ 
+ ; Maximum amount of memory a script may consume (128MB)
+ ; http://php.net/memory-limit
+@@ -657,7 +658,7 @@
+ ; Its value may be 0 to disable the limit. It is ignored if POST data reading
+ ; is disabled through enable_post_data_reading.
+ ; http://php.net/post-max-size
+-post_max_size = 8M
++post_max_size = 60M
+ 
+ ; Automatically add files before PHP document.
+ ; http://php.net/auto-prepend-file
+@@ -802,11 +803,11 @@
+ ; Temporary directory for HTTP uploaded files (will use system default if not
+ ; specified).
+ ; http://php.net/upload-tmp-dir
+-;upload_tmp_dir =
++upload_tmp_dir = 
+ 
+ ; Maximum allowed size for uploaded files.
+ ; http://php.net/upload-max-filesize
+-upload_max_filesize = 2M
++upload_max_filesize = 50M
+ 
+ ; Maximum number of files that can be uploaded via a single request
+ max_file_uploads = 20
+@@ -993,7 +994,7 @@
+ 
+ ; The path to a log file that will log all mail() calls. Log entries include
+ ; the full path of the script, line number, To address and headers.
+-;mail.log =
++mail.log = /var/log/php-mail.log
+ ; Log mail to syslog (Event Log on Windows).
+ ;mail.log = syslog
+ 
+@@ -1903,20 +1903,20 @@
+ 
+ [opcache]
+ ; Determines if Zend OPCache is enabled
+-;opcache.enable=0
++opcache.enable=1
+ 
+ ; Determines if Zend OPCache is enabled for the CLI version of PHP
+-;opcache.enable_cli=0
++opcache.enable_cli=0
+ 
+ ; The OPcache shared memory storage size.
+-;opcache.memory_consumption=64
++opcache.memory_consumption=2048
+ 
+ ; The amount of memory for interned strings in Mbytes.
+ ;opcache.interned_strings_buffer=4
+ 
+ ; The maximum number of keys (scripts) in the OPcache hash table.
+ ; Only numbers between 200 and 100000 are allowed.
+-;opcache.max_accelerated_files=2000
++opcache.max_accelerated_files=100000
+ 
+ ; The maximum percentage of "wasted" memory until a restart is scheduled.
+ ;opcache.max_wasted_percentage=5

From 10a86e2458799e8c74426cb05d9a202f7af85822 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Thu, 6 Feb 2020 19:55:12 +0100
Subject: [PATCH 0823/2300] Delete php5.6.patch

---
 src/deb/for-download/tools/php5.6.patch | 84 -------------------------
 1 file changed, 84 deletions(-)
 delete mode 100644 src/deb/for-download/tools/php5.6.patch

diff --git a/src/deb/for-download/tools/php5.6.patch b/src/deb/for-download/tools/php5.6.patch
deleted file mode 100644
index ab103618..00000000
--- a/src/deb/for-download/tools/php5.6.patch
+++ /dev/null
@@ -1,84 +0,0 @@
---- origin/etc/php/5.6/fpm/php.ini	2016-10-03 13:42:37.000000000 +0200
-+++ vesta/etc/php/5.6/fpm/php.ini	2016-09-30 14:10:49.000000000 +0200
-@@ -295,12 +295,13 @@
- ; and below.  This directive makes most sense if used in a per-directory
- ; or per-virtualhost web server configuration file.
- ; http://php.net/open-basedir
--;open_basedir =
-+;open_basedir = 
- 
- ; This directive allows you to disable certain functions for security reasons.
- ; It receives a comma-delimited list of function names.
- ; http://php.net/disable-functions
--disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
-+; disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
-+disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,exec,system,passthru,shell_exec,proc_open,popen
- 
- ; This directive allows you to disable certain classes for security reasons.
- ; It receives a comma-delimited list of class names.
-@@ -386,7 +387,7 @@
- ;max_input_nesting_level = 64
- 
- ; How many GET/POST/COOKIE input variables may be accepted
--; max_input_vars = 1000
-+max_input_vars = 6000
- 
- ; Maximum amount of memory a script may consume (128MB)
- ; http://php.net/memory-limit
-@@ -657,7 +658,7 @@
- ; Its value may be 0 to disable the limit. It is ignored if POST data reading
- ; is disabled through enable_post_data_reading.
- ; http://php.net/post-max-size
--post_max_size = 8M
-+post_max_size = 60M
- 
- ; Automatically add files before PHP document.
- ; http://php.net/auto-prepend-file
-@@ -802,11 +803,11 @@
- ; Temporary directory for HTTP uploaded files (will use system default if not
- ; specified).
- ; http://php.net/upload-tmp-dir
--;upload_tmp_dir =
-+upload_tmp_dir = 
- 
- ; Maximum allowed size for uploaded files.
- ; http://php.net/upload-max-filesize
--upload_max_filesize = 2M
-+upload_max_filesize = 50M
- 
- ; Maximum number of files that can be uploaded via a single request
- max_file_uploads = 20
-@@ -993,7 +994,7 @@
- 
- ; The path to a log file that will log all mail() calls. Log entries include
- ; the full path of the script, line number, To address and headers.
--;mail.log =
-+mail.log = /var/log/php-mail.log
- ; Log mail to syslog (Event Log on Windows).
- ;mail.log = syslog
- 
-@@ -1903,20 +1903,20 @@
- 
- [opcache]
- ; Determines if Zend OPCache is enabled
--;opcache.enable=0
-+opcache.enable=1
- 
- ; Determines if Zend OPCache is enabled for the CLI version of PHP
--;opcache.enable_cli=0
-+opcache.enable_cli=0
- 
- ; The OPcache shared memory storage size.
--;opcache.memory_consumption=64
-+opcache.memory_consumption=2048
- 
- ; The amount of memory for interned strings in Mbytes.
- ;opcache.interned_strings_buffer=4
- 
- ; The maximum number of keys (scripts) in the OPcache hash table.
- ; Only numbers between 200 and 100000 are allowed.
--;opcache.max_accelerated_files=2000
-+opcache.max_accelerated_files=100000
- 
- ; The maximum percentage of "wasted" memory until a restart is scheduled.
- ;opcache.max_wasted_percentage=5

From 0aba1ce1487f3a89962a97f33cb3e7d1b6bf8c98 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Thu, 6 Feb 2020 19:56:20 +0100
Subject: [PATCH 0824/2300] Update multi-php-install.sh

---
 src/deb/for-download/tools/multi-php-install.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/for-download/tools/multi-php-install.sh b/src/deb/for-download/tools/multi-php-install.sh
index 7d2c559a..2d8658c7 100644
--- a/src/deb/for-download/tools/multi-php-install.sh
+++ b/src/deb/for-download/tools/multi-php-install.sh
@@ -106,7 +106,7 @@ wget -nv https://c.myvestacp.com/tools/apache-fpm-tpl/PHP-FPM-56.tpl -O /usr/loc
 wget -nv https://c.myvestacp.com/tools/apache-fpm-tpl/PHP-FPM-56.sh -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-56.sh
 chmod a+x /usr/local/vesta/data/templates/web/apache2/PHP-FPM-56.sh
 mkdir -p /root/vesta-temp-dl/vesta/patch
-wget -nv https://c.myvestacp.com/tools/php5.6.patch -O /root/vesta-temp-dl/vesta/patch/php5.6.patch
+wget -nv https://c.myvestacp.com/tools/patches/php5.6.patch -O /root/vesta-temp-dl/vesta/patch/php5.6.patch
 patch -p1 --directory=/ < /root/vesta-temp-dl/vesta/patch/php5.6.patch
 rm -rf /root/vesta-temp-dl
 press_enter "=== Press enter to continue ==============================================================================="

From 3ea0bbaa3b2647f5c9798c4a2cc4981f3ec19e7e Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Thu, 6 Feb 2020 20:17:27 +0100
Subject: [PATCH 0825/2300] rcube_vcard.patch

---
 src/deb/for-download/tools/patches/rcube_vcard.patch | 11 +++++++++++
 1 file changed, 11 insertions(+)
 create mode 100644 src/deb/for-download/tools/patches/rcube_vcard.patch

diff --git a/src/deb/for-download/tools/patches/rcube_vcard.patch b/src/deb/for-download/tools/patches/rcube_vcard.patch
new file mode 100644
index 00000000..0a6cea15
--- /dev/null
+++ b/src/deb/for-download/tools/patches/rcube_vcard.patch
@@ -0,0 +1,11 @@
+--- /usr/share/roundcube/program/lib/Roundcube/rcube_vcard.php	2018-10-23 13:12:54.000000000 +0200
++++ /usr/share/roundcube/program/lib/Roundcube/rcube_vcard.php2	2020-02-06 01:03:34.000000000 +0100
+@@ -536,7 +536,7 @@
+                 '/^item\d*\.X-AB.*$/mi',  // remove cruft like item1.X-AB*
+                 '/^item\d*\./mi',         // remove item1.ADR instead of ADR
+                 '/\n+/',                 // remove empty lines
+-                '/^(N:[^;\R]*)$/m',      // if N doesn't have any semicolons, add some
++                '/^(N:[^;\r\n]*)$/m',      // if N doesn't have any semicolons, add some
+             ),
+             array(
+                 '\2;type=\5\3:\4',

From 304059a759fd33a28bafbe52010228cea96716f3 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Thu, 6 Feb 2020 20:36:09 +0100
Subject: [PATCH 0826/2300] Patching rcube_vcard.php in installer

---
 install/vst-install-debian.sh | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index b7374390..3766d031 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1530,6 +1530,10 @@ if [ "$release" -eq 10 ]; then
   service php7.3-fpm restart
 fi
 
+echo "=== Patching rcube_vcard.php"
+wget -nv https://c.myvestacp.com/tools/patches/rcube_vcard.patch -O /root/rcube_vcard.patch
+patch /usr/share/roundcube/program/lib/Roundcube/rcube_vcard.php < /root/rcube_vcard.patch
+
 # Comparing hostname and ip
 make_ssl=0
 host_ip=$(host $servername | head -n 1 | awk '{print $NF}')

From d050146fab5ae937323182d24e394471b7cefc37 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Fri, 7 Feb 2020 13:21:22 +0100
Subject: [PATCH 0827/2300] Update v-clone-website

---
 src/deb/for-download/tools/v-clone-website | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/src/deb/for-download/tools/v-clone-website b/src/deb/for-download/tools/v-clone-website
index 7c6ba6ae..2efc285e 100644
--- a/src/deb/for-download/tools/v-clone-website
+++ b/src/deb/for-download/tools/v-clone-website
@@ -267,7 +267,7 @@ echo "=== Importing to database $TO_DATABASE_NAME"
 mysql $TO_DATABASE_NAME < $FROM_DATABASE_NAME.sql
 
 echo "=== Copying files from $FROM_FOLDER to folder $TO_FOLDER"
-rsync -a $FROM_FOLDER/ $TO_FOLDER/
+rsync -a --delete $FROM_FOLDER/ $TO_FOLDER/
 echo "=== Chowning to  $TO_USER:$TO_USER in folder $TO_FOLDER"
 chown -R $TO_USER:$TO_USER $TO_FOLDER
 
@@ -287,10 +287,6 @@ if [ $IT_IS_WP -eq 0 ]; then
 else
     cd $TO_FOLDER
     sudo -H -u$TO_USER wp search-replace "$FROM_DOMAIN" "$TO_DOMAIN" --precise --all-tables --skip-columns=guid
-    if [ -f "$TO_FOLDER/index.html" ]; then
-        echo "=== Removing $TO_FOLDER/index.html"
-        rm $TO_FOLDER/index.html
-    fi
 fi
 
 echo "===== DONE ===="

From 4856aeca8523e38da24a8637156bc960f5ec5813 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Mon, 10 Feb 2020 21:11:32 +0100
Subject: [PATCH 0828/2300] Update admin

---
 install/debian/10/sudo/admin | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/debian/10/sudo/admin b/install/debian/10/sudo/admin
index 4226bdd4..331fa1f2 100644
--- a/install/debian/10/sudo/admin
+++ b/install/debian/10/sudo/admin
@@ -4,5 +4,5 @@ Defaults:admin !syslog
 Defaults:admin !requiretty
 Defaults:root !requiretty
 
-admin   ALL=(ALL)       ALL
+# sudo is limited to vesta scripts
 admin   ALL=NOPASSWD:/usr/local/vesta/bin/*

From 5bbb8f951d031fb618d9f2e4603bdd244bcfe989 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Mon, 10 Feb 2020 21:15:30 +0100
Subject: [PATCH 0829/2300] sudoers fix

---
 src/deb/vesta/postinst | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index bca5865c..07499875 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -10,6 +10,12 @@ if [ -x "/root/vesta-patch.sh" ]; then
     /root/vesta-patch.sh
 fi
 
+# sudoers fix
+if [ -e "/etc/sudoers.d/admin" ]; then
+    sed -i "s/admin.*ALL=(ALL).*/# sudo is limited to vesta scripts/" \
+        /etc/sudoers.d/admin
+fi
+
 check_apt=$(grep -c 'vesta.hostingpanel.dev' /etc/apt/sources.list.d/vesta.list)
 if [ "$check_apt" -eq 1 ]; then
     wget -O - http://apt.myvestacp.com/deb_signing.key | sudo apt-key add -

From b01fd9b9a1729aa2b01a2691b967f323f448c0b2 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Mon, 10 Feb 2020 22:09:59 +0100
Subject: [PATCH 0830/2300] version up

---
 src/deb/vesta/control | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/vesta/control b/src/deb/vesta/control
index 75720ec5..638399fb 100644
--- a/src/deb/vesta/control
+++ b/src/deb/vesta/control
@@ -1,7 +1,7 @@
 Source: vesta
 Package: vesta
 Priority: optional
-Version: 0.9.8-26-4
+Version: 0.9.8-26-5
 Section: admin
 Maintainer: Predrag Damnjanovic 
 Homepage: http://myvestacp.com

From f19e0d49eb496245e0c39456b5ffa175e7c9f329 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Mon, 10 Feb 2020 22:10:48 +0100
Subject: [PATCH 0831/2300] version up

---
 src/deb/latest.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/latest.txt b/src/deb/latest.txt
index 1edb2e24..41001021 100644
--- a/src/deb/latest.txt
+++ b/src/deb/latest.txt
@@ -1 +1 @@
-vesta-0.9.8-26-4
+vesta-0.9.8-26-5

From 6713f75f93176e669195a4452a9adcd8ca8e36ac Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Mon, 10 Feb 2020 22:11:28 +0100
Subject: [PATCH 0832/2300] version up

---
 src/deb/vesta_compile.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/vesta_compile.sh b/src/deb/vesta_compile.sh
index 1140f1a6..81b0886c 100644
--- a/src/deb/vesta_compile.sh
+++ b/src/deb/vesta_compile.sh
@@ -9,7 +9,7 @@ add_deb_to_apt_repo=0
 
 TARGET_DEB_NAME='buster'
 TARGET_DEB_VER='10'
-VESTA_VER='0.9.8-26-4'
+VESTA_VER='0.9.8-26-5'
 
 run_apt_update_and_install=1
 wait_to_press_enter=1

From 88d149ac9a8899b61d3ef1870065100d0dac7616 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Mon, 10 Feb 2020 23:17:57 +0100
Subject: [PATCH 0833/2300] Update v-migrate-site-to-https

---
 src/deb/for-download/tools/v-migrate-site-to-https | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/deb/for-download/tools/v-migrate-site-to-https b/src/deb/for-download/tools/v-migrate-site-to-https
index ede8f926..cba3b7d7 100644
--- a/src/deb/for-download/tools/v-migrate-site-to-https
+++ b/src/deb/for-download/tools/v-migrate-site-to-https
@@ -49,6 +49,11 @@ fi
 
 if [ $IT_IS_WP -eq 1 ]; then
     FROM_DATABASE_NAME=$(grep 'DB_NAME' $FROM_CONFIG_FILE_FULL_PATH | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
+    if [ -z "FROM_DATABASE_NAME" ]; then
+        sed -i "s|('|( '|g" $FROM_CONFIG_FILE_FULL_PATH
+        sed -i "s|');|' );|g" $FROM_CONFIG_FILE_FULL_PATH
+        FROM_DATABASE_NAME=$(grep 'DB_NAME' $FROM_CONFIG_FILE_FULL_PATH | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
+    fi
     FROM_DATABASE_USERNAME=$(grep 'DB_USER' $FROM_CONFIG_FILE_FULL_PATH | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
     FROM_DATABASE_PASSWORD=$(grep 'DB_PASSWORD' $FROM_CONFIG_FILE_FULL_PATH | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
 fi

From d35f1908db53c51f98a1d2e6c2b05ad5dbcbcb60 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Mon, 10 Feb 2020 23:18:53 +0100
Subject: [PATCH 0834/2300] Update v-clone-website

---
 src/deb/for-download/tools/v-clone-website | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/deb/for-download/tools/v-clone-website b/src/deb/for-download/tools/v-clone-website
index 2efc285e..1eaf0800 100644
--- a/src/deb/for-download/tools/v-clone-website
+++ b/src/deb/for-download/tools/v-clone-website
@@ -66,6 +66,12 @@ fi
 
 if [ $IT_IS_WP -eq 1 ]; then
     FROM_DATABASE_NAME=$(grep 'DB_NAME' $FROM_CONFIG_FILE_FULL_PATH | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
+    if [ -z "FROM_DATABASE_NAME" ]; then
+        sed -i "s|('|( '|g" $FROM_CONFIG_FILE_FULL_PATH
+        sed -i "s|');|' );|g" $FROM_CONFIG_FILE_FULL_PATH
+        FROM_DATABASE_NAME=$(grep 'DB_NAME' $FROM_CONFIG_FILE_FULL_PATH | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
+    fi
+
     FROM_DATABASE_USERNAME=$(grep 'DB_USER' $FROM_CONFIG_FILE_FULL_PATH | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
     FROM_DATABASE_PASSWORD=$(grep 'DB_PASSWORD' $FROM_CONFIG_FILE_FULL_PATH | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
 fi

From 8dea5b43d3664f6aae2f8d4190fa6a10fb65ad05 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 16 Feb 2020 01:50:38 +0100
Subject: [PATCH 0835/2300] Update secure_login.php

---
 web/inc/secure_login.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/web/inc/secure_login.php b/web/inc/secure_login.php
index a13b5570..5c6c40d0 100644
--- a/web/inc/secure_login.php
+++ b/web/inc/secure_login.php
@@ -11,8 +11,8 @@ if ($_SERVER['SCRIPT_FILENAME']=='/usr/local/vesta/web/reset/mail/set-ar.php') $
 if ($_SERVER['SCRIPT_FILENAME']=='/usr/local/vesta/web//reset/mail/set-ar.php') $skip_login_url_check=1;
 if ($_SERVER['SCRIPT_FILENAME']=='/usr/local/vesta/web/reset/mail/get-ar.php') $skip_login_url_check=1;
 if ($_SERVER['SCRIPT_FILENAME']=='/usr/local/vesta/web//reset/mail/get-ar.php') $skip_login_url_check=1;
-if (substr($_SERVER['SCRIPT_FILENAME'], 0, 28)=='/usr/local/vesta/web/custom/') $login_url_skip=1; // custom scripts like git webhooks
-if (substr($_SERVER['SCRIPT_FILENAME'], 0, 29)=='/usr/local/vesta/web//custom/') $login_url_skip=1;
+if (substr($_SERVER['SCRIPT_FILENAME'], 0, 28)=='/usr/local/vesta/web/custom/') $skip_login_url_check=1; // custom scripts like git webhooks
+if (substr($_SERVER['SCRIPT_FILENAME'], 0, 29)=='/usr/local/vesta/web//custom/') $skip_login_url_check=1;
 
 if (substr($_SERVER['SCRIPT_FILENAME'], 0, 21)=='/usr/local/vesta/bin/') $skip_login_url_check=1; // allow executing v-* PHP scripts from bash
 if (substr($_SERVER['SCRIPT_FILENAME'], 0, 29)=='/usr/local/vesta/softaculous/') $skip_login_url_check=1; // allow softaculous

From 58bf77e8964cf6c3a58b42be84f598a4e1ccf460 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 19 Feb 2020 22:00:36 +0100
Subject: [PATCH 0836/2300] Update vst-install-debian.sh

---
 install/vst-install-debian.sh | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 3766d031..c4a26503 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1530,9 +1530,9 @@ if [ "$release" -eq 10 ]; then
   service php7.3-fpm restart
 fi
 
-echo "=== Patching rcube_vcard.php"
-wget -nv https://c.myvestacp.com/tools/patches/rcube_vcard.patch -O /root/rcube_vcard.patch
-patch /usr/share/roundcube/program/lib/Roundcube/rcube_vcard.php < /root/rcube_vcard.patch
+# echo "=== Patching rcube_vcard.php"
+# wget -nv https://c.myvestacp.com/tools/patches/rcube_vcard.patch -O /root/rcube_vcard.patch
+# patch /usr/share/roundcube/program/lib/Roundcube/rcube_vcard.php < /root/rcube_vcard.patch
 
 # Comparing hostname and ip
 make_ssl=0

From 2e3f833f17d9ed028031ed15cee74f41867df055 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 20 Feb 2020 15:10:56 +0100
Subject: [PATCH 0837/2300] Update vst-install-debian.sh

---
 install/vst-install-debian.sh | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index c4a26503..63583731 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1613,9 +1613,9 @@ crontab -l | { cat; echo "10 2 * * 6 sudo find /home/*/tmp/ -type f -mtime +5 -e
 echo -e "Congratulations, you have just successfully installed \
 Vesta Control Panel
 
-    https://$ip:$port/$secretquery
-    username: admin
-    password: $vpass
+https://$ip:$port/$secretquery
+username: admin
+password: $vpass
 
 We hope that you enjoy your installation of Vesta. Please \
 feel free to contact us anytime if you have any questions.

From cbed4fe37de80424b61e1f2568d268ad7a58593a Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 20 Feb 2020 15:33:19 +0100
Subject: [PATCH 0838/2300] force-https-webmail-phpmyadmin tpl

---
 .../nginx/force-https-webmail-phpmyadmin.stpl | 62 +++++++++++++++++++
 .../nginx/force-https-webmail-phpmyadmin.tpl  |  8 +++
 2 files changed, 70 insertions(+)
 create mode 100644 install/debian/10/templates/web/nginx/force-https-webmail-phpmyadmin.stpl
 create mode 100644 install/debian/10/templates/web/nginx/force-https-webmail-phpmyadmin.tpl

diff --git a/install/debian/10/templates/web/nginx/force-https-webmail-phpmyadmin.stpl b/install/debian/10/templates/web/nginx/force-https-webmail-phpmyadmin.stpl
new file mode 100644
index 00000000..4fadbbfc
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/force-https-webmail-phpmyadmin.stpl
@@ -0,0 +1,62 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    # ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /webmail {
+        disable_symlinks off;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           /var/lib/roundcube;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /phpmyadmin {
+        disable_symlinks off;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           /usr/share;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/install/debian/10/templates/web/nginx/force-https-webmail-phpmyadmin.tpl b/install/debian/10/templates/web/nginx/force-https-webmail-phpmyadmin.tpl
new file mode 100644
index 00000000..851ac0dc
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/force-https-webmail-phpmyadmin.tpl
@@ -0,0 +1,8 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    location / {
+        rewrite ^(.*) https://%domain_idn%$1 permanent;
+    }
+include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+}

From c4a644bd9ab9d991b4bda47c605193873128f874 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 21 Feb 2020 13:10:40 +0100
Subject: [PATCH 0839/2300] Introducing KEEP_N_FTP_BACKUPS

---
 bin/v-backup-user | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/bin/v-backup-user b/bin/v-backup-user
index f43277ac..054a7049 100755
--- a/bin/v-backup-user
+++ b/bin/v-backup-user
@@ -645,6 +645,11 @@ ftp_backup() {
         BACKUPS=1
         echo "=== Set BACKUPS=1"
     fi
+    if [ ! -z "$KEEP_N_FTP_BACKUPS" ]; then
+        TEMP_BACKUPS=$BACKUPS
+        BACKUPS=$KEEP_N_FTP_BACKUPS
+        echo "=== Set BACKUPS=$KEEP_N_FTP_BACKUPS"
+    fi
     backups_count=$(echo "$backup_list" |wc -l)
     if [ "$backups_count" -ge "$BACKUPS" ]; then
         backups_rm_number=$((backups_count - BACKUPS + 1))
@@ -663,6 +668,10 @@ ftp_backup() {
         BACKUPS=$TEMP_BACKUPS
         echo "=== Bringing back old value BACKUPS=$BACKUPS"
     fi
+    if [ ! -z "$KEEP_N_FTP_BACKUPS" ]; then
+        BACKUPS=$TEMP_BACKUPS
+        echo "=== Bringing back old value BACKUPS=$BACKUPS"
+    fi
 
     # Uploading backup archive
     if [ "$localbackup" = 'yes' ]; then
@@ -810,6 +819,11 @@ sftp_backup() {
         BACKUPS=1
         echo "=== Set BACKUPS=1"
     fi
+    if [ ! -z "$KEEP_N_FTP_BACKUPS" ]; then
+        TEMP_BACKUPS=$BACKUPS
+        BACKUPS=$KEEP_N_FTP_BACKUPS
+        echo "=== Set BACKUPS=$KEEP_N_FTP_BACKUPS"
+    fi
     if [ "$backups_count" -ge "$BACKUPS" ]; then
         backups_rm_number=$((backups_count - BACKUPS + 1))
         for backup in $(echo "$backup_list" |head -n $backups_rm_number); do
@@ -827,6 +841,10 @@ sftp_backup() {
         BACKUPS=$TEMP_BACKUPS
         echo "=== Bringing back old value BACKUPS=$BACKUPS"
     fi
+    if [ ! -z "$KEEP_N_FTP_BACKUPS" ]; then
+        BACKUPS=$TEMP_BACKUPS
+        echo "=== Bringing back old value BACKUPS=$BACKUPS"
+    fi
 
     # Uploading backup archive
     echo "$(date "+%F %T") Uploading $user.$backup_new_date.tar"|tee -a $BACKUP/$user.log

From fe9d6c1c631647e6cea0a73bafaf9ad942d2dc8b Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 21 Feb 2020 14:19:15 +0100
Subject: [PATCH 0840/2300] Update secure_login.php

---
 web/inc/secure_login.php | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/web/inc/secure_login.php b/web/inc/secure_login.php
index 5c6c40d0..55b17e55 100644
--- a/web/inc/secure_login.php
+++ b/web/inc/secure_login.php
@@ -1,6 +1,9 @@
 
Date: Fri, 21 Feb 2020 15:01:17 +0100
Subject: [PATCH 0841/2300] Introducing NOTIFY_ADMIN_FULL_BACKUP

---
 bin/v-backup-users | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/bin/v-backup-users b/bin/v-backup-users
index df9cf6ee..db5ae147 100755
--- a/bin/v-backup-users
+++ b/bin/v-backup-users
@@ -26,12 +26,18 @@ log=$VESTA/log/backup.log
 
 $BIN/v-check-vesta-license >/dev/null
 
+if [ ! -z "$NOTIFY_ADMIN_FULL_BACKUP" ]; then
+    mv $log $log-`date +"%Y-%m-%d--%H:%M:%S"`
+    touch $log
+fi
+
 # Auto-repair all databases before backuping all accounts
 nice -n 19 ionice -c 3 mysqlrepair --all-databases --check --auto-repair >> $log 2>&1
 
 if [ -z "$BACKUP_SYSTEM" ]; then
     exit
 fi
+FINAL_STATUS='OK'
 i_am_in_backup_all_users=1
 for user in $(grep '@' /etc/passwd |cut -f1 -d:); do
     if [ ! -f "$VESTA/data/users/$user/user.conf" ]; then
@@ -45,11 +51,19 @@ for user in $(grep '@' /etc/passwd |cut -f1 -d:); do
         echo -e "--------------------------------\n" >> $log
         i_am_in_backup_all_users=0
         nice -n 19 ionice -c 3 $BIN/v-backup-user $user >> $log 2>&1
+        STATUS=$?
+        if [ $STATUS -ne 0 ]; then
+            FINAL_STATUS='CONTAINS ERRORS !!!'
+        fi
         i_am_in_backup_all_users=1
         echo -e "\n--------------------------------\n\n" >> $log
     fi
 done
 
+if [ ! -z "$NOTIFY_ADMIN_FULL_BACKUP" ]; then
+    cat $log |$SENDMAIL -s "Full backup report; status=$FINAL_STATUS" $NOTIFY_ADMIN_FULL_BACKUP 'yes'
+fi
+
 #----------------------------------------------------------#
 #                       Vesta                              #
 #----------------------------------------------------------#

From 55aa50eb0c4163c1138d5e69e6d80f0429b1875d Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 21 Feb 2020 15:03:07 +0100
Subject: [PATCH 0842/2300] Version up

---
 src/deb/latest.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/latest.txt b/src/deb/latest.txt
index 41001021..aa524057 100644
--- a/src/deb/latest.txt
+++ b/src/deb/latest.txt
@@ -1 +1 @@
-vesta-0.9.8-26-5
+vesta-0.9.8-26-6

From e556f672b162bc3a819e8371fe688005750a8d0c Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 21 Feb 2020 15:03:49 +0100
Subject: [PATCH 0843/2300] Version up

---
 src/deb/vesta_compile.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/vesta_compile.sh b/src/deb/vesta_compile.sh
index 81b0886c..796c12a9 100644
--- a/src/deb/vesta_compile.sh
+++ b/src/deb/vesta_compile.sh
@@ -9,7 +9,7 @@ add_deb_to_apt_repo=0
 
 TARGET_DEB_NAME='buster'
 TARGET_DEB_VER='10'
-VESTA_VER='0.9.8-26-5'
+VESTA_VER='0.9.8-26-6'
 
 run_apt_update_and_install=1
 wait_to_press_enter=1

From b98cdf75fe407b8b0ac8b11ff6e3bffdd50ea9fe Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 21 Feb 2020 15:04:30 +0100
Subject: [PATCH 0844/2300] Version up

---
 src/deb/vesta/control | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/vesta/control b/src/deb/vesta/control
index 638399fb..41bf6dc8 100644
--- a/src/deb/vesta/control
+++ b/src/deb/vesta/control
@@ -1,7 +1,7 @@
 Source: vesta
 Package: vesta
 Priority: optional
-Version: 0.9.8-26-5
+Version: 0.9.8-26-6
 Section: admin
 Maintainer: Predrag Damnjanovic 
 Homepage: http://myvestacp.com

From 79e9871abd834c36a3d2aaa4aa028b873b0bfd4c Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 21 Feb 2020 15:12:24 +0100
Subject: [PATCH 0845/2300] Update v-backup-users

---
 bin/v-backup-users | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-backup-users b/bin/v-backup-users
index db5ae147..be90797b 100755
--- a/bin/v-backup-users
+++ b/bin/v-backup-users
@@ -61,7 +61,7 @@ for user in $(grep '@' /etc/passwd |cut -f1 -d:); do
 done
 
 if [ ! -z "$NOTIFY_ADMIN_FULL_BACKUP" ]; then
-    cat $log |$SENDMAIL -s "Full backup report; status=$FINAL_STATUS" $NOTIFY_ADMIN_FULL_BACKUP 'yes'
+    cat $log |$SENDMAIL -s "Full backup report for $HOSTNAME; status=$FINAL_STATUS" "$NOTIFY_ADMIN_FULL_BACKUP" 'yes'
 fi
 
 #----------------------------------------------------------#

From 57ee689651df800c0d863fb1afe9e1a4bba19598 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Mon, 24 Feb 2020 19:34:38 +0100
Subject: [PATCH 0846/2300] Update main.sh

---
 func/main.sh | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/func/main.sh b/func/main.sh
index 8c46895c..ba78830a 100644
--- a/func/main.sh
+++ b/func/main.sh
@@ -183,7 +183,8 @@ is_type_valid() {
 is_backup_enabled() {
     BACKUPS=$(grep "^BACKUPS=" $USER_DATA/user.conf | cut -f2 -d \')
     if [ -z "$BACKUPS" ] || [[ "$BACKUPS" -le '0' ]]; then
-        check_result $E_DISABLED "user backup is disabled"
+        check_result 0 "user backup is disabled"
+        exit 0
     fi
 }
 

From 16f5b0c117e8f91ad34a1f622bed6b738cbd5450 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Mon, 24 Feb 2020 19:48:22 +0100
Subject: [PATCH 0847/2300] NOTIFY_ADMIN_FULL_BACKUP2

---
 bin/v-backup-users | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/bin/v-backup-users b/bin/v-backup-users
index be90797b..9987b737 100755
--- a/bin/v-backup-users
+++ b/bin/v-backup-users
@@ -63,6 +63,9 @@ done
 if [ ! -z "$NOTIFY_ADMIN_FULL_BACKUP" ]; then
     cat $log |$SENDMAIL -s "Full backup report for $HOSTNAME; status=$FINAL_STATUS" "$NOTIFY_ADMIN_FULL_BACKUP" 'yes'
 fi
+if [ ! -z "$NOTIFY_ADMIN_FULL_BACKUP2" ]; then
+    cat $log |$SENDMAIL -s "Full backup report for $HOSTNAME; status=$FINAL_STATUS" "$NOTIFY_ADMIN_FULL_BACKUP2" 'yes'
+fi
 
 #----------------------------------------------------------#
 #                       Vesta                              #

From 50a38e8823850e1438292455fe216127c3075527 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 29 Feb 2020 01:35:32 +0100
Subject: [PATCH 0848/2300] Ensure apache2 mpm_event

---
 src/deb/for-download/tools/multi-php-install.sh | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/src/deb/for-download/tools/multi-php-install.sh b/src/deb/for-download/tools/multi-php-install.sh
index 2d8658c7..6316f3b8 100644
--- a/src/deb/for-download/tools/multi-php-install.sh
+++ b/src/deb/for-download/tools/multi-php-install.sh
@@ -223,3 +223,17 @@ fi
 
 apt update
 apt upgrade -y
+
+if [ $debian_version -eq 10 ]; then
+    a2dismod ruid2
+    a2dismod suexec
+    a2dismod php5.6
+    a2dismod php7.0
+    a2dismod php7.1
+    a2dismod php7.2
+    a2dismod php7.3
+    a2dismod php7.4
+    a2dismod mpm_prefork
+    a2enmod mpm_event
+    service apache2 restart
+fi

From 7c440d9ee7f11c10833c9d94b6b087717ebb05a9 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 5 Mar 2020 09:37:13 +0100
Subject: [PATCH 0849/2300] Update v-migrate-site-to-https

---
 .../tools/v-migrate-site-to-https             | 22 +++++++++++--------
 1 file changed, 13 insertions(+), 9 deletions(-)

diff --git a/src/deb/for-download/tools/v-migrate-site-to-https b/src/deb/for-download/tools/v-migrate-site-to-https
index cba3b7d7..517976ee 100644
--- a/src/deb/for-download/tools/v-migrate-site-to-https
+++ b/src/deb/for-download/tools/v-migrate-site-to-https
@@ -48,14 +48,18 @@ if [ -f "$FROM_FOLDER/wp-config.php" ]; then
 fi
 
 if [ $IT_IS_WP -eq 1 ]; then
-    FROM_DATABASE_NAME=$(grep 'DB_NAME' $FROM_CONFIG_FILE_FULL_PATH | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
-    if [ -z "FROM_DATABASE_NAME" ]; then
-        sed -i "s|('|( '|g" $FROM_CONFIG_FILE_FULL_PATH
-        sed -i "s|');|' );|g" $FROM_CONFIG_FILE_FULL_PATH
-        FROM_DATABASE_NAME=$(grep 'DB_NAME' $FROM_CONFIG_FILE_FULL_PATH | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
+    FROM_CONFIG_FILE_FULL_PATH_BACKUP="${FROM_CONFIG_FILE_FULL_PATH}_backup"
+    cp $FROM_CONFIG_FILE_FULL_PATH $FROM_CONFIG_FILE_FULL_PATH_BACKUP
+    sed -i "s|//.*$||g" $FROM_CONFIG_FILE_FULL_PATH_BACKUP
+    if [ -z "$FROM_DATABASE_NAME" ]; then
+        sed -i "s|('|( '|g" $FROM_CONFIG_FILE_FULL_PATH_BACKUP
+        sed -i "s|');|' );|g" $FROM_CONFIG_FILE_FULL_PATH_BACKUP
+        FROM_DATABASE_NAME=$(grep 'DB_NAME' $FROM_CONFIG_FILE_FULL_PATH_BACKUP | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
     fi
-    FROM_DATABASE_USERNAME=$(grep 'DB_USER' $FROM_CONFIG_FILE_FULL_PATH | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
-    FROM_DATABASE_PASSWORD=$(grep 'DB_PASSWORD' $FROM_CONFIG_FILE_FULL_PATH | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
+
+    FROM_DATABASE_USERNAME=$(grep 'DB_USER' $FROM_CONFIG_FILE_FULL_PATH_BACKUP | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
+    FROM_DATABASE_PASSWORD=$(grep 'DB_PASSWORD' $FROM_CONFIG_FILE_FULL_PATH_BACKUP | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
+    rm $FROM_CONFIG_FILE_FULL_PATH_BACKUP
 fi
 if [ $# -ge 2 ]; then
     if [ ! -z "$2" ]; then
@@ -126,11 +130,11 @@ echo "FROM_REPLACE2 = $FROM_REPLACE2"
 echo "TO_REPLACE2   = $TO_REPLACE2"
 echo "----"
 echo "FROM_DOMAIN = $FROM_DOMAIN"
-echo "FROM_USER = $FROM_USER"
+echo "FROM_USER   = $FROM_USER"
 echo "FROM_FOLDER = $FROM_FOLDER"
 echo "IT_IS_WP = $IT_IS_WP"
 echo "FROM_CONFIG_FILE_FULL_PATH = $FROM_CONFIG_FILE_FULL_PATH"
-echo "FROM_DATABASE_NAME = $FROM_DATABASE_NAME"
+echo "FROM_DATABASE_NAME     = $FROM_DATABASE_NAME"
 echo "FROM_DATABASE_USERNAME = $FROM_DATABASE_USERNAME"
 echo "FROM_DATABASE_PASSWORD = $FROM_DATABASE_PASSWORD"
 echo "==============================================================================="

From e3af159de44ae5a0b3b10d4566204619b631a3f7 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 5 Mar 2020 09:37:59 +0100
Subject: [PATCH 0850/2300] Update v-clone-website

---
 src/deb/for-download/tools/v-clone-website | 41 ++++++++++++----------
 1 file changed, 22 insertions(+), 19 deletions(-)

diff --git a/src/deb/for-download/tools/v-clone-website b/src/deb/for-download/tools/v-clone-website
index 1eaf0800..b6dd828e 100644
--- a/src/deb/for-download/tools/v-clone-website
+++ b/src/deb/for-download/tools/v-clone-website
@@ -65,15 +65,18 @@ if [ -f "$FROM_FOLDER/wp-config.php" ]; then
 fi
 
 if [ $IT_IS_WP -eq 1 ]; then
-    FROM_DATABASE_NAME=$(grep 'DB_NAME' $FROM_CONFIG_FILE_FULL_PATH | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
-    if [ -z "FROM_DATABASE_NAME" ]; then
-        sed -i "s|('|( '|g" $FROM_CONFIG_FILE_FULL_PATH
-        sed -i "s|');|' );|g" $FROM_CONFIG_FILE_FULL_PATH
-        FROM_DATABASE_NAME=$(grep 'DB_NAME' $FROM_CONFIG_FILE_FULL_PATH | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
+    FROM_CONFIG_FILE_FULL_PATH_BACKUP="${FROM_CONFIG_FILE_FULL_PATH}_backup"
+    cp $FROM_CONFIG_FILE_FULL_PATH $FROM_CONFIG_FILE_FULL_PATH_BACKUP
+    sed -i "s|//.*$||g" $FROM_CONFIG_FILE_FULL_PATH_BACKUP
+    if [ -z "$FROM_DATABASE_NAME" ]; then
+        sed -i "s|('|( '|g" $FROM_CONFIG_FILE_FULL_PATH_BACKUP
+        sed -i "s|');|' );|g" $FROM_CONFIG_FILE_FULL_PATH_BACKUP
+        FROM_DATABASE_NAME=$(grep 'DB_NAME' $FROM_CONFIG_FILE_FULL_PATH_BACKUP | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
     fi
 
-    FROM_DATABASE_USERNAME=$(grep 'DB_USER' $FROM_CONFIG_FILE_FULL_PATH | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
-    FROM_DATABASE_PASSWORD=$(grep 'DB_PASSWORD' $FROM_CONFIG_FILE_FULL_PATH | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
+    FROM_DATABASE_USERNAME=$(grep 'DB_USER' $FROM_CONFIG_FILE_FULL_PATH_BACKUP | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
+    FROM_DATABASE_PASSWORD=$(grep 'DB_PASSWORD' $FROM_CONFIG_FILE_FULL_PATH_BACKUP | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
+    rm $FROM_CONFIG_FILE_FULL_PATH_BACKUP
 fi
 if [ $# -ge 3 ]; then
     if [ ! -z "$3" ]; then
@@ -91,15 +94,15 @@ if [ $# -ge 5 ]; then
     fi
 fi
 if [ -z "$FROM_DATABASE_NAME" ]; then
-    echo "Error: FROM_DATABASE_NAME $FROM_DATABASE_NAME is empty"
+    echo "Error: FROM_DATABASE_NAME is empty"
     exit 6
 fi
 if [ -z "$FROM_DATABASE_USERNAME" ]; then
-    echo "Error: FROM_DATABASE_USERNAME $FROM_DATABASE_USERNAME is empty"
+    echo "Error: FROM_DATABASE_USERNAME is empty"
     exit 7
 fi
 if [ -z "$FROM_DATABASE_PASSWORD" ]; then
-    echo "Error: FROM_DATABASE_PASSWORD $FROM_DATABASE_PASSWORD is empty"
+    echo "Error: FROM_DATABASE_PASSWORD is empty"
     exit 8
 fi
 
@@ -225,24 +228,24 @@ fi
 
 echo "==============================================================================="
 echo "FROM_DOMAIN = $FROM_DOMAIN"
+echo "TO_DOMAIN   = $TO_DOMAIN"
 echo "FROM_USER = $FROM_USER"
-echo "TO_DOMAIN = $TO_DOMAIN"
-echo "TO_USER = $TO_USER"
+echo "TO_USER   = $TO_USER"
 echo "FROM_FOLDER = $FROM_FOLDER"
-echo "TO_FOLDER = $TO_FOLDER"
+echo "TO_FOLDER   = $TO_FOLDER"
 echo "IT_IS_WP = $IT_IS_WP"
 echo "FROM_CONFIG_FILE_FULL_PATH = $FROM_CONFIG_FILE_FULL_PATH"
-echo "TO_CONFIG_FILE_FULL_PATH = $TO_CONFIG_FILE_FULL_PATH"
+echo "TO_CONFIG_FILE_FULL_PATH   = $TO_CONFIG_FILE_FULL_PATH"
 echo "FROM_DATABASE_NAME = $FROM_DATABASE_NAME"
+echo "TO_DATABASE_NAME   = $TO_DATABASE_NAME"
 echo "FROM_DATABASE_USERNAME = $FROM_DATABASE_USERNAME"
+echo "TO_DATABASE_USERNAME   = $TO_DATABASE_USERNAME"
 echo "FROM_DATABASE_PASSWORD = $FROM_DATABASE_PASSWORD"
+echo "TO_DATABASE_PASSWORD   = $TO_DATABASE_PASSWORD"
 echo "FROM_DATABASE_NAME_WITHOUT_PREFIX = $FROM_DATABASE_NAME_WITHOUT_PREFIX"
+echo "TO_DATABASE_NAME_WITHOUT_PREFIX   = $TO_DATABASE_NAME_WITHOUT_PREFIX"
 echo "FROM_DATABASE_USERNAME_WITHOUT_PREFIX = $FROM_DATABASE_USERNAME_WITHOUT_PREFIX"
-echo "TO_DATABASE_NAME = $TO_DATABASE_NAME"
-echo "TO_DATABASE_USERNAME = $TO_DATABASE_USERNAME"
-echo "TO_DATABASE_PASSWORD = $TO_DATABASE_PASSWORD"
-echo "TO_DATABASE_NAME_WITHOUT_PREFIX = $TO_DATABASE_NAME_WITHOUT_PREFIX"
-echo "TO_DATABASE_USERNAME_WITHOUT_PREFIX = $TO_DATABASE_USERNAME_WITHOUT_PREFIX"
+echo "TO_DATABASE_USERNAME_WITHOUT_PREFIX   = $TO_DATABASE_USERNAME_WITHOUT_PREFIX"
 echo "==============================================================================="
 read -p "=== Press Enter to continue ==="
 

From 5b9625d0c86902ec6eeede6fb76199c5df17603e Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 5 Mar 2020 09:40:20 +0100
Subject: [PATCH 0851/2300] Update v-migrate-site-to-https

---
 src/deb/for-download/tools/v-migrate-site-to-https | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/deb/for-download/tools/v-migrate-site-to-https b/src/deb/for-download/tools/v-migrate-site-to-https
index 517976ee..e445fd27 100644
--- a/src/deb/for-download/tools/v-migrate-site-to-https
+++ b/src/deb/for-download/tools/v-migrate-site-to-https
@@ -77,15 +77,15 @@ if [ $# -ge 4 ]; then
     fi
 fi
 if [ -z "$FROM_DATABASE_NAME" ]; then
-    echo "Error: DATABASE_NAME $FROM_DATABASE_NAME is empty"
+    echo "Error: DATABASE_NAME is empty"
     exit 6
 fi
 if [ -z "$FROM_DATABASE_USERNAME" ]; then
-    echo "Error: DATABASE_USERNAME $FROM_DATABASE_USERNAME is empty"
+    echo "Error: DATABASE_USERNAME is empty"
     exit 7
 fi
 if [ -z "$FROM_DATABASE_PASSWORD" ]; then
-    echo "Error: DATABASE_PASSWORD $FROM_DATABASE_PASSWORD is empty"
+    echo "Error: DATABASE_PASSWORD is empty"
     exit 8
 fi
 

From 01c3a9c9b65f500512201414481c3f24ce430c18 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 6 Mar 2020 20:39:53 +0100
Subject: [PATCH 0852/2300] timeout in v-list-sys-web-status

---
 bin/v-list-sys-web-status | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/bin/v-list-sys-web-status b/bin/v-list-sys-web-status
index eb58c81c..aaa33e4c 100755
--- a/bin/v-list-sys-web-status
+++ b/bin/v-list-sys-web-status
@@ -28,17 +28,17 @@ fi
 # Displaying proxy status
 if [ "$PROXY_SYSTEM" = 'nginx' ]; then
     echo "$PROXY_SYSTEM STATUS"| tr '[:lower:]' '[:upper:]'
-    wget -qO-  http://localhost:8084/
+    curl -fsSL --max-time 3 http://localhost:8084/
     echo "


"
 fi
 
 # Displaying web server status
 echo "$WEB_SYSTEM STATUS"| tr '[:lower:]' '[:upper:]'
 if [ "$WEB_SYSTEM" != 'nginx' ]; then
-    wget -qO-  http://localhost:8081/server-status/ |\
+    curl -fsSL --max-time 3 http://localhost:8081/server-status/ |\
         egrep -v "html|DOCTYPE|h1>|title|head"
 else
-    wget -qO-  http://localhost:8084/
+    curl -fsSL --max-time 3 http://localhost:8084/
 fi
 
 

From 84c22518e5ff991cb353cbf2ec784fedd9324968 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 11 Mar 2020 15:16:58 +0100
Subject: [PATCH 0853/2300] Trying to avoid Let's Encrypt domain validation
 timeout

---
 bin/v-add-letsencrypt-domain | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-add-letsencrypt-domain b/bin/v-add-letsencrypt-domain
index 59d51c61..3c0fbc82 100755
--- a/bin/v-add-letsencrypt-domain
+++ b/bin/v-add-letsencrypt-domain
@@ -208,7 +208,7 @@ for auth in $authz; do
         if [ "$i" -gt 10 ]; then
             check_result $E_CONNECT "Let's Encrypt domain validation timeout"
         fi
-        sleep 1
+        sleep 2
     done
     if [ "$validation" = 'invalid' ]; then
         check_result $E_CONNECT "Let's Encrypt domain verification failed"

From cd01273ae6081b2afc9f44581e0244a022d24d66 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 18 Mar 2020 16:22:35 +0100
Subject: [PATCH 0854/2300] Update v-clone-website

---
 src/deb/for-download/tools/v-clone-website | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/deb/for-download/tools/v-clone-website b/src/deb/for-download/tools/v-clone-website
index b6dd828e..398c3e54 100644
--- a/src/deb/for-download/tools/v-clone-website
+++ b/src/deb/for-download/tools/v-clone-website
@@ -281,10 +281,13 @@ echo "=== Chowning to  $TO_USER:$TO_USER in folder $TO_FOLDER"
 chown -R $TO_USER:$TO_USER $TO_FOLDER
 
 echo "=== Replacing $FROM_DATABASE_NAME to $TO_DATABASE_NAME in $TO_CONFIG_FILE_FULL_PATH"
+sed -i "s|'$FROM_DATABASE_NAME'|'$TO_DATABASE_NAME'|g" $TO_CONFIG_FILE_FULL_PATH
 sed -i "s|$FROM_DATABASE_NAME|$TO_DATABASE_NAME|g" $TO_CONFIG_FILE_FULL_PATH
 echo "=== Replacing $FROM_DATABASE_USERNAME to $TO_DATABASE_USERNAME in $TO_CONFIG_FILE_FULL_PATH"
+sed -i "s|'$FROM_DATABASE_USERNAME'|'$TO_DATABASE_USERNAME'|g" $TO_CONFIG_FILE_FULL_PATH
 sed -i "s|$FROM_DATABASE_USERNAME|$TO_DATABASE_USERNAME|g" $TO_CONFIG_FILE_FULL_PATH
 echo "=== Replacing $FROM_DATABASE_PASSWORD to $TO_DATABASE_PASSWORD in $TO_CONFIG_FILE_FULL_PATH"
+sed -i "s|'$FROM_DATABASE_PASSWORD'|'$TO_DATABASE_PASSWORD'|g" $TO_CONFIG_FILE_FULL_PATH
 sed -i "s|$FROM_DATABASE_PASSWORD|$TO_DATABASE_PASSWORD|g" $TO_CONFIG_FILE_FULL_PATH
 
 echo "=== Replacing $FROM_DOMAIN to $TO_DOMAIN in folder $TO_FOLDER"

From 8da8d0b83383f0aaea245617dd6fa41e6fe63997 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 18 Mar 2020 16:40:00 +0100
Subject: [PATCH 0855/2300] Update v-clone-website

---
 src/deb/for-download/tools/v-clone-website | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/src/deb/for-download/tools/v-clone-website b/src/deb/for-download/tools/v-clone-website
index 398c3e54..66aaa782 100644
--- a/src/deb/for-download/tools/v-clone-website
+++ b/src/deb/for-download/tools/v-clone-website
@@ -282,13 +282,19 @@ chown -R $TO_USER:$TO_USER $TO_FOLDER
 
 echo "=== Replacing $FROM_DATABASE_NAME to $TO_DATABASE_NAME in $TO_CONFIG_FILE_FULL_PATH"
 sed -i "s|'$FROM_DATABASE_NAME'|'$TO_DATABASE_NAME'|g" $TO_CONFIG_FILE_FULL_PATH
-sed -i "s|$FROM_DATABASE_NAME|$TO_DATABASE_NAME|g" $TO_CONFIG_FILE_FULL_PATH
+sed -i "s|\"$FROM_DATABASE_NAME\"|\"$TO_DATABASE_NAME\"|g" $TO_CONFIG_FILE_FULL_PATH
+sed -i "s|=$FROM_DATABASE_NAME$|=$TO_DATABASE_NAME|g" $TO_CONFIG_FILE_FULL_PATH
+sed -i "s|= $FROM_DATABASE_NAME$|= $TO_DATABASE_NAME|g" $TO_CONFIG_FILE_FULL_PATH
 echo "=== Replacing $FROM_DATABASE_USERNAME to $TO_DATABASE_USERNAME in $TO_CONFIG_FILE_FULL_PATH"
 sed -i "s|'$FROM_DATABASE_USERNAME'|'$TO_DATABASE_USERNAME'|g" $TO_CONFIG_FILE_FULL_PATH
-sed -i "s|$FROM_DATABASE_USERNAME|$TO_DATABASE_USERNAME|g" $TO_CONFIG_FILE_FULL_PATH
+sed -i "s|\"$FROM_DATABASE_USERNAME\"|\"$TO_DATABASE_USERNAME\"|g" $TO_CONFIG_FILE_FULL_PATH
+sed -i "s|=$FROM_DATABASE_USERNAME$|=$TO_DATABASE_USERNAME|g" $TO_CONFIG_FILE_FULL_PATH
+sed -i "s|= $FROM_DATABASE_USERNAME$|= $TO_DATABASE_USERNAME|g" $TO_CONFIG_FILE_FULL_PATH
 echo "=== Replacing $FROM_DATABASE_PASSWORD to $TO_DATABASE_PASSWORD in $TO_CONFIG_FILE_FULL_PATH"
 sed -i "s|'$FROM_DATABASE_PASSWORD'|'$TO_DATABASE_PASSWORD'|g" $TO_CONFIG_FILE_FULL_PATH
-sed -i "s|$FROM_DATABASE_PASSWORD|$TO_DATABASE_PASSWORD|g" $TO_CONFIG_FILE_FULL_PATH
+sed -i "s|\"$FROM_DATABASE_PASSWORD\"|\"$TO_DATABASE_PASSWORD\"|g" $TO_CONFIG_FILE_FULL_PATH
+sed -i "s|=$FROM_DATABASE_PASSWORD$|=$TO_DATABASE_PASSWORD|g" $TO_CONFIG_FILE_FULL_PATH
+sed -i "s|= $FROM_DATABASE_PASSWORD$|= $TO_DATABASE_PASSWORD|g" $TO_CONFIG_FILE_FULL_PATH
 
 echo "=== Replacing $FROM_DOMAIN to $TO_DOMAIN in folder $TO_FOLDER"
 grep -rl "$FROM_DOMAIN" $TO_FOLDER | xargs sed -i "s#$FROM_DOMAIN#$TO_DOMAIN#g"

From 07b739382dc5034ccd0ef931ba15c87cd3920df7 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 18 Mar 2020 19:19:42 +0100
Subject: [PATCH 0856/2300] Update v-clone-website

---
 src/deb/for-download/tools/v-clone-website | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/src/deb/for-download/tools/v-clone-website b/src/deb/for-download/tools/v-clone-website
index 66aaa782..72405cce 100644
--- a/src/deb/for-download/tools/v-clone-website
+++ b/src/deb/for-download/tools/v-clone-website
@@ -138,19 +138,19 @@ fi
 
 TO_CONFIG_FILE_FULL_PATH="$TO_FOLDER/$FROM_CONFIG_FILE"
 
-if [ $# -ge 7 ]; then
-    if [ ! -z "$7" ]; then
-        TO_DATABASE_NAME=$7
-    fi
-fi
 if [ $# -ge 8 ]; then
     if [ ! -z "$8" ]; then
-        TO_DATABASE_USERNAME=$8
+        TO_DATABASE_NAME=$8
     fi
 fi
 if [ $# -ge 9 ]; then
     if [ ! -z "$9" ]; then
-        TO_DATABASE_PASSWORD=$9
+        TO_DATABASE_USERNAME=$9
+    fi
+fi
+if [ $# -ge 10 ]; then
+    if [ ! -z "${10}" ]; then
+        TO_DATABASE_PASSWORD=${10}
     fi
 fi
 

From d93935fb362b7862e864df843afc2c2d1fe9c401 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 18 Mar 2020 21:20:23 +0100
Subject: [PATCH 0857/2300] Second try to avoid Let's Encrypt domain validation
 timeout

---
 bin/v-add-letsencrypt-domain | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-add-letsencrypt-domain b/bin/v-add-letsencrypt-domain
index 3c0fbc82..0e9438ed 100755
--- a/bin/v-add-letsencrypt-domain
+++ b/bin/v-add-letsencrypt-domain
@@ -208,7 +208,7 @@ for auth in $authz; do
         if [ "$i" -gt 10 ]; then
             check_result $E_CONNECT "Let's Encrypt domain validation timeout"
         fi
-        sleep 2
+        sleep $((i*2))
     done
     if [ "$validation" = 'invalid' ]; then
         check_result $E_CONNECT "Let's Encrypt domain verification failed"

From d6af7f06ece3bff9399cd496d099230daeb0c3e6 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 18 Mar 2020 21:21:28 +0100
Subject: [PATCH 0858/2300] version  up

---
 src/deb/latest.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/latest.txt b/src/deb/latest.txt
index aa524057..eabf8b7c 100644
--- a/src/deb/latest.txt
+++ b/src/deb/latest.txt
@@ -1 +1 @@
-vesta-0.9.8-26-6
+vesta-0.9.8-26-7

From 56fc89e2af18897a0048eeb5c9eba79dbccf348e Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 18 Mar 2020 21:22:13 +0100
Subject: [PATCH 0859/2300] version up

---
 src/deb/vesta_compile.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/vesta_compile.sh b/src/deb/vesta_compile.sh
index 796c12a9..a37d69fe 100644
--- a/src/deb/vesta_compile.sh
+++ b/src/deb/vesta_compile.sh
@@ -9,7 +9,7 @@ add_deb_to_apt_repo=0
 
 TARGET_DEB_NAME='buster'
 TARGET_DEB_VER='10'
-VESTA_VER='0.9.8-26-6'
+VESTA_VER='0.9.8-26-7'
 
 run_apt_update_and_install=1
 wait_to_press_enter=1

From db726ad32f830e74b257826184ee7ca842073373 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 18 Mar 2020 21:23:01 +0100
Subject: [PATCH 0860/2300] version up

---
 src/deb/vesta/control | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/vesta/control b/src/deb/vesta/control
index 41bf6dc8..d19710b1 100644
--- a/src/deb/vesta/control
+++ b/src/deb/vesta/control
@@ -1,7 +1,7 @@
 Source: vesta
 Package: vesta
 Priority: optional
-Version: 0.9.8-26-6
+Version: 0.9.8-26-7
 Section: admin
 Maintainer: Predrag Damnjanovic 
 Homepage: http://myvestacp.com

From a5712542d7315f45abf6df275744889437393c30 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Mon, 23 Mar 2020 01:21:57 +0100
Subject: [PATCH 0861/2300] Temporary fix for parsing backup conf

---
 bin/v-backup-user       | 3 ++-
 bin/v-list-user-backups | 2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/bin/v-backup-user b/bin/v-backup-user
index f9fcf6f5..646e9812 100755
--- a/bin/v-backup-user
+++ b/bin/v-backup-user
@@ -479,7 +479,8 @@ if [ "$USER" != '*' ]; then
         exclusion=$(echo "$USER" |tr ',' '\n' |grep "^$udir$")
         if [ -z "$exclusion" ]; then
             ((i ++))
-            udir_list="$udir_list $udir"
+            udir_str=$(echo "$udir" |sed -e "s|'|\\\'|g")
+            udir_list="$udir_list $udir_str"
             echo -e "$(date "+%F %T") adding $udir" |tee -a $BACKUP/$user.log
 
             # Backup files and dirs
diff --git a/bin/v-list-user-backups b/bin/v-list-user-backups
index 813ee687..7e7e284e 100755
--- a/bin/v-list-user-backups
+++ b/bin/v-list-user-backups
@@ -22,7 +22,7 @@ json_list() {
     i=1
     objects=$(grep BACKUP $USER_DATA/backup.conf |wc -l)
     echo "{"
-    while read str; do
+    while read -r str; do
         eval $str
         echo -n '    "'$BACKUP'": {
         "TYPE": "'$TYPE'",

From 3472f24a51028e5d50f95a122a70704341ee6c28 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 23 Mar 2020 02:04:21 +0100
Subject: [PATCH 0862/2300] version up

---
 src/deb/latest.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/latest.txt b/src/deb/latest.txt
index eabf8b7c..59ba8557 100644
--- a/src/deb/latest.txt
+++ b/src/deb/latest.txt
@@ -1 +1 @@
-vesta-0.9.8-26-7
+vesta-0.9.8-26-8

From 7be91af81af94080d55244bfc00bffbb504cdd1c Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 23 Mar 2020 02:05:08 +0100
Subject: [PATCH 0863/2300] version up

---
 src/deb/vesta/control | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/vesta/control b/src/deb/vesta/control
index d19710b1..845dcd01 100644
--- a/src/deb/vesta/control
+++ b/src/deb/vesta/control
@@ -1,7 +1,7 @@
 Source: vesta
 Package: vesta
 Priority: optional
-Version: 0.9.8-26-7
+Version: 0.9.8-26-8
 Section: admin
 Maintainer: Predrag Damnjanovic 
 Homepage: http://myvestacp.com

From 961e2f61dc6073b638e9775cd7860fd120f4f962 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 23 Mar 2020 02:05:49 +0100
Subject: [PATCH 0864/2300] version up

---
 src/deb/vesta_compile.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/vesta_compile.sh b/src/deb/vesta_compile.sh
index a37d69fe..be99dce7 100644
--- a/src/deb/vesta_compile.sh
+++ b/src/deb/vesta_compile.sh
@@ -9,7 +9,7 @@ add_deb_to_apt_repo=0
 
 TARGET_DEB_NAME='buster'
 TARGET_DEB_VER='10'
-VESTA_VER='0.9.8-26-7'
+VESTA_VER='0.9.8-26-8'
 
 run_apt_update_and_install=1
 wait_to_press_enter=1

From c3c4de43d6701560f604ca7996f717b08e3d7d1d Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Mon, 23 Mar 2020 17:28:55 +0100
Subject: [PATCH 0865/2300] Preventing manipulation with $_SERVER['HTTP_HOST']

---
 web/reset/index.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/reset/index.php b/web/reset/index.php
index 842dd2f3..0b867090 100644
--- a/web/reset/index.php
+++ b/web/reset/index.php
@@ -30,7 +30,7 @@ if ((!empty($_POST['user'])) && (empty($_POST['code']))) {
         } else {
             $mailtext = __('GREETINGS');
         }
-        $mailtext .= __('PASSWORD_RESET_REQUEST',$_SERVER['HTTP_HOST'],$user,$rkey,$_SERVER['HTTP_HOST'],$user,$rkey);
+        $mailtext .= __('PASSWORD_RESET_REQUEST',$hostname,$user,$rkey,$hostname,$user,$rkey);
         if (!empty($rkey)) send_email($to, $subject, $mailtext, $from);
         unset($output);
     }

From c9844805a441a3213f9a8cc313f114241f103ec2 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Mon, 23 Mar 2020 19:31:42 +0100
Subject: [PATCH 0866/2300] Limiting /etc/sudoers for Ubuntu

---
 upd/limit_sudo.sh | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/upd/limit_sudo.sh b/upd/limit_sudo.sh
index 4f4ac924..22572151 100755
--- a/upd/limit_sudo.sh
+++ b/upd/limit_sudo.sh
@@ -4,3 +4,5 @@ if [ -e "/etc/sudoers.d/admin" ]; then
     sed -i "s/admin.*ALL=(ALL).*/# sudo is limited to vesta scripts/" \
         /etc/sudoers.d/admin
 fi
+
+sed -i "s/%admin.*ALL=(ALL).*/# sudo is limited to vesta scripts/" /etc/sudoers

From 00e1f46276a5bb901c89d56f5a1d3e19d519eeb9 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Mon, 23 Mar 2020 19:34:39 +0100
Subject: [PATCH 0867/2300] Limiting /etc/sudoers for Ubuntu

---
 install/vst-install-ubuntu.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/install/vst-install-ubuntu.sh b/install/vst-install-ubuntu.sh
index 653f7fc1..21f645bd 100755
--- a/install/vst-install-ubuntu.sh
+++ b/install/vst-install-ubuntu.sh
@@ -688,6 +688,7 @@ chmod 755 /usr/bin/rssh
 mkdir -p /etc/sudoers.d
 cp -f $vestacp/sudo/admin /etc/sudoers.d/
 chmod 440 /etc/sudoers.d/admin
+sed -i "s/%admin.*ALL=(ALL).*/# sudo is limited to vesta scripts/" /etc/sudoers
 
 # Configuring system env
 echo "export VESTA='$VESTA'" > /etc/profile.d/vesta.sh

From e660b6b1a006495f978815cfd8dc62dac961edfb Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 23 Mar 2020 20:03:09 +0100
Subject: [PATCH 0868/2300] Update latest.txt

---
 src/deb/latest.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/latest.txt b/src/deb/latest.txt
index 59ba8557..58b9c7c3 100644
--- a/src/deb/latest.txt
+++ b/src/deb/latest.txt
@@ -1 +1 @@
-vesta-0.9.8-26-8
+vesta-0.9.8-26-9

From 798fff5be2fd8c539b12d541c54964c2f644b596 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 23 Mar 2020 20:03:56 +0100
Subject: [PATCH 0869/2300] version up

---
 src/deb/vesta_compile.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/vesta_compile.sh b/src/deb/vesta_compile.sh
index be99dce7..2ce01cbc 100644
--- a/src/deb/vesta_compile.sh
+++ b/src/deb/vesta_compile.sh
@@ -9,7 +9,7 @@ add_deb_to_apt_repo=0
 
 TARGET_DEB_NAME='buster'
 TARGET_DEB_VER='10'
-VESTA_VER='0.9.8-26-8'
+VESTA_VER='0.9.8-26-9'
 
 run_apt_update_and_install=1
 wait_to_press_enter=1

From d1b97d44931ac517464ca56ee592bb98d1ee8c71 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 23 Mar 2020 20:04:59 +0100
Subject: [PATCH 0870/2300] version up

---
 src/deb/vesta/control | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/vesta/control b/src/deb/vesta/control
index 845dcd01..0d8cd69f 100644
--- a/src/deb/vesta/control
+++ b/src/deb/vesta/control
@@ -1,7 +1,7 @@
 Source: vesta
 Package: vesta
 Priority: optional
-Version: 0.9.8-26-8
+Version: 0.9.8-26-9
 Section: admin
 Maintainer: Predrag Damnjanovic 
 Homepage: http://myvestacp.com

From c915bff32eecbd29bc49275aaeeeeddecde1dc99 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 24 Mar 2020 20:40:47 +0100
Subject: [PATCH 0871/2300] Forbid changing root password

---
 bin/v-change-user-password | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/bin/v-change-user-password b/bin/v-change-user-password
index 22a3d78f..a1b6a76f 100755
--- a/bin/v-change-user-password
+++ b/bin/v-change-user-password
@@ -22,6 +22,9 @@ source $VESTA/conf/vesta.conf
 #                    Verifications                         #
 #----------------------------------------------------------#
 
+if [ "$user" = "root" ]; then
+    check_result $E_FORBIDEN "Changing root password is forbiden"
+fi
 check_args '2' "$#" 'USER PASSWORD'
 is_format_valid 'user'
 is_object_valid 'user' 'USER' "$user"

From 58807feb80c02d7e39be27e5a4ff07bbb4f8b704 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 29 Mar 2020 18:13:22 +0200
Subject: [PATCH 0872/2300] Adding port to reset password link

---
 web/reset/index.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/reset/index.php b/web/reset/index.php
index 0b867090..e4a7608f 100644
--- a/web/reset/index.php
+++ b/web/reset/index.php
@@ -30,7 +30,7 @@ if ((!empty($_POST['user'])) && (empty($_POST['code']))) {
         } else {
             $mailtext = __('GREETINGS');
         }
-        $mailtext .= __('PASSWORD_RESET_REQUEST',$hostname,$user,$rkey,$hostname,$user,$rkey);
+        $mailtext .= __('PASSWORD_RESET_REQUEST',$hostname.":".$_SERVER['SERVER_PORT'],$user,$rkey,$hostname.":".$_SERVER['SERVER_PORT'],$user,$rkey);
         if (!empty($rkey)) send_email($to, $subject, $mailtext, $from);
         unset($output);
     }

From 6e97cdca78d8993309d66686d8920ce85978cbc2 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 9 Apr 2020 13:22:50 +0200
Subject: [PATCH 0873/2300] Tweak for hostname FPM conf

---
 install/vst-install-debian.sh | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 63583731..53deb120 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1440,6 +1440,8 @@ if [ "$release" -eq 10 ]; then
   if [ -f "/etc/php/7.3/fpm/pool.d/$servername.conf" ]; then
     sed -i "/^group =/c\group = www-data" /etc/php/7.3/fpm/pool.d/$servername.conf
     sed -i "/max_execution_time/c\php_admin_value[max_execution_time] = 900" /etc/php/7.3/fpm/pool.d/$servername.conf
+    sed -i "/request_terminate_timeout/c\request_terminate_timeout = 900s" /etc/php/7.3/fpm/pool.d/$servername.conf
+    sed -i "s|80M|800M|g" /etc/php/7.3/fpm/pool.d/$servername.conf
     service php7.3-fpm restart
     ln -s /var/lib/roundcube /var/lib/roundcube/webmail
     /usr/local/vesta/bin/v-change-web-domain-proxy-tpl 'admin' "$servername" 'hosting-webmail-phpmyadmin' 'jpg,jpeg,gif,png,ico,svg,css,zip,tgz,gz,rar,bz2,doc,xls,exe,pdf,ppt,txt,odt,ods,odp,odf,tar,wav,bmp,rtf,js,mp3,avi,mpeg,flv,woff,woff2' 'no'

From c138961af88680ea74dbc9b4a2b63a77e5f4ca5a Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 9 Apr 2020 13:27:11 +0200
Subject: [PATCH 0874/2300] Tweak for hostname FPM conf

---
 install/vst-install-debian.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 53deb120..93fcdb5c 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1442,6 +1442,7 @@ if [ "$release" -eq 10 ]; then
     sed -i "/max_execution_time/c\php_admin_value[max_execution_time] = 900" /etc/php/7.3/fpm/pool.d/$servername.conf
     sed -i "/request_terminate_timeout/c\request_terminate_timeout = 900s" /etc/php/7.3/fpm/pool.d/$servername.conf
     sed -i "s|80M|800M|g" /etc/php/7.3/fpm/pool.d/$servername.conf
+    sed -i "s|256M|512M|g" /etc/php/7.3/fpm/pool.d/$servername.conf
     service php7.3-fpm restart
     ln -s /var/lib/roundcube /var/lib/roundcube/webmail
     /usr/local/vesta/bin/v-change-web-domain-proxy-tpl 'admin' "$servername" 'hosting-webmail-phpmyadmin' 'jpg,jpeg,gif,png,ico,svg,css,zip,tgz,gz,rar,bz2,doc,xls,exe,pdf,ppt,txt,odt,ods,odp,odf,tar,wav,bmp,rtf,js,mp3,avi,mpeg,flv,woff,woff2' 'no'

From cc8a3e0c58a4656e1cf3b2701e12fde6784bea10 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Thu, 9 Apr 2020 20:53:27 +0200
Subject: [PATCH 0875/2300] Correcting FTP link in v-backup-user

---
 bin/v-backup-user | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-backup-user b/bin/v-backup-user
index 646e9812..4bb857ea 100755
--- a/bin/v-backup-user
+++ b/bin/v-backup-user
@@ -595,7 +595,7 @@ ftp_backup() {
     fi
 
     # Debug info
-    echo -e "$(date "+%F %T") Remote: ftp://$HOST$BPATH/$user.$backup_new_date.tar"
+    echo -e "$(date "+%F %T") Remote: ftp://$HOST/$BPATH/$user.$backup_new_date.tar"
 
     # Checking ftp connection
     fconn=$(ftpc)

From d2bf71d9b26cabad37ca19d8fafcde2e9c081d25 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 10 Apr 2020 00:28:17 +0200
Subject: [PATCH 0876/2300] Create v-normalize-restored-user

Normalize NS1, NS2 and IP of account that is backuped on other server and restored on this server.
After restoring, user will have DNS that contains NS1, NS2 and IP from original server
This script will put NS1, NS2 and IP of current server
---
 bin/v-normalize-restored-user | 89 +++++++++++++++++++++++++++++++++++
 1 file changed, 89 insertions(+)
 create mode 100644 bin/v-normalize-restored-user

diff --git a/bin/v-normalize-restored-user b/bin/v-normalize-restored-user
new file mode 100644
index 00000000..86e1f0b8
--- /dev/null
+++ b/bin/v-normalize-restored-user
@@ -0,0 +1,89 @@
+#!/bin/bash
+
+# info:
+# Normalize NS1, NS2 and IP of account that is backuped on other server and restored on this server.
+# After restoring, user will have DNS that contains NS1, NS2 and IP from original server
+# This script will put NS1, NS2 and IP of current server
+
+# options: user
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+whoami=$(whoami)
+if [ "$whoami" != "root" ] && [ "$whoami" != "admin" ] ; then
+    echo "You must be root or admin to execute this script";
+    exit 1;
+fi
+
+
+# Argument definition
+user=$1
+
+# Includes
+source $VESTA/func/main.sh
+
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '1' "$#" 'USER'
+is_format_valid 'user'
+is_object_valid 'user' 'USER' "$user"
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+source $VESTA/data/packages/default.pkg
+
+arrNS=(${NS//,/ })
+NEWNS1=${arrNS[0]}
+NEWNS2=${arrNS[1]}
+
+for domain in $(/usr/local/vesta/bin/v-list-web-domains $user plain |cut -f 1); do
+    if [ -f "/usr/local/vesta/data/users/$user/dns/$domain.conf" ]; then
+        NEWIPV4=$(v-list-dns-domain "$user" "$domain" | grep 'IP:' | awk '{print $2}')
+        res=$(grep "'www'" /usr/local/vesta/data/users/$user/dns/$domain.conf)
+        eval $res
+        OLDIPV4=$VALUE
+    fi
+    if [ ! -z "$NEWIPV4" ] && [ ! -z "$OLDIPV4" ]; then
+        break;
+    fi
+done
+
+
+source /usr/local/vesta/data/users/$user/user.conf
+arrNS=(${NS//,/ })
+OLDNS1=${arrNS[0]}
+OLDNS2=${arrNS[1]}
+
+echo "user = $user"
+echo "old ns1 = $OLDNS1"
+echo "old ns2 = $OLDNS2"
+echo "new ns1 = $NEWNS1"
+echo "new ns2 = $NEWNS2"
+echo "old ip = $OLDIPV4"
+echo "new ip = $NEWIPV4"
+
+find /home/$user/conf/dns/ -type f -exec sed -i "s#$OLDIPV4#$NEWIPV4#g" {} \;
+find /home/$user/conf/dns/ -type f -exec sed -i "s#$OLDNS1#$NEWNS1#g" {} \;
+find /home/$user/conf/dns/ -type f -exec sed -i "s#$OLDNS2#$NEWNS2#g" {} \;
+find /usr/local/vesta/data/users/$user/dns/ -type f -exec sed -i "s#$OLDIPV4#$NEWIPV4#g" {} \;
+find /usr/local/vesta/data/users/$user/dns/ -type f -exec sed -i "s#$OLDNS1#$NEWNS1#g" {} \;
+find /usr/local/vesta/data/users/$user/dns/ -type f -exec sed -i "s#$OLDNS2#$NEWNS2#g" {} \;
+sed -i "s#$OLDIPV4#$NEWIPV4#g" /usr/local/vesta/data/users/$user/dns.conf
+sed -i "s#$OLDNS1#$NEWNS1#g" /usr/local/vesta/data/users/$user/dns.conf
+sed -i "s#$OLDNS1#$NEWNS1#g" /usr/local/vesta/data/users/$user/user.conf
+sed -i "s#$OLDNS2#$NEWNS2#g" /usr/local/vesta/data/users/$user/user.conf
+service bind9 reload
+
+echo "Done!"
+
+# Logging
+log_event "$OK" "$ARGUMENTS"
+
+exit

From 0bbcacc74f55de1563dd62520b3790f408b52c03 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 10 Apr 2020 23:41:02 +0200
Subject: [PATCH 0877/2300] ALLOW_MYSQL_REPAIR

---
 bin/v-backup-users | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/bin/v-backup-users b/bin/v-backup-users
index 9987b737..640c1916 100755
--- a/bin/v-backup-users
+++ b/bin/v-backup-users
@@ -17,6 +17,12 @@ source /etc/profile
 source $VESTA/func/main.sh
 source $VESTA/conf/vesta.conf
 
+ALLOW_MYSQL_REPAIR=1
+
+if [ $# -ge 1 ]; then
+    ALLOW_MYSQL_REPAIR=$1
+fi
+
 
 #----------------------------------------------------------#
 #                       Action                             #
@@ -32,7 +38,9 @@ if [ ! -z "$NOTIFY_ADMIN_FULL_BACKUP" ]; then
 fi
 
 # Auto-repair all databases before backuping all accounts
-nice -n 19 ionice -c 3 mysqlrepair --all-databases --check --auto-repair >> $log 2>&1
+if [ $ALLOW_MYSQL_REPAIR -eq 1 ]; then
+    nice -n 19 ionice -c 3 mysqlrepair --all-databases --check --auto-repair >> $log 2>&1
+fi
 
 if [ -z "$BACKUP_SYSTEM" ]; then
     exit

From e7dbb91b25ef5cc5c2bd2d529c3a77bd3b8fab5b Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 11 Apr 2020 00:06:24 +0200
Subject: [PATCH 0878/2300] Update postinst

---
 src/deb/vesta/postinst | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index 07499875..3121351e 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -23,8 +23,11 @@ if [ "$check_apt" -eq 1 ]; then
     echo "deb http://apt.myvestacp.com/$codename/ $codename vesta" > /etc/apt/sources.list.d/vesta.list
 fi
 
-
-check_cron=$(grep -c '6 sudo find /home/' /var/spool/cron/crontabs/root)
+if [ -f "/var/spool/cron/crontabs/root" ]; then
+    check_cron=$(grep -c '6 sudo find /home/' /var/spool/cron/crontabs/root)
+else
+    check_cron=0
+fi
 if [ "$check_cron" -eq 0 ]; then
     crontab -l | { cat; echo "10 2 * * 6 sudo find /home/*/tmp/ -type f -mtime +5 -exec rm {} \;"; } | crontab -
 fi

From cfc46bb2a9555b76d805f514aabf883079a87f4d Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sat, 11 Apr 2020 02:16:24 +0200
Subject: [PATCH 0879/2300] Importing system enviroment in
 v-change-user-password

Thanks to @ScIT-Raphael for discovering this bug
---
 bin/v-change-user-password | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/bin/v-change-user-password b/bin/v-change-user-password
index a1b6a76f..30328641 100755
--- a/bin/v-change-user-password
+++ b/bin/v-change-user-password
@@ -13,6 +13,10 @@
 user=$1
 password=$2; HIDE=2
 
+# Importing system enviroment as we run this script
+# mostly by cron wich not read it by itself
+source /etc/profile
+
 # Includes
 source $VESTA/func/main.sh
 source $VESTA/conf/vesta.conf

From 37ef7ab3991845f3da10dc9d678f3c194046be40 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 11 Apr 2020 02:18:46 +0200
Subject: [PATCH 0880/2300] Version up

---
 src/deb/latest.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/latest.txt b/src/deb/latest.txt
index 58b9c7c3..ae1a4159 100644
--- a/src/deb/latest.txt
+++ b/src/deb/latest.txt
@@ -1 +1 @@
-vesta-0.9.8-26-9
+vesta-0.9.8-26-10

From 797f1d4595a8ea0b7368e47b35f8a5eec2083126 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 11 Apr 2020 02:19:38 +0200
Subject: [PATCH 0881/2300] Version up

---
 src/deb/vesta_compile.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/vesta_compile.sh b/src/deb/vesta_compile.sh
index 2ce01cbc..f9037de5 100644
--- a/src/deb/vesta_compile.sh
+++ b/src/deb/vesta_compile.sh
@@ -9,7 +9,7 @@ add_deb_to_apt_repo=0
 
 TARGET_DEB_NAME='buster'
 TARGET_DEB_VER='10'
-VESTA_VER='0.9.8-26-9'
+VESTA_VER='0.9.8-26-10'
 
 run_apt_update_and_install=1
 wait_to_press_enter=1

From 320859663959b995b92c97771991d3c2b7f67ee0 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 11 Apr 2020 02:20:31 +0200
Subject: [PATCH 0882/2300] Version up

---
 src/deb/vesta/control | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/vesta/control b/src/deb/vesta/control
index 0d8cd69f..d2b5fb68 100644
--- a/src/deb/vesta/control
+++ b/src/deb/vesta/control
@@ -1,7 +1,7 @@
 Source: vesta
 Package: vesta
 Priority: optional
-Version: 0.9.8-26-9
+Version: 0.9.8-26-10
 Section: admin
 Maintainer: Predrag Damnjanovic 
 Homepage: http://myvestacp.com

From 5f853a0ec1dd1609cdecb2b3d16198893c894314 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 20 Apr 2020 02:25:03 +0200
Subject: [PATCH 0883/2300] ALLOW_BACKUP_ANYTIME='yes'

---
 install/vst-install-debian.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 93fcdb5c..7ac6a3fb 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1603,6 +1603,7 @@ if [ "$release" -eq 10 ]; then
     echo "=== Set max_length_of_MySQL_username=80"
 fi
 echo "MAX_DBUSER_LEN=80" >> $VESTA/conf/vesta.conf
+echo "ALLOW_BACKUP_ANYTIME='yes'" >> /usr/local/vesta/conf/vesta.conf
 echo "================================================================"
 
 # Removing old PHP sessions files

From c3c55a4e2a2205e8e312c60a3a961374b9617ecc Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 27 Apr 2020 09:04:52 +0200
Subject: [PATCH 0884/2300] Do not restart apache while preparing letsencrypt
 acme challenge

---
 bin/v-add-letsencrypt-domain | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/bin/v-add-letsencrypt-domain b/bin/v-add-letsencrypt-domain
index 0e9438ed..4b2ecf61 100755
--- a/bin/v-add-letsencrypt-domain
+++ b/bin/v-add-letsencrypt-domain
@@ -179,9 +179,9 @@ for auth in $authz; do
             mkdir -p $acme_challenge
             echo "$token.$THUMB" > $acme_challenge/$token
             chown -R $user:$user $well_known
+            $BIN/v-restart-web
+            check_result $? "Web restart failed" >/dev/null
         fi
-        $BIN/v-restart-web
-        check_result $? "Web restart failed" >/dev/null
     fi
 
     # Requesting ACME validation / STEP 5

From 338125b448603d78f1f4706006b1946fca221f7c Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 27 Apr 2020 11:24:02 +0200
Subject: [PATCH 0885/2300]  Do not restart apache while preparing letsencrypt
 acme challenge

---
 bin/v-add-letsencrypt-domain | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/bin/v-add-letsencrypt-domain b/bin/v-add-letsencrypt-domain
index 4b2ecf61..14699088 100755
--- a/bin/v-add-letsencrypt-domain
+++ b/bin/v-add-letsencrypt-domain
@@ -179,8 +179,8 @@ for auth in $authz; do
             mkdir -p $acme_challenge
             echo "$token.$THUMB" > $acme_challenge/$token
             chown -R $user:$user $well_known
-            $BIN/v-restart-web
-            check_result $? "Web restart failed" >/dev/null
+            # $BIN/v-restart-web
+            # check_result $? "Web restart failed" >/dev/null
         fi
     fi
 

From 14ffd7d2a5acd362570ac1b09e463750a3f60026 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 29 Apr 2020 20:45:54 +0200
Subject: [PATCH 0886/2300] web_counter functions

---
 func/main.sh | 50 ++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 50 insertions(+)

diff --git a/func/main.sh b/func/main.sh
index ba78830a..c01aa123 100644
--- a/func/main.sh
+++ b/func/main.sh
@@ -990,3 +990,53 @@ wait_for_backup_if_it_is_not_time_for_backup() {
         done
     fi
 }
+
+alter_web_counter() {
+    user=$1
+    domain=$2
+    USER_DATA=$VESTA/data/users/$user
+    
+    varc=$3
+    vard="\$${varc}"
+    counter=$(get_object_value 'web' 'DOMAIN' "$domain" "$vard")
+    
+    if [ -z "$counter" ]; then
+        add_object_key "web" 'DOMAIN' "$domain" "$varc" "TIME"
+        counter=0
+    fi
+    
+    ((counter++))
+    backup_counter=$counter
+    
+    update_object_value 'web' 'DOMAIN' "$domain" "$vard" "$counter"
+    counter=$backup_counter
+    
+    echo $counter
+}
+
+reset_web_counter() {
+    user=$1
+    domain=$2
+    USER_DATA=$VESTA/data/users/$user
+    
+    varc=$3
+    vard="\$${varc}"
+
+    update_object_value 'web' 'DOMAIN' "$domain" "$vard" "0"
+}
+
+get_web_counter() {
+    user=$1
+    domain=$2
+    USER_DATA=$VESTA/data/users/$user
+    
+    varc=$3
+    vard="\$${varc}"
+    counter=$(get_object_value 'web' 'DOMAIN' "$domain" "$vard")
+
+    if [ -z "$counter" ]; then
+        counter=0
+    fi
+
+    echo $counter
+}

From d0542fd5e24b5d58c083a3a1dbf706bc7faabcdb Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 29 Apr 2020 23:46:01 +0200
Subject: [PATCH 0887/2300] alter_web_counter LETSENCRYPT_FAIL_COUNT

---
 bin/v-update-letsencrypt-ssl | 1 +
 1 file changed, 1 insertion(+)

diff --git a/bin/v-update-letsencrypt-ssl b/bin/v-update-letsencrypt-ssl
index f70cc825..0e0dc0aa 100755
--- a/bin/v-update-letsencrypt-ssl
+++ b/bin/v-update-letsencrypt-ssl
@@ -48,6 +48,7 @@ for user in $($BIN/v-list-users plain |cut -f 1); do
             msg=$($BIN/v-add-letsencrypt-domain $user $domain $aliases)
             if [ $? -ne 0 ]; then
                 echo "$domain $msg"
+                alter_web_counter "$user" "$domain" 'LETSENCRYPT_FAIL_COUNT'
             fi
         fi
     done

From 80d43b9392ee3b65c89b0b22dba4387df8395ae0 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 29 Apr 2020 23:50:10 +0200
Subject: [PATCH 0888/2300] reset_web_counter LETSENCRYPT_FAIL_COUNT

---
 bin/v-add-letsencrypt-domain | 1 +
 1 file changed, 1 insertion(+)

diff --git a/bin/v-add-letsencrypt-domain b/bin/v-add-letsencrypt-domain
index 14699088..8e1991f8 100755
--- a/bin/v-add-letsencrypt-domain
+++ b/bin/v-add-letsencrypt-domain
@@ -268,6 +268,7 @@ if [ -z "$LETSENCRYPT" ]; then
 fi
 update_object_value 'web' 'DOMAIN' "$domain" '$LETSENCRYPT' 'yes'
 
+reset_web_counter "$user" "$domain" 'LETSENCRYPT_FAIL_COUNT'
 
 #----------------------------------------------------------#
 #                       Vesta                              #

From 6baf08f8d38d61069b013ad53263456893adb65e Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 30 Apr 2020 00:00:08 +0200
Subject: [PATCH 0889/2300] get_web_counter LETSENCRYPT_FAIL_COUNT

---
 bin/v-update-letsencrypt-ssl | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/bin/v-update-letsencrypt-ssl b/bin/v-update-letsencrypt-ssl
index 0e0dc0aa..b967dc0d 100755
--- a/bin/v-update-letsencrypt-ssl
+++ b/bin/v-update-letsencrypt-ssl
@@ -29,6 +29,12 @@ for user in $($BIN/v-list-users plain |cut -f 1); do
     USER_DATA=$VESTA/data/users/$user
 
     for domain in $(search_objects 'web' 'LETSENCRYPT' 'yes' 'DOMAIN'); do
+    
+        fail_counter=$(get_web_counter "$user" "$domain" 'LETSENCRYPT_FAIL_COUNT')
+        if [[ "$fail_counter" -ge 3 ]]; then
+            echo "$domain failed $fail_counter times for LetsEncrypt renewing, skipping"
+            continue;
+        fi
         crt_data=$(openssl x509 -text -in $USER_DATA/ssl/$domain.crt)
         not_after=$(echo "$crt_data" |grep "Not After" |cut -f 2,3,4 -d :)
         expiration=$(date -d "$not_after" +%s)

From bbe4d0ddcd437876ae2323ab5bcb29ce8ab347b1 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 30 Apr 2020 00:09:51 +0200
Subject: [PATCH 0890/2300] echo fail_counter

---
 bin/v-update-letsencrypt-ssl | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/bin/v-update-letsencrypt-ssl b/bin/v-update-letsencrypt-ssl
index b967dc0d..9cf9634d 100755
--- a/bin/v-update-letsencrypt-ssl
+++ b/bin/v-update-letsencrypt-ssl
@@ -54,7 +54,8 @@ for user in $($BIN/v-list-users plain |cut -f 1); do
             msg=$($BIN/v-add-letsencrypt-domain $user $domain $aliases)
             if [ $? -ne 0 ]; then
                 echo "$domain $msg"
-                alter_web_counter "$user" "$domain" 'LETSENCRYPT_FAIL_COUNT'
+                fail_counter=$(alter_web_counter "$user" "$domain" 'LETSENCRYPT_FAIL_COUNT')
+                echo "fail_counter = $fail_counter"
             fi
         fi
     done

From e97f309e7010893c72a1e041090dcac99fbb9579 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 30 Apr 2020 00:30:53 +0200
Subject: [PATCH 0891/2300] LETSENCRYPT_FAIL_COUNT skip if suspended

---
 bin/v-update-letsencrypt-ssl | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/bin/v-update-letsencrypt-ssl b/bin/v-update-letsencrypt-ssl
index 9cf9634d..11166063 100755
--- a/bin/v-update-letsencrypt-ssl
+++ b/bin/v-update-letsencrypt-ssl
@@ -54,8 +54,12 @@ for user in $($BIN/v-list-users plain |cut -f 1); do
             msg=$($BIN/v-add-letsencrypt-domain $user $domain $aliases)
             if [ $? -ne 0 ]; then
                 echo "$domain $msg"
-                fail_counter=$(alter_web_counter "$user" "$domain" 'LETSENCRYPT_FAIL_COUNT')
-                echo "fail_counter = $fail_counter"
+                if [[ $msg == *"is suspended" ]]; then
+                    echo "OK, it's suspended"
+                else
+                    fail_counter=$(alter_web_counter "$user" "$domain" 'LETSENCRYPT_FAIL_COUNT')
+                    echo "fail_counter = $fail_counter"
+                fi
             fi
         fi
     done

From 14aad370aca7d1b54f054505afc29965a95c43ed Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 30 Apr 2020 01:17:52 +0200
Subject: [PATCH 0892/2300] Skipping LE renewing after 7 attempts

---
 bin/v-update-letsencrypt-ssl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-update-letsencrypt-ssl b/bin/v-update-letsencrypt-ssl
index 11166063..36d7a1e9 100755
--- a/bin/v-update-letsencrypt-ssl
+++ b/bin/v-update-letsencrypt-ssl
@@ -31,7 +31,7 @@ for user in $($BIN/v-list-users plain |cut -f 1); do
     for domain in $(search_objects 'web' 'LETSENCRYPT' 'yes' 'DOMAIN'); do
     
         fail_counter=$(get_web_counter "$user" "$domain" 'LETSENCRYPT_FAIL_COUNT')
-        if [[ "$fail_counter" -ge 3 ]]; then
+        if [[ "$fail_counter" -ge 7 ]]; then
             echo "$domain failed $fail_counter times for LetsEncrypt renewing, skipping"
             continue;
         fi

From 9d182f292fb4ef13ef75486629922ff0b0fc94bc Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 1 May 2020 00:17:03 +0200
Subject: [PATCH 0893/2300] Keep conf files during auto-update

---
 bin/v-update-sys-vesta | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/bin/v-update-sys-vesta b/bin/v-update-sys-vesta
index 418fe26f..b81765ec 100755
--- a/bin/v-update-sys-vesta
+++ b/bin/v-update-sys-vesta
@@ -45,11 +45,11 @@ if [ -n "$(command -v yum)" ]; then
     check_result $? "$package update failed" $E_UPDATE
 else
     # Update repo
-    apt-get update -o Dir::Etc::sourcelist="sources.list.d/vesta.list" \
+    apt update -o Dir::Etc::sourcelist="sources.list.d/vesta.list" \
         -o Dir::Etc::sourceparts="-" -o APT::Get::List-Cleanup="0" -qq
 
     # Update vesta package
-    apt-get install $package -qq > /dev/null 2>&1
+    apt -y -qq -o Dpkg::Options::="--force-confold" install $package > /dev/null 2>&1
     check_result $? "$package update failed" $E_UPDATE
 fi
 

From c6109e5301af952396392b465efe8c5af2da788b Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 1 May 2020 00:21:15 +0200
Subject: [PATCH 0894/2300] Version up

---
 src/deb/latest.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/latest.txt b/src/deb/latest.txt
index ae1a4159..f31d54f0 100644
--- a/src/deb/latest.txt
+++ b/src/deb/latest.txt
@@ -1 +1 @@
-vesta-0.9.8-26-10
+vesta-0.9.8-26-11

From 6c3399ff91be8222f513a0cac357b3436214ce8d Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 1 May 2020 00:21:48 +0200
Subject: [PATCH 0895/2300] Version up

---
 src/deb/vesta_compile.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/vesta_compile.sh b/src/deb/vesta_compile.sh
index f9037de5..083717c6 100644
--- a/src/deb/vesta_compile.sh
+++ b/src/deb/vesta_compile.sh
@@ -9,7 +9,7 @@ add_deb_to_apt_repo=0
 
 TARGET_DEB_NAME='buster'
 TARGET_DEB_VER='10'
-VESTA_VER='0.9.8-26-10'
+VESTA_VER='0.9.8-26-11'
 
 run_apt_update_and_install=1
 wait_to_press_enter=1

From 4b3343dc9d3b0f6cc1396db904b593020e77b6fe Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 1 May 2020 00:22:28 +0200
Subject: [PATCH 0896/2300] Version up

---
 src/deb/vesta/control | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/vesta/control b/src/deb/vesta/control
index d2b5fb68..3387da58 100644
--- a/src/deb/vesta/control
+++ b/src/deb/vesta/control
@@ -1,7 +1,7 @@
 Source: vesta
 Package: vesta
 Priority: optional
-Version: 0.9.8-26-10
+Version: 0.9.8-26-11
 Section: admin
 Maintainer: Predrag Damnjanovic 
 Homepage: http://myvestacp.com

From 687b50b507800ab8fab6f4ae8c261db409fe11b9 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 1 May 2020 01:03:07 +0200
Subject: [PATCH 0897/2300] Update v-update-sys-vesta

---
 bin/v-update-sys-vesta | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/bin/v-update-sys-vesta b/bin/v-update-sys-vesta
index b81765ec..de2a07cb 100755
--- a/bin/v-update-sys-vesta
+++ b/bin/v-update-sys-vesta
@@ -45,11 +45,11 @@ if [ -n "$(command -v yum)" ]; then
     check_result $? "$package update failed" $E_UPDATE
 else
     # Update repo
-    apt update -o Dir::Etc::sourcelist="sources.list.d/vesta.list" \
+    apt-get update -o Dir::Etc::sourcelist="sources.list.d/vesta.list" \
         -o Dir::Etc::sourceparts="-" -o APT::Get::List-Cleanup="0" -qq
 
     # Update vesta package
-    apt -y -qq -o Dpkg::Options::="--force-confold" install $package > /dev/null 2>&1
+    apt-get -y -qq -o Dpkg::Options::="--force-confold" install $package > /dev/null 2>&1
     check_result $? "$package update failed" $E_UPDATE
 fi
 

From d04a97c9437ff07833f2122d432647a40ceb6763 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 1 May 2020 01:33:00 +0200
Subject: [PATCH 0898/2300] Update postinst

---
 src/deb/vesta/postinst | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index 3121351e..99534b8c 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -41,4 +41,7 @@ systemctl restart clamav-daemon
 systemctl restart clamav-freshclam
 systemctl restart exim4
 
+version=$(curl http://c.myvestacp.com/latest.txt?updated)
+echo "=== myVesta $version installed ==="
+
 exit 0

From 464f8075f391be47570b90f0f7d6f36035352532 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 4 May 2020 13:32:52 +0200
Subject: [PATCH 0899/2300] Update proftpd.conf

---
 install/debian/10/proftpd/proftpd.conf | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/install/debian/10/proftpd/proftpd.conf b/install/debian/10/proftpd/proftpd.conf
index 69ec6b2e..3eb0ec2c 100644
--- a/install/debian/10/proftpd/proftpd.conf
+++ b/install/debian/10/proftpd/proftpd.conf
@@ -14,13 +14,15 @@ AuthOrder                       mod_auth_pam.c* mod_auth_unix.c
 UseReverseDNS                   off
 User                            proftpd
 Group                           nogroup
-MaxInstances                    20
+MaxInstances                    100
 UseSendfile                     off
 LogFormat                       default "%h %l %u %t \"%r\" %s %b"
 LogFormat                       auth    "%v [%P] %h %t \"%r\" %s"
 ListOptions                     -a
 RequireValidShell               off
 PassivePorts                    12000 12100
+TransferLog                     /var/log/proftpd/xferlog
+SystemLog                       /var/log/proftpd/proftpd.log
 
 
   Umask                         002

From 1fd58f24144fc0190055af52299e0313e3d90058 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 4 May 2020 23:53:17 +0200
Subject: [PATCH 0900/2300] Office365 DNS template

---
 install/debian/10/templates/dns/office365.tpl | 22 +++++++++++++++++++
 1 file changed, 22 insertions(+)
 create mode 100644 install/debian/10/templates/dns/office365.tpl

diff --git a/install/debian/10/templates/dns/office365.tpl b/install/debian/10/templates/dns/office365.tpl
new file mode 100644
index 00000000..dcf556e1
--- /dev/null
+++ b/install/debian/10/templates/dns/office365.tpl
@@ -0,0 +1,22 @@
+ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='3' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns3%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='4' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns4%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='5' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns5%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='6' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns6%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='7' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns7%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='8' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns8%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='9' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='10' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='11' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='12' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% include:spf.protection.outlook.com -all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='13' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='14' RECORD='@' TYPE='MX' PRIORITY='0' VALUE='XXXXXXX.mail.protection.outlook.com.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='15' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"MS=msXXXX"' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='16' RECORD='autodiscover' TYPE='CNAME' PRIORITY='' VALUE='autodiscover.outlook.com.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='17' RECORD='sip' TYPE='CNAME' PRIORITY='' VALUE='sipdir.online.lync.com.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='18' RECORD='lyncdiscover' TYPE='CNAME' PRIORITY='' VALUE='webdir.online.lync.com.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='19' RECORD='enterpriseregistration' TYPE='CNAME' PRIORITY='' VALUE='enterpriseregistration.windows.net.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='20' RECORD='enterpriseenrollment' TYPE='CNAME' PRIORITY='' VALUE='enterpriseenrollment.manage.microsoft.com.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='21' RECORD='_sip._tls' TYPE='SRV' PRIORITY='100 1 443' VALUE='sipdir.online.lync.com.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='22' RECORD='_sipfederationtls._tcp' TYPE='SRV' PRIORITY='100 1 5061' VALUE='sipfed.online.lync.com.' SUSPENDED='no' TIME='%time%' DATE='%date%'

From 363e5d72f174fee26e33d1106387fdb4bb66c48e Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 5 May 2020 00:30:09 +0200
Subject: [PATCH 0901/2300] Create yandex.tpl

---
 install/debian/10/templates/dns/yandex.tpl | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)
 create mode 100644 install/debian/10/templates/dns/yandex.tpl

diff --git a/install/debian/10/templates/dns/yandex.tpl b/install/debian/10/templates/dns/yandex.tpl
new file mode 100644
index 00000000..4ce768fe
--- /dev/null
+++ b/install/debian/10/templates/dns/yandex.tpl
@@ -0,0 +1,16 @@
+ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='3' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns3%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='4' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns4%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='5' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns5%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='6' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns6%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='7' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns7%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='8' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns8%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='9' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='10' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='11' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='12' RECORD='mail' TYPE='CNAME' PRIORITY='' VALUE='domain.mail.yandex.net.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='13' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mx.yandex.net.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='14' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% include:_spf.yandex.net ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='15' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='16' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"yandex-verification: XXXXXXXXXXXXXXX"' SUSPENDED='no' TIME='%time%' DATE='%date%'

From 0a3928691cb66e200c8def8946a614fcdad2d51c Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 7 May 2020 18:04:02 +0200
Subject: [PATCH 0902/2300] Support for parameters in v-clone-website

---
 src/deb/for-download/tools/v-clone-website | 50 ++++++++++++++++++----
 1 file changed, 42 insertions(+), 8 deletions(-)

diff --git a/src/deb/for-download/tools/v-clone-website b/src/deb/for-download/tools/v-clone-website
index 72405cce..07be8c67 100644
--- a/src/deb/for-download/tools/v-clone-website
+++ b/src/deb/for-download/tools/v-clone-website
@@ -4,6 +4,10 @@
 # Useful for making staging copy in one command-line.
 # Automatic detection of WordPress, automaticaly read DB user, DB name, DB pass, automatic cloning to new database, automatic changing wp-config.php file.
 
+# Available parameters:
+# --DATABASE_SUFIX=...
+# --TO_DATABASE=...
+
 if [ $# -lt 2 ]; then
     echo "USAGE: v-clone-website FROM_DOMAIN TO_DOMAIN [FROM_DATABASE_NAME] [FROM_DATABASE_USERNAME] [FROM_DATABASE_PASSWORD] [FROM_CONFIG_FILE] [TO_USER] [TO_DATABASE_NAME] [TO_DATABASE_USERNAME] [TO_DATABASE_PASSWORD]"
     exit 1
@@ -18,6 +22,30 @@ FROM_CONFIG_FILE=''
 TO_DATABASE_NAME=''
 TO_DATABASE_USERNAME=''
 TO_DATABASE_PASSWORD=''
+DATABASE_SUFIX='_migrated'
+
+############################
+# handle --parameters=val
+handle_parameter() {
+    origparam=$1
+    searchstring="="
+    paramminuses=${origparam:0:2}
+    if [ "$paramminuses" = "--" ]; then
+        var_without_minuses=${origparam:2}
+        var=${var_without_minuses%%=*}
+        val=${origparam#*$searchstring}
+        #echo $var
+        #echo $val
+        printf -v "$var" '%s' "$val"
+    fi
+}
+numargs=$#
+for ((i=1 ; i <= numargs ; i++))
+do
+    handle_parameter $1
+    shift
+done
+############################
 
 if [ -z "$VESTA" ]; then
     VESTA="/usr/local/vesta"
@@ -32,6 +60,7 @@ if [ -z "$2" ]; then
     exit 3
 fi
 
+
 FROM_DOMAIN=$1
 FROM_USER=$($VESTA/bin/v-search-domain-owner "$FROM_DOMAIN")
 if [ -z "$FROM_USER" ]; then
@@ -154,32 +183,37 @@ if [ $# -ge 10 ]; then
     fi
 fi
 
+LENGTH_OF_DATABASE_SUFIX=${#DATABASE_SUFIX}
 if [ -z "$TO_DATABASE_NAME" ]; then
     LENGTH_OF_TO_DATABASE_NAME=${#FROM_DATABASE_NAME}
-    START_FROM=$((LENGTH_OF_TO_DATABASE_NAME-9))
+    START_FROM=$((LENGTH_OF_TO_DATABASE_NAME-LENGTH_OF_DATABASE_SUFIX))
     CHECK_PREFIX=${FROM_DATABASE_NAME:START_FROM}
-    if [ "$CHECK_PREFIX" = "_migrated" ]; then
+    if [ "$CHECK_PREFIX" = "${DATABASE_SUFIX}" ]; then
         TO_DATABASE_NAME="${TO_USER}_${FROM_DATABASE_NAME_WITHOUT_PREFIX}"
         LENGTH_OF_TO_DATABASE_NAME=${#TO_DATABASE_NAME}
-        CUT_TO=$((LENGTH_OF_TO_DATABASE_NAME-9))
+        CUT_TO=$((LENGTH_OF_TO_DATABASE_NAME-LENGTH_OF_DATABASE_SUFIX))
         TO_DATABASE_NAME=${TO_DATABASE_NAME:0:CUT_TO}
     else
-        TO_DATABASE_NAME="${TO_USER}_${FROM_DATABASE_NAME_WITHOUT_PREFIX}_migrated"
+        TO_DATABASE_NAME="${TO_USER}_${FROM_DATABASE_NAME_WITHOUT_PREFIX}${DATABASE_SUFIX}"
     fi
 fi
 if [ -z "$TO_DATABASE_USERNAME" ]; then
     LENGTH_OF_TO_DATABASE_USERNAME=${#FROM_DATABASE_USERNAME}
-    START_FROM=$((LENGTH_OF_TO_DATABASE_USERNAME-9))
+    START_FROM=$((LENGTH_OF_TO_DATABASE_USERNAME-LENGTH_OF_DATABASE_SUFIX))
     CHECK_PREFIX=${FROM_DATABASE_USERNAME:START_FROM}
-    if [ "$CHECK_PREFIX" = "_migrated" ]; then
+    if [ "$CHECK_PREFIX" = "${DATABASE_SUFIX}" ]; then
         TO_DATABASE_USERNAME="${TO_USER}_${FROM_DATABASE_USERNAME_WITHOUT_PREFIX}"
         LENGTH_OF_TO_DATABASE_USERNAME=${#TO_DATABASE_USERNAME}
-        CUT_TO=$((LENGTH_OF_TO_DATABASE_USERNAME-9))
+        CUT_TO=$((LENGTH_OF_TO_DATABASE_USERNAME-LENGTH_OF_DATABASE_SUFIX))
         TO_DATABASE_USERNAME=${TO_DATABASE_USERNAME:0:CUT_TO}
     else
-        TO_DATABASE_USERNAME="${TO_USER}_${FROM_DATABASE_USERNAME_WITHOUT_PREFIX}_migrated"
+        TO_DATABASE_USERNAME="${TO_USER}_${FROM_DATABASE_USERNAME_WITHOUT_PREFIX}${DATABASE_SUFIX}"
     fi
 fi
+if [ ! -z "$TO_DATABASE" ]; then
+    TO_DATABASE_USERNAME=$TO_DATABASE
+    TO_DATABASE_NAME=$TO_DATABASE
+fi
 if [ -z "$TO_DATABASE_PASSWORD" ]; then
     TO_DATABASE_PASSWORD=$FROM_DATABASE_PASSWORD
 fi

From e3c1d0f49ec4bcb9bc7869e65d7e806efedf6cbb Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 7 May 2020 18:08:31 +0200
Subject: [PATCH 0903/2300] wp cache flush

---
 src/deb/for-download/tools/v-clone-website | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/deb/for-download/tools/v-clone-website b/src/deb/for-download/tools/v-clone-website
index 07be8c67..e1da991e 100644
--- a/src/deb/for-download/tools/v-clone-website
+++ b/src/deb/for-download/tools/v-clone-website
@@ -339,6 +339,7 @@ if [ $IT_IS_WP -eq 0 ]; then
 else
     cd $TO_FOLDER
     sudo -H -u$TO_USER wp search-replace "$FROM_DOMAIN" "$TO_DOMAIN" --precise --all-tables --skip-columns=guid
+    sudo -H -u$TO_USER wp cache flush
 fi
 
 echo "===== DONE ===="

From 2c1b1cafd495f7c2d727946f7acfc675fb3dcdee Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 7 May 2020 21:24:40 +0200
Subject: [PATCH 0904/2300] Update postinst

---
 src/deb/vesta/postinst | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index 99534b8c..21b70b44 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -2,6 +2,9 @@
 
 # Run triggers only on updates
 if [ ! -e "/usr/local/vesta/data/users/admin" ]; then
+    version=$(curl -s http://c.myvestacp.com/latest.txt?installed)
+    version=${version:6}
+    echo "=== myVesta $version installed ==="
     exit
 fi
 
@@ -41,7 +44,8 @@ systemctl restart clamav-daemon
 systemctl restart clamav-freshclam
 systemctl restart exim4
 
-version=$(curl http://c.myvestacp.com/latest.txt?updated)
-echo "=== myVesta $version installed ==="
+version=$(curl -s http://c.myvestacp.com/latest.txt?updated)
+version=${version:6}
+echo "=== myVesta $version updated ==="
 
 exit 0

From 66ac7f74d5ec1af95666acac954da26bbd7b63c7 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 7 May 2020 21:29:05 +0200
Subject: [PATCH 0905/2300] Update postinst

---
 src/deb/vesta/postinst | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index 21b70b44..a1a55b08 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -5,6 +5,7 @@ if [ ! -e "/usr/local/vesta/data/users/admin" ]; then
     version=$(curl -s http://c.myvestacp.com/latest.txt?installed)
     version=${version:6}
     echo "=== myVesta $version installed ==="
+    echo "$version" > /usr/local/vesta/version.txt
     exit
 fi
 
@@ -47,5 +48,6 @@ systemctl restart exim4
 version=$(curl -s http://c.myvestacp.com/latest.txt?updated)
 version=${version:6}
 echo "=== myVesta $version updated ==="
+echo "$version" > /usr/local/vesta/version.txt
 
 exit 0

From ab0ca29e2869bc5580639d117c35d08593c137f9 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 7 May 2020 21:34:37 +0200
Subject: [PATCH 0906/2300] Update vesta_compile.sh

---
 src/deb/vesta_compile.sh | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/deb/vesta_compile.sh b/src/deb/vesta_compile.sh
index 083717c6..5b2b3170 100644
--- a/src/deb/vesta_compile.sh
+++ b/src/deb/vesta_compile.sh
@@ -9,7 +9,6 @@ add_deb_to_apt_repo=0
 
 TARGET_DEB_NAME='buster'
 TARGET_DEB_VER='10'
-VESTA_VER='0.9.8-26-11'
 
 run_apt_update_and_install=1
 wait_to_press_enter=1
@@ -51,6 +50,9 @@ APT_WEB_ADDRESS="apt.myvestacp.com"
 PATH_OF_APT_REPO_ROOT="/var/www/$APT_WEB_ADDRESS/html"
 PATH_OF_APT_REPO="$PATH_OF_APT_REPO_ROOT/$TARGET_DEB_NAME"
 
+VESTA_VER=$(curl -s https://raw.githubusercontent.com/myvesta/vesta/master/src/deb/latest.txt)
+VESTA_VER=${VESTA_VER:6}
+
 # Set Version for compiling
 VESTA_V=$VESTA_VER"_amd64"
 NGINX_V='1.17.7'

From cef7ab0233544dfaee782fb993109e334c450835 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 7 May 2020 21:37:54 +0200
Subject: [PATCH 0907/2300] Update control

---
 src/deb/vesta/control | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/vesta/control b/src/deb/vesta/control
index 3387da58..0cb5f67d 100644
--- a/src/deb/vesta/control
+++ b/src/deb/vesta/control
@@ -1,7 +1,7 @@
 Source: vesta
 Package: vesta
 Priority: optional
-Version: 0.9.8-26-11
+Version: 0.9.8-26
 Section: admin
 Maintainer: Predrag Damnjanovic 
 Homepage: http://myvestacp.com

From 5f60eea4865ef15fe5388338d05ced893195232b Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 7 May 2020 21:38:33 +0200
Subject: [PATCH 0908/2300] version up

---
 src/deb/latest.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/latest.txt b/src/deb/latest.txt
index f31d54f0..5a9a5b66 100644
--- a/src/deb/latest.txt
+++ b/src/deb/latest.txt
@@ -1 +1 @@
-vesta-0.9.8-26-11
+vesta-0.9.8-26-12

From 35bd47c5cd70ea3c825b93dc6dd85e9b3cf3e51d Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 7 May 2020 23:19:46 +0200
Subject: [PATCH 0909/2300] Update vesta_compile.sh

---
 src/deb/vesta_compile.sh | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/deb/vesta_compile.sh b/src/deb/vesta_compile.sh
index 5b2b3170..9f647c0a 100644
--- a/src/deb/vesta_compile.sh
+++ b/src/deb/vesta_compile.sh
@@ -53,6 +53,8 @@ PATH_OF_APT_REPO="$PATH_OF_APT_REPO_ROOT/$TARGET_DEB_NAME"
 VESTA_VER=$(curl -s https://raw.githubusercontent.com/myvesta/vesta/master/src/deb/latest.txt)
 VESTA_VER=${VESTA_VER:6}
 
+BUILD_DATE=$(date +"%m-%b-%Y")
+
 # Set Version for compiling
 VESTA_V=$VESTA_VER"_amd64"
 NGINX_V='1.17.7'
@@ -274,6 +276,7 @@ if [ "$CWEB_B" = true ]; then
     cp /root/vesta/install/debian/$TARGET_DEB_VER_MAIN/deb_signing.key $PATH_OF_C_WEB_FOLDER_ROOT/deb_signing.key
   fi
   cp /root/vesta/src/deb/latest.txt $PATH_OF_C_WEB_FOLDER_ROOT/latest.txt
+  echo "$BUILD_DATE" > $PATH_OF_C_WEB_FOLDER_ROOT/build_date.txt
   cd $PATH_OF_C_WEB_FOLDER
   
   if [ -f "packages.tar.gz" ]; then

From 5d87a17bf8f5365a77294a891eb28fbcd4b59392 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 7 May 2020 23:22:30 +0200
Subject: [PATCH 0910/2300] build_date

---
 src/deb/vesta/postinst | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index a1a55b08..29b89e29 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -1,5 +1,8 @@
 #!/bin/bash
 
+build_date=$(curl -s http://c.myvestacp.com/build_date.txt)
+echo "$build_date" > /usr/local/vesta/build_date.txt
+
 # Run triggers only on updates
 if [ ! -e "/usr/local/vesta/data/users/admin" ]; then
     version=$(curl -s http://c.myvestacp.com/latest.txt?installed)

From 6fa22486e7d663024859961b4fd81b67a9d6c017 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 7 May 2020 23:23:58 +0200
Subject: [PATCH 0911/2300] get version and build date

---
 web/inc/main.php | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/web/inc/main.php b/web/inc/main.php
index 63b3b8b1..09eef5f7 100644
--- a/web/inc/main.php
+++ b/web/inc/main.php
@@ -1,5 +1,8 @@
 
Date: Thu, 7 May 2020 23:25:32 +0200
Subject: [PATCH 0912/2300] display version in footer

---
 web/templates/footer.html | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/web/templates/footer.html b/web/templates/footer.html
index ca48e4b7..3ea27309 100644
--- a/web/templates/footer.html
+++ b/web/templates/footer.html
@@ -1,5 +1,9 @@
   
 
+  
+  myVesta 
Build date: 
+  
+
   
     
   

From 892c2565fb619fe9b5fe9ea81e4f5ffc4deb1113 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 7 May 2020 23:26:43 +0200
Subject: [PATCH 0913/2300] Version 13

---
 src/deb/latest.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/latest.txt b/src/deb/latest.txt
index 5a9a5b66..d84dd49c 100644
--- a/src/deb/latest.txt
+++ b/src/deb/latest.txt
@@ -1 +1 @@
-vesta-0.9.8-26-12
+vesta-0.9.8-26-13

From 893da18c7cf1494a7ff04f69932ca3b8129c6557 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 7 May 2020 23:30:01 +0200
Subject: [PATCH 0914/2300] Update vesta_compile.sh

---
 src/deb/vesta_compile.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/vesta_compile.sh b/src/deb/vesta_compile.sh
index 9f647c0a..23b2471a 100644
--- a/src/deb/vesta_compile.sh
+++ b/src/deb/vesta_compile.sh
@@ -53,7 +53,7 @@ PATH_OF_APT_REPO="$PATH_OF_APT_REPO_ROOT/$TARGET_DEB_NAME"
 VESTA_VER=$(curl -s https://raw.githubusercontent.com/myvesta/vesta/master/src/deb/latest.txt)
 VESTA_VER=${VESTA_VER:6}
 
-BUILD_DATE=$(date +"%m-%b-%Y")
+BUILD_DATE=$(date +"%d-%b-%Y")
 
 # Set Version for compiling
 VESTA_V=$VESTA_VER"_amd64"

From c260afa4a5a6146c6a36acfd1437c6603b210b3a Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 7 May 2020 23:33:22 +0200
Subject: [PATCH 0915/2300] Update postinst

---
 src/deb/vesta/postinst | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index 29b89e29..6b5f3969 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -8,6 +8,7 @@ if [ ! -e "/usr/local/vesta/data/users/admin" ]; then
     version=$(curl -s http://c.myvestacp.com/latest.txt?installed)
     version=${version:6}
     echo "=== myVesta $version installed ==="
+    echo "=== myVesta build date: $build_date"
     echo "$version" > /usr/local/vesta/version.txt
     exit
 fi
@@ -51,6 +52,7 @@ systemctl restart exim4
 version=$(curl -s http://c.myvestacp.com/latest.txt?updated)
 version=${version:6}
 echo "=== myVesta $version updated ==="
+echo "=== myVesta build date: $build_date"
 echo "$version" > /usr/local/vesta/version.txt
 
 exit 0

From d1ccc4cdf6c010948906168c0450ffc781f53448 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 7 May 2020 23:40:38 +0200
Subject: [PATCH 0916/2300] Update footer.html

---
 web/templates/footer.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/templates/footer.html b/web/templates/footer.html
index 3ea27309..9aab9af7 100644
--- a/web/templates/footer.html
+++ b/web/templates/footer.html
@@ -1,7 +1,7 @@
   
 
   
-  myVesta 
Build date: 
+  myVesta 
Build date: 
   
 
   

From aa04ca72229ec2e15ce31176358d3072f4d171b5 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 8 May 2020 12:50:41 +0200
Subject: [PATCH 0917/2300] v-clone-website switched to parameters

---
 src/deb/for-download/tools/v-clone-website | 53 ++++++----------------
 1 file changed, 14 insertions(+), 39 deletions(-)

diff --git a/src/deb/for-download/tools/v-clone-website b/src/deb/for-download/tools/v-clone-website
index e1da991e..333092c8 100644
--- a/src/deb/for-download/tools/v-clone-website
+++ b/src/deb/for-download/tools/v-clone-website
@@ -4,12 +4,19 @@
 # Useful for making staging copy in one command-line.
 # Automatic detection of WordPress, automaticaly read DB user, DB name, DB pass, automatic cloning to new database, automatic changing wp-config.php file.
 
-# Available parameters:
-# --DATABASE_SUFIX=...
-# --TO_DATABASE=...
-
 if [ $# -lt 2 ]; then
-    echo "USAGE: v-clone-website FROM_DOMAIN TO_DOMAIN [FROM_DATABASE_NAME] [FROM_DATABASE_USERNAME] [FROM_DATABASE_PASSWORD] [FROM_CONFIG_FILE] [TO_USER] [TO_DATABASE_NAME] [TO_DATABASE_USERNAME] [TO_DATABASE_PASSWORD]"
+    echo "USAGE: v-clone-website FROM_DOMAIN TO_DOMAIN"
+    echo "Available parameters:"
+    echo "--DATABASE_SUFIX=... (default is '_migrated')"
+    echo "--TO_DATABASE=... (this will override both --TO_DATABASE_NAME and --TO_DATABASE_USERNAME)"
+    echo "--FROM_DATABASE_NAME=..."
+    echo "--FROM_DATABASE_USERNAME=..."
+    echo "--FROM_DATABASE_PASSWORD=..."
+    echo "--FROM_CONFIG_FILE=..."
+    echo "--TO_DATABASE_NAME=..."
+    echo "--TO_DATABASE_USERNAME=..."
+    echo "--TO_DATABASE_PASSWORD=..."
+    echo "--=..."
     exit 1
 fi
 
@@ -74,9 +81,7 @@ if [ $CHECK_PUBLIC_SHTML -eq 1 ]; then
     FROM_FOLDER="/home/$FROM_USER/web/$FROM_DOMAIN/public_shtml"
 fi
 
-
-if [ $# -ge 6 ]; then
-    FROM_CONFIG_FILE="$6"
+if [ ! -z "$FROM_CONFIG_FILE" ]; then
     FROM_CONFIG_FILE_FULL_PATH="$FROM_FOLDER/$6"
 fi
 if [ -z "$FROM_CONFIG_FILE" ]; then
@@ -107,21 +112,7 @@ if [ $IT_IS_WP -eq 1 ]; then
     FROM_DATABASE_PASSWORD=$(grep 'DB_PASSWORD' $FROM_CONFIG_FILE_FULL_PATH_BACKUP | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
     rm $FROM_CONFIG_FILE_FULL_PATH_BACKUP
 fi
-if [ $# -ge 3 ]; then
-    if [ ! -z "$3" ]; then
-        FROM_DATABASE_NAME=$3
-    fi
-fi
-if [ $# -ge 4 ]; then
-    if [ ! -z "$4" ]; then
-        FROM_DATABASE_USERNAME=$4
-    fi
-fi
-if [ $# -ge 5 ]; then
-    if [ ! -z "$5" ]; then
-        FROM_DATABASE_PASSWORD=$5
-    fi
-fi
+
 if [ -z "$FROM_DATABASE_NAME" ]; then
     echo "Error: FROM_DATABASE_NAME is empty"
     exit 6
@@ -167,22 +158,6 @@ fi
 
 TO_CONFIG_FILE_FULL_PATH="$TO_FOLDER/$FROM_CONFIG_FILE"
 
-if [ $# -ge 8 ]; then
-    if [ ! -z "$8" ]; then
-        TO_DATABASE_NAME=$8
-    fi
-fi
-if [ $# -ge 9 ]; then
-    if [ ! -z "$9" ]; then
-        TO_DATABASE_USERNAME=$9
-    fi
-fi
-if [ $# -ge 10 ]; then
-    if [ ! -z "${10}" ]; then
-        TO_DATABASE_PASSWORD=${10}
-    fi
-fi
-
 LENGTH_OF_DATABASE_SUFIX=${#DATABASE_SUFIX}
 if [ -z "$TO_DATABASE_NAME" ]; then
     LENGTH_OF_TO_DATABASE_NAME=${#FROM_DATABASE_NAME}

From f198adb3b37fc3f4b5230ad1a20897ef9e15a2d9 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 8 May 2020 13:10:30 +0200
Subject: [PATCH 0918/2300] Remove w3-total-cache on migrated domain

Because it can make hell in memcached cache
---
 src/deb/for-download/tools/v-clone-website | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/src/deb/for-download/tools/v-clone-website b/src/deb/for-download/tools/v-clone-website
index 333092c8..9c218258 100644
--- a/src/deb/for-download/tools/v-clone-website
+++ b/src/deb/for-download/tools/v-clone-website
@@ -313,6 +313,13 @@ if [ $IT_IS_WP -eq 0 ]; then
     php7.0 /root/Search-Replace-DB-master/srdb.cli.php -h localhost -n "$TO_DATABASE_NAME" -u "$TO_DATABASE_USERNAME" -p "$TO_DATABASE_PASSWORD" -s "$FROM_DOMAIN" -r "$TO_DOMAIN"
 else
     cd $TO_FOLDER
+    if [ -d "wp-content/plugins/w3-total-cache" ]; then
+        rm -f wp-content/object-cache.php
+        rm -f wp-content/db.php
+        rm -f wp-content/advanced-cache.php
+        rm -rf wp-content/w3tc-config
+        rm -rf wp-content/plugins/w3-total-cache
+    fi
     sudo -H -u$TO_USER wp search-replace "$FROM_DOMAIN" "$TO_DOMAIN" --precise --all-tables --skip-columns=guid
     sudo -H -u$TO_USER wp cache flush
 fi

From 75bccb0f6cf946f060ebed3ddd9764d037c3b6d6 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 8 May 2020 13:36:00 +0200
Subject: [PATCH 0919/2300] Update v-clone-website

---
 src/deb/for-download/tools/v-clone-website | 39 +++++++++++++++++++---
 1 file changed, 34 insertions(+), 5 deletions(-)

diff --git a/src/deb/for-download/tools/v-clone-website b/src/deb/for-download/tools/v-clone-website
index 9c218258..3d1e89a1 100644
--- a/src/deb/for-download/tools/v-clone-website
+++ b/src/deb/for-download/tools/v-clone-website
@@ -13,10 +13,10 @@ if [ $# -lt 2 ]; then
     echo "--FROM_DATABASE_USERNAME=..."
     echo "--FROM_DATABASE_PASSWORD=..."
     echo "--FROM_CONFIG_FILE=..."
+    echo "--=TO_USER=..."
     echo "--TO_DATABASE_NAME=..."
     echo "--TO_DATABASE_USERNAME=..."
     echo "--TO_DATABASE_PASSWORD=..."
-    echo "--=..."
     exit 1
 fi
 
@@ -141,13 +141,23 @@ FROM_DATABASE_USERNAME_WITHOUT_PREFIX=${FROM_DATABASE_USERNAME:FROM_USER_LEN}
 
 # ----------- TO -------------
 
+CREATE_TO_USER=0
+CREATE_TO_DOMAIN=0
 
 TO_DOMAIN=$2
-TO_USER=$($VESTA/bin/v-search-domain-owner "$TO_DOMAIN")
-CREATE_TO_DOMAIN=0
 if [ -z "$TO_USER" ]; then
-    TO_USER=$FROM_USER
-    CREATE_TO_DOMAIN=1
+    TO_USER=$($VESTA/bin/v-search-domain-owner "$TO_DOMAIN")
+    if [ -z "$TO_USER" ]; then
+        TO_USER=$FROM_USER
+        CREATE_TO_DOMAIN=1
+    fi
+else
+    if [ ! -d "/home/$TO_USER" ]; then
+        CREATE_TO_USER=1
+    fi
+    if [ ! -d "/home/$TO_USER/web/$TO_DOMAIN/public_html" ]; then
+        CREATE_TO_DOMAIN=1
+    fi
 fi
 
 TO_FOLDER="/home/$TO_USER/web/$TO_DOMAIN/public_html"
@@ -255,12 +265,31 @@ echo "FROM_DATABASE_NAME_WITHOUT_PREFIX = $FROM_DATABASE_NAME_WITHOUT_PREFIX"
 echo "TO_DATABASE_NAME_WITHOUT_PREFIX   = $TO_DATABASE_NAME_WITHOUT_PREFIX"
 echo "FROM_DATABASE_USERNAME_WITHOUT_PREFIX = $FROM_DATABASE_USERNAME_WITHOUT_PREFIX"
 echo "TO_DATABASE_USERNAME_WITHOUT_PREFIX   = $TO_DATABASE_USERNAME_WITHOUT_PREFIX"
+echo "CREATE_TO_USER = $CREATE_TO_USER"
+echo "CREATE_TO_DOMAIN = $CREATE_TO_DOMAIN"
 echo "==============================================================================="
 read -p "=== Press Enter to continue ==="
 
 
 # ----------- ACTION -------------
 
+# Defining password-gen function
+gen_pass() {
+    MATRIX='0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'
+    LENGTH=32
+    while [ ${n:=1} -le $LENGTH ]; do
+        PASS="$PASS${MATRIX:$(($RANDOM%${#MATRIX})):1}"
+        let n+=1
+    done
+    echo "$PASS"
+}
+
+if [ $CREATE_TO_USER -eq 1 ]; then
+    pass=$(gen_pass)
+    echo "=== Create user $TO_USER, pass=$pass"
+    $VESTA/bin/v-add-user "$TO_USER" "$pass" "info@$TO_DOMAIN" "default" "Migrated" "site"
+fi
+
 if [ $CREATE_TO_DOMAIN -eq 1 ]; then
     echo "=== Create domain $TO_DOMAIN"
     $VESTA/bin/v-add-domain "$TO_USER" "$TO_DOMAIN"

From 3df19d0f2bdd2a389d397768e340d1b2c32e6b25 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 8 May 2020 13:43:45 +0200
Subject: [PATCH 0920/2300] Update v-clone-website

---
 src/deb/for-download/tools/v-clone-website | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/for-download/tools/v-clone-website b/src/deb/for-download/tools/v-clone-website
index 3d1e89a1..9b0aa94c 100644
--- a/src/deb/for-download/tools/v-clone-website
+++ b/src/deb/for-download/tools/v-clone-website
@@ -13,7 +13,7 @@ if [ $# -lt 2 ]; then
     echo "--FROM_DATABASE_USERNAME=..."
     echo "--FROM_DATABASE_PASSWORD=..."
     echo "--FROM_CONFIG_FILE=..."
-    echo "--=TO_USER=..."
+    echo "--TO_USER=..."
     echo "--TO_DATABASE_NAME=..."
     echo "--TO_DATABASE_USERNAME=..."
     echo "--TO_DATABASE_PASSWORD=..."

From 47d589a1bacc4cf70e752206946de453c9c66491 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 8 May 2020 13:55:18 +0200
Subject: [PATCH 0921/2300] Update v-clone-website

---
 src/deb/for-download/tools/v-clone-website | 24 ++++++++++++----------
 1 file changed, 13 insertions(+), 11 deletions(-)

diff --git a/src/deb/for-download/tools/v-clone-website b/src/deb/for-download/tools/v-clone-website
index 9b0aa94c..8a5c6a8d 100644
--- a/src/deb/for-download/tools/v-clone-website
+++ b/src/deb/for-download/tools/v-clone-website
@@ -31,6 +31,18 @@ TO_DATABASE_USERNAME=''
 TO_DATABASE_PASSWORD=''
 DATABASE_SUFIX='_migrated'
 
+if [ -z "$1" ]; then
+    echo "Error: FROM_DOMAIN is empty"
+    exit 2
+fi
+if [ -z "$2" ]; then
+    echo "Error: TO_DOMAIN is empty"
+    exit 3
+fi
+
+FROM_DOMAIN=$1
+TO_DOMAIN=$2
+
 ############################
 # handle --parameters=val
 handle_parameter() {
@@ -58,17 +70,8 @@ if [ -z "$VESTA" ]; then
     VESTA="/usr/local/vesta"
 fi
 
-if [ -z "$1" ]; then
-    echo "Error: FROM_DOMAIN is empty"
-    exit 2
-fi
-if [ -z "$2" ]; then
-    echo "Error: TO_DOMAIN is empty"
-    exit 3
-fi
+###########################################################################
 
-
-FROM_DOMAIN=$1
 FROM_USER=$($VESTA/bin/v-search-domain-owner "$FROM_DOMAIN")
 if [ -z "$FROM_USER" ]; then
     echo "Error: domain $FROM_DOMAIN does not exists"
@@ -144,7 +147,6 @@ FROM_DATABASE_USERNAME_WITHOUT_PREFIX=${FROM_DATABASE_USERNAME:FROM_USER_LEN}
 CREATE_TO_USER=0
 CREATE_TO_DOMAIN=0
 
-TO_DOMAIN=$2
 if [ -z "$TO_USER" ]; then
     TO_USER=$($VESTA/bin/v-search-domain-owner "$TO_DOMAIN")
     if [ -z "$TO_USER" ]; then

From 395eee2d5f81e908b24f723dc670adbfc45f62be Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 8 May 2020 14:46:40 +0200
Subject: [PATCH 0922/2300] Update v-clone-website

---
 src/deb/for-download/tools/v-clone-website | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/src/deb/for-download/tools/v-clone-website b/src/deb/for-download/tools/v-clone-website
index 8a5c6a8d..1c57c818 100644
--- a/src/deb/for-download/tools/v-clone-website
+++ b/src/deb/for-download/tools/v-clone-website
@@ -141,6 +141,10 @@ fi
 FROM_DATABASE_NAME_WITHOUT_PREFIX=${FROM_DATABASE_NAME:FROM_USER_LEN}
 FROM_DATABASE_USERNAME_WITHOUT_PREFIX=${FROM_DATABASE_USERNAME:FROM_USER_LEN}
 
+FROM_DOMAIN_HAS_SSL=0
+if [ -f "/home/$FROM_USER/conf/web/ssl.$FROM_DOMAIN.pem" ]; then
+    FROM_DOMAIN_HAS_SSL=1
+fi
 
 # ----------- TO -------------
 
@@ -224,6 +228,16 @@ TO_DATABASE_NAME_WITHOUT_PREFIX=${TO_DATABASE_NAME:TO_USER_LEN}
 TO_DATABASE_USERNAME_WITHOUT_PREFIX=${TO_DATABASE_USERNAME:TO_USER_LEN}
 
 
+TO_DOMAIN_HAS_SSL=0
+if [ -f "/home/$TO_USER/conf/web/ssl.$TO_DOMAIN.pem" ]; then
+    TO_DOMAIN_HAS_SSL=1
+fi
+SHOULD_INSTALL_SSL=0
+if [ $FROM_DOMAIN_HAS_SSL -eq 1 ] && [ $TO_DOMAIN_HAS_SSL -eq 0 ]; then
+    SHOULD_INSTALL_SSL=1
+fi
+
+
 # ----------- CHECK -------------
 
 if [ $IT_IS_WP -eq 0 ]; then
@@ -269,6 +283,7 @@ echo "FROM_DATABASE_USERNAME_WITHOUT_PREFIX = $FROM_DATABASE_USERNAME_WITHOUT_PR
 echo "TO_DATABASE_USERNAME_WITHOUT_PREFIX   = $TO_DATABASE_USERNAME_WITHOUT_PREFIX"
 echo "CREATE_TO_USER = $CREATE_TO_USER"
 echo "CREATE_TO_DOMAIN = $CREATE_TO_DOMAIN"
+echo "SHOULD_INSTALL_SSL = $SHOULD_INSTALL_SSL"
 echo "==============================================================================="
 read -p "=== Press Enter to continue ==="
 
@@ -298,6 +313,10 @@ if [ $CREATE_TO_DOMAIN -eq 1 ]; then
     rm $TO_FOLDER/index.html
 fi
 
+if [ $SHOULD_INSTALL_SSL -eq 1 ]; then
+    echo "=== Installing LetsEncrypt for domain $TO_DOMAIN"
+    v-add-letsencrypt-domain "$TO_USER" "$TO_DOMAIN" "www.$TO_DOMAIN" "yes"
+fi
 
 object=$(grep "DB='$TO_DATABASE_NAME'" $VESTA/data/users/$TO_USER/db.conf)
 if [ -z "$object" ]; then

From 120f3b07a361c1b40e81a8c2ab4d5c087d28764a Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 8 May 2020 15:30:41 +0200
Subject: [PATCH 0923/2300] Set the same templates to migrated site

---
 src/deb/for-download/tools/v-clone-website | 25 ++++++++++++++++++++--
 1 file changed, 23 insertions(+), 2 deletions(-)

diff --git a/src/deb/for-download/tools/v-clone-website b/src/deb/for-download/tools/v-clone-website
index 1c57c818..7ec3d195 100644
--- a/src/deb/for-download/tools/v-clone-website
+++ b/src/deb/for-download/tools/v-clone-website
@@ -8,7 +8,7 @@ if [ $# -lt 2 ]; then
     echo "USAGE: v-clone-website FROM_DOMAIN TO_DOMAIN"
     echo "Available parameters:"
     echo "--DATABASE_SUFIX=... (default is '_migrated')"
-    echo "--TO_DATABASE=... (this will override both --TO_DATABASE_NAME and --TO_DATABASE_USERNAME)"
+    echo "--TO_DATABASE=... (this will override --TO_DATABASE_NAME, --TO_DATABASE_USERNAME and --DATABASE_SUFIX)"
     echo "--FROM_DATABASE_NAME=..."
     echo "--FROM_DATABASE_USERNAME=..."
     echo "--FROM_DATABASE_PASSWORD=..."
@@ -146,6 +146,10 @@ if [ -f "/home/$FROM_USER/conf/web/ssl.$FROM_DOMAIN.pem" ]; then
     FROM_DOMAIN_HAS_SSL=1
 fi
 
+FROM_DOMAIN_TPL=$($VESTA/bin/v-list-web-domain "$FROM_USER" "$FROM_DOMAIN" | grep 'TEMPLATE:' | awk '{print $2}')
+FROM_DOMAIN_PROXY_TPL=$($VESTA/bin/v-list-web-domain "$FROM_USER" "$FROM_DOMAIN" | grep 'PROXY:' | awk '{print $2}')
+FROM_DOMAIN_PROXY_EXT=$($VESTA/bin/v-list-web-domain "$FROM_USER" "$FROM_DOMAIN" | grep 'PROXY EXT:' | awk '{print $2}')
+
 # ----------- TO -------------
 
 CREATE_TO_USER=0
@@ -281,9 +285,14 @@ echo "FROM_DATABASE_NAME_WITHOUT_PREFIX = $FROM_DATABASE_NAME_WITHOUT_PREFIX"
 echo "TO_DATABASE_NAME_WITHOUT_PREFIX   = $TO_DATABASE_NAME_WITHOUT_PREFIX"
 echo "FROM_DATABASE_USERNAME_WITHOUT_PREFIX = $FROM_DATABASE_USERNAME_WITHOUT_PREFIX"
 echo "TO_DATABASE_USERNAME_WITHOUT_PREFIX   = $TO_DATABASE_USERNAME_WITHOUT_PREFIX"
+echo "DATABASE_SUFIX = $DATABASE_SUFIX"
+echo "CREATE_TO_USER = $CREATE_TO_USER"
 echo "CREATE_TO_USER = $CREATE_TO_USER"
 echo "CREATE_TO_DOMAIN = $CREATE_TO_DOMAIN"
 echo "SHOULD_INSTALL_SSL = $SHOULD_INSTALL_SSL"
+echo "FROM_DOMAIN_TPL = $FROM_DOMAIN_TPL"
+echo "FROM_DOMAIN_PROXY_TPL = $FROM_DOMAIN_PROXY_TPL"
+echo "FROM_DOMAIN_PROXY_EXT = $FROM_DOMAIN_PROXY_EXT"
 echo "==============================================================================="
 read -p "=== Press Enter to continue ==="
 
@@ -315,7 +324,19 @@ fi
 
 if [ $SHOULD_INSTALL_SSL -eq 1 ]; then
     echo "=== Installing LetsEncrypt for domain $TO_DOMAIN"
-    v-add-letsencrypt-domain "$TO_USER" "$TO_DOMAIN" "www.$TO_DOMAIN" "yes"
+    $VESTA/bin/v-add-letsencrypt-domain "$TO_USER" "$TO_DOMAIN" "www.$TO_DOMAIN" "yes"
+    if [ $? -ne 0 ]; then
+        echo "=== LetsEncrypt installation failed"
+fi
+
+if [ ! -z "$FROM_DOMAIN_TPL" ]; then
+    echo "=== Set $FROM_DOMAIN_TPL template to domain $TO_DOMAIN"
+    $VESTA/bin/v-change-web-domain-tpl "$TO_USER" "$TO_DOMAIN" "$FROM_DOMAIN_TPL" "yes"
+fi
+
+if [ ! -z "$FROM_DOMAIN_PROXY_TPL" ]; then
+    echo "=== Set $FROM_DOMAIN_PROXY_TPL proxy template to domain $TO_DOMAIN"
+    $VESTA/bin/v-change-web-domain-proxy-tpl "$TO_USER" "$TO_DOMAIN" "$FROM_DOMAIN_PROXY_TPL" "$FROM_DOMAIN_PROXY_TPL" "yes"
 fi
 
 object=$(grep "DB='$TO_DATABASE_NAME'" $VESTA/data/users/$TO_USER/db.conf)

From 3c5c0e2962968ad32f104cac2cb4acd896ebeba4 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 8 May 2020 15:32:30 +0200
Subject: [PATCH 0924/2300] Update v-clone-website

---
 src/deb/for-download/tools/v-clone-website | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/for-download/tools/v-clone-website b/src/deb/for-download/tools/v-clone-website
index 7ec3d195..b315e160 100644
--- a/src/deb/for-download/tools/v-clone-website
+++ b/src/deb/for-download/tools/v-clone-website
@@ -148,7 +148,7 @@ fi
 
 FROM_DOMAIN_TPL=$($VESTA/bin/v-list-web-domain "$FROM_USER" "$FROM_DOMAIN" | grep 'TEMPLATE:' | awk '{print $2}')
 FROM_DOMAIN_PROXY_TPL=$($VESTA/bin/v-list-web-domain "$FROM_USER" "$FROM_DOMAIN" | grep 'PROXY:' | awk '{print $2}')
-FROM_DOMAIN_PROXY_EXT=$($VESTA/bin/v-list-web-domain "$FROM_USER" "$FROM_DOMAIN" | grep 'PROXY EXT:' | awk '{print $2}')
+FROM_DOMAIN_PROXY_EXT=$($VESTA/bin/v-list-web-domain "$FROM_USER" "$FROM_DOMAIN" | grep 'PROXY EXT:' | awk '{print $3}')
 
 # ----------- TO -------------
 

From d121f9e3455bad4e6bb32beea63f97cdfbc7bdda Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 8 May 2020 15:44:30 +0200
Subject: [PATCH 0925/2300] Update v-clone-website

---
 src/deb/for-download/tools/v-clone-website | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/for-download/tools/v-clone-website b/src/deb/for-download/tools/v-clone-website
index b315e160..e290ee94 100644
--- a/src/deb/for-download/tools/v-clone-website
+++ b/src/deb/for-download/tools/v-clone-website
@@ -148,7 +148,7 @@ fi
 
 FROM_DOMAIN_TPL=$($VESTA/bin/v-list-web-domain "$FROM_USER" "$FROM_DOMAIN" | grep 'TEMPLATE:' | awk '{print $2}')
 FROM_DOMAIN_PROXY_TPL=$($VESTA/bin/v-list-web-domain "$FROM_USER" "$FROM_DOMAIN" | grep 'PROXY:' | awk '{print $2}')
-FROM_DOMAIN_PROXY_EXT=$($VESTA/bin/v-list-web-domain "$FROM_USER" "$FROM_DOMAIN" | grep 'PROXY EXT:' | awk '{print $3}')
+FROM_DOMAIN_PROXY_EXT=$($VESTA/bin/v-list-web-domain "$FROM_USER" "$FROM_DOMAIN" | grep 'PROXY EXT:' | cut -d ' ' -f8-)
 
 # ----------- TO -------------
 

From be390b7cca24954b92f41e2d5082a768fd136925 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 8 May 2020 15:49:54 +0200
Subject: [PATCH 0926/2300] Update v-clone-website

---
 src/deb/for-download/tools/v-clone-website | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/deb/for-download/tools/v-clone-website b/src/deb/for-download/tools/v-clone-website
index e290ee94..5bce8acc 100644
--- a/src/deb/for-download/tools/v-clone-website
+++ b/src/deb/for-download/tools/v-clone-website
@@ -327,6 +327,7 @@ if [ $SHOULD_INSTALL_SSL -eq 1 ]; then
     $VESTA/bin/v-add-letsencrypt-domain "$TO_USER" "$TO_DOMAIN" "www.$TO_DOMAIN" "yes"
     if [ $? -ne 0 ]; then
         echo "=== LetsEncrypt installation failed"
+    fi
 fi
 
 if [ ! -z "$FROM_DOMAIN_TPL" ]; then

From ac83a51dc2550b88cb5425cae592bd0941af2e5e Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 8 May 2020 15:51:40 +0200
Subject: [PATCH 0927/2300] Update v-clone-website

---
 src/deb/for-download/tools/v-clone-website | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/src/deb/for-download/tools/v-clone-website b/src/deb/for-download/tools/v-clone-website
index 5bce8acc..f767372d 100644
--- a/src/deb/for-download/tools/v-clone-website
+++ b/src/deb/for-download/tools/v-clone-website
@@ -285,12 +285,11 @@ echo "FROM_DATABASE_NAME_WITHOUT_PREFIX = $FROM_DATABASE_NAME_WITHOUT_PREFIX"
 echo "TO_DATABASE_NAME_WITHOUT_PREFIX   = $TO_DATABASE_NAME_WITHOUT_PREFIX"
 echo "FROM_DATABASE_USERNAME_WITHOUT_PREFIX = $FROM_DATABASE_USERNAME_WITHOUT_PREFIX"
 echo "TO_DATABASE_USERNAME_WITHOUT_PREFIX   = $TO_DATABASE_USERNAME_WITHOUT_PREFIX"
-echo "DATABASE_SUFIX = $DATABASE_SUFIX"
-echo "CREATE_TO_USER = $CREATE_TO_USER"
-echo "CREATE_TO_USER = $CREATE_TO_USER"
-echo "CREATE_TO_DOMAIN = $CREATE_TO_DOMAIN"
-echo "SHOULD_INSTALL_SSL = $SHOULD_INSTALL_SSL"
-echo "FROM_DOMAIN_TPL = $FROM_DOMAIN_TPL"
+echo "DATABASE_SUFIX        = $DATABASE_SUFIX"
+echo "CREATE_TO_USER        = $CREATE_TO_USER"
+echo "CREATE_TO_DOMAIN      = $CREATE_TO_DOMAIN"
+echo "SHOULD_INSTALL_SSL    = $SHOULD_INSTALL_SSL"
+echo "FROM_DOMAIN_TPL       = $FROM_DOMAIN_TPL"
 echo "FROM_DOMAIN_PROXY_TPL = $FROM_DOMAIN_PROXY_TPL"
 echo "FROM_DOMAIN_PROXY_EXT = $FROM_DOMAIN_PROXY_EXT"
 echo "==============================================================================="

From da4246d22268243bcdf1e0f87efa4a1df88fb528 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 8 May 2020 16:29:46 +0200
Subject: [PATCH 0928/2300] Update v-clone-website

---
 src/deb/for-download/tools/v-clone-website | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/for-download/tools/v-clone-website b/src/deb/for-download/tools/v-clone-website
index f767372d..07f0ba7c 100644
--- a/src/deb/for-download/tools/v-clone-website
+++ b/src/deb/for-download/tools/v-clone-website
@@ -336,7 +336,7 @@ fi
 
 if [ ! -z "$FROM_DOMAIN_PROXY_TPL" ]; then
     echo "=== Set $FROM_DOMAIN_PROXY_TPL proxy template to domain $TO_DOMAIN"
-    $VESTA/bin/v-change-web-domain-proxy-tpl "$TO_USER" "$TO_DOMAIN" "$FROM_DOMAIN_PROXY_TPL" "$FROM_DOMAIN_PROXY_TPL" "yes"
+    $VESTA/bin/v-change-web-domain-proxy-tpl "$TO_USER" "$TO_DOMAIN" "$FROM_DOMAIN_PROXY_TPL" "$FROM_DOMAIN_PROXY_EXT" "yes"
 fi
 
 object=$(grep "DB='$TO_DATABASE_NAME'" $VESTA/data/users/$TO_USER/db.conf)

From f3b638d9717f9ba9d1512420516eca87f4ec7c24 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 8 May 2020 18:41:39 +0200
Subject: [PATCH 0929/2300] Update v-clone-website

---
 src/deb/for-download/tools/v-clone-website | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/for-download/tools/v-clone-website b/src/deb/for-download/tools/v-clone-website
index 07f0ba7c..a56f4774 100644
--- a/src/deb/for-download/tools/v-clone-website
+++ b/src/deb/for-download/tools/v-clone-website
@@ -148,7 +148,7 @@ fi
 
 FROM_DOMAIN_TPL=$($VESTA/bin/v-list-web-domain "$FROM_USER" "$FROM_DOMAIN" | grep 'TEMPLATE:' | awk '{print $2}')
 FROM_DOMAIN_PROXY_TPL=$($VESTA/bin/v-list-web-domain "$FROM_USER" "$FROM_DOMAIN" | grep 'PROXY:' | awk '{print $2}')
-FROM_DOMAIN_PROXY_EXT=$($VESTA/bin/v-list-web-domain "$FROM_USER" "$FROM_DOMAIN" | grep 'PROXY EXT:' | cut -d ' ' -f8-)
+FROM_DOMAIN_PROXY_EXT=$($VESTA/bin/v-list-web-domain "$FROM_USER" "$FROM_DOMAIN" | grep 'PROXY EXT:' | cut -d ' ' -f8- | sed "s# #|#g")
 
 # ----------- TO -------------
 

From afc55323903928b4212906c5f29cabeded647cc3 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 8 May 2020 18:44:28 +0200
Subject: [PATCH 0930/2300] Update v-clone-website

---
 src/deb/for-download/tools/v-clone-website | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/for-download/tools/v-clone-website b/src/deb/for-download/tools/v-clone-website
index a56f4774..443208cb 100644
--- a/src/deb/for-download/tools/v-clone-website
+++ b/src/deb/for-download/tools/v-clone-website
@@ -148,7 +148,7 @@ fi
 
 FROM_DOMAIN_TPL=$($VESTA/bin/v-list-web-domain "$FROM_USER" "$FROM_DOMAIN" | grep 'TEMPLATE:' | awk '{print $2}')
 FROM_DOMAIN_PROXY_TPL=$($VESTA/bin/v-list-web-domain "$FROM_USER" "$FROM_DOMAIN" | grep 'PROXY:' | awk '{print $2}')
-FROM_DOMAIN_PROXY_EXT=$($VESTA/bin/v-list-web-domain "$FROM_USER" "$FROM_DOMAIN" | grep 'PROXY EXT:' | cut -d ' ' -f8- | sed "s# #|#g")
+FROM_DOMAIN_PROXY_EXT=$($VESTA/bin/v-list-web-domain "$FROM_USER" "$FROM_DOMAIN" | grep 'PROXY EXT:' | cut -d ' ' -f8- | sed "s# #,#g")
 
 # ----------- TO -------------
 

From cc4fc9ff19f29b779ef8a241cd3b93c2486c4e5a Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 8 May 2020 19:26:35 +0200
Subject: [PATCH 0931/2300] Update login.html

---
 web/templates/login.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/templates/login.html b/web/templates/login.html
index ee7f9ca4..47e004de 100644
--- a/web/templates/login.html
+++ b/web/templates/login.html
@@ -53,7 +53,7 @@
                             
                                 
                                     
-                                    vestacp.com
+                                    myvestacp.com
                                 
                             
                         

From 0bc0f2c52345db72aafeddbc7eb24e65003f8120 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 8 May 2020 19:40:19 +0200
Subject: [PATCH 0932/2300] new logo

---
 web/images/sprite.png     | Bin 37382 -> 57516 bytes
 web/images/vesta_logo.png | Bin 4075 -> 5918 bytes
 2 files changed, 0 insertions(+), 0 deletions(-)

diff --git a/web/images/sprite.png b/web/images/sprite.png
index cc9fa741a0a266365fe1ada00e1440981108bb89..72fefda2db8a3e6aea0200b07d4b42f3abf3c14f 100644
GIT binary patch
literal 57516
zcmXtfWmp@{_jU`#OL4d2UR+zCK!Qtg3trsaNzn#(3s&6Sy?BeeQ>=J#O|Uo5@4fyX
za-G@TY%@SFc`S%gX`OU%h(0@ah#(BswbM%(re|MMQY*rY
zs(OO*5OMIvN>W+!)vLNVtVdH6#4(1moSxgOSMU1&d%YfZD*gKE)uyC8KvL7&=wCM4
zH_G{xYE`Yfzol6MnD5`nMZZcw!6yxoPo?Dk-GTqdV?eMkup_*snQ;Lo^1fED23cl_
zv^Fe;d+7}YX*9RIDMM)V7xG;W<=Aztv&WWlnd}ZTuQ+!J;qoc5^^%H?qZ+rfw*5o^
zU4k3~{>zuKqW@a!5J~`NiYxkC~W5Bkvv6^h_*{ugr5VA++1S{4@AlGi4Y|Klci%tp=hcs_x%vOF
zUu}mmx^;bNodaQ#FA5UJgMH~=+`iX2p0BF)V-8Db$zQ6vnmL!~Z&^H=ARDatF#m>}
zm>cTp$(LlgM(RqqAK*G{bQ@N749p5^Lk@{_{J*6Q&dtmyv1>nO!{P8TS*o2;;RUBG
zA8KU^{!r1SxSDF8Z0O4Bm@K8nmmOU_-Il+0pPfXv-+kFx5eWNhJcDwOFfENWBw-kL
zSM%=~EzzGsXF=I&p?S8|)x52)Dods8sL)s-CO>a5;JTzsdfbYb0mb8z5Wi(3up{=@
zFYF5Ksy-=dg9l;JeY_@>bZ*H?Kf=YrvtKqr5Ga%!DsYT1F(9yeHdt1h`n~^poNuxu
zLTlb=u<1u&Pd)4Xo9&Q-chgk_w=-z6H2IhDOaKpAs|ej3y;Y`LWAR6HL*c@~M=Zpj
zk<$MiM?*s+NtZ^{-P$NK%s^jXiRZ*3p-KQK2p;dtPJrOfIyh8m_6C0b8u#7Ol(mu>
z9imB__3@+P;RD6+?A-?6Kd%lM$nKNDP~;QD%!#sNg=l>*Q|BE1(*RZb;tOvkEJ
z*jl{rO{lX>_%HhPGNHfSx)EMNew&y1$NX8(3*k5J$_*FD;%f#B(4bK%HFDzx=@*xg
zcfL1Yu*F&flD*gRU8ml_&uIK(j0~R9IsJ}M>YSF+%dT&nHh>jI{s|xaHXa7VqjYk>
ziGdgAuI+pDLeto8HMkGA{9Vd%;&A)`ST$GV34prw?17MqKf&=SEe>Dh&TFw#;cnxK
z?-N5N`)uvz8yie&ej7byS^#B=nsdJxbVXG?t>$L9$Qo0@awCy#|Vt*ENHQ9lD+|WSU${pP=wAD*5
zu-_encAHM;>0$YA^IlpXMm49K;)nzG#p}+3N2~KxpGGaNSB+m%9AS&>2b19E?@Kto
z?YA>~VgRr83me}XSc!H2A91MPj=)@-IeXQ^KGQ{(T9Rss3z69MUi-LN2W(2M-SK(Y
zW)ccMzw$eP9)BpY0zW8z;(!0)8TP~RC}X&*R!VafJ|_cIduzd~`^&SY4oU&{^k144
zIgb<@`X@5LZ?BO6hRbdS^n|K*apZZ^+m=uPwQ4nQb8rG+_)p-5F}Nipt(^1~Ys
zE1fc!Qs4*Ka$Jq;w&#Q9&7pf7P^H@$>qOIZ~az-OiL~q~zR#DEub?>Q1Nn+nwpz**!`of}pnZ2NN}eLoKM9BD>G)Z4TZ9-_
zpFw=EJ}k^hqeQAiRU$=3l~TE%J<9rN^$aqssa0ek?ne>ubZkr__%d{S|L&fKvP^r1
zq}%o5`ePn@nbao@Iu}Sa#j*rXEjqs>x~q-Rx6&NnqcSrLwScFa#j=<%WDFo|Gf{DG
zYO_~5v{d|Vts&p0y`Z4~YTq3haC4zr_gRTgR(#y-s;hdCg`N$uiS_dh4S)}k$>M5IStEFZ;v{GHMor*Gy4k1%?m(K
z0|iCJB!GZf^NPEd*S;pm1v!hQTsDpxFV2R;8HT&arIek+P)>}j46>l9;6v4;-Z!G<_cuF*?3e-)?ljpK@Q;o6|B?<)s;KxwV`mn7nnG1_eJ}z<
zfHV~-__>ZCXJkW@@*Q)8EeEbK17Q*E;YZimVRFncK;O&{$q>ZPCWbfxfhf5x
ztYC6hul5u3r@k_)DT{(=P%J<#rl=I^v;fmB{(+cKx@9X_wgg=NvOu|A)O$=R!iO)%
z?=L*^jV#&v&0&_eQ+U@8ZdN7ypY}q*l+_W6no_x}TIASuD?i91Rmf#iBp!{;J36C%
zYdW&J&)2+cR@&3boR+w!qbsAyBv&>iHD}JD7oF4LINzK96;|hOxi7F19A@88@PcgE
z22m_Vl6g2DzaLJcy`()qZrkzO_K}jSYdDBAXINjqU%!iSn#u=89b{AajdkJw{@Gt$
z8vKJ^rz0QJm8flnNQ?Umoz6xWkup{hh8N*dI5w5w+FFuCv8u$vK*ldUt8xCt%i-V)
z<_x>vYl1fAZI(1|nHF53$Ns<+x|(Blb;r=Id#cY
zJ*>)EZ2@^AHV$Xy4i5^?W7i3(MAJnbyVM>7hWE1lr3A0!y+Q>mUrLtJpl0o-#o(gJ
z=T)R~BCl@plZ_tZtV&;gw}zEoX|%GkviY?{IaF#~jgEXZ656#tymLq
zw^#m>MBt01D0sesuD7hPCezn4OOnRnu}jWfw6P|sF;BV_UQagX77uLB&l24ON9%*#
zg;=}xNLxY-4%croOGCha{XGBi-DW6tI1`U&f7Dq*tNs+RP!sSyJX$oOx(7z@ehQ@d
zacBG_ZY$y)x&jMLk&CrL#i9Nur^y+Nt8>2%Kt#gDyBNW6%4H(0C@GS~pNVO%>lY`<
z1cMU%X!I2%TB+QHmal1M`~4$iRp54?LDPSyWClt@-Ks!4A(QA=WmPAQ%`Th{8;#P@%1!8D;WM)0mkEIsLiUtT
zH>%(w9UZ5_sG7(30nf8SvtNqB0t#B4;aO>#{ber+6JUa23LJ>c<10n$47@MX
zZ1nJZ;f5~pRI&8MVJb;0!V}9s1l>+@zVDX$vO7sr{N=)#{9|WQ^BJ!KLw#j^EwthZ
zz)CK#F!DXN2oFfrXmzG`#N$bJP7`L9W7YKzT0M~JtyV{Uw;E5mbCuh(eth-?QI58X
zE|6-^E-%|SE;BRbu_ERHgZD`J>#M7Fj>~8m%IDwZVSccaO*WlpYk#*tt7~-OYr;j|
z@uVVOzVvMT3~h25w{?+>Ceq0q5EEfBeY&Zk8B4uMjm*M0?(7ig+WcrbkM68QJxsjv
zZpxC`pArcOl%}n!MT?{8Irys?IsJ5a*8_f`UhMv?OI!Ov-sgijk7uYI_ND3s_k2(PQ%T3Z?Z
zba(6Nb2%8&TKtKm3!VL2E1fIw&2fBiyWkt6_ekSDCnqP}E#nWsZdB=26p2Q;4)C*S
zGdZBZdhhA?9*>#uJIu3gNsdb%?k-d)fH>CnccTMHOAttf`i)ZSNBz5VSGL
zAh6f~`1Gv~+%+vq?<+Jjb8x&%IZ-9B2Co7I>HYPKXlszF5A7v+-O$XaT0rBhr>pu9
zmRB_f;{N!A3ZchX5F@^PprlQ|X@7WxMYrT;2!5eVzKQ9VvFG#%dF0qEU?s62-C`@6
zD^Z=k$(WvxPg`3G;18WPR@f7Jx!g%^^nb9B;iWZFx5<2mjxs6g7tw5T8;bdOJP4P8
z>a_mPn|y`Dr#-y?pyFRroxYVd|2dH2WG^z>Sku>F;zh5GaZR&HlYUflXoKdDGkQ4}
z!{(1Rw-pRID>;FkT)caQtq1@rZ@O(m$sUS_gpubi4Yf3#RPH4{$9gJul-xk$y*E2A
zVqHQ?kbo<%=huU`F3q2pZ7_{)e^NETJj*lOEvOG0<8hv)o<|4$mndLcD1~->-iO`c
z`G_uMZF(yh1;3XfUH9}xqiXBp;wt+qDO+7y5v^q0A{+xsd)kf_Ri8thNk*luj8q@p
zZvWQv8{?62%rwY>FpgmP_)Y465E{Q*)96yf^@h`|>72*)MgS4mU6o1dB3V+Bcm2P?
zTmn#|Z28W_lTJL<1&H;_1@d)M=yjmO%~>cdsbc+}=hMfNI_6X4@0@SN!{;`gF325U
zjQ+#c{UoL+ff4Kk%$0VF0`Toz)opS}EfNAmCih9y{tM#Tn2`0rh_ax^Iz+;&N(_$u
zQ#8Z}(BK9n7wGsxdd3RqphORcj-TjbbE`z7UIzVWPcrG(g+Ew6@U61jm%b0=G+^T<
zV?SzqNiuE46Rs182Qk!2mYCEMUED{GYq3zI-#QTb*>H(dyak;;Jk
z3B`4JswqHC{@2IKQugwaJ#0?-aVbXITyA;Z;&79Q=7?c4*!42*T)%xGIW2VK)Q(&Ar#a`?Yt90fCk$NoY?VJNT2W(k
zT(HS&w#m^#36;CmVg?g}tdHnKyOP6h2PD!0s-K=YU;6WXXSCkt
z^+t`GUjP~xmDH%7%2RO}3tZ={zoK5D4LMWthNi}kF~F6u1DjpnymX{F(65#)4gUB`
z1Q(hWr+V=G3
z`t#=1M>?i^yY?7<^hCmDAK$pZ2>uNIr4H)ak_RO~3R&d7Kxv`gw8{GJtQ2%hW5owe
z9OZ7hpJ8XoBHJE>7UC4$bLOdQlvyge({b&5L%23{P?7Y_C6IW)jqsjJsRh
z0Xt(?2RUwB#T0s9I3HSAOQt8eI+Mj+>gUe|&M_)kg^9n9_iaZy;Av_&b9iQkxh)e?
zMuk{znJf2>5|f$h@Guc+r2vwu4vxo|!+r%?t+V-F;ga{)o2{1k$0rq&
zkhS^tEB_TegLfG3(K~&;Wou99{QC9YjLb@hOaJD3MR&6;$3l%>V`PC0VFK>>FE0*>
zvmtVG!{K}FcFT(q921NVUoOK3OQELAsQ2nk`C1hbLaCFrl5*zb+eXcY_B|v9fR;K_
zjtav+li_{1+>j%T(K8*b3FGE^TV+jlTm1PZIm7(p5i`<-I-EFQ!Il7&+K6zz-EOHA
zH=6YTtB8t8HHTxMv8;?$MYDIS|GUlEpDw96*J;9!0dO+2)M|hl%J+9v`Cc3AKk@9U
ztjQ-((qbv;2l&)9dwWkmz}K6V8>^~Px_@m){qp=#V87bTX|;RI{i&#`YJ5#W5mZF;
zoUk|5<9KvR%2q=87F%bE;
zY>ABK%a85QNL?CZJuw{(YYg@zA7qP6%V*^RBKkIT2m>dx=tW
zdeP$Qu|~p}L>Nlesu=+xr2Hz~Tnl6}?OFzPJ3t3F
zmd_t?8hUl!Hw0_c+7k_t=tz=IE1kX02Gg9hUMSR{Ck8T2k1$+(CXDQ!)2h(U@KZMz
zJIk=j$&(C0wZPX|?29b*UZ`AdG#ebH6IDj@mjoZXO^WpkA&+Ma%s14EyDZONlgbuB
zl=xo1c0B%9*zr95c~F35A~iLbcwvVQOEr;r4s8fXqTI%z{_C7b4Lk7hN+hw00_;6%
zZGT7}aMcs&Wwm%9{ZW>>jFdR=Bw3N`c~ZjP1Ab7@F|U=xwPgN?G5$Bxp_^d#@CeB6
zv}1hxBLELhLCsw^Z)$#7V~^92MiNlYZmRD>l}Mv!
zkdc}5VK*&jv!eHnx~{GVfQhc3gv1;Wa%J>!H}Pqs^-z|+TDK{SSo~&uccb&Uqv=KX
z=~AS`$+!Xj&;$Q^j3d!#J+)y865>}^C?UC-;$l@uat~Wzi-h3I+L@9+{p0oxUz~P=
z%QvGfaqt2wL72WMkh09#|
z#HIy3++;%-mjC3n;d%zieg13iG)J`ppFQ)x?)WYcmIEI%4*V>=g2UN)M8Uqu4rSSP
zW(H45KW?4Pxa$|QHAb|6AI9=CLJs%Y)fz}hzCsNDah#^s=2tt@;Yu`S<^|)k3FO6~
zKNaB4=Qik#kAB9qdpo+IIWCx(^e8(GM7>WMN@XA-NJ&ea@PSNUAI{pmJU`JL3lVuw
zl$GQtJlviXcpS%KD3QA~F;X7Z2lHg1;@K2eZYXjEa5bGs_0fl
zZ+`rvPn(#c?(#t*aFNVv7RT6F61;9%q;sBGLag&&or+L0=)T!1;u->~<*fTib(Dx?
z;oDb&UA`kasZSeci&RV3RN8xtUSfg!8ZS-%*cEj(fk6e;VkfMg
ztpfrW`(E}~HXAm1?|z8Y?}6_F`7V4(XCsx6Te9g&Poh>m3P0`F%-X#A_SVGkQ1uA&
z4N#uX@CP8CjeW^%t<{C!|K6F$sHx#<=^uhCQbVb#s=9_B*Dxz@C*ZafC!BlF04q)Y
zExGW!?X}VIAeK0>JtGFr7~*_PUq8Qtw*4FnQwh3e^N0wL0}P2b#ysrDACVJ|at^j)
zp?4=G$d-Ra*C>Z=FBYpZA2Nf@T2ZT?n06dyvD!RQ%I+AfwCo0?<_fc}
z^Xu&3UYh3(y>B>|YPxn7Xo{}G^{PF0@45Wtbm_`z9t`z+ZcLA`x|D5M_N=Oo(apK>
zx*1TC)UWIGttqu6qrcd&HrtSl_t!Q|iW~f!WT-x%A1q%=2rH1qvFLnGuD8ziJN4oB
zKCff(-RSP3Qy1IMavOYB+SXTB4-Vrr{%PKC%LmsO%60NQ`2xSr*iZL^tcZvP-k-=E
z9UK>N(AZ&P!yy!IU~qGu3FSgn61Vs+eL!P%XaC
z%Ro|nq}>wBo;jj;dLK3~;_{qr-N*KuMu-UfLq${T62e%%xhy21OaTp4^p7dpDo6=*
znU|N=q%`hRr%PAjvLeAj+io`l)_Zd|hxW(TB6V!T=QO}alen?H&5&h0Z4(_(?ow+|
zU^85~F6Wy=?q!gY5rX_g&wqA8ooY1DNEPM~&e6=rg!@LsQVM$}Xb@Q-A;t>+*t_!b
zV$N4VM{Wo;(|vw^p2IfZhVM)KrV%^N`tPs{d^IsPl2U)rl(7P9EOTO7
zJlR`u_YoU2k*WATwggJFEWx7>P~L4feyfpOjYvDS((n&ik8%oXO$SE|qW+urs^t?z
zxH=G~#BcaPt#s;PKdD6$>tXX=o3d=i94z#RQ8_
z4|fq39}tOPkQs+g0r@4ay*~gGihs~edpa7GmM>wODOmUS8}}m|QxxoKZ{DKX>?j&
zrHhI9X*)C7%TzbV_N+qY^AS>3i~M5Hf6bb%5W0U!*qHFULw#LlB|zE2HNV5EZM6u~
z>9;nb1)r-g`hsGkY3A@RI*4v->w>|Kdp016+u|$j*2+Hk&$Pw!2BzBaohUvioRnB6
zo4CGJA4qq)=@6arhDE|VI=4nN?gfY;r6lvL@sAfK)NEY)1UXS$O86#_gdOhmh~>$B
zAGGOl{^%aY6fYm*D!>A|K>24fMF{6~wzSyyUi=9g~}gN^V6
z5Ki_%S$-@81{!vIcC?qBYv~f8%&oi(5X3!f=jxa$6MnIKxpCqbzU9iU{qQhIeUp6~BpBC#KEf#6_ljrqLhbBtk{
z#pGq`QSzf~87hbNojv2_9<~H;`daaY+gs1>*p8X3tZz*5Qny?)rv+eBHD{XO2rSa&nYzvb
zP@OhRI)IlC$E2`Sl}rdgtaajVI$Lf&HBRmbn7u5>Sujd5P4qNuHPya^{_VH&%p=El
z)U3znG*YEfv&xUm0$
z%6&(8fL8ZZFxe0Q9WPbN$uYH0-3*>{bItzJn77=$tUEatzr~iqtjd%aYsnV*!Gzvs
zrm#&&N4a+yuER;bSV?^KL_7UkvcYnVV4WYu>e#sH9znzthP1M?v4I};i&=#YUdjg%
zggm3AE4t3g70xs&S7K&x!s|+tXB8ehjGz1tHeYOY&Go+F)v>jDPwsT!@}p6Bn1kEM
zr6PSaN$LVZPT1`?Ogp|+#bS^5L3m&Kh_UuSgF6VHz;N-lP4itH)o3^$-Phz0GWupn
z_qZqXDn|D7se5Xsw4Z?5D>{P6>d`g?9ZZA%xXnPX$gCtlsJ(ZF0DA$=4%IIG`{a-CVT)ZuW1-{^d7n;81wP?Dt5{
z2zGJNh8y{YoSLd%9_P-$Ib;WWmU=)&8x_{jz!16akS76!5rM}I?(0>ob!=|aojQ36#_PI<
zRhk)1>x=zZW>h+B4?}$MEd1C4y<$Mqx;{%3uHFPW#>Dr+}vf+MhC<#@0N>^Hbbj{O^&a5l!F522fH1ZkJJlI0&54@d+Dh
z)B+hP!jC?K5={MxGX+o#5lqTgLS|PfL{Ea1w&eIbJ%nU=-T`;Fo+M;lfg$AhcW9b7>r{r_L4t
zCsKrEBN)tVcsaRm1-fdQCu&!ysh^kN
z3x4;w`g+CBhOFw*n<#s{CQMJqvlg+=WAO`svrm}qjR)Q_Y0wWa;l
zq2GM8+Vh{EV7ocU9*;0SxHNQOjO43}|J?TW=cfw_
zojy?nwO7UwpK)+tp
zR4}$M?Q+}>QVy7Hse(3noiAB*pvBSXP0x#;$lcTqQ$Iha#vbEL*T1^v1-YlF3P!>*=IpBi9D
z$4fM{_5b3wuP!h!b^6%$a48c-?*48DAvgMY!4vSv{^JK!a{Td?bB&xFi%|1>TrEa0
z+)@5_-bl>sEobTIr?V}M)s`9Lv!ZUE*JT3&Rkh;YvSNpr_=)85)5LC?4e=67!7WV2
zt(McnXCDc24`d~bKZ7%1TiM?$WRk0EGSx2njh|K}azyXoqZG_JS8LLW)lWYW^hjW2
z7%a?+IJfEV5wOC^T<_s`TzI^AlkkUaCFV-2+B^|*Aax~AY3q5x2cES0|2oD+h`$wTif5!f=F$x~_}TFTp_b-^exK`J6qlm)
zVv1@NP~Wp_SC;PEZMt@=e9eOVp~beau%K({U22>h;VsHR!J96wc_uV>|Aqw)tn&kl
zVQss1|9~H*APxuP%Cx-6=8WERXP|FG(clD%su4{w$vH~4
zNfqdM2a(4_>QzbHFPwp6pJ<%!H{7_E&eb>2j9=D;V82=X?s>rtwrWD-yVB?HU-U&`
za_=u6y^N?W)KJPWrGMB6ExbBHDG;5#u{XBtk3*eL=TJ+LL#2dh!rO9}XCuL;>>MMz~Lt}z-mTzC~>
zlL>ZNU?YUM*h9BykH?Oy*GG3u!uT!)#Xv?W@AreC;FahI=?9|Gd(ofrpny9C!c&P|
zt|%+B`)GixRQ-{Lg!C2HL|b$Nwogz^8Qt{M(n$33BSonM$4c`PPbL`o<~wk;S)y&=
z|3o#=f1=u6F3tAH0POA{-L(6D|9flr$Vfc`PUfEpar$&3w0aj84>_A*PcB=hz40t#=gA3PsA(k05;!Mfx?i6E;%|f!
zA&Lj3EN6%1_GO)y&Pa9y%F8WQIvX-jh-4cmk}OY
z7oM2Xa(ubvb_SYetD&g?cZv*KCz
z$4B~>NZY+HFMagf`CT$gw8J#ZsZp#(=G4)u&J4Rc@9w{$tP&L$2l_X-SSoYQr=&zN
zHXFuA0ay**FjanztPuK7bw>HV6D3s5Gh3osQmZ#asA&JO>-OA(aJ(X-h>Z$H5L`-3
zG%d@VtpKDfBQ9eLBT8`;{oU3I9iPm3e2qKJS8f;T^a^nku}%SO*@*V`8-}KC(Es%w
z&2W(lXx`eLg|OK@<=bv)gS28%c|?2bORJY}(SpM)H{z7C6ikiiTv1vDcX%LnHo>{e
zpBu-*i@0b0Js=Z`iMcl;=R<&LpEC00HTSX$#evc@F)Ip4iecx(KZ^NP|4IoxF
zHf3$h)I!^srY(u7Cb)uEdC{LsBlVPOBn}&e)tYJtZc>w$jjguHU!LDVgJ?f%*x8k3
zJ;{erxF~-Thw)mhHam!5Wp{LR0GF#cehAu2C@U+ATyfza5{p~XPV|%%=Oll8SrXC}
zbyt=QvK8@*0N~>qmz53<;5B3Zo=oSFena>kVNn29adL8MYJ{jS51Ci!)D%-E_bK9b
z5}J6Dj1e+=TRHn^gU=(aZ@YqkO$>w^Ygj=sQs`q2of4s@haGl@=nooNps(VIsls6D
z6~C$53lWcBxaDTxSN@O~eFIp!X67(fT$PA#XyYFv^p>TxAYt%jm}~Dwj)2a8p7q3t
z7aes|MPZpZYULy*vMX(A;f=rthlIwj7YMuh3(l5@rmG!uzt19gO5Tq+wN$kw
zbw7@<&rLjBoXWPxqz+ceek`kMQLTLVy;c3;=quO+cV0X;)_fYK+u0ECk?QogNL-v+
zR#<pkQ~Vs*s@O;gUh{Pbc~O?vop8`M0z#8i)M-XN;yd`tCpb*MQA
zn_#FocTOAO+(=%1kc#pSD*eUNU^&ja2+0Xtf!gq7D2cFgv_nuIItm2emeua!K=on*
zwZiy`H7jgd`3Z}ui7Q`p>w?3Cx=f0qKzdm_k3QZTri;V-Yg_bV0{P(1yPUSvw{Xi@
znQHw`37AydCTs~-iWT?r@28Rl3UJ61>i&t>_rTxikz#ew?0bNbso%E~+B(JrxyzxG
zfGrq@V>MH5Eqmqr>{dGVbduE=&iocTMHfSte>iY`C*B8;pPp{dz;t;kqq+)xwafFP
z?*{GS@Nji)u>1DNF#ANVe;(*ws{D{&7Cc-e>H5WGyF%yI7(wGT~9}W
ztc|boD_P)lf`P0Lg1DxVRKIV%jGh|nhIP)N-X{rWiijM6W{pczvR6~~evl;0w2n3h
zzb~{z;x@L*M&V9v4JY)Fw|7AwP0ymr)pglL_r%Cw3a)im?uDr9y>hSc)E3+FirUj&s{6fE?R~Ua2yMeZJ8^MWq&V1cd1&-#DBXhQCZ`io8$#_F=
zPgZ5wb*lOARzgq+r%BsW)axA{YaKXjo1c1tZwKFh89HyvHaIBb{1}7wFKIe=NbXM1
zRhQ5E@`ogUVQKp9-St%J$wa%n-WV@D$u8L~*Lw{lHe`NdH6Ou}!ctlWhU$T6m-OQP
zydu;FB&iT2uLTbjD@JP}I>WB3yI)@`YU>NQj>vF$MfhY
z16Bn+7`~Ky>5Nyk<~6rwo++cH#tUy~ud(~zrR#2Sbw$OpvvWMRI0y2S#O>(kzvR1X
zCEISM)M6*mIb!(9HU49t!bAu
zyvEXCGPXm-WtJptLS4=2w+VJ?DBhF7Hb@C_Duk!(vD=+)$)zFUY83M+@U4AL6N9LI
ztA@JOThUu9GY1i^w6B~7q){i1on*Fk=HTRfI{Mi~@#d%Bj4r3V!|!Eb`Yt7nfsTW{~(WeQFYvH5^V>Y@fj9
zy4&Mqmf7#gm5FO8BZkxU){_%&O->#iSI3fAhU!6;J3yT!p=9ZR-BD8Hf
z?O5%SbF+fF-JI#7AslPfmYvv#!27$8u_X1)wSYv~FRJN-*Z~F2;hE_P?A1MrOa4wC
zD*`Tabi_+2p5J%U6YNZ$`E9$RbWKQ>sAA1!s)JwzZ$?DoUSb2mdt+#NAEuHIBI&vt
zUZofH3Pk4Avo_S#O_P{*9ppz1f@&*tK2k`e1_Ml=kho6yn%A!85&rP$KSu4~gx6kMLCfhv;mo)1fEHdr>c2w3B}_iyvZJvP|n=?W4N%?j%TvKQX#%{`9s>7xBH)u~8MsdW)xFD0a(0qFV+1-qw?GgZ;
zX|ltr;3P@d4b>M-kWv7p;cG1|8~^n;)2g*@!*$kO>AACZ;=>k(qP5NEzA7y*Gc_;42j);&w_|(mh7>!6Sn5OqsVf9A((5`r%F7J<-_{;*P~xG
zpRGGjETjc%dkL|KdQ)Ptv#_(9^Hk+sUe1Mh8yM&xZ1#rCEiZ4CjzDtzYMnenuZ%hgm2s
zCOEs{Q;(7$N+jOr#KEkT{$<~#Kb9fRdKiA`a)F}Y*SK1Z!~28#B;vO%GhbMe*Hz6V
zU?roecjoK~a*6*jAVnOtA!s;est-yM%HI@=o-DphoJ)sJ=(1H9bpgxn_-)VmO$x?p*7DdNs%IvET-UO$l
zW&s)PjcyxInbtVqj-is2Le!nKJs`HuW7Lwiwr+`d@m1)}jN%4!VzPGS{l_RPjQ@1n
z#<;;3*gj9gDi0;ZF28nr^z)l7($1+n6^SS&P0eYs64ZzVyPRH6P!R)RGyhma?_%?*J{a``2QI*qtcR6J${ylpD8ms&9?h
zx;nnQ$|O7cpc_rbr+r;=x>T1fRjyz@6kBlHEV$C?lLU)4U&7PrNlg1JOo`Z&i@_h@
zEB3TQ!wwG+J!!N-Nbn-pM-??w#N8N>!QxgX%!-OF!KO!E5*!No7hV_4r~7OfU(>j0
z8nG5f-gVJk{`R=LF6+~VUrf~;l_E5b1;;BSFvY>2CxL|KN|!Y;Rek2m$Y}uyBrf7t
zi)zl|LTmTx^|>+)&b`zIzj@v*fP^yn-*Dy}*9cvSGy$~eaLcoz_bElot-Gtsuud@5
zQK7=+hU#i7m>bBs3l391Bn1Mhw&4x&MMDNmT@!d!+tn;#^&ZFCI$CMvcD4Y%^HakP
z_yhZQ92%7ZJ$omHxGL`0&vVzl_gkp-$D{LmQQ}h
zoa<^YXT-K-&d#%B?B>u_zGXRkhoKCO;BWkZs!i|pm&K!6=EzK(<}qhW37vxr`6>WV
zG$KjIdBIT{aefoch}9I~AiFVA+^mmDE&&j_wWy@!aWqba)Dolno
zv>%>n)E-6Br}~`jpY9}6;jQN!sIV=f>v3`dur*^3={fK%AjVhAa0&=!Rz4`TIV(5n
zBeCvujOVD~aOm~BC+>Rpp`z;em>{93pv{=70P{1f;T(
zsSkpwguHb1FA2*O4D0v4hS;fVj&H-gj6nAGBK@*1K>Sh0A=`5R9k5?Ik2Do-vEbnq7K&v&UApF7xYCPnzw
zS>Jh**(1Yk(tz@3$$M6jq26*uJ4m@RHkN)m2NY&We74*6;&Gkc-7ensRU{X=E&V&i
zB7EqJ@b+j-?|EdtZ?~jOZYkG%pndHp5Tm0w?;lbYgKNn`!79)7$)mK^qoFw$d9;-{
zn;n1RMa{k=n-$^Q0U~2h6)eqT=rfUe3i#X>WLd7Vk`h^+HB!<0r>(K*~MfpdHQUb
z2ncL+jcz2Rkyg5e(G8XV4d=#o%9^A;=9w
z4XzoF`wK-ghF2D51J$g}mxui+U&zJsISj&WVY>F5Fn7KyW<>ilCnYw7e-GLEx@!C|
zKX>=pC%bH3EwqQF0{Qh&>4Z$p@EJoZu(zdQ9#Bk_S9UNaCsAm7Kjuc=r5_cw7g?%?
zw`?ih?qt&cn{K_O!K{-~xT;i|Ka>WktnJQR;b}%1{6n+
zXDj{rWLk%p!DAI9X`JZcLzyHQE$Z)3l5#B7<{t}5n!j%uoFOibGdrDyy$U>d8U&x&
z<#?q_beuRsjEP7atwQDsnIe@qbA!rwE2bt0dJB;P={O26pS^cnYMt^x7bB3(sTrbq
zRbrxU6yvJeYbCEfl|
z3wbJDd5Laq9XPHICvS9e)VOZGp$t=TAhBk9$_|d*3BAW%Lp6VW_Hxj_a&Fn~id3^j74-U;*fN%4CtK6&TZ4Au+saaI8r9Q=HFB1Q4Plp>D
zom!=Ck$ef8Xl=aqZKHuD{+grXC$0rmA4ThLQjOrs9A1mIw~emCqi0+;=Y1FV
zMBLV8%YEY_YkOW^-?BvGm_qzifz`j5DQxqH)h9=TVK7(XU%0
z#n}o~{Ro~`73>h;nVtD;u}#4u4@3#9A}C*XP26@yYphRX3j}}DLLC{-KL>ItC4{Bk
zPLuQM)LI%otkpHaTSVQ5ml=-*+Hyd^U$g~9J{V{IZ;hxkVkxRy??)U*^{LuqEY?B%
zQg%J>UlKl6_2d5@XZ90CFAz?&3$tH>*Uz`fNXf8kXs!-m#&0gjaGiQCsn9Hy
zI=?m={<_b%>SP*2^6Zu9l<5x_sVx||xkAVxKI8q~l68OBNSgkUMskLE1yQ}Log4*>
z6$ajxMeWu(-`H=wde%)EK_T`gcsFsix-oCyA*xra@VteSZ`NRIKhGvPI^wM`rZ-ZRm@0;gd{b
zC4-=rvo{Lp+t|&3L>8f?z8p%$Wgox-VJk`ORYplkn~&Z
zdm95a&+BNY1yKL|J(ve^m2ncxoDG}~pDOVo;GlS6eYr>_w|{dUq%u}U<(SveMOylD
zk2QL?ZP+th=UcMx)NiOvfmy3e-DLQpjBpm*{#)CJq$v;>?38j>SCv=8HpAp}FK3dp
zmM+qjbUphi+umW;3|;@$nfb1FiH*lGOs;Y;Ao%p;N*V(gVEPO{R~7qZUO+^dz6lo>
zrG%bFUd0QSZ@>POzH|lOt^Tm2eqsK!Z6eWgC3!gO&U9PWz=v?!)D83Oy#3;Gz(8sC
zdGkk%H!%Dql-&(;OQT@@fniJNLDCd1K9z;O!Hpk-LkNF<gF~8$vLi2Yn*8&M
zCv}bw=u-*9dyiVBKB%XGy~>oIUCbTQkc3IeE4}UM=Y?c0iMYmkUcXS)zv128mjlTD
z=M$}D=y8M+Un+j@x2!z=$4Mf^;6&iV3Kwjqh&K1@f3)UQR#rY;mkr_rYrZE7;3@my
zVs#8&U=!%!Z}pjAB|e}8!NP=EOce~s&dD4tC?5`fUG%euKoth@3D65I-@2D0|J0?j
zSkFsK9X@r9|0ZeUk!2{Sxf{>=nTdoG(4>6nA_br9c~x|ijq!)R)a~uxnY}Ow=Xj8(
zJRC^;cPXPln1g3s2v12?5%)k8(p0O)th3p%@vls$j&ir=*r~JtXGnEbbCwBLGTP>>
zSHf3=?i6VM>HL>e>9>F|Tiv9lJ;Xrc~_hSuljzOBhziR$+)MpGIiN(qnZ135ZBsXC?{5xL%vl#=ZwUfL~RV%!24
zdRb5043#pQcL^tPwZ6|@+=J*^+O(?FiEBdW@9*3KxuiAO3648c*bY=Vbhbr;>b9y^
zqxCu*!iE4FyOqTxk#1;6Pxy%nuI=(;i2bfQ6&X0ZoOkXaPkeD}{%9HPSV33orjH~C
z@zE3zLMf$*>x-ryPcAbKk75=-8>+Sv$B9%ER)qnggA^hK1GjOy4|25;N?DVTiABwc
zZkfTxG;KmB;PEMxsiKs4pB6|uFf;er&^TKhQU(^0Np2C{2z?feOlBQgwsC49>S{$x
z0?=vwC~E$>-$0wWP+07*o7%C3DKOffz~A_0MOFvx&XTXSq)FFxxH=XOvsk&eqZW3J
zMJFJ>Hzg6tbb8*U3OAT-{^?uf^L-nBQ+uRr`*z{ZVIxNYx2yxjEE*$h?)3KSVM=gu
zyD?~vQ@TTX8h6mHyBLc?KS
z;x@gunbX_lbmX-8`CVi}XX~)@lUricu{;eb{a$$g-M$&xr_PVUO_03c(fe~x_MGkS
z&#N8%2#&)etB_$dDCAY=>z77gmsd-VJjtiL;r7?-Qn&Qp)-M_kIdV&C4UGrU^S?4y
zYr{^Dw5-rd#uaTzb=%rjfBb<&Ee%G!Oz)ne;KIVzhUp$Vb6sUvAi8245^#L%%+AdX
z*tHJ32}L{Eeoss=Jf|b}STW{?1?DY?lJei-B_*k`M)@^`>G0^cJbrT2SG8|Ba1&Bp
z6Mx`Ba$EAyF1~q!A|;0$_D~PWl0=n%w0_rI5ZV^O3yn`V(-^zYegcmni{s$&=8#IQ
z3?mCxzRIt3snz=uX<(oE@OD^p(+0Yu095CE#h?uuyGuwfTJ20TF=i2MJS1+~VS`n=
za3kmDM0BJexBthRZIJWI1Kw9QT1W!17X3JE_8A(vBk+d#zB
zx0FW-I4+tySdgNSBuv^qh^+^o`>Rhw<&i6to5mH_Iw;zAAY;QbSW^#++t-&R;3JYF
zEH(sZ@#XI@3?56WzJ`Q-G66<;A<=~QU2!(@ev7_d_C~jlnV5R|lTHMA)(@7^u8F=Q
zXBHmguYYqBFwVBSXj^?73ayp%Sg1uHfX_LdL{-L5?+i(@j@baLV}5%a(LI_fnWqWS
zc$=;aaV7NF0nV%yLoIRV_xZFU2EJE0Fxj%dw#3OHQcg-m+$2T)bJ<{q$=pPN9WvVAjJ|mnJo(Y8!
z&y7(FZ&Qp^HBcypfh*1d>)O|T@JKX+21b?v9UdMI9PaJGm!Q8Pw?3fbVlOSl9AXs6
zU|Oc=5;)%sl011v3Rj8uf2rx>Gf)g8$kAOu(F@TTHoSf)hLL4%95N6rLmJOxLZQiS
zjv&YN@6Jm;D%o5J!E&0FX#SU`;2Gc>TYdmB5bw3T^vDx0?1kfq0CX_Z0Shb@BL`+`f~
z=(MRJoDsN`_ZRt7bIjg?JLrcD0-&`9vkD0$YXX$|g&Ca5GQKubCUZlM8Iiys1fd#U6d^@ylRYl?M<
zdVgrlZG9T9YJo>}Wx>-ni8|it|5?tta5Cdz+_wdE=3>jWd|tA=>MKaq8iYu`5Su3b
z!`+r$xId3^!J|%Vi@S2`<++pJem5}L2m3%rw40Rfac6Ag9gc4%ZB}Nv+WXuiOWgEE
zz9Ic__})3)R}mQ<*i#QcC49hw8KXKg?OogaISn
zz@%HhJPHFGpCxN2HgtL{!6y|p$fmeg-hQSxE)iuCIC7F1Xg`MA@G>vP9jNKNWJ7G5
zKtzMcW2$nI7-AxxuLw)?45^iuPaMs@r`gl!=TsH{yBpy8Ki=`AFTCcn(#mD5vrHMW
zXPakE2nxgfWbvu*{$#jkW~?Pa@+O<8{f1Vv&)(l#%#*N3e~Egh$xoX5bKr9^FGIxW
z`^Yuc0lSXA775K6KeIQFP_5*Ow6@QYug?;cbX=zTD5Wy|W`p_Bj~nKIvuX^$th^E8
zWBOo2h&@1GMBnIR99n|*D8ddM3pQ%^#=8QeF{@BYaS4z(B{Z!VlF|1rTru;toyM1j
zin6!kIGh_0E*{&U1N6K5Z>&ahD9a7Ab1hiIaw$>DOAZ*+c)Qn)QB;4SP+XW04(f#$
zCL2P%D9h4;Nc7_OThn)@-Pp~y#~eM)G|o&2TF)aM)306K3ER>F-$?_j^s3rh+aoSs
z>R)|3tIxT8%vtqxGXcFi#E*sry72M!##Qx>PfdY+e0(;vJ_->}>i{zi^Plb-D+g<$
z;TnwFPKjh01-*`oY#bbU@ZdLoA)wMX!T;!%?^-`6{UH6kwu8p4U<*0B(NybUQZ)64
zX#&|kNJ@R1Wb+{+bxqBQ6_Y{@`O0hHLtie!Stk(*_*XeS`L#a?ydAlTZYR_glFExrkzRLT{*I)G!+Y>bauHOD
zyCfPz;GRiForClQXc7MR7>krg&-QSGS32@+>#X|TC%KY>KI^+XHdRE(O=a^5xCD()
zt4|c2a{no#@%9i|vt*0l^d2es`M2#fuvs+*tIhtC35$Pql|mkqDKf5%@eQgI7hU}c
zB;-M7>pt8vNIN|dKLYDW7|RrCdUx>rBY%Fy3M`d@7|I%l{rvfRA3qZ&WEw0xTY9?+
zD5!5NRN1$X=ujo=p05x2-rFweiEw$Z@hjX1NsU}!6f_p+1
zFIcN8>-XLB?6MsLDPxqQN`bwJ*TRWbHx}fRi5FqcK|mp{Wq`J(|FmGdbIh#m(1DfEP;_Yjic#Ttd7iA>aQ{!p_gJychb_C)y6hS=
zlzxq~g4=qxY|M?U;N~|o%U6@fyVv_T!jAJVobpR;;3My};d2Cw+PSKtRDMrOh8j7V
z{wFrXdS!LL9^&}xO|%n71!t*`JP*9ZJFGMyHRnV2NN?Hs{wNdqbb6f4;_Ich#Tj|&
z*#`UcJ2cg4(airJ)!*88zc_b~`)ybtpOf*XRiZ3o
z30qmYbPYkM`5H|WD8O&N=Q_`RU!_WZ{U9`lwnZ1xJ)@(KDyK;?3I;JnW)3akcksf5
z6-fDVS(y0PKJCg3qV+VuxEYh%^n=N7Y&*L@3XDd>VfApJ!5Z4~Vj}~)3VjqV|1=O{
zzJksYzx`&Jc@do5W&H!55M6jm@KV1|)zXdj&3^=crr#h@yN%UCWRjDUF%_R^9g5ss
zC#|Wi)6zpQLkG;M^SlmMPBzl-N}q-l?#Put{cr9Bg%^UPmF_x!`E-A&TV3+$YPKXi
zeC>r9TH1u!;Ukg_tBg1LO#USR4%g-1r$Dtf2%Pq9aC^-Pc)G-C1yUu|t%5ELy#X71
z+{NiH6E=p4dGSBC9c1BxFfrpxZmegFj7RUQs{rwSx(EN5NnU@KP9&pV+4nK7y&I9P
zmz%Skl9k!CGen)hP7_{^8E3wEEyTAQ2!?XQ=K?|6D+~^4f&Z3>?%}SShYA{>2xufC
z3a9b9npFn>6uSvf!BIjJ{E*riaxtgllGCWSBP0U{s
z2KiwOzJkerc)s1-&@GjdkY%OHv^#@6}7X+l56VEivUL7SQUJB#AC0#|DJshCx
z7_U6AZr9Q&p8Ll8AfnN$#`9`lsGrhv?kj1}c=me-e(PF}i%!rFsY!=bW;H
z(3GTzvl{_KLCX0)V0UC}x20lOUhDy7d#uakZ7>QPSyd+9U&~H{1;WiBAYWq`_s;x{Du0msE_w_pDD0a3iP;kxTDD3w)<3v|9-_
zx9S+2?QBL};kcZT{jFW}kEz^r;hlWBygUunP5EfR0JkJZK$+zq_h=8Zr*F`og3bPX
z&&(vGDPKSjK3)Ca#DK`wt5DA$-d5sV^EBe#q(nO+IOuFxqDJs28n5+ec100
z7qL7&QPt^~eB^#7gC{q6vw|=73JwtZ;8#0Y7X*gy_;$Tjy6i?9ul*t-&2WiAJ`3z1
zyqUv?dPYEA!4%)Yg5MToP28eMwd6X~>Mwf0-b6|s^zypCT(Vl_dYWAkuJ$nNJ}v;z
zFWm{c>O#|Hweg()S}X1jPZ&tlY`?#YR%ZtU7vAiS6yXBctL}f&0|7-TG1P=al_a->
zT8td@yg1?V$yPwgyE&L(wP4YrmRqY1xl)I{w{f2!CV}1DA7)Rq&tzH^76+Bj
z8w}2W#$b5*u}%Te7l>JS1C1Jac2p0G8AI)mD(G0KSAm?V#{_oX7{tbxVjP8#g*&i^WdzkZYe1n%V}>vRanp--b)&MrRgM~RgukrMhyp2Ss(n2Kr)+xCmK4G
zaC*l8kCLomlVj9-f@tUDh9#G|GUeBZCau&+*6*_h39=boE1o<&fHi#$F4Jx|oEsO8
zYy4-hrpG=d5f8JhgBW+kUFbwwxmgYyvaJbO8PnQ)OxtPnyH-6+y`qO~2x)A1CoEb|
z!sLlxK_v*`yJ2>AP+Vu_GtqC2U|xP7woC4%AJQXT;t|532Hk2L6w~o9{J87bLMTgX
zYrjudO2Zd6H$S&Enj5rXG~exWOn0sGNf8;b|1iGcLofmL5V!qXuaw~@aaujCxhO|c
z`ZwPvGiJ0mc_hutp8iIMDc&FH*O!oGSr<+-0OkC1)7YXgFA@bx>t16D+x9u2CNaZf
z#0=r+uVum7hKqct!v%>BTP39aU1VN@jl~zw=@wcQ2k5ck(ut82XxRljI;ZEB^L4?Oi4``5w7mcMf=dBbw9#f#j{y*I|CpFF8x)!O(3cdqWj
zq`Jl8K>c)D{Gg~pc_~O)J2ALdUEu(CZsK0Qx@C2A;&dbQX8X@#=T=^U`OwiLR8`Qc@;_i}X^;lW=6rBJECvnw`c;T{xcV
zcJotn*_e053wHsxhsmZ@DOtSZ7<9@8b2;F119tZ~9M>9s(Nro-OiXodyMVdsmT(u!{a^Q*S{!_K8ogfhvwiGw
zn3x-;1yol8m%9+vzZ&#Negu6X=dF(!b0S^nNgmSzhpogX>
z@Q;u2rYsS!rWywLPM!^Y3mNUaaLoE@~-7
zxA_Bvpip~Tf9^NPwZiI_8KyOMn;!l=t_+RajDOVRhf=SVLm3F-^aaujcFD`L%`GV1
z%+GIs@NnkHCPDn<*V70dT+a_?+P69Z8VOaHCgLhGu@pv|nSdrL8F-aKh?;;9Yj`z7
zmK1sB1@Qo9sO?wg27)R3T1TL8c;WfIZRKv*RC#fr0jR7;j8KvhS3%I4*QJzbb+Mij!BWMcA@ljN%*ZCibar?b3g*)R!E##p1Rt7-l2?yL+$1s?|=b1#VsO
zZ3z=pTTyBSk3LzbM&qA7-n2SkoSmPlDk$LX&o`p#i}e`8%2-UeUZ6&YYTY5Wo9=VX
z7uKGu3y$9bnh}^z=#@8pL8xWaZ{_`kdF!r<2cnH63MYJ!4$tKs>DpMIa^mk|);VHB
z6=inT7c$JJU`aeTH4uQ7Hlr~9Gp6`^m7qzcc*zyB%?G%2OoQN2Px}<(@9jgniiQy%
ze(H0+CEIr_&LhJ^
zrg-mT9`gI2ji5rEjEJ(u-{iQfy{Pjc4&z~O1#@Um6LKetM!qReZ+d||ds`ovKt75&
z7?C*fS{R^3jYP91Mj$rqbpMQ)Eng2Y`tD6On1=i=f{|~~cpG=inK-|(V&xlm8|tHU
z5$}BWFpBoSdhHeVslp<1ATl4`B{k+u|Jz)r#w_?doL@xprQg34AQj8PPm8tIZfcqm
zWwAH~vo3>8!~mK9G=K!}7P3HZVv*~&v_ni_{eJRL
zYC*j3FgF
z!@tzIqpnB4w~}`7YxrymIr2&5cf9Tx>|gTD0HdF~B$r)+95$pZa5u?G4$=zzGNRkN
zbFrw{t#03LP&sf1tQmhPs|Dfv;i2{r40_HadX{QxHctXb^A-9~VeRYTRsAHD)j<}kYS9NuKjElDFKL-FaOBvm?bF$lHM
z9$rj3^aUJ;x(4=myGpi2g^G_pkXnPQOM%zX@xXq#TIu$_TJrHTau$;Y69GvphUNV2
zY>lMD`R-5eg(1GQRds8UEU^MVnM1Gv
zYo4168J%QAd{WowI_pQ7fc#q=*CNQg8yD>Mb#($pR(8;~-|U_#ZL}EWKR=plaoYGO
z&*rJ8xZCx1gwpgi%~`3ZA5WW(``x28Hjl@f&H7T`IsuQCMo@0gl?DHXh4?4varAY_
zN6Qelgrc#x_ewWFHE$f-*Ldofz6_Msj(wl0#lbcuHm9ptVrzff!JA9N&ZSwp}
z5i#~_Q*byps{ZruM-Jeq59U3YMsf0PL|pF!4qDRPMEU5ac0W>c@~ow5|8nZ+8*cFs
zkg>(P#1M_)p^oN0_coCTy(4DQSibE1`z&ty&c!Wi!~?vU{-jT-TS>ac^sfu6`;UW8
z*tnQ|R%dGw&Z{>-hvO(>XoaJxH;LAt1SA#^(a!SksTV-70@KnV|KU=zb+INz=W9i;
zsf*b5;Fc7|$UV|}gN6h@bHZ2r*G$UPDvX$a
zjZH}Rjp1LSoIm<(p7y?wjAB)fKFdj54FnU7BOG5^Ret~bE-5$
zQ`J#gFQJ|hHmz}X99L9LH}
zIi?7Oq9huZBwo{VO&=#~K#b;KqoaiUzhlY@Oif4p{=9@OPsNbe@&^ywRP6eIBFV_OtnR0m8cEE67%Um+eZYh!$&EnvokyOs;%t+Go}%Tw=pAEL^HBN$=IoPtarqPV1O?IPl1})uBlvFI!*@elw~gi
z9+Im}YfKsKGkF@Gj|yNMEe(d=PnXzf*Yr4(&+FS=gq2S!3a0#dMCE`v9>8quo#j^*
z)$xLa&#kQ=D|^@?qUBxpW=q(9wyDAj%)++RGJ&}_nC1RHa}=?AJ^q(OYMkfS0zJdQ0tJcl^EUEqw$$
zV`|v!PJX<&sVuaUYAfw$6il0Q!=l&{ut@#9gq6RyioG?`
zgn#s^H`KVccuu$B^G6@VtFYa!jKgYu+&OXKyF|%j0*vXU?m3qY5jN3&O~v=&HqY;B=d5H=F*KHD(gj=D>%}kcPfltsHkmsiw!*oJGQ#xd
zQaW*or1Pk#t@nm+0KqT7{G5aqVvY#rWoaG1Api$#>%wPRXMfXF;74-OqtI1u7TM2X
zR>xBu%Kz
z8z=4=OSB<>!{)g=2N!3}C)iUUt6(@7Rxo9{+xy6Fvt#cVrasFOD~wC9EnA)XN-s
zsZ_+`+L9UaBU44&QNS5tv{aNr*GG?rfl|xaK$|o6!;fnkCl%N^j`b(lgR=OdRXL8E2@n+W2
z$V)rw(^6Sy{Z=b~>v_zNI81saK7)A1J~k$c)HG?nJ6zRlZTdSofs9nP-mmE7
zRZnF%%Y=~4x`kRi>CFUYwgypX`b`nB6Dz$%gNZsu!$(!-PZyfC)EMa
z>4gANuuoXjhz!}&^D%QWW0dyTKgoFN5l+$Lxs{Mox47_y9!DHzWQey>nslMEKyo5hz(Tla|NM)P-e6_1UKP@&kt*uNto?X?10`Up;GfeYQcqR0
zJS%E%=4Yv@D2KBzd{5`|o{m9;q(+}~ICIF^m*70j+L$+31q~=WH89PeMcFOZ-in>(
z8vg_8bbiqv$x+TGqGN~dW*GjX?;F5&F0+@6tH$~8CFrDgo}Z3!R!No<@kRDiNK}*<
zJ>nB3I%vjw2aC#eo()R1AEt`Bj|z+}Z)o&$@o5u~e=f?{Pi9HeFx6Ej?bPDT9|bUf3<(+h%}Jr5q}v&4p+_Yu
zpEksz`*?v6o7weLgU38i5nzpKA@jk;IG15*&QxN2t%DAr5aW*>K2l9tPNJEx>XP0s
z>`iSoB%cnmgBDGjaF6P7zaSeEx+G7Jhy(rK^V8P=pI
znwO>YToqM{9qp*%f62o>>0~(*QDun-HkiiOq^DZO4w?{RGdXpCt7QCvb}lmS6qa6;
zjpy+~-K>h;Zrh^Qh!VAX5cX6vwxk9NRT+lJP`i#Q
zA#Sh%>F`2Z8;P4}=AHhUX-WZTy;I&hJ+9*WJ#*J6Krnj}r9j}X_|V~Sf+pPR{N<2c
zb;T!rEZU0uhDxZhrDtOyv0vHi4sZ<*cp8fn7C%Nd6#!c4i&6E2e$f<5G{ZIOw>^!-
zpT0|EZ=hyW(X-*p
zj3BIy)o_R1l#7RFGs5*+yvOW|@?z=`s-u5q7liTU`N%KwPnjV>Ru1`(VwT@=S5L(B
z=NN4+(1%dYTDmamCQ#^NS;!jUmh_uqi>7z(rqqn2wnnQU4)vm~$R+Krh^sTeWP!VN
z-0Z-yZWFueg$I%Z?7Ij|W>{hQ;wY
zuN5b*Kz-2d?r?D#uGc2H`{Md9Zt8D&1aq8@Ac}
zr72xa;FZd_<>TR-Eq%66f!i$y85&&TGy6H=8*W=F_UEHFPfNCR
z@?DJ1HAa6o(6WPG@O-AIu`#92DiNw6AKyJitoa@g1=>1X?pnEex89-zN;SAkWc#&Z
z6V5IUu(mJg?UfcDMST)WWpLl4+u38J6c^Jq;DW68!D(pfe7dk~oLp`fg&Azc*(2rx
zXTCckF5F8LW`0I((|hVdwwlVskjK)tOPVg)Sx#qe90w*|hy7nURN!Le!xTGahbSD>
zSR>E%az^FQ6*>VDqT&;>0bLg4<;=YA=@A_Ey6PcVJe@9{F(q^nzn)f^*(Uqp{ocLJ
zLeWl~V`ouMsU2`dtQAo-JKCKjv`7|6MOs0cqHipuR%gQ47^WQe2Az62W_P6{ff@aA1xtcb-0|KKZ
zC8y_&q^%>@WZ8q&V8UTz{&V2qspP?nEM%524l%@q1Rq~2U>UW39i1doXb2paYO?yLS
z=c5E)-Ppyy_?P>o%BAb^D`{IT9~9oD&$K$9&~B~lkC?Wq34O+b9-Zj{Tx15*NUU&mQVDDq+h4*UIo0)u(kCEvL_#N$z~At|~q?Fsf`B(>vbMzWJb>+&hT3l84MRY=-
z{P&+tf8zM{CU^I7nyG;ch1wM^U(%vy+J1n!vjk&c@&9y2xh
z9wH6o7?q}!YemcDZF}S*`$kQJ_ZIXy2QGfdq#1!LVcFqFwPQ2;tkMs!3(`$z*Dl^e
zQytT%chDl&>Q}G#uH?
zd3>SSpD$V0G$6R}jajrWDQI+`9N(Rfw_o@h!A88_hKU1Ns5;Qw*|*IVSlrh#puw|k
z-ZM@maRMiNrdxqA-;i&B3#Jy>2D;
z1R?M`^`DM<3dCAPL+xQ}V-Fcare!_d#`NLCW?hL+Z6AYT;a4}0U5xESme3i|-}G!C
zS5YTZyuQijkgIDehwjf;x(^CP(K5?iPr`P-i$oS`Ou9I+SKJClU5e;@mHYmwO^QB5
zI$Hgz+41jdHgsX|ndNN=mNw;GS90+yYeC$w+@p~aBs*;JXK2AC^@angxKvWpJDI5;
z^7Y77*nVw-^u^1f9HvspTOtn1_1#!0r}bU+C!ne7DlKhPzLJJKDaxel%}69!7;@27
zY7SHYa-zAbOk*L(0U1;xf%b4UIPyjFU*VIuNg->%Mz*!2dH$r0o)u2I6)`hJfRO*|
zk%5icsKJOIzxP
zNs`ZgHqU|m!E4&Wnk;vp>A#z8qvV>reKrf~Z6cfJ{eJ;t^w+ofU+-`fEPOK4yP=Y+
z8@_u(s0dBr?%ju;RvObLKCBU5J>LB)ScCdqU$=CzL+I=u%f}YYHM*Qg;G!AgTzx1M
zQBGT(+r3h5S6x@L>{1`jCAXZLUuw3W0dg8b?*y&fleC&`i5^Sm8~V-Y)1ILRl=Naf
zA%J#LrIe)!p09#&^jA32l0*})Xr;8eje>1WM<+c!Moq!RCB9fsXT|fd{c#+B2L4jd
z899OKT3lZ|XsVMKB}#A?>b^*uO_Yqg)Z=#L3>CXD`0x3rB}H3@2ZW>My%osg5#ZI3
z=^v5{2j5{j0K>iR7OMdPac?twy(RC%JXc4E()ANKvU@5Y^dW<9s^@
zn3ck^A`1ON=E`QLCu!&hScY_&5i$Xtnzzxq{}uZE2YF9&J{^Q~?9DP>^$ObPx8qKc
zPppZ@veN&_DM%h9hk}w=B@1`+t0WWmr^U*RBdEAzjkl
zC0zo7q)0am(%p@uB11RQB@ILO0MaGWIY{Tw-F-H`-}{~O>-?E(X7AZg?`N;Q*1GT8
zBaPiU?N+=LdLikKjPP_S7HVBf;Ap$Lu(pqmtTv&wt!fm$3WQt8MtI{(hDa&6`bYsbS&)~rDLO=QBYm=)c{H=_0tc{9f
zRbxzde&3k0TeO99sq0pzCncfkWN?`|P;Zht=Gl6FQs_U#;YnujhW%mX^wC)iznHfQ
z`^-YiKbU>~n4fsAX&;%13eWj!bo;QyJ;uM6aEo}Mw{2o%%hz>0eqi`|Fw5Up5zSz^
z+m2qWb!Vk5V`6SDUzy&7Rord7EsO-4ArX0eAXYa7Wi-oB-c8e3!gcbMH1q_|edd|f
z)%GGcnS0jZnVS+Lr6wH0p}mSq1^#Ic4B^}=q>jJZi0PBcP4L7QdQFhluUnnj%H4;E
z9BU(a(AZgcut~(@<&cLwNX`n|*sF3s_UViaXr*wwy5X-KWso067E|x*s+g~D6!nhe
zU=QN2slxm?Sy^%1R_}zbZ9h>SM)~?6jPI-+Wm3`6T|NJ7ZQH}WKCZy)tN+KCfQfTi
zSK}<-auFXh6)%`(OGy&9>?_S5-d`aUKO^Z)Bq1nwXM>M-r`++PH{Zp8Kv-aUmH&k0
z5R#2;^{VT{UH9cnQntc#u|!P$$LX{?w)8H4#}V9t;eO4p-#*&=@8kku5IcQZ*MGpm;0B#AeFbj_d1&M=MwB%Ct!tr0<)(Myhl}v4+P>Fs*$jfqom$G&Z!0`@;IG7-kW}g;QE@K-CVyy8hHeJ>b{Jrkd
zyI+GsY2Rl4vZP6ki~IAW1T}>NN$KG$)RMJmL*odA2el|3>moWftd@l$%fJ
zSqoi{gA*GwPM;3`+&Ih>h#Lij4!jp=bu
zG|=v>KMZ+lFMfl66?aMY$4+0ei$=)KFU+>{3KzgAIJb#ck(^+jp#g&ZHWJnbsy2}n
zc>@H)l1=6-F~s`AL1yVpVesa|P!t7sxe3bCDeFHD<`b%NRH~f_nb%#Mg|4`6V47@(8OAYJw%WuVSL&=;s2NGOScUKr
zuDnGUyJQW;15Imeh|syb`Rp(EgkV;wT-0pG=&
zCsEqq*MPz|{!fCpe+axN-x?wPK9EYRAW45xx|a5ue2}D(gut!Ed>WvEVw8``(I_Tu
zGhvMy3A%p2LbITVVEVXQgL8AgU)W=nja}`QH<7oTy{acY4L?dQ#yP&6y4#_>P!>@G-oh0%((IntE-JXj2=JUibcZ0QcaIvryGh1s|`Jgx2OHLLb$ZpYyN&;pb5>Dno*e3M}~&YA&mQ5b*!|sR_ye7~7>0)6#z+8hx5)
z2>fwYKwHI=`df8D#aPVGN1~f*`d7%noqXR^!!KT;c^N`xp~w}n`TXdd!bjIb!OS!%
zTAT{jwygzTAG7^7&T|rrRmd8tJgZP#T+PVD&dpg|?@z=(#n42JEvEP~RZbJ@F;MHX
zQ*__A0{B`9aq(sEDLYZ$h1e|r_j5j^1jtc|XP^6AVMFDI{y~=NtF*gA+}DEc5PMvf
zcU1;k@^xQUWoZ$>Vg`47seznhHxaRaX?Z_n5+$7m>Gcf
zm$0-!JT+V7E|&6?0L9(wGJ7D=+L5VT5Lv{$#Vw>)l
zPr03?Fo!ZwX1z9sG+xOjBK@F|pYQ0AE|XgW5((G9OBtv3Es#(U_*X~?iAr6vmy?F!
zeHmpMH1S8MP`lHb-M;gM)k^z~p17vd6!#JqBCucpwk9A!0nKSBrSb*C>P~QFf$@00
zu!-V(U%}pj3wIYh5)NqM*PLhF@1g+8=LGYb_BK3?ey0J7kuQbp#ONF&ZZ(yJDs=+q
ztAGBc5*RPJ%&~&hCD7Fh>vNT60F+0z?h=|zcbq1uCWKiT$iS`s4Z?hl%z`*g@05KW
zp|nT<^-pUS-u`+|jpOv7?|CrTem~dOIcvRn#bk`E@c6@8oO{Dp!D+0lN{d?XSle$U
zm3W+m1VAaH)A^ER2KKMk{>48ZlTG#=iG&78+>B2Yxcy{;)f{T9%wGROX5CT5(~_!!
zQI!5_MUS@!$Q44n(S$J?rjPQ;vDFO~egr{<4wD9hQbq%R^Tv=M$b+V0-b4fJR9{KV
zGYQ~DX)nT?sLILgCQEmX?QQfXgqR)nWyKhZ0c?|O`dDoid?zd<=dN{>e^dKVd~KE&
z04UMq1`|a1H?j9--z);DwzBCiAI9q5?4nYg(W^Es78TWkU~^QYnQ2NjoK`qfwH_KA
zR8k?KTEuu#>pJUs;nt=aMW11oC-nnJqX>LAY0ch*5v^^Cg
z74d)n%qpx*X|Cxc#E-xa{@K)2dE1ePvd>GlFoovYNuJ}C>*
zPcTk^x%D6F2#`yc1Tch8heWAwwKHgd#C@Dl8&OT4eOnj&zaP1;UX0t)v&Pb!$1@Ky
zn*$VeSSX+1^i;7ZDDruzSxk8{M?@!aNa^UNC^9tC?vCn(y0lzQ>Y=;&@5|Jc8)h1^
zKLHYbG++QbI`dKjB4b5vAON4?_!82zbmOdmzv;Rd=zfOmR$k8NGDyY$H@GZ$O$`4+
z>{Ck-T_#~RnIPmf5>14WgwT*lR&^8|eAfaOjXlca1N7shcv6?0bI4OC;;=bugO~{%
z)f-{}cyXUffuzG|)Vp2F
zD6-Namfb`bx(fNIdQH&J22>Y!=cIQ0>g^mZ8sr{T-d-8cw`yqvy)S|ty%xC*EOB8T
z?9{o%%sWbb_kuuMgU+X-p4vgFv&rM|^UVOaKVO6Po3QY06WG#wApagtu60FU3Q#*1
zz&?8~%u}NVcb&Cf>Pt(JcZVM=S2%3!DYxUg};11bJVJ>WRn>(UH6x
z&&j?0cJ+Q@RZe^CEDibQ?O25l@@iPYlH};8g|RWfGyC*?(lI1Qf8j|3;`vv_1bJ}#
z2AZG4Rr^Z=TatpHaOti_n+F9XnR3#FY^Efw{kbCIy39vne(q~irV@)5v|xT-iU&Z!Ypfh
zYz?JUStco6Np#zK(Gn6vaC?vmj3R&5JFF2Z5b0f3!aR64{!6|az0vtmh2Yl&1tC7CarlSVXyiBa!
z>l+^z)2QRyXLR(fOqOODGa}!VjKCSOQ_8>yXzCORtVX$?_-Y}pDpWvpb~*ZEcwk&_
zvV~Dk3_&>DT!o7()F;eFUcRI;DDA7M5z;jtER#lNsBW?o^+{R;EQycfhYG}2#eqOF
zV*=V=#tbX3qGfyJPw?W8u6#f)`|zf^rdWU#bEq(
zc~C48z(OAWm)c-;cFujUur=y`ioWh+)X-K|Xm{Fbs*VAIqa>WF;-_wlw;B^2Ic-k|
z!X>+}#sZMc@BlU-piq+@)YX(wpAZ{cHAf|-=*C3i5F3i9k5OB8cDN>5Y_+U?FIOQw
z?+gHfe}bqR)SDM0lRJ4s7HjXB7kQ-ET$eWSRg}m8JSbGfI_Zq5lbKQOgd{jVE2n^e-GWs(3R$d{SmeuT;U$xP;f;MI!4}u<#g(XJ)
z?*wS?MTKtOu0>>ibF(nRLk}N*UEB
zev}LYAnJPRLv104o&C|u3o&U!WzUq)|JrJ!ntVIyx%``(3ZB9n;kvw1tj=l@>+@CJ
z5F%Fb@{f5j$5Gn)iR9JuKhtfg80yv^iD85fjwbyLU0Dr)B5lTyXm
zqdbwMpoY5X1R7AIMD2FLL_5Z^IL0Qeo(_so=kf
zZl(YVeE;gs)+4&<`(*An)MAp0S_Y
zC)O&IOpNX^(Dtg#Z5mb~mR{Sp%}Ggb$k!(=J5@1H6P<8n1^1#3OqW
zpb)PbjTs5GyGxQiyX#`CN&TUv{G!A~kHS?{e@<0K1}$5r@`ERc5#GzNXlxq*OG5?0
znq2rb7^LPjg>P-xrTRwrF#K@e*CE_*5`etr;2-)W!fFVEftXq!*AmW&0>L+jPlzHbq=zfS|w+ZIp_2{TnVb;(Tz7)}0hd{=`Gtb_uyjSpb#%}9tX-U9W*(w1^FXt((bFF=8O@7yLz9VcqqoigtSjp
zM2hwqB8N|k79Rn}s@I=M_w)&(5wQ68ms4kTJCS!fzLC(D5F0rZ-suQUr^UW&cHjl0
zFTXN%jEU<6G%_7+UZgCGoZ|2TO&tCFf(@Q~(6k+S=uDFH5!s{Z0hJYTO2C|5$+acL
z)yygOb3_^rQzb$~G{#Mg18!E|sx&~(cXZndoB1;+Rnu%e+iZj7bjz#^@TKkKU0O_-
zujROe`J`RFBLMaWRYW#KIT${`3@CUI$XmN%)p|=XM3iadB!$b#&X<{H><{`_XS3&1m%pl}=bo|!PnQFCnHd^M)R
z6jw`1E~~|s>S?;bl`okf1oqv$mMV3C<8ADs-ur6zl9z=OMgND?Kr$H<(>wd}A;2}`
zp;GtTZG9(CiI;?Mm=`Yt8s^niX#F5aVQ+1Zn!6pz$Y
zKL4k8Gr~jfp1G`y)kd5;{;wHL__t7uHj
zJiJ?z+%ytnb+$i-OuKi|1s-1-cN5Q^oXP)c&(JEDg*>K&d570Y`9Rhh1-~gd>-EWt
zw?Sq}WC_fy&*0Q$h=+7(fv+ejh`1^~M>5ObM|~EaI}5s?!It#?M%S3(%b&;0o;NbPk6%
z`WOoxczdl@mkjZK$85PGbQu!$;ryNI3m74D@dZSox4!ash2DEZ$6~WU!fMAC)tI%E
zU3yoT>xFs&KI|mUJ;X|U5&21uAY6Lfz+m!YkJgee{xtew>7@zRX?x&#p?`5+wetup
z68L^RHI-Adgg^wIlBYi^)u|ceMJVhVSQ+RBu!I3@>SQi%6F`Eb0?
zF3v{3A>1PRN33kMp|COdtq{J(*ETCVJKlx>gw8E>_2&=p<=Ew#IjRUnz)R!czVDpy
zHZ4$ay@ylw?MErd{dOiAo>WKPmUb_ZLC5{|SE7)Mi&UHbO5>kz!OBsRYq{pN6R#v4
zA9?t|Z86m8ult4S9==g^w#L9B
zT_2T$!w@oYbL4APL__Bjshf~vszAY83)BS?*
zEiGR@u2w`gkhe2DNqU99zoW=fF4QJQk|@^;i9WXbhP{8F$N_+PDRGMK-U5C@Zc-E$
zL>z2sGqZeca|FVf@^bd7s5Uzrn>Ckr(D*yq+c~@`y&_WG)CG~JT$v95;?XU{MkY-K
zS(H(T+Ci-dngFDX$kjQm0|EP0fd2zv(IiQIHxY1HQgNv5Pir4U`6E=P9UvjGx?H<5
z@`tSbZc9lzZk7WwoEV8-Wvv3>R+2WF(GJmzIuGQork-!*!?m~1yEWv;=sHAsXm3o3
z9^;Rb^9LT>s>RBnt3h2y9nEsIap@~UEN=*nc3%js4c2tG&TR3LZ6ys*4?1B&hft%W
z-FCX&vL0{HPG3I{iTpf~9VClfqyIQ>j&$j|TkF6;&1aF2U2TeHv1fv`122p^v5?nW
z?XQ>y<1M-LZjS=`b)p^NwY(a<4=qyKZ|^BVIvqVQ-6!^C~s=O;l!45cnRR;RKor-GS!nkS;z8z9Pp1LGL1llTFYottdD@v+;s!6v|67JXlEWS;`oXdICJx>;RHf=!s6
z;kCx|&-!&caQdHhoeF4%?5@Wv670Hz@lF51jo*VF_kD*0|Myo#vL#4(AC*Oxrd$U+
zW#3{b)>D_0^Wre6Ua_)A>El`HdB8n^R!c39SxS#~EzM9vje*YQ-!lzRNeQ>~74VAS
zc%1(p(Y#@Mdpob;Ekhn4_8Kh)IF2|Nw+^)4X1T3DTp<>wNz?Lkq&`G(F|A8@1>`#iHsZdnoGGZh^K-dmzZgVFP;A3sB444tsVgR@c*o?~NPbCzz
zvM+Uye6I7JwUD1k>5jN)Cs7&%fWlhuYU>oO9N9kDtvOV$>VVv;>7IJ@7H|cB
zQ(7ekfS_63yjVs^STK>f42y?e02y9|Z1<&!T%se3X&2;X-;-cK;aku^taouWv^BC
zi8kjI8yVc&*o!zHURM<3-
z8`RJOLc3h8`S_&8E$|JQ#gXNS>wvd@5aYL)$CJXfNAH&hw5O0^Iij6c0+trC)T~n;
z0blo&N|rSrIkAc_=3@xKk@(1rX@&;KO?NRn@tPi_@iE$A_0N*?GH$9oZQMLIfJz3C
zwzx(}fJcv^6BQIvQYh=>yv0!jYU9zHa3pr>@uu1C)xfo(Cnx2GD(>%_v~lsH7vgC}
zsq$)=zAq&Eu$!pLT(Yg^m2|>EeTy!K>LfK$Q64h59+6N;i__mutqhdi&1>;gwheFt
z2;gZMq#9CHvX(=a3-Ke~IN2>95~x@&uU5M5#WX29EE#8jS@jX;ILcXzd?uH*mJ`Ay
zq^w)YO9Va>rIk^Y$Ce+MKOpfkN*gB~8Uv4q6D1%>OB!aQ2nLFVrK7Sq0>FM`8&-3?
zv^apUI%0oNK5MxlNB`VNN{Oj_%n=!hDIlww@!ROiaH?#P2gc)I{7uQVG}01!%viCc
zb9y{578u>Un?RvJd%^fKPoVgJ^rFMEI*xqEX0)fkAo;Q)Tn_y3Jz#nr6Sz3OJ*DAQLPeGuXDvh27j+~xWr
z2ZXpzA^|Fxr&5lwpQ36&8CU-TNWiK8CkpnThTu@dc0N%D;)F*3i|qjxh0K$20$jFA
z^N$Dc|6h!839>&xey*3&xDhoxjIjeSi3619P~^wa><@o~QuGdHnmsVeB*f04mp1?pjOr+CEB|`|;=gAW#OAC%HDK(V*3GmG41M*+pD6G>|O<24kj?4iBT3?Y}d&1gkT1Xix
zwS%`Ll&LzmkySw*LG=Vwl}r8(z98HxtjS*3wtv0dC!9&`C*K_4H(RxWDtLG_U}=Xi
zz20@_@^_&sUj}AU!jP)qZRy|b;K5^uX
zR^+tVC=2+4$Is$foRF~8ngfXC*}L&61L^=5+<%6ov+Kf<{r
z5Sbqc2IVlS>*&a3EB~HfvxlPJD8#m}2W?O67MGOB({knK`3!U|D+Ab-H3r1jqd|dg1>O`tzvf)VbwD!MQjqnXFO9A?*5$Ta8c2@QUc60TB
z^ayQ;&F9`Ki611ypLrVMLa|}LB20YO+CSe6&nCb%-z7p%QlHk8^L$rMu+0Lg2@4h_
z1OVz2rKiRJwGR+t9N$)Z@fued8GzWI
zIOOTMaM&C9d&fZk3sOS-M-|KmvaOvwgoW+sHY`{e>eJ1+4z-wd;dsRaP-;DP@g>?3
z&SB1wh5}E%y034|{}h~~cH^T}8C92AmC!r_i5Lq1c&TaU9;E)ZS!#WKVB&h(82ZF4
zTAP>|jp`)N*KDV~-wncLL1ZW_$hv@wdBu9Rb*Rc8cs;NIh*83y9L+%AT;O7wuZXI2
zp?;WsIvth->>M2Y4XBt`!Ey+w30Sv;%q*bCe|rGBR+n8K)awHf-2eih-*YF4Y%yz6
zyb&!6q)zR`SG-6|{)b7H7U#CK@rd=zDW?M07?t$W7mligME$>)&M-)WRMfL6rSLt=
zf6@Mj!xq?UL<^uz#0EQ9uzr=Ont+KFllscS(q-4HWVSsf76CF*Gqi!yCqeXn?o1j@
zG@?eY4*(4p&;g(2w8|Gu<%>^293WGM0(d6NI-Lgru>v3@I|IDp0^U^qe`~tGT`J}F
zF6%!Ova+4|Fb{-
z4gq{68r@BMzy5;VedrkYoHmmrxv*lf|C?9vzdNcz$FSgWYQWrVNTyeqHbaf-&%?Efmm
zha|819r;{!+OjzZ_2Pi;=ByC?-@by22guTFUPWv3+w&lDY1C9GxG&x>)w&D{xUgtT
z)M?rnjz(DW>JFo2lN|X^=d3IcA?hxB$x(0WkAK%&w7Z(1rv$N5g^Ifai
zS}Q?(s85Rn@D^+Lw;D{Zl*tMPC~a1uOfv_iZy}HZVW$^n0JS1q*E}pNtXtouT(IoV
zqBjN$J9eVWDB_-qx;Xl_tHX$j3yZ)<`iK)L^^QXNPnrQygCSt}iB;&<`fv
z1lcGwQmIk_BI#%%d0igngLgEsA(h%kq#@Q;Iw>>uv-KLRWXnRvJt*GW`AKR91{}aM
zN7=&Sm0sa>k+_0F89-|HAvkn@W8jf85yO$JYC1t{^s;a$4@1-(*s)zJ3)3(z+|#0o
zClj>Bk5*Mvl~v>%$VDW@X3nCnW!-&3wS7Z0O|BjPDtocv&G&f!jyx=^R%1xkJ4jJg
zQE1Ef655zR;&@Q1-^{nEV$!=d`
zDZo-uv_&|@PEdy>#;^6BhpIqIsz*YgFFNZzz;aGtkt-c}KsZGsgQ1qPZNr}2p7Z5v
zPc1cR!9wPkcll#HXYzcL7LHW#K>lE%7q`lmt0Huqj!@?oyqWW<{6(s(s
z49oJ3D1=uS%4TL}!@0e{0*IxN>3%oFrJF!{2;DJ3uX)=ZvBmRQfF@SdNhU(Js;*80
znMKi9s>+w5LVKC8`x3wnQbVL%^*i_x?C)JB`j}I{$O|x=WrKhBzF3i>
zZ7!<=>t00riZ+
zLVh3DPAGE!y9pdzTxvqJ85I6_rQ2l$;>c00$!cTgN0ISoHZ?bO^L3*TgyRoMlu{Ns
zw6!Sic~AlsJ5ra1s8&E%nOi+c@#czev?DF+B_yjYU;6D;$#na@S|z?jWatc&JqN^<
zCjhI!SXiIJMv9S@diFdRbKLikC+yz6`&<%ddPmSgh;icl05IH$
zYQE!32cN(5o0kCSC-*yU_+yIR`KLC*(Ip{`1R9c&l(5yric6_lRND}Uq%k2Pw)hK`
z`=CbGh_wPk7HXuF8*QpQ%bN}^0+Lvpc?89@fU*aTnBr(&;;HUuUre$3jA@)Bz1ywS
zDyP~|xz4M0_LgQ_nul8Ye&aO~Sa*9VULzay)g+Dx0DvFMsK$**hLPq7=_KN|Bv6&p
znlu#`jdaA@|7=tj`*TwM2Y{mTkO+~S_o^H%kb1s3B1K6Q!W5^_TfJ|5`#df8H!p*4
zX{aeS44TonWuibE4(;6^l%lYqW?o_q9Eh(;5kX@K+sj>z8@bB(#pApZiATOJatxov
zHnAF0*W%ABx3aOpMZ$SI+0!IGgmmp?Q2Szkwk}*zXq(n)aSkxIyD`L3O6VXI7B!1&
zMtm}>J4H-y0=S*m86oB61Yl~_jGrOK$1{~iT>yk~G89#u7mY?JgLfAv_1!h?*u0rk
zd6i))3wavn+NV_RO)eLQcfdcAPQhkllU_|;-EUMFsWqM>N4SX;x+5>Rk6XDeTupv>
zU)w4g=1P1&-x{D}eOJ($BFg6y+_;i4UhLKy!hB^)jw-RY)RqOf(=yeZ5S|*XOQl-J
z1i_JO{pKm5ZqniIh|Q8Sn9Z83=;^&Mn+G=x=K)j~L)`AJgoJiWQ{agr{wV|>-Qouq{D)a1^|47g2d`?>RLb5ajbZ_j3yPrNQx9PWg565u$
zeF7e4T0Q|6$6!AV4i#1?Y4o&EGP=r3-k0<5_yWrD8nBcUjPT
z_#6LkJ7DPMkqM`Edog!NJ~ETf)mqWCoT++^z3`JMC(%vYekeOs?dtHQ=6-{pj3Z9L
zLhkJ~67>+V?23rf_}ROxaTUQtIF$X}r?r5-f!z2n7&vm~?>
zB#mC@hc}#VITXCOTj4FPSB$BAzZdb$TV=`(Zg5)PyL8c=rrk*4gFMHLgnV7Y8#hRQ
zaGZTm|Hf+Y=3TWMcPv
zv!H>flw~ZBz9zF>^SKA3<=Zct`j+{!poq}YtY4IXdAUD$*}o^lEvc+3Lq9%Fu-
zQK&^lw$%nrcjE{nTIlJaEgau00b&_H9A})mZ@Tlf@-HadzH=Hi#)l4z6Fri*-hECl
z(!Dzc-&)J
z;QQLjt(CUc8NjxYc7j!w^Zv!~cTgC~Z`iG|B_`LIKColOp@%Sb|2Vuuz}HZM9+*h=
zQlv`YPHa_Cz`sF-rvZT%(5;qc;yfOhelrR~iMzb}`tod2uKX^%+JEgsk9r5;Pwf~K
zpPzGXHRWp|Zr8UJ0|#O`FuKj-q>iQCS-dG1c7bm9-ASA_l<+Tl3jtO#dEt>%YwTW}kD8H%3U_1i1SxbMuZ$
z@>-5+QoE3U!Du{~00c+SN1l?_yiD3dc8hx8Vf@N(I~7y9zI|@R
zihsAB8)4YGNT|>b436Y#{6BmB4c4kI*Eh=$vG{PB4+10_q6+B2C*Z~?O%-XZP-iSC
zD6ZnN?u5;D*pMcc6b2-EKH2dv1ECl?hUK0JNHkmtf~>@XS5QWS;Fr89aum8E`A7o3|v>Sf?iT!QI-X%+ih%4p!}UeG!SZ7%*W3mB{}9ozS(j
zvWk_H#|aHR{MU!vl{Btob_ZZH8VFdgM7Bog-;b|PY!y@$Gt6P4eqxNG
zMk!2REp7Ut1sDWa8m|wFOHMbX!()-CX%RBpsWtnZhDVV|HE-44QoDm#xV{0(v_Ck0
z@%4={zn=_Q&wiR>aOG@@!bfVs*qBacCrk+EbvpxxARm?A^=tndP3&TL6a8B*6Y=tR
z&nJ^3M!XzN1#l`T8scVnQ-P^P-xglZn`sSF+5M<0RR?h$i}Zog=<
z+55Y`6e0UUf&LI9=0Yg;WzkHKqPfYa>m{e(WK{ck-9cfCeh-glH|2@IX<6>&d3>2(
zLs+Xu7FYv#uX*|IU&1tRVgZt5Fa;O?e9fsWk#FVNa|33!Y@d~!;=h}si%|HX>zw~x
zLnHo3$T9cUqQU*wy^r`eL=CooB_;|K1_Xj!&zG`t4MdMzyllR!d|_4>OcXtfZ9EGd
zxo1J=hTpmcE?nNGDnV%Tvt{94KLF;bF8(|4Lss5R^e5NO`1
zt{JkJ=~5)>XqlTHU3ffKU?%n^SZFxoyjjb|9N&KwN=p=T6}#W@_p=inAaWld)C?>!
z5na-FL-XOV?YQ^Bw@^u7%BMhNFOlON)J3e!*9{@VYn;*xo?`La@?D~Almp<6`?X?{
z(xrqiW?bIbr*PeQ+{G~7C-!iR*xc`4YuymBT;Rb!@zAQY}kuryp&Akc7JORUE!)4!BG4|*m^h4GN~#Y
z1|QClPlMU#T=Lm-Q^d+f89dd$rk2uG^I_L2%-SEGrjF-)EfHHsvLF-v_~0~KIUp;b
zIu(2N=y%NGwZ|`SDVf-&ls7s+C{69X1-3BAb74=HtAT?);X<0XdN#-OsA5T%0AHhL
zA26)^1o!
z{r3j9i%MG#kJ=8RU7`rUN`bqjZ7-CG@N8BKs_XJa4QIJv+~4C7GZ6Y
zE{YTq4v*)YO}iI*-1G$bIY$G87h$4PVVpEuXWS~a68QrhZRxWf``H>5e8ft?P^ke!
zb=Lv(DvQ-`5>ykNbOL6GPWza3x6ZI;yQs055?##m6R@33{X_}JFY(*U{X9LfEAgh2KP=nw2KVf4
zV@3q?7INGGnv3+waeEc4MAYfhS)oQ(m!@|CWm4+7c*@C#FyCTPNfqZ=P(1S9!xk>b
zvZF9uII_O($O>Jr$LrMcSld)xreyr8$fDGh^4$l7wp^6FKKpMd%ueaZdHC(J>(*MT
zwB6qhQRKN*@QycoVS$LXSFpy%R}1R4Z52~C*PRQ&9;3O@qN%3dUfx3%
zc~2vX+O+f7;IS$0{KF!%FKg#EuF0w{Z=5ZUFHRhXiv{Zf8BJU1HRU^Q_qVvD7#t)d
zD`xv*y`R00h66q5XWXu47G`Eg0W#=Q!c}tZM;+(G-K^4rljC=9+Il@n*3hqhiG3aa>M@+u^E|{g
z-A4~Y^fvF^@z!Gkx|YL_IuaOksksu`z>%JL5bN)GL!{$9<<+=dkhX3@aXYi;zFXEH
zyU@)fcoc5XxP;Csipa88JqbS|rwC8(tmRU0^+xJ!qju&A_8A*4!r{fZ=^@2W@dzhw=lMM5@
z*F7!1MtlgHit>k^U{)nQx&2P1GE;5SeYBeFQ=G8OgfQL|kXb#n$!>FGkU$H@cfdcF
zqYVFbydy!6=B(45w~vNK2AP#srVvKK<&sa+9O&hJkeKS-eVM(F#=yXU=BGr+sHquH
z2WgtMy%F;zr6aNDnp>Bg4_o>X^hd;;WY2)shK`NRSXbX!`XaG)o!o4*&^Mc{u^zjY
z4FVgg^QHQVS8}OcH>3mV(uj&+|3X_M1fpEUev~
z$C1W*4#XH^-(#E=;^7<=t#CVx3KkKd+%T70iMiFqR;+fZFFN?2pg}c^om0kXUBUwo
zV`TbxwZ2AgRO+xjynN%fMv8y$0VG3NIcqO1=P#
zOHD~vzL_O_@q1lZ`89
zAMJY>B+_txj_?Ik{iosn_VzHcmXcRdeLZ;=x@P{0kmlDBqdhVqTBU~hSnTr5Gv)iV
z?+wBoUQTtzLAzJl4_$7aJ2AECZQL{70PpO=uAsdQPgswH>lf5%$IQ4a?p>bs=g+pBgSMeY^3QrUy;-*28&Rn+^
zr+kiQ2eq!8wI0r5y%P~DBSveX){;7J(k-jTd4tTZTnRaIJZHs&kl$aTl9gwIC8oG}
zRjwS*w?J7UK1$QTCUp@o2F#%DU;y|g
zMObb$M`~RY`a-MZ=2GoZk+3P!P`#q0!P<2Vn}jlbv;)FJ>*iLu^r|0?sGQi)Of<^{
zn6^Y%8=af{y|1z67}zG6FSrEFplnA(u?0_W3&IJ3O?j7ip(I=5Blmr*^s04|1nwOT
z7_Bi$x%D+9u7|8#e2#RdE%(v>`B*E~du7e<8rbD4tT&G6zEoJ5=Y|?aoo)w-nE&|{?>Yy3c&!Zqr*m-SHm$Tzcro?ZlaQ*>NFrd}*%=f~
zF{4u{OYXfRZL7>USZw%(Sb|Di?$Y3c@}Ezfa^Fo0ABWhZnkN2$gmztC>9MEUrmPb#
zz>Hi3nM-;xK|B6#m#rIY+8QyAY3eYtp?Rx_2+EYNNW`@iuOh-j|M+e1r(
z5b6R2V!veK;c=6tjM$S%L#cO`Xx6G2^YpPcav}oWl*^M8Gr4ONLE$miR
zz|q0)D_0Q|y2?g1a>I7qk~j<$>%xrT;N73i(fUQq0r=09Kk3jG~e)07TKgal>HX=DZkHIa=g13;%+{QY%f|_0*5VKmN^dgZ{;Wgqpt0
zlBCJB7C(hHhI^Z5UsspCH7XnTb~Ou4a&uKR^zC{xi~Hqp>**931={KblVq=M+QXDf
z0@RXx)uy%^T`V%N^zC~yV`GhQ>o+#=PX@W$VmdlHluu8anFZYb@@r(Y@{TgVSnb}L
zj2un=m~5i(x`*wTo&2B9t~08srduEMMMMN_fOHiR1p%cO0i}q5fC32t0^y}dlisAG
zQbd8E5{fjDA|@dqNG}moS|E`ULXXr)k!tAW9`tp6cinaGUEli7ue0{lGc#xJ=h=H^
zO;3=eA_)m;0FJ3pIb0CbEvbo!=gaE8Ho-#?*m*+w*RDG%K~u3CS0=NwvmZgDw2}4V
z85!@80xRlecsvQrbl?SdbEplPKp?e0mZ&&8r9@%KJC!DWxMsahU+b4-jZEnvoGaWkAJ|bsX
znQP&{=Hy))vQ>63%WY-qUTL^f#K8#$Hqj`O!N_8R>UG1SW{d9C>#7dfYGmF%ND3U2Xu3kWc`8M?U
zQhs2$9@smTAiv{$v9OD>ElU@PT_jTP&ib=d)*ES?uH@r;lK`qZ-jF
zA&A02F)v@9oZ6j6hHcw5shIHZtv4H{f;l8kZ3+ycTxyI#YYPoApnEfAwN^%>ZB^bP
zy2C9CoFOJS;F#J&RU|}AfmL{cHH4;(lio_Agt@Mw-@LI|eX%sz{tm7I!J@0H%}0V3
zRMu`ylxFQz+}rz}6K21PE-xoCck~GN!*e0HY*8rL#Ol&pQid;5b9Y`|&1n_C#lAiRdc76{Uole>@P7u^RmZ2A}VXBGfg=Tcm1&t
z^(u=C$7$d0zSpb&kd`cfgPt#dF`RMEegx@fGu6K7QRe?4GBaz^ql^>V=2dxOzc1I3
zgSp*X@qx?~i&P$YCAGB^ZkMN-ICJNb2LR5;Afh=;@i=S>z^-Bc!gMW~m)OPhH$Ugv
zofd2t5aGd1>ZJ=B*eIz1*WIx7&s-eyROC)7E2$O2$9Zt2tb$;{i{`!52HLfkJjzOV
zSTsgjt&szGYHBr7$Na0_i&gB&2)kkE!76&$LiA>GZX>Y$p2X*poLxQ!_yVzt@6+-;U1G$t#
z;o+6dn+$KW12w|%!5izI8@(|nm!q5GTX7>+ieXk06Rjtvr(1`J>`;Qqcy+96KDKLz
z3;-tBU2*hN`un1}w2d+4g%ubM5-?LGh8
zQwjGaL#BGJilozc9d3L%VtqH;W+xouA==w9-`DMtZE`Pv__2(=EJw-4s>^UrVp}=o
zb^#O$ZEHh`<>lnqj$8$TkKK8{Sy3R`tG%~KOjT0|H1Vr!Mq>hXabYXw)7)S6YPrH{
zZlKBfX>vMdX8plrG-z(G6cvT-%x((I(n1;+)-1HYY%<838J#0xt;Dr`=k8nTU9g+0
z_g)?w50e~BBc(0eWr1J@O1dz*rE%2#KY$7VVfCwJMNYS-%s*-hpr2YtevpxA*&8a+
zGGC*&4KSJK1yC+kN%c$aE!BUT_kVJ~-u7)G<(`C*=z?xY28Y6=w?vl5M(+2bE-LAQmnTIYHC&sd+piMq~
zC@qz?#roVXJMuA#5aDuP9daC-;=A~xL+YB9%3Pt2EJ#jkR)w@yFFB^RrYPbF+
z-I|Q1SG+K+(Z0m-W6x%F8sfBBSzm93Mx!Tc{Zavd(Df_x0VYhnXA}KkBc$YSq)8&V
zMtjK^@xGb=3!z0b@>-bP%b-Lr|8f7J=eMRe3@-62xHR#~-A^e5y9Nfzl8oOPv_`UU
z*(p@P4MNA{+w*OK!(u;<^A&l;p+2^zz{|{gah4)_$r8S#&jeTHFbV(R2QZw~R>0cr
z+BtYR!cQ{H7z(A%X2u}#A(vLV7M?D5mlSS7q;c0)-}Fmbl()~7sp|{6XgtZ!&+pf3
ztQ*9=$Yyo<)s8LEyYT%{${k?`9jA9P5-w5<7N(}O%s3=SAFHxA1}|8ryJXYycFk~y*r@%Nztxp_zrj!1Zj<6$4
zH+R4mvS-+h0;}Xh(nt6jyC1Bl^!TPrrNuLxc|!29ehR5HuhTIHQJTbYmygc8HI+JY
zLw5V`y^unGQd2ZnvBivFQd^fJ&Htx~5s|H@THB_{G9&L^dMLYW2v+Q2-PEznfy~m9
z`Bbj`aaa^q5*
zm``<~H%+hIp^X@lt?92cfN)mDD6|OYC{HExUXz%#X*^MO)I|KPfp6>g?*%YnLBh-X<|bIfg-MK$
zY~0m7EUq12Yp=9;`}XaYmX;@5qAt%$j#Oon*zx2A*3XpkV69%S{`9GFFd937
z<0(+{I6&uc$dX_iML!(q+KubKuFqv(>HO(%ky8Z4tktD_A+8%-3*qcaV#$v{R3-m6
znxQ%Y+#v*)V6niT+V-Qd>ld)aUk=_Y!m4{!UB16#RD5XWIW9WG!*bo&dM4?Dguhwe
zTHZIcu*H|sF`BuiwpFK&THj^n$1d=N3=U~`K-fl|Wnp1H-*UWgdkNgMbI~4UJXpgz
zpSYuOll9+dQlm4GWPDn-Mt-X@*P
z^fd71o-7O%saM0@K<>g*mbV)tF+#SX%6@|^P!1_LGZc7|g3@c4ZnWYgRum^ku87as
z{|#LKu)MsgUm2yb5476`E#!aq@XMtl_d$@Y?}Pm;&B2;NrXkOf+xq&cjQWagu;A{l
zFmHw_d7&IdLrHJ2iR8(U&>W%eE^n!1StDt2qFQ|-&q3f#!aC+)+59m8i1?y)^A9P!
z*xBnhW;pB#zXqCi+CWhpeOt~|Jf?H|-atm!wHN#4tm{@@Fmk*2JP!RDAYk7v`JE|)
z#+;E1oUwr)IrN7{{x_Prj~IS)%l{#K^D!eCRN%Qdx0pl}s>;FWr_k7;L!0(CHjOId
zX(*yzYm`b?dadCMTCUQ;D5^K=9vkNaf
zFse@R>;fUz&4UD_Z3WdCXOlLgh0VN+xGO${X#{Rc5DmjFIvRxDTaA8{6Oxs@c2iJ(
zobOlThz4_GV<9oe`&fH)~7k2Sc~v)d=prj)p;L
zb=hH7i#?d1a$4X_o{OC$wma7Qlmd*>v(4m$+so%x8}_O>iDv3}fXm?BYw0&y37T$a
z8e#>P-W8Yg$(e<$@p~jYW24VfF%Wsax!fR`*bG>SYe8)%o
z5ki79ZN~W3$@%FS-6`q_UA<{?`g5OLf8DnJJ8=Sa8vy)ZA@L9{$wISIDB8t2w`xOU
z-t20&In>JPE1|L9B#}aBt_ZV8qAVmBE^Jf4d
zR+WR68@vL6ZtL|nI}JPyU$C|;nCa0iFQZq&Q(l33@RGRL%g*P=r)QL=Gh4IrWK&6z
z`Q5ruE?Lkrq4wDq1d{dgJ-|QEe2vo{L<|tNfn2
z-upzl;44;BWIR1xt~@1uk^b{Gar1)FGt|#a95jEWlN!ynU$iQ7UX@#rK-wP|a3Z_A
zyGzAFC`D9ji7ldt3h48u&lBPmP%f&C5KJA>d#hvpBqf9bU(GNKtPISa8BXTseO?=Z
z@iUs?RdYle*0ra(fO0fmjqL693gi{1SLl2g+|k~xJYjfY5C&>RO+rZ0Z%
zuj>l|2=e!9qdW>QR8(i-V5l9Zkdy3y*VtH&xV!(ZN5kt3mrM^=4=1sm&+R@sqP2p{meW7mgf$N{u88Oh5blPduSsbSFc&FP7C$cX2k`uR2RoiuoMJ+~WS`Op5YKkhP)b`&~sE|Pdww-jd
z5(m=&>+8WXVoHwV;$y!#Pg7l7L**LD&#&V7Ykq(pXYL0ub7Dyu1lPS
zX1xE9Td(=*1$PxIa8c^FYy21vxHE)h!kqg}Dj!S=|1q#%F1i1qvlmqZSfN_K4V-6d
z(0%}kZ=aZIzbX9jIjefSmarr=F5tCxQ;$0GsKfofoq4_l_4!rMaJpR<>)R%#XC`Gc
ztettro$BQ8hx|o6Z*5OLH1|IY0F9z8dDZ}+dhwUp(fv?282FLDS?gxeU>trg6-F||
z^`CgVQKm4MY@`8RAc~b6tvGMHG22ANgU6}8AITc5o1#+;9N5SD?Ho9(;0FaQh?wCh4v`Xt3MzCn+TuNDHXUv0H0wyN~F5fv2$Mka*1
zyS*OxoG%|$x}vB9Vua&uvntSkhR|??OA?Gw>`w#yNQr35KZO2n!XI#RD*6%QKeKaY
z_Yvc4%ahy6XSp?RG?G)ZjTYK@o>E2eBJrZp}WRL=LXR(xpPu0EInr$JsVOHl*Qs$rgUo8vX>6jv_`ws
z@fgECjJpIoc=z$$gHlg|O>sO=cw%`HZcNm8iTh4fl$S$A4-%1W9KhJ6opIBwyCJ`QZl9R4KX=w;XL
zPNP%I(hz-&`sBR4%T@=%pO~>iIppB{sSWfhNmvG=@0WMSw#MHq1Ciq4yF2&)V6pjs
zVKL=@VX=jQKUl05Z+r63kT1La$$aZWS=kTY<^XwFS>eaYdp)UPUTaO-yE|M*+LnvAsc3V1%q1~1*ti3=f8
z-2GPFbJ=nrfwT<&Y7GFenawR#`4KTYOssE9*NK4?h|Yr%iKkz{yCr7q5gavlAmIP@
zI_1Hrl0ftC_ddtUnaOW`k?7x1jQX#q-z)EF>gG>jTJI+Sii8U)^os;sBIj`3Kf9A}fZ>L~
z>tTk#aF+McO%1ay^RNH8);u$-+(Vg=nVE^PU6Q%b&#XI_OchxF=f#_xlR|ml;3Q#&7q6`I;3Osu8{VfHea3JqaYOCN530z#u
zz<@cfqU=QSlh-*n-C@w3+$sw-+=s1@#4WdDnu#Z!J%cyY!$ljPv983{#7I%t;RW5L
zDFKCO^wR`5CF)`xN#c^s)`~6c
zV}h1HIZV_n(|4w)y)^(*SVN!u4z#v{3QgS|_Zx@1?`}Wo?s>SJFpm{_y?wH_KhT4^
zD;Pt3RDL~67oMr}@X{~sTN2VF4K06SS(hlTdQJtWME8KD$&G}aby0%A+WTkmPd!S~
z9YS1grn*Aalq&zr#z2)rV}UQ>s1
zVR3P{k`!u{Tjz%Eyf5elcd4iAiHWHs9u&%pFG01bPsSmt=etGeV)f{#tcN0#6>OGd
zPkX8pIkfpL@7(}=UA_Ivxt#m^v-G}Z2XNeb+)YpcD(gLQlsw&W7*b90j;iTsx@PImCtemc5&*!AVb5X-W={jP(A0&|*?
z`v-$R^4U4iXUZAnWLt)J<*yqHUrd=q`&=HqD4OZoTgJ+vJh>=*^=Eh|>0(PgQ`S11VF|JfLp
z>cjb#g(1VEH+UxP7iU*f;L+pv0w6`NYZVm}za*u@D{m+yytdT-DSZ8lV(>fBwUe76
zxXU22ou$HfUW9axQn9e8tyJp!=v%-@=Ph=y?Zu28A~iL2+pozoGb7{u&qWCqd{Pn^
z<)gUQ-Cx5eE&W3Z7;O46I^>Obe%BB3f+IsfCG6kc)D^Afeeq!JS-zq1dUSvScr2q9
zHBYF?_qHSJ|7j4#2O9XJD?N8j{}&2BJbd%HVHi4s8Xp%o
z{JvO19)zWWfW6h98tnf&6$`PeGy02qDCmFzYXS>-j@W(6#=?fj;0ofZ#`f5W}|8kP&Sc7hzUb)^Eil4GnpN+~Og6HD)
zCoj%@PB&`HWUPtf7k}CW^U?jIuxMJS2w(I_uTXXxHq}rt;#G6Yt{(
z2Q4RxWPi7gxe~^!fBGd7AKenxFr{Z;5d!H3Yrkn0ej!Z(dO-qFQ-?F-(q}n!Q9akH
zsSpxR%WlAL{o)0)Jp6F{$n|2jEA736BBFh)B&bHiz}Q}8?RxUEUtGx!?Y0D`65_{?
zANNMe&04EdxUa>!FWSyx$VUdHm7~Ap`aN$zfUjnbuW>v#E}g)s0rc%Fy@}&>r(r-e
ze(rqlM2}XZN4S&;10qse?gJulk>4cmqd4u#;?Urm6HyQ8q*qSQ{j0du;|fr>6)wfy
z2)wH|#ee0b%QXlKm9w~1F-^$@Zui*+3j&GHR#sd*8;qXgm%hsF$f^uTVj$mSD`q;`ko?*Vi4{~pMx_U)reTv+Ndn9w|)UE3A`aB&;?1R(<%&>rw49FrS!J+m{Q_2hB8n=jwh~
z7hXNtBF$~I{Q!|by$7R%tnHFAj%dlurPCbPh6(DjL^(RhkE(w&Xu9iBy}GecCV*TU
zDJQ3Ty+4!axztcVxQ#-aP-2rp0-
z1^i>UX2wal6{Z+$$O#xlfk_A^ho~MWumwhNTKw{^(JN_Uy}(;=9-{$F)*~b%puixA
zz7s*Hf4B0xKGKjNALy5U2b_vlmN&(&QW2}&xw=C>N}f;(-p~Gxsu#9sZrlX3&?(FH
zWutDeK5zu`fUDzQ=Lf>UY_mJr>K~Tk@DyFA>rr;wD9B6pC-Kz
z&GF947rV5373oHOT^56#7Dh+a+0t`?Y8p5-0eddJ8cs1yYkLM$a($Yjnt
z(i`km7^Un;x1=qA=z;lALyeNZ|F5bMu_`10$k1c?Zam)SUTGXqL9JXOrsK4CmZeSj
zF{*R2Jt#ys-u%8wd5Yft1MogS@~O4hAF`LH3JfhDQ01*r^tp7b>8G->|5Ihe
z7et3SDF=L%CAF}yrs2F+0LGzC?%=HmR5sYlwiCt?^4l3ERyHr_m0}>#NfggbXugi!
zZvW0yPVtbhby;jfXwY`bLrLaWd$(00vzxt*G0$hW8qA5G+FkFPTV=MQm1+%gwTVf#
z=I$4%_`1v1Hj%#g4O0rDe_!&t7{+P?gqMcer#
zhEa>jn{32Nf!^XwG34hT`OW~|s8Mfr(jW;r@2Dg`1Y=vvt(+}e^-&!;j9)B^9aZC9
zxxf@XRTh=c?P1dP>Q=z
zOTOH^MIjU*
z(K0bPM8bJBb^^q)E61!Rz!eZ4TY_t!y2*yx7HooV=T9D?E=0o~Q_Q%LTa<&Dsn!xG
zm>uk~0LvD`7r^WroPdK@m)gn82eLK28xV)Q+Ug3DZR!3wCAH>fK=9*8mVCXJ)h1=T
zHKhvoLj4KtlQ_mIlr#D9zha0&_&HGj^|(0x_bu
z5WfE=n5F@Yl`ks);Gaj?tBZd=(X&|*wVzB4bjejpJ(KR*|-
z$yNyt($rn*&%sFqo(uye?aqoblQ#PMAf_=Awi~-?-l7)tYi5a}&UQBs2>iw@>yz4)
z>v>rFc~((M>m^=0z}YnL1+asyOzz?&kpr*f9FJze%Depx!#@dR5{$BYZg?{-DVZ?|
zym;vT2uPOy%uijt7JkUUe+768p{{w5??u|%><$xNEf)3A09UL{7FsXLr#SJ
za}EtbUASyd3$6jOXKa?Cx7+ZjPAs!XNJhaEQ%(hrlEIELvd+7)X#~q1MkMy$Rk*#i
zR%xqwi+0j(zMh7>3rjbkN?fSw!eHAN-^b=25iEJ8L4U4csFsMqJ_FA}4cpO^-z=K&
zX>Fnm{xUgWt$LsTbK9%$H06u{jxv*cAW56AN5#SV`CsHTa`2uZK
zw;c}QR;pqN!DGK-i|Yv*`&VoDy)=rV{ab)c&Q1fd8-m%JKMhdM^ljZgGQ2B;)EK}`
zoX<9`17Qw(fk)4JH)M?XFn-ea5Jp{rK&ZA<5z2~znU7^ax-WJRGF&F-@%Qgv-eM%W
zkP@!7XZ1mEf$*TNWk32M{$3&RB&`tOu{)>1^7m4%OBtdiAaie2xz;%1@jOUDaA|f~^v#Df<^sr7MrcjM~ZK*H2uf}Df
zmn9(*W_iLk*zRi&GAcKxxhaCYY&NNXSMdb4`mG|-x+}LMg#WX5C+uK7^C_kSMzc?%
zq}dyIo*f@}%c9x2d8C$7zf}bQk|sv7a*X_ez@&ecs)5kM+fs5O=E$s5wsQhCfwSdB
z^7E%=(D;}K2(tz}i_x>$kjpn7nbHt71F7S)P$Zg)Q6wt&r~mEX;l}+haYBuI
z6?IQ<4-p@ziz_YXM`r;M1w;Sp@rEum^^jYarmOl(&LFiw
zy96BlTpSGRGGwN|3TEBvoB$dj*W_bIbH@{*Mu{V~BQLIlnCQ5aJi9|#Db2@b&<>&I
zbkEASjwh8P_j2D{${ZH5s)>H1?^&NW0THL7a+tI#=!X!o8Mq?Vn@!VHBfN{-tuJSx
z@9POM4Dfawk0A|2ml!=y=mF7iQE)ZE&pL9yedn3y4u(|h;KLSqo&tcltla6%Akl#p
z`vY479TKAzE*xk2K^Q?g5%pK0=N~2zG=~%Gfnm^GU3`c(?*lQ7KP{DNYO)d|dw}ah
zt&Ag_Uj-j!J?GW$!iAzRp>%Kd_z~|X99-8?@(J~kIOwnv0?C(%vP$QFX;>q9bBu}o
zOKJu|lD=Z>0y4U{E~1vELfd~yZO#{v!H{j2qtHFwlQwtCZp2aHkMKO-Mc{qvk1ysG
zEE500v*N~Ny~Xu3a1UI7)&q3h@_$|sw*z@91CglCoaI+(5>rC#*Ha(jc)wNJi**Ac
zqu>FegB>IIn(#}3C{tO!pX;+{>LDYkcPZA++x!zNPeaNFstobVHEL&PcYw=5>;X+@
zYBZ2f{>ByXPdtV>WPnokx^P(6flCy;7MvqKf4vvEs#WNYIG5Q!h%c3gpqe5W{EfHIXW|+0(QU^a__{osJJ!Jq6hc-3!zUMOoB$^b
zKH^Dx^@(WWq*P{-Ua40~*S?`QXpaVd>fR+ifRd+G2PG#0L!Z{%ExjJYq^O1r8!U4k
zzC#5M`|HM0A^OUJhYwFRO>LziLj&2=scS=OYzoYd$<|8fX%r;;12>301SlYHN8lKU
zXv5ae2yjm3Amu@W528^TJ-feV+YYF_s|En-L8
zT>oC}Uc&zj7%cD)xY}|k$^e=Z=(%WNFDoUfr(v6q`aj%wPDPxa2@H^AkP%H`SOZ7=
z*VnlNR7qTF>_e>W8)gT8k=BAhsY;HvWs$1OIa(oQu0q{vBdUS1-=mpQNOalKoh3ac
zz5)X;Dw_X8j9n;9nUbcHc_VZ4#)FuE2-r^o|6@O^`*GqbiD={6u|~OPz>f6Lf$3B0
z1mGp-yLL`Gf64~HE$h(eNSQZ(eyeI6o7B2aElf{O(*mp>+{ks;UmV$dnCtU3UN*tO
zDkc5Y%Ppr@9vGeZXlAUspr?Ea;j)_R!Ia=<#pkntsB-06l)E}DyN@doA$N^?#d%T=}K^h
zjNP|gY=v`D#)A*tl_EDYbpdi|!i+=r>5cI$H!~|S|5KE->_q*)2zWm0#s4DUs}B7S
z0+!MRnH^T#D?Tz&`^q@}>+n~?fJ7+ddmIK~mbM8CV+k4=U-)oCxUFu>5r_juGT49m
zNB+jdk4H3da>+Mw45M$<94*^3?-wVudP(eN@F8f)>DFZ@dd?{dvK5e-;f9K5+uSdI
z_wkHqVFg_+TBwrVd3N9!0C!DU$oNKOZW^#jp{dap7hyIWLUz)U+}k&UzS(~
z6IN*;e~(NA5pf8q5)1GZ>>^p64*dO(oY_V?c99Q>(ueZ1**g&(~UFW1*Ux}XovQC}ZIJIdtv
z)ig>1NGl{soxEPM{Lkh<264Ncr8|PxkC}K$2=NllxD>tPigGw>vB6)MVWi&Rh#`;0
zy!?O2nReU=k>!y_XdDZS9WN*
zvhE$M9aQHPZzer-=%T}Iq@|)B2grs*6E0VUGgT(0-NwCBc4D?5Q;Jq+k+=kS;{SHB
z=!2PVDxWRL^tTqt?nnexF-7*jUYcqD{>1&MySLbu)Qe9v#)@J;%tEm}F
zJd)s4(G)$6C$E5Jv^?^ELv%|5ADh+xtw$5~{)@rZLVAL7Z#2g^SP70QN}$N8({Ir}
zHpeV)EB%g1f*iJ*dm8D`T~Tf`O*_$SaT*(_=K52x0`f?)|1MJ2ia0D9Siup%vqHZO
z>p4t#6#R+r?zcLRMJm^}wkOe$C2)tZ^fD6ESpqs4D{k>p3Jeui!*a18nGu1jE{4Q}wW9
zj%Z6m4T-@XeUnHk*C5C{`4Cte;?E)?hdY*b4x
zgR{AJ1OS~KFAbA^4XT)D;^V@k83B2q9V0Ai*0$|2|HzPwOG`g_S4^#Imy)sthP~WZ
zwv+I>lYjD71G>;N7K!69YV?wzf-iC)G8of3H2Ka1=d|dJ!m1_h%4ad~?
zwzh4^P}tExbJl}wK+QxVS8%A+T!+*;rAPd+WO9W>(4h}c#XTR1{p>0iSTtO(v@rgt
z;s$$Hg>@Hw?>Fd%9W&pK+Sy^1XCo(v(ED_5<@dk`xV}ef+FU!`V`QtUqWv3j?nu#4%Wg0Qx+D6qppjmS=_azcBWML8|yD=<6S?nE8fu_j`
zCN0(0Rg-{ZgUs?DGU72G{;dj07io8qqp;OmG!k8RwOWW}``r4sJkG!q(Agr5XBB06
zr;WRWAT?G}+`WaNX5Srjf1_k1J?4O3595S3Ez0;2eQ_YUv?=NK>NH}(?hooW24u8p
z^v(AypE2hT9uXP&RSW%x^(H`p8CHpcL?Pvo&R1y5yZZf57i$~O_Ug}`pb2(g9>8Of
z=i5|HF7fZt9*q}BL3#%U!S412v(G~Wuevb~*qpHQ&aF2MYRb$G;
zIJ&BHbj#d@v^t?K_6u-A;d`Ddyh;cLQd^+DQD>&?zI(<5Ct^Ld5*9q>k?>;&D;zVl
z<54xnguNh~R2xC$#n=k~Kx)3cIh6%Gr@lH49j;|e3hjuo{b&p1FKx+GWuK^Zi!f+;
zamWhjNjwjOD!jp<(-!@l@Tfd7*RI#>Bb6YXKF$NC&J8)rd6R=Jzf$Y=7zXPsF=fvM
z$5$*y&Z*sx9>Y<$Rg@iQ?*s`ZqAq+{!Bas8-;Dzab>G2F@w!Tr%>{=>BvOEkhCfCm
z3z8S2(-t%zITcV~<$FIhbdSzO@Pb?_3p89ye3c01@R=>EvdWzo)BjVvI(^ip5_b8@
ze_*wPnr-{-42TGBS@53A5yxa3Ouk_-04rF@YbC_jOy-8Q(y6Y?jT+%mLr~J
ziRt?XVY`JYy^^c#x0GFr2ScrVd`7(mv1~gq6J|Y6pi!C0U5h=bpVmG;<#q0JA)h4^
zl~1BpR*W-Mfwd!yZ37#lR?}<&=j4GpmZsvKySx0pGmXJ}oO{9E2mCZ^iR?J_l~Eop
ze=kW+KKe3i=Rjncn6hgHY
zLOQjyyQsM?p;lt|KG@rRdxRWHyOsIn%a_L(KS4(Wl}6jLCkh@Nx8mb6rW7^IWPFCZ
zcjSWOlh(vqycaOX-@shcAVG
zOl^ur!Sa}|mn2_7$_(R7!-;`yE2zOM)eJkd)AwtvN{u!kK1paAtG|;R!BTrBR*93h
zGHYp0KU@gFxAUa-ycb9X*fQYZz4u{<(>!*X`$RTmS-7byAxm^?RfiLA7~cL)e}&20
z*?jM$)@@QQiJ@5y2=0lHZo&Rh(oqzjtD#YHLkH@wB*(4ZN;(NUW^bB4d!lUr2I67`y8bhU|q|}0q(w;q>Ze3RX@k&6t6H7G!
zMfK;YxDgVn?E5o9$!RlqCTcT3ydYm=1njgkLHal@{1;js{C|8>wHyClV!70tX_$_R
zDc>A(6vuw%lUT5I6%8m}(y?9=Q9}+xd}MW8e!%$zT;j
zOwV#qE8j@`ncv*ZfXkmJ-Nm`RcYbMe|5^_DXl|1|WuFWUP*YLsvM8qPWQfc-0-MGL(3Om*I;Yv-W7;LcCGDm
zq2`*8<$mN`StGY0&L5<^9(%k)50W
z)kZ>5s(>U7-|x*VZ5y0u=yV?cF7D$zRCRUwiHLc~VP#L<-O%|NuY>G6>r;;I&ML4Q
z&tUDi&<;&54Yws#%{|Ps#XUMJ&Wt2`cbEM>?g3whXMyxXt#OL)A#k@PpZ-{i)zAzw
zyKkKl>L+elinZlm0^e9z9}=l~vd=YAX~)&ngSG~uQHxpDObP&%2?Hy#&)Z}9ObsEk
zdQH3;r;!g~n+gggjcyK~uBSJ>NY*%wcnJGOBTT@VK!D{p^9?8O#GC@5x9Di@7H*=K
z&_0x`A_2qeqZNI#z%E%u&8M}_V{!T!_q@8KyCz(eYaHVklfI#A3g=f9E!uG`_{SO{jfw3n~Hjr|X*IZ|D5V5+p)Ki5}`i8B+*tDIcmWMVyii
z6a1~NlQUs?Fn?fH8eij~BI-PTXXlhQjXnHZ7FDiFaBimf{D;w~`uVJ_v1cLXg^fJ99w9~439Tb^!#MQ6yF$k+2VL@*@u5KPki^**ZmIOQia|-L*;wl*M1(Y
zeVCmjo_cyve9i)!vx?n^-HAcX(%X(fh3O-)}?dYmTCdSVvt+IUuoKH8GESH^KYUkN4
zaMAu@y9YSGhjLpi4jj*CSi3qRoSBXlom0iCNduj2Vj>JX;+(=;p?^v#%#*g=G(hLE
zrT$K%EJnvShT2l=JEZM6+36))2&+E7e0QK_^P&BzdJ=kN$%2L9ki3gN-*2nzb$EH<
zIMf(CFfbM#0CsT!27u_e<$m=%qOw}jBx33uj8+aoK3w-pie5tT36GIN=|wy4vUnV7
z%e+|cCg$;25ovl_&(ZO$S20#7o^j-Km44)uokde1+!09k)oJQbLpyGg0`8!|AaloZ
zkeP1|qq}C+NsiV@(;bD)%!21L7)3;ofs0oelp2)2N|7M%x%AhBKqbZb_@1B`62fuS
z7Q;QYm|mZ6u}Rc2u1|jjgq+%O)ZIKx<;;6I6~kviQCD7V@)QIo>Tby#@nm;jJ&<4a4^P*K+Thah#lL1&Oj6
zic?|leObqxOs`!WB&Too2Motty0GN%Kp=_1m
zbUmm3w9fuUO#Nc3k-IXJF4uu|sdPDNQ|SWNd%$eR9I=++8&1@_MkFRu1(Xp9tq
z$@4mpZ`h9|N=ZYOjX?sWW2Q#~V~=Zca;%K*5_wrW(!4hNA9NZ5AZ)J?f-Co|^ti1u
z!kNHXVXVSRvB-kI_)wl1?*G7Mw*jjl0gmJk6Dmh32cAIe4p#~hLBYEyD#dAIWn;z7hM=n-N4P545_!z?!Xy9XE99y^r*{5aRow
zs(Bo-ztz{N!9>U!E0f(+pM6x2@(I`K8z~J(12`xZE6d)a>{v!z)o$n`d?R7lr~1Tq
zQ)Rj6#Z{1^M_aAT=sJzh6QgrG|AFd81)UDQRy%X|O%AB(MC<8~=cM5kPxaS}u=lX?
zF8ey{6%GSB-S&|2rH@I)fv1=}I~68YB`cmIN0Mwol@92+z_D|mf;i~}yB~ieW$+J4
zn>NYUn$x3=g~_@HDSCS~GG4=s=(0!^>j+VvD4RR>{X9~*IT9J=+L>FQGjjc^C};sC
zX{b$=J!8+g)wWk&pZm?_x@kenlZ)p|qsJ@N2_~x!mw_)1(zMWbsZ0-7ZQy>Qixn4NpNyj3>`lomI8V1iy;OSE)UKJ-e9GT=&-97
z6XcPFb>($VM9Il1V7$_n`nDbTQ|o}3;5fp#%7oqapZL_}{+x;SVhTr$-|_0otApSQ
zi+T@vDvTg?)+!@DX&Iih-g3U%z4D4eh*e6d2J+kt(({!O+MuGru<
zi&~$RNX;PWPt_*qUnpeorflCTw#79~`4}={Y*BY!-@+4{ZdZO|We%SE}ZDkrYB8U!%7-SE-?{7+n~6vHD#)
zo(#%Njh|tKHN?O8ivHBv^o0UYMz7kgix`DARM6E;b*d7wYz)P$!X0oA{!7l1Is{iv7PYJ${GyKaQX+HuHQIK&WNf_Il$fEl$jQHnGt0eA1
zVPVqQXe&u-8h8ZGUIV*o$j%E^dK=~R0
z8c0%QKz(0K&dQZZZ2w)hCH!e}_%umv0R^#*Cn{4*tv?i;sEPZP?vz*3A9Ur{im23v
z+)fAUsPs{|o!UI{woi>!602Kw4Xbv3lz#}54kdCFDB;uPicR?wY1-A9&@ky(w3j5+
zygSUc&S-nED%dUIb2Ha{M9IA1>CMoqo`~evyKKj%ZgjQSJl=@wyt{?X8VTX^1_pkn
z^(tq5!)1gpw`0b8XJv6GCTKR9$hm-^!Wp`wtsSqEdD^syCk#OYZ%TWl#N@Dk>tp$y
z@>T;439)P<3yk>bY21GfnI0xAGvez84B}wzx!ybt{QzkM=5ADRg^R*PfnYwg>k_pD
zi`AOK2-Z&daEvU{*s4JnYPdw_$7g_c%;fOU!1%R;c_sypXrg_^ZR>V9R^GnI#Xkp>1ft`jeev)V!vVL
z+?C1y^|r>oOyJ4i2M3>KQ`x(gVqNBnt(-D+8Sv|YZbPd|TY;439E-h&s2Ju6`V%%l
zT@kJdoyJ~gi4(T^V+>MYubahl%@FFFe~)6i^?ZmLYjebZ4O;uR)`~`(XHzj33py8n
zRKx@+o}UQRi2CpgA#=P8VnMA2e!GErCJmSUfj+j(2eQF?9ha?-gf1d+^Wkp=EMs3-
z5d3t!U+hm@>2M5aOD3{l!uVUe`=IRrfCZuc;#d0{HE_5#DIFb6`1~r)V7tP4AmZPh
ze*K5Y*tHEE#3Knr)KakJ(C9TTO7o(*fE=~b%MaStB+mDJat?wox0WwR^8KEQ`O{54
ziO-jBE$3@nlcIDqKRG=$rSA!=@AL!OzPR+mP=Q1V@|Q#@8S|_#?C0(FYQIY=C#(A)
z)GLbEaK$J{v~F1amC5MJmUiWMv}h^qMm1+{Sf!7J&%)UHM+6XVb`7JpUUz+_SUwl|
z%|`vdLL>Lw;iJ&04ELt$TxgSh&o*Upf1J3oQD45`qzgr#0-vus2Y_2mz#$$fOERk
zh4hnHxXcVoIlf_*eo;1CUX;3am0+zlfLC9OPS1Vjsc
z>_|rSgcPRot37$zThkQ=^UuN5D?LC=tg+)a#K9fDda_}b6WC6@+t8+>Q`L>QE1}2t
zv6CM<_⋘$C^6-vt{BmUJ==Fum^LfE9m^vTstB6vFxbC@?oW~7>l!zcn|yY1Aebh
z@u;6^44=DBN!9l?*Y9(I(}nru5)aqtaiSH;&S7RXakBy2$|YP~jlxVORihX5EhM!E
z-JK_-AN|dQI9^tVC5a&yB?ND5!usx^Mh)(qUiJXOUpo*Nb7b*_$V5kf746~LSGI1lb{-sRO&U_P{5j&g#I?q?6#I2$k9GDv)@)1AxNMR4OYMFZ!
zg^JS(4C%g?!v3QZ8YXp#+MKMIYHj@zIvvJxdKN=|=d+zRhWy=T{
zcGHW6Plwk5&hGpCMuWzSufy>_XyHSfW(o|=pTFf%K%SWf~k>+V6>@`aH;v_IY9(3USR*4
zn(t2Ijz;xyeEOT}mX+Tn{j%or#y2jSduNQct6NWxxRnPU@l(Q$pxRu-DN{?FGETr$
z&K7#L_LR#R|IAEI7++;v%)8|n7VTOjXtMtcLQFp&>G$$rzfhjzi;bb3(_7n|Bc-@c
znhb!^YR|}8aCoLarX^4jl9p%LBhW&Fdiaq{b0!N9~
zit%L6BlWgFe{Ez587y&j$%$6_5iCNX-p(^iF2Lo1JbSxdpH`ylqN2jahe{P&IxP2L
zu;8Zj!$k$zau;xlblhA1V&B;ri_Y&7`H!10pIxcciXX_P>%it_z&B|b0d#~_3b^`J
z=5UHWxdSL*P84jYq%OvGN^itT@D4TGwu`z^$lmCGM9r?&-)+63n)=%FUmW$)w37uLM@Y5D2E%m^s|
zPgZfl0#FB?)4}zqsN*s|R4^OG8St0FJ|scvlS)h2x?o2CjyDgn(!XwXqV-$;Jlh_`
zGt|=2=AszK=&p6iS}1Paay;831>Cb{q9RJb=OvwN>`x?bu+`;svK{%ehySNqYhVFImQKi2wu2OUid1~>
zZC7F)@W&BZuu(gqAe4XLV;OuHxO;1Co7ci(mLn=|H$R2SOJBm=V{)Do(J6glY|sI-
zP=ne~jlM9{qEy(lE>o!FHSd(1LvbdiurIz42see;kWlEPa;UZ)ghXYuu)-u_b~}F-
z${mMk9As~yW*Jf(`y<<(b4KuYUZyWJ=Ebn#ytj<6vjAM)*
zVPYN0AV3?Z$6rbE!akl`WwLf6z`aj`L@sz>)5Q@$;VoGS&YL!|K0MGY>brpOEo};6
z$!0F+79~5CFV1$2`IhqnF9gl?Hy-vNg~OX+$kj+=KTsv}-neZ`U>kEmA5`3C@z%Hdt&O(e3)RH}bUk4bw>J8`6hYLj{hJ
z?%N*@BM*8|MZ<@Jfy?p@Z%Vd(pf9T5bW*ymo?GVRRK2jupS`JhV9m={a+paRrdFB~sf`xW;8?uUq&otN@J;A{M
zr*nUNvTlW>k`?-FV9guv^BF$bY&6i`cbnU?y|Sip>eM)o{T}bC4HN50dye}3^wox=
zImkZsP`Sl3w%t%Ia8#BXs@-IK^LeV*+$U}iZE0?E{}`Y7*{VWV2S!UK_LYA&4YF)p
zznNHMSI^EjspZ-*NCYD|xk}g?o;Klq^q|?hxXqT!iwAaA?<6>deoyQ1brFp&(W@|b
z+N~cId&87fRen@0`6A#{Q>S$Y!fEk~|C!_?(dX1&za6KO_>;bVMirv{K%-Ji@=!+Yx9uj;=YTH&j4g
z=v>+4Hz~+DdogGYU{!yTdUIek>TMiL+A{Gs@7uE1U+GG;uM*U
zNozR|Rnpw9skgFEJ)cf#b96w>ftu5Q{xiWL+PuB^z%+
zZ2xePbye(1DpA7qG;$r1JDL#e)mCkKlY|08^*ptY&qL6ze_nq-WpuUp;jyE4l}Y3M22tBPc1Pf{>ETxA~2NLd*Yi*T`~j@L#^{S%Zt%~0FYYJO;u=<>OtH6y;~(j6?PoRW+_
z_f5=*(zf(&yaeF5JIl-cvI=}l0r&zNH+jVLb&CISSiwy4Um35R>?J`|-wr3vUXi=)T*j~rBO`|Ka?>Hosbw*jXf)XXlP;U&+Gat`rHHp`jKX90OeMx
zB1S=ql7G9zD)YeC_);ix&aSVSc{)J
zH-~N+{|k>VI`%6h@&}3FSoX{tCaIxhr4+mgDlL{LWXU7g&kLf7@2~{xM<9Iter1sN
z2bNEsRxbUV39vmZaBHr-d6YX?;BSr#I?gVac)ypv^b#k4);^O%^SDQ;+yOfRUYZci4p_`CUq8DH
zJuRi`7uR!YY^9nbYJ5myuEogbo+L~g7`^5Xc)V_TQ>3!vizrHxIsfAVIPhd!-){C-
zo55Y!6-Tq|7La57eJ8Nw`Dzp-3q?>i)G{35CVo(-$?@{Lrdr{V-@>#}HSb5tci{u1
zEr}_dIyM?;WhhMNdP8B@dDNQqV(s>$tR(lg6qK8Ot7B0JgCR%35`z)1CIR(k!%=L;
zoR`S)BcGd6+cfoLE?Na}QQ2@{*Gr-T^I)<0(ZlPb~(+g880W
z=jheCnG692(DzCu;WT&Dk%ym0j
z1|CI(;o#`Pt1lgi-zr5xcEBAlJ^yjp0AUuJiceY$d{LD?0>9!Iib3ifhZGJz!(7Vb
zM~585R<*~5CqOnJh6kA!+SEG90&+-xj*`Ot!kVT%&_isT|LO_sC1(QxG0fSHx5rHw9
zk;>?l7Lkw?5m53G1d)v~z`^JaNfow9mw+%rkP)Nad-!~R-}m?a^ZJK7J3Hq-=dLS0
z*L8isxP9_S{vU(*)Cq!jxXDm1PP4{{c$vlnpT=g{3B@|Ukg3m(0EYR#{8c`Q*jAoG_KnHNWZ~Z09Box=*sYO<6bk%LLomZAJ;$uh*
zn%NJTy*aDac-HZZiJ0;&shP>(IA443^w*R%QQZs#2S1D?1fJGDCew1ItB@f<2*Nz$
zr>QGBlNo1tb6Q+Qp)Jw9gVVN$W|MUjvT3?$qvf+sTna5!D4(!#>yllIDAF=~!5gwkL?^>^ed$53-%_rJ&dx2B~eQ`H9v^Dp4WvYE-=B!xg
zx=(Rcor`>*QzJ`Dv<%A8xDTCZBLA*$VIGPtMyut78N5e_FwXNIywmp>Tsnw!(6ZHE
zwFU@J>D;TGmjz+5$(Lli7>qRxMS#U|8N
z$1>IM^?qo7VgOG%w`TO{9joS)`QU)TlyAn#u4w>i!^KUvD8WG>_d
zm~JiUCKLEFzE+TbwW6#gJ!NC)MT?cLl?rdKN)>$!p1&l&3Q`z?C%%4I33j}kvV&`-
z8((doU-OFl{z`IC@nUSM)IE*+_T+1FJkCW*&P;Dte2Uc`@cP>J^q1#B_{dyJwU^l5
zXme@4Ajyrau+kIz%Si7h)SDejOUfQp$O$=F-GK5RChYIb^MU%=LlqTPauwr})erTu
zN5AR@mi*+R7kZc7oNwNLclUivr`q?>0Xr?tn_Nn-$9g_IylKbcsHHh|qeAI6{mR!0
zn0NP;^W3EY5zcc)CGfS=7W2Y_PuAL_)JJ>nOq$w14Ul*BIAg=9kgI!MB;7u<{LExf
zI(u{b+p70BYE!>mQR64?IodW?r|RGGiwN0r-GmT>cl-`6ZB+RrOsIsZx&()C3r8ht
z?=jQ1rc$f76m;wz#_~LQ7@qX$3&fT#O#ECSyF=OMxuKU?{--$dbeU|}VLkLAf+23r
zja~APl2^U8>zH;~@2rYzGfAw%Vc$N@Y^J&HUf05KU9|ZiqThQb`2|~px|3l{f2&o$
zPYk1d+}ksb9C)Mm6JzaHwETXRH{^IgTfPPH=DkuV)xkSf!((F}?AUm}q@62Nc7xlV
z$`d;uAakp?_glf@aNb!{Zu^DC-yb-*-_M6lEjuXKB@GTSTvIGa7^#{u55d2!8TA>Xg$owG|ETG9tn8-Ag3GiZr&wL`Xy
z&MQCF(H8i5{AK1?Egw+tDKl;SLMb?YY+HdlKSJ|Pw7|6StCjkJ!PYC{_X#ovZ>R3^
z$C=9^74XqULUTX9OWD$)^4rIRyFs;FJcKVBrrv+0x%mCtVA&S*fy3jCtqZ$uaW=K-
z;$?gG?J#kbg9c5pQZ>I)(a7fw9^c%Q5*Y*_*TABpeq1iPgW(
zNW?NBoKq#kcw8E+-aWT}Q?lLBQPoU5<1^CBrp0m~9h9LP33IWIy47%K6!-lO3nZ{<
zfJaN3!z72-S^+M%&-F>!Te|2bm9Wvg4<%{vRg%+~VnKvFaz+-JWX2`K>Zx1)Yd&w<
zEynD8+>?nnu(~l1s{$x*eeb0fbaVRGiEp4du#kh(_%KgI%EsZ%jj=qD*z_|5UNKO=
zM&O8ih7~e>_!IJc(_ya<_hoZp`Pqoht;(_MO;??BtAWjuw}Td!PxX#{M2j+j=D|Fk_oMB
zvQp`zE#LaqA94;=nkHQqB*RwQU)ADdIYs@Ri0lxW9_}@54}lt?r^44>E=~Vrb>6hT
z{>a0^?ZoK15F#`vhT#L6I{z{p4h&OxohW;W${BIXVQO!{dT!#5`~k#C{}?^jH^S7jB3Zc+MyMG
z0^l68TY~WwVKiEZm8;gF1uwv4$RVQ(ooyexz_?U&&3}5MU&vp|{^WL?e$3Y^TGys^
zoCD0qJi1vBEu5hGJk-Vcg%NCCn5Jg}{h&}PMyL|MO>Zz5m)lt^Uq7sV{Zn$%S9HPv
z+Qx~UDz-WyM*n@_Zu8#cL?XAej<><+NjCqH-VyH7k{5jq1OPnt)X#J9LY`jTox0*N
z)_LG}6Bg`o8iby{^xad79jUeA5Ze)3G!@lCsA(H%6>qEf=(McyLAHDhU$@<69nFmp
zl;nJ2ad7IU{DK^2rXr(6+D7yi?~jS*E8Rv-OnzmTZKkXFsrrY`35
z_>Hk|sg1WdmYLN4q-9fM&`f}`=mnlVkcxZU!mO`%Zm}XGWvTK<6&U*yQS9kIjE8oj
zu@VyJkW4&~4kn#T%-y~X0%dzycDK>%F;jg8f^u~omYKL!QR%XChGYJ1zkfv3{7z3<
zNeBMG_CHOa8YsULJIy!V64uWlfR_x#O-coBX?C#B{}x~hs`!OIm^^hdN-0QD8KoGt
zLP`fW%e%8!QHoUjw3Sh(8t!&R!ck7Us
zDKhTQlGO{Ilb!21rS?h@Ia!^s81ler^UU723c1!_Y!ifPV>Fn(Q@1A?P<^lnW9`vZ
z<;(MMq*Y8Qv_)C@e(4+wzUe(iD*-vp6GHt!phoQc2Vp`V7oSNxdnL^fvuM9?kzP*d
z$0Xry?DVQVD}E5Xrc+g@=s6VNKVTt57ov8T52>QzQ~(;57b@B
zEx(xTwmzMmoBGX(9O%p<-cc;^^Comk_I-m(at`9Tk>v;{rK;4h->qK`1+{CVMW3T>
z>S{@yaRUy=X5Q>3lde;*7mp(G@547d;$w^W2|+Eu!oP30jGf~JfU#}vVgexQ&^Due
z@oD1us(pM`ZYqnYr9m9jLa(MYShfQ_-d`<-ns2Tb*{D?Q4(Vz@i>R0%bYMz<{$Oh!
z!P=D5b`+c$Z)XpcOhy+Z!h;OQJah#?N$N}sWd!7UfApCOPVjS50%v5iSTN`rZYz%!{}DGOFgeX3O*&Otah
zi@u*Z11;kIVV8%8btB*Q*Qhh#%oxnawc?zLG^`6MBw7}Sps{RDcp9lN)v>iX-n2a~
z|Hvo0dii9wZNnQ|=%L)ks<>a!fjmp)*ed|!iFmX<_C-dpYm*+WLQjh_?U@HR^VAp6
zqp&fmdMkaZ$SHWyWDMdd+0QC95ZXd8e4mP~E-9@p$&1uZy49Q(6BwXCszcDZ)`acE
zd7dT`g=`Mq)95w7`vha>!KdsCD##KP5~|SCp=ZR#)&j~GJ6okW@m^`ZZ;Q1poi{U|
zh=?H95TWPqn)|H|zYB)W7$4rs#jYIY^eVlO4ALUW+S?RNI9y61Pu_?pd3JS5>MECr3GQ?LzBGGm38Y
zq{n~}rxHy~{j%XbV&j%BWR*VGf1dZpPsY~Us$%qQ|7D7}>
zc9ld?MoxhAcuW5s^FPeQ$B0nb7
zZAyL=DuR9W=olwE^PB^`pL-uaL9AtXjGrA8X=i7u^3IP^3hn#@8L1zu=dpi_5BP;0
zWe{yT@zQP(60>cYD={JbofTFa6)IU`7V16{zk4mi{MytZ;e~pr)+WQIERsI&hK48+
zTMc#=Vpk19LpcVU0YOxQyr6IDQbw&5f<(`qU?cz*Rf>{4RMiw8=XiC<=b@WBd!m*K
zwc1I)jt?w*tzaG4AXxJDjIW{aOh7;r^=>ApJVjrM=WOPw3_RPp#cD$kUa;f6{Sw`J
zEuAEny|Fanx^h(tc^I*uSG$VNsM~E1sE%K$z2KpF$3owy1B1;Y)
znXmcDP}3nKK{)%ogFqVqJMI83o#fTf(3kpb{%W9rqwMJy49js2WzBds?IG2xn^eTU
zj`msXpJeGdCf~H+jQEyVCyl(v4sMR2tb3{@w(7lC&d)b2YzM{kUrm6>mtbQ)d$eJ!
zwJOG&A{{{P95&{SN85mlGWXDCcGlnulLHx!0%daz$t-uE!62T_7`AbRLR9oU4ZBiD
z!m|Ri?aKF3V|1KYx2FqR@!-qcrjmKq2Y_T$sn9puqMe&O2rqtga
zZ0)=R>s9`nNpsZ47dQ^!JS#@M(rT9p3E-aZzM2i4;m=2t@j2M>(YDSLc-6oGyX)Jd
zY1qE;(XV}-C+sd?0y#2I{(1jSKbjIc2jmNX1JxYd5L&m$#AEkvSp596vJ1l2oB-=H
zUB!+M1bgiqR1LO*(x#Cc8t4NLmtQt-S`Vh~W?8mkWJ<&JX($m`(8<3mdcHzCYTX<2)EDHaJ7Lz
zF*_j_WN?tKfy}efmc?iAqN(MRETe_bo{yHte04I!J&j6&uMIRWJ?T9NOKb}T9
z`?;FB1bK9{<1T8EKE7$LLz&QU81!sgthc7u!qR<7-(Fg9Yhqq#K8lNZHvisXO)k@#
zW>j27Pm2r=k(-NlaXhSKLFNRzTbq@rcLd1#4cvVzm31&0@3|ZZ8xE$LzVHzz>epwZQQ!$=Ts1;NfoJoxD+luFRQ@!tIJM>&r9Z|FHLOXCS&B^XkV
z1v1O7Cy80JmRaAePcv#%Yo@+5s(ifc6`d8syoj|0I}%2UeZ=#f!l9Gw;{OAB%bUn=
z`Xbq_YT@U|W04*#O@@y5%(X1#NXWIg$F>$_qRBe$@CTgmff1LOkCf=NTk%aU5A`CI
z+?CF*1Rc%BPPrETx7Fb+;_Oty2CdS0j6&7Fce(x@B$*fDj7K#J{)yHDG`RO8L~%y`
zF!3Or7D`zViI{yXXxRel*q7-VvfZ*vWfjPYzlump_mf;c>9u=SwEZ#Y?9-skCG?w*
z*DDlyK#f2cs2?!t0ta+r2U)i&0}gkI^nthOdC
z>$h?nB*RDtFB1+RZwbLOqR~Vy2E-$g-BZ~$Tg-hTs7+ZD1`qGt-BOS2>&fz`4+VtN
z3}O3Gp;+FVb$t!{BkF-?@#?$fdgluXJ3WrWb#z4DgB@2IlJeoM_5@`e=!;)K{WvFB
zD$1kP@nlBCpuq=J8Cq7Og+3&0E|1NCB8TsHnANX$#G)hf=-tS3>hDGZ(sn^!$D0|d
zd9@DQ+Ot2;wNPE7
zN3k0;Ora}+cCB;)*+2=#(#a9`e4-j||IHndu>5=@7X+-ZAUB9ya!A%=
z1!3Pdkj+Y{?909cqB{U6P5Ex-bVe>`(#-|{1>4p^VGECk?l(u+LbL{hC`bWx5v{h~
zd7VylqEF_yG%zF@0j05ehy@rAcq?Frpl%`WmKWTE_8z_?tF{iZP{;>K^(c|pl%VH<
zj%$@wkYmCQ0*ej+KD-_McIPCB1DP$NLk@Sh?n3?3NoKU4K%G=1NymyTN{86#ZrHni
z3mEcYur_(zZ<3KCrMiEC&Amqz1@bw4j0De<6Zli&N}5&V?m}g&X0#L56Ak@`9dsu!7MPwZ`@5qA)fpH%-t#WdlcA
z?)zCjpY0aV<0XvxT0Re4*->ybp9ghwcc2s3{KyQ=
z09gelZ^o?!HrsaJ>W1P#t2{xRabmB|O(^p&ASyB{I`;ImIb{B4gd;CPAG_(d^u&D8sNSX-zjwvj8MS<+fYg-I5O|%V
z^|8hUaNB+LF_RGA3$CpUgfyI%Yz`=@EA5_&aI{dlni
zP$FtS2yJl=S!`n+9Q0_L=)QooY{PU?@()h~vK*isV_tUzBWV|f>)gt3FGeHOw@N8q
zNYBV`R+SG4ShANOvD~qqmkET!l~-&@7f_lM6V@K^5&|J^^g_(fQaSM8ss@hR5V$R4
z{!g~Mn9Q~1b-LZWPU83p)8J<{xq%J!{YQ=u4O&xfG@Ba!wWquP=0g@8Gg)E3?xLGV
zBb$be6nvUJYuWUt;=wCx2SGxfuDw4qD~IRREpR{s!a(`J+DB-zfzcUS9
zbOS2WoQ{~ohxe||9x*wxNG8shraYNMQ;J8=TMBewTCdPYA-exyeWmFwY)SNhmy|a9
ze8y_OjNv`|*csd`+w(InrF{E((#;1zC{+#G*ES{Q{)sd&0rtDm
z#B>a?!6VNo?CDg4==C_bLf*F}ifpt6o|kkPCH+=1?kaKm88_!-Kjh3XNRZNXc#}3l
zCg|1!j=(-jto;CrC|s+GN7S5wY5Cuh@^ABfIrAjbdUjeSt8q;>=rRa2Fc
z#2_?hX1?}V1vm=wJ#~(kje=s}>Q!h&D!_&zT1EahK6B%4Q9jWf
zi)iAa)v|J{3TIclzw#FpytKFS4}7p;fjnkh_H+#CPxB5u`#i*p
zd9hDqgiiqi%_3L|uHnR@_0Q*l4`XABkQ@#_&&8&Q^sw3L`z$@66LrStbo?TPJ+fUm
zDoN0{bkBhc^c=g-v3Srq;H`bpH49|uz5brGT|4GSGrm&t-6btCG2T26!+V%q1l!11LZs*81wEVXm
z;@>3if!(EHcECh@B_F1`z5(+BtYOI;js263f0&51jFJF4tjzduD&(YkhTl=H+-a*J
z*lU4p?mcIH7^7gBh~k%>>&-lBuXFk@Bd78r|1kOM?OakUdD9glf^9!8Ot__mlo#Nt
z;*hZ^Ub`dXDV`tvT6gcRB;Qf1`^U7$ctt@b%~Y=v%D(oL6nrf@&HTG
zf##|xpYAn$Vkl9j6Fl>F$RYeYV&CL9OC&v
zB&oQ(`V67g_{1)lFFEA&WY|81H9P6O=G#B?i0!GaldU*zJlak2u@u;Eo(u@+H7OPk
zpGZt39F;FO!YveSOv%p8R1X~oEJbW_!Jw4w(&k=s1Otn)hTP)BKZ<#JxYVA>HU_N(
zuRVo(LBBD4;hcRP+1k*lO&`&*5gz4AS#RWluDbw?|02pl*~ZAJ_Aj9xfaWQgbDgaK{cqCBgm;$TME)V
zfo~oGg79pP2ZEsf&*whF$3%D+S{YP)C%~Vhr-usp`aExXEL&eNcPHxH^bnV3l`sfM
z{d_JnqSeR2SS3&TE`=$bk|zU49=uFxUR^r?WiKp--{K|ygXntT>yb2U#A#b59!{>esI
zr%&L_`*6m1De{dTC7X}97SS8$6lP}a86#TotXug6^38)2j{Fp&wW9{2-%EM~Ken}f
zsZZ^%%aF#U#HKD@yHwhx0uj&dxxzSlGTFx*aOM{Ri?dgl0&BJ$F}mGKoHn(2^Qsl2
zl85z`>Y{gzYN{&$Nr=ujEAJmVoNoa+X<2}gO_@DY4J3MkvPg9x902wu^urVV$ktq^
zjI031UOZ{gf@x*X8}uuIf~t5pR6K6P#wlL3AmlK|#J~(##_fzpnAsITz>EpNZQoQL)kzE^L{Zq3lLPf`SxT6cB#`x&
z1iT2~f`Y2beqeHXF(QP^JftFe3Iz(B7hT!~8uaZ3qHO-i{4#zso1#Y6bcEO486j((p|`HdgSUMrB2*bK0^|QIT>BYEK_7
zI#q(J^z!oLx!dL9=bG;y3CrVYt&Dik!foQ2d;O&sC@tSO`^D1e0@4r
z@(Su@qf?q!C0}P8ui?HQ%EAhDm|(akC{CcRzy3p%8O*@
zRp6rBb%@;3Vee)>X2eo4k=X2ny+jS)$R?hm%5Zfvdbqrmhvq>wnsR{=t7ewh48svx
z1Rr_Ad^~!Ekt?@#^{q*m-B+&}5K~~J@LLr|!xwFi1EMsj{c7S##1uU;f&=s`|84a@
z2~3DsxDeVj=F{;-C}@+enMbwh=yXbioW(ORCsYV_1_&pi)f!{d0$$@Zf}Iy1J1#D5
zo+wS3S0mV+
zWpK~0uu}rt4=V=0{ag-2X1$AJK*SPhf)kBkuI~Ci9$DzsQj{xP`o4A>SU81uzKY7W
zvUWbq`lx<347c)rWgK?_Gg8U#V`L^`VQ68FG5jD6!vq%E+vk@({`NdioM9d=Q7C~j
z6&ZeNjVl=%wW_+gVp2I>xI4X`&s4~SLVRCvzABV^OX4P!5tp_hyYcbB3k<-BQxSX9
z1sTxZXT`01R>3|M=il0WdhD^1V)>}P_1yh}{6F7^9%*Pqm_JAJ6eaabnV)@zJC1^g
zyl&z-gOWf}O{Mpx3JHl!2AR|Qstbe02@hfN=Eoy&lx{>n!?`nZKw5C>$h(vDU`tBEkxsy#ZFi(SDFOr~Jss2H~XaVQTO&!~gyBQJZw2&Eu5a
zx^#jC>|C&WStuLPBN1oYXXPybrTlk?YEN_iKO43&z2un@*Cpg#7XBG3QMAlyG%FQc
zhDx;Mm?#T6fEHR)t>MtiTD9w%^kiT(}
zfov5dB7xYSyKQ~~c!$M}Jn_#kn0$Zp1_Id6y)}ORQJC6VXY&T*N9zf1QYA=C#EoM1
z8FF2QDCEfj45QQN|G2F~Jw>r7G+>$Wq%BGpU=8*4mZFjU7=yC*eCya}M(+oeuFG8j
zvf)b;O5)4XggP>N#Wh&ZIjFhl;UbVUI@;Pba@X)WK0Y|KscAY%wRDY+m?lbi`Cx1E
zA7`akN#22o+KQSGD3Dusg12sd`$iatVFsMCtG8dsg3=kmoIMlEhgsDts%xs@;o-hc
zVln;vJUnFsB9wvSUv`lJVs0kuwyNs)!5@>1ct&3QT_EM+{5F?IL}NL6w@wmmRf_V9
zON`r9Qg)TgpauI)!#MkMbHyhF5AWL)9!y0TFt%rAj10@2|5%xxo(=}9rgHe}*Txnd
z8l*4=@kw8juDiaDzwf2d8g9#X5VvS$Dv>cUaY4mz&_4`kTKhE2k~OtALqX{>q|JCD
zaCcdOBq^TuPBv7+t&SA%9j%<^PkQ}3F4ArQISY`f3KZPnQhdc(7wid
zjYXG@`0JvShgBi_vcV+{C3=x3Pg$6seU5ujq#VHP^EnVnb|hOmI%O`NzNdJep?dHuuclc!p@oX2ZTl0?({i;Ihm%o8s{U#k5)0jb;I
z^((3{tj1oVL0FRGRorUV(qrMb(2MyKiUX=r)@T7B148Vkc>Tjj3uKqGo=%37F|%Im
zh7t0K3_{Ue*Z)!03%x{#@Cx-o1|nk;$3ezajG_@z
z)qd?8sD4`fWT;mn96~UfKopN%ijQYp^XR3*!wG4`zrPNe9D_~x?2lL6yXpc5q{%
z19Lf)xhBoeJM2aM$1O8<-EjGns47)Ul`M3Q;k^8_zzG}EyB2qYG
z(l{}WcVG~jeiOs7RT4L_i=bb8%JJLS$ffiIi^o09*d62cg?*ef=NfO3BmsBjt;an_
zowmE}>E6Q+N@o12pBfq#f8osXl_N5^oY#OAAI;M1{#nMU3EMG$qN6hGIi%0buE9NEzX@OCswpkqusr{D4Y|94H7X5tZKjY+&
zLgfhtiXBV4%m?B`1`{h<J=)&W3=#xr~jg}S7FQ-e+n!ZFst@3VPgC%s&P-)BL>Ql8-$z;902NP5H+j~vos
zVHC#Sk=~+SKV3}?{dWP95)h&Pni1hIa0PQ8Y8$Jq+gI6tl5eFh9~Y%UJZ+Od_MZzP
zN9Ke8o{wy41ub7wRU!=GtX?P3;Avf-x+RTz_g<9oU$@g$
z^H|qh@9cNDvpd!D5+xbr)&x&F+^-tj>a?XRmUK>b3nlsPpMFQ$tN}`c9@)6))jRch
zJ*qYf!iYaxh7I1TnzsWil-hD;%ImdSX#07ss>v5;e{Q-3X+vB;B^M0ed$-@5IGdb&
zSri4@H*c`h{~7A0{>p$Pn-h#bxNqriZz4ow7|FQSZJ(p0>smJ@Q?(c=dG{ogj^aP<
zXPFX8b}p9?85r?t^Adl`v>xik=WMt7m)YnP|KL*_6|vfBCV93Q`E_PD-IOFU5Jily
zAZ7j(Uwm028MNQlF}vYalA6!p&~;heKMeV4i0<#$s1f)cSR5D#5*aL@sz{d6GKY6T
zLc9KcV~1$N<;C9(^Wt@Q%K#WGaP1gZ{Qt9}pmUnyJf6}&zR3x0nb{+!6LJF7jhQ=J+3Wj=pL{r5y!
zh2eqA`n&bM8U$Eaz#GL4q~BJ-1VF8RnbSY;j-PBe+!auTIeizFSrQ;_32c`Ikq0>M
z>6&Se_LFGfKoDE(R&?io%oIvi501?AXqOx~Wc8RyE9i#(I}DX`X!zI#rK+XbpLot{
zbO2QNhxo(}dD(Mrhj3?xMXL85>2uKZ+4=73Ws-+F;Vg2Ez$xLsdvSjvxi;xRH(*E>
z^Iz1S_bL$-vx-3TK!%>CAx-Fo3`ijjY=`MatQs8td_
z6}+vTF%td?t)}ewdWz=)lAPm)J;?|^24@1YvEKtv%h5Ei3&d(Zavej(a5Bs6(xRNoOB5anYs%Pxc1W7du!eR{3_
z>NU=o3pEZa9#t^vGCQ<0gie@jUF~&eS?GIg6gRHz$o!>fO1Hv)NUdg}s_0AW~B
z*Ye&w8MzhTJA?n`f#GH}B7TZUW_{t~ZSKOfc@0}=8VP?$89v1tSol)`GhrxA4v}L0
zr~{A#JB%%?HgfrNp9{FNyqrdrm*@2E9UZseG;wY6r=j~LN^k1Pukf7hf)q1{3Vzz$
z!ceGbcEBe(Y7dl&wYx}3UsuU=;53H9H&7-hxd`&*Z}YcjXxQs
z>27CdXA7vvbF|HGZf-tUdcqFYKo(mUpS$j9h|c>SD#A}|jOB!T5a3h-cckCm_p4*1
zEJ;V8OWl27j10z{cz1V3UWl0&*ZSYbt58Fj0V)?6fnb0uV#$=bYf0dq4)jjR$>NEf
z@-j0s+t2w|^P7sKH?hzH3?v=KMUC>hCYS?kw&YeGu#!lA!ORrx`h4{PbI#g%NpwIX
zFeqi^s2g$jG-YXzH_2y-vtM3Q51?iwe=fSL5K+LTMo3+*Il2ecbG+!!hNJtxAjOe!
zL5n;f@GY*McDQ60Z+*#tF9%L!AiX&a6ij4M?O%`LAM5|YB3gh&0cL7&VomX{VS8Ji
z%pD1*Ku;9d<0QpgIfk?(@R8Mu%bW$luz4Mx4#%mZrkei#YN|*vLXHtQIlAYE$<2+I
zG-;4)9u#av{vohcn!_+9*`$aQl}9pWr{Ub|$p^(4&X`IVFdzb=DK^D?`fWTXN7IoF
ze$kp#JNJqdp@}}ap6=+~2x?JB^F2Lv@i0HP_uZdJU~dc`niyPq?>)3w=3QZ!dEpH(
za*&c@&%uR%4FZqe_kg(vEGGfs!*1Rq1#`&d9^fPv*)I=O%>)xuTf$2N0SYsc3bNjC
zPLQJ4xvejHu0JdCy-bmoGL84xZUE!r^l_v{CH*mZ4xWXfgwIUmM`2
z022iwvlxZ?{yc(&86%}1Lui51HfKeU*T5)(`wd@E!EJBXZETV5Y6oWQm;d-&AxF$v
z&{O(4bd}<*M`1qv3o>5OC~F6Fcp)YjfVydQecV$9c{SWKvE30Nk3ep*$#lDJ%0
z5z3LVU?#fJzoEL%AIuCOxmU*_HB0b;z+bQUl){f6_k8;JjyD^mmlNqbL@3D1vq;Fy
z&UWSI`o)=*ufxfWvb4r@*IzSZvisS&Ai&3#VY~=0hZX>fkY3&z!z568-CPeHgFN{B
z#0{Pt6VGe+XE)=tu_W3lKAyzNui7M1Mjj|Aa*D0po@M}l>9C)X^4r2D}J&_C(8Gvah0cN9e|LL
zP9eOiw&r4t${a$q|3YNB&2-S^1*;4o`?U5{YuIYtRxO{nJn?YXrH2HP2@)g;%UbK!
ziGl7WU#GFpPx8XykI=&d4Zc;z=P_Hk*hO#V)1BQu^69Z)vh-mzNbSBW4fCUcJ`YfI
zO#wgS)&u+MjOTx*p8-ES4eeL00&l8+GaKqBFQ2dxNIsVAW#i+n`@7Xi7XK1c;aigh
zP>tYBXhUVOXY0qvHr3K+>Fb#KDXlITyLdw?Ft%QMS9dkgN6X1;^9Z1
zwjQ==SrJtYgZ09SKaD#@w>QaOhU(~~EgCch2=(S}r;p!e=M7d3+|(gwQ;T}d*SkDB
zx}?Fp>VaMn*@x$yY4r`gf|duL06vpV9XQ`5bKBeb=pLATW==_z!YCtZ$64s-$Cr5PKD@22vuLnw%^uiVOvBu^!>NI$OthQ8$~M76hzY
z5l@94kR=YB2c1hJl@fDa{5V~EaQBog)L
zk%pf+?-Nm_L=x5`B!g~d`_FOjD=osUFXldHhK7;6j4iLO3Q`eKXAg`*R*g~8
zP%q`;2RUkEmdD{sfHbsJzbxP8=U)Blvy`Z`pHV}BNSw*TQ*5~8LldW*z1u@3>xlLK
zP@gZ@2MB_NUsl$=EP~$kwHF}gshF4qCjze(1u58u%Ez5&i(-
zE8=4*T1XFXwyHcY<>zuyBO)2QdanDLGk@#A?PE){Ls3hZMddl0~Y@&qn;u%Rz&DH2>v3EuXQBBRJ
zrCXx_El53VXy7^tA1P9oGMs(gq0@f7SZ(9$ZStAq`c$2I&&tfbX@m6olMtclR%KIV
z5X7^a7*99{!z~E*bfyoNoTNiMShdbGbabU>!q>Rg|4_n=|LFq>3@E9=i6oWPS_5ex
zOTnr$w{B*cU(*{PfTcWY%U}HKG}Gxj+JR>7=wZGkmsjhHywAgNmj;Ycmw%kI##Ger
z*R)s{i{zkYg{9R0>d4c%8;&1UC)wDL*Nkce%1>oJe~vqWS3veP(+2O~
z?A|1)nlVu!HCj=V7p#|8iOE?iiyxeH>|db;em$W$6P;)OTs}dE7~>2HZdt2``EY1G
zCd+4jOIxmCI1l1IF__vGWjVzw#p2?RNG^y|b@-vM8LW(Ngq}n$h~HlSQ!zW2nVL(M3UTN!=PO
z`Gt{Q(Qs1eiOf3RdRJhOyoq||GcjIA{}Ct_;)}*=j7LEabZ?6isXI$e`~^_bIbJ*h
zRo(UM4+sP&@uKmDZayshyvA3f=RATS>XrMP4oY;Y>@J9j*N#Pu$I6?Z4I@?gmEWm%
zfwr%fRz<>P&=TW2qU+Ov9kaYgp>9FQ>VK_lio)GS2XuhgxELi!-b4xIHAmr8K)?_7
zSBiu6#HNO{Jd*o~H{2=WzvBi){^tIMkzxR_>flcEobn+R`Ha|&NYruEVPW~!YLAY5
zhDeEVcuaHjapmN5_?=
zXW;{4%rY7E0~=DCpL><#?$*-xy9;8kXSyTgv%DFI34-&7mY4Pw|0=Hk9os))R#YF-
zvC()>^Lrq2;J7IJavk34oxp<*tBj)vf0`;g-=h`QgMU2JexG{CrL%n$;-`f6amExi
z0VMKKq>%DKLCXGnN`M+f>8T+Nlo;cYK?{bqqC&14M9UUby&pr#jvx-FtB7O}?R!0p
zfA>AzL``hJ+z%h@)C?>B5s3P{+4K6o)ed^2ACJj72AXf9KC*GW{koxE|CD>(vd#i>
z<@*n5z4r7Xi$q;o2sN0w7%Iq#fdWjvCWs%Mh0iA_FZ9^87Ub3S
zsvzkLdKVW@&GxRBw~CkqM+{4N9MY7sy9APuKfKcVI1NR5%1MN^c)|TC0bN|9=|+q$75Tn
z7QC)_HF{&?Q}Q9rl*rcVm`gg8CHeWC%f%}PdS_5&d%qhCUXsWeYjKxe
z+-f7={x&Wqg}X?^h{lxFq4-6GM{;Y|X`>VoYVj}o^Si9?Z#kzzy&@D|^3|zTj85Dd
zQH%xmaK)w!6?v{Ky?cl>maw{aPqy{{>{L$Z%uNgZHLkhtZc|+FFz2btY;F>2mw?iod?yUw%kzgUc$9EyZQuGG|0=-EpLFOCWcIQmD$Uv*EuYf!0hu
zDyiMH#${d1^_Xw3rk>`Vzj2dbOlQo_bvxf|S$kJnG3?fkRdzquiJtiS{d&&ctEWLB
ztJ5Kx!Mr+as)q7Trt78qpG4(vWRl*uDoXW~$GQWhclCE(i(ccP9ey=^XA$eV*Z+1_
ztA=-9l}NUVTNARjwZ_hKow)uS{-<2KWKVB3+nD91x%1pTD}^cAFUoYT&pL9-aHUMq
z;u*j)V?+cpTz
z@70{P`e;^ov#)Wy0I?*
zx?Dl3?;?i2@Hr37j+s?+CTDBzZQi)GVWWCo-NhSbhc>T>6F
z{p-zd-q9x?#*ldStHCqIvyXS(*uZAnQ|a(|ho0G*gPY&WO?|sD=CK3ZGYJq9U?%eq3**acWbuGi(Y=&T+Xv>ZNX(!%nd$cV-)cD0SW
z9B{3zRO&?EI#C9Ph*nXCL|uh73>>RBh{3ojU@nsYN48`lD^ST+28KgGXK?^e1wi6n
zX)iq$o*VHwRQg&Cr}hD_L%)u_Uhg}<=Fi0qiM3yE2rt|3Z=HQ(LtXXLsfV}})+olT
z-!tdPR95dOEfl;Kj?vRz8Lj*S{A(#Q9YxN_D0tFx&tUv{(
z;MP_RwxSkb3hQdr>07;lk6!?s-nt596hY}t2AJNCKArv^lCZoVOKs6;+i0}Tu{%iu
zD0AX><)Sn*?^QW)h^T}(O
z>t)I3XQn-U9(-=bTl-%xe7cuO=grVP{r-B4@$V0lyv?pWt_r&TieZDU86(3XE)e3-
zMj&7cf}n;COb`TBgr*d(4#+@P`u%SC{qJ|TbiUth*7Qq}L80*d-tY6ad&ca4|9$?I
zt%5Du&dd#yonpjALxIUKMqC<9{nzMQ1+x-pAi`F->+o3#cb&*@`8d&7&CDZ#VGKav
M>FVdQ&MBb@0HLuG{r~^~

diff --git a/web/images/vesta_logo.png b/web/images/vesta_logo.png
index d3ca5e9f762918a562d9c2c34a344b236bc8c2bf..4162c24481cf2ac9bfad45bfbb516336538fe89f 100644
GIT binary patch
literal 5918
zcmV+(7vboMP)Px#1ZP1_K>z@;j|==^1poj532;bRa{vGi!vFvd!vV){sAK>D7PCo2K~#8N?OX?Z
zR8_wIpL=H}jgrt55mZFQ0xK4Z5^RXLtLXBi_)}T+*};a`0YR`mMN|-F0lT=csG!Rl
z$|@327Xev{fFLD^lmMZm&dj}Mzwg|+$z(_ZLKc1R<@5J3_nzC&|NQGYQAssGkM7z)
z#7Pll?ZfVF$y=!;BKnFF8jn^#Hbx
z60N@z<&G6cH4@9Z86roUtaeJmFXH%5=KLBQ5vb@37sWOY0!e`kTd6M4%vKQK7F<40
zTp0o(UTuzR?SOBiy@e>%$+QvL9Vt$9f>`#2Xb3HtUW01KflYB>cd|rN)5UV4qS8i*ZS{^F0rVaScdc0ZY!QosEfVdF#ep-Rot?c?
zC~&uOM~PTtTuBLdBw_{|O!793B2XUtL3QldF}7KTD;jK24|i(W
zNRsT&A&fZ5>yO2Dhe`yRW?AVF=n4tsZ(1k(8AF(9rAQTiHGh
zLamFSsE0ALq~mVHfvsZO?abo|gp0u`AO*=ho2l7@;7Q=Y;C&FOTj~3-Q||%!
zE$JY?*aw9Vt7a_E7_bZYAxOdhQt)1U&zHdF;KLxFSr(LfV4dJC@LBL@HV}5RW(aU&
znA$2YShsQdPzdumQFb3R)k24_fRKKGv_2GF^qd4!E{7HmgHWIeDh;1SA=QCkxlL`P
zuyY}FXeE4VJe2)2*a1GZKHeLVvO?(O?h;pRfq6a?&%F`Xw#`Tj6{HDTW66bvR_G7s+$6YKYz$2XTp3$VcejwX-;X&3k@
zSdp(`=QFK3#q4?K%>ZuzDOle0Umyj(p%Q)_BhRG<-3hWox&Kda5=c`GDTk7`4()InwEHEPRwVZ
zH3DSEP$-v!Ibb6AvGhO3ff4X_kUnrWNK;Jh=X0ilm4Ryb06%g4V2P%s@LvVPTU
zS-)lxDE8(bev*QHBXrcc2lp5TbL;uRGDEXdtY|*cpuIT$srdwczSg@jfM($r8jXgE
z=xGWym7vLK?QQM{=5md_P1y!kFCHa*!
zk!(-AC;ehP5|8_&#i7+B*h91ozEBBTk}S}43czClxCd-63vxH%#peT=xlB
zh*#W!`{#-ix?7yU9pXmbMsRf(2FaT^mV-gi0nfe7*;kSVN+JQ8tySCr=*Qc6o8`c7
zqsgYZBIv7F0XtOC%*Nc08B`3C62T6psoVr|AW@4=M;{`1Edw+n4D!1Zf%vC1u&W1}
zB9N!C(S~P3BL{-rV2V$L4?RaB?sf^=-=f1;LkKHN$DkksY#4;363eyT)`tthQy
zo3F8@=X-*UDCBjl{~Dl8rNSq+l){-dI{AEPC;XSQ7U{@05Xuvh7MLb)EY=`m%!A{o
z9?i9+1aqYha$lv6#~^BeXHlDwY+F6yqt8S;a$YlfYz!_IHaba3UK$8*SjOz@m}eQm
z`jsmB@e{qxQk)9<{*Y-7&p#Y6;Gv%;73Jz|i$IM3L*V+IjF36Xuv3a6aTNUy1Fte@wMPn*
zqaZw80zF?tlSeScpg)TTwb%~=*Mff0;7~zRZX!;AqmLz121k`??ym|@u&Kq1;NRYZ
z|Jw}ygzbUo=uOa`8=*D$4A4?%imf|Iy^;_JLwAU5iGQNb`xqq5J@bvvh3?DzZ@v{b
z`VRK-F1lD8cPXsH`;s0i0O4s8=xGqlfdS1A{i$!ZD0%LC-zTyF%=I?Qf#*~6230{$
zN%B5$B{C882PFM1P3>zSizeo!ek-u1b`M)pluR>tI-*gSHoZjlh2KT6Q-E<PZNVF@Dx9H%lSxD^c9$XPa7@xwfsU0#1JUY
z>>eSSJo-()qgiTXfJ0D=&h$2o`J@?+w-7!k92O9UR6!Oq`~gBCva00!H1-UOALBr#
z9p{0+30U=$(~(Q*`|*ywke8kaULm!U9uT{DH8f@nj%~$fAXw2KLjbd6``!pBhfUW$
z7lY|EJnu9Nq9LM#&tl-TLay5ruhkwt76FL;XR!k3O8ry?!m}mNOM6(|ArOX}8ZglY
zWG+dthFeu-io!V%eK5^o?#dM*@qrjkJ}X1W`HdE{KK-i#I-w9wBbf2wea7kX*cb4r
z&KKgkt3YT~bgEeUegJXRVKUjRg=buW9nS9HhySRHA=pbXh>&!95ft8~8C*bHNed|u
z!G8k1P~T5Gm>SUh^4j<`ht(KXg(?CykA?eLRgl-mgZ1ghz`Mb0FkX9E#9+;qMG8OX
ztxhn&Wvx1%{zOVSSm-#u=n`WN4P2NmJx>N*+7#MzA5xNYpgkw!_d2msP62V%VRHE_
zns^2@-b2m58lA7!AYh8~g(`~o+9C~-G$@J8ex@nY9%?P`z>a0WL^I4Zhx=@&8TN||
ziJ&>B_R)`4M$Qu_PDs$av+&NU6>G=w1Bd3F+RHLv1{sm@LuR*APtNXA
z(Xsv5Dbo=Z83$886VJ?r@aEw8FGvGB3xV56Scvt8;=YXFZMH1mr9ljc@>D%1B1txW
z)=ztAio1e-ZJ4I>Kxq!IWt3hS{d-pgM#+Og&NKf7^tFTFL;(d~oj3;Mz>TLLSCoSn
z6cjtV(7_BYnn7c(k>dLIBh-La#l5GN5^+_b>`B!ix-5Z8zQkEG)ZKG?`)%r;xvf>-
zxg%A-xo@g_=e8(4cUuZ_%;2447F~JnCGR~GY&+qlZL06gDYC8PWHW%g^-{~EI5J8N
z&3afpnKfMv%4#fyP?Q+aMopUc^|~z9e|?SNNB#-)HHB7z`Q(2R>?F>ruzvjl=m%-+
zTf_^czP>uZ+Bs9acy0yvgD2P|D-)*n2AJi>&=7XcV6k)%LLLi&b0UB?7bxyI5NXY|lbFi`F+HzI~VNvd2jk*ShoRuX^3wH>+R0&o`c#{_U1i
zdNn#>=U}nzNAM24@D4}8T6BByyPi+sdd{f)9tQ4eNrjd3DPk4?IBqHf75Yhn2Urm2
zcd^5n<{VDt=a+ykWH`u~7az17^t;sox)bKjtZ2pae?XYQ^6&&J8vZnv%(FWvB+jvl
za|g_2cbLb|U@BXpeL~LYt^;yLb*%-8Ph5i>CI%%NHep0SsGRp?;lM}xP4#tcWSDib
zemuMV<6qq9=bQ#bZgMXPs55ZA{|+)|Q)>o69xVBrL~+2Uj=ir^ENajk`z1f$-_Q@n
zr$dJW24$N?>YR$-xW{Y5DXfsmx
zH70$x+^x{&-$8>;fHpxJ^urKx8xWrsBSIPeW1yfVjb#LWIa0UdUKFsw#Vr;$700PH
z_{$qiBzMPI)8*DSpP3uvm!!17xn)IexPf^&XL$G3GC>dSvdPRy`t&-R@B^qs&GeV5
zR0sI1ejuY=l0Ma#jS4{XSmJFO`17bo6rNzC#oxfD4Hrj$fS`pb1gP4<1jC#LXimIz
zh$2vmbk
zt!Hm&l9qexPII}|&Ofayaxjf?VG}ebwtzmNM=RzQk
zS}ZkYAf4@@l$-!Z%fnqbW60{;5tz5mAJM-FyCP-4S-PkrBZFli3KujKk93aK(Or6Rcg$dA71qy~V@RXNGe!U0z^JOy%<
zi0^+nIDZ3zjiO_eE^Fi8;<)Z!N!>V4g1ZNZRrnZuZa!WcCKB&%;RBWGbY9c%O^_4O
zK~qUOuj%r)FFkST{SvT-HA&yqmu;%vc#^{n*OXjKu77Dn$hN~C-ppdSB5%Q5(YrG%I3wBRr1_U_{PK;A@ToQ^-x2~1^
z=KqkAy7x*U|LDr15B5w_%rG@d+g-YpvvtFDGQZD*Fwd$Rgpi&Rh=dx~;(`MYX@R21
zEp0yIN{yuu{GXri{MLQ-lJ}a3cHH8w^6|>{IilPT3&Sa1FsG!c8aC$}Jd456xm0Xj~6+iJ}v5QnSz0R2lCdQh_t(3anb@K*oYgD|C%!BSaGAX
zpbwle;ZzynFMSyckBz`BF6wLujdi1v-8)FlpgCp?P*s}4x8el2KN)@?#+M6uZ<=3P
zA!;hiv2-QOBYBL2p6iJjLH`x341BlvXT(R*@!-4C@>F#m-H(5q%Y{s@@3&ywNA@2B
zttBaWJ_K9KoNDO4D1qp!QevlLEL)QAY!X}N-#Tl+SL6S6dFvB1w#eGPHy1$Y_hTS1
zRp}4GrD1>REz|Ftz9hH#;)S;jm@DDvt+?+K7~gex->_>(&mH&jily6|vy)!Yk6p&q
z{i2?lK`r2Xse}J!>%o^9L93@{P-_@@FT%N;t~1D-RLE!YgIEdL%eG43nfZeQBio9!
zpM?=>DhoQ)Y^GhzDLD}0m(f&)_;+CBT-iW8(0Q~dbPGPrf{DrndwtT;61As7K%TZ}
z4fE_SLC{nm+l}E{7l;ni$9#>pmJiIl^Yso*R@&E`nmq|7_HCKGra-Q4-VWCwshDE%snD3!szN^}5b
z$6vW`wK6k3K3qK!X8Q$%3%%fb`3I5N(s1V|vb}yAXzCTXE(D)F2iF}34IPWYfG6@g
z2-cN3XgdwRaFFg~*}ac-R*w2Ap~if5GPK+;WOUVi&#P!X?*DrzJ)BW`709p}=;EZH
z3R(@t4vd3v{FQ$c5JGu{C|Pl08_*lk_Nq5YE*E%BFiqOsjJESi1*_d1;)MHPFyvqW
zK<=p&RB806o}9)!wWS_>73V$6K@FS6dMtyepK-i8%XR;!p!687|2_yr_N7TMgmgpQ
zg-#8LRy$#mIWf=;!cp{~?Y>y73EU1=`Y0l-NDsACD79FNPS`
zB4U0QVU)M@Q!_nsr$Yt1VgPs(0G#^ME&?3~(OrOl8JCCaK9x|ADM5unh8q593ml<|
z<=?;HdVz08V4|f9ele(U4@a8mVOJ)usINf`O1}&LtBZ*po-36vgn2>&~vcqBO?DRS$H6$*-5$h4q9tmGsK*iDcq1j4Rn@%)fA
zD`~`xV{jk%XK4a~{v@^JZzcUMt1R!Ufq}@s0gNB?r_Y*1^#A|>07*qoM6N<$f?&Ed
Ad;kCd

literal 4075
zcmV=8cywb0H5{!u)43~0}O+M9xWAfAS54DT-kcbcw3
z5>x}yajo{8;o9S-I3-L6#>0gPcoA>mN!*5`wRQuMk2_l^1Im<)bKu46cnxlxfrLhb
z-Cb-;C9pwKW_Jp=D_X?{c|2YoAJvy(x0qly67EJqozCA2LxGw@E$x;Q!sqpb}x^M#qBys%E$It`bcIhR5<2;t^z@vauCGY{%939l<7g
z(o&5FqYPURgrTX$kGKg@aA7xsEl`6zC>)5X*bT#CC(6*f-e5Q1a8w+jOkzGU$
z_X?`)6Si+tWs}4+sw072&ao=3iiP7V2}_@Q|KxUPvlbj&fAE302-iv(=kPf0qTL6y
z`gL15y|AM*l$H7B
z=fg1R6=ju#C0g657^nps#J6~-0e2%7Q7AxAd+w*0jC(NyYhajuM;=}YbIuP@qn+og
zFm2w(xj5fasUM*bsV8Y!ZK7uVBlP+9c>%sE)RXzZ{p~5k%
zp%w;yL4T+)4#zSWsKOQKrvUV^4duYhyab2}}U2ejASVF-$
zPL%usQBYzvaaf{JV(-e(+mZ9!WX{2Wj|vWC9tg#;DQ0COXB+R~cBuOBUWZ~M4D7-w
zP+?qzN*Gv)qr(JyCR7ugubpcf#zI*{!L3#G%k^B`9byUA1r6Jkp)XT+G`(_vc~VB(U!py
zn2k>TLmO_Z2>TK`d>Vwu!uC6c<>62fdEnRt=G19IRcgVm;0k##@8JbKSoS|7Mb306
zE8h13_+7j0xduvehgM-{sq
zU#(KL_sG+k@lcUqIOg0`zdv^uuUEkb>tQ)Rm9=TdSv>xlV|#f&KQL;Hm6@l+Kv|hX
z-dq@_nTUZxA{J}M{D=+{Y&GWM!3Lb6J@+2VJ!=pz;~d2Qr-I#FJUE)p%%n594|V-5
zUKaZ&WcFmSAcKzI0Ws%RgLe6{;M_QgQ}d
zGGkB@9eoC&i@qkzv1{eoQPEHl^V&`zwAUqctCRB{^X<7ZZ)}|Ky)3W2R1kVk0aq8O
z`tbfwM}@Y!bS*Z)z*b~IX~JF=M<5E>VZI!w#htAjY-23J7CC#+p_A$4wOEJyxS(;-
zxuR9iPO9t@ndORtiiqENgn28qf^feiz_Cg(^t)|G@f!0(!!q-}6lD*9YKS@H{i+Rv
zpJ*3UU!wcI3|7+(lPp)wU!hN%RV*EO4#BO{=DSKd{1iI5oWE;Pg;#N0KLUViDQ5-gC0IhL>QY^^xQ
zUW-F4@)}rqV$t2tQlWm);&EIA#l7TdbnpvQ)l&9H1p6+X
zeKWT>!tpY4Z>Je?=LK6$e5!##}gf2ZrW3B(_qp$#_{i_YVzx2YiNBv3qb@TLlY%PCA~>
z{amOfi10UVBnWMY%-PAlnN$<=ud`65WFG<5pqVGe()LmPDw~z9*BR!Im!dIU7>4iW
z_12@3HcJWhW+@t;4AoS;|8bUIH{1mkX|S3Hwe#2D?s`4|)3tU>aYWk(>vvoh`Z-Ho
zh@piGS~YN+vdSiLFdq^`bAU)^Y1M(=a4v=HY8O7qq-6PiySkwE82~;8PE1z{7sP0
zh&Ou(+gY^PhAPgvmNtKIzDhGVq2lLog`CcuJAk%-axMYKz=ufuV^X1-$_(sh82Aib
z8x0nyYQ$_UocmF0xmR6{zp%k_ANvi4L$!Ud1({sjI7^uicM-x~s&OTA-=}o^hXixK
z6pid0S~TDSOaCsF<4d(_3$pKJY$hntF33Jc0YmT-VXmc$^Eu~y_ATNye&h8vn_m(B
z!iUEJ)f{H$&p{BS*4vy`S}RV&WbA36eGp&c+&2H(PAB&skRWBY489*djgY_AzTMeI
zfLDmmaRT>`a|wkYIPT%=J|DrD!Pfo2jbOF4;2J(G)8+1A@xPp}q8XxX9RJg-{2;b-
zt^(SeK?NTL)e^k_>#!XcK-Hr!UcgUHRA?Da<8dWk#(Gqs5S;F?-`~fJpn6?AzLr4s-!g5a
z?Ly|`pF=}3w@p$wtRqyr*3oz)--xb8QFgD;ul8A3(1Q(K&9cy-{U&%hL*kum--m!U
zp?#ld!LoI25>Hkxb2;;={V4ID77Nv`^)$V4X;un>lt>__%Dji&OlU67qnxox$Xn;3ZV{!YPWARtFhtD?!%CrN3aaLEH#$8m}7JQ*5={O4B=0(-JtCg
zg3V*i*-4-tJQfyqqfi1V2gWmL;^{a3|IM
z6BW9Y{r-waPUrx|EeTh|j%28I`&Q&9nU)Oo*)6&fmG(9Rc>c0
d)c)1({{XhxKy{KT0qy_*002ovPDHLkV1l0t
Date: Fri, 8 May 2020 19:43:22 +0200
Subject: [PATCH 0933/2300] Version 14

---
 src/deb/latest.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/latest.txt b/src/deb/latest.txt
index d84dd49c..9868c416 100644
--- a/src/deb/latest.txt
+++ b/src/deb/latest.txt
@@ -1 +1 @@
-vesta-0.9.8-26-13
+vesta-0.9.8-26-14

From dcc071d8a8e0618eb32a4df79ca78e68418ad7d9 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 8 May 2020 19:45:49 +0200
Subject: [PATCH 0934/2300] Update index.html

---
 install/debian/10/templates/web/skel/public_html/index.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/debian/10/templates/web/skel/public_html/index.html b/install/debian/10/templates/web/skel/public_html/index.html
index 4f5bb724..9b8789e8 100755
--- a/install/debian/10/templates/web/skel/public_html/index.html
+++ b/install/debian/10/templates/web/skel/public_html/index.html
@@ -18,7 +18,7 @@
 
     %domain%
     
-        Powered by VESTA
+        Powered by myVESTA
     
 
 

From 7c3b9fa4547bc432ba4447135bc2fe9400006807 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 8 May 2020 19:46:33 +0200
Subject: [PATCH 0935/2300] Update index.html

---
 install/debian/10/templates/web/skel/public_shtml/index.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/debian/10/templates/web/skel/public_shtml/index.html b/install/debian/10/templates/web/skel/public_shtml/index.html
index 4f5bb724..9b8789e8 100755
--- a/install/debian/10/templates/web/skel/public_shtml/index.html
+++ b/install/debian/10/templates/web/skel/public_shtml/index.html
@@ -18,7 +18,7 @@
 
     %domain%
     
-        Powered by VESTA
+        Powered by myVESTA
     
 
 

From 26bf021da98511d28feb12231b5b57553bf7e994 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 8 May 2020 19:48:45 +0200
Subject: [PATCH 0936/2300] Update index.html

---
 install/debian/10/templates/web/suspend/index.html | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/install/debian/10/templates/web/suspend/index.html b/install/debian/10/templates/web/suspend/index.html
index f2d04e1f..3815354d 100755
--- a/install/debian/10/templates/web/suspend/index.html
+++ b/install/debian/10/templates/web/suspend/index.html
@@ -16,10 +16,10 @@
     
 
 
-    SUSPENDED
-    This website has been suspended.
+    Temporary under construction
+    This website is temporary under construction.
     
-        Please contact the technical support department.
+        We will back again soon.
     
 
 

From 60cefe45a79ae73804b7a93e08036568dcb6c14e Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 8 May 2020 21:05:31 +0200
Subject: [PATCH 0937/2300] Create hosting-firewall.sh

---
 .../tools/rate-limit-tpl/hosting-firewall.sh          | 11 +++++++++++
 1 file changed, 11 insertions(+)
 create mode 100644 src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.sh

diff --git a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.sh b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.sh
new file mode 100644
index 00000000..eeed37ef
--- /dev/null
+++ b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.sh
@@ -0,0 +1,11 @@
+#!/bin/bash
+# Changing public_html permission
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+chmod 755 $docroot
+
+exit 0

From d483291b64c8618365fe4c4234522881ad8ac7f7 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 8 May 2020 21:07:08 +0200
Subject: [PATCH 0938/2300] rate limit tpl

---
 .../rate-limit-tpl/force-https-firewall.stpl  | 41 +++++++++++++++++++
 .../rate-limit-tpl/force-https-firewall.tpl   |  8 ++++
 .../rate-limit-tpl/hosting-firewall.stpl      | 41 +++++++++++++++++++
 .../tools/rate-limit-tpl/hosting-firewall.tpl | 38 +++++++++++++++++
 4 files changed, 128 insertions(+)
 create mode 100644 src/deb/for-download/tools/rate-limit-tpl/force-https-firewall.stpl
 create mode 100644 src/deb/for-download/tools/rate-limit-tpl/force-https-firewall.tpl
 create mode 100644 src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.stpl
 create mode 100644 src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.tpl

diff --git a/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall.stpl b/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall.stpl
new file mode 100644
index 00000000..37161c2d
--- /dev/null
+++ b/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall.stpl
@@ -0,0 +1,41 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    # ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        limit_conn addr 2;
+        limit_req zone=one burst=5;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~* ^.+\.(%proxy_extentions%)$ {
+        root           %sdocroot%;
+        access_log     /var/log/%web_system%/domains/%domain%.log combined;
+        access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+        expires        max;
+        # try_files      $uri @fallback;
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+    include %home%/%user%/conf/web/s%proxy_system%.%domain%.conf*;
+}
diff --git a/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall.tpl b/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall.tpl
new file mode 100644
index 00000000..851ac0dc
--- /dev/null
+++ b/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall.tpl
@@ -0,0 +1,8 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    location / {
+        rewrite ^(.*) https://%domain_idn%$1 permanent;
+    }
+include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+}
diff --git a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.stpl b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.stpl
new file mode 100644
index 00000000..fd1f75d1
--- /dev/null
+++ b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.stpl
@@ -0,0 +1,41 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    # ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        limit_conn addr 2;
+        limit_req zone=one burst=5;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~* ^.+\.(%proxy_extentions%)$ {
+        root           %sdocroot%;
+        access_log     /var/log/%web_system%/domains/%domain%.log combined;
+        access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+        expires        max;
+        # try_files      $uri @fallback;
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.tpl b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.tpl
new file mode 100644
index 00000000..b2c7d269
--- /dev/null
+++ b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.tpl
@@ -0,0 +1,38 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        limit_conn addr 2;
+        limit_req zone=one burst=5;
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~* ^.+\.(%proxy_extentions%)$ {
+        root           %docroot%;
+        access_log     /var/log/%web_system%/domains/%domain%.log combined;
+        access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+        expires        max;
+        # try_files      $uri @fallback;
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
+

From ace4e5f20b00930c68262627b630b7dac9bbd645 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 8 May 2020 21:17:22 +0200
Subject: [PATCH 0939/2300] Create install_rate_limit_tpl.sh

---
 .../rate-limit-tpl/install_rate_limit_tpl.sh     | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)
 create mode 100644 src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh

diff --git a/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh b/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh
new file mode 100644
index 00000000..483b54d4
--- /dev/null
+++ b/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh
@@ -0,0 +1,16 @@
+#!/bin/bash
+
+grepc=$(grep -c 'limit_conn_zone' /etc/nginx/nginx.conf)
+if [ "$grepc" -eq 0 ]; then
+    sed -i 's|server_names_hash_bucket_size   512;|server_names_hash_bucket_size   512;\n    limit_conn_zone $binary_remote_addr zone=addr:10m;\n    limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s;\n    limit_conn_log_level error;\n    limit_req_log_level error;\n    limit_conn_status 429;\n    limit_req_status 429;|g' /etc/nginx/nginx.conf
+    echo "=== Added rate_limit to nginx.conf"
+fi
+
+wget -nv -O /usr/local/vesta/data/templates/web/nginx/force-https-firewall.tpl http://c.myvestacp.com/tools/rate-limit-tpl/force-https-firewall.tpl
+wget -nv -O /usr/local/vesta/data/templates/web/nginx/force-https-firewall.stpl http://c.myvestacp.com/tools/rate-limit-tpl/force-https-firewall.stpl
+wget -nv -O /usr/local/vesta/data/templates/web/nginx/hosting-firewall.tpl http://c.myvestacp.com/tools/rate-limit-tpl/hosting-firewall.tpl
+wget -nv -O /usr/local/vesta/data/templates/web/nginx/hosting-firewall.stpl http://c.myvestacp.com/tools/rate-limit-tpl/hosting-firewall.stpl
+wget -nv -O /usr/local/vesta/data/templates/web/nginx/hosting-firewall.sh http://c.myvestacp.com/tools/rate-limit-tpl/hosting-firewall.sh
+chmod a+x /usr/local/vesta/data/templates/web/nginx/hosting-firewall.sh
+
+service nginx restart

From df8c6bee41309444f10d02393ae8a8c25b018516 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 8 May 2020 21:32:00 +0200
Subject: [PATCH 0940/2300] Add files via upload

---
 web/images/sprite.png | Bin 57516 -> 57521 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)

diff --git a/web/images/sprite.png b/web/images/sprite.png
index 72fefda2db8a3e6aea0200b07d4b42f3abf3c14f..456ab6f8d441083a881bcfca34a77bb118374c79 100644
GIT binary patch
literal 57521
zcmXtfWmsF!6D}2?Kq>A8in|r}0>Rzgi(7Gr;_k(*1P|^G#T|-!fk3eo4H_Wa{Qmde
z4|!(K+3eY!Gb=OiJ10g>MHUmC6def(2~%DUpn-(+Y8eUXb?iG7#GUWGeu@b3%3VWN
z5~+6P<1ymmt&N1T1QJq162_A`GU6KTo1DHo64Hmk|9-DVT`ImJA??V>10=M3O#bDg
zekWUMxton|4qWLv+k!-LnKhv(@vmaPE*e&$YVKa$FHL)!7I2Q-n>ln)8q7qDYhr@l
zUxE}P&-qGH{yQC4QAah#hY_c(uAUwR?(K)|Z2c++P)W-zQkdw{!gadN8{`KC*=YF=v4^$
zc4((R>^RSTrf7ZLz+Dy2$iY$W3l#%o8sAbdGc$j_JIE|F7KjS+ANRKluuAVZ9Qv}>
z>ohre;8*l5y91x6+KKVg%QXu8P{nd<$D1aKFfkaEx?i}zzr)@#FnQna*V+zMNyXV1
z?QCpJRS~_>Y6!Z&Fkf%5jMDRtDR-^LUSO#UpyY_F?C6NmslFG!xxLLv5*o>Lt=<-Z
z1my62<7{c7G&P0_@wT?)Bng!L9BF8*cb;DP{>Nj8{AXl~1NwMh3C3@l;z<1X;7*Ej
z)3rBP^bdTk)p0W*yW)nwBW{`wg82qZ5`Fd`<)vc%k7pkvvu0W4&`fHC|9ip57!ra%Yim_QeteZ8ijxyjT3
zNh9Lh*$HFmxeKZ6cJNC5_BjQ629_f^%`HuAkKNQOXk9>=<0niutZXtb;+=~JTzPZq
zVO~)NVEaUwna%ZN+0KUjT}(9obWiR&c7AKjDAiAgoOsHMlmhCx_eO-V^X-k!up~|I
z`KqX@<05jJ;XT6iH=_%|FFOv`>sPY2YnmLffl{)nrFFrN&IUL0iXIRCe`s#?pY|dc
zj*0q=RaSzItUF!L(k-_CjNDuw6>}_Pp2LBwD*OG9eX4UIct@?lkDR+6!8X%X*S~ti
z2c;T2K4W62q?YZ3;ALvJ$u5!T>GIaZ5IHmyD0X^n?ZEQxR$23|$$cvc{x#?e{5>C5
ztT9WP9zec%OdmLj4`Qeei}RPp`{paa9NxlB3Vek8`RkM*-J-$srudj>Kqv#5037>V
zSlBGvjRHqW(r277gC+U*DiP#A+Rb^N5k0bZKN-Ll5hL$=yfHmqPBNCC6@jWYPe^I3C3|FSy#3%xN`iLJYXk>eKL<-Jh1%%VY?H~
zbofQN?lE`UY_SXcu+0`yM03y--aY^TGkwSFcP!4!E!YArpNzozBll3$d53!mqy&Wt+J9t&i%lM
zeHn{VjCN=Vg(;XLXv$f$HuA`Z$XF(Qcv#X%{APU;*dc)NpUnfS83f2vu%CU;lY1-h
zLUR~FNGYsu?|KH4&@PAfY|+Iw^EdAr%?CHMjEp2&(ni%8wUpD!7U#Rp9gDo6mw?}y
znmYO_cxCZ;8>(!Nyn$y>Q!91lz{YSX^IrMi6t}L-a!4@~t?2KeXSyoZQl;TrauqdY*poS3JfL2UD
zK5r3#>g7@tNY0$k^~^)cYmSdu#R|lPY!fC`ffU+;ZoOczl|FVyxbg~={6bt%qo#x-
z;O~ddzi)KaBYesLU~FUl#$XFG9NTd0{rPSrbL?Y@NRi*9WMWV>}$_iOr|dghCjBcJsk2cybs#MU0}0m
znMW?<1K@Sr^vmR^wPlm?pO-LcmjAXZFO>0f;da{iY6QhE%>scyFxHREz%bz#>ARr2
zpmk4H!1?2^n&x{l@45QaJ#c>F?qKA?P>j4p>^^O&_hA&p!K90+Ca38W*zh1A&}bq#L6RNow+HMM4yF78S`gv0vXK>K6*o+q65>zs
zn3Bjypxl4N@(gP}y`IG)FA9d+;U?sIg)^gisZalA_d5ulEdfd7dmPKgf2F?Ja`W5Y
z6%uM`44ZiX`}x^CtND38Fg-=9v<2R2`=!4G`P`J-^($x2!<{U#djgw%Pke?Xo+^e1zQ6+n>wH&j!Pj5VN>RHUEo?
z%WBrHf+iC?qh?vW^{%*NlGt_M^^{`W+}LHY-M1SgsNguDIO+)Q5)eknW&m(G-*h-j
zmxEDyNfW#!?^q|$POchTs;vlx<95K0YL#{*czI8KI|T;zY;lU2v)#f}r_M=)P-A2l_VR<@tG
zVE_6!ev-N#R?UUHK^+b&UxNXis!7Ep7d5lFoET~%+^0z0rhsiC6jNyI+YJS-QJ_Wo6TcTS0{y#
zH;DaInJ!>}yv&==vCIpea=z7J`mZg^YmPNX*t@p=&X_lwuR1UnB`HsdfAfk;=p1}E
z=U?ZG#Y-uq;1n>RK+Ets3eFHm=xlcJDPY
z4yMcrONkC=RwNgVwDs=h)zdPQe1ZJ%Rc)htsQy$w2t9
zir8E*3G#_lpGy+Gdbp#73g)YVsr
z{dXCPtBe0#?|z--dPU|?DiK}ZC{WczvXEJ?&$;GEvqh-4=9v$;(yn6LmzMcE6Fum0
zBWh3RpypX0xbo|Ncf>Bh-1xO3XN4`|n%5J34<)a0^d$9g8Z3^cR5wr-K*}eMNB_4PSbfq(~>_?9aw
zOIsgx;nOYe_|61llqcDutV8{}urihgIuotx(Puu|(TAtQ^9z{pkI`kZ+C<*SB@Yje
zEW_Ivd0Pco;wEAAciX$`Ys3u+NxUa>4Y)}Vf5k+)IO%rY9S?6D6~77-1*6Od{Ka#A
zPID){CIcgE%i$$@SJe*+dcn_-s79-vQfiw4q4PS`lmYl~tOMUX8q1eRj@XN07;fa2
zNWEwCLv%mEU}8*TRK@&PZNpBBeiXmw*|dsNTN3SMk2y^5niANkO6e(PB_CEQuZc5GeK{}luXR+I+pLqeah)!wn4AcrMJE0E76Gg?Mx
zJJ%=55sWL87X*Lz>eH06O78*g?NmO_;s&QNApH51ygVNq9VA!j>l2_p@A2LC!ou-5
z5f(V-%IKQ98VMXbMu1Z-g?_S*t%um1bD-<%>j5sgcX0ujk*yd(wkdosPlJxU(K2&W
zk7;bh!{0vQ|LJoWq=kXknSlDM_VB>d7|o+}gey$r53=1@FS?$uQ^k8kgjfEYPbfGQ
zVP-U(v2k(IX6lTek{L;Ok|kx_-TUY+qL&6F_DS!;f70k+rCkVl2y0ohwIMhSabbV8Kje@WR{i|1qdL-yu0ZVCRMbaASX
zNAl7$Gjk2)_t`93)K>d|v5WBWXv72Lu9B*vwS~pl2e>+-jkuJv4LO(Jk0VRWpRq%f
zzsGk(KOf-y7cTA->kh0hdQ2H9&K8BCPPcpwC0z0TGp=PZYqmGC$K6UB+MD!g*mJF*
zWUVgM$6gk8**lh%21e*e8}Yv|Pv#wM_&lavPJ}2wvf(d|>)cM{K+3V5xc7sdEAU|gzbE|IJ~Q+Yyzr2OhwSQnQO>b8abz2`8-Ey*)=viXr|0
z9G#ua_Rp>ZonFRa9PkI)+K_iF7g9!2OiynnDW0y#1GF;h_4w+O*|F!CnU0Q(?M0+`
zkfi{Eex*?llOps${f5G`es1vn8mQ^Pw3}$YS8zUI54Y8372Y3-4qj;}eVx_-RM}8n
z6ALAOFLZEjHR$j{ApH4)bVJ**@9U$07w1t{Z?04JYO368vn7yrZyr=Xy6Z#Ppi_-m
z)an&-d;ZZTa%e&5Lh3qQ36}z`4EavkD4|6)=F(vPan;f>LQ_G8Iwj9T
zkBHF}@t*LeRl8$ZBEhsdg+2tj?}uYr7=rFhTfnaXg$lMJl_wg#vkn&h)eNGY;SpZ1
zIc9+st;rskfz=650@P}R+NJ%`2I-fMOO8H8#1Oohp?7QRtrV!bjS|F`r-P2V^)+UL
z9)d(o`hi_5^}}L!XnaW9)q&@hxwDZRy8#Qm<0yw$e2U-ygG`vKe^s@kByNHlg$VnMkDZW
zK*&H{Ktr_KiiIr73{R$NlRk-_tyoYxCJrcThUQK2>P1jpQ^QN>;k4BYI}c*jz<7Ia
z8tB1Av)bWOgbBi}s9?$`xAnsbN~TIIX!Zg<3b=4mY(?xP@&>1&5ArX&
zJ?A~|4}(4(rWFR%$-qgQdE1wbkb^f{mzXnVWv69{jX$MeK45GD9({Ct`xO*PBQNS83{0;3o;YNLz4(n*Cg9<{%x1%sfhO-eTLmLG0Zgo2;oH@1=s8A88xtl+M_29J2!n}&keP7{mmNC
zjo1#UE&nl(lmJ1gw(|tf<=)`S_@h`Z5m^z+aYYNqDlUA6jKUf~F!LX1lB21m6qE%f
zUqee<#pDyV8asMo*%O8-FS|@W^v2PYQ|EDP8Q&3eCHt4xJU{Y_owB~ukAXe;1)Ga$
zwww#s4}2*go^ZxcbDiU^*H=TTFVNSJZVn$;~;Rf>Ck}Kn_Nk@v&`&0Rvs@zgDc1U8P>A68PH8+g8;gC0{!y!f*<~BB`C@xHl45b
z=2-g2;MXRD2#vJO
zx5Vl8VkxfjJ|1=QcU44~zD)rU)EFptHv~jtN|HJd-Zd!OJcg}OcjjYS>YrYj@Zm>(
zm(Wr*fY*cE;En0p4nPC-;)+`76I^3m!om8)Kp$38%(}Vj3t+{v_OwidnUaJl<0+@z
zJS|lj0@iZ{qW=f*J>H(;0W;#tR*x5E@tZv8VwnX3?m2s)Gct*K4uFMk?Cp+2wp0Z%
zK=coup7ZBzE@h`RY}e9+rhwLGaw|k@K^D`fU8b6vngbmJF!S?85>FJ|Q(ZSxU|bW(
z7_d^9d
zw>9LIDQkf4_odh^)F1$UT$yPylP?nio(2)Tzc!{H_-Az52S|Xr-8%JRE9m(Y(XU!}B#a
zYH2w^1{6(D=YQIAUS4C!-&9}AeMj$pyLR|H8i&U2;YwWH)pZ0Pb%S5@n0lEqKTZ*8
zF7r<#JLdQ&H|ews4!+vrzJH^?Z{zW=6S6*^OXH8H
zs&oC0=-}xlc%v;n5CA?c=GU6Hq^!fmVG-F{rm*&)5)@(7%LM^0>8Xyr2fzFCg^1o5e9$IRu7ju2!y(X3|jaK4*^~(A5=x5i9
zzUuH2<4i_IDB&_5HHK;`;UemYG?8)#tH#&`fjVZ;6I3v@hTQurgwgSsG!WVs6s&t#
zG1w*Zv4)s5=yY+C{b5!-$P-p!>A$F*#=hzBgf_jO>(q<4aGWE};&Nzu`|BA8Mn=Ke
zuw-s|#nrmqSVST~2vJbWdPYGGS4k%p`m3%L@)@;mICAAj#_$u8Is^gr0Vr*IqXS)<
z7wPy+55sPwcQx_hJjI!n!9d6D*1uNnJ!;X4AMEuu)PBRCo%fRmE>#IM`-bTl*dG68
z7VK2@`)KItc>?IE2Z@L*0bx)R;hXt4+wBjsgLOtNd4ys&(|@uq{Jr_8b6!1JFmYHLtab@kyNpCjQ{4!SNTwwC8sB5gB
zrK{zDg~h%ad1d)8tG|
zOGfJsdWOZn);2U`fr&vNDbP_HnnF1{YTXqa7L%6=mb$W~D&6^+{A1`M=X+F=!QiL8
z&-O0-6Qda!8D+6XqO#TEUEe-9*$OF$!*yY0cHa+cw%Rg-?jz^ER)-I2eXfth=Vd}+
zJ&NXK(C_~cBW#AiL-)8{;Sbv3+gSJX#5N9j7hzU?uz6}PG9vRtGu}jlC6aE(FO>ht
z%8dec3JlN5;0uKT`w8oV8$qyqtl+!ovfrA850hB7-!^t5bb~GbqDbROe>?+Y`DKYe
zZRMy;YDMrtZ_f*idEBv|1L*8;!J+RP;_`>LaCH_5RNjK4ytuX0BunX=af*WRfiQQz
zDqj*g^91v?9MGDKTj~pA=NMA({Ay~6Md+2=ydV}=j#!`&xxlwCU!Tif&k7}d
z=ZVIb$LIC1+`hqy?)|gTbH9_mj6f^2I1nTD<-Zl1-uuj9ZrO%s*xE4n%fO^!L6^0QZAS-Sz|L7ez${cIFErEWYoSMSh
z*Us^lHAO8B2~Q(>p|*rFe4Oq6FhSrK05v1-D|OM|%Y+OdB+uEdB;J(Tn?g-Pnd+Gs
zXq`Bqns74c#_GohK;Orlh?K?fm>I5-bQ)2v1zZlsL=lZ^EvLI+|+>xRx
zd}V66il}aLS{s&jPZ-
z+sejJwvj|~MFd!nx2G*ElsFp{5s0n*dwyQBt`F`vPfLN8;y{X)#9%yxJ`zu&$Zb==
zfSY!Ey5VppJwMM#1^QWDo{PYM1qpA9Erc_&#+EWTJ}n67ygM;om?@h8TKMf_SD{`u{vA;l%`U@S`<7IQ(zl$8Zc
zT9VwWK(`22P;5}{vZaX3cb^fo2&Q+Hrex9?PGtQk>?N>wQ~pC5(hZ#{mk3LgoqN1H
z$4fcsI4oeewZUCUO~qw(e0WVkW{@^l_!%D1Q)+Q!?$Tw2U(MeIEAZj9
zrJf4CD;qhhHK_SiQ!IJlBv0T4R#o3w>V5w&r&fd1xMeTBZQ3~X<5kMV4P&@@I2naN
z+if{d&{)ml(gL6l4k6JJZKhK(lCtM$9L1=W)TC0Ysu}Z{kusWV&SlK`2?E8kx9^0;
zgY7L81^oPknoNR)goQQvxQSf%eU`M(Cz)&GopAgurY@@CW@olMr{K`^F@FZ78RlB^
z;;ba6!mAK`ox`CA??$vL+Tcy2r(Oef?QxoniqOM9PdrYJPvn=p8IcJZupw;*Om)`)
zG{qP*+@4fpk&n@kSb}kI|0?bW;Q{o2u@Ftw=MD}j0hA4DYgxSzW7j~71sT}d3IDL)
z>;EFh&%W~1#|+W1K9VmB&Yt?<`W+vQ80Mo>Dj~m%dubKzAD51L3W}V<6`-6}q_?11
zDvgNWn8cjlrImS{P|#D$aX$wl_dE^LXo&hP9o)Ce(JQIF{pT$0h1W8F7()hzyZaEaY3hG!3SbDAQAml3g&8$!F
zAXN$6S#w;0c-B8lPnEpj=Z+-LwYpxBa1Ri*==yNmO1EtPrpI$z;wswAxj0lMAC!&9
zQt}J;cg_`e#MpA5f6c1PsT6R&5mt4qrs-&Ru*j(3@qq(OKa@;tB*f)@r6Hu2C%!;S
ziAKw!jQ;Pofj-m~6!iG|zfx-DEHCE&tY9IErhmJWNfCOP<^NeC9ddY33c#<_Fazo6@zzO_trUMxd`Mh9fn&mZwCx41p
zo@00!@Un$@t)mHI{+>Nf*ueg{lzC=#Hwwi&yeQw1nx-CDELjrCSRQM)mM{WsTzc;^qkww!Lp27S%f@qq}1kE-y6lA#JEOad|yjz
zv_ZBRu->w6ulwS|>}kO^kH{NItG(gmXnNdhX7?j~=BQzm
z?@UlAUe`k54`tAq?s
z=XVdx>Hd!$=v0x!jj>J1%sf$6wUOH&r5_>kaeNJ~|Hf{|n|@n|V>nxcqoqjEZm_k+
zkKM!)hY3h(z4S+}X{vpt#LF+ndUft3iggP0Nm%XU)zFVgj)9`_braqe{s_3JR?(6g
zNKnuL4wF@go+xR#x|i7%>8{G<@YtQPa+*tb1yaSaFc;%Dwp-AniVtZ6sz&1ZKE8%b
z>I>xh#C*#_)^Onq9TxM?0hNsvlR&abM3hRe_QwJ9a{%c%WJg-%
z9G<%a5R-u63rKn}XUU>hoK{HCb~)Z3m|M2v_*_NU2fvZB!1k7wj&OL{mU=I`vwq&9+(w7|Kre=
zlH*D`p>B1l4~#e!b|h+CYAn(xRzEOZwdl{Q^7&{H3t!a|nZBiH-CO%66CUrzSv*WQ
z*S2vu~%-Ho`BFkOg_Yk}H
z>a6Um)}ilnBDFmWh!4>p7pHi;iHcim#8h}NXmA6i97&#XPQS$m{x}t1`!&1D=?cSc
zpmQCLvS}5uTZXm}bbKH!i}w3->t851}km%8%%3IAwAINg(*;_
z%21Yz4kdqdkNLj#xtQe6g3k!V!QW=tpS7y@W^&cpde8w_OF?bsU)1%A-cdx%t~gxG
zO=V*+2ed0Z&0Nb^n?(I64+h2g`q(fEiB65ES0VZlG5oFE->~XPnCQ=WRJNn%$cHg1
zO6;Nejdd+2Lf<g-&-G3{Th%)O}A+g0~z$rNW+~4|g>hQ>h1du8nWk7EC9RW5fbc82EO0mCsq4$OgG_UU3hLbn@JQ^%
zEaMhLexKVee~JK+`P~rMV`Te*vR(+L>vV4YYo%*LEh>6R73$LZkq<3%*TW5i&VODK
zvhUvY?I^vjr9!cv>
z;w6||)|#eQ=6NJjeyRL@6KShux7t)rG-^82Mv6_8=+mIX?S}UoXqHHlB)f7$-#fF|
z#KytKHazWU#xKA!iNDYP^_l_XpiCt_%=^{10fcfg%W+3h{dcx-j&i=4zV}nyUNIpN
z>PgaeJMOaUp1r(P$P_@;o8M_O%a8pZEBHiTude6Tk89S99+9thtQzdMxf#n4*X~ES
z95vIM#jN*<+qJ$aOsoYg?ao5+;{`o))ILdq*&KN?sN-90$`%X7D1$B7hW}{?=5G>w
zoChh;)PgZ%KyL6pIG^SB1};?xhK;apaNBN1$Ii6c$)dgw{MWYKcjAr+qHd_+J5BJb
zmZo8~T&zHM&;3c>5)&
zaW~^LH6wqd0c1R@2Z)JD>?-IDe+&)dJ}mesUms9Ok7R2m`O-O&2ji*HGl^%xua{&k}o|
zXB;?tQm&U}8sK%grdX@r4D-rpDSWc!Jl2fcqn_~?@S`WoDOTU_Ck>0m5I@1C$v$pc
z?MI|1UMnJ!?XyV$G-Tq5r
zsxNp(Bh?+S-{oauN!CIZj4SwPN@5T1{rNDc4B-4NU1$N#yt}3%OsC%EQ9oK2gP8k|?
zzcSx1`#R;2!N)gVnxKUFeMs4s-kS=d_!A}m`oL^VaZ)YIMu0Z;vG*s9zmPYuSI_vE
zoTxaQ2acW=5N63GR?v-D9CKFKyR3w~)w&P-+R%vRKQ`*f?%1!I)TwgH5j@%97_Ulc
z4Ip*DG8l6
z;QP3y;RN?|wMu#4YK&KQa)X1SS?~_Gi;JUR;6h3;DKiVgk86nTUGdSNZ#C-jxoOE!
z`Mmqf*b>WukGxV&-5(tUT|E
zpHJg-y=ecDb=d;D>zz(^`@$loAsr9urwCVPo{=teQy(%cLJUIw5K6b9`0TbHhcm;JoV`HjzGf|v8!3aY8Bp+(0a
zoS&ax;g+sAhvY7xm!0sPZqAR#$vjb-U@GQh-I4FQYsAp|Zr~%r=2AI)xtPzjzHMJ3
zS>;@BWF+FM5Nzw9MMiI+BMv5_b&Tm-TJX%!lXy
zwlFZ^*zWDb3YAMad;(QGc`Y#6{7$!In5)q&QzvohYS&A)h!h>WJ`u%ew7yf)3;F+Dd>AEiF|sUEEmSdYif77L_3}I2g)rvm;wfqiT`{~>
zXJZCpsfr}T3TUutXrr?*Z;7mRwC7CE7CgPep5sQ{(FU2QU98$
z_D?c`&Bp)GSt}en@-6T`hzkZ-8mMUpeZ;iz2(?l-ZaT$!i!t3xnZubr&<)r}|K>De
ziM=xaR=g?1HXBpXykzYTl`$Ydr3Qq1P8nzD`gesaX=SPnnZ5c;Y!!b=y8>;*E7QS$
z7$k*l*t7HV8t$qh&O-zP&U9@3pBxXQNJ7*InzH_IK3of^x6}{aENiZs+JH%4;2&~A
zsJ>`A*jMB|%SVv8DvO9ceEuJefRW$T*$G&yVg1SHNQvMl1fd+b$GBqFR5N|$WhyiO
zk3T5;`K2YV2SAM$U8l8Z27YH4v2Qb#MfDmT8<9Q^Ts}Ck2Gz<`I_@8>*IYMpAV;YgE*4dkW39*fD%g9C`M9^px2M)0*ZHStC=AJ!B-J(yW0iah(IF-
zkQ(!%t6{DvAd^5UjmJO=)sYfdsWatB&0sC?KNIY{7{GWO^4w^3LXdIv!fgJv;htZ8
z35*53fJd6AOTg=?88(l=(;vO3rVYtK0VnShtsmBe=F$?*=P?re?ZCgT9Kk0FdQlgL
zd3w%(6YLpJwrOg+ad1nG;c@)>x|r+M@|+6l?P)po0dR)37MZGA&<;IAjy5$d<_+qH
z=w%LK0B-{$=Fn}+ib*kzY@(WrOPwA}&4__bwo{04;PpB|!f(p9J}L620%CV`;FH%z
zuF%os%ROq#Wl;Cy9DA{q>qf%|`_p3rNRV4eQ<~5!B{85Svv^O>LyXYnd{si$&%Yuw
zX;eK?r-5Vrk9j-++c$JEi|5&8zRgzzxCJ2pCj^Mj)h&>8>d}hkD799tLYNmAwc6U`
z^mQ=2;h3QX@hO1d-^4$^sZBmHyG>Q=H%;*Z%L`kr4V36LRnX(uf&IN_6$xQ1jt^nh
zI>n~iR0+sS_N45X5tX^f5OJMqvt4Bly<=)!!b5@Jpstr_$e#P3`rQN4Iq~hl6(dEI
zz$QByUA8}k0YygllK%o0BSwQ;Ez251sV#+-g(ygPzlw3d^G|Ub1`$rJfAXn$105pW
zWQ4qD_kq>9mcFo_rTSBTJ2gudk#Ia4@P@avy;k5BHL!+1H?UTewb~SHt38R!RF1QP
z=)LEq9j8tpfg
zMWs1h2`P|q+m#xqm{Z=Y0Im+9mQsIYSNl-**SydY+G}#Nk#~qmhDs*p%7B9cZK_B;?Pi?qyR>Iil~}QrzXy#;3rWpg
zSEvcS0TBd{`<29s&~UL8+F)mLF-DtF)b$^~4|Dca5&1UV*BkQXI^v&?7yb3s$n^eh
zX2xmQz5?j0UrReaY24O`4}=PZo}PEZ>@1V&c6cw>X@)WY)Z@H@xlsZ-MuMTnp^SWU
z#G~*pa?@|kdS`?%%vfD9nNCty!PpsGg2G}5y>b5G0veFb5rGX(X(KTh=|S|-|BWJj
zEZqjFONZC#iKOOAe4k`AGe5Lc3b$H4VK6!0M)DZX{yU{n}MFt?ldm
zb=rtfM;3nFDE@bs+Mwelt7DW869oKvZR6>3_`j;7o}QA742|=Y;sc5e9!9!hlIL;W
z318LW!vPULSoRW#nm*x1SVOr)Vqy3TI3BfFoQ@+q5G29#Vhy%&EacLm!as
zPGhT%%&j$_*{Dtr;i#_wl2ESz(Ju;+7v3TgXjnH*KMwmIGOD8n0{K8JH~q7Qzgh`r
zXRR$;&)xschUd7Es-?C#nzOccU0PQRCqApk#>Oj|KCa#}WDe1BJn!aZ$K4lG#ZF<$
zMQfxB133JIAmV0n%DrQU{))5=Y*toQ?Iys8Sw64f^kReex&c`U{|p*HLbs!}?J{eW
ztx@WsziT5D6h1y$>KfhHdN6Ga%9%0qXj;SJIJ^6eQ1(3KPGa{QhtIcdw^3p`i8{uZ
z^S30M9pluvxbhVDl5Kt*7=I<*7YOxpA}$T?NUCPm1kHzfsH8pjRWq#3RpC5<&NI5D
zY;i=r=mQ=PD4k;JGX(TL9cz)Xvo|Y2Ltp$ALHd<4)%~ZGydO{PfUY!THwrTAtVU_j
zSo%wEiqnUUKu1ZBt<_bh$Fum8brHS|cuB00;EChc+(EBGf{4zBy1LK
z6c*XA1V{JPvnJr6Bo9sle0LLrvzeYD%x~d$$uV#Tph2BxI>m7LYNQh7mOjFv|=^qnX+97{t*o$eD|!VGyhr5FxIRn3z-;{Tin)my_g8wo#Hk
zIhO^k^nESlqA2Wug6N2vOpvLo#XMhp0QTq3gs$uxY*buCH6WR>`lzIL4KdPZ&qFkG
z<7mAMtmunuhWV->0I3kdt6|D)Ais>$~DQsyU<2X5YC&IKKdlO-!h!UO$sAap6JycHX-mN4r`P1Tw7=
z6mep*v6q_Dl^#$~D?xdByXQ9>mH(itLHT+A@VFk%QN~MX{-`;q5LqyN`XNUf-x&Cq
z@c^vveG?lSSD9JN@)N|IP({uGL-RTnp{OB(y8BHXu1c5hGX-ycMW$ie0aeu=@J1LI
z8dj8+M$jv98Z5NBY%>GeK=w$U-rfsw9KD}zg@1L^lYJZV3nvPTXY>DY!R2o@g8U?j
zetP0qzU8RC9gLqrhCo@`7L%4edv=}?DvX+&Z*@i!Onb?2Quj3MjhHLH
zV|d$Y{|o6-j|GGHEx`ar(N@!j`LlfSvv_SyYms?+RoTw&U{q6<3hwk`rLE&8dv)cw
zt6&|#JmEr8YrtzD{zSs#?}a)~lXZOuDnH?R!PJZK8tTMqVUG5Bb(|dc3+0B-^?Xw-$2~^ef_^V`WPO{)hyQwr{
z`2fBwG@dbS%xZEYHss&%<9nBxULO^+Uk)WgQkV7*FbN2{qzPt0eCV=sH?XtrVpjp3)EX9W0nI%UB@%
zhc2i77Zd&4Nx`OvPunw9*?~GoT(KH|0&4qi{;qY8oiWT=erzBdYDgE@Gn>BgWM-o7
zms+{L1l95#7qws36>zhLS?t^PsH`Y$%abG>e;Ixg4~(5v`}P-^P38yD?j|mPHwQ-}
zDbsKf|7yuwbs)B(NGcMzaVW6S>WuT6EY8Ul^NSuw*FRBedAs4*z9yfH-@b?Ws*n0l
zrarH@yU0gF+Ue0*dfx-E6ZU(P%3XvK5|JYEL{ID5@P
zn7xqWD9qBI1;C)-dcM8E9h;X&Z6HX>{+EYkEKwTR|un_j7ivTy4P#~ClI_;6VT
zxKWm;atH0roC+jd8%mGhJsfoMFn**Ct|V^Xin558hqp9n`>^_7Tyb1c&)C3)&}R-|
zxh5*N3$}#ptClQ+Gesv5o3zNE!|u;F^kU^16$)=9)6*{Vq+|%ES9m>(j3p+%(8#tZ
zGAkJF`0p%qVty2;?`)Gc3MOn^^qDMK5d>;)5|pa7I&B<)PUgR#*w4N1wz)g&g-@6d
zM$R!3ZsZGl{hlkfrAj~r8>sh#e^KW}(k?maL29ow1dM2NN~mhjd&x{acH_Cr7B*ap
zADKzW{+rsh=z#b1=|Vz6M+3Vw#~oXjhZCqHsz3(PHUtg%6<3#VIgc><=!0$s(Oqk`
zC0+iQ%M4ZP=kG}~Bw$o|kJiiT0q|uMyOhN*A-$xSY(td6NUZWOR0JD2{>egmA3Y^OcJwV$
zCJAKJP7l)iC45HVjq7kVmdY4)ZOp()X9?9)Tysm>+3!9N@B~LDBsJ0-QWC5%ud|OwIJ(
zIJ=bO_3w2}9;CooWbU)8*}go%_-85n)&9P=Juw!ZxYML=tcVim*?)%_*4}o+F2nG>
z{6B`6-0z_mnr?Yg+L_vT+PkEL&7Ar?m(#3&Cf#2k6>~i;J$~bEVyJFhSp2m&m_^@)
zGReZs38Xy(!s5l$O+nAAX1?tTn*m?Dxzt)u-pD%{opu&3akwreRPLpIXr^2kd0?%r
z3}0Gkb`^_Z>HU{SSh39e%u>SqvcJ?mrIp`Yg>NjFpc~fX?%m%Q#r}w17%eXbZSx~A
z?7yGFf#}|Qr|dHn^6Op#KP8=x$6{;uq;i~rNi#I>ji4TXl1LRj=i~%32fqH)#EWCe
znJ|uXpa3j=cX>bX2EZL`;7TxnzIe*g1|87eX!ds1*5rHhh6BN6-6OtDA3)bL!qNUI
zQo&0_{ER=?wtuG?R7=jPmTomog3L@VrxDwH
zX5mcHj&g7F%XFUn@MBDxB==s~wl-cMydunr@+jDkKuaZ|QQ%;hm5Gl+~O1z^R*}_jn;BF
zJhBJ72fxeB8lB1{-m5$-gjcwy{*Ri`fat1!UxFJV)Q8$V-LrA^qn@5V!u`MZB=-#tPrAQD
zC-o*%bcq=?x|<+;AHw@Ghm(01?SNRC{nD4aL=^gIw9t=pZ*VWBTloOuS^Vkp38uaFsJUqNfHJ+$8&}B-Oz&aIACaqAG{jd-
zCRBQ7=Iq!#_prwG^eu2;OfdzF$*HUVa{(*Tn)qC70sVtHyAC|qWAAcDLUHM#G6{XC
zxD8n%g_D2dr@eZSSdg8c5R8~nzCxT!J{wx-B=PmFZQpwtyd;j*9bzO1*eGS;{kRg4tzED^YbdtWBHX|kFW>tdTDZymEDoe^bzTl=GDq%!)+5rq^qihzg
zuWO)F@p(Hb!%hD$$yIvzUyq#T^$rPW5N3=W#QKYRn>@(SCo!H|UA6??+RvuPKJ@RE
zI?im^ZIO%*a6PLpW`tV0`!nQUG0TU1i6WKm7D0vCPU5gPCl})0eQ7S3ERw2RiZGke>jn%K46ZY=&ovvRM{lwTf6qdL0keYF4P{Rm1L
z(UVMcH*w%mGYX{kkr?Yah6Itpx!5weN5wWJ*{*yA}lfdSncjWAFLSZM!_xoDW!&8^xS
zhb5`;78Rj+Jh4hXt{1=hc?w?*?*?67h6aCGUbv8C=U{-tPm{`XXpoL@E<>g)mIh@mz-2muuA1&o~NF)Ea`CIn|(35RAsGGj!U2`OD!
zVgFJlcV|H4x{_^YToZm0BQ<-j%9`+?>bzzx{L(>)Fs8X9FF7
zE`$o7Ng+4OJ>k>im9mkao1MefCGFteqif7R4`gt5Ujg$9Y753rjE~GZZ6+)ZOX7go
zNcdal%Y&;ZGpC#f;)D8oU9g~|2byc^8tK*o6CQ5|P#NC{q!kYW=gRK}8%T9S*
zQ^1hWqR&0qLXB`Xoy7ZP;`x!-xyCWNuTv$zG+wp*yd9~e2d^3%HMYDLe+P%3MAk2F
z*QwI$IGZbA#(w?l~S1ks9~UYeCu
z1+jFzrW$NqsPJU~jgg7H6)E+}wVwX71;QO8L*i6IU3}tHk
z&+Tn*?~{xZz1A?h)_5Vji@FK^GCwZ7X7Tsy#w`R8hlxYyKh>1~;hLIo5YTWG9AgeV
z7u!Zxmy$0dM9aUDEVC5NUklV^tUs2(k(94=Z^=Z%)-MkDnkQOuEWXcVO{H_Ek1!de
zCfrkx>#zjSxP`_v(A*;FZ2wy;FpZA3o6FsVc(vzEqKvc9j%S!1^q$z|&4kLyc){#cDCipAkh@EHb0no?LN>I$DEdAr{@o%8-%rF&e;om$@{N6KRf6v0&E
zy84|Dj@j5Ne4j=0rv!D&C<&);f5}A^w_elMH&8WZ9oc>k|F_30VWQ+uaz8riN?otm
zd6W_8Bf8(6CY4SLZU$6d%jSdom;r%-8QKYgO1gSIy7)IW7=lsE7E_tly1?~Ck$C#k
z3Yq+9&?HAgx4xCdsX^iCb5>AgnND$2_tMEHDz8n&j1#PXbfo;19Oxd7Fz2x3>3x{s
z#KIWQVf0co$K9A$w1}Fv;3#Zc1&D8E^F7I~tSl>dG_~ohGM~C#?LV-R^_QJ3#f;nJ
zJ^#I$B@l-_lLU9!{q;@=W85YHNUZK**`-5V-5XOiEF
zZZwC-^mW7Du<#32!edw!67LAecIyI(DditJ^N~
zvSOEnKG4DdcQ8sZF%VxWB|tnrG3Pwgpxm;k+X1tWbhVL8%H&7ozVqIcSyYZe)j|*K
znh9w)xIQd1`70OJ>2WEcD_@O{KZq2j<{xF!p>q5qUp|q>ZwkX#&b5KpB2+%pvP{+L
zpAlBa2oo3N>{7Xq!>ZyMKMtdLj8-@v!6m7yLIn3q(nzh{we(C7jM;rGkUS)jKPTk?QuqMXbRd(6|kA>MEBKR!^ob3lr?O)Eeu4MRAk8MrJw4!
zf|qO5I~DE{82A`%!nGh;bFeEc@|L!{9^iz5i#JQbcfe6vg@|EHfRgftxFEfU#pplU
zq$$iYGwVX1rMx*962g7{Wz<||PJe8s@jT}lF&~ZgA_Ol-gaVOa`o@c~OeC(tP9g*+
zWJ7&jB&A83!lO}eT=Li!rzO9NJje}>Su95)lJY848Dw&Ae=nK@B5JCF-5<49%h`S~
z&(7VyBdA>0%o}GN`SteoKFb!zhUSLDT1Jxr2#{SDAzi43+e{vtfxgmRFJ61>pn-EQ
zK8Ssy3LNC{0eal+)os@$))y7^0Xft#{p47*DX}@C+o8P
zNIdKxguG*>cOKnvn~r-Pby6TU*I5}}m>?X?N0G)>4#~GeU$F}yhb4n7(ABxr?~o98
zg(libjy`9^*#uznKvPqa+9W$fh4W}{j{t38aImDQ$*8P|?ucSQUf0vluaWnY(o%G2
zvm-`=uaEB31&^MAO0MA3CcX8qpi2d;ZkpkSD6V7D-T@WZsQO9KQSdW()It{s=pgkL
zWKidA2rIaqn{j^PR^U)^PtcZM484k#G5}Pxos?r)!RQU}#4l4|Bg4*XeDCXho<>DA
zGfUZ^Jke^^ALD@d^4IF_SqZWBk-?c4OP#74&>~0JNOM&fCmd{Og=*X_RN09!5$%!?
zPVB9eTSEMp`uruhy3G6+K_APBjkVWqfw#_G7d(I`R3DB*3L$64#@Epx_>M#6^Z;Zn
z`->l6%$7JFo2YhiNj98uog0$Uw!tFBA}hxHb~6PgQi>!39~gDVaMEVnpWkcD^0kUC
zC5W2$WT_b0GqCvJJ5K&IV>TS0fi41%nISc2RGc(FV}OXd)i$SU1J^aa0WYf|
z&({&8SptpxF)lwtoA+$~dS37b`%JrRkz`M8+U1kO
z=(Ia`e{8%-(9^xE4S8H>yFpe_iAgQp@-QA)>0+WRPuSe#Hh)^bjbeGVH~C8XW0$M?
z&Xox`@4@N%DdvBWHeG$`B<6?>rH*y&UplNG
z#FlWAqsswQ2V`|NpZZPF_`I{dFOIo)-w;Zlw5fSw{4=*{(P`6VUKZZBy5Q9bX+h8ruW#eKD(`bRDl#%Rh
zFR_OiN>`%neJr9@KYf_*e8_Xw`2g-pd>g0ucR_le13dc+|5yC+K=8F>a6{Gd7@<=(
zesn{n9Yf>QEU~&oC-OJ3Al{(iF|^&92(gdGBgcLQxcVZs+Tw#Qh{NYga#<2d8b$b5
zt?6e)pU>urC^6{`<*`xUR7>^7;?}O6uM3!}s8}Ou0r*kRvrt&Ckj7pphc27;yyr*icx7O-0e+C(?*Js4PrS|EQuZVHy
z@P4x)XD(kP;dX(FMD$;*`;|>0pXFG9-3zj{9MFi1IrsS`=1K$hkXLKOJ
zU9wwg$Y+Ka~>*`%MiiFz611(sIesp-iT~I*%^-vQhxT8lx1xF)s1bfDOKTqK1
z=JJ-Ip@O^3ZdM=cUR;4R$we7m$Vv&D<~nfhgvz$Q?Yg?~h2L$k;L#j)Qz*iZs*AV1
zGO5dgc4Sc~HG_f_ZB)5XbN_q>S9K*5AU74F5V3DMf52aCtY#qftTWMidXZp&Il`hG
zGQV=M1XRyu3hJm@5llsb{T77A!1VO#9V;&N&?dO$qDZaEI3VvdVFH&y5>;)GI#k#_
zNr62CT5OM>{TcIC<&dp9I#I#|EsYc#&jwC)%N>!L)Cs00nHKOreN7R=v09tA{W4d4
zp=XUq>e;u!bZ({^6(iPJ<`x-Y{X(>0t*Y{Jem>ya7MnuY*Ya4&XG`+iD812f+!3eQ
zKg#BB#B?$TPiNmg8IP`8G)U&cL9^d=_2uwm+OVR?B_XeeyOa`YhDd^z_VptkMVOI2
z4+A?cs(U|S>e9@I3mFEN@pa#(s~dSw_c;?7(QsHMm2dQ5G$^~8&f8blS8t+{%p)dg
zRsX+n(P^c*Z?Q)dZ(n>$2)M}2{T@x;97Gf(m
z!tzo!vvBdoBr=Q)>UDT=$o#vy%H7Cg$o>tVs2I0bclY80wY0d0XGyfOJ_U>L#w`XD-of#EqT1
z=M>S;yj;G7aG|u35skgWL!m~buB577g54cPE~Dr7^#4&Tl@s&IRyl=2&NYmU-w-o>
zyX9ciNu@)Sw+Q}3N0e?9d}2UEGfU-vCzbAlrs;q8>noHID8D2i=WjCDjnB#H`WSKX
zrp5hA7viinbV4GZ%bfWQZ6Xzo322V@m^!|NT;EbLIzG?G1?_8-R#vk(KqYP2AHJcIAGX)*}n3E0^T-FK1j#j7TW!(+xMo
zh;HojG9@M02Vb#hyoWM)f!aI;JHdHh8N0(zQM-)AYT73gLCWD>t7`5e4I(tSd38El
zH+OoMb*gT(mR-#t)x;e+7}pN<>TMTDgs(3z{21)q{-oHXQQ$WeofG4nO#1{;pq@)oQ7q%Ta~BcF)EdWeFN1
z^j+>7@?GqQG(X0c)fpV~_u5pk>~|_(2=#L&kwUT~&p`Yc@ijlTIa>a&UGPrC@s5j}
zch!yrXC?M`k-W^f|05mn^p{b7UO|Q7;Tr4QbIGhuS10yM!yP)|)U%Yqb-a
zjd(TAbvEd&o@ojlAX9RPTAdqPcBfP69ZDqK24@Ag(_#6H4{^c$
z5;Kdx)yw@mDs*v=MI7&Zs54|#%n-8hYS}PXi;5x?wPd)FqxpZEM&tOj8R7AVKf#Nm
zf)n~n1sC!w2n7B7J?CBaXm9D&;Yk7M^p7OxW!{zckvSEGd024kV_1vuI}&#nm(u3V
zm?n+e-d=^3$NjxCy%wSWe1BJe+m$jTo{^byN~IMMJG9vFy}TRD}bLdr^JktTUz4kBkVE$U$4myuh90
z^X-gBC~8FEo^mrQ@+R3tX9O
z?n(ObGX#N!IwYH2o-w%S+u{zK7Y@)(G63NTf7(E667wnSGpv
z0YE`XF1asW(KZ}=s;(kQ4mCdhN7D_Yp1ZfMr*`XN+z=a8s8?RFpH>R&b2Xbi2VbPT
z8Mnyf=M{as-zgu%4Os{S7{VFce}w%5A^Aqv@tmmYIpDt0h%KB!?`qK;S}pbwrhv?f
zP6}z)&XG!m3^@J6gpdluY6h0}f1py<8`Nq;s*CTo?t|s^gSSXe5)luA{~>+5xnp)T
z&m$1tg%7=-$gPa7vDHm~M{ar{rUEmr@ozcR!6Bh9=&8t#3%@%$**injBTA+K-;VrU
ziCpe^GR4wqF3KZTIqQo@gYqLi%(qNL`2J_NXxGQjs$4ukL)N>caNUT{XIh|05*pIU
zGp#vbY-kq62NEq|&U>sdJE;RQK>k0334Q?*$hGXdtnFZzm6f!(ABmZ;HG(4M{Xu7o
zDFL`CfjkQ{JX?`A68yAWM1Bs^G=T4O4r#@$Cp@Y&y*Wwou;#r{zN!{y9+95!
zV^8`?`L^nOw4$$EmUSD8if(4*t?%~{3Q<5=-}|c8SaOMlJL*#Dy6h*1d*R&KE{zIFc^T?!GW6E*r!Wn@^>>fPSbRe0DVd)>&Jv;g9S({*r;&S?@jeT
zq%v1obWP^DFQSN!RstZ-5fi#1F@9Otuc*787FEACDNGjr4yZifYrt@7P_BoV>#lVH0zjunbUliiU<1CXO2
z37~=^feJtEX70-|jO%HHs|6D0(3LEU@6qJ~BXlYXMjziMFK-+zbDV~^2P}ruwxT}O
z{3)~~?Y?C}s67#Yo~-s^eInF$WYcp6m4owNju}PXk1Rgh*Gz0Og6T&~vQ%5ZnfguQ
z5BK3Ef-s1VE5qLX&WZ)^UR3RGQKkkXKwZ}&FU3U(B8d&}@DrJsY)xEY%xS(sAd|;P
zhhbixG{Fvk+0V4D+dOs#){IF%lG}fQO+TC3QtEhB}+)yG*J{xL4!dF2?CnW$%+AO5>pM#+U<(
zG3w~CLl=uVHkvlOnN)qknM?o^JB}o{0
z|5~^PNr5V-gW_NYMMjVtl-Wme!B6rvD?$m28
zyVex!{m0HFJc;~XBy<%72Br!((O8W_FubtZ5_`>Y;P5`MgItGjv9cwX&ByJw(dLR_
zT=^y;SCnslq`8}1!zP;j-J}P*HG|Pb{T&~XB4W6_4;vTWlWaVNc)XLe_(nk_FH_Rm
zCWt%wQ_P#|{?j!nd|)3hq2Wcb+GKvhmSsD-
znh~Ff3!Q*}clnly6@S|SiMKkv7f$ScaGTLr5AAvo{w&kMsN0UnfyWlwMFIDd;TK-a
zi#!}IZobBZFNLeHE%>te-QGYbMxfI%H=RZ^iJ{1C;TDjDCN<
z)V#59w_9#-_&IHb#eow(2}Qv&RfQ58WQG6U@+CN|y!}#^Hn>bk2)V?5_1!;TL{}8<
zk3cuV>px$1Y%=+t+#8-%O|PEQ4BF0(y(`_|515d|`i3)Zatj~Q!{d+P!a|`VOD>rI
zP9`Yb$P(EXf_dr(Mh3PorK=vP7RId@2N;=oWYmsB@0-X>Y3W#j+F6o(N~C{ZLiB0(
zyc9CJH<;+|T+EO6B_fJLPU{5jds~*<5w(Rnk47WSu*VVK6v$4WL#)`xUDPc5x@dKC
zB(lL6n6B-UtSwzbdUzZh|F_E-K`0*?$3y-xzKfGn37)=|vA#Sq8m(WhCz-Z@Dv162
zTX^1wt)|wVfLuiS3$cMrI|MVH`!>cXU5W8F;yA}FmJl+2y4lBbf;V=onV}pi>e0Yk
zW(vU=tNa0-Cr+~PaG`KwyK}S|CoUK#uYnjC*k|Sm5uPAhJHLGS>$**KCwj0F-}m~*
z_61_dJUg4rJ(p=WLWN~NSwRWT1bfV^b6?p$KNZ;0KK`=(YSbIUK1VsZvWJlh9>X~(
zt%|(G+}YcM%#bj|xw|_RH!r9b49S9t5J{hSC}Y%D;oC&r!X9)7VP-x3$-h3^
zVADT2#-e#mdj~GA>T)*xUVTP#PSz0u6zPcixQO~sYxe@$*rv!ld2ClB9YrI?zs;TG
zD(m4q?@?S*#XiXE1x5@@TghkdeXm|G&d(1=I89U}`~)Wuj0)BPix5ps&E+2AU?>f2
z)s0;8#3bNocy!FdFckcB);l~kxu}*zJB<|
zR}!eN-}!ex7nB!$+EMZQyFOO!=iGMU%_r-;cV&6Eq>sr)QIbu&Zs+4u2-iuu=+y7X
z0$!b^c$-7Z(D7LeEh41g3TrYgECh&TZblt~PL^YFS(3Tf9bhsM>ta*6Fgc`9Rn7Bj
zW@z+1Q-$NvqgVGBmEgl%j%6EUGV8#90-S{0*l9rrT&pI8z%ezKlVR8G+)S9xEV=S>H
zcNc_ba`QA?J96xD)-(K~w=wJ-5%{_6f}?ekCVsCwUXUQ4Axj@9b|ggJHc1}vdl1Jq>T#Fuqx?S+#u(G<`mczRq1UoyqAY0
zGeL98T@Y*i2pr}gn#RNcT>etT#6g)>F$nu!EMJmANms1le8{X&(E^z=eJo9jVCTr*
zPz0_JwfWzC!qcY>$4d(n!8vT?fzr~w-<+-J+wTKcKr2$xe`A!-8vKyufnd}T_=r)Y
zEz{2cv=42^0d+B3D{8jUz;zfO4?Y68N9}CR0?|hpyXjRCoX=0`AYwV^!kLG}W_ikj
z3c_)AaHv2M-TPGhQUC!h?m>vN@Gf|tdCiD-!`@MuO}@2d=bb49)q#rprgs=|vqEgl
z*XEz!s`9B^Ou8}q^y73smuz%Tc_Dx@cRq}TCA{>8jO^;XzTMt8@N*0MA3dI2qup1z
zEpAup0G9EoWxqoos_GU5JUO<1y1Y0H2&jmL!~mEiAQ*Vf!ZfK#rGR7?cN*_U4oXYJ
z!(&uHixWfagoLD-^=WYP(p
zB2Bq4To$&3_X1R67xMCXu8L?&#fUGzx4hT{g{^{2XB~md2_rJZDv2i6k1MJtNIiIe
z@l~UI_}?r7<`qLdNc}%;X=uCB$f>=}74h-);jzuro2j@uK~?Y)%61iBZ6zaLfAdRb
zoc_96o1Nm~Y{h~vuQTk+qe+EgUS*DKnq37rEDD=KW0P1xv5i7Io=Lv8YP)cCut-v6
zJrc+=^B3gI$@U*-G@I|lPcZ+&r242vNuEYdfmKic?{ybWKHCkXk7Z`p#E~ylOPfSN
zKW``BqI7pnf(SO)E%mT-OWAdoGMA>LVJj8Tft$4&u^!ze@EN9{Z5Ev;B61=&m;N>-
zfuNwR#qdz(eM-^p90C4gKKCP@){(ojyL;i|{dF?}42|M-$ynC2=GI3Kz=P
zn=HeZC@yz-<+k)F-PuOKfMAI3M}&S4dwVw*os78Bn?m;gD5LhQ_1`QjIp%7_^uyP`
zOd1g+tVV4+eQg2gCf!n!w=_RMg$mSIw1?U0H=ms!^t1)5P*auWelI
zwss0g{lN+&9)g!2Q;Ur#F3o!r9!5%Go1flb%YJfgkgDw&68MvU(tC1+zRnor*_oLwF%@;x
z?$l_)3K3khojK{Dw*1@UEQGmdqt-gpU({T&;^|;Fr6=YeDGGSyVI-IVldUP8z
zZUh2lypY^gcRbSWMp;VRDQsU%QMw~+G(X8}&UaM3?fklKZ*>iE?tp`{`}Joj@>*Dp
zjt8!T4b6t&F*aEr%h9QUgc7RZ$4(xvf#@8swGg@Q|6M8psnGY!_cbyrcVqAr1njQojs}Ruq
zVULNt*4WGbs&q#oVqTTc4bTQ?H{%euUxyDol3XNwH3=KOP>AT!srk|l_elR-;W2;aH)6);Wi(D5PZnhPc7XnrWQ7NFz
z-J`*bI{X%gXR;!QZ#XMp7#t@E7CEuOYTmyjd*Sgp-F$JYs#(rg^DZvuj_4$MN5RUijT(yIb$
zdF59{AW03vSbe9u`DsuEY4=sRBOLRf4yvG+U4ggw{vx|U>U*3d@v<3!gKsohO*{98^j?dIDynvu~`CC`AUSKVD^$uctGgPx+Sr1y$((o3kV%1vxZ?D;
zH=N&{?qSBC_|lzi9HN!rX9ul_8e|aO?C<}Y`5ECiVnsAosCoDL<9T^C6|Q319~+a;
zd=ggYgZSnoRb*v;dF
zuvw1G8>Y^Y(QuhxQuRc>H#_P2{#p+KB@R38#6aZ5bN=5F!K&M^0bq6#p;BvVPiC7NZs|>stn_)<0^D+8P9a&9b36X+_WgIwMcF7cQ^8k
z%X=rgz$9#@&X5Qy=JeX&6{AZm4Etlm7($SHWg4!lQ!QV8QD#M~urwG+BP0}6B!tIQ
z28c}hze^pUF2=s%Y<3#|-4wA+?|rfkwlRzoQ2odnkOE~tzd0Uj?}9sDRoV|caZQ)D
zN)VGMFgOzj6T>~$?;VUpPr=rl-wRp&XvJc(fAWr`GVJkdoA3qJ4iy2oo8u{1!%)pggf@09gHsJZzsIAu-+koU`T+vZO1+6R)JS`SR7Y
z^A5Y=ncrYCY@IAHj}HC&N@Ypex_rB9?i)$)UBPi)B(Wif8LKTJP`4G43%Z)$YB|m+
z^mO5HAELsaZJ!zY;FR;^Q{5!aIMV)xG!pr|vOL!D+1I-ZjnnqK3*RR0W8S`oCVRdG
zuu$ej2E$+HJ9~@DlE;?h59|08^+@{hg$JYc;VW}0ntw=F0O2h|a|93Jhp~v`Shme@
zDw}vITxPQyRRxPWR{&R(FqYr;IXuvitu0N#vT0hyd
zmeu}!bnATF=TWO)pO5b;^az+#&cRI5&L2G70Bqnqm!R4*)~50J{XOLu<$(B@FbZdF
zIkC!Sg09j|A4JUxG~}AudrlP$+&85RYP&sEkUF|lQ37I0{^e!OSeOWIPbU1#rpf}!
zXG&`%&ty;r@hB#N(C~vz#%UGHoF`EFeIvLCA7IMEU0C3R`xdVDMARE9rzqvO=9DbP|mp7m_svMf3t@XF|3m%5(pzHOMxkPBLloqu9#
zV5~51D0CKfvR3;DKVCssZ>iwHj-q$m{A0{NIhM3G52o(C&Hh>JNCP^Us9OGVF6jWn
zE#b`MG5O7p?j($rYerB(z(7jLB7jO>-NJap?eL)J&gS^+xVM48nI^
zLdkom947vfDaI*3W*PuoTw56A1($xy#t_cPQfh{1SOX4On;%1Y(5|+#q{58G#FFVTQrVW1KFH-;14y*L@h=}k5SRVPO9p)?-jL)=|!Rlpy9e!m(UIUg+NMZdZT{d3@!}UTRzJ4oA*3s_iPATpk6Df_4
z{O~wuC2X%3^JJU=UXzyQ2@G|or>rj|9Qcq=Xe}L1tgKue{1-Gb$z&t5qovn{q`igN
z>rCJtemUz}4T%m}*^Zl*;o#XOn=LX)464YrL1CQ_HT(`ZIb2;<@ALiAor=ey0rIdDT}+{hx`?1?K^ckR7?14
zyk_wRBg$(&Q_E*#8)MxuKb;FeC*%dHG|dy&I~_uH;p*J?x+ZzAMil4?hLAdcXyoH%
z_Fjn<5>PZ+{)7^1hsn7{#ZP~uMS4_?yX7itimv)p)j(G2wfY`UqL3u?3k6CvcHGc1
zR6(ja>{nCY@9n;~uf-}2C<2%Gf<8?A{u4w
zBA#u*B+SB?&bca(ukn+~2@CU2bbs@{b70H2h#;nNnT;3#t-Lmk{rb7K{O4dnS~#X73M
zp|??)wMs&$c%%UL1Try$(pZH~N7>=UDm)lHC!KtDVlJ|VE1&>Fd)O@>tfaS5Yf0&$
zl3$gTlha0f$1|RfvF_;QZxlaOgC7@AZ=ZA-yFn+ct)ewfZNEY@;?^?{9|FniDu3x&U7LJPszW|1pfg?m^ts7ZhP12kEc{p74t
zJ)O(=NS#1(j(BkqXT<`QLY|y&hG=y?Sl-7;N`4wCk3>(u)P_Mq7{adC7xOclRf2?4
zf@BtgH(jF*QMQuAUvr#3$cvLH+2za7(|*;&LLeSlUD{H?xhm1etd3i0mj^WR6Kw1H
z{(@F8(G7nQC@l5ohO}g-kxpo3hh`?-0qXFx8`(il&n8dv^}aEp)8vuq|g
zwJzDbf_BsALq-i8yZRWpZ@QoZLBjHd@5~@2dVLD>W#!)Qs@~M$L@RU+4#q5$&aY$`Q=O|)bIDU+uf1jD$e}>$xVbudiHT^O
z{K5whd77|KkK@rtmW1e7X^0MdiC!sAB~MJCiXv?33gycZg!%IPzCmO*kVVW0y{URX
z2fMaGMz$$F!RRo{;;d&Vg#|qvgqZn|;)xAx>3ZGo#fF%Zva1WoU5rK|F;wx4zVUv$
z5FjcbXdmqaf#GD*w&)J16*?|!+BJm}(Xmp~|rwoVvUxLe2>BaJnYR
z4skxw8VikK);G8NJe_W;|E=3-f`}Gu*TwItin_8HeOeFB3KDU+HIn^x|H{?-tvBBd>(aZsI(iY>Guiod}&Ez?X!+R}6xaHd1rvVRGw@n|YzSp6U6nLO)oIF%bU}*^%vdM;2U_3(^b(3f13Vo
z$bR=7KM9noAR`%D;56rjbj*a*DtE}fGG5|ynEh#tmsxq_}gJunZOIw1AHN7
zg_MwQf@*!(uB=np&SYZ&!r!R7`Kic0?bPMd@t50RUKeGImP`PV>YOd@f8ta#?XKgN
zqPa$WL<}(WY|UyrRa6^==;R1C(^3rdh!3F9rORU4$k{n$IFCwtON`Or;NUHN=9A_r
zSyqaO{kcyS|CM;s3+gWKvz~c}by_e5+i#nX391JddHlt*{+dd;Xbtm}$_6Y7X)_9gdA;Y3=0u>rZ51fgLcHKczJA$lAzbza0%ivr(M3%gbAG!OuwbwakwOh$9nKP$TM+;(NCT#Yd<^-FAJ-z3VG#CDRfEb6nIZZaE
zh+ZZ5B>w4b>0m!U0{HqW+(URaD0ft|uhZlYM9}r-H94QPt%_HV)Z57I)n>8n78g*+
zi6rDX_{9iV!shq?Y;Lxn;e_ynB<)nR>cnzft?|8mHR|&@Gel2MY{JJ*!anP>j~`UY
z_kFN0FmQO_yb|WVnYv|fV)WJ_Pc8QnrmY_OBc9V{+#F)1tGz*8We1w+35Lr4e0uF}aiju9U(&XUVJu{@iKJizBj6M6~C9igO
zcj>su3*gDgj9&Es;zW4{eDU`ippPLM{(b`Z%!blFDm6_ekby*b6O-cH+|M|O_v7Mj
zfifkc#l=Cr@v0<-s(QE8j)4+~b4^L$zm)BbBSQ;`1CR#Vt0Rhi$;>?h;rBKHAaiY^
zfTz9d%CoBvp2VL5?yh>If1cNiNk7&?Pf9As
zfP4?kkp+|OO*e)9m2DSK87t&(OtGwwqE_zEC4Pk=@I*(AanXkk@_$WB(dXzbI-O4i
zDZotxeXX*dU*I&Z7V0*mHOlUh)G=N@?pe!}BvM-@vk9O0L(E9xY(DB6D?>npYW
zY#69^_7Ig8`O+duSK&O9U_xw8S0PtMPI>+pE3*lGzse_{D{fCRzTA$go{$F-WG4n6
zKc8ffp80>4dUx@I)3W?No)0$T2tfd)f&y0CD#uOpcnYw)?9HE_aLc;|J-k?+q4=Z|
zXC==HX7ZcqY?6YB&(t;_BKV5dX-L-Bs_$*6HHkFVIr)F*?^LJ!+{U!!VVOb0X?Z?c
zbizuvP)56Hr0VxOA1!ax((MzkK08C(umPr}|R0bAhRO>Y3c;_DDz^kq4z}=`e@l=|({WBs%`TFJH
zLXNtV>&YiGSBv`1#1DTGws|esC`Ac-Zv4x6?maF~Fo%Q!PImi7|4vh&C)uf?KCQ7r
z*nC6F_;$g8UtG}?Cb_{MxiW^*q7Pl~#w;)iOGgm@rPg^-AL!
zRj_J|a;s1xBj)4^lD5brWGR8{ABvi9ozx3FzV8bj?WC=UU`ae@xF`StEfv=@Q~{4Q
zp>csUP`uM@t<%;oqfP0-PT|rVy=MOFYbxt@x7B^Io!T)%PoCEO=%Kw^-F=)kI`W00
zzhy98IOoHOd+4mUEhG91pYfG6$T_{Z2)ab?N%3Z#kon%WJ|h_Hw1FM*GJ=yWoY$9`X3sSdD}0oIM44#V5Iv#T=xC3pu+ftj(c{6
zXs?eC;+dM964zpa7N)+#uM9)urVRjPEgJVWG_gWxNaPX+XqFc6I`@#81)vGABa$9(
z_hWW*-ET6JXuwJ0rA2OnMrAGAR#ui0;jgD7Lss%lfu`*7SeW_K2
zDtck_#D=dqP=tAP7}+}zWPNUuiea-q!}G8tdTsQr#wL0qNNXl#q^x6UAIjbT*PmCo(d~
z6L)E%yyCb+ve2n7#oEO74psc3^?36cey)
zbhv)*T7n^#V+pVpqWqB=7*^vt{o-yDGxcJ9v*gf1BGg4{a<#HlTAjl0At8Z!s-*Fi
z^xnhRQf-*|f|+_^n}NLQe#&7IvCWQS#<(;VEp$`}D0iP&miO3N*A}y%lyy8VF)Va3
zGeRB^99UDn=#4H92~MY_gHl{uC`$eso*HQV8&hgyrJnwX=}lkZNPq(XPTD?q{sisQ
zJyCxCcLI~oX6JnECGYEb3Z67R2K=?;MYaL>P^DnG_Oe8HA9jR@{l#=mU%=jk=E|fh
zJXbM66&K@>tQ{Y`*(+iSMXIdWq@tP^g`iL^;%vL<_j=}UGc{;V1ta8o*&L&tr_{P*
z6mG>gw1BsFdbrv?oMp&pdPVAbDnzrnass1q#Gt0-Ae#k10lMppeNGh>RJ1V-)x?f1c-kuWN=URJF={traHG9?&exuSGDF{AH$`*
zmYWZ?Is6Im8b-X)eyi%pE+0XwTQNkTudS9&fSlvy6*kjr+bLC?Q?a(hVXF(kprthpN&ML^!Y(TKBwfqsM4GL<>CG9Z4HKB9Pt?f
z+eTdxA-M90+v~Edorqh?Ww`>(9Fzh(FQ`FZQ3Y+kaosr|CSo*k$pNs4LzE0o}J(0!IBUO9>FsW(vcN?oyUHaWApen2urHv4KYEefYU?j7Yw?e
zZaqHD&#jJ~+(-Vz;M_f9=d4*J@|xY)SyD3N2#N-?Yh`;0y-RI3$x
zo!GDwb5!~l2h|j!kH@sH@abMB=Hs6c-w&9S7JJKFI^Z_qCxzE5McbpE6xT_;b6R8RYk8Al&O>$Hc-|%3Liy2Wc5ASP~VWa
z0*6-oikW)Y
zn6)?Il}=CuYWADZQd)$20=No;fASXvmzkce=Tg;Pp=V9BT@FsHOgKGSh;%?ai)q`L
zqj`?*&lEL1bEzbxzL1Ld#I4J+!(+D}$u8Qk*W9HdCd*}qH@2$d0UMxUS{DQ_IQvDo
z#29@!W~ibUukpj^Io*QU&Kt}D5e))ONr>AC=I;B4S?_1_TfgwJ3uoyE96ITnqZy`x
zIW`NiroK{m?V5re+|kZ$eyK`MFwHPaX~x)yTRW)PL{Q`m5DZJ!o3H#NHW&^vOJNM#
zXgCZ-QFN7?U|Hx@J=fz|@?CHxpP-NBLP49KxjXVL>fMb4~M@m2okMl3tNg!DC!`i!e6HO3Vl9=1O(q>rz5-
z6^`k6qeF5YpC6A@lG-QW19PYQ`-QI#iWL_vj}i_Bz08k+@IT@G-=}@7#=n@sAJ=|}
zvYoVII;|(Ktz)w`QoD+y4qP0LaXidl_KvUvwAcokV|V@TgdS0Q%R3xxpTu0`Ppqd4
zK>A!ve0>914GK+%Jz39FirsuegJt@qIgnk~$b$q#niqv9ec&n*v_cg=-!b3-vW{Q+
zAR!xqa7(d-r0hCrwr4i-@d@LaeP$#*vNG$u$dAB-aIsVSy&5^l!{nv!QAwY5NSZcY
zQiz>!tE}bBkPNxM{@{F%K-4&F^U>8l`RYX|P4EXWK-kaM`r9C?>uyEB#u_p5OZIbb
zZ&vIzy3d~iUH2bhYgQ4`vVFgaxqq6wKmGCzne>3;;?0vNZSd=5z~P)h@UEZ0H4W=NovW$4QmRoT3CR{+sEHgXr}2iVRf2u#6FGD=`h4Vx|my|
zb2^{K=VN7c9j%r(5w{%OYA0Q_u|=0->|f88q@
zXoOoFsi9sE7DKAfTnO=+2E(sT$LK*}HtNbb=)8zq(jNx^x!&T)s*HHpqxzrcKmsi<
zSA=m15qy+y*&Fcss)AksF%bWLYJpNwZCIoclT%_5jTIK?17gp*Y09~hdes(HO+nuMqBdLUsq*m?gK5@bff5u
zUmK%HW&j+4DLDs*{ry({B#zba^{Viq4eK!C-=edG+PA!j1cW0j^>ETT9ORlVZiyoO
zPwl8ceF5NL7#$i>Uq{w+LY|8JHS>LVyK3%55xJVKAp}%oej3UbmgbYZ#y3wGt84S-j
zqNueAEOPr;j@YF%zqFs^ftR5XfR!D*$g(G;!K&1d^Q8t7ICHtcgGLyqaz9yMw}tDv
z?`f9bec6s(o`Vl($wH0YpRZ+m4}bBZ9o4T|4rD2`_N(^Q!E!tlL%^~nMDl5T=H+yJ
zyr?Xznc?>ddm}!}*%89)aRKYb-uWx$Qiq-#5`Z91b=*Eo%{t{(AcKgn
zgPThU9loWlG^XRC{DS_syA?;9o2EM(LWce)C^0XXe+SZtzOma
zTtJ_rId?eRiU$@f&s);=J!5Txp^6YNG*Aqyq#%fXbB9^GaLM1{MnD3R|w;u=~$xa%zrTrGMNLAx^P4~@UNe}0RgmXfg^b1)K{;+
z_8|;y$RE4=9cAi9xw38#
z&gpq&G!kJ?gD{A8Cu3lRhyR~@?+baOCxMT~SE%1h`1*E@K|Kq;+kIxu&sg!!%EZ&f
z^YUAuu;wQ{DAQOHMlE)?MDnc+6!*S@pIiYLSmg@5q^zYUz?f6Bv>)3bkVAfl}<
zc}@}KpA=$PT9Ae8^$B~gH~M)T*JnTUKq{;PQ7_EmoJ__t(l&u4u2!HM)zqlz>nH1!
z78mCfGL2LR1A%6P#S^o$jMD@C{rQcJpkmKfZR3bChiD~JJ=kjDN40B$KGvt?%{wRX
z@$I{LT(rV_RC#+9Jn!=5b#$31CiE)gmO$|f^I)g;d?xNusyhS%9Zg!V(i$oU<@S1q
zW#OBF%8}ptEU&w|&Z0@|a{&EBa1^r_?li!|AGIlMvbV<$>@fBi@np-R!d&gTqANC#
zi5km{D;i?;F}`q^q$LDWM1Ynh=X2$FT5e*^2Sp?q
zDCuG*V}kbne6MwN5xw}QOVhnk>j?Ma
zmV%f(-yL2+B>QN!Z}5VkvU!8OU+LM?`dwAy~^X>Gu(4yw}O;tq|8miwy?N>0`v
zsXa>Q4w0q@
zOk=Oqjv@JrV5
zHLRH|sWd)Bp%1JD=~|=G8Z*8)`h_m<(C$G4A)3izlmM4WK|8r?e5a@kL~K|LfQXS}
z_8OuYDs|vMfXH_|ZQ!;u+Hr0;hKBs5ID(ct?_agOr(m;uC-e`R?rPOjhsXwsB%PiP
zgjrjLg_QBjOIk*wIYsOnRa-hJFOLw*vvqRwIQ3B(AgEJ4^{j;~>jx<>LPd`N>sQMr
z_DJ6fN6eqVOtI|EBjmF*#r5v-bvD?L?CN0{Q6O07F@MKdB4pPgK&A+tIR-6RM
z^x3GiuU`2%ON>S{OJc8X5fIgVq^T1dyLWg=uH}L<#DC7t<=M{(7z>9NcF7d8i2;jF
zdq9n~h$MG3_Im9oQpfaI&hzEWpQ{CFJ|B|QzKhkpGeCoEdw)8%utJb21KbwvdVH9y?O0e<%(?uTT`xK8!Pd>fPe!bLp$8l
z3)q=FX)&!>FO&;mJp#@{KwJvIjNI&`%Q(dWO9#ZxlJE9Ip=EkpF2&h5Zl$?P`N`L<
zr_{v+4fDPq_4N;UYEz=wjjOjpiZhy0YwLG?xdW$a0c1-f7uqHQ@F-&6%~!IXYv$zp
zd2s`{vDWPayDZ+NYaZ63mLvgzeH7iy(dp{%Ku#mk&29Z-j^*U#Zw8fmPq*=DiS%qY
z48u+S0>-kUT0HGbhA^rdP%a=DL{IoQcdhSnwjREvNH7geGZ*ks$y-WmCuHC<;^p#5
zerP-~nX7noo19Rr@=cg#@8rg@gLG57O(ZQ^jAz!!1RUCxEZt$8^|N+O2|aZYaS5){
zm+c1~j~Th_DN4Tj_e9qFe8OH*o4XApPU|f;t;_8f`#eEV#IEi|%+a+{WmDsO479yt
zbDP@LLQ9VqB=K1Jt&#kQE|=wpsA7xDC+gr*KfpiR0yBB#GZnwOL;f^Iue2uUF3+1$
z<^z;lZlN{;=KOLPws!Mpu9XU7BEiFk!>8mUdg=x7Qi`gE!}zRQ(uT0
z6+U;V*`4&7oJJDFXdZ!xb>J~ENi!sctx4FiNJoWDUZ}}s*KH?C+;UmlI30L8p^Sx;
zGX;tlcq_AXAxmrIpMG5#K-^D)s58GRwBOloz3eY^?g4#Ej3Vz2d+i5Ys*|mLi7?JR
zw^%%LM~sMllCh7xu3hGX>%zqz`u?9lc5b(}(P$=3495e{nqE!K?19;`y-LTp)p-tW
z&A`IK(7?rom2bAu%y(5ArkVgRd1&!zkJTsHku>~d!_fcx$}19-9HNJFC4!bt4bPFCH~E}zwxNLtjTD#aEI6&!$ZxM=AF4peobwH
zS5xM(Iw(A>lVj1?R?gT(BE^@!qO4FqEvbaTYST#)LcZisGSg2f!UU-=gAR>N49>I(
zca)0u9OUNIH3;DBBxdgxpanD6FInD9yCHnMp{T{U!^+a)D!NI^Sk(k|bbZVgFS**!
zRdgfcsIZ1Y@|(F!^niqfqwN>nOOrne)ehFdHkozXXn-Ug#bZt~5wP3f&kV#j=?_O@
zc~*1KdyPS4Qm&yXg{%I_|G49Qp(b^7;9U^f6}~yD^fh${S)QPi%M$j&(kH?rLMysR6J{RFXC3&Q|~Yw=S)O
zVn`+PC)WFAL;`=}oo$0bnMIcglI8VjnK-Ni=X-n|S3z
zMNg;g7*@aP8A$ixiTtD~ManrVxex^_xS6vCqGp>bkMLEVb59dr`LsS
zjIQ<+>|isRWxXN|%C;-HJb@qDXqn*DGla);2&$>MFR1<6H8(y4@&^OhKoz8EE&IY!RM%osp=^jtZ}cCYzX>
z-+0MZ*t%sSm0p`eaV$H*ITXe9_`vdjeoHRarDfUPm8$#;sUEt}-M#t4P5+*$q=dyr
zn(EhKhvO4)ly!CYjym7%3t(*ZDO)>WPrZ84R5!`C~78@>;L^^~Tclv{Ykn;vW+C!|ySF6ZBs$ap}V?GkYlcNi%ok<9>$Ffwj&)U&)#^
zLkrNZtvA;kGSIPMKExRyvs=cO$NY>x{Xw#b01Hy3Y6H#I
zL=#lC$!Uu4o%v{wWF%ce|6105{Okx}?Da>U@Q@H6i4wp3#i_tWcIn8H{D~||E}@Zf
z+6n>6hE!@pGS&~xXW8{;?oyU)M#Y;euz4KaE9kh|1IY+4M>F#76$)-wh0`rh`B}(e
zd;KS+A|1ApQXKiHE4JcF8RFBc=8BQiYQb#T31x%;{GjyHS
z4r{`{5t~#)OPwSlr=>YRF08cqmZ_LzdFfBj=M6uUUFAnLIkWY&QWD_%TG6YJVIR!T
zcv|dd
zlbbT_oCCmWmyf++5dhB#5y<~LE2*ijPP7?r{jJ5rvi1XMx!PzyI;2k8
zxvXIT1V&ym+FX`os?^sJd2V#q?s~q^q;ss1i&xptx&I|E{Pz7yl)zz*$Iz*s>(!rf42cAG`5#GBMGrq<=XrF|x29u#nIxarSN
zv0)mw6GDUxVg7Pssz1m(A%cHt$tiida17DMg6hF`JoH{v+X*65j~{yQwK$rt2&s_cZM&dr&EH91ypOVD>M5zS+ANsJfkjUR?U&c6MrKuEG(qBibPUe?SlyEGFu)k;Opx*!xMo9PeWE&_%LDhH$IC~P_S<3OpB1BQT^?OG2w-aH^_I$4?
z8k3*y8(Qh_gk8gy!8t6TzZV{1IN|40$I?!E`E9=VkEKQ)2I%s-wB_9h*0-50ZZhkT
zfOqrfBX(MjZV5`aZj>fqEg~lQ8pm#7tql9GJ8yhzs%X>htPNz3g)CAq_8(Taa2sXy
z)iu|a^#hP5Fx%ts?}SJuw2l&jA%@v>7N}YK`?}2RVtAC1hA46IYEI|Rz~R1@^}Z7}
zax^guD^{=wTBr->FwVSd0RCreZ9qF%XZ0qq?jrF2|5YxZ8V4GD3v~@Rr+fgxKIPFO
zJFSzH{aC*~U>@5vW#R>M(u#!?K^b(5NTl@UYfh<5vBLqluq<;o`p;r~7N9qMh%ya?
zDJ6M@>C^&xmfvAFbO4d>=J3#o?tlOCSVvr&vjW5`iJgX+id}b+ZW*EY`1tNERWAOl
zK5AJOC4_smu$|mo#sQY@EHbY2D*lTwJVjST+Pl
z35|yo0STw?8Wfdz$4DM;YU+B(tvaUw8t(5!$og;TqFVlBZ~8!(Ilfk_>Tc6rV#RdJ
zxjcv{7HLpm_n||gXp<={zWUG8O8Qr%=}(umE}Yzj3$J1y;91pwX-$5=j2SDG9LGGC
z(h;*wFTzy|DFU)hO>RM{Kg9uhs}|P$=1u^jQ#EaIoTpLo!QNgcxN^GfTnwZhX`t9s
z8muMMDZ^)~&J9ra?Z}wXxJlE7TI}u=wLXLwDb*l8JrUiLy0RST#Xo8zFP|ue^=`qZ
zgUfG#)Nq2#5@om;!xg7lYSC~B>|{541c-JUAa5b!E=4l{e&Fb%`xKg!{=fRlaArY^tG#qyC$rVNWIpb_BHxlBVzQ;fJ6c627rem4
z)%uh!Zcp4iu#+7FE2|5O;h)VHue5ffc`lee4NNyz3wfou@k^7dtpxB_sLm-3KS$*I
zsXMK!L&TVOoLmM0KgP-*AbpzsNy`~tm|cl*G|~in@AROUyj@y`PzwOOH;TXFrr33+PzwDrP9+Iae>b92D0*Cg1ikb7w{0?Ha9^jOA7_FYe~
zgP@Js=hvG`Px{cqAC`TMkpQ}2T!vyP&MIoAtYGA1dk{=uM}4TfqvO@WfJhdS*C;2C
zt_3jG#Mc&?HKS<9jqfMJPHIW70yY2>pc^9K^~;5ANb2~>I{{`41j5xFMzs{Y8#E?3
z`_MF3iZtkWNw(f;sxv7xSQ@iX)6-+NbWpK_5fFLQP{b!1wdxtI&yDRb^o&c(y$kR4
zk%$oojhz)SQ*rW}t}}*8j<+Cd==h;I4JAI6oy2L3gwZvXK&OMu63)zaWraj74cfhK
zkcuUS@v)F`!gwYp8gwiu~LeZ|hh
zqG#3{X5?vN?r>pc2mqg0{i$f~ymnO5kRtYW;&7raNKRuTsj1-UIQ>k8hoGvY$429U`YW57y19ZEi0K)ZGafZaMV2FI0uSP;p;HL3PWucui0RIg5TXL29A3z`A)5QLVI1i+Nhx}jP+5ahKhN<01Pp@Cg+`cY5
zJ3H0G!(*`I2OnFz$md?Hn#_%OK>(B_KQuJ7p(Ra9xFXV2m^A!G#nirTZOAm(>J>$Y
zLN8#-1ZGWNTa>32;t=*&HT2YeyS7
zsTc!<20uIjws93(k4jUscQWog*N=Q|qR^SQ_v7in%I0q&0~cK502D5-JCX-GQhILg
z$$Ew(=eNf2m9d@h7T}AGEeSOg6je?vB>%wDATa)*J;4QLucFj(+TYsB0K~7y2G}1J
z8{Gt6i+O8(sO6=^!Bhi{$#{$i+E^X85Wh#Yz0bTCS4r5P6(d7wev&$;iD~cF)OtrX
z3eaB09=tu*5D9j%3_^${`S8WUnMD!nO}dt64MTBtiY1&W^RZT(0e;RWQ=3YxnZuR_
zN@%DKvUSJqnaDgZEs8Y@V4DMMMUKZ@3y`8Bd1RJOydW3B#FjcNZO5x4W6Clt^*7UY
z<_|B~pnpmr)MwY#4k5_XIFk}WiyPUAey~-(r$&@hc0^N5fTf-+VRh3R2SW%cFc6EN
zC0s?tYMTR0T~F36U{EvmgrVOk&d=@9vvs|<9Q{Pus9$5tb4eifF4)b#+uV~UWP1Gbx;!oMq`VTEe2
z3UN}IX&wHBC*QBvr#bLBr~B9^TYhSbHJ#+-B+J_iyA7=mD62^cPQ_U3H#Z4`C7(??
zx!Kormib^&&6TdXb@)-V&_=qaR-STHwzZ5|7r2aq=R@4vK>Vy5-Jr$<$9X9|2ak!fchHAIyZ3
zN1=w-9{e|*(5YH3#aCH5)pEXt;g)d!^{9vxKpqbL+qqe+t&K!m9G~wKJLD0yT)~f{
zEz^$bPoPbw1S58{b=xy)U42RdXkBIc_o6B1BU571#RSmh4kxX5Nr2^hV5p@1#e?zq
zH*wm|hroVRxCqciqTM^D97+BYr-xwT)11a)W7#x^~fUO2*`-PlLgk17K=@`!6ULXp@gwgWfA68->6TU;r#d#CZye2$lR&
zLG@G>Ph;Y-9cfWiX9R9F=h)ZC(9@A&$;~=(_&N{=11v&$-{Om=JE}M2zheG(Xzhi3+D!3MY%3{|R2Gt|vc^}{Pp;z(VpI>=7^D;c
zG+KfsSBYowShg=^ja`QOsEe^CyTU^azjiG|2S!szY|8t^!2s-H&N4MXd@K+P@F23O
zGEhajy}x0uZ99%ohaeEZk;j?5WF`-soxAAj-
zAF5s`cRMtEQp1jm1-4yZB$}5l0k@lmfdQ+vYo4fdag0wC5I2!>)$TFCDtXv!V-L$t
z#GJri@35>T=D9@d8AXDt^#!PI#Cr}y$rVJBoigj8#^uF*}7@H(bSws<@0+F%miRoPAMs=RVY6^#n9|fD3~Atd4S&%
z;ew$sBgwhG^!9fhJ}K>*%neoHAN4iBiCky8-0b}|l=$?#IT({-7_S8IL?A{|X{Ef*
zmW~4Q+3?-cqGcs@SllrrtE-9?YEbaQ$;wv)n)WJ~^J{B^laiAQfC;Ij!)r35
zzFs7@)mAz`S)kVXh`fQ3;IL0+WkU0IO_J2Hkpq*-FQWF`_g-
zhc}80LSgGO??ofnELkipSyb*-W{ccJfO@bhbOpIoo3&aSV!c!-cq7`9{Ivk67RQ5P
zg9e^WRnz7r-hOz5+jVUmr5+N{e$G5erHc88r~pmxAaQX%<|2Uj{->3Xxio(ZcS?z%
z8cT#%Ta=3uA|=%&&esz`qO6{mMs5KFIqcw0Wy?gVByQWVy&1{+`m?KwiWI{6a&j~U
z5aSFQTU*;}^pgn4_x}?AA$97##apx)8C9h8J*Q>mE|pi_${unUO)Vp-5x!OL@9=WrW)l*n$#ojlR|n
z|4SQjA6`ZB0HnT*wBMYjlWcH`alK;B?c%yQxZa58ZRXl`uKzkH30xW(g>`bfs2d`&*Dky?52)Tb
zrJB=luO{{^%|;7F#fUn3R$XP$P#T%RPn>M67*3NtsHzBC5{mGiFmLx_SWbYrIhaFK
z9gAw_?d|I^U)0gyBxn@=?a`a0&~V)?rojgV#R)*jS4ib?n9LG1INFj_5QQIwZfY!)
zPEk8L+ajx9_Ha(m#QxhH`t?P$HB<^;mAbbYw!Z6)U4lT8#S}e*BqsS&RHMb1jcg6Z
zI1?r-1`*amW=!%a`_U!+L?fJld@AzA|GZ-wA0>SJ`)03BX^v`vpp~MSMV+t
zxUF?vCI=rny_bRp5|^jx3opQri`O}oGQ}upNx7Q_bx@q}8^atC9;DJX+}(
z5~`y#I&3iQ!5B*iG>PAWm8Hki+;QYy!=|sn*s?E8!ao1vux*(2Y29G>G9*V~Lj|a`
z*jupO=-~EIL7fD_V?9YB{k&)^Cx30tN7}=vZu4P(IeqBaBXrzx17CS4H`du-z0u>E
znnEwI0pzo#{19Kel-sL-#hRB0OGF#o4k3NN=)+H!UIJ@kSLBa6tg816$>-!PW?&j<
zWRgE6AGP$4oaZlIhKOSqD5*%6yW4J!8Us0$JCcDJNrBj@!$~fTib-6$TyDD2HY{&;
z!+OjI`NB5_>lPMBlvRe>*S(B&xvC?fM8bM_VX~Uf5KIk5N{AF{m4#EG6bT;4A=C5n
z(HPn3^V;v^BbFz*$7IY8xOf}Y1*)eBfet<>Ar=C-U`ES~JH9a4zco4x*J73|p)d1z21{L)LA6=k7RR
zo9$)H^tqF%ydxC1+&?MFuSN+Ed3`ifdb`!OQyLn&5nG_HjO*4n`$ov)b*gJplh{dl
zbdmO>{Tl=38&v?|I5Q9wkz@5@U(tBO^Y2YA`wAKtFX(+sxw1x^)UT*fqU@w0*3AsB
zOo}Yj&)4mLqSw)ApMUG5qQU9%-(N6)JJ+h(8HQ^%bF^m4Jhm4uxT@nwl^I_q)sZx{
zq31e?7z`7fE}5^Hxxjp}JRU5;DDE#jB9qc!8tjP
zzrT3h<#Jci#m`Xk&Fd#`55phXruQ=fIwGm3>Dd|tsvq-7exMAbDmY{GUtJ!pyRAu1
ztzJ4r02n_$Q5
zW`!Z#1z*|E_K`6w^-6-p*>3|MG?AG^18IwN0?gv`vz|S6M>w2@I*7dQ*i`1Cuacq8
z^2PT@RY7cLA~4o1&IicdEjqQ~!-Q&i@dTg{-z$lS*^|R*`!hXwtd>Sw#O6U3$BTV#
zhaUfvKr?llAy$WllweDIBpgTbziJDjz)ebc{>(fS*PxBD6_uofcx_VT=X+)Cl
z^W6ZN>_R3}Jh1HP?fQt_#KxcA^7_FL4#`gguNc=*OXiu2Kt9tYDrFn7f{La?foS`L-c5&ounDTo&30
z@=Ox!a9-kFmS;7%=(3wMprEcE^rTp!x5@kaf#gkMd2fHJuy=hOJ?~#&P^MjLQpIYg
z1xBTN@}55V^0&kangN+A-+URgRPzI7T2ypbZU}qI0{0v*a>{H0yzf>wc%Sfx=(V_r
zBtD22Vex$(QlCT!F<23(GCBFW$e+N}*YT?i0a)U1@vag>DGL)V?A_OXCD?PqD>y$z
zUebN~b`n?zMfuSzU6u5={>lqDG4Zq)-0PAKl~l8Ie~K)dBDt3a$*}QgH~RTwyY`b_
zT%H8}{!2+=h6t?RED_>?W{#5{fG_KGF5Q9!k2#k7exC>;C2F6|Ke4jri)9~lsS11V
zFB|*4bv?$bsWi^P82pkX^l!iup%2(VjInpR93gxl~R
z5M$P0aHWD?jI6?cy9Fe6Xa`{u^AgPC<{=h|`o{BGJcJ~x7Lb7Jz|(FZQHEAxZ9_REWYWRv`X|DDLfcPytq)>eB4BFRRt=}GF95LQc&bG7y%PSqeT;HEU~x538z##Q=k|*xLi>{1`K$C&
zD&X}OgAj2lMrVZNt%Vm(iel%2JE(IlD0xAseIh;8{uWWTUk-f(*o#TJaitbVDy^M*
zvN^Z5dp#{jU)?1(Tmkd=$o0%r1PO20akeWWw08a3{w@m;X7VbgC((hdsWjbozDDt^
zCGu@ZYHKaxS*F0w-m4D`^HY16%j|m^W%xDC=m1ibKMe#}IDcy!pqqmZ1{&
zpr~ZA%ln;IpS24|M_?|yT1h;1dfgm3MUM|3?oZm%C-g}o`qeZ0InMkrhjOEQ4@|ix
ze;>lJU6(HpN7%9-A67Cn7fX#EACSH{3Hy@2cUsPR8ML5s>^*h_E9ElloXNgXk0qk_{9X;=Z)0uoa
zLExz5lfbng#f&JQvuqUC%6-czd!n|XL)*+3P2A3Fti0oa77AJAzw*W+P93u3%@y*v
z9k@pQ6mUoKTIGOlu;i(^Y|-G@9cZ$=)mH6&Yu|YMrF;ZKsh_a<LXB2PhVUV|g;qOTxl?`uwI{9PAT9s36v|~;o_15G4
zs`lB8L;UCwi*LGYW&-;U$&2yuktWGaL#|)uLv;b&m|HmshN2FEl3z@y12tF4fNEXR
zII{o`@!Jm&3SV4xaQQym@p)byZw|_EuI2prL$oF3Mmq4{MLNY
zls>xrP}k-arc&R~jTDaG
z(~svI^|z7p@979~vyKJ`FG7T;!p1tbe^jbeiRUsyVg7Tjhq;=iJa3evWtCI_OX^+Q
z)2m|fnFLivC7cB2{Yd?oe)pGt&30*OGdT*DFIHKOWeMMQ
zvL5ESlyZ*>-eM$;#L6mtczVzdpiO9g6kG(^wvoE3cC)XfGE6r!5n
zC5`VFsE7f(Tj{&vsg^TH$$S>0l2WB%AVow8p?SN&>$ks|YVY`x^xMSZp~9u;va)8;
zvb|_Z0v@->heZdGiFw8-k%ud(`RzWrOTqW2aOpBV`=)(@!~-o%S|~BS9+n4E(;texfa#ysrt}{D`lgm5wtHOuk-WH?{Y-cN#>&Y3#62&?
zJx}6d@ybb;+hP4^UE406m12&i<%8qs<(iaeX2xlZud|`vk1n2I%*e;gz4V6w&#E$5
zE&Jf-qXnz&WQJdH5$I}7SL)1G@jAEd3R{f<{ua3=cD5kX8d$vZ+nKYEc1l(_C#^yuh=TimfMmKK;_@Iq)xG;Na~~}a0y*(fCS=gi@~_US
z7`MF<@h0V-Ui?&3&I}m?t$<_v#h;NVs_sSku+yP5BM&O9j(!M|2ChfFhtW++y!4
z1?%5h-nPHXvZmHS-bZ^5`uXdVW`GT!JQWB$v+?e~LvN;b&6k_8L<>dR^fWbTrNX@!
zDh+wYdHwU-s|!|K8JTsj#4akv^=2D4B756iq^|eXQgqyX&bb8#wT@PjvU!4y=Llco
zYm&5yTLQP3diZH7{gZZyJy#U`GpaWF)W!y8-+FTG??=W{GU!mmW&hB8`n&&*DIeY^
zE;MhV%uYKyEOofJtP52%J*duBoA`D+PKlnAW9s3oSX%{_X_XizcL4A7sV>eZfSVOq
zZY!kZU%TVd*D~}`g?VJ^ZEI9*rlwc*baxM4dj;7nA0@x%Upx#L9}aJyLYs=K7Bn*{
zG#W;4v>M*z1O?||^qmcUn~XhxF@Ty>SeXlctsE;=7WiXm1I;+DhX3_^^Sk`~IpprA
ziVa6XolZ+TsB%2d39`1?J+AwtNeo^4dPUmZydrVpJYZ+FvLlB+)gtI#gj-Cgm23@D
z`mretl7V2#$sdvd2kXAxuF+|n2Y>&2xFUX;1zaWE4nw5YSo62BWB
zm98|^GQHYrf@PcTzpEsY^AWxx`^M`
z^x^Q@YU=kPejO9gP^{zPT16fG{55lfiY&@i&bL|;4js=~2ny4-`|g5^WHxX1RvI{i
z3iIA}Olc)c*a>6~(Vs9B^7vP=Bcf{m`J`E}lBAgLk%bJm6`#VDg6)vHKm|7C8G9Y8
z%R~Cc#Ti6^m)u&a(pK2$xW8pN!lWT|jRB`<@zU4I-05?JJye`u6a#nXxI$brl*yCa
z3$8Bo6*)h2Zk|V$KCkyElIA5Zf8LHlR{T*yP5afY_son&G5mt0D
zweaacn+|nY|9*0TmPL5iJO>0@>@dzftNSF$tw_X5h))-PQvy|c5vW%(j)j2KIoxp^
zKEHn8Js?+Bn6V<@I}rEp=i8OJWx-v~@PPEGChTIw=|YY$9)Hy)s8&%GyQE+F(cMxO
zm&RjJ!zHUlTcLk|jW7}l+zS;4ibOfj6MQ4YljeIaSJdsr+ob)^NyUgSH!Oeqbj_a8
zgBEWw;3+SQs6ZXM6~GHhmbfRkV~dtCBx&>FH4oWwX}SpH3V8OKT|>k)GRAXxCF%6v
zp8g(GX$7_{=qaNBLK&i~uz&2haF6PuydJc2;$hbi@+jV{j8FLYU)ezHQyVJDa)0ae
zrg;48f6_0D;ZE&Z-->%LdTIByswLF^&;JqX|Hd=EZTAZQ=ep1KJ`N5`SG~t`!rnLf
zc5y4|LE(xCs%~K&zr#Eb^V!Na=!qoz1>~k~Rv{AQJ3N~J4P!EQTTI3BQpYRQniU~AI)!pQU|-_+783Y=r{Pri|@Z*nkG@X
zv#jGT0-xE+RW*51+4Jg79F$iz9s|#GIWreDGw9$ty?_g2{2H4|f4LXlbB9?+fl`|-
zR5yZaN9_){@MbH_$$}m0k?UnrJ7MC*YW7c!wzyO?P*Tp{rjRV
z43i7J)=N7A=$8g{UudV8P!kEE5(mPrnT5z&&qOK5-rbKJ2qz$jC@7a9JVR9!W}12g
zniaLq^JirtpOBulQl*)mJID$3pgt=L55s@R<{lDrB_t!Lsf|qGGyjmJe(=#jJejtCmir?*nxjG>e#6>9f=#T9x`l!
zEdRRUekN*s)WkFcx^O9)I4wH9XXqfMVY6f$4fDqPm!nb^8O^1ui4f&(A>9k
zwoq586aoeQXKO12Wqy48{nw4e^nuY)mHg{#1N@Z6z2su0W#YYrqIh^>xy5G>y~0Jz
zric0e*V}bRHI@APt1hyr5tT((kRphMt`KPpxGK^F6i7e_MG*o)IsxfeP^7LPAkw7>
zNeEp61R@~42@*mNMTjI2lo$dM;9b;xfBepQf4pg7eHqS?GIn+;%+&O04Su=u<%_4SOmnU-6+FZA
zlWshiNAZIPmiuqr-e*7qzI+y5nHrN@>D-`=mz?fV
zXGtPX!Ow)_EY${H#dm$7^+>#4W
zsAFrU-6kFCqedujN?n``$v}j#@x%yh^>@x_R{|$+djovKoz5M(-)n5#-Yin=L_|8~
zj#sVkt2m4YZm4p37(_BDF)@*OHp9Omv}K3DsKWCRy0d
z{l?JkRu$W609&4e`lpwcft8m_s(X76nkE4@TybsR&=!ZPlJ@33Byyd|3aPIj_&DL#
zDovRNzqdPF5rDy9#&4=G2fH%70%l_=J(hFoh^)WJ?iX#c^YF#iw^xgZN$(_$^Ecl=
z^Y5NNiP$B+#pQ7&3E+A!(jUhU=%VJW8-idcv5R${raj*q`Fd
zU~0L=`7aVi7tP#82JRhIG*VBRj#d!$eF)wB_*5Bz&i9m`e*T-CGriUx?|d&k?ef|Db43pSH}?IBIaWt*MANwoGzRQIToi=5ljMSH*;l
zQ@Z}^LOlZ%hL-7r_D-f*?h?P#AOkOkqsb+c+L|jv)0IJm>O-_EY*(RD2L}hH#f2`N
zISiRTIG9%x_B~fjGu4kD)~5Zv-)tVt5gpOc<~KLWG{*+U!?Mga#~YCY%pAI9-vUM1
z{umZKC`tx+Z<5{TK;CD3r6cGHmHphcyJ3!Pms&3^Ba>ElH~1V&nsP%B3%;)Kf-@P^
zr+H+35xM(R3|EF$BupbT(T_6u)@t01lT3wZ;F+PW;IP4pz^s799NvEdCk;ioc`geU@K{)H
z)aA_6BCt9xtTB?C&(u1|l?3^u;XtHSp*`$vGk7jLVoAg;hlW%`6!T!qPvC#sY0HP%
zi$&iWa&4Q~@PgLZ-oE%QHe&=i+k0f42b6URMjDoJKT*b1nPJsnCsM+I~*~KwQ?~
zBnS@@JMeL~e`x4!pGaE^i4ZhaOscBD${)rDjOpE
z&D(Y&)o(us1_wo9T?N!9gEm#e^U
z@8Ko3av~xk`{Q;^JqnK^lcZo}S}VH#-CNWBx#b@<;WkMhy_eD~4EwTeXX?LeK_4EZeHvbI2VgGP;kpc9&
zhK9z+R)aQkEO3u-mC$ff-?0u;TJg&M#XqDb6qfENL*~~n<5bZB!RcZw*f-P{*%RJaM43Zs(W0)v=omW|X
z`{Bh_VHICpIA@D+o78TtDrqAT@E|Dz9i518s1!b+R90#yv$SU^T^Nbb7DqsbmXgX7
ztT<;wQC+LGx%ZD}$R^U_@A<_iFfrS48b{7CmtM>?RyYy8W?O4^ng)_BH8lN2x^|fD
zH6e@64ij$ei0=X5cK%-vXJPoVBdW)RDYzsyL#2IXu4_W+t9KVZt0RLVmMlXFo75Cg
zsDm%2Xv$DukdrtB&ZOjmrp^QsISrx;WW?gKk|=ygucZDxWe
zbyeo>{aN*jg+GC&mmGwvY%|on;}#eRY#E{J?}i2k3CP)8T%IxBb?YtP@O&!>7hiAQ
z95^*b7frx2IBl4Rnkwd!9{$B(w<=L&R8`(`p4t#*aDU%m862-Z)aC}fE8uyh^IjfN
zjOda(Cztdj37c2u6jw=@-)Cc8NzC`r1dq2v+s_RyS|C$RBonhZ3$M
zxZvs<5fVe;#YN8EeXUQAm0G)sC9KRi)BL}g=cbF`{Nmro)Tu}JsIo;-bW4lfK|Lq`
zB5NWYo0Sw^8nppa7Rhc92LZg=t&qH3b)i=h2Pq|ybGy$#hBZpU48a=#mp!Hmg-=LQ
zN&=Nu!j0-F^jNdyoL*8ErjZT>*D2xh127ZWCa9;tmQl)^k`oyo14UNG8T5oQkWFGR
z-hEC|OZ=oo3CPf#V%|V_or>)NQ0JpF2}+y1X|PH!D|<`1|0Gq
z>gr&9{0OoaIo&v-qxzTY#>SnWKNoJ0KO0?VcXjE42G#bAbU<|w>AFc&OzgF-J-z82
z3!!TFzl8?S^OpujS%nAqdpk#%2ePJ<&x|TwR)LUPv<}L%y@Y`^@d_cFZT9Ln-#TQ%
z%n`g$p|P61YiX2%nUcRDLP{u9T&Wz}Q^(#t1J;
z8bXOOKuX-|R&Xv|%|x7elv0>|tXz+91P2@{d&jY4pMRB|a)_N!7D^mmyqA5wv-3-(
z0H(13$*hSxXlP8cs3`ARSMuc#jtcx+0I}OroQxHY0x{3>&Tifv{R?8A{Q{pLF3J<~6a>h8DG+$mKoMTi=tP*m6Z%*N
zkQI4g!Gk>V_WNMCUtSBGF!?jQKo`*JGRc{a0I
zCvsRvKx8*;1OUscpxU%Q40h;OjfZjnQ{o>4mMOS^4-U#Ef;-J{t|x?E9iN&C2VS$*HNmf+<(kJzi9d(=em<_
z?bc;mmrVywd&-SQtMtMoH#EQgm6j!DYPT}N(4uf@I$gxi2f!yJTIiQxiCPcxVpT#F;%&(O4KX|m`r-ELffD_lB*TZN(
z*_`6GVKy>*kNz_Zjg@*$r|fMk*kbuLt7%SL->zcgLQ&<}bw9W70!YK&<$NU#$C=kv!tr>Niz8F#~wHRpWfufc-%pD8lz{{l;?J+>c+Ou;>>!r{6XtBz=fZ4r+n
zP3`OytgGD(tp(HdPTk%74)GyflOLokg2;OH%$vR4ssipzZ_%mDoy)S
zrl0^uDnCDJPa9g#bb4>Ftj>oFL21>7BAM{r5Z;>piro8)x@&0vKmkJXHZ`~1W!kiJURyrwzRFfIRrhm
zT;=5LKJ@`X2=v9#D$801^GeLeLaI;$JZ>@{WIvvzD%xD(9n`r
z(@@pX+q-?vIzAr=hE#R5ToS5e!OWk%NX|EE5m-|jTA4XL
zGVz5wPPd12w`At9kDB#(kUn#f|FlAMOl`gTx%cCCg13&9@MIbT!}i=cReY^4Q^z%v~H#M*6{^V+nFoN@k-s($)y$9j>GC|dLtA)2>
z^2pBgT$S28s$))q`yc;Uw!wwQK*j=Mv0MZ1yEF0fXu?Uv6&~zBC#;zqgeT_;F5Zci
zywGt7pYssrLb8WYYFFx+sd+86=N-YEe4s3}%(iDcp9MFi>UjVDvD&J2S>Swx>t`@6
zy15JE-+9+N5Y*m%L{EqaPSj24CX8samuj+gBvg7QQEDexa~_g&Z)2hpn)LWATpQ{A
zEqb+Q&&9m(tU8Lz%z1EJjUvEJ(dV<+S;U;AER%{s=;5J6Pf)B~Yl3Yj
z8ry4W1-Cv0iFK)g0B059k6?%K(}zHFXc+e|s%Cr6o!T+X4}yaqaSn8-fB&g9|5Ag%
zbqG(c5O!a>-4XDw%H5~?x_Ie*R^4oR*NWt<1|S-vOYhvn$^o0JP5j@HGu8>&F7$iL~ih
zm5dpYIH{I>CiqdIH|tfZV<`z&c3|z|boD8>bw&ZTPGyMY^AP&4Uj1L9+JE9752}f@
zu+qbHzP;qOTq{X!Qkf28+f6h|;5Q33zQ_d&Y>9E-iO9}0Y>YopP@d)ukDSBZ5fKtf
z7#SgiDE9EkV+y~9!E)utv%4Ke)AanOArCT{Kb{bIesLc0t%p2}&xPHpCy!sXZ6c>;
z9e~vEZhewMphIhUE`b#jc~FOPl>dZ^L(e`sD=(k?>XnfGseuhS)h3llPiIBcCDe_*
zH(}R0pN_Eh4~jQ=O{UsW+9R+3mQGz6Fm=JGyY{q?^}=I4X%c%2ocoS>D+jq*#!*2LT1ULlwS!dY2^h9qh?!@HFB*Vs{CflRERi!BrK5~nW
zw}DHQ-YZO_pHp?Zb3{Ys-^u)DdGu#H|Hw=yfzsv2%(q-wasM~7US(C)l24nOil(OA
zm6WZ))G#kjtM1m+{(v-UsS@dm!`3{f-?gM?jN6*Aj*gA5(><1Uc){P#C#_9`P|lYLd9jC$N@A0?E=P*LAdNqE{X-7p)cF%CLPW$1yCOur_!JksuV
z@2M8h5#WFpQ^X8J=J#O|Uo5@4fyX
za-G@TY%@SFc`S%gX`OU%h(0@ah#(BswbM%(re|MMQY*rY
zs(OO*5OMIvN>W+!)vLNVtVdH6#4(1moSxgOSMU1&d%YfZD*gKE)uyC8KvL7&=wCM4
zH_G{xYE`Yfzol6MnD5`nMZZcw!6yxoPo?Dk-GTqdV?eMkup_*snQ;Lo^1fED23cl_
zv^Fe;d+7}YX*9RIDMM)V7xG;W<=Aztv&WWlnd}ZTuQ+!J;qoc5^^%H?qZ+rfw*5o^
zU4k3~{>zuKqW@a!5J~`NiYxkC~W5Bkvv6^h_*{ugr5VA++1S{4@AlGi4Y|Klci%tp=hcs_x%vOF
zUu}mmx^;bNodaQ#FA5UJgMH~=+`iX2p0BF)V-8Db$zQ6vnmL!~Z&^H=ARDatF#m>}
zm>cTp$(LlgM(RqqAK*G{bQ@N749p5^Lk@{_{J*6Q&dtmyv1>nO!{P8TS*o2;;RUBG
zA8KU^{!r1SxSDF8Z0O4Bm@K8nmmOU_-Il+0pPfXv-+kFx5eWNhJcDwOFfENWBw-kL
zSM%=~EzzGsXF=I&p?S8|)x52)Dods8sL)s-CO>a5;JTzsdfbYb0mb8z5Wi(3up{=@
zFYF5Ksy-=dg9l;JeY_@>bZ*H?Kf=YrvtKqr5Ga%!DsYT1F(9yeHdt1h`n~^poNuxu
zLTlb=u<1u&Pd)4Xo9&Q-chgk_w=-z6H2IhDOaKpAs|ej3y;Y`LWAR6HL*c@~M=Zpj
zk<$MiM?*s+NtZ^{-P$NK%s^jXiRZ*3p-KQK2p;dtPJrOfIyh8m_6C0b8u#7Ol(mu>
z9imB__3@+P;RD6+?A-?6Kd%lM$nKNDP~;QD%!#sNg=l>*Q|BE1(*RZb;tOvkEJ
z*jl{rO{lX>_%HhPGNHfSx)EMNew&y1$NX8(3*k5J$_*FD;%f#B(4bK%HFDzx=@*xg
zcfL1Yu*F&flD*gRU8ml_&uIK(j0~R9IsJ}M>YSF+%dT&nHh>jI{s|xaHXa7VqjYk>
ziGdgAuI+pDLeto8HMkGA{9Vd%;&A)`ST$GV34prw?17MqKf&=SEe>Dh&TFw#;cnxK
z?-N5N`)uvz8yie&ej7byS^#B=nsdJxbVXG?t>$L9$Qo0@awCy#|Vt*ENHQ9lD+|WSU${pP=wAD*5
zu-_encAHM;>0$YA^IlpXMm49K;)nzG#p}+3N2~KxpGGaNSB+m%9AS&>2b19E?@Kto
z?YA>~VgRr83me}XSc!H2A91MPj=)@-IeXQ^KGQ{(T9Rss3z69MUi-LN2W(2M-SK(Y
zW)ccMzw$eP9)BpY0zW8z;(!0)8TP~RC}X&*R!VafJ|_cIduzd~`^&SY4oU&{^k144
zIgb<@`X@5LZ?BO6hRbdS^n|K*apZZ^+m=uPwQ4nQb8rG+_)p-5F}Nipt(^1~Ys
zE1fc!Qs4*Ka$Jq;w&#Q9&7pf7P^H@$>qOIZ~az-OiL~q~zR#DEub?>Q1Nn+nwpz**!`of}pnZ2NN}eLoKM9BD>G)Z4TZ9-_
zpFw=EJ}k^hqeQAiRU$=3l~TE%J<9rN^$aqssa0ek?ne>ubZkr__%d{S|L&fKvP^r1
zq}%o5`ePn@nbao@Iu}Sa#j*rXEjqs>x~q-Rx6&NnqcSrLwScFa#j=<%WDFo|Gf{DG
zYO_~5v{d|Vts&p0y`Z4~YTq3haC4zr_gRTgR(#y-s;hdCg`N$uiS_dh4S)}k$>M5IStEFZ;v{GHMor*Gy4k1%?m(K
z0|iCJB!GZf^NPEd*S;pm1v!hQTsDpxFV2R;8HT&arIek+P)>}j46>l9;6v4;-Z!G<_cuF*?3e-)?ljpK@Q;o6|B?<)s;KxwV`mn7nnG1_eJ}z<
zfHV~-__>ZCXJkW@@*Q)8EeEbK17Q*E;YZimVRFncK;O&{$q>ZPCWbfxfhf5x
ztYC6hul5u3r@k_)DT{(=P%J<#rl=I^v;fmB{(+cKx@9X_wgg=NvOu|A)O$=R!iO)%
z?=L*^jV#&v&0&_eQ+U@8ZdN7ypY}q*l+_W6no_x}TIASuD?i91Rmf#iBp!{;J36C%
zYdW&J&)2+cR@&3boR+w!qbsAyBv&>iHD}JD7oF4LINzK96;|hOxi7F19A@88@PcgE
z22m_Vl6g2DzaLJcy`()qZrkzO_K}jSYdDBAXINjqU%!iSn#u=89b{AajdkJw{@Gt$
z8vKJ^rz0QJm8flnNQ?Umoz6xWkup{hh8N*dI5w5w+FFuCv8u$vK*ldUt8xCt%i-V)
z<_x>vYl1fAZI(1|nHF53$Ns<+x|(Blb;r=Id#cY
zJ*>)EZ2@^AHV$Xy4i5^?W7i3(MAJnbyVM>7hWE1lr3A0!y+Q>mUrLtJpl0o-#o(gJ
z=T)R~BCl@plZ_tZtV&;gw}zEoX|%GkviY?{IaF#~jgEXZ656#tymLq
zw^#m>MBt01D0sesuD7hPCezn4OOnRnu}jWfw6P|sF;BV_UQagX77uLB&l24ON9%*#
zg;=}xNLxY-4%croOGCha{XGBi-DW6tI1`U&f7Dq*tNs+RP!sSyJX$oOx(7z@ehQ@d
zacBG_ZY$y)x&jMLk&CrL#i9Nur^y+Nt8>2%Kt#gDyBNW6%4H(0C@GS~pNVO%>lY`<
z1cMU%X!I2%TB+QHmal1M`~4$iRp54?LDPSyWClt@-Ks!4A(QA=WmPAQ%`Th{8;#P@%1!8D;WM)0mkEIsLiUtT
zH>%(w9UZ5_sG7(30nf8SvtNqB0t#B4;aO>#{ber+6JUa23LJ>c<10n$47@MX
zZ1nJZ;f5~pRI&8MVJb;0!V}9s1l>+@zVDX$vO7sr{N=)#{9|WQ^BJ!KLw#j^EwthZ
zz)CK#F!DXN2oFfrXmzG`#N$bJP7`L9W7YKzT0M~JtyV{Uw;E5mbCuh(eth-?QI58X
zE|6-^E-%|SE;BRbu_ERHgZD`J>#M7Fj>~8m%IDwZVSccaO*WlpYk#*tt7~-OYr;j|
z@uVVOzVvMT3~h25w{?+>Ceq0q5EEfBeY&Zk8B4uMjm*M0?(7ig+WcrbkM68QJxsjv
zZpxC`pArcOl%}n!MT?{8Irys?IsJ5a*8_f`UhMv?OI!Ov-sgijk7uYI_ND3s_k2(PQ%T3Z?Z
zba(6Nb2%8&TKtKm3!VL2E1fIw&2fBiyWkt6_ekSDCnqP}E#nWsZdB=26p2Q;4)C*S
zGdZBZdhhA?9*>#uJIu3gNsdb%?k-d)fH>CnccTMHOAttf`i)ZSNBz5VSGL
zAh6f~`1Gv~+%+vq?<+Jjb8x&%IZ-9B2Co7I>HYPKXlszF5A7v+-O$XaT0rBhr>pu9
zmRB_f;{N!A3ZchX5F@^PprlQ|X@7WxMYrT;2!5eVzKQ9VvFG#%dF0qEU?s62-C`@6
zD^Z=k$(WvxPg`3G;18WPR@f7Jx!g%^^nb9B;iWZFx5<2mjxs6g7tw5T8;bdOJP4P8
z>a_mPn|y`Dr#-y?pyFRroxYVd|2dH2WG^z>Sku>F;zh5GaZR&HlYUflXoKdDGkQ4}
z!{(1Rw-pRID>;FkT)caQtq1@rZ@O(m$sUS_gpubi4Yf3#RPH4{$9gJul-xk$y*E2A
zVqHQ?kbo<%=huU`F3q2pZ7_{)e^NETJj*lOEvOG0<8hv)o<|4$mndLcD1~->-iO`c
z`G_uMZF(yh1;3XfUH9}xqiXBp;wt+qDO+7y5v^q0A{+xsd)kf_Ri8thNk*luj8q@p
zZvWQv8{?62%rwY>FpgmP_)Y465E{Q*)96yf^@h`|>72*)MgS4mU6o1dB3V+Bcm2P?
zTmn#|Z28W_lTJL<1&H;_1@d)M=yjmO%~>cdsbc+}=hMfNI_6X4@0@SN!{;`gF325U
zjQ+#c{UoL+ff4Kk%$0VF0`Toz)opS}EfNAmCih9y{tM#Tn2`0rh_ax^Iz+;&N(_$u
zQ#8Z}(BK9n7wGsxdd3RqphORcj-TjbbE`z7UIzVWPcrG(g+Ew6@U61jm%b0=G+^T<
zV?SzqNiuE46Rs182Qk!2mYCEMUED{GYq3zI-#QTb*>H(dyak;;Jk
z3B`4JswqHC{@2IKQugwaJ#0?-aVbXITyA;Z;&79Q=7?c4*!42*T)%xGIW2VK)Q(&Ar#a`?Yt90fCk$NoY?VJNT2W(k
zT(HS&w#m^#36;CmVg?g}tdHnKyOP6h2PD!0s-K=YU;6WXXSCkt
z^+t`GUjP~xmDH%7%2RO}3tZ={zoK5D4LMWthNi}kF~F6u1DjpnymX{F(65#)4gUB`
z1Q(hWr+V=G3
z`t#=1M>?i^yY?7<^hCmDAK$pZ2>uNIr4H)ak_RO~3R&d7Kxv`gw8{GJtQ2%hW5owe
z9OZ7hpJ8XoBHJE>7UC4$bLOdQlvyge({b&5L%23{P?7Y_C6IW)jqsjJsRh
z0Xt(?2RUwB#T0s9I3HSAOQt8eI+Mj+>gUe|&M_)kg^9n9_iaZy;Av_&b9iQkxh)e?
zMuk{znJf2>5|f$h@Guc+r2vwu4vxo|!+r%?t+V-F;ga{)o2{1k$0rq&
zkhS^tEB_TegLfG3(K~&;Wou99{QC9YjLb@hOaJD3MR&6;$3l%>V`PC0VFK>>FE0*>
zvmtVG!{K}FcFT(q921NVUoOK3OQELAsQ2nk`C1hbLaCFrl5*zb+eXcY_B|v9fR;K_
zjtav+li_{1+>j%T(K8*b3FGE^TV+jlTm1PZIm7(p5i`<-I-EFQ!Il7&+K6zz-EOHA
zH=6YTtB8t8HHTxMv8;?$MYDIS|GUlEpDw96*J;9!0dO+2)M|hl%J+9v`Cc3AKk@9U
ztjQ-((qbv;2l&)9dwWkmz}K6V8>^~Px_@m){qp=#V87bTX|;RI{i&#`YJ5#W5mZF;
zoUk|5<9KvR%2q=87F%bE;
zY>ABK%a85QNL?CZJuw{(YYg@zA7qP6%V*^RBKkIT2m>dx=tW
zdeP$Qu|~p}L>Nlesu=+xr2Hz~Tnl6}?OFzPJ3t3F
zmd_t?8hUl!Hw0_c+7k_t=tz=IE1kX02Gg9hUMSR{Ck8T2k1$+(CXDQ!)2h(U@KZMz
zJIk=j$&(C0wZPX|?29b*UZ`AdG#ebH6IDj@mjoZXO^WpkA&+Ma%s14EyDZONlgbuB
zl=xo1c0B%9*zr95c~F35A~iLbcwvVQOEr;r4s8fXqTI%z{_C7b4Lk7hN+hw00_;6%
zZGT7}aMcs&Wwm%9{ZW>>jFdR=Bw3N`c~ZjP1Ab7@F|U=xwPgN?G5$Bxp_^d#@CeB6
zv}1hxBLELhLCsw^Z)$#7V~^92MiNlYZmRD>l}Mv!
zkdc}5VK*&jv!eHnx~{GVfQhc3gv1;Wa%J>!H}Pqs^-z|+TDK{SSo~&uccb&Uqv=KX
z=~AS`$+!Xj&;$Q^j3d!#J+)y865>}^C?UC-;$l@uat~Wzi-h3I+L@9+{p0oxUz~P=
z%QvGfaqt2wL72WMkh09#|
z#HIy3++;%-mjC3n;d%zieg13iG)J`ppFQ)x?)WYcmIEI%4*V>=g2UN)M8Uqu4rSSP
zW(H45KW?4Pxa$|QHAb|6AI9=CLJs%Y)fz}hzCsNDah#^s=2tt@;Yu`S<^|)k3FO6~
zKNaB4=Qik#kAB9qdpo+IIWCx(^e8(GM7>WMN@XA-NJ&ea@PSNUAI{pmJU`JL3lVuw
zl$GQtJlviXcpS%KD3QA~F;X7Z2lHg1;@K2eZYXjEa5bGs_0fl
zZ+`rvPn(#c?(#t*aFNVv7RT6F61;9%q;sBGLag&&or+L0=)T!1;u->~<*fTib(Dx?
z;oDb&UA`kasZSeci&RV3RN8xtUSfg!8ZS-%*cEj(fk6e;VkfMg
ztpfrW`(E}~HXAm1?|z8Y?}6_F`7V4(XCsx6Te9g&Poh>m3P0`F%-X#A_SVGkQ1uA&
z4N#uX@CP8CjeW^%t<{C!|K6F$sHx#<=^uhCQbVb#s=9_B*Dxz@C*ZafC!BlF04q)Y
zExGW!?X}VIAeK0>JtGFr7~*_PUq8Qtw*4FnQwh3e^N0wL0}P2b#ysrDACVJ|at^j)
zp?4=G$d-Ra*C>Z=FBYpZA2Nf@T2ZT?n06dyvD!RQ%I+AfwCo0?<_fc}
z^Xu&3UYh3(y>B>|YPxn7Xo{}G^{PF0@45Wtbm_`z9t`z+ZcLA`x|D5M_N=Oo(apK>
zx*1TC)UWIGttqu6qrcd&HrtSl_t!Q|iW~f!WT-x%A1q%=2rH1qvFLnGuD8ziJN4oB
zKCff(-RSP3Qy1IMavOYB+SXTB4-Vrr{%PKC%LmsO%60NQ`2xSr*iZL^tcZvP-k-=E
z9UK>N(AZ&P!yy!IU~qGu3FSgn61Vs+eL!P%XaC
z%Ro|nq}>wBo;jj;dLK3~;_{qr-N*KuMu-UfLq${T62e%%xhy21OaTp4^p7dpDo6=*
znU|N=q%`hRr%PAjvLeAj+io`l)_Zd|hxW(TB6V!T=QO}alen?H&5&h0Z4(_(?ow+|
zU^85~F6Wy=?q!gY5rX_g&wqA8ooY1DNEPM~&e6=rg!@LsQVM$}Xb@Q-A;t>+*t_!b
zV$N4VM{Wo;(|vw^p2IfZhVM)KrV%^N`tPs{d^IsPl2U)rl(7P9EOTO7
zJlR`u_YoU2k*WATwggJFEWx7>P~L4feyfpOjYvDS((n&ik8%oXO$SE|qW+urs^t?z
zxH=G~#BcaPt#s;PKdD6$>tXX=o3d=i94z#RQ8_
z4|fq39}tOPkQs+g0r@4ay*~gGihs~edpa7GmM>wODOmUS8}}m|QxxoKZ{DKX>?j&
zrHhI9X*)C7%TzbV_N+qY^AS>3i~M5Hf6bb%5W0U!*qHFULw#LlB|zE2HNV5EZM6u~
z>9;nb1)r-g`hsGkY3A@RI*4v->w>|Kdp016+u|$j*2+Hk&$Pw!2BzBaohUvioRnB6
zo4CGJA4qq)=@6arhDE|VI=4nN?gfY;r6lvL@sAfK)NEY)1UXS$O86#_gdOhmh~>$B
zAGGOl{^%aY6fYm*D!>A|K>24fMF{6~wzSyyUi=9g~}gN^V6
z5Ki_%S$-@81{!vIcC?qBYv~f8%&oi(5X3!f=jxa$6MnIKxpCqbzU9iU{qQhIeUp6~BpBC#KEf#6_ljrqLhbBtk{
z#pGq`QSzf~87hbNojv2_9<~H;`daaY+gs1>*p8X3tZz*5Qny?)rv+eBHD{XO2rSa&nYzvb
zP@OhRI)IlC$E2`Sl}rdgtaajVI$Lf&HBRmbn7u5>Sujd5P4qNuHPya^{_VH&%p=El
z)U3znG*YEfv&xUm0$
z%6&(8fL8ZZFxe0Q9WPbN$uYH0-3*>{bItzJn77=$tUEatzr~iqtjd%aYsnV*!Gzvs
zrm#&&N4a+yuER;bSV?^KL_7UkvcYnVV4WYu>e#sH9znzthP1M?v4I};i&=#YUdjg%
zggm3AE4t3g70xs&S7K&x!s|+tXB8ehjGz1tHeYOY&Go+F)v>jDPwsT!@}p6Bn1kEM
zr6PSaN$LVZPT1`?Ogp|+#bS^5L3m&Kh_UuSgF6VHz;N-lP4itH)o3^$-Phz0GWupn
z_qZqXDn|D7se5Xsw4Z?5D>{P6>d`g?9ZZA%xXnPX$gCtlsJ(ZF0DA$=4%IIG`{a-CVT)ZuW1-{^d7n;81wP?Dt5{
z2zGJNh8y{YoSLd%9_P-$Ib;WWmU=)&8x_{jz!16akS76!5rM}I?(0>ob!=|aojQ36#_PI<
zRhk)1>x=zZW>h+B4?}$MEd1C4y<$Mqx;{%3uHFPW#>Dr+}vf+MhC<#@0N>^Hbbj{O^&a5l!F522fH1ZkJJlI0&54@d+Dh
z)B+hP!jC?K5={MxGX+o#5lqTgLS|PfL{Ea1w&eIbJ%nU=-T`;Fo+M;lfg$AhcW9b7>r{r_L4t
zCsKrEBN)tVcsaRm1-fdQCu&!ysh^kN
z3x4;w`g+CBhOFw*n<#s{CQMJqvlg+=WAO`svrm}qjR)Q_Y0wWa;l
zq2GM8+Vh{EV7ocU9*;0SxHNQOjO43}|J?TW=cfw_
zojy?nwO7UwpK)+tp
zR4}$M?Q+}>QVy7Hse(3noiAB*pvBSXP0x#;$lcTqQ$Iha#vbEL*T1^v1-YlF3P!>*=IpBi9D
z$4fM{_5b3wuP!h!b^6%$a48c-?*48DAvgMY!4vSv{^JK!a{Td?bB&xFi%|1>TrEa0
z+)@5_-bl>sEobTIr?V}M)s`9Lv!ZUE*JT3&Rkh;YvSNpr_=)85)5LC?4e=67!7WV2
zt(McnXCDc24`d~bKZ7%1TiM?$WRk0EGSx2njh|K}azyXoqZG_JS8LLW)lWYW^hjW2
z7%a?+IJfEV5wOC^T<_s`TzI^AlkkUaCFV-2+B^|*Aax~AY3q5x2cES0|2oD+h`$wTif5!f=F$x~_}TFTp_b-^exK`J6qlm)
zVv1@NP~Wp_SC;PEZMt@=e9eOVp~beau%K({U22>h;VsHR!J96wc_uV>|Aqw)tn&kl
zVQss1|9~H*APxuP%Cx-6=8WERXP|FG(clD%su4{w$vH~4
zNfqdM2a(4_>QzbHFPwp6pJ<%!H{7_E&eb>2j9=D;V82=X?s>rtwrWD-yVB?HU-U&`
za_=u6y^N?W)KJPWrGMB6ExbBHDG;5#u{XBtk3*eL=TJ+LL#2dh!rO9}XCuL;>>MMz~Lt}z-mTzC~>
zlL>ZNU?YUM*h9BykH?Oy*GG3u!uT!)#Xv?W@AreC;FahI=?9|Gd(ofrpny9C!c&P|
zt|%+B`)GixRQ-{Lg!C2HL|b$Nwogz^8Qt{M(n$33BSonM$4c`PPbL`o<~wk;S)y&=
z|3o#=f1=u6F3tAH0POA{-L(6D|9flr$Vfc`PUfEpar$&3w0aj84>_A*PcB=hz40t#=gA3PsA(k05;!Mfx?i6E;%|f!
zA&Lj3EN6%1_GO)y&Pa9y%F8WQIvX-jh-4cmk}OY
z7oM2Xa(ubvb_SYetD&g?cZv*KCz
z$4B~>NZY+HFMagf`CT$gw8J#ZsZp#(=G4)u&J4Rc@9w{$tP&L$2l_X-SSoYQr=&zN
zHXFuA0ay**FjanztPuK7bw>HV6D3s5Gh3osQmZ#asA&JO>-OA(aJ(X-h>Z$H5L`-3
zG%d@VtpKDfBQ9eLBT8`;{oU3I9iPm3e2qKJS8f;T^a^nku}%SO*@*V`8-}KC(Es%w
z&2W(lXx`eLg|OK@<=bv)gS28%c|?2bORJY}(SpM)H{z7C6ikiiTv1vDcX%LnHo>{e
zpBu-*i@0b0Js=Z`iMcl;=R<&LpEC00HTSX$#evc@F)Ip4iecx(KZ^NP|4IoxF
zHf3$h)I!^srY(u7Cb)uEdC{LsBlVPOBn}&e)tYJtZc>w$jjguHU!LDVgJ?f%*x8k3
zJ;{erxF~-Thw)mhHam!5Wp{LR0GF#cehAu2C@U+ATyfza5{p~XPV|%%=Oll8SrXC}
zbyt=QvK8@*0N~>qmz53<;5B3Zo=oSFena>kVNn29adL8MYJ{jS51Ci!)D%-E_bK9b
z5}J6Dj1e+=TRHn^gU=(aZ@YqkO$>w^Ygj=sQs`q2of4s@haGl@=nooNps(VIsls6D
z6~C$53lWcBxaDTxSN@O~eFIp!X67(fT$PA#XyYFv^p>TxAYt%jm}~Dwj)2a8p7q3t
z7aes|MPZpZYULy*vMX(A;f=rthlIwj7YMuh3(l5@rmG!uzt19gO5Tq+wN$kw
zbw7@<&rLjBoXWPxqz+ceek`kMQLTLVy;c3;=quO+cV0X;)_fYK+u0ECk?QogNL-v+
zR#<pkQ~Vs*s@O;gUh{Pbc~O?vop8`M0z#8i)M-XN;yd`tCpb*MQA
zn_#FocTOAO+(=%1kc#pSD*eUNU^&ja2+0Xtf!gq7D2cFgv_nuIItm2emeua!K=on*
zwZiy`H7jgd`3Z}ui7Q`p>w?3Cx=f0qKzdm_k3QZTri;V-Yg_bV0{P(1yPUSvw{Xi@
znQHw`37AydCTs~-iWT?r@28Rl3UJ61>i&t>_rTxikz#ew?0bNbso%E~+B(JrxyzxG
zfGrq@V>MH5Eqmqr>{dGVbduE=&iocTMHfSte>iY`C*B8;pPp{dz;t;kqq+)xwafFP
z?*{GS@Nji)u>1DNF#ANVe;(*ws{D{&7Cc-e>H5WGyF%yI7(wGT~9}W
ztc|boD_P)lf`P0Lg1DxVRKIV%jGh|nhIP)N-X{rWiijM6W{pczvR6~~evl;0w2n3h
zzb~{z;x@L*M&V9v4JY)Fw|7AwP0ymr)pglL_r%Cw3a)im?uDr9y>hSc)E3+FirUj&s{6fE?R~Ua2yMeZJ8^MWq&V1cd1&-#DBXhQCZ`io8$#_F=
zPgZ5wb*lOARzgq+r%BsW)axA{YaKXjo1c1tZwKFh89HyvHaIBb{1}7wFKIe=NbXM1
zRhQ5E@`ogUVQKp9-St%J$wa%n-WV@D$u8L~*Lw{lHe`NdH6Ou}!ctlWhU$T6m-OQP
zydu;FB&iT2uLTbjD@JP}I>WB3yI)@`YU>NQj>vF$MfhY
z16Bn+7`~Ky>5Nyk<~6rwo++cH#tUy~ud(~zrR#2Sbw$OpvvWMRI0y2S#O>(kzvR1X
zCEISM)M6*mIb!(9HU49t!bAu
zyvEXCGPXm-WtJptLS4=2w+VJ?DBhF7Hb@C_Duk!(vD=+)$)zFUY83M+@U4AL6N9LI
ztA@JOThUu9GY1i^w6B~7q){i1on*Fk=HTRfI{Mi~@#d%Bj4r3V!|!Eb`Yt7nfsTW{~(WeQFYvH5^V>Y@fj9
zy4&Mqmf7#gm5FO8BZkxU){_%&O->#iSI3fAhU!6;J3yT!p=9ZR-BD8Hf
z?O5%SbF+fF-JI#7AslPfmYvv#!27$8u_X1)wSYv~FRJN-*Z~F2;hE_P?A1MrOa4wC
zD*`Tabi_+2p5J%U6YNZ$`E9$RbWKQ>sAA1!s)JwzZ$?DoUSb2mdt+#NAEuHIBI&vt
zUZofH3Pk4Avo_S#O_P{*9ppz1f@&*tK2k`e1_Ml=kho6yn%A!85&rP$KSu4~gx6kMLCfhv;mo)1fEHdr>c2w3B}_iyvZJvP|n=?W4N%?j%TvKQX#%{`9s>7xBH)u~8MsdW)xFD0a(0qFV+1-qw?GgZ;
zX|ltr;3P@d4b>M-kWv7p;cG1|8~^n;)2g*@!*$kO>AACZ;=>k(qP5NEzA7y*Gc_;42j);&w_|(mh7>!6Sn5OqsVf9A((5`r%F7J<-_{;*P~xG
zpRGGjETjc%dkL|KdQ)Ptv#_(9^Hk+sUe1Mh8yM&xZ1#rCEiZ4CjzDtzYMnenuZ%hgm2s
zCOEs{Q;(7$N+jOr#KEkT{$<~#Kb9fRdKiA`a)F}Y*SK1Z!~28#B;vO%GhbMe*Hz6V
zU?roecjoK~a*6*jAVnOtA!s;est-yM%HI@=o-DphoJ)sJ=(1H9bpgxn_-)VmO$x?p*7DdNs%IvET-UO$l
zW&s)PjcyxInbtVqj-is2Le!nKJs`HuW7Lwiwr+`d@m1)}jN%4!VzPGS{l_RPjQ@1n
z#<;;3*gj9gDi0;ZF28nr^z)l7($1+n6^SS&P0eYs64ZzVyPRH6P!R)RGyhma?_%?*J{a``2QI*qtcR6J${ylpD8ms&9?h
zx;nnQ$|O7cpc_rbr+r;=x>T1fRjyz@6kBlHEV$C?lLU)4U&7PrNlg1JOo`Z&i@_h@
zEB3TQ!wwG+J!!N-Nbn-pM-??w#N8N>!QxgX%!-OF!KO!E5*!No7hV_4r~7OfU(>j0
z8nG5f-gVJk{`R=LF6+~VUrf~;l_E5b1;;BSFvY>2CxL|KN|!Y;Rek2m$Y}uyBrf7t
zi)zl|LTmTx^|>+)&b`zIzj@v*fP^yn-*Dy}*9cvSGy$~eaLcoz_bElot-Gtsuud@5
zQK7=+hU#i7m>bBs3l391Bn1Mhw&4x&MMDNmT@!d!+tn;#^&ZFCI$CMvcD4Y%^HakP
z_yhZQ92%7ZJ$omHxGL`0&vVzl_gkp-$D{LmQQ}h
zoa<^YXT-K-&d#%B?B>u_zGXRkhoKCO;BWkZs!i|pm&K!6=EzK(<}qhW37vxr`6>WV
zG$KjIdBIT{aefoch}9I~AiFVA+^mmDE&&j_wWy@!aWqba)Dolno
zv>%>n)E-6Br}~`jpY9}6;jQN!sIV=f>v3`dur*^3={fK%AjVhAa0&=!Rz4`TIV(5n
zBeCvujOVD~aOm~BC+>Rpp`z;em>{93pv{=70P{1f;T(
zsSkpwguHb1FA2*O4D0v4hS;fVj&H-gj6nAGBK@*1K>Sh0A=`5R9k5?Ik2Do-vEbnq7K&v&UApF7xYCPnzw
zS>Jh**(1Yk(tz@3$$M6jq26*uJ4m@RHkN)m2NY&We74*6;&Gkc-7ensRU{X=E&V&i
zB7EqJ@b+j-?|EdtZ?~jOZYkG%pndHp5Tm0w?;lbYgKNn`!79)7$)mK^qoFw$d9;-{
zn;n1RMa{k=n-$^Q0U~2h6)eqT=rfUe3i#X>WLd7Vk`h^+HB!<0r>(K*~MfpdHQUb
z2ncL+jcz2Rkyg5e(G8XV4d=#o%9^A;=9w
z4XzoF`wK-ghF2D51J$g}mxui+U&zJsISj&WVY>F5Fn7KyW<>ilCnYw7e-GLEx@!C|
zKX>=pC%bH3EwqQF0{Qh&>4Z$p@EJoZu(zdQ9#Bk_S9UNaCsAm7Kjuc=r5_cw7g?%?
zw`?ih?qt&cn{K_O!K{-~xT;i|Ka>WktnJQR;b}%1{6n+
zXDj{rWLk%p!DAI9X`JZcLzyHQE$Z)3l5#B7<{t}5n!j%uoFOibGdrDyy$U>d8U&x&
z<#?q_beuRsjEP7atwQDsnIe@qbA!rwE2bt0dJB;P={O26pS^cnYMt^x7bB3(sTrbq
zRbrxU6yvJeYbCEfl|
z3wbJDd5Laq9XPHICvS9e)VOZGp$t=TAhBk9$_|d*3BAW%Lp6VW_Hxj_a&Fn~id3^j74-U;*fN%4CtK6&TZ4Au+saaI8r9Q=HFB1Q4Plp>D
zom!=Ck$ef8Xl=aqZKHuD{+grXC$0rmA4ThLQjOrs9A1mIw~emCqi0+;=Y1FV
zMBLV8%YEY_YkOW^-?BvGm_qzifz`j5DQxqH)h9=TVK7(XU%0
z#n}o~{Ro~`73>h;nVtD;u}#4u4@3#9A}C*XP26@yYphRX3j}}DLLC{-KL>ItC4{Bk
zPLuQM)LI%otkpHaTSVQ5ml=-*+Hyd^U$g~9J{V{IZ;hxkVkxRy??)U*^{LuqEY?B%
zQg%J>UlKl6_2d5@XZ90CFAz?&3$tH>*Uz`fNXf8kXs!-m#&0gjaGiQCsn9Hy
zI=?m={<_b%>SP*2^6Zu9l<5x_sVx||xkAVxKI8q~l68OBNSgkUMskLE1yQ}Log4*>
z6$ajxMeWu(-`H=wde%)EK_T`gcsFsix-oCyA*xra@VteSZ`NRIKhGvPI^wM`rZ-ZRm@0;gd{b
zC4-=rvo{Lp+t|&3L>8f?z8p%$Wgox-VJk`ORYplkn~&Z
zdm95a&+BNY1yKL|J(ve^m2ncxoDG}~pDOVo;GlS6eYr>_w|{dUq%u}U<(SveMOylD
zk2QL?ZP+th=UcMx)NiOvfmy3e-DLQpjBpm*{#)CJq$v;>?38j>SCv=8HpAp}FK3dp
zmM+qjbUphi+umW;3|;@$nfb1FiH*lGOs;Y;Ao%p;N*V(gVEPO{R~7qZUO+^dz6lo>
zrG%bFUd0QSZ@>POzH|lOt^Tm2eqsK!Z6eWgC3!gO&U9PWz=v?!)D83Oy#3;Gz(8sC
zdGkk%H!%Dql-&(;OQT@@fniJNLDCd1K9z;O!Hpk-LkNF<gF~8$vLi2Yn*8&M
zCv}bw=u-*9dyiVBKB%XGy~>oIUCbTQkc3IeE4}UM=Y?c0iMYmkUcXS)zv128mjlTD
z=M$}D=y8M+Un+j@x2!z=$4Mf^;6&iV3Kwjqh&K1@f3)UQR#rY;mkr_rYrZE7;3@my
zVs#8&U=!%!Z}pjAB|e}8!NP=EOce~s&dD4tC?5`fUG%euKoth@3D65I-@2D0|J0?j
zSkFsK9X@r9|0ZeUk!2{Sxf{>=nTdoG(4>6nA_br9c~x|ijq!)R)a~uxnY}Ow=Xj8(
zJRC^;cPXPln1g3s2v12?5%)k8(p0O)th3p%@vls$j&ir=*r~JtXGnEbbCwBLGTP>>
zSHf3=?i6VM>HL>e>9>F|Tiv9lJ;Xrc~_hSuljzOBhziR$+)MpGIiN(qnZ135ZBsXC?{5xL%vl#=ZwUfL~RV%!24
zdRb5043#pQcL^tPwZ6|@+=J*^+O(?FiEBdW@9*3KxuiAO3648c*bY=Vbhbr;>b9y^
zqxCu*!iE4FyOqTxk#1;6Pxy%nuI=(;i2bfQ6&X0ZoOkXaPkeD}{%9HPSV33orjH~C
z@zE3zLMf$*>x-ryPcAbKk75=-8>+Sv$B9%ER)qnggA^hK1GjOy4|25;N?DVTiABwc
zZkfTxG;KmB;PEMxsiKs4pB6|uFf;er&^TKhQU(^0Np2C{2z?feOlBQgwsC49>S{$x
z0?=vwC~E$>-$0wWP+07*o7%C3DKOffz~A_0MOFvx&XTXSq)FFxxH=XOvsk&eqZW3J
zMJFJ>Hzg6tbb8*U3OAT-{^?uf^L-nBQ+uRr`*z{ZVIxNYx2yxjEE*$h?)3KSVM=gu
zyD?~vQ@TTX8h6mHyBLc?KS
z;x@gunbX_lbmX-8`CVi}XX~)@lUricu{;eb{a$$g-M$&xr_PVUO_03c(fe~x_MGkS
z&#N8%2#&)etB_$dDCAY=>z77gmsd-VJjtiL;r7?-Qn&Qp)-M_kIdV&C4UGrU^S?4y
zYr{^Dw5-rd#uaTzb=%rjfBb<&Ee%G!Oz)ne;KIVzhUp$Vb6sUvAi8245^#L%%+AdX
z*tHJ32}L{Eeoss=Jf|b}STW{?1?DY?lJei-B_*k`M)@^`>G0^cJbrT2SG8|Ba1&Bp
z6Mx`Ba$EAyF1~q!A|;0$_D~PWl0=n%w0_rI5ZV^O3yn`V(-^zYegcmni{s$&=8#IQ
z3?mCxzRIt3snz=uX<(oE@OD^p(+0Yu095CE#h?uuyGuwfTJ20TF=i2MJS1+~VS`n=
za3kmDM0BJexBthRZIJWI1Kw9QT1W!17X3JE_8A(vBk+d#zB
zx0FW-I4+tySdgNSBuv^qh^+^o`>Rhw<&i6to5mH_Iw;zAAY;QbSW^#++t-&R;3JYF
zEH(sZ@#XI@3?56WzJ`Q-G66<;A<=~QU2!(@ev7_d_C~jlnV5R|lTHMA)(@7^u8F=Q
zXBHmguYYqBFwVBSXj^?73ayp%Sg1uHfX_LdL{-L5?+i(@j@baLV}5%a(LI_fnWqWS
zc$=;aaV7NF0nV%yLoIRV_xZFU2EJE0Fxj%dw#3OHQcg-m+$2T)bJ<{q$=pPN9WvVAjJ|mnJo(Y8!
z&y7(FZ&Qp^HBcypfh*1d>)O|T@JKX+21b?v9UdMI9PaJGm!Q8Pw?3fbVlOSl9AXs6
zU|Oc=5;)%sl011v3Rj8uf2rx>Gf)g8$kAOu(F@TTHoSf)hLL4%95N6rLmJOxLZQiS
zjv&YN@6Jm;D%o5J!E&0FX#SU`;2Gc>TYdmB5bw3T^vDx0?1kfq0CX_Z0Shb@BL`+`f~
z=(MRJoDsN`_ZRt7bIjg?JLrcD0-&`9vkD0$YXX$|g&Ca5GQKubCUZlM8Iiys1fd#U6d^@ylRYl?M<
zdVgrlZG9T9YJo>}Wx>-ni8|it|5?tta5Cdz+_wdE=3>jWd|tA=>MKaq8iYu`5Su3b
z!`+r$xId3^!J|%Vi@S2`<++pJem5}L2m3%rw40Rfac6Ag9gc4%ZB}Nv+WXuiOWgEE
zz9Ic__})3)R}mQ<*i#QcC49hw8KXKg?OogaISn
zz@%HhJPHFGpCxN2HgtL{!6y|p$fmeg-hQSxE)iuCIC7F1Xg`MA@G>vP9jNKNWJ7G5
zKtzMcW2$nI7-AxxuLw)?45^iuPaMs@r`gl!=TsH{yBpy8Ki=`AFTCcn(#mD5vrHMW
zXPakE2nxgfWbvu*{$#jkW~?Pa@+O<8{f1Vv&)(l#%#*N3e~Egh$xoX5bKr9^FGIxW
z`^Yuc0lSXA775K6KeIQFP_5*Ow6@QYug?;cbX=zTD5Wy|W`p_Bj~nKIvuX^$th^E8
zWBOo2h&@1GMBnIR99n|*D8ddM3pQ%^#=8QeF{@BYaS4z(B{Z!VlF|1rTru;toyM1j
zin6!kIGh_0E*{&U1N6K5Z>&ahD9a7Ab1hiIaw$>DOAZ*+c)Qn)QB;4SP+XW04(f#$
zCL2P%D9h4;Nc7_OThn)@-Pp~y#~eM)G|o&2TF)aM)306K3ER>F-$?_j^s3rh+aoSs
z>R)|3tIxT8%vtqxGXcFi#E*sry72M!##Qx>PfdY+e0(;vJ_->}>i{zi^Plb-D+g<$
z;TnwFPKjh01-*`oY#bbU@ZdLoA)wMX!T;!%?^-`6{UH6kwu8p4U<*0B(NybUQZ)64
zX#&|kNJ@R1Wb+{+bxqBQ6_Y{@`O0hHLtie!Stk(*_*XeS`L#a?ydAlTZYR_glFExrkzRLT{*I)G!+Y>bauHOD
zyCfPz;GRiForClQXc7MR7>krg&-QSGS32@+>#X|TC%KY>KI^+XHdRE(O=a^5xCD()
zt4|c2a{no#@%9i|vt*0l^d2es`M2#fuvs+*tIhtC35$Pql|mkqDKf5%@eQgI7hU}c
zB;-M7>pt8vNIN|dKLYDW7|RrCdUx>rBY%Fy3M`d@7|I%l{rvfRA3qZ&WEw0xTY9?+
zD5!5NRN1$X=ujo=p05x2-rFweiEw$Z@hjX1NsU}!6f_p+1
zFIcN8>-XLB?6MsLDPxqQN`bwJ*TRWbHx}fRi5FqcK|mp{Wq`J(|FmGdbIh#m(1DfEP;_Yjic#Ttd7iA>aQ{!p_gJychb_C)y6hS=
zlzxq~g4=qxY|M?U;N~|o%U6@fyVv_T!jAJVobpR;;3My};d2Cw+PSKtRDMrOh8j7V
z{wFrXdS!LL9^&}xO|%n71!t*`JP*9ZJFGMyHRnV2NN?Hs{wNdqbb6f4;_Ich#Tj|&
z*#`UcJ2cg4(airJ)!*88zc_b~`)ybtpOf*XRiZ3o
z30qmYbPYkM`5H|WD8O&N=Q_`RU!_WZ{U9`lwnZ1xJ)@(KDyK;?3I;JnW)3akcksf5
z6-fDVS(y0PKJCg3qV+VuxEYh%^n=N7Y&*L@3XDd>VfApJ!5Z4~Vj}~)3VjqV|1=O{
zzJksYzx`&Jc@do5W&H!55M6jm@KV1|)zXdj&3^=crr#h@yN%UCWRjDUF%_R^9g5ss
zC#|Wi)6zpQLkG;M^SlmMPBzl-N}q-l?#Put{cr9Bg%^UPmF_x!`E-A&TV3+$YPKXi
zeC>r9TH1u!;Ukg_tBg1LO#USR4%g-1r$Dtf2%Pq9aC^-Pc)G-C1yUu|t%5ELy#X71
z+{NiH6E=p4dGSBC9c1BxFfrpxZmegFj7RUQs{rwSx(EN5NnU@KP9&pV+4nK7y&I9P
zmz%Skl9k!CGen)hP7_{^8E3wEEyTAQ2!?XQ=K?|6D+~^4f&Z3>?%}SShYA{>2xufC
z3a9b9npFn>6uSvf!BIjJ{E*riaxtgllGCWSBP0U{s
z2KiwOzJkerc)s1-&@GjdkY%OHv^#@6}7X+l56VEivUL7SQUJB#AC0#|DJshCx
z7_U6AZr9Q&p8Ll8AfnN$#`9`lsGrhv?kj1}c=me-e(PF}i%!rFsY!=bW;H
z(3GTzvl{_KLCX0)V0UC}x20lOUhDy7d#uakZ7>QPSyd+9U&~H{1;WiBAYWq`_s;x{Du0msE_w_pDD0a3iP;kxTDD3w)<3v|9-_
zx9S+2?QBL};kcZT{jFW}kEz^r;hlWBygUunP5EfR0JkJZK$+zq_h=8Zr*F`og3bPX
z&&(vGDPKSjK3)Ca#DK`wt5DA$-d5sV^EBe#q(nO+IOuFxqDJs28n5+ec100
z7qL7&QPt^~eB^#7gC{q6vw|=73JwtZ;8#0Y7X*gy_;$Tjy6i?9ul*t-&2WiAJ`3z1
zyqUv?dPYEA!4%)Yg5MToP28eMwd6X~>Mwf0-b6|s^zypCT(Vl_dYWAkuJ$nNJ}v;z
zFWm{c>O#|Hweg()S}X1jPZ&tlY`?#YR%ZtU7vAiS6yXBctL}f&0|7-TG1P=al_a->
zT8td@yg1?V$yPwgyE&L(wP4YrmRqY1xl)I{w{f2!CV}1DA7)Rq&tzH^76+Bj
z8w}2W#$b5*u}%Te7l>JS1C1Jac2p0G8AI)mD(G0KSAm?V#{_oX7{tbxVjP8#g*&i^WdzkZYe1n%V}>vRanp--b)&MrRgM~RgukrMhyp2Ss(n2Kr)+xCmK4G
zaC*l8kCLomlVj9-f@tUDh9#G|GUeBZCau&+*6*_h39=boE1o<&fHi#$F4Jx|oEsO8
zYy4-hrpG=d5f8JhgBW+kUFbwwxmgYyvaJbO8PnQ)OxtPnyH-6+y`qO~2x)A1CoEb|
z!sLlxK_v*`yJ2>AP+Vu_GtqC2U|xP7woC4%AJQXT;t|532Hk2L6w~o9{J87bLMTgX
zYrjudO2Zd6H$S&Enj5rXG~exWOn0sGNf8;b|1iGcLofmL5V!qXuaw~@aaujCxhO|c
z`ZwPvGiJ0mc_hutp8iIMDc&FH*O!oGSr<+-0OkC1)7YXgFA@bx>t16D+x9u2CNaZf
z#0=r+uVum7hKqct!v%>BTP39aU1VN@jl~zw=@wcQ2k5ck(ut82XxRljI;ZEB^L4?Oi4``5w7mcMf=dBbw9#f#j{y*I|CpFF8x)!O(3cdqWj
zq`Jl8K>c)D{Gg~pc_~O)J2ALdUEu(CZsK0Qx@C2A;&dbQX8X@#=T=^U`OwiLR8`Qc@;_i}X^;lW=6rBJECvnw`c;T{xcV
zcJotn*_e053wHsxhsmZ@DOtSZ7<9@8b2;F119tZ~9M>9s(Nro-OiXodyMVdsmT(u!{a^Q*S{!_K8ogfhvwiGw
zn3x-;1yol8m%9+vzZ&#Negu6X=dF(!b0S^nNgmSzhpogX>
z@Q;u2rYsS!rWywLPM!^Y3mNUaaLoE@~-7
zxA_Bvpip~Tf9^NPwZiI_8KyOMn;!l=t_+RajDOVRhf=SVLm3F-^aaujcFD`L%`GV1
z%+GIs@NnkHCPDn<*V70dT+a_?+P69Z8VOaHCgLhGu@pv|nSdrL8F-aKh?;;9Yj`z7
zmK1sB1@Qo9sO?wg27)R3T1TL8c;WfIZRKv*RC#fr0jR7;j8KvhS3%I4*QJzbb+Mij!BWMcA@ljN%*ZCibar?b3g*)R!E##p1Rt7-l2?yL+$1s?|=b1#VsO
zZ3z=pTTyBSk3LzbM&qA7-n2SkoSmPlDk$LX&o`p#i}e`8%2-UeUZ6&YYTY5Wo9=VX
z7uKGu3y$9bnh}^z=#@8pL8xWaZ{_`kdF!r<2cnH63MYJ!4$tKs>DpMIa^mk|);VHB
z6=inT7c$JJU`aeTH4uQ7Hlr~9Gp6`^m7qzcc*zyB%?G%2OoQN2Px}<(@9jgniiQy%
ze(H0+CEIr_&LhJ^
zrg-mT9`gI2ji5rEjEJ(u-{iQfy{Pjc4&z~O1#@Um6LKetM!qReZ+d||ds`ovKt75&
z7?C*fS{R^3jYP91Mj$rqbpMQ)Eng2Y`tD6On1=i=f{|~~cpG=inK-|(V&xlm8|tHU
z5$}BWFpBoSdhHeVslp<1ATl4`B{k+u|Jz)r#w_?doL@xprQg34AQj8PPm8tIZfcqm
zWwAH~vo3>8!~mK9G=K!}7P3HZVv*~&v_ni_{eJRL
zYC*j3FgF
z!@tzIqpnB4w~}`7YxrymIr2&5cf9Tx>|gTD0HdF~B$r)+95$pZa5u?G4$=zzGNRkN
zbFrw{t#03LP&sf1tQmhPs|Dfv;i2{r40_HadX{QxHctXb^A-9~VeRYTRsAHD)j<}kYS9NuKjElDFKL-FaOBvm?bF$lHM
z9$rj3^aUJ;x(4=myGpi2g^G_pkXnPQOM%zX@xXq#TIu$_TJrHTau$;Y69GvphUNV2
zY>lMD`R-5eg(1GQRds8UEU^MVnM1Gv
zYo4168J%QAd{WowI_pQ7fc#q=*CNQg8yD>Mb#($pR(8;~-|U_#ZL}EWKR=plaoYGO
z&*rJ8xZCx1gwpgi%~`3ZA5WW(``x28Hjl@f&H7T`IsuQCMo@0gl?DHXh4?4varAY_
zN6Qelgrc#x_ewWFHE$f-*Ldofz6_Msj(wl0#lbcuHm9ptVrzff!JA9N&ZSwp}
z5i#~_Q*byps{ZruM-Jeq59U3YMsf0PL|pF!4qDRPMEU5ac0W>c@~ow5|8nZ+8*cFs
zkg>(P#1M_)p^oN0_coCTy(4DQSibE1`z&ty&c!Wi!~?vU{-jT-TS>ac^sfu6`;UW8
z*tnQ|R%dGw&Z{>-hvO(>XoaJxH;LAt1SA#^(a!SksTV-70@KnV|KU=zb+INz=W9i;
zsf*b5;Fc7|$UV|}gN6h@bHZ2r*G$UPDvX$a
zjZH}Rjp1LSoIm<(p7y?wjAB)fKFdj54FnU7BOG5^Ret~bE-5$
zQ`J#gFQJ|hHmz}X99L9LH}
zIi?7Oq9huZBwo{VO&=#~K#b;KqoaiUzhlY@Oif4p{=9@OPsNbe@&^ywRP6eIBFV_OtnR0m8cEE67%Um+eZYh!$&EnvokyOs;%t+Go}%Tw=pAEL^HBN$=IoPtarqPV1O?IPl1})uBlvFI!*@elw~gi
z9+Im}YfKsKGkF@Gj|yNMEe(d=PnXzf*Yr4(&+FS=gq2S!3a0#dMCE`v9>8quo#j^*
z)$xLa&#kQ=D|^@?qUBxpW=q(9wyDAj%)++RGJ&}_nC1RHa}=?AJ^q(OYMkfS0zJdQ0tJcl^EUEqw$$
zV`|v!PJX<&sVuaUYAfw$6il0Q!=l&{ut@#9gq6RyioG?`
zgn#s^H`KVccuu$B^G6@VtFYa!jKgYu+&OXKyF|%j0*vXU?m3qY5jN3&O~v=&HqY;B=d5H=F*KHD(gj=D>%}kcPfltsHkmsiw!*oJGQ#xd
zQaW*or1Pk#t@nm+0KqT7{G5aqVvY#rWoaG1Api$#>%wPRXMfXF;74-OqtI1u7TM2X
zR>xBu%Kz
z8z=4=OSB<>!{)g=2N!3}C)iUUt6(@7Rxo9{+xy6Fvt#cVrasFOD~wC9EnA)XN-s
zsZ_+`+L9UaBU44&QNS5tv{aNr*GG?rfl|xaK$|o6!;fnkCl%N^j`b(lgR=OdRXL8E2@n+W2
z$V)rw(^6Sy{Z=b~>v_zNI81saK7)A1J~k$c)HG?nJ6zRlZTdSofs9nP-mmE7
zRZnF%%Y=~4x`kRi>CFUYwgypX`b`nB6Dz$%gNZsu!$(!-PZyfC)EMa
z>4gANuuoXjhz!}&^D%QWW0dyTKgoFN5l+$Lxs{Mox47_y9!DHzWQey>nslMEKyo5hz(Tla|NM)P-e6_1UKP@&kt*uNto?X?10`Up;GfeYQcqR0
zJS%E%=4Yv@D2KBzd{5`|o{m9;q(+}~ICIF^m*70j+L$+31q~=WH89PeMcFOZ-in>(
z8vg_8bbiqv$x+TGqGN~dW*GjX?;F5&F0+@6tH$~8CFrDgo}Z3!R!No<@kRDiNK}*<
zJ>nB3I%vjw2aC#eo()R1AEt`Bj|z+}Z)o&$@o5u~e=f?{Pi9HeFx6Ej?bPDT9|bUf3<(+h%}Jr5q}v&4p+_Yu
zpEksz`*?v6o7weLgU38i5nzpKA@jk;IG15*&QxN2t%DAr5aW*>K2l9tPNJEx>XP0s
z>`iSoB%cnmgBDGjaF6P7zaSeEx+G7Jhy(rK^V8P=pI
znwO>YToqM{9qp*%f62o>>0~(*QDun-HkiiOq^DZO4w?{RGdXpCt7QCvb}lmS6qa6;
zjpy+~-K>h;Zrh^Qh!VAX5cX6vwxk9NRT+lJP`i#Q
zA#Sh%>F`2Z8;P4}=AHhUX-WZTy;I&hJ+9*WJ#*J6Krnj}r9j}X_|V~Sf+pPR{N<2c
zb;T!rEZU0uhDxZhrDtOyv0vHi4sZ<*cp8fn7C%Nd6#!c4i&6E2e$f<5G{ZIOw>^!-
zpT0|EZ=hyW(X-*p
zj3BIy)o_R1l#7RFGs5*+yvOW|@?z=`s-u5q7liTU`N%KwPnjV>Ru1`(VwT@=S5L(B
z=NN4+(1%dYTDmamCQ#^NS;!jUmh_uqi>7z(rqqn2wnnQU4)vm~$R+Krh^sTeWP!VN
z-0Z-yZWFueg$I%Z?7Ij|W>{hQ;wY
zuN5b*Kz-2d?r?D#uGc2H`{Md9Zt8D&1aq8@Ac}
zr72xa;FZd_<>TR-Eq%66f!i$y85&&TGy6H=8*W=F_UEHFPfNCR
z@?DJ1HAa6o(6WPG@O-AIu`#92DiNw6AKyJitoa@g1=>1X?pnEex89-zN;SAkWc#&Z
z6V5IUu(mJg?UfcDMST)WWpLl4+u38J6c^Jq;DW68!D(pfe7dk~oLp`fg&Azc*(2rx
zXTCckF5F8LW`0I((|hVdwwlVskjK)tOPVg)Sx#qe90w*|hy7nURN!Le!xTGahbSD>
zSR>E%az^FQ6*>VDqT&;>0bLg4<;=YA=@A_Ey6PcVJe@9{F(q^nzn)f^*(Uqp{ocLJ
zLeWl~V`ouMsU2`dtQAo-JKCKjv`7|6MOs0cqHipuR%gQ47^WQe2Az62W_P6{ff@aA1xtcb-0|KKZ
zC8y_&q^%>@WZ8q&V8UTz{&V2qspP?nEM%524l%@q1Rq~2U>UW39i1doXb2paYO?yLS
z=c5E)-Ppyy_?P>o%BAb^D`{IT9~9oD&$K$9&~B~lkC?Wq34O+b9-Zj{Tx15*NUU&mQVDDq+h4*UIo0)u(kCEvL_#N$z~At|~q?Fsf`B(>vbMzWJb>+&hT3l84MRY=-
z{P&+tf8zM{CU^I7nyG;ch1wM^U(%vy+J1n!vjk&c@&9y2xh
z9wH6o7?q}!YemcDZF}S*`$kQJ_ZIXy2QGfdq#1!LVcFqFwPQ2;tkMs!3(`$z*Dl^e
zQytT%chDl&>Q}G#uH?
zd3>SSpD$V0G$6R}jajrWDQI+`9N(Rfw_o@h!A88_hKU1Ns5;Qw*|*IVSlrh#puw|k
z-ZM@maRMiNrdxqA-;i&B3#Jy>2D;
z1R?M`^`DM<3dCAPL+xQ}V-Fcare!_d#`NLCW?hL+Z6AYT;a4}0U5xESme3i|-}G!C
zS5YTZyuQijkgIDehwjf;x(^CP(K5?iPr`P-i$oS`Ou9I+SKJClU5e;@mHYmwO^QB5
zI$Hgz+41jdHgsX|ndNN=mNw;GS90+yYeC$w+@p~aBs*;JXK2AC^@angxKvWpJDI5;
z^7Y77*nVw-^u^1f9HvspTOtn1_1#!0r}bU+C!ne7DlKhPzLJJKDaxel%}69!7;@27
zY7SHYa-zAbOk*L(0U1;xf%b4UIPyjFU*VIuNg->%Mz*!2dH$r0o)u2I6)`hJfRO*|
zk%5icsKJOIzxP
zNs`ZgHqU|m!E4&Wnk;vp>A#z8qvV>reKrf~Z6cfJ{eJ;t^w+ofU+-`fEPOK4yP=Y+
z8@_u(s0dBr?%ju;RvObLKCBU5J>LB)ScCdqU$=CzL+I=u%f}YYHM*Qg;G!AgTzx1M
zQBGT(+r3h5S6x@L>{1`jCAXZLUuw3W0dg8b?*y&fleC&`i5^Sm8~V-Y)1ILRl=Naf
zA%J#LrIe)!p09#&^jA32l0*})Xr;8eje>1WM<+c!Moq!RCB9fsXT|fd{c#+B2L4jd
z899OKT3lZ|XsVMKB}#A?>b^*uO_Yqg)Z=#L3>CXD`0x3rB}H3@2ZW>My%osg5#ZI3
z=^v5{2j5{j0K>iR7OMdPac?twy(RC%JXc4E()ANKvU@5Y^dW<9s^@
zn3ck^A`1ON=E`QLCu!&hScY_&5i$Xtnzzxq{}uZE2YF9&J{^Q~?9DP>^$ObPx8qKc
zPppZ@veN&_DM%h9hk}w=B@1`+t0WWmr^U*RBdEAzjkl
zC0zo7q)0am(%p@uB11RQB@ILO0MaGWIY{Tw-F-H`-}{~O>-?E(X7AZg?`N;Q*1GT8
zBaPiU?N+=LdLikKjPP_S7HVBf;Ap$Lu(pqmtTv&wt!fm$3WQt8MtI{(hDa&6`bYsbS&)~rDLO=QBYm=)c{H=_0tc{9f
zRbxzde&3k0TeO99sq0pzCncfkWN?`|P;Zht=Gl6FQs_U#;YnujhW%mX^wC)iznHfQ
z`^-YiKbU>~n4fsAX&;%13eWj!bo;QyJ;uM6aEo}Mw{2o%%hz>0eqi`|Fw5Up5zSz^
z+m2qWb!Vk5V`6SDUzy&7Rord7EsO-4ArX0eAXYa7Wi-oB-c8e3!gcbMH1q_|edd|f
z)%GGcnS0jZnVS+Lr6wH0p}mSq1^#Ic4B^}=q>jJZi0PBcP4L7QdQFhluUnnj%H4;E
z9BU(a(AZgcut~(@<&cLwNX`n|*sF3s_UViaXr*wwy5X-KWso067E|x*s+g~D6!nhe
zU=QN2slxm?Sy^%1R_}zbZ9h>SM)~?6jPI-+Wm3`6T|NJ7ZQH}WKCZy)tN+KCfQfTi
zSK}<-auFXh6)%`(OGy&9>?_S5-d`aUKO^Z)Bq1nwXM>M-r`++PH{Zp8Kv-aUmH&k0
z5R#2;^{VT{UH9cnQntc#u|!P$$LX{?w)8H4#}V9t;eO4p-#*&=@8kku5IcQZ*MGpm;0B#AeFbj_d1&M=MwB%Ct!tr0<)(Myhl}v4+P>Fs*$jfqom$G&Z!0`@;IG7-kW}g;QE@K-CVyy8hHeJ>b{Jrkd
zyI+GsY2Rl4vZP6ki~IAW1T}>NN$KG$)RMJmL*odA2el|3>moWftd@l$%fJ
zSqoi{gA*GwPM;3`+&Ih>h#Lij4!jp=bu
zG|=v>KMZ+lFMfl66?aMY$4+0ei$=)KFU+>{3KzgAIJb#ck(^+jp#g&ZHWJnbsy2}n
zc>@H)l1=6-F~s`AL1yVpVesa|P!t7sxe3bCDeFHD<`b%NRH~f_nb%#Mg|4`6V47@(8OAYJw%WuVSL&=;s2NGOScUKr
zuDnGUyJQW;15Imeh|syb`Rp(EgkV;wT-0pG=&
zCsEqq*MPz|{!fCpe+axN-x?wPK9EYRAW45xx|a5ue2}D(gut!Ed>WvEVw8``(I_Tu
zGhvMy3A%p2LbITVVEVXQgL8AgU)W=nja}`QH<7oTy{acY4L?dQ#yP&6y4#_>P!>@G-oh0%((IntE-JXj2=JUibcZ0QcaIvryGh1s|`Jgx2OHLLb$ZpYyN&;pb5>Dno*e3M}~&YA&mQ5b*!|sR_ye7~7>0)6#z+8hx5)
z2>fwYKwHI=`df8D#aPVGN1~f*`d7%noqXR^!!KT;c^N`xp~w}n`TXdd!bjIb!OS!%
zTAT{jwygzTAG7^7&T|rrRmd8tJgZP#T+PVD&dpg|?@z=(#n42JEvEP~RZbJ@F;MHX
zQ*__A0{B`9aq(sEDLYZ$h1e|r_j5j^1jtc|XP^6AVMFDI{y~=NtF*gA+}DEc5PMvf
zcU1;k@^xQUWoZ$>Vg`47seznhHxaRaX?Z_n5+$7m>Gcf
zm$0-!JT+V7E|&6?0L9(wGJ7D=+L5VT5Lv{$#Vw>)l
zPr03?Fo!ZwX1z9sG+xOjBK@F|pYQ0AE|XgW5((G9OBtv3Es#(U_*X~?iAr6vmy?F!
zeHmpMH1S8MP`lHb-M;gM)k^z~p17vd6!#JqBCucpwk9A!0nKSBrSb*C>P~QFf$@00
zu!-V(U%}pj3wIYh5)NqM*PLhF@1g+8=LGYb_BK3?ey0J7kuQbp#ONF&ZZ(yJDs=+q
ztAGBc5*RPJ%&~&hCD7Fh>vNT60F+0z?h=|zcbq1uCWKiT$iS`s4Z?hl%z`*g@05KW
zp|nT<^-pUS-u`+|jpOv7?|CrTem~dOIcvRn#bk`E@c6@8oO{Dp!D+0lN{d?XSle$U
zm3W+m1VAaH)A^ER2KKMk{>48ZlTG#=iG&78+>B2Yxcy{;)f{T9%wGROX5CT5(~_!!
zQI!5_MUS@!$Q44n(S$J?rjPQ;vDFO~egr{<4wD9hQbq%R^Tv=M$b+V0-b4fJR9{KV
zGYQ~DX)nT?sLILgCQEmX?QQfXgqR)nWyKhZ0c?|O`dDoid?zd<=dN{>e^dKVd~KE&
z04UMq1`|a1H?j9--z);DwzBCiAI9q5?4nYg(W^Es78TWkU~^QYnQ2NjoK`qfwH_KA
zR8k?KTEuu#>pJUs;nt=aMW11oC-nnJqX>LAY0ch*5v^^Cg
z74d)n%qpx*X|Cxc#E-xa{@K)2dE1ePvd>GlFoovYNuJ}C>*
zPcTk^x%D6F2#`yc1Tch8heWAwwKHgd#C@Dl8&OT4eOnj&zaP1;UX0t)v&Pb!$1@Ky
zn*$VeSSX+1^i;7ZDDruzSxk8{M?@!aNa^UNC^9tC?vCn(y0lzQ>Y=;&@5|Jc8)h1^
zKLHYbG++QbI`dKjB4b5vAON4?_!82zbmOdmzv;Rd=zfOmR$k8NGDyY$H@GZ$O$`4+
z>{Ck-T_#~RnIPmf5>14WgwT*lR&^8|eAfaOjXlca1N7shcv6?0bI4OC;;=bugO~{%
z)f-{}cyXUffuzG|)Vp2F
zD6-Namfb`bx(fNIdQH&J22>Y!=cIQ0>g^mZ8sr{T-d-8cw`yqvy)S|ty%xC*EOB8T
z?9{o%%sWbb_kuuMgU+X-p4vgFv&rM|^UVOaKVO6Po3QY06WG#wApagtu60FU3Q#*1
zz&?8~%u}NVcb&Cf>Pt(JcZVM=S2%3!DYxUg};11bJVJ>WRn>(UH6x
z&&j?0cJ+Q@RZe^CEDibQ?O25l@@iPYlH};8g|RWfGyC*?(lI1Qf8j|3;`vv_1bJ}#
z2AZG4Rr^Z=TatpHaOti_n+F9XnR3#FY^Efw{kbCIy39vne(q~irV@)5v|xT-iU&Z!Ypfh
zYz?JUStco6Np#zK(Gn6vaC?vmj3R&5JFF2Z5b0f3!aR64{!6|az0vtmh2Yl&1tC7CarlSVXyiBa!
z>l+^z)2QRyXLR(fOqOODGa}!VjKCSOQ_8>yXzCORtVX$?_-Y}pDpWvpb~*ZEcwk&_
zvV~Dk3_&>DT!o7()F;eFUcRI;DDA7M5z;jtER#lNsBW?o^+{R;EQycfhYG}2#eqOF
zV*=V=#tbX3qGfyJPw?W8u6#f)`|zf^rdWU#bEq(
zc~C48z(OAWm)c-;cFujUur=y`ioWh+)X-K|Xm{Fbs*VAIqa>WF;-_wlw;B^2Ic-k|
z!X>+}#sZMc@BlU-piq+@)YX(wpAZ{cHAf|-=*C3i5F3i9k5OB8cDN>5Y_+U?FIOQw
z?+gHfe}bqR)SDM0lRJ4s7HjXB7kQ-ET$eWSRg}m8JSbGfI_Zq5lbKQOgd{jVE2n^e-GWs(3R$d{SmeuT;U$xP;f;MI!4}u<#g(XJ)
z?*wS?MTKtOu0>>ibF(nRLk}N*UEB
zev}LYAnJPRLv104o&C|u3o&U!WzUq)|JrJ!ntVIyx%``(3ZB9n;kvw1tj=l@>+@CJ
z5F%Fb@{f5j$5Gn)iR9JuKhtfg80yv^iD85fjwbyLU0Dr)B5lTyXm
zqdbwMpoY5X1R7AIMD2FLL_5Z^IL0Qeo(_so=kf
zZl(YVeE;gs)+4&<`(*An)MAp0S_Y
zC)O&IOpNX^(Dtg#Z5mb~mR{Sp%}Ggb$k!(=J5@1H6P<8n1^1#3OqW
zpb)PbjTs5GyGxQiyX#`CN&TUv{G!A~kHS?{e@<0K1}$5r@`ERc5#GzNXlxq*OG5?0
znq2rb7^LPjg>P-xrTRwrF#K@e*CE_*5`etr;2-)W!fFVEftXq!*AmW&0>L+jPlzHbq=zfS|w+ZIp_2{TnVb;(Tz7)}0hd{=`Gtb_uyjSpb#%}9tX-U9W*(w1^FXt((bFF=8O@7yLz9VcqqoigtSjp
zM2hwqB8N|k79Rn}s@I=M_w)&(5wQ68ms4kTJCS!fzLC(D5F0rZ-suQUr^UW&cHjl0
zFTXN%jEU<6G%_7+UZgCGoZ|2TO&tCFf(@Q~(6k+S=uDFH5!s{Z0hJYTO2C|5$+acL
z)yygOb3_^rQzb$~G{#Mg18!E|sx&~(cXZndoB1;+Rnu%e+iZj7bjz#^@TKkKU0O_-
zujROe`J`RFBLMaWRYW#KIT${`3@CUI$XmN%)p|=XM3iadB!$b#&X<{H><{`_XS3&1m%pl}=bo|!PnQFCnHd^M)R
z6jw`1E~~|s>S?;bl`okf1oqv$mMV3C<8ADs-ur6zl9z=OMgND?Kr$H<(>wd}A;2}`
zp;GtTZG9(CiI;?Mm=`Yt8s^niX#F5aVQ+1Zn!6pz$Y
zKL4k8Gr~jfp1G`y)kd5;{;wHL__t7uHj
zJiJ?z+%ytnb+$i-OuKi|1s-1-cN5Q^oXP)c&(JEDg*>K&d570Y`9Rhh1-~gd>-EWt
zw?Sq}WC_fy&*0Q$h=+7(fv+ejh`1^~M>5ObM|~EaI}5s?!It#?M%S3(%b&;0o;NbPk6%
z`WOoxczdl@mkjZK$85PGbQu!$;ryNI3m74D@dZSox4!ash2DEZ$6~WU!fMAC)tI%E
zU3yoT>xFs&KI|mUJ;X|U5&21uAY6Lfz+m!YkJgee{xtew>7@zRX?x&#p?`5+wetup
z68L^RHI-Adgg^wIlBYi^)u|ceMJVhVSQ+RBu!I3@>SQi%6F`Eb0?
zF3v{3A>1PRN33kMp|COdtq{J(*ETCVJKlx>gw8E>_2&=p<=Ew#IjRUnz)R!czVDpy
zHZ4$ay@ylw?MErd{dOiAo>WKPmUb_ZLC5{|SE7)Mi&UHbO5>kz!OBsRYq{pN6R#v4
zA9?t|Z86m8ult4S9==g^w#L9B
zT_2T$!w@oYbL4APL__Bjshf~vszAY83)BS?*
zEiGR@u2w`gkhe2DNqU99zoW=fF4QJQk|@^;i9WXbhP{8F$N_+PDRGMK-U5C@Zc-E$
zL>z2sGqZeca|FVf@^bd7s5Uzrn>Ckr(D*yq+c~@`y&_WG)CG~JT$v95;?XU{MkY-K
zS(H(T+Ci-dngFDX$kjQm0|EP0fd2zv(IiQIHxY1HQgNv5Pir4U`6E=P9UvjGx?H<5
z@`tSbZc9lzZk7WwoEV8-Wvv3>R+2WF(GJmzIuGQork-!*!?m~1yEWv;=sHAsXm3o3
z9^;Rb^9LT>s>RBnt3h2y9nEsIap@~UEN=*nc3%js4c2tG&TR3LZ6ys*4?1B&hft%W
z-FCX&vL0{HPG3I{iTpf~9VClfqyIQ>j&$j|TkF6;&1aF2U2TeHv1fv`122p^v5?nW
z?XQ>y<1M-LZjS=`b)p^NwY(a<4=qyKZ|^BVIvqVQ-6!^C~s=O;l!45cnRR;RKor-GS!nkS;z8z9Pp1LGL1llTFYottdD@v+;s!6v|67JXlEWS;`oXdICJx>;RHf=!s6
z;kCx|&-!&caQdHhoeF4%?5@Wv670Hz@lF51jo*VF_kD*0|Myo#vL#4(AC*Oxrd$U+
zW#3{b)>D_0^Wre6Ua_)A>El`HdB8n^R!c39SxS#~EzM9vje*YQ-!lzRNeQ>~74VAS
zc%1(p(Y#@Mdpob;Ekhn4_8Kh)IF2|Nw+^)4X1T3DTp<>wNz?Lkq&`G(F|A8@1>`#iHsZdnoGGZh^K-dmzZgVFP;A3sB444tsVgR@c*o?~NPbCzz
zvM+Uye6I7JwUD1k>5jN)Cs7&%fWlhuYU>oO9N9kDtvOV$>VVv;>7IJ@7H|cB
zQ(7ekfS_63yjVs^STK>f42y?e02y9|Z1<&!T%se3X&2;X-;-cK;aku^taouWv^BC
zi8kjI8yVc&*o!zHURM<3-
z8`RJOLc3h8`S_&8E$|JQ#gXNS>wvd@5aYL)$CJXfNAH&hw5O0^Iij6c0+trC)T~n;
z0blo&N|rSrIkAc_=3@xKk@(1rX@&;KO?NRn@tPi_@iE$A_0N*?GH$9oZQMLIfJz3C
zwzx(}fJcv^6BQIvQYh=>yv0!jYU9zHa3pr>@uu1C)xfo(Cnx2GD(>%_v~lsH7vgC}
zsq$)=zAq&Eu$!pLT(Yg^m2|>EeTy!K>LfK$Q64h59+6N;i__mutqhdi&1>;gwheFt
z2;gZMq#9CHvX(=a3-Ke~IN2>95~x@&uU5M5#WX29EE#8jS@jX;ILcXzd?uH*mJ`Ay
zq^w)YO9Va>rIk^Y$Ce+MKOpfkN*gB~8Uv4q6D1%>OB!aQ2nLFVrK7Sq0>FM`8&-3?
zv^apUI%0oNK5MxlNB`VNN{Oj_%n=!hDIlww@!ROiaH?#P2gc)I{7uQVG}01!%viCc
zb9y{578u>Un?RvJd%^fKPoVgJ^rFMEI*xqEX0)fkAo;Q)Tn_y3Jz#nr6Sz3OJ*DAQLPeGuXDvh27j+~xWr
z2ZXpzA^|Fxr&5lwpQ36&8CU-TNWiK8CkpnThTu@dc0N%D;)F*3i|qjxh0K$20$jFA
z^N$Dc|6h!839>&xey*3&xDhoxjIjeSi3619P~^wa><@o~QuGdHnmsVeB*f04mp1?pjOr+CEB|`|;=gAW#OAC%HDK(V*3GmG41M*+pD6G>|O<24kj?4iBT3?Y}d&1gkT1Xix
zwS%`Ll&LzmkySw*LG=Vwl}r8(z98HxtjS*3wtv0dC!9&`C*K_4H(RxWDtLG_U}=Xi
zz20@_@^_&sUj}AU!jP)qZRy|b;K5^uX
zR^+tVC=2+4$Is$foRF~8ngfXC*}L&61L^=5+<%6ov+Kf<{r
z5Sbqc2IVlS>*&a3EB~HfvxlPJD8#m}2W?O67MGOB({knK`3!U|D+Ab-H3r1jqd|dg1>O`tzvf)VbwD!MQjqnXFO9A?*5$Ta8c2@QUc60TB
z^ayQ;&F9`Ki611ypLrVMLa|}LB20YO+CSe6&nCb%-z7p%QlHk8^L$rMu+0Lg2@4h_
z1OVz2rKiRJwGR+t9N$)Z@fued8GzWI
zIOOTMaM&C9d&fZk3sOS-M-|KmvaOvwgoW+sHY`{e>eJ1+4z-wd;dsRaP-;DP@g>?3
z&SB1wh5}E%y034|{}h~~cH^T}8C92AmC!r_i5Lq1c&TaU9;E)ZS!#WKVB&h(82ZF4
zTAP>|jp`)N*KDV~-wncLL1ZW_$hv@wdBu9Rb*Rc8cs;NIh*83y9L+%AT;O7wuZXI2
zp?;WsIvth->>M2Y4XBt`!Ey+w30Sv;%q*bCe|rGBR+n8K)awHf-2eih-*YF4Y%yz6
zyb&!6q)zR`SG-6|{)b7H7U#CK@rd=zDW?M07?t$W7mligME$>)&M-)WRMfL6rSLt=
zf6@Mj!xq?UL<^uz#0EQ9uzr=Ont+KFllscS(q-4HWVSsf76CF*Gqi!yCqeXn?o1j@
zG@?eY4*(4p&;g(2w8|Gu<%>^293WGM0(d6NI-Lgru>v3@I|IDp0^U^qe`~tGT`J}F
zF6%!Ova+4|Fb{-
z4gq{68r@BMzy5;VedrkYoHmmrxv*lf|C?9vzdNcz$FSgWYQWrVNTyeqHbaf-&%?Efmm
zha|819r;{!+OjzZ_2Pi;=ByC?-@by22guTFUPWv3+w&lDY1C9GxG&x>)w&D{xUgtT
z)M?rnjz(DW>JFo2lN|X^=d3IcA?hxB$x(0WkAK%&w7Z(1rv$N5g^Ifai
zS}Q?(s85Rn@D^+Lw;D{Zl*tMPC~a1uOfv_iZy}HZVW$^n0JS1q*E}pNtXtouT(IoV
zqBjN$J9eVWDB_-qx;Xl_tHX$j3yZ)<`iK)L^^QXNPnrQygCSt}iB;&<`fv
z1lcGwQmIk_BI#%%d0igngLgEsA(h%kq#@Q;Iw>>uv-KLRWXnRvJt*GW`AKR91{}aM
zN7=&Sm0sa>k+_0F89-|HAvkn@W8jf85yO$JYC1t{^s;a$4@1-(*s)zJ3)3(z+|#0o
zClj>Bk5*Mvl~v>%$VDW@X3nCnW!-&3wS7Z0O|BjPDtocv&G&f!jyx=^R%1xkJ4jJg
zQE1Ef655zR;&@Q1-^{nEV$!=d`
zDZo-uv_&|@PEdy>#;^6BhpIqIsz*YgFFNZzz;aGtkt-c}KsZGsgQ1qPZNr}2p7Z5v
zPc1cR!9wPkcll#HXYzcL7LHW#K>lE%7q`lmt0Huqj!@?oyqWW<{6(s(s
z49oJ3D1=uS%4TL}!@0e{0*IxN>3%oFrJF!{2;DJ3uX)=ZvBmRQfF@SdNhU(Js;*80
znMKi9s>+w5LVKC8`x3wnQbVL%^*i_x?C)JB`j}I{$O|x=WrKhBzF3i>
zZ7!<=>t00riZ+
zLVh3DPAGE!y9pdzTxvqJ85I6_rQ2l$;>c00$!cTgN0ISoHZ?bO^L3*TgyRoMlu{Ns
zw6!Sic~AlsJ5ra1s8&E%nOi+c@#czev?DF+B_yjYU;6D;$#na@S|z?jWatc&JqN^<
zCjhI!SXiIJMv9S@diFdRbKLikC+yz6`&<%ddPmSgh;icl05IH$
zYQE!32cN(5o0kCSC-*yU_+yIR`KLC*(Ip{`1R9c&l(5yric6_lRND}Uq%k2Pw)hK`
z`=CbGh_wPk7HXuF8*QpQ%bN}^0+Lvpc?89@fU*aTnBr(&;;HUuUre$3jA@)Bz1ywS
zDyP~|xz4M0_LgQ_nul8Ye&aO~Sa*9VULzay)g+Dx0DvFMsK$**hLPq7=_KN|Bv6&p
znlu#`jdaA@|7=tj`*TwM2Y{mTkO+~S_o^H%kb1s3B1K6Q!W5^_TfJ|5`#df8H!p*4
zX{aeS44TonWuibE4(;6^l%lYqW?o_q9Eh(;5kX@K+sj>z8@bB(#pApZiATOJatxov
zHnAF0*W%ABx3aOpMZ$SI+0!IGgmmp?Q2Szkwk}*zXq(n)aSkxIyD`L3O6VXI7B!1&
zMtm}>J4H-y0=S*m86oB61Yl~_jGrOK$1{~iT>yk~G89#u7mY?JgLfAv_1!h?*u0rk
zd6i))3wavn+NV_RO)eLQcfdcAPQhkllU_|;-EUMFsWqM>N4SX;x+5>Rk6XDeTupv>
zU)w4g=1P1&-x{D}eOJ($BFg6y+_;i4UhLKy!hB^)jw-RY)RqOf(=yeZ5S|*XOQl-J
z1i_JO{pKm5ZqniIh|Q8Sn9Z83=;^&Mn+G=x=K)j~L)`AJgoJiWQ{agr{wV|>-Qouq{D)a1^|47g2d`?>RLb5ajbZ_j3yPrNQx9PWg565u$
zeF7e4T0Q|6$6!AV4i#1?Y4o&EGP=r3-k0<5_yWrD8nBcUjPT
z_#6LkJ7DPMkqM`Edog!NJ~ETf)mqWCoT++^z3`JMC(%vYekeOs?dtHQ=6-{pj3Z9L
zLhkJ~67>+V?23rf_}ROxaTUQtIF$X}r?r5-f!z2n7&vm~?>
zB#mC@hc}#VITXCOTj4FPSB$BAzZdb$TV=`(Zg5)PyL8c=rrk*4gFMHLgnV7Y8#hRQ
zaGZTm|Hf+Y=3TWMcPv
zv!H>flw~ZBz9zF>^SKA3<=Zct`j+{!poq}YtY4IXdAUD$*}o^lEvc+3Lq9%Fu-
zQK&^lw$%nrcjE{nTIlJaEgau00b&_H9A})mZ@Tlf@-HadzH=Hi#)l4z6Fri*-hECl
z(!Dzc-&)J
z;QQLjt(CUc8NjxYc7j!w^Zv!~cTgC~Z`iG|B_`LIKColOp@%Sb|2Vuuz}HZM9+*h=
zQlv`YPHa_Cz`sF-rvZT%(5;qc;yfOhelrR~iMzb}`tod2uKX^%+JEgsk9r5;Pwf~K
zpPzGXHRWp|Zr8UJ0|#O`FuKj-q>iQCS-dG1c7bm9-ASA_l<+Tl3jtO#dEt>%YwTW}kD8H%3U_1i1SxbMuZ$
z@>-5+QoE3U!Du{~00c+SN1l?_yiD3dc8hx8Vf@N(I~7y9zI|@R
zihsAB8)4YGNT|>b436Y#{6BmB4c4kI*Eh=$vG{PB4+10_q6+B2C*Z~?O%-XZP-iSC
zD6ZnN?u5;D*pMcc6b2-EKH2dv1ECl?hUK0JNHkmtf~>@XS5QWS;Fr89aum8E`A7o3|v>Sf?iT!QI-X%+ih%4p!}UeG!SZ7%*W3mB{}9ozS(j
zvWk_H#|aHR{MU!vl{Btob_ZZH8VFdgM7Bog-;b|PY!y@$Gt6P4eqxNG
zMk!2REp7Ut1sDWa8m|wFOHMbX!()-CX%RBpsWtnZhDVV|HE-44QoDm#xV{0(v_Ck0
z@%4={zn=_Q&wiR>aOG@@!bfVs*qBacCrk+EbvpxxARm?A^=tndP3&TL6a8B*6Y=tR
z&nJ^3M!XzN1#l`T8scVnQ-P^P-xglZn`sSF+5M<0RR?h$i}Zog=<
z+55Y`6e0UUf&LI9=0Yg;WzkHKqPfYa>m{e(WK{ck-9cfCeh-glH|2@IX<6>&d3>2(
zLs+Xu7FYv#uX*|IU&1tRVgZt5Fa;O?e9fsWk#FVNa|33!Y@d~!;=h}si%|HX>zw~x
zLnHo3$T9cUqQU*wy^r`eL=CooB_;|K1_Xj!&zG`t4MdMzyllR!d|_4>OcXtfZ9EGd
zxo1J=hTpmcE?nNGDnV%Tvt{94KLF;bF8(|4Lss5R^e5NO`1
zt{JkJ=~5)>XqlTHU3ffKU?%n^SZFxoyjjb|9N&KwN=p=T6}#W@_p=inAaWld)C?>!
z5na-FL-XOV?YQ^Bw@^u7%BMhNFOlON)J3e!*9{@VYn;*xo?`La@?D~Almp<6`?X?{
z(xrqiW?bIbr*PeQ+{G~7C-!iR*xc`4YuymBT;Rb!@zAQY}kuryp&Akc7JORUE!)4!BG4|*m^h4GN~#Y
z1|QClPlMU#T=Lm-Q^d+f89dd$rk2uG^I_L2%-SEGrjF-)EfHHsvLF-v_~0~KIUp;b
zIu(2N=y%NGwZ|`SDVf-&ls7s+C{69X1-3BAb74=HtAT?);X<0XdN#-OsA5T%0AHhL
zA26)^1o!
z{r3j9i%MG#kJ=8RU7`rUN`bqjZ7-CG@N8BKs_XJa4QIJv+~4C7GZ6Y
zE{YTq4v*)YO}iI*-1G$bIY$G87h$4PVVpEuXWS~a68QrhZRxWf``H>5e8ft?P^ke!
zb=Lv(DvQ-`5>ykNbOL6GPWza3x6ZI;yQs055?##m6R@33{X_}JFY(*U{X9LfEAgh2KP=nw2KVf4
zV@3q?7INGGnv3+waeEc4MAYfhS)oQ(m!@|CWm4+7c*@C#FyCTPNfqZ=P(1S9!xk>b
zvZF9uII_O($O>Jr$LrMcSld)xreyr8$fDGh^4$l7wp^6FKKpMd%ueaZdHC(J>(*MT
zwB6qhQRKN*@QycoVS$LXSFpy%R}1R4Z52~C*PRQ&9;3O@qN%3dUfx3%
zc~2vX+O+f7;IS$0{KF!%FKg#EuF0w{Z=5ZUFHRhXiv{Zf8BJU1HRU^Q_qVvD7#t)d
zD`xv*y`R00h66q5XWXu47G`Eg0W#=Q!c}tZM;+(G-K^4rljC=9+Il@n*3hqhiG3aa>M@+u^E|{g
z-A4~Y^fvF^@z!Gkx|YL_IuaOksksu`z>%JL5bN)GL!{$9<<+=dkhX3@aXYi;zFXEH
zyU@)fcoc5XxP;Csipa88JqbS|rwC8(tmRU0^+xJ!qju&A_8A*4!r{fZ=^@2W@dzhw=lMM5@
z*F7!1MtlgHit>k^U{)nQx&2P1GE;5SeYBeFQ=G8OgfQL|kXb#n$!>FGkU$H@cfdcF
zqYVFbydy!6=B(45w~vNK2AP#srVvKK<&sa+9O&hJkeKS-eVM(F#=yXU=BGr+sHquH
z2WgtMy%F;zr6aNDnp>Bg4_o>X^hd;;WY2)shK`NRSXbX!`XaG)o!o4*&^Mc{u^zjY
z4FVgg^QHQVS8}OcH>3mV(uj&+|3X_M1fpEUev~
z$C1W*4#XH^-(#E=;^7<=t#CVx3KkKd+%T70iMiFqR;+fZFFN?2pg}c^om0kXUBUwo
zV`TbxwZ2AgRO+xjynN%fMv8y$0VG3NIcqO1=P#
zOHD~vzL_O_@q1lZ`89
zAMJY>B+_txj_?Ik{iosn_VzHcmXcRdeLZ;=x@P{0kmlDBqdhVqTBU~hSnTr5Gv)iV
z?+wBoUQTtzLAzJl4_$7aJ2AECZQL{70PpO=uAsdQPgswH>lf5%$IQ4a?p>bs=g+pBgSMeY^3QrUy;-*28&Rn+^
zr+kiQ2eq!8wI0r5y%P~DBSveX){;7J(k-jTd4tTZTnRaIJZHs&kl$aTl9gwIC8oG}
zRjwS*w?J7UK1$QTCUp@o2F#%DU;y|g
zMObb$M`~RY`a-MZ=2GoZk+3P!P`#q0!P<2Vn}jlbv;)FJ>*iLu^r|0?sGQi)Of<^{
zn6^Y%8=af{y|1z67}zG6FSrEFplnA(u?0_W3&IJ3O?j7ip(I=5Blmr*^s04|1nwOT
z7_Bi$x%D+9u7|8#e2#RdE%(v>`B*E~du7e<8rbD4tT&G6zEoJ5=Y|?aoo)w-nE&|{?>Yy3c&!Zqr*m-SHm$Tzcro?ZlaQ*>NFrd}*%=f~
zF{4u{OYXfRZL7>USZw%(Sb|Di?$Y3c@}Ezfa^Fo0ABWhZnkN2$gmztC>9MEUrmPb#
zz>Hi3nM-;xK|B6#m#rIY+8QyAY3eYtp?Rx_2+EYNNW`@iuOh-j|M+e1r(
z5b6R2V!veK;c=6tjM$S%L#cO`Xx6G2^YpPcav}oWl*^M8Gr4ONLE$miR
zz|q0)D_0Q|y2?g1a>I7qk~j<$>%xrT;N73i(fUQq0r=09Kk3jG~e)07TKgal>HX=DZkHIa=g13;%+{QY%f|_0*5VKmN^dgZ{;Wgqpt0
zlBCJB7C(hHhI^Z5UsspCH7XnTb~Ou4a&uKR^zC{xi~Hqp>**931={KblVq=M+QXDf
z0@RXx)uy%^T`V%N^zC~yV`GhQ>o+#=PX@W$VmdlHluu8anFZYb@@r(Y@{TgVSnb}L
zj2un=m~5i(x`*wTo&2B9t~08srduEMMMMN_fOHiR1p%cO0i}q5fC32t0^y}dlisAG
zQbd8E5{fjDA|@dqNG}moS|E`ULXXr)k!tAW9`tp6cinaGUEli7ue0{lGc#xJ=h=H^
zO;3=eA_)m;0FJ3pIb0CbEvbo!=gaE8Ho-#?*m*+w*RDG%K~u3CS0=NwvmZgDw2}4V
z85!@80xRlecsvQrbl?SdbEplPKp?e0mZ&&8r9@%KJC!DWxMsahU+b4-jZEnvoGaWkAJ|bsX
znQP&{=Hy))vQ>63%WY-qUTL^f#K8#$Hqj`O!N_8R>UG1SW{d9C>#7dfYGmF%ND3U2Xu3kWc`8M?U
zQhs2$9@smTAiv{$v9OD>ElU@PT_jTP&ib=d)*ES?uH@r;lK`qZ-jF
zA&A02F)v@9oZ6j6hHcw5shIHZtv4H{f;l8kZ3+ycTxyI#YYPoApnEfAwN^%>ZB^bP
zy2C9CoFOJS;F#J&RU|}AfmL{cHH4;(lio_Agt@Mw-@LI|eX%sz{tm7I!J@0H%}0V3
zRMu`ylxFQz+}rz}6K21PE-xoCck~GN!*e0HY*8rL#Ol&pQid;5b9Y`|&1n_C#lAiRdc76{Uole>@P7u^RmZ2A}VXBGfg=Tcm1&t
z^(u=C$7$d0zSpb&kd`cfgPt#dF`RMEegx@fGu6K7QRe?4GBaz^ql^>V=2dxOzc1I3
zgSp*X@qx?~i&P$YCAGB^ZkMN-ICJNb2LR5;Afh=;@i=S>z^-Bc!gMW~m)OPhH$Ugv
zofd2t5aGd1>ZJ=B*eIz1*WIx7&s-eyROC)7E2$O2$9Zt2tb$;{i{`!52HLfkJjzOV
zSTsgjt&szGYHBr7$Na0_i&gB&2)kkE!76&$LiA>GZX>Y$p2X*poLxQ!_yVzt@6+-;U1G$t#
z;o+6dn+$KW12w|%!5izI8@(|nm!q5GTX7>+ieXk06Rjtvr(1`J>`;Qqcy+96KDKLz
z3;-tBU2*hN`un1}w2d+4g%ubM5-?LGh8
zQwjGaL#BGJilozc9d3L%VtqH;W+xouA==w9-`DMtZE`Pv__2(=EJw-4s>^UrVp}=o
zb^#O$ZEHh`<>lnqj$8$TkKK8{Sy3R`tG%~KOjT0|H1Vr!Mq>hXabYXw)7)S6YPrH{
zZlKBfX>vMdX8plrG-z(G6cvT-%x((I(n1;+)-1HYY%<838J#0xt;Dr`=k8nTU9g+0
z_g)?w50e~BBc(0eWr1J@O1dz*rE%2#KY$7VVfCwJMNYS-%s*-hpr2YtevpxA*&8a+
zGGC*&4KSJK1yC+kN%c$aE!BUT_kVJ~-u7)G<(`C*=z?xY28Y6=w?vl5M(+2bE-LAQmnTIYHC&sd+piMq~
zC@qz?#roVXJMuA#5aDuP9daC-;=A~xL+YB9%3Pt2EJ#jkR)w@yFFB^RrYPbF+
z-I|Q1SG+K+(Z0m-W6x%F8sfBBSzm93Mx!Tc{Zavd(Df_x0VYhnXA}KkBc$YSq)8&V
zMtjK^@xGb=3!z0b@>-bP%b-Lr|8f7J=eMRe3@-62xHR#~-A^e5y9Nfzl8oOPv_`UU
z*(p@P4MNA{+w*OK!(u;<^A&l;p+2^zz{|{gah4)_$r8S#&jeTHFbV(R2QZw~R>0cr
z+BtYR!cQ{H7z(A%X2u}#A(vLV7M?D5mlSS7q;c0)-}Fmbl()~7sp|{6XgtZ!&+pf3
ztQ*9=$Yyo<)s8LEyYT%{${k?`9jA9P5-w5<7N(}O%s3=SAFHxA1}|8ryJXYycFk~y*r@%Nztxp_zrj!1Zj<6$4
zH+R4mvS-+h0;}Xh(nt6jyC1Bl^!TPrrNuLxc|!29ehR5HuhTIHQJTbYmygc8HI+JY
zLw5V`y^unGQd2ZnvBivFQd^fJ&Htx~5s|H@THB_{G9&L^dMLYW2v+Q2-PEznfy~m9
z`Bbj`aaa^q5*
zm``<~H%+hIp^X@lt?92cfN)mDD6|OYC{HExUXz%#X*^MO)I|KPfp6>g?*%YnLBh-X<|bIfg-MK$
zY~0m7EUq12Yp=9;`}XaYmX;@5qAt%$j#Oon*zx2A*3XpkV69%S{`9GFFd937
z<0(+{I6&uc$dX_iML!(q+KubKuFqv(>HO(%ky8Z4tktD_A+8%-3*qcaV#$v{R3-m6
znxQ%Y+#v*)V6niT+V-Qd>ld)aUk=_Y!m4{!UB16#RD5XWIW9WG!*bo&dM4?Dguhwe
zTHZIcu*H|sF`BuiwpFK&THj^n$1d=N3=U~`K-fl|Wnp1H-*UWgdkNgMbI~4UJXpgz
zpSYuOll9+dQlm4GWPDn-Mt-X@*P
z^fd71o-7O%saM0@K<>g*mbV)tF+#SX%6@|^P!1_LGZc7|g3@c4ZnWYgRum^ku87as
z{|#LKu)MsgUm2yb5476`E#!aq@XMtl_d$@Y?}Pm;&B2;NrXkOf+xq&cjQWagu;A{l
zFmHw_d7&IdLrHJ2iR8(U&>W%eE^n!1StDt2qFQ|-&q3f#!aC+)+59m8i1?y)^A9P!
z*xBnhW;pB#zXqCi+CWhpeOt~|Jf?H|-atm!wHN#4tm{@@Fmk*2JP!RDAYk7v`JE|)
z#+;E1oUwr)IrN7{{x_Prj~IS)%l{#K^D!eCRN%Qdx0pl}s>;FWr_k7;L!0(CHjOId
zX(*yzYm`b?dadCMTCUQ;D5^K=9vkNaf
zFse@R>;fUz&4UD_Z3WdCXOlLgh0VN+xGO${X#{Rc5DmjFIvRxDTaA8{6Oxs@c2iJ(
zobOlThz4_GV<9oe`&fH)~7k2Sc~v)d=prj)p;L
zb=hH7i#?d1a$4X_o{OC$wma7Qlmd*>v(4m$+so%x8}_O>iDv3}fXm?BYw0&y37T$a
z8e#>P-W8Yg$(e<$@p~jYW24VfF%Wsax!fR`*bG>SYe8)%o
z5ki79ZN~W3$@%FS-6`q_UA<{?`g5OLf8DnJJ8=Sa8vy)ZA@L9{$wISIDB8t2w`xOU
z-t20&In>JPE1|L9B#}aBt_ZV8qAVmBE^Jf4d
zR+WR68@vL6ZtL|nI}JPyU$C|;nCa0iFQZq&Q(l33@RGRL%g*P=r)QL=Gh4IrWK&6z
z`Q5ruE?Lkrq4wDq1d{dgJ-|QEe2vo{L<|tNfn2
z-upzl;44;BWIR1xt~@1uk^b{Gar1)FGt|#a95jEWlN!ynU$iQ7UX@#rK-wP|a3Z_A
zyGzAFC`D9ji7ldt3h48u&lBPmP%f&C5KJA>d#hvpBqf9bU(GNKtPISa8BXTseO?=Z
z@iUs?RdYle*0ra(fO0fmjqL693gi{1SLl2g+|k~xJYjfY5C&>RO+rZ0Z%
zuj>l|2=e!9qdW>QR8(i-V5l9Zkdy3y*VtH&xV!(ZN5kt3mrM^=4=1sm&+R@sqP2p{meW7mgf$N{u88Oh5blPduSsbSFc&FP7C$cX2k`uR2RoiuoMJ+~WS`Op5YKkhP)b`&~sE|Pdww-jd
z5(m=&>+8WXVoHwV;$y!#Pg7l7L**LD&#&V7Ykq(pXYL0ub7Dyu1lPS
zX1xE9Td(=*1$PxIa8c^FYy21vxHE)h!kqg}Dj!S=|1q#%F1i1qvlmqZSfN_K4V-6d
z(0%}kZ=aZIzbX9jIjefSmarr=F5tCxQ;$0GsKfofoq4_l_4!rMaJpR<>)R%#XC`Gc
ztettro$BQ8hx|o6Z*5OLH1|IY0F9z8dDZ}+dhwUp(fv?282FLDS?gxeU>trg6-F||
z^`CgVQKm4MY@`8RAc~b6tvGMHG22ANgU6}8AITc5o1#+;9N5SD?Ho9(;0FaQh?wCh4v`Xt3MzCn+TuNDHXUv0H0wyN~F5fv2$Mka*1
zyS*OxoG%|$x}vB9Vua&uvntSkhR|??OA?Gw>`w#yNQr35KZO2n!XI#RD*6%QKeKaY
z_Yvc4%ahy6XSp?RG?G)ZjTYK@o>E2eBJrZp}WRL=LXR(xpPu0EInr$JsVOHl*Qs$rgUo8vX>6jv_`ws
z@fgECjJpIoc=z$$gHlg|O>sO=cw%`HZcNm8iTh4fl$S$A4-%1W9KhJ6opIBwyCJ`QZl9R4KX=w;XL
zPNP%I(hz-&`sBR4%T@=%pO~>iIppB{sSWfhNmvG=@0WMSw#MHq1Ciq4yF2&)V6pjs
zVKL=@VX=jQKUl05Z+r63kT1La$$aZWS=kTY<^XwFS>eaYdp)UPUTaO-yE|M*+LnvAsc3V1%q1~1*ti3=f8
z-2GPFbJ=nrfwT<&Y7GFenawR#`4KTYOssE9*NK4?h|Yr%iKkz{yCr7q5gavlAmIP@
zI_1Hrl0ftC_ddtUnaOW`k?7x1jQ
Date: Fri, 8 May 2020 21:53:48 +0200
Subject: [PATCH 0941/2300] Update v-clone-website

---
 src/deb/for-download/tools/v-clone-website | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/src/deb/for-download/tools/v-clone-website b/src/deb/for-download/tools/v-clone-website
index 443208cb..07dfd77c 100644
--- a/src/deb/for-download/tools/v-clone-website
+++ b/src/deb/for-download/tools/v-clone-website
@@ -378,10 +378,18 @@ sed -i "s|= $FROM_DATABASE_PASSWORD$|= $TO_DATABASE_PASSWORD|g" $TO_CONFIG_FILE_
 
 echo "=== Replacing $FROM_DOMAIN to $TO_DOMAIN in folder $TO_FOLDER"
 grep -rl "$FROM_DOMAIN" $TO_FOLDER | xargs sed -i "s#$FROM_DOMAIN#$TO_DOMAIN#g"
+if [ "$FROM_USER" != "$TO_USER" ]; then
+    echo "=== Replacing /home/$FROM_USER/ to /home/$TO_USER/ in folder $TO_FOLDER"
+    grep -rl "/home/$FROM_USER/" $TO_FOLDER | xargs sed -i "s#/home/$FROM_USER/#/home/$TO_USER/#g"
+fi
 
-echo "=== Replacing $FROM_DOMAIN to $TO_DOMAIN in database $TO_DATABASE_NAME"
 if [ $IT_IS_WP -eq 0 ]; then
+    echo "=== Replacing $FROM_DOMAIN to $TO_DOMAIN in database $TO_DATABASE_NAME"
     php7.0 /root/Search-Replace-DB-master/srdb.cli.php -h localhost -n "$TO_DATABASE_NAME" -u "$TO_DATABASE_USERNAME" -p "$TO_DATABASE_PASSWORD" -s "$FROM_DOMAIN" -r "$TO_DOMAIN"
+    if [ "$FROM_USER" != "$TO_USER" ]; then
+        echo "=== Replacing /home/$FROM_USER/ to /home/$TO_USER/ in database $TO_DATABASE_NAME"
+        php7.0 /root/Search-Replace-DB-master/srdb.cli.php -h localhost -n "$TO_DATABASE_NAME" -u "$TO_DATABASE_USERNAME" -p "$TO_DATABASE_PASSWORD" -s "/home/$FROM_USER/" -r "/home/$TO_USER/"
+    fi
 else
     cd $TO_FOLDER
     if [ -d "wp-content/plugins/w3-total-cache" ]; then
@@ -391,7 +399,12 @@ else
         rm -rf wp-content/w3tc-config
         rm -rf wp-content/plugins/w3-total-cache
     fi
+    echo "=== Replacing $FROM_DOMAIN to $TO_DOMAIN in database $TO_DATABASE_NAME"
     sudo -H -u$TO_USER wp search-replace "$FROM_DOMAIN" "$TO_DOMAIN" --precise --all-tables --skip-columns=guid
+    if [ "$FROM_USER" != "$TO_USER" ]; then
+        echo "=== Replacing /home/$FROM_USER/ to /home/$TO_USER/ in database $TO_DATABASE_NAME"
+        sudo -H -u$TO_USER wp search-replace "/home/$FROM_USER/" "/home/$TO_USER/" --precise --all-tables --skip-columns=guid
+    fi
     sudo -H -u$TO_USER wp cache flush
 fi
 

From 89d429b99bbed19079dff9b27d7d07f57f02d286 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 9 May 2020 01:20:35 +0200
Subject: [PATCH 0942/2300] Update PHP-FPM-56.sh

---
 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-56.sh | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-56.sh b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-56.sh
index 9ffaadf3..4f54592d 100755
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-56.sh
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-56.sh
@@ -17,8 +17,8 @@ user = $1
 group = $1
 
 pm = ondemand
-pm.max_children = 16
-request_terminate_timeout = 30s
+pm.max_children = 8
+request_terminate_timeout = 90s
 pm.max_requests = 4000
 pm.process_idle_timeout = 10s
 pm.status_path = /status
@@ -27,7 +27,7 @@ php_admin_value[upload_tmp_dir] = /home/$1/tmp
 php_admin_value[session.save_path] = /home/$1/tmp
 php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
 php_admin_value[upload_max_filesize] = 80M
-php_admin_value[max_execution_time] = 20
+php_admin_value[max_execution_time] = 30
 php_admin_value[post_max_size] = 80M
 php_admin_value[memory_limit] = 256M
 php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
@@ -89,4 +89,4 @@ if [ -f "$pool_file_74" ]; then
     service php7.4-fpm restart
 fi
 
-exit 0
\ No newline at end of file
+exit 0

From 59f4d1fa04cce1da5a052dd095ff9c1ee728d872 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 9 May 2020 01:21:24 +0200
Subject: [PATCH 0943/2300] Update PHP-FPM-70.sh

---
 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-70.sh | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-70.sh b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-70.sh
index 7ae49492..fefdf195 100755
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-70.sh
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-70.sh
@@ -17,8 +17,8 @@ user = $1
 group = $1
 
 pm = ondemand
-pm.max_children = 16
-request_terminate_timeout = 30s
+pm.max_children = 8
+request_terminate_timeout = 90s
 pm.max_requests = 4000
 pm.process_idle_timeout = 10s
 pm.status_path = /status
@@ -27,7 +27,7 @@ php_admin_value[upload_tmp_dir] = /home/$1/tmp
 php_admin_value[session.save_path] = /home/$1/tmp
 php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
 php_admin_value[upload_max_filesize] = 80M
-php_admin_value[max_execution_time] = 20
+php_admin_value[max_execution_time] = 30
 php_admin_value[post_max_size] = 80M
 php_admin_value[memory_limit] = 256M
 php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
@@ -89,4 +89,4 @@ if [ -f "$pool_file_74" ]; then
     service php7.4-fpm restart
 fi
 
-exit 0
\ No newline at end of file
+exit 0

From 4ab335fad8527aeeeccc24883e1497ba076ae59f Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 9 May 2020 01:22:14 +0200
Subject: [PATCH 0944/2300] Update PHP-FPM-71.sh

---
 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-71.sh | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-71.sh b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-71.sh
index 72853906..8688598c 100755
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-71.sh
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-71.sh
@@ -17,8 +17,8 @@ user = $1
 group = $1
 
 pm = ondemand
-pm.max_children = 16
-request_terminate_timeout = 30s
+pm.max_children = 8
+request_terminate_timeout = 90s
 pm.max_requests = 4000
 pm.process_idle_timeout = 10s
 pm.status_path = /status
@@ -27,7 +27,7 @@ php_admin_value[upload_tmp_dir] = /home/$1/tmp
 php_admin_value[session.save_path] = /home/$1/tmp
 php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
 php_admin_value[upload_max_filesize] = 80M
-php_admin_value[max_execution_time] = 20
+php_admin_value[max_execution_time] = 30
 php_admin_value[post_max_size] = 80M
 php_admin_value[memory_limit] = 256M
 php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
@@ -89,4 +89,4 @@ if [ -f "$pool_file_74" ]; then
     service php7.4-fpm restart
 fi
 
-exit 0
\ No newline at end of file
+exit 0

From 5f1be60ff95a4add2647a2928c4fccfd3b0bf218 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 9 May 2020 01:23:01 +0200
Subject: [PATCH 0945/2300] Update PHP-FPM-72.sh

---
 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-72.sh | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-72.sh b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-72.sh
index 8322eb88..33442862 100755
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-72.sh
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-72.sh
@@ -17,8 +17,8 @@ user = $1
 group = $1
 
 pm = ondemand
-pm.max_children = 16
-request_terminate_timeout = 30s
+pm.max_children = 8
+request_terminate_timeout = 90s
 pm.max_requests = 4000
 pm.process_idle_timeout = 10s
 pm.status_path = /status
@@ -27,7 +27,7 @@ php_admin_value[upload_tmp_dir] = /home/$1/tmp
 php_admin_value[session.save_path] = /home/$1/tmp
 php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
 php_admin_value[upload_max_filesize] = 80M
-php_admin_value[max_execution_time] = 20
+php_admin_value[max_execution_time] = 30
 php_admin_value[post_max_size] = 80M
 php_admin_value[memory_limit] = 256M
 php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
@@ -89,4 +89,4 @@ if [ -f "$pool_file_74" ]; then
     service php7.4-fpm restart
 fi
 
-exit 0
\ No newline at end of file
+exit 0

From c7b506de9224ce487ccf4da6e76e1b2ef5115e92 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 9 May 2020 01:23:48 +0200
Subject: [PATCH 0946/2300] Update PHP-FPM-73.sh

---
 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73.sh | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73.sh b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73.sh
index 1cddda74..72f9cec6 100755
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73.sh
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73.sh
@@ -17,8 +17,8 @@ user = $1
 group = $1
 
 pm = ondemand
-pm.max_children = 16
-request_terminate_timeout = 30s
+pm.max_children = 8
+request_terminate_timeout = 90s
 pm.max_requests = 4000
 pm.process_idle_timeout = 10s
 pm.status_path = /status
@@ -27,7 +27,7 @@ php_admin_value[upload_tmp_dir] = /home/$1/tmp
 php_admin_value[session.save_path] = /home/$1/tmp
 php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
 php_admin_value[upload_max_filesize] = 80M
-php_admin_value[max_execution_time] = 20
+php_admin_value[max_execution_time] = 30
 php_admin_value[post_max_size] = 80M
 php_admin_value[memory_limit] = 256M
 php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
@@ -89,4 +89,4 @@ if [ -f "$pool_file_74" ]; then
     service php7.4-fpm restart
 fi
 
-exit 0
\ No newline at end of file
+exit 0

From 75ebe2f249a7feecb295c09e9a05325415cde049 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 9 May 2020 01:24:41 +0200
Subject: [PATCH 0947/2300] Update PHP-FPM-74.sh

---
 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74.sh | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74.sh b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74.sh
index 64cbaaf6..552cd112 100755
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74.sh
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74.sh
@@ -17,8 +17,8 @@ user = $1
 group = $1
 
 pm = ondemand
-pm.max_children = 16
-request_terminate_timeout = 30s
+pm.max_children = 8
+request_terminate_timeout = 90s
 pm.max_requests = 4000
 pm.process_idle_timeout = 10s
 pm.status_path = /status
@@ -27,7 +27,7 @@ php_admin_value[upload_tmp_dir] = /home/$1/tmp
 php_admin_value[session.save_path] = /home/$1/tmp
 php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
 php_admin_value[upload_max_filesize] = 80M
-php_admin_value[max_execution_time] = 20
+php_admin_value[max_execution_time] = 30
 php_admin_value[post_max_size] = 80M
 php_admin_value[memory_limit] = 256M
 php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
@@ -89,4 +89,4 @@ if [ -f "/etc/php/7.4/fpm/pool.d/www.conf" ]; then
     rm /etc/php/7.4/fpm/pool.d/www.conf
 fi
 
-exit 0
\ No newline at end of file
+exit 0

From d63823075b048b2c34541b2aa92f9f655577ce88 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 9 May 2020 18:28:07 +0200
Subject: [PATCH 0948/2300] new logo

---
 web/images/vesta_logo.png | Bin 5918 -> 5902 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)

diff --git a/web/images/vesta_logo.png b/web/images/vesta_logo.png
index 4162c24481cf2ac9bfad45bfbb516336538fe89f..f7c03aabe313114e4a6e9e83778dc3cea7f4a0d7 100644
GIT binary patch
delta 5868
zcmVOL_t(|UhP~7coo&z{$}QGNkB+g6fFc$1W|Bhu?T3Z6iBqn
zqu~D+*HWvXQnjuRF8y7q0-|UXidwXS6;Y~UtP~LqDxjhwsK}ZKvXg}D_uiTFzwenl
zH#avoBrGmZpS(UVcjnBQ?R@83&qSkl@7{8-_~MD7ZAI)fF@MZ5?3PIJ*M?;F%o61U
zC92BNwpVvNSgc$b+h|5(Fw~-(Vw?McR%t%`8`az8HK&Pb@FItcQlE+8Oc&c|FQ$2=
zh(epJk(%%$IKEl;KM2^(f^9MkwP1W~vk3_LGQ}{4Kr?$mfLn3;5^>}n2=RP)*wJUiw9Z7kALo96w$E_Hog7U>RkL853`4ztLu|7t@LdJL+zxhv
zw8|mWB@ognV)~ANK+%LQ%Gm%7J_46cch3PFwGscW5km&yTnl|Zkcjgqw0)_MHxn12*(l_+~U4x9k(JlpL;fvYc}
z<=xOFq}v>{InHRQ+4YJ9A#Nz6Zf^|Df^9Mk_1@*N%_IyOYsmXA_rtK?hP_@8+E>_y
zfX)8cr;nw8)`%UsQhe4(>~%$-CE`<0OO4T0EaPgl!6eHE2%uIB$?SWA;?jBU-3WZE1cqBuNwrk
z4SgQK_6#xX!yvTZ;@GKTOOb?SrmSC3DjoV}N-!9Nkd^pDcS37_kNyts`mHFV4NUgo
z*f$~QFs@B!Pi=1)KQqA&e5sPtlvW7lN@~FUihmgn5EdA8H?<;A9`#_19XmF*S&Q7Z
zn~Y(DdbF3IwFtuK8EXdAJh7a=NCcW@nyn$w)#5APBH>o&Lr{-FP;DW8n%O5L3XSwx
z*J1+n2Um%TJSECkjCsL9I111A5c>Z@UzQK&*e~LDw7c5?AlQNbtUL`{XSofs8{~QW
zGJoZVftwypLTn=P)|#>dJQws{J{5ii&IKt*=GhD?ZU(!7
zO~EV>sayPcIH=cye3#ZB-`E3%538mv&y(N~@D-4P-(T=re9lL~uHda8?^zp^x_@Au
zU?%t=_&pm4YEK+_y^8%3@ZE_C_6B_4JT#pEA$9)1W$n+@G7xw_-uPNg!w*Z!Dskg3G;le_{@dyw||p%
zq5hyGvkQMkm?mujIiPL9zTm#l4}YXk*?$AbNZgx(O{E7~nEwOEftetW@hv@V=6KQ?
z{1v3|ldrSCBq&G<^$)Rag7@@Bw*|=Oxdo&p(XjgT=@Z)&$r+q^2DJ1cm|qGE`KFPE
z)8|UG>ROoKPo&(mC14GK77s*sH-MrLm3ke0*J7tNwhN)z58}L?I^T6~27hfAm|^C?
z#%M4H``<&jcVjGG#qr-D+CCYt0`o52A!wem1kVl=>%9ZGeVhD!RkQ*-oJcf*9LPQ3
z8(=D5Lrq~?)m`to{oV#I0o#DQ@E0J>?WP9!QH<4xfkp_%4(~
zT~nMlD*bE-b}qVk{>R23KMiHXfcP$jR>5B}qBS_EJs>#jLI5gytvFUOwD?$@QjBAt
zN*Mk#U|fb3_1p2>3^kK5!vOQ%t|a`}_-R2z;takk@(*^i231@Gl_m
zPf&mtffGRvHqWDW^EtgY^MG;E*P;bre87pu36~5`*2h7*0-^xqM5WatP6wxgNH;Ye
z1Lv4^H#W7qzSZicG(CQH!AzB7cs01y^zd=1H0G}~~8(Oe=SCj|xF3uP!cE&Ue
z+%eFY<@g-~D|;1ASq*{4F0Liw$MG^mx0A&VgOL@|sfz+J#7PVVtHp@!5+_^&Q~Nf~
zdmXIABkscWcYlfR)k4#I_`Uwl+|Q_2zgxEF#>F71RGH0=26#i7?xZop_?&Fv}xwuc?wA7$@yp
z1wkRL7=aRSDd;^F1xw$S2)?8jSg{{xH?`nELCy2Pdv$a->wzXV2V~{#MsOE+py0&t
zQYC6^s(-YOZJx%)`@4dT7>MLp|J6X7kq)2OLn;?o7~}!aPWUf-9nz7d5X#+>;d@O!
zS)o7}x2EwA7j;#V=HDrYA@?W8yY8G6YW}>P7QQ-GcQJ;ap-t)aG;p%qvPm@GfgJ2FcXnyEVJ+np0bKiYGk>%h{
zce4)IpPGlcxlHzI6GRfuNrctoQxZR&F=
z3;zSbP6g&=mA2lTpSo6ThQ;4bfe4`vf=6b)2j6`oB5U|?wF!b08PvC$@=p=Vjn@^hIL<`}8!eK4^o_&xdL4R+8
zP>8H5c|MIJ!^+$YkZH#+!Jh?83AIKprEb78jzV5~G?*(bgExs)y#^Zdj#T6O34Igaeu8v*5@=~#U*nR?=WJu!*y5#@gn6Q>t)-H~{#{_wE~K&-!s>FXnH
z(hU%vEnS9ZF1kG@YmpkBwWu)Adw&b_T$UdRgyFjCL!1mUmn2xjrFCcs6i#FGz%+-s
zE58Uy48&;iSs6mkueF%<>7NwP2?OCYf*B9)YaB0kybGUdzq`I>JEVZLMNQC&Dp
z_*qkoIYkq%8(uWA5Wfm67`AER;Kbt|(dV(8!igp9hwY~&I2h2lH`V{D!kNWOf{Q9v>m{k8$Szq}wu+zHY?Zb_1qzAtJ*^Zo
zJ;LGvixs>A2bKX7%`np(?z5d{nEg_L=A7C`KiUwvPMo|TLG#YSJAbQIT)Ir0I5h9n
zUX}q_Pd-#&zJ52z%2^`o)QCNp<6bP^29x+8eBEROF3T_!(lK^ofPU6XdnojwpjR8F>1-^`;kk^`8=`mZ
zRA7{R7s#>rC+KMhaRo@hA4(hva^fb^i!18D4GOC5Js4mH7oCt|TqxCTZa}Dkz)8uL
zNbO)|nHgKoUHasukRVM_N(}ojZ?Kf6OYZW#ZV)P0CF%i5>VJudqOQU1k!w1eFdh?6
z9JgRD+Run}k<-$z}_o~F<$FrWM(L18WeS-+kH
zdO;e;7V$#d*B=TnreKPf$ZcRfxPlFu1I4s1fm!YV4dLM2C8qL2$kTU3Iq6;a#J3o>
zk->utC8ZGF2!Fg;yZ~>R(mD6ax5aUUi|k$=xdh}gmWCrv2i)s2u#;E_qLgv@s0rnL
zqhiN3_L9tjT_xbVLehO95QfMnxkoIDA1CIQ58=`xUzUE7pc!OAobSZ}XPR>`m7o0q
z)2aJFuDp1l<)Gg^6rej{-pqB@T@M^AE)9AG(QFZ{3~hnETpLgK0r=X$
zJLRhwg}PAk!2Il+=fO9|8fuZKt;&$+-s*BQ^47ZjD(q@6AhE@CmVFo5;}yH*gdkjp
zyOOh3{16bmJct(eYYq>wc7Op?vSxapsvHVXuz%NrjCM)-R9c5rpn0ruH#Ooh%8vdQAf-TJWjibG(m)dl2nET*zH
zyAVWC{?TK`FIc?UfNAfRWwr2fPT6B4Xmiv@xaTa)nx}n+yxPJd2N$ak1z7H+$>(^HG_T%rU@{oscpsb5YNV=o{ov4o
z9rub;Iqs#3Ibud>uS;QL2Z*vB?~``)|L}Ms5Ur})+U2eh%YI0rttUuXi{mh~wd;$C
zft8YJI4(nm1ufWt(MR}Nv3Rag7~W+gDt{g;;i?dXO|LSTD&Q+Oqe??xA0tjedVbo_m{w{PzY8Up>u0+kYqd
zoo+6ZH2-~4)n+tq)jwp`rd#mcSrVz-ijDy>&1(=5$4yqLQ`LQZ$t%YU-#YDfWy{BL
zO@+VKzW_#fg|vWTcy#@#=i8c+<`B5F@J~@Fq=q;EBo=^P^i3!AXOOun7x@`?@N0(q
zL4GB|>k?c9{}~82ih(gyZJW|5P=6dgF_(>LJ9sr78~zi|ZqjNRg9fA>TPN}}l~I0u
z*3g~eGw+4aZbroY03x5x2*BcNnyYIzw;Z$MMMSU=tf+9NuXa7Upz@nO>#BEtf#B=`
z_g-3%Q|YgD2LLX+9PR_AIL5jaCN4;)S_n@DXBxi^VzHqiG8d&krN%x3dVga=>%&?y
zziMEifS=dUs(6tJT>&HH%L9OY8;a(>xYFCxOSPYrcW
z{#--@w^)TKG$OytP0SPdt$&aPgpTK+Ts-PviJ!jkshH-ZtY)Nu7lJj!#2|@pF;hzrMDz
z-+5??r$($l@3hPMBdzK1n-;wu?G^0!f+;2iqy>sV?2i2G@xA6}kDn)wp7^yNubUV&
zw#8U*v7a4ij+t`oE6w3kaRJ<03~!8yo
z@YxdYkr+iMg3n6JvwyFCbU)s4elDa(J>_2l5P28)dP^|$0S3K=?yBiLBED#z)L5-C
zmrW_RzY|N9OVB?J8aY}|6aHO}ZQlU%%P%At7-e98B@EPE;;&wD>H3*NDxB~W)v&(Q
z^2;&@$x;5SDEhEUMQuol+@eVr;1T$#Dj#K4e#ww{6zyT)OMjKTC#zSi1l6%NNr>0K
zn*c_(skEOfIMh@Ybg0?!e1x_hqI}~p;#>lJ2fp<=nX|S+&hOd}=d^^|
zfxqSV#Ogxaa(_G8cE+yjK9Kuy91G|C$}c5`Z<@q($4jH0$=^HVP}gDqt6-=C26qj?
z`K=b1CaIy!BE`KK_IhXwkJUwN5S`U>7_v0?S5T$v^g1?nv3%S@Y#!TUN$s;
zIvu0-LJkD$$YQkh#4jAAGe=6wSZC#|uZP^S>D?F|<9}QoNYUrcFFc*)#AY-AL%q&#
zsP}66;qAkx|B$vT%6HJqGwxI2oaltBQ
zm)PM;F&Tvh#k3wa))47-|V)fhHhQ
zmLdMYeSZ+nSd4A}k?d}m0aeMb`L{96*ar-?ct8GE1*SR*
z{_-OD$853H3W#x?Smr+vG`XLCDzzI@dlMapVt)d-b!A=ib#N0K(VdTf8CQ(+-jINw
zDS-|$hOd8si}Cf=ZIgj3t;(;+trs*kqdpAvVS`JnsZp{wAnEA=*;`emzZT>lSt;`>
z96^-mAlQmLElyx0giTYM0m1%Tc5S~M$4jMc>z44@6sA`piX*3RGOIS@pq=h2Q!=)j%)3JZ==11DAmcd5!xLoPIQ7;
z_JwE<;@bH|+JF5HN4&vNgKCE=9DPY_^T0@vz-gD<49g2O*s$R^Vs|6iqlu
zyX&CAN8{G1-c^9B*W=&SqNEe9wQtm%vP4tU#d4ye(ng7G
z^^P3@^d1OztyubO5sQK?677t|fis|;oxM{iaJ>v#et!~9Nj7aR+FbW~DcSL%BthJQ
z>uOM~P}ZKXBLj9n41o6Fa?z33L*kneCIcsiH@
zB7c~aMc_Zcz|TMqtWxYJ*sShJwbD}5
zsS*(g&%PG|(>l$8F^(Cgt_***&Pl5FR%-&#n4RXFgp0u`AO*=ho2l7@;7Q=Y;C&FOTj~3-Q||%!E$JY?*aw9Vt7a_E7_bZYAxOdh
zQt)1U&zHdF;KLxFSr(LfV4dJC@LBL@HV}5RW(aU&nA$2YShsQdPzdumQFb3R)qg^V
zuYiz#fV4goUG$s;Q!a-V4}(yk2`UYrMIqIJV7X0gq_A@#bZ8}fYCM$vGuQz>wLab(
zk+MSQ-U?-H`E|4(odNK*|fB}nt6Hpp+LmhpO;VHRiN@3|Soz&G#D
z`z!`&R^!hhX^LBd13_P?bblr9fnR}q4)4SF;d%TP%Avd|&hC}k8G@aH(|rHqpp(bL
z3ZX*+eV|p)Qbx3jo!SzD!!87%qy5CS^Pt5iTk7`4()InwEHEPRwVZH3DSEP=6?wgE?R#__6dq
z$AJ;>c91@BHb_%U?dNl*f|Y@9MeXCgsJXrgp9~HK`Fw%`>;XOxva@;JlOW&I|1uxw
zCvz`a0LBL#XdG~f;9wmE(iITdAO|XoJ46TY6%gsB!OI|BjR|DR5GaD#b>WO%FYVAU
zLmDZK1RjFWdP38>qJJ-G24_Iqh9KY>XrkHmYnRH#)j6_$)ofY6W)Ud%<{y5Nf_)=&
z)VT-u7zT6e`N1+nvs0{SKGLAQIR2^m1b)8OyD@-f;TIZ>hKlHE3N@9W$!YCv?g!>_
zjlE6T23F*YDKuJv%E;pc;{gs3Vh{KZ=nIvg38ePYr}8EFm47smY)`x={bD>4kNc#>
zq17YUL$nOOPzhR+EYNfcz;{gJh7oM`P5Ghh-f2C>NqZd~*8&=|0Kd1u%HD=cRzRS!
zn;VG)aeN$NVt_owcD+FE8K3jFivtF@NLw)T=b(27eC$Jm*2K3*Gf~9YZ2S2i{
zw`tDf=%yANDojuk1E1B@+uRQ{v3~$rdFv1E01p)$7=EfmjjbrHW1FwBrRRHsjVR=G
ztp6IIO@F1rC$^NrnKnB4d}t^9m$Me>$Ttwm6OtB~CT}d(AY#mejFzL_2a`GkRzSizeo!ek-u1b`M)pluR>tI)9>3m^Qsc_J!X?uv36>S!Ap?$ET?kTVV+{
z)F48r!{9L)U&43yM`R5jt~WrCNa@=)70dZZRP+^?eoq@M__h2(3&ap8&+Hx{nmqbV
zzoS`dWPn3Zi_Y{mjrpV*j<*m#C>$0LhEzcoGyDNUA+oCE`!x0piyz}arXA;jzkdl>
z^^?<)OX>UZj=hkVo(NtcwUZtYyLdG;W(u6e*(Qw
z-%mT38qoam+W0hw)fiTVDgrf+h5K1mkk`k9_36jJyTNQQUVB-@V9l0A3V%Q6txhn&
zWvx1%{zOVSSm-#u=n`WN4P2NmJx>N*+7#MzA5xNYpgkw!_d2msP62V%VRHE_ns^2@
z-b2m58lA7!AYh8~g(`~o+9C~-G$@J8ex@nY9%?P`z>a0WL^I4Zhx=@&8TN||iJ&>B
z_R)`4M$Qu_PDs$av+&NU6@P2T@dJnEo!ZMXU}ZUh3Cf1)eKN^;&v30Y^sOtMr*?ZQp1i^L7Imqzf(jnE$nR6}OBQ%}zBQqi&f
z*eTNy6&VLpKNHW)h4AL!`7cNVI}3r^NLYyVhT^`A;BB@n-=#qeh=1}_JtrbbHh$Jm
zduWQgf_`n7rt?5)4zFdDUK#y+R|H1MgF((S{{{55gWyB~1z(*w2IRnvryp08gBKJO
zJG;=q3@(~MW3G|n`u8K$fL6u5rYll+Ro}TI
zRlm7!s(a_QC_Q&u3V(9U;GJU@U3u;$?>!T2JK?2ms_)DxvaRG~Gl0DHQp=<`GD;22
zdRRS~HC+wLYAl6Nlo-)QO`7-hx-8azeU0Hq{t5Iog;s(2?7bxyI5NXY|lbFi`F+HzI~VNvd2jk*ShoRuX^3wH>+R0&o`c#{_U1i
zdNn#>=U}nzNAM24@D4}8T6BByyPi+sdd{f)9tQ4eNrjd3DPk4?IBqHf75Yhn2Urm2
zcd^5n<{VDt=YN-gE@U{!nHL|l9Q3=@0lE|B&8%p}^M62?!Se6~D;oYZmdvv|C?w9Y
zigO3dWp|jz&tNKBqJ2Wn=&l2DMs=+PicegF93}=O8#ZA?K&YJeWZ}R^`%U$AZDg2r
zvVJ_f{o`NU=;xdUMQ(C038*u0z5fm}XH#niK^`pmn}0-cz^9JAuTm^(&>Z_EKi}Wb
z55}iMhXV#?oMA!sV8{t{zG)&58Jej<-=`y>s8)@oWup0yXNBvvJ;7?t$d6`=U}b1C
zQuj3`eYf1L(B|JkgHC`pK^yeL5ONz3pB5uR8UACSpe2oE1b#VEx8q(Eu))PG7B>~g
zsWte^8-GkBcgI=N<<>TznH%Jnq_n`fWkqhdfq6M+c=y#ZK@aY-$;?Rl^g5gH1E@sJ
z^p~ns2l%XhAfsK9KGm3w3PAH%;%yrE^QcD@o?xTJ-@v8~7e{}9poJ*}sM^5*N)goE$bNa*}&+<>*E3yz02EyOw9!P}ANJ|fA%VX1*)GqV!3A{?z;y_Y-l+J`1c
zQn25edv0RzWAOcs<7C$?|(Tse*=PzqGOaUYvbSIxb9v_-8fHzy9bC>_!xX{K3*Fp67O!|1C{D@
zUeoVQkQ32CQ%O3n>GHQPJ#p#%5`VCUHA&yqmu;%vc#^{n*OXjKu77Dn$hN~C-ppdSB5%Q5(YrG%I3wBRr27d%O4o-|y
zbX*dOPPeX={O13VlDhXwA^+&gq7U{=Qp_+lO50t!l(Tiibuz!tgD}sk8-$Ra5{QHv
z*W!W$4{3p-$SrL?<4TRC5d5E?@BG$%^^*6Rh<4oKuJZB9_Bo>54-3O7UNEPmsTwxt
z8$64_(c|V<#mqgy6&GG0%zt2sOJDd_OmoT}S~cQBvWgfVB(c!XN|kTo*?+WBv{=jx
zsHuEDXPsDDrIU~AHHm`X|qRvI)M0-JdwTa2Wfqe(^)_TC#&b)%BqJ4nr-Ic5w{Rhq-M;sm%q
z8GazfmkW7snqOKWYAVaIbS2Cqd5nXe>xmgb{}rqZe7E>##7EKb;JecDRCONRkAIxY
zg-oySw_w~y_8$YSC4VV-J_K9KoNDO4D1qp!QevlLEL)QAY!X}N-#Tl+SL6S6dFvB1
zw#eGPHy1$Y_hTS1Rp}4GrD1>REz|Ftz9hH#;)S;jm@DDvt+?+K7~gex->_>(&mH&j
zily6|vy)!Yk6p&q{i2?lK`r2Xse}J!>%o^9L93@{P-_@@FMqhWK}2pAb+a1b0xs_#QGXMavR!mWB2u5$Xgu8!Z}y@9S~~x44PU-*CX}7%Q#I|
zg9Ir3DvKzU!M#d!0A|Nuxo@>HGd(_BJrQR61%wN|;CuN8k=fF4=O?ngej8}&6}T=0
zpFIcH9S02^i@|^=@;V6Cl{siT4Zm=Z?qu1$k9Ag#`hO~+#(Z@$wA?Rbbk%*&t7tv$
z|9dDsoKboe$gmpd;-sJoS`EbxjDv9em46fvLV1NKS#e?;&>PYAsy9h47kEuDP1@az
zw)08_tKA*qg!^DH~?Y>y73EU
z1=`Y0l-NDsACD79FNPS`B4U0QVU)M@Q!_nsr+-5QyJ7%%69An0(=GxX2hm-Ce;JpD
z>pqoGkSRfhL53RsX$u^oiRItF;Cg{?M_{6*3w|-Ea1TeC>0wtUuBfj;3`)NaSNKb?
zdv8cmQ$w=1sK~4qoy!gl;|SZii{UGgfvEIYSSRttim1J9>wuJsSVO=!)H^N
zeszVYQmDIUD#V-PAxQu4R($M*V0-JwyYO#vYETK39(4%+JD_+ZIUy->>xmT#id)FE
zpg^qTBnj9}kSGMgu4eK4kTol5#EfHbANXf!0)hS{wd8Ll{VuC4@2i1<$iD%MAM~fs
Snnd*g0000
Date: Sat, 9 May 2020 19:10:46 +0200
Subject: [PATCH 0949/2300] tune fpm config files

---
 src/deb/vesta/postinst | 74 +++++++++++++++++++++++++++++++++---------
 1 file changed, 58 insertions(+), 16 deletions(-)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index 6b5f3969..072b845b 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -13,19 +13,51 @@ if [ ! -e "/usr/local/vesta/data/users/admin" ]; then
     exit
 fi
 
-# Run triggers
-if [ -x "/root/vesta-patch.sh" ]; then
-    /root/vesta-patch.sh
+if [ ! -d "/usr/local/vesta/data/upgrades" ]; then
+    mkdir -p /usr/local/vesta/data/upgrades
 fi
 
-# sudoers fix
-if [ -e "/etc/sudoers.d/admin" ]; then
-    sed -i "s/admin.*ALL=(ALL).*/# sudo is limited to vesta scripts/" \
-        /etc/sudoers.d/admin
+if [ ! -f "/usr/local/vesta/data/upgrades/tune-fpm-config-files-v1" ]; then
+    touch /usr/local/vesta/data/upgrades/tune-fpm-config-files-v1
+    
+    OLDVAL='pm.max_children = 16'
+    NEWVAL='pm.max_children = 8'
+    find /etc/php/*/fpm/pool.d/ -name "*.conf" -type f -exec grep -l "$OLDVAL" {} \; | xargs sed -i "s|$OLDVAL|$NEWVAL|g"
+    find /usr/local/vesta/data/templates/web/apache2/ -type f -name "*.sh" -exec grep -l "$OLDVAL" {} \; | xargs sed -i "s|$OLDVAL|$NEWVAL|g"
+    
+    OLDVAL='request_terminate_timeout = 30s'
+    NEWVAL='request_terminate_timeout = 90s'
+    find /etc/php/*/fpm/pool.d/ -name "*.conf" -type f -exec grep -l "$OLDVAL" {} \; | xargs sed -i "s|$OLDVAL|$NEWVAL|g"
+    find /usr/local/vesta/data/templates/web/apache2/ -type f -name "*.sh" -exec grep -l "$OLDVAL" {} \; | xargs sed -i "s|$OLDVAL|$NEWVAL|g"
+    
+    OLDVAL='php_admin_value\[max_execution_time\] = 20'
+    NEWVAL='php_admin_value\[max_execution_time\] = 30'
+    find /etc/php/*/fpm/pool.d/ -name "*.conf" -type f -exec grep -l "$OLDVAL" {} \; | xargs sed -i "s|$OLDVAL|$NEWVAL|g"
+    find /usr/local/vesta/data/templates/web/apache2/ -type f -name "*.sh" -exec grep -l "$OLDVAL" {} \; | xargs sed -i "s|$OLDVAL|$NEWVAL|g"
+    
+    # restart all php-fpm services
+    systemctl --full --type service --all | grep "php...-fpm" | awk '{print $1}' | xargs systemctl restart
 fi
 
-check_apt=$(grep -c 'vesta.hostingpanel.dev' /etc/apt/sources.list.d/vesta.list)
-if [ "$check_apt" -eq 1 ]; then
+if [ ! -f "/usr/local/vesta/data/upgrades/allow-backup-anytime" ]; then
+    touch /usr/local/vesta/data/upgrades/allow-backup-anytime
+    check_grep=$(grep -c 'ALLOW_BACKUP_ANYTIME' /usr/local/vesta/conf/vesta.conf)
+    if [ "$check_grep" -eq 0 ]; then
+        echo "ALLOW_BACKUP_ANYTIME='yes'" >> /usr/local/vesta/conf/vesta.conf
+    fi
+fi
+
+if [ ! -f "/usr/local/vesta/data/upgrades/fix-sudoers" ]; then
+    touch /usr/local/vesta/data/upgrades/fix-sudoers
+    # sudoers fix
+    if [ -e "/etc/sudoers.d/admin" ]; then
+        sed -i "s/admin.*ALL=(ALL).*/# sudo is limited to vesta scripts/" \
+            /etc/sudoers.d/admin
+    fi
+fi
+
+check_grep=$(grep -c 'vesta.hostingpanel.dev' /etc/apt/sources.list.d/vesta.list)
+if [ "$check_grep" -eq 1 ]; then
     wget -O - http://apt.myvestacp.com/deb_signing.key | sudo apt-key add -
     codename="$(cat /etc/os-release |grep VERSION= |cut -f 2 -d \(|cut -f 1 -d \))"
     echo "deb http://apt.myvestacp.com/$codename/ $codename vesta" > /etc/apt/sources.list.d/vesta.list
@@ -40,14 +72,24 @@ if [ "$check_cron" -eq 0 ]; then
     crontab -l | { cat; echo "10 2 * * 6 sudo find /home/*/tmp/ -type f -mtime +5 -exec rm {} \;"; } | crontab -
 fi
 
+if [ ! -f "/usr/local/vesta/data/upgrades/change-clamav-socket" ]; then
+    touch /usr/local/vesta/data/upgrades/change-clamav-socket
+    check_grep=$(grep -c '/var/lib/clamav/clamd.sock' /etc/clamav/clamd.conf)
+    if [ "$check_grep" -eq 0 ]; then
+        touch /var/lib/clamav/clamd.sock
+        chown clamav:clamav /var/lib/clamav/clamd.sock
+        sed -i "s#/var/run/clamav/clamd.ctl#/var/lib/clamav/clamd.sock#g" /etc/clamav/clamd.conf
+        sed -i "s#/var/run/clamav/clamd.ctl#/var/lib/clamav/clamd.sock#g" /etc/exim4/exim4.conf.template
+        systemctl restart clamav-daemon
+        systemctl restart clamav-freshclam
+        systemctl restart exim4
+    fi
+fi
 
-touch /var/lib/clamav/clamd.sock
-chown clamav:clamav /var/lib/clamav/clamd.sock
-sed -i "s#/var/run/clamav/clamd.ctl#/var/lib/clamav/clamd.sock#g" /etc/clamav/clamd.conf
-sed -i "s#/var/run/clamav/clamd.ctl#/var/lib/clamav/clamd.sock#g" /etc/exim4/exim4.conf.template
-systemctl restart clamav-daemon
-systemctl restart clamav-freshclam
-systemctl restart exim4
+# Run custom triggers
+if [ -x "/root/vesta-patch.sh" ]; then
+    /root/vesta-patch.sh
+fi
 
 version=$(curl -s http://c.myvestacp.com/latest.txt?updated)
 version=${version:6}

From 482032b672b00a807ff60edb2467de37e53611a2 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 9 May 2020 19:13:34 +0200
Subject: [PATCH 0950/2300] folder for upgrade notations

---
 install/vst-install-debian.sh | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 7ac6a3fb..7f4e692b 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1584,6 +1584,11 @@ fi
 echo "==="
 echo "UPDATE_HOSTNAME_SSL='yes'" >> $VESTA/conf/vesta.conf
 
+# folder for upgrade notations
+if [ ! -d "/usr/local/vesta/data/upgrades" ]; then
+    mkdir -p /usr/local/vesta/data/upgrades
+fi
+
 # Secret URL
 secretquery=''
 if [ ! -z "$secret_url" ]; then

From 4b7bf3b9a21af9d608e43d133cd64f4cfe4a9d30 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 9 May 2020 19:14:21 +0200
Subject: [PATCH 0951/2300] Version 15

---
 src/deb/latest.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/latest.txt b/src/deb/latest.txt
index 9868c416..908986e0 100644
--- a/src/deb/latest.txt
+++ b/src/deb/latest.txt
@@ -1 +1 @@
-vesta-0.9.8-26-14
+vesta-0.9.8-26-15

From 3da021bcde0d3f932b7ec5a88d552ca43a65938b Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 9 May 2020 19:19:55 +0200
Subject: [PATCH 0952/2300] Update postinst

---
 src/deb/vesta/postinst | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index 072b845b..364574b5 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -20,6 +20,9 @@ fi
 if [ ! -f "/usr/local/vesta/data/upgrades/tune-fpm-config-files-v1" ]; then
     touch /usr/local/vesta/data/upgrades/tune-fpm-config-files-v1
     
+    mkdir -p /root/etc-php-backup
+    cp -r /etc/php/ /root/etc-php-backup/
+
     OLDVAL='pm.max_children = 16'
     NEWVAL='pm.max_children = 8'
     find /etc/php/*/fpm/pool.d/ -name "*.conf" -type f -exec grep -l "$OLDVAL" {} \; | xargs sed -i "s|$OLDVAL|$NEWVAL|g"

From f08de3d41ce0128c572ad2ec6697c4fdd99b48d6 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 9 May 2020 21:12:16 +0200
Subject: [PATCH 0953/2300] safe adding ALLOW_BACKUP_ANYTIME to vesta.conf

---
 src/deb/vesta/postinst | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index 364574b5..91047359 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -46,6 +46,7 @@ if [ ! -f "/usr/local/vesta/data/upgrades/allow-backup-anytime" ]; then
     touch /usr/local/vesta/data/upgrades/allow-backup-anytime
     check_grep=$(grep -c 'ALLOW_BACKUP_ANYTIME' /usr/local/vesta/conf/vesta.conf)
     if [ "$check_grep" -eq 0 ]; then
+        echo "" >> /usr/local/vesta/conf/vesta.conf
         echo "ALLOW_BACKUP_ANYTIME='yes'" >> /usr/local/vesta/conf/vesta.conf
     fi
 fi

From eaa56345da9db3791f9b84167589b385d3eb8d38 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 9 May 2020 22:51:46 +0200
Subject: [PATCH 0954/2300] limit req burst 7

---
 src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.tpl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.tpl b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.tpl
index b2c7d269..b77fc53b 100644
--- a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.tpl
+++ b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.tpl
@@ -5,7 +5,7 @@ server {
 
     location / {
         limit_conn addr 2;
-        limit_req zone=one burst=5;
+        limit_req zone=one burst=7;
         proxy_pass      http://%ip%:%web_port%;
     }
 

From e0c80f5f71cb40f266bd6a0cd19ca1ed789bf89e Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 9 May 2020 22:52:19 +0200
Subject: [PATCH 0955/2300] limit req burst 7

---
 src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.stpl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.stpl b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.stpl
index fd1f75d1..0a9d2b79 100644
--- a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.stpl
+++ b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.stpl
@@ -8,7 +8,7 @@ server {
 
     location / {
         limit_conn addr 2;
-        limit_req zone=one burst=5;
+        limit_req zone=one burst=7;
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 

From 054c32c1566516f1fa25381a88e448b7c98c9e12 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 9 May 2020 22:53:10 +0200
Subject: [PATCH 0956/2300] limit req burst 7

---
 .../for-download/tools/rate-limit-tpl/force-https-firewall.stpl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall.stpl b/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall.stpl
index 37161c2d..c60ea789 100644
--- a/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall.stpl
+++ b/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall.stpl
@@ -8,7 +8,7 @@ server {
 
     location / {
         limit_conn addr 2;
-        limit_req zone=one burst=5;
+        limit_req zone=one burst=7;
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 

From d8988540614d91d095928b8d451f1d18a28bdbb2 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 10 May 2020 00:48:36 +0200
Subject: [PATCH 0957/2300] Update install_rate_limit_tpl.sh

---
 .../tools/rate-limit-tpl/install_rate_limit_tpl.sh        | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh b/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh
index 483b54d4..8af03f14 100644
--- a/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh
+++ b/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh
@@ -1,5 +1,13 @@
 #!/bin/bash
 
+# This installer will install hosting-firewall.tpl (nginx template) that will:
+# + allow 1 http request per second per IP address (sent to your server, more precisely to your PHP-FPM)
+# + allow 2 parallel http connections per IP address (sent to your PHP-FPM)
+# + make burst (queue) for 7 additional http requests in the same second, but it will processed each request each second (so this will handle natural peaks that CMS can generate to itself)
+# + if client fills allowed queue , additional requests will be denied
+#
+# Generally, this nginx template will prevent bad bots to run hundreds parallel http requests against your site, which will probably cause denial-of-service on your server
+
 grepc=$(grep -c 'limit_conn_zone' /etc/nginx/nginx.conf)
 if [ "$grepc" -eq 0 ]; then
     sed -i 's|server_names_hash_bucket_size   512;|server_names_hash_bucket_size   512;\n    limit_conn_zone $binary_remote_addr zone=addr:10m;\n    limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s;\n    limit_conn_log_level error;\n    limit_req_log_level error;\n    limit_conn_status 429;\n    limit_req_status 429;|g' /etc/nginx/nginx.conf

From 10998e52e754d2cd402791a6fa891099b0c224fa Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 10 May 2020 02:19:49 +0200
Subject: [PATCH 0958/2300] Update README.md

---
 README.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/README.md b/README.md
index 3cb49b49..3548062c 100644
--- a/README.md
+++ b/README.md
@@ -13,6 +13,8 @@ Features
 
 + Support for Debian 10 (previous releases are also supported)
 
++ [nginx templates](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh) that can prevent denial-of-services
+
 + You can completely "lock" VestaCP so it can be accessed only via https://serverhost:8083/?MY-SECRET-URL
     + During installation you will be asked to choose a secret URL for your hosting panel
     + Literally no PHP scripts will be alive on your hosting panel (won't be able to get executed), unless you access the hosting panel with secret URL parameter. Thus, when it happens that, let's say, some zero-day exploit pops up - attackers won't be able to access it without knowing your secret URL. PHP scripts from VestaCP will be simply dead - no one will be able to interact with your panel unless they have the secret URL.

From 4b425d07968cf69656ab00fbc520b4c658bde09f Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 10 May 2020 03:23:06 +0200
Subject: [PATCH 0959/2300] Added useful tools on Homepage

---
 README.md | 22 +++++++++++++++++++++-
 1 file changed, 21 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 3548062c..43366089 100644
--- a/README.md
+++ b/README.md
@@ -13,7 +13,7 @@ Features
 
 + Support for Debian 10 (previous releases are also supported)
 
-+ [nginx templates](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh) that can prevent denial-of-services
++ [nginx templates](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh) that can prevent denial-of-services on your server
 
 + You can completely "lock" VestaCP so it can be accessed only via https://serverhost:8083/?MY-SECRET-URL
     + During installation you will be asked to choose a secret URL for your hosting panel
@@ -43,6 +43,26 @@ Features
     + With your own APT infrastructure you can take security of Vesta-installer infrastructure in your own hands. You will have full control of your Vesta code (this way you can rest assured that there's 0% chance that you'll install malicious packages from repositories that may get hacked)
     + Binaries that you compile are 100% compatible with official VestaCP from vestacp.com, so you can run official VestaCP code with your own binaries (in case you don't want the source code from this fork)
 
+Useful tools
+==================================================
+
++ [Script that will convert Vesta to myVesta](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/convert-vesta-to-myvesta.sh)
+
++ [Wordpress installer in one second](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/create_wp_https)
+
++ [Script for importing cPanel backups](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/cpanel-import.sh)
+
++ [Cloning script that will copy the whole site from one domain to another (sub)domain](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/v-clone-website)
+
++ [Script that will migrate your site from http to https, replacing http to https URLs in database](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/v-migrate-site-to-https)
+
++ [Script that will install multiple PHP versions on your server](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/multi-php-install.sh)
+
++ [Scrit that will insatall nginx templates that can prevent denial-of-services on your server](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh)
+
++ [Official Vesta Softaculous installer](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/install-softaculous.sh)
+
+
 How to install
 ----------------------------
 Download the installation script:

From 4ab1d9fd8e394ba3fb731d45fc5cc04f1a13a54d Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 10 May 2020 03:26:20 +0200
Subject: [PATCH 0960/2300] Update README.md

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 43366089..c6d0fb52 100644
--- a/README.md
+++ b/README.md
@@ -58,7 +58,7 @@ Useful tools
 
 + [Script that will install multiple PHP versions on your server](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/multi-php-install.sh)
 
-+ [Scrit that will insatall nginx templates that can prevent denial-of-services on your server](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh)
++ [Script that will insatall nginx templates that can prevent denial-of-services on your server](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh)
 
 + [Official Vesta Softaculous installer](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/install-softaculous.sh)
 

From 81f9a76e2b5d4187a82a86211f129c7081fd8fb0 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 10 May 2020 03:29:07 +0200
Subject: [PATCH 0961/2300] link to official vestacp

---
 README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index c6d0fb52..e3bc66bd 100644
--- a/README.md
+++ b/README.md
@@ -1,7 +1,7 @@
 MyVesta Control Panel
 ==================================================
 
-* MyVesta is a fork of VestaCP
+* MyVesta is a fork of [VestaCP](https://vestacp.com/)
 * Focused on security and stability
 * Therefore, only Debian is supported - keeping focus on only one eco-system - not wasting energy on compatibility with other Linux distributions
 * However, it will be always synchronized with official VestaCP commits
@@ -77,7 +77,7 @@ bash vst-install-debian.sh
 About VestaCP
 ==================================================
 
-* Vesta is an open source hosting control panel.
+* [Vesta](https://vestacp.com/) is an open source hosting control panel.
 * Vesta has a clean and focused interface without clutter.
 * Vesta has the latest of very innovative technologies.
 

From 8c1d3e4ccbd33022415068d1229a75b7ccd8aeff Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 10 May 2020 03:35:40 +0200
Subject: [PATCH 0962/2300] Update README.md

---
 README.md | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/README.md b/README.md
index e3bc66bd..99b577d9 100644
--- a/README.md
+++ b/README.md
@@ -11,11 +11,15 @@ MyVesta Control Panel
 Features
 ==================================================
 
-+ Support for Debian 10 (previous releases are also supported)
++ Support for Debian 10 (previous Debian releases are also supported)
 
 + [nginx templates](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh) that can prevent denial-of-services on your server
 
-+ You can completely "lock" VestaCP so it can be accessed only via https://serverhost:8083/?MY-SECRET-URL
++ [Support for multi-PHP versions](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/multi-php-install.sh)
+
++ You can limit the maximum number of sent emails (per hour) [per mail account](https://github.com/myvesta/vesta/blob/master/install/debian/10/exim/exim4.conf.template#L105-L106) and [per hosting account](https://github.com/myvesta/vesta/blob/master/install/debian/10/exim/exim4.conf.template#L65-L66), preventimg hijacking of email accounts and PHP malware scripts to send spam.
+
++ You can completely "lock" myVesta so it can be accessed only via https://serverhost:8083/?MY-SECRET-URL
     + During installation you will be asked to choose a secret URL for your hosting panel
     + Literally no PHP scripts will be alive on your hosting panel (won't be able to get executed), unless you access the hosting panel with secret URL parameter. Thus, when it happens that, let's say, some zero-day exploit pops up - attackers won't be able to access it without knowing your secret URL. PHP scripts from VestaCP will be simply dead - no one will be able to interact with your panel unless they have the secret URL.
     + You can see for yourself how this mechanism was built by looking at:
@@ -29,14 +33,10 @@ Features
 + Apache is fully switched to mpm_event mode, while PHP is running in PHP-FPM mode, which is the most stable PHP-stack solution
     + OPCache is turned on by default
 
-+ Support for multi-PHP versions - https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/multi-php-install.sh
-
 + Auto-generating LetsEncrypt SSL for server hostname (signed SSL for Vesta 8083 port, for dovecot (IMAP & POP3) and for Exim (SMTP))
 
 + You can change Vesta port during installation or later using one command line: **v-change-vesta-port [number]**
 
-+ You can limit the maximum number of sent emails (per hour) per mail account and per hosting account.
-
 + You can compile Vesta binaries by yourself - https://github.com/myvesta/vesta/blob/master/src/deb/vesta_compile.sh
     + You can even create your own APT repository in a minute
     + We are using latest nginx version for vesta-nginx package

From 45f173c09d99551ba3428c4748abffcc2bde6a5d Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 10 May 2020 03:43:26 +0200
Subject: [PATCH 0963/2300] Update README.md

---
 README.md | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 99b577d9..06fa1d86 100644
--- a/README.md
+++ b/README.md
@@ -17,7 +17,9 @@ Features
 
 + [Support for multi-PHP versions](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/multi-php-install.sh)
 
-+ You can limit the maximum number of sent emails (per hour) [per mail account](https://github.com/myvesta/vesta/blob/master/install/debian/10/exim/exim4.conf.template#L105-L106) and [per hosting account](https://github.com/myvesta/vesta/blob/master/install/debian/10/exim/exim4.conf.template#L65-L66), preventimg hijacking of email accounts and PHP malware scripts to send spam.
++ You can limit the maximum number of sent emails (per hour) [per mail account](https://github.com/myvesta/vesta/blob/master/install/debian/10/exim/exim4.conf.template#L105-L106) and [per hosting account](https://github.com/myvesta/vesta/blob/master/install/debian/10/exim/exim4.conf.template#L65-L66), preventimg hijacking of email accounts and preventing PHP malware scripts to send spam.
+
++ You can see [what PHP scripts are sending emails](https://github.com/myvesta/vesta/blob/master/install/debian/10/php/php7.3-dedi.patch#L50), when and to whom
 
 + You can completely "lock" myVesta so it can be accessed only via https://serverhost:8083/?MY-SECRET-URL
     + During installation you will be asked to choose a secret URL for your hosting panel
@@ -28,7 +30,7 @@ Features
     + If you didn't set the secret URL during installation, you can do it anytime. Just execute in shell:
     + `echo " /usr/local/vesta/web/inc/login_url.php`
 
-+ We disabled dangerous PHP functions in php.ini, so even if, for example, your customer's CMS gets compromised, hacker will not be able to execute shell scripts from within PHP.
++ We [disabled dangerous PHP functions](https://github.com/myvesta/vesta/blob/master/install/debian/10/php/php7.3-dedi.patch#L9) in php.ini, so even if, for example, your customer's CMS gets compromised, hacker will not be able to execute shell scripts from within PHP.
 
 + Apache is fully switched to mpm_event mode, while PHP is running in PHP-FPM mode, which is the most stable PHP-stack solution
     + OPCache is turned on by default

From 9525acdd7ff4774748de566aa5fb458da63692e7 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 10 May 2020 03:49:05 +0200
Subject: [PATCH 0964/2300] Update README.md

---
 README.md | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/README.md b/README.md
index 06fa1d86..ac2c29db 100644
--- a/README.md
+++ b/README.md
@@ -1,19 +1,19 @@
-MyVesta Control Panel
+myVesta Control Panel
 ==================================================
 
-* MyVesta is a fork of [VestaCP](https://vestacp.com/)
+* myVesta is a fork of [VestaCP](https://vestacp.com/)
 * Focused on security and stability
 * Therefore, only Debian is supported - keeping focus on only one eco-system - not wasting energy on compatibility with other Linux distributions
 * However, it will be always synchronized with official VestaCP commits
-* VestaCP commercial plugins will be only available for purchase on official vestacp.com website - we will NOT take their earnings, since we are not making this fork for monetary reasons. Instead, we are doing this with open source in mind - to enhance security and to build new features, without being interlocked with official VestaCP release cycles, and without affecting or heavily diverting from the VestaCP's planned development milestones
-* With previous in mind, all features that are built for this fork (MyVesta), will be offered to official VestaCP, via pull requests
+* VestaCP commercial plugins will be only available for purchase on official [vestacp.com](https://vestacp.com/) website - we will NOT take their earnings, since we are not making this fork for monetary reasons. Instead, we are doing this with open source in mind - to enhance security and to build new features, without being interlocked with official VestaCP release cycles, and without affecting or heavily diverting from the VestaCP's planned development milestones
+* With previous in mind, all features that are built for this fork (myVesta), will be offered to official VestaCP, via pull requests
 
-Features
+Features of myVesta
 ==================================================
 
 + Support for Debian 10 (previous Debian releases are also supported)
 
-+ [nginx templates](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh) that can prevent denial-of-services on your server
++ [nginx templates](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh) that can prevent denial-of-service on your server
 
 + [Support for multi-PHP versions](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/multi-php-install.sh)
 
@@ -52,7 +52,7 @@ Useful tools
 
 + [Wordpress installer in one second](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/create_wp_https)
 
-+ [Script for importing cPanel backups](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/cpanel-import.sh)
++ [Script for importing cPanel backups to Vesta](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/cpanel-import.sh)
 
 + [Cloning script that will copy the whole site from one domain to another (sub)domain](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/v-clone-website)
 
@@ -60,7 +60,7 @@ Useful tools
 
 + [Script that will install multiple PHP versions on your server](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/multi-php-install.sh)
 
-+ [Script that will insatall nginx templates that can prevent denial-of-services on your server](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh)
++ [Script that will insatall nginx templates that can prevent denial-of-service on your server](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh)
 
 + [Official Vesta Softaculous installer](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/install-softaculous.sh)
 

From 060dfee2bd584f3b1fb8d1a0fe81ade4a428c4d7 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 10 May 2020 18:58:16 +0200
Subject: [PATCH 0965/2300] timeout 10 sec for apache2 status

---
 bin/v-list-sys-web-status | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/bin/v-list-sys-web-status b/bin/v-list-sys-web-status
index aaa33e4c..a380deff 100755
--- a/bin/v-list-sys-web-status
+++ b/bin/v-list-sys-web-status
@@ -28,17 +28,17 @@ fi
 # Displaying proxy status
 if [ "$PROXY_SYSTEM" = 'nginx' ]; then
     echo "$PROXY_SYSTEM STATUS"| tr '[:lower:]' '[:upper:]'
-    curl -fsSL --max-time 3 http://localhost:8084/
+    curl -fsSL --max-time 10 http://localhost:8084/
     echo "


"
 fi
 
 # Displaying web server status
 echo "$WEB_SYSTEM STATUS"| tr '[:lower:]' '[:upper:]'
 if [ "$WEB_SYSTEM" != 'nginx' ]; then
-    curl -fsSL --max-time 3 http://localhost:8081/server-status/ |\
+    curl -fsSL --max-time 10 http://localhost:8081/server-status/ |\
         egrep -v "html|DOCTYPE|h1>|title|head"
 else
-    curl -fsSL --max-time 3 http://localhost:8084/
+    curl -fsSL --max-time 10 http://localhost:8084/
 fi
 
 

From 5987766e19ed49668b706b256927998a285faed6 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 11 May 2020 20:12:59 +0200
Subject: [PATCH 0966/2300] nodelay 3 ratelimit tpl

---
 src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.tpl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.tpl b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.tpl
index b77fc53b..1441a6a9 100644
--- a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.tpl
+++ b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.tpl
@@ -5,7 +5,7 @@ server {
 
     location / {
         limit_conn addr 2;
-        limit_req zone=one burst=7;
+        limit_req zone=one burst=7 delay=3;
         proxy_pass      http://%ip%:%web_port%;
     }
 

From e39f05d16590798501a4fe1723839b7b1710469e Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 11 May 2020 20:13:41 +0200
Subject: [PATCH 0967/2300] nodelay 3 ratelimit tpl

---
 src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.stpl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.stpl b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.stpl
index 0a9d2b79..a5d163e3 100644
--- a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.stpl
+++ b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.stpl
@@ -8,7 +8,7 @@ server {
 
     location / {
         limit_conn addr 2;
-        limit_req zone=one burst=7;
+        limit_req zone=one burst=7 delay=3;
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 

From 4526333fc9819389b46e37b33a4a0023f21ba92b Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 11 May 2020 20:15:17 +0200
Subject: [PATCH 0968/2300] nodelay 3 ratelimit tpl

---
 .../for-download/tools/rate-limit-tpl/force-https-firewall.stpl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall.stpl b/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall.stpl
index c60ea789..dbb239fb 100644
--- a/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall.stpl
+++ b/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall.stpl
@@ -8,7 +8,7 @@ server {
 
     location / {
         limit_conn addr 2;
-        limit_req zone=one burst=7;
+        limit_req zone=one burst=7 delay=3;
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 

From f05ff062d89e0a4d649f6cf47996c475036af8ff Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 11 May 2020 20:21:12 +0200
Subject: [PATCH 0969/2300] rate limit new definition

---
 .../tools/rate-limit-tpl/install_rate_limit_tpl.sh          | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh b/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh
index 8af03f14..e58c405f 100644
--- a/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh
+++ b/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh
@@ -3,10 +3,10 @@
 # This installer will install hosting-firewall.tpl (nginx template) that will:
 # + allow 1 http request per second per IP address (sent to your server, more precisely to your PHP-FPM)
 # + allow 2 parallel http connections per IP address (sent to your PHP-FPM)
-# + make burst (queue) for 7 additional http requests in the same second, but it will processed each request each second (so this will handle natural peaks that CMS can generate to itself)
-# + if client fills allowed queue , additional requests will be denied
+# + make burst (queue) for 7 additional http requests in the same second, first 3 will be processed immediately, 4 others will processed each request each second (so this will handle natural peaks that CMS can generate to itself)
+# + if client fills allowed queue, additional requests will be denied
 #
-# Generally, this nginx template will prevent bad bots to run hundreds parallel http requests against your site, which will probably cause denial-of-service on your server
+# Generally, this nginx template will prevent bad bots to run hundreds parallel http requests against your site, which will probably cause denial-of-service on your server.
 
 grepc=$(grep -c 'limit_conn_zone' /etc/nginx/nginx.conf)
 if [ "$grepc" -eq 0 ]; then

From 4020770fdf7c9a02a508b7bd039c74963123ca98 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 12 May 2020 14:41:46 +0200
Subject: [PATCH 0970/2300] Update install_rate_limit_tpl.sh

---
 .../for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh b/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh
index e58c405f..5062158b 100644
--- a/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh
+++ b/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh
@@ -3,7 +3,7 @@
 # This installer will install hosting-firewall.tpl (nginx template) that will:
 # + allow 1 http request per second per IP address (sent to your server, more precisely to your PHP-FPM)
 # + allow 2 parallel http connections per IP address (sent to your PHP-FPM)
-# + make burst (queue) for 7 additional http requests in the same second, first 3 will be processed immediately, 4 others will processed each request each second (so this will handle natural peaks that CMS can generate to itself)
+# + allow burst for 7 additional http requests (they will enter queue), first 3 will be processed immediately, 4 others will processed each request each second (so this will handle natural peaks that CMS can generate to itself)
 # + if client fills allowed queue, additional requests will be denied
 #
 # Generally, this nginx template will prevent bad bots to run hundreds parallel http requests against your site, which will probably cause denial-of-service on your server.

From 1e89aae6a9919c5a2a9c89f59da75c1f3ae45a06 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 12 May 2020 19:20:37 +0200
Subject: [PATCH 0971/2300] typo fix

---
 README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index ac2c29db..f0c35131 100644
--- a/README.md
+++ b/README.md
@@ -17,13 +17,13 @@ Features of myVesta
 
 + [Support for multi-PHP versions](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/multi-php-install.sh)
 
-+ You can limit the maximum number of sent emails (per hour) [per mail account](https://github.com/myvesta/vesta/blob/master/install/debian/10/exim/exim4.conf.template#L105-L106) and [per hosting account](https://github.com/myvesta/vesta/blob/master/install/debian/10/exim/exim4.conf.template#L65-L66), preventimg hijacking of email accounts and preventing PHP malware scripts to send spam.
++ You can limit the maximum number of sent emails (per hour) [per mail account](https://github.com/myvesta/vesta/blob/master/install/debian/10/exim/exim4.conf.template#L105-L106) and [per hosting account](https://github.com/myvesta/vesta/blob/master/install/debian/10/exim/exim4.conf.template#L65-L66), preventing hijacking of email accounts and preventing PHP malware scripts to send spam.
 
 + You can see [what PHP scripts are sending emails](https://github.com/myvesta/vesta/blob/master/install/debian/10/php/php7.3-dedi.patch#L50), when and to whom
 
 + You can completely "lock" myVesta so it can be accessed only via https://serverhost:8083/?MY-SECRET-URL
     + During installation you will be asked to choose a secret URL for your hosting panel
-    + Literally no PHP scripts will be alive on your hosting panel (won't be able to get executed), unless you access the hosting panel with secret URL parameter. Thus, when it happens that, let's say, some zero-day exploit pops up - attackers won't be able to access it without knowing your secret URL. PHP scripts from VestaCP will be simply dead - no one will be able to interact with your panel unless they have the secret URL.
+    + Literally no PHP scripts will be alive on your hosting panel (won't be able to get executed), unless you access the hosting panel with secret URL parameter. Thus, when it happens that, let's say, some zero-day exploit pops up - attackers won't be able to access it without knowing your secret URL - PHP scripts from VestaCP will be simply dead - no one will be able to interact with your panel unless they have the secret URL.
     + You can see for yourself how this mechanism was built by looking at:
       + https://github.com/myvesta/vesta/blob/master/src/deb/for-download/php/php.ini#L496
       + https://github.com/myvesta/vesta/blob/master/web/inc/secure_login.php

From 9383736acce4334d824e03078e91f9d902c0f76a Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 14 May 2020 14:29:32 +0200
Subject: [PATCH 0972/2300] Update README.md

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index f0c35131..a3c2668d 100644
--- a/README.md
+++ b/README.md
@@ -21,7 +21,7 @@ Features of myVesta
 
 + You can see [what PHP scripts are sending emails](https://github.com/myvesta/vesta/blob/master/install/debian/10/php/php7.3-dedi.patch#L50), when and to whom
 
-+ You can completely "lock" myVesta so it can be accessed only via https://serverhost:8083/?MY-SECRET-URL
++ You can completely "lock" myVesta so it can be accessed only via **secret URL**, for example https://serverhost:8083/?MY-SECRET-URL
     + During installation you will be asked to choose a secret URL for your hosting panel
     + Literally no PHP scripts will be alive on your hosting panel (won't be able to get executed), unless you access the hosting panel with secret URL parameter. Thus, when it happens that, let's say, some zero-day exploit pops up - attackers won't be able to access it without knowing your secret URL - PHP scripts from VestaCP will be simply dead - no one will be able to interact with your panel unless they have the secret URL.
     + You can see for yourself how this mechanism was built by looking at:

From 559368818b3e17cc9a1155c42314701298eda968 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 14 May 2020 16:53:57 +0200
Subject: [PATCH 0973/2300] NOTIFY_ADMIN_FULL_BACKUP

---
 install/vst-install-debian.sh | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 7f4e692b..d6ea58dc 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1608,7 +1608,8 @@ if [ "$release" -eq 10 ]; then
     echo "=== Set max_length_of_MySQL_username=80"
 fi
 echo "MAX_DBUSER_LEN=80" >> $VESTA/conf/vesta.conf
-echo "ALLOW_BACKUP_ANYTIME='yes'" >> /usr/local/vesta/conf/vesta.conf
+echo "ALLOW_BACKUP_ANYTIME='yes'" >> $VESTA/conf/vesta.conf
+echo "NOTIFY_ADMIN_FULL_BACKUP='$email'" >> $VESTA/conf/vesta.conf
 echo "================================================================"
 
 # Removing old PHP sessions files

From f596022b80dbfa9747469a93c6c4703050fd83b5 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 15 May 2020 00:05:48 +0200
Subject: [PATCH 0974/2300] Allow quick restarting of nginx

It can occur if domain has many aliases, and acme-challenge should be added many times
---
 bin/v-restart-proxy | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/bin/v-restart-proxy b/bin/v-restart-proxy
index 5966ddd6..ca63c16d 100755
--- a/bin/v-restart-proxy
+++ b/bin/v-restart-proxy
@@ -80,7 +80,9 @@ else
 
   # Default behaviour
   # Restart system
-  service $PROXY_SYSTEM restart >/dev/null 2>&1
+  # service $PROXY_SYSTEM restart > /dev/null 2>&1
+  systemctl reset-failed $PROXY_SYSTEM
+  systemctl restart $PROXY_SYSTEM > /dev/null 2>&1
   if [ $? -ne 0 ]; then
       send_email_report
       check_result $E_RESTART "$PROXY_SYSTEM restart failed"

From bc3cdc89c081da82c1999fca68bf09657b9005b0 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 15 May 2020 00:11:20 +0200
Subject: [PATCH 0975/2300] version 0.9.8-26-16

---
 src/deb/latest.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/latest.txt b/src/deb/latest.txt
index 908986e0..76272ba2 100644
--- a/src/deb/latest.txt
+++ b/src/deb/latest.txt
@@ -1 +1 @@
-vesta-0.9.8-26-15
+vesta-0.9.8-26-16

From 516701cc26e9a7a28448fdcd2464431e7abfd7ca Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 15 May 2020 13:57:15 +0200
Subject: [PATCH 0976/2300] mail_max_userip_connections = 50

---
 install/debian/10/dovecot/conf.d/20-imap.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/debian/10/dovecot/conf.d/20-imap.conf b/install/debian/10/dovecot/conf.d/20-imap.conf
index 1a459f8e..4f6e058b 100644
--- a/install/debian/10/dovecot/conf.d/20-imap.conf
+++ b/install/debian/10/dovecot/conf.d/20-imap.conf
@@ -10,7 +10,7 @@ protocol imap {
 
   # Maximum number of IMAP connections allowed for a user from each IP address.
   # NOTE: The username is compared case-sensitively.
-  #mail_max_userip_connections = 10
+  mail_max_userip_connections = 50
 
   # Space separated list of plugins to load (default is global mail_plugins).
   #mail_plugins = $mail_plugins

From 6ffb2637af491f35139402b056d282858fdfddbe Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 15 May 2020 13:58:02 +0200
Subject: [PATCH 0977/2300] mail_max_userip_connections = 50

---
 install/debian/10/dovecot/conf.d/20-pop3.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/debian/10/dovecot/conf.d/20-pop3.conf b/install/debian/10/dovecot/conf.d/20-pop3.conf
index a3a43b88..8c376996 100644
--- a/install/debian/10/dovecot/conf.d/20-pop3.conf
+++ b/install/debian/10/dovecot/conf.d/20-pop3.conf
@@ -74,7 +74,7 @@ protocol pop3 {
 
   # Maximum number of POP3 connections allowed for a user from each IP address.
   # NOTE: The username is compared case-sensitively.
-  #mail_max_userip_connections = 10
+  mail_max_userip_connections = 50
 
   # Space separated list of plugins to load (default is global mail_plugins).
   #mail_plugins = $mail_plugins

From 3986d4ec15278bbd3a9f28b8f38b49e8a3294ccf Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 15 May 2020 19:31:22 +0200
Subject: [PATCH 0978/2300] clamav sock in installer

---
 install/vst-install-debian.sh | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index d6ea58dc..e29e1d84 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1211,8 +1211,6 @@ if [ "$clamd" = 'yes' ]; then
     gpasswd -a clamav Debian-exim
     cp -f $vestacp/clamav/clamd.conf /etc/clamav/
     mkdir -p /var/lib/clamav
-    touch /var/lib/clamav/clamd.sock
-    chown clamav:clamav /var/lib/clamav/clamd.sock
     /usr/bin/freshclam
     update-rc.d clamav-daemon defaults
     if [ ! -d "/var/run/clamav" ]; then
@@ -1222,8 +1220,7 @@ if [ "$clamd" = 'yes' ]; then
     if [ -e "/lib/systemd/system/clamav-daemon.service" ]; then
         exec_pre1='ExecStartPre=-/bin/mkdir -p /var/run/clamav'
         exec_pre2='ExecStartPre=-/bin/chown -R clamav:clamav /var/run/clamav'
-        sed -i "s|\[Service\]/|[Service]\n$exec_pre1\n$exec_pre2|g" \
-            /lib/systemd/system/clamav-daemon.service
+        sed -i "s|\[Service\]/|[Service]\n$exec_pre1\n$exec_pre2|g" /lib/systemd/system/clamav-daemon.service
         systemctl daemon-reload
     fi
     service clamav-daemon start

From 52eeff1b6a818d4b3031788af7639e8830caa5af Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 15 May 2020 19:44:34 +0200
Subject: [PATCH 0979/2300] fixed patch syntax for clamav sock

---
 install/vst-install-debian.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index e29e1d84..3ef544f0 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1220,7 +1220,7 @@ if [ "$clamd" = 'yes' ]; then
     if [ -e "/lib/systemd/system/clamav-daemon.service" ]; then
         exec_pre1='ExecStartPre=-/bin/mkdir -p /var/run/clamav'
         exec_pre2='ExecStartPre=-/bin/chown -R clamav:clamav /var/run/clamav'
-        sed -i "s|\[Service\]/|[Service]\n$exec_pre1\n$exec_pre2|g" /lib/systemd/system/clamav-daemon.service
+        sed -i "s|\[Service\]|[Service]\n$exec_pre1\n$exec_pre2|g" /lib/systemd/system/clamav-daemon.service
         systemctl daemon-reload
     fi
     service clamav-daemon start

From 3be351091603da3a5710255d070104eca57d6923 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 15 May 2020 19:50:59 +0200
Subject: [PATCH 0980/2300] clamav-daemon.service fix and clamav sock fix

---
 src/deb/vesta/postinst | 29 +++++++++++++++++++++--------
 1 file changed, 21 insertions(+), 8 deletions(-)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index 91047359..e2f64c33 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -76,20 +76,33 @@ if [ "$check_cron" -eq 0 ]; then
     crontab -l | { cat; echo "10 2 * * 6 sudo find /home/*/tmp/ -type f -mtime +5 -exec rm {} \;"; } | crontab -
 fi
 
-if [ ! -f "/usr/local/vesta/data/upgrades/change-clamav-socket" ]; then
-    touch /usr/local/vesta/data/upgrades/change-clamav-socket
-    check_grep=$(grep -c '/var/lib/clamav/clamd.sock' /etc/clamav/clamd.conf)
+# make sure clamav-daemon.service has mkdir fix
+if [ -f "/lib/systemd/system/clamav-daemon.service" ]; then
+    check_grep=$(grep -c 'mkdir' /lib/systemd/system/clamav-daemon.service)
     if [ "$check_grep" -eq 0 ]; then
-        touch /var/lib/clamav/clamd.sock
-        chown clamav:clamav /var/lib/clamav/clamd.sock
-        sed -i "s#/var/run/clamav/clamd.ctl#/var/lib/clamav/clamd.sock#g" /etc/clamav/clamd.conf
-        sed -i "s#/var/run/clamav/clamd.ctl#/var/lib/clamav/clamd.sock#g" /etc/exim4/exim4.conf.template
+        echo "=== patching clamav-daemon.service"
+        exec_pre1='ExecStartPre=-/bin/mkdir -p /var/run/clamav'
+        exec_pre2='ExecStartPre=-/bin/chown -R clamav:clamav /var/run/clamav'
+        sed -i "s|\[Service\]|[Service]\n$exec_pre1\n$exec_pre2|g" /lib/systemd/system/clamav-daemon.service
+        systemctl daemon-reload
         systemctl restart clamav-daemon
         systemctl restart clamav-freshclam
-        systemctl restart exim4
     fi
 fi
 
+# reverting to default clamd sock
+if [ ! -f "/usr/local/vesta/data/upgrades/change-clamav-socket-v2" ]; then
+    touch /usr/local/vesta/data/upgrades/change-clamav-socket-v2
+    sed -i "s#/var/lib/clamav/clamd.sock#/var/run/clamav/clamd.ctl#g" /etc/clamav/clamd.conf
+    sed -i "s#/var/lib/clamav/clamd.sock#/var/run/clamav/clamd.ctl#g" /etc/exim4/exim4.conf.template
+    sed -i "s#/var/lib/clamav/clamd.sock#/var/run/clamav/clamd.ctl#g" /lib/systemd/system/clamav-daemon.socket
+    sed -i "s#=/run/clamav/clamd.ctl#=/var/run/clamav/clamd.ctl#g" /lib/systemd/system/clamav-daemon.socket
+    systemctl daemon-reload
+    systemctl restart clamav-daemon
+    systemctl restart clamav-freshclam
+    systemctl restart exim4
+fi
+
 # Run custom triggers
 if [ -x "/root/vesta-patch.sh" ]; then
     /root/vesta-patch.sh

From 6b457ee087c4a0b051e7d841c19998db1ca19cf3 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 15 May 2020 19:52:10 +0200
Subject: [PATCH 0981/2300] version 0.9.8-26-17

---
 src/deb/latest.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/latest.txt b/src/deb/latest.txt
index 76272ba2..8f809dc6 100644
--- a/src/deb/latest.txt
+++ b/src/deb/latest.txt
@@ -1 +1 @@
-vesta-0.9.8-26-16
+vesta-0.9.8-26-17

From d9b8330de89bf19da6f37597f5dbad8543c49b94 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 15 May 2020 20:00:50 +0200
Subject: [PATCH 0982/2300] leave default clamav socket path

---
 src/deb/vesta/postinst | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index e2f64c33..b04b2350 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -95,8 +95,8 @@ if [ ! -f "/usr/local/vesta/data/upgrades/change-clamav-socket-v2" ]; then
     touch /usr/local/vesta/data/upgrades/change-clamav-socket-v2
     sed -i "s#/var/lib/clamav/clamd.sock#/var/run/clamav/clamd.ctl#g" /etc/clamav/clamd.conf
     sed -i "s#/var/lib/clamav/clamd.sock#/var/run/clamav/clamd.ctl#g" /etc/exim4/exim4.conf.template
-    sed -i "s#/var/lib/clamav/clamd.sock#/var/run/clamav/clamd.ctl#g" /lib/systemd/system/clamav-daemon.socket
-    sed -i "s#=/run/clamav/clamd.ctl#=/var/run/clamav/clamd.ctl#g" /lib/systemd/system/clamav-daemon.socket
+    sed -i "s#/var/lib/clamav/clamd.sock#/run/clamav/clamd.ctl#g" /lib/systemd/system/clamav-daemon.socket
+    # sed -i "s#=/run/clamav/clamd.ctl#=/var/run/clamav/clamd.ctl#g" /lib/systemd/system/clamav-daemon.socket
     systemctl daemon-reload
     systemctl restart clamav-daemon
     systemctl restart clamav-freshclam

From 9f16db443162e17bc5069c96ee606907197ec139 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 15 May 2020 20:04:06 +0200
Subject: [PATCH 0983/2300] check if clamav-daemon.socket exist

---
 src/deb/vesta/postinst | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index b04b2350..ab850303 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -95,8 +95,9 @@ if [ ! -f "/usr/local/vesta/data/upgrades/change-clamav-socket-v2" ]; then
     touch /usr/local/vesta/data/upgrades/change-clamav-socket-v2
     sed -i "s#/var/lib/clamav/clamd.sock#/var/run/clamav/clamd.ctl#g" /etc/clamav/clamd.conf
     sed -i "s#/var/lib/clamav/clamd.sock#/var/run/clamav/clamd.ctl#g" /etc/exim4/exim4.conf.template
-    sed -i "s#/var/lib/clamav/clamd.sock#/run/clamav/clamd.ctl#g" /lib/systemd/system/clamav-daemon.socket
-    # sed -i "s#=/run/clamav/clamd.ctl#=/var/run/clamav/clamd.ctl#g" /lib/systemd/system/clamav-daemon.socket
+    if [ -f "/lib/systemd/system/clamav-daemon.socket" ]; then
+        sed -i "s#/var/lib/clamav/clamd.sock#/run/clamav/clamd.ctl#g" /lib/systemd/system/clamav-daemon.socket
+    fi
     systemctl daemon-reload
     systemctl restart clamav-daemon
     systemctl restart clamav-freshclam

From 53d6f2a1eafcd591635de9241647b2e8f713266b Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 15 May 2020 20:28:24 +0200
Subject: [PATCH 0984/2300] fixing NS parameters in v-add-dns-on-web-alias

---
 bin/v-add-dns-on-web-alias | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-add-dns-on-web-alias b/bin/v-add-dns-on-web-alias
index a6a7272c..705594f3 100755
--- a/bin/v-add-dns-on-web-alias
+++ b/bin/v-add-dns-on-web-alias
@@ -55,7 +55,7 @@ if [ "$domain_lvl" -eq 1 ] || [ "${#top_domain}" -le '6' ]; then
 fi
 
 # Adding top-level domain and then its sub
-$BIN/v-add-dns-domain $user $top_domain $ip '' '' '' '' '' $restart >> /dev/null
+$BIN/v-add-dns-domain $user $top_domain $ip '' '' '' '' '' '' '' '' $restart >> /dev/null
 
 # Checking top-level domain
 if [ ! -e "$USER_DATA/dns/$top_domain.conf" ]; then

From d4ffb91f098bf94f13f20dc2863825589d5eec84 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 15 May 2020 20:33:23 +0200
Subject: [PATCH 0985/2300] version 0.9.8-26-18

---
 src/deb/latest.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/latest.txt b/src/deb/latest.txt
index 8f809dc6..aa183727 100644
--- a/src/deb/latest.txt
+++ b/src/deb/latest.txt
@@ -1 +1 @@
-vesta-0.9.8-26-17
+vesta-0.9.8-26-18

From 591369f9b48dcf55c05843c6b606ad6a8f65aacf Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 15 May 2020 20:46:45 +0200
Subject: [PATCH 0986/2300] checking if clamd.conf exists

---
 src/deb/vesta/postinst | 22 ++++++++++++++--------
 1 file changed, 14 insertions(+), 8 deletions(-)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index ab850303..28c44d9c 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -93,15 +93,21 @@ fi
 # reverting to default clamd sock
 if [ ! -f "/usr/local/vesta/data/upgrades/change-clamav-socket-v2" ]; then
     touch /usr/local/vesta/data/upgrades/change-clamav-socket-v2
-    sed -i "s#/var/lib/clamav/clamd.sock#/var/run/clamav/clamd.ctl#g" /etc/clamav/clamd.conf
-    sed -i "s#/var/lib/clamav/clamd.sock#/var/run/clamav/clamd.ctl#g" /etc/exim4/exim4.conf.template
-    if [ -f "/lib/systemd/system/clamav-daemon.socket" ]; then
-        sed -i "s#/var/lib/clamav/clamd.sock#/run/clamav/clamd.ctl#g" /lib/systemd/system/clamav-daemon.socket
+    if [ -f "/etc/clamav/clamd.conf" ]; then
+        sed -i "s#/var/lib/clamav/clamd.sock#/var/run/clamav/clamd.ctl#g" /etc/clamav/clamd.conf
+        if [ -f "/etc/exim4/exim4.conf.template" ]; then
+            sed -i "s#/var/lib/clamav/clamd.sock#/var/run/clamav/clamd.ctl#g" /etc/exim4/exim4.conf.template
+        fi
+        if [ -f "/lib/systemd/system/clamav-daemon.socket" ]; then
+            sed -i "s#/var/lib/clamav/clamd.sock#/run/clamav/clamd.ctl#g" /lib/systemd/system/clamav-daemon.socket
+        fi
+        systemctl daemon-reload
+        systemctl restart clamav-daemon
+        systemctl restart clamav-freshclam
+        if [ -f "/etc/exim4/exim4.conf.template" ]; then
+            systemctl restart exim4
+        fi
     fi
-    systemctl daemon-reload
-    systemctl restart clamav-daemon
-    systemctl restart clamav-freshclam
-    systemctl restart exim4
 fi
 
 # Run custom triggers

From ec879438527ef95a629927d55b3a8d5e6620852f Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 15 May 2020 21:59:26 +0200
Subject: [PATCH 0987/2300] Dont match subdomains while restoring domain

---
 bin/v-restore-user | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-restore-user b/bin/v-restore-user
index a0ce7f2d..4816fde8 100755
--- a/bin/v-restore-user
+++ b/bin/v-restore-user
@@ -289,7 +289,7 @@ if [ "$web" != 'no' ] && [ ! -z "$WEB_SYSTEM" ]; then
     if [ -z "$web" ] || [ "$web" = '*' ]; then
         domains="$backup_domains"
     else
-        echo "$web" |tr ',' '\n' > $tmpdir/selected.txt
+        echo "$web" | tr ',' '\n' | sed -e "s/^/^/" > $tmpdir/selected.txt
         domains=$(echo "$backup_domains" |egrep -f $tmpdir/selected.txt)
     fi
 

From a3ba9f3c8481d131a977d5bd0305146d66225009 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 15 May 2020 22:00:44 +0200
Subject: [PATCH 0988/2300] version 0.9.8-26-19

---
 src/deb/latest.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/latest.txt b/src/deb/latest.txt
index aa183727..617d5954 100644
--- a/src/deb/latest.txt
+++ b/src/deb/latest.txt
@@ -1 +1 @@
-vesta-0.9.8-26-18
+vesta-0.9.8-26-19

From c7859f100dd7990c340b95212413c4c8b1e91f2c Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 21 May 2020 23:29:19 +0200
Subject: [PATCH 0989/2300] rate limit zone 1mb instead of 10mb

---
 .../for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh b/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh
index 5062158b..787bc94c 100644
--- a/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh
+++ b/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh
@@ -10,7 +10,7 @@
 
 grepc=$(grep -c 'limit_conn_zone' /etc/nginx/nginx.conf)
 if [ "$grepc" -eq 0 ]; then
-    sed -i 's|server_names_hash_bucket_size   512;|server_names_hash_bucket_size   512;\n    limit_conn_zone $binary_remote_addr zone=addr:10m;\n    limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s;\n    limit_conn_log_level error;\n    limit_req_log_level error;\n    limit_conn_status 429;\n    limit_req_status 429;|g' /etc/nginx/nginx.conf
+    sed -i 's|server_names_hash_bucket_size   512;|server_names_hash_bucket_size   512;\n    limit_conn_zone $binary_remote_addr zone=addr:1m;\n    limit_req_zone $binary_remote_addr zone=one:1m rate=1r/s;\n    limit_conn_log_level error;\n    limit_req_log_level error;\n    limit_conn_status 429;\n    limit_req_status 429;|g' /etc/nginx/nginx.conf
     echo "=== Added rate_limit to nginx.conf"
 fi
 

From e71af87d699988ccdc281b382f636250ab2f4f77 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 21 May 2020 23:33:31 +0200
Subject: [PATCH 0990/2300] second rate limit zone for 2 req/sec

---
 .../for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh b/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh
index 787bc94c..b626cb5a 100644
--- a/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh
+++ b/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh
@@ -10,7 +10,7 @@
 
 grepc=$(grep -c 'limit_conn_zone' /etc/nginx/nginx.conf)
 if [ "$grepc" -eq 0 ]; then
-    sed -i 's|server_names_hash_bucket_size   512;|server_names_hash_bucket_size   512;\n    limit_conn_zone $binary_remote_addr zone=addr:1m;\n    limit_req_zone $binary_remote_addr zone=one:1m rate=1r/s;\n    limit_conn_log_level error;\n    limit_req_log_level error;\n    limit_conn_status 429;\n    limit_req_status 429;|g' /etc/nginx/nginx.conf
+    sed -i 's|server_names_hash_bucket_size   512;|server_names_hash_bucket_size   512;\n    limit_conn_zone $binary_remote_addr zone=addr:1m;\n    limit_req_zone $binary_remote_addr zone=one:1m rate=1r/s;\n    limit_req_zone $binary_remote_addr zone=two:1m rate=2r/s;\n    limit_conn_log_level error;\n    limit_req_log_level error;\n    limit_conn_status 429;\n    limit_req_status 429;|g' /etc/nginx/nginx.conf
     echo "=== Added rate_limit to nginx.conf"
 fi
 

From 2540f7a16b8b64cc4fbb52349a2884dc6e625e4c Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 21 May 2020 23:44:33 +0200
Subject: [PATCH 0991/2300] Delete hosting-firewall.sh

not necessary file
---
 .../tools/rate-limit-tpl/hosting-firewall.sh          | 11 -----------
 1 file changed, 11 deletions(-)
 delete mode 100644 src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.sh

diff --git a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.sh b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.sh
deleted file mode 100644
index eeed37ef..00000000
--- a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.sh
+++ /dev/null
@@ -1,11 +0,0 @@
-#!/bin/bash
-# Changing public_html permission
-user="$1"
-domain="$2"
-ip="$3"
-home_dir="$4"
-docroot="$5"
-
-chmod 755 $docroot
-
-exit 0

From 9411e2f1df302631aa18422fa66bcb1886c4cc26 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 21 May 2020 23:48:01 +0200
Subject: [PATCH 0992/2300] nginx rate limit burst x2

---
 .../force-https-firewall-burst-2.stpl         | 41 +++++++++++++++++++
 .../force-https-firewall-burst-2.tpl          |  8 ++++
 .../hosting-firewall-burst-2.stpl             | 41 +++++++++++++++++++
 .../hosting-firewall-burst-2.tpl              | 38 +++++++++++++++++
 4 files changed, 128 insertions(+)
 create mode 100644 src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2.stpl
 create mode 100644 src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2.tpl
 create mode 100644 src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2.stpl
 create mode 100644 src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2.tpl

diff --git a/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2.stpl b/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2.stpl
new file mode 100644
index 00000000..ab527372
--- /dev/null
+++ b/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2.stpl
@@ -0,0 +1,41 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    # ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        limit_conn addr 3;
+        limit_req zone=one burst=14 delay=7;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~* ^.+\.(%proxy_extentions%)$ {
+        root           %sdocroot%;
+        access_log     /var/log/%web_system%/domains/%domain%.log combined;
+        access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+        expires        max;
+        # try_files      $uri @fallback;
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+    include %home%/%user%/conf/web/s%proxy_system%.%domain%.conf*;
+}
diff --git a/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2.tpl b/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2.tpl
new file mode 100644
index 00000000..851ac0dc
--- /dev/null
+++ b/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2.tpl
@@ -0,0 +1,8 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    location / {
+        rewrite ^(.*) https://%domain_idn%$1 permanent;
+    }
+include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+}
diff --git a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2.stpl b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2.stpl
new file mode 100644
index 00000000..24bf0c1f
--- /dev/null
+++ b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2.stpl
@@ -0,0 +1,41 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    # ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        limit_conn addr 3;
+        limit_req zone=one burst=14 delay=7;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~* ^.+\.(%proxy_extentions%)$ {
+        root           %sdocroot%;
+        access_log     /var/log/%web_system%/domains/%domain%.log combined;
+        access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+        expires        max;
+        # try_files      $uri @fallback;
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2.tpl b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2.tpl
new file mode 100644
index 00000000..3b382c15
--- /dev/null
+++ b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2.tpl
@@ -0,0 +1,38 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        limit_conn addr 3;
+        limit_req zone=one burst=14 delay=7;
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~* ^.+\.(%proxy_extentions%)$ {
+        root           %docroot%;
+        access_log     /var/log/%web_system%/domains/%domain%.log combined;
+        access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+        expires        max;
+        # try_files      $uri @fallback;
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
+

From 6f78e9f1308ddd62b97a4ef62e66691856f6dc38 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 22 May 2020 00:02:01 +0200
Subject: [PATCH 0993/2300] burst x2 installer

---
 .../tools/rate-limit-tpl/install_rate_limit_tpl.sh         | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh b/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh
index b626cb5a..ac73de06 100644
--- a/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh
+++ b/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh
@@ -19,6 +19,11 @@ wget -nv -O /usr/local/vesta/data/templates/web/nginx/force-https-firewall.stpl
 wget -nv -O /usr/local/vesta/data/templates/web/nginx/hosting-firewall.tpl http://c.myvestacp.com/tools/rate-limit-tpl/hosting-firewall.tpl
 wget -nv -O /usr/local/vesta/data/templates/web/nginx/hosting-firewall.stpl http://c.myvestacp.com/tools/rate-limit-tpl/hosting-firewall.stpl
 wget -nv -O /usr/local/vesta/data/templates/web/nginx/hosting-firewall.sh http://c.myvestacp.com/tools/rate-limit-tpl/hosting-firewall.sh
-chmod a+x /usr/local/vesta/data/templates/web/nginx/hosting-firewall.sh
+
+wget -nv -O /usr/local/vesta/data/templates/web/nginx/force-https-firewall-burst-2.tpl http://c.myvestacp.com/tools/rate-limit-tpl/force-https-firewall-burst-2.tpl
+wget -nv -O /usr/local/vesta/data/templates/web/nginx/force-https-firewall-burst-2.stpl http://c.myvestacp.com/tools/rate-limit-tpl/force-https-firewall-burst-2.stpl
+wget -nv -O /usr/local/vesta/data/templates/web/nginx/hosting-firewall-burst-2.tpl http://c.myvestacp.com/tools/rate-limit-tpl/hosting-firewall-burst-2.tpl
+wget -nv -O /usr/local/vesta/data/templates/web/nginx/hosting-firewall-burst-2.stpl http://c.myvestacp.com/tools/rate-limit-tpl/hosting-firewall-burst-2.stpl
+wget -nv -O /usr/local/vesta/data/templates/web/nginx/hosting-firewall-burst-2.sh http://c.myvestacp.com/tools/rate-limit-tpl/hosting-firewall-burst-2.sh
 
 service nginx restart

From 761190755b32ce9d842c3d984d659877f85aa71b Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 22 May 2020 00:03:27 +0200
Subject: [PATCH 0994/2300] nginx rate limit templates, burst x2, speed x2

---
 .../force-https-firewall-burst-2-speed-2.stpl | 41 +++++++++++++++++++
 .../force-https-firewall-burst-2-speed-2.tpl  |  8 ++++
 .../hosting-firewall-burst-2-speed-2.stpl     | 41 +++++++++++++++++++
 .../hosting-firewall-burst-2-speed-2.tpl      | 38 +++++++++++++++++
 4 files changed, 128 insertions(+)
 create mode 100644 src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2.stpl
 create mode 100644 src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2.tpl
 create mode 100644 src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2.stpl
 create mode 100644 src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2.tpl

diff --git a/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2.stpl b/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2.stpl
new file mode 100644
index 00000000..6d4250ff
--- /dev/null
+++ b/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2.stpl
@@ -0,0 +1,41 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    # ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        limit_conn addr 4;
+        limit_req zone=two burst=14 delay=7;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~* ^.+\.(%proxy_extentions%)$ {
+        root           %sdocroot%;
+        access_log     /var/log/%web_system%/domains/%domain%.log combined;
+        access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+        expires        max;
+        # try_files      $uri @fallback;
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+    include %home%/%user%/conf/web/s%proxy_system%.%domain%.conf*;
+}
diff --git a/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2.tpl b/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2.tpl
new file mode 100644
index 00000000..851ac0dc
--- /dev/null
+++ b/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2.tpl
@@ -0,0 +1,8 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    location / {
+        rewrite ^(.*) https://%domain_idn%$1 permanent;
+    }
+include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+}
diff --git a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2.stpl b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2.stpl
new file mode 100644
index 00000000..4318c814
--- /dev/null
+++ b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2.stpl
@@ -0,0 +1,41 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    # ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        limit_conn addr 4;
+        limit_req zone=two burst=14 delay=7;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~* ^.+\.(%proxy_extentions%)$ {
+        root           %sdocroot%;
+        access_log     /var/log/%web_system%/domains/%domain%.log combined;
+        access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+        expires        max;
+        # try_files      $uri @fallback;
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2.tpl b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2.tpl
new file mode 100644
index 00000000..d09c841b
--- /dev/null
+++ b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2.tpl
@@ -0,0 +1,38 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        limit_conn addr 4;
+        limit_req zone=two burst=14 delay=7;
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~* ^.+\.(%proxy_extentions%)$ {
+        root           %docroot%;
+        access_log     /var/log/%web_system%/domains/%domain%.log combined;
+        access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+        expires        max;
+        # try_files      $uri @fallback;
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
+

From 5a87c64eaa566b58b28b62e4713cab1598326f8c Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 22 May 2020 00:25:13 +0200
Subject: [PATCH 0995/2300] nginx rate limit burst x2 and speed x2 installer +
 fix

---
 .../rate-limit-tpl/install_rate_limit_tpl.sh  | 24 +++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh b/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh
index ac73de06..e97530f3 100644
--- a/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh
+++ b/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh
@@ -14,6 +14,24 @@ if [ "$grepc" -eq 0 ]; then
     echo "=== Added rate_limit to nginx.conf"
 fi
 
+grepc=$(grep -c 'zone=addr:10m' /etc/nginx/nginx.conf)
+if [ "$grepc" -eq 1 ]; then
+    sed -i 's|zone=addr:10m|zone=addr:1m|g' /etc/nginx/nginx.conf
+    echo "=== Decrease addr zone to 1mb to nginx.conf"
+fi
+
+grepc=$(grep -c 'zone=one:10m' /etc/nginx/nginx.conf)
+if [ "$grepc" -eq 1 ]; then
+    sed -i 's|zone=one:10m|zone=one:1m|g' /etc/nginx/nginx.conf
+    echo "=== Decrease one zone to 1mb to nginx.conf"
+fi
+
+grepc=$(grep -c 'zone=two' /etc/nginx/nginx.conf)
+if [ "$grepc" -eq 0 ]; then
+    sed -i 's|zone=one:1m rate=1r/s;|zone=one:1m rate=1r/s;\n    limit_req_zone $binary_remote_addr zone=two:1m rate=2r/s;|g' /etc/nginx/nginx.conf
+    echo "=== Added rate_limit for 2 req/sec to nginx.conf"
+fi
+
 wget -nv -O /usr/local/vesta/data/templates/web/nginx/force-https-firewall.tpl http://c.myvestacp.com/tools/rate-limit-tpl/force-https-firewall.tpl
 wget -nv -O /usr/local/vesta/data/templates/web/nginx/force-https-firewall.stpl http://c.myvestacp.com/tools/rate-limit-tpl/force-https-firewall.stpl
 wget -nv -O /usr/local/vesta/data/templates/web/nginx/hosting-firewall.tpl http://c.myvestacp.com/tools/rate-limit-tpl/hosting-firewall.tpl
@@ -26,4 +44,10 @@ wget -nv -O /usr/local/vesta/data/templates/web/nginx/hosting-firewall-burst-2.t
 wget -nv -O /usr/local/vesta/data/templates/web/nginx/hosting-firewall-burst-2.stpl http://c.myvestacp.com/tools/rate-limit-tpl/hosting-firewall-burst-2.stpl
 wget -nv -O /usr/local/vesta/data/templates/web/nginx/hosting-firewall-burst-2.sh http://c.myvestacp.com/tools/rate-limit-tpl/hosting-firewall-burst-2.sh
 
+wget -nv -O /usr/local/vesta/data/templates/web/nginx/force-https-firewall-burst-2-speed-2.tpl http://c.myvestacp.com/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2.tpl
+wget -nv -O /usr/local/vesta/data/templates/web/nginx/force-https-firewall-burst-2-speed-2.stpl http://c.myvestacp.com/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2.stpl
+wget -nv -O /usr/local/vesta/data/templates/web/nginx/hosting-firewall-burst-2-speed-2.tpl http://c.myvestacp.com/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2.tpl
+wget -nv -O /usr/local/vesta/data/templates/web/nginx/hosting-firewall-burst-2-speed-2.stpl http://c.myvestacp.com/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2.stpl
+wget -nv -O /usr/local/vesta/data/templates/web/nginx/hosting-firewall-burst-2-speed-2.sh http://c.myvestacp.com/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2.sh
+
 service nginx restart

From 9d84a2c57c1f3773d131312768c10bee3f5f6105 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 22 May 2020 00:31:41 +0200
Subject: [PATCH 0996/2300] Removing unnecessary .sh in installer for nginx
 rate limit tpl

---
 .../tools/rate-limit-tpl/install_rate_limit_tpl.sh             | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh b/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh
index e97530f3..7077620c 100644
--- a/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh
+++ b/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh
@@ -36,18 +36,15 @@ wget -nv -O /usr/local/vesta/data/templates/web/nginx/force-https-firewall.tpl h
 wget -nv -O /usr/local/vesta/data/templates/web/nginx/force-https-firewall.stpl http://c.myvestacp.com/tools/rate-limit-tpl/force-https-firewall.stpl
 wget -nv -O /usr/local/vesta/data/templates/web/nginx/hosting-firewall.tpl http://c.myvestacp.com/tools/rate-limit-tpl/hosting-firewall.tpl
 wget -nv -O /usr/local/vesta/data/templates/web/nginx/hosting-firewall.stpl http://c.myvestacp.com/tools/rate-limit-tpl/hosting-firewall.stpl
-wget -nv -O /usr/local/vesta/data/templates/web/nginx/hosting-firewall.sh http://c.myvestacp.com/tools/rate-limit-tpl/hosting-firewall.sh
 
 wget -nv -O /usr/local/vesta/data/templates/web/nginx/force-https-firewall-burst-2.tpl http://c.myvestacp.com/tools/rate-limit-tpl/force-https-firewall-burst-2.tpl
 wget -nv -O /usr/local/vesta/data/templates/web/nginx/force-https-firewall-burst-2.stpl http://c.myvestacp.com/tools/rate-limit-tpl/force-https-firewall-burst-2.stpl
 wget -nv -O /usr/local/vesta/data/templates/web/nginx/hosting-firewall-burst-2.tpl http://c.myvestacp.com/tools/rate-limit-tpl/hosting-firewall-burst-2.tpl
 wget -nv -O /usr/local/vesta/data/templates/web/nginx/hosting-firewall-burst-2.stpl http://c.myvestacp.com/tools/rate-limit-tpl/hosting-firewall-burst-2.stpl
-wget -nv -O /usr/local/vesta/data/templates/web/nginx/hosting-firewall-burst-2.sh http://c.myvestacp.com/tools/rate-limit-tpl/hosting-firewall-burst-2.sh
 
 wget -nv -O /usr/local/vesta/data/templates/web/nginx/force-https-firewall-burst-2-speed-2.tpl http://c.myvestacp.com/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2.tpl
 wget -nv -O /usr/local/vesta/data/templates/web/nginx/force-https-firewall-burst-2-speed-2.stpl http://c.myvestacp.com/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2.stpl
 wget -nv -O /usr/local/vesta/data/templates/web/nginx/hosting-firewall-burst-2-speed-2.tpl http://c.myvestacp.com/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2.tpl
 wget -nv -O /usr/local/vesta/data/templates/web/nginx/hosting-firewall-burst-2-speed-2.stpl http://c.myvestacp.com/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2.stpl
-wget -nv -O /usr/local/vesta/data/templates/web/nginx/hosting-firewall-burst-2-speed-2.sh http://c.myvestacp.com/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2.sh
 
 service nginx restart

From 584f3e335325814f563bd8822041d33271d48c84 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 22 May 2020 15:50:15 +0200
Subject: [PATCH 0997/2300] nginx rate limit templates, burst x2, speed x2,
 conn x4

---
 ...https-firewall-burst-2-speed-2-conn-4.stpl | 41 +++++++++++++++++++
 ...-https-firewall-burst-2-speed-2-conn-4.tpl |  8 ++++
 ...sting-firewall-burst-2-speed-2-conn-4.stpl | 41 +++++++++++++++++++
 ...osting-firewall-burst-2-speed-2-conn-4.tpl | 38 +++++++++++++++++
 4 files changed, 128 insertions(+)
 create mode 100644 src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2-conn-4.stpl
 create mode 100644 src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2-conn-4.tpl
 create mode 100644 src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2-conn-4.stpl
 create mode 100644 src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2-conn-4.tpl

diff --git a/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2-conn-4.stpl b/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2-conn-4.stpl
new file mode 100644
index 00000000..2597eb7f
--- /dev/null
+++ b/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2-conn-4.stpl
@@ -0,0 +1,41 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    # ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        limit_conn addr 8;
+        limit_req zone=two burst=14 delay=7;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~* ^.+\.(%proxy_extentions%)$ {
+        root           %sdocroot%;
+        access_log     /var/log/%web_system%/domains/%domain%.log combined;
+        access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+        expires        max;
+        # try_files      $uri @fallback;
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+    include %home%/%user%/conf/web/s%proxy_system%.%domain%.conf*;
+}
diff --git a/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2-conn-4.tpl b/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2-conn-4.tpl
new file mode 100644
index 00000000..851ac0dc
--- /dev/null
+++ b/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2-conn-4.tpl
@@ -0,0 +1,8 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    location / {
+        rewrite ^(.*) https://%domain_idn%$1 permanent;
+    }
+include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+}
diff --git a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2-conn-4.stpl b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2-conn-4.stpl
new file mode 100644
index 00000000..87c34de1
--- /dev/null
+++ b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2-conn-4.stpl
@@ -0,0 +1,41 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    # ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        limit_conn addr 8;
+        limit_req zone=two burst=14 delay=7;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~* ^.+\.(%proxy_extentions%)$ {
+        root           %sdocroot%;
+        access_log     /var/log/%web_system%/domains/%domain%.log combined;
+        access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+        expires        max;
+        # try_files      $uri @fallback;
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2-conn-4.tpl b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2-conn-4.tpl
new file mode 100644
index 00000000..cfcba2e8
--- /dev/null
+++ b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2-conn-4.tpl
@@ -0,0 +1,38 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        limit_conn addr 8;
+        limit_req zone=two burst=14 delay=7;
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~* ^.+\.(%proxy_extentions%)$ {
+        root           %docroot%;
+        access_log     /var/log/%web_system%/domains/%domain%.log combined;
+        access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+        expires        max;
+        # try_files      $uri @fallback;
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
+

From fc87362da888c5fb7961a0dc494c8e3f996e4340 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 22 May 2020 15:52:06 +0200
Subject: [PATCH 0998/2300] Update install_rate_limit_tpl.sh

---
 .../tools/rate-limit-tpl/install_rate_limit_tpl.sh           | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh b/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh
index 7077620c..f51c04dc 100644
--- a/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh
+++ b/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh
@@ -47,4 +47,9 @@ wget -nv -O /usr/local/vesta/data/templates/web/nginx/force-https-firewall-burst
 wget -nv -O /usr/local/vesta/data/templates/web/nginx/hosting-firewall-burst-2-speed-2.tpl http://c.myvestacp.com/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2.tpl
 wget -nv -O /usr/local/vesta/data/templates/web/nginx/hosting-firewall-burst-2-speed-2.stpl http://c.myvestacp.com/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2.stpl
 
+wget -nv -O /usr/local/vesta/data/templates/web/nginx/force-https-firewall-burst-2-speed-2-conn-4.tpl http://c.myvestacp.com/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2-conn-4.tpl
+wget -nv -O /usr/local/vesta/data/templates/web/nginx/force-https-firewall-burst-2-speed-2-conn-4.stpl http://c.myvestacp.com/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2-conn-4.stpl
+wget -nv -O /usr/local/vesta/data/templates/web/nginx/hosting-firewall-burst-2-speed-2-conn-4.tpl http://c.myvestacp.com/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2-conn-4.tpl
+wget -nv -O /usr/local/vesta/data/templates/web/nginx/hosting-firewall-burst-2-speed-2-conn-4.stpl http://c.myvestacp.com/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2-conn-4.stpl
+
 service nginx restart

From 684c96169fb0f2c9e5026692dfdab6f7b08fa894 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 23 May 2020 14:10:28 +0200
Subject: [PATCH 0999/2300] Recommending Debian10 in myVesta

---
 install/vst-install-debian.sh | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 3ef544f0..96636cf6 100644
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -32,6 +32,11 @@ if [ "$release" -eq 10 ]; then
         bsdmainutils cron vesta vesta-nginx vesta-php expect libmail-dkim-perl
         unrar-free vim-common net-tools unzip"
 elif [ "$release" -eq 9 ]; then
+    echo "==================================================="
+    echo "Important message:"
+    echo "myVesta is much more faster with Debian 10 ."
+    echo "Are you sure you want to continue with Debian 9 ?"
+    read -p "==================================================="
     software="nginx apache2 apache2-utils apache2-suexec-custom
         libapache2-mod-ruid2 libapache2-mod-fcgid libapache2-mod-php php
         php-common php-cgi php-mysql php-curl php-fpm php-pgsql awstats
@@ -44,6 +49,11 @@ elif [ "$release" -eq 9 ]; then
         bsdmainutils cron vesta vesta-nginx vesta-php expect libmail-dkim-perl
         unrar-free vim-common net-tools unzip"
 elif [ "$release" -eq 8 ]; then
+    echo "==================================================="
+    echo "Important message:"
+    echo "myVesta is much more faster with Debian 10 ."
+    echo "Are you sure you want to continue with Debian 8 ?"
+    read -p "==================================================="
     software="nginx apache2 apache2-utils apache2.2-common
         apache2-suexec-custom libapache2-mod-ruid2
         libapache2-mod-fcgid libapache2-mod-php5 php5 php5-common php5-cgi

From a7dc2ee2045d09e981a9ac2c19f1858c96fa8de2 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 23 May 2020 14:12:25 +0200
Subject: [PATCH 1000/2300] Debian 10 is recommended

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index a3c2668d..a42b8fd2 100644
--- a/README.md
+++ b/README.md
@@ -11,7 +11,7 @@ myVesta Control Panel
 Features of myVesta
 ==================================================
 
-+ Support for Debian 10 (previous Debian releases are also supported)
++ Support for Debian 10 (previous Debian releases are also supported, but Debian 10 is recommended)
 
 + [nginx templates](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh) that can prevent denial-of-service on your server
 

From 176bfe5d71edb24b1f5c61440e7ea3787f70a9ac Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 23 May 2020 14:22:33 +0200
Subject: [PATCH 1001/2300] Message in installer that only Debian is supported

---
 install/vst-install.sh | 20 ++++++++++++++++++--
 1 file changed, 18 insertions(+), 2 deletions(-)

diff --git a/install/vst-install.sh b/install/vst-install.sh
index aa9ecbf6..b2dd163b 100755
--- a/install/vst-install.sh
+++ b/install/vst-install.sh
@@ -46,9 +46,25 @@ case $(head -n1 /etc/issue | cut -f 1 -d ' ') in
     *)          type="rhel" ;;
 esac
 
+if [ "$type" = "ubuntu" ]; then
+    echo "Sorry, Ubuntu is not supported."
+    echo "myVesta supports only Debian."
+    exit;
+fi
+if [ "$type" = "amazon" ]; then
+    echo "Sorry, Amazon linux cdistribution is not supported."
+    echo "myVesta supports only Debian."
+    exit;
+fi
+if [ "$type" = "rhel" ]; then
+    echo "Sorry, CentOS is not supported."
+    echo "myVesta supports only Debian."
+    exit;
+fi
+
 # Check wget
 if [ -e '/usr/bin/wget' ]; then
-    wget http://vestacp.com/pub/vst-install-$type.sh -O vst-install-$type.sh
+    wget http://c.myvestacp.com/vst-install-$type.sh -O vst-install-$type.sh
     if [ "$?" -eq '0' ]; then
         bash vst-install-$type.sh $*
         exit
@@ -60,7 +76,7 @@ fi
 
 # Check curl
 if [ -e '/usr/bin/curl' ]; then
-    curl -O http://vestacp.com/pub/vst-install-$type.sh
+    curl -O http://c.myvestacp.com/vst-install-$type.sh
     if [ "$?" -eq '0' ]; then
         bash vst-install-$type.sh $*
         exit

From 6fcc1dcdb84503f55126e2f3b334965950fd6d4b Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 23 May 2020 14:23:48 +0200
Subject: [PATCH 1002/2300] Message in installer that only Debian is supported

---
 install/vst-install.sh | 11 +++--------
 1 file changed, 3 insertions(+), 8 deletions(-)

diff --git a/install/vst-install.sh b/install/vst-install.sh
index b2dd163b..9b3de74f 100755
--- a/install/vst-install.sh
+++ b/install/vst-install.sh
@@ -1,15 +1,10 @@
 #!/bin/bash
-# Vesta installation wrapper
-# http://vestacp.com
+# myVesta installation wrapper
+# http://myvestacp.com
 
 #
 # Currently Supported Operating Systems:
-#
-#   RHEL 5, 6, 7
-#   CentOS 5, 6, 7
-#   Debian 7, 8
-#   Ubuntu 12.04 - 18.04
-#   Amazon Linux 2017
+#   Debian 8, 9, 10
 #
 
 # Am I root?

From ced0330c45d978eb63fb54adee6c4cac1542f765 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 23 May 2020 14:25:25 +0200
Subject: [PATCH 1003/2300] Update vst-install-amazon.sh

---
 install/vst-install-amazon.sh | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/install/vst-install-amazon.sh b/install/vst-install-amazon.sh
index 2bae6418..00d9be8c 100644
--- a/install/vst-install-amazon.sh
+++ b/install/vst-install-amazon.sh
@@ -1,5 +1,9 @@
 #!/bin/bash
 
+echo "Sorry, Amazon linux distribution is not supported."
+echo "myVesta supports only Debian."
+exit;
+
 # Vesta Amazon installer v.05
 
 #----------------------------------------------------------#

From e2a491b3617d95215ff679ae687ca1e697f5b3e3 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 23 May 2020 14:25:59 +0200
Subject: [PATCH 1004/2300] Update vst-install-rhel.sh

---
 install/vst-install-rhel.sh | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/install/vst-install-rhel.sh b/install/vst-install-rhel.sh
index 4ea5154c..6f691faa 100755
--- a/install/vst-install-rhel.sh
+++ b/install/vst-install-rhel.sh
@@ -1,5 +1,9 @@
 #!/bin/bash
 
+echo "Sorry, CentOS is not supported."
+echo "myVesta supports only Debian."
+exit;
+
 # Vesta RHEL/CentOS installer v.05
 
 #----------------------------------------------------------#

From e69cc7f513835003076eb94db934d29cf5ee5d4f Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 23 May 2020 14:26:48 +0200
Subject: [PATCH 1005/2300] Update vst-install-ubuntu.sh

---
 install/vst-install-ubuntu.sh | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/install/vst-install-ubuntu.sh b/install/vst-install-ubuntu.sh
index 21f645bd..f3aa6549 100755
--- a/install/vst-install-ubuntu.sh
+++ b/install/vst-install-ubuntu.sh
@@ -1,5 +1,9 @@
 #!/bin/bash
 
+echo "Sorry, Ubuntu is not supported."
+echo "myVesta supports only Debian."
+exit;
+
 # Vesta Ubuntu installer v.05
 
 #----------------------------------------------------------#

From 149109698aeaef46c7c2902c530f90aa56263517 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 23 May 2020 21:51:59 +0200
Subject: [PATCH 1006/2300] typo fix

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index a42b8fd2..915c2348 100644
--- a/README.md
+++ b/README.md
@@ -60,7 +60,7 @@ Useful tools
 
 + [Script that will install multiple PHP versions on your server](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/multi-php-install.sh)
 
-+ [Script that will insatall nginx templates that can prevent denial-of-service on your server](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh)
++ [Script that will install nginx templates that can prevent denial-of-service on your server](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh)
 
 + [Official Vesta Softaculous installer](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/install-softaculous.sh)
 

From 9cb73b19df6bcdf272c822231ef1cea397823b43 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Sun, 24 May 2020 22:14:13 +0200
Subject: [PATCH 1007/2300] nginx caching tpl

---
 .../debian/10/templates/web/nginx/caching.sh  | 19 ++++++++
 .../10/templates/web/nginx/caching.stpl       | 43 +++++++++++++++++++
 .../debian/10/templates/web/nginx/caching.tpl | 41 ++++++++++++++++++
 .../debian/7/templates/web/nginx/caching.stpl |  0
 .../debian/7/templates/web/nginx/caching.tpl  |  0
 .../debian/7/templates/web/nginx/default.stpl |  0
 .../debian/7/templates/web/nginx/default.tpl  |  0
 .../debian/7/templates/web/nginx/hosting.stpl |  0
 .../debian/7/templates/web/nginx/hosting.tpl  |  0
 .../debian/7/templates/web/nginx/proxy_ip.tpl |  0
 .../debian/8/templates/web/nginx/caching.stpl |  0
 .../debian/8/templates/web/nginx/caching.tpl  |  0
 .../debian/8/templates/web/nginx/default.stpl |  0
 .../debian/8/templates/web/nginx/default.tpl  |  0
 .../debian/8/templates/web/nginx/hosting.stpl |  0
 .../debian/8/templates/web/nginx/hosting.tpl  |  0
 .../debian/8/templates/web/nginx/proxy_ip.tpl |  0
 .../debian/9/templates/web/nginx/caching.stpl |  0
 .../debian/9/templates/web/nginx/caching.tpl  |  0
 .../debian/9/templates/web/nginx/default.stpl |  0
 .../debian/9/templates/web/nginx/default.tpl  |  0
 .../debian/9/templates/web/nginx/hosting.stpl |  0
 .../debian/9/templates/web/nginx/hosting.tpl  |  0
 .../debian/9/templates/web/nginx/proxy_ip.tpl |  0
 install/vst-install-debian.sh                 |  0
 install/vst-install-rhel.sh                   |  0
 install/vst-install-ubuntu.sh                 |  0
 27 files changed, 103 insertions(+)
 create mode 100755 install/debian/10/templates/web/nginx/caching.sh
 create mode 100644 install/debian/10/templates/web/nginx/caching.stpl
 create mode 100644 install/debian/10/templates/web/nginx/caching.tpl
 mode change 100755 => 100644 install/debian/7/templates/web/nginx/caching.stpl
 mode change 100755 => 100644 install/debian/7/templates/web/nginx/caching.tpl
 mode change 100755 => 100644 install/debian/7/templates/web/nginx/default.stpl
 mode change 100755 => 100644 install/debian/7/templates/web/nginx/default.tpl
 mode change 100755 => 100644 install/debian/7/templates/web/nginx/hosting.stpl
 mode change 100755 => 100644 install/debian/7/templates/web/nginx/hosting.tpl
 mode change 100755 => 100644 install/debian/7/templates/web/nginx/proxy_ip.tpl
 mode change 100755 => 100644 install/debian/8/templates/web/nginx/caching.stpl
 mode change 100755 => 100644 install/debian/8/templates/web/nginx/caching.tpl
 mode change 100755 => 100644 install/debian/8/templates/web/nginx/default.stpl
 mode change 100755 => 100644 install/debian/8/templates/web/nginx/default.tpl
 mode change 100755 => 100644 install/debian/8/templates/web/nginx/hosting.stpl
 mode change 100755 => 100644 install/debian/8/templates/web/nginx/hosting.tpl
 mode change 100755 => 100644 install/debian/8/templates/web/nginx/proxy_ip.tpl
 mode change 100755 => 100644 install/debian/9/templates/web/nginx/caching.stpl
 mode change 100755 => 100644 install/debian/9/templates/web/nginx/caching.tpl
 mode change 100755 => 100644 install/debian/9/templates/web/nginx/default.stpl
 mode change 100755 => 100644 install/debian/9/templates/web/nginx/default.tpl
 mode change 100755 => 100644 install/debian/9/templates/web/nginx/hosting.stpl
 mode change 100755 => 100644 install/debian/9/templates/web/nginx/hosting.tpl
 mode change 100755 => 100644 install/debian/9/templates/web/nginx/proxy_ip.tpl
 mode change 100644 => 100755 install/vst-install-debian.sh
 mode change 100755 => 100644 install/vst-install-rhel.sh
 mode change 100755 => 100644 install/vst-install-ubuntu.sh

diff --git a/install/debian/10/templates/web/nginx/caching.sh b/install/debian/10/templates/web/nginx/caching.sh
new file mode 100755
index 00000000..09d8efe7
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/caching.sh
@@ -0,0 +1,19 @@
+#!/bin/bash
+
+user=$1
+domain=$2
+ip=$3
+home=$4
+docroot=$5
+
+str="proxy_cache_path /var/cache/nginx/$domain levels=2" 
+str="$str keys_zone=$domain:10m inactive=60m max_size=512m;" 
+conf='/etc/nginx/conf.d/01_caching_pool.conf'
+if [ -e "$conf" ]; then
+    if [ -z "$(grep "=${domain}:" $conf)" ]; then
+        echo "$str" >> $conf
+    fi
+else
+    echo "$str" >> $conf
+fi
+
diff --git a/install/debian/10/templates/web/nginx/caching.stpl b/install/debian/10/templates/web/nginx/caching.stpl
new file mode 100644
index 00000000..3c56004d
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/caching.stpl
@@ -0,0 +1,43 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl;
+    server_name %domain_idn% %alias_idn%;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+
+        proxy_cache cache;
+        proxy_cache_valid 15m;
+        proxy_cache_valid 404 1m;
+        proxy_no_cache $no_cache;
+        proxy_cache_bypass $no_cache;
+        proxy_cache_bypass $cookie_session $http_x_update;
+
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            proxy_cache    off;
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/10/templates/web/nginx/caching.tpl b/install/debian/10/templates/web/nginx/caching.tpl
new file mode 100644
index 00000000..36761b65
--- /dev/null
+++ b/install/debian/10/templates/web/nginx/caching.tpl
@@ -0,0 +1,41 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      http://%ip%:%web_port%;
+
+        proxy_cache cache;
+        proxy_cache_valid 15m;
+        proxy_cache_valid 404 1m;
+        proxy_no_cache $no_cache;
+        proxy_cache_bypass $no_cache;
+        proxy_cache_bypass $cookie_session $http_x_update;
+
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            proxy_cache    off;
+            root           %docroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/7/templates/web/nginx/caching.stpl b/install/debian/7/templates/web/nginx/caching.stpl
old mode 100755
new mode 100644
diff --git a/install/debian/7/templates/web/nginx/caching.tpl b/install/debian/7/templates/web/nginx/caching.tpl
old mode 100755
new mode 100644
diff --git a/install/debian/7/templates/web/nginx/default.stpl b/install/debian/7/templates/web/nginx/default.stpl
old mode 100755
new mode 100644
diff --git a/install/debian/7/templates/web/nginx/default.tpl b/install/debian/7/templates/web/nginx/default.tpl
old mode 100755
new mode 100644
diff --git a/install/debian/7/templates/web/nginx/hosting.stpl b/install/debian/7/templates/web/nginx/hosting.stpl
old mode 100755
new mode 100644
diff --git a/install/debian/7/templates/web/nginx/hosting.tpl b/install/debian/7/templates/web/nginx/hosting.tpl
old mode 100755
new mode 100644
diff --git a/install/debian/7/templates/web/nginx/proxy_ip.tpl b/install/debian/7/templates/web/nginx/proxy_ip.tpl
old mode 100755
new mode 100644
diff --git a/install/debian/8/templates/web/nginx/caching.stpl b/install/debian/8/templates/web/nginx/caching.stpl
old mode 100755
new mode 100644
diff --git a/install/debian/8/templates/web/nginx/caching.tpl b/install/debian/8/templates/web/nginx/caching.tpl
old mode 100755
new mode 100644
diff --git a/install/debian/8/templates/web/nginx/default.stpl b/install/debian/8/templates/web/nginx/default.stpl
old mode 100755
new mode 100644
diff --git a/install/debian/8/templates/web/nginx/default.tpl b/install/debian/8/templates/web/nginx/default.tpl
old mode 100755
new mode 100644
diff --git a/install/debian/8/templates/web/nginx/hosting.stpl b/install/debian/8/templates/web/nginx/hosting.stpl
old mode 100755
new mode 100644
diff --git a/install/debian/8/templates/web/nginx/hosting.tpl b/install/debian/8/templates/web/nginx/hosting.tpl
old mode 100755
new mode 100644
diff --git a/install/debian/8/templates/web/nginx/proxy_ip.tpl b/install/debian/8/templates/web/nginx/proxy_ip.tpl
old mode 100755
new mode 100644
diff --git a/install/debian/9/templates/web/nginx/caching.stpl b/install/debian/9/templates/web/nginx/caching.stpl
old mode 100755
new mode 100644
diff --git a/install/debian/9/templates/web/nginx/caching.tpl b/install/debian/9/templates/web/nginx/caching.tpl
old mode 100755
new mode 100644
diff --git a/install/debian/9/templates/web/nginx/default.stpl b/install/debian/9/templates/web/nginx/default.stpl
old mode 100755
new mode 100644
diff --git a/install/debian/9/templates/web/nginx/default.tpl b/install/debian/9/templates/web/nginx/default.tpl
old mode 100755
new mode 100644
diff --git a/install/debian/9/templates/web/nginx/hosting.stpl b/install/debian/9/templates/web/nginx/hosting.stpl
old mode 100755
new mode 100644
diff --git a/install/debian/9/templates/web/nginx/hosting.tpl b/install/debian/9/templates/web/nginx/hosting.tpl
old mode 100755
new mode 100644
diff --git a/install/debian/9/templates/web/nginx/proxy_ip.tpl b/install/debian/9/templates/web/nginx/proxy_ip.tpl
old mode 100755
new mode 100644
diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
old mode 100644
new mode 100755
diff --git a/install/vst-install-rhel.sh b/install/vst-install-rhel.sh
old mode 100755
new mode 100644
diff --git a/install/vst-install-ubuntu.sh b/install/vst-install-ubuntu.sh
old mode 100755
new mode 100644

From e21471b030fda8a49e773d9389b9631553fefc74 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 24 May 2020 22:18:49 +0200
Subject: [PATCH 1008/2300] correcting code that take debian version

---
 bin/v-update-web-templates | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/bin/v-update-web-templates b/bin/v-update-web-templates
index df882dd7..62daa141 100755
--- a/bin/v-update-web-templates
+++ b/bin/v-update-web-templates
@@ -22,7 +22,7 @@ source $VESTA/conf/vesta.conf
 #----------------------------------------------------------#
 
 # Defining config host
-chost='c.vestacp.com'
+chost='c.myvestacp.com'
 
 # Detcing OS
 case $(head -n1 /etc/issue |cut -f 1 -d ' ') in
@@ -43,7 +43,7 @@ if [ "$version" = 'ubuntu' ]; then
     release=$(lsb_release -r |awk '{print $2}')
 fi
 if [ "$version" = 'debian' ]; then
-    release=$(cat /etc/issue|grep -o [0-9]|head -n1)
+    release=$(cat /etc/debian_version | tr "." "\n" | head -n1)
 fi
 
 # Defining download url

From d1f256173ed1bf2227d486b73c7a5771faa9b334 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 24 May 2020 22:27:57 +0200
Subject: [PATCH 1009/2300] timeout for getting latest release

---
 bin/v-list-sys-vesta-updates | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-list-sys-vesta-updates b/bin/v-list-sys-vesta-updates
index 69fcf9f8..acec8840 100755
--- a/bin/v-list-sys-vesta-updates
+++ b/bin/v-list-sys-vesta-updates
@@ -61,7 +61,7 @@ shell_list() {
 #----------------------------------------------------------#
 
 # Checking official latest version
-latest=$(wget -q -T 1 -t 1 http://c.myvestacp.com/latest.txt -O -)
+latest=$(wget -q -T 3 -t 1 http://c.myvestacp.com/latest.txt?check -O -)
 
 # Checking installed vesta version
 if [ -d "/etc/sysconfig" ]; then

From 4c6628822a936eff5fffc065c779b5d564804173 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 26 May 2020 19:09:05 +0200
Subject: [PATCH 1010/2300] confdef in v-update-sys-vesta

---
 bin/v-update-sys-vesta | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-update-sys-vesta b/bin/v-update-sys-vesta
index de2a07cb..d8df2aae 100755
--- a/bin/v-update-sys-vesta
+++ b/bin/v-update-sys-vesta
@@ -49,7 +49,7 @@ else
         -o Dir::Etc::sourceparts="-" -o APT::Get::List-Cleanup="0" -qq
 
     # Update vesta package
-    apt-get -y -qq -o Dpkg::Options::="--force-confold" install $package > /dev/null 2>&1
+    apt-get -y -qq -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" -o Dpkg::Options::="--force-confmiss" install $package > /dev/null 2>&1
     check_result $? "$package update failed" $E_UPDATE
 fi
 

From cdcc726ac7187bc4d376ee1a422edeb4504dadc4 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 29 May 2020 10:09:21 +0200
Subject: [PATCH 1011/2300] Update install_rate_limit_tpl.sh

---
 .../for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh b/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh
index f51c04dc..8710008c 100644
--- a/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh
+++ b/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh
@@ -7,6 +7,8 @@
 # + if client fills allowed queue, additional requests will be denied
 #
 # Generally, this nginx template will prevent bad bots to run hundreds parallel http requests against your site, which will probably cause denial-of-service on your server.
+#
+# There are also 3 additional templates, with larger limit values (for example: 2 req/sec, 14 allowed requests in queue, 7 burst, 8 parallel connections).
 
 grepc=$(grep -c 'limit_conn_zone' /etc/nginx/nginx.conf)
 if [ "$grepc" -eq 0 ]; then

From 2ef5c923253e933e4332f57f4e746a9753cee2fc Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 31 May 2020 02:21:29 +0200
Subject: [PATCH 1012/2300] Making sure mpm_event will stay

---
 src/deb/vesta/postinst | 36 ++++++++++++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index 28c44d9c..4304cc0b 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -110,6 +110,42 @@ if [ ! -f "/usr/local/vesta/data/upgrades/change-clamav-socket-v2" ]; then
     fi
 fi
 
+# Making sure mpm_event will stay
+if [ ! -f "/usr/local/vesta/data/upgrades/keeping-mpm-event" ]; then
+    touch /usr/local/vesta/data/upgrades/keeping-mpm-event
+
+    check_grep=$(grep -c "WEB_SYSTEM='apache2'" /usr/local/vesta/conf/vesta.conf)
+    if [ "$check_grep" -eq 1 ]; then
+
+        switch_to_mpm_event=0
+
+        release=$(cat /etc/debian_version | tr "." "\n" | head -n1)
+        if [ "$release" -eq 10 ]; then
+            echo "=== Keeping mpm_event (1)"
+            switch_to_mpm_event=1
+        else
+            check_grep=$(/usr/local/vesta/bin/v-list-sys-web-status | grep -c "Server MPM: event")
+            if [ "$check_grep" -eq 1 ]; then
+                echo "=== Keeping mpm_event (2)"
+                switch_to_mpm_event=1
+            fi
+        fi
+        if [ "$switch_to_mpm_event" -eq 1 ]; then
+            apt-get -y remove libapache2-mod-php7.4
+            a2dismod ruid2
+            a2dismod suexec
+            a2dismod php5.6
+            a2dismod php7.0
+            a2dismod php7.1
+            a2dismod php7.2
+            a2dismod php7.4
+            a2dismod mpm_prefork
+            a2enmod mpm_event
+            service apache2 restart
+        fi
+    fi
+fi
+
 # Run custom triggers
 if [ -x "/root/vesta-patch.sh" ]; then
     /root/vesta-patch.sh

From 07eea77be5a0964f24f1b2eb4d50b9797e7dbda2 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 31 May 2020 02:32:06 +0200
Subject: [PATCH 1013/2300] Calling /upd/keep_mpm_event.sh

---
 src/deb/vesta/postinst | 32 +-------------------------------
 1 file changed, 1 insertion(+), 31 deletions(-)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index 4304cc0b..6253a8cc 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -113,37 +113,7 @@ fi
 # Making sure mpm_event will stay
 if [ ! -f "/usr/local/vesta/data/upgrades/keeping-mpm-event" ]; then
     touch /usr/local/vesta/data/upgrades/keeping-mpm-event
-
-    check_grep=$(grep -c "WEB_SYSTEM='apache2'" /usr/local/vesta/conf/vesta.conf)
-    if [ "$check_grep" -eq 1 ]; then
-
-        switch_to_mpm_event=0
-
-        release=$(cat /etc/debian_version | tr "." "\n" | head -n1)
-        if [ "$release" -eq 10 ]; then
-            echo "=== Keeping mpm_event (1)"
-            switch_to_mpm_event=1
-        else
-            check_grep=$(/usr/local/vesta/bin/v-list-sys-web-status | grep -c "Server MPM: event")
-            if [ "$check_grep" -eq 1 ]; then
-                echo "=== Keeping mpm_event (2)"
-                switch_to_mpm_event=1
-            fi
-        fi
-        if [ "$switch_to_mpm_event" -eq 1 ]; then
-            apt-get -y remove libapache2-mod-php7.4
-            a2dismod ruid2
-            a2dismod suexec
-            a2dismod php5.6
-            a2dismod php7.0
-            a2dismod php7.1
-            a2dismod php7.2
-            a2dismod php7.4
-            a2dismod mpm_prefork
-            a2enmod mpm_event
-            service apache2 restart
-        fi
-    fi
+    echo "bash /usr/local/vesta/upd/keep_mpm_event.sh" >> /usr/local/vesta/data/queue/restart.pipe
 fi
 
 # Run custom triggers

From 6c11c48d26e8b9e09ba3dc3cd491dd9ad0bb6c48 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 31 May 2020 02:42:59 +0200
Subject: [PATCH 1014/2300] keeping-mpm-event.log

---
 src/deb/vesta/postinst | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index 6253a8cc..0fe761d1 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -113,7 +113,7 @@ fi
 # Making sure mpm_event will stay
 if [ ! -f "/usr/local/vesta/data/upgrades/keeping-mpm-event" ]; then
     touch /usr/local/vesta/data/upgrades/keeping-mpm-event
-    echo "bash /usr/local/vesta/upd/keep_mpm_event.sh" >> /usr/local/vesta/data/queue/restart.pipe
+    echo "bash /usr/local/vesta/upd/keep_mpm_event.sh >> /usr/local/vesta/data/upgrades/keeping-mpm-event.log 2>&1" >> /usr/local/vesta/data/queue/restart.pipe
 fi
 
 # Run custom triggers

From 123bae9e61924973288661880c03bdad64ed8bfd Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 31 May 2020 02:56:15 +0200
Subject: [PATCH 1015/2300] calling v-add-cron-restart-job for
 keeping-mpm-event check script

---
 src/deb/vesta/postinst | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index 0fe761d1..1b0e4835 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -113,7 +113,9 @@ fi
 # Making sure mpm_event will stay
 if [ ! -f "/usr/local/vesta/data/upgrades/keeping-mpm-event" ]; then
     touch /usr/local/vesta/data/upgrades/keeping-mpm-event
+    echo "=== scheduling keeping-mpm-event check script"
     echo "bash /usr/local/vesta/upd/keep_mpm_event.sh >> /usr/local/vesta/data/upgrades/keeping-mpm-event.log 2>&1" >> /usr/local/vesta/data/queue/restart.pipe
+    /usr/local/vesta/bin/v-add-cron-restart-job
 fi
 
 # Run custom triggers

From 208a992b7f5986998c5580c1e7ac2c5cacc48f3c Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 31 May 2020 03:04:40 +0200
Subject: [PATCH 1016/2300] Create keep_mpm_event.sh

---
 upd/keep_mpm_event.sh | 42 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 42 insertions(+)
 create mode 100644 upd/keep_mpm_event.sh

diff --git a/upd/keep_mpm_event.sh b/upd/keep_mpm_event.sh
new file mode 100644
index 00000000..da5d37f6
--- /dev/null
+++ b/upd/keep_mpm_event.sh
@@ -0,0 +1,42 @@
+#!/bin/bash
+
+check_grep=$(ps -A | grep -c "apt")
+if [ "$check_grep" -eq 0 ]; then
+    echo "apt is not running"
+    echo "cleaning restart.pipe"
+    sed -i "/keep_mpm_event/d" /usr/local/vesta/data/queue/restart.pipe
+    if [ ! -f "/usr/local/vesta/data/upgrades/keeping-mpm-event-checked" ]; then
+        touch /usr/local/vesta/data/upgrades/keeping-mpm-event-checked
+        echo "mpm_event is not checked"
+        check_grep=$(grep -c "WEB_SYSTEM='apache2'" /usr/local/vesta/conf/vesta.conf)
+        if [ "$check_grep" -eq 1 ]; then
+            echo "we have apache"
+            switch_to_mpm_event=0
+            release=$(cat /etc/debian_version | tr "." "\n" | head -n1)
+            if [ "$release" -eq 10 ]; then
+                echo "ok, it's deb10"
+                switch_to_mpm_event=1
+            else
+                check_grep=$(/usr/local/vesta/bin/v-list-sys-web-status | grep -c "Server MPM: event")
+                if [ "$check_grep" -eq 1 ]; then
+                    echo "ok, it's already mpm_event"
+                    switch_to_mpm_event=1
+                fi
+            fi
+            if [ "$switch_to_mpm_event" -eq 1 ]; then
+                echo "ok, let's do it"
+                apt-get -y remove libapache2-mod-php7.4
+                a2dismod ruid2
+                a2dismod suexec
+                a2dismod php5.6
+                a2dismod php7.0
+                a2dismod php7.1
+                a2dismod php7.2
+                a2dismod php7.4
+                a2dismod mpm_prefork
+                a2enmod mpm_event
+                service apache2 restart
+            fi
+        fi
+    fi
+fi

From 9e59d4dff42bf792698bf5b195cc86113552576c Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 31 May 2020 03:10:52 +0200
Subject: [PATCH 1017/2300] muting v-add-cron-restart-job in postinst

---
 src/deb/vesta/postinst | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index 1b0e4835..4f030213 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -115,7 +115,7 @@ if [ ! -f "/usr/local/vesta/data/upgrades/keeping-mpm-event" ]; then
     touch /usr/local/vesta/data/upgrades/keeping-mpm-event
     echo "=== scheduling keeping-mpm-event check script"
     echo "bash /usr/local/vesta/upd/keep_mpm_event.sh >> /usr/local/vesta/data/upgrades/keeping-mpm-event.log 2>&1" >> /usr/local/vesta/data/queue/restart.pipe
-    /usr/local/vesta/bin/v-add-cron-restart-job
+    /usr/local/vesta/bin/v-add-cron-restart-job > /dev/null 2>&1
 fi
 
 # Run custom triggers

From e79aea271bb3f8ec7195b21ad3ba2cce2672dbfb Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 31 May 2020 03:18:13 +0200
Subject: [PATCH 1018/2300] calling v-delete-cron-restart-job from
 keep_mpm_event.sh

---
 upd/keep_mpm_event.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/upd/keep_mpm_event.sh b/upd/keep_mpm_event.sh
index da5d37f6..1195dfa0 100644
--- a/upd/keep_mpm_event.sh
+++ b/upd/keep_mpm_event.sh
@@ -5,6 +5,7 @@ if [ "$check_grep" -eq 0 ]; then
     echo "apt is not running"
     echo "cleaning restart.pipe"
     sed -i "/keep_mpm_event/d" /usr/local/vesta/data/queue/restart.pipe
+    /usr/local/vesta/bin/v-delete-cron-restart-job
     if [ ! -f "/usr/local/vesta/data/upgrades/keeping-mpm-event-checked" ]; then
         touch /usr/local/vesta/data/upgrades/keeping-mpm-event-checked
         echo "mpm_event is not checked"

From 23aa28d463a091367073222f9b53a63ab1f54ae4 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 31 May 2020 04:09:46 +0200
Subject: [PATCH 1019/2300] apt-get -y remove libapache2-mod-php7.4

---
 src/deb/for-download/tools/multi-php-install.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/deb/for-download/tools/multi-php-install.sh b/src/deb/for-download/tools/multi-php-install.sh
index 6316f3b8..ade0a464 100644
--- a/src/deb/for-download/tools/multi-php-install.sh
+++ b/src/deb/for-download/tools/multi-php-install.sh
@@ -202,6 +202,7 @@ if [ "$inst_74" -eq 1 ]; then
     apt -y install php7.4-mbstring php7.4-bcmath php7.4-cli php7.4-curl php7.4-fpm php7.4-gd php7.4-intl php7.4-mysql php7.4-soap php7.4-xml php7.4-zip php7.4-memcache php7.4-memcached
     update-rc.d php7.4-fpm defaults
     a2enconf php7.4-fpm
+    apt-get -y remove libapache2-mod-php7.4
     systemctl restart apache2
     cp -r /etc/php/7.4/ /root/vst_install_backups/php7.4/
     wget -nv https://c.myvestacp.com/tools/apache-fpm-tpl/PHP-FPM-74.stpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-74.stpl

From 4de87735758d228bd4981f2d2e68867e13716737 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 1 Jun 2020 18:46:55 +0200
Subject: [PATCH 1020/2300] Update keep_mpm_event.sh

---
 upd/keep_mpm_event.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/upd/keep_mpm_event.sh b/upd/keep_mpm_event.sh
index 1195dfa0..e8c36a98 100644
--- a/upd/keep_mpm_event.sh
+++ b/upd/keep_mpm_event.sh
@@ -33,6 +33,7 @@ if [ "$check_grep" -eq 0 ]; then
                 a2dismod php7.0
                 a2dismod php7.1
                 a2dismod php7.2
+                a2dismod php7.3
                 a2dismod php7.4
                 a2dismod mpm_prefork
                 a2enmod mpm_event

From 470d0a134ef6a02e77e3fe53287bfdaa1048291b Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 1 Jun 2020 18:53:09 +0200
Subject: [PATCH 1021/2300] skip upgrades on fresh installation

---
 install/vst-install-debian.sh | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 96636cf6..b4d44207 100755
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1595,6 +1595,11 @@ echo "UPDATE_HOSTNAME_SSL='yes'" >> $VESTA/conf/vesta.conf
 if [ ! -d "/usr/local/vesta/data/upgrades" ]; then
     mkdir -p /usr/local/vesta/data/upgrades
 fi
+touch /usr/local/vesta/data/upgrades/tune-fpm-config-files-v1
+touch /usr/local/vesta/data/upgrades/allow-backup-anytime
+touch /usr/local/vesta/data/upgrades/fix-sudoers
+touch /usr/local/vesta/data/upgrades/change-clamav-socket-v2
+touch /usr/local/vesta/data/upgrades/keeping-mpm-event
 
 # Secret URL
 secretquery=''

From 1c1ed27357a6eb5f88821442434e149d6c6c9116 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 1 Jun 2020 23:53:55 +0200
Subject: [PATCH 1022/2300] vesta-0.9.8-26-20

---
 src/deb/latest.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/latest.txt b/src/deb/latest.txt
index 617d5954..2137e542 100644
--- a/src/deb/latest.txt
+++ b/src/deb/latest.txt
@@ -1 +1 @@
-vesta-0.9.8-26-19
+vesta-0.9.8-26-20

From 27e892c6e35789d2176609e9fd4a6d895dfb7e66 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 11 Jun 2020 10:21:14 +0200
Subject: [PATCH 1023/2300] Reset UPDATE_SSL_SCRIPT

---
 bin/v-add-web-domain-ssl | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/bin/v-add-web-domain-ssl b/bin/v-add-web-domain-ssl
index 43e5cce3..2c0f78ae 100755
--- a/bin/v-add-web-domain-ssl
+++ b/bin/v-add-web-domain-ssl
@@ -143,6 +143,8 @@ if [ ! -z "$UPDATE_HOSTNAME_SSL" ] && [ "$UPDATE_HOSTNAME_SSL" = "yes" ]; then
     fi
 fi
 
+UPDATE_SSL_SCRIPT=''
+source $VESTA/conf/vesta.conf
 if [ ! -z "$UPDATE_SSL_SCRIPT" ]; then
     eval "$UPDATE_SSL_SCRIPT $user $domain"
 fi

From 17f943578648ff122e940b5eee499ed2df08b789 Mon Sep 17 00:00:00 2001
From: myvesta 
Date: Thu, 11 Jun 2020 13:40:42 +0200
Subject: [PATCH 1024/2300] deb9 http2

---
 install/debian/9/templates/web/nginx/caching.stpl | 2 +-
 install/debian/9/templates/web/nginx/default.stpl | 2 +-
 install/debian/9/templates/web/nginx/hosting.stpl | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/install/debian/9/templates/web/nginx/caching.stpl b/install/debian/9/templates/web/nginx/caching.stpl
index 3c56004d..868e2fe9 100644
--- a/install/debian/9/templates/web/nginx/caching.stpl
+++ b/install/debian/9/templates/web/nginx/caching.stpl
@@ -1,5 +1,5 @@
 server {
-    listen      %ip%:%proxy_ssl_port% ssl;
+    listen      %ip%:%proxy_ssl_port% ssl http2;
     server_name %domain_idn% %alias_idn%;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
diff --git a/install/debian/9/templates/web/nginx/default.stpl b/install/debian/9/templates/web/nginx/default.stpl
index 0e669b3d..f225becd 100644
--- a/install/debian/9/templates/web/nginx/default.stpl
+++ b/install/debian/9/templates/web/nginx/default.stpl
@@ -1,5 +1,5 @@
 server {
-    listen      %ip%:%proxy_ssl_port% ssl;
+    listen      %ip%:%proxy_ssl_port% ssl http2;
     server_name %domain_idn% %alias_idn%;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
diff --git a/install/debian/9/templates/web/nginx/hosting.stpl b/install/debian/9/templates/web/nginx/hosting.stpl
index 62620789..3b0e8ce9 100644
--- a/install/debian/9/templates/web/nginx/hosting.stpl
+++ b/install/debian/9/templates/web/nginx/hosting.stpl
@@ -1,5 +1,5 @@
 server {
-    listen      %ip%:%proxy_ssl_port% ssl;
+    listen      %ip%:%proxy_ssl_port% ssl http2;
     server_name %domain_idn% %alias_idn%;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;

From 1ed512cf8340ac24bb974f23f191212b5d4d4d3a Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 11 Jun 2020 14:01:55 +0200
Subject: [PATCH 1025/2300] Building templates archive for Deb 8 and 9

---
 src/deb/vesta_compile.sh | 75 ++++++++++++++++++++++++++++++++++++----
 1 file changed, 68 insertions(+), 7 deletions(-)

diff --git a/src/deb/vesta_compile.sh b/src/deb/vesta_compile.sh
index 23b2471a..694f472f 100644
--- a/src/deb/vesta_compile.sh
+++ b/src/deb/vesta_compile.sh
@@ -277,18 +277,20 @@ if [ "$CWEB_B" = true ]; then
   fi
   cp /root/vesta/src/deb/latest.txt $PATH_OF_C_WEB_FOLDER_ROOT/latest.txt
   echo "$BUILD_DATE" > $PATH_OF_C_WEB_FOLDER_ROOT/build_date.txt
-  cd $PATH_OF_C_WEB_FOLDER
-  
+
+  ###########
+  cd $PATH_OF_C_WEB_FOLDER_ROOT/debian/8
+
   if [ -f "packages.tar.gz" ]; then
     rm packages.tar.gz
   fi
   tar -czf packages.tar.gz packages/
-  
+
   if [ -f "templates.tar.gz" ]; then
     rm templates.tar.gz
   fi
   tar -czf templates.tar.gz templates/
-  
+
   if [ -f "firewall.tar.gz" ]; then
     rm firewall.tar.gz
   fi
@@ -303,12 +305,71 @@ if [ "$CWEB_B" = true ]; then
     rm dovecot.tar.gz
   fi
   tar -czf dovecot.tar.gz dovecot/
-  echo "=== All done"
-  
+  echo "=== All done for Debian8"
+  ###########
+  cd $PATH_OF_C_WEB_FOLDER_ROOT/debian/9
+
+  if [ -f "packages.tar.gz" ]; then
+    rm packages.tar.gz
+  fi
+  tar -czf packages.tar.gz packages/
+
+  if [ -f "templates.tar.gz" ]; then
+    rm templates.tar.gz
+  fi
+  tar -czf templates.tar.gz templates/
+
+  if [ -f "firewall.tar.gz" ]; then
+    rm firewall.tar.gz
+  fi
+  tar -czf firewall.tar.gz firewall/
+
+  if [ -f "fail2ban.tar.gz" ]; then
+    rm fail2ban.tar.gz
+  fi
+  tar -czf fail2ban.tar.gz fail2ban/
+
+  if [ -f "dovecot.tar.gz" ]; then
+    rm dovecot.tar.gz
+  fi
+  tar -czf dovecot.tar.gz dovecot/
+  echo "=== All done for Debian9"
+  ###########
+  cd $PATH_OF_C_WEB_FOLDER_ROOT/debian/10
+
+  if [ -f "packages.tar.gz" ]; then
+    rm packages.tar.gz
+  fi
+  tar -czf packages.tar.gz packages/
+
+  if [ -f "templates.tar.gz" ]; then
+    rm templates.tar.gz
+  fi
+  tar -czf templates.tar.gz templates/
+
+  if [ -f "firewall.tar.gz" ]; then
+    rm firewall.tar.gz
+  fi
+  tar -czf firewall.tar.gz firewall/
+
+  if [ -f "fail2ban.tar.gz" ]; then
+    rm fail2ban.tar.gz
+  fi
+  tar -czf fail2ban.tar.gz fail2ban/
+
+  if [ -f "dovecot.tar.gz" ]; then
+    rm dovecot.tar.gz
+  fi
+  tar -czf dovecot.tar.gz dovecot/
+  echo "=== All done for Debian10"
+  ##########
+
   cp /root/vesta/install/vst-install-debian.sh $PATH_OF_C_WEB_FOLDER_ROOT/vst-install-debian.sh
-  
+
   mkdir $PATH_OF_C_WEB_FOLDER_ROOT/tools
   cp -rf /root/vesta/src/deb/for-download/tools/* $PATH_OF_C_WEB_FOLDER_ROOT/tools
+
+  echo "=== All done for c subdomain ==="
 fi
 
 #################################################################################

From 977728c21a75f9b5999a8acb7d18223e28f65835 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 11 Jun 2020 15:04:48 +0200
Subject: [PATCH 1026/2300] Run keep_mpm_event.sh with 'background' parameter

---
 src/deb/vesta/postinst | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index 4f030213..5064b173 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -114,7 +114,7 @@ fi
 if [ ! -f "/usr/local/vesta/data/upgrades/keeping-mpm-event" ]; then
     touch /usr/local/vesta/data/upgrades/keeping-mpm-event
     echo "=== scheduling keeping-mpm-event check script"
-    echo "bash /usr/local/vesta/upd/keep_mpm_event.sh >> /usr/local/vesta/data/upgrades/keeping-mpm-event.log 2>&1" >> /usr/local/vesta/data/queue/restart.pipe
+    echo "bash /usr/local/vesta/upd/keep_mpm_event.sh 'background' >> /usr/local/vesta/data/upgrades/keeping-mpm-event.log 2>&1" >> /usr/local/vesta/data/queue/restart.pipe
     /usr/local/vesta/bin/v-add-cron-restart-job > /dev/null 2>&1
 fi
 

From 747b8eea4ea4a5115ed8932cc387113d7e799493 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 11 Jun 2020 15:25:29 +0200
Subject: [PATCH 1027/2300] Update keep_mpm_event.sh

---
 upd/keep_mpm_event.sh | 80 ++++++++++++++++++++++++-------------------
 1 file changed, 44 insertions(+), 36 deletions(-)

diff --git a/upd/keep_mpm_event.sh b/upd/keep_mpm_event.sh
index e8c36a98..fdce7ef2 100644
--- a/upd/keep_mpm_event.sh
+++ b/upd/keep_mpm_event.sh
@@ -1,44 +1,52 @@
 #!/bin/bash
 
-check_grep=$(ps -A | grep -c "apt")
-if [ "$check_grep" -eq 0 ]; then
-    echo "apt is not running"
-    echo "cleaning restart.pipe"
-    sed -i "/keep_mpm_event/d" /usr/local/vesta/data/queue/restart.pipe
-    /usr/local/vesta/bin/v-delete-cron-restart-job
-    if [ ! -f "/usr/local/vesta/data/upgrades/keeping-mpm-event-checked" ]; then
-        touch /usr/local/vesta/data/upgrades/keeping-mpm-event-checked
-        echo "mpm_event is not checked"
-        check_grep=$(grep -c "WEB_SYSTEM='apache2'" /usr/local/vesta/conf/vesta.conf)
-        if [ "$check_grep" -eq 1 ]; then
-            echo "we have apache"
-            switch_to_mpm_event=0
-            release=$(cat /etc/debian_version | tr "." "\n" | head -n1)
-            if [ "$release" -eq 10 ]; then
-                echo "ok, it's deb10"
-                switch_to_mpm_event=1
-            else
-                check_grep=$(/usr/local/vesta/bin/v-list-sys-web-status | grep -c "Server MPM: event")
-                if [ "$check_grep" -eq 1 ]; then
-                    echo "ok, it's already mpm_event"
+switch_to_mpm_event=1
+
+if [ "$1" = 'background' ]; then
+    switch_to_mpm_event=0
+    check_grep=$(ps -A | grep -c "apt")
+    if [ "$check_grep" -eq 0 ]; then
+        echo "=== OK, apt is not running"
+        echo "=== Cleaning restart.pipe"
+        sed -i "/keep_mpm_event/d" /usr/local/vesta/data/queue/restart.pipe
+        /usr/local/vesta/bin/v-delete-cron-restart-job
+        if [ ! -f "/usr/local/vesta/data/upgrades/keeping-mpm-event-checked" ]; then
+            touch /usr/local/vesta/data/upgrades/keeping-mpm-event-checked
+            echo "=== OK, mpm_event is not checked"
+            check_grep=$(grep -c "WEB_SYSTEM='apache2'" /usr/local/vesta/conf/vesta.conf)
+            if [ "$check_grep" -eq 1 ]; then
+                echo "=== OK, we have Apache2"
+                release=$(cat /etc/debian_version | tr "." "\n" | head -n1)
+                if [ "$release" -eq 10 ]; then
+                    echo "=== OK, it's Debian 10"
                     switch_to_mpm_event=1
+                else
+                    check_grep=$(/usr/local/vesta/bin/v-list-sys-web-status | grep -c "Server MPM: event")
+                    if [ "$check_grep" -eq 1 ]; then
+                        echo "=== OK, it's already mpm_event"
+                        switch_to_mpm_event=1
+                    fi
                 fi
             fi
-            if [ "$switch_to_mpm_event" -eq 1 ]; then
-                echo "ok, let's do it"
-                apt-get -y remove libapache2-mod-php7.4
-                a2dismod ruid2
-                a2dismod suexec
-                a2dismod php5.6
-                a2dismod php7.0
-                a2dismod php7.1
-                a2dismod php7.2
-                a2dismod php7.3
-                a2dismod php7.4
-                a2dismod mpm_prefork
-                a2enmod mpm_event
-                service apache2 restart
-            fi
         fi
     fi
+else
+    echo "=== Script is called by the user"
+fi
+
+if [ "$switch_to_mpm_event" -eq 1 ]; then
+    echo "=== OK, let's ensure mpm_event"
+    apt-get -y remove libapache2-mod-php7.4
+    a2dismod ruid2
+    a2dismod suexec
+    a2dismod php5.6
+    a2dismod php7.0
+    a2dismod php7.1
+    a2dismod php7.2
+    a2dismod php7.3
+    a2dismod php7.4
+    a2dismod mpm_prefork
+    a2enmod mpm_event
+    service apache2 restart
+    echo "=== Done!"
 fi

From ab9b778e39b72e970b492c406c15eb8f61673905 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 11 Jun 2020 15:27:59 +0200
Subject: [PATCH 1028/2300] Update keep_mpm_event.sh

---
 upd/keep_mpm_event.sh | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/upd/keep_mpm_event.sh b/upd/keep_mpm_event.sh
index fdce7ef2..e9ea92e4 100644
--- a/upd/keep_mpm_event.sh
+++ b/upd/keep_mpm_event.sh
@@ -1,5 +1,9 @@
 #!/bin/bash
 
+###########
+# Script that will ensure that Apache2 will always stay in mpm_event mode
+###########
+
 switch_to_mpm_event=1
 
 if [ "$1" = 'background' ]; then

From 514bf9e0f10a884452e0cc4b8d5e51340aa13b3b Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 11 Jun 2020 16:09:42 +0200
Subject: [PATCH 1029/2300] Create fix_ssl_directive_in_templates.sh

---
 upd/fix_ssl_directive_in_templates.sh | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)
 create mode 100644 upd/fix_ssl_directive_in_templates.sh

diff --git a/upd/fix_ssl_directive_in_templates.sh b/upd/fix_ssl_directive_in_templates.sh
new file mode 100644
index 00000000..ccbaf7f5
--- /dev/null
+++ b/upd/fix_ssl_directive_in_templates.sh
@@ -0,0 +1,21 @@
+#!/bin/bash
+
+release=$(cat /etc/debian_version | tr "." "\n" | head -n1)
+
+if [ "$release" -eq 9 ] || [ "$release" -eq 10 ]; then
+    for FILE in /usr/local/vesta/data/templates/web/nginx/*.stpl; do
+        check_grep=$(grep -c 'http2' $FILE)
+        if [ "$check_grep" -eq 0 ]; then
+            echo "=== Fixing ssl directive in $FILE"
+            sed -i "s|:%proxy_ssl_port%;|:%proxy_ssl_port% ssl http2;|g" $FILE
+            sed -i "s|ssl *on;|#ssl on;|g" $FILE
+        fi
+    done
+fi
+
+for user in $(grep '@' /etc/passwd |cut -f1 -d:); do
+    if [ ! -f "/usr/local/vesta/data/users/$user/user.conf" ]; then
+        continue;
+    fi
+    v-rebuild-web-domains $user 'no'
+done

From 9cdfaf483f16ab2163be987a8d0e03f7f361dd8b Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 11 Jun 2020 16:13:29 +0200
Subject: [PATCH 1030/2300] Fixing ssl directive in nginx templates

---
 src/deb/vesta/postinst | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index 5064b173..20b13bd1 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -118,6 +118,13 @@ if [ ! -f "/usr/local/vesta/data/upgrades/keeping-mpm-event" ]; then
     /usr/local/vesta/bin/v-add-cron-restart-job > /dev/null 2>&1
 fi
 
+# Fixing ssl directive in nginx templates
+if [ ! -f "/usr/local/vesta/data/upgrades/fix_ssl_directive_in_templates" ]; then
+    touch /usr/local/vesta/data/upgrades/fix_ssl_directive_in_templates
+    echo "=== Fixing ssl directive in nginx templates"
+    bash /usr/local/vesta/upd/fix_ssl_directive_in_templates.sh
+fi
+
 # Run custom triggers
 if [ -x "/root/vesta-patch.sh" ]; then
     /root/vesta-patch.sh

From 9230e004f1189d359ad47f6f0abac720d1fb827e Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 11 Jun 2020 16:26:55 +0200
Subject: [PATCH 1031/2300] Update fix_ssl_directive_in_templates.sh

---
 upd/fix_ssl_directive_in_templates.sh | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/upd/fix_ssl_directive_in_templates.sh b/upd/fix_ssl_directive_in_templates.sh
index ccbaf7f5..7b8e00ee 100644
--- a/upd/fix_ssl_directive_in_templates.sh
+++ b/upd/fix_ssl_directive_in_templates.sh
@@ -6,9 +6,13 @@ if [ "$release" -eq 9 ] || [ "$release" -eq 10 ]; then
     for FILE in /usr/local/vesta/data/templates/web/nginx/*.stpl; do
         check_grep=$(grep -c 'http2' $FILE)
         if [ "$check_grep" -eq 0 ]; then
-            echo "=== Fixing ssl directive in $FILE"
+            echo "=== Fixing http2 directive in $FILE"
             sed -i "s|:%proxy_ssl_port%;|:%proxy_ssl_port% ssl http2;|g" $FILE
-            sed -i "s|ssl *on;|#ssl on;|g" $FILE
+        fi
+        check_grep=$(grep -c 'ssl *on;' $FILE)
+        if [ "$check_grep" -gt 0 ]; then
+            echo "=== Fixing ssl directive in $FILE"
+            sed -i "s|ssl *on;|#ssl_on;|g" $FILE
         fi
     done
 fi

From 9669084e3f0597322bcb0938eaba569b9fdd2962 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 12 Jun 2020 17:18:25 +0200
Subject: [PATCH 1032/2300] Create foxhole_all.cdb

---
 src/deb/for-download/tools/clamav/foxhole_all.cdb | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 src/deb/for-download/tools/clamav/foxhole_all.cdb

diff --git a/src/deb/for-download/tools/clamav/foxhole_all.cdb b/src/deb/for-download/tools/clamav/foxhole_all.cdb
new file mode 100644
index 00000000..8b137891
--- /dev/null
+++ b/src/deb/for-download/tools/clamav/foxhole_all.cdb
@@ -0,0 +1 @@
+

From 3b3d97f658f908e1465006e5081cb7e6ebeb7cd8 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 12 Jun 2020 17:19:41 +0200
Subject: [PATCH 1033/2300] foxhole_all.cdb

---
 .../for-download/tools/clamav/foxhole_all.cdb | 149 +++++++++++++++++-
 1 file changed, 148 insertions(+), 1 deletion(-)

diff --git a/src/deb/for-download/tools/clamav/foxhole_all.cdb b/src/deb/for-download/tools/clamav/foxhole_all.cdb
index 8b137891..3825e194 100644
--- a/src/deb/for-download/tools/clamav/foxhole_all.cdb
+++ b/src/deb/for-download/tools/clamav/foxhole_all.cdb
@@ -1 +1,148 @@
-
+Sanesecurity.Foxhole.7z_ade:CL_TYPE_7Z:*:\.[Aa][Dd][Ee]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.7z_adp:CL_TYPE_7Z:*:\.[AA][Dd][Pp]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.7z_bat:CL_TYPE_7Z:*:\.[Bb][Aa][Tt]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.7z_chm:CL_TYPE_7Z:*:\.[Cc][Hh][Mm]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.7z_cmd:CL_TYPE_7Z:*:\.[Cc][Mm][Dd]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.7z_com:CL_TYPE_7Z:*:\.[Cc][Oo][Mm]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.7z_cpl:CL_TYPE_7Z:*:\.[Cc][Pp][Ll]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.7z_exe:CL_TYPE_7Z:*:\.[Ee][Xx][Ee]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.7z_hta:CL_TYPE_7Z:*:\.[Hh][Tt][Aa]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.7z_ins:CL_TYPE_7Z:*:\.[Ii][Nn][Ss]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.7z_isp:CL_TYPE_7Z:*:\.[Ii][Ss][Pp]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.7z_jse:CL_TYPE_7Z:*:\.[Jj][Ss][Ee]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.7z_lib:CL_TYPE_7Z:*:\.[Ll][Ii][Bb]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.7z_mde:CL_TYPE_7Z:*:\.[Mm][Dd][Ee]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.7z_msc:CL_TYPE_7Z:*:\.[Mm][Ss][Cc]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.7z_msp:CL_TYPE_7Z:*:\.[Mm][Ss][Pp]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.7z_mst:CL_TYPE_7Z:*:\.[Mm][Ss][Tt]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.7z_pif:CL_TYPE_7Z:*:\.[Pp][Ii][Ff]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.7z_scr:CL_TYPE_7Z:*:\.[Ss][Cc][Rr]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.7z_sct:CL_TYPE_7Z:*:\.[Ss][Cc][Tt]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.7z_shb:CL_TYPE_7Z:*:\.[Ss][Hh][Bb]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.7z_sys:CL_TYPE_7Z:*:\.[Ss][Yy][Ss]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.7z_vb:CL_TYPE_7Z:*:\.[Vv][Bb]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.7z_vbe:CL_TYPE_7Z:*:\.[Vv][Bb][Ee]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.7z_vbs:CL_TYPE_7Z:*:\.[Vv][Bb][Ss]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.7z_vxd:CL_TYPE_7Z:*:\.[Vv][Xx][Dd]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.7z_wsc:CL_TYPE_7Z:*:\.[Ww][Ss][Cc]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.7z_wsf:CL_TYPE_7Z:*:\.[Ww][Ss][Ff]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.7z_wsh:CL_TYPE_7Z:*:\.[Ww][Ss][Hh]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.7z_lnk:CL_TYPE_7Z:*:\.[Ll][Nn][Kk]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.7z_lnk:CL_TYPE_7Z:*:\.[Uu][Rr][Ll]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.7z_ps1:CL_TYPE_7Z:*:\.[Pp][Ss]1$:*:*:*:*:*:*
+Sanesecurity.Foxhole.7z_iqy:CL_TYPE_7Z:*:\.[Ii][Qq][Yy]$:*:*:*:1:*:*
+Sanesecurity.Foxhole.Rar_ade:CL_TYPE_RAR:*:\.[Aa][Dd][Ee]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Rar_adp:CL_TYPE_RAR:*:\.[AA][Dd][Pp]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Rar_bat:CL_TYPE_RAR:*:\.[Bb][Aa][Tt]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Rar_chm:CL_TYPE_RAR:*:\.[Cc][Hh][Mm]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Rar_cmd:CL_TYPE_RAR:*:\.[Cc][Mm][Dd]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Rar_com:CL_TYPE_RAR:*:\.[Cc][Oo][Mm]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Rar_cpl:CL_TYPE_RAR:*:\.[Cc][Pp][Ll]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Rar_exe:CL_TYPE_RAR:*:\.[Ee][Xx][Ee]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Rar_hta:CL_TYPE_RAR:*:\.[Hh][Tt][Aa]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Rar_ins:CL_TYPE_RAR:*:\.[Ii][Nn][Ss]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Rar_isp:CL_TYPE_RAR:*:\.[Ii][Ss][Pp]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Rar_jse:CL_TYPE_RAR:*:\.[Jj][Ss][Ee]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Rar_lib:CL_TYPE_RAR:*:\.[Ll][Ii][Bb]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Rar_mde:CL_TYPE_RAR:*:\.[Mm][Dd][Ee]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Rar_msc:CL_TYPE_RAR:*:\.[Mm][Ss][Cc]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Rar_msp:CL_TYPE_RAR:*:\.[Mm][Ss][Pp]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Rar_mst:CL_TYPE_RAR:*:\.[Mm][Ss][Tt]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Rar_pif:CL_TYPE_RAR:*:\.[Pp][Ii][Ff]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Rar_scr:CL_TYPE_RAR:*:\.[Ss][Cc][Rr]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Rar_sct:CL_TYPE_RAR:*:\.[Ss][Cc][Tt]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Rar_shb:CL_TYPE_RAR:*:\.[Ss][Hh][Bb]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Rar_sys:CL_TYPE_RAR:*:\.[Ss][Yy][Ss]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Rar_vb:CL_TYPE_RAR:*:\.[Vv][Bb]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Rar_vbe:CL_TYPE_RAR:*:\.[Vv][Bb][Ee]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Rar_vbs:CL_TYPE_RAR:*:\.[Vv][Bb][Ss]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Rar_vxd:CL_TYPE_RAR:*:\.[Vv][Xx][Dd]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Rar_wsc:CL_TYPE_RAR:*:\.[Ww][Ss][Cc]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Rar_wsf:CL_TYPE_RAR:*:\.[Ww][Ss][Ff]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Rar_wsh:CL_TYPE_RAR:*:\.[Ww][Ss][Hh]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Rar_lnk:CL_TYPE_RAR:*:\.[Ll][Nn][Kk]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Rar_url:CL_TYPE_RAR:*:\.[Uu][Rr][Ll]$:*:*:*:1:*:*
+Sanesecurity.Foxhole.Rar_jnlp:CL_TYPE_RAR:*:\.[Jj][Nn][Ll][Pp]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Rar_ps1:CL_TYPE_RAR:*:\.[Pp][Ss]1$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Rar_iqy:CL_TYPE_RAR:*:\.[Ii][Qq][Yy]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Zip_ade:CL_TYPE_ZIP:*:\.[Aa][Dd][Ee]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Zip_adp:CL_TYPE_ZIP:*:\.[AA][Dd][Pp]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Zip_bat:CL_TYPE_ZIP:*:\.[Bb][Aa][Tt]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Zip_chm:CL_TYPE_ZIP:*:\.[Cc][Hh][Mm]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Zip_cmd:CL_TYPE_ZIP:*:\.[Cc][Mm][Dd]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Zip_com:CL_TYPE_ZIP:*:\.[Cc][Oo][Mm]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Zip_cpl:CL_TYPE_ZIP:*:\.[Cc][Pp][Ll]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Zip_exe:CL_TYPE_ZIP:*:\.[Ee][Xx][Ee]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Zip_hta:CL_TYPE_ZIP:*:\.[Hh][Tt][Aa]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Zip_ins:CL_TYPE_ZIP:*:\.[Ii][Nn][Ss]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Zip_isp:CL_TYPE_ZIP:*:\.[Ii][Ss][Pp]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Zip_jse:CL_TYPE_ZIP:*:\.[Jj][Ss][Ee]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Zip_lib:CL_TYPE_ZIP:*:\.[Ll][Ii][Bb]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Zip_mde:CL_TYPE_ZIP:*:\.[Mm][Dd][Ee]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Zip_msc:CL_TYPE_ZIP:*:\.[Mm][Ss][Cc]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Zip_msp:CL_TYPE_ZIP:*:\.[Mm][Ss][Pp]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Zip_mst:CL_TYPE_ZIP:*:\.[Mm][Ss][Tt]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Zip_pif:CL_TYPE_ZIP:*:\.[Pp][Ii][Ff]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Zip_scr:CL_TYPE_ZIP:*:\.[Ss][Cc][Rr]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Zip_sct:CL_TYPE_ZIP:*:\.[Ss][Cc][Tt]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Zip_shb:CL_TYPE_ZIP:*:\.[Ss][Hh][Bb]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Zip_sys:CL_TYPE_ZIP:*:\.[Ss][Yy][Ss]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Zip_jar:CL_TYPE_ZIP:*:\.[Jj][Aa][Rr]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Zip_vb:CL_TYPE_ZIP:*:\.[Vv][Bb]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Zip_vbe:CL_TYPE_ZIP:*:\.[Vv][Bb][Ee]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Zip_vbs:CL_TYPE_ZIP:*:\.[Vv][Bb][Ss]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Zip_vxd:CL_TYPE_ZIP:*:\.[Vv][Xx][Dd]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Zip_wsc:CL_TYPE_ZIP:*:\.[Ww][Ss][Cc]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Zip_wsf:CL_TYPE_ZIP:*:\.[Ww][Ss][Ff]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Zip_wsh:CL_TYPE_ZIP:*:\.[Ww][Ss][Hh]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Zip_lnk:CL_TYPE_ZIP:*:\.[Ll][Nn][Kk]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Zip_url:CL_TYPE_ZIP:*:\.[Uu][Rr][Ll]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Zip_jnlp:CL_TYPE_ZIP:*:\.[Jj][Nn][Ll][Pp]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Zip_ps1:CL_TYPE_ZIP:*:\.[Pp][Ss]1$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Zip_iqy:CL_TYPE_ZIP:*:\.[Ii][Qq][Yy]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Arj_ade:CL_TYPE_ARJ:*:\.[Aa][Dd][Ee]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Arj_adp:CL_TYPE_ARJ:*:\.[AA][Dd][Pp]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Arj_bat:CL_TYPE_ARJ:*:\.[Bb][Aa][Tt]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Arj_chm:CL_TYPE_ARJ:*:\.[Cc][Hh][Mm]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Arj_cmd:CL_TYPE_ARJ:*:\.[Cc][Mm][Dd]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Arj_com:CL_TYPE_ARJ:*:\.[Cc][Oo][Mm]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Arj_cpl:CL_TYPE_ARJ:*:\.[Cc][Pp][Ll]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Arj_exe:CL_TYPE_ARJ:*:\.[Ee][Xx][Ee]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Arj_hta:CL_TYPE_ARJ:*:\.[Hh][Tt][Aa]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Arj_ins:CL_TYPE_ARJ:*:\.[Ii][Nn][Ss]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Arj_isp:CL_TYPE_ARJ:*:\.[Ii][Ss][Pp]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Arj_jse:CL_TYPE_ARJ:*:\.[Jj][Ss][Ee]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Arj_lib:CL_TYPE_ARJ:*:\.[Ll][Ii][Bb]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Arj_mde:CL_TYPE_ARJ:*:\.[Mm][Dd][Ee]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Arj_msc:CL_TYPE_ARJ:*:\.[Mm][Ss][Cc]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Arj_msp:CL_TYPE_ARJ:*:\.[Mm][Ss][Pp]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Arj_mst:CL_TYPE_ARJ:*:\.[Mm][Ss][Tt]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Arj_pif:CL_TYPE_ARJ:*:\.[Pp][Ii][Ff]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Arj_scr:CL_TYPE_ARJ:*:\.[Ss][Cc][Rr]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Arj_sct:CL_TYPE_ARJ:*:\.[Ss][Cc][Tt]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Arj_shb:CL_TYPE_ARJ:*:\.[Ss][Hh][Bb]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Arj_sys:CL_TYPE_ARJ:*:\.[Ss][Yy][Ss]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Arj_vb:CL_TYPE_ARJ:*:\.[Vv][Bb]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Arj_vbe:CL_TYPE_ARJ:*:\.[Vv][Bb][Ee]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Arj_vbs:CL_TYPE_ARJ:*:\.[Vv][Bb][Ss]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Arj_vxd:CL_TYPE_ARJ:*:\.[Vv][Xx][Dd]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Arj_wsc:CL_TYPE_ARJ:*:\.[Ww][Ss][Cc]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Arj_wsf:CL_TYPE_ARJ:*:\.[Ww][Ss][Ff]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Arj_wsh:CL_TYPE_ARJ:*:\.[Ww][Ss][Hh]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Arj_lnk:CL_TYPE_ARJ:*:\.[Ll][Nn][Kk]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Arj_ps1:CL_TYPE_ARJ:*:\.[Pp][Ss]1$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Cab_scr:CL_TYPE_MSCAB:*:\*[Ss][Cc][Rr]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Cab_exe:CL_TYPE_MSCAB:*:\*[Ee][Xx][Ee]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Cab_ps1:CL_TYPE_MSCAB:*:\*[Pp][Ss]1$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Mail_ps1:CL_TYPE_MAIL:*:\*[Pp][Ss]1$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Iso_exe:CL_TYPE_ISO9660:*:\.[Ee][Xx][Ee]$:*:*:0:0:0:*
+Sanesecurity.Foxhole.Tar_exe:CL_TYPE_POSIX_TAR:*:\.[Ee][Xx][Ee]$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Zip_iqy:CL_TYPE_ZIP:*:\.[Ii][Qq][Yy]$:*:*:*:1:*:*
+Sanesecurity.Foxhole.Rar_iqy:CL_TYPE_RAR:*:\.[Ii][Qq][Yy]$:*:*:*:1:*:*
+Sanesecurity.Foxhole.Zip_slk:CL_TYPE_ZIP:*:\.[Ss][Ll][Kk]$:*:*:*:1:*:*
+Sanesecurity.Foxhole.Rar_slk:CL_TYPE_RAR:*:\.[Ss][Ll][Kk]$:*:*:*:1:*:*
+Sanesecurity.Foxhole.Zip_setting:CL_TYPE_ZIP:*:(?i)\.settingcontent-ms$:*:*:*:1:*:*
+Sanesecurity.Foxhole.7z_setting:CL_TYPE_7Z:*:(?i)\.settingcontent-ms$:*:*:*:*:*:*
+Sanesecurity.Foxhole.Rar_setting:CL_TYPE_RAR:*:(?i)\.settingcontent-ms$:*:*:*:1:*:*
+Sanesecurity.Foxhole.Iso_com:CL_TYPE_ISO9660:*:\.[Cc][Oo][Mm]$:*:*:0:0:0:*
+Sanesecurity.Foxhole.Iso_scr:CL_TYPE_ISO9660:*:\.[Ss][Cc][Rr]$:*:*:0:0:0:*

From 84a9df6a5832d7d9a849095b6e9a11e5daa93bda Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 12 Jun 2020 17:29:47 +0200
Subject: [PATCH 1034/2300] Block executable files inside zip/rar/tar archives
 in ClamAV

---
 src/deb/vesta/postinst | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index 20b13bd1..7947ce06 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -125,6 +125,23 @@ if [ ! -f "/usr/local/vesta/data/upgrades/fix_ssl_directive_in_templates" ]; the
     bash /usr/local/vesta/upd/fix_ssl_directive_in_templates.sh
 fi
 
+# Block executable files inside zip/rar/tar archives in ClamAV
+if [ ! -f "/usr/local/vesta/data/upgrades/clamav_block_exe_in_archives" ]; then
+    touch /usr/local/vesta/data/upgrades/clamav_block_exe_in_archives
+    if [ -f "/etc/exim4/exim4.conf.template" ]; then
+        check_grep=$(grep -c '#CLAMD' /etc/exim4/exim4.conf.template)
+        if [ "$check_grep" -eq 0 ]; then
+            folder="/var/lib/clamav"
+            if [ -d "$folder" ]; then
+                echo "=== Blocking executable files inside zip/rar/tar archives in ClamAV"
+                wget -nv -O $folder/foxhole_all.cdb http://c.myvestacp.com/tools/clamav/foxhole_all.cdb
+                chown clamav:clamav $folder/foxhole_all.cdb
+                service clamav-daemon restart
+            fi
+        fi
+    fi
+fi
+
 # Run custom triggers
 if [ -x "/root/vesta-patch.sh" ]; then
     /root/vesta-patch.sh

From bf4eb9aa4b16a089c6b90cf93895818701149ddf Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 12 Jun 2020 17:38:44 +0200
Subject: [PATCH 1035/2300] Run fix ssl directive only on Deb9 and Deb10

---
 src/deb/vesta/postinst | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index 7947ce06..a7178e14 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -3,6 +3,8 @@
 build_date=$(curl -s http://c.myvestacp.com/build_date.txt)
 echo "$build_date" > /usr/local/vesta/build_date.txt
 
+release=$(cat /etc/debian_version | tr "." "\n" | head -n1)
+
 # Run triggers only on updates
 if [ ! -e "/usr/local/vesta/data/users/admin" ]; then
     version=$(curl -s http://c.myvestacp.com/latest.txt?installed)
@@ -119,10 +121,12 @@ if [ ! -f "/usr/local/vesta/data/upgrades/keeping-mpm-event" ]; then
 fi
 
 # Fixing ssl directive in nginx templates
-if [ ! -f "/usr/local/vesta/data/upgrades/fix_ssl_directive_in_templates" ]; then
-    touch /usr/local/vesta/data/upgrades/fix_ssl_directive_in_templates
-    echo "=== Fixing ssl directive in nginx templates"
-    bash /usr/local/vesta/upd/fix_ssl_directive_in_templates.sh
+if [ "$release" -eq 9 ] || [ "$release" -eq 10 ]; then
+    if [ ! -f "/usr/local/vesta/data/upgrades/fix_ssl_directive_in_templates" ]; then
+        touch /usr/local/vesta/data/upgrades/fix_ssl_directive_in_templates
+        echo "=== Fixing ssl directive in nginx templates"
+        bash /usr/local/vesta/upd/fix_ssl_directive_in_templates.sh
+    fi
 fi
 
 # Block executable files inside zip/rar/tar archives in ClamAV

From fd49534c2e1c0e26b951f65634903238a5592331 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 12 Jun 2020 17:40:48 +0200
Subject: [PATCH 1036/2300] Run fix ssl directive only on Deb9 and Deb10

---
 upd/fix_ssl_directive_in_templates.sh | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/upd/fix_ssl_directive_in_templates.sh b/upd/fix_ssl_directive_in_templates.sh
index 7b8e00ee..cc6a3e01 100644
--- a/upd/fix_ssl_directive_in_templates.sh
+++ b/upd/fix_ssl_directive_in_templates.sh
@@ -15,11 +15,12 @@ if [ "$release" -eq 9 ] || [ "$release" -eq 10 ]; then
             sed -i "s|ssl *on;|#ssl_on;|g" $FILE
         fi
     done
-fi
 
-for user in $(grep '@' /etc/passwd |cut -f1 -d:); do
-    if [ ! -f "/usr/local/vesta/data/users/$user/user.conf" ]; then
-        continue;
-    fi
-    v-rebuild-web-domains $user 'no'
-done
+    for user in $(grep '@' /etc/passwd |cut -f1 -d:); do
+        if [ ! -f "/usr/local/vesta/data/users/$user/user.conf" ]; then
+            continue;
+        fi
+        v-rebuild-web-domains $user 'no'
+    done
+
+fi

From 023234299fc20f94af2906dbb10de6aa57ddc741 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 12 Jun 2020 17:49:06 +0200
Subject: [PATCH 1037/2300] Update fix_ssl_directive_in_templates.sh

---
 upd/fix_ssl_directive_in_templates.sh | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/upd/fix_ssl_directive_in_templates.sh b/upd/fix_ssl_directive_in_templates.sh
index cc6a3e01..a4c99efb 100644
--- a/upd/fix_ssl_directive_in_templates.sh
+++ b/upd/fix_ssl_directive_in_templates.sh
@@ -15,12 +15,15 @@ if [ "$release" -eq 9 ] || [ "$release" -eq 10 ]; then
             sed -i "s|ssl *on;|#ssl_on;|g" $FILE
         fi
     done
+    
+    source /etc/profile
+    PATH=$PATH:/usr/local/vesta/bin && export PATH
 
     for user in $(grep '@' /etc/passwd |cut -f1 -d:); do
         if [ ! -f "/usr/local/vesta/data/users/$user/user.conf" ]; then
             continue;
         fi
-        v-rebuild-web-domains $user 'no'
+        /usr/local/vesta/bin/v-rebuild-web-domains $user 'no'
     done
 
 fi

From 06fab59f0bbcc86306e781c57d331944f21148ad Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 12 Jun 2020 17:55:03 +0200
Subject: [PATCH 1038/2300] Update fix_ssl_directive_in_templates.sh

---
 upd/fix_ssl_directive_in_templates.sh | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/upd/fix_ssl_directive_in_templates.sh b/upd/fix_ssl_directive_in_templates.sh
index a4c99efb..9c61f120 100644
--- a/upd/fix_ssl_directive_in_templates.sh
+++ b/upd/fix_ssl_directive_in_templates.sh
@@ -18,6 +18,8 @@ if [ "$release" -eq 9 ] || [ "$release" -eq 10 ]; then
     
     source /etc/profile
     PATH=$PATH:/usr/local/vesta/bin && export PATH
+    
+    echo "=== Rebuilding web config files (this can take a while)"
 
     for user in $(grep '@' /etc/passwd |cut -f1 -d:); do
         if [ ! -f "/usr/local/vesta/data/users/$user/user.conf" ]; then

From 58ff192f530e47cd769f2f1cb41d617cf97f8752 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 12 Jun 2020 18:05:29 +0200
Subject: [PATCH 1039/2300] Update caching.stpl

---
 install/debian/10/templates/web/nginx/caching.stpl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/debian/10/templates/web/nginx/caching.stpl b/install/debian/10/templates/web/nginx/caching.stpl
index 3c56004d..868e2fe9 100644
--- a/install/debian/10/templates/web/nginx/caching.stpl
+++ b/install/debian/10/templates/web/nginx/caching.stpl
@@ -1,5 +1,5 @@
 server {
-    listen      %ip%:%proxy_ssl_port% ssl;
+    listen      %ip%:%proxy_ssl_port% ssl http2;
     server_name %domain_idn% %alias_idn%;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;

From d0e24ed92f7f22049cd0db16324c08c3c87664eb Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 12 Jun 2020 22:46:08 +0200
Subject: [PATCH 1040/2300] LetsEncrypt to use Apache if myVesta is behind main
 nginx

---
 bin/v-add-letsencrypt-domain | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/bin/v-add-letsencrypt-domain b/bin/v-add-letsencrypt-domain
index 8e1991f8..0b630d28 100755
--- a/bin/v-add-letsencrypt-domain
+++ b/bin/v-add-letsencrypt-domain
@@ -158,6 +158,14 @@ for auth in $authz; do
         check_result $? "DNS _acme-challenge record wasn't created"
     else
         if [ "$WEB_SYSTEM" = 'nginx' ] || [ ! -z "$PROXY_SYSTEM" ]; then
+            if [ -f "/usr/local/vesta/web/inc/nginx_proxy" ]; then
+                #  if vesta is behind main nginx
+                well_known="$HOMEDIR/$user/web/$domain/public_html/.well-known"
+                acme_challenge="$well_known/acme-challenge"
+                mkdir -p $acme_challenge
+                echo "$token.$THUMB" > $acme_challenge/$token
+                chown -R $user:$user $well_known
+            fi
             conf="$HOMEDIR/$user/conf/web/nginx.$domain.conf_letsencrypt"
             sconf="$HOMEDIR/$user/conf/web/snginx.$domain.conf_letsencrypt"
             if [ ! -e "$conf" ]; then

From 62ec3bb5a70675e383355f98c7930a33565309c5 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 12 Jun 2020 22:54:53 +0200
Subject: [PATCH 1041/2300] LetsEncrypt to use Apache if myVesta is behind main
 nginx

---
 bin/v-add-letsencrypt-domain | 31 ++++++++++++++++---------------
 1 file changed, 16 insertions(+), 15 deletions(-)

diff --git a/bin/v-add-letsencrypt-domain b/bin/v-add-letsencrypt-domain
index 0b630d28..57b764da 100755
--- a/bin/v-add-letsencrypt-domain
+++ b/bin/v-add-letsencrypt-domain
@@ -165,22 +165,23 @@ for auth in $authz; do
                 mkdir -p $acme_challenge
                 echo "$token.$THUMB" > $acme_challenge/$token
                 chown -R $user:$user $well_known
+            else
+                # default nginx method
+                conf="$HOMEDIR/$user/conf/web/nginx.$domain.conf_letsencrypt"
+                sconf="$HOMEDIR/$user/conf/web/snginx.$domain.conf_letsencrypt"
+                if [ ! -e "$conf" ]; then
+                    echo 'location ~ "^/\.well-known/acme-challenge/(.*)$" {' \
+                        > $conf
+                    echo '    default_type text/plain;' >> $conf
+                    echo '    return 200 "$1.'$THUMB'";' >> $conf
+                    echo '}' >> $conf
+                fi
+                if [ ! -e "$sconf" ]; then
+                    ln -s "$conf" "$sconf"
+                fi
+                $BIN/v-restart-proxy
+                check_result $? "Proxy restart failed" >/dev/null
             fi
-            conf="$HOMEDIR/$user/conf/web/nginx.$domain.conf_letsencrypt"
-            sconf="$HOMEDIR/$user/conf/web/snginx.$domain.conf_letsencrypt"
-            if [ ! -e "$conf" ]; then
-                echo 'location ~ "^/\.well-known/acme-challenge/(.*)$" {' \
-                    > $conf
-                echo '    default_type text/plain;' >> $conf
-                echo '    return 200 "$1.'$THUMB'";' >> $conf
-                echo '}' >> $conf
-            fi
-            if [ ! -e "$sconf" ]; then
-                ln -s "$conf" "$sconf"
-            fi
-            $BIN/v-restart-proxy
-            check_result $? "Proxy restart failed" >/dev/null
-
         else
             well_known="$HOMEDIR/$user/web/$domain/public_html/.well-known"
             acme_challenge="$well_known/acme-challenge"

From d6eed3b978145d819b6fc18ec48189ee5b6cf03f Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 12 Jun 2020 23:51:16 +0200
Subject: [PATCH 1042/2300] Avoiding v-schedule-letsencrypt

Because it is entering infinite loop for some reason
---
 web/templates/admin/add_web.html | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/web/templates/admin/add_web.html b/web/templates/admin/add_web.html
index 8130fe20..3e0478ce 100644
--- a/web/templates/admin/add_web.html
+++ b/web/templates/admin/add_web.html
@@ -129,6 +129,7 @@
                         
                             
                                 
+                                    
                                   -->
+                                  
+                                      
+                                  
                                   -->
                                   
-                                      

From b6295098a259d470ab80f6ba88023e8edc0c894f Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 14 Jun 2020 14:25:53 +0200
Subject: [PATCH 1053/2300] More features

---
 README.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/README.md b/README.md
index 915c2348..c92d23ae 100644
--- a/README.md
+++ b/README.md
@@ -39,6 +39,10 @@ Features of myVesta
 
 + You can change Vesta port during installation or later using one command line: **v-change-vesta-port [number]**
 
++ ClamAV is configured to block zip/rar/7z archives that contains executable files (just like GMail)
+
++ Backup will run with lowest priority (to avoid load on server), and can be configured to run only by night (and to stop on the morning and continue next night)
+
 + You can compile Vesta binaries by yourself - https://github.com/myvesta/vesta/blob/master/src/deb/vesta_compile.sh
     + You can even create your own APT repository in a minute
     + We are using latest nginx version for vesta-nginx package

From 1de5f42e3f87fdbd0111a33003e40cd325ccafe3 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 19 Jun 2020 01:53:53 +0200
Subject: [PATCH 1054/2300] Update README.md

---
 README.md | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/README.md b/README.md
index c92d23ae..3ff9c929 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,15 @@
+News
+==================================================
+
+Forum:
+- https://forum.myvestacp.com/
+
+Wiki:
+- https://wiki.myvestacp.com/
+
+And we finally have normal homepage:
+- https://myvestacp.com/
+
 myVesta Control Panel
 ==================================================
 

From f3584d3a74eea73e424540db8fac6dee4ea23ba2 Mon Sep 17 00:00:00 2001
From: Adam Radivojevic <37140262+adam993@users.noreply.github.com>
Date: Sat, 20 Jun 2020 08:47:52 +0200
Subject: [PATCH 1055/2300] Update cpanel-import.sh

---
 src/deb/for-download/tools/cpanel-import.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/for-download/tools/cpanel-import.sh b/src/deb/for-download/tools/cpanel-import.sh
index 04d4f3c2..fc3c7352 100644
--- a/src/deb/for-download/tools/cpanel-import.sh
+++ b/src/deb/for-download/tools/cpanel-import.sh
@@ -26,7 +26,7 @@ if [[ $PATH != *"/usr/local/vesta/bin"* ]]; then
 fi
 if [ ! -e /usr/bin/rsync ] || [ ! -e /usr/bin/file ] ; then
 	echo "#######################################"
-	echo "rsync not installed, try install it"
+	echo "rsync not installed, try installing it"
 	echo "This script need: rsync, file"
 	echo "#######################################"
 	if  [ -e /etc/redhat-release ]; then

From 8203fbca22c085f9dd7fb463fd5356841b8fd377 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 21 Jun 2020 23:34:16 +0200
Subject: [PATCH 1056/2300] Fixing nginx+php-fpm installer variant

---
 install/vst-install-debian.sh | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 4a7ea0b6..597617b1 100755
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -980,7 +980,12 @@ fi
 #----------------------------------------------------------#
 
 if [ "$phpfpm" = 'yes' ]; then
-    if [ "$release" -eq 9 ]; then
+    if [ "$release" -eq 10 ]; then
+        cp -f $vestacp/php-fpm/www.conf /etc/php/7.3/fpm/pool.d/www.conf
+        update-rc.d php7.3-fpm defaults
+        service php7.3-fpm start
+        check_result $? "php-fpm start failed"
+    elif [ "$release" -eq 9 ]; then
         cp -f $vestacp/php-fpm/www.conf /etc/php/7.0/fpm/pool.d/www.conf
         update-rc.d php7.0-fpm defaults
         service php7.0-fpm start

From a4b65c07aec47e45a1f94b3ffcd3edf9193a1540 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 21 Jun 2020 23:43:36 +0200
Subject: [PATCH 1057/2300] Checking official latest version

---
 bin/v-update-sys-vesta-all | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/bin/v-update-sys-vesta-all b/bin/v-update-sys-vesta-all
index 75bc036f..5a42a0c0 100755
--- a/bin/v-update-sys-vesta-all
+++ b/bin/v-update-sys-vesta-all
@@ -21,6 +21,10 @@ source $VESTA/conf/vesta.conf
 #                       Action                             #
 #----------------------------------------------------------#
 
+
+# Checking official latest version
+latest=$(wget -q -T 10 -t 1 http://c.myvestacp.com/latest.txt?check_latest -O -)
+
 # Starting update loop
 for package in vesta vesta-nginx vesta-php; do
     $BIN/v-update-sys-vesta "$package"

From a4f1224f99e341a10856a936cb23c22ed8505455 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 22 Jun 2020 00:01:10 +0200
Subject: [PATCH 1058/2300] Update latest.txt

---
 src/deb/latest.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/latest.txt b/src/deb/latest.txt
index 81e25443..8d35043e 100644
--- a/src/deb/latest.txt
+++ b/src/deb/latest.txt
@@ -1 +1 @@
-vesta-0.9.8-26-23
+vesta-0.9.8-26-24

From 552f64270433b854a43957bca889304897071eb8 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 22 Jun 2020 00:13:15 +0200
Subject: [PATCH 1059/2300] Fixing nginx+php-fpm installer variant

---
 install/vst-install-debian.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 597617b1..c4bce902 100755
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -801,7 +801,7 @@ if [ "$apache" = 'no' ] && [ "$nginx"  = 'yes' ]; then
     echo "WEB_PORT='80'" >> $VESTA/conf/vesta.conf
     echo "WEB_SSL_PORT='443'" >> $VESTA/conf/vesta.conf
     echo "WEB_SSL='openssl'"  >> $VESTA/conf/vesta.conf
-    if [ "$release" -eq 9 ]; then
+    if [ "$release" -eq 9 ] || [ "$release" -eq 10 ]; then
         if [ "$phpfpm" = 'yes' ]; then
             echo "WEB_BACKEND='php-fpm'" >> $VESTA/conf/vesta.conf
         fi

From 094eb3a31b52f1ef85f1b0856d69b628a648d3dc Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 22 Jun 2020 00:34:51 +0200
Subject: [PATCH 1060/2300]  Fixing nginx+php-fpm installer variant

---
 install/vst-install-debian.sh | 25 +++++++++++++++----------
 1 file changed, 15 insertions(+), 10 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index c4bce902..864d25b6 100755
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -871,17 +871,22 @@ cp -rf $vestacp/packages $VESTA/data/
 # Installing templates
 cp -rf $vestacp/templates $VESTA/data/
 
-# Symlink missing templates
-ln -s /usr/local/vesta/data/templates/web/nginx/hosting.sh /usr/local/vesta/data/templates/web/nginx/default.sh
-ln -s /usr/local/vesta/data/templates/web/nginx/hosting.tpl /usr/local/vesta/data/templates/web/nginx/default.tpl
-ln -s /usr/local/vesta/data/templates/web/nginx/hosting.stpl /usr/local/vesta/data/templates/web/nginx/default.stpl
+if [ "$release" -eq 10 ]; then
+    # Symlink missing templates
+    ln -s /usr/local/vesta/data/templates/web/nginx/hosting.sh /usr/local/vesta/data/templates/web/nginx/default.sh
+    ln -s /usr/local/vesta/data/templates/web/nginx/hosting.tpl /usr/local/vesta/data/templates/web/nginx/default.tpl
+    ln -s /usr/local/vesta/data/templates/web/nginx/hosting.stpl /usr/local/vesta/data/templates/web/nginx/default.stpl
 
-ln -s /usr/local/vesta/data/templates/web/apache2/PHP-FPM-73.sh /usr/local/vesta/data/templates/web/apache2/hosting.sh
-ln -s /usr/local/vesta/data/templates/web/apache2/PHP-FPM-73.tpl /usr/local/vesta/data/templates/web/apache2/hosting.tpl
-ln -s /usr/local/vesta/data/templates/web/apache2/PHP-FPM-73.stpl /usr/local/vesta/data/templates/web/apache2/hosting.stpl
-ln -s /usr/local/vesta/data/templates/web/apache2/PHP-FPM-73.sh /usr/local/vesta/data/templates/web/apache2/default.sh
-ln -s /usr/local/vesta/data/templates/web/apache2/PHP-FPM-73.tpl /usr/local/vesta/data/templates/web/apache2/default.tpl
-ln -s /usr/local/vesta/data/templates/web/apache2/PHP-FPM-73.stpl /usr/local/vesta/data/templates/web/apache2/default.stpl
+    ln -s /usr/local/vesta/data/templates/web/apache2/PHP-FPM-73.sh /usr/local/vesta/data/templates/web/apache2/hosting.sh
+    ln -s /usr/local/vesta/data/templates/web/apache2/PHP-FPM-73.tpl /usr/local/vesta/data/templates/web/apache2/hosting.tpl
+    ln -s /usr/local/vesta/data/templates/web/apache2/PHP-FPM-73.stpl /usr/local/vesta/data/templates/web/apache2/hosting.stpl
+    ln -s /usr/local/vesta/data/templates/web/apache2/PHP-FPM-73.sh /usr/local/vesta/data/templates/web/apache2/default.sh
+    ln -s /usr/local/vesta/data/templates/web/apache2/PHP-FPM-73.tpl /usr/local/vesta/data/templates/web/apache2/default.tpl
+    ln -s /usr/local/vesta/data/templates/web/apache2/PHP-FPM-73.stpl /usr/local/vesta/data/templates/web/apache2/default.stpl
+    
+    ln  -s /usr/local/vesta/data/templates/web/nginx/php-fpm/default.stpl /usr/local/vesta/data/templates/web/nginx/php-fpm/PHP-FPM-73.stpl
+    ln  -s /usr/local/vesta/data/templates/web/nginx/php-fpm/default.tpl /usr/local/vesta/data/templates/web/nginx/php-fpm/PHP-FPM-73.tpl
+fi
 
 # Set nameservers
 sed -i "s/YOURHOSTNAME1/ns1.$servername/" /usr/local/vesta/data/packages/default.pkg

From b6cadcd9923c5337380efd59da5cbb689293300c Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 23 Jun 2020 18:01:38 +0200
Subject: [PATCH 1061/2300] Fixing unnecessary slash in nginx configs for
 phpmyadmin and roundcube

---
 install/debian/7/nginx/phpmyadmin.inc     | 2 +-
 install/debian/7/nginx/phppgadmin.inc     | 2 +-
 install/debian/7/nginx/webmail.inc        | 2 +-
 install/debian/8/nginx/phpmyadmin.inc     | 2 +-
 install/debian/8/nginx/phppgadmin.inc     | 2 +-
 install/debian/8/nginx/webmail.inc        | 2 +-
 install/debian/9/nginx/phpmyadmin.inc     | 2 +-
 install/debian/9/nginx/phppgadmin.inc     | 2 +-
 install/debian/9/nginx/webmail.inc        | 2 +-
 install/rhel/5/nginx/phpmyadmin.inc       | 2 +-
 install/rhel/5/nginx/phppgadmin.inc       | 2 +-
 install/rhel/5/nginx/webmail.inc          | 2 +-
 install/rhel/6/nginx/phpmyadmin.inc       | 2 +-
 install/rhel/6/nginx/phppgadmin.inc       | 2 +-
 install/rhel/6/nginx/webmail.inc          | 2 +-
 install/rhel/7/nginx/phpmyadmin.inc       | 2 +-
 install/rhel/7/nginx/phppgadmin.inc       | 2 +-
 install/rhel/7/nginx/webmail.inc          | 2 +-
 install/ubuntu/12.04/nginx/phpmyadmin.inc | 2 +-
 install/ubuntu/12.04/nginx/phppgadmin.inc | 2 +-
 install/ubuntu/12.04/nginx/webmail.inc    | 2 +-
 install/ubuntu/12.10/nginx/phpmyadmin.inc | 2 +-
 install/ubuntu/12.10/nginx/phppgadmin.inc | 2 +-
 install/ubuntu/12.10/nginx/webmail.inc    | 2 +-
 install/ubuntu/13.04/nginx/phpmyadmin.inc | 2 +-
 install/ubuntu/13.04/nginx/phppgadmin.inc | 2 +-
 install/ubuntu/13.04/nginx/webmail.inc    | 2 +-
 install/ubuntu/13.10/nginx/phpmyadmin.inc | 2 +-
 install/ubuntu/13.10/nginx/phppgadmin.inc | 2 +-
 install/ubuntu/13.10/nginx/webmail.inc    | 2 +-
 install/ubuntu/14.04/nginx/phpmyadmin.inc | 2 +-
 install/ubuntu/14.04/nginx/phppgadmin.inc | 2 +-
 install/ubuntu/14.04/nginx/webmail.inc    | 2 +-
 install/ubuntu/14.10/nginx/phpmyadmin.inc | 2 +-
 install/ubuntu/14.10/nginx/phppgadmin.inc | 2 +-
 install/ubuntu/14.10/nginx/webmail.inc    | 2 +-
 install/ubuntu/15.04/nginx/phpmyadmin.inc | 2 +-
 install/ubuntu/15.04/nginx/phppgadmin.inc | 2 +-
 install/ubuntu/15.04/nginx/webmail.inc    | 2 +-
 install/ubuntu/15.10/nginx/phpmyadmin.inc | 2 +-
 install/ubuntu/15.10/nginx/phppgadmin.inc | 2 +-
 install/ubuntu/15.10/nginx/webmail.inc    | 2 +-
 install/ubuntu/16.04/nginx/phpmyadmin.inc | 2 +-
 install/ubuntu/16.04/nginx/phppgadmin.inc | 2 +-
 install/ubuntu/16.04/nginx/webmail.inc    | 2 +-
 install/ubuntu/16.10/nginx/phpmyadmin.inc | 2 +-
 install/ubuntu/16.10/nginx/phppgadmin.inc | 2 +-
 install/ubuntu/16.10/nginx/webmail.inc    | 2 +-
 install/ubuntu/17.04/nginx/phpmyadmin.inc | 2 +-
 install/ubuntu/17.04/nginx/phppgadmin.inc | 2 +-
 install/ubuntu/17.04/nginx/webmail.inc    | 2 +-
 install/ubuntu/17.10/nginx/phpmyadmin.inc | 2 +-
 install/ubuntu/17.10/nginx/phppgadmin.inc | 2 +-
 install/ubuntu/17.10/nginx/webmail.inc    | 2 +-
 install/ubuntu/18.04/nginx/phpmyadmin.inc | 2 +-
 install/ubuntu/18.04/nginx/phppgadmin.inc | 2 +-
 install/ubuntu/18.04/nginx/webmail.inc    | 2 +-
 install/ubuntu/18.10/nginx/phpmyadmin.inc | 2 +-
 install/ubuntu/18.10/nginx/phppgadmin.inc | 2 +-
 install/ubuntu/18.10/nginx/webmail.inc    | 2 +-
 60 files changed, 60 insertions(+), 60 deletions(-)

diff --git a/install/debian/7/nginx/phpmyadmin.inc b/install/debian/7/nginx/phpmyadmin.inc
index 1feb8546..cdfc93c4 100644
--- a/install/debian/7/nginx/phpmyadmin.inc
+++ b/install/debian/7/nginx/phpmyadmin.inc
@@ -1,5 +1,5 @@
 location /phpmyadmin {
-    alias /usr/share/phpmyadmin/;
+    alias /usr/share/phpmyadmin;
 
     location ~ /(libraries|setup) {
         return 404;
diff --git a/install/debian/7/nginx/phppgadmin.inc b/install/debian/7/nginx/phppgadmin.inc
index cd1e5806..47cfcf4e 100644
--- a/install/debian/7/nginx/phppgadmin.inc
+++ b/install/debian/7/nginx/phppgadmin.inc
@@ -1,5 +1,5 @@
 location /phppgadmin {
-    alias /usr/share/phppgadmin/;
+    alias /usr/share/phppgadmin;
 
     location ~ ^/phppgadmin/(.*\.php)$ {
         alias /usr/share/phppgadmin/$1;
diff --git a/install/debian/7/nginx/webmail.inc b/install/debian/7/nginx/webmail.inc
index ad66895b..768c9049 100644
--- a/install/debian/7/nginx/webmail.inc
+++ b/install/debian/7/nginx/webmail.inc
@@ -1,5 +1,5 @@
 location /webmail {
-    alias /var/lib/roundcube/;
+    alias /var/lib/roundcube;
 
     location ~ /(config|temp|logs) {
         return 404;
diff --git a/install/debian/8/nginx/phpmyadmin.inc b/install/debian/8/nginx/phpmyadmin.inc
index 1feb8546..cdfc93c4 100644
--- a/install/debian/8/nginx/phpmyadmin.inc
+++ b/install/debian/8/nginx/phpmyadmin.inc
@@ -1,5 +1,5 @@
 location /phpmyadmin {
-    alias /usr/share/phpmyadmin/;
+    alias /usr/share/phpmyadmin;
 
     location ~ /(libraries|setup) {
         return 404;
diff --git a/install/debian/8/nginx/phppgadmin.inc b/install/debian/8/nginx/phppgadmin.inc
index cd1e5806..47cfcf4e 100644
--- a/install/debian/8/nginx/phppgadmin.inc
+++ b/install/debian/8/nginx/phppgadmin.inc
@@ -1,5 +1,5 @@
 location /phppgadmin {
-    alias /usr/share/phppgadmin/;
+    alias /usr/share/phppgadmin;
 
     location ~ ^/phppgadmin/(.*\.php)$ {
         alias /usr/share/phppgadmin/$1;
diff --git a/install/debian/8/nginx/webmail.inc b/install/debian/8/nginx/webmail.inc
index ad66895b..768c9049 100644
--- a/install/debian/8/nginx/webmail.inc
+++ b/install/debian/8/nginx/webmail.inc
@@ -1,5 +1,5 @@
 location /webmail {
-    alias /var/lib/roundcube/;
+    alias /var/lib/roundcube;
 
     location ~ /(config|temp|logs) {
         return 404;
diff --git a/install/debian/9/nginx/phpmyadmin.inc b/install/debian/9/nginx/phpmyadmin.inc
index 1feb8546..cdfc93c4 100644
--- a/install/debian/9/nginx/phpmyadmin.inc
+++ b/install/debian/9/nginx/phpmyadmin.inc
@@ -1,5 +1,5 @@
 location /phpmyadmin {
-    alias /usr/share/phpmyadmin/;
+    alias /usr/share/phpmyadmin;
 
     location ~ /(libraries|setup) {
         return 404;
diff --git a/install/debian/9/nginx/phppgadmin.inc b/install/debian/9/nginx/phppgadmin.inc
index cd1e5806..47cfcf4e 100644
--- a/install/debian/9/nginx/phppgadmin.inc
+++ b/install/debian/9/nginx/phppgadmin.inc
@@ -1,5 +1,5 @@
 location /phppgadmin {
-    alias /usr/share/phppgadmin/;
+    alias /usr/share/phppgadmin;
 
     location ~ ^/phppgadmin/(.*\.php)$ {
         alias /usr/share/phppgadmin/$1;
diff --git a/install/debian/9/nginx/webmail.inc b/install/debian/9/nginx/webmail.inc
index ad66895b..768c9049 100644
--- a/install/debian/9/nginx/webmail.inc
+++ b/install/debian/9/nginx/webmail.inc
@@ -1,5 +1,5 @@
 location /webmail {
-    alias /var/lib/roundcube/;
+    alias /var/lib/roundcube;
 
     location ~ /(config|temp|logs) {
         return 404;
diff --git a/install/rhel/5/nginx/phpmyadmin.inc b/install/rhel/5/nginx/phpmyadmin.inc
index efd6f4c4..ee003007 100644
--- a/install/rhel/5/nginx/phpmyadmin.inc
+++ b/install/rhel/5/nginx/phpmyadmin.inc
@@ -1,5 +1,5 @@
 location /phpmyadmin {
-    alias /usr/share/phpMyAdmin/;
+    alias /usr/share/phpMyAdmin;
 
     location ~ /(libraries|setup) {
         return 404;
diff --git a/install/rhel/5/nginx/phppgadmin.inc b/install/rhel/5/nginx/phppgadmin.inc
index 333e560a..61dea1c9 100644
--- a/install/rhel/5/nginx/phppgadmin.inc
+++ b/install/rhel/5/nginx/phppgadmin.inc
@@ -1,5 +1,5 @@
 location /phppgadmin {
-    alias /usr/share/phpPgAdmin/;
+    alias /usr/share/phpPgAdmin;
 
     location ~ ^/phppgadmin/(.*\.php)$ {
         alias /usr/share/phpPgAdmin/$1;
diff --git a/install/rhel/5/nginx/webmail.inc b/install/rhel/5/nginx/webmail.inc
index 2d0fbe29..d9cc181d 100644
--- a/install/rhel/5/nginx/webmail.inc
+++ b/install/rhel/5/nginx/webmail.inc
@@ -1,5 +1,5 @@
 location /webmail {
-    alias /usr/share/roundcubemail/;
+    alias /usr/share/roundcubemail;
 
     location ~ /(config|temp|logs) {
         return 404;
diff --git a/install/rhel/6/nginx/phpmyadmin.inc b/install/rhel/6/nginx/phpmyadmin.inc
index 9c5a6882..122823d7 100644
--- a/install/rhel/6/nginx/phpmyadmin.inc
+++ b/install/rhel/6/nginx/phpmyadmin.inc
@@ -1,5 +1,5 @@
 location /phpmyadmin {
-    alias /usr/share/phpMyAdmin/;
+    alias /usr/share/phpMyAdmin;
 
     location ~ /(libraries|setup) {
         return 404;
diff --git a/install/rhel/6/nginx/phppgadmin.inc b/install/rhel/6/nginx/phppgadmin.inc
index 333e560a..61dea1c9 100644
--- a/install/rhel/6/nginx/phppgadmin.inc
+++ b/install/rhel/6/nginx/phppgadmin.inc
@@ -1,5 +1,5 @@
 location /phppgadmin {
-    alias /usr/share/phpPgAdmin/;
+    alias /usr/share/phpPgAdmin;
 
     location ~ ^/phppgadmin/(.*\.php)$ {
         alias /usr/share/phpPgAdmin/$1;
diff --git a/install/rhel/6/nginx/webmail.inc b/install/rhel/6/nginx/webmail.inc
index 2d0fbe29..d9cc181d 100644
--- a/install/rhel/6/nginx/webmail.inc
+++ b/install/rhel/6/nginx/webmail.inc
@@ -1,5 +1,5 @@
 location /webmail {
-    alias /usr/share/roundcubemail/;
+    alias /usr/share/roundcubemail;
 
     location ~ /(config|temp|logs) {
         return 404;
diff --git a/install/rhel/7/nginx/phpmyadmin.inc b/install/rhel/7/nginx/phpmyadmin.inc
index 457ee11c..79e17c58 100644
--- a/install/rhel/7/nginx/phpmyadmin.inc
+++ b/install/rhel/7/nginx/phpmyadmin.inc
@@ -1,5 +1,5 @@
 location /phpmyadmin {
-    alias /usr/share/phpMyAdmin/;
+    alias /usr/share/phpMyAdmin;
 
     location ~ /(libraries|setup) {
         return 404;
diff --git a/install/rhel/7/nginx/phppgadmin.inc b/install/rhel/7/nginx/phppgadmin.inc
index 333e560a..61dea1c9 100644
--- a/install/rhel/7/nginx/phppgadmin.inc
+++ b/install/rhel/7/nginx/phppgadmin.inc
@@ -1,5 +1,5 @@
 location /phppgadmin {
-    alias /usr/share/phpPgAdmin/;
+    alias /usr/share/phpPgAdmin;
 
     location ~ ^/phppgadmin/(.*\.php)$ {
         alias /usr/share/phpPgAdmin/$1;
diff --git a/install/rhel/7/nginx/webmail.inc b/install/rhel/7/nginx/webmail.inc
index 123e4af5..63679d35 100644
--- a/install/rhel/7/nginx/webmail.inc
+++ b/install/rhel/7/nginx/webmail.inc
@@ -1,5 +1,5 @@
 location /webmail {
-    alias /usr/share/roundcubemail/;
+    alias /usr/share/roundcubemail;
 
     location ~ /(config|temp|logs) {
         return 404;
diff --git a/install/ubuntu/12.04/nginx/phpmyadmin.inc b/install/ubuntu/12.04/nginx/phpmyadmin.inc
index 1feb8546..cdfc93c4 100644
--- a/install/ubuntu/12.04/nginx/phpmyadmin.inc
+++ b/install/ubuntu/12.04/nginx/phpmyadmin.inc
@@ -1,5 +1,5 @@
 location /phpmyadmin {
-    alias /usr/share/phpmyadmin/;
+    alias /usr/share/phpmyadmin;
 
     location ~ /(libraries|setup) {
         return 404;
diff --git a/install/ubuntu/12.04/nginx/phppgadmin.inc b/install/ubuntu/12.04/nginx/phppgadmin.inc
index cd1e5806..47cfcf4e 100644
--- a/install/ubuntu/12.04/nginx/phppgadmin.inc
+++ b/install/ubuntu/12.04/nginx/phppgadmin.inc
@@ -1,5 +1,5 @@
 location /phppgadmin {
-    alias /usr/share/phppgadmin/;
+    alias /usr/share/phppgadmin;
 
     location ~ ^/phppgadmin/(.*\.php)$ {
         alias /usr/share/phppgadmin/$1;
diff --git a/install/ubuntu/12.04/nginx/webmail.inc b/install/ubuntu/12.04/nginx/webmail.inc
index ad66895b..768c9049 100644
--- a/install/ubuntu/12.04/nginx/webmail.inc
+++ b/install/ubuntu/12.04/nginx/webmail.inc
@@ -1,5 +1,5 @@
 location /webmail {
-    alias /var/lib/roundcube/;
+    alias /var/lib/roundcube;
 
     location ~ /(config|temp|logs) {
         return 404;
diff --git a/install/ubuntu/12.10/nginx/phpmyadmin.inc b/install/ubuntu/12.10/nginx/phpmyadmin.inc
index 1feb8546..cdfc93c4 100644
--- a/install/ubuntu/12.10/nginx/phpmyadmin.inc
+++ b/install/ubuntu/12.10/nginx/phpmyadmin.inc
@@ -1,5 +1,5 @@
 location /phpmyadmin {
-    alias /usr/share/phpmyadmin/;
+    alias /usr/share/phpmyadmin;
 
     location ~ /(libraries|setup) {
         return 404;
diff --git a/install/ubuntu/12.10/nginx/phppgadmin.inc b/install/ubuntu/12.10/nginx/phppgadmin.inc
index cd1e5806..47cfcf4e 100644
--- a/install/ubuntu/12.10/nginx/phppgadmin.inc
+++ b/install/ubuntu/12.10/nginx/phppgadmin.inc
@@ -1,5 +1,5 @@
 location /phppgadmin {
-    alias /usr/share/phppgadmin/;
+    alias /usr/share/phppgadmin;
 
     location ~ ^/phppgadmin/(.*\.php)$ {
         alias /usr/share/phppgadmin/$1;
diff --git a/install/ubuntu/12.10/nginx/webmail.inc b/install/ubuntu/12.10/nginx/webmail.inc
index ad66895b..768c9049 100644
--- a/install/ubuntu/12.10/nginx/webmail.inc
+++ b/install/ubuntu/12.10/nginx/webmail.inc
@@ -1,5 +1,5 @@
 location /webmail {
-    alias /var/lib/roundcube/;
+    alias /var/lib/roundcube;
 
     location ~ /(config|temp|logs) {
         return 404;
diff --git a/install/ubuntu/13.04/nginx/phpmyadmin.inc b/install/ubuntu/13.04/nginx/phpmyadmin.inc
index 1feb8546..cdfc93c4 100644
--- a/install/ubuntu/13.04/nginx/phpmyadmin.inc
+++ b/install/ubuntu/13.04/nginx/phpmyadmin.inc
@@ -1,5 +1,5 @@
 location /phpmyadmin {
-    alias /usr/share/phpmyadmin/;
+    alias /usr/share/phpmyadmin;
 
     location ~ /(libraries|setup) {
         return 404;
diff --git a/install/ubuntu/13.04/nginx/phppgadmin.inc b/install/ubuntu/13.04/nginx/phppgadmin.inc
index cd1e5806..47cfcf4e 100644
--- a/install/ubuntu/13.04/nginx/phppgadmin.inc
+++ b/install/ubuntu/13.04/nginx/phppgadmin.inc
@@ -1,5 +1,5 @@
 location /phppgadmin {
-    alias /usr/share/phppgadmin/;
+    alias /usr/share/phppgadmin;
 
     location ~ ^/phppgadmin/(.*\.php)$ {
         alias /usr/share/phppgadmin/$1;
diff --git a/install/ubuntu/13.04/nginx/webmail.inc b/install/ubuntu/13.04/nginx/webmail.inc
index ad66895b..768c9049 100644
--- a/install/ubuntu/13.04/nginx/webmail.inc
+++ b/install/ubuntu/13.04/nginx/webmail.inc
@@ -1,5 +1,5 @@
 location /webmail {
-    alias /var/lib/roundcube/;
+    alias /var/lib/roundcube;
 
     location ~ /(config|temp|logs) {
         return 404;
diff --git a/install/ubuntu/13.10/nginx/phpmyadmin.inc b/install/ubuntu/13.10/nginx/phpmyadmin.inc
index 1feb8546..cdfc93c4 100644
--- a/install/ubuntu/13.10/nginx/phpmyadmin.inc
+++ b/install/ubuntu/13.10/nginx/phpmyadmin.inc
@@ -1,5 +1,5 @@
 location /phpmyadmin {
-    alias /usr/share/phpmyadmin/;
+    alias /usr/share/phpmyadmin;
 
     location ~ /(libraries|setup) {
         return 404;
diff --git a/install/ubuntu/13.10/nginx/phppgadmin.inc b/install/ubuntu/13.10/nginx/phppgadmin.inc
index cd1e5806..47cfcf4e 100644
--- a/install/ubuntu/13.10/nginx/phppgadmin.inc
+++ b/install/ubuntu/13.10/nginx/phppgadmin.inc
@@ -1,5 +1,5 @@
 location /phppgadmin {
-    alias /usr/share/phppgadmin/;
+    alias /usr/share/phppgadmin;
 
     location ~ ^/phppgadmin/(.*\.php)$ {
         alias /usr/share/phppgadmin/$1;
diff --git a/install/ubuntu/13.10/nginx/webmail.inc b/install/ubuntu/13.10/nginx/webmail.inc
index ad66895b..768c9049 100644
--- a/install/ubuntu/13.10/nginx/webmail.inc
+++ b/install/ubuntu/13.10/nginx/webmail.inc
@@ -1,5 +1,5 @@
 location /webmail {
-    alias /var/lib/roundcube/;
+    alias /var/lib/roundcube;
 
     location ~ /(config|temp|logs) {
         return 404;
diff --git a/install/ubuntu/14.04/nginx/phpmyadmin.inc b/install/ubuntu/14.04/nginx/phpmyadmin.inc
index 1feb8546..cdfc93c4 100644
--- a/install/ubuntu/14.04/nginx/phpmyadmin.inc
+++ b/install/ubuntu/14.04/nginx/phpmyadmin.inc
@@ -1,5 +1,5 @@
 location /phpmyadmin {
-    alias /usr/share/phpmyadmin/;
+    alias /usr/share/phpmyadmin;
 
     location ~ /(libraries|setup) {
         return 404;
diff --git a/install/ubuntu/14.04/nginx/phppgadmin.inc b/install/ubuntu/14.04/nginx/phppgadmin.inc
index cd1e5806..47cfcf4e 100644
--- a/install/ubuntu/14.04/nginx/phppgadmin.inc
+++ b/install/ubuntu/14.04/nginx/phppgadmin.inc
@@ -1,5 +1,5 @@
 location /phppgadmin {
-    alias /usr/share/phppgadmin/;
+    alias /usr/share/phppgadmin;
 
     location ~ ^/phppgadmin/(.*\.php)$ {
         alias /usr/share/phppgadmin/$1;
diff --git a/install/ubuntu/14.04/nginx/webmail.inc b/install/ubuntu/14.04/nginx/webmail.inc
index ad66895b..768c9049 100644
--- a/install/ubuntu/14.04/nginx/webmail.inc
+++ b/install/ubuntu/14.04/nginx/webmail.inc
@@ -1,5 +1,5 @@
 location /webmail {
-    alias /var/lib/roundcube/;
+    alias /var/lib/roundcube;
 
     location ~ /(config|temp|logs) {
         return 404;
diff --git a/install/ubuntu/14.10/nginx/phpmyadmin.inc b/install/ubuntu/14.10/nginx/phpmyadmin.inc
index 1feb8546..cdfc93c4 100644
--- a/install/ubuntu/14.10/nginx/phpmyadmin.inc
+++ b/install/ubuntu/14.10/nginx/phpmyadmin.inc
@@ -1,5 +1,5 @@
 location /phpmyadmin {
-    alias /usr/share/phpmyadmin/;
+    alias /usr/share/phpmyadmin;
 
     location ~ /(libraries|setup) {
         return 404;
diff --git a/install/ubuntu/14.10/nginx/phppgadmin.inc b/install/ubuntu/14.10/nginx/phppgadmin.inc
index cd1e5806..47cfcf4e 100644
--- a/install/ubuntu/14.10/nginx/phppgadmin.inc
+++ b/install/ubuntu/14.10/nginx/phppgadmin.inc
@@ -1,5 +1,5 @@
 location /phppgadmin {
-    alias /usr/share/phppgadmin/;
+    alias /usr/share/phppgadmin;
 
     location ~ ^/phppgadmin/(.*\.php)$ {
         alias /usr/share/phppgadmin/$1;
diff --git a/install/ubuntu/14.10/nginx/webmail.inc b/install/ubuntu/14.10/nginx/webmail.inc
index ad66895b..768c9049 100644
--- a/install/ubuntu/14.10/nginx/webmail.inc
+++ b/install/ubuntu/14.10/nginx/webmail.inc
@@ -1,5 +1,5 @@
 location /webmail {
-    alias /var/lib/roundcube/;
+    alias /var/lib/roundcube;
 
     location ~ /(config|temp|logs) {
         return 404;
diff --git a/install/ubuntu/15.04/nginx/phpmyadmin.inc b/install/ubuntu/15.04/nginx/phpmyadmin.inc
index 1feb8546..cdfc93c4 100644
--- a/install/ubuntu/15.04/nginx/phpmyadmin.inc
+++ b/install/ubuntu/15.04/nginx/phpmyadmin.inc
@@ -1,5 +1,5 @@
 location /phpmyadmin {
-    alias /usr/share/phpmyadmin/;
+    alias /usr/share/phpmyadmin;
 
     location ~ /(libraries|setup) {
         return 404;
diff --git a/install/ubuntu/15.04/nginx/phppgadmin.inc b/install/ubuntu/15.04/nginx/phppgadmin.inc
index cd1e5806..47cfcf4e 100644
--- a/install/ubuntu/15.04/nginx/phppgadmin.inc
+++ b/install/ubuntu/15.04/nginx/phppgadmin.inc
@@ -1,5 +1,5 @@
 location /phppgadmin {
-    alias /usr/share/phppgadmin/;
+    alias /usr/share/phppgadmin;
 
     location ~ ^/phppgadmin/(.*\.php)$ {
         alias /usr/share/phppgadmin/$1;
diff --git a/install/ubuntu/15.04/nginx/webmail.inc b/install/ubuntu/15.04/nginx/webmail.inc
index ad66895b..768c9049 100644
--- a/install/ubuntu/15.04/nginx/webmail.inc
+++ b/install/ubuntu/15.04/nginx/webmail.inc
@@ -1,5 +1,5 @@
 location /webmail {
-    alias /var/lib/roundcube/;
+    alias /var/lib/roundcube;
 
     location ~ /(config|temp|logs) {
         return 404;
diff --git a/install/ubuntu/15.10/nginx/phpmyadmin.inc b/install/ubuntu/15.10/nginx/phpmyadmin.inc
index 1feb8546..cdfc93c4 100644
--- a/install/ubuntu/15.10/nginx/phpmyadmin.inc
+++ b/install/ubuntu/15.10/nginx/phpmyadmin.inc
@@ -1,5 +1,5 @@
 location /phpmyadmin {
-    alias /usr/share/phpmyadmin/;
+    alias /usr/share/phpmyadmin;
 
     location ~ /(libraries|setup) {
         return 404;
diff --git a/install/ubuntu/15.10/nginx/phppgadmin.inc b/install/ubuntu/15.10/nginx/phppgadmin.inc
index cd1e5806..47cfcf4e 100644
--- a/install/ubuntu/15.10/nginx/phppgadmin.inc
+++ b/install/ubuntu/15.10/nginx/phppgadmin.inc
@@ -1,5 +1,5 @@
 location /phppgadmin {
-    alias /usr/share/phppgadmin/;
+    alias /usr/share/phppgadmin;
 
     location ~ ^/phppgadmin/(.*\.php)$ {
         alias /usr/share/phppgadmin/$1;
diff --git a/install/ubuntu/15.10/nginx/webmail.inc b/install/ubuntu/15.10/nginx/webmail.inc
index ad66895b..768c9049 100644
--- a/install/ubuntu/15.10/nginx/webmail.inc
+++ b/install/ubuntu/15.10/nginx/webmail.inc
@@ -1,5 +1,5 @@
 location /webmail {
-    alias /var/lib/roundcube/;
+    alias /var/lib/roundcube;
 
     location ~ /(config|temp|logs) {
         return 404;
diff --git a/install/ubuntu/16.04/nginx/phpmyadmin.inc b/install/ubuntu/16.04/nginx/phpmyadmin.inc
index 1feb8546..cdfc93c4 100644
--- a/install/ubuntu/16.04/nginx/phpmyadmin.inc
+++ b/install/ubuntu/16.04/nginx/phpmyadmin.inc
@@ -1,5 +1,5 @@
 location /phpmyadmin {
-    alias /usr/share/phpmyadmin/;
+    alias /usr/share/phpmyadmin;
 
     location ~ /(libraries|setup) {
         return 404;
diff --git a/install/ubuntu/16.04/nginx/phppgadmin.inc b/install/ubuntu/16.04/nginx/phppgadmin.inc
index cd1e5806..47cfcf4e 100644
--- a/install/ubuntu/16.04/nginx/phppgadmin.inc
+++ b/install/ubuntu/16.04/nginx/phppgadmin.inc
@@ -1,5 +1,5 @@
 location /phppgadmin {
-    alias /usr/share/phppgadmin/;
+    alias /usr/share/phppgadmin;
 
     location ~ ^/phppgadmin/(.*\.php)$ {
         alias /usr/share/phppgadmin/$1;
diff --git a/install/ubuntu/16.04/nginx/webmail.inc b/install/ubuntu/16.04/nginx/webmail.inc
index ad66895b..768c9049 100644
--- a/install/ubuntu/16.04/nginx/webmail.inc
+++ b/install/ubuntu/16.04/nginx/webmail.inc
@@ -1,5 +1,5 @@
 location /webmail {
-    alias /var/lib/roundcube/;
+    alias /var/lib/roundcube;
 
     location ~ /(config|temp|logs) {
         return 404;
diff --git a/install/ubuntu/16.10/nginx/phpmyadmin.inc b/install/ubuntu/16.10/nginx/phpmyadmin.inc
index 1feb8546..cdfc93c4 100644
--- a/install/ubuntu/16.10/nginx/phpmyadmin.inc
+++ b/install/ubuntu/16.10/nginx/phpmyadmin.inc
@@ -1,5 +1,5 @@
 location /phpmyadmin {
-    alias /usr/share/phpmyadmin/;
+    alias /usr/share/phpmyadmin;
 
     location ~ /(libraries|setup) {
         return 404;
diff --git a/install/ubuntu/16.10/nginx/phppgadmin.inc b/install/ubuntu/16.10/nginx/phppgadmin.inc
index cd1e5806..47cfcf4e 100644
--- a/install/ubuntu/16.10/nginx/phppgadmin.inc
+++ b/install/ubuntu/16.10/nginx/phppgadmin.inc
@@ -1,5 +1,5 @@
 location /phppgadmin {
-    alias /usr/share/phppgadmin/;
+    alias /usr/share/phppgadmin;
 
     location ~ ^/phppgadmin/(.*\.php)$ {
         alias /usr/share/phppgadmin/$1;
diff --git a/install/ubuntu/16.10/nginx/webmail.inc b/install/ubuntu/16.10/nginx/webmail.inc
index ad66895b..768c9049 100644
--- a/install/ubuntu/16.10/nginx/webmail.inc
+++ b/install/ubuntu/16.10/nginx/webmail.inc
@@ -1,5 +1,5 @@
 location /webmail {
-    alias /var/lib/roundcube/;
+    alias /var/lib/roundcube;
 
     location ~ /(config|temp|logs) {
         return 404;
diff --git a/install/ubuntu/17.04/nginx/phpmyadmin.inc b/install/ubuntu/17.04/nginx/phpmyadmin.inc
index 1feb8546..cdfc93c4 100644
--- a/install/ubuntu/17.04/nginx/phpmyadmin.inc
+++ b/install/ubuntu/17.04/nginx/phpmyadmin.inc
@@ -1,5 +1,5 @@
 location /phpmyadmin {
-    alias /usr/share/phpmyadmin/;
+    alias /usr/share/phpmyadmin;
 
     location ~ /(libraries|setup) {
         return 404;
diff --git a/install/ubuntu/17.04/nginx/phppgadmin.inc b/install/ubuntu/17.04/nginx/phppgadmin.inc
index cd1e5806..47cfcf4e 100644
--- a/install/ubuntu/17.04/nginx/phppgadmin.inc
+++ b/install/ubuntu/17.04/nginx/phppgadmin.inc
@@ -1,5 +1,5 @@
 location /phppgadmin {
-    alias /usr/share/phppgadmin/;
+    alias /usr/share/phppgadmin;
 
     location ~ ^/phppgadmin/(.*\.php)$ {
         alias /usr/share/phppgadmin/$1;
diff --git a/install/ubuntu/17.04/nginx/webmail.inc b/install/ubuntu/17.04/nginx/webmail.inc
index ad66895b..768c9049 100644
--- a/install/ubuntu/17.04/nginx/webmail.inc
+++ b/install/ubuntu/17.04/nginx/webmail.inc
@@ -1,5 +1,5 @@
 location /webmail {
-    alias /var/lib/roundcube/;
+    alias /var/lib/roundcube;
 
     location ~ /(config|temp|logs) {
         return 404;
diff --git a/install/ubuntu/17.10/nginx/phpmyadmin.inc b/install/ubuntu/17.10/nginx/phpmyadmin.inc
index 1feb8546..cdfc93c4 100644
--- a/install/ubuntu/17.10/nginx/phpmyadmin.inc
+++ b/install/ubuntu/17.10/nginx/phpmyadmin.inc
@@ -1,5 +1,5 @@
 location /phpmyadmin {
-    alias /usr/share/phpmyadmin/;
+    alias /usr/share/phpmyadmin;
 
     location ~ /(libraries|setup) {
         return 404;
diff --git a/install/ubuntu/17.10/nginx/phppgadmin.inc b/install/ubuntu/17.10/nginx/phppgadmin.inc
index cd1e5806..47cfcf4e 100644
--- a/install/ubuntu/17.10/nginx/phppgadmin.inc
+++ b/install/ubuntu/17.10/nginx/phppgadmin.inc
@@ -1,5 +1,5 @@
 location /phppgadmin {
-    alias /usr/share/phppgadmin/;
+    alias /usr/share/phppgadmin;
 
     location ~ ^/phppgadmin/(.*\.php)$ {
         alias /usr/share/phppgadmin/$1;
diff --git a/install/ubuntu/17.10/nginx/webmail.inc b/install/ubuntu/17.10/nginx/webmail.inc
index ad66895b..768c9049 100644
--- a/install/ubuntu/17.10/nginx/webmail.inc
+++ b/install/ubuntu/17.10/nginx/webmail.inc
@@ -1,5 +1,5 @@
 location /webmail {
-    alias /var/lib/roundcube/;
+    alias /var/lib/roundcube;
 
     location ~ /(config|temp|logs) {
         return 404;
diff --git a/install/ubuntu/18.04/nginx/phpmyadmin.inc b/install/ubuntu/18.04/nginx/phpmyadmin.inc
index 1feb8546..cdfc93c4 100644
--- a/install/ubuntu/18.04/nginx/phpmyadmin.inc
+++ b/install/ubuntu/18.04/nginx/phpmyadmin.inc
@@ -1,5 +1,5 @@
 location /phpmyadmin {
-    alias /usr/share/phpmyadmin/;
+    alias /usr/share/phpmyadmin;
 
     location ~ /(libraries|setup) {
         return 404;
diff --git a/install/ubuntu/18.04/nginx/phppgadmin.inc b/install/ubuntu/18.04/nginx/phppgadmin.inc
index cd1e5806..47cfcf4e 100644
--- a/install/ubuntu/18.04/nginx/phppgadmin.inc
+++ b/install/ubuntu/18.04/nginx/phppgadmin.inc
@@ -1,5 +1,5 @@
 location /phppgadmin {
-    alias /usr/share/phppgadmin/;
+    alias /usr/share/phppgadmin;
 
     location ~ ^/phppgadmin/(.*\.php)$ {
         alias /usr/share/phppgadmin/$1;
diff --git a/install/ubuntu/18.04/nginx/webmail.inc b/install/ubuntu/18.04/nginx/webmail.inc
index ad66895b..768c9049 100644
--- a/install/ubuntu/18.04/nginx/webmail.inc
+++ b/install/ubuntu/18.04/nginx/webmail.inc
@@ -1,5 +1,5 @@
 location /webmail {
-    alias /var/lib/roundcube/;
+    alias /var/lib/roundcube;
 
     location ~ /(config|temp|logs) {
         return 404;
diff --git a/install/ubuntu/18.10/nginx/phpmyadmin.inc b/install/ubuntu/18.10/nginx/phpmyadmin.inc
index 1feb8546..cdfc93c4 100644
--- a/install/ubuntu/18.10/nginx/phpmyadmin.inc
+++ b/install/ubuntu/18.10/nginx/phpmyadmin.inc
@@ -1,5 +1,5 @@
 location /phpmyadmin {
-    alias /usr/share/phpmyadmin/;
+    alias /usr/share/phpmyadmin;
 
     location ~ /(libraries|setup) {
         return 404;
diff --git a/install/ubuntu/18.10/nginx/phppgadmin.inc b/install/ubuntu/18.10/nginx/phppgadmin.inc
index cd1e5806..47cfcf4e 100644
--- a/install/ubuntu/18.10/nginx/phppgadmin.inc
+++ b/install/ubuntu/18.10/nginx/phppgadmin.inc
@@ -1,5 +1,5 @@
 location /phppgadmin {
-    alias /usr/share/phppgadmin/;
+    alias /usr/share/phppgadmin;
 
     location ~ ^/phppgadmin/(.*\.php)$ {
         alias /usr/share/phppgadmin/$1;
diff --git a/install/ubuntu/18.10/nginx/webmail.inc b/install/ubuntu/18.10/nginx/webmail.inc
index ad66895b..768c9049 100644
--- a/install/ubuntu/18.10/nginx/webmail.inc
+++ b/install/ubuntu/18.10/nginx/webmail.inc
@@ -1,5 +1,5 @@
 location /webmail {
-    alias /var/lib/roundcube/;
+    alias /var/lib/roundcube;
 
     location ~ /(config|temp|logs) {
         return 404;

From c862bd9aff72c0cadfd1d2b22810f31e68899458 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 23 Jun 2020 18:18:30 +0200
Subject: [PATCH 1062/2300] Fixing unnecessary slash in nginx configs for
 phpmyadmin and roundcube

---
 install/debian/10/nginx/phpmyadmin.inc | 2 +-
 install/debian/10/nginx/phppgadmin.inc | 2 +-
 install/debian/10/nginx/webmail.inc    | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/install/debian/10/nginx/phpmyadmin.inc b/install/debian/10/nginx/phpmyadmin.inc
index 1feb8546..cdfc93c4 100644
--- a/install/debian/10/nginx/phpmyadmin.inc
+++ b/install/debian/10/nginx/phpmyadmin.inc
@@ -1,5 +1,5 @@
 location /phpmyadmin {
-    alias /usr/share/phpmyadmin/;
+    alias /usr/share/phpmyadmin;
 
     location ~ /(libraries|setup) {
         return 404;
diff --git a/install/debian/10/nginx/phppgadmin.inc b/install/debian/10/nginx/phppgadmin.inc
index cd1e5806..47cfcf4e 100644
--- a/install/debian/10/nginx/phppgadmin.inc
+++ b/install/debian/10/nginx/phppgadmin.inc
@@ -1,5 +1,5 @@
 location /phppgadmin {
-    alias /usr/share/phppgadmin/;
+    alias /usr/share/phppgadmin;
 
     location ~ ^/phppgadmin/(.*\.php)$ {
         alias /usr/share/phppgadmin/$1;
diff --git a/install/debian/10/nginx/webmail.inc b/install/debian/10/nginx/webmail.inc
index ad66895b..768c9049 100644
--- a/install/debian/10/nginx/webmail.inc
+++ b/install/debian/10/nginx/webmail.inc
@@ -1,5 +1,5 @@
 location /webmail {
-    alias /var/lib/roundcube/;
+    alias /var/lib/roundcube;
 
     location ~ /(config|temp|logs) {
         return 404;

From c377e19df851aec6758a072f3f2f31d48b18d059 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 23 Jun 2020 19:06:25 +0200
Subject: [PATCH 1063/2300] Adding escapeshellarg on few more places in php
 code

---
 web/edit/server/index.php    | 2 +-
 web/list/directory/index.php | 2 +-
 web/list/dns/index.php       | 4 ++--
 web/list/mail/index.php      | 4 ++--
 4 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/web/edit/server/index.php b/web/edit/server/index.php
index 0743ab17..49c577d8 100644
--- a/web/edit/server/index.php
+++ b/web/edit/server/index.php
@@ -356,7 +356,7 @@ if (!empty($_POST['save'])) {
     // Change remote backup host type
     if (empty($_SESSION['error_msg'])) {
         if ((!empty($_POST['v_backup_host'])) && ($_POST['v_backup_type'] != $v_backup_type)) {
-            exec (VESTA_CMD."v-delete-backup-host ". $v_backup_type, $output, $return_var);
+            exec (VESTA_CMD."v-delete-backup-host " . escapeshellarg($v_backup_type), $output, $return_var);
             unset($output);
 
             $v_backup_host = escapeshellarg($_POST['v_backup_host']);
diff --git a/web/list/directory/index.php b/web/list/directory/index.php
index 12919b14..7a57566c 100644
--- a/web/list/directory/index.php
+++ b/web/list/directory/index.php
@@ -15,7 +15,7 @@ if (($_SESSION['user'] == 'admin') && (!empty($_SESSION['look']))) {
 }
 
 if (empty($panel)) {
-    $command = VESTA_CMD."v-list-user '".$user."' 'json'";
+    $command = VESTA_CMD."v-list-user ".escapeshellarg($user)." 'json'";
     exec ($command, $output, $return_var);
     if ( $return_var > 0 ) {
         header("Location: /error/");
diff --git a/web/list/dns/index.php b/web/list/dns/index.php
index c98b8e47..53d5980c 100644
--- a/web/list/dns/index.php
+++ b/web/list/dns/index.php
@@ -7,14 +7,14 @@ include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
 
 // Data & Render page
 if (empty($_GET['domain'])){
-    exec (VESTA_CMD."v-list-dns-domains $user json", $output, $return_var);
+    exec (VESTA_CMD."v-list-dns-domains ".escapeshellarg($user)." json", $output, $return_var);
     $data = json_decode(implode('', $output), true);
     $data = array_reverse($data, true);
     unset($output);
 
     render_page($user, $TAB, 'list_dns');
 } else {
-    exec (VESTA_CMD."v-list-dns-records ".$user." ".escapeshellarg($_GET['domain'])." json", $output, $return_var);
+    exec (VESTA_CMD."v-list-dns-records ".escapeshellarg($user)." ".escapeshellarg($_GET['domain'])." json", $output, $return_var);
     $data = json_decode(implode('', $output), true);
     $data = array_reverse($data, true);
     unset($output);
diff --git a/web/list/mail/index.php b/web/list/mail/index.php
index 56c42a73..e389b3b1 100644
--- a/web/list/mail/index.php
+++ b/web/list/mail/index.php
@@ -7,14 +7,14 @@ include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
 
 // Data & Render page
 if (empty($_GET['domain'])){
-    exec (VESTA_CMD."v-list-mail-domains $user json", $output, $return_var);
+    exec (VESTA_CMD."v-list-mail-domains ".escapeshellarg($user)." json", $output, $return_var);
     $data = json_decode(implode('', $output), true);
     $data = array_reverse($data, true);
     unset($output);
 
     render_page($user, $TAB, 'list_mail');
 } else {
-    exec (VESTA_CMD."v-list-mail-accounts ".$user." ".escapeshellarg($_GET['domain'])." json", $output, $return_var);
+    exec (VESTA_CMD."v-list-mail-accounts ".escapeshellarg($user)." ".escapeshellarg($_GET['domain'])." json", $output, $return_var);
     $data = json_decode(implode('', $output), true);
     $data = array_reverse($data, true);
     unset($output);

From 6fa21d9c699ddb907c5d1e3be0fabc65ed805945 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 23 Jun 2020 19:12:33 +0200
Subject: [PATCH 1064/2300] vesta-0.9.8-26-25

---
 src/deb/latest.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/latest.txt b/src/deb/latest.txt
index 8d35043e..a853309e 100644
--- a/src/deb/latest.txt
+++ b/src/deb/latest.txt
@@ -1 +1 @@
-vesta-0.9.8-26-24
+vesta-0.9.8-26-25

From a9e46047e91a1683b61be7cb833584dff7da1d34 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 23 Jun 2020 20:04:30 +0200
Subject: [PATCH 1065/2300] Reset UPDATE_SSL_SCRIPT

---
 bin/v-add-web-domain-ssl | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/bin/v-add-web-domain-ssl b/bin/v-add-web-domain-ssl
index 43e5cce3..2c0f78ae 100755
--- a/bin/v-add-web-domain-ssl
+++ b/bin/v-add-web-domain-ssl
@@ -143,6 +143,8 @@ if [ ! -z "$UPDATE_HOSTNAME_SSL" ] && [ "$UPDATE_HOSTNAME_SSL" = "yes" ]; then
     fi
 fi
 
+UPDATE_SSL_SCRIPT=''
+source $VESTA/conf/vesta.conf
 if [ ! -z "$UPDATE_SSL_SCRIPT" ]; then
     eval "$UPDATE_SSL_SCRIPT $user $domain"
 fi

From 8d9e349b23fe85bf496a71b3d6e235b27854efbf Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 23 Jun 2020 20:08:59 +0200
Subject: [PATCH 1066/2300] Dont match subdomains while restoring domain

---
 bin/v-restore-user | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-restore-user b/bin/v-restore-user
index bd3d86bb..b1c0c65a 100755
--- a/bin/v-restore-user
+++ b/bin/v-restore-user
@@ -289,7 +289,7 @@ if [ "$web" != 'no' ] && [ ! -z "$WEB_SYSTEM" ]; then
     if [ -z "$web" ] || [ "$web" = '*' ]; then
         domains="$backup_domains"
     else
-        echo "$web" |tr ',' '\n' > $tmpdir/selected.txt
+        echo "$web" | tr ',' '\n' | sed -e "s/^/^/" > $tmpdir/selected.txt
         domains=$(echo "$backup_domains" |egrep -f $tmpdir/selected.txt)
     fi
 

From d9e9c643699309594e8769a44ea8dd6e1e22e245 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 23 Jun 2020 20:10:54 +0200
Subject: [PATCH 1067/2300] Fixing NS parameters in v-add-dns-on-web-alias

---
 bin/v-add-dns-on-web-alias | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-add-dns-on-web-alias b/bin/v-add-dns-on-web-alias
index a6a7272c..705594f3 100755
--- a/bin/v-add-dns-on-web-alias
+++ b/bin/v-add-dns-on-web-alias
@@ -55,7 +55,7 @@ if [ "$domain_lvl" -eq 1 ] || [ "${#top_domain}" -le '6' ]; then
 fi
 
 # Adding top-level domain and then its sub
-$BIN/v-add-dns-domain $user $top_domain $ip '' '' '' '' '' $restart >> /dev/null
+$BIN/v-add-dns-domain $user $top_domain $ip '' '' '' '' '' '' '' '' $restart >> /dev/null
 
 # Checking top-level domain
 if [ ! -e "$USER_DATA/dns/$top_domain.conf" ]; then

From 83d0b9ed90d41a173f9c5b0c34cf5303a118b81e Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 23 Jun 2020 20:14:55 +0200
Subject: [PATCH 1068/2300] Allow quick restarting of nginx

It can occur if domain has many aliases, and acme-challenge should be added many times

This fix will prevent this error:
```
May 14 21:39:08 server systemd[1]: nginx.service: Start request repeated too quickly.
May 14 21:39:08 server systemd[1]: nginx.service: Failed with result 'start-limit-hit'.
```
---
 bin/v-restart-proxy | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/bin/v-restart-proxy b/bin/v-restart-proxy
index 25ab20bf..1e5e98cb 100755
--- a/bin/v-restart-proxy
+++ b/bin/v-restart-proxy
@@ -50,7 +50,9 @@ if [ -z "$PROXY_SYSTEM" ] || [ "$PROXY_SYSTEM" = 'remote' ]; then
 fi
 
 # Restart system
-service $PROXY_SYSTEM restart >/dev/null 2>&1
+# service $PROXY_SYSTEM restart >/dev/null 2>&1
+systemctl reset-failed $PROXY_SYSTEM
+systemctl restart $PROXY_SYSTEM > /dev/null 2>&1
 if [ $? -ne 0 ]; then
     send_email_report
     check_result $E_RESTART "$PROXY_SYSTEM restart failed"

From e0ebf729f337805bb0834621476ca14d70e77c50 Mon Sep 17 00:00:00 2001
From: dpeca 
Date: Tue, 23 Jun 2020 20:20:11 +0200
Subject: [PATCH 1069/2300] Avoid Let's Encrypt domain validation timeout

---
 bin/v-add-letsencrypt-domain | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-add-letsencrypt-domain b/bin/v-add-letsencrypt-domain
index 59d51c61..0e9438ed 100755
--- a/bin/v-add-letsencrypt-domain
+++ b/bin/v-add-letsencrypt-domain
@@ -208,7 +208,7 @@ for auth in $authz; do
         if [ "$i" -gt 10 ]; then
             check_result $E_CONNECT "Let's Encrypt domain validation timeout"
         fi
-        sleep 1
+        sleep $((i*2))
     done
     if [ "$validation" = 'invalid' ]; then
         check_result $E_CONNECT "Let's Encrypt domain verification failed"

From 26e7f311c16238ede37cf1e7085fb5a3fd05e6ff Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 25 Jun 2020 11:47:24 +0200
Subject: [PATCH 1070/2300] Make backup once a week

---
 install/vst-install-debian.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 864d25b6..50d880a5 100755
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1482,7 +1482,7 @@ $VESTA/bin/v-add-cron-job 'admin' '30' '03' '*' '*' '*' "$command"
 command="sudo $VESTA/bin/v-update-sys-queue backup"
 $VESTA/bin/v-add-cron-job 'admin' '*/5' '*' '*' '*' '*' "$command"
 command="sudo $VESTA/bin/v-backup-users"
-$VESTA/bin/v-add-cron-job 'admin' '10' '05' '*' '*' '*' "$command"
+$VESTA/bin/v-add-cron-job 'admin' '10' '05' '*' '*' '6' "$command"
 command="sudo $VESTA/bin/v-update-user-stats"
 $VESTA/bin/v-add-cron-job 'admin' '20' '00' '*' '*' '*' "$command"
 command="sudo $VESTA/bin/v-update-sys-rrd"

From a3513a91871cb43d17ddc78060cf3482f5be31a7 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 25 Jun 2020 12:59:39 +0200
Subject: [PATCH 1071/2300] Start backup at 01 AM

---
 install/vst-install-debian.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 50d880a5..33ccfaf2 100755
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1482,7 +1482,7 @@ $VESTA/bin/v-add-cron-job 'admin' '30' '03' '*' '*' '*' "$command"
 command="sudo $VESTA/bin/v-update-sys-queue backup"
 $VESTA/bin/v-add-cron-job 'admin' '*/5' '*' '*' '*' '*' "$command"
 command="sudo $VESTA/bin/v-backup-users"
-$VESTA/bin/v-add-cron-job 'admin' '10' '05' '*' '*' '6' "$command"
+$VESTA/bin/v-add-cron-job 'admin' '10' '01' '*' '*' '6' "$command"
 command="sudo $VESTA/bin/v-update-user-stats"
 $VESTA/bin/v-add-cron-job 'admin' '20' '00' '*' '*' '*' "$command"
 command="sudo $VESTA/bin/v-update-sys-rrd"

From 2108e0e32c5db6f0588cab422322b21ce7ba721d Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 26 Jun 2020 13:23:22 +0200
Subject: [PATCH 1072/2300] Multi-PHP error for servers without Apache

---
 src/deb/for-download/tools/multi-php-install.sh | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/deb/for-download/tools/multi-php-install.sh b/src/deb/for-download/tools/multi-php-install.sh
index ade0a464..895f80d2 100644
--- a/src/deb/for-download/tools/multi-php-install.sh
+++ b/src/deb/for-download/tools/multi-php-install.sh
@@ -13,6 +13,12 @@ inst_74=0
 
 #######################################################################
 
+check_grep=$(grep -c "WEB_SYSTEM='nginx'" /usr/local/vesta/conf/vesta.conf)
+if [ "$check_grep" -eq 1 ]; then
+    echo "Multi-PHP support is only for myVesta that is installed in nginx+Apache or Apache variant"
+    exit 1
+fi
+
 inst_repo=0
 debian_version=$(cat /etc/debian_version | tr "." "\n" | head -n1)
 

From b93623e865a995a9eb096b79d77fdefb9a128eb4 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 27 Jun 2020 02:25:56 +0200
Subject: [PATCH 1073/2300] Introducing: v-install-unsigned-ssl DOMAIN

---
 bin/v-install-unsigned-ssl | 59 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 59 insertions(+)
 create mode 100644 bin/v-install-unsigned-ssl

diff --git a/bin/v-install-unsigned-ssl b/bin/v-install-unsigned-ssl
new file mode 100644
index 00000000..e0fdd46d
--- /dev/null
+++ b/bin/v-install-unsigned-ssl
@@ -0,0 +1,59 @@
+#!/bin/bash
+
+# Script will install unsigned SSL to desired domain
+
+if [ $# -lt 1 ]; then
+	echo "usage: v-install-unsigned-ssl DOMAIN"
+	exit 1
+fi
+
+domain=$1
+
+user=$(/usr/local/vesta/bin/v-search-domain-owner $domain)
+
+if [ ! -d "/home/$user" ]; then
+    echo "User doesn't exist";
+    exit 1;
+fi
+
+if [ ! -d "/home/$user/web/$domain/public_html" ]; then
+    echo "Domain doesn't exist";
+    exit 1;
+fi
+
+email="info@$domain"
+
+TMPLOC="/home/$user/tmp/$domain"
+mkdir $TMPLOC
+
+# Generating SSL certificate
+/usr/local/vesta/bin/v-generate-ssl-cert $domain $email 'US' 'California' 'San Francisco' 'myVesta Control Panel' 'IT' "www.$domain" > $TMPLOC/vst.pem
+
+# Parsing certificate file
+crt_end=$(grep -n "END CERTIFICATE-" $TMPLOC/vst.pem |cut -f 1 -d:)
+key_start=$(grep -n "BEGIN RSA" $TMPLOC/vst.pem |cut -f 1 -d:)
+key_end=$(grep -n  "END RSA" $TMPLOC/vst.pem |cut -f 1 -d:)
+
+# Adding SSL certificate
+cd $TMPLOC
+sed -n "1,${crt_end}p" $TMPLOC/vst.pem > $TMPLOC/$domain.crt
+sed -n "$key_start,${key_end}p" $TMPLOC/vst.pem > $TMPLOC/$domain.key
+chmod 666 $TMPLOC/*
+
+source /usr/local/vesta/func/domain.sh
+
+USER_DATA="/usr/local/vesta/data/users/$user";
+get_domain_values 'web'
+
+if [[ $SSL == 'no' ]]
+then
+    #Configure SSL and install the cert
+    /usr/local/vesta/bin/v-add-web-domain-ssl $user $domain $TMPLOC
+else
+    #Replace the existing cert with the new one
+    /usr/local/vesta/bin/v-change-web-domain-sslcert $user $domain $TMPLOC
+fi
+
+rm -rf $TMPLOC
+
+exit 0

From daa9374f59cbb63ee92348eacef181b5dc44dd5d Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 27 Jun 2020 02:27:59 +0200
Subject: [PATCH 1074/2300] favicon

---
 web/favicon.ico | Bin 6458 -> 15086 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)

diff --git a/web/favicon.ico b/web/favicon.ico
index fad74c2a4ebe9b949d5c0893075e68ca79d54f68..231b61d2c39e4700f461a956ecc2f4199f5728b2 100644
GIT binary patch
literal 15086
zcmeI330Rdy`~RNM%^43~vTTOdT)3nyDuf8|dw4W(!Os>BByJ*@JDm+FVnrOpFs@(p2#F72;
z_a6!Tua!W8hm*F{-C6spr;9ev%~^|o#p%DrYyT9f3$V(X{&})NXuhmB#w?tNtQ1b+
zd7^Gup==VEFB=4yr1Nd*$9Htn5Q`#ce
znz!xeFH{&dK{}625q3;|`Qq+yi|jwvBBn%IM0BWCbPhI)Mphnhsk
zhdz`$J9rspmQEoS@nD2m_(WJmf8_fV&;6pTVncM1I5*ZNN-2+zw8|M#HnBUZ
zNR-DEi(e_96=o8h!_C4y(k$MJED+Cy6o~qE($gPx(hMH%V9rF=7r-r$dxf^l=c1P8
zQ>LZ#s(=T{w+is5Y4Pr@?f~))RiXbtWRZxCDi&M8wi9_Lkye1cJZ6KGQAH%HID*Xg
z@LU;9*|-uZB5h(9d?mw25%uGNL)bXyC^%r_o|o@+7*e@;TH5Nx4KP-m2X(B0|wzDElB8GNW_^DQWGd5-DSms!(
zoE>JloYW`Vw5)B~djU=c_hvUD;B8rVC+2Qf#^f7^9x(<+uh+FjZnvGwp*GPDxvc=}
z$><_^7J7Sl{|2mw!E=<990JxLt7r}%Ly_}rQbYvvHKI_o2(yS6n7iJ=1>$AOqZyO0
zX?q~TTCpYEQno$PT7ELBsJc9+Nba3rlcPV_EF1hAepQgrvk~JmLrYR);C+dC@VRDi
zzxSqfuNFQMEu5g;E2^mKa8&Un8M)yC`ci%vdB!mh-eTVRp#$Ed){A??%%Ve-O~#Ka
zmWR=!gHcxbWu!@ZQ#Y0|%7^Dw)Q^V$KK<8k^nG;2eAb(--JXU5<)=JsCj3*=t_{#$xNZ?6^gN9T#h
z##-cv5rv0-d@gfw^`on%$d|Lyz6&WlH!#v7yMz66Fr|||M7EQew+Es&RLHT#mt}-`Xa8NOY6tkE_TrpT!(}0F!W^&V;}j{s#$WBsq|vBtt#c&jD#o`W52Jk
zml?=-37AJ}OFi$`K6^w*n}^Y%0{c8pfsX{wZa0&Ec!6jRwy3BLGC#~#v8~6N)yL{2
z4ye)+-DR!h0Xw>^P6!-ZR5b@&r@$n@cp{29JS6Y?Upj#0k@WZFvl)wy56?fahwqmZ
zetWWsp9bb^TT(yitrF~wlA&};^eOw-iYY&i$UnO4t-Rg4n=g+z#5^uX#!^f6t|T3z
zUMjrw*9@L*z&s!P%qHI{jS*iLJyo1`=vg!YGJ=HQ<>2{YwhLwDQ`>lO=s*?txN8G37cAu
z&AdX|1rHySzU28NdUTGpZVGew?(6Z7G>LlQHW2{56XU=ZYAq98GmVus4Sm4n1%8jJ
z2FXKz?Y+*tFS@Ae4EE&mxFWf~f6m6#n#R61WCfpkFnCE9W8c!ws~4nT1f-I?p1wv^2mL6rHmYpykoJQ
zJHcCl+)tucKhghX#-|KCbG3N4rq|;imM`jJ`}(01+mP!;@So|ldf{;wqfey+zg~@b
zb?fEtmHHMO$!5+ajO{T0R`xBc?T9+8Ej=>*%AUR~E1
zHr7oU0!B}HZ))J#7c-I~KiVLhhnvp~e`@vYT{V+lqkr$pmTA$}o|ze48z<=RW-ai7
zb}E?9*md8i)-l#%qkc7O*@M^cV+R{!SNbyVl#Sm3Hj}^UWZVO3F-FGng2JXV&=%Q3
zr>te#xCO&=cRpeKMmBUw>;nz`ZoA$Zy|=SwTG3tf#Ot({@Jg_@xM|I4n|^K5a(T@B
z8cF@Dk+DDz&%BlQgBkwkM3~Nv0<*y>vG;lB#9r0yR(^hHWWkYH@7rXj?#okZBj<5lZs#GpNf*bz5y=c3c6(I2&rn!_#CFFG4~y{awqKI)vl{16P!XaaW$0NwYfE+Jf
zmD65riB~&2eq_)38ic(#ZnqW1LPi&h-K;74#z})bb!ojz75*kE0q2`83;M;$*b954
zuOzJl+cRKS^8bub??s+JM}{r66y{utw{$}PJFJ>511+bdnrBhg
zs#4cAE5X+5J6)1qKDaza`dSZOL5H)0O;sHfM&?3o`tgNMshv)u_Yv?vr9Lrd>m%>M
z;Qs;qRnho2F&o7u@W1Pmoxh}h>d-RuLDo$f{C(5ZkOexU_d&Z1k`y+5GW~vxTz)~e
z3V%Mdp41XNTq)n|kd=N9^`^qlT6mVu2G8p5Ytt{r6p73DQWeoQY3-9;G!$NQm^X}b
zf9btG|3av_d_HSUYlYGNGkA7{&Ue^Pr2|J;=Q^o!k3{Jd%z71RmUH3bAZZ6{X4H6#
z3?6R!=~(mhNP*3k*oQ;SQzGM>483Q8>#ReMumy?UC!k%WrQok8d#}WoZ>cTp(E$CN
zVwbFMIB-K}AM5fb0r@-srAz2FhdLEb%+c1%CzSfEE%Z&>
zCV#i_@op{nzS&Mk+0g{A!K`m}LJDPVe3s|w>nnV)Evx}w1Q&_+YDd90TIRjbkXWWbNg(B`x4PzWV4=GvIP8wL&eNCF-J)7(>dxLcNqVaC`Ux)t;
zV-ct&_G}n#mXEWB&Sb4Q%6OKsetnNmGh&=sb|0Sq^SVb@#9eY?Ua_uRu3;Q7v*u!-
zhUiEa+GoJSIXgCoe}0%fV1Tyts_&c7y(U;+M`yNC$H7CglCM{)cUIv9){ag1(-r7z
zIey)aKH1jU^->1yu&?!reZ)&^Q%?mH{u()XgCsJ<&yHVTa#jD&Y6kByTC!)u2%G4E
z916iNlz)!>xr9$ME7mGo_RrlE);j(DQf0G|%_+t>R<}rBPy4C|`)ZFTDVvJUZUo;(
z#^fVpPbBKPpRs!#%6l^o>CnXo_F7dZvA0`<<%&Nx`VjJxcA7SMB9wLPxy&Wz7R$q`
z+pL%%hZO9(qI4@_gS^k)qv4f%kVh(Gj6UnnxqRgjRx8e}aYT{mfbJ}gW6y{|NfnL|gbQ
z(X&7N;@z>~UM;apkK(sI_&}Pz_P8R^6`I+|y$qTsk>8pKOSMmc`Im`)=EDaAZO6{z
zXYYux$U!5DL|uE2OI+(fV>tM2tRcB~#dd$~@xEQ^g%yf==)BseB-7_!Y-w6Zp6JB;
zfUz5@4u=(86hTENWw7nckHMyk1A_~zYX1S@9lee&sH%aF_%w8uKyM#(Qqb2P?5*#K
zw8=LZmpp7z5q`&*QLNp+bw00?PFwm)UG%G&(}EsNo4?VqL6>&zou2tt>Vj?JVfvYc
z91f9o()U>QP5z8;>G+LOPS_{~J{x-u>El}{Z@c&Tjpj`r@KGKE_e^B3Y+cz{v&g`H
zJOj-a*(;|}{tM+l!egX=foyVyO^@6CTIMwG*=lce
z>)sq+*k?7M?z{APSoL{zP8}fTF$}+`1^ZiHzURT8iXE(nSO4IAdDrdwz1jC+1;QDf
z9>RWSmmR0#fps6b1VQ6t@SjxkIflJI?}gB^uTeMa>spzgRn`cziI*6&Z1#J~|G9(>
z-O9Z1?w2QPv5)oS+YWfULf^{oFAggZJ>FUN7vgGHi46Xk*pW%JM4n#gX)NnZF|s&{
z{P&~tOVNE-#w7q=b}`;(qBe*hd5?wm{nv2*S?+HW4d7J|&$DQ^iQGp2AEASNu|>hi
z>zEoBe17&*Vjnn01?P*0L-NIaqw>UUV`9YRn$X__WU~huDSNXUdh;lMC&VPZ_!dlJ
zzd(GzB37eMzKY+F#6QI9{)7qt98oLOBDx`u!l+_-9$BA89tFs23jC}C_X*^3hOxn}
ziKUd`pNNU*UzdROvR3FiQ8O?{*7Glsb{iU4C>rzaiO@pv6uQ_8x#q*aV7*d0bA~=b
z{FUu9iQ(AL-F&;m{5uPN19E?S&}wlpX!fte0NdF
zIGmxLF~lmK_!CvR}zVoc($7@KhTC;txb
zj!Kw&ouRu08r8}sgX1jN3}7EkdXE$kViRpci$oK!j^^7&H4nj(99kgUi6wcmhED_Q
zEc7H4e8G&}IQX4_tn<(*hYq6iw9i5=?e7TSZ7Q?QKcM6U?qha6K}UH17Mw?zZ|BLk
zq37>lU+!o9@L?Yp3$|d^jZR^C@*&DyLkfj^P=R=g@d(Ct?L!vIS5|XjCw%@)zo+Sc
zH~mBe<%@f61L=-FN0o>g;f44m#4eHFH0<0b;NQx4+hbSIzJeTcz%~UvDg=`m{889S
z53qd-&Ml0eP04^fKe~i{DYg^)sn*tY*qCUgdtiS%GGDgn6@O>;@~<${*C2I6*T`CL
ztrvA!XWBz|IrQze4*bNy@gG@7vF*xU2{7-5pL}w)-YMNyWoo@rvQ}#f{=T>X?#}`&
zqPcgvba6F0&Z7Pbp1)HkqChqR?>l2{axMC^75!EI_9F0=+HpD7rDK%sZgFJ`k|2;qUPI>9_y40aZcO&2Dk*8YopJeR2@Vpe=KE%69N$6W7
zWh=pb5Z(Tn=XvV<3w!VwxhvS)g;-?0JEi}hs_&bj&IY9OIIGabm}M>O>~rWth?=AD
z*EJ|l+=s2{2JS#)?iZ3Pp7!J1(Z|AB>sH|uXuY#_^*@FCR{eOTNGIQ1S$AlGsM|fq
z;gh~o41b$souFJ<`}z4-;|I6u;Ggn;B=G-H0@D7|v_H$srTShV&8{lfVkdG6F3)PU
zYO4HzR;yJba&6wk*cqB8bo{P~>OTbtG;dkUQ5@x$Z+-
z9Qgs~56zP%X`0P>s##|v*G=uNJFIC|t-jWSyqLVF%4;`tQSVdgw{lV6Cq39|x~AS+
z$*MLN_)Z=HUh;BZaw~Zca@&lnd7PvCV4OTyLit%u+Tv6`>;vaoDi77{d3iJKfkwQG
zW)q)xRe7W07<;ah=2+h4#AeROLhDRr;jZXcZBS&w*Z8)C)niB&#I{2qsc>+
z;?_LBfluMfp5+1J^tv&b;`bQi!k3+i<3A70S;SDkA%=aFd>`-giJL0bxb1IrHhzJX
zeW6W+L2EERP1b!YV&|d)@vvb(03oBDT-@sy>?7XlGJWVzIu^FSVxx506_3Ak4}cy;XirOfd;Q
ziQS1R`saRwh(;E1(EAL3!VOF+HWiEiJsvFhMDj9w%@Wee;rTzU>$-Z;KyB&2ejk$r
zcclwoA`^8^^{M?H!A(HW=a{iY<(DFg%81oft%BZE)8YB;{Zj}7aMbE4p;-}Ro
zIgk5waPH3U>Lx}I?02V4b9sZPkjEIbE1#XC2}s9+>39V1se4ep_>8yv*^Sy
z?c;X#SkQ2FR%#WKp;I}$@aM{Vl1Ffs>aNaf&iBo+?&l84fiTO(tR^X=I0yBtB4#h^
zB@f>FTF%Be&T4~u=M)z4F6$({QPz6-2mK?==ih#O#Zlho1sUeDR$J0$m;j-2(Z
zvbQyQf6w_ynU3?!QF$91wqG^~lU5moa=L4E83$ej}^)svI6-HVv
zy;RpQh`SzMpV1y!c&qz!pKD7zYe4%!^eBfD@pRK+~vywr1w
zW^irJIn^p;$(f!0Bl_5kO!qRTFFK|48O9k?WvjI4szA$0&Ppn`w@#a|Mwh5Be`#%U
zC3izsa_-w)i+`~x7?z`h>f9_@Ti~JYX0&B4s)2VOrccqc-)2>NHq2P40+U{GhJ%gMjgj2=}_to-CkWKl&WI`Q3;D`!sA5M@bf2^G}Ky+R;
zf9{MD>9G9?UVWjj&Z(`O5j_O$m*9ULd#(N0udr}SdC;?&i%vpc)=V6bS|h#>ch&Sp
zWN-;u>MVE@vTk#gmw~+hY%fprEN!=9+EjSofGkf3nolpkCv}ubXY`QmR(-mEjQNa@
zqm8EzwpiV#;7*^Hx(hZE8+StOOR*yfA?C7f9ahiTS~IC%RZV06Idzx5S%)(@bxx(^
zJrB9})8b#Q<>-quQG?g3VBjvDThQ?QJ^j$3pHyGi4U>Ld-r}b-W?gF^9~Svi2nD
zyVscK-mUeJE)9chLhautsaQJg4B(i?{`}m85_tw*0)6uxac4XBKl#HxxB=_KWXAF&
zYvmU9%gR0z1C=M~e@RfGaGW>(p%3<{4^wZwUH^;a5!RML^b-n>Eu>WB^YVzy+wb*=
zYc+>_y&96N$N=-Y8;8B%H*J2(e(92
zw~hnhCn&kU4_-5UY-JwJhTb6FbLsbczKy5PTlzknC*2L7V~K(M#9FFiQ`1yG#D6Z3
zTi_)YdA`mX*eEE6^8k~qfjpf#i)cYS?lI=h=kR$2S|_19Oz}Wl8+u);)=%o)aHr}I
zL!kL)Nf+vkgI9Gm|woQ|AKVB7}%GU)GT
z{8YR@fHs`r%4+I<8DPG8FZhpyuY0H6%f#!}(wCCg26SL1W7?hfui!)Rb`E+!Dmx8L
z6>Iz!8r+YChK;+7D*nou1m((avC!^o&aPMR?Cs0>+I6IE`Z&spJT0ObeS|Xx=af9@
zV=n&C0Q#Rz?0pRMXT#HZz8_{h=7Xbzv>iE(CIRTZ_RJZ{)$>W-ZRpJ~
zzUzq#{y&|CUcpG*K!2Cv|AXxvafEAsMI&i`ua?m294mix(&6&(o)^wd?B3}BF%`2m
zy{CED8>aaz}@XI6KeFE6-$C=a<#CvA;A6nh|cdhFo`>&G6{
zTFdhI;j+BTBq>}P5w>V0<&kT&9JyMQl+v^&{T8SAeb+?kfBqMmEp)-Tq9(fA7F||r
z*R$kzy_ZLvb?J*P_*>oa(I(>W1hP-KVeN=A%bLuAp6LD(Y)v801w4PvbL#jFazfkm
zSReKr%V
zOTFYbf9RYs|LbbGGAz?8QuCjFZO(caSCFbHj?IHJ6GcCI`#wC
z28Wz+7y_N`>oefW;4{(Z)(HV6fSPMJZfOmJw3$VeTldq+p
z53z~A+2S$lMGe)KKGZ#q_jxu^r+}2ea~f@|d`m@6b9pYI?B(mA*&mgCrOtf5Z{&MC
zv?lSKPJc6apHEUY`3L&w&;KIb=qF$849qR4?{Dv;$nLKxAFT)+7V_1s|1aR%{HaZ)
zPAzD(f?gjmyhZNITG?tVEWc7jDK8`k!Mcd{zi~VP^CWjr
zd|(bhPvlm}kQ=Kd@m!lN?Q5(Q6E+NGm&+x@qBO5cPQVvpauB>Lz!Ax>vaun18r}}t
zh8Qm-ifs#WyP0Er0N-kNh4gGG7M05ahqs*gl+h9=jnxey>5}7*boW$9fAnv0;-M`z
zYLR)**u*a5b-sX1p>3M*VH(;s-u{l^u|L@TGc!k~*qVlD-S4TjLbPgP)d?
zCnUdy_a+$r1=bg7KZ(c2*kW&)45Ef+k|)jc&1uUdNpr^7NR$pK`S
z6aNp9tHoAvda-nB4qq0rQY_ewk-J*D!Q1R$LHAMm8)!em<{{cQa)OesxyOfo*a-0Z
zWo%9)pY3~R%SArw(Njj9fuC`IZb<5x_bz%?qxWD;cTkQ{r(>GM#u{X943}bb`N?5W
zj>gvwnEYVwh0VdNlQj2Ja#@a_ItfR+sBC2JS{5_2tCv=MPC6>L88!8U=5w@l9(zB!|E-&Kr_JzA9OQu7f&G
zoE`MDcn?DhLk
zctz|vE74Ix{T85e8N3&;u@if`?ltZ^yp`g0@S)S>lw90`?#7s%kTfv=kA0qzR@Xl*
z$(dEsm3gl)uKtSV1bqjPnNGVF`V5?lsl)4O7a(&8(mm%3WIn-elg^_r)YmhfQt3dP
zbg!;8`HlJl_GfyhzsV&6&%*Bk*eQyPEtL=ggL?o%m}zkaI4BwUr7HE2DRCjU*xaIC^5(
z$nERoX<(LLe&VZ;2e7vv(pcy@H*vV%#x|l<+Ts6glmGCKi%eYDQ-?KSLg!Nz;gJJ?*r9+^w)#kS^V7yOT)
z3S!j@|8lUsJ!)TT`E&9+gucZ&I23Gq%oz2+{DV;Dxj4S9Z}6c=yj^(#YFuuZjA&5e(Igg`pGB8fbuJ
z{Vd^p+uzU8_%YvNZMLJWz?L01+uriwv!p9Ai0$E8NAwGQtQXp+nDYhnCG;?LmPHK=PhdM){#r46*0OO
z+q(_fm=+;paFFAZ%z2o5>Xo!>@bf6t0RMG&mGp1kYRkDftO@JSl1O|i(QEJFT3g)l
z*eh-V$H(yPn1tjM{r5G$4iC9C)}@lby~zi@x9D$UKN&kbByC!b;(W>Lo+NHy^UjlG
zY`*E(i=Hq0iCF=;`P$)Y-mtwghRyEJ&gPy2t{Ln{x<>R)^b&qud%ne%bDTRO`ZTwH
zA{YA&4%_Au{J$37Dr}l~B2y2!u)Pe-dLF*&njziTx6_#SjhU6JEjD+s?xy90dMei4@SlhX-8tKIEN169Iw2ydA;hmBN
zo|EPbj^-a-54xV?p7SIA6dU_U7O~g_mZS6=$n&)1F_OTZdNcj4j2#Eh`|PbF8FPap
zcHd^~1o-YmPS?5FqiMI{-|!y+%hESx|3{<^wed8#!X_v9jqZBxi+cX7aCp%gTnvtT
z;2nYdUYxO1YhQErmYChfUP$l>8dG_<}Ls!M?^Gm(5&a@+`JuYZPn;+#$}*
zkgShk(DN}wUgvV}k3Ub@GpLQ5^u6o}ND6Z|GSA%CXdA)(o2hbPdvM>pi3!wtSMr&L
ze?^K19C|kB85DF?NoRPo$eHdJVQ@8Zj@>`7Mq1;`ZH%o%?n7ujGQV?k-jhckc>d@3
zqjQ;4#QibZRrcNYkoed#zqjgVegpcx!rn&gl!Ev7IpuN<^?x6{1?1*^XgR;fyJm(j
z(eoAeV#e5
zQFr=I-3jTwqI=^8_N@WvxDp#4Fkh#Bdi~)ZiXGk($j`imPVBV>!`JK={ds?OK=;S-
z`vLtm#Nl$)gRI$iJmoS1{+aiY-u3Z`yJyF&pmcN1Xu1@8k0EdF{ZU&dz_$>b%bg-9k=2WxwBp9<9j?#if6WO9>gvU2-g$H^~ru@?lfo-_E&vn*Q|6Ino3DCCDDY
z-T`#ZPCY!5*V$CU{EZGVJO%p_qR1@mJqm89)qO;2Mn&eTL2BtwB7{t#5d{1_KiC
z>fRsV?a4Vq9A4v2G>RN#GB*oS`F(M^PvgsT@br6v9kA&C%2R)ooZtP5q%Ho(?(g^-
zp|9UownN9Uw})8ho^A0RqJy_e#?mjtMuD${TA3h;LyM(L=4`oQM2TFE?keV;gqrY0
zb^M39dN$}e-Ng94_;MC5?XXY9zB#BZrTOfw_&E$bE1+HcewB6uWASzMG4GS%iBA%`-VZjL%!iuTzta%qfLpZx!OJ^|zh4A2;=9?``@PxMT1f
zX*)O|7hfOUU(XAgGW4t?o(?8$v1zbr>ku~dJK7$`PlM|l_^XN6mm{5;w{h%Z%#M-c
z19xm>^xziFA_)
zLegk$GwnL7joo%KZ6qPR@G-{2i3{yECHXxz6w`pf|l*2AM&+IP
zjy~0&!}z8)vi=>~`Zlsban%(@46eGvHom%nR)+G!ooxK!l;Q`~k8t81<6k6USYd>|
RIB}?p#-q`iX86%~{U3Ebo9_Ss


From 2edeee1f7f8692e01de644a1f08b3d13bcebb2f8 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 27 Jun 2020 03:17:16 +0200
Subject: [PATCH 1075/2300] Add files via upload

---
 web/images/favicon.ico | Bin 6458 -> 15086 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)

diff --git a/web/images/favicon.ico b/web/images/favicon.ico
index fad74c2a4ebe9b949d5c0893075e68ca79d54f68..231b61d2c39e4700f461a956ecc2f4199f5728b2 100644
GIT binary patch
literal 15086
zcmeI330Rdy`~RNM%^43~vTTOdT)3nyDuf8|dw4W(!Os>BByJ*@JDm+FVnrOpFs@(p2#F72;
z_a6!Tua!W8hm*F{-C6spr;9ev%~^|o#p%DrYyT9f3$V(X{&})NXuhmB#w?tNtQ1b+
zd7^Gup==VEFB=4yr1Nd*$9Htn5Q`#ce
znz!xeFH{&dK{}625q3;|`Qq+yi|jwvBBn%IM0BWCbPhI)Mphnhsk
zhdz`$J9rspmQEoS@nD2m_(WJmf8_fV&;6pTVncM1I5*ZNN-2+zw8|M#HnBUZ
zNR-DEi(e_96=o8h!_C4y(k$MJED+Cy6o~qE($gPx(hMH%V9rF=7r-r$dxf^l=c1P8
zQ>LZ#s(=T{w+is5Y4Pr@?f~))RiXbtWRZxCDi&M8wi9_Lkye1cJZ6KGQAH%HID*Xg
z@LU;9*|-uZB5h(9d?mw25%uGNL)bXyC^%r_o|o@+7*e@;TH5Nx4KP-m2X(B0|wzDElB8GNW_^DQWGd5-DSms!(
zoE>JloYW`Vw5)B~djU=c_hvUD;B8rVC+2Qf#^f7^9x(<+uh+FjZnvGwp*GPDxvc=}
z$><_^7J7Sl{|2mw!E=<990JxLt7r}%Ly_}rQbYvvHKI_o2(yS6n7iJ=1>$AOqZyO0
zX?q~TTCpYEQno$PT7ELBsJc9+Nba3rlcPV_EF1hAepQgrvk~JmLrYR);C+dC@VRDi
zzxSqfuNFQMEu5g;E2^mKa8&Un8M)yC`ci%vdB!mh-eTVRp#$Ed){A??%%Ve-O~#Ka
zmWR=!gHcxbWu!@ZQ#Y0|%7^Dw)Q^V$KK<8k^nG;2eAb(--JXU5<)=JsCj3*=t_{#$xNZ?6^gN9T#h
z##-cv5rv0-d@gfw^`on%$d|Lyz6&WlH!#v7yMz66Fr|||M7EQew+Es&RLHT#mt}-`Xa8NOY6tkE_TrpT!(}0F!W^&V;}j{s#$WBsq|vBtt#c&jD#o`W52Jk
zml?=-37AJ}OFi$`K6^w*n}^Y%0{c8pfsX{wZa0&Ec!6jRwy3BLGC#~#v8~6N)yL{2
z4ye)+-DR!h0Xw>^P6!-ZR5b@&r@$n@cp{29JS6Y?Upj#0k@WZFvl)wy56?fahwqmZ
zetWWsp9bb^TT(yitrF~wlA&};^eOw-iYY&i$UnO4t-Rg4n=g+z#5^uX#!^f6t|T3z
zUMjrw*9@L*z&s!P%qHI{jS*iLJyo1`=vg!YGJ=HQ<>2{YwhLwDQ`>lO=s*?txN8G37cAu
z&AdX|1rHySzU28NdUTGpZVGew?(6Z7G>LlQHW2{56XU=ZYAq98GmVus4Sm4n1%8jJ
z2FXKz?Y+*tFS@Ae4EE&mxFWf~f6m6#n#R61WCfpkFnCE9W8c!ws~4nT1f-I?p1wv^2mL6rHmYpykoJQ
zJHcCl+)tucKhghX#-|KCbG3N4rq|;imM`jJ`}(01+mP!;@So|ldf{;wqfey+zg~@b
zb?fEtmHHMO$!5+ajO{T0R`xBc?T9+8Ej=>*%AUR~E1
zHr7oU0!B}HZ))J#7c-I~KiVLhhnvp~e`@vYT{V+lqkr$pmTA$}o|ze48z<=RW-ai7
zb}E?9*md8i)-l#%qkc7O*@M^cV+R{!SNbyVl#Sm3Hj}^UWZVO3F-FGng2JXV&=%Q3
zr>te#xCO&=cRpeKMmBUw>;nz`ZoA$Zy|=SwTG3tf#Ot({@Jg_@xM|I4n|^K5a(T@B
z8cF@Dk+DDz&%BlQgBkwkM3~Nv0<*y>vG;lB#9r0yR(^hHWWkYH@7rXj?#okZBj<5lZs#GpNf*bz5y=c3c6(I2&rn!_#CFFG4~y{awqKI)vl{16P!XaaW$0NwYfE+Jf
zmD65riB~&2eq_)38ic(#ZnqW1LPi&h-K;74#z})bb!ojz75*kE0q2`83;M;$*b954
zuOzJl+cRKS^8bub??s+JM}{r66y{utw{$}PJFJ>511+bdnrBhg
zs#4cAE5X+5J6)1qKDaza`dSZOL5H)0O;sHfM&?3o`tgNMshv)u_Yv?vr9Lrd>m%>M
z;Qs;qRnho2F&o7u@W1Pmoxh}h>d-RuLDo$f{C(5ZkOexU_d&Z1k`y+5GW~vxTz)~e
z3V%Mdp41XNTq)n|kd=N9^`^qlT6mVu2G8p5Ytt{r6p73DQWeoQY3-9;G!$NQm^X}b
zf9btG|3av_d_HSUYlYGNGkA7{&Ue^Pr2|J;=Q^o!k3{Jd%z71RmUH3bAZZ6{X4H6#
z3?6R!=~(mhNP*3k*oQ;SQzGM>483Q8>#ReMumy?UC!k%WrQok8d#}WoZ>cTp(E$CN
zVwbFMIB-K}AM5fb0r@-srAz2FhdLEb%+c1%CzSfEE%Z&>
zCV#i_@op{nzS&Mk+0g{A!K`m}LJDPVe3s|w>nnV)Evx}w1Q&_+YDd90TIRjbkXWWbNg(B`x4PzWV4=GvIP8wL&eNCF-J)7(>dxLcNqVaC`Ux)t;
zV-ct&_G}n#mXEWB&Sb4Q%6OKsetnNmGh&=sb|0Sq^SVb@#9eY?Ua_uRu3;Q7v*u!-
zhUiEa+GoJSIXgCoe}0%fV1Tyts_&c7y(U;+M`yNC$H7CglCM{)cUIv9){ag1(-r7z
zIey)aKH1jU^->1yu&?!reZ)&^Q%?mH{u()XgCsJ<&yHVTa#jD&Y6kByTC!)u2%G4E
z916iNlz)!>xr9$ME7mGo_RrlE);j(DQf0G|%_+t>R<}rBPy4C|`)ZFTDVvJUZUo;(
z#^fVpPbBKPpRs!#%6l^o>CnXo_F7dZvA0`<<%&Nx`VjJxcA7SMB9wLPxy&Wz7R$q`
z+pL%%hZO9(qI4@_gS^k)qv4f%kVh(Gj6UnnxqRgjRx8e}aYT{mfbJ}gW6y{|NfnL|gbQ
z(X&7N;@z>~UM;apkK(sI_&}Pz_P8R^6`I+|y$qTsk>8pKOSMmc`Im`)=EDaAZO6{z
zXYYux$U!5DL|uE2OI+(fV>tM2tRcB~#dd$~@xEQ^g%yf==)BseB-7_!Y-w6Zp6JB;
zfUz5@4u=(86hTENWw7nckHMyk1A_~zYX1S@9lee&sH%aF_%w8uKyM#(Qqb2P?5*#K
zw8=LZmpp7z5q`&*QLNp+bw00?PFwm)UG%G&(}EsNo4?VqL6>&zou2tt>Vj?JVfvYc
z91f9o()U>QP5z8;>G+LOPS_{~J{x-u>El}{Z@c&Tjpj`r@KGKE_e^B3Y+cz{v&g`H
zJOj-a*(;|}{tM+l!egX=foyVyO^@6CTIMwG*=lce
z>)sq+*k?7M?z{APSoL{zP8}fTF$}+`1^ZiHzURT8iXE(nSO4IAdDrdwz1jC+1;QDf
z9>RWSmmR0#fps6b1VQ6t@SjxkIflJI?}gB^uTeMa>spzgRn`cziI*6&Z1#J~|G9(>
z-O9Z1?w2QPv5)oS+YWfULf^{oFAggZJ>FUN7vgGHi46Xk*pW%JM4n#gX)NnZF|s&{
z{P&~tOVNE-#w7q=b}`;(qBe*hd5?wm{nv2*S?+HW4d7J|&$DQ^iQGp2AEASNu|>hi
z>zEoBe17&*Vjnn01?P*0L-NIaqw>UUV`9YRn$X__WU~huDSNXUdh;lMC&VPZ_!dlJ
zzd(GzB37eMzKY+F#6QI9{)7qt98oLOBDx`u!l+_-9$BA89tFs23jC}C_X*^3hOxn}
ziKUd`pNNU*UzdROvR3FiQ8O?{*7Glsb{iU4C>rzaiO@pv6uQ_8x#q*aV7*d0bA~=b
z{FUu9iQ(AL-F&;m{5uPN19E?S&}wlpX!fte0NdF
zIGmxLF~lmK_!CvR}zVoc($7@KhTC;txb
zj!Kw&ouRu08r8}sgX1jN3}7EkdXE$kViRpci$oK!j^^7&H4nj(99kgUi6wcmhED_Q
zEc7H4e8G&}IQX4_tn<(*hYq6iw9i5=?e7TSZ7Q?QKcM6U?qha6K}UH17Mw?zZ|BLk
zq37>lU+!o9@L?Yp3$|d^jZR^C@*&DyLkfj^P=R=g@d(Ct?L!vIS5|XjCw%@)zo+Sc
zH~mBe<%@f61L=-FN0o>g;f44m#4eHFH0<0b;NQx4+hbSIzJeTcz%~UvDg=`m{889S
z53qd-&Ml0eP04^fKe~i{DYg^)sn*tY*qCUgdtiS%GGDgn6@O>;@~<${*C2I6*T`CL
ztrvA!XWBz|IrQze4*bNy@gG@7vF*xU2{7-5pL}w)-YMNyWoo@rvQ}#f{=T>X?#}`&
zqPcgvba6F0&Z7Pbp1)HkqChqR?>l2{axMC^75!EI_9F0=+HpD7rDK%sZgFJ`k|2;qUPI>9_y40aZcO&2Dk*8YopJeR2@Vpe=KE%69N$6W7
zWh=pb5Z(Tn=XvV<3w!VwxhvS)g;-?0JEi}hs_&bj&IY9OIIGabm}M>O>~rWth?=AD
z*EJ|l+=s2{2JS#)?iZ3Pp7!J1(Z|AB>sH|uXuY#_^*@FCR{eOTNGIQ1S$AlGsM|fq
z;gh~o41b$souFJ<`}z4-;|I6u;Ggn;B=G-H0@D7|v_H$srTShV&8{lfVkdG6F3)PU
zYO4HzR;yJba&6wk*cqB8bo{P~>OTbtG;dkUQ5@x$Z+-
z9Qgs~56zP%X`0P>s##|v*G=uNJFIC|t-jWSyqLVF%4;`tQSVdgw{lV6Cq39|x~AS+
z$*MLN_)Z=HUh;BZaw~Zca@&lnd7PvCV4OTyLit%u+Tv6`>;vaoDi77{d3iJKfkwQG
zW)q)xRe7W07<;ah=2+h4#AeROLhDRr;jZXcZBS&w*Z8)C)niB&#I{2qsc>+
z;?_LBfluMfp5+1J^tv&b;`bQi!k3+i<3A70S;SDkA%=aFd>`-giJL0bxb1IrHhzJX
zeW6W+L2EERP1b!YV&|d)@vvb(03oBDT-@sy>?7XlGJWVzIu^FSVxx506_3Ak4}cy;XirOfd;Q
ziQS1R`saRwh(;E1(EAL3!VOF+HWiEiJsvFhMDj9w%@Wee;rTzU>$-Z;KyB&2ejk$r
zcclwoA`^8^^{M?H!A(HW=a{iY<(DFg%81oft%BZE)8YB;{Zj}7aMbE4p;-}Ro
zIgk5waPH3U>Lx}I?02V4b9sZPkjEIbE1#XC2}s9+>39V1se4ep_>8yv*^Sy
z?c;X#SkQ2FR%#WKp;I}$@aM{Vl1Ffs>aNaf&iBo+?&l84fiTO(tR^X=I0yBtB4#h^
zB@f>FTF%Be&T4~u=M)z4F6$({QPz6-2mK?==ih#O#Zlho1sUeDR$J0$m;j-2(Z
zvbQyQf6w_ynU3?!QF$91wqG^~lU5moa=L4E83$ej}^)svI6-HVv
zy;RpQh`SzMpV1y!c&qz!pKD7zYe4%!^eBfD@pRK+~vywr1w
zW^irJIn^p;$(f!0Bl_5kO!qRTFFK|48O9k?WvjI4szA$0&Ppn`w@#a|Mwh5Be`#%U
zC3izsa_-w)i+`~x7?z`h>f9_@Ti~JYX0&B4s)2VOrccqc-)2>NHq2P40+U{GhJ%gMjgj2=}_to-CkWKl&WI`Q3;D`!sA5M@bf2^G}Ky+R;
zf9{MD>9G9?UVWjj&Z(`O5j_O$m*9ULd#(N0udr}SdC;?&i%vpc)=V6bS|h#>ch&Sp
zWN-;u>MVE@vTk#gmw~+hY%fprEN!=9+EjSofGkf3nolpkCv}ubXY`QmR(-mEjQNa@
zqm8EzwpiV#;7*^Hx(hZE8+StOOR*yfA?C7f9ahiTS~IC%RZV06Idzx5S%)(@bxx(^
zJrB9})8b#Q<>-quQG?g3VBjvDThQ?QJ^j$3pHyGi4U>Ld-r}b-W?gF^9~Svi2nD
zyVscK-mUeJE)9chLhautsaQJg4B(i?{`}m85_tw*0)6uxac4XBKl#HxxB=_KWXAF&
zYvmU9%gR0z1C=M~e@RfGaGW>(p%3<{4^wZwUH^;a5!RML^b-n>Eu>WB^YVzy+wb*=
zYc+>_y&96N$N=-Y8;8B%H*J2(e(92
zw~hnhCn&kU4_-5UY-JwJhTb6FbLsbczKy5PTlzknC*2L7V~K(M#9FFiQ`1yG#D6Z3
zTi_)YdA`mX*eEE6^8k~qfjpf#i)cYS?lI=h=kR$2S|_19Oz}Wl8+u);)=%o)aHr}I
zL!kL)Nf+vkgI9Gm|woQ|AKVB7}%GU)GT
z{8YR@fHs`r%4+I<8DPG8FZhpyuY0H6%f#!}(wCCg26SL1W7?hfui!)Rb`E+!Dmx8L
z6>Iz!8r+YChK;+7D*nou1m((avC!^o&aPMR?Cs0>+I6IE`Z&spJT0ObeS|Xx=af9@
zV=n&C0Q#Rz?0pRMXT#HZz8_{h=7Xbzv>iE(CIRTZ_RJZ{)$>W-ZRpJ~
zzUzq#{y&|CUcpG*K!2Cv|AXxvafEAsMI&i`ua?m294mix(&6&(o)^wd?B3}BF%`2m
zy{CED8>aaz}@XI6KeFE6-$C=a<#CvA;A6nh|cdhFo`>&G6{
zTFdhI;j+BTBq>}P5w>V0<&kT&9JyMQl+v^&{T8SAeb+?kfBqMmEp)-Tq9(fA7F||r
z*R$kzy_ZLvb?J*P_*>oa(I(>W1hP-KVeN=A%bLuAp6LD(Y)v801w4PvbL#jFazfkm
zSReKr%V
zOTFYbf9RYs|LbbGGAz?8QuCjFZO(caSCFbHj?IHJ6GcCI`#wC
z28Wz+7y_N`>oefW;4{(Z)(HV6fSPMJZfOmJw3$VeTldq+p
z53z~A+2S$lMGe)KKGZ#q_jxu^r+}2ea~f@|d`m@6b9pYI?B(mA*&mgCrOtf5Z{&MC
zv?lSKPJc6apHEUY`3L&w&;KIb=qF$849qR4?{Dv;$nLKxAFT)+7V_1s|1aR%{HaZ)
zPAzD(f?gjmyhZNITG?tVEWc7jDK8`k!Mcd{zi~VP^CWjr
zd|(bhPvlm}kQ=Kd@m!lN?Q5(Q6E+NGm&+x@qBO5cPQVvpauB>Lz!Ax>vaun18r}}t
zh8Qm-ifs#WyP0Er0N-kNh4gGG7M05ahqs*gl+h9=jnxey>5}7*boW$9fAnv0;-M`z
zYLR)**u*a5b-sX1p>3M*VH(;s-u{l^u|L@TGc!k~*qVlD-S4TjLbPgP)d?
zCnUdy_a+$r1=bg7KZ(c2*kW&)45Ef+k|)jc&1uUdNpr^7NR$pK`S
z6aNp9tHoAvda-nB4qq0rQY_ewk-J*D!Q1R$LHAMm8)!em<{{cQa)OesxyOfo*a-0Z
zWo%9)pY3~R%SArw(Njj9fuC`IZb<5x_bz%?qxWD;cTkQ{r(>GM#u{X943}bb`N?5W
zj>gvwnEYVwh0VdNlQj2Ja#@a_ItfR+sBC2JS{5_2tCv=MPC6>L88!8U=5w@l9(zB!|E-&Kr_JzA9OQu7f&G
zoE`MDcn?DhLk
zctz|vE74Ix{T85e8N3&;u@if`?ltZ^yp`g0@S)S>lw90`?#7s%kTfv=kA0qzR@Xl*
z$(dEsm3gl)uKtSV1bqjPnNGVF`V5?lsl)4O7a(&8(mm%3WIn-elg^_r)YmhfQt3dP
zbg!;8`HlJl_GfyhzsV&6&%*Bk*eQyPEtL=ggL?o%m}zkaI4BwUr7HE2DRCjU*xaIC^5(
z$nERoX<(LLe&VZ;2e7vv(pcy@H*vV%#x|l<+Ts6glmGCKi%eYDQ-?KSLg!Nz;gJJ?*r9+^w)#kS^V7yOT)
z3S!j@|8lUsJ!)TT`E&9+gucZ&I23Gq%oz2+{DV;Dxj4S9Z}6c=yj^(#YFuuZjA&5e(Igg`pGB8fbuJ
z{Vd^p+uzU8_%YvNZMLJWz?L01+uriwv!p9Ai0$E8NAwGQtQXp+nDYhnCG;?LmPHK=PhdM){#r46*0OO
z+q(_fm=+;paFFAZ%z2o5>Xo!>@bf6t0RMG&mGp1kYRkDftO@JSl1O|i(QEJFT3g)l
z*eh-V$H(yPn1tjM{r5G$4iC9C)}@lby~zi@x9D$UKN&kbByC!b;(W>Lo+NHy^UjlG
zY`*E(i=Hq0iCF=;`P$)Y-mtwghRyEJ&gPy2t{Ln{x<>R)^b&qud%ne%bDTRO`ZTwH
zA{YA&4%_Au{J$37Dr}l~B2y2!u)Pe-dLF*&njziTx6_#SjhU6JEjD+s?xy90dMei4@SlhX-8tKIEN169Iw2ydA;hmBN
zo|EPbj^-a-54xV?p7SIA6dU_U7O~g_mZS6=$n&)1F_OTZdNcj4j2#Eh`|PbF8FPap
zcHd^~1o-YmPS?5FqiMI{-|!y+%hESx|3{<^wed8#!X_v9jqZBxi+cX7aCp%gTnvtT
z;2nYdUYxO1YhQErmYChfUP$l>8dG_<}Ls!M?^Gm(5&a@+`JuYZPn;+#$}*
zkgShk(DN}wUgvV}k3Ub@GpLQ5^u6o}ND6Z|GSA%CXdA)(o2hbPdvM>pi3!wtSMr&L
ze?^K19C|kB85DF?NoRPo$eHdJVQ@8Zj@>`7Mq1;`ZH%o%?n7ujGQV?k-jhckc>d@3
zqjQ;4#QibZRrcNYkoed#zqjgVegpcx!rn&gl!Ev7IpuN<^?x6{1?1*^XgR;fyJm(j
z(eoAeV#e5
zQFr=I-3jTwqI=^8_N@WvxDp#4Fkh#Bdi~)ZiXGk($j`imPVBV>!`JK={ds?OK=;S-
z`vLtm#Nl$)gRI$iJmoS1{+aiY-u3Z`yJyF&pmcN1Xu1@8k0EdF{ZU&dz_$>b%bg-9k=2WxwBp9<9j?#if6WO9>gvU2-g$H^~ru@?lfo-_E&vn*Q|6Ino3DCCDDY
z-T`#ZPCY!5*V$CU{EZGVJO%p_qR1@mJqm89)qO;2Mn&eTL2BtwB7{t#5d{1_KiC
z>fRsV?a4Vq9A4v2G>RN#GB*oS`F(M^PvgsT@br6v9kA&C%2R)ooZtP5q%Ho(?(g^-
zp|9UownN9Uw})8ho^A0RqJy_e#?mjtMuD${TA3h;LyM(L=4`oQM2TFE?keV;gqrY0
zb^M39dN$}e-Ng94_;MC5?XXY9zB#BZrTOfw_&E$bE1+HcewB6uWASzMG4GS%iBA%`-VZjL%!iuTzta%qfLpZx!OJ^|zh4A2;=9?``@PxMT1f
zX*)O|7hfOUU(XAgGW4t?o(?8$v1zbr>ku~dJK7$`PlM|l_^XN6mm{5;w{h%Z%#M-c
z19xm>^xziFA_)
zLegk$GwnL7joo%KZ6qPR@G-{2i3{yECHXxz6w`pf|l*2AM&+IP
zjy~0&!}z8)vi=>~`Zlsban%(@46eGvHom%nR)+G!ooxK!l;Q`~k8t81<6k6USYd>|
RIB}?p#-q`iX86%~{U3Ebo9_Ss


From 3648afaab5ec2ba8dce1371d76c5ba69147b832a Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 27 Jun 2020 17:04:01 +0200
Subject: [PATCH 1076/2300] Adding restart  parameter to v-install-unsigned-ssl

---
 bin/v-install-unsigned-ssl | 19 ++++++++++++-------
 1 file changed, 12 insertions(+), 7 deletions(-)

diff --git a/bin/v-install-unsigned-ssl b/bin/v-install-unsigned-ssl
index e0fdd46d..3c939e50 100644
--- a/bin/v-install-unsigned-ssl
+++ b/bin/v-install-unsigned-ssl
@@ -1,14 +1,19 @@
 #!/bin/bash
 
-# Script will install unsigned SSL to desired domain
-
 if [ $# -lt 1 ]; then
-	echo "usage: v-install-unsigned-ssl DOMAIN"
-	exit 1
+    echo "usage: v-install-unsigned-ssl DOMAIN [RESTART]"
+    exit 1
 fi
 
 domain=$1
 
+if [ $# -lt 2 ]; then
+    restart='yes'
+else
+    restart=$2
+fi
+
+
 user=$(/usr/local/vesta/bin/v-search-domain-owner $domain)
 
 if [ ! -d "/home/$user" ]; then
@@ -27,7 +32,7 @@ TMPLOC="/home/$user/tmp/$domain"
 mkdir $TMPLOC
 
 # Generating SSL certificate
-/usr/local/vesta/bin/v-generate-ssl-cert $domain $email 'US' 'California' 'San Francisco' 'myVesta Control Panel' 'IT' "www.$domain" > $TMPLOC/vst.pem
+/usr/local/vesta/bin/v-generate-ssl-cert $domain $email 'US' 'California' 'San Francisco' 'Vesta Control Panel' 'IT' "www.$domain" > $TMPLOC/vst.pem
 
 # Parsing certificate file
 crt_end=$(grep -n "END CERTIFICATE-" $TMPLOC/vst.pem |cut -f 1 -d:)
@@ -48,10 +53,10 @@ get_domain_values 'web'
 if [[ $SSL == 'no' ]]
 then
     #Configure SSL and install the cert
-    /usr/local/vesta/bin/v-add-web-domain-ssl $user $domain $TMPLOC
+    /usr/local/vesta/bin/v-add-web-domain-ssl $user $domain $TMPLOC "same" "$restart"
 else
     #Replace the existing cert with the new one
-    /usr/local/vesta/bin/v-change-web-domain-sslcert $user $domain $TMPLOC
+    /usr/local/vesta/bin/v-change-web-domain-sslcert $user $domain $TMPLOC "$restart"
 fi
 
 rm -rf $TMPLOC

From ade95317d100417c43411ae753a058feb4b239bf Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 27 Jun 2020 17:05:10 +0200
Subject: [PATCH 1077/2300] Update v-install-unsigned-ssl

---
 bin/v-install-unsigned-ssl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-install-unsigned-ssl b/bin/v-install-unsigned-ssl
index 3c939e50..6e13e6e6 100644
--- a/bin/v-install-unsigned-ssl
+++ b/bin/v-install-unsigned-ssl
@@ -32,7 +32,7 @@ TMPLOC="/home/$user/tmp/$domain"
 mkdir $TMPLOC
 
 # Generating SSL certificate
-/usr/local/vesta/bin/v-generate-ssl-cert $domain $email 'US' 'California' 'San Francisco' 'Vesta Control Panel' 'IT' "www.$domain" > $TMPLOC/vst.pem
+/usr/local/vesta/bin/v-generate-ssl-cert $domain $email 'US' 'California' 'San Francisco' 'myVesta Control Panel' 'IT' "www.$domain" > $TMPLOC/vst.pem
 
 # Parsing certificate file
 crt_end=$(grep -n "END CERTIFICATE-" $TMPLOC/vst.pem |cut -f 1 -d:)

From 94ffccf1b0b9ccb517f770ad457052d8095c6dd4 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 27 Jun 2020 20:24:03 +0200
Subject: [PATCH 1078/2300] Update v-install-unsigned-ssl

---
 bin/v-install-unsigned-ssl | 29 ++++++++++++++++++++++++++++-
 1 file changed, 28 insertions(+), 1 deletion(-)

diff --git a/bin/v-install-unsigned-ssl b/bin/v-install-unsigned-ssl
index 6e13e6e6..8f126c3d 100644
--- a/bin/v-install-unsigned-ssl
+++ b/bin/v-install-unsigned-ssl
@@ -1,5 +1,16 @@
 #!/bin/bash
 
+# info: install unsigned SSL to domain
+# options: DOMAIN [RESTART]
+#
+# The function install unsigned SSL to domain
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument definition
 if [ $# -lt 1 ]; then
     echo "usage: v-install-unsigned-ssl DOMAIN [RESTART]"
     exit 1
@@ -13,6 +24,9 @@ else
     restart=$2
 fi
 
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
 
 user=$(/usr/local/vesta/bin/v-search-domain-owner $domain)
 
@@ -26,6 +40,10 @@ if [ ! -d "/home/$user/web/$domain/public_html" ]; then
     exit 1;
 fi
 
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
 email="info@$domain"
 
 TMPLOC="/home/$user/tmp/$domain"
@@ -45,6 +63,7 @@ sed -n "1,${crt_end}p" $TMPLOC/vst.pem > $TMPLOC/$domain.crt
 sed -n "$key_start,${key_end}p" $TMPLOC/vst.pem > $TMPLOC/$domain.key
 chmod 666 $TMPLOC/*
 
+source /usr/local/vesta/func/main.sh
 source /usr/local/vesta/func/domain.sh
 
 USER_DATA="/usr/local/vesta/data/users/$user";
@@ -61,4 +80,12 @@ fi
 
 rm -rf $TMPLOC
 
-exit 0
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+# Logging
+log_event "$OK" "$ARGUMENTS"
+
+
+exit

From 8933d2b5b0a9c3beab83ea2bbe187e145069b9d0 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 27 Jun 2020 20:25:36 +0200
Subject: [PATCH 1079/2300] Update v-install-unsigned-ssl

---
 bin/v-install-unsigned-ssl | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/bin/v-install-unsigned-ssl b/bin/v-install-unsigned-ssl
index 8f126c3d..85727c33 100644
--- a/bin/v-install-unsigned-ssl
+++ b/bin/v-install-unsigned-ssl
@@ -24,6 +24,9 @@ else
     restart=$2
 fi
 
+source /usr/local/vesta/func/main.sh
+source /usr/local/vesta/func/domain.sh
+
 #----------------------------------------------------------#
 #                    Verifications                         #
 #----------------------------------------------------------#
@@ -63,9 +66,6 @@ sed -n "1,${crt_end}p" $TMPLOC/vst.pem > $TMPLOC/$domain.crt
 sed -n "$key_start,${key_end}p" $TMPLOC/vst.pem > $TMPLOC/$domain.key
 chmod 666 $TMPLOC/*
 
-source /usr/local/vesta/func/main.sh
-source /usr/local/vesta/func/domain.sh
-
 USER_DATA="/usr/local/vesta/data/users/$user";
 get_domain_values 'web'
 

From f269b275dad7a5d815e2ff31c809ec36cea5e4ea Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 27 Jun 2020 20:37:48 +0200
Subject: [PATCH 1080/2300] Install unsigned SSL when user add domain

---
 bin/v-add-web-domain | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/bin/v-add-web-domain b/bin/v-add-web-domain
index b3d80de3..5a4f029f 100755
--- a/bin/v-add-web-domain
+++ b/bin/v-add-web-domain
@@ -164,6 +164,9 @@ echo "DOMAIN='$domain' IP='$ip' IP6='' ALIAS='$ALIAS' TPL='$WEB_TEMPLATE'\
  STATS='' STATS_USER='' STATS_CRYPT='' U_DISK='0' U_BANDWIDTH='0'\
  SUSPENDED='no' TIME='$time' DATE='$date'" >> $USER_DATA/web.conf
 
+# Install unsigned SSL
+$BIN/v-install-unsigned-ssl "$domain" "no"
+
 # Restarting web server
 $BIN/v-restart-web $restart
 check_result $? "Web restart failed" >/dev/null

From 884b97853ab99e1c21752ab36e70427b14240aa3 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 27 Jun 2020 20:42:18 +0200
Subject: [PATCH 1081/2300] Version 0.9.8-26-26

---
 src/deb/latest.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/latest.txt b/src/deb/latest.txt
index a853309e..758fb6f7 100644
--- a/src/deb/latest.txt
+++ b/src/deb/latest.txt
@@ -1 +1 @@
-vesta-0.9.8-26-25
+vesta-0.9.8-26-26

From 03410e47c44b617829931be0afccabdbdb920358 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 28 Jun 2020 01:49:03 +0200
Subject: [PATCH 1082/2300] Create Changelog

---
 Changelog | 15 +++++++++++++++
 1 file changed, 15 insertions(+)
 create mode 100644 Changelog

diff --git a/Changelog b/Changelog
new file mode 100644
index 00000000..78643984
--- /dev/null
+++ b/Changelog
@@ -0,0 +1,15 @@
+Version 0.9.8-26-26 [27-Jun-2020]
+==================================================
+
+* Self-signed SSL will be automaticaly added when you add new domain
+* Script for adding self-signed SSL to desired domain
+* From now, on fresh installed server, default backup cron goes at Saturday at 01 AM (instead of everyday at 05 AM)
+
+Version 0.9.8-26-25 [23-Jun-2020]
+==================================================
+* [Security] Fixing unnecessary slash in nginx configs for phpmyadmin and roundcube
+* [Security] Adding escapeshellarg on few more places in php code
+
+Version 0.9.8-26-24 [22-Jun-2020]
+==================================================
+* nginx + php-fpm installer variant now finally works

From aac0fd1f8f854bfa533217947fc100673fa0e471 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 28 Jun 2020 01:50:15 +0200
Subject: [PATCH 1083/2300] Rename Changelog to Changelog.md

---
 Changelog => Changelog.md | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 rename Changelog => Changelog.md (100%)

diff --git a/Changelog b/Changelog.md
similarity index 100%
rename from Changelog
rename to Changelog.md

From a8565399d3f1f7ea217356a8ba79a7e04306f47c Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 28 Jun 2020 02:41:44 +0200
Subject: [PATCH 1084/2300] Update Changelog.md

---
 Changelog.md | 51 +++++++++++++++++++++++++++++++++++++++++++++++----
 1 file changed, 47 insertions(+), 4 deletions(-)

diff --git a/Changelog.md b/Changelog.md
index 78643984..75223015 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -1,9 +1,9 @@
 Version 0.9.8-26-26 [27-Jun-2020]
 ==================================================
-
-* Self-signed SSL will be automaticaly added when you add new domain
-* Script for adding self-signed SSL to desired domain
+* [Feature] Self-signed SSL will be automaticaly added when you add new domain
+* [Feature] Script for adding self-signed SSL to desired domain
 * From now, on fresh installed server, default backup cron goes at Saturday at 01 AM (instead of everyday at 05 AM)
+* New favicon for hosting panel
 
 Version 0.9.8-26-25 [23-Jun-2020]
 ==================================================
@@ -12,4 +12,47 @@ Version 0.9.8-26-25 [23-Jun-2020]
 
 Version 0.9.8-26-24 [22-Jun-2020]
 ==================================================
-* nginx + php-fpm installer variant now finally works
+* [Bugfix] nginx + php-fpm installer variant now finally works
+
+Version 0.9.8-26-23 [14-Jun-2020]
+==================================================
+* Adding label that LetsEncrypt can be added when you Edit domain
+
+Version 0.9.8-26-22 [13-Jun-2020]
+==================================================
+* [Bugfix] Checking (in order to delete) php7.4 pool config file while deleting domain
+
+Version 0.9.8-26-21 [13-Jun-2020]
+==================================================
+* [Feature] Blocking executable files inside archives in received emails (ClamAV)
+* [Bugfix] Removing ability to schedule LetsEncrypt issuing while adding new domain (because it can fall in infinite loop whole day)
+* [Bugfix] Force acme-challenge to use Apache if myVesta is behind main nginx
+* [Bugfix] Adding http2 support to nginx caching.tpl
+* [Bugfix] Script that removes depricated 'ssl on;' in nginx templates
+* [Security] Ensure UPDATE_SSL_SCRIPT is not set in some config files
+
+Version 0.9.8-26-20 [01-Jun-2020]
+==================================================
+* [Bugfix] Script that will ensure that Apache2 will always stay in mpm_event mode
+* [Bugfix] Ensure config files will not be overwritten while updating vesta-nginx package
+* [Bugfix] Fixing URL in v-update-web-templates script
+* [Feature] Additional rates for nginx anti-denial-of-service templates
+
+Version 0.9.8-26-19 [15-May-2020]
+==================================================
+* [Bugfix] Do not match subdomains while restoring domain [v-restore-user]
+
+Version 0.9.8-26-18 [15-May-2020]
+==================================================
+* [Bugfix] Fixing NS parameters in v-add-dns-on-web-alias
+
+Version 0.9.8-26-17 [15-May-2020]
+==================================================
+* [Bugfix] Reverting default clamav socket path 
+* [Bugfix] Putv mail_max_userip_connections = 50 in dovecot
+
+Version 0.9.8-26-16 [15-May-2020]
+==================================================
+* [Bugfix] Allow quick restarting of nginx if acme-challenge should be added many times
+* [Bugfix] Enabling email notification  to fresh installed servers about backup success status
+* [Bugfix] Timeout 10 sec for apache2 status

From 46a2f3708b7a74e409aa39100f07b4e9b1bbab20 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 28 Jun 2020 03:18:42 +0200
Subject: [PATCH 1085/2300] Update Changelog.md

---
 Changelog.md | 41 ++++++++++++++++++++++++++++++++++++++---
 1 file changed, 38 insertions(+), 3 deletions(-)

diff --git a/Changelog.md b/Changelog.md
index 75223015..e4eafde6 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -7,8 +7,8 @@ Version 0.9.8-26-26 [27-Jun-2020]
 
 Version 0.9.8-26-25 [23-Jun-2020]
 ==================================================
-* [Security] Fixing unnecessary slash in nginx configs for phpmyadmin and roundcube
-* [Security] Adding escapeshellarg on few more places in php code
+* [Security] Fixing unnecessary slash in nginx configs for phpmyadmin and roundcube (Credits to Bernardo Berg @bberg1984 for finding this issue!)
+* [Security] Adding escapeshellarg on few more places in php code (Credits to Talha Günay and @Lupul for finding these places)
 
 Version 0.9.8-26-24 [22-Jun-2020]
 ==================================================
@@ -49,10 +49,45 @@ Version 0.9.8-26-18 [15-May-2020]
 Version 0.9.8-26-17 [15-May-2020]
 ==================================================
 * [Bugfix] Reverting default clamav socket path 
-* [Bugfix] Putv mail_max_userip_connections = 50 in dovecot
+* [Bugfix] Put mail_max_userip_connections = 50 in dovecot
 
 Version 0.9.8-26-16 [15-May-2020]
 ==================================================
 * [Bugfix] Allow quick restarting of nginx if acme-challenge should be added many times
 * [Bugfix] Enabling email notification  to fresh installed servers about backup success status
 * [Bugfix] Timeout 10 sec for apache2 status
+
+Version 0.9.8-26-15 [09-May-2020]
+==================================================
+* [Feature] nginx anti-denial-of-service templates
+* New logo
+
+Version 0.9.8-26-14 [08-May-2020]
+==================================================
+* v-clone-website script switched to parameters
+* Display new version in console while updating myVesta
+
+Version 0.9.8-26-13 [07-May-2020]
+==================================================
+* [Feature] Put build date and version in right-bottom corner of control panel
+
+Version 0.9.8-26-12 [07-May-2020]
+==================================================
+* [Feature] Put build date and version while compiling myVesta
+* [Feature] Office365 DNS template
+* [Feature] Yandex DNS template
+* ProFTPD MaxIstances = 100 for fresh installed servers
+
+Version 0.9.8-26-11 [01-May-2020]
+==================================================
+* [Feature] Skipping LE renewing after 7 failed attempts
+* [Bugfix] Keep conf files during auto-update
+* [Bugfix] Do not restart apache while preparing letsencrypt acme challenge
+* [Bugfix] Set ALLOW_BACKUP_ANYTIME='yes' for fresh installed servers
+
+Version 0.9.8-26-10 [11-Apr-2020]
+==================================================
+* [Feature] Creating v-normalize-restored-user script (normalize NS1, NS2 and IP of account that is backuped on other server and restored on this server)
+* Tweak for hostname FPM conf
+* [Security] Forbid changing root password (Credits to Alexandre ZANNI, Orange Cyberdefense, https://cyberdefense.orange.com)
+* [Security] Importing system enviroment in v-change-user-password (Credits to Alexandre ZANNI, Orange Cyberdefense, https://cyberdefense.orange.com)

From bee9a7498a3254f575c1741c9187ea8887b22cc3 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 28 Jun 2020 03:59:31 +0200
Subject: [PATCH 1086/2300] Update Changelog.md

---
 Changelog.md | 52 ++++++++++++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 50 insertions(+), 2 deletions(-)

diff --git a/Changelog.md b/Changelog.md
index e4eafde6..b0bb7a6b 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -54,12 +54,12 @@ Version 0.9.8-26-17 [15-May-2020]
 Version 0.9.8-26-16 [15-May-2020]
 ==================================================
 * [Bugfix] Allow quick restarting of nginx if acme-challenge should be added many times
-* [Bugfix] Enabling email notification  to fresh installed servers about backup success status
+* [Bugfix] Enabling email notification to fresh installed servers about backup success status
 * [Bugfix] Timeout 10 sec for apache2 status
 
 Version 0.9.8-26-15 [09-May-2020]
 ==================================================
-* [Feature] nginx anti-denial-of-service templates
+* [Feature] nginx templates that can prevent denial-of-service on your server
 * New logo
 
 Version 0.9.8-26-14 [08-May-2020]
@@ -91,3 +91,51 @@ Version 0.9.8-26-10 [11-Apr-2020]
 * Tweak for hostname FPM conf
 * [Security] Forbid changing root password (Credits to Alexandre ZANNI, Orange Cyberdefense, https://cyberdefense.orange.com)
 * [Security] Importing system enviroment in v-change-user-password (Credits to Alexandre ZANNI, Orange Cyberdefense, https://cyberdefense.orange.com)
+
+Version 0.9.8-26-9 [23-Mar-2020]
+==================================================
+* [Security] Preventing manipulation with $SERVER['HTTP_HOST'] (Credits to @mdisec - Managing Partner of PRODAFT / INVICTUS A.Ş. Master ninja at pentest.blog)
+
+Version 0.9.8-26-8 [23-Mar-2020]
+==================================================
+* [Security] Temporary fix for parsing backup conf (Credits to @dreiggy - https://pentest.blog/vesta-control-panel-second-order-remote-code-execution-0day-step-by-step-analysis/)
+
+Version 0.9.8-26-7 [18-Mar-2020]
+==================================================
+* [Bugfix] Fix that avoid LetsEncrypt domain validation timeout
+* [Bugfix] Set timeout in v-list-sys-web-status script
+
+Version 0.9.8-26-6 [21-Feb-2020]
+==================================================
+* [Bugfix] mail-wrapper.php from now works
+* [Feature] Introducing NOTIFY_ADMIN_FULL_BACKUP, email notification about backup success status
+* [Feature] Introducing KEEP_N_FTP_BACKUPS, ability to limit number of remote FTP backups
+* [Feature] Introducing force-https-webmail-phpmyadmin nginx template
+* [Feature] Trigger for /root/update_firewall_custom.sh
+* Moving to myvestacp.com
+
+Older version
+==================================================
+* [Bugfix] Let's Encrypt HTTP/2 support (by @serghey-rodin)
+* [Bugfix] Fixing broken autoreply output
+* Support for Debian 10 (previous Debian releases are also supported, but Debian 10 is recommended)
+* [Support for multi-PHP versions](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/multi-php-install.sh)
+* You can limit the maximum number of sent emails (per hour) [per mail account](https://github.com/myvesta/vesta/blob/master/install/debian/10/exim/exim4.conf.template#L105-L106) and [per hosting account](https://github.com/myvesta/vesta/blob/master/install/debian/10/exim/exim4.conf.template#L65-L66), preventing hijacking of email accounts and preventing PHP malware scripts to send spam.
+* You can see [what PHP scripts are sending emails](https://github.com/myvesta/vesta/blob/master/install/debian/10/php/php7.3-dedi.patch#L50), when and to whom
+* You can completely "lock" myVesta so it can be accessed only via **secret URL**, for example https://serverhost:8083/?MY-SECRET-URL
+    + Literally no PHP scripts will be alive on your hosting panel (won't be able to get executed), unless you access the hosting panel with secret URL parameter. Thus, when it happens that, let's say, some zero-day exploit pops up - attackers won't be able to access it without knowing your secret URL - PHP scripts from myVesta
+* We [disabled dangerous PHP functions](https://github.com/myvesta/vesta/blob/master/install/debian/10/php/php7.3-dedi.patch#L9) in php.ini, so even if, for example, your customer's CMS gets compromised, hacker will not be able to execute shell scripts from within PHP.
+* Apache is fully switched to mpm_event mode, while PHP is running in PHP-FPM mode, which is the most stable PHP-stack solution
+    + OPCache is turned on by default
+* Auto-generating LetsEncrypt SSL for server hostname (signed SSL for Vesta 8083 port, for dovecot (IMAP & POP3) and for Exim (SMTP))
+* You can change Vesta port during installation or later using one command line: **v-change-vesta-port [number]**
+* Backup will run with lowest priority (to avoid load on server), and can be configured to run only by night (and to stop on the morning and continue next night)
+* You can compile Vesta binaries by yourself
+* [Script that will convert Vesta to myVesta](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/convert-vesta-to-myvesta.sh)
+* [Wordpress installer in one second](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/create_wp_https)
+* [Script for importing cPanel backups to Vesta](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/cpanel-import.sh)
+* [Cloning script that will copy the whole site from one domain to another (sub)domain](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/v-clone-website)
+* [Script that will migrate your site from http to https, replacing http to https URLs in database](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/v-migrate-site-to-https)
+* [Script that will install multiple PHP versions on your server](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/multi-php-install.sh)
+* [Script that will install nginx templates that can prevent denial-of-service on your server](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh)
+* [Official Vesta Softaculous installer](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/install-softaculous.sh)

From 5f3d2511efa1c1843249674af1136c69152875de Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 28 Jun 2020 04:42:37 +0200
Subject: [PATCH 1087/2300] Update Changelog.md

---
 Changelog.md | 45 ++++++++++++++++++++++++++++++++++++++++-----
 1 file changed, 40 insertions(+), 5 deletions(-)

diff --git a/Changelog.md b/Changelog.md
index b0bb7a6b..5ee3e01f 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -112,12 +112,51 @@ Version 0.9.8-26-6 [21-Feb-2020]
 * [Feature] Introducing KEEP_N_FTP_BACKUPS, ability to limit number of remote FTP backups
 * [Feature] Introducing force-https-webmail-phpmyadmin nginx template
 * [Feature] Trigger for /root/update_firewall_custom.sh
+
+Version 0.9.8-26-5 [10-Feb-2020]
+==================================================
+* [Security] sudoers fix for Debian10
+* [Feature] [Script that will migrate your site from http to https, replacing http to https URLs in database](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/v-migrate-site-to-https)
+* [Feature] [Cloning script that will copy the whole site from one domain to another (sub)domain](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/v-clone-website)
+* [Feature] [Script that will install multiple PHP versions on your server](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/multi-php-install.sh)
+* [Bugfix] Roundcube force https
+* [Bugfix] Exim compatibility with Loopia for Debian10
+
+Version 0.9.8-26-4 [07-Jan-2020]
+==================================================
+* [Feature] Allow whitelisting specific IP for /api/
+* [Feature] Allow whitelisting specific IP to avoid secret_url
+* [Feature] Allow Softaculous in secure_login gateway
+* [Bugfix] apparmor install fix again
+* [Bugfix] Turning off MariaDB SQL strict mode
+
+Version 0.9.8-26-3 [26-Nov-2019]
+==================================================
+* [Feature] Support for sub-releases
+* [Bugfix] Better check if session cron already added
+
+Version 0.9.8-26-2 [15-Nov-2019]
+==================================================
+* [Feature] Support for sub-sub-sub-sub versions :))
+* [Bugfix] Support for longer username of email accounts
+* [Bugfix] apparmor install fix
+* [Bugfix] Trying to fix ClamAV broken socket
 * Moving to myvestacp.com
 
-Older version
+Version 0.9.8-26 [28-Sep-2019]
 ==================================================
 * [Bugfix] Let's Encrypt HTTP/2 support (by @serghey-rodin)
 * [Bugfix] Fixing broken autoreply output
+* [Feature] Multi-PHP support for PHP 7.4
+* [Feature] Multi-PHP installer for Debian 8
+* [Bugfix] Cron for removing old PHP sessions files
+* [Bugfix] New CloudFlare IPs
+* [Security] MySQL port blocked by default from outside
+* [Feature] Warning when server hostname is not pointing to server IP
+* [Feature] max_length_of_MySQL_username=80
+
+Older versions
+==================================================
 * Support for Debian 10 (previous Debian releases are also supported, but Debian 10 is recommended)
 * [Support for multi-PHP versions](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/multi-php-install.sh)
 * You can limit the maximum number of sent emails (per hour) [per mail account](https://github.com/myvesta/vesta/blob/master/install/debian/10/exim/exim4.conf.template#L105-L106) and [per hosting account](https://github.com/myvesta/vesta/blob/master/install/debian/10/exim/exim4.conf.template#L65-L66), preventing hijacking of email accounts and preventing PHP malware scripts to send spam.
@@ -134,8 +173,4 @@ Older version
 * [Script that will convert Vesta to myVesta](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/convert-vesta-to-myvesta.sh)
 * [Wordpress installer in one second](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/create_wp_https)
 * [Script for importing cPanel backups to Vesta](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/cpanel-import.sh)
-* [Cloning script that will copy the whole site from one domain to another (sub)domain](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/v-clone-website)
-* [Script that will migrate your site from http to https, replacing http to https URLs in database](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/v-migrate-site-to-https)
-* [Script that will install multiple PHP versions on your server](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/multi-php-install.sh)
-* [Script that will install nginx templates that can prevent denial-of-service on your server](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/rate-limit-tpl/install_rate_limit_tpl.sh)
 * [Official Vesta Softaculous installer](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/install-softaculous.sh)

From 881d3bc64eda5a5685d046bf9323ea1e9acbf7d4 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 28 Jun 2020 04:49:27 +0200
Subject: [PATCH 1088/2300] Update README.md

---
 README.md | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 3ff9c929..46098031 100644
--- a/README.md
+++ b/README.md
@@ -1,14 +1,17 @@
 News
 ==================================================
 
+We finally have normal homepage:
+- https://myvestacp.com/
+
 Forum:
 - https://forum.myvestacp.com/
 
 Wiki:
 - https://wiki.myvestacp.com/
 
-And we finally have normal homepage:
-- https://myvestacp.com/
+Changelog:
+- https://github.com/myvesta/vesta/blob/master/Changelog.md
 
 myVesta Control Panel
 ==================================================

From b9f302fed9ff76aa1f8f3b41a51ad9c8507cd870 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 28 Jun 2020 13:48:10 +0200
Subject: [PATCH 1089/2300] Update Changelog.md

---
 Changelog.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Changelog.md b/Changelog.md
index 5ee3e01f..24aa320a 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -1,6 +1,6 @@
 Version 0.9.8-26-26 [27-Jun-2020]
 ==================================================
-* [Feature] Self-signed SSL will be automaticaly added when you add new domain
+* [Feature] Self-signed SSL will be automaticaly added when you add new domain (CloudFlare is fine with that, you don't need LetsEncrypt anymore if you use CloudFlare as reverse-proxy(CDN+Firewall))
 * [Feature] Script for adding self-signed SSL to desired domain
 * From now, on fresh installed server, default backup cron goes at Saturday at 01 AM (instead of everyday at 05 AM)
 * New favicon for hosting panel

From 3dca37bc769b6d831004579e52c9842bf6f49030 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 28 Jun 2020 13:57:26 +0200
Subject: [PATCH 1090/2300] Update Changelog.md

---
 Changelog.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Changelog.md b/Changelog.md
index 24aa320a..2df62c6a 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -1,7 +1,7 @@
 Version 0.9.8-26-26 [27-Jun-2020]
 ==================================================
 * [Feature] Self-signed SSL will be automaticaly added when you add new domain (CloudFlare is fine with that, you don't need LetsEncrypt anymore if you use CloudFlare as reverse-proxy(CDN+Firewall))
-* [Feature] Script for adding self-signed SSL to desired domain
+* [Feature] Script for adding self-signed SSL to desired domain [v-install-unsigned-ssl]
 * From now, on fresh installed server, default backup cron goes at Saturday at 01 AM (instead of everyday at 05 AM)
 * New favicon for hosting panel
 

From 1f5acaa843e7d7111524c79945d3796aec995868 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 28 Jun 2020 23:26:42 +0200
Subject: [PATCH 1091/2300] Update Changelog.md

---
 Changelog.md | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/Changelog.md b/Changelog.md
index 2df62c6a..22b1d78e 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -1,6 +1,6 @@
 Version 0.9.8-26-26 [27-Jun-2020]
 ==================================================
-* [Feature] Self-signed SSL will be automaticaly added when you add new domain (CloudFlare is fine with that, you don't need LetsEncrypt anymore if you use CloudFlare as reverse-proxy(CDN+Firewall))
+* [Feature] Self-signed SSL will be automaticaly added when you add new domain (CloudFlare is fine with that, you don't need LetsEncrypt anymore if you use CloudFlare as reverse-proxy(CDN+Firewall), just set "Full" in SSL section on CloudFlare)
 * [Feature] Script for adding self-signed SSL to desired domain [v-install-unsigned-ssl]
 * From now, on fresh installed server, default backup cron goes at Saturday at 01 AM (instead of everyday at 05 AM)
 * New favicon for hosting panel
@@ -132,7 +132,6 @@ Version 0.9.8-26-4 [07-Jan-2020]
 
 Version 0.9.8-26-3 [26-Nov-2019]
 ==================================================
-* [Feature] Support for sub-releases
 * [Bugfix] Better check if session cron already added
 
 Version 0.9.8-26-2 [15-Nov-2019]

From c57b15b5daca2a0ea88ee6a89a2ff5a4ef47d2a3 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 3 Jul 2020 16:49:25 +0200
Subject: [PATCH 1092/2300] Fix for Too many concurrent SMTP connections

---
 install/debian/10/exim/exim4.conf.template | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/install/debian/10/exim/exim4.conf.template b/install/debian/10/exim/exim4.conf.template
index 95e9bc48..6e889067 100644
--- a/install/debian/10/exim/exim4.conf.template
+++ b/install/debian/10/exim/exim4.conf.template
@@ -25,6 +25,10 @@ acl_smtp_rcpt = acl_check_rcpt
 acl_smtp_data = acl_check_data
 acl_smtp_mime = acl_check_mime
 
+# log_selector = +smtp_connection
+smtp_accept_max = 50
+smtp_accept_max_per_host = 4
+
 .ifdef SPAMASSASSIN
 spamd_address = 127.0.0.1 783
 .endif

From 438bd68067576432335a9b7595cd2214b99ca093 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 4 Jul 2020 23:09:37 +0200
Subject: [PATCH 1093/2300] call custom_callback.sh in vesta_compile.sh

---
 src/deb/vesta_compile.sh | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/deb/vesta_compile.sh b/src/deb/vesta_compile.sh
index 694f472f..71e44c63 100644
--- a/src/deb/vesta_compile.sh
+++ b/src/deb/vesta_compile.sh
@@ -278,6 +278,12 @@ if [ "$CWEB_B" = true ]; then
   cp /root/vesta/src/deb/latest.txt $PATH_OF_C_WEB_FOLDER_ROOT/latest.txt
   echo "$BUILD_DATE" > $PATH_OF_C_WEB_FOLDER_ROOT/build_date.txt
 
+  if [ -f "/root/custom_callback.sh" ]; then
+    BUILD_RELEASE=$(
Date: Sat, 4 Jul 2020 23:26:44 +0200
Subject: [PATCH 1094/2300] show changelog after update

---
 src/deb/vesta/postinst | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index b3b280f5..83654e9a 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -19,6 +19,9 @@ if [ ! -d "/usr/local/vesta/data/upgrades" ]; then
     mkdir -p /usr/local/vesta/data/upgrades
 fi
 
+# show changelog after update
+touch /usr/local/vesta/data/upgrades/show_changelog
+
 if [ ! -f "/usr/local/vesta/data/upgrades/tune-fpm-config-files-v1" ]; then
     touch /usr/local/vesta/data/upgrades/tune-fpm-config-files-v1
     

From c2a4f744965b484e1906f5dfdd71faf20a1fd315 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 4 Jul 2020 23:56:10 +0200
Subject: [PATCH 1095/2300] chmod a=rw
 /usr/local/vesta/data/upgrades/show_changelog

---
 src/deb/vesta/postinst | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index 83654e9a..e93ca980 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -20,7 +20,8 @@ if [ ! -d "/usr/local/vesta/data/upgrades" ]; then
 fi
 
 # show changelog after update
-touch /usr/local/vesta/data/upgrades/show_changelog
+echo "1" > /usr/local/vesta/data/upgrades/show_changelog
+chmod a=rw /usr/local/vesta/data/upgrades/show_changelog
 
 if [ ! -f "/usr/local/vesta/data/upgrades/tune-fpm-config-files-v1" ]; then
     touch /usr/local/vesta/data/upgrades/tune-fpm-config-files-v1

From 3607c9325ac415bf74464f945e39ffd702b21e6d Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 5 Jul 2020 00:02:22 +0200
Subject: [PATCH 1096/2300] Check and get changelog if needed

---
 web/list/user/index.php | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/web/list/user/index.php b/web/list/user/index.php
index 302e8c14..60d47908 100644
--- a/web/list/user/index.php
+++ b/web/list/user/index.php
@@ -14,6 +14,23 @@ if ($user == 'admin') {
 $data = json_decode(implode('', $output), true);
 $data = array_reverse($data,true);
 
+// Check and get changelog if needed
+if ($user == 'admin') {
+    if (file_exists("/usr/local/vesta/data/upgrades/show_changelog")) {
+        $show_changelog_value=file_get_contents("/usr/local/vesta/data/upgrades/show_changelog");
+        $show_changelog_value_int=intval($show_changelog_value);
+        if ($show_changelog_value_int==1) {
+            $changelog='';
+            $changelog_arr=file("/usr/local/vesta/Changelog.md");
+            for ($i=0; $i<7; $i++) {
+                if ($i>1) $changelog.="\n";
+                $changelog.=$changelog_arr[$i];
+            }
+            file_put_contents("/usr/local/vesta/data/upgrades/show_changelog", "0");
+        }
+    }
+}
+
 // Render page
 render_page($user, $TAB, 'list_user');
 

From af58e5abbc529b4f6376795fb04da887bf4c8839 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 5 Jul 2020 00:06:07 +0200
Subject: [PATCH 1097/2300] Show changelog in template

---
 web/templates/admin/list_user.html | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/web/templates/admin/list_user.html b/web/templates/admin/list_user.html
index b3b627e7..072b447d 100644
--- a/web/templates/admin/list_user.html
+++ b/web/templates/admin/list_user.html
@@ -64,6 +64,9 @@
 
     
       
".__("What's new:")."

Changelog:
".$changelog."
".__("See")." ".__("full changelog").".
".__("This changelog only admin see after myVesta upgrade, and will dissapear on next refresh.")."";
+        
         foreach ($data as $key => $value) {
           ++$i;
           if ($data[$key]['SUSPENDED'] == 'yes') {

From ab7a75e07353db47e012458b2def111f2f030f34 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 5 Jul 2020 00:11:09 +0200
Subject: [PATCH 1098/2300] Open changelog in new tab

---
 web/templates/admin/list_user.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/templates/admin/list_user.html b/web/templates/admin/list_user.html
index 072b447d..54bef750 100644
--- a/web/templates/admin/list_user.html
+++ b/web/templates/admin/list_user.html
@@ -65,7 +65,7 @@
     
       
".__("What's new:")."

Changelog:
".$changelog."
".__("See")." ".__("full changelog").".
".__("This changelog only admin see after myVesta upgrade, and will dissapear on next refresh.")."";
+          echo "

".__("What's new:")."

Changelog:
".$changelog."
".__("See")." ".__("full changelog").".
".__("This changelog only admin see after myVesta upgrade, and will dissapear on next refresh.")."";
         
         foreach ($data as $key => $value) {
           ++$i;

From d82523f1d1cc4d631741ef1a0d17f231f825f0a3 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 5 Jul 2020 00:27:30 +0200
Subject: [PATCH 1099/2300] Better colors for changelog

---
 web/templates/admin/list_user.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/templates/admin/list_user.html b/web/templates/admin/list_user.html
index 54bef750..6c9d4794 100644
--- a/web/templates/admin/list_user.html
+++ b/web/templates/admin/list_user.html
@@ -65,7 +65,7 @@
     
       
".__("What's new:")."

Changelog:
".$changelog."
".__("See")." ".__("full changelog").".
".__("This changelog only admin see after myVesta upgrade, and will dissapear on next refresh.")."";
+          echo "

".__("What's new:")."

Changelog:
".$changelog."
".__("See")." ".__("full changelog").".
".__("This only admin see after myVesta upgrade, and will dissapear on next refresh.")."

";
         
         foreach ($data as $key => $value) {
           ++$i;

From 7c12046edda30e4bcce0e4f9e83d6310d10e2c6d Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 5 Jul 2020 01:32:41 +0200
Subject: [PATCH 1100/2300] Better truncating of changelog

---
 web/list/user/index.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/web/list/user/index.php b/web/list/user/index.php
index 60d47908..da708edc 100644
--- a/web/list/user/index.php
+++ b/web/list/user/index.php
@@ -22,7 +22,8 @@ if ($user == 'admin') {
         if ($show_changelog_value_int==1) {
             $changelog='';
             $changelog_arr=file("/usr/local/vesta/Changelog.md");
-            for ($i=0; $i<7; $i++) {
+            for ($i=0; $i<30; $i++) {
+                if (trim($changelog_arr[$i])=="") break;
                 if ($i>1) $changelog.="\n";
                 $changelog.=$changelog_arr[$i];
             }

From 8f691d57e3ad495bea7448ad2128d901e1452e5f Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 5 Jul 2020 01:54:02 +0200
Subject: [PATCH 1101/2300] Changing links

---
 web/templates/admin/list_user.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/templates/admin/list_user.html b/web/templates/admin/list_user.html
index 6c9d4794..861503b5 100644
--- a/web/templates/admin/list_user.html
+++ b/web/templates/admin/list_user.html
@@ -65,7 +65,7 @@
     
       
".__("What's new:")."

Changelog:
".$changelog."
".__("See")." ".__("full changelog").".
".__("This only admin see after myVesta upgrade, and will dissapear on next refresh.")."

";
+          echo "

".__("What's new:")."

Changelog:
".$changelog."
".__("This only admin see after myVesta upgrade, and will dissapear on next refresh.")."
".__("Check out our")." ".__("new site, wiki and forum").".

";
         
         foreach ($data as $key => $value) {
           ++$i;

From a44f38257f59f9c58100b32a329bf2b98206b933 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 5 Jul 2020 02:57:50 +0200
Subject: [PATCH 1102/2300] Better changelog style

---
 web/templates/admin/list_user.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/templates/admin/list_user.html b/web/templates/admin/list_user.html
index 861503b5..c6b5a750 100644
--- a/web/templates/admin/list_user.html
+++ b/web/templates/admin/list_user.html
@@ -65,7 +65,7 @@
     
       
".__("What's new:")."

Changelog:
".$changelog."
".__("This only admin see after myVesta upgrade, and will dissapear on next refresh.")."
".__("Check out our")." ".__("new site, wiki and forum").".

";
+          echo "

".__("What's new:")."

Changelog:
".$changelog."
".__("This only admin see after myVesta upgrade, and will dissapear on next refresh.")."
".__("Check out our")." ".__("new site, wiki and forum").".

";
         
         foreach ($data as $key => $value) {
           ++$i;

From c582a08b357ddc75aeeefea037a7aa930a874802 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 5 Jul 2020 03:01:59 +0200
Subject: [PATCH 1103/2300] Linking changelog

---
 web/templates/admin/list_user.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/templates/admin/list_user.html b/web/templates/admin/list_user.html
index c6b5a750..66efaa63 100644
--- a/web/templates/admin/list_user.html
+++ b/web/templates/admin/list_user.html
@@ -65,7 +65,7 @@
     
       
".__("What's new:")."

Changelog:
".$changelog."
".__("This only admin see after myVesta upgrade, and will dissapear on next refresh.")."
".__("Check out our")." ".__("new site, wiki and forum").".

";
+          echo "

".__("What's new:")."

Changelog:
".$changelog."
".__("This only admin see after myVesta upgrade, and will dissapear on next refresh.")."
".__("Check out our")." ".__("new site, wiki and forum").".

";
         
         foreach ($data as $key => $value) {
           ++$i;

From f6089d53772909a2385c03ee659655ecc10d3e16 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 5 Jul 2020 13:27:54 +0200
Subject: [PATCH 1104/2300] Update README.md

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 46098031..7cc1caf5 100644
--- a/README.md
+++ b/README.md
@@ -32,7 +32,7 @@ Features of myVesta
 
 + [Support for multi-PHP versions](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/multi-php-install.sh)
 
-+ You can limit the maximum number of sent emails (per hour) [per mail account](https://github.com/myvesta/vesta/blob/master/install/debian/10/exim/exim4.conf.template#L105-L106) and [per hosting account](https://github.com/myvesta/vesta/blob/master/install/debian/10/exim/exim4.conf.template#L65-L66), preventing hijacking of email accounts and preventing PHP malware scripts to send spam.
++ You can limit the maximum number of sent emails (per hour) [per mail account](https://github.com/myvesta/vesta/blob/master/install/debian/10/exim/exim4.conf.template#L109-L110) and [per hosting account](https://github.com/myvesta/vesta/blob/master/install/debian/10/exim/exim4.conf.template#L72-L73), preventing hijacking of email accounts and preventing PHP malware scripts to send spam.
 
 + You can see [what PHP scripts are sending emails](https://github.com/myvesta/vesta/blob/master/install/debian/10/php/php7.3-dedi.patch#L50), when and to whom
 

From 89f5e9954c7fd3c14be1948a9c48000328224019 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 5 Jul 2020 22:34:38 +0200
Subject: [PATCH 1105/2300] Update PHP-FPM-73.sh

---
 .../debian/10/templates/web/apache2/PHP-FPM-73.sh   | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/install/debian/10/templates/web/apache2/PHP-FPM-73.sh b/install/debian/10/templates/web/apache2/PHP-FPM-73.sh
index 546fb7c3..72f9cec6 100755
--- a/install/debian/10/templates/web/apache2/PHP-FPM-73.sh
+++ b/install/debian/10/templates/web/apache2/PHP-FPM-73.sh
@@ -17,8 +17,8 @@ user = $1
 group = $1
 
 pm = ondemand
-pm.max_children = 16
-request_terminate_timeout = 30s
+pm.max_children = 8
+request_terminate_timeout = 90s
 pm.max_requests = 4000
 pm.process_idle_timeout = 10s
 pm.status_path = /status
@@ -27,7 +27,7 @@ php_admin_value[upload_tmp_dir] = /home/$1/tmp
 php_admin_value[session.save_path] = /home/$1/tmp
 php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
 php_admin_value[upload_max_filesize] = 80M
-php_admin_value[max_execution_time] = 20
+php_admin_value[max_execution_time] = 30
 php_admin_value[post_max_size] = 80M
 php_admin_value[memory_limit] = 256M
 php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
@@ -45,6 +45,7 @@ pool_file_70="/etc/php/7.0/fpm/pool.d/$2.conf"
 pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
 pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
 pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
+pool_file_74="/etc/php/7.4/fpm/pool.d/$2.conf"
 
 if [ -f "$pool_file_56" ]; then
     rm $pool_file_56
@@ -79,9 +80,13 @@ if [ $write_file -eq 1 ]; then
     echo "$pool_conf" > $pool_file_73
     service php7.3-fpm restart
 fi
-
 if [ -f "/etc/php/7.3/fpm/pool.d/www.conf" ]; then
     rm /etc/php/7.3/fpm/pool.d/www.conf
 fi
 
+if [ -f "$pool_file_74" ]; then
+    rm $pool_file_74
+    service php7.4-fpm restart
+fi
+
 exit 0

From a404a369ac92e99b479e1663b23a1ff75a7cbaaf Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 5 Jul 2020 22:42:15 +0200
Subject: [PATCH 1106/2300] Second tuning php-fpm pool.d config files

---
 src/deb/vesta/postinst | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index e93ca980..e2bf8dbd 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -23,11 +23,11 @@ fi
 echo "1" > /usr/local/vesta/data/upgrades/show_changelog
 chmod a=rw /usr/local/vesta/data/upgrades/show_changelog
 
-if [ ! -f "/usr/local/vesta/data/upgrades/tune-fpm-config-files-v1" ]; then
-    touch /usr/local/vesta/data/upgrades/tune-fpm-config-files-v1
+if [ ! -f "/usr/local/vesta/data/upgrades/tune-fpm-config-files-v2" ]; then
+    touch /usr/local/vesta/data/upgrades/tune-fpm-config-files-v2
     
-    mkdir -p /root/etc-php-backup
-    cp -r /etc/php/ /root/etc-php-backup/
+    mkdir -p /root/etc-php-backup2
+    cp -r /etc/php/ /root/etc-php-backup2/
 
     OLDVAL='pm.max_children = 16'
     NEWVAL='pm.max_children = 8'

From e6c984acd95321176b929a594858d68458ef57ec Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 5 Jul 2020 22:43:41 +0200
Subject: [PATCH 1107/2300] Update vst-install-debian.sh

---
 install/vst-install-debian.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 33ccfaf2..37566f95 100755
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1612,6 +1612,7 @@ if [ ! -d "/usr/local/vesta/data/upgrades" ]; then
     mkdir -p /usr/local/vesta/data/upgrades
 fi
 touch /usr/local/vesta/data/upgrades/tune-fpm-config-files-v1
+touch /usr/local/vesta/data/upgrades/tune-fpm-config-files-v2
 touch /usr/local/vesta/data/upgrades/allow-backup-anytime
 touch /usr/local/vesta/data/upgrades/fix-sudoers
 touch /usr/local/vesta/data/upgrades/change-clamav-socket-v2

From 7a5e0227492c74f719415b57ea6cbbffbd8aaac2 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 5 Jul 2020 22:45:03 +0200
Subject: [PATCH 1108/2300] Version 0.9.8-26-27

---
 src/deb/latest.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/latest.txt b/src/deb/latest.txt
index 758fb6f7..ace9cf30 100644
--- a/src/deb/latest.txt
+++ b/src/deb/latest.txt
@@ -1 +1 @@
-vesta-0.9.8-26-26
+vesta-0.9.8-26-27

From e276e6b70b0cbe0f3e21e3edfd9967be69de6569 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 5 Jul 2020 23:03:15 +0200
Subject: [PATCH 1109/2300] Update Changelog.md

---
 Changelog.md | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/Changelog.md b/Changelog.md
index 22b1d78e..7ac0d3bf 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -1,3 +1,9 @@
+Version 0.9.8-26-27 [05-Jul-2020]
+==================================================
+* [Feature] Admins now see changelog when they open myVesta panel after myVesta get updated (changelog will dissapear on next refresh)
+* [Bugfix] Better control of opened SMTP concurrent connections (preventing denial-of-service of SMTP) on fresh installed servers - https://github.com/myvesta/vesta/commit/c57b15b5daca2a0ea88ee6a89a2ff5a4ef47d2a3
+* Second tuning php-fpm pool.d config files (perfomances and limits)
+
 Version 0.9.8-26-26 [27-Jun-2020]
 ==================================================
 * [Feature] Self-signed SSL will be automaticaly added when you add new domain (CloudFlare is fine with that, you don't need LetsEncrypt anymore if you use CloudFlare as reverse-proxy(CDN+Firewall), just set "Full" in SSL section on CloudFlare)
@@ -60,6 +66,7 @@ Version 0.9.8-26-16 [15-May-2020]
 Version 0.9.8-26-15 [09-May-2020]
 ==================================================
 * [Feature] nginx templates that can prevent denial-of-service on your server
+* First tuning php-fpm pool.d config files (perfomances and limits)
 * New logo
 
 Version 0.9.8-26-14 [08-May-2020]

From cef9dfd632afad900e4fa9996dd80a4a2e0b02e2 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 5 Jul 2020 23:03:54 +0200
Subject: [PATCH 1110/2300] Update Changelog.md

---
 Changelog.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Changelog.md b/Changelog.md
index 7ac0d3bf..a6e94dc7 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -2,7 +2,7 @@ Version 0.9.8-26-27 [05-Jul-2020]
 ==================================================
 * [Feature] Admins now see changelog when they open myVesta panel after myVesta get updated (changelog will dissapear on next refresh)
 * [Bugfix] Better control of opened SMTP concurrent connections (preventing denial-of-service of SMTP) on fresh installed servers - https://github.com/myvesta/vesta/commit/c57b15b5daca2a0ea88ee6a89a2ff5a4ef47d2a3
-* Second tuning php-fpm pool.d config files (perfomances and limits)
+* Second tuning of php-fpm pool.d config files (perfomances and limits)
 
 Version 0.9.8-26-26 [27-Jun-2020]
 ==================================================

From 4ad0611e6c93c063106aca521fbb129a29ad02c3 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 6 Jul 2020 00:13:27 +0200
Subject: [PATCH 1111/2300] Update postinst

---
 src/deb/vesta/postinst | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index e2bf8dbd..e414afdb 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -23,9 +23,12 @@ fi
 echo "1" > /usr/local/vesta/data/upgrades/show_changelog
 chmod a=rw /usr/local/vesta/data/upgrades/show_changelog
 
+# Tuning of php-fpm pool.d config files (perfomances and limits)
 if [ ! -f "/usr/local/vesta/data/upgrades/tune-fpm-config-files-v2" ]; then
     touch /usr/local/vesta/data/upgrades/tune-fpm-config-files-v2
     
+    echo "== Tuning of php-fpm pool.d config files (perfomances and limits)"
+    
     mkdir -p /root/etc-php-backup2
     cp -r /etc/php/ /root/etc-php-backup2/
 
@@ -46,6 +49,7 @@ if [ ! -f "/usr/local/vesta/data/upgrades/tune-fpm-config-files-v2" ]; then
     
     # restart all php-fpm services
     systemctl --full --type service --all | grep "php...-fpm" | awk '{print $1}' | xargs systemctl restart
+    echo "== Done"
 fi
 
 if [ ! -f "/usr/local/vesta/data/upgrades/allow-backup-anytime" ]; then

From 51b12558145bf16783f50bf4c5db222f210d456e Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 10 Jul 2020 20:22:14 +0200
Subject: [PATCH 1112/2300] Update v-clone-website

---
 src/deb/for-download/tools/v-clone-website | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/for-download/tools/v-clone-website b/src/deb/for-download/tools/v-clone-website
index 07dfd77c..6fe8c19e 100644
--- a/src/deb/for-download/tools/v-clone-website
+++ b/src/deb/for-download/tools/v-clone-website
@@ -357,7 +357,7 @@ mysql $TO_DATABASE_NAME < $FROM_DATABASE_NAME.sql
 
 echo "=== Copying files from $FROM_FOLDER to folder $TO_FOLDER"
 rsync -a --delete $FROM_FOLDER/ $TO_FOLDER/
-echo "=== Chowning to  $TO_USER:$TO_USER in folder $TO_FOLDER"
+echo "=== Chowning to $TO_USER:$TO_USER in folder $TO_FOLDER"
 chown -R $TO_USER:$TO_USER $TO_FOLDER
 
 echo "=== Replacing $FROM_DATABASE_NAME to $TO_DATABASE_NAME in $TO_CONFIG_FILE_FULL_PATH"

From f6680abdead15dd8b41a1792762e09d48659e29d Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 12 Jul 2020 01:05:21 +0200
Subject: [PATCH 1113/2300] separate-mail-ip.patch

---
 .../tools/patches/separate-mail-ip.patch      | 51 +++++++++++++++++++
 1 file changed, 51 insertions(+)
 create mode 100644 src/deb/for-download/tools/patches/separate-mail-ip.patch

diff --git a/src/deb/for-download/tools/patches/separate-mail-ip.patch b/src/deb/for-download/tools/patches/separate-mail-ip.patch
new file mode 100644
index 00000000..882cdcb4
--- /dev/null
+++ b/src/deb/for-download/tools/patches/separate-mail-ip.patch
@@ -0,0 +1,51 @@
+--- ./exim4.conf.template-normal	2020-07-12 00:56:40.000000000 +0200
++++ ./exim4.conf.template-separate	2020-07-12 00:56:07.000000000 +0200
+@@ -12,6 +12,10 @@
+ add_environment=<; PATH=/bin:/usr/bin
+ keep_environment=
+ 
++local_interfaces =  0.0.0.0
++smtp_active_hostname = ${lookup{$interface_address}lsearch{/etc/exim4/virtual/helo_data}{$value}}
++smtp_banner = "$smtp_active_hostname ESMTP $tod_full"
++
+ domainlist local_domains = dsearch;/etc/exim4/domains/
+ domainlist relay_to_domains = dsearch;/etc/exim4/domains/
+ hostlist relay_from_hosts = 127.0.0.1
+@@ -38,8 +42,8 @@
+ .endif
+ 
+ tls_advertise_hosts = *
+-tls_certificate = /usr/local/vesta/ssl/certificate.crt
+-tls_privatekey = /usr/local/vesta/ssl/certificate.key
++tls_certificate = /usr/local/vesta/ssl/$received_ip_address.crt
++tls_privatekey = /usr/local/vesta/ssl/$received_ip_address.key
+ 
+ daemon_smtp_ports = 25 : 465 : 587 : 2525
+ tls_on_connect_ports = 465
+@@ -72,6 +76,8 @@
+   warn ratelimit = 0 / 1h / strict / $authenticated_id
+   log_message = Sender rate [limitlog]: log / account / $authenticated_id / $sender_rate / $sender_rate_period
+ 
++  warn    set acl_m3    = yes
++
+   accept
+ 
+ acl_check_spammers:
+@@ -112,6 +118,8 @@
+   warn ratelimit = 0 / 1h / strict / $authenticated_id
+   log_message = Sender rate [limitlog]: log / email / $authenticated_id / $sender_rate / $sender_rate_period
+ 
++  warn    set acl_m3    = no
++
+   deny    message       = Restricted characters in address
+           domains       = +local_domains
+           local_parts   = ^[.] : ^.*[@%!/|]
+@@ -308,6 +316,8 @@
+ 
+ remote_smtp:
+   driver = smtp
++  interface = ${if eq{$acl_m3}{yes}{IP1}{IP2}}
++  helo_data = "${if eq{$acl_m3}{yes}{HOST1}{HOST2}}"
+   #helo_data = $sender_address_domain
+   dkim_domain = DKIM_DOMAIN
+   dkim_selector = mail

From 4b61f02b43ec225a9b0fff6f40509900d71f4bb3 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 12 Jul 2020 03:13:35 +0200
Subject: [PATCH 1114/2300] Create v-create-ip-ssl

---
 bin/v-create-ip-ssl | 37 +++++++++++++++++++++++++++++++++++++
 1 file changed, 37 insertions(+)
 create mode 100644 bin/v-create-ip-ssl

diff --git a/bin/v-create-ip-ssl b/bin/v-create-ip-ssl
new file mode 100644
index 00000000..b1d7a40a
--- /dev/null
+++ b/bin/v-create-ip-ssl
@@ -0,0 +1,37 @@
+#!/bin/bash
+
+if [ $# -lt 2 ]; then
+    echo usage: v-create-ip-ssl USER DOMAIN
+    exit 1
+fi
+
+user=$1
+domain=$2
+
+echo "Script ran with: $user $domain" >> /usr/local/vesta/log/v-create-ip-ssl.log
+
+grepr=$(grep -c "^$domain:" /etc/exim4/virtual/interfaces)
+if [ $grepr -ge 1 ]; then
+    grepr=$(grep "^$domain:" /etc/exim4/virtual/interfaces)
+    ip=${grepr/$domain: /}
+    if [ ! -z "$ip" ]; then
+        echo "Processinng $domain" >> /usr/local/vesta/log/v-create-ip-ssl.log
+        echo "IP = $ip" >> /usr/local/vesta/log/v-create-ip-ssl.log
+        cp /home/$user/conf/web/ssl.$domain.pem /usr/local/vesta/ssl/$ip.crt
+        cp /home/$user/conf/web/ssl.$domain.key /usr/local/vesta/ssl/$ip.key
+
+        exim_user="exim";
+        check_exim_username=$(grep -c '^Debian-exim:' /etc/passwd)
+        if [ "$check_exim_username" -eq 1 ]; then
+            exim_user="Debian-exim"
+        fi
+
+        # Assign exim permissions
+        chown $exim_user:mail /usr/local/vesta/ssl/$ip.crt
+        chown $exim_user:mail /usr/local/vesta/ssl/$ip.key
+
+        service exim4 restart
+        service dovecot restart
+        echo "Done." >> /usr/local/vesta/log/v-create-ip-ssl.log
+    fi
+fi

From d779d47f64e0a98f3ce08bf971ed834a8f143af6 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 12 Jul 2020 03:59:16 +0200
Subject: [PATCH 1115/2300] Create v-make-separate-ip-for-email

---
 bin/v-make-separate-ip-for-email | 128 +++++++++++++++++++++++++++++++
 1 file changed, 128 insertions(+)
 create mode 100644 bin/v-make-separate-ip-for-email

diff --git a/bin/v-make-separate-ip-for-email b/bin/v-make-separate-ip-for-email
new file mode 100644
index 00000000..85881f6e
--- /dev/null
+++ b/bin/v-make-separate-ip-for-email
@@ -0,0 +1,128 @@
+#!/bin/bash
+
+# info: add new ip and makes email to be sent via that IP only for SMTP authenticated users
+# options: MAIL_HOSTNAME MAIL_IP
+#
+# The function add new ip, add new host for mail, try to generate letsencrypt for it, and makes email to be sent via that IP only for SMTP authenticated users
+
+if [ $# -lt 2 ]; then
+    echo "USAGE: v-make-separate-ip-for-email MAIL_HOSTNAME MAIL_IP"
+    exit 1
+fi
+
+MAIL_HOSTNAME=$1
+MAIL_IP=$2
+
+if [ $# -gt 2 ]; then
+    NETMASK=$3
+else
+    NETMASK='255.255.255.192'
+fi
+
+if [ $# -gt 3 ]; then
+    INTERFACE=$4
+else
+    INTERFACE='eth0'
+fi
+
+HOST_USER=$($VESTA/bin/v-search-domain-owner "$HOSTNAME")
+if [ -z "$HOST_USER" ]; then
+    echo "Error: hostname $HOSTNAME is not created as web domain"
+    exit 4
+fi
+
+HOST_IP=$($VESTA/bin/v-list-web-domain "$HOST_USER" "$HOSTNAME" | grep 'IP:' | awk '{print $2}')
+
+echo "HOSTNAME     : $HOSTNAME"
+echo "HOSTNAME IP  : $HOST_IP"
+echo "MAIL HOSTNAME: $MAIL_HOSTNAME"
+echo "MAIL_IP      : $MAIL_IP"
+if [ $# -gt 2 ]; then
+    echo "NETMASK      : $NETMASK"
+fi
+if [ $# -gt 3 ]; then
+    echo "INTERFACE    : $INTERFACE"
+fi
+
+if [ ! -f "/usr/local/vesta/data/ips/$MAIL_IP" ]; then
+    $VESTA/bin/v-add-sys-ip  "$MAIL_IP" "$NETMASK" "$INTERFACE" 'admin' 'dedicated' '' ''
+fi
+
+MAIL_USER=$($VESTA/bin/v-search-domain-owner "$MAIL_HOSTNAME")
+if [ -z "$MAIL_USER" ]; then
+    MAIL_USER=$HOST_USER
+    echo "=== Creating (sub)domain $MAIL_HOSTNAME"
+    $VESTA/bin/v-add-domain "$MAIL_USER" "$MAIL_HOSTNAME" "$MAIL_IP" 'yes'
+    echo "=== Deleting www from (sub)domain $MAIL_HOSTNAME"
+    www_host="www.$MAIL_HOSTNAME"
+    $VESTA/bin/v-delete-web-domain-alias "$MAIL_USER" "$MAIL_HOSTNAME" "$www_host" 'no'
+    $VESTA/bin/v-delete-dns-on-web-alias "$MAIL_USER" "$MAIL_HOSTNAME" "$www_host" 'no'
+else
+    CURRENT_MAIL_IP=$($VESTA/bin/v-list-web-domain "$MAIL_USER" "$MAIL_HOSTNAME" | grep 'IP:' | awk '{print $2}')
+    if [ "$CURRENT_MAIL_IP" != "$MAIL_IP" ]; then
+        echo "=== Switching (sub)domain $MAIL_HOSTNAME to IP: $MAIL_IP"
+        $VESTA/bin/v-change-web-domain-ip "$MAIL_USER" "$MAIL_HOSTNAME" "$MAIL_IP" 'yes'
+        $VESTA/bin/v-change-dns-domain-ip "$MAIL_USER" "$MAIL_HOSTNAME" "$MAIL_IP" 'yes'
+    fi
+fi
+
+LETSENCRYPT=$($VESTA/bin/v-list-web-domain "$MAIL_USER" "$MAIL_HOSTNAME" | grep 'LETSENCRYPT:' | awk '{print $2}')
+if [ "$LETSENCRYPT" = "yes" ]; then
+    echo "=== LetsEncrypt already installed"
+else
+    echo "=== Installing LetsEncrypt for (sub)domain $MAIL_HOSTNAME"
+    $VESTA/bin/v-add-letsencrypt-domain "$MAIL_USER" "$MAIL_HOSTNAME" "" "yes"
+    if [ $? -ne 0 ]; then
+        echo "=== LetsEncrypt installation failed"
+    fi
+fi
+
+
+if [ ! -d "/etc/exim4/virtual" ]; then
+    echo "=== Creating /etc/exim4/virtual files"
+    mkdir -p /etc/exim4/virtual
+    echo "$HOST_IP: $HOSTNAME" > /etc/exim4/virtual/helo_data
+    echo "$MAIL_IP: $MAIL_HOSTNAME" >> /etc/exim4/virtual/helo_data
+    echo "$HOSTNAME: $HOST_IP" > /etc/exim4/virtual/interfaces
+    echo "$MAIL_HOSTNAME: $MAIL_IP" >> /etc/exim4/virtual/interfaces
+    length=$(wc -c  /dev/null 2>&1
+    length=$(wc -c  /dev/null 2>&1
+else
+    echo "=== /etc/exim4/virtual files already exists"
+fi
+
+echo "=== Generating IP for hostname $HOSTNAME"
+$VESTA/bin/v-create-ip-ssl "$HOST_USER" "$HOSTNAME"
+echo "=== Generating IP for mail hostname $MAIL_HOSTNAME"
+$VESTA/bin/v-create-ip-ssl "$MAIL_USER" "$MAIL_HOSTNAME"
+
+check_grep=$(grep -c 'smtp_active_hostname' /etc/exim4/exim4.conf.template)
+if [ "$check_grep" -eq 0 ]; then
+    echo "=== patching exim4.conf.template"
+    patch /etc/exim4/exim4.conf.template < /usr/local/vesta/src/deb/for-download/tools/patches/separate-mail-ip.patch
+    if [ $? -ne 0 ]; then
+        echo "=== Patching failed, aborting"
+        exit 1
+    else
+        echo "=== Patching successful"
+        sed -i "s|IP1|$HOST_IP|g" /etc/exim4/exim4.conf.template
+        sed -i "s|IP2|$MAIL_IP|g" /etc/exim4/exim4.conf.template
+        sed -i "s|HOST1|$HOSTNAME|g" /etc/exim4/exim4.conf.template
+        sed -i "s|HOST2|$MAIL_HOSTNAME|g" /etc/exim4/exim4.conf.template
+        service exim4 restart
+    fi
+else
+    echo "=== exim4.conf.template already patched"
+fi
+
+check_grep=$(grep -c 'v-create-ip-ssl' /usr/local/vesta/conf/vesta.conf)
+if [ "$check_grep" -eq 0 ]; then
+    echo "=== Set UPDATE_SSL_SCRIPT to 'v-create-ip-ssl'"
+    echo "UPDATE_SSL_SCRIPT='/usr/local/vesta/bin/v-create-ip-ssl'" >> /usr/local/vesta/conf/vesta.conf
+else
+    echo "=== Value UPDATE_SSL_SCRIPT is already 'v-create-ip-ssl'"
+fi
+
+echo "=== Done!"

From 89c2767e92a86e20aad661627f8a1588f6d5e2d8 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 12 Jul 2020 04:18:55 +0200
Subject: [PATCH 1116/2300] Adding IP to SPF in v-make-separate-ip-for-email

---
 bin/v-make-separate-ip-for-email | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/bin/v-make-separate-ip-for-email b/bin/v-make-separate-ip-for-email
index 85881f6e..6654b968 100644
--- a/bin/v-make-separate-ip-for-email
+++ b/bin/v-make-separate-ip-for-email
@@ -77,7 +77,6 @@ else
     fi
 fi
 
-
 if [ ! -d "/etc/exim4/virtual" ]; then
     echo "=== Creating /etc/exim4/virtual files"
     mkdir -p /etc/exim4/virtual
@@ -125,4 +124,16 @@ else
     echo "=== Value UPDATE_SSL_SCRIPT is already 'v-create-ip-ssl'"
 fi
 
+check_grep=$(grep -c "ip4:$MAIL_IP" /usr/local/vesta/data/templates/dns/default.tpl)
+if [ "$check_grep" -eq 0 ]; then
+    echo "=== Adding IP to SPF"
+    sed -i "s|ip4:%ip%|ip4:%ip% ip4:$MAIL_IP|g" /usr/local/vesta/data/templates/dns/default.tpl
+    NOTFOUNDVAL="ip4:$MAIL_IP"
+    OLDVAL="ip4:$HOST_IP"
+    NEWVAL="ip4:$HOST_IP ip4:$MAIL_IP"
+    find /usr/local/vesta/data/users/*/dns/ -type f -exec grep -L "$NOTFOUNDVAL" {} \; | xargs sed -i "s|$OLDVAL|$NEWVAL|g"
+    find /home/*/conf/dns/ -type f -exec grep -L "$NOTFOUNDVAL" {} \; | xargs sed -i "s|$OLDVAL|$NEWVAL|g"
+    service bind9 reload
+fi
+
 echo "=== Done!"

From 7a0d18fc81d0177f8037ff8f550c9c5e79d5828c Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 12 Jul 2020 04:45:09 +0200
Subject: [PATCH 1117/2300] PTR check in v-make-separate-ip-for-email

---
 bin/v-make-separate-ip-for-email | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/bin/v-make-separate-ip-for-email b/bin/v-make-separate-ip-for-email
index 6654b968..1e013463 100644
--- a/bin/v-make-separate-ip-for-email
+++ b/bin/v-make-separate-ip-for-email
@@ -137,3 +137,10 @@ if [ "$check_grep" -eq 0 ]; then
 fi
 
 echo "=== Done!"
+
+ptr=$(dig +short -x $MAIL_IP)
+if [ "$PTR" != "$MAIL_HOSTNAME" ]; then
+    echo ""
+    echo "WARNING: PTR for $MAIL_IP is $ptr"
+    echo "WARNING: PTR for $MAIL_IP should be $MAIL_HOSTNAME"
+fi

From 7d2dda10bcd3eef2904f7d5a0ab175617a0098ee Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 12 Jul 2020 04:46:40 +0200
Subject: [PATCH 1118/2300] Update v-make-separate-ip-for-email

---
 bin/v-make-separate-ip-for-email | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-make-separate-ip-for-email b/bin/v-make-separate-ip-for-email
index 1e013463..0d99ee0c 100644
--- a/bin/v-make-separate-ip-for-email
+++ b/bin/v-make-separate-ip-for-email
@@ -139,7 +139,7 @@ fi
 echo "=== Done!"
 
 ptr=$(dig +short -x $MAIL_IP)
-if [ "$PTR" != "$MAIL_HOSTNAME" ]; then
+if [ "$PTR" != "$MAIL_HOSTNAME." ]; then
     echo ""
     echo "WARNING: PTR for $MAIL_IP is $ptr"
     echo "WARNING: PTR for $MAIL_IP should be $MAIL_HOSTNAME"

From 5bbfb4dc1a0c13224215d65f4dd20ae306303b2c Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 12 Jul 2020 04:52:46 +0200
Subject: [PATCH 1119/2300] PTR dot fix in v-make-separate-ip-for-email

---
 bin/v-make-separate-ip-for-email | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/bin/v-make-separate-ip-for-email b/bin/v-make-separate-ip-for-email
index 0d99ee0c..0dfc68d7 100644
--- a/bin/v-make-separate-ip-for-email
+++ b/bin/v-make-separate-ip-for-email
@@ -139,7 +139,10 @@ fi
 echo "=== Done!"
 
 ptr=$(dig +short -x $MAIL_IP)
-if [ "$PTR" != "$MAIL_HOSTNAME." ]; then
+ptr_len=${#ptr}
+ptr_len=$((ptr_len-1))
+ptr=${ptr:0:ptr_len}
+if [ "$PTR" != "$MAIL_HOSTNAME" ]; then
     echo ""
     echo "WARNING: PTR for $MAIL_IP is $ptr"
     echo "WARNING: PTR for $MAIL_IP should be $MAIL_HOSTNAME"

From b960f86e2c8eda95c083c8856ed498171b7ba4ad Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 12 Jul 2020 17:52:22 +0200
Subject: [PATCH 1120/2300] Update main.sh

---
 func/main.sh | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/func/main.sh b/func/main.sh
index c01aa123..5d85e7e4 100644
--- a/func/main.sh
+++ b/func/main.sh
@@ -1040,3 +1040,8 @@ get_web_counter() {
 
     echo $counter
 }
+
+escape_shell_quote() { 
+    local escape_shell_quoted=${1//\'/\'\\\'\'};
+    printf "'%s'" "$escape_shell_quoted"
+}

From 8e3b348e6f3ffeac7c4be349930d64c30edd43e6 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 12 Jul 2020 18:57:28 +0200
Subject: [PATCH 1121/2300] Create v-get-database-credentials-of-site

---
 bin/v-get-database-credentials-of-site | 100 +++++++++++++++++++++++++
 1 file changed, 100 insertions(+)
 create mode 100644 bin/v-get-database-credentials-of-site

diff --git a/bin/v-get-database-credentials-of-site b/bin/v-get-database-credentials-of-site
new file mode 100644
index 00000000..54a69b73
--- /dev/null
+++ b/bin/v-get-database-credentials-of-site
@@ -0,0 +1,100 @@
+#!/bin/bash
+
+# Importing system environment
+source /etc/profile
+
+# Includes
+source /usr/local/vesta/func/main.sh
+
+
+if [ $# -lt 1 ]; then
+    echo "USAGE: v-get-database-credentials-of-site DOMAIN [SUBFOLDER]"
+    exit 1
+fi
+
+DOMAIN=$1
+SUBFOLDER=''
+if [ $# -gt 1 ]; then
+    SUBFOLDER=$2
+fi
+
+USER=$(/usr/local/vesta/bin/v-search-domain-owner "$DOMAIN")
+if [ -z "$USER" ]; then
+    echo "Error: domain $DOMAIN does not exists"
+    exit 2
+fi
+
+SITE_FOLDER="/home/$USER/web/$DOMAIN/public_html"
+CHECK_PUBLIC_SHTML=$(/usr/local/vesta/bin/v-list-web-domain "$USER" "$DOMAIN" | grep 'SSL:' | grep -c 'single')
+if [ $CHECK_PUBLIC_SHTML -eq 1 ]; then
+    SITE_FOLDER="/home/$USER/web/$DOMAIN/public_shtml"
+fi
+
+if [ ! -z "$SUBFOLDER" ]; then
+    SITE_FOLDER="${SITE_FOLDER}/${SUBFOLDER}"
+fi
+
+CMS_TYPE=''
+
+if [ -f "$SITE_FOLDER/wp-config.php" ]; then
+    CMS_TYPE='wordpress'
+    CONFIG_FILE="wp-config.php"
+    CONFIG_FILE_FULL_PATH="$SITE_FOLDER/$CONFIG_FILE"
+fi
+if [ -f "$SITE_FOLDER/configuration.php" ]; then
+    CMS_TYPE='joomla'
+    CONFIG_FILE="configuration.php"
+    CONFIG_FILE_FULL_PATH="$SITE_FOLDER/$CONFIG_FILE"
+fi
+
+if [ "$CMS_TYPE" = "wordpress" ]; then
+    CONFIG_FILE_FULL_PATH_BACKUP="${CONFIG_FILE_FULL_PATH}_backup"
+    cp $CONFIG_FILE_FULL_PATH $CONFIG_FILE_FULL_PATH_BACKUP
+    sed -i "s|//.*$||g" $CONFIG_FILE_FULL_PATH_BACKUP
+    sed -i "s|('|( '|g" $CONFIG_FILE_FULL_PATH_BACKUP
+    sed -i "s|');|' );|g" $CONFIG_FILE_FULL_PATH_BACKUP
+    DATABASE_NAME=$(grep 'DB_NAME' $CONFIG_FILE_FULL_PATH_BACKUP | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
+    DATABASE_USERNAME=$(grep 'DB_USER' $CONFIG_FILE_FULL_PATH_BACKUP | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
+    DATABASE_PASSWORD=$(grep 'DB_PASSWORD' $CONFIG_FILE_FULL_PATH_BACKUP | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
+    DATABASE_HOSTNAME=$(grep 'DB_HOST' $CONFIG_FILE_FULL_PATH_BACKUP | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
+    rm $CONFIG_FILE_FULL_PATH_BACKUP
+fi
+
+if [ "$CMS_TYPE" = "joomla" ]; then
+    CONFIG_FILE_FULL_PATH_BACKUP="${CONFIG_FILE_FULL_PATH}_backup"
+    cp $CONFIG_FILE_FULL_PATH $CONFIG_FILE_FULL_PATH_BACKUP
+    sed -i "s|//.*$||g" $CONFIG_FILE_FULL_PATH_BACKUP
+    sed -i "s|='|= '|g" $CONFIG_FILE_FULL_PATH_BACKUP
+    sed -i "s|= '| = '|g" $CONFIG_FILE_FULL_PATH_BACKUP
+    sed -i "s|  =| =|g" $CONFIG_FILE_FULL_PATH_BACKUP
+    sed -i "s|';$|'|g" $CONFIG_FILE_FULL_PATH_BACKUP
+    DATABASE_NAME=$(grep 'public $db ' $CONFIG_FILE_FULL_PATH_BACKUP | awk '{print $4}' | sed -e "s/^'//" -e "s/'$//")
+    DATABASE_USERNAME=$(grep 'public $user ' $CONFIG_FILE_FULL_PATH_BACKUP | awk '{print $4}' | sed -e "s/^'//" -e "s/'$//")
+    DATABASE_PASSWORD=$(grep 'public $password ' $CONFIG_FILE_FULL_PATH_BACKUP | awk '{print $4}' | sed -e "s/^'//" -e "s/'$//")
+    DATABASE_HOSTNAME=$(grep 'public $host ' $CONFIG_FILE_FULL_PATH_BACKUP | awk '{print $4}' | sed -e "s/^'//" -e "s/'$//")
+    rm $CONFIG_FILE_FULL_PATH_BACKUP
+fi
+
+DATABASE_NAME=$(escape_shell_quote $DATABASE_NAME)
+echo "DATABASE_NAME=$DATABASE_NAME"
+
+DATABASE_USERNAME=$(escape_shell_quote $DATABASE_USERNAME)
+echo "DATABASE_USERNAME=$DATABASE_USERNAME"
+
+DATABASE_PASSWORD=$(escape_shell_quote $DATABASE_PASSWORD)
+echo "DATABASE_PASSWORD=$DATABASE_PASSWORD"
+
+DATABASE_HOSTNAME=$(escape_shell_quote $DATABASE_HOSTNAME)
+echo "DATABASE_HOSTNAME=$DATABASE_HOSTNAME"
+
+CONFIG_FILE_FULL_PATH=$(escape_shell_quote $CONFIG_FILE_FULL_PATH)
+echo "CONFIG_FILE_FULL_PATH=$CONFIG_FILE_FULL_PATH"
+
+CMS_TYPE=$(escape_shell_quote $CMS_TYPE)
+echo "CMS_TYPE=$CMS_TYPE"
+
+SITE_FOLDER=$(escape_shell_quote $SITE_FOLDER)
+echo "SITE_FOLDER=$SITE_FOLDER"
+
+USER=$(escape_shell_quote $USER)
+echo "USER=$USER"

From e4b0be46b63b2d4b141eac38f84f79a1eb031ac5 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 12 Jul 2020 20:38:06 +0200
Subject: [PATCH 1122/2300] replace_php_config_value function

---
 func/main.sh | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/func/main.sh b/func/main.sh
index 5d85e7e4..d86d3e59 100644
--- a/func/main.sh
+++ b/func/main.sh
@@ -1045,3 +1045,15 @@ escape_shell_quote() {
     local escape_shell_quoted=${1//\'/\'\\\'\'};
     printf "'%s'" "$escape_shell_quoted"
 }
+
+replace_php_config_value() {
+    if [ ! -z $4 ]; then
+        if [ "$4" = "yes" ] || [ $4 -eq 1 ]; then
+            echo "=== Replacing $1 to $2 in $3"
+        fi
+    fi
+    sed -i "s|'$1'|'$2'|g" $3
+    sed -i "s|\"$1\"|\"$2\"|g" $3
+    sed -i "s|=$1$|=$2|g" $3
+    sed -i "s|= $1$|= $2|g" $3
+}

From 9ac43d1f8fa6e3cbfd417727d8dbcd30d1e0f035 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 12 Jul 2020 20:41:27 +0200
Subject: [PATCH 1123/2300] Update main.sh

---
 func/main.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/func/main.sh b/func/main.sh
index d86d3e59..7d0f48f1 100644
--- a/func/main.sh
+++ b/func/main.sh
@@ -1047,8 +1047,8 @@ escape_shell_quote() {
 }
 
 replace_php_config_value() {
-    if [ ! -z $4 ]; then
-        if [ "$4" = "yes" ] || [ $4 -eq 1 ]; then
+    if [ ! -z "$4" ]; then
+        if [ "$4" = "yes" ] || [ "$4" = "true" ] || [ "$4" = "1" ] || [ $4 -eq 1 ]; then
             echo "=== Replacing $1 to $2 in $3"
         fi
     fi

From 1ddba4e853b6002128645c55f28fa699fcb1d86c Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 12 Jul 2020 21:00:23 +0200
Subject: [PATCH 1124/2300] get_database_name_without_user_prefix function

---
 func/main.sh | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/func/main.sh b/func/main.sh
index 7d0f48f1..cdb76484 100644
--- a/func/main.sh
+++ b/func/main.sh
@@ -1057,3 +1057,11 @@ replace_php_config_value() {
     sed -i "s|=$1$|=$2|g" $3
     sed -i "s|= $1$|= $2|g" $3
 }
+
+get_database_name_without_user_prefix() {
+    user=$1
+    db=$2
+    user_len=${#user}
+    user_len=$((user_len+1))
+    echo ${db:user_len}
+}

From 70a59fbedf6ca6269f558ccdfd2b5080c6079abb Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 12 Jul 2020 21:41:59 +0200
Subject: [PATCH 1125/2300] Update v-get-database-credentials-of-site

---
 bin/v-get-database-credentials-of-site | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-get-database-credentials-of-site b/bin/v-get-database-credentials-of-site
index 54a69b73..9375f023 100644
--- a/bin/v-get-database-credentials-of-site
+++ b/bin/v-get-database-credentials-of-site
@@ -97,4 +97,4 @@ SITE_FOLDER=$(escape_shell_quote $SITE_FOLDER)
 echo "SITE_FOLDER=$SITE_FOLDER"
 
 USER=$(escape_shell_quote $USER)
-echo "USER=$USER"
+echo "SITE_USER=$USER"

From 4a124089813c3fd01a70ab65fa177a24efdfb3c1 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 12 Jul 2020 22:09:54 +0200
Subject: [PATCH 1126/2300] Update and rename
 v-get-database-credentials-of-site to v-get-database-credentials-of-domain

---
 ...e => v-get-database-credentials-of-domain} | 45 ++++++++++++++-----
 1 file changed, 35 insertions(+), 10 deletions(-)
 rename bin/{v-get-database-credentials-of-site => v-get-database-credentials-of-domain} (79%)

diff --git a/bin/v-get-database-credentials-of-site b/bin/v-get-database-credentials-of-domain
similarity index 79%
rename from bin/v-get-database-credentials-of-site
rename to bin/v-get-database-credentials-of-domain
index 9375f023..0082dc9c 100644
--- a/bin/v-get-database-credentials-of-site
+++ b/bin/v-get-database-credentials-of-domain
@@ -1,5 +1,33 @@
 #!/bin/bash
 
+# info: get database credentials of domain and other basic data
+# options: DOMAIN [SUBFOLDER]
+#
+# The function get database credentials of domain and other basic data.
+
+
+#----------------------------------------------------------#
+#               Check necessary parameters                 #
+#----------------------------------------------------------#
+
+if [ $# -lt 1 ]; then
+    echo "USAGE: v-get-database-credentials-of-site DOMAIN [SUBFOLDER]"
+    exit 1
+fi
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+
+# Argument definition
+DOMAIN=$1
+domain=$1
+SUBFOLDER=''
+if [ $# -gt 1 ]; then
+    SUBFOLDER=$2
+fi
+
 # Importing system environment
 source /etc/profile
 
@@ -7,16 +35,9 @@ source /etc/profile
 source /usr/local/vesta/func/main.sh
 
 
-if [ $# -lt 1 ]; then
-    echo "USAGE: v-get-database-credentials-of-site DOMAIN [SUBFOLDER]"
-    exit 1
-fi
-
-DOMAIN=$1
-SUBFOLDER=''
-if [ $# -gt 1 ]; then
-    SUBFOLDER=$2
-fi
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
 
 USER=$(/usr/local/vesta/bin/v-search-domain-owner "$DOMAIN")
 if [ -z "$USER" ]; then
@@ -24,6 +45,10 @@ if [ -z "$USER" ]; then
     exit 2
 fi
 
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
 SITE_FOLDER="/home/$USER/web/$DOMAIN/public_html"
 CHECK_PUBLIC_SHTML=$(/usr/local/vesta/bin/v-list-web-domain "$USER" "$DOMAIN" | grep 'SSL:' | grep -c 'single')
 if [ $CHECK_PUBLIC_SHTML -eq 1 ]; then

From d3229d4fbda2d6a57ad2fbbe4ba79fd3909ad649 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 12 Jul 2020 22:24:35 +0200
Subject: [PATCH 1127/2300] Update v-get-database-credentials-of-domain

---
 bin/v-get-database-credentials-of-domain | 21 ++++++---------------
 1 file changed, 6 insertions(+), 15 deletions(-)

diff --git a/bin/v-get-database-credentials-of-domain b/bin/v-get-database-credentials-of-domain
index 0082dc9c..7ebade2a 100644
--- a/bin/v-get-database-credentials-of-domain
+++ b/bin/v-get-database-credentials-of-domain
@@ -1,28 +1,16 @@
 #!/bin/bash
 
-# info: get database credentials of domain and other basic data
+# info: get database credentials and other basic data of domain
 # options: DOMAIN [SUBFOLDER]
 #
-# The function get database credentials of domain and other basic data.
-
-
-#----------------------------------------------------------#
-#               Check necessary parameters                 #
-#----------------------------------------------------------#
-
-if [ $# -lt 1 ]; then
-    echo "USAGE: v-get-database-credentials-of-site DOMAIN [SUBFOLDER]"
-    exit 1
-fi
+# The function get database credentials and other basic data of domain.
 
 #----------------------------------------------------------#
 #                    Variable&Function                     #
 #----------------------------------------------------------#
 
-
 # Argument definition
 DOMAIN=$1
-domain=$1
 SUBFOLDER=''
 if [ $# -gt 1 ]; then
     SUBFOLDER=$2
@@ -34,11 +22,14 @@ source /etc/profile
 # Includes
 source /usr/local/vesta/func/main.sh
 
-
 #----------------------------------------------------------#
 #                    Verifications                         #
 #----------------------------------------------------------#
 
+check_args '1' "$#" 'DOMAIN [SUBFOLDER]'
+domain=$DOMAIN
+is_format_valid 'domain'
+
 USER=$(/usr/local/vesta/bin/v-search-domain-owner "$DOMAIN")
 if [ -z "$USER" ]; then
     echo "Error: domain $DOMAIN does not exists"

From 8159689b1ab0318d91bda8dab2bf04cc3f52b344 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 12 Jul 2020 23:13:00 +0200
Subject: [PATCH 1128/2300] Update v-get-database-credentials-of-domain

---
 bin/v-get-database-credentials-of-domain | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/bin/v-get-database-credentials-of-domain b/bin/v-get-database-credentials-of-domain
index 7ebade2a..71dcfe31 100644
--- a/bin/v-get-database-credentials-of-domain
+++ b/bin/v-get-database-credentials-of-domain
@@ -91,6 +91,19 @@ if [ "$CMS_TYPE" = "joomla" ]; then
     rm $CONFIG_FILE_FULL_PATH_BACKUP
 fi
 
+if [ ! -z "$DATABASE_NAME" ]; then
+    DATABASE_NAME_WITHOUT_USER_PREFIX=$(get_database_name_without_user_prefix "$USER" "$DATABASE_NAME")
+fi
+if [ ! -z "$DATABASE_USERNAME" ]; then
+    DATABASE_USERNAME_WITHOUT_USER_PREFIX=$(get_database_name_without_user_prefix "$USER" "$DATABASE_USERNAME")
+fi
+
+DATABASE_NAME_WITHOUT_USER_PREFIX=$(escape_shell_quote $DATABASE_NAME_WITHOUT_USER_PREFIX)
+echo "DATABASE_NAME_WITHOUT_USER_PREFIX=$DATABASE_NAME_WITHOUT_USER_PREFIX"
+
+DATABASE_USERNAME_WITHOUT_USER_PREFIX=$(escape_shell_quote $DATABASE_USERNAME_WITHOUT_USER_PREFIX)
+echo "DATABASE_USERNAME_WITHOUT_USER_PREFIX=$DATABASE_USERNAME_WITHOUT_USER_PREFIX"
+
 DATABASE_NAME=$(escape_shell_quote $DATABASE_NAME)
 echo "DATABASE_NAME=$DATABASE_NAME"
 

From 88e612a2165e42b028beb73a0abe1ecbf0e173f6 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 13 Jul 2020 00:06:12 +0200
Subject: [PATCH 1129/2300] Create v-move-domain-and-database-to-account

---
 bin/v-move-domain-and-database-to-account | 77 +++++++++++++++++++++++
 1 file changed, 77 insertions(+)
 create mode 100644 bin/v-move-domain-and-database-to-account

diff --git a/bin/v-move-domain-and-database-to-account b/bin/v-move-domain-and-database-to-account
new file mode 100644
index 00000000..7257f41d
--- /dev/null
+++ b/bin/v-move-domain-and-database-to-account
@@ -0,0 +1,77 @@
+#!/bin/bash
+# info: change domain and database owner
+# options: DOMAIN USER
+#
+# The function of changing domain and database ownership.
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument definition
+domain=$1
+user=$2
+
+# Importing system environment
+source /etc/profile
+
+# Includes
+source /usr/local/vesta/func/main.sh
+
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '2' "$#" 'DOMAIN USER'
+is_format_valid 'domain' 'user'
+is_object_valid 'user' 'USER' "$user"
+is_object_unsuspended 'user' 'USER' "$user"
+owner=$(/usr/local/vesta/bin/v-search-domain-owner $domain)
+if [ -z "$owner" ]; then
+    check_result $E_NOTEXIST "domain $domain doesn't exist"
+fi
+if [ "$owner" = "$user" ]; then
+    exit
+fi
+
+USER_TO=$user
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+echo "================================="
+r=$(/usr/local/vesta/bin/v-get-database-credentials-of-domain $domain)
+echo $r
+eval $r
+echo "================================="
+
+if [ ! -z "$DATABASE_NAME" ]; then
+    echo "=== v-change-database-owner $DATABASE_NAME $USER_TO"
+    /usr/local/vesta/bin/v-change-database-owner $DATABASE_NAME $USER_TO
+    if [ $? -ne 0 ]; then
+        echo "=== v-change-database-owner failed"
+    fi
+
+    if [ ! -z "$DATABASE_USERNAME" ] && [ ! -z "$CONFIG_FILE_FULL_PATH" ]; then
+       replace_php_config_value "${DATABASE_NAME}" "${USER_TO}_${DATABASE_NAME_WITHOUT_USER_PREFIX}" "$CONFIG_FILE_FULL_PATH" "yes"
+       replace_php_config_value "${DATABASE_USERNAME}" "${USER_TO}_${DATABASE_USERNAME_WITHOUT_USER_PREFIX}" "$CONFIG_FILE_FULL_PATH" "yes"
+    else
+        if [ -z "$DATABASE_USERNAME" ]; then
+            echo "=== DATABASE_USERNAME is empty, so we will not change config file"
+        fi
+        if [ -z "$CONFIG_FILE_FULL_PATH" ]; then
+            echo "=== CONFIG_FILE_FULL_PATH is empty, so we will not change config file"
+        fi
+    fi
+else
+    echo "=== DATABASE_NAME is empty, so we will not move database"
+fi
+
+echo "=== v-change-domain-owner $domain $USER_TO"
+/usr/local/vesta/bin/v-change-domain-owner $domain $USER_TO
+if [ $? -ne 0 ]; then
+    echo "=== v-change-domain-owner failed"
+fi

From e698be870789fd11380fd665630ca212b4a71d48 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 13 Jul 2020 11:06:16 +0200
Subject: [PATCH 1130/2300] Update and rename
 src/deb/for-download/tools/create_wp_https to bin/v-install-wordpress

---
 .../v-install-wordpress                       | 23 +++++++++----------
 1 file changed, 11 insertions(+), 12 deletions(-)
 rename src/deb/for-download/tools/create_wp_https => bin/v-install-wordpress (81%)

diff --git a/src/deb/for-download/tools/create_wp_https b/bin/v-install-wordpress
similarity index 81%
rename from src/deb/for-download/tools/create_wp_https
rename to bin/v-install-wordpress
index edfb58c5..401c998f 100644
--- a/src/deb/for-download/tools/create_wp_https
+++ b/bin/v-install-wordpress
@@ -4,7 +4,7 @@
 # Credits to Luka Paunović for wp-cli implememtation
 
 if [ $# -lt 1 ]; then
-    echo usage: create_wp_https domain [db_name] [email]
+    echo usage: v-install-wordpress domain [db_name] [email]
     exit 1
 fi
 
@@ -80,19 +80,20 @@ v-add-database $user $DBUSERSUF $DBUSERSUF $PASSWDDB mysql
 
 cd /home/$user
 
-rm -rf /home/$user/wp
-curl -O https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar
-chmod +x wp-cli.phar
-sudo mv wp-cli.phar wp
-
+if [ ! -f "/usr/local/bin/wp" ]; then
+    echo "=== Downloading latest wp-cli"
+    wget -nv https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar -O /usr/local/bin/wp
+    chmod +x /usr/local/bin/wp
+fi
+    
 cd /home/$user/web/$domain/public_html
 
-sudo -H -u$user /home/$user/wp core download
-sudo -H -u$user /home/$user/wp core config --dbname=$DBUSER --dbuser=$DBUSER --dbpass=$PASSWDDB
+sudo -H -u$user wp core download
+sudo -H -u$user wp core config --dbname=$DBUSER --dbuser=$DBUSER --dbpass=$PASSWDDB
 
 password=$(LC_CTYPE=C tr -dc A-Za-z0-9_\!\@\#\$\%\^\&\*\(\)-+= < /dev/urandom | head -c 12)
 
-sudo -H -u$user /home/$user/wp core install --url="$domain" --title="$domain" --admin_user="admin" --admin_password="$password" --admin_email="$email" --path=$WORKINGDIR
+sudo -H -u$user wp core install --url="$domain" --title="$domain" --admin_user="admin" --admin_password="$password" --admin_email="$email" --path=$WORKINGDIR
 
 #FIX za https://github.com/wp-cli/wp-cli/issues/2632
 
@@ -113,7 +114,5 @@ echo "================================================================="
 
 chown -R $user:$user $WORKINGDIR
 
-rm -rf /home/$user/wp
-
-echo "create_wp_https: Done."
+echo "v-install-wordpress: Done."
 exit 0

From b4897e982b89fbb2a8b5d7e8cbe510b52695dc0a Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 13 Jul 2020 11:31:11 +0200
Subject: [PATCH 1131/2300] Rename v-make-separate-ip-for-email to
 v-make-separated-ip-for-email

---
 ...v-make-separate-ip-for-email => v-make-separated-ip-for-email} | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 rename bin/{v-make-separate-ip-for-email => v-make-separated-ip-for-email} (100%)

diff --git a/bin/v-make-separate-ip-for-email b/bin/v-make-separated-ip-for-email
similarity index 100%
rename from bin/v-make-separate-ip-for-email
rename to bin/v-make-separated-ip-for-email

From 1b60828e04f8572680761d7ff1f39b265522d2ed Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 13 Jul 2020 11:33:53 +0200
Subject: [PATCH 1132/2300] Update v-install-wordpress

---
 bin/v-install-wordpress | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/bin/v-install-wordpress b/bin/v-install-wordpress
index 401c998f..e2d07a9b 100644
--- a/bin/v-install-wordpress
+++ b/bin/v-install-wordpress
@@ -35,10 +35,12 @@ if [ ! -d "/home/$user/web/$domain/public_html" ]; then
     exit 1;
 fi
 
-if [ ! -f "/home/$user/conf/web/ssl.$domain.pem" ]; then
+LETSENCRYPT=$($VESTA/bin/v-list-web-domain "$user" "$domain" | grep 'LETSENCRYPT:' | awk '{print $2}')
+if [ "$LETSENCRYPT" != "yes" ]; then
     v-add-letsencrypt-domain "$user" "$domain" "www.$domain" "yes"
 fi
-if [ -f "/home/$user/conf/web/ssl.$domain.pem" ]; then
+LETSENCRYPT=$($VESTA/bin/v-list-web-domain "$user" "$domain" | grep 'LETSENCRYPT:' | awk '{print $2}')
+if [ "$LETSENCRYPT" = "yes" ]; then
     if [ -f "/usr/local/vesta/data/templates/web/nginx/force-https.stpl" ]; then
         v-change-web-domain-proxy-tpl  "$user" "$domain" "force-https" "jpeg,jpg,png,gif,bmp,ico,svg,tif,tiff,css,js,ttf,otf,webp,txt,csv,rtf,doc,docx,xls,xlsx,ppt,pptx,odf,odp,ods,odt,pdf,psd,ai,eot,eps,ps,zip,tar,tgz,gz,rar,bz2,7z,aac,m4a,mp3,mp4,ogg,wav,wma,3gp,avi,flv,m4v,mkv,mov,mpeg,mpg,wmv,exe,iso,dmg,swf,woff,woff2" "yes"
     fi
@@ -48,11 +50,9 @@ else
 fi
 
 WORKINGDIR="/home/$user/web/$domain/public_html"
-# FILE=latest.tar.gz
 
 rm -rf $WORKINGDIR/*
 
-#DBUSERSUF=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 5 | head -n 1)
 DBUSERSUF="$START_DB";
 DBUSERSUFB="$START_DB";
 DBUSER=$user\_$DBUSERSUFB;

From 32d5ed48d07b14337d43231133a6c4c8561795f0 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 13 Jul 2020 11:38:38 +0200
Subject: [PATCH 1133/2300] making v-install-wordpress for both http and https

---
 bin/v-install-wordpress | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/bin/v-install-wordpress b/bin/v-install-wordpress
index e2d07a9b..6d04e546 100644
--- a/bin/v-install-wordpress
+++ b/bin/v-install-wordpress
@@ -35,18 +35,17 @@ if [ ! -d "/home/$user/web/$domain/public_html" ]; then
     exit 1;
 fi
 
+PROTOCOL='http'
 LETSENCRYPT=$($VESTA/bin/v-list-web-domain "$user" "$domain" | grep 'LETSENCRYPT:' | awk '{print $2}')
 if [ "$LETSENCRYPT" != "yes" ]; then
     v-add-letsencrypt-domain "$user" "$domain" "www.$domain" "yes"
 fi
 LETSENCRYPT=$($VESTA/bin/v-list-web-domain "$user" "$domain" | grep 'LETSENCRYPT:' | awk '{print $2}')
 if [ "$LETSENCRYPT" = "yes" ]; then
+    PROTOCOL='https'
     if [ -f "/usr/local/vesta/data/templates/web/nginx/force-https.stpl" ]; then
         v-change-web-domain-proxy-tpl  "$user" "$domain" "force-https" "jpeg,jpg,png,gif,bmp,ico,svg,tif,tiff,css,js,ttf,otf,webp,txt,csv,rtf,doc,docx,xls,xlsx,ppt,pptx,odf,odp,ods,odt,pdf,psd,ai,eot,eps,ps,zip,tar,tgz,gz,rar,bz2,7z,aac,m4a,mp3,mp4,ogg,wav,wma,3gp,avi,flv,m4v,mkv,mov,mpeg,mpg,wmv,exe,iso,dmg,swf,woff,woff2" "yes"
     fi
-else
-    echo "Error: Can not generate SSL."
-    exit 20
 fi
 
 WORKINGDIR="/home/$user/web/$domain/public_html"
@@ -97,16 +96,16 @@ sudo -H -u$user wp core install --url="$domain" --title="$domain" --admin_user="
 
 #FIX za https://github.com/wp-cli/wp-cli/issues/2632
 
-mysql -u$DBUSER -p$PASSWDDB -e "USE $DBUSER; update wp_options set option_value = 'https://$domain' where option_name = 'siteurl'; update wp_options set option_value = 'https://$domain' where option_name = 'home';"
+mysql -u$DBUSER -p$PASSWDDB -e "USE $DBUSER; update wp_options set option_value = '$PROTOCOL://$domain' where option_name = 'siteurl'; update wp_options set option_value = '$PROTOCOL://$domain' where option_name = 'home';"
 
 # clear
 
 echo "================================================================="
 echo "Installation is complete. Your username/password is listed below."
 echo ""
-echo "Site: https://$domain/"
+echo "Site: $PROTOCOL://$domain/"
 echo ""
-echo "Login: https://$domain/wp-admin/"
+echo "Login: $PROTOCOL://$domain/wp-admin/"
 echo "Username: admin"
 echo "Password: $password"
 echo ""

From 6ebf690d54b8c5fe0d6fc3e84924da7e404def3f Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 13 Jul 2020 12:01:30 +0200
Subject: [PATCH 1134/2300] Update v-get-database-credentials-of-domain

---
 bin/v-get-database-credentials-of-domain | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/bin/v-get-database-credentials-of-domain b/bin/v-get-database-credentials-of-domain
index 71dcfe31..c32ef657 100644
--- a/bin/v-get-database-credentials-of-domain
+++ b/bin/v-get-database-credentials-of-domain
@@ -27,8 +27,7 @@ source /usr/local/vesta/func/main.sh
 #----------------------------------------------------------#
 
 check_args '1' "$#" 'DOMAIN [SUBFOLDER]'
-domain=$DOMAIN
-is_format_valid 'domain'
+is_domain_format_valid "$DOMAIN"
 
 USER=$(/usr/local/vesta/bin/v-search-domain-owner "$DOMAIN")
 if [ -z "$USER" ]; then

From 812d92b5f3297aebce57c8f22fbb6beab8d6167b Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 13 Jul 2020 12:03:37 +0200
Subject: [PATCH 1135/2300] Update v-make-separated-ip-for-email

---
 bin/v-make-separated-ip-for-email | 19 +++++++++++++++----
 1 file changed, 15 insertions(+), 4 deletions(-)

diff --git a/bin/v-make-separated-ip-for-email b/bin/v-make-separated-ip-for-email
index 0dfc68d7..bdc66036 100644
--- a/bin/v-make-separated-ip-for-email
+++ b/bin/v-make-separated-ip-for-email
@@ -5,10 +5,9 @@
 #
 # The function add new ip, add new host for mail, try to generate letsencrypt for it, and makes email to be sent via that IP only for SMTP authenticated users
 
-if [ $# -lt 2 ]; then
-    echo "USAGE: v-make-separate-ip-for-email MAIL_HOSTNAME MAIL_IP"
-    exit 1
-fi
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
 
 MAIL_HOSTNAME=$1
 MAIL_IP=$2
@@ -25,6 +24,14 @@ else
     INTERFACE='eth0'
 fi
 
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '2' "$#" 'MAIL_HOSTNAME MAIL_IP'
+is_domain_format_valid "$MAIL_HOSTNAME"
+is_ip_format_valid "$MAIL_IP"
+
 HOST_USER=$($VESTA/bin/v-search-domain-owner "$HOSTNAME")
 if [ -z "$HOST_USER" ]; then
     echo "Error: hostname $HOSTNAME is not created as web domain"
@@ -44,6 +51,10 @@ if [ $# -gt 3 ]; then
     echo "INTERFACE    : $INTERFACE"
 fi
 
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
 if [ ! -f "/usr/local/vesta/data/ips/$MAIL_IP" ]; then
     $VESTA/bin/v-add-sys-ip  "$MAIL_IP" "$NETMASK" "$INTERFACE" 'admin' 'dedicated' '' ''
 fi

From 155b8d21c7a3b1d9bea1ce35a19aa6fe56d2aaa5 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 13 Jul 2020 15:13:51 +0200
Subject: [PATCH 1136/2300] Update and rename v-create-ip-ssl to v-make-ip-ssl

---
 bin/v-create-ip-ssl | 37 ---------------------------
 bin/v-make-ip-ssl   | 61 +++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 61 insertions(+), 37 deletions(-)
 delete mode 100644 bin/v-create-ip-ssl
 create mode 100644 bin/v-make-ip-ssl

diff --git a/bin/v-create-ip-ssl b/bin/v-create-ip-ssl
deleted file mode 100644
index b1d7a40a..00000000
--- a/bin/v-create-ip-ssl
+++ /dev/null
@@ -1,37 +0,0 @@
-#!/bin/bash
-
-if [ $# -lt 2 ]; then
-    echo usage: v-create-ip-ssl USER DOMAIN
-    exit 1
-fi
-
-user=$1
-domain=$2
-
-echo "Script ran with: $user $domain" >> /usr/local/vesta/log/v-create-ip-ssl.log
-
-grepr=$(grep -c "^$domain:" /etc/exim4/virtual/interfaces)
-if [ $grepr -ge 1 ]; then
-    grepr=$(grep "^$domain:" /etc/exim4/virtual/interfaces)
-    ip=${grepr/$domain: /}
-    if [ ! -z "$ip" ]; then
-        echo "Processinng $domain" >> /usr/local/vesta/log/v-create-ip-ssl.log
-        echo "IP = $ip" >> /usr/local/vesta/log/v-create-ip-ssl.log
-        cp /home/$user/conf/web/ssl.$domain.pem /usr/local/vesta/ssl/$ip.crt
-        cp /home/$user/conf/web/ssl.$domain.key /usr/local/vesta/ssl/$ip.key
-
-        exim_user="exim";
-        check_exim_username=$(grep -c '^Debian-exim:' /etc/passwd)
-        if [ "$check_exim_username" -eq 1 ]; then
-            exim_user="Debian-exim"
-        fi
-
-        # Assign exim permissions
-        chown $exim_user:mail /usr/local/vesta/ssl/$ip.crt
-        chown $exim_user:mail /usr/local/vesta/ssl/$ip.key
-
-        service exim4 restart
-        service dovecot restart
-        echo "Done." >> /usr/local/vesta/log/v-create-ip-ssl.log
-    fi
-fi
diff --git a/bin/v-make-ip-ssl b/bin/v-make-ip-ssl
new file mode 100644
index 00000000..68e26862
--- /dev/null
+++ b/bin/v-make-ip-ssl
@@ -0,0 +1,61 @@
+#!/bin/bash
+
+# info: Copy host SSL as IP SSL
+# options: USER DOMAIN
+#
+# The function check if specific (sub)domain is marked as main host for specific IP, get its SSL and put it as IP SSL in /usr/local/vesta/ssl/
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument definition
+user=$1
+domain=$2
+
+# Importing system environment
+source /etc/profile
+
+# Includes
+source /usr/local/vesta/func/main.sh
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '2' "$#" 'USER DOMAIN'
+is_format_valid 'user' 'domain'
+is_object_valid 'user' 'USER' "$user"
+is_object_unsuspended 'user' 'USER' "$user"
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+echo "Script ran with: $user $domain" >> /usr/local/vesta/log/v-create-ip-ssl.log
+
+grepr=$(grep -c "^$domain:" /etc/exim4/virtual/interfaces)
+if [ $grepr -ge 1 ]; then
+    grepr=$(grep "^$domain:" /etc/exim4/virtual/interfaces)
+    ip=${grepr/$domain: /}
+    if [ ! -z "$ip" ]; then
+        echo "Processinng $domain" >> /usr/local/vesta/log/v-create-ip-ssl.log
+        echo "IP = $ip" >> /usr/local/vesta/log/v-create-ip-ssl.log
+        cp /home/$user/conf/web/ssl.$domain.pem /usr/local/vesta/ssl/$ip.crt
+        cp /home/$user/conf/web/ssl.$domain.key /usr/local/vesta/ssl/$ip.key
+
+        exim_user="exim";
+        check_exim_username=$(grep -c '^Debian-exim:' /etc/passwd)
+        if [ "$check_exim_username" -eq 1 ]; then
+            exim_user="Debian-exim"
+        fi
+
+        # Assign exim permissions
+        chown $exim_user:mail /usr/local/vesp.crt ta/ssl/$
+        chown $exim_user:mail /usr/local/vesta/ssl/$ip.key
+
+        service exim4 restart
+        service dovecot restart
+        echo "Done." >> /usr/local/vesta/log/v-create-ip-ssl.log
+    fi
+fi

From 6f9bc5a77cac57a5f30455a3e9bf89bee8724908 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 13 Jul 2020 15:16:40 +0200
Subject: [PATCH 1137/2300] Update v-make-separated-ip-for-email

---
 bin/v-make-separated-ip-for-email | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/bin/v-make-separated-ip-for-email b/bin/v-make-separated-ip-for-email
index bdc66036..a969afb0 100644
--- a/bin/v-make-separated-ip-for-email
+++ b/bin/v-make-separated-ip-for-email
@@ -104,9 +104,9 @@ else
 fi
 
 echo "=== Generating IP for hostname $HOSTNAME"
-$VESTA/bin/v-create-ip-ssl "$HOST_USER" "$HOSTNAME"
+$VESTA/bin/v-make-ip-ssl "$HOST_USER" "$HOSTNAME"
 echo "=== Generating IP for mail hostname $MAIL_HOSTNAME"
-$VESTA/bin/v-create-ip-ssl "$MAIL_USER" "$MAIL_HOSTNAME"
+$VESTA/bin/v-make-ip-ssl "$MAIL_USER" "$MAIL_HOSTNAME"
 
 check_grep=$(grep -c 'smtp_active_hostname' /etc/exim4/exim4.conf.template)
 if [ "$check_grep" -eq 0 ]; then
@@ -127,12 +127,12 @@ else
     echo "=== exim4.conf.template already patched"
 fi
 
-check_grep=$(grep -c 'v-create-ip-ssl' /usr/local/vesta/conf/vesta.conf)
+check_grep=$(grep -c 'v-make-ip-ssl' /usr/local/vesta/conf/vesta.conf)
 if [ "$check_grep" -eq 0 ]; then
-    echo "=== Set UPDATE_SSL_SCRIPT to 'v-create-ip-ssl'"
-    echo "UPDATE_SSL_SCRIPT='/usr/local/vesta/bin/v-create-ip-ssl'" >> /usr/local/vesta/conf/vesta.conf
+    echo "=== Set UPDATE_SSL_SCRIPT to 'v-make-ip-ssl'"
+    echo "UPDATE_SSL_SCRIPT='/usr/local/vesta/bin/v-make-ip-ssl'" >> /usr/local/vesta/conf/vesta.conf
 else
-    echo "=== Value UPDATE_SSL_SCRIPT is already 'v-create-ip-ssl'"
+    echo "=== Value UPDATE_SSL_SCRIPT is already 'v-make-ip-ssl'"
 fi
 
 check_grep=$(grep -c "ip4:$MAIL_IP" /usr/local/vesta/data/templates/dns/default.tpl)

From 6c3033d74db678dde670cc01931daaf190546271 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 13 Jul 2020 15:25:23 +0200
Subject: [PATCH 1138/2300] Update v-make-ip-ssl

---
 bin/v-make-ip-ssl | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/bin/v-make-ip-ssl b/bin/v-make-ip-ssl
index 68e26862..2d446b16 100644
--- a/bin/v-make-ip-ssl
+++ b/bin/v-make-ip-ssl
@@ -32,15 +32,15 @@ is_object_unsuspended 'user' 'USER' "$user"
 #                       Action                             #
 #----------------------------------------------------------#
 
-echo "Script ran with: $user $domain" >> /usr/local/vesta/log/v-create-ip-ssl.log
+echo "Script ran with: $user $domain" >> /usr/local/vesta/log/v-make-ip-ssl.log
 
 grepr=$(grep -c "^$domain:" /etc/exim4/virtual/interfaces)
 if [ $grepr -ge 1 ]; then
     grepr=$(grep "^$domain:" /etc/exim4/virtual/interfaces)
     ip=${grepr/$domain: /}
     if [ ! -z "$ip" ]; then
-        echo "Processinng $domain" >> /usr/local/vesta/log/v-create-ip-ssl.log
-        echo "IP = $ip" >> /usr/local/vesta/log/v-create-ip-ssl.log
+        echo "Processinng $domain" >> /usr/local/vesta/log/v-make-ip-ssl.log
+        echo "IP = $ip" >> /usr/local/vesta/log/v-make-ip-ssl.log
         cp /home/$user/conf/web/ssl.$domain.pem /usr/local/vesta/ssl/$ip.crt
         cp /home/$user/conf/web/ssl.$domain.key /usr/local/vesta/ssl/$ip.key
 
@@ -51,11 +51,11 @@ if [ $grepr -ge 1 ]; then
         fi
 
         # Assign exim permissions
-        chown $exim_user:mail /usr/local/vesp.crt ta/ssl/$
+        chown $exim_user:mail /usr/local/vesta/ssl/$ip.crt
         chown $exim_user:mail /usr/local/vesta/ssl/$ip.key
 
         service exim4 restart
         service dovecot restart
-        echo "Done." >> /usr/local/vesta/log/v-create-ip-ssl.log
+        echo "Done." >> /usr/local/vesta/log/v-make-ip-ssl.log
     fi
 fi

From ff1d6f5ddec56b05d3454640c04c1789bda96f59 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 13 Jul 2020 15:58:49 +0200
Subject: [PATCH 1139/2300] Update v-clone-website

---
 src/deb/for-download/tools/v-clone-website | 76 +++++++++++++---------
 1 file changed, 45 insertions(+), 31 deletions(-)

diff --git a/src/deb/for-download/tools/v-clone-website b/src/deb/for-download/tools/v-clone-website
index 6fe8c19e..dd08021f 100644
--- a/src/deb/for-download/tools/v-clone-website
+++ b/src/deb/for-download/tools/v-clone-website
@@ -1,6 +1,8 @@
 #!/bin/bash
-
-# Migration tool that will copy whole site from one domain to another (sub)domain (on the same server), changing URL in database (it's careful with serialized arrays in database).
+# info: Migration tool that will copy whole site from one (sub)domain to another (sub)domain (on the same server)
+# options: FROM_DOMAIN TO_DOMAIN
+#
+# Migration tool that will copy whole site from one (sub)domain to another (sub)domain (on the same server), changing URL in database (it's careful with serialized arrays in database).
 # Useful for making staging copy in one command-line.
 # Automatic detection of WordPress, automaticaly read DB user, DB name, DB pass, automatic cloning to new database, automatic changing wp-config.php file.
 
@@ -20,6 +22,16 @@ if [ $# -lt 2 ]; then
     exit 1
 fi
 
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Importing system environment
+source /etc/profile
+
+# Includes
+source /usr/local/vesta/func/main.sh
+
 FROM_DOMAIN=''
 TO_DOMAIN=''
 FROM_DATABASE_NAME=''
@@ -31,18 +43,17 @@ TO_DATABASE_USERNAME=''
 TO_DATABASE_PASSWORD=''
 DATABASE_SUFIX='_migrated'
 
-if [ -z "$1" ]; then
-    echo "Error: FROM_DOMAIN is empty"
-    exit 2
-fi
-if [ -z "$2" ]; then
-    echo "Error: TO_DOMAIN is empty"
-    exit 3
-fi
-
 FROM_DOMAIN=$1
 TO_DOMAIN=$2
 
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '2' "$#" 'FROM_DOMAIN TO_DOMAIN'
+is_domain_format_valid "$FROM_DOMAIN"
+is_domain_format_valid "$TO_DOMAIN"
+
 ############################
 # handle --parameters=val
 handle_parameter() {
@@ -64,11 +75,18 @@ do
     handle_parameter $1
     shift
 done
-############################
 
-if [ -z "$VESTA" ]; then
-    VESTA="/usr/local/vesta"
-fi
+# Defining password-gen function
+gen_pass() {
+    MATRIX='0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'
+    LENGTH=32
+    while [ ${n:=1} -le $LENGTH ]; do
+        PASS="$PASS${MATRIX:$(($RANDOM%${#MATRIX})):1}"
+        let n+=1
+    done
+    echo "$PASS"
+}
+############################
 
 ###########################################################################
 
@@ -241,7 +259,6 @@ if [ $FROM_DOMAIN_HAS_SSL -eq 1 ] && [ $TO_DOMAIN_HAS_SSL -eq 0 ]; then
     SHOULD_INSTALL_SSL=1
 fi
 
-
 # ----------- CHECK -------------
 
 if [ $IT_IS_WP -eq 0 ]; then
@@ -261,10 +278,8 @@ else
     fi
 fi
 
-
 # ----------- PRINT -------------
 
-
 echo "==============================================================================="
 echo "FROM_DOMAIN = $FROM_DOMAIN"
 echo "TO_DOMAIN   = $TO_DOMAIN"
@@ -295,19 +310,9 @@ echo "FROM_DOMAIN_PROXY_EXT = $FROM_DOMAIN_PROXY_EXT"
 echo "==============================================================================="
 read -p "=== Press Enter to continue ==="
 
-
-# ----------- ACTION -------------
-
-# Defining password-gen function
-gen_pass() {
-    MATRIX='0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'
-    LENGTH=32
-    while [ ${n:=1} -le $LENGTH ]; do
-        PASS="$PASS${MATRIX:$(($RANDOM%${#MATRIX})):1}"
-        let n+=1
-    done
-    echo "$PASS"
-}
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
 
 if [ $CREATE_TO_USER -eq 1 ]; then
     pass=$(gen_pass)
@@ -410,3 +415,12 @@ fi
 
 echo "===== DONE ===="
 echo "You can visit http://$TO_DOMAIN/"
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+# Logging
+log_event "$OK" "$ARGUMENTS"
+
+exit

From 939d3a0d053c4686665ceef879e4771dd3d64868 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 13 Jul 2020 16:06:00 +0200
Subject: [PATCH 1140/2300] Update v-get-database-credentials-of-domain

---
 bin/v-get-database-credentials-of-domain | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/bin/v-get-database-credentials-of-domain b/bin/v-get-database-credentials-of-domain
index c32ef657..8e3778c2 100644
--- a/bin/v-get-database-credentials-of-domain
+++ b/bin/v-get-database-credentials-of-domain
@@ -126,3 +126,12 @@ echo "SITE_FOLDER=$SITE_FOLDER"
 
 USER=$(escape_shell_quote $USER)
 echo "SITE_USER=$USER"
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+# Logging
+log_event "$OK" "$ARGUMENTS"
+
+exit

From 99f2e5b1653741906864acec71aa0e745325353e Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 13 Jul 2020 16:08:38 +0200
Subject: [PATCH 1141/2300] Update v-make-ip-ssl

---
 bin/v-make-ip-ssl | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/bin/v-make-ip-ssl b/bin/v-make-ip-ssl
index 2d446b16..47e12b9d 100644
--- a/bin/v-make-ip-ssl
+++ b/bin/v-make-ip-ssl
@@ -59,3 +59,12 @@ if [ $grepr -ge 1 ]; then
         echo "Done." >> /usr/local/vesta/log/v-make-ip-ssl.log
     fi
 fi
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+# Logging
+log_event "$OK" "$ARGUMENTS"
+
+exit

From 47f5f8a1d18739b4ae76e8233e6004ac8737553e Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 13 Jul 2020 16:08:46 +0200
Subject: [PATCH 1142/2300] Update v-make-separated-ip-for-email

---
 bin/v-make-separated-ip-for-email | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/bin/v-make-separated-ip-for-email b/bin/v-make-separated-ip-for-email
index a969afb0..5a6e627b 100644
--- a/bin/v-make-separated-ip-for-email
+++ b/bin/v-make-separated-ip-for-email
@@ -9,6 +9,12 @@
 #                    Variable&Function                     #
 #----------------------------------------------------------#
 
+# Importing system environment
+source /etc/profile
+
+# Includes
+source /usr/local/vesta/func/main.sh
+
 MAIL_HOSTNAME=$1
 MAIL_IP=$2
 
@@ -158,3 +164,12 @@ if [ "$PTR" != "$MAIL_HOSTNAME" ]; then
     echo "WARNING: PTR for $MAIL_IP is $ptr"
     echo "WARNING: PTR for $MAIL_IP should be $MAIL_HOSTNAME"
 fi
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+# Logging
+log_event "$OK" "$ARGUMENTS"
+
+exit

From a3dba232b7e0b93e967203d761fb7451e0286b40 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 13 Jul 2020 21:56:15 +0200
Subject: [PATCH 1143/2300] phpmyadmin fix for apache-less

---
 install/vst-install-debian.sh | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 37566f95..408b6fd2 100755
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1078,11 +1078,11 @@ if [ "$mysql" = 'yes' ]; then
     mysql -e "FLUSH PRIVILEGES"
 
     # Configuring phpMyAdmin
+    if [ "$release" -eq 10 ]; then
+        mkdir /etc/phpmyadmin
+        mkdir -p /var/lib/phpmyadmin/tmp
+    fi
     if [ "$apache" = 'yes' ]; then
-        if [ "$release" -eq 10 ]; then
-            mkdir /etc/phpmyadmin
-            mkdir -p /var/lib/phpmyadmin/tmp
-        fi
         cp -f $vestacp/pma/apache.conf /etc/phpmyadmin/
         ln -s /etc/phpmyadmin/apache.conf /etc/apache2/conf.d/phpmyadmin.conf
     fi

From 39c3c619e02f20772516c59b6b54a65b5b03acb4 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 13 Jul 2020 23:46:49 +0200
Subject: [PATCH 1144/2300] Update v-install-wordpress

---
 bin/v-install-wordpress | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/bin/v-install-wordpress b/bin/v-install-wordpress
index 6d04e546..13c4b6b5 100644
--- a/bin/v-install-wordpress
+++ b/bin/v-install-wordpress
@@ -36,12 +36,11 @@ if [ ! -d "/home/$user/web/$domain/public_html" ]; then
 fi
 
 PROTOCOL='http'
-LETSENCRYPT=$($VESTA/bin/v-list-web-domain "$user" "$domain" | grep 'LETSENCRYPT:' | awk '{print $2}')
-if [ "$LETSENCRYPT" != "yes" ]; then
+if [ ! -f "/home/$user/conf/web/ssl.$domain.ca" ]; then
     v-add-letsencrypt-domain "$user" "$domain" "www.$domain" "yes"
 fi
-LETSENCRYPT=$($VESTA/bin/v-list-web-domain "$user" "$domain" | grep 'LETSENCRYPT:' | awk '{print $2}')
-if [ "$LETSENCRYPT" = "yes" ]; then
+
+if [ -f "/home/$user/conf/web/ssl.$domain.ca" ]; then
     PROTOCOL='https'
     if [ -f "/usr/local/vesta/data/templates/web/nginx/force-https.stpl" ]; then
         v-change-web-domain-proxy-tpl  "$user" "$domain" "force-https" "jpeg,jpg,png,gif,bmp,ico,svg,tif,tiff,css,js,ttf,otf,webp,txt,csv,rtf,doc,docx,xls,xlsx,ppt,pptx,odf,odp,ods,odt,pdf,psd,ai,eot,eps,ps,zip,tar,tgz,gz,rar,bz2,7z,aac,m4a,mp3,mp4,ogg,wav,wma,3gp,avi,flv,m4v,mkv,mov,mpeg,mpg,wmv,exe,iso,dmg,swf,woff,woff2" "yes"

From e9afc74c66d00802bde09d36024c6f1fa22526ad Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 13 Jul 2020 23:50:41 +0200
Subject: [PATCH 1145/2300] Update v-make-separated-ip-for-email

---
 bin/v-make-separated-ip-for-email | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/bin/v-make-separated-ip-for-email b/bin/v-make-separated-ip-for-email
index 5a6e627b..5905347c 100644
--- a/bin/v-make-separated-ip-for-email
+++ b/bin/v-make-separated-ip-for-email
@@ -83,9 +83,10 @@ else
     fi
 fi
 
-LETSENCRYPT=$($VESTA/bin/v-list-web-domain "$MAIL_USER" "$MAIL_HOSTNAME" | grep 'LETSENCRYPT:' | awk '{print $2}')
-if [ "$LETSENCRYPT" = "yes" ]; then
-    echo "=== LetsEncrypt already installed"
+# LETSENCRYPT=$($VESTA/bin/v-list-web-domain "$MAIL_USER" "$MAIL_HOSTNAME" | grep 'LETSENCRYPT:' | awk '{print $2}')
+# if [ "$LETSENCRYPT" = "yes" ]; then
+if [ -f "/home/$MAIL_USER/conf/web/ssl.$MAIL_HOSTNAME.ca" ]; then
+    echo "=== Signed SSL already installed"
 else
     echo "=== Installing LetsEncrypt for (sub)domain $MAIL_HOSTNAME"
     $VESTA/bin/v-add-letsencrypt-domain "$MAIL_USER" "$MAIL_HOSTNAME" "" "yes"

From cecd11cf315d8a521ecd892144a6357538531d69 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 13 Jul 2020 23:52:43 +0200
Subject: [PATCH 1146/2300] Update v-clone-website

---
 src/deb/for-download/tools/v-clone-website | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/deb/for-download/tools/v-clone-website b/src/deb/for-download/tools/v-clone-website
index dd08021f..3312c76c 100644
--- a/src/deb/for-download/tools/v-clone-website
+++ b/src/deb/for-download/tools/v-clone-website
@@ -160,7 +160,7 @@ FROM_DATABASE_NAME_WITHOUT_PREFIX=${FROM_DATABASE_NAME:FROM_USER_LEN}
 FROM_DATABASE_USERNAME_WITHOUT_PREFIX=${FROM_DATABASE_USERNAME:FROM_USER_LEN}
 
 FROM_DOMAIN_HAS_SSL=0
-if [ -f "/home/$FROM_USER/conf/web/ssl.$FROM_DOMAIN.pem" ]; then
+if [ -f "/home/$FROM_USER/conf/web/ssl.$FROM_DOMAIN.ca" ]; then
     FROM_DOMAIN_HAS_SSL=1
 fi
 
@@ -251,7 +251,7 @@ TO_DATABASE_USERNAME_WITHOUT_PREFIX=${TO_DATABASE_USERNAME:TO_USER_LEN}
 
 
 TO_DOMAIN_HAS_SSL=0
-if [ -f "/home/$TO_USER/conf/web/ssl.$TO_DOMAIN.pem" ]; then
+if [ -f "/home/$TO_USER/conf/web/ssl.$TO_DOMAIN.ca" ]; then
     TO_DOMAIN_HAS_SSL=1
 fi
 SHOULD_INSTALL_SSL=0

From ce8a4e630592f28b943e1361fa19d8e7abf4691e Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 13 Jul 2020 23:53:38 +0200
Subject: [PATCH 1147/2300] Update v-migrate-site-to-https

---
 src/deb/for-download/tools/v-migrate-site-to-https | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/deb/for-download/tools/v-migrate-site-to-https b/src/deb/for-download/tools/v-migrate-site-to-https
index e445fd27..5831c8ea 100644
--- a/src/deb/for-download/tools/v-migrate-site-to-https
+++ b/src/deb/for-download/tools/v-migrate-site-to-https
@@ -146,10 +146,10 @@ read -p "=== Press Enter to continue ==="
 domain=$FROM_DOMAIN
 user=$FROM_USER
 
-if [ ! -f "/home/$user/conf/web/ssl.$domain.pem" ]; then
+if [ ! -f "/home/$user/conf/web/ssl.$domain.ca" ]; then
     v-add-letsencrypt-domain "$user" "$domain" "www.$domain" "yes"
 fi
-if [ -f "/home/$user/conf/web/ssl.$domain.pem" ]; then
+if [ -f "/home/$user/conf/web/ssl.$domain.ca" ]; then
     if [ -f "/usr/local/vesta/data/templates/web/nginx/force-https.stpl" ]; then
         v-change-web-domain-proxy-tpl  "$user" "$domain" "force-https" "jpeg,jpg,png,gif,bmp,ico,svg,tif,tiff,css,js,ttf,otf,webp,txt,csv,rtf,doc,docx,xls,xlsx,ppt,pptx,odf,odp,ods,odt,pdf,psd,ai,eot,eps,ps,zip,tar,tgz,gz,rar,bz2,7z,aac,m4a,mp3,mp4,ogg,wav,wma,3gp,avi,flv,m4v,mkv,mov,mpeg,mpg,wmv,exe,iso,dmg,swf,woff,woff2" "yes"
     fi

From 9791041f62e60bd94b6f12a54147f2a66d45bdc9 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 13 Jul 2020 23:54:14 +0200
Subject: [PATCH 1148/2300] Rename
 src/deb/for-download/tools/v-migrate-site-to-https to
 bin/v-migrate-site-to-https

---
 {src/deb/for-download/tools => bin}/v-migrate-site-to-https | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 rename {src/deb/for-download/tools => bin}/v-migrate-site-to-https (100%)

diff --git a/src/deb/for-download/tools/v-migrate-site-to-https b/bin/v-migrate-site-to-https
similarity index 100%
rename from src/deb/for-download/tools/v-migrate-site-to-https
rename to bin/v-migrate-site-to-https

From 40ab4b6ac2dd9cc23d3c8e3d2f9085f38a36e3b6 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 13 Jul 2020 23:55:12 +0200
Subject: [PATCH 1149/2300] Rename src/deb/for-download/tools/v-clone-website
 to bin/v-clone-website

---
 {src/deb/for-download/tools => bin}/v-clone-website | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 rename {src/deb/for-download/tools => bin}/v-clone-website (100%)

diff --git a/src/deb/for-download/tools/v-clone-website b/bin/v-clone-website
similarity index 100%
rename from src/deb/for-download/tools/v-clone-website
rename to bin/v-clone-website

From b95bdb363a553e028b951098aa45795461fcc6b2 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 13 Jul 2020 23:58:11 +0200
Subject: [PATCH 1150/2300] Update README.md

---
 README.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index 7cc1caf5..54b59844 100644
--- a/README.md
+++ b/README.md
@@ -69,13 +69,13 @@ Useful tools
 
 + [Script that will convert Vesta to myVesta](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/convert-vesta-to-myvesta.sh)
 
-+ [Wordpress installer in one second](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/create_wp_https)
++ [Wordpress installer in one second](https://github.com/myvesta/vesta/blob/master/bin/v-install-wordpress)
 
 + [Script for importing cPanel backups to Vesta](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/cpanel-import.sh)
 
-+ [Cloning script that will copy the whole site from one domain to another (sub)domain](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/v-clone-website)
++ [Cloning script that will copy the whole site from one domain to another (sub)domain](https://github.com/myvesta/vesta/blob/master/bin/v-clone-website)
 
-+ [Script that will migrate your site from http to https, replacing http to https URLs in database](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/v-migrate-site-to-https)
++ [Script that will migrate your site from http to https, replacing http to https URLs in database](https://github.com/myvesta/vesta/blob/master/bin/v-migrate-site-to-https)
 
 + [Script that will install multiple PHP versions on your server](https://github.com/myvesta/vesta/blob/master/src/deb/for-download/tools/multi-php-install.sh)
 

From ab404bbdb7d13c5addded939d9501b81c14fef21 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 14 Jul 2020 23:36:11 +0200
Subject: [PATCH 1151/2300] Fix ip check for www in installer

---
 install/vst-install-debian.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 408b6fd2..65123d51 100755
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1563,7 +1563,7 @@ fi
 # Comparing hostname and ip
 make_ssl=0
 host_ip=$(host $servername | head -n 1 | awk '{print $NF}')
-if [ "$host_ip" != "$ip" ]; then
+if [ "$host_ip" != "$pub_ip" ]; then
     echo "***** PROBLEM: Hostname $servername is not pointing to your server (IP address $ip)"
     echo "Without pointing your hostname to your IP, LetsEncrypt SSL will not be generated for your server hostname."
     echo "Try to setup an A record in your DNS, pointing your hostname $servername to IP address $ip and then press ENTER."
@@ -1584,7 +1584,7 @@ if [ $make_ssl -eq 1 ]; then
     # Check if www is also pointing to our IP
     www_host="www.$servername"
     www_host_ip=$(host $www_host | head -n 1 | awk '{print $NF}')
-    if [ "$www_host_ip" != "$ip" ]; then
+    if [ "$www_host_ip" != "$pub_ip" ]; then
         if [ "$named" = 'yes' ]; then
             echo "=== Deleting www to server hostname"
             $VESTA/bin/v-delete-web-domain-alias 'admin' "$servername" "$www_host" 'no'

From a63b6281ef677b8fb0840956464a9b2c1ca28541 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 15 Jul 2020 00:01:19 +0200
Subject: [PATCH 1152/2300] Fix for letsencrypt issuing in apache-less variant

---
 bin/v-add-letsencrypt-domain | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/bin/v-add-letsencrypt-domain b/bin/v-add-letsencrypt-domain
index 57b764da..7294d0bd 100755
--- a/bin/v-add-letsencrypt-domain
+++ b/bin/v-add-letsencrypt-domain
@@ -180,6 +180,10 @@ for auth in $authz; do
                     ln -s "$conf" "$sconf"
                 fi
                 $BIN/v-restart-proxy
+                if [ -z "$PROXY_SYSTEM" ]; then
+                    # apache-less variant
+                    $BIN/v-restart-web
+                fi
                 check_result $? "Proxy restart failed" >/dev/null
             fi
         else

From 93aa6f852bec3eae1b550de7e8b5c1499b7fa340 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 15 Jul 2020 00:02:14 +0200
Subject: [PATCH 1153/2300] vesta-0.9.8-26-28

---
 src/deb/latest.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/latest.txt b/src/deb/latest.txt
index ace9cf30..a51c76bc 100644
--- a/src/deb/latest.txt
+++ b/src/deb/latest.txt
@@ -1 +1 @@
-vesta-0.9.8-26-27
+vesta-0.9.8-26-28

From f737c6e5e07514cd4102e2de9a830647cf9d5572 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 15 Jul 2020 00:09:18 +0200
Subject: [PATCH 1154/2300] Update Changelog.md

---
 Changelog.md | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/Changelog.md b/Changelog.md
index a6e94dc7..262b91ab 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -1,3 +1,11 @@
+Version 0.9.8-26-28 [15-Jul-2020]
+==================================================
+* [Feature] v-install-wordpress command introduced
+* [Feature] v-move-domain-and-database-to-account command introduced
+* [Feature] v-make-separated-ip-for-email command introduced
+* [Bugfix] Fix for LetsEncrypt renewing in apache-less variant (nginx + php-fpm variant)
+* [Bugfix] Fix for phpmyAdmin DB configuring in apache-less variant (nginx + php-fpm variant)
+
 Version 0.9.8-26-27 [05-Jul-2020]
 ==================================================
 * [Feature] Admins now see changelog when they open myVesta panel after myVesta get updated (changelog will dissapear on next refresh)

From 3fd1e641980e66ea45afcba0b66269e9041f75bc Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 15 Jul 2020 00:10:44 +0200
Subject: [PATCH 1155/2300] Update Changelog.md

---
 Changelog.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Changelog.md b/Changelog.md
index 262b91ab..b9134e98 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -3,7 +3,7 @@ Version 0.9.8-26-28 [15-Jul-2020]
 * [Feature] v-install-wordpress command introduced
 * [Feature] v-move-domain-and-database-to-account command introduced
 * [Feature] v-make-separated-ip-for-email command introduced
-* [Bugfix] Fix for LetsEncrypt renewing in apache-less variant (nginx + php-fpm variant)
+* [Bugfix] Fix for LetsEncrypt issuing in apache-less variant (nginx + php-fpm variant)
 * [Bugfix] Fix for phpmyAdmin DB configuring in apache-less variant (nginx + php-fpm variant)
 
 Version 0.9.8-26-27 [05-Jul-2020]

From c66bb6c81e77cf1af63eeb4bec2b356633e54409 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 15 Jul 2020 00:24:04 +0200
Subject: [PATCH 1156/2300] Update Changelog.md

---
 Changelog.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Changelog.md b/Changelog.md
index b9134e98..624b5b38 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -4,7 +4,7 @@ Version 0.9.8-26-28 [15-Jul-2020]
 * [Feature] v-move-domain-and-database-to-account command introduced
 * [Feature] v-make-separated-ip-for-email command introduced
 * [Bugfix] Fix for LetsEncrypt issuing in apache-less variant (nginx + php-fpm variant)
-* [Bugfix] Fix for phpmyAdmin DB configuring in apache-less variant (nginx + php-fpm variant)
+* [Bugfix] Fix for configuring phpMyAdmin DB in apache-less variant (nginx + php-fpm variant)
 
 Version 0.9.8-26-27 [05-Jul-2020]
 ==================================================

From a761da29e0249d06eb4ae3bc135d791c1a4f3cdb Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 15 Jul 2020 00:30:45 +0200
Subject: [PATCH 1157/2300] phpmyadmin 4.9.5 to install

---
 install/vst-install-debian.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 65123d51..fe385d01 100755
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1093,7 +1093,7 @@ if [ "$mysql" = 'yes' ]; then
       mkdir /root/phpmyadmin
       mkdir /usr/share/phpmyadmin
       
-      pma_v='4.9.1'
+      pma_v='4.9.5'
       echo "(*) Installing phpMyAdmin version v$pma_v..."
 
       cd /root/phpmyadmin

From 43a8ce9fa082e4c21f7ce1588b2b26092c7e12f6 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 17 Jul 2020 23:42:02 +0200
Subject: [PATCH 1158/2300] bold for changelog

---
 web/templates/admin/list_user.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/templates/admin/list_user.html b/web/templates/admin/list_user.html
index 66efaa63..4e65deed 100644
--- a/web/templates/admin/list_user.html
+++ b/web/templates/admin/list_user.html
@@ -65,7 +65,7 @@
     
       
".__("What's new:")."

Changelog:
".$changelog."
".__("This only admin see after myVesta upgrade, and will dissapear on next refresh.")."
".__("Check out our")." ".__("new site, wiki and forum").".

";
+          echo "

".__("What's new:")."

Changelog:
".$changelog."
".__("This only admin see after myVesta upgrade, and will dissapear on next refresh.")."
".__("Check out our")." ".__("new site, wiki and forum").".

";
         
         foreach ($data as $key => $value) {
           ++$i;

From ff053aacc9c6ac6c250288cf79778b67e9d0f580 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 18 Jul 2020 00:03:30 +0200
Subject: [PATCH 1159/2300] check_if_database_exists() funtion created

---
 func/db.sh | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/func/db.sh b/func/db.sh
index 30018065..1b48d122 100644
--- a/func/db.sh
+++ b/func/db.sh
@@ -464,3 +464,27 @@ delete_pgsql_user() {
     query="DROP ROLE $old_dbuser"
     psql_query "$query" > /dev/null
 }
+
+# Get database name without user prefix
+get_database_name_without_user_prefix() {
+    user=$1
+    db=$2
+    user_len=${#user}
+    user_len=$((user_len+1))
+    echo ${db:user_len}
+}
+
+# Check if database exists
+check_if_database_exists() {
+    USER_DATA_PATH=$VESTA/data/users/$1
+    if [ ! -d "$USER_DATA_PATH" ]; then
+        echo "no"
+        return;
+    fi
+    counter=$(grep -c "DB='$2'" $USER_DATA_PATH/db.conf)
+    if [ "$counter" = "0" ]; then
+        echo "no"
+    else
+        echo "yes"
+    fi
+}

From e263e64e397256fbe6c575ff048e915d0966bbfb Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 18 Jul 2020 00:04:26 +0200
Subject: [PATCH 1160/2300] Moving get_database_name_without_user_prefix()
 function to db.sh

---
 func/main.sh | 8 --------
 1 file changed, 8 deletions(-)

diff --git a/func/main.sh b/func/main.sh
index cdb76484..7d0f48f1 100644
--- a/func/main.sh
+++ b/func/main.sh
@@ -1057,11 +1057,3 @@ replace_php_config_value() {
     sed -i "s|=$1$|=$2|g" $3
     sed -i "s|= $1$|= $2|g" $3
 }
-
-get_database_name_without_user_prefix() {
-    user=$1
-    db=$2
-    user_len=${#user}
-    user_len=$((user_len+1))
-    echo ${db:user_len}
-}

From 40fe1a5fa29db30b727fc21369d1fa4db8736370 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 18 Jul 2020 00:07:47 +0200
Subject: [PATCH 1161/2300] Update v-get-database-credentials-of-domain

---
 bin/v-get-database-credentials-of-domain | 1 +
 1 file changed, 1 insertion(+)

diff --git a/bin/v-get-database-credentials-of-domain b/bin/v-get-database-credentials-of-domain
index 8e3778c2..c0319511 100644
--- a/bin/v-get-database-credentials-of-domain
+++ b/bin/v-get-database-credentials-of-domain
@@ -21,6 +21,7 @@ source /etc/profile
 
 # Includes
 source /usr/local/vesta/func/main.sh
+source /usr/local/vesta/func/db.sh
 
 #----------------------------------------------------------#
 #                    Verifications                         #

From 32e87ecde1f70bc2c25271066aa5691be3a5a444 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 18 Jul 2020 00:35:19 +0200
Subject: [PATCH 1162/2300] Update v-install-wordpress

---
 bin/v-install-wordpress | 102 +++++++++++++++++++++++++---------------
 1 file changed, 63 insertions(+), 39 deletions(-)

diff --git a/bin/v-install-wordpress b/bin/v-install-wordpress
index 13c4b6b5..191fbc56 100644
--- a/bin/v-install-wordpress
+++ b/bin/v-install-wordpress
@@ -1,23 +1,19 @@
 #!/bin/bash
-
-# WordPress installer in one command line
+# info: WordPress installer in one command line
+# options: DOMAIN USER
+#
 # Credits to Luka Paunović for wp-cli implememtation
 
-if [ $# -lt 1 ]; then
-    echo usage: v-install-wordpress domain [db_name] [email]
-    exit 1
-fi
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
 
+# Argument definition
 domain=$1
 
-PATH=$PATH:/usr/local/vesta/bin
-export PATH
-
-user=$(/usr/local/vesta/bin/v-search-domain-owner $domain)
-
-START_DB="wp";
+database="wp";
 if [ $# -gt 1 ]; then
-    START_DB=$2
+    database=$2
 fi
 
 email="info@$domain";
@@ -25,6 +21,27 @@ if [ $# -gt 2 ]; then
     email=$3
 fi
 
+user=$(/usr/local/vesta/bin/v-search-domain-owner $domain)
+if [ -z "$user" ]; then
+    check_result $E_NOTEXIST "domain $domain doesn't exist"
+fi
+
+# Importing system environment
+source /etc/profile
+
+# Includes
+source /usr/local/vesta/func/main.sh
+source /usr/local/vesta/func/db.sh
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '1' "$#" 'DOMAIN [DB_NAME] [EMAIL]'
+is_format_valid 'domain' 'database' 'email'
+is_object_valid 'user' 'USER' "$user"
+is_object_unsuspended 'user' 'USER' "$user"
+
 if [ ! -d "/home/$user" ]; then
     echo "User doesn't exist";
     exit 1;
@@ -35,15 +52,20 @@ if [ ! -d "/home/$user/web/$domain/public_html" ]; then
     exit 1;
 fi
 
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
 PROTOCOL='http'
 if [ ! -f "/home/$user/conf/web/ssl.$domain.ca" ]; then
-    v-add-letsencrypt-domain "$user" "$domain" "www.$domain" "yes"
+    /usr/local/vesta/bin/v-add-letsencrypt-domain "$user" "$domain" "www.$domain" "yes"
 fi
 
 if [ -f "/home/$user/conf/web/ssl.$domain.ca" ]; then
     PROTOCOL='https'
     if [ -f "/usr/local/vesta/data/templates/web/nginx/force-https.stpl" ]; then
-        v-change-web-domain-proxy-tpl  "$user" "$domain" "force-https" "jpeg,jpg,png,gif,bmp,ico,svg,tif,tiff,css,js,ttf,otf,webp,txt,csv,rtf,doc,docx,xls,xlsx,ppt,pptx,odf,odp,ods,odt,pdf,psd,ai,eot,eps,ps,zip,tar,tgz,gz,rar,bz2,7z,aac,m4a,mp3,mp4,ogg,wav,wma,3gp,avi,flv,m4v,mkv,mov,mpeg,mpg,wmv,exe,iso,dmg,swf,woff,woff2" "yes"
+        /usr/local/vesta/bin/v-change-web-domain-proxy-tpl  "$user" "$domain" "force-https" "jpeg,jpg,png,gif,bmp,ico,svg,tif,tiff,css,js,ttf,otf,webp,txt,csv,rtf,doc,docx,xls,xlsx,ppt,pptx,odf,odp,ods,odt,pdf,psd,ai,eot,eps,ps,zip,tar,tgz,gz,rar,bz2,7z,aac,m4a,mp3,mp4,ogg,wav,wma,3gp,avi,flv,m4v,mkv,mov,mpeg,mpg,wmv,exe,iso,dmg,swf,woff,woff2" "yes"
     fi
 fi
 
@@ -51,32 +73,31 @@ WORKINGDIR="/home/$user/web/$domain/public_html"
 
 rm -rf $WORKINGDIR/*
 
-DBUSERSUF="$START_DB";
-DBUSERSUFB="$START_DB";
+DBUSERSUF="$database";
+DBUSERSUFB="$database";
 DBUSER=$user\_$DBUSERSUFB;
-DB_OK=0;
-if [ ! -d "/var/lib/mysql/$DBUSER" ]; then
-    DB_OK=1;
-fi
+DB_EXISTS=$(check_if_database_exists "$user" "$DBUSER")
 
-if [ "$DB_OK" -eq "0" ]; then
-i=1;
-while [ $i -lt 99 ]
-do
-i=$((i+1));
-DBUSERSUF="${DBUSERSUFB}${i}";
-DBUSER=$user\_$DBUSERSUF;
-if [ ! -d "/var/lib/mysql/$DBUSER" ]; then
-break;
-fi
-done
+if [ "$DB_EXISTS" = "yes" ]; then
+    i=1;
+    while [ $i -lt 99 ]; do
+        i=$((i+1));
+        DBUSERSUF="${DBUSERSUFB}${i}";
+        DBUSER=$user\_$DBUSERSUF;
+        DB_EXISTS=$(check_if_database_exists "$user" "$DBUSER")
+        if [ "$DB_EXISTS" = "no" ]; then
+            break;
+        fi
+    done
 fi
 
 PASSWDDB=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 8 | head -n 1)
 
-v-add-database $user $DBUSERSUF $DBUSERSUF $PASSWDDB mysql
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
 
-cd /home/$user
+/usr/local/vesta/bin/v-add-database "$user" "$DBUSERSUF" "$DBUSERSUF" "$PASSWDDB" "mysql"
 
 if [ ! -f "/usr/local/bin/wp" ]; then
     echo "=== Downloading latest wp-cli"
@@ -93,12 +114,8 @@ password=$(LC_CTYPE=C tr -dc A-Za-z0-9_\!\@\#\$\%\^\&\*\(\)-+= < /dev/urandom |
 
 sudo -H -u$user wp core install --url="$domain" --title="$domain" --admin_user="admin" --admin_password="$password" --admin_email="$email" --path=$WORKINGDIR
 
-#FIX za https://github.com/wp-cli/wp-cli/issues/2632
-
 mysql -u$DBUSER -p$PASSWDDB -e "USE $DBUSER; update wp_options set option_value = '$PROTOCOL://$domain' where option_name = 'siteurl'; update wp_options set option_value = '$PROTOCOL://$domain' where option_name = 'home';"
 
-# clear
-
 echo "================================================================="
 echo "Installation is complete. Your username/password is listed below."
 echo ""
@@ -112,5 +129,12 @@ echo "================================================================="
 
 chown -R $user:$user $WORKINGDIR
 
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
 echo "v-install-wordpress: Done."
-exit 0
+
+log_event "$OK" "$ARGUMENTS"
+
+exit

From 6a2709d9e01d73e8158ca916ee08da0385a8a07c Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 18 Jul 2020 00:41:56 +0200
Subject: [PATCH 1163/2300] Update v-install-wordpress

---
 bin/v-install-wordpress | 39 ++++++++++++++++-----------------------
 1 file changed, 16 insertions(+), 23 deletions(-)

diff --git a/bin/v-install-wordpress b/bin/v-install-wordpress
index 191fbc56..b5578dc9 100644
--- a/bin/v-install-wordpress
+++ b/bin/v-install-wordpress
@@ -52,27 +52,6 @@ if [ ! -d "/home/$user/web/$domain/public_html" ]; then
     exit 1;
 fi
 
-
-#----------------------------------------------------------#
-#                       Action                             #
-#----------------------------------------------------------#
-
-PROTOCOL='http'
-if [ ! -f "/home/$user/conf/web/ssl.$domain.ca" ]; then
-    /usr/local/vesta/bin/v-add-letsencrypt-domain "$user" "$domain" "www.$domain" "yes"
-fi
-
-if [ -f "/home/$user/conf/web/ssl.$domain.ca" ]; then
-    PROTOCOL='https'
-    if [ -f "/usr/local/vesta/data/templates/web/nginx/force-https.stpl" ]; then
-        /usr/local/vesta/bin/v-change-web-domain-proxy-tpl  "$user" "$domain" "force-https" "jpeg,jpg,png,gif,bmp,ico,svg,tif,tiff,css,js,ttf,otf,webp,txt,csv,rtf,doc,docx,xls,xlsx,ppt,pptx,odf,odp,ods,odt,pdf,psd,ai,eot,eps,ps,zip,tar,tgz,gz,rar,bz2,7z,aac,m4a,mp3,mp4,ogg,wav,wma,3gp,avi,flv,m4v,mkv,mov,mpeg,mpg,wmv,exe,iso,dmg,swf,woff,woff2" "yes"
-    fi
-fi
-
-WORKINGDIR="/home/$user/web/$domain/public_html"
-
-rm -rf $WORKINGDIR/*
-
 DBUSERSUF="$database";
 DBUSERSUFB="$database";
 DBUSER=$user\_$DBUSERSUFB;
@@ -97,6 +76,18 @@ PASSWDDB=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 8 | head -n 1)
 #                       Action                             #
 #----------------------------------------------------------#
 
+PROTOCOL='http'
+if [ ! -f "/home/$user/conf/web/ssl.$domain.ca" ]; then
+    /usr/local/vesta/bin/v-add-letsencrypt-domain "$user" "$domain" "www.$domain" "yes"
+fi
+
+if [ -f "/home/$user/conf/web/ssl.$domain.ca" ]; then
+    PROTOCOL='https'
+    if [ -f "/usr/local/vesta/data/templates/web/nginx/force-https.stpl" ]; then
+        /usr/local/vesta/bin/v-change-web-domain-proxy-tpl  "$user" "$domain" "force-https" "jpeg,jpg,png,gif,bmp,ico,svg,tif,tiff,css,js,ttf,otf,webp,txt,csv,rtf,doc,docx,xls,xlsx,ppt,pptx,odf,odp,ods,odt,pdf,psd,ai,eot,eps,ps,zip,tar,tgz,gz,rar,bz2,7z,aac,m4a,mp3,mp4,ogg,wav,wma,3gp,avi,flv,m4v,mkv,mov,mpeg,mpg,wmv,exe,iso,dmg,swf,woff,woff2" "yes"
+    fi
+fi
+
 /usr/local/vesta/bin/v-add-database "$user" "$DBUSERSUF" "$DBUSERSUF" "$PASSWDDB" "mysql"
 
 if [ ! -f "/usr/local/bin/wp" ]; then
@@ -104,8 +95,10 @@ if [ ! -f "/usr/local/bin/wp" ]; then
     wget -nv https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar -O /usr/local/bin/wp
     chmod +x /usr/local/bin/wp
 fi
-    
-cd /home/$user/web/$domain/public_html
+
+WORKINGDIR="/home/$user/web/$domain/public_html"
+rm -rf $WORKINGDIR/*
+cd $WORKINGDIR
 
 sudo -H -u$user wp core download
 sudo -H -u$user wp core config --dbname=$DBUSER --dbuser=$DBUSER --dbpass=$PASSWDDB

From aefa55335130b56fab4e5624fff347cec2ef52d9 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 18 Jul 2020 00:43:10 +0200
Subject: [PATCH 1164/2300] Update v-move-domain-and-database-to-account

---
 bin/v-move-domain-and-database-to-account | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/bin/v-move-domain-and-database-to-account b/bin/v-move-domain-and-database-to-account
index 7257f41d..c8d1eb78 100644
--- a/bin/v-move-domain-and-database-to-account
+++ b/bin/v-move-domain-and-database-to-account
@@ -4,7 +4,6 @@
 #
 # The function of changing domain and database ownership.
 
-
 #----------------------------------------------------------#
 #                    Variable&Function                     #
 #----------------------------------------------------------#
@@ -19,7 +18,6 @@ source /etc/profile
 # Includes
 source /usr/local/vesta/func/main.sh
 
-
 #----------------------------------------------------------#
 #                    Verifications                         #
 #----------------------------------------------------------#
@@ -42,6 +40,8 @@ USER_TO=$user
 #                       Action                             #
 #----------------------------------------------------------#
 
+RET=$OK
+
 echo "================================="
 r=$(/usr/local/vesta/bin/v-get-database-credentials-of-domain $domain)
 echo $r
@@ -53,6 +53,7 @@ if [ ! -z "$DATABASE_NAME" ]; then
     /usr/local/vesta/bin/v-change-database-owner $DATABASE_NAME $USER_TO
     if [ $? -ne 0 ]; then
         echo "=== v-change-database-owner failed"
+        RET=$E_NOTEXIST
     fi
 
     if [ ! -z "$DATABASE_USERNAME" ] && [ ! -z "$CONFIG_FILE_FULL_PATH" ]; then
@@ -74,4 +75,13 @@ echo "=== v-change-domain-owner $domain $USER_TO"
 /usr/local/vesta/bin/v-change-domain-owner $domain $USER_TO
 if [ $? -ne 0 ]; then
     echo "=== v-change-domain-owner failed"
+    RET=$E_NOTEXIST
 fi
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+log_event "$OK" "$ARGUMENTS"
+
+exit

From d91e68d316dc478963589646dbb2352ab81cd756 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 18 Jul 2020 00:43:43 +0200
Subject: [PATCH 1165/2300] Update v-move-domain-and-database-to-account

---
 bin/v-move-domain-and-database-to-account | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-move-domain-and-database-to-account b/bin/v-move-domain-and-database-to-account
index c8d1eb78..4c2811de 100644
--- a/bin/v-move-domain-and-database-to-account
+++ b/bin/v-move-domain-and-database-to-account
@@ -82,6 +82,6 @@ fi
 #                       Vesta                              #
 #----------------------------------------------------------#
 
-log_event "$OK" "$ARGUMENTS"
+log_event "$RET" "$ARGUMENTS"
 
 exit

From ae8eb40ef420e4033dd010de9525406953ddc39d Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 18 Jul 2020 02:37:39 +0200
Subject: [PATCH 1166/2300] Update v-get-database-credentials-of-domain

---
 bin/v-get-database-credentials-of-domain | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/bin/v-get-database-credentials-of-domain b/bin/v-get-database-credentials-of-domain
index c0319511..811527ca 100644
--- a/bin/v-get-database-credentials-of-domain
+++ b/bin/v-get-database-credentials-of-domain
@@ -119,6 +119,9 @@ echo "DATABASE_HOSTNAME=$DATABASE_HOSTNAME"
 CONFIG_FILE_FULL_PATH=$(escape_shell_quote $CONFIG_FILE_FULL_PATH)
 echo "CONFIG_FILE_FULL_PATH=$CONFIG_FILE_FULL_PATH"
 
+CONFIG_FILE=$(escape_shell_quote $CONFIG_FILE)
+echo "CONFIG_FILE=$CONFIG_FILE"
+
 CMS_TYPE=$(escape_shell_quote $CMS_TYPE)
 echo "CMS_TYPE=$CMS_TYPE"
 

From ec1ab55e0203edc7c0930943c24c841f6dea557e Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 19 Jul 2020 00:44:00 +0200
Subject: [PATCH 1167/2300] Adapting v-migrate-site-to-https to new myVesta
 functions

---
 bin/v-migrate-site-to-https | 188 ++++++++++++++++++++----------------
 1 file changed, 105 insertions(+), 83 deletions(-)

diff --git a/bin/v-migrate-site-to-https b/bin/v-migrate-site-to-https
index 5831c8ea..09662760 100644
--- a/bin/v-migrate-site-to-https
+++ b/bin/v-migrate-site-to-https
@@ -1,98 +1,112 @@
 #!/bin/bash
-
+# info: migrate site to https
+# options: DOMAIN [DATABASE_NAME] [DATABASE_USERNAME] [DATABASE_PASSWORD]
+#
 # Tool that will replace http to https URLs in database, install SSL and switch to force-https proxy template
 # Automatic detection of WordPress, automaticaly read DB user, DB name and DB pass.
 
-if [ $# -lt 1 ]; then
-    echo "USAGE: v-migrate-site-to-https DOMAIN [DATABASE_NAME] [DATABASE_USERNAME] [DATABASE_PASSWORD]"
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument definition
+domain=$1
+
+user=$(/usr/local/vesta/bin/v-search-domain-owner $domain)
+if [ -z "$user" ]; then
+    echo "domain $domain doesn't exist"
     exit 1
 fi
 
-FROM_DOMAIN=''
+# Importing system environment
+source /etc/profile
+
+# Includes
+source /usr/local/vesta/func/main.sh
+source /usr/local/vesta/func/db.sh
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '1' "$#" 'DOMAIN'
+is_format_valid 'domain' 'user'
+is_object_valid 'user' 'USER' "$user"
+is_object_unsuspended 'user' 'USER' "$user"
+
 FROM_DATABASE_NAME=''
 FROM_DATABASE_USERNAME=''
 FROM_DATABASE_PASSWORD=''
 
-if [ -z "$VESTA" ]; then
-    VESTA="/usr/local/vesta"
-fi
+FROM_DOMAIN=$domain
+FROM_USER=$user
 
-if [ -z "$1" ]; then
-    echo "Error: DOMAIN is empty"
+r=$(/usr/local/vesta/bin/v-get-database-credentials-of-domain $FROM_DOMAIN)
+# echo $r
+eval $r
+
+############################
+# handle --parameters=val
+handle_parameter() {
+    origparam=$1
+    searchstring="="
+    paramminuses=${origparam:0:2}
+    if [ "$paramminuses" = "--" ]; then
+        var_without_minuses=${origparam:2}
+        var=${var_without_minuses%%=*}
+        val=${origparam#*$searchstring}
+        #echo $var
+        #echo $val
+        printf -v "$var" '%s' "$val"
+    fi
+}
+numargs=$#
+for ((i=1 ; i <= numargs ; i++))
+do
+    handle_parameter $1
+    shift
+done
+############################
+
+FROM_CONFIG_FILE=$CONFIG_FILE
+FROM_CONFIG_FILE_FULL_PATH=$CONFIG_FILE_FULL_PATH
+if [ ! -f "$FROM_CONFIG_FILE_FULL_PATH" ]; then
+    echo "Error: CONFIG_FILE_FULL_PATH $FROM_CONFIG_FILE_FULL_PATH does not exists"
     exit 2
 fi
 
-FROM_DOMAIN=$1
-FROM_USER=$($VESTA/bin/v-search-domain-owner "$FROM_DOMAIN")
-if [ -z "$FROM_USER" ]; then
-    echo "Error: domain $FROM_DOMAIN does not exists"
-    exit 4
-fi
-
-FROM_FOLDER="/home/$FROM_USER/web/$FROM_DOMAIN/public_html"
-CHECK_PUBLIC_SHTML=$($VESTA/bin/v-list-web-domain "$FROM_USER" "$FROM_DOMAIN" | grep 'SSL:' | grep -c 'single')
-if [ $CHECK_PUBLIC_SHTML -eq 1 ]; then
-    FROM_FOLDER="/home/$FROM_USER/web/$FROM_DOMAIN/public_shtml"
-fi
-
-FROM_CONFIG_FILE="wp-config.php"
-FROM_CONFIG_FILE_FULL_PATH="$FROM_FOLDER/$FROM_CONFIG_FILE"
-if [ ! -f "$FROM_CONFIG_FILE_FULL_PATH" ]; then
-    echo "Error: CONFIG_FILE_FULL_PATH $FROM_CONFIG_FILE_FULL_PATH does not exists"
-    exit 5
-fi
-
 IT_IS_WP=0
-if [ -f "$FROM_FOLDER/wp-config.php" ]; then
+if [ "$CMS_TYPE" = "wordpress" ]; then
     IT_IS_WP=1
 fi
 
-if [ $IT_IS_WP -eq 1 ]; then
-    FROM_CONFIG_FILE_FULL_PATH_BACKUP="${FROM_CONFIG_FILE_FULL_PATH}_backup"
-    cp $FROM_CONFIG_FILE_FULL_PATH $FROM_CONFIG_FILE_FULL_PATH_BACKUP
-    sed -i "s|//.*$||g" $FROM_CONFIG_FILE_FULL_PATH_BACKUP
-    if [ -z "$FROM_DATABASE_NAME" ]; then
-        sed -i "s|('|( '|g" $FROM_CONFIG_FILE_FULL_PATH_BACKUP
-        sed -i "s|');|' );|g" $FROM_CONFIG_FILE_FULL_PATH_BACKUP
-        FROM_DATABASE_NAME=$(grep 'DB_NAME' $FROM_CONFIG_FILE_FULL_PATH_BACKUP | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
-    fi
+if [ -z "$FROM_DATABASE_NAME" ]; then
+    FROM_DATABASE_NAME=$DATABASE_NAME
+fi
+if [ -z "$FROM_DATABASE_USERNAME" ]; then
+    FROM_DATABASE_USERNAME=$DATABASE_USERNAME
+fi
+if [ -z "$FROM_DATABASE_PASSWORD" ]; then
+    FROM_DATABASE_PASSWORD=$DATABASE_PASSWORD
+fi
 
-    FROM_DATABASE_USERNAME=$(grep 'DB_USER' $FROM_CONFIG_FILE_FULL_PATH_BACKUP | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
-    FROM_DATABASE_PASSWORD=$(grep 'DB_PASSWORD' $FROM_CONFIG_FILE_FULL_PATH_BACKUP | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
-    rm $FROM_CONFIG_FILE_FULL_PATH_BACKUP
-fi
-if [ $# -ge 2 ]; then
-    if [ ! -z "$2" ]; then
-        FROM_DATABASE_NAME=$3
-    fi
-fi
-if [ $# -ge 3 ]; then
-    if [ ! -z "$3" ]; then
-        FROM_DATABASE_USERNAME=$4
-    fi
-fi
-if [ $# -ge 4 ]; then
-    if [ ! -z "$4" ]; then
-        FROM_DATABASE_PASSWORD=$5
-    fi
-fi
 if [ -z "$FROM_DATABASE_NAME" ]; then
     echo "Error: DATABASE_NAME is empty"
-    exit 6
+    exit 3
 fi
 if [ -z "$FROM_DATABASE_USERNAME" ]; then
     echo "Error: DATABASE_USERNAME is empty"
-    exit 7
+    exit 4
 fi
 if [ -z "$FROM_DATABASE_PASSWORD" ]; then
     echo "Error: DATABASE_PASSWORD is empty"
-    exit 8
+    exit 5
 fi
 
-object=$(grep "DB='$FROM_DATABASE_NAME'" $VESTA/data/users/$FROM_USER/db.conf)
-if [ -z "$object" ]; then
+DB_EXISTS=$(check_if_database_exists "$user" "$FROM_DATABASE_NAME")
+if [ "$DB_EXISTS" = "no" ]; then
     echo "Error: database $FROM_DATABASE_NAME does not exists"
-    exit 9
+    exit 6
 fi
 
 # ----------- CHECK -------------
@@ -105,11 +119,11 @@ TO_REPLACE2="https://www.$FROM_DOMAIN"
 if [ $IT_IS_WP -eq 0 ]; then
     if [ ! -f "/root/Search-Replace-DB-master/srdb.cli.php" ]; then
         echo "Please download https://interconnectit.com/products/search-and-replace-for-wordpress-databases/ and extract to /root/Search-Replace-DB-master/"
-        exit 13
+        exit 7
     fi
     if [ ! -f "/usr/bin/php7.0" ]; then
         echo "Please download https://c.myvestacp.com/tools/multi-php-install.sh and install php 7.0"
-        exit 14
+        exit 8
     fi
 else
     if [ ! -f "/usr/local/bin/wp" ]; then
@@ -129,40 +143,39 @@ echo "TO_REPLACE1   = $TO_REPLACE1"
 echo "FROM_REPLACE2 = $FROM_REPLACE2"
 echo "TO_REPLACE2   = $TO_REPLACE2"
 echo "----"
-echo "FROM_DOMAIN = $FROM_DOMAIN"
-echo "FROM_USER   = $FROM_USER"
-echo "FROM_FOLDER = $FROM_FOLDER"
+echo "DOMAIN = $FROM_DOMAIN"
+echo "USER   = $FROM_USER"
+echo "SITE_FOLDER = $SITE_FOLDER"
 echo "IT_IS_WP = $IT_IS_WP"
-echo "FROM_CONFIG_FILE_FULL_PATH = $FROM_CONFIG_FILE_FULL_PATH"
-echo "FROM_DATABASE_NAME     = $FROM_DATABASE_NAME"
-echo "FROM_DATABASE_USERNAME = $FROM_DATABASE_USERNAME"
-echo "FROM_DATABASE_PASSWORD = $FROM_DATABASE_PASSWORD"
+echo "CONFIG_FILE_FULL_PATH = $FROM_CONFIG_FILE_FULL_PATH"
+echo "DATABASE_NAME     = $FROM_DATABASE_NAME"
+echo "DATABASE_USERNAME = $FROM_DATABASE_USERNAME"
+echo "DATABASE_PASSWORD = $FROM_DATABASE_PASSWORD"
 echo "==============================================================================="
 read -p "=== Press Enter to continue ==="
 
 
-# ----------- ACTION -------------
-
-domain=$FROM_DOMAIN
-user=$FROM_USER
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
 
 if [ ! -f "/home/$user/conf/web/ssl.$domain.ca" ]; then
-    v-add-letsencrypt-domain "$user" "$domain" "www.$domain" "yes"
+    /usr/local/vesta/bin/v-add-letsencrypt-domain "$user" "$domain" "www.$domain" "yes"
 fi
 if [ -f "/home/$user/conf/web/ssl.$domain.ca" ]; then
     if [ -f "/usr/local/vesta/data/templates/web/nginx/force-https.stpl" ]; then
-        v-change-web-domain-proxy-tpl  "$user" "$domain" "force-https" "jpeg,jpg,png,gif,bmp,ico,svg,tif,tiff,css,js,ttf,otf,webp,txt,csv,rtf,doc,docx,xls,xlsx,ppt,pptx,odf,odp,ods,odt,pdf,psd,ai,eot,eps,ps,zip,tar,tgz,gz,rar,bz2,7z,aac,m4a,mp3,mp4,ogg,wav,wma,3gp,avi,flv,m4v,mkv,mov,mpeg,mpg,wmv,exe,iso,dmg,swf,woff,woff2" "yes"
+        /usr/local/vesta/bin/v-change-web-domain-proxy-tpl  "$user" "$domain" "force-https" "jpeg,jpg,png,gif,bmp,ico,svg,tif,tiff,css,js,ttf,otf,webp,txt,csv,rtf,doc,docx,xls,xlsx,ppt,pptx,odf,odp,ods,odt,pdf,psd,ai,eot,eps,ps,zip,tar,tgz,gz,rar,bz2,7z,aac,m4a,mp3,mp4,ogg,wav,wma,3gp,avi,flv,m4v,mkv,mov,mpeg,mpg,wmv,exe,iso,dmg,swf,woff,woff2" "yes"
     fi
 else
     echo "Error: Can not generate SSL."
-    exit 20
+    exit 9
 fi
 
 echo "=== Replacing $FROM_REPLACE1 to $TO_REPLACE1 in folder $TO_FOLDER"
-grep -rl "$FROM_DOMAIN" $FROM_FOLDER | xargs sed -i "s#$FROM_REPLACE1#$TO_REPLACE1#g"
+grep -rl "$FROM_DOMAIN" $SITE_FOLDER | xargs sed -i "s#$FROM_REPLACE1#$TO_REPLACE1#g"
 
 echo "=== Replacing $FROM_REPLACE2 to $TO_REPLACE2 in folder $TO_FOLDER"
-grep -rl "$FROM_DOMAIN" $FROM_FOLDER | xargs sed -i "s#$FROM_REPLACE2#$TO_REPLACE2#g"
+grep -rl "$FROM_DOMAIN" $SITE_FOLDER | xargs sed -i "s#$FROM_REPLACE2#$TO_REPLACE2#g"
 
 if [ $IT_IS_WP -eq 0 ]; then
     echo "=== Replacing $FROM_REPLACE1 to $TO_REPLACE1 in database $FROM_DATABASE_NAME"
@@ -170,7 +183,7 @@ if [ $IT_IS_WP -eq 0 ]; then
     echo "=== Replacing $FROM_REPLACE2 to $TO_REPLACE2 in database $FROM_DATABASE_NAME"
     php7.0 /root/Search-Replace-DB-master/srdb.cli.php -h localhost -n "$FROM_DATABASE_NAME" -u "$FROM_DATABASE_USERNAME" -p "$FROM_DATABASE_PASSWORD" -s "$FROM_REPLACE2" -r "$TO_REPLACE2"
 else
-    cd $FROM_FOLDER
+    cd $SITE_FOLDER
     echo "=== Replacing $FROM_REPLACE1 to $TO_REPLACE1 in database $FROM_DATABASE_NAME"
     sudo -H -u$FROM_USER wp search-replace "$FROM_REPLACE1" "$TO_REPLACE1" --precise --all-tables --skip-columns=guid
     echo "=== Replacing $FROM_REPLACE2 to $TO_REPLACE2 in database $FROM_DATABASE_NAME"
@@ -179,3 +192,12 @@ fi
 
 echo "===== DONE ===="
 echo "You can visit $TO_REPLACE1"
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+# Logging
+log_event "$OK" "$ARGUMENTS"
+
+exit

From 79357d20770e8480a3a93cc1ad598089a40a09b0 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 19 Jul 2020 00:47:46 +0200
Subject: [PATCH 1168/2300] Update v-migrate-site-to-https

---
 bin/v-migrate-site-to-https | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/bin/v-migrate-site-to-https b/bin/v-migrate-site-to-https
index 09662760..fd1d64c8 100644
--- a/bin/v-migrate-site-to-https
+++ b/bin/v-migrate-site-to-https
@@ -1,9 +1,9 @@
 #!/bin/bash
 # info: migrate site to https
-# options: DOMAIN [DATABASE_NAME] [DATABASE_USERNAME] [DATABASE_PASSWORD]
+# options: DOMAIN [--DATABASE_NAME=...] [--DATABASE_USERNAME=...] [--DATABASE_PASSWORD=...]
 #
 # Tool that will replace http to https URLs in database, install SSL and switch to force-https proxy template
-# Automatic detection of WordPress, automaticaly read DB user, DB name and DB pass.
+# Automatic detection of CMS, automaticaly read DB user, DB name and DB pass.
 
 #----------------------------------------------------------#
 #                    Variable&Function                     #
@@ -29,7 +29,7 @@ source /usr/local/vesta/func/db.sh
 #                    Verifications                         #
 #----------------------------------------------------------#
 
-check_args '1' "$#" 'DOMAIN'
+check_args '1' "$#" 'DOMAIN [--DATABASE_NAME=...] [--DATABASE_USERNAME=...] [--DATABASE_PASSWORD=...]'
 is_format_valid 'domain' 'user'
 is_object_valid 'user' 'USER' "$user"
 is_object_unsuspended 'user' 'USER' "$user"

From e5b3ef9b0379e6b6cdb3317b72652ba15b7b1f44 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 19 Jul 2020 01:36:57 +0200
Subject: [PATCH 1169/2300] introducing vesta_generate_pass() function

---
 func/main.sh | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/func/main.sh b/func/main.sh
index 7d0f48f1..704e5446 100644
--- a/func/main.sh
+++ b/func/main.sh
@@ -1057,3 +1057,17 @@ replace_php_config_value() {
     sed -i "s|=$1$|=$2|g" $3
     sed -i "s|= $1$|= $2|g" $3
 }
+
+# Defining password-gen function
+vesta_generate_pass() {
+    MATRIX='0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'
+    LENGTH=32
+    if [ $# -gt 0 ] && [ $1 != "" ]; then
+        LENGTH=$1
+    fi
+    while [ ${n:=1} -le $LENGTH ]; do
+        PASS="$PASS${MATRIX:$(($RANDOM%${#MATRIX})):1}"
+        let n+=1
+    done
+    echo "$PASS"
+}

From f761d0b3230b3e684ec5c9d967ce24da0bd31ae9 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 19 Jul 2020 01:43:59 +0200
Subject: [PATCH 1170/2300] Create handle_parameters.sh

---
 func/handle_parameters.sh | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100644 func/handle_parameters.sh

diff --git a/func/handle_parameters.sh b/func/handle_parameters.sh
new file mode 100644
index 00000000..ba5bd36f
--- /dev/null
+++ b/func/handle_parameters.sh
@@ -0,0 +1,20 @@
+# handle --parameters=val
+handle_parameter() {
+    origparam=$1
+    searchstring="="
+    paramminuses=${origparam:0:2}
+    if [ "$paramminuses" = "--" ]; then
+        var_without_minuses=${origparam:2}
+        var=${var_without_minuses%%=*}
+        val=${origparam#*$searchstring}
+        #echo $var
+        #echo $val
+        printf -v "$var" '%s' "$val"
+    fi
+}
+numargs=$#
+for ((i=1 ; i <= numargs ; i++))
+do
+    handle_parameter $1
+    shift
+done

From 4079e83cfb4c1c1505fa3cc12d613cd3a1a43f58 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 19 Jul 2020 01:49:16 +0200
Subject: [PATCH 1171/2300] Update v-migrate-site-to-https

---
 bin/v-migrate-site-to-https | 23 +----------------------
 1 file changed, 1 insertion(+), 22 deletions(-)

diff --git a/bin/v-migrate-site-to-https b/bin/v-migrate-site-to-https
index fd1d64c8..410855c6 100644
--- a/bin/v-migrate-site-to-https
+++ b/bin/v-migrate-site-to-https
@@ -45,28 +45,7 @@ r=$(/usr/local/vesta/bin/v-get-database-credentials-of-domain $FROM_DOMAIN)
 # echo $r
 eval $r
 
-############################
-# handle --parameters=val
-handle_parameter() {
-    origparam=$1
-    searchstring="="
-    paramminuses=${origparam:0:2}
-    if [ "$paramminuses" = "--" ]; then
-        var_without_minuses=${origparam:2}
-        var=${var_without_minuses%%=*}
-        val=${origparam#*$searchstring}
-        #echo $var
-        #echo $val
-        printf -v "$var" '%s' "$val"
-    fi
-}
-numargs=$#
-for ((i=1 ; i <= numargs ; i++))
-do
-    handle_parameter $1
-    shift
-done
-############################
+source /usr/local/vesta/func/handle_parameters.sh
 
 FROM_CONFIG_FILE=$CONFIG_FILE
 FROM_CONFIG_FILE_FULL_PATH=$CONFIG_FILE_FULL_PATH

From 10632f914310c7cbe4d3cdcf4df1e05adf75a692 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 19 Jul 2020 02:32:03 +0200
Subject: [PATCH 1172/2300] Update v-clone-website

---
 bin/v-clone-website | 167 ++++++++++++++------------------------------
 1 file changed, 53 insertions(+), 114 deletions(-)

diff --git a/bin/v-clone-website b/bin/v-clone-website
index 3312c76c..a92788d6 100644
--- a/bin/v-clone-website
+++ b/bin/v-clone-website
@@ -26,14 +26,22 @@ fi
 #                    Variable&Function                     #
 #----------------------------------------------------------#
 
+FROM_DOMAIN=$1
+TO_DOMAIN=$2
+
+user=$(/usr/local/vesta/bin/v-search-domain-owner "$FROM_DOMAIN")
+if [ -z "$user" ]; then
+    echo "Error: domain $FROM_DOMAIN does not exists"
+    exit 2
+fi
+
 # Importing system environment
 source /etc/profile
 
 # Includes
 source /usr/local/vesta/func/main.sh
+source /usr/local/vesta/func/db.sh
 
-FROM_DOMAIN=''
-TO_DOMAIN=''
 FROM_DATABASE_NAME=''
 FROM_DATABASE_USERNAME=''
 FROM_DATABASE_PASSWORD=''
@@ -43,130 +51,76 @@ TO_DATABASE_USERNAME=''
 TO_DATABASE_PASSWORD=''
 DATABASE_SUFIX='_migrated'
 
-FROM_DOMAIN=$1
-TO_DOMAIN=$2
+source /usr/local/vesta/func/handle_parameters.sh
 
 #----------------------------------------------------------#
 #                    Verifications                         #
 #----------------------------------------------------------#
 
-check_args '2' "$#" 'FROM_DOMAIN TO_DOMAIN'
+# check_args '2' "$#" 'FROM_DOMAIN TO_DOMAIN'
 is_domain_format_valid "$FROM_DOMAIN"
 is_domain_format_valid "$TO_DOMAIN"
 
-############################
-# handle --parameters=val
-handle_parameter() {
-    origparam=$1
-    searchstring="="
-    paramminuses=${origparam:0:2}
-    if [ "$paramminuses" = "--" ]; then
-        var_without_minuses=${origparam:2}
-        var=${var_without_minuses%%=*}
-        val=${origparam#*$searchstring}
-        #echo $var
-        #echo $val
-        printf -v "$var" '%s' "$val"
-    fi
-}
-numargs=$#
-for ((i=1 ; i <= numargs ; i++))
-do
-    handle_parameter $1
-    shift
-done
+FROM_USER=$user
 
-# Defining password-gen function
-gen_pass() {
-    MATRIX='0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'
-    LENGTH=32
-    while [ ${n:=1} -le $LENGTH ]; do
-        PASS="$PASS${MATRIX:$(($RANDOM%${#MATRIX})):1}"
-        let n+=1
-    done
-    echo "$PASS"
-}
-############################
+r=$(/usr/local/vesta/bin/v-get-database-credentials-of-domain "$FROM_DOMAIN")
+eval $r
 
-###########################################################################
+FROM_FOLDER=$SITE_FOLDER
 
-FROM_USER=$($VESTA/bin/v-search-domain-owner "$FROM_DOMAIN")
-if [ -z "$FROM_USER" ]; then
-    echo "Error: domain $FROM_DOMAIN does not exists"
-    exit 4
-fi
+FROM_CONFIG_FILE=$CONFIG_FILE
+FROM_CONFIG_FILE_FULL_PATH=$CONFIG_FILE_FULL_PATH
 
-FROM_FOLDER="/home/$FROM_USER/web/$FROM_DOMAIN/public_html"
-CHECK_PUBLIC_SHTML=$($VESTA/bin/v-list-web-domain "$FROM_USER" "$FROM_DOMAIN" | grep 'SSL:' | grep -c 'single')
-if [ $CHECK_PUBLIC_SHTML -eq 1 ]; then
-    FROM_FOLDER="/home/$FROM_USER/web/$FROM_DOMAIN/public_shtml"
-fi
-
-if [ ! -z "$FROM_CONFIG_FILE" ]; then
-    FROM_CONFIG_FILE_FULL_PATH="$FROM_FOLDER/$6"
-fi
-if [ -z "$FROM_CONFIG_FILE" ]; then
-    FROM_CONFIG_FILE="wp-config.php"
-    FROM_CONFIG_FILE_FULL_PATH="$FROM_FOLDER/$FROM_CONFIG_FILE"
-fi
 if [ ! -f "$FROM_CONFIG_FILE_FULL_PATH" ]; then
     echo "Error: FROM_CONFIG_FILE_FULL_PATH $FROM_CONFIG_FILE_FULL_PATH does not exists"
-    exit 5
+    exit 3
 fi
 
 IT_IS_WP=0
-if [ -f "$FROM_FOLDER/wp-config.php" ]; then
+if [ "$CMS_TYPE" = "wordpress" ]; then
     IT_IS_WP=1
 fi
 
-if [ $IT_IS_WP -eq 1 ]; then
-    FROM_CONFIG_FILE_FULL_PATH_BACKUP="${FROM_CONFIG_FILE_FULL_PATH}_backup"
-    cp $FROM_CONFIG_FILE_FULL_PATH $FROM_CONFIG_FILE_FULL_PATH_BACKUP
-    sed -i "s|//.*$||g" $FROM_CONFIG_FILE_FULL_PATH_BACKUP
-    if [ -z "$FROM_DATABASE_NAME" ]; then
-        sed -i "s|('|( '|g" $FROM_CONFIG_FILE_FULL_PATH_BACKUP
-        sed -i "s|');|' );|g" $FROM_CONFIG_FILE_FULL_PATH_BACKUP
-        FROM_DATABASE_NAME=$(grep 'DB_NAME' $FROM_CONFIG_FILE_FULL_PATH_BACKUP | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
-    fi
-
-    FROM_DATABASE_USERNAME=$(grep 'DB_USER' $FROM_CONFIG_FILE_FULL_PATH_BACKUP | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
-    FROM_DATABASE_PASSWORD=$(grep 'DB_PASSWORD' $FROM_CONFIG_FILE_FULL_PATH_BACKUP | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
-    rm $FROM_CONFIG_FILE_FULL_PATH_BACKUP
+if [ -z "$FROM_DATABASE_NAME" ]; then
+    FROM_DATABASE_NAME=$DATABASE_NAME
+fi
+if [ -z "$FROM_DATABASE_USERNAME" ]; then
+    FROM_DATABASE_USERNAME=$DATABASE_USERNAME
+fi
+if [ -z "$FROM_DATABASE_PASSWORD" ]; then
+    FROM_DATABASE_PASSWORD=$DATABASE_PASSWORD
 fi
 
 if [ -z "$FROM_DATABASE_NAME" ]; then
     echo "Error: FROM_DATABASE_NAME is empty"
-    exit 6
+    exit 4
 fi
 if [ -z "$FROM_DATABASE_USERNAME" ]; then
     echo "Error: FROM_DATABASE_USERNAME is empty"
-    exit 7
+    exit 5
 fi
 if [ -z "$FROM_DATABASE_PASSWORD" ]; then
     echo "Error: FROM_DATABASE_PASSWORD is empty"
-    exit 8
+    exit 6
 fi
 
-FROM_USER_LEN=${#FROM_USER}
-FROM_USER_LEN=$((FROM_USER_LEN+1))
-
-object=$(grep "DB='$FROM_DATABASE_NAME'" $VESTA/data/users/$FROM_USER/db.conf)
-if [ -z "$object" ]; then
+DB_EXISTS=$(check_if_database_exists "$user" "$FROM_DATABASE_NAME")
+if [ "$DB_EXISTS" = "no" ]; then
     echo "Error: database $FROM_DATABASE_NAME does not exists"
-    exit 9
+    exit 7
 fi
 
-FROM_DATABASE_NAME_WITHOUT_PREFIX=${FROM_DATABASE_NAME:FROM_USER_LEN}
-FROM_DATABASE_USERNAME_WITHOUT_PREFIX=${FROM_DATABASE_USERNAME:FROM_USER_LEN}
+FROM_DATABASE_NAME_WITHOUT_PREFIX=$(get_database_name_without_user_prefix "$FROM_USER" "$FROM_DATABASE_NAME")
+FROM_DATABASE_USERNAME_WITHOUT_PREFIX=$(get_database_name_without_user_prefix "$FROM_USER" "$FROM_DATABASE_USERNAME")
 
 FROM_DOMAIN_HAS_SSL=0
 if [ -f "/home/$FROM_USER/conf/web/ssl.$FROM_DOMAIN.ca" ]; then
     FROM_DOMAIN_HAS_SSL=1
 fi
 
-FROM_DOMAIN_TPL=$($VESTA/bin/v-list-web-domain "$FROM_USER" "$FROM_DOMAIN" | grep 'TEMPLATE:' | awk '{print $2}')
-FROM_DOMAIN_PROXY_TPL=$($VESTA/bin/v-list-web-domain "$FROM_USER" "$FROM_DOMAIN" | grep 'PROXY:' | awk '{print $2}')
-FROM_DOMAIN_PROXY_EXT=$($VESTA/bin/v-list-web-domain "$FROM_USER" "$FROM_DOMAIN" | grep 'PROXY EXT:' | cut -d ' ' -f8- | sed "s# #,#g")
+FROM_DOMAIN_TPL=$(/usr/local/vesta/bin/v-list-web-domain "$FROM_USER" "$FROM_DOMAIN" | grep 'TEMPLATE:' | awk '{print $2}')
+FROM_DOMAIN_PROXY_TPL=$(/usr/local/vesta/bin/v-list-web-domain "$FROM_USER" "$FROM_DOMAIN" | grep 'PROXY:' | awk '{print $2}')
+FROM_DOMAIN_PROXY_EXT=$(/usr/local/vesta/bin/v-list-web-domain "$FROM_USER" "$FROM_DOMAIN" | grep 'PROXY EXT:' | cut -d ' ' -f8- | sed "s# #,#g")
 
 # ----------- TO -------------
 
@@ -174,7 +128,7 @@ CREATE_TO_USER=0
 CREATE_TO_DOMAIN=0
 
 if [ -z "$TO_USER" ]; then
-    TO_USER=$($VESTA/bin/v-search-domain-owner "$TO_DOMAIN")
+    TO_USER=$(/usr/local/vesta/bin/v-search-domain-owner "$TO_DOMAIN")
     if [ -z "$TO_USER" ]; then
         TO_USER=$FROM_USER
         CREATE_TO_DOMAIN=1
@@ -189,7 +143,7 @@ else
 fi
 
 TO_FOLDER="/home/$TO_USER/web/$TO_DOMAIN/public_html"
-CHECK_PUBLIC_SHTML=$($VESTA/bin/v-list-web-domain "$TO_USER" "$TO_DOMAIN" | grep 'SSL:' | grep -c 'single')
+CHECK_PUBLIC_SHTML=$(/usr/local/vesta/bin/v-list-web-domain "$TO_USER" "$TO_DOMAIN" | grep 'SSL:' | grep -c 'single')
 if [ $CHECK_PUBLIC_SHTML -eq 1 ]; then
     TO_FOLDER="/home/$TO_USER/web/$TO_DOMAIN/public_shtml"
 fi
@@ -243,11 +197,8 @@ if [ -z "$TO_DATABASE_PASSWORD" ]; then
     exit 12
 fi
 
-TO_USER_LEN=${#TO_USER}
-TO_USER_LEN=$((TO_USER_LEN+1))
-
-TO_DATABASE_NAME_WITHOUT_PREFIX=${TO_DATABASE_NAME:TO_USER_LEN}
-TO_DATABASE_USERNAME_WITHOUT_PREFIX=${TO_DATABASE_USERNAME:TO_USER_LEN}
+TO_DATABASE_NAME_WITHOUT_PREFIX=$(get_database_name_without_user_prefix "$TO_USER" "$TO_DATABASE_NAME")
+TO_DATABASE_USERNAME_WITHOUT_PREFIX=$(get_database_name_without_user_prefix "$TO_USER" "$TO_DATABASE_USERNAME")
 
 
 TO_DOMAIN_HAS_SSL=0
@@ -315,20 +266,20 @@ read -p "=== Press Enter to continue ==="
 #----------------------------------------------------------#
 
 if [ $CREATE_TO_USER -eq 1 ]; then
-    pass=$(gen_pass)
+    pass=$(vesta_generate_pass 10)
     echo "=== Create user $TO_USER, pass=$pass"
-    $VESTA/bin/v-add-user "$TO_USER" "$pass" "info@$TO_DOMAIN" "default" "Migrated" "site"
+    /usr/local/vesta/bin/v-add-user "$TO_USER" "$pass" "info@$TO_DOMAIN" "default" "Migrated" "site"
 fi
 
 if [ $CREATE_TO_DOMAIN -eq 1 ]; then
     echo "=== Create domain $TO_DOMAIN"
-    $VESTA/bin/v-add-domain "$TO_USER" "$TO_DOMAIN"
+    /usr/local/vesta/bin/v-add-domain "$TO_USER" "$TO_DOMAIN"
     rm $TO_FOLDER/index.html
 fi
 
 if [ $SHOULD_INSTALL_SSL -eq 1 ]; then
     echo "=== Installing LetsEncrypt for domain $TO_DOMAIN"
-    $VESTA/bin/v-add-letsencrypt-domain "$TO_USER" "$TO_DOMAIN" "www.$TO_DOMAIN" "yes"
+    /usr/local/vesta/bin/v-add-letsencrypt-domain "$TO_USER" "$TO_DOMAIN" "www.$TO_DOMAIN" "yes"
     if [ $? -ne 0 ]; then
         echo "=== LetsEncrypt installation failed"
     fi
@@ -336,18 +287,18 @@ fi
 
 if [ ! -z "$FROM_DOMAIN_TPL" ]; then
     echo "=== Set $FROM_DOMAIN_TPL template to domain $TO_DOMAIN"
-    $VESTA/bin/v-change-web-domain-tpl "$TO_USER" "$TO_DOMAIN" "$FROM_DOMAIN_TPL" "yes"
+    /usr/local/vesta/bin/v-change-web-domain-tpl "$TO_USER" "$TO_DOMAIN" "$FROM_DOMAIN_TPL" "yes"
 fi
 
 if [ ! -z "$FROM_DOMAIN_PROXY_TPL" ]; then
     echo "=== Set $FROM_DOMAIN_PROXY_TPL proxy template to domain $TO_DOMAIN"
-    $VESTA/bin/v-change-web-domain-proxy-tpl "$TO_USER" "$TO_DOMAIN" "$FROM_DOMAIN_PROXY_TPL" "$FROM_DOMAIN_PROXY_EXT" "yes"
+    /usr/local/vesta/bin/v-change-web-domain-proxy-tpl "$TO_USER" "$TO_DOMAIN" "$FROM_DOMAIN_PROXY_TPL" "$FROM_DOMAIN_PROXY_EXT" "yes"
 fi
 
 object=$(grep "DB='$TO_DATABASE_NAME'" $VESTA/data/users/$TO_USER/db.conf)
 if [ -z "$object" ]; then
     echo "=== Create database $TO_DATABASE_NAME"
-    $VESTA/bin/v-add-database "$TO_USER" "$TO_DATABASE_NAME_WITHOUT_PREFIX" "$TO_DATABASE_USERNAME_WITHOUT_PREFIX" "$TO_DATABASE_PASSWORD" 'mysql' 'localhost' 'utf8'
+    /usr/local/vesta/bin/v-add-database "$TO_USER" "$TO_DATABASE_NAME_WITHOUT_PREFIX" "$TO_DATABASE_USERNAME_WITHOUT_PREFIX" "$TO_DATABASE_PASSWORD" 'mysql' 'localhost' 'utf8'
 fi
 
 echo "=== Dumping database $FROM_DATABASE_NAME"
@@ -365,21 +316,9 @@ rsync -a --delete $FROM_FOLDER/ $TO_FOLDER/
 echo "=== Chowning to $TO_USER:$TO_USER in folder $TO_FOLDER"
 chown -R $TO_USER:$TO_USER $TO_FOLDER
 
-echo "=== Replacing $FROM_DATABASE_NAME to $TO_DATABASE_NAME in $TO_CONFIG_FILE_FULL_PATH"
-sed -i "s|'$FROM_DATABASE_NAME'|'$TO_DATABASE_NAME'|g" $TO_CONFIG_FILE_FULL_PATH
-sed -i "s|\"$FROM_DATABASE_NAME\"|\"$TO_DATABASE_NAME\"|g" $TO_CONFIG_FILE_FULL_PATH
-sed -i "s|=$FROM_DATABASE_NAME$|=$TO_DATABASE_NAME|g" $TO_CONFIG_FILE_FULL_PATH
-sed -i "s|= $FROM_DATABASE_NAME$|= $TO_DATABASE_NAME|g" $TO_CONFIG_FILE_FULL_PATH
-echo "=== Replacing $FROM_DATABASE_USERNAME to $TO_DATABASE_USERNAME in $TO_CONFIG_FILE_FULL_PATH"
-sed -i "s|'$FROM_DATABASE_USERNAME'|'$TO_DATABASE_USERNAME'|g" $TO_CONFIG_FILE_FULL_PATH
-sed -i "s|\"$FROM_DATABASE_USERNAME\"|\"$TO_DATABASE_USERNAME\"|g" $TO_CONFIG_FILE_FULL_PATH
-sed -i "s|=$FROM_DATABASE_USERNAME$|=$TO_DATABASE_USERNAME|g" $TO_CONFIG_FILE_FULL_PATH
-sed -i "s|= $FROM_DATABASE_USERNAME$|= $TO_DATABASE_USERNAME|g" $TO_CONFIG_FILE_FULL_PATH
-echo "=== Replacing $FROM_DATABASE_PASSWORD to $TO_DATABASE_PASSWORD in $TO_CONFIG_FILE_FULL_PATH"
-sed -i "s|'$FROM_DATABASE_PASSWORD'|'$TO_DATABASE_PASSWORD'|g" $TO_CONFIG_FILE_FULL_PATH
-sed -i "s|\"$FROM_DATABASE_PASSWORD\"|\"$TO_DATABASE_PASSWORD\"|g" $TO_CONFIG_FILE_FULL_PATH
-sed -i "s|=$FROM_DATABASE_PASSWORD$|=$TO_DATABASE_PASSWORD|g" $TO_CONFIG_FILE_FULL_PATH
-sed -i "s|= $FROM_DATABASE_PASSWORD$|= $TO_DATABASE_PASSWORD|g" $TO_CONFIG_FILE_FULL_PATH
+replace_php_config_value "${FROM_DATABASE_NAME}" "${TO_DATABASE_NAME}" "$TO_CONFIG_FILE_FULL_PATH" "yes"
+replace_php_config_value "${FROM_DATABASE_USERNAME}" "${TO_DATABASE_USERNAME}" "$TO_CONFIG_FILE_FULL_PATH" "yes"
+replace_php_config_value "${FROM_DATABASE_PASSWORD}" "${TO_DATABASE_PASSWORD}" "$TO_CONFIG_FILE_FULL_PATH" "yes"
 
 echo "=== Replacing $FROM_DOMAIN to $TO_DOMAIN in folder $TO_FOLDER"
 grep -rl "$FROM_DOMAIN" $TO_FOLDER | xargs sed -i "s#$FROM_DOMAIN#$TO_DOMAIN#g"

From 51fbca0ea79e729ca24c1e04787eb36f57842f98 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 20 Jul 2020 14:14:51 +0200
Subject: [PATCH 1173/2300] Update clamd.conf

---
 install/debian/10/clamav/clamd.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/debian/10/clamav/clamd.conf b/install/debian/10/clamav/clamd.conf
index 10ebbac3..a8d815fe 100644
--- a/install/debian/10/clamav/clamd.conf
+++ b/install/debian/10/clamav/clamd.conf
@@ -1,7 +1,7 @@
 #Automatically Generated by clamav-base postinst
 #To reconfigure clamd run #dpkg-reconfigure clamav-base
 #Please read /usr/share/doc/clamav-base/README.Debian.gz for details
-LocalSocket /var/lib/clamav/clamd.sock
+LocalSocket /var/lib/clamav/clamd.ctl
 FixStaleSocket true
 LocalSocketGroup clamav
 LocalSocketMode 666

From 715262f162588ab0d9ca9c37f5f1c43db0b3f2c8 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 20 Jul 2020 14:19:40 +0200
Subject: [PATCH 1174/2300] Reverting clamav.sock

---
 src/deb/vesta/postinst | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index e414afdb..e0296ff3 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -101,8 +101,8 @@ if [ -f "/lib/systemd/system/clamav-daemon.service" ]; then
 fi
 
 # reverting to default clamd sock
-if [ ! -f "/usr/local/vesta/data/upgrades/change-clamav-socket-v2" ]; then
-    touch /usr/local/vesta/data/upgrades/change-clamav-socket-v2
+if [ ! -f "/usr/local/vesta/data/upgrades/change-clamav-socket-v3" ]; then
+    touch /usr/local/vesta/data/upgrades/change-clamav-socket-v3
     if [ -f "/etc/clamav/clamd.conf" ]; then
         sed -i "s#/var/lib/clamav/clamd.sock#/var/run/clamav/clamd.ctl#g" /etc/clamav/clamd.conf
         if [ -f "/etc/exim4/exim4.conf.template" ]; then

From 397617424d8af27f071d7a0c867343de214aa44d Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 20 Jul 2020 14:21:52 +0200
Subject: [PATCH 1175/2300] Update clamd.conf

---
 install/debian/9/clamav/clamd.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/debian/9/clamav/clamd.conf b/install/debian/9/clamav/clamd.conf
index 84c4807e..3fe6454f 100644
--- a/install/debian/9/clamav/clamd.conf
+++ b/install/debian/9/clamav/clamd.conf
@@ -1,7 +1,7 @@
 #Automatically Generated by clamav-base postinst
 #To reconfigure clamd run #dpkg-reconfigure clamav-base
 #Please read /usr/share/doc/clamav-base/README.Debian.gz for details
-LocalSocket /var/lib/clamav/clamd.sock
+LocalSocket /var/run/clamav/clamd.ctl
 FixStaleSocket true
 LocalSocketGroup clamav
 LocalSocketMode 666

From 30f4c0572e881ae636360c4a1c9718fded45a38e Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 20 Jul 2020 14:22:33 +0200
Subject: [PATCH 1176/2300] Update clamd.conf

---
 install/debian/8/clamav/clamd.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/debian/8/clamav/clamd.conf b/install/debian/8/clamav/clamd.conf
index 84c4807e..3fe6454f 100644
--- a/install/debian/8/clamav/clamd.conf
+++ b/install/debian/8/clamav/clamd.conf
@@ -1,7 +1,7 @@
 #Automatically Generated by clamav-base postinst
 #To reconfigure clamd run #dpkg-reconfigure clamav-base
 #Please read /usr/share/doc/clamav-base/README.Debian.gz for details
-LocalSocket /var/lib/clamav/clamd.sock
+LocalSocket /var/run/clamav/clamd.ctl
 FixStaleSocket true
 LocalSocketGroup clamav
 LocalSocketMode 666

From 65351b52dd349b36a00b60c1900cf9ed4e14114a Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 20 Jul 2020 14:28:21 +0200
Subject: [PATCH 1177/2300] clamav.sock

---
 install/debian/10/exim/exim4.conf.template | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/debian/10/exim/exim4.conf.template b/install/debian/10/exim/exim4.conf.template
index 6e889067..cb6c960c 100644
--- a/install/debian/10/exim/exim4.conf.template
+++ b/install/debian/10/exim/exim4.conf.template
@@ -34,7 +34,7 @@ spamd_address = 127.0.0.1 783
 .endif
 
 .ifdef CLAMD
-av_scanner = clamd: /var/lib/clamav/clamd.sock
+av_scanner = clamd: /var/run/clamav/clamd.ctl
 .endif
 
 tls_advertise_hosts = *

From d48e7337d2360543ce491c3eae1a62dacd2d5813 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 20 Jul 2020 14:29:00 +0200
Subject: [PATCH 1178/2300] Update exim4.conf.template

---
 install/debian/9/exim/exim4.conf.template | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/debian/9/exim/exim4.conf.template b/install/debian/9/exim/exim4.conf.template
index c1f285ea..12b41e40 100644
--- a/install/debian/9/exim/exim4.conf.template
+++ b/install/debian/9/exim/exim4.conf.template
@@ -30,7 +30,7 @@ spamd_address = 127.0.0.1 783
 .endif
 
 .ifdef CLAMD
-av_scanner = clamd: /var/lib/clamav/clamd.sock
+av_scanner = clamd: /var/run/clamav/clamd.ctl
 .endif
 
 tls_advertise_hosts = *

From d4e2bd2f9378b4f32c4a331a3ee6f7db93945e71 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 20 Jul 2020 14:29:42 +0200
Subject: [PATCH 1179/2300] Update exim4.conf.template

---
 install/debian/8/exim/exim4.conf.template | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/debian/8/exim/exim4.conf.template b/install/debian/8/exim/exim4.conf.template
index c1f285ea..12b41e40 100644
--- a/install/debian/8/exim/exim4.conf.template
+++ b/install/debian/8/exim/exim4.conf.template
@@ -30,7 +30,7 @@ spamd_address = 127.0.0.1 783
 .endif
 
 .ifdef CLAMD
-av_scanner = clamd: /var/lib/clamav/clamd.sock
+av_scanner = clamd: /var/run/clamav/clamd.ctl
 .endif
 
 tls_advertise_hosts = *

From 6099b9e99692fa7e6ef70a2e7eb227cc6d1bb178 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 20 Jul 2020 14:34:45 +0200
Subject: [PATCH 1180/2300] Update vst-install-debian.sh

---
 install/vst-install-debian.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index fe385d01..5bedbe33 100755
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1616,6 +1616,7 @@ touch /usr/local/vesta/data/upgrades/tune-fpm-config-files-v2
 touch /usr/local/vesta/data/upgrades/allow-backup-anytime
 touch /usr/local/vesta/data/upgrades/fix-sudoers
 touch /usr/local/vesta/data/upgrades/change-clamav-socket-v2
+touch /usr/local/vesta/data/upgrades/change-clamav-socket-v3
 touch /usr/local/vesta/data/upgrades/keeping-mpm-event
 touch /usr/local/vesta/data/upgrades/fix_ssl_directive_in_templates
 touch /usr/local/vesta/data/upgrades/clamav_block_exe_in_archives

From fe7ae7191732f9b3ee3e8118e02ba14c37c7b0c5 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 20 Jul 2020 15:00:39 +0200
Subject: [PATCH 1181/2300] Update ISSUE_TEMPLATE.md

---
 ISSUE_TEMPLATE.md | 26 +++++++++++---------------
 1 file changed, 11 insertions(+), 15 deletions(-)

diff --git a/ISSUE_TEMPLATE.md b/ISSUE_TEMPLATE.md
index a515b12e..37d774b4 100644
--- a/ISSUE_TEMPLATE.md
+++ b/ISSUE_TEMPLATE.md
@@ -1,23 +1,19 @@
-### Operating System (OS/VERSION):
+### Describe the problem:
 
-Type here, e.g. CentOS 6
-
-### VestaCP Version:
-
-Type here, e.g. 3.14159
-
-### Installed Software (what you got with the installer):
-
-Type here, e.g. php-fpm, apache, nginx, mysql
+Type here what is the problem
 
 ### Steps to Reproduce:
 
-Type here, e.g. install vesta and type rm -rf / --no-preserve-root
+Type here what we should do in order to see bug on our test server
 
-### Related Issues/Forum Threads:
+### Debian version:
 
-Found anything that might be related to this? It might help us find the cause.
+Type here, example: Debian 10
 
-### Other Notes:
+### VestaCP Version:
 
-Anything else?
+Type here, example: 0.9.8.26-29
+
+### Installed Software (what you got with the installer):
+
+Copy here first 22 lines of file /usr/local/vesta/conf/vesta.conf

From c0dc0196196096332cd22aa7f85f83ab349f3a29 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 20 Jul 2020 15:01:25 +0200
Subject: [PATCH 1182/2300] Update ISSUE_TEMPLATE.md

---
 ISSUE_TEMPLATE.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ISSUE_TEMPLATE.md b/ISSUE_TEMPLATE.md
index 37d774b4..526e5166 100644
--- a/ISSUE_TEMPLATE.md
+++ b/ISSUE_TEMPLATE.md
@@ -4,7 +4,7 @@ Type here what is the problem
 
 ### Steps to Reproduce:
 
-Type here what we should do in order to see bug on our test server
+Type here what we should do in order to see the bug on our test server
 
 ### Debian version:
 

From aea9a6a9698394d8c68e03cc5add8d5b21a34663 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 21 Jul 2020 00:07:30 +0200
Subject: [PATCH 1183/2300] Update clamd.conf

---
 install/debian/10/clamav/clamd.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/debian/10/clamav/clamd.conf b/install/debian/10/clamav/clamd.conf
index a8d815fe..c636b6d3 100644
--- a/install/debian/10/clamav/clamd.conf
+++ b/install/debian/10/clamav/clamd.conf
@@ -1,7 +1,7 @@
 #Automatically Generated by clamav-base postinst
 #To reconfigure clamd run #dpkg-reconfigure clamav-base
 #Please read /usr/share/doc/clamav-base/README.Debian.gz for details
-LocalSocket /var/lib/clamav/clamd.ctl
+LocalSocket /var/run/clamav/clamd.ctl
 FixStaleSocket true
 LocalSocketGroup clamav
 LocalSocketMode 666

From 49e405b1d0fe15d4cb4de17159e28a06b6071827 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 21 Jul 2020 00:12:12 +0200
Subject: [PATCH 1184/2300] Update vst-install-debian.sh

---
 install/vst-install-debian.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 5bedbe33..85abdbe2 100755
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1617,6 +1617,7 @@ touch /usr/local/vesta/data/upgrades/allow-backup-anytime
 touch /usr/local/vesta/data/upgrades/fix-sudoers
 touch /usr/local/vesta/data/upgrades/change-clamav-socket-v2
 touch /usr/local/vesta/data/upgrades/change-clamav-socket-v3
+touch /usr/local/vesta/data/upgrades/change-clamav-socket-v4
 touch /usr/local/vesta/data/upgrades/keeping-mpm-event
 touch /usr/local/vesta/data/upgrades/fix_ssl_directive_in_templates
 touch /usr/local/vesta/data/upgrades/clamav_block_exe_in_archives

From 373437e5f0cc5f48d0a97e1638328b2810a9b919 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 21 Jul 2020 00:17:40 +0200
Subject: [PATCH 1185/2300] Update postinst

---
 src/deb/vesta/postinst | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index e0296ff3..31230ceb 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -120,6 +120,18 @@ if [ ! -f "/usr/local/vesta/data/upgrades/change-clamav-socket-v3" ]; then
     fi
 fi
 
+# reverting to default clamd sock
+if [ ! -f "/usr/local/vesta/data/upgrades/change-clamav-socket-v4" ]; then
+    touch /usr/local/vesta/data/upgrades/change-clamav-socket-v4
+    if [ -f "/etc/clamav/clamd.conf" ]; then
+        check_grep=$(grep -c '/var/lib/clamav/clamd.ctl' /etc/clamav/clamd.conf)
+        if [ "$check_grep" -eq 1 ]; then
+            sed -i "s#/var/lib/clamav/clamd.ctl#/var/run/clamav/clamd.ctl#g" /etc/clamav/clamd.conf
+            systemctl restart clamav-daemon
+        fi
+    fi
+fi
+
 # Making sure mpm_event will stay
 if [ ! -f "/usr/local/vesta/data/upgrades/keeping-mpm-event" ]; then
     touch /usr/local/vesta/data/upgrades/keeping-mpm-event

From aeee97ec8a6d4da56e22248101482d13a662dfa2 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 21 Jul 2020 00:33:36 +0200
Subject: [PATCH 1186/2300] Update Changelog.md

---
 Changelog.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/Changelog.md b/Changelog.md
index 624b5b38..f45a88d7 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -1,3 +1,9 @@
+Version 0.9.8-26-29 [21-Jul-2020]
+==================================================
+* [Feature] v-clone-website command moved to vesta-bin folder (becoming standard myVesta command)
+* [Feature] v-migrate-site-to-https command moved to vesta-bin folder (becoming standard myVesta command)
+* [Bugfix] Fix for ClamAV socket
+
 Version 0.9.8-26-28 [15-Jul-2020]
 ==================================================
 * [Feature] v-install-wordpress command introduced

From a9b48b4594398c9b3e49858ba5a753092f709e8d Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 21 Jul 2020 00:35:12 +0200
Subject: [PATCH 1187/2300] Changing Vesta to myVesta in title of hosting panel
 pages

---
 web/templates/header.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/templates/header.html b/web/templates/header.html
index b254b166..f0529c3a 100644
--- a/web/templates/header.html
+++ b/web/templates/header.html
@@ -3,7 +3,7 @@
 
   
   
-  Vesta - <?=__($TAB)?>
+  myVesta - <?=__($TAB)?>
   
   
   
+
+
+
                                   
                                         
                                             

From 3296e9308325ba00a4ce10c31f84d2f9f9b52258 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 13 Jun 2020 00:00:25 +0200
Subject: [PATCH 1043/2300] Clearing letsencrypt pipe

---
 src/deb/vesta/postinst | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index a7178e14..8ce87d16 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -146,6 +146,11 @@ if [ ! -f "/usr/local/vesta/data/upgrades/clamav_block_exe_in_archives" ]; then
     fi
 fi
 
+# Clearing letsencrypt pipe
+if [ -f "/usr/local/vesta/data/queue/letsencrypt.pipe" ]; then
+    truncate -s 0 /usr/local/vesta/data/queue/letsencrypt.pipe
+fi
+
 # Run custom triggers
 if [ -x "/root/vesta-patch.sh" ]; then
     /root/vesta-patch.sh

From c329b4bb96d7bce8e917c53cc013e69315d5bb48 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 13 Jun 2020 00:00:59 +0200
Subject: [PATCH 1044/2300] vesta-0.9.8-26-21

---
 src/deb/latest.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/latest.txt b/src/deb/latest.txt
index 2137e542..9e225905 100644
--- a/src/deb/latest.txt
+++ b/src/deb/latest.txt
@@ -1 +1 @@
-vesta-0.9.8-26-20
+vesta-0.9.8-26-21

From 21d4b3ee400136db0c3acb2b668dd01272641fdf Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 13 Jun 2020 00:03:25 +0200
Subject: [PATCH 1045/2300] Clearing letsencrypt pipe

---
 src/deb/vesta/postinst | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index 8ce87d16..b3b280f5 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -147,8 +147,11 @@ if [ ! -f "/usr/local/vesta/data/upgrades/clamav_block_exe_in_archives" ]; then
 fi
 
 # Clearing letsencrypt pipe
-if [ -f "/usr/local/vesta/data/queue/letsencrypt.pipe" ]; then
-    truncate -s 0 /usr/local/vesta/data/queue/letsencrypt.pipe
+if [ ! -f "/usr/local/vesta/data/upgrades/clearing-letsencrypt-pipe" ]; then
+    touch /usr/local/vesta/data/upgrades/clearing-letsencrypt-pipe
+    if [ -f "/usr/local/vesta/data/queue/letsencrypt.pipe" ]; then
+        truncate -s 0 /usr/local/vesta/data/queue/letsencrypt.pipe
+    fi
 fi
 
 # Run custom triggers

From 396cbc6a26621f6b6e6c6971826909c4fde9e3df Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 13 Jun 2020 00:14:57 +0200
Subject: [PATCH 1046/2300] Blocking executable files inside archives in ClamAV
 [installer]

---
 install/vst-install-debian.sh | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index b4d44207..a6c824ce 100755
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1233,6 +1233,13 @@ if [ "$clamd" = 'yes' ]; then
         sed -i "s|\[Service\]|[Service]\n$exec_pre1\n$exec_pre2|g" /lib/systemd/system/clamav-daemon.service
         systemctl daemon-reload
     fi
+    clamavfolder="/var/lib/clamav"
+    if [ -d "$clamavfolder" ]; then
+        echo "=== Blocking executable files inside zip/rar/tar archives in ClamAV"
+        wget -nv -O $clamavfolder/foxhole_all.cdb http://c.myvestacp.com/tools/clamav/foxhole_all.cdb
+        chown clamav:clamav $clamavfolder/foxhole_all.cdb
+        service clamav-daemon restart
+    fi
     service clamav-daemon start
     check_result $? "clamav-daeom start failed"
 fi
@@ -1600,6 +1607,9 @@ touch /usr/local/vesta/data/upgrades/allow-backup-anytime
 touch /usr/local/vesta/data/upgrades/fix-sudoers
 touch /usr/local/vesta/data/upgrades/change-clamav-socket-v2
 touch /usr/local/vesta/data/upgrades/keeping-mpm-event
+touch /usr/local/vesta/data/upgrades/fix_ssl_directive_in_templates
+touch /usr/local/vesta/data/upgrades/clamav_block_exe_in_archives
+touch /usr/local/vesta/data/upgrades/clearing-letsencrypt-pipe
 
 # Secret URL
 secretquery=''
@@ -1628,7 +1638,7 @@ echo "================================================================"
 crontab -l | { cat; echo "10 2 * * 6 sudo find /home/*/tmp/ -type f -mtime +5 -exec rm {} \;"; } | crontab -
 
 #----------------------------------------------------------#
-#                   Vesta Access Info                      #
+#                  myVesta Access Info                     #
 #----------------------------------------------------------#
 
 # Sending notification to admin email

From 08834fcd15a28fbe185e028f497ca1567d29fcf6 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 13 Jun 2020 00:16:31 +0200
Subject: [PATCH 1047/2300] Update vst-install-debian.sh

---
 install/vst-install-debian.sh | 1 -
 1 file changed, 1 deletion(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index a6c824ce..4a7ea0b6 100755
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1238,7 +1238,6 @@ if [ "$clamd" = 'yes' ]; then
         echo "=== Blocking executable files inside zip/rar/tar archives in ClamAV"
         wget -nv -O $clamavfolder/foxhole_all.cdb http://c.myvestacp.com/tools/clamav/foxhole_all.cdb
         chown clamav:clamav $clamavfolder/foxhole_all.cdb
-        service clamav-daemon restart
     fi
     service clamav-daemon start
     check_result $? "clamav-daeom start failed"

From fe6cb1fbffbd887cb58cb4f0d4f08ed49ef8b7fd Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 13 Jun 2020 01:25:50 +0200
Subject: [PATCH 1048/2300] Checking php7.4 pool conf while deleting domain

---
 bin/v-delete-web-domain | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/bin/v-delete-web-domain b/bin/v-delete-web-domain
index b4885ef3..75399766 100755
--- a/bin/v-delete-web-domain
+++ b/bin/v-delete-web-domain
@@ -87,6 +87,11 @@ if [ -f "$fpmconf" ]; then
     rm $fpmconf
     echo "Deleted: $fpmconf" >> /usr/local/vesta/log/system.log
 fi
+fpmconf="/etc/php/7.4/fpm/pool.d/$domain.conf"
+if [ -f "$fpmconf" ]; then
+    rm $fpmconf
+    echo "Deleted: $fpmconf" >> /usr/local/vesta/log/system.log
+fi
 
 # Deleting domain from web.conf
 sed -i "/DOMAIN='$domain'/ d" $USER_DATA/web.conf

From 473aab08152c9d00b932a7890695be8e0118111f Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 13 Jun 2020 01:27:02 +0200
Subject: [PATCH 1049/2300] vesta-0.9.8-26-22

---
 src/deb/latest.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/latest.txt b/src/deb/latest.txt
index 9e225905..faf2f38e 100644
--- a/src/deb/latest.txt
+++ b/src/deb/latest.txt
@@ -1 +1 @@
-vesta-0.9.8-26-21
+vesta-0.9.8-26-22

From 9021e29b01547a6bb06c53fd6292950ce8b6c378 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 14 Jun 2020 02:02:46 +0200
Subject: [PATCH 1050/2300] Notification for LetsEncrypt

---
 web/templates/admin/add_web.html | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/web/templates/admin/add_web.html b/web/templates/admin/add_web.html
index 3e0478ce..02265380 100644
--- a/web/templates/admin/add_web.html
+++ b/web/templates/admin/add_web.html
@@ -141,6 +141,11 @@
                                       
                                   

+                                          
+                                      
                                   
                                         
                                             

From a352722aa934297bd5939903ec185e01eb7d1e0a Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 14 Jun 2020 02:04:23 +0200
Subject: [PATCH 1051/2300] vesta-0.9.8-26-23

---
 src/deb/latest.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/latest.txt b/src/deb/latest.txt
index faf2f38e..81e25443 100644
--- a/src/deb/latest.txt
+++ b/src/deb/latest.txt
@@ -1 +1 @@
-vesta-0.9.8-26-22
+vesta-0.9.8-26-23

From a3c147292a9d1527a719e21e3503b40d27b5b33e Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 14 Jun 2020 02:18:00 +0200
Subject: [PATCH 1052/2300] LetsEncrypt notification color

---
 web/templates/admin/add_web.html | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/web/templates/admin/add_web.html b/web/templates/admin/add_web.html
index 02265380..d874be32 100644
--- a/web/templates/admin/add_web.html
+++ b/web/templates/admin/add_web.html
@@ -142,8 +142,8 @@
                                   

-                                          
+                                      
+                                          
                                       
                                   
                                   
+
+    
+    
+
+ 
+        
+    
+    
+
+
diff --git a/install/debian/11/templates/web/nginx/caching.sh b/install/debian/11/templates/web/nginx/caching.sh
new file mode 100755
index 00000000..09d8efe7
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/caching.sh
@@ -0,0 +1,19 @@
+#!/bin/bash
+
+user=$1
+domain=$2
+ip=$3
+home=$4
+docroot=$5
+
+str="proxy_cache_path /var/cache/nginx/$domain levels=2" 
+str="$str keys_zone=$domain:10m inactive=60m max_size=512m;" 
+conf='/etc/nginx/conf.d/01_caching_pool.conf'
+if [ -e "$conf" ]; then
+    if [ -z "$(grep "=${domain}:" $conf)" ]; then
+        echo "$str" >> $conf
+    fi
+else
+    echo "$str" >> $conf
+fi
+
diff --git a/install/debian/11/templates/web/nginx/caching.stpl b/install/debian/11/templates/web/nginx/caching.stpl
new file mode 100644
index 00000000..868e2fe9
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/caching.stpl
@@ -0,0 +1,43 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+
+        proxy_cache cache;
+        proxy_cache_valid 15m;
+        proxy_cache_valid 404 1m;
+        proxy_no_cache $no_cache;
+        proxy_cache_bypass $no_cache;
+        proxy_cache_bypass $cookie_session $http_x_update;
+
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            proxy_cache    off;
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/caching.tpl b/install/debian/11/templates/web/nginx/caching.tpl
new file mode 100644
index 00000000..36761b65
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/caching.tpl
@@ -0,0 +1,41 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      http://%ip%:%web_port%;
+
+        proxy_cache cache;
+        proxy_cache_valid 15m;
+        proxy_cache_valid 404 1m;
+        proxy_no_cache $no_cache;
+        proxy_cache_bypass $no_cache;
+        proxy_cache_bypass $cookie_session $http_x_update;
+
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            proxy_cache    off;
+            root           %docroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/force-https-legacy.stpl b/install/debian/11/templates/web/nginx/force-https-legacy.stpl
new file mode 100644
index 00000000..01a4eea3
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/force-https-legacy.stpl
@@ -0,0 +1,38 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+    include %home%/%user%/conf/web/s%proxy_system%.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/force-https-legacy.tpl b/install/debian/11/templates/web/nginx/force-https-legacy.tpl
new file mode 100644
index 00000000..851ac0dc
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/force-https-legacy.tpl
@@ -0,0 +1,8 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    location / {
+        rewrite ^(.*) https://%domain_idn%$1 permanent;
+    }
+include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+}
diff --git a/install/debian/11/templates/web/nginx/force-https-public.stpl b/install/debian/11/templates/web/nginx/force-https-public.stpl
new file mode 100644
index 00000000..22951ae5
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/force-https-public.stpl
@@ -0,0 +1,38 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%/public;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%/public;
+
+    include %home%/%user%/conf/web/snginx.%domain_idn%.conf*;
+}
+
diff --git a/install/debian/11/templates/web/nginx/force-https-public.tpl b/install/debian/11/templates/web/nginx/force-https-public.tpl
new file mode 100644
index 00000000..851ac0dc
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/force-https-public.tpl
@@ -0,0 +1,8 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    location / {
+        rewrite ^(.*) https://%domain_idn%$1 permanent;
+    }
+include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+}
diff --git a/install/debian/11/templates/web/nginx/force-https-webmail-phpmyadmin.stpl b/install/debian/11/templates/web/nginx/force-https-webmail-phpmyadmin.stpl
new file mode 100644
index 00000000..dac7adaf
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/force-https-webmail-phpmyadmin.stpl
@@ -0,0 +1,62 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /webmail {
+        disable_symlinks off;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           /var/lib/roundcube;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /phpmyadmin {
+        disable_symlinks off;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           /usr/share;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/install/debian/11/templates/web/nginx/force-https-webmail-phpmyadmin.tpl b/install/debian/11/templates/web/nginx/force-https-webmail-phpmyadmin.tpl
new file mode 100644
index 00000000..851ac0dc
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/force-https-webmail-phpmyadmin.tpl
@@ -0,0 +1,8 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    location / {
+        rewrite ^(.*) https://%domain_idn%$1 permanent;
+    }
+include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+}
diff --git a/install/debian/11/templates/web/nginx/force-https.stpl b/install/debian/11/templates/web/nginx/force-https.stpl
new file mode 100644
index 00000000..4a8185c8
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/force-https.stpl
@@ -0,0 +1,38 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+    include %home%/%user%/conf/web/s%proxy_system%.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/force-https.tpl b/install/debian/11/templates/web/nginx/force-https.tpl
new file mode 100644
index 00000000..851ac0dc
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/force-https.tpl
@@ -0,0 +1,8 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    location / {
+        rewrite ^(.*) https://%domain_idn%$1 permanent;
+    }
+include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+}
diff --git a/install/debian/11/templates/web/nginx/hosting-legacy.sh b/install/debian/11/templates/web/nginx/hosting-legacy.sh
new file mode 100755
index 00000000..eeed37ef
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/hosting-legacy.sh
@@ -0,0 +1,11 @@
+#!/bin/bash
+# Changing public_html permission
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+chmod 755 $docroot
+
+exit 0
diff --git a/install/debian/11/templates/web/nginx/hosting-legacy.stpl b/install/debian/11/templates/web/nginx/hosting-legacy.stpl
new file mode 100644
index 00000000..cc0370c6
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/hosting-legacy.stpl
@@ -0,0 +1,38 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/install/debian/11/templates/web/nginx/hosting-legacy.tpl b/install/debian/11/templates/web/nginx/hosting-legacy.tpl
new file mode 100644
index 00000000..15961c95
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/hosting-legacy.tpl
@@ -0,0 +1,35 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %docroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
+
diff --git a/install/debian/11/templates/web/nginx/hosting-public.stpl b/install/debian/11/templates/web/nginx/hosting-public.stpl
new file mode 100644
index 00000000..22951ae5
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/hosting-public.stpl
@@ -0,0 +1,38 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%/public;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%/public;
+
+    include %home%/%user%/conf/web/snginx.%domain_idn%.conf*;
+}
+
diff --git a/install/debian/11/templates/web/nginx/hosting-public.tpl b/install/debian/11/templates/web/nginx/hosting-public.tpl
new file mode 100644
index 00000000..9ff417ba
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/hosting-public.tpl
@@ -0,0 +1,35 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %docroot%/public;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%/public;
+
+    include %home%/%user%/conf/web/nginx.%domain_idn%.conf*;
+}
+
diff --git a/install/debian/11/templates/web/nginx/hosting-webmail-phpmyadmin.stpl b/install/debian/11/templates/web/nginx/hosting-webmail-phpmyadmin.stpl
new file mode 100644
index 00000000..dac7adaf
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/hosting-webmail-phpmyadmin.stpl
@@ -0,0 +1,62 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /webmail {
+        disable_symlinks off;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           /var/lib/roundcube;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /phpmyadmin {
+        disable_symlinks off;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           /usr/share;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/install/debian/11/templates/web/nginx/hosting-webmail-phpmyadmin.tpl b/install/debian/11/templates/web/nginx/hosting-webmail-phpmyadmin.tpl
new file mode 100644
index 00000000..5f601672
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/hosting-webmail-phpmyadmin.tpl
@@ -0,0 +1,59 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %docroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /webmail {
+        disable_symlinks off;
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           /var/lib/roundcube;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /phpmyadmin {
+        disable_symlinks off;
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           /usr/share;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
+
diff --git a/install/debian/11/templates/web/nginx/hosting.sh b/install/debian/11/templates/web/nginx/hosting.sh
new file mode 100755
index 00000000..eeed37ef
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/hosting.sh
@@ -0,0 +1,11 @@
+#!/bin/bash
+# Changing public_html permission
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+chmod 755 $docroot
+
+exit 0
diff --git a/install/debian/11/templates/web/nginx/hosting.stpl b/install/debian/11/templates/web/nginx/hosting.stpl
new file mode 100644
index 00000000..30fe0f74
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/hosting.stpl
@@ -0,0 +1,38 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/install/debian/11/templates/web/nginx/hosting.tpl b/install/debian/11/templates/web/nginx/hosting.tpl
new file mode 100644
index 00000000..262417b1
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/hosting.tpl
@@ -0,0 +1,35 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %docroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
+
diff --git a/install/debian/11/templates/web/nginx/php-fpm/cms_made_simple.stpl b/install/debian/11/templates/web/nginx/php-fpm/cms_made_simple.stpl
new file mode 100644
index 00000000..cf8fad56
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/cms_made_simple.stpl
@@ -0,0 +1,55 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ /index.php?page=$request_uri;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/cms_made_simple.tpl b/install/debian/11/templates/web/nginx/php-fpm/cms_made_simple.tpl
new file mode 100644
index 00000000..f9e90393
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/cms_made_simple.tpl
@@ -0,0 +1,52 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        try_files $uri $uri/ /index.php?page=$request_uri;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/codeigniter2.stpl b/install/debian/11/templates/web/nginx/php-fpm/codeigniter2.stpl
new file mode 100644
index 00000000..5931f617
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/codeigniter2.stpl
@@ -0,0 +1,60 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location = /index.php {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param  SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location ~ \.php$ {
+        return 444;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/codeigniter2.tpl b/install/debian/11/templates/web/nginx/php-fpm/codeigniter2.tpl
new file mode 100644
index 00000000..d2422be2
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/codeigniter2.tpl
@@ -0,0 +1,57 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location = /index.php {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param  SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location ~ \.php$ {
+        return 444;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/codeigniter3.stpl b/install/debian/11/templates/web/nginx/php-fpm/codeigniter3.stpl
new file mode 100644
index 00000000..3c2793d1
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/codeigniter3.stpl
@@ -0,0 +1,55 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/codeigniter3.tpl b/install/debian/11/templates/web/nginx/php-fpm/codeigniter3.tpl
new file mode 100644
index 00000000..54f81b99
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/codeigniter3.tpl
@@ -0,0 +1,52 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/datalife_engine.stpl b/install/debian/11/templates/web/nginx/php-fpm/datalife_engine.stpl
new file mode 100644
index 00000000..bb9a727b
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/datalife_engine.stpl
@@ -0,0 +1,126 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+    
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last;
+
+        rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last;
+        rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last;
+        rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last;
+        rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last;
+
+        rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last;
+        rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last;
+        rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last;
+        rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last;
+
+        rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last;
+        rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last;
+
+        rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last;
+        rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last;
+
+        rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last;
+        rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last;
+
+        rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last;
+        rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last;
+        rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last;
+        rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last;
+        rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last;
+        rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last;
+
+        rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last;
+        rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last;
+
+        rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last;
+        rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last;
+        rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last;
+
+        rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last;
+        rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last;
+
+        rewrite "^/favorites(/?)+$" /index.php?do=favorites last;
+        rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last;
+
+        rewrite "^/rules.html$" /index.php?do=rules last;
+        rewrite "^/statistics.html$" /index.php?do=stats last;
+        rewrite "^/addnews.html$" /index.php?do=addnews last;
+        rewrite "^/rss.xml$" /engine/rss.php last;
+        rewrite "^/sitemap.xml$" /uploads/sitemap.xml last;
+
+        if (!-d $request_filename) {
+                rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last;
+                rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last;
+        }
+
+        if (!-f $request_filename) {
+                rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last;
+                rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last;
+                rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last;
+        }
+
+        if (!-f $request_filename) {
+                rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/datalife_engine.tpl b/install/debian/11/templates/web/nginx/php-fpm/datalife_engine.tpl
new file mode 100644
index 00000000..3ea45347
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/datalife_engine.tpl
@@ -0,0 +1,123 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last;
+
+        rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last;
+        rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last;
+        rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last;
+        rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last;
+
+        rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last;
+        rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last;
+        rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last;
+        rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last;
+
+        rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last;
+        rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last;
+
+        rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last;
+        rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last;
+
+        rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last;
+        rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last;
+
+        rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last;
+        rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last;
+        rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last;
+        rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last;
+        rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last;
+        rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last;
+
+        rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last;
+        rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last;
+
+        rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last;
+        rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last;
+        rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last;
+
+        rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last;
+        rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last;
+
+        rewrite "^/favorites(/?)+$" /index.php?do=favorites last;
+        rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last;
+
+        rewrite "^/rules.html$" /index.php?do=rules last;
+        rewrite "^/statistics.html$" /index.php?do=stats last;
+        rewrite "^/addnews.html$" /index.php?do=addnews last;
+        rewrite "^/rss.xml$" /engine/rss.php last;
+        rewrite "^/sitemap.xml$" /uploads/sitemap.xml last;
+
+        if (!-d $request_filename) {
+                rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last;
+                rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last;
+        }
+
+        if (!-f $request_filename) {
+                rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last;
+                rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last;
+                rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last;
+        }
+
+        if (!-f $request_filename) {
+                rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/default.stpl b/install/debian/11/templates/web/nginx/php-fpm/default.stpl
new file mode 100644
index 00000000..f9c01e40
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/default.stpl
@@ -0,0 +1,54 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/default.tpl b/install/debian/11/templates/web/nginx/php-fpm/default.tpl
new file mode 100644
index 00000000..a8909efb
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/default.tpl
@@ -0,0 +1,51 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/dokuwiki.stpl b/install/debian/11/templates/web/nginx/php-fpm/dokuwiki.stpl
new file mode 100644
index 00000000..a7564705
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/dokuwiki.stpl
@@ -0,0 +1,71 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        index doku.php;
+        try_files $uri $uri/ @dokuwiki;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location ~ ^/lib.*\.(gif|png|ico|jpg)$ {
+        expires 30d;
+    }
+
+    location ^~ /conf/ { return 403; }
+    location ^~ /data/ { return 403; }
+
+    location @dokuwiki {
+        rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last;
+        rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last;
+        rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last;
+        rewrite ^/(.*) /doku.php?id=$1 last;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/dokuwiki.tpl b/install/debian/11/templates/web/nginx/php-fpm/dokuwiki.tpl
new file mode 100644
index 00000000..0a9a75ed
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/dokuwiki.tpl
@@ -0,0 +1,67 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        index doku.php;
+        try_files $uri $uri/ @dokuwiki;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location ~ ^/lib.*\.(gif|png|ico|jpg)$ {
+        expires 30d;
+    }
+
+    location ^~ /conf/ { return 403; }
+    location ^~ /data/ { return 403; }
+    location @dokuwiki {
+        rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last;
+        rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last;
+        rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last;
+        rewrite ^/(.*) /doku.php?id=$1 last;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/drupal6.stpl b/install/debian/11/templates/web/nginx/php-fpm/drupal6.stpl
new file mode 100644
index 00000000..6e67a4e0
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/drupal6.stpl
@@ -0,0 +1,94 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+    }
+
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
+    location / {
+        try_files $uri @rewrite;
+    }
+
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
+
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }    
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/drupal6.tpl b/install/debian/11/templates/web/nginx/php-fpm/drupal6.tpl
new file mode 100644
index 00000000..d1096bff
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/drupal6.tpl
@@ -0,0 +1,91 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+        }
+
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+
+    location / {
+        try_files $uri @rewrite;
+    }
+
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
+
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }
+        
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/drupal7.stpl b/install/debian/11/templates/web/nginx/php-fpm/drupal7.stpl
new file mode 100644
index 00000000..32f01a6f
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/drupal7.stpl
@@ -0,0 +1,94 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+    }
+
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
+    location / {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
+
+    location ~ ^/sites/.*/files/styles/ {
+        try_files $uri @rewrite;
+    }
+
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/drupal7.tpl b/install/debian/11/templates/web/nginx/php-fpm/drupal7.tpl
new file mode 100644
index 00000000..c9729795
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/drupal7.tpl
@@ -0,0 +1,91 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+        }
+
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
+    location / {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
+
+    location ~ ^/sites/.*/files/styles/ {
+        try_files $uri @rewrite;
+    }
+
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/drupal8.stpl b/install/debian/11/templates/web/nginx/php-fpm/drupal8.stpl
new file mode 100644
index 00000000..32f01a6f
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/drupal8.stpl
@@ -0,0 +1,94 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+    }
+
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
+    location / {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
+
+    location ~ ^/sites/.*/files/styles/ {
+        try_files $uri @rewrite;
+    }
+
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/drupal8.tpl b/install/debian/11/templates/web/nginx/php-fpm/drupal8.tpl
new file mode 100644
index 00000000..c9729795
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/drupal8.tpl
@@ -0,0 +1,91 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+        }
+
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
+    location / {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
+
+    location ~ ^/sites/.*/files/styles/ {
+        try_files $uri @rewrite;
+    }
+
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/joomla.stpl b/install/debian/11/templates/web/nginx/php-fpm/joomla.stpl
new file mode 100644
index 00000000..d4f96ee3
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/joomla.stpl
@@ -0,0 +1,62 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        # deny running scripts inside writable directories
+        location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ {
+            return 403;
+            error_page 403 /403_error.html;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/joomla.tpl b/install/debian/11/templates/web/nginx/php-fpm/joomla.tpl
new file mode 100644
index 00000000..91b7a8f1
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/joomla.tpl
@@ -0,0 +1,59 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        # deny running scripts inside writable directories
+        location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ {
+            return 403;
+            error_page 403 /403_error.html;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/laravel.stpl b/install/debian/11/templates/web/nginx/php-fpm/laravel.stpl
new file mode 100644
index 00000000..db0b4dde
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/laravel.stpl
@@ -0,0 +1,54 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%/public;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    
+    location / {
+        try_files $uri $uri/ /index.php?$query_string;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/laravel.tpl b/install/debian/11/templates/web/nginx/php-fpm/laravel.tpl
new file mode 100644
index 00000000..d14b0173
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/laravel.tpl
@@ -0,0 +1,50 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%/public;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+    location / {
+        try_files $uri $uri/ /index.php?$query_string;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/magento.stpl b/install/debian/11/templates/web/nginx/php-fpm/magento.stpl
new file mode 100644
index 00000000..f8ac30c9
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/magento.stpl
@@ -0,0 +1,197 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+
+    root        %sdocroot%/pub;
+    index       index.php;
+    autoindex   off;
+    charset     UTF-8;
+    error_page  404 403 = /errors/404.php;
+    add_header  "X-UA-Compatible" "IE=Edge";
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    # PHP entry point for setup application
+    location ~* ^/setup($|/) {
+        root %sdocroot%;
+
+        location ~ ^/setup/index.php {
+            fastcgi_pass   %backend_lsnr%;
+            fastcgi_index  index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            include        /etc/nginx/fastcgi_params;
+        }
+
+        location ~ ^/setup/(?!pub/). {
+            deny all;
+        }
+
+        location ~ ^/setup/pub/ {
+            add_header X-Frame-Options "SAMEORIGIN";
+        }
+    }
+
+    # PHP entry point for update application
+    location ~* ^/update($|/) {
+        root %sdocroot%;
+
+        location ~ ^/update/index.php {
+            fastcgi_split_path_info ^(/update/index.php)(/.+)$;
+            fastcgi_pass   %backend_lsnr%;
+            fastcgi_index  index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            fastcgi_param  PATH_INFO        $fastcgi_path_info;
+            include        /etc/nginx/fastcgi_params;
+        }
+
+        # Deny everything but index.php
+        location ~ ^/update/(?!pub/). {
+            deny all;
+        }
+
+        location ~ ^/update/pub/ {
+            add_header X-Frame-Options "SAMEORIGIN";
+        }
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+    }
+
+    location /pub/ {
+        location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) {
+            deny all;
+        }
+
+        alias %sdocroot%/pub/;
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /static/ {
+        # Uncomment the following line in production mode
+        # expires max;
+
+        # Remove signature of the static files that is used to overcome the browser cache
+        location ~ ^/static/version {
+            rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last;
+        }
+
+        location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+            add_header Cache-Control "public";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires +1y;
+
+            if (!-f $request_filename) {
+                rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+            }
+        }
+
+        location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+            add_header Cache-Control "no-store";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires    off;
+
+            if (!-f $request_filename) {
+                rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+            }
+        }
+
+        if (!-f $request_filename) {
+            rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+        }
+
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /media/ {
+        try_files $uri $uri/ /get.php?$args;
+
+        location ~ ^/media/theme_customization/.*\.xml {
+            deny all;
+        }
+
+        location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+            add_header Cache-Control "public";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires +1y;
+            try_files $uri $uri/ /get.php?$args;
+        }
+
+        location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+            add_header Cache-Control "no-store";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires    off;
+            try_files $uri $uri/ /get.php?$args;
+        }
+
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /media/customer/ {
+        deny all;
+    }
+
+    location /media/downloadable/ {
+        deny all;
+    }
+
+    location /media/import/ {
+        deny all;
+    }
+
+    # PHP entry point for main application
+    location ~ (index|get|static|report|404|503)\.php$ {
+        try_files $uri =404;
+
+        fastcgi_pass   %backend_lsnr%;
+        fastcgi_buffers 1024 4k;
+        fastcgi_read_timeout 600s;
+        fastcgi_connect_timeout 600s;
+
+        fastcgi_index  index.php;
+        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+        include        /etc/nginx/fastcgi_params;
+    }
+
+    gzip on;
+    gzip_disable "msie6";
+
+    gzip_comp_level 6;
+    gzip_min_length 1100;
+    gzip_buffers 16 8k;
+    gzip_proxied any;
+    gzip_types
+        text/plain
+        text/css
+        text/js
+        text/xml
+        text/javascript
+        application/javascript
+        application/x-javascript
+        application/json
+        application/xml
+        application/xml+rss
+        image/svg+xml;
+    gzip_vary on;
+
+    # Banned locations (only reached if the earlier PHP entry point regexes don't match)
+    location ~* (\.php$|\.htaccess$|\.git) {
+        deny all;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/magento.tpl b/install/debian/11/templates/web/nginx/php-fpm/magento.tpl
new file mode 100644
index 00000000..3f292fff
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/magento.tpl
@@ -0,0 +1,194 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+
+    root        %docroot%/pub;
+    index       index.php;
+    autoindex   off;
+    charset     UTF-8;
+    error_page  404 403 = /errors/404.php;
+    add_header  "X-UA-Compatible" "IE=Edge";
+
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    # PHP entry point for setup application
+    location ~* ^/setup($|/) {
+        root %docroot%;
+
+        location ~ ^/setup/index.php {
+            fastcgi_pass   %backend_lsnr%;
+            fastcgi_index  index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            include        /etc/nginx/fastcgi_params;
+        }
+
+        location ~ ^/setup/(?!pub/). {
+            deny all;
+        }
+
+        location ~ ^/setup/pub/ {
+            add_header X-Frame-Options "SAMEORIGIN";
+        }
+    }
+
+    # PHP entry point for update application
+    location ~* ^/update($|/) {
+        root %docroot%;
+
+        location ~ ^/update/index.php {
+            fastcgi_split_path_info ^(/update/index.php)(/.+)$;
+            fastcgi_pass   %backend_lsnr%;
+            fastcgi_index  index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            fastcgi_param  PATH_INFO        $fastcgi_path_info;
+            include        /etc/nginx/fastcgi_params;
+        }
+
+        # Deny everything but index.php
+        location ~ ^/update/(?!pub/). {
+            deny all;
+        }
+
+        location ~ ^/update/pub/ {
+            add_header X-Frame-Options "SAMEORIGIN";
+        }
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+    }
+
+    location /pub/ {
+        location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) {
+            deny all;
+        }
+
+        alias %docroot%/pub/;
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /static/ {
+        # Uncomment the following line in production mode
+        # expires max;
+
+        # Remove signature of the static files that is used to overcome the browser cache
+        location ~ ^/static/version {
+            rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last;
+        }
+
+        location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+            add_header Cache-Control "public";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires +1y;
+
+            if (!-f $request_filename) {
+                rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+            }
+        }
+
+        location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+            add_header Cache-Control "no-store";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires    off;
+
+            if (!-f $request_filename) {
+                rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+            }
+        }
+
+        if (!-f $request_filename) {
+            rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+        }
+
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /media/ {
+        try_files $uri $uri/ /get.php?$args;
+
+        location ~ ^/media/theme_customization/.*\.xml {
+            deny all;
+        }
+
+        location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+            add_header Cache-Control "public";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires +1y;
+            try_files $uri $uri/ /get.php?$args;
+        }
+
+        location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+            add_header Cache-Control "no-store";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires    off;
+            try_files $uri $uri/ /get.php?$args;
+        }
+
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /media/customer/ {
+        deny all;
+    }
+
+    location /media/downloadable/ {
+        deny all;
+    }
+
+    location /media/import/ {
+        deny all;
+    }
+
+    # PHP entry point for main application
+    location ~ (index|get|static|report|404|503)\.php$ {
+        try_files $uri =404;
+
+        fastcgi_pass   %backend_lsnr%;
+        fastcgi_buffers 1024 4k;
+        fastcgi_read_timeout 600s;
+        fastcgi_connect_timeout 600s;
+
+        fastcgi_index  index.php;
+        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+        include        /etc/nginx/fastcgi_params;
+    }
+
+    gzip on;
+    gzip_disable "msie6";
+
+    gzip_comp_level 6;
+    gzip_min_length 1100;
+    gzip_buffers 16 8k;
+    gzip_proxied any;
+    gzip_types
+        text/plain
+        text/css
+        text/js
+        text/xml
+        text/javascript
+        application/javascript
+        application/x-javascript
+        application/json
+        application/xml
+        application/xml+rss
+        image/svg+xml;
+    gzip_vary on;
+
+    # Banned locations (only reached if the earlier PHP entry point regexes don't match)
+    location ~* (\.php$|\.htaccess$|\.git) {
+        deny all;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/modx.stpl b/install/debian/11/templates/web/nginx/php-fpm/modx.stpl
new file mode 100644
index 00000000..420aeb9e
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/modx.stpl
@@ -0,0 +1,68 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+    
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+#   if you need to rewrite www to non-www uncomment bellow
+#   if ($host != '%domain%' ) {
+#       rewrite      ^/(.*)$  https://%domain%/$1  permanent;
+#    }
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ @rewrite;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+    }
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
+    location ~ \.php$ {
+        try_files $uri =404;
+        fastcgi_pass %backend_lsnr%;
+        fastcgi_index index.php;
+        fastcgi_param SCRIPT_FILENAME $request_filename;
+        include /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/modx.tpl b/install/debian/11/templates/web/nginx/php-fpm/modx.tpl
new file mode 100644
index 00000000..342d3ecf
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/modx.tpl
@@ -0,0 +1,65 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+#   if you need to rewrite www to non-www uncomment bellow
+#   if ($host != '%domain%' ) {
+#       rewrite      ^/(.*)$  http://%domain%/$1  permanent;
+#    }
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ @rewrite;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+    }
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
+    location ~ \.php$ {
+        try_files $uri =404;
+        fastcgi_pass %backend_lsnr%;
+        fastcgi_index index.php;
+        fastcgi_param SCRIPT_FILENAME $request_filename;
+        include /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/moodle.stpl b/install/debian/11/templates/web/nginx/php-fpm/moodle.stpl
new file mode 100644
index 00000000..8594ec94
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/moodle.stpl
@@ -0,0 +1,89 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+    }
+
+    # No no for private
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    # Block access to "hidden" files and directories whose names begin with a
+    # period. This includes directories used by version control systems such
+    # as Subversion or Git to store control files.
+    location ~ (^|/)\. {
+            return 403;
+        }
+
+    location / {
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $request_filename;
+            fastcgi_intercept_errors on;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/moodle.tpl b/install/debian/11/templates/web/nginx/php-fpm/moodle.tpl
new file mode 100644
index 00000000..c20ba648
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/moodle.tpl
@@ -0,0 +1,87 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    # Very rarely should these ever be accessed outside of your lan
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+        }
+
+    # No no for private
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    # Block access to "hidden" files and directories whose names begin with a
+    # period. This includes directories used by version control systems such
+    # as Subversion or Git to store control files.
+    location ~ (^|/)\. {
+        return 403;
+    }
+
+    location / {
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $request_filename;
+            fastcgi_intercept_errors on;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/no-php.stpl b/install/debian/11/templates/web/nginx/php-fpm/no-php.stpl
new file mode 100644
index 00000000..4bb50383
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/no-php.stpl
@@ -0,0 +1,46 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    types {
+            text/html   html htm shtml php php5;
+    }
+
+    location / {
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/no-php.tpl b/install/debian/11/templates/web/nginx/php-fpm/no-php.tpl
new file mode 100644
index 00000000..7ff8aa1d
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/no-php.tpl
@@ -0,0 +1,43 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    types {
+            text/html   html htm shtml php php5;
+    }
+
+    location / {
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/odoo.stpl b/install/debian/11/templates/web/nginx/php-fpm/odoo.stpl
new file mode 100644
index 00000000..e28afcfc
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/odoo.stpl
@@ -0,0 +1,69 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
+    proxy_redirect          off;
+
+    proxy_set_header X-Forwarded-Host $host;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_set_header X-Real-IP $remote_addr;
+
+    proxy_connect_timeout   720;
+    proxy_send_timeout      720;
+    proxy_read_timeout      720;
+    send_timeout            720;
+
+    # Allow "Well-Known URIs" as per RFC 5785
+    location ~* ^/.well-known/ {
+        allow all;
+    }
+
+    location / {
+        proxy_pass http://127.0.0.1:8069;
+    }
+
+    location /longpolling {
+        proxy_pass http://127.0.0.1:8072;
+    }
+    
+    location ~* /web/static/ {
+        proxy_cache_valid 200 60m;
+        proxy_buffering on;
+        expires 864000;
+        proxy_pass http://127.0.0.1:8069;
+    }
+    
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/odoo.tpl b/install/debian/11/templates/web/nginx/php-fpm/odoo.tpl
new file mode 100644
index 00000000..b1240aae
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/odoo.tpl
@@ -0,0 +1,66 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+    
+    proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
+    proxy_redirect          off;
+
+    proxy_set_header X-Forwarded-Host $host;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_set_header X-Real-IP $remote_addr;
+
+    proxy_connect_timeout   720;
+    proxy_send_timeout      720;
+    proxy_read_timeout      720;
+    send_timeout            720;
+
+    # Allow "Well-Known URIs" as per RFC 5785
+    location ~* ^/.well-known/ {
+        allow all;
+    }
+
+    location / {
+        proxy_pass http://127.0.0.1:8069;
+    }
+
+    location /longpolling {
+        proxy_pass http://127.0.0.1:8072;
+    }
+    
+    location ~* /web/static/ {
+        proxy_cache_valid 200 60m;
+        proxy_buffering on;
+        expires 864000;
+        proxy_pass http://127.0.0.1:8069;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/opencart.stpl b/install/debian/11/templates/web/nginx/php-fpm/opencart.stpl
new file mode 100644
index 00000000..52706d21
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/opencart.stpl
@@ -0,0 +1,58 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ @opencart;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location @opencart {
+        rewrite ^/(.+)$ /index.php?_route_=$1 last;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/opencart.tpl b/install/debian/11/templates/web/nginx/php-fpm/opencart.tpl
new file mode 100644
index 00000000..d0a9060b
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/opencart.tpl
@@ -0,0 +1,54 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+    location / {
+        try_files $uri $uri/ @opencart;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location @opencart {
+        rewrite ^/(.+)$ /index.php?_route_=$1 last;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/owncloud.stpl b/install/debian/11/templates/web/nginx/php-fpm/owncloud.stpl
new file mode 100644
index 00000000..1b803f97
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/owncloud.stpl
@@ -0,0 +1,84 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
+    rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
+    rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
+
+    error_page 403 = /core/templates/403.php;
+    error_page 404 = /core/templates/404.php;
+
+    location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){
+        deny all;
+    }
+
+    location / {
+        # The following 2 rules are only needed with webfinger
+        rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
+        rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
+        rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
+        rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
+        rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
+        try_files $uri $uri/ /index.php;
+
+        location ~ \.php(?:$|/) {
+            fastcgi_split_path_info ^(.+\.php)(/.+)$;
+            include         /etc/nginx/fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_param PATH_INFO $fastcgi_path_info;
+            #fastcgi_param HTTPS on;
+            fastcgi_pass    %backend_lsnr%;
+        }
+    }
+
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        expires     max;
+        # Some basic cache-control for static files to be sent to the browser
+        add_header Pragma public;
+        add_header Cache-Control "public, must-revalidate, proxy-revalidate";
+    }
+
+    #error_page  403 /error/404.html;
+    #error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/owncloud.tpl b/install/debian/11/templates/web/nginx/php-fpm/owncloud.tpl
new file mode 100644
index 00000000..e3ec31de
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/owncloud.tpl
@@ -0,0 +1,81 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+            access_log off;
+    }
+
+    rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
+    rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
+    rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
+
+    error_page 403 = /core/templates/403.php;
+    error_page 404 = /core/templates/404.php;
+
+    location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){
+        deny all;
+    }
+
+    location / {
+        # The following 2 rules are only needed with webfinger
+        rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
+        rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
+        rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
+        rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
+        rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
+        try_files $uri $uri/ /index.php;
+
+        location ~ \.php(?:$|/) {
+            fastcgi_split_path_info ^(.+\.php)(/.+)$;
+            include         /etc/nginx/fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_param PATH_INFO $fastcgi_path_info;
+            #fastcgi_param HTTPS on;
+            fastcgi_pass    %backend_lsnr%;
+        }
+    }
+
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        expires     max;
+        # Some basic cache-control for static files to be sent to the browser
+        add_header Pragma public;
+        add_header Cache-Control "public, must-revalidate, proxy-revalidate";
+    }
+
+    #error_page  403 /error/404.html;
+    #error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/piwik.stpl b/install/debian/11/templates/web/nginx/php-fpm/piwik.stpl
new file mode 100644
index 00000000..1b299343
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/piwik.stpl
@@ -0,0 +1,72 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        try_files /favicon.ico =204;
+    }
+
+    location / {
+        try_files $uri /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            valid_referers none blocked %domain_idn% %alias_idn%;
+            if ($invalid_referer)  {
+                return 444;
+            }
+            expires     max;
+        }
+
+        location ~* ^/(?:index|piwik)\.php$ {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return 404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    # Any other attempt to access PHP files returns a 404.
+    location ~* ^.+\.php$ {
+        return 404; 
+    }
+
+    # Return a 404 for all text files.
+    location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ {
+            return 404;
+        }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/piwik.tpl b/install/debian/11/templates/web/nginx/php-fpm/piwik.tpl
new file mode 100644
index 00000000..f94fb7de
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/piwik.tpl
@@ -0,0 +1,69 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        try_files /favicon.ico =204;
+    }
+
+    location / {
+        try_files $uri /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            valid_referers none blocked %domain_idn% %alias_idn%;
+            if ($invalid_referer)  {
+                return 444;
+            }
+            expires     max;
+        }
+
+        location ~* ^/(?:index|piwik)\.php$ {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return 404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    # Any other attempt to access PHP files returns a 404.
+    location ~* ^.+\.php$ {
+            return 404; 
+    }
+
+    # Return a 404 for all text files.
+    location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ {
+            return 404;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/pyrocms.stpl b/install/debian/11/templates/web/nginx/php-fpm/pyrocms.stpl
new file mode 100644
index 00000000..6d44f20f
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/pyrocms.stpl
@@ -0,0 +1,65 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%/public;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location /installer {
+            try_files $uri $uri/ /installer/index.php?$query_string;
+        }
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location = /robots.txt  { access_log off; log_not_found off; }
+    location = /favicon.ico { access_log off; log_not_found off; }
+    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ ~$           { access_log off; log_not_found off; deny all; }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/pyrocms.tpl b/install/debian/11/templates/web/nginx/php-fpm/pyrocms.tpl
new file mode 100644
index 00000000..297fe0e8
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/pyrocms.tpl
@@ -0,0 +1,62 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%/public;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location /installer {
+            try_files $uri $uri/ /installer/index.php?$query_string;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location = /robots.txt  { access_log off; log_not_found off; }
+    location = /favicon.ico { access_log off; log_not_found off; }
+    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ ~$           { access_log off; log_not_found off; deny all; }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/sendy.stpl b/install/debian/11/templates/web/nginx/php-fpm/sendy.stpl
new file mode 100644
index 00000000..0b351000
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/sendy.stpl
@@ -0,0 +1,88 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+     location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" {
+        deny all;
+    }
+
+    location ~ /(readme.html|license.txt) {
+        deny all;
+    }
+
+    if (!-f $request_filename){
+        rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+        location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ {
+            expires 1d;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            try_files $uri =404;
+            fastcgi_pass %backend_lsnr%;
+            fastcgi_index index.php;
+            include /etc/nginx/fastcgi_params;
+        }
+
+        location /l/ {
+            rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last;
+        }
+
+        location /t/ {
+            rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last;
+        }
+
+        location /w/ {
+            rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last;
+        }
+
+        location /unsubscribe/ {
+            rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last;
+        }
+
+        location /subscribe/ {
+            rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/sendy.tpl b/install/debian/11/templates/web/nginx/php-fpm/sendy.tpl
new file mode 100644
index 00000000..b27b427d
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/sendy.tpl
@@ -0,0 +1,86 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" {
+        deny all;
+    }
+
+    location ~ /(readme.html|license.txt) {
+        deny all;
+    }
+
+    if (!-f $request_filename){
+        rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+        location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ {
+            expires 1d;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            try_files $uri =404;
+            fastcgi_pass %backend_lsnr%;
+            fastcgi_index index.php;
+            include /etc/nginx/fastcgi_params;
+        }
+
+        location /l/ {
+            rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last;
+        }
+
+        location /t/ {
+            rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last;
+        }
+
+        location /w/ {
+            rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last;
+        }
+
+        location /unsubscribe/ {
+            rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last;
+        }
+
+        location /subscribe/ {
+            rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/wordpress.stpl b/install/debian/11/templates/web/nginx/php-fpm/wordpress.stpl
new file mode 100644
index 00000000..f9c01e40
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/wordpress.stpl
@@ -0,0 +1,54 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/wordpress.tpl b/install/debian/11/templates/web/nginx/php-fpm/wordpress.tpl
new file mode 100644
index 00000000..a8909efb
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/wordpress.tpl
@@ -0,0 +1,51 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/wordpress2.stpl b/install/debian/11/templates/web/nginx/php-fpm/wordpress2.stpl
new file mode 100644
index 00000000..01dfee5b
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/wordpress2.stpl
@@ -0,0 +1,66 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/wordpress2.tpl b/install/debian/11/templates/web/nginx/php-fpm/wordpress2.tpl
new file mode 100644
index 00000000..bccb8b3d
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/wordpress2.tpl
@@ -0,0 +1,63 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/debian/11/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl
new file mode 100644
index 00000000..a5fc46fb
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl
@@ -0,0 +1,71 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        if (!-e $request_filename)
+        {
+            rewrite ^(.+)$ /index.php?q=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain_idn%.conf*;
+} 
diff --git a/install/debian/11/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl b/install/debian/11/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl
new file mode 100644
index 00000000..39e366b7
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl
@@ -0,0 +1,67 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+        
+        if (!-e $request_filename)
+        {
+            rewrite ^(.+)$ /index.php?q=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain_idn%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/private-force-https.stpl b/install/debian/11/templates/web/nginx/private-force-https.stpl
new file mode 100644
index 00000000..2b4e42cc
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/private-force-https.stpl
@@ -0,0 +1,38 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        auth_basic           "Restricted area";
+        auth_basic_user_file /etc/nginx/.htpasswd;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+    include %home%/%user%/conf/web/s%proxy_system%.%domain%.conf*;
+}
diff --git a/install/debian/11/templates/web/nginx/private-force-https.tpl b/install/debian/11/templates/web/nginx/private-force-https.tpl
new file mode 100644
index 00000000..851ac0dc
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/private-force-https.tpl
@@ -0,0 +1,8 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    location / {
+        rewrite ^(.*) https://%domain_idn%$1 permanent;
+    }
+include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+}
diff --git a/install/debian/11/templates/web/nginx/private-hosting.sh b/install/debian/11/templates/web/nginx/private-hosting.sh
new file mode 100755
index 00000000..abc9155d
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/private-hosting.sh
@@ -0,0 +1,11 @@
+#!/bin/bash
+# Changing public_html permission
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+chmod 755 $docroot
+
+exit 0
diff --git a/install/debian/11/templates/web/nginx/private-hosting.stpl b/install/debian/11/templates/web/nginx/private-hosting.stpl
new file mode 100644
index 00000000..60b23c55
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/private-hosting.stpl
@@ -0,0 +1,40 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        auth_basic           "Restricted area";
+        auth_basic_user_file /etc/nginx/.htpasswd;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/snginx.%domain_idn%.conf*;
+}
+
diff --git a/install/debian/11/templates/web/nginx/private-hosting.tpl b/install/debian/11/templates/web/nginx/private-hosting.tpl
new file mode 100644
index 00000000..da70045f
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/private-hosting.tpl
@@ -0,0 +1,37 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        auth_basic           "Restricted area";
+        auth_basic_user_file /etc/nginx/.htpasswd;
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %docroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/nginx.%domain_idn%.conf*;
+}
+
diff --git a/install/debian/11/templates/web/nginx/proxy_ip.tpl b/install/debian/11/templates/web/nginx/proxy_ip.tpl
new file mode 100644
index 00000000..ae195617
--- /dev/null
+++ b/install/debian/11/templates/web/nginx/proxy_ip.tpl
@@ -0,0 +1,9 @@
+server {
+    listen       %ip%:%proxy_port% default;
+    server_name  _;
+    #access_log  /var/log/nginx/%ip%.log main;
+    location / {
+        proxy_pass  http://%ip%:%web_port%;
+   }
+}
+
diff --git a/install/debian/11/templates/web/php-fpm/default.tpl b/install/debian/11/templates/web/php-fpm/default.tpl
new file mode 100644
index 00000000..209e1e43
--- /dev/null
+++ b/install/debian/11/templates/web/php-fpm/default.tpl
@@ -0,0 +1,21 @@
+[%backend%]
+listen = 127.0.0.1:%backend_port%
+listen.allowed_clients = 127.0.0.1
+
+user = %user%
+group = %user%
+
+pm = ondemand
+pm.max_children = 4
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/%user%/tmp
+php_admin_value[session.save_path] = /home/%user%/tmp
+
+env[HOSTNAME] = $HOSTNAME
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/%user%/tmp
+env[TMPDIR] = /home/%user%/tmp
+env[TEMP] = /home/%user%/tmp
diff --git a/install/debian/11/templates/web/php-fpm/no-php.tpl b/install/debian/11/templates/web/php-fpm/no-php.tpl
new file mode 100644
index 00000000..047c33ed
--- /dev/null
+++ b/install/debian/11/templates/web/php-fpm/no-php.tpl
@@ -0,0 +1,20 @@
+;[%backend%]
+;listen = /dev/null
+
+;user = %user%
+;group = %user%
+
+;listen.owner = %user%
+;listen.group = www-data
+
+;pm = ondemand
+;pm.max_children = 4
+;pm.max_requests = 4000
+;pm.process_idle_timeout = 10s
+;pm.status_path = /status
+
+;env[HOSTNAME] = $HOSTNAME
+;env[PATH] = /usr/local/bin:/usr/bin:/bin
+;env[TMP] = /home/%user%/tmp
+;env[TMPDIR] = /home/%user%/tmp
+;env[TEMP] = /home/%user%/tmp
diff --git a/install/debian/11/templates/web/php-fpm/socket.tpl b/install/debian/11/templates/web/php-fpm/socket.tpl
new file mode 100644
index 00000000..a0151084
--- /dev/null
+++ b/install/debian/11/templates/web/php-fpm/socket.tpl
@@ -0,0 +1,24 @@
+[%backend%]
+listen = /var/run/php/%backend%.sock
+listen.allowed_clients = 127.0.0.1
+
+user = %user%
+group = %user%
+
+listen.owner = %user%
+listen.group = www-data
+
+pm = ondemand
+pm.max_children = 4
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/%user%/tmp
+php_admin_value[session.save_path] = /home/%user%/tmp
+
+env[HOSTNAME] = $HOSTNAME
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/%user%/tmp
+env[TMPDIR] = /home/%user%/tmp
+env[TEMP] = /home/%user%/tmp
diff --git a/install/debian/11/templates/web/skel/document_errors/403.html b/install/debian/11/templates/web/skel/document_errors/403.html
new file mode 100755
index 00000000..9c3f6baa
--- /dev/null
+++ b/install/debian/11/templates/web/skel/document_errors/403.html
@@ -0,0 +1,29 @@
+
+
+    403 — Forbidden
+    
+    
+    
+
+
+
+    %domain%
+
+    403
+    Forbidden
+    
+        Unfortunately, you do not have permission to view this
+    
+
+
+
diff --git a/install/debian/11/templates/web/skel/document_errors/404.html b/install/debian/11/templates/web/skel/document_errors/404.html
new file mode 100755
index 00000000..2cee7708
--- /dev/null
+++ b/install/debian/11/templates/web/skel/document_errors/404.html
@@ -0,0 +1,28 @@
+
+
+    404 — Not Found
+    
+    
+    
+
+
+
+    %domain%
+    404
+    Page Not Found
+    
+        It seems that the page you were trying to reach does not exist anymore, or maybe it has just moved.
+        You can start again from the home or go back to previous page.
+    
+
+
diff --git a/install/debian/11/templates/web/skel/document_errors/50x.html b/install/debian/11/templates/web/skel/document_errors/50x.html
new file mode 100755
index 00000000..85ba648b
--- /dev/null
+++ b/install/debian/11/templates/web/skel/document_errors/50x.html
@@ -0,0 +1,29 @@
+
+
+    500 — Internal Sever Error
+    
+    
+    
+
+
+
+    %domain%
+
+    500
+    Internal Server Error
+    
+        Sorry, something went wrong :(
+    
+
+
+
diff --git a/install/debian/11/templates/web/skel/public_html/index.html b/install/debian/11/templates/web/skel/public_html/index.html
new file mode 100755
index 00000000..c2895cf2
--- /dev/null
+++ b/install/debian/11/templates/web/skel/public_html/index.html
@@ -0,0 +1,26 @@
+
+
+    %domain% — Coming Soon
+    
+    
+    
+
+
+
+    %domain%
+    
+        Powered by myVesta
+    
+
+
+
+
diff --git a/install/debian/11/templates/web/skel/public_html/robots.txt b/install/debian/11/templates/web/skel/public_html/robots.txt
new file mode 100755
index 00000000..00ee83dc
--- /dev/null
+++ b/install/debian/11/templates/web/skel/public_html/robots.txt
@@ -0,0 +1,3 @@
+# vestacp autogenerated robots.txt
+User-agent: *
+Crawl-delay: 10
diff --git a/install/debian/11/templates/web/skel/public_shtml/index.html b/install/debian/11/templates/web/skel/public_shtml/index.html
new file mode 100755
index 00000000..c2895cf2
--- /dev/null
+++ b/install/debian/11/templates/web/skel/public_shtml/index.html
@@ -0,0 +1,26 @@
+
+
+    %domain% — Coming Soon
+    
+    
+    
+
+
+
+    %domain%
+    
+        Powered by myVesta
+    
+
+
+
+
diff --git a/install/debian/11/templates/web/skel/public_shtml/robots.txt b/install/debian/11/templates/web/skel/public_shtml/robots.txt
new file mode 100755
index 00000000..00ee83dc
--- /dev/null
+++ b/install/debian/11/templates/web/skel/public_shtml/robots.txt
@@ -0,0 +1,3 @@
+# vestacp autogenerated robots.txt
+User-agent: *
+Crawl-delay: 10
diff --git a/install/debian/11/templates/web/suspend/.htaccess b/install/debian/11/templates/web/suspend/.htaccess
new file mode 100755
index 00000000..5a6df83f
--- /dev/null
+++ b/install/debian/11/templates/web/suspend/.htaccess
@@ -0,0 +1,2 @@
+ErrorDocument 403 /index.html
+ErrorDocument 404 /index.html
diff --git a/install/debian/11/templates/web/suspend/index.html b/install/debian/11/templates/web/suspend/index.html
new file mode 100755
index 00000000..3815354d
--- /dev/null
+++ b/install/debian/11/templates/web/suspend/index.html
@@ -0,0 +1,25 @@
+
+
+    Website Suspended
+    
+    
+    
+
+
+    Temporary under construction
+    This website is temporary under construction.
+    
+        We will back again soon.
+    
+
+
diff --git a/install/debian/11/templates/web/webalizer/webalizer.tpl b/install/debian/11/templates/web/webalizer/webalizer.tpl
new file mode 100755
index 00000000..068adcfb
--- /dev/null
+++ b/install/debian/11/templates/web/webalizer/webalizer.tpl
@@ -0,0 +1,110 @@
+HostName         %domain_idn%
+LogFile          /var/log/%web_system%/domains/%domain%.log
+OutputDir        %home%/%user%/web/%domain%/stats
+HistoryName      %home%/%user%/web/%domain%/stats/%domain%.hist
+Incremental      yes
+IncrementalName  %home%/%user%/web/%domain%/stats/%domain%.current
+PageType         htm*
+PageType         cgi
+PageType         php
+PageType         shtml
+DNSCache         /var/lib/webalizer/dns_cache.db
+DNSChildren      10
+Quiet            yes
+FoldSeqErr       yes
+IndexAlias       index.php
+HideURL          *.gif
+HideURL          *.GIF
+HideURL          *.jpg
+HideURL          *.JPG
+HideURL          *.png
+HideURL          *.PNG
+HideURL          *.ra
+SearchEngine     abcsearch.          terms=
+SearchEngine     alexa.              q=
+SearchEngine     alltheweb.          q=
+SearchEngine     alltheweb.          query=
+SearchEngine     alot.               q=
+SearchEngine     altavista.          q=
+SearchEngine     aolsearch.          query=
+SearchEngine     aport.ru            r=
+SearchEngine     ask.                q=
+SearchEngine     atlas.cz            q=
+SearchEngine     bbc.                q=
+SearchEngine     bing.               q=
+SearchEngine     blingo.             q=
+SearchEngine     blogs.yandex.ru     text=
+SearchEngine     btopenworld         query=
+SearchEngine     buscador.ya.com     q=
+SearchEngine     busca.              q=
+SearchEngine     business.           query=
+SearchEngine     centrum.cz          q=
+SearchEngine     chiff.              q=
+SearchEngine     clusty.             query=
+SearchEngine     comcast.            q=
+SearchEngine     crawler.            q=
+SearchEngine     cuil.               q=
+SearchEngine     dmoz.               search=
+SearchEngine     dogpile.com         q=
+SearchEngine     dpxml               qkw=
+SearchEngine     eureka.             searchword=
+SearchEngine     euroseek.           string=
+SearchEngine     exalead.            q=
+SearchEngine     excite              search=
+SearchEngine     ezilon.             q=
+SearchEngine     fastbrowsersearch.  q=
+SearchEngine     feedster.com        q=
+SearchEngine     fireball.de         q=
+SearchEngine     fireball.           keyword=
+SearchEngine     freeserve.          q=
+SearchEngine     gigablast.          q=
+SearchEngine     gogo.ru             q=
+SearchEngine     go.mail.ru          q=
+SearchEngine     google.             q=
+SearchEngine     hakia.              q=
+SearchEngine     hotbot.             query=
+SearchEngine     infoseek.           qt=
+SearchEngine     iwon                searchfor=
+SearchEngine     ixquick.com         query=
+SearchEngine     joeant.             keywords=
+SearchEngine     jyxo.cz             s=
+SearchEngine     looksmart.          key=
+SearchEngine     lycos.              query=
+SearchEngine     mamma.              q=
+SearchEngine     metacrawler         q=
+SearchEngine     msn.                MT=
+SearchEngine     msxml               qkw=
+SearchEngine     mysearch.           searchfor=
+SearchEngine     mywebsearch.        searchfor=
+SearchEngine     netscape.           q=
+SearchEngine     nigma.ru            q=
+SearchEngine     northernlight.      qr=
+SearchEngine     ntlworld.           q=
+SearchEngine     orange.             q=
+SearchEngine     overture.           Keywords=
+SearchEngine     punto.ru            text=
+SearchEngine     rambler.            keyword=
+SearchEngine     search.aol.         q=
+SearchEngine     search.babylon.     q=
+SearchEngine     search.centrum.     phrase=
+SearchEngine     search.conduit.     q=
+SearchEngine     search.earthlink    q=
+SearchEngine     search.icq.         q=
+SearchEngine     search.live.com     q=
+SearchEngine     search.rambler.ru   words=
+SearchEngine     search.winamp.      q=
+SearchEngine     searchy.            q=
+SearchEngine     seznam.cz           w=
+SearchEngine     snap.               query=
+SearchEngine     teoma.              q=
+SearchEngine     teradex.com         q=
+SearchEngine     ukplus              key=
+SearchEngine     verizon.            q=
+SearchEngine     virginmedia.        q=
+SearchEngine     voila.              rdata=
+SearchEngine     webcrawler          searchText=
+SearchEngine     web.search.naver.   query=
+SearchEngine     wisenut             q=
+SearchEngine     yahoo.              p=
+SearchEngine     yandex.             text=
+SearchEngine     yodao.              q=
diff --git a/install/debian/11/vsftpd/vsftpd.conf b/install/debian/11/vsftpd/vsftpd.conf
new file mode 100644
index 00000000..1ca1a992
--- /dev/null
+++ b/install/debian/11/vsftpd/vsftpd.conf
@@ -0,0 +1,26 @@
+anonymous_enable=NO
+local_enable=YES
+write_enable=YES
+local_umask=022
+anon_umask=022
+anon_upload_enable=NO
+dirmessage_enable=YES
+xferlog_enable=YES
+connect_from_port_20=YES
+xferlog_std_format=YES
+dual_log_enable=YES
+chroot_local_user=YES
+listen=YES
+pam_service_name=vsftpd
+userlist_enable=NO
+tcp_wrappers=YES
+force_dot_files=YES
+ascii_upload_enable=YES
+ascii_download_enable=YES
+#allow_writable_chroot=YES
+allow_writeable_chroot=YES
+seccomp_sandbox=NO
+pasv_enable=YES
+pasv_max_port=12100
+pasv_min_port=12000
+use_localtime=YES

From fb98936297b472d5c3740332c65854f87c7e75de Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 16 Jul 2021 14:28:44 +0200
Subject: [PATCH 1494/2300] deb11 proftpd identlookups fix

---
 install/debian/11/proftpd/proftpd.conf | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/install/debian/11/proftpd/proftpd.conf b/install/debian/11/proftpd/proftpd.conf
index b144b8a5..4e7f798f 100644
--- a/install/debian/11/proftpd/proftpd.conf
+++ b/install/debian/11/proftpd/proftpd.conf
@@ -28,7 +28,9 @@ SystemLog                       /var/log/proftpd/proftpd.log
 
 
   Umask                         002
-  IdentLookups                  off
+  
+    IdentLookups                  off
+  
   AllowOverwrite                yes
   
     AllowAll

From ebe60ba28ced07b25fd8b91f7cb4b5ca38e95061 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 16 Jul 2021 15:19:44 +0200
Subject: [PATCH 1495/2300] php7.4 patches for deb11

---
 install/debian/11/php/php7.4-dedi.patch | 87 +++++++++++++++++++++++++
 install/debian/11/php/php7.4-vps.patch  | 87 +++++++++++++++++++++++++
 2 files changed, 174 insertions(+)
 create mode 100644 install/debian/11/php/php7.4-dedi.patch
 create mode 100644 install/debian/11/php/php7.4-vps.patch

diff --git a/install/debian/11/php/php7.4-dedi.patch b/install/debian/11/php/php7.4-dedi.patch
new file mode 100644
index 00000000..c622b51c
--- /dev/null
+++ b/install/debian/11/php/php7.4-dedi.patch
@@ -0,0 +1,87 @@
+--- /etc/php/7.4/fpm/php.ini.orig	2021-02-20 10:45:56.000000000 +0100
++++ /etc/php/7.4/fpm/php.ini	2021-07-16 15:17:44.465823204 +0200
+@@ -309,7 +309,8 @@
+ ; This directive allows you to disable certain functions.
+ ; It receives a comma-delimited list of function names.
+ ; http://php.net/disable-functions
+-disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
++; disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
++disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,exec,system,passthru,shell_exec,proc_open,popen
+ 
+ ; This directive allows you to disable certain classes.
+ ; It receives a comma-delimited list of class names.
+@@ -402,11 +403,11 @@
+ ;max_input_nesting_level = 64
+ 
+ ; How many GET/POST/COOKIE input variables may be accepted
+-;max_input_vars = 1000
++max_input_vars = 6000
+ 
+ ; Maximum amount of memory a script may consume
+ ; http://php.net/memory-limit
+-memory_limit = 128M
++memory_limit = 256M
+ 
+ ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+ ; Error handling and logging ;
+@@ -691,7 +692,7 @@
+ ; Its value may be 0 to disable the limit. It is ignored if POST data reading
+ ; is disabled through enable_post_data_reading.
+ ; http://php.net/post-max-size
+-post_max_size = 8M
++post_max_size = 60M
+ 
+ ; Automatically add files before PHP document.
+ ; http://php.net/auto-prepend-file
+@@ -843,7 +844,7 @@
+ 
+ ; Maximum allowed size for uploaded files.
+ ; http://php.net/upload-max-filesize
+-upload_max_filesize = 2M
++upload_max_filesize = 50M
+ 
+ ; Maximum number of files that can be uploaded via a single request
+ max_file_uploads = 20
+@@ -959,7 +960,7 @@
+ [Date]
+ ; Defines the default timezone used by the date functions
+ ; http://php.net/date.timezone
+-;date.timezone =
++date.timezone = UTC
+ 
+ ; http://php.net/date.default-latitude
+ ;date.default_latitude = 31.7667
+@@ -1089,7 +1090,7 @@
+ 
+ ; The path to a log file that will log all mail() calls. Log entries include
+ ; the full path of the script, line number, To address and headers.
+-;mail.log =
++mail.log = /var/log/php-mail.log
+ ; Log mail to syslog (Event Log on Windows).
+ ;mail.log = syslog
+ 
+@@ -1766,20 +1767,20 @@
+ 
+ [opcache]
+ ; Determines if Zend OPCache is enabled
+-;opcache.enable=1
++opcache.enable=1
+ 
+ ; Determines if Zend OPCache is enabled for the CLI version of PHP
+-;opcache.enable_cli=0
++opcache.enable_cli=0
+ 
+ ; The OPcache shared memory storage size.
+-;opcache.memory_consumption=128
++opcache.memory_consumption=2048
+ 
+ ; The amount of memory for interned strings in Mbytes.
+ ;opcache.interned_strings_buffer=8
+ 
+ ; The maximum number of keys (scripts) in the OPcache hash table.
+ ; Only numbers between 200 and 1000000 are allowed.
+-;opcache.max_accelerated_files=10000
++opcache.max_accelerated_files=100000
+ 
+ ; The maximum percentage of "wasted" memory until a restart is scheduled.
+ ;opcache.max_wasted_percentage=5
diff --git a/install/debian/11/php/php7.4-vps.patch b/install/debian/11/php/php7.4-vps.patch
new file mode 100644
index 00000000..e78199bc
--- /dev/null
+++ b/install/debian/11/php/php7.4-vps.patch
@@ -0,0 +1,87 @@
+--- /etc/php/7.4/fpm/php.ini.orig	2021-02-20 10:45:56.000000000 +0100
++++ /etc/php/7.4/fpm/php.ini	2021-07-16 15:05:25.244169530 +0200
+@@ -309,7 +309,8 @@
+ ; This directive allows you to disable certain functions.
+ ; It receives a comma-delimited list of function names.
+ ; http://php.net/disable-functions
+-disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
++; disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
++disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,exec,system,passthru,shell_exec,proc_open,popen
+ 
+ ; This directive allows you to disable certain classes.
+ ; It receives a comma-delimited list of class names.
+@@ -402,11 +403,11 @@
+ ;max_input_nesting_level = 64
+ 
+ ; How many GET/POST/COOKIE input variables may be accepted
+-;max_input_vars = 1000
++max_input_vars = 6000
+ 
+ ; Maximum amount of memory a script may consume
+ ; http://php.net/memory-limit
+-memory_limit = 128M
++memory_limit = 256M
+ 
+ ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+ ; Error handling and logging ;
+@@ -691,7 +692,7 @@
+ ; Its value may be 0 to disable the limit. It is ignored if POST data reading
+ ; is disabled through enable_post_data_reading.
+ ; http://php.net/post-max-size
+-post_max_size = 8M
++post_max_size = 60M
+ 
+ ; Automatically add files before PHP document.
+ ; http://php.net/auto-prepend-file
+@@ -843,7 +844,7 @@
+ 
+ ; Maximum allowed size for uploaded files.
+ ; http://php.net/upload-max-filesize
+-upload_max_filesize = 2M
++upload_max_filesize = 50M
+ 
+ ; Maximum number of files that can be uploaded via a single request
+ max_file_uploads = 20
+@@ -959,7 +960,7 @@
+ [Date]
+ ; Defines the default timezone used by the date functions
+ ; http://php.net/date.timezone
+-;date.timezone =
++date.timezone = UTC
+ 
+ ; http://php.net/date.default-latitude
+ ;date.default_latitude = 31.7667
+@@ -1089,7 +1090,7 @@
+ 
+ ; The path to a log file that will log all mail() calls. Log entries include
+ ; the full path of the script, line number, To address and headers.
+-;mail.log =
++mail.log = /var/log/php-mail.log
+ ; Log mail to syslog (Event Log on Windows).
+ ;mail.log = syslog
+ 
+@@ -1766,20 +1767,20 @@
+ 
+ [opcache]
+ ; Determines if Zend OPCache is enabled
+-;opcache.enable=1
++opcache.enable=1
+ 
+ ; Determines if Zend OPCache is enabled for the CLI version of PHP
+-;opcache.enable_cli=0
++opcache.enable_cli=0
+ 
+ ; The OPcache shared memory storage size.
+-;opcache.memory_consumption=128
++opcache.memory_consumption=512
+ 
+ ; The amount of memory for interned strings in Mbytes.
+ ;opcache.interned_strings_buffer=8
+ 
+ ; The maximum number of keys (scripts) in the OPcache hash table.
+ ; Only numbers between 200 and 1000000 are allowed.
+-;opcache.max_accelerated_files=10000
++opcache.max_accelerated_files=100000
+ 
+ ; The maximum percentage of "wasted" memory until a restart is scheduled.
+ ;opcache.max_wasted_percentage=5

From fd82be8cf2f1edb086d04dd687c0f1f9d4ff0bd1 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 16 Jul 2021 15:42:26 +0200
Subject: [PATCH 1496/2300] Update php7.4-vps.patch

---
 install/debian/11/php/php7.4-vps.patch | 9 ---------
 1 file changed, 9 deletions(-)

diff --git a/install/debian/11/php/php7.4-vps.patch b/install/debian/11/php/php7.4-vps.patch
index e78199bc..4fd24e55 100644
--- a/install/debian/11/php/php7.4-vps.patch
+++ b/install/debian/11/php/php7.4-vps.patch
@@ -42,15 +42,6 @@
  
  ; Maximum number of files that can be uploaded via a single request
  max_file_uploads = 20
-@@ -959,7 +960,7 @@
- [Date]
- ; Defines the default timezone used by the date functions
- ; http://php.net/date.timezone
--;date.timezone =
-+date.timezone = UTC
- 
- ; http://php.net/date.default-latitude
- ;date.default_latitude = 31.7667
 @@ -1089,7 +1090,7 @@
  
  ; The path to a log file that will log all mail() calls. Log entries include

From b27e96b285d02e8d31d70dafef8676687c381e63 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 16 Jul 2021 15:43:10 +0200
Subject: [PATCH 1497/2300] Update php7.4-dedi.patch

---
 install/debian/11/php/php7.4-dedi.patch | 9 ---------
 1 file changed, 9 deletions(-)

diff --git a/install/debian/11/php/php7.4-dedi.patch b/install/debian/11/php/php7.4-dedi.patch
index c622b51c..4b533087 100644
--- a/install/debian/11/php/php7.4-dedi.patch
+++ b/install/debian/11/php/php7.4-dedi.patch
@@ -42,15 +42,6 @@
  
  ; Maximum number of files that can be uploaded via a single request
  max_file_uploads = 20
-@@ -959,7 +960,7 @@
- [Date]
- ; Defines the default timezone used by the date functions
- ; http://php.net/date.timezone
--;date.timezone =
-+date.timezone = UTC
- 
- ; http://php.net/date.default-latitude
- ;date.default_latitude = 31.7667
 @@ -1089,7 +1090,7 @@
  
  ; The path to a log file that will log all mail() calls. Log entries include

From 823ab23c3e34dc487a2daaf5297bb6cd289cc975 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 16 Jul 2021 16:27:40 +0200
Subject: [PATCH 1498/2300] php7.4 patches

---
 install/debian/11/php/php7.4-dedi.patch | 4 ++--
 install/debian/11/php/php7.4-vps.patch  | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/install/debian/11/php/php7.4-dedi.patch b/install/debian/11/php/php7.4-dedi.patch
index 4b533087..3e5bd2fb 100644
--- a/install/debian/11/php/php7.4-dedi.patch
+++ b/install/debian/11/php/php7.4-dedi.patch
@@ -1,5 +1,5 @@
---- /etc/php/7.4/fpm/php.ini.orig	2021-02-20 10:45:56.000000000 +0100
-+++ /etc/php/7.4/fpm/php.ini	2021-07-16 15:17:44.465823204 +0200
+--- /etc/php/7.4/fpm/php.ini.orig	2021-07-16 16:12:30.027464762 +0200
++++ /etc/php/7.4/fpm/php.ini	2021-07-16 16:25:15.000000000 +0200
 @@ -309,7 +309,8 @@
  ; This directive allows you to disable certain functions.
  ; It receives a comma-delimited list of function names.
diff --git a/install/debian/11/php/php7.4-vps.patch b/install/debian/11/php/php7.4-vps.patch
index 4fd24e55..7c52d402 100644
--- a/install/debian/11/php/php7.4-vps.patch
+++ b/install/debian/11/php/php7.4-vps.patch
@@ -1,5 +1,5 @@
---- /etc/php/7.4/fpm/php.ini.orig	2021-02-20 10:45:56.000000000 +0100
-+++ /etc/php/7.4/fpm/php.ini	2021-07-16 15:05:25.244169530 +0200
+--- /etc/php/7.4/fpm/php.ini.orig	2021-07-16 16:12:30.027464762 +0200
++++ /etc/php/7.4/fpm/php.ini	2021-07-16 16:24:26.000000000 +0200
 @@ -309,7 +309,8 @@
  ; This directive allows you to disable certain functions.
  ; It receives a comma-delimited list of function names.

From a0c1145fe78163abb9091f28d1dd3e7cb1b1e39d Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 16 Jul 2021 21:01:13 +0200
Subject: [PATCH 1499/2300] php7.4 apache templates

---
 .../web/apache2/PHP-FPM-74-public.sh          | 92 +++++++++++++++++++
 .../web/apache2/PHP-FPM-74-public.stpl        | 44 +++++++++
 .../web/apache2/PHP-FPM-74-public.tpl         | 38 ++++++++
 .../11/templates/web/apache2/PHP-FPM-74.sh    | 92 +++++++++++++++++++
 .../11/templates/web/apache2/PHP-FPM-74.stpl  | 44 +++++++++
 .../11/templates/web/apache2/PHP-FPM-74.tpl   | 38 ++++++++
 6 files changed, 348 insertions(+)
 create mode 100644 install/debian/11/templates/web/apache2/PHP-FPM-74-public.sh
 create mode 100644 install/debian/11/templates/web/apache2/PHP-FPM-74-public.stpl
 create mode 100644 install/debian/11/templates/web/apache2/PHP-FPM-74-public.tpl
 create mode 100644 install/debian/11/templates/web/apache2/PHP-FPM-74.sh
 create mode 100644 install/debian/11/templates/web/apache2/PHP-FPM-74.stpl
 create mode 100644 install/debian/11/templates/web/apache2/PHP-FPM-74.tpl

diff --git a/install/debian/11/templates/web/apache2/PHP-FPM-74-public.sh b/install/debian/11/templates/web/apache2/PHP-FPM-74-public.sh
new file mode 100644
index 00000000..6f6290b1
--- /dev/null
+++ b/install/debian/11/templates/web/apache2/PHP-FPM-74-public.sh
@@ -0,0 +1,92 @@
+#!/bin/bash
+# Adding php pool conf
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+pool_conf="[$2]
+
+listen = /run/php/php7.4-fpm-$2.sock
+listen.owner = $1
+listen.group = $1
+listen.mode = 0666
+
+user = $1
+group = $1
+
+pm = ondemand
+pm.max_children = 16
+request_terminate_timeout = 30s
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/$1/tmp
+php_admin_value[session.save_path] = /home/$1/tmp
+php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
+php_admin_value[upload_max_filesize] = 80M
+php_admin_value[max_execution_time] = 20
+php_admin_value[post_max_size] = 80M
+php_admin_value[memory_limit] = 256M
+php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
+php_admin_flag[mysql.allow_persistent] = off
+php_admin_flag[safe_mode] = off
+
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/$1/tmp
+env[TMPDIR] = /home/$1/tmp
+env[TEMP] = /home/$1/tmp
+"
+
+pool_file_56="/etc/php/5.6/fpm/pool.d/$2.conf"
+pool_file_70="/etc/php/7.0/fpm/pool.d/$2.conf"
+pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
+pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
+pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
+pool_file_74="/etc/php/7.4/fpm/pool.d/$2.conf"
+
+if [ -f "$pool_file_56" ]; then
+    rm $pool_file_56
+    service php5.6-fpm restart
+fi
+
+if [ -f "$pool_file_70" ]; then
+    rm $pool_file_70
+    service php7.0-fpm restart
+fi
+
+if [ -f "$pool_file_71" ]; then
+    rm $pool_file_71
+    service php7.1-fpm restart
+fi
+
+if [ -f "$pool_file_72" ]; then
+    rm $pool_file_72
+    service php7.2-fpm restart
+fi
+
+if [ -f "$pool_file_73" ]; then
+    rm $pool_file_73
+    service php7.3-fpm restart
+fi
+
+write_file=0
+if [ ! -f "$pool_file_74" ]; then
+  write_file=1
+else
+  user_count=$(grep -c "/home/$1/" $pool_file_74)
+  if [ $user_count -eq 0 ]; then
+    write_file=1
+  fi
+fi
+if [ $write_file -eq 1 ]; then
+    echo "$pool_conf" > $pool_file_74
+    service php7.4-fpm restart
+fi
+if [ -f "/etc/php/7.4/fpm/pool.d/www.conf" ]; then
+    rm /etc/php/7.4/fpm/pool.d/www.conf
+fi
+
+exit 0
\ No newline at end of file
diff --git a/install/debian/11/templates/web/apache2/PHP-FPM-74-public.stpl b/install/debian/11/templates/web/apache2/PHP-FPM-74-public.stpl
new file mode 100644
index 00000000..fdbc26f9
--- /dev/null
+++ b/install/debian/11/templates/web/apache2/PHP-FPM-74-public.stpl
@@ -0,0 +1,44 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %sdocroot%/public
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+    
+    
+        AllowOverride All
+        SSLRequireSSL
+        Options +Includes -Indexes +ExecCGI
+	
+    SSLEngine on
+    SSLVerifyClient none
+    SSLCertificateFile %ssl_crt%
+    SSLCertificateKeyFile %ssl_key%
+    %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+#    
+#        RMode config
+#        RUidGid %user% %group%
+#        RGroups www-data
+#    
+#    
+#        AssignUserID %user% %group%
+#    
+
+    
+        SetHandler "proxy:unix:/run/php/php7.4-fpm-%domain%.sock|fcgi://localhost/"
+    
+    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
+
+    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/install/debian/11/templates/web/apache2/PHP-FPM-74-public.tpl b/install/debian/11/templates/web/apache2/PHP-FPM-74-public.tpl
new file mode 100644
index 00000000..614f20c3
--- /dev/null
+++ b/install/debian/11/templates/web/apache2/PHP-FPM-74-public.tpl
@@ -0,0 +1,38 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %docroot%/public
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+    
+    
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+    
+#    
+#        RMode config
+#        RUidGid %user% %group%
+#        RGroups www-data
+#    
+#    
+#        AssignUserID %user% %group%
+#    
+
+    
+        SetHandler "proxy:unix:/run/php/php7.4-fpm-%domain%.sock|fcgi://localhost/"
+    
+    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
+
+    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/install/debian/11/templates/web/apache2/PHP-FPM-74.sh b/install/debian/11/templates/web/apache2/PHP-FPM-74.sh
new file mode 100644
index 00000000..482cdd7e
--- /dev/null
+++ b/install/debian/11/templates/web/apache2/PHP-FPM-74.sh
@@ -0,0 +1,92 @@
+#!/bin/bash
+# Adding php pool conf
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+pool_conf="[$2]
+
+listen = /run/php/php7.4-fpm-$2.sock
+listen.owner = $1
+listen.group = $1
+listen.mode = 0666
+
+user = $1
+group = $1
+
+pm = ondemand
+pm.max_children = 8
+request_terminate_timeout = 90s
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/$1/tmp
+php_admin_value[session.save_path] = /home/$1/tmp
+php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
+php_admin_value[upload_max_filesize] = 80M
+php_admin_value[max_execution_time] = 30
+php_admin_value[post_max_size] = 80M
+php_admin_value[memory_limit] = 256M
+php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
+php_admin_flag[mysql.allow_persistent] = off
+php_admin_flag[safe_mode] = off
+
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/$1/tmp
+env[TMPDIR] = /home/$1/tmp
+env[TEMP] = /home/$1/tmp
+"
+
+pool_file_56="/etc/php/5.6/fpm/pool.d/$2.conf"
+pool_file_70="/etc/php/7.0/fpm/pool.d/$2.conf"
+pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
+pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
+pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
+pool_file_74="/etc/php/7.4/fpm/pool.d/$2.conf"
+
+if [ -f "$pool_file_56" ]; then
+    rm $pool_file_56
+    service php5.6-fpm restart
+fi
+
+if [ -f "$pool_file_70" ]; then
+    rm $pool_file_70
+    service php7.0-fpm restart
+fi
+
+if [ -f "$pool_file_71" ]; then
+    rm $pool_file_71
+    service php7.1-fpm restart
+fi
+
+if [ -f "$pool_file_72" ]; then
+    rm $pool_file_72
+    service php7.2-fpm restart
+fi
+
+if [ -f "$pool_file_73" ]; then
+    rm $pool_file_73
+    service php7.3-fpm restart
+fi
+
+write_file=0
+if [ ! -f "$pool_file_74" ]; then
+  write_file=1
+else
+  user_count=$(grep -c "/home/$1/" $pool_file_74)
+  if [ $user_count -eq 0 ]; then
+    write_file=1
+  fi
+fi
+if [ $write_file -eq 1 ]; then
+    echo "$pool_conf" > $pool_file_74
+    service php7.4-fpm restart
+fi
+if [ -f "/etc/php/7.4/fpm/pool.d/www.conf" ]; then
+    rm /etc/php/7.4/fpm/pool.d/www.conf
+fi
+
+exit 0
diff --git a/install/debian/11/templates/web/apache2/PHP-FPM-74.stpl b/install/debian/11/templates/web/apache2/PHP-FPM-74.stpl
new file mode 100644
index 00000000..df607247
--- /dev/null
+++ b/install/debian/11/templates/web/apache2/PHP-FPM-74.stpl
@@ -0,0 +1,44 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %sdocroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+    
+    
+        AllowOverride All
+        SSLRequireSSL
+        Options +Includes -Indexes +ExecCGI
+	
+    SSLEngine on
+    SSLVerifyClient none
+    SSLCertificateFile %ssl_crt%
+    SSLCertificateKeyFile %ssl_key%
+    %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+#    
+#        RMode config
+#        RUidGid %user% %group%
+#        RGroups www-data
+#    
+#    
+#        AssignUserID %user% %group%
+#    
+
+    
+        SetHandler "proxy:unix:/run/php/php7.4-fpm-%domain%.sock|fcgi://localhost/"
+    
+    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
+
+    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/install/debian/11/templates/web/apache2/PHP-FPM-74.tpl b/install/debian/11/templates/web/apache2/PHP-FPM-74.tpl
new file mode 100644
index 00000000..7b6e2cb5
--- /dev/null
+++ b/install/debian/11/templates/web/apache2/PHP-FPM-74.tpl
@@ -0,0 +1,38 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %docroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+    
+    
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+    
+#    
+#        RMode config
+#        RUidGid %user% %group%
+#        RGroups www-data
+#    
+#    
+#        AssignUserID %user% %group%
+#    
+
+    
+        SetHandler "proxy:unix:/run/php/php7.4-fpm-%domain%.sock|fcgi://localhost/"
+    
+    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
+
+    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+

From ad20438e6c6619b13d520f4f2dd45ff86d7cdb88 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 16 Jul 2021 21:02:06 +0200
Subject: [PATCH 1500/2300] Delete PHP-FPM-73-public.sh

---
 .../web/apache2/PHP-FPM-73-public.sh          | 88 -------------------
 1 file changed, 88 deletions(-)
 delete mode 100755 install/debian/11/templates/web/apache2/PHP-FPM-73-public.sh

diff --git a/install/debian/11/templates/web/apache2/PHP-FPM-73-public.sh b/install/debian/11/templates/web/apache2/PHP-FPM-73-public.sh
deleted file mode 100755
index cc55b61e..00000000
--- a/install/debian/11/templates/web/apache2/PHP-FPM-73-public.sh
+++ /dev/null
@@ -1,88 +0,0 @@
-#!/bin/bash
-# Adding php pool conf
-user="$1"
-domain="$2"
-ip="$3"
-home_dir="$4"
-docroot="$5"
-
-pool_conf="[$2]
-
-listen = /run/php/php7.3-fpm-$2.sock
-listen.owner = $1
-listen.group = $1
-listen.mode = 0666
-
-user = $1
-group = $1
-
-pm = ondemand
-pm.max_children = 16
-request_terminate_timeout = 30s
-pm.max_requests = 4000
-pm.process_idle_timeout = 10s
-pm.status_path = /status
-
-php_admin_value[upload_tmp_dir] = /home/$1/tmp
-php_admin_value[session.save_path] = /home/$1/tmp
-php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
-php_admin_value[upload_max_filesize] = 80M
-php_admin_value[max_execution_time] = 20
-php_admin_value[post_max_size] = 80M
-php_admin_value[memory_limit] = 256M
-php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
-php_admin_flag[mysql.allow_persistent] = off
-php_admin_flag[safe_mode] = off
-
-env[PATH] = /usr/local/bin:/usr/bin:/bin
-env[TMP] = /home/$1/tmp
-env[TMPDIR] = /home/$1/tmp
-env[TEMP] = /home/$1/tmp
-"
-
-pool_file_56="/etc/php/5.6/fpm/pool.d/$2.conf"
-pool_file_70="/etc/php/7.0/fpm/pool.d/$2.conf"
-pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
-pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
-pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
-
-if [ -f "$pool_file_56" ]; then
-    rm $pool_file_56
-    service php5.6-fpm restart
-fi
-
-if [ -f "$pool_file_70" ]; then
-    rm $pool_file_70
-    service php7.0-fpm restart
-fi
-
-if [ -f "$pool_file_71" ]; then
-    rm $pool_file_71
-    service php7.1-fpm restart
-fi
-
-if [ -f "$pool_file_72" ]; then
-    rm $pool_file_72
-    service php7.2-fpm restart
-fi
-
-write_file=0
-if [ ! -f "$pool_file_73" ]; then
-  write_file=1
-else
-  user_count=$(grep -c "/home/$1/" $pool_file_73)
-  if [ $user_count -eq 0 ]; then
-    write_file=1
-  fi
-fi
-
-if [ $write_file -eq 1 ]; then
-    echo "$pool_conf" > $pool_file_73
-    service php7.3-fpm restart
-fi
-
-if [ -f "/etc/php/7.3/fpm/pool.d/www.conf" ]; then
-    rm /etc/php/7.3/fpm/pool.d/www.conf
-fi
-
-exit 0

From c267045cea60906f205423637001449ed836a730 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 16 Jul 2021 21:02:21 +0200
Subject: [PATCH 1501/2300] Delete PHP-FPM-73-public.stpl

---
 .../web/apache2/PHP-FPM-73-public.stpl        | 44 -------------------
 1 file changed, 44 deletions(-)
 delete mode 100644 install/debian/11/templates/web/apache2/PHP-FPM-73-public.stpl

diff --git a/install/debian/11/templates/web/apache2/PHP-FPM-73-public.stpl b/install/debian/11/templates/web/apache2/PHP-FPM-73-public.stpl
deleted file mode 100644
index 9660c234..00000000
--- a/install/debian/11/templates/web/apache2/PHP-FPM-73-public.stpl
+++ /dev/null
@@ -1,44 +0,0 @@
-
-
-    ServerName %domain_idn%
-    %alias_string%
-    ServerAdmin %email%
-    DocumentRoot %sdocroot%/public
-    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
-    Alias /vstats/ %home%/%user%/web/%domain%/stats/
-    Alias /error/ %home%/%user%/web/%domain%/document_errors/
-    #SuexecUserGroup %user% %group%
-    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
-    CustomLog /var/log/%web_system%/domains/%domain%.log combined
-    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
-    
-        AllowOverride All
-    
-    
-        AllowOverride All
-        SSLRequireSSL
-        Options +Includes -Indexes +ExecCGI
-	
-    SSLEngine on
-    SSLVerifyClient none
-    SSLCertificateFile %ssl_crt%
-    SSLCertificateKeyFile %ssl_key%
-    %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
-#    
-#        RMode config
-#        RUidGid %user% %group%
-#        RGroups www-data
-#    
-#    
-#        AssignUserID %user% %group%
-#    
-
-    
-        SetHandler "proxy:unix:/run/php/php7.3-fpm-%domain%.sock|fcgi://localhost/"
-    
-    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
-
-    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
-
-
-

From 92e09e8a25f0a1a2a07d485b7cea9e3e6f018b4b Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 16 Jul 2021 21:02:35 +0200
Subject: [PATCH 1502/2300] Delete PHP-FPM-73-public.tpl

---
 .../web/apache2/PHP-FPM-73-public.tpl         | 38 -------------------
 1 file changed, 38 deletions(-)
 delete mode 100644 install/debian/11/templates/web/apache2/PHP-FPM-73-public.tpl

diff --git a/install/debian/11/templates/web/apache2/PHP-FPM-73-public.tpl b/install/debian/11/templates/web/apache2/PHP-FPM-73-public.tpl
deleted file mode 100644
index 892c0d1f..00000000
--- a/install/debian/11/templates/web/apache2/PHP-FPM-73-public.tpl
+++ /dev/null
@@ -1,38 +0,0 @@
-
-
-    ServerName %domain_idn%
-    %alias_string%
-    ServerAdmin %email%
-    DocumentRoot %docroot%/public
-    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
-    Alias /vstats/ %home%/%user%/web/%domain%/stats/
-    Alias /error/ %home%/%user%/web/%domain%/document_errors/
-    #SuexecUserGroup %user% %group%
-    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
-    CustomLog /var/log/%web_system%/domains/%domain%.log combined
-    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
-    
-        AllowOverride All
-    
-    
-        AllowOverride All
-        Options +Includes -Indexes +ExecCGI
-    
-#    
-#        RMode config
-#        RUidGid %user% %group%
-#        RGroups www-data
-#    
-#    
-#        AssignUserID %user% %group%
-#    
-
-    
-        SetHandler "proxy:unix:/run/php/php7.3-fpm-%domain%.sock|fcgi://localhost/"
-    
-    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
-
-    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
-
-
-

From 19f5439351a9dd8c96b5daef61029ec637abfb42 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 16 Jul 2021 21:02:53 +0200
Subject: [PATCH 1503/2300] Delete PHP-FPM-73.sh

---
 .../11/templates/web/apache2/PHP-FPM-73.sh    | 92 -------------------
 1 file changed, 92 deletions(-)
 delete mode 100755 install/debian/11/templates/web/apache2/PHP-FPM-73.sh

diff --git a/install/debian/11/templates/web/apache2/PHP-FPM-73.sh b/install/debian/11/templates/web/apache2/PHP-FPM-73.sh
deleted file mode 100755
index 72f9cec6..00000000
--- a/install/debian/11/templates/web/apache2/PHP-FPM-73.sh
+++ /dev/null
@@ -1,92 +0,0 @@
-#!/bin/bash
-# Adding php pool conf
-user="$1"
-domain="$2"
-ip="$3"
-home_dir="$4"
-docroot="$5"
-
-pool_conf="[$2]
-
-listen = /run/php/php7.3-fpm-$2.sock
-listen.owner = $1
-listen.group = $1
-listen.mode = 0666
-
-user = $1
-group = $1
-
-pm = ondemand
-pm.max_children = 8
-request_terminate_timeout = 90s
-pm.max_requests = 4000
-pm.process_idle_timeout = 10s
-pm.status_path = /status
-
-php_admin_value[upload_tmp_dir] = /home/$1/tmp
-php_admin_value[session.save_path] = /home/$1/tmp
-php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
-php_admin_value[upload_max_filesize] = 80M
-php_admin_value[max_execution_time] = 30
-php_admin_value[post_max_size] = 80M
-php_admin_value[memory_limit] = 256M
-php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
-php_admin_flag[mysql.allow_persistent] = off
-php_admin_flag[safe_mode] = off
-
-env[PATH] = /usr/local/bin:/usr/bin:/bin
-env[TMP] = /home/$1/tmp
-env[TMPDIR] = /home/$1/tmp
-env[TEMP] = /home/$1/tmp
-"
-
-pool_file_56="/etc/php/5.6/fpm/pool.d/$2.conf"
-pool_file_70="/etc/php/7.0/fpm/pool.d/$2.conf"
-pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
-pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
-pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
-pool_file_74="/etc/php/7.4/fpm/pool.d/$2.conf"
-
-if [ -f "$pool_file_56" ]; then
-    rm $pool_file_56
-    service php5.6-fpm restart
-fi
-
-if [ -f "$pool_file_70" ]; then
-    rm $pool_file_70
-    service php7.0-fpm restart
-fi
-
-if [ -f "$pool_file_71" ]; then
-    rm $pool_file_71
-    service php7.1-fpm restart
-fi
-
-if [ -f "$pool_file_72" ]; then
-    rm $pool_file_72
-    service php7.2-fpm restart
-fi
-
-write_file=0
-if [ ! -f "$pool_file_73" ]; then
-  write_file=1
-else
-  user_count=$(grep -c "/home/$1/" $pool_file_73)
-  if [ $user_count -eq 0 ]; then
-    write_file=1
-  fi
-fi
-if [ $write_file -eq 1 ]; then
-    echo "$pool_conf" > $pool_file_73
-    service php7.3-fpm restart
-fi
-if [ -f "/etc/php/7.3/fpm/pool.d/www.conf" ]; then
-    rm /etc/php/7.3/fpm/pool.d/www.conf
-fi
-
-if [ -f "$pool_file_74" ]; then
-    rm $pool_file_74
-    service php7.4-fpm restart
-fi
-
-exit 0

From 343135650ba76bacc3fc0b3704e6b0ab1f9c713f Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 16 Jul 2021 21:03:06 +0200
Subject: [PATCH 1504/2300] Delete PHP-FPM-73.tpl

---
 .../11/templates/web/apache2/PHP-FPM-73.tpl   | 38 -------------------
 1 file changed, 38 deletions(-)
 delete mode 100644 install/debian/11/templates/web/apache2/PHP-FPM-73.tpl

diff --git a/install/debian/11/templates/web/apache2/PHP-FPM-73.tpl b/install/debian/11/templates/web/apache2/PHP-FPM-73.tpl
deleted file mode 100644
index 7bec5e73..00000000
--- a/install/debian/11/templates/web/apache2/PHP-FPM-73.tpl
+++ /dev/null
@@ -1,38 +0,0 @@
-
-
-    ServerName %domain_idn%
-    %alias_string%
-    ServerAdmin %email%
-    DocumentRoot %docroot%
-    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
-    Alias /vstats/ %home%/%user%/web/%domain%/stats/
-    Alias /error/ %home%/%user%/web/%domain%/document_errors/
-    #SuexecUserGroup %user% %group%
-    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
-    CustomLog /var/log/%web_system%/domains/%domain%.log combined
-    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
-    
-        AllowOverride All
-    
-    
-        AllowOverride All
-        Options +Includes -Indexes +ExecCGI
-    
-#    
-#        RMode config
-#        RUidGid %user% %group%
-#        RGroups www-data
-#    
-#    
-#        AssignUserID %user% %group%
-#    
-
-    
-        SetHandler "proxy:unix:/run/php/php7.3-fpm-%domain%.sock|fcgi://localhost/"
-    
-    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
-
-    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
-
-
-

From d946dbe412cf8757068e3daee9a884fad6201077 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 16 Jul 2021 21:03:23 +0200
Subject: [PATCH 1505/2300] Delete PHP-FPM-73.stpl

---
 .../11/templates/web/apache2/PHP-FPM-73.stpl  | 44 -------------------
 1 file changed, 44 deletions(-)
 delete mode 100644 install/debian/11/templates/web/apache2/PHP-FPM-73.stpl

diff --git a/install/debian/11/templates/web/apache2/PHP-FPM-73.stpl b/install/debian/11/templates/web/apache2/PHP-FPM-73.stpl
deleted file mode 100644
index 28224413..00000000
--- a/install/debian/11/templates/web/apache2/PHP-FPM-73.stpl
+++ /dev/null
@@ -1,44 +0,0 @@
-
-
-    ServerName %domain_idn%
-    %alias_string%
-    ServerAdmin %email%
-    DocumentRoot %sdocroot%
-    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
-    Alias /vstats/ %home%/%user%/web/%domain%/stats/
-    Alias /error/ %home%/%user%/web/%domain%/document_errors/
-    #SuexecUserGroup %user% %group%
-    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
-    CustomLog /var/log/%web_system%/domains/%domain%.log combined
-    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
-    
-        AllowOverride All
-    
-    
-        AllowOverride All
-        SSLRequireSSL
-        Options +Includes -Indexes +ExecCGI
-	
-    SSLEngine on
-    SSLVerifyClient none
-    SSLCertificateFile %ssl_crt%
-    SSLCertificateKeyFile %ssl_key%
-    %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
-#    
-#        RMode config
-#        RUidGid %user% %group%
-#        RGroups www-data
-#    
-#    
-#        AssignUserID %user% %group%
-#    
-
-    
-        SetHandler "proxy:unix:/run/php/php7.3-fpm-%domain%.sock|fcgi://localhost/"
-    
-    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
-
-    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
-
-
-

From 2c91d72277d7593ac698bab5e832ca57c5aeeb91 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 16 Jul 2021 21:54:43 +0200
Subject: [PATCH 1506/2300] Debian11 installer

---
 install/vst-install-debian.sh | 82 +++++++++++++++++++++++++++++++----
 1 file changed, 74 insertions(+), 8 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index bfab2778..ef16f464 100755
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -19,7 +19,19 @@ release=$(cat /etc/debian_version | tr "." "\n" | head -n1)
 codename="$(cat /etc/os-release |grep VERSION= |cut -f 2 -d \(|cut -f 1 -d \))"
 vestacp="$VESTA/install/$VERSION/$release"
 
-if [ "$release" -eq 10 ]; then
+if [ "$release" -eq 11 ]; then
+    software="nginx apache2 apache2-utils
+        libapache2-mod-fcgid php-fpm php
+        php-common php-cgi php-mysql php-curl php-fpm php-pgsql awstats
+        vsftpd proftpd-basic bind9 exim4 exim4-daemon-heavy
+        clamav-daemon spamassassin dovecot-imapd dovecot-pop3d roundcube-core
+        roundcube-mysql roundcube-plugins mariadb-server mariadb-common
+        mariadb-client postgresql postgresql-contrib phppgadmin phpmyadmin mc
+        flex whois git idn zip sudo bc ftp lsof ntpdate rrdtool quota
+        e2fslibs bsdutils e2fsprogs curl imagemagick fail2ban dnsutils
+        bsdmainutils cron vesta vesta-nginx vesta-php expect libmail-dkim-perl
+        unrar-free vim-common net-tools unzip iptables"
+elif [ "$release" -eq 10 ]; then
     software="nginx apache2 apache2-utils
         libapache2-mod-fcgid php-fpm php
         php-common php-cgi php-mysql php-curl php-fpm php-pgsql awstats
@@ -515,9 +527,11 @@ check_result $? 'apt-get upgrade failed'
 
 # Installing nginx repo
 apt=/etc/apt/sources.list.d
-echo "deb http://nginx.org/packages/debian/ $codename nginx" > $apt/nginx.list
-wget http://nginx.org/keys/nginx_signing.key -O /tmp/nginx_signing.key
-apt-key add /tmp/nginx_signing.key
+if [ "$release" -ne 11 ]; then
+    echo "deb http://nginx.org/packages/debian/ $codename nginx" > $apt/nginx.list
+    wget http://nginx.org/keys/nginx_signing.key -O /tmp/nginx_signing.key
+    apt-key add /tmp/nginx_signing.key
+fi
 
 # Installing vesta repo
 echo "deb http://$RHOST/$codename/ $codename vesta" > $apt/vesta.list
@@ -801,7 +815,7 @@ if [ "$apache" = 'no' ] && [ "$nginx"  = 'yes' ]; then
     echo "WEB_PORT='80'" >> $VESTA/conf/vesta.conf
     echo "WEB_SSL_PORT='443'" >> $VESTA/conf/vesta.conf
     echo "WEB_SSL='openssl'"  >> $VESTA/conf/vesta.conf
-    if [ "$release" -eq 9 ] || [ "$release" -eq 10 ]; then
+    if [ "$release" -eq 9 ] || [ "$release" -eq 10 ] || [ "$release" -eq 11 ]; then
         if [ "$phpfpm" = 'yes' ]; then
             echo "WEB_BACKEND='php-fpm'" >> $VESTA/conf/vesta.conf
         fi
@@ -887,6 +901,22 @@ if [ "$release" -eq 10 ]; then
     ln  -s /usr/local/vesta/data/templates/web/nginx/php-fpm/default.stpl /usr/local/vesta/data/templates/web/nginx/php-fpm/PHP-FPM-73.stpl
     ln  -s /usr/local/vesta/data/templates/web/nginx/php-fpm/default.tpl /usr/local/vesta/data/templates/web/nginx/php-fpm/PHP-FPM-73.tpl
 fi
+if [ "$release" -eq 11 ]; then
+    # Symlink missing templates
+    ln -s /usr/local/vesta/data/templates/web/nginx/hosting.sh /usr/local/vesta/data/templates/web/nginx/default.sh
+    ln -s /usr/local/vesta/data/templates/web/nginx/hosting.tpl /usr/local/vesta/data/templates/web/nginx/default.tpl
+    ln -s /usr/local/vesta/data/templates/web/nginx/hosting.stpl /usr/local/vesta/data/templates/web/nginx/default.stpl
+
+    ln -s /usr/local/vesta/data/templates/web/apache2/PHP-FPM-74.sh /usr/local/vesta/data/templates/web/apache2/hosting.sh
+    ln -s /usr/local/vesta/data/templates/web/apache2/PHP-FPM-74.tpl /usr/local/vesta/data/templates/web/apache2/hosting.tpl
+    ln -s /usr/local/vesta/data/templates/web/apache2/PHP-FPM-74.stpl /usr/local/vesta/data/templates/web/apache2/hosting.stpl
+    ln -s /usr/local/vesta/data/templates/web/apache2/PHP-FPM-74.sh /usr/local/vesta/data/templates/web/apache2/default.sh
+    ln -s /usr/local/vesta/data/templates/web/apache2/PHP-FPM-74.tpl /usr/local/vesta/data/templates/web/apache2/default.tpl
+    ln -s /usr/local/vesta/data/templates/web/apache2/PHP-FPM-74.stpl /usr/local/vesta/data/templates/web/apache2/default.stpl
+    
+    ln  -s /usr/local/vesta/data/templates/web/nginx/php-fpm/default.stpl /usr/local/vesta/data/templates/web/nginx/php-fpm/PHP-FPM-74.stpl
+    ln  -s /usr/local/vesta/data/templates/web/nginx/php-fpm/default.tpl /usr/local/vesta/data/templates/web/nginx/php-fpm/PHP-FPM-74.tpl
+fi
 
 # Set nameservers
 sed -i "s/YOURHOSTNAME1/ns1.$servername/" /usr/local/vesta/data/packages/default.pkg
@@ -985,7 +1015,12 @@ fi
 #----------------------------------------------------------#
 
 if [ "$phpfpm" = 'yes' ]; then
-    if [ "$release" -eq 10 ]; then
+    if [ "$release" -eq 11 ]; then
+        cp -f $vestacp/php-fpm/www.conf /etc/php/7.4/fpm/pool.d/www.conf
+        update-rc.d php7.4-fpm defaults
+        service php7.4-fpm start
+        check_result $? "php-fpm start failed"
+    elif [ "$release" -eq 10 ]; then
         cp -f $vestacp/php-fpm/www.conf /etc/php/7.3/fpm/pool.d/www.conf
         update-rc.d php7.3-fpm defaults
         service php7.3-fpm start
@@ -1298,7 +1333,7 @@ if [ "$exim" = 'yes' ] && [ "$mysql" = 'yes' ]; then
         /etc/roundcube/plugins/password/config.inc.php
     mysql roundcube < /usr/share/dbconfig-common/data/roundcube/install/mysql
     chmod a+r /etc/roundcube/main.inc.php
-    if [ "$release" -eq 8 ] || [ "$release" -eq 9 ] || [ "$release" -eq 10 ]; then
+    if [ "$release" -eq 8 ] || [ "$release" -eq 9 ] || [ "$release" -eq 10 ] || [ "$release" -eq 11 ]; then
         mv -f /etc/roundcube/main.inc.php /etc/roundcube/config.inc.php
         mv -f /etc/roundcube/db.inc.php /etc/roundcube/debian-db-roundcube.php
         chmod 640 /etc/roundcube/debian-db-roundcube.php
@@ -1371,6 +1406,11 @@ fi
 #                   Configure Admin User                   #
 #----------------------------------------------------------#
 
+if [ "$release" -eq 11 ]; then
+    # Switching to sha512
+    sed -i "s/obscure yescrypt/obscure sha512/g" /etc/pam.d/common-password
+fi
+
 # Deleting old admin user
 if [ ! -z "$(grep ^admin: /etc/passwd)" ] && [ "$force" = 'yes' ]; then
     chattr -i /home/admin/conf > /dev/null 2>&1
@@ -1474,6 +1514,18 @@ if [ "$release" -eq 10 ]; then
     /usr/local/vesta/bin/v-change-web-domain-proxy-tpl 'admin' "$servername" 'hosting-webmail-phpmyadmin' 'jpg,jpeg,gif,png,ico,svg,css,zip,tgz,gz,rar,bz2,doc,xls,exe,pdf,ppt,txt,odt,ods,odp,odf,tar,wav,bmp,rtf,js,mp3,avi,mpeg,flv,woff,woff2' 'no'
   fi
 fi
+if [ "$release" -eq 11 ]; then
+  if [ -f "/etc/php/7.4/fpm/pool.d/$servername.conf" ]; then
+    sed -i "/^group =/c\group = www-data" /etc/php/7.4/fpm/pool.d/$servername.conf
+    sed -i "/max_execution_time/c\php_admin_value[max_execution_time] = 900" /etc/php/7.4/fpm/pool.d/$servername.conf
+    sed -i "/request_terminate_timeout/c\request_terminate_timeout = 900s" /etc/php/7.4/fpm/pool.d/$servername.conf
+    sed -i "s|80M|800M|g" /etc/php/7.4/fpm/pool.d/$servername.conf
+    sed -i "s|256M|512M|g" /etc/php/7.4/fpm/pool.d/$servername.conf
+    service php7.4-fpm restart
+    ln -s /var/lib/roundcube /var/lib/roundcube/webmail
+    /usr/local/vesta/bin/v-change-web-domain-proxy-tpl 'admin' "$servername" 'hosting-webmail-phpmyadmin' 'jpg,jpeg,gif,png,ico,svg,css,zip,tgz,gz,rar,bz2,doc,xls,exe,pdf,ppt,txt,odt,ods,odp,odf,tar,wav,bmp,rtf,js,mp3,avi,mpeg,flv,woff,woff2' 'no'
+  fi
+fi
 
 # Adding cron jobs
 command="sudo $VESTA/bin/v-update-sys-queue disk"
@@ -1529,6 +1581,9 @@ fi
 if [ "$release" -eq 10 ]; then
   apt-get -y install php7.3-apcu php7.3-mbstring php7.3-bcmath php7.3-curl php7.3-gd php7.3-intl php7.3-mysql php7.3-mysqlnd php7.3-pdo php7.3-soap php7.3-json php7.3-xml php7.3-zip php7.3-memcache php7.3-memcached php7.3-zip
 fi
+if [ "$release" -eq 11 ]; then
+  apt-get -y install php7.4-apcu php7.4-mbstring php7.4-bcmath php7.4-curl php7.4-gd php7.4-intl php7.4-mysql php7.4-mysqlnd php7.4-pdo php7.4-soap php7.4-json php7.4-xml php7.4-zip php7.4-memcache php7.4-memcached php7.4-zip
+fi
 
 touch /var/log/php-mail.log
 chmod a=rw /var/log/php-mail.log
@@ -1560,6 +1615,17 @@ if [ "$release" -eq 10 ]; then
   fi
   service php7.3-fpm restart
 fi
+if [ "$release" -eq 11 ]; then
+  if [ $memory -lt 10000000 ]; then
+    echo "=== Patching php7.4-vps"
+    patch /etc/php/7.4/fpm/php.ini < $vestacp/php/php7.4-vps.patch
+  fi
+  if [ $memory -gt 9999999 ]; then
+    echo "=== Patching php7.4-dedi"
+    patch /etc/php/7.4/fpm/php.ini < $vestacp/php/php7.4-dedi.patch
+  fi
+  service php7.4-fpm restart
+fi
 
 # echo "=== Patching rcube_vcard.php"
 # wget -nv https://c.myvestacp.com/tools/patches/rcube_vcard.patch -O /root/rcube_vcard.patch
@@ -1649,7 +1715,7 @@ fi
 
 echo "=== Set URL for phpmyadmin"
 echo "DB_PMA_URL='https://$servername/phpmyadmin/'" >> $VESTA/conf/vesta.conf
-if [ "$release" -eq 10 ]; then
+if [ "$release" -eq 10 ] || [ "$release" -eq 11 ]; then
     echo "=== Set max_length_of_MySQL_username=80"
 fi
 echo "MAX_DBUSER_LEN=80" >> $VESTA/conf/vesta.conf

From 267fc214f09500270bc0f8fd59e506ee0226a8f9 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 17 Jul 2021 08:34:06 +0200
Subject: [PATCH 1507/2300] Update default.pkg

---
 install/debian/11/packages/default.pkg | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/debian/11/packages/default.pkg b/install/debian/11/packages/default.pkg
index de293236..45a34c96 100644
--- a/install/debian/11/packages/default.pkg
+++ b/install/debian/11/packages/default.pkg
@@ -1,4 +1,4 @@
-WEB_TEMPLATE='PHP-FPM-73'
+WEB_TEMPLATE='PHP-FPM-74'
 PROXY_TEMPLATE='hosting'
 DNS_TEMPLATE='default'
 WEB_DOMAINS='unlimited'

From 854b0e9ecf6c7c1e943e3d7c89c5769379e9a03e Mon Sep 17 00:00:00 2001
From: myvesta 
Date: Sat, 17 Jul 2021 09:17:42 +0200
Subject: [PATCH 1508/2300] Debian11 Apache template chmod a+x

---
 install/debian/11/templates/web/apache2/PHP-FPM-74-public.sh | 0
 install/debian/11/templates/web/apache2/PHP-FPM-74.sh        | 0
 2 files changed, 0 insertions(+), 0 deletions(-)
 mode change 100644 => 100755 install/debian/11/templates/web/apache2/PHP-FPM-74-public.sh
 mode change 100644 => 100755 install/debian/11/templates/web/apache2/PHP-FPM-74.sh

diff --git a/install/debian/11/templates/web/apache2/PHP-FPM-74-public.sh b/install/debian/11/templates/web/apache2/PHP-FPM-74-public.sh
old mode 100644
new mode 100755
diff --git a/install/debian/11/templates/web/apache2/PHP-FPM-74.sh b/install/debian/11/templates/web/apache2/PHP-FPM-74.sh
old mode 100644
new mode 100755

From e1deee28735f2ecd606b379767fae4b1c13b36f3 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 17 Jul 2021 10:20:56 +0200
Subject: [PATCH 1509/2300] adding php7.4-imagick to installer

---
 install/vst-install-debian.sh | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index ef16f464..adcb37b4 100755
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1576,13 +1576,13 @@ $VESTA/bin/v-add-cron-vesta-autoupdate
 
 echo "=== Installing additional PHP libs"
 if [ "$release" -eq 9 ]; then
-  apt-get -y install php7.0-apcu php7.0-mbstring php7.0-bcmath php7.0-curl php7.0-gd php7.0-intl php7.0-mcrypt php7.0-mysql php7.0-mysqlnd php7.0-pdo php7.0-soap php7.0-json php7.0-xml php7.0-zip php7.0-memcache php7.0-memcached php7.0-zip
+  apt-get -y install php7.0-apcu php7.0-mbstring php7.0-bcmath php7.0-curl php7.0-gd php7.0-intl php7.0-mcrypt php7.0-mysql php7.0-mysqlnd php7.0-pdo php7.0-soap php7.0-json php7.0-xml php7.0-zip php7.0-memcache php7.0-memcached php7.0-zip php7.0-imagick
 fi
 if [ "$release" -eq 10 ]; then
-  apt-get -y install php7.3-apcu php7.3-mbstring php7.3-bcmath php7.3-curl php7.3-gd php7.3-intl php7.3-mysql php7.3-mysqlnd php7.3-pdo php7.3-soap php7.3-json php7.3-xml php7.3-zip php7.3-memcache php7.3-memcached php7.3-zip
+  apt-get -y install php7.3-apcu php7.3-mbstring php7.3-bcmath php7.3-curl php7.3-gd php7.3-intl php7.3-mysql php7.3-mysqlnd php7.3-pdo php7.3-soap php7.3-json php7.3-xml php7.3-zip php7.3-memcache php7.3-memcached php7.3-zip php7.3-imagick
 fi
 if [ "$release" -eq 11 ]; then
-  apt-get -y install php7.4-apcu php7.4-mbstring php7.4-bcmath php7.4-curl php7.4-gd php7.4-intl php7.4-mysql php7.4-mysqlnd php7.4-pdo php7.4-soap php7.4-json php7.4-xml php7.4-zip php7.4-memcache php7.4-memcached php7.4-zip
+  apt-get -y install php7.4-apcu php7.4-mbstring php7.4-bcmath php7.4-curl php7.4-gd php7.4-intl php7.4-mysql php7.4-mysqlnd php7.4-pdo php7.4-soap php7.4-json php7.4-xml php7.4-zip php7.4-memcache php7.4-memcached php7.4-zip php7.4-imagick
 fi
 
 touch /var/log/php-mail.log

From 70ee71e64a55d59f3ce1ccd5587ffcb757f7130c Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 17 Jul 2021 11:01:06 +0200
Subject: [PATCH 1510/2300] phpmyadmin install steps for deb11

---
 install/vst-install-debian.sh | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index adcb37b4..a139c4ae 100755
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1164,6 +1164,22 @@ if [ "$mysql" = 'yes' ]; then
       blowfish=$(gen_pass)
       echo "\$cfg['blowfish_secret'] = '$blowfish';" >> /etc/phpmyadmin/config.inc.php
   fi
+  if [ "$release" -eq 11 ]; then
+      # Set config and log directory
+      sed -i "s|define('CONFIG_DIR', '');|define('CONFIG_DIR', '/etc/phpmyadmin/');|" /usr/share/phpmyadmin/libraries/vendor_config.php
+      sed -i "s|define('TEMP_DIR', './tmp/');|define('TEMP_DIR', '/var/lib/phpmyadmin/tmp/');|" /usr/share/phpmyadmin/libraries/vendor_config.php
+
+      # Create temporary folder and change permission
+      mkdir /usr/share/phpmyadmin/tmp
+      chmod 777 /usr/share/phpmyadmin/tmp
+
+      mkdir /root/phpmyadmin
+      wget -nv -O /root/phpmyadmin/pma.sh http://c.myvestacp.com/debian/11/pma/pma.sh 
+      wget -nv -O /root/phpmyadmin/create_tables.sql http://c.myvestacp.com/debian/11/pma/create_tables.sql
+      bash /root/phpmyadmin/pma.sh
+      blowfish=$(gen_pass)
+      echo "\$cfg['blowfish_secret'] = '$blowfish';" >> /etc/phpmyadmin/config.inc.php
+  fi
 fi
 
 #----------------------------------------------------------#

From eba0f774788bfec31da4643a9a5e7efd900c609d Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 17 Jul 2021 12:02:04 +0200
Subject: [PATCH 1511/2300] deb11 installer: restart nginx after set
 hosting-webmail-phpmyadmin template

---
 install/vst-install-debian.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index a139c4ae..8b83ae87 100755
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1539,7 +1539,7 @@ if [ "$release" -eq 11 ]; then
     sed -i "s|256M|512M|g" /etc/php/7.4/fpm/pool.d/$servername.conf
     service php7.4-fpm restart
     ln -s /var/lib/roundcube /var/lib/roundcube/webmail
-    /usr/local/vesta/bin/v-change-web-domain-proxy-tpl 'admin' "$servername" 'hosting-webmail-phpmyadmin' 'jpg,jpeg,gif,png,ico,svg,css,zip,tgz,gz,rar,bz2,doc,xls,exe,pdf,ppt,txt,odt,ods,odp,odf,tar,wav,bmp,rtf,js,mp3,avi,mpeg,flv,woff,woff2' 'no'
+    /usr/local/vesta/bin/v-change-web-domain-proxy-tpl 'admin' "$servername" 'hosting-webmail-phpmyadmin' 'jpg,jpeg,gif,png,ico,svg,css,zip,tgz,gz,rar,bz2,doc,xls,exe,pdf,ppt,txt,odt,ods,odp,odf,tar,wav,bmp,rtf,js,mp3,avi,mpeg,flv,woff,woff2' 'yes'
   fi
 fi
 

From 9791d0b3b3d0d8dd3e835f0b9e1ad1310f0a8531 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 17 Jul 2021 12:26:14 +0200
Subject: [PATCH 1512/2300] detecting mariadb in v-list-sys-services

---
 bin/v-list-sys-services | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/bin/v-list-sys-services b/bin/v-list-sys-services
index 3718c171..93f01a11 100755
--- a/bin/v-list-sys-services
+++ b/bin/v-list-sys-services
@@ -220,6 +220,11 @@ if [ ! -z "$DB_SYSTEM" ] && [ "$DB_SYSTEM" != 'remote' ]; then
         proc_name=''
         service="$db"
         if [ "$service" = 'mysql' ]; then
+            release=$(cat /etc/debian_version | tr "." "\n" | head -n1)
+            if [ "$release" -eq 11 ]; then
+                service='mariadb'
+                proc_name='mariadbd'
+            fi
             if [ -d "/etc/sysconfig" ]; then
                 service='mysqld'
                 proc_name='mysqld'

From a2572f44dfc9b8bc86c269e295e83f217ad4933a Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 17 Jul 2021 12:58:54 +0200
Subject: [PATCH 1513/2300] deb11 installer: systemctl enable proftpd

---
 install/vst-install-debian.sh | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 8b83ae87..e67aa4f2 100755
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1079,6 +1079,12 @@ if [ "$proftpd" = 'yes' ]; then
     update-rc.d proftpd defaults
     service proftpd start
     check_result $? "proftpd start failed"
+    if [ "$release" -eq 11 ]; then
+        unit_files="$(systemctl list-unit-files |grep proftpd)"
+        if [[ "$unit_files" =~ "disabled" ]]; then
+            systemctl enable proftpd
+        fi
+    fi
 fi
 
 

From f80cbe955fe827989b57a5206954ad63ec90ccbb Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 17 Jul 2021 13:22:51 +0200
Subject: [PATCH 1514/2300] Update v-change-vesta-port

---
 bin/v-change-vesta-port | 1 +
 1 file changed, 1 insertion(+)

diff --git a/bin/v-change-vesta-port b/bin/v-change-vesta-port
index 09cff31d..620d9324 100755
--- a/bin/v-change-vesta-port
+++ b/bin/v-change-vesta-port
@@ -47,6 +47,7 @@ fi
 sed -i "s|'$oldport'|'$port'|g" $VESTA/data/firewall/rules.conf
 $VESTA/bin/v-update-firewall
 systemctl restart fail2ban.service
+sed -i "s|'$oldport'|'$port'|g" /etc/iptables.rules
 systemctl restart vesta
 
 #----------------------------------------------------------#

From a839f643e7341da5360fc5c25c8c2dfdfbf26f13 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 17 Jul 2021 13:23:59 +0200
Subject: [PATCH 1515/2300] Update v-change-vesta-port

---
 bin/v-change-vesta-port | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-change-vesta-port b/bin/v-change-vesta-port
index 620d9324..3f386654 100755
--- a/bin/v-change-vesta-port
+++ b/bin/v-change-vesta-port
@@ -47,7 +47,7 @@ fi
 sed -i "s|'$oldport'|'$port'|g" $VESTA/data/firewall/rules.conf
 $VESTA/bin/v-update-firewall
 systemctl restart fail2ban.service
-sed -i "s|'$oldport'|'$port'|g" /etc/iptables.rules
+sed -i "s| $oldport | $port |g" /etc/iptables.rules
 systemctl restart vesta
 
 #----------------------------------------------------------#

From 20914184129a394bbd8bca7e275751b90544f057 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 17 Jul 2021 15:06:12 +0200
Subject: [PATCH 1516/2300] Create mail account folder (mailbox)

---
 bin/v-add-mail-account | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/bin/v-add-mail-account b/bin/v-add-mail-account
index 44925680..1675d5d7 100755
--- a/bin/v-add-mail-account
+++ b/bin/v-add-mail-account
@@ -63,6 +63,10 @@ if [[ "$MAIL_SYSTEM" =~ exim ]]; then
     echo $str >> $HOMEDIR/$user/conf/mail/$domain/passwd
 fi
 
+# Create mail account folder (mailbox)
+mkdir $HOMEDIR/$user/mail/$domain/$account
+chown $user:mail $HOMEDIR/$user/mail/$domain/$account
+chmod 700 $HOMEDIR/$user/mail/$domain/$account
 
 #----------------------------------------------------------#
 #                       Vesta                              #

From 1a6785eb704322cf66fc93155939d4143c43d81f Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 17 Jul 2021 15:12:11 +0200
Subject: [PATCH 1517/2300] Exim4 config adaption for Exim4.94+

Many many thanks to @madeITBelgium
Adaptions taken from https://github.com/madeITBelgium/vesta/blob/master/install/os-configs/rhel/general/exim/exim.conf
---
 install/debian/11/exim/exim4.conf.template | 36 +++++++++++-----------
 1 file changed, 18 insertions(+), 18 deletions(-)

diff --git a/install/debian/11/exim/exim4.conf.template b/install/debian/11/exim/exim4.conf.template
index 7cc13c36..fe92680f 100644
--- a/install/debian/11/exim/exim4.conf.template
+++ b/install/debian/11/exim/exim4.conf.template
@@ -54,7 +54,7 @@ ignore_bounce_errors_after = 2d
 timeout_frozen_after = 7d
 
 DKIM_DOMAIN = ${lc:${domain:$h_from:}}
-DKIM_FILE = /etc/exim4/domains/${lc:${domain:$h_from:}}/dkim.pem
+DKIM_FILE = /etc/exim4/domains/${lookup{${lc:${domain:$h_from:}}}dsearch{/etc/exim4/domains/}}/dkim.pem
 DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}
 
 
@@ -241,7 +241,7 @@ dnslookup:
 localuser_spam:
   driver = accept
   transport = local_spam_delivery
-  condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{yes}{no_such_user}}}}
+  condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}{yes}{no_such_user}}}}
 
 userforward:
   driver = redirect
@@ -264,8 +264,8 @@ procmail:
 
 autoreplay:
   driver = accept
-  require_files = /etc/exim4/domains/$domain/autoreply.${local_part}.msg
-  condition = ${if exists{/etc/exim4/domains/$domain/autoreply.${local_part}.msg}{yes}{no}}
+  require_files = /etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/autoreply.${local_part}.msg
+  condition = ${if exists{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/autoreply.${local_part}.msg}{yes}{no}}
   retry_use_local_part
   transport = userautoreply
   unseen
@@ -273,7 +273,7 @@ autoreplay:
 aliases:
   driver = redirect
   headers_add = X-redirected: yes
-  data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}}
+  data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/aliases}}}}
   require_files = /etc/exim4/domains/$domain/aliases
   redirect_router = dnslookup
   pipe_transport = address_pipe
@@ -282,25 +282,25 @@ aliases:
 localuser_fwd_only:
   driver = accept
   transport = devnull
-  condition = ${if exists{/etc/exim4/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/fwd_only}{true}{false}}}}
+  condition = ${if exists{/etc/exim4/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/fwd_only}{true}{false}}}}
 
 localuser:
   driver = accept
   transport = local_delivery
-  condition = ${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{true}{false}}
+  condition = ${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}{true}{false}}
 
 catchall:
   driver = redirect
   headers_add = X-redirected: yes
   require_files = /etc/exim4/domains/$domain/aliases
-  data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}}
+  data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/aliases}}}}
   file_transport = local_delivery
   redirect_router = dnslookup
 
 terminate_alias:
   driver = accept
   transport = devnull
-  condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}{true}{false}}
+  condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/aliases}{true}{false}}
 
 
 
@@ -333,7 +333,7 @@ local_delivery:
   driver = appendfile
   maildir_format
   maildir_use_size_file
-  user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}
+  user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}
   group = mail
   create_directory
   directory_mode = 770
@@ -342,15 +342,15 @@ local_delivery:
   delivery_date_add
   envelope_to_add
   return_path_add
-  directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part"
-  quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M
+  directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim4/domains/}}/${lookup{$local_part}dsearch{${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim4/domains/}}}}"
+  quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}M
   quota_warn_threshold = 75%
 
 local_spam_delivery:
   driver = appendfile
   maildir_format
   maildir_use_size_file
-  user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}
+  user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}
   group = mail
   create_directory
   directory_mode = 770
@@ -359,9 +359,9 @@ local_spam_delivery:
   delivery_date_add
   envelope_to_add
   return_path_add
-  directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam"
-  quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M
-  quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part"
+  directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim4/domains/}}/${lookup{$local_part}dsearch{${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim4/domains/}}}}/.Spam"
+  quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}M
+  quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim4/domains/}}/${lookup{$local_part}dsearch{${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim4/domains/}}}}"
   quota_warn_threshold = 75%
 
 address_pipe:
@@ -379,8 +379,8 @@ address_reply:
 
 userautoreply:
   driver = autoreply
-  file = /etc/exim4/domains/$domain/autoreply.${local_part}.msg
-  from = "${local_part}@${domain}"
+  file = /etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/autoreply.${lookup{$local_part}dsearch{${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim4/domains/}}}}.msg
+  from = "${lookup{$local_part}dsearch{${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim4/domains/}}}}@${lookup{$domain}dsearch{/etc/exim4/domains/}}"
   headers = Content-Type: text/plain; charset=utf-8;\nContent-Transfer-Encoding: 8bit
   subject = "${if def:h_Subject: {Autoreply: \"${rfc2047:$h_Subject:}\"} {Autoreply Message}}"
   to = "${sender_address}"

From 68b6ed0c33a7fbbe94c1b25a9629f4624c866575 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 17 Jul 2021 16:41:02 +0200
Subject: [PATCH 1518/2300] vesta compiling script for deb11

---
 src/deb/vesta_compile.sh | 37 +++++++++++++++++++++++++++++++++----
 1 file changed, 33 insertions(+), 4 deletions(-)

diff --git a/src/deb/vesta_compile.sh b/src/deb/vesta_compile.sh
index c21bdc90..026e3812 100644
--- a/src/deb/vesta_compile.sh
+++ b/src/deb/vesta_compile.sh
@@ -7,8 +7,8 @@
 build_deb_package=1
 add_deb_to_apt_repo=0
 
-TARGET_DEB_NAME='buster'
-TARGET_DEB_VER='10'
+TARGET_DEB_NAME='bullseye'
+TARGET_DEB_VER='11'
 
 run_apt_update_and_install=1
 wait_to_press_enter=1
@@ -31,8 +31,8 @@ fi
 
 MAINTAINER_EMAIL='info@myvestacp.com'
 
-TARGET_DEB_NAME_MAIN='buster'
-TARGET_DEB_VER_MAIN='10'
+TARGET_DEB_NAME_MAIN='bullseye'
+TARGET_DEB_VER_MAIN='11'
 
 # Set compiling directory
 BUILD_DIR="/usr/src/$TARGET_DEB_NAME"
@@ -248,6 +248,7 @@ EOF
     press_enter "*** please copy above generated key to your clipboard and then paste it after pressing enter now ***"
     vi $PATH_OF_APT_REPO_ROOT/deb_signing.key
     cp $PATH_OF_APT_REPO_ROOT/deb_signing.key $PATH_OF_C_WEB_FOLDER_ROOT/deb_signing.key
+    cp $PATH_OF_APT_REPO_ROOT/deb_signing.key $PATH_OF_C_WEB_FOLDER_ROOT/debian/11/deb_signing.key
     cp $PATH_OF_APT_REPO_ROOT/deb_signing.key $PATH_OF_C_WEB_FOLDER_ROOT/debian/10/deb_signing.key
     cp $PATH_OF_APT_REPO_ROOT/deb_signing.key $PATH_OF_C_WEB_FOLDER_ROOT/debian/9/deb_signing.key
     cp $PATH_OF_APT_REPO_ROOT/deb_signing.key $PATH_OF_C_WEB_FOLDER_ROOT/debian/8/deb_signing.key
@@ -380,7 +381,35 @@ if [ "$CWEB_B" = true ]; then
   tar -czf dovecot.tar.gz dovecot/
   echo "=== All done for Debian10"
   ##########
+  cd $PATH_OF_C_WEB_FOLDER_ROOT/debian/11
+  
+  if [ -f "packages.tar.gz" ]; then
+    rm packages.tar.gz
+  fi
+  tar -czf packages.tar.gz packages/
+  
+  if [ -f "templates.tar.gz" ]; then
+    rm templates.tar.gz
+  fi
+  tar -czf templates.tar.gz templates/
+  
+  if [ -f "firewall.tar.gz" ]; then
+    rm firewall.tar.gz
+  fi
+  tar -czf firewall.tar.gz firewall/
 
+  if [ -f "fail2ban.tar.gz" ]; then
+    rm fail2ban.tar.gz
+  fi
+  tar -czf fail2ban.tar.gz fail2ban/
+
+  if [ -f "dovecot.tar.gz" ]; then
+    rm dovecot.tar.gz
+  fi
+  tar -czf dovecot.tar.gz dovecot/
+  echo "=== All done for Debian11"
+  ##########
+  
   cp /root/vesta/install/vst-install-debian.sh $PATH_OF_C_WEB_FOLDER_ROOT/vst-install-debian.sh
 
   mkdir $PATH_OF_C_WEB_FOLDER_ROOT/tools

From 7f428046572be5487d8d6fcdc407a7f653d46f89 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 17 Jul 2021 16:57:23 +0200
Subject: [PATCH 1519/2300] Update v-update-sys-vesta-all

---
 bin/v-update-sys-vesta-all | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-update-sys-vesta-all b/bin/v-update-sys-vesta-all
index 5a42a0c0..cd3e677f 100755
--- a/bin/v-update-sys-vesta-all
+++ b/bin/v-update-sys-vesta-all
@@ -23,7 +23,7 @@ source $VESTA/conf/vesta.conf
 
 
 # Checking official latest version
-latest=$(wget -q -T 10 -t 1 http://c.myvestacp.com/latest.txt?check_latest -O -)
+latest=$(wget -q -T 10 -t 1 http://c.myvestacp.com/latest.txt?check_latest_version -O -)
 
 # Starting update loop
 for package in vesta vesta-nginx vesta-php; do

From 31564ff06abd7da36755db64d2c22390791f44df Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 17 Jul 2021 16:57:59 +0200
Subject: [PATCH 1520/2300] Update latest.txt

---
 src/deb/latest.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/latest.txt b/src/deb/latest.txt
index fa6171f7..efd44125 100644
--- a/src/deb/latest.txt
+++ b/src/deb/latest.txt
@@ -1 +1 @@
-vesta-0.9.8-26-48
+vesta-0.9.8-26-49

From de4f13b042f8c75880197b5bc5254687b74705a8 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 17 Jul 2021 17:00:22 +0200
Subject: [PATCH 1521/2300] Update Changelog.md

---
 Changelog.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/Changelog.md b/Changelog.md
index 0605428d..647187e0 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -1,3 +1,7 @@
+Version 0.9.8-26-49 [17-Jul-2021]
+==================================================
+* Support for Debian 11
+
 Version 0.9.8-26-48 [11-Jul-2021]
 ==================================================
 * Fixed two bugs in LetsEncrypt generating process

From 083954af41ecae34ac4a9c5071127f4c95669566 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 19 Jul 2021 14:26:26 +0200
Subject: [PATCH 1522/2300] Create www.conf

---
 .../tools/default-pool.d/7.2/www.conf         | 424 ++++++++++++++++++
 1 file changed, 424 insertions(+)
 create mode 100644 src/deb/for-download/tools/default-pool.d/7.2/www.conf

diff --git a/src/deb/for-download/tools/default-pool.d/7.2/www.conf b/src/deb/for-download/tools/default-pool.d/7.2/www.conf
new file mode 100644
index 00000000..86aca4cc
--- /dev/null
+++ b/src/deb/for-download/tools/default-pool.d/7.2/www.conf
@@ -0,0 +1,424 @@
+; Start a new pool named 'www'.
+; the variable $pool can be used in any directive and will be replaced by the
+; pool name ('www' here)
+[www]
+
+; Per pool prefix
+; It only applies on the following directives:
+; - 'access.log'
+; - 'slowlog'
+; - 'listen' (unixsocket)
+; - 'chroot'
+; - 'chdir'
+; - 'php_values'
+; - 'php_admin_values'
+; When not set, the global prefix (or /usr) applies instead.
+; Note: This directive can also be relative to the global prefix.
+; Default Value: none
+;prefix = /path/to/pools/$pool
+
+; Unix user/group of processes
+; Note: The user is mandatory. If the group is not set, the default user's group
+;       will be used.
+user = www-data
+group = www-data
+
+; The address on which to accept FastCGI requests.
+; Valid syntaxes are:
+;   'ip.add.re.ss:port'    - to listen on a TCP socket to a specific IPv4 address on
+;                            a specific port;
+;   '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
+;                            a specific port;
+;   'port'                 - to listen on a TCP socket to all addresses
+;                            (IPv6 and IPv4-mapped) on a specific port;
+;   '/path/to/unix/socket' - to listen on a unix socket.
+; Note: This value is mandatory.
+listen = /run/php/php7.2-fpm.sock
+
+; Set listen(2) backlog.
+; Default Value: 511 (-1 on FreeBSD and OpenBSD)
+;listen.backlog = 511
+
+; Set permissions for unix socket, if one is used. In Linux, read/write
+; permissions must be set in order to allow connections from a web server. Many
+; BSD-derived systems allow connections regardless of permissions. The owner
+; and group can be specified either by name or by their numeric IDs.
+; Default Values: user and group are set as the running user
+;                 mode is set to 0660
+listen.owner = www-data
+listen.group = www-data
+;listen.mode = 0660
+; When POSIX Access Control Lists are supported you can set them using
+; these options, value is a comma separated list of user/group names.
+; When set, listen.owner and listen.group are ignored
+;listen.acl_users =
+;listen.acl_groups =
+
+; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect.
+; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
+; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
+; must be separated by a comma. If this value is left blank, connections will be
+; accepted from any ip address.
+; Default Value: any
+;listen.allowed_clients = 127.0.0.1
+
+; Specify the nice(2) priority to apply to the pool processes (only if set)
+; The value can vary from -19 (highest priority) to 20 (lower priority)
+; Note: - It will only work if the FPM master process is launched as root
+;       - The pool processes will inherit the master process priority
+;         unless it specified otherwise
+; Default Value: no set
+; process.priority = -19
+
+; Set the process dumpable flag (PR_SET_DUMPABLE prctl) even if the process user
+; or group is differrent than the master process user. It allows to create process
+; core dump and ptrace the process for the pool user.
+; Default Value: no
+; process.dumpable = yes
+
+; Choose how the process manager will control the number of child processes.
+; Possible Values:
+;   static  - a fixed number (pm.max_children) of child processes;
+;   dynamic - the number of child processes are set dynamically based on the
+;             following directives. With this process management, there will be
+;             always at least 1 children.
+;             pm.max_children      - the maximum number of children that can
+;                                    be alive at the same time.
+;             pm.start_servers     - the number of children created on startup.
+;             pm.min_spare_servers - the minimum number of children in 'idle'
+;                                    state (waiting to process). If the number
+;                                    of 'idle' processes is less than this
+;                                    number then some children will be created.
+;             pm.max_spare_servers - the maximum number of children in 'idle'
+;                                    state (waiting to process). If the number
+;                                    of 'idle' processes is greater than this
+;                                    number then some children will be killed.
+;  ondemand - no children are created at startup. Children will be forked when
+;             new requests will connect. The following parameter are used:
+;             pm.max_children           - the maximum number of children that
+;                                         can be alive at the same time.
+;             pm.process_idle_timeout   - The number of seconds after which
+;                                         an idle process will be killed.
+; Note: This value is mandatory.
+pm = dynamic
+
+; The number of child processes to be created when pm is set to 'static' and the
+; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'.
+; This value sets the limit on the number of simultaneous requests that will be
+; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.
+; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP
+; CGI. The below defaults are based on a server without much resources. Don't
+; forget to tweak pm.* to fit your needs.
+; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand'
+; Note: This value is mandatory.
+pm.max_children = 5
+
+; The number of child processes created on startup.
+; Note: Used only when pm is set to 'dynamic'
+; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2
+pm.start_servers = 2
+
+; The desired minimum number of idle server processes.
+; Note: Used only when pm is set to 'dynamic'
+; Note: Mandatory when pm is set to 'dynamic'
+pm.min_spare_servers = 1
+
+; The desired maximum number of idle server processes.
+; Note: Used only when pm is set to 'dynamic'
+; Note: Mandatory when pm is set to 'dynamic'
+pm.max_spare_servers = 3
+
+; The number of seconds after which an idle process will be killed.
+; Note: Used only when pm is set to 'ondemand'
+; Default Value: 10s
+;pm.process_idle_timeout = 10s;
+
+; The number of requests each child process should execute before respawning.
+; This can be useful to work around memory leaks in 3rd party libraries. For
+; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
+; Default Value: 0
+;pm.max_requests = 500
+
+; The URI to view the FPM status page. If this value is not set, no URI will be
+; recognized as a status page. It shows the following informations:
+;   pool                 - the name of the pool;
+;   process manager      - static, dynamic or ondemand;
+;   start time           - the date and time FPM has started;
+;   start since          - number of seconds since FPM has started;
+;   accepted conn        - the number of request accepted by the pool;
+;   listen queue         - the number of request in the queue of pending
+;                          connections (see backlog in listen(2));
+;   max listen queue     - the maximum number of requests in the queue
+;                          of pending connections since FPM has started;
+;   listen queue len     - the size of the socket queue of pending connections;
+;   idle processes       - the number of idle processes;
+;   active processes     - the number of active processes;
+;   total processes      - the number of idle + active processes;
+;   max active processes - the maximum number of active processes since FPM
+;                          has started;
+;   max children reached - number of times, the process limit has been reached,
+;                          when pm tries to start more children (works only for
+;                          pm 'dynamic' and 'ondemand');
+; Value are updated in real time.
+; Example output:
+;   pool:                 www
+;   process manager:      static
+;   start time:           01/Jul/2011:17:53:49 +0200
+;   start since:          62636
+;   accepted conn:        190460
+;   listen queue:         0
+;   max listen queue:     1
+;   listen queue len:     42
+;   idle processes:       4
+;   active processes:     11
+;   total processes:      15
+;   max active processes: 12
+;   max children reached: 0
+;
+; By default the status page output is formatted as text/plain. Passing either
+; 'html', 'xml' or 'json' in the query string will return the corresponding
+; output syntax. Example:
+;   http://www.foo.bar/status
+;   http://www.foo.bar/status?json
+;   http://www.foo.bar/status?html
+;   http://www.foo.bar/status?xml
+;
+; By default the status page only outputs short status. Passing 'full' in the
+; query string will also return status for each pool process.
+; Example:
+;   http://www.foo.bar/status?full
+;   http://www.foo.bar/status?json&full
+;   http://www.foo.bar/status?html&full
+;   http://www.foo.bar/status?xml&full
+; The Full status returns for each process:
+;   pid                  - the PID of the process;
+;   state                - the state of the process (Idle, Running, ...);
+;   start time           - the date and time the process has started;
+;   start since          - the number of seconds since the process has started;
+;   requests             - the number of requests the process has served;
+;   request duration     - the duration in µs of the requests;
+;   request method       - the request method (GET, POST, ...);
+;   request URI          - the request URI with the query string;
+;   content length       - the content length of the request (only with POST);
+;   user                 - the user (PHP_AUTH_USER) (or '-' if not set);
+;   script               - the main script called (or '-' if not set);
+;   last request cpu     - the %cpu the last request consumed
+;                          it's always 0 if the process is not in Idle state
+;                          because CPU calculation is done when the request
+;                          processing has terminated;
+;   last request memory  - the max amount of memory the last request consumed
+;                          it's always 0 if the process is not in Idle state
+;                          because memory calculation is done when the request
+;                          processing has terminated;
+; If the process is in Idle state, then informations are related to the
+; last request the process has served. Otherwise informations are related to
+; the current request being served.
+; Example output:
+;   ************************
+;   pid:                  31330
+;   state:                Running
+;   start time:           01/Jul/2011:17:53:49 +0200
+;   start since:          63087
+;   requests:             12808
+;   request duration:     1250261
+;   request method:       GET
+;   request URI:          /test_mem.php?N=10000
+;   content length:       0
+;   user:                 -
+;   script:               /home/fat/web/docs/php/test_mem.php
+;   last request cpu:     0.00
+;   last request memory:  0
+;
+; Note: There is a real-time FPM status monitoring sample web page available
+;       It's available in: /usr/share/php/7.2/fpm/status.html
+;
+; Note: The value must start with a leading slash (/). The value can be
+;       anything, but it may not be a good idea to use the .php extension or it
+;       may conflict with a real PHP file.
+; Default Value: not set
+;pm.status_path = /status
+
+; The ping URI to call the monitoring page of FPM. If this value is not set, no
+; URI will be recognized as a ping page. This could be used to test from outside
+; that FPM is alive and responding, or to
+; - create a graph of FPM availability (rrd or such);
+; - remove a server from a group if it is not responding (load balancing);
+; - trigger alerts for the operating team (24/7).
+; Note: The value must start with a leading slash (/). The value can be
+;       anything, but it may not be a good idea to use the .php extension or it
+;       may conflict with a real PHP file.
+; Default Value: not set
+;ping.path = /ping
+
+; This directive may be used to customize the response of a ping request. The
+; response is formatted as text/plain with a 200 response code.
+; Default Value: pong
+;ping.response = pong
+
+; The access log file
+; Default: not set
+;access.log = log/$pool.access.log
+
+; The access log format.
+; The following syntax is allowed
+;  %%: the '%' character
+;  %C: %CPU used by the request
+;      it can accept the following format:
+;      - %{user}C for user CPU only
+;      - %{system}C for system CPU only
+;      - %{total}C  for user + system CPU (default)
+;  %d: time taken to serve the request
+;      it can accept the following format:
+;      - %{seconds}d (default)
+;      - %{miliseconds}d
+;      - %{mili}d
+;      - %{microseconds}d
+;      - %{micro}d
+;  %e: an environment variable (same as $_ENV or $_SERVER)
+;      it must be associated with embraces to specify the name of the env
+;      variable. Some exemples:
+;      - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e
+;      - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e
+;  %f: script filename
+;  %l: content-length of the request (for POST request only)
+;  %m: request method
+;  %M: peak of memory allocated by PHP
+;      it can accept the following format:
+;      - %{bytes}M (default)
+;      - %{kilobytes}M
+;      - %{kilo}M
+;      - %{megabytes}M
+;      - %{mega}M
+;  %n: pool name
+;  %o: output header
+;      it must be associated with embraces to specify the name of the header:
+;      - %{Content-Type}o
+;      - %{X-Powered-By}o
+;      - %{Transfert-Encoding}o
+;      - ....
+;  %p: PID of the child that serviced the request
+;  %P: PID of the parent of the child that serviced the request
+;  %q: the query string
+;  %Q: the '?' character if query string exists
+;  %r: the request URI (without the query string, see %q and %Q)
+;  %R: remote IP address
+;  %s: status (response code)
+;  %t: server time the request was received
+;      it can accept a strftime(3) format:
+;      %d/%b/%Y:%H:%M:%S %z (default)
+;      The strftime(3) format must be encapsuled in a %{}t tag
+;      e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
+;  %T: time the log has been written (the request has finished)
+;      it can accept a strftime(3) format:
+;      %d/%b/%Y:%H:%M:%S %z (default)
+;      The strftime(3) format must be encapsuled in a %{}t tag
+;      e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
+;  %u: remote user
+;
+; Default: "%R - %u %t \"%m %r\" %s"
+;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"
+
+; The log file for slow requests
+; Default Value: not set
+; Note: slowlog is mandatory if request_slowlog_timeout is set
+;slowlog = log/$pool.log.slow
+
+; The timeout for serving a single request after which a PHP backtrace will be
+; dumped to the 'slowlog' file. A value of '0s' means 'off'.
+; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
+; Default Value: 0
+;request_slowlog_timeout = 0
+
+; Depth of slow log stack trace.
+; Default Value: 20
+;request_slowlog_trace_depth = 20
+
+; The timeout for serving a single request after which the worker process will
+; be killed. This option should be used when the 'max_execution_time' ini option
+; does not stop script execution for some reason. A value of '0' means 'off'.
+; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
+; Default Value: 0
+;request_terminate_timeout = 0
+
+; Set open file descriptor rlimit.
+; Default Value: system defined value
+;rlimit_files = 1024
+
+; Set max core size rlimit.
+; Possible Values: 'unlimited' or an integer greater or equal to 0
+; Default Value: system defined value
+;rlimit_core = 0
+
+; Chroot to this directory at the start. This value must be defined as an
+; absolute path. When this value is not set, chroot is not used.
+; Note: you can prefix with '$prefix' to chroot to the pool prefix or one
+; of its subdirectories. If the pool prefix is not set, the global prefix
+; will be used instead.
+; Note: chrooting is a great security feature and should be used whenever
+;       possible. However, all PHP paths will be relative to the chroot
+;       (error_log, sessions.save_path, ...).
+; Default Value: not set
+;chroot =
+
+; Chdir to this directory at the start.
+; Note: relative path can be used.
+; Default Value: current directory or / when chroot
+;chdir = /var/www
+
+; Redirect worker stdout and stderr into main error log. If not set, stdout and
+; stderr will be redirected to /dev/null according to FastCGI specs.
+; Note: on highloaded environement, this can cause some delay in the page
+; process time (several ms).
+; Default Value: no
+;catch_workers_output = yes
+
+; Clear environment in FPM workers
+; Prevents arbitrary environment variables from reaching FPM worker processes
+; by clearing the environment in workers before env vars specified in this
+; pool configuration are added.
+; Setting to "no" will make all environment variables available to PHP code
+; via getenv(), $_ENV and $_SERVER.
+; Default Value: yes
+;clear_env = no
+
+; Limits the extensions of the main script FPM will allow to parse. This can
+; prevent configuration mistakes on the web server side. You should only limit
+; FPM to .php extensions to prevent malicious users to use other extensions to
+; execute php code.
+; Note: set an empty value to allow all extensions.
+; Default Value: .php
+;security.limit_extensions = .php .php3 .php4 .php5 .php7
+
+; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
+; the current environment.
+; Default Value: clean env
+;env[HOSTNAME] = $HOSTNAME
+;env[PATH] = /usr/local/bin:/usr/bin:/bin
+;env[TMP] = /tmp
+;env[TMPDIR] = /tmp
+;env[TEMP] = /tmp
+
+; Additional php.ini defines, specific to this pool of workers. These settings
+; overwrite the values previously defined in the php.ini. The directives are the
+; same as the PHP SAPI:
+;   php_value/php_flag             - you can set classic ini defines which can
+;                                    be overwritten from PHP call 'ini_set'.
+;   php_admin_value/php_admin_flag - these directives won't be overwritten by
+;                                     PHP call 'ini_set'
+; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no.
+
+; Defining 'extension' will load the corresponding shared extension from
+; extension_dir. Defining 'disable_functions' or 'disable_classes' will not
+; overwrite previously defined php.ini values, but will append the new value
+; instead.
+
+; Note: path INI options can be relative and will be expanded with the prefix
+; (pool, global or /usr)
+
+; Default Value: nothing is defined by default except the values in php.ini and
+;                specified at startup with the -d argument
+;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com
+;php_flag[display_errors] = off
+;php_admin_value[error_log] = /var/log/fpm-php.www.log
+;php_admin_flag[log_errors] = on
+;php_admin_value[memory_limit] = 32M

From 54fab10b525e900480e6e13d4d5a1a7518680589 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 27 Jul 2021 15:27:40 +0200
Subject: [PATCH 1523/2300] Checking custom OpenSSH port

Taken from @HestiaCP
---
 bin/v-update-firewall | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/bin/v-update-firewall b/bin/v-update-firewall
index 183522a7..d3a46686 100755
--- a/bin/v-update-firewall
+++ b/bin/v-update-firewall
@@ -52,6 +52,13 @@ if [ $? -ne 0 ]; then
 fi
 
 
+# Checking custom OpenSSH port
+# Taken from HestiaCP
+sshport=$(grep '^Port ' /etc/ssh/sshd_config | head -1 | cut -d ' ' -f 2)
+if [[ "$sshport" =~ ^[0-9]+$ ]] && [ "$sshport" -ne "22"  ]; then
+    sed -i "s/PORT='22'/PORT=\'$sshport\'/" $rules
+fi
+
 # Creating temporary file
 tmp=$(mktemp)
 

From bc3ac1d9930775594a9502ca7c81afe52550194c Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 5 Aug 2021 22:02:35 +0200
Subject: [PATCH 1524/2300] Update v-clone-website

---
 bin/v-clone-website | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/bin/v-clone-website b/bin/v-clone-website
index ed7344ab..7ed3046c 100644
--- a/bin/v-clone-website
+++ b/bin/v-clone-website
@@ -51,8 +51,6 @@ TO_DATABASE_USERNAME=''
 TO_DATABASE_PASSWORD=''
 DATABASE_SUFIX='_migrated'
 
-source /usr/local/vesta/func/handle_parameters.sh
-
 #----------------------------------------------------------#
 #                    Verifications                         #
 #----------------------------------------------------------#
@@ -66,6 +64,9 @@ FROM_USER=$user
 r=$(/usr/local/vesta/bin/v-get-database-credentials-of-domain "$FROM_DOMAIN")
 eval $r
 
+# take --parameters
+source /usr/local/vesta/func/handle_parameters.sh
+
 FROM_FOLDER=$SITE_FOLDER
 
 if [ ! -z "$CONFIG_FILE" ]; then

From df11eaf33f5ca48a5fda16be2fb1e266421087bd Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 14 Aug 2021 22:36:07 +0200
Subject: [PATCH 1525/2300] Fix for "Broken or Risky Cryptographic Algorithm"

---
 web/inc/main.php    | 5 +++--
 web/login/index.php | 5 +++--
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/web/inc/main.php b/web/inc/main.php
index 09eef5f7..f75f9530 100644
--- a/web/inc/main.php
+++ b/web/inc/main.php
@@ -66,9 +66,10 @@ if ((!isset($_SESSION['user'])) && (!defined('NO_AUTH_REQUIRED'))) {
     exit;
 }
 
+// Generate CSRF Token
 if (isset($_SESSION['user'])) {
-    if(!isset($_SESSION['token'])){
-        $token = uniqid(mt_rand(), true);
+    if (!isset($_SESSION['token'])){
+        $token = bin2hex(file_get_contents('/dev/urandom', false, null, 0, 16));
         $_SESSION['token'] = $token;
     }
 }
diff --git a/web/login/index.php b/web/login/index.php
index bf3f2c28..18841344 100644
--- a/web/login/index.php
+++ b/web/login/index.php
@@ -112,7 +112,7 @@ if (isset($_POST['user']) && isset($_POST['password'])) {
                     }
 
                     // Regenerate session id to prevent session fixation
-                    session_regenerate_id();
+                    session_regenerate_id(true);
 
                     // Redirect request to control panel interface
                     if (!empty($_SESSION['request_uri'])) {
@@ -158,7 +158,8 @@ if (empty($_SESSION['language'])) {
 }
 
 // Generate CSRF token
-$_SESSION['token'] = md5(uniqid(mt_rand(), true));
+$token = bin2hex(file_get_contents('/dev/urandom', false, null, 0, 16));
+$_SESSION['token'] = $token;
 
 require_once($_SERVER['DOCUMENT_ROOT'].'/inc/i18n/'.$_SESSION['language'].'.php');
 require_once('../templates/header.html');

From 88596a8cd9a9bb053d2d5bebf80c870dff49b639 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 15 Aug 2021 12:35:28 +0200
Subject: [PATCH 1526/2300] Fix for possible file inclusion vulnerability in
 i18n.php

Fix for https://github.com/serghey-rodin/vesta/issues/2052
---
 web/inc/i18n.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/inc/i18n.php b/web/inc/i18n.php
index 8b8abf3a..9d6c1b7e 100644
--- a/web/inc/i18n.php
+++ b/web/inc/i18n.php
@@ -24,7 +24,7 @@ function _translate() {
 
     // Load language file (if not loaded yet)
     if (!isset($LANG[$l])) {
-        require_once($_SERVER['DOCUMENT_ROOT']."/inc/i18n/$l.php");
+        require_once($_SERVER['DOCUMENT_ROOT']."/inc/i18n/".basename($l).".php");
     }
 
     //if (!isset($LANG[$l][$key])) file_put_contents('/somewhere/something.log', "$key\n", FILE_APPEND);

From 914b53ea1ca85ff07e0d86ded561b157e8511835 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 15 Aug 2021 14:11:14 +0200
Subject: [PATCH 1527/2300] Getting hostname from $_SERVER['HTTP_HOST'] for
 UploadHandler

---
 web/upload/UploadHandler.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/web/upload/UploadHandler.php b/web/upload/UploadHandler.php
index b77749ab..15adb406 100755
--- a/web/upload/UploadHandler.php
+++ b/web/upload/UploadHandler.php
@@ -2,7 +2,8 @@
 
 //session_start();
 
-$hostname = exec('hostname');
+$host_arr=explode(":", $_SERVER['HTTP_HOST']);
+$hostname=$host_arr[0];
 $port = $_SERVER['SERVER_PORT'];
 $expected_http_origin="https://".$hostname.":".$port;
 if ($_SERVER['HTTP_ORIGIN'] != $expected_http_origin) {

From d559763427efbbfef83e3a988b91ee8650247109 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 15 Aug 2021 14:15:48 +0200
Subject: [PATCH 1528/2300] Preventing CSRF in edit/file

---
 web/edit/file/index.php | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/web/edit/file/index.php b/web/edit/file/index.php
index d6ae8dce..9addd23e 100644
--- a/web/edit/file/index.php
+++ b/web/edit/file/index.php
@@ -1,5 +1,14 @@
 
Date: Sun, 15 Aug 2021 14:20:13 +0200
Subject: [PATCH 1529/2300] Preventing CSRF in schedule / backup

---
 web/schedule/backup/index.php | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/web/schedule/backup/index.php b/web/schedule/backup/index.php
index 67c7b44f..10b83a24 100644
--- a/web/schedule/backup/index.php
+++ b/web/schedule/backup/index.php
@@ -1,4 +1,14 @@
 
Date: Sun, 15 Aug 2021 14:36:45 +0200
Subject: [PATCH 1530/2300] Update index.php

---
 web/schedule/backup/index.php | 9 ---------
 1 file changed, 9 deletions(-)

diff --git a/web/schedule/backup/index.php b/web/schedule/backup/index.php
index 10b83a24..6a36030b 100644
--- a/web/schedule/backup/index.php
+++ b/web/schedule/backup/index.php
@@ -1,14 +1,5 @@
 
Date: Sun, 15 Aug 2021 14:37:53 +0200
Subject: [PATCH 1531/2300] Update index.php

---
 web/edit/file/index.php | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/web/edit/file/index.php b/web/edit/file/index.php
index 9addd23e..9071af3a 100644
--- a/web/edit/file/index.php
+++ b/web/edit/file/index.php
@@ -1,12 +1,14 @@
 
Date: Sun, 15 Aug 2021 14:41:04 +0200
Subject: [PATCH 1532/2300] Preventing CSRF in schedule / backup

---
 web/schedule/backup/index.php | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/web/schedule/backup/index.php b/web/schedule/backup/index.php
index 6a36030b..06881993 100644
--- a/web/schedule/backup/index.php
+++ b/web/schedule/backup/index.php
@@ -1,5 +1,16 @@
 
Date: Sun, 15 Aug 2021 14:53:16 +0200
Subject: [PATCH 1533/2300] Preventing all CSRF

---
 web/inc/secure_login.php | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/web/inc/secure_login.php b/web/inc/secure_login.php
index 55b17e55..34b02695 100644
--- a/web/inc/secure_login.php
+++ b/web/inc/secure_login.php
@@ -49,3 +49,16 @@ if ($skip_login_url_check==0) {
         }
     }
 }
+
+// Preventing all CSRF
+if ($skip_login_url_check==0) {
+    if ($_SERVER['REQUEST_METHOD']=='POST') {
+        $host_arr=explode(":", $_SERVER['HTTP_HOST']);
+        $hostname=$host_arr[0];
+        $port = $_SERVER['SERVER_PORT'];
+        $expected_http_origin="https://".$hostname.":".$port;
+        if ($_SERVER['HTTP_ORIGIN'] != $expected_http_origin) {
+            die ("Nope.");
+        }
+    }
+}

From 43da9e2aa71dfa92fb3a2a778d8a80722f17e670 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 15 Aug 2021 15:14:16 +0200
Subject: [PATCH 1534/2300] Preventing CSRF in file_manager/fm_api.php

---
 web/file_manager/fm_api.php | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/web/file_manager/fm_api.php b/web/file_manager/fm_api.php
index cf4eef82..4a4dd9ec 100644
--- a/web/file_manager/fm_api.php
+++ b/web/file_manager/fm_api.php
@@ -2,6 +2,17 @@
 // Init
 //error_reporting(NULL);
 
+// Preventing CSRF
+if ($_SERVER['REQUEST_METHOD']=='POST') {
+    $host_arr=explode(":", $_SERVER['HTTP_HOST']);
+    $hostname=$host_arr[0];
+    $port = $_SERVER['SERVER_PORT'];
+    $expected_http_origin="https://".$hostname.":".$port;
+    if ($_SERVER['HTTP_ORIGIN'] != $expected_http_origin) {
+        die ("Nope.");
+    }
+}
+
 header('Content-Type: application/json');
 
 include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");

From d0dba33d9475966c3955114ff7dce88a1db1608a Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 15 Aug 2021 16:37:34 +0200
Subject: [PATCH 1535/2300] Changing the Default Character Set To UTF-8 in
 MariaDB

---
 install/debian/10/mysql/my-large.cnf  | 7 +++++++
 install/debian/10/mysql/my-medium.cnf | 7 +++++++
 install/debian/10/mysql/my-small.cnf  | 7 +++++++
 3 files changed, 21 insertions(+)

diff --git a/install/debian/10/mysql/my-large.cnf b/install/debian/10/mysql/my-large.cnf
index febfda66..b056c316 100644
--- a/install/debian/10/mysql/my-large.cnf
+++ b/install/debian/10/mysql/my-large.cnf
@@ -1,11 +1,18 @@
 [client]
+default-character-set=utf8mb4
 port=3306
 socket=/var/run/mysqld/mysqld.sock
 
 [mysqld_safe]
 socket=/var/run/mysqld/mysqld.sock
 
+[mysql]
+default-character-set=utf8mb4
+
 [mysqld]
+collation-server = utf8mb4_unicode_520_ci
+init-connect='SET NAMES utf8mb4'
+character-set-server = utf8mb4
 user=mysql
 pid-file=/var/run/mysqld/mysqld.pid
 socket=/var/run/mysqld/mysqld.sock
diff --git a/install/debian/10/mysql/my-medium.cnf b/install/debian/10/mysql/my-medium.cnf
index 3aa8fe22..33aa04c2 100644
--- a/install/debian/10/mysql/my-medium.cnf
+++ b/install/debian/10/mysql/my-medium.cnf
@@ -1,11 +1,18 @@
 [client]
+default-character-set=utf8mb4
 port=3306
 socket=/var/run/mysqld/mysqld.sock
 
 [mysqld_safe]
 socket=/var/run/mysqld/mysqld.sock
 
+[mysql]
+default-character-set=utf8mb4
+
 [mysqld]
+collation-server = utf8mb4_unicode_520_ci
+init-connect='SET NAMES utf8mb4'
+character-set-server = utf8mb4
 user=mysql
 pid-file=/var/run/mysqld/mysqld.pid
 socket=/var/run/mysqld/mysqld.sock
diff --git a/install/debian/10/mysql/my-small.cnf b/install/debian/10/mysql/my-small.cnf
index bd53770b..857f48ce 100644
--- a/install/debian/10/mysql/my-small.cnf
+++ b/install/debian/10/mysql/my-small.cnf
@@ -1,11 +1,18 @@
 [client]
+default-character-set=utf8mb4
 port=3306
 socket=/var/run/mysqld/mysqld.sock
 
 [mysqld_safe]
 socket=/var/run/mysqld/mysqld.sock
 
+[mysql]
+default-character-set=utf8mb4
+
 [mysqld]
+collation-server = utf8mb4_unicode_520_ci
+init-connect='SET NAMES utf8mb4'
+character-set-server = utf8mb4
 user=mysql
 pid-file=/var/run/mysqld/mysqld.pid
 socket=/var/run/mysqld/mysqld.sock

From b71238813b20e33cad60d24fa82a11b746bf663a Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 15 Aug 2021 18:08:13 +0200
Subject: [PATCH 1536/2300] Changing the Default Character Set To UTF-8 in
 MariaDB

---
 install/debian/11/mysql/my-large.cnf  | 7 +++++++
 install/debian/11/mysql/my-medium.cnf | 7 +++++++
 install/debian/11/mysql/my-small.cnf  | 7 +++++++
 3 files changed, 21 insertions(+)

diff --git a/install/debian/11/mysql/my-large.cnf b/install/debian/11/mysql/my-large.cnf
index febfda66..b056c316 100644
--- a/install/debian/11/mysql/my-large.cnf
+++ b/install/debian/11/mysql/my-large.cnf
@@ -1,11 +1,18 @@
 [client]
+default-character-set=utf8mb4
 port=3306
 socket=/var/run/mysqld/mysqld.sock
 
 [mysqld_safe]
 socket=/var/run/mysqld/mysqld.sock
 
+[mysql]
+default-character-set=utf8mb4
+
 [mysqld]
+collation-server = utf8mb4_unicode_520_ci
+init-connect='SET NAMES utf8mb4'
+character-set-server = utf8mb4
 user=mysql
 pid-file=/var/run/mysqld/mysqld.pid
 socket=/var/run/mysqld/mysqld.sock
diff --git a/install/debian/11/mysql/my-medium.cnf b/install/debian/11/mysql/my-medium.cnf
index 3aa8fe22..33aa04c2 100644
--- a/install/debian/11/mysql/my-medium.cnf
+++ b/install/debian/11/mysql/my-medium.cnf
@@ -1,11 +1,18 @@
 [client]
+default-character-set=utf8mb4
 port=3306
 socket=/var/run/mysqld/mysqld.sock
 
 [mysqld_safe]
 socket=/var/run/mysqld/mysqld.sock
 
+[mysql]
+default-character-set=utf8mb4
+
 [mysqld]
+collation-server = utf8mb4_unicode_520_ci
+init-connect='SET NAMES utf8mb4'
+character-set-server = utf8mb4
 user=mysql
 pid-file=/var/run/mysqld/mysqld.pid
 socket=/var/run/mysqld/mysqld.sock
diff --git a/install/debian/11/mysql/my-small.cnf b/install/debian/11/mysql/my-small.cnf
index bd53770b..857f48ce 100644
--- a/install/debian/11/mysql/my-small.cnf
+++ b/install/debian/11/mysql/my-small.cnf
@@ -1,11 +1,18 @@
 [client]
+default-character-set=utf8mb4
 port=3306
 socket=/var/run/mysqld/mysqld.sock
 
 [mysqld_safe]
 socket=/var/run/mysqld/mysqld.sock
 
+[mysql]
+default-character-set=utf8mb4
+
 [mysqld]
+collation-server = utf8mb4_unicode_520_ci
+init-connect='SET NAMES utf8mb4'
+character-set-server = utf8mb4
 user=mysql
 pid-file=/var/run/mysqld/mysqld.pid
 socket=/var/run/mysqld/mysqld.sock

From dcbb7b80f985102118c223819f166fc05ace1940 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 23 Aug 2021 20:47:57 +0200
Subject: [PATCH 1537/2300] $OVERRIDE_BACKUP_PATH

---
 bin/v-restore-user | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/bin/v-restore-user b/bin/v-restore-user
index 8aef31b1..a78ffc4d 100755
--- a/bin/v-restore-user
+++ b/bin/v-restore-user
@@ -36,6 +36,10 @@ source $VESTA/func/db.sh
 source $VESTA/func/rebuild.sh
 source $VESTA/conf/vesta.conf
 
+if [ ! -z "$OVERRIDE_BACKUP_PATH" ]; then
+    BACKUP=$OVERRIDE_BACKUP_PATH
+fi
+
 # Check backup ownership function
 is_backup_available() {
     passed=false

From 29f83585163f504bba783e04c89f9b9c385d2e65 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 23 Aug 2021 20:50:48 +0200
Subject: [PATCH 1538/2300] Override backup path

---
 bin/v-backup-user | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/bin/v-backup-user b/bin/v-backup-user
index 2e245156..767eba22 100755
--- a/bin/v-backup-user
+++ b/bin/v-backup-user
@@ -41,6 +41,11 @@ is_backup_enabled
 
 wait_for_backup_if_it_is_not_time_for_backup
 
+# Override backup path
+if [ ! -z "$OVERRIDE_BACKUP_PATH" ]; then
+    BACKUP=$OVERRIDE_BACKUP_PATH
+fi
+
 # Set backup directory if undefined
 if [ -z "$BACKUP" ]; then
     BACKUP=/backup

From c6226e403ac62d30fe0260398ea2e3b4bf3f8043 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 24 Aug 2021 16:45:15 +0200
Subject: [PATCH 1539/2300] systemctl reset-failed php7.3

---
 .../11/templates/web/apache2/PHP-FPM-74-public.sh | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/install/debian/11/templates/web/apache2/PHP-FPM-74-public.sh b/install/debian/11/templates/web/apache2/PHP-FPM-74-public.sh
index 6f6290b1..814b434b 100755
--- a/install/debian/11/templates/web/apache2/PHP-FPM-74-public.sh
+++ b/install/debian/11/templates/web/apache2/PHP-FPM-74-public.sh
@@ -46,29 +46,35 @@ pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
 pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
 pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
 pool_file_74="/etc/php/7.4/fpm/pool.d/$2.conf"
+pool_file_80="/etc/php/8.0/fpm/pool.d/$2.conf"
 
 if [ -f "$pool_file_56" ]; then
     rm $pool_file_56
+    systemctl reset-failed php5.6-fpm
     service php5.6-fpm restart
 fi
 
 if [ -f "$pool_file_70" ]; then
     rm $pool_file_70
+    systemctl reset-failed php7.0-fpm
     service php7.0-fpm restart
 fi
 
 if [ -f "$pool_file_71" ]; then
     rm $pool_file_71
+    systemctl reset-failed php7.1-fpm
     service php7.1-fpm restart
 fi
 
 if [ -f "$pool_file_72" ]; then
     rm $pool_file_72
+    systemctl reset-failed php7.2-fpm
     service php7.2-fpm restart
 fi
 
 if [ -f "$pool_file_73" ]; then
     rm $pool_file_73
+    systemctl reset-failed php7.3-fpm
     service php7.3-fpm restart
 fi
 
@@ -83,10 +89,17 @@ else
 fi
 if [ $write_file -eq 1 ]; then
     echo "$pool_conf" > $pool_file_74
+    systemctl reset-failed php7.4-fpm
     service php7.4-fpm restart
 fi
 if [ -f "/etc/php/7.4/fpm/pool.d/www.conf" ]; then
     rm /etc/php/7.4/fpm/pool.d/www.conf
 fi
 
-exit 0
\ No newline at end of file
+if [ -f "$pool_file_80" ]; then
+    rm $pool_file_80
+    systemctl reset-failed php8.0-fpm
+    service php8.0-fpm restart
+fi
+
+exit 0

From 4942f52f7feb85edde00d588c4f340ceaa1bf551 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 24 Aug 2021 16:46:40 +0200
Subject: [PATCH 1540/2300] systemctl reset-failed php7.4-fpm

---
 .../11/templates/web/apache2/PHP-FPM-74.sh    | 19 ++++++++++++++++---
 1 file changed, 16 insertions(+), 3 deletions(-)

diff --git a/install/debian/11/templates/web/apache2/PHP-FPM-74.sh b/install/debian/11/templates/web/apache2/PHP-FPM-74.sh
index 482cdd7e..814b434b 100755
--- a/install/debian/11/templates/web/apache2/PHP-FPM-74.sh
+++ b/install/debian/11/templates/web/apache2/PHP-FPM-74.sh
@@ -17,8 +17,8 @@ user = $1
 group = $1
 
 pm = ondemand
-pm.max_children = 8
-request_terminate_timeout = 90s
+pm.max_children = 16
+request_terminate_timeout = 30s
 pm.max_requests = 4000
 pm.process_idle_timeout = 10s
 pm.status_path = /status
@@ -27,7 +27,7 @@ php_admin_value[upload_tmp_dir] = /home/$1/tmp
 php_admin_value[session.save_path] = /home/$1/tmp
 php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
 php_admin_value[upload_max_filesize] = 80M
-php_admin_value[max_execution_time] = 30
+php_admin_value[max_execution_time] = 20
 php_admin_value[post_max_size] = 80M
 php_admin_value[memory_limit] = 256M
 php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
@@ -46,29 +46,35 @@ pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
 pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
 pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
 pool_file_74="/etc/php/7.4/fpm/pool.d/$2.conf"
+pool_file_80="/etc/php/8.0/fpm/pool.d/$2.conf"
 
 if [ -f "$pool_file_56" ]; then
     rm $pool_file_56
+    systemctl reset-failed php5.6-fpm
     service php5.6-fpm restart
 fi
 
 if [ -f "$pool_file_70" ]; then
     rm $pool_file_70
+    systemctl reset-failed php7.0-fpm
     service php7.0-fpm restart
 fi
 
 if [ -f "$pool_file_71" ]; then
     rm $pool_file_71
+    systemctl reset-failed php7.1-fpm
     service php7.1-fpm restart
 fi
 
 if [ -f "$pool_file_72" ]; then
     rm $pool_file_72
+    systemctl reset-failed php7.2-fpm
     service php7.2-fpm restart
 fi
 
 if [ -f "$pool_file_73" ]; then
     rm $pool_file_73
+    systemctl reset-failed php7.3-fpm
     service php7.3-fpm restart
 fi
 
@@ -83,10 +89,17 @@ else
 fi
 if [ $write_file -eq 1 ]; then
     echo "$pool_conf" > $pool_file_74
+    systemctl reset-failed php7.4-fpm
     service php7.4-fpm restart
 fi
 if [ -f "/etc/php/7.4/fpm/pool.d/www.conf" ]; then
     rm /etc/php/7.4/fpm/pool.d/www.conf
 fi
 
+if [ -f "$pool_file_80" ]; then
+    rm $pool_file_80
+    systemctl reset-failed php8.0-fpm
+    service php8.0-fpm restart
+fi
+
 exit 0

From 628464b96986102139e62decb9d0374e545ed8b4 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 24 Aug 2021 16:48:17 +0200
Subject: [PATCH 1541/2300] Update PHP-FPM-74.sh

---
 install/debian/11/templates/web/apache2/PHP-FPM-74.sh | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/install/debian/11/templates/web/apache2/PHP-FPM-74.sh b/install/debian/11/templates/web/apache2/PHP-FPM-74.sh
index 814b434b..5bc6f5fb 100755
--- a/install/debian/11/templates/web/apache2/PHP-FPM-74.sh
+++ b/install/debian/11/templates/web/apache2/PHP-FPM-74.sh
@@ -17,8 +17,8 @@ user = $1
 group = $1
 
 pm = ondemand
-pm.max_children = 16
-request_terminate_timeout = 30s
+pm.max_children = 8
+request_terminate_timeout = 90s
 pm.max_requests = 4000
 pm.process_idle_timeout = 10s
 pm.status_path = /status
@@ -27,7 +27,7 @@ php_admin_value[upload_tmp_dir] = /home/$1/tmp
 php_admin_value[session.save_path] = /home/$1/tmp
 php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
 php_admin_value[upload_max_filesize] = 80M
-php_admin_value[max_execution_time] = 20
+php_admin_value[max_execution_time] = 30
 php_admin_value[post_max_size] = 80M
 php_admin_value[memory_limit] = 256M
 php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"

From 9cb517a5148e6417667acc6e26eb1fdcc4548066 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 24 Aug 2021 17:00:40 +0200
Subject: [PATCH 1542/2300] Update PHP-FPM-73.sh

---
 .../10/templates/web/apache2/PHP-FPM-73.sh    | 25 ++++++++++++++-----
 1 file changed, 19 insertions(+), 6 deletions(-)

diff --git a/install/debian/10/templates/web/apache2/PHP-FPM-73.sh b/install/debian/10/templates/web/apache2/PHP-FPM-73.sh
index 72f9cec6..57b10863 100755
--- a/install/debian/10/templates/web/apache2/PHP-FPM-73.sh
+++ b/install/debian/10/templates/web/apache2/PHP-FPM-73.sh
@@ -46,25 +46,30 @@ pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
 pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
 pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
 pool_file_74="/etc/php/7.4/fpm/pool.d/$2.conf"
+pool_file_80="/etc/php/8.0/fpm/pool.d/$2.conf"
 
 if [ -f "$pool_file_56" ]; then
     rm $pool_file_56
-    service php5.6-fpm restart
+    systemctl reset-failed php5.6-fpm
+    systemctl restart php5.6-fpm
 fi
 
 if [ -f "$pool_file_70" ]; then
     rm $pool_file_70
-    service php7.0-fpm restart
+    systemctl reset-failed php7.0-fpm
+    systemctl restart php7.0-fpm
 fi
 
 if [ -f "$pool_file_71" ]; then
     rm $pool_file_71
-    service php7.1-fpm restart
+    systemctl reset-failed php7.1-fpm
+    systemctl restart php7.1-fpm
 fi
 
 if [ -f "$pool_file_72" ]; then
     rm $pool_file_72
-    service php7.2-fpm restart
+    systemctl reset-failed php7.2-fpm
+    systemctl restart php7.2-fpm
 fi
 
 write_file=0
@@ -78,7 +83,8 @@ else
 fi
 if [ $write_file -eq 1 ]; then
     echo "$pool_conf" > $pool_file_73
-    service php7.3-fpm restart
+    systemctl reset-failed php7.3-fpm
+    systemctl restart php7.3-fpm
 fi
 if [ -f "/etc/php/7.3/fpm/pool.d/www.conf" ]; then
     rm /etc/php/7.3/fpm/pool.d/www.conf
@@ -86,7 +92,14 @@ fi
 
 if [ -f "$pool_file_74" ]; then
     rm $pool_file_74
-    service php7.4-fpm restart
+    systemctl reset-failed php7.4-fpm
+    systemctl restart php7.4-fpm
+fi
+
+if [ -f "$pool_file_80" ]; then
+    rm $pool_file_80
+    systemctl reset-failed php8.0-fpm
+    systemctl restart php8.0-fpm
 fi
 
 exit 0

From ce75daf4de838f0d7beb36a9a2bade188be2b591 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 24 Aug 2021 17:08:47 +0200
Subject: [PATCH 1543/2300] systemctl reset-failed php7.3-fpm

---
 .../web/apache2/PHP-FPM-73-public.sh          | 37 ++++++++++++++-----
 1 file changed, 27 insertions(+), 10 deletions(-)

diff --git a/install/debian/10/templates/web/apache2/PHP-FPM-73-public.sh b/install/debian/10/templates/web/apache2/PHP-FPM-73-public.sh
index cc55b61e..57b10863 100755
--- a/install/debian/10/templates/web/apache2/PHP-FPM-73-public.sh
+++ b/install/debian/10/templates/web/apache2/PHP-FPM-73-public.sh
@@ -17,8 +17,8 @@ user = $1
 group = $1
 
 pm = ondemand
-pm.max_children = 16
-request_terminate_timeout = 30s
+pm.max_children = 8
+request_terminate_timeout = 90s
 pm.max_requests = 4000
 pm.process_idle_timeout = 10s
 pm.status_path = /status
@@ -27,7 +27,7 @@ php_admin_value[upload_tmp_dir] = /home/$1/tmp
 php_admin_value[session.save_path] = /home/$1/tmp
 php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
 php_admin_value[upload_max_filesize] = 80M
-php_admin_value[max_execution_time] = 20
+php_admin_value[max_execution_time] = 30
 php_admin_value[post_max_size] = 80M
 php_admin_value[memory_limit] = 256M
 php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
@@ -45,25 +45,31 @@ pool_file_70="/etc/php/7.0/fpm/pool.d/$2.conf"
 pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
 pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
 pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
+pool_file_74="/etc/php/7.4/fpm/pool.d/$2.conf"
+pool_file_80="/etc/php/8.0/fpm/pool.d/$2.conf"
 
 if [ -f "$pool_file_56" ]; then
     rm $pool_file_56
-    service php5.6-fpm restart
+    systemctl reset-failed php5.6-fpm
+    systemctl restart php5.6-fpm
 fi
 
 if [ -f "$pool_file_70" ]; then
     rm $pool_file_70
-    service php7.0-fpm restart
+    systemctl reset-failed php7.0-fpm
+    systemctl restart php7.0-fpm
 fi
 
 if [ -f "$pool_file_71" ]; then
     rm $pool_file_71
-    service php7.1-fpm restart
+    systemctl reset-failed php7.1-fpm
+    systemctl restart php7.1-fpm
 fi
 
 if [ -f "$pool_file_72" ]; then
     rm $pool_file_72
-    service php7.2-fpm restart
+    systemctl reset-failed php7.2-fpm
+    systemctl restart php7.2-fpm
 fi
 
 write_file=0
@@ -75,14 +81,25 @@ else
     write_file=1
   fi
 fi
-
 if [ $write_file -eq 1 ]; then
     echo "$pool_conf" > $pool_file_73
-    service php7.3-fpm restart
+    systemctl reset-failed php7.3-fpm
+    systemctl restart php7.3-fpm
 fi
-
 if [ -f "/etc/php/7.3/fpm/pool.d/www.conf" ]; then
     rm /etc/php/7.3/fpm/pool.d/www.conf
 fi
 
+if [ -f "$pool_file_74" ]; then
+    rm $pool_file_74
+    systemctl reset-failed php7.4-fpm
+    systemctl restart php7.4-fpm
+fi
+
+if [ -f "$pool_file_80" ]; then
+    rm $pool_file_80
+    systemctl reset-failed php8.0-fpm
+    systemctl restart php8.0-fpm
+fi
+
 exit 0

From 6b1dd5ae189448838640a9c424d087a7ddef7915 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 24 Aug 2021 17:13:52 +0200
Subject: [PATCH 1544/2300] systemctl restart php7.4-fpm

---
 .../debian/11/templates/web/apache2/PHP-FPM-74.sh  | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/install/debian/11/templates/web/apache2/PHP-FPM-74.sh b/install/debian/11/templates/web/apache2/PHP-FPM-74.sh
index 5bc6f5fb..0ff7b21b 100755
--- a/install/debian/11/templates/web/apache2/PHP-FPM-74.sh
+++ b/install/debian/11/templates/web/apache2/PHP-FPM-74.sh
@@ -51,31 +51,31 @@ pool_file_80="/etc/php/8.0/fpm/pool.d/$2.conf"
 if [ -f "$pool_file_56" ]; then
     rm $pool_file_56
     systemctl reset-failed php5.6-fpm
-    service php5.6-fpm restart
+    systemctl restart php5.6-fpm
 fi
 
 if [ -f "$pool_file_70" ]; then
     rm $pool_file_70
     systemctl reset-failed php7.0-fpm
-    service php7.0-fpm restart
+    systemctl restart php7.0-fpm
 fi
 
 if [ -f "$pool_file_71" ]; then
     rm $pool_file_71
     systemctl reset-failed php7.1-fpm
-    service php7.1-fpm restart
+    systemctl restart php7.1-fpm
 fi
 
 if [ -f "$pool_file_72" ]; then
     rm $pool_file_72
     systemctl reset-failed php7.2-fpm
-    service php7.2-fpm restart
+    systemctl restart php7.2-fpm
 fi
 
 if [ -f "$pool_file_73" ]; then
     rm $pool_file_73
     systemctl reset-failed php7.3-fpm
-    service php7.3-fpm restart
+    systemctl restart php7.3-fpm
 fi
 
 write_file=0
@@ -90,7 +90,7 @@ fi
 if [ $write_file -eq 1 ]; then
     echo "$pool_conf" > $pool_file_74
     systemctl reset-failed php7.4-fpm
-    service php7.4-fpm restart
+    systemctl restart php7.4-fpm
 fi
 if [ -f "/etc/php/7.4/fpm/pool.d/www.conf" ]; then
     rm /etc/php/7.4/fpm/pool.d/www.conf
@@ -99,7 +99,7 @@ fi
 if [ -f "$pool_file_80" ]; then
     rm $pool_file_80
     systemctl reset-failed php8.0-fpm
-    service php8.0-fpm restart
+    systemctl restart php8.0-fpm
 fi
 
 exit 0

From abcf557d059c9482d6eb222a74e155321599d236 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 24 Aug 2021 17:15:14 +0200
Subject: [PATCH 1545/2300] systemctl restart php7.4-fpm

---
 .../web/apache2/PHP-FPM-74-public.sh          | 20 +++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/install/debian/11/templates/web/apache2/PHP-FPM-74-public.sh b/install/debian/11/templates/web/apache2/PHP-FPM-74-public.sh
index 814b434b..0ff7b21b 100755
--- a/install/debian/11/templates/web/apache2/PHP-FPM-74-public.sh
+++ b/install/debian/11/templates/web/apache2/PHP-FPM-74-public.sh
@@ -17,8 +17,8 @@ user = $1
 group = $1
 
 pm = ondemand
-pm.max_children = 16
-request_terminate_timeout = 30s
+pm.max_children = 8
+request_terminate_timeout = 90s
 pm.max_requests = 4000
 pm.process_idle_timeout = 10s
 pm.status_path = /status
@@ -27,7 +27,7 @@ php_admin_value[upload_tmp_dir] = /home/$1/tmp
 php_admin_value[session.save_path] = /home/$1/tmp
 php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
 php_admin_value[upload_max_filesize] = 80M
-php_admin_value[max_execution_time] = 20
+php_admin_value[max_execution_time] = 30
 php_admin_value[post_max_size] = 80M
 php_admin_value[memory_limit] = 256M
 php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
@@ -51,31 +51,31 @@ pool_file_80="/etc/php/8.0/fpm/pool.d/$2.conf"
 if [ -f "$pool_file_56" ]; then
     rm $pool_file_56
     systemctl reset-failed php5.6-fpm
-    service php5.6-fpm restart
+    systemctl restart php5.6-fpm
 fi
 
 if [ -f "$pool_file_70" ]; then
     rm $pool_file_70
     systemctl reset-failed php7.0-fpm
-    service php7.0-fpm restart
+    systemctl restart php7.0-fpm
 fi
 
 if [ -f "$pool_file_71" ]; then
     rm $pool_file_71
     systemctl reset-failed php7.1-fpm
-    service php7.1-fpm restart
+    systemctl restart php7.1-fpm
 fi
 
 if [ -f "$pool_file_72" ]; then
     rm $pool_file_72
     systemctl reset-failed php7.2-fpm
-    service php7.2-fpm restart
+    systemctl restart php7.2-fpm
 fi
 
 if [ -f "$pool_file_73" ]; then
     rm $pool_file_73
     systemctl reset-failed php7.3-fpm
-    service php7.3-fpm restart
+    systemctl restart php7.3-fpm
 fi
 
 write_file=0
@@ -90,7 +90,7 @@ fi
 if [ $write_file -eq 1 ]; then
     echo "$pool_conf" > $pool_file_74
     systemctl reset-failed php7.4-fpm
-    service php7.4-fpm restart
+    systemctl restart php7.4-fpm
 fi
 if [ -f "/etc/php/7.4/fpm/pool.d/www.conf" ]; then
     rm /etc/php/7.4/fpm/pool.d/www.conf
@@ -99,7 +99,7 @@ fi
 if [ -f "$pool_file_80" ]; then
     rm $pool_file_80
     systemctl reset-failed php8.0-fpm
-    service php8.0-fpm restart
+    systemctl restart php8.0-fpm
 fi
 
 exit 0

From df377c677cd26e25fccfd4d0d2ce7b2475c8503d Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 24 Aug 2021 17:58:46 +0200
Subject: [PATCH 1546/2300] Update PHP-FPM-74.sh

---
 .../tools/apache-fpm-tpl/PHP-FPM-74.sh        | 25 ++++++++++++++-----
 1 file changed, 19 insertions(+), 6 deletions(-)

diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74.sh b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74.sh
index 482cdd7e..0ff7b21b 100755
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74.sh
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74.sh
@@ -46,30 +46,36 @@ pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
 pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
 pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
 pool_file_74="/etc/php/7.4/fpm/pool.d/$2.conf"
+pool_file_80="/etc/php/8.0/fpm/pool.d/$2.conf"
 
 if [ -f "$pool_file_56" ]; then
     rm $pool_file_56
-    service php5.6-fpm restart
+    systemctl reset-failed php5.6-fpm
+    systemctl restart php5.6-fpm
 fi
 
 if [ -f "$pool_file_70" ]; then
     rm $pool_file_70
-    service php7.0-fpm restart
+    systemctl reset-failed php7.0-fpm
+    systemctl restart php7.0-fpm
 fi
 
 if [ -f "$pool_file_71" ]; then
     rm $pool_file_71
-    service php7.1-fpm restart
+    systemctl reset-failed php7.1-fpm
+    systemctl restart php7.1-fpm
 fi
 
 if [ -f "$pool_file_72" ]; then
     rm $pool_file_72
-    service php7.2-fpm restart
+    systemctl reset-failed php7.2-fpm
+    systemctl restart php7.2-fpm
 fi
 
 if [ -f "$pool_file_73" ]; then
     rm $pool_file_73
-    service php7.3-fpm restart
+    systemctl reset-failed php7.3-fpm
+    systemctl restart php7.3-fpm
 fi
 
 write_file=0
@@ -83,10 +89,17 @@ else
 fi
 if [ $write_file -eq 1 ]; then
     echo "$pool_conf" > $pool_file_74
-    service php7.4-fpm restart
+    systemctl reset-failed php7.4-fpm
+    systemctl restart php7.4-fpm
 fi
 if [ -f "/etc/php/7.4/fpm/pool.d/www.conf" ]; then
     rm /etc/php/7.4/fpm/pool.d/www.conf
 fi
 
+if [ -f "$pool_file_80" ]; then
+    rm $pool_file_80
+    systemctl reset-failed php8.0-fpm
+    systemctl restart php8.0-fpm
+fi
+
 exit 0

From 77fa4d0a6b38f5f3e6f28f4f6ac758becf4c7660 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 24 Aug 2021 18:00:27 +0200
Subject: [PATCH 1547/2300] Update PHP-FPM-74-public.sh

---
 .../tools/apache-fpm-tpl/PHP-FPM-74-public.sh | 33 +++++++++++++------
 1 file changed, 23 insertions(+), 10 deletions(-)

diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74-public.sh b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74-public.sh
index 6f6290b1..0ff7b21b 100755
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74-public.sh
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74-public.sh
@@ -17,8 +17,8 @@ user = $1
 group = $1
 
 pm = ondemand
-pm.max_children = 16
-request_terminate_timeout = 30s
+pm.max_children = 8
+request_terminate_timeout = 90s
 pm.max_requests = 4000
 pm.process_idle_timeout = 10s
 pm.status_path = /status
@@ -27,7 +27,7 @@ php_admin_value[upload_tmp_dir] = /home/$1/tmp
 php_admin_value[session.save_path] = /home/$1/tmp
 php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
 php_admin_value[upload_max_filesize] = 80M
-php_admin_value[max_execution_time] = 20
+php_admin_value[max_execution_time] = 30
 php_admin_value[post_max_size] = 80M
 php_admin_value[memory_limit] = 256M
 php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
@@ -46,30 +46,36 @@ pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
 pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
 pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
 pool_file_74="/etc/php/7.4/fpm/pool.d/$2.conf"
+pool_file_80="/etc/php/8.0/fpm/pool.d/$2.conf"
 
 if [ -f "$pool_file_56" ]; then
     rm $pool_file_56
-    service php5.6-fpm restart
+    systemctl reset-failed php5.6-fpm
+    systemctl restart php5.6-fpm
 fi
 
 if [ -f "$pool_file_70" ]; then
     rm $pool_file_70
-    service php7.0-fpm restart
+    systemctl reset-failed php7.0-fpm
+    systemctl restart php7.0-fpm
 fi
 
 if [ -f "$pool_file_71" ]; then
     rm $pool_file_71
-    service php7.1-fpm restart
+    systemctl reset-failed php7.1-fpm
+    systemctl restart php7.1-fpm
 fi
 
 if [ -f "$pool_file_72" ]; then
     rm $pool_file_72
-    service php7.2-fpm restart
+    systemctl reset-failed php7.2-fpm
+    systemctl restart php7.2-fpm
 fi
 
 if [ -f "$pool_file_73" ]; then
     rm $pool_file_73
-    service php7.3-fpm restart
+    systemctl reset-failed php7.3-fpm
+    systemctl restart php7.3-fpm
 fi
 
 write_file=0
@@ -83,10 +89,17 @@ else
 fi
 if [ $write_file -eq 1 ]; then
     echo "$pool_conf" > $pool_file_74
-    service php7.4-fpm restart
+    systemctl reset-failed php7.4-fpm
+    systemctl restart php7.4-fpm
 fi
 if [ -f "/etc/php/7.4/fpm/pool.d/www.conf" ]; then
     rm /etc/php/7.4/fpm/pool.d/www.conf
 fi
 
-exit 0
\ No newline at end of file
+if [ -f "$pool_file_80" ]; then
+    rm $pool_file_80
+    systemctl reset-failed php8.0-fpm
+    systemctl restart php8.0-fpm
+fi
+
+exit 0

From c2fc51e0697a04b47d615117071a36bdf36a12f9 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 24 Aug 2021 18:01:57 +0200
Subject: [PATCH 1548/2300] Update PHP-FPM-73.sh

---
 .../tools/apache-fpm-tpl/PHP-FPM-73.sh        | 25 ++++++++++++++-----
 1 file changed, 19 insertions(+), 6 deletions(-)

diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73.sh b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73.sh
index 72f9cec6..57b10863 100755
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73.sh
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73.sh
@@ -46,25 +46,30 @@ pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
 pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
 pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
 pool_file_74="/etc/php/7.4/fpm/pool.d/$2.conf"
+pool_file_80="/etc/php/8.0/fpm/pool.d/$2.conf"
 
 if [ -f "$pool_file_56" ]; then
     rm $pool_file_56
-    service php5.6-fpm restart
+    systemctl reset-failed php5.6-fpm
+    systemctl restart php5.6-fpm
 fi
 
 if [ -f "$pool_file_70" ]; then
     rm $pool_file_70
-    service php7.0-fpm restart
+    systemctl reset-failed php7.0-fpm
+    systemctl restart php7.0-fpm
 fi
 
 if [ -f "$pool_file_71" ]; then
     rm $pool_file_71
-    service php7.1-fpm restart
+    systemctl reset-failed php7.1-fpm
+    systemctl restart php7.1-fpm
 fi
 
 if [ -f "$pool_file_72" ]; then
     rm $pool_file_72
-    service php7.2-fpm restart
+    systemctl reset-failed php7.2-fpm
+    systemctl restart php7.2-fpm
 fi
 
 write_file=0
@@ -78,7 +83,8 @@ else
 fi
 if [ $write_file -eq 1 ]; then
     echo "$pool_conf" > $pool_file_73
-    service php7.3-fpm restart
+    systemctl reset-failed php7.3-fpm
+    systemctl restart php7.3-fpm
 fi
 if [ -f "/etc/php/7.3/fpm/pool.d/www.conf" ]; then
     rm /etc/php/7.3/fpm/pool.d/www.conf
@@ -86,7 +92,14 @@ fi
 
 if [ -f "$pool_file_74" ]; then
     rm $pool_file_74
-    service php7.4-fpm restart
+    systemctl reset-failed php7.4-fpm
+    systemctl restart php7.4-fpm
+fi
+
+if [ -f "$pool_file_80" ]; then
+    rm $pool_file_80
+    systemctl reset-failed php8.0-fpm
+    systemctl restart php8.0-fpm
 fi
 
 exit 0

From 5e24bf72225d3c0f2c021c259835d7184f482e5f Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 24 Aug 2021 18:03:23 +0200
Subject: [PATCH 1549/2300] Update PHP-FPM-73-public.sh

---
 .../tools/apache-fpm-tpl/PHP-FPM-73-public.sh | 33 +++++++++++++------
 1 file changed, 23 insertions(+), 10 deletions(-)

diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73-public.sh b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73-public.sh
index 1cddda74..57b10863 100755
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73-public.sh
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73-public.sh
@@ -17,8 +17,8 @@ user = $1
 group = $1
 
 pm = ondemand
-pm.max_children = 16
-request_terminate_timeout = 30s
+pm.max_children = 8
+request_terminate_timeout = 90s
 pm.max_requests = 4000
 pm.process_idle_timeout = 10s
 pm.status_path = /status
@@ -27,7 +27,7 @@ php_admin_value[upload_tmp_dir] = /home/$1/tmp
 php_admin_value[session.save_path] = /home/$1/tmp
 php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
 php_admin_value[upload_max_filesize] = 80M
-php_admin_value[max_execution_time] = 20
+php_admin_value[max_execution_time] = 30
 php_admin_value[post_max_size] = 80M
 php_admin_value[memory_limit] = 256M
 php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
@@ -46,25 +46,30 @@ pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
 pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
 pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
 pool_file_74="/etc/php/7.4/fpm/pool.d/$2.conf"
+pool_file_80="/etc/php/8.0/fpm/pool.d/$2.conf"
 
 if [ -f "$pool_file_56" ]; then
     rm $pool_file_56
-    service php5.6-fpm restart
+    systemctl reset-failed php5.6-fpm
+    systemctl restart php5.6-fpm
 fi
 
 if [ -f "$pool_file_70" ]; then
     rm $pool_file_70
-    service php7.0-fpm restart
+    systemctl reset-failed php7.0-fpm
+    systemctl restart php7.0-fpm
 fi
 
 if [ -f "$pool_file_71" ]; then
     rm $pool_file_71
-    service php7.1-fpm restart
+    systemctl reset-failed php7.1-fpm
+    systemctl restart php7.1-fpm
 fi
 
 if [ -f "$pool_file_72" ]; then
     rm $pool_file_72
-    service php7.2-fpm restart
+    systemctl reset-failed php7.2-fpm
+    systemctl restart php7.2-fpm
 fi
 
 write_file=0
@@ -78,7 +83,8 @@ else
 fi
 if [ $write_file -eq 1 ]; then
     echo "$pool_conf" > $pool_file_73
-    service php7.3-fpm restart
+    systemctl reset-failed php7.3-fpm
+    systemctl restart php7.3-fpm
 fi
 if [ -f "/etc/php/7.3/fpm/pool.d/www.conf" ]; then
     rm /etc/php/7.3/fpm/pool.d/www.conf
@@ -86,7 +92,14 @@ fi
 
 if [ -f "$pool_file_74" ]; then
     rm $pool_file_74
-    service php7.4-fpm restart
+    systemctl reset-failed php7.4-fpm
+    systemctl restart php7.4-fpm
 fi
 
-exit 0
\ No newline at end of file
+if [ -f "$pool_file_80" ]; then
+    rm $pool_file_80
+    systemctl reset-failed php8.0-fpm
+    systemctl restart php8.0-fpm
+fi
+
+exit 0

From a56a2c7dd51e4cdf8e81b2a18db70aafded50559 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 24 Aug 2021 18:17:20 +0200
Subject: [PATCH 1550/2300] Update PHP-FPM-80.sh

---
 .../tools/apache-fpm-tpl/PHP-FPM-80.sh        | 23 ++++++++++++-------
 1 file changed, 15 insertions(+), 8 deletions(-)

diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-80.sh b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-80.sh
index 5f119dd8..dfdb85f8 100644
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-80.sh
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-80.sh
@@ -50,32 +50,38 @@ pool_file_80="/etc/php/8.0/fpm/pool.d/$2.conf"
 
 if [ -f "$pool_file_56" ]; then
     rm $pool_file_56
-    service php5.6-fpm restart
+    systemctl reset-failed php5.6-fpm
+    systemctl restart php5.6-fpm
 fi
 
 if [ -f "$pool_file_70" ]; then
     rm $pool_file_70
-    service php7.0-fpm restart
+    systemctl reset-failed php7.0-fpm
+    systemctl restart php7.0-fpm
 fi
 
 if [ -f "$pool_file_71" ]; then
     rm $pool_file_71
-    service php7.1-fpm restart
+    systemctl reset-failed php7.1-fpm
+    systemctl restart php7.1-fpm
 fi
 
 if [ -f "$pool_file_72" ]; then
     rm $pool_file_72
-    service php7.2-fpm restart
+    systemctl reset-failed php7.2-fpm
+    systemctl restart php7.2-fpm
 fi
 
 if [ -f "$pool_file_73" ]; then
     rm $pool_file_73
-    service php7.3-fpm restart
+    systemctl reset-failed php7.3-fpm
+    systemctl restart php7.3-fpm
 fi
 
 if [ -f "$pool_file_74" ]; then
     rm $pool_file_74
-    service php7.4-fpm restart
+    systemctl reset-failed php7.4-fpm
+    systemctl restart php7.4-fpm
 fi
 
 write_file=0
@@ -89,10 +95,11 @@ else
 fi
 if [ $write_file -eq 1 ]; then
     echo "$pool_conf" > $pool_file_80
-    service php8.0-fpm restart
+    systemctl reset-failed php8.0-fpm
+    systemctl restart php8.0-fpm
 fi
 if [ -f "/etc/php/8.0/fpm/pool.d/www.conf" ]; then
     rm /etc/php/8.0/fpm/pool.d/www.conf
 fi
 
-exit 0
\ No newline at end of file
+exit 0

From e6b559cdf2416e06502cee9912abd3c48ce954d5 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 24 Aug 2021 18:18:42 +0200
Subject: [PATCH 1551/2300] Update PHP-FPM-80.sh

---
 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-80.sh | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-80.sh b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-80.sh
index dfdb85f8..343392c2 100644
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-80.sh
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-80.sh
@@ -17,8 +17,8 @@ user = $1
 group = $1
 
 pm = ondemand
-pm.max_children = 16
-request_terminate_timeout = 30s
+pm.max_children = 8
+request_terminate_timeout = 90s
 pm.max_requests = 4000
 pm.process_idle_timeout = 10s
 pm.status_path = /status
@@ -27,7 +27,7 @@ php_admin_value[upload_tmp_dir] = /home/$1/tmp
 php_admin_value[session.save_path] = /home/$1/tmp
 php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
 php_admin_value[upload_max_filesize] = 80M
-php_admin_value[max_execution_time] = 20
+php_admin_value[max_execution_time] = 30
 php_admin_value[post_max_size] = 80M
 php_admin_value[memory_limit] = 256M
 php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"

From d368bf72914ee0c936bee8072312e7ef4b584131 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 24 Aug 2021 18:20:14 +0200
Subject: [PATCH 1552/2300] Update PHP-FPM-80-public.sh

---
 .../tools/apache-fpm-tpl/PHP-FPM-80-public.sh | 29 ++++++++++++-------
 1 file changed, 18 insertions(+), 11 deletions(-)

diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-80-public.sh b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-80-public.sh
index 5f119dd8..343392c2 100644
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-80-public.sh
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-80-public.sh
@@ -17,8 +17,8 @@ user = $1
 group = $1
 
 pm = ondemand
-pm.max_children = 16
-request_terminate_timeout = 30s
+pm.max_children = 8
+request_terminate_timeout = 90s
 pm.max_requests = 4000
 pm.process_idle_timeout = 10s
 pm.status_path = /status
@@ -27,7 +27,7 @@ php_admin_value[upload_tmp_dir] = /home/$1/tmp
 php_admin_value[session.save_path] = /home/$1/tmp
 php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
 php_admin_value[upload_max_filesize] = 80M
-php_admin_value[max_execution_time] = 20
+php_admin_value[max_execution_time] = 30
 php_admin_value[post_max_size] = 80M
 php_admin_value[memory_limit] = 256M
 php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
@@ -50,32 +50,38 @@ pool_file_80="/etc/php/8.0/fpm/pool.d/$2.conf"
 
 if [ -f "$pool_file_56" ]; then
     rm $pool_file_56
-    service php5.6-fpm restart
+    systemctl reset-failed php5.6-fpm
+    systemctl restart php5.6-fpm
 fi
 
 if [ -f "$pool_file_70" ]; then
     rm $pool_file_70
-    service php7.0-fpm restart
+    systemctl reset-failed php7.0-fpm
+    systemctl restart php7.0-fpm
 fi
 
 if [ -f "$pool_file_71" ]; then
     rm $pool_file_71
-    service php7.1-fpm restart
+    systemctl reset-failed php7.1-fpm
+    systemctl restart php7.1-fpm
 fi
 
 if [ -f "$pool_file_72" ]; then
     rm $pool_file_72
-    service php7.2-fpm restart
+    systemctl reset-failed php7.2-fpm
+    systemctl restart php7.2-fpm
 fi
 
 if [ -f "$pool_file_73" ]; then
     rm $pool_file_73
-    service php7.3-fpm restart
+    systemctl reset-failed php7.3-fpm
+    systemctl restart php7.3-fpm
 fi
 
 if [ -f "$pool_file_74" ]; then
     rm $pool_file_74
-    service php7.4-fpm restart
+    systemctl reset-failed php7.4-fpm
+    systemctl restart php7.4-fpm
 fi
 
 write_file=0
@@ -89,10 +95,11 @@ else
 fi
 if [ $write_file -eq 1 ]; then
     echo "$pool_conf" > $pool_file_80
-    service php8.0-fpm restart
+    systemctl reset-failed php8.0-fpm
+    systemctl restart php8.0-fpm
 fi
 if [ -f "/etc/php/8.0/fpm/pool.d/www.conf" ]; then
     rm /etc/php/8.0/fpm/pool.d/www.conf
 fi
 
-exit 0
\ No newline at end of file
+exit 0

From d36218db92d6670b91099393599e582847a51bc7 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 24 Aug 2021 18:53:56 +0200
Subject: [PATCH 1553/2300] Create SECURITY.md

close https://github.com/myvesta/vesta/issues/130
---
 SECURITY.md | 5 +++++
 1 file changed, 5 insertions(+)
 create mode 100644 SECURITY.md

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 00000000..32d7405f
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,5 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+Please report security issues to info@myvestacp.com

From e52f036dfbe7d20857adae1d54ae28c405276e30 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 26 Aug 2021 14:30:33 +0200
Subject: [PATCH 1554/2300] sury.org bullseye repo

---
 src/deb/for-download/tools/multi-php-install.sh | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/deb/for-download/tools/multi-php-install.sh b/src/deb/for-download/tools/multi-php-install.sh
index 761efac7..ffee228e 100644
--- a/src/deb/for-download/tools/multi-php-install.sh
+++ b/src/deb/for-download/tools/multi-php-install.sh
@@ -95,6 +95,9 @@ if [ "$inst_repo" -eq 1 ]; then
     if [ $debian_version -eq 10 ]; then
       sh -c 'echo "deb https://packages.sury.org/php/ buster main" > /etc/apt/sources.list.d/php.list'
     fi
+    if [ $debian_version -eq 11 ]; then
+      sh -c 'echo "deb https://packages.sury.org/php/ bullseye main" > /etc/apt/sources.list.d/php.list'
+    fi
     apt update
     apt upgrade -y
     press_enter "=== Press enter to continue ==============================================================================="

From b9ccc103f1bf4467d8ad63dbca44fdd514e2ad4a Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 26 Aug 2021 14:32:34 +0200
Subject: [PATCH 1555/2300] Enabling nginx official repo for deb11

---
 install/vst-install-debian.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index e67aa4f2..d835bdc5 100755
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -527,11 +527,11 @@ check_result $? 'apt-get upgrade failed'
 
 # Installing nginx repo
 apt=/etc/apt/sources.list.d
-if [ "$release" -ne 11 ]; then
+# if [ "$release" -ne 11 ]; then
     echo "deb http://nginx.org/packages/debian/ $codename nginx" > $apt/nginx.list
     wget http://nginx.org/keys/nginx_signing.key -O /tmp/nginx_signing.key
     apt-key add /tmp/nginx_signing.key
-fi
+# fi
 
 # Installing vesta repo
 echo "deb http://$RHOST/$codename/ $codename vesta" > $apt/vesta.list

From 7767ab759b8e01fbff57ca6def549fcc0f5b4048 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 27 Aug 2021 15:51:37 +0200
Subject: [PATCH 1556/2300] systemctl reset-failed php7.2-fpm

---
 .../tools/apache-fpm-tpl/PHP-FPM-72.sh        | 25 ++++++++++++++-----
 1 file changed, 19 insertions(+), 6 deletions(-)

diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-72.sh b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-72.sh
index 33442862..6541a0dc 100755
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-72.sh
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-72.sh
@@ -46,20 +46,24 @@ pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
 pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
 pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
 pool_file_74="/etc/php/7.4/fpm/pool.d/$2.conf"
+pool_file_80="/etc/php/8.0/fpm/pool.d/$2.conf"
 
 if [ -f "$pool_file_56" ]; then
     rm $pool_file_56
-    service php5.6-fpm restart
+    systemctl reset-failed php5.6-fpm
+    systemctl restart php5.6-fpm
 fi
 
 if [ -f "$pool_file_70" ]; then
     rm $pool_file_70
-    service php7.0-fpm restart
+    systemctl reset-failed php7.0-fpm
+    systemctl restart php7.0-fpm
 fi
 
 if [ -f "$pool_file_71" ]; then
     rm $pool_file_71
-    service php7.1-fpm restart
+    systemctl reset-failed php7.1-fpm
+    systemctl restart php7.1-fpm
 fi
 
 write_file=0
@@ -73,7 +77,8 @@ else
 fi
 if [ $write_file -eq 1 ]; then
     echo "$pool_conf" > $pool_file_72
-    service php7.2-fpm restart
+    systemctl reset-failed php7.2-fpm
+    systemctl restart php7.2-fpm
 fi
 if [ -f "/etc/php/7.2/fpm/pool.d/www.conf" ]; then
     rm /etc/php/7.2/fpm/pool.d/www.conf
@@ -81,12 +86,20 @@ fi
 
 if [ -f "$pool_file_73" ]; then
     rm $pool_file_73
-    service php7.3-fpm restart
+    systemctl reset-failed php7.3-fpm
+    systemctl restart php7.3-fpm
 fi
 
 if [ -f "$pool_file_74" ]; then
     rm $pool_file_74
-    service php7.4-fpm restart
+    systemctl reset-failed php7.4-fpm
+    systemctl restart php7.4-fpm
+fi
+
+if [ -f "$pool_file_80" ]; then
+    rm $pool_file_80
+    systemctl reset-failed php8.0-fpm
+    systemctl restart php8.0-fpm
 fi
 
 exit 0

From ded5ca220275f5c9c713db3f19f53502eb4db181 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 27 Aug 2021 16:01:52 +0200
Subject: [PATCH 1557/2300] systemctl reset-failed php7.1-fpm

---
 .../tools/apache-fpm-tpl/PHP-FPM-71.sh        | 26 ++++++++++++++-----
 1 file changed, 20 insertions(+), 6 deletions(-)

diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-71.sh b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-71.sh
index 8688598c..6110e898 100755
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-71.sh
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-71.sh
@@ -46,15 +46,18 @@ pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
 pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
 pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
 pool_file_74="/etc/php/7.4/fpm/pool.d/$2.conf"
+pool_file_80="/etc/php/8.0/fpm/pool.d/$2.conf"
 
 if [ -f "$pool_file_56" ]; then
     rm $pool_file_56
-    service php5.6-fpm restart
+    systemctl reset-failed php5.6-fpm
+    systemctl restart php5.6-fpm
 fi
 
 if [ -f "$pool_file_70" ]; then
     rm $pool_file_70
-    service php7.0-fpm restart
+    systemctl reset-failed php7.0-fpm
+    systemctl restart php7.0-fpm
 fi
 
 write_file=0
@@ -68,7 +71,8 @@ else
 fi
 if [ $write_file -eq 1 ]; then
     echo "$pool_conf" > $pool_file_71
-    service php7.1-fpm restart
+    systemctl reset-failed php7.1-fpm
+    systemctl restart php7.1-fpm
 fi
 if [ -f "/etc/php/7.1/fpm/pool.d/www.conf" ]; then
     rm /etc/php/7.1/fpm/pool.d/www.conf
@@ -76,17 +80,27 @@ fi
 
 if [ -f "$pool_file_72" ]; then
     rm $pool_file_72
-    service php7.2-fpm restart
+    systemctl reset-failed php7.2-fpm
+    systemctl restart php7.2-fpm
 fi
 
+
 if [ -f "$pool_file_73" ]; then
     rm $pool_file_73
-    service php7.3-fpm restart
+    systemctl reset-failed php7.3-fpm
+    systemctl restart php7.3-fpm
 fi
 
 if [ -f "$pool_file_74" ]; then
     rm $pool_file_74
-    service php7.4-fpm restart
+    systemctl reset-failed php7.4-fpm
+    systemctl restart php7.4-fpm
+fi
+
+if [ -f "$pool_file_80" ]; then
+    rm $pool_file_80
+    systemctl reset-failed php8.0-fpm
+    systemctl restart php8.0-fpm
 fi
 
 exit 0

From 2d4efd2db988a3c98546d20ff3b1779cf35f3a74 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 27 Aug 2021 16:05:18 +0200
Subject: [PATCH 1558/2300] systemctl reset-failed php7.0-fpm

---
 .../tools/apache-fpm-tpl/PHP-FPM-70.sh        | 25 ++++++++++++++-----
 1 file changed, 19 insertions(+), 6 deletions(-)

diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-70.sh b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-70.sh
index fefdf195..0e742ad8 100755
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-70.sh
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-70.sh
@@ -46,10 +46,12 @@ pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
 pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
 pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
 pool_file_74="/etc/php/7.4/fpm/pool.d/$2.conf"
+pool_file_80="/etc/php/8.0/fpm/pool.d/$2.conf"
 
 if [ -f "$pool_file_56" ]; then
     rm $pool_file_56
-    service php5.6-fpm restart
+    systemctl reset-failed php5.6-fpm
+    systemctl restart php5.6-fpm
 fi
 
 write_file=0
@@ -63,7 +65,8 @@ else
 fi
 if [ $write_file -eq 1 ]; then
     echo "$pool_conf" > $pool_file_70
-    service php7.0-fpm restart
+    systemctl reset-failed php7.0-fpm
+    systemctl restart php7.0-fpm
 fi
 if [ -f "/etc/php/7.0/fpm/pool.d/www.conf" ]; then
     rm /etc/php/7.0/fpm/pool.d/www.conf
@@ -71,22 +74,32 @@ fi
 
 if [ -f "$pool_file_71" ]; then
     rm $pool_file_71
-    service php7.1-fpm restart
+    systemctl reset-failed php7.1-fpm
+    systemctl restart php7.1-fpm
 fi
 
 if [ -f "$pool_file_72" ]; then
     rm $pool_file_72
-    service php7.2-fpm restart
+    systemctl reset-failed php7.2-fpm
+    systemctl restart php7.2-fpm
 fi
 
 if [ -f "$pool_file_73" ]; then
     rm $pool_file_73
-    service php7.3-fpm restart
+    systemctl reset-failed php7.3-fpm
+    systemctl restart php7.3-fpm
 fi
 
 if [ -f "$pool_file_74" ]; then
     rm $pool_file_74
-    service php7.4-fpm restart
+    systemctl reset-failed php7.4-fpm
+    systemctl restart php7.4-fpm
+fi
+
+if [ -f "$pool_file_80" ]; then
+    rm $pool_file_80
+    systemctl reset-failed php8.0-fpm
+    systemctl restart php8.0-fpm
 fi
 
 exit 0

From 8e666c269b8d1cdf01275831c9bab7e75901c4f7 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 27 Aug 2021 16:09:58 +0200
Subject: [PATCH 1559/2300] systemctl reset-failed php5.6-fpm

---
 .../tools/apache-fpm-tpl/PHP-FPM-56.sh        | 26 ++++++++++++++-----
 1 file changed, 20 insertions(+), 6 deletions(-)

diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-56.sh b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-56.sh
index 4f54592d..b9137821 100755
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-56.sh
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-56.sh
@@ -46,6 +46,7 @@ pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
 pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
 pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
 pool_file_74="/etc/php/7.4/fpm/pool.d/$2.conf"
+pool_file_80="/etc/php/8.0/fpm/pool.d/$2.conf"
 
 write_file=0
 if [ ! -f "$pool_file_56" ]; then
@@ -58,7 +59,8 @@ else
 fi
 if [ $write_file -eq 1 ]; then
     echo "$pool_conf" > $pool_file_56
-    service php5.6-fpm restart
+    systemctl reset-failed php5.6-fpm
+    systemctl restart php5.6-fpm
 fi
 if [ -f "/etc/php/5.6/fpm/pool.d/www.conf" ]; then
     rm /etc/php/5.6/fpm/pool.d/www.conf
@@ -66,27 +68,39 @@ fi
 
 if [ -f "$pool_file_70" ]; then
     rm $pool_file_70
-    service php7.0-fpm restart
+    systemctl reset-failed php7.0-fpm
+    systemctl restart php7.0-fpm
 fi
 
+
 if [ -f "$pool_file_71" ]; then
     rm $pool_file_71
-    service php7.1-fpm restart
+    systemctl reset-failed php7.1-fpm
+    systemctl restart php7.1-fpm
 fi
 
 if [ -f "$pool_file_72" ]; then
     rm $pool_file_72
-    service php7.2-fpm restart
+    systemctl reset-failed php7.2-fpm
+    systemctl restart php7.2-fpm
 fi
 
 if [ -f "$pool_file_73" ]; then
     rm $pool_file_73
-    service php7.3-fpm restart
+    systemctl reset-failed php7.3-fpm
+    systemctl restart php7.3-fpm
 fi
 
 if [ -f "$pool_file_74" ]; then
     rm $pool_file_74
-    service php7.4-fpm restart
+    systemctl reset-failed php7.4-fpm
+    systemctl restart php7.4-fpm
+fi
+
+if [ -f "$pool_file_80" ]; then
+    rm $pool_file_80
+    systemctl reset-failed php8.0-fpm
+    systemctl restart php8.0-fpm
 fi
 
 exit 0

From b4204da66fcad7eb279f28fe0b0664377def62f7 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 28 Aug 2021 20:01:47 +0200
Subject: [PATCH 1560/2300] Fix for: news@anydomain.com went to /var/spool/news

Issue https://github.com/hestiacp/hestiacp/issues/2078
Credits to HestiaCP
---
 install/debian/10/exim/exim4.conf.template | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/install/debian/10/exim/exim4.conf.template b/install/debian/10/exim/exim4.conf.template
index 7cc13c36..cb79ab3c 100644
--- a/install/debian/10/exim/exim4.conf.template
+++ b/install/debian/10/exim/exim4.conf.template
@@ -247,6 +247,8 @@ userforward:
   driver = redirect
   check_local_user
   file = $home/.forward
+  require_files = ${local_part}:+${home}/.forward
+  domains = +local_domains
   allow_filter
   no_verify
   no_expn

From b8963d5b2d9909df1245e6a73e3b794145bcc28b Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 28 Aug 2021 20:06:24 +0200
Subject: [PATCH 1561/2300] Fix for: news@anydomain.com went to /var/spool/news

Issue https://github.com/hestiacp/hestiacp/issues/2078
Credits to @HestiaCP
---
 install/debian/11/exim/exim4.conf.template | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/install/debian/11/exim/exim4.conf.template b/install/debian/11/exim/exim4.conf.template
index fe92680f..977dc661 100644
--- a/install/debian/11/exim/exim4.conf.template
+++ b/install/debian/11/exim/exim4.conf.template
@@ -247,6 +247,8 @@ userforward:
   driver = redirect
   check_local_user
   file = $home/.forward
+  require_files = ${local_part}:+${home}/.forward
+  domains = +local_domains
   allow_filter
   no_verify
   no_expn

From 0686c6d5f6004784c9c3cd1323efe9af17c77550 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 28 Aug 2021 23:35:10 +0200
Subject: [PATCH 1562/2300] More logical check expression in secure_login.php

---
 web/inc/secure_login.php | 38 +++++++++++++++++++-------------------
 1 file changed, 19 insertions(+), 19 deletions(-)

diff --git a/web/inc/secure_login.php b/web/inc/secure_login.php
index 34b02695..b5fcf32f 100644
--- a/web/inc/secure_login.php
+++ b/web/inc/secure_login.php
@@ -1,38 +1,38 @@
 
Date: Sun, 29 Aug 2021 00:04:27 +0200
Subject: [PATCH 1563/2300] Smarter preventing all POST CSRF

---
 web/inc/secure_login.php | 25 ++++++++++++++++++++++---
 1 file changed, 22 insertions(+), 3 deletions(-)

diff --git a/web/inc/secure_login.php b/web/inc/secure_login.php
index b5fcf32f..ce614ea1 100644
--- a/web/inc/secure_login.php
+++ b/web/inc/secure_login.php
@@ -50,15 +50,34 @@ if ($secure_gate_check==true) {
     }
 }
 
-// Preventing all CSRF
-if ($secure_gate_check==true) {
+function prevent_post_csrf ($hard_check=false) {
+    if (file_exists('/usr/local/vesta/conf_web/dont_check_csrf')) return; 
     if ($_SERVER['REQUEST_METHOD']=='POST') {
+        if ($hard_check==false) {
+            if (isset($_SERVER['HTTP_HOST']) == false) return;
+            if (isset($_SERVER['HTTP_ORIGIN']) == false) return;
+            if (isset($_SERVER['SERVER_PORT']) == false) return;
+        } else {
+            if (isset($_SERVER['HTTP_HOST']) == false) $_SERVER['HTTP_HOST']='';
+            if (isset($_SERVER['HTTP_ORIGIN']) == false) $_SERVER['HTTP_ORIGIN']='';
+            if (isset($_SERVER['SERVER_PORT']) == false) $_SERVER['HTTP_PORT']='';
+        }
+        $_SERVER['HTTP_HOST']=strtolower($_SERVER['HTTP_HOST']);
+        $_SERVER['HTTP_ORIGIN']=strtolower($_SERVER['HTTP_ORIGIN']);
+        if ($hard_check==false) {
+            if (substr($_SERVER['HTTP_ORIGIN'], 0,7) != "http://" && substr($_SERVER['HTTP_ORIGIN'], 0,8)!="https://") return;
+        }
         $host_arr=explode(":", $_SERVER['HTTP_HOST']);
         $hostname=$host_arr[0];
         $port = $_SERVER['SERVER_PORT'];
         $expected_http_origin="https://".$hostname.":".$port;
+        $level=1;
+        if ($hard_check==true) $level=2;
         if ($_SERVER['HTTP_ORIGIN'] != $expected_http_origin) {
-            die ("Nope.");
+            die ("CSRF detected (".$level.").
Your browser sent HTTP_ORIGIN with value: ".$_SERVER['HTTP_ORIGIN']."
myVesta expected HTTP_ORIGIN with value: ".$expected_http_origin."
Probably some browser extension is blocking it... disable all extensions and try again (or try to login with other browser).
If you are system administrator of this server, you can disable CSRF check by doing (as root, in SSH): mkdir /usr/local/vesta/conf_web && touch /usr/local/vesta/conf_web/dont_check_csrf
(but we don't recommend it)
If you are not system administrator of this server and you can't access the hosting panel even you disabled all browser extensions, please copy-paste this message to the system administrator of this server.
Once again, before you disable CSRF check, try to disable all browser extensions or try to login with other browser.");
         }
     }
 }
+
+// Preventing all POST CSRF
+if ($secure_gate_check==true) prevent_post_csrf();

From c2a30bcd31d41ce90146734af3d52073ae1c169a Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 29 Aug 2021 00:07:41 +0200
Subject: [PATCH 1564/2300] Preventing CSRF in /edit/file/

---
 web/edit/file/index.php | 10 +---------
 1 file changed, 1 insertion(+), 9 deletions(-)

diff --git a/web/edit/file/index.php b/web/edit/file/index.php
index 9071af3a..b36a4656 100644
--- a/web/edit/file/index.php
+++ b/web/edit/file/index.php
@@ -1,15 +1,7 @@
 
Date: Sun, 29 Aug 2021 00:10:42 +0200
Subject: [PATCH 1565/2300] Preventing CSRF in UploadHandler.php

---
 web/upload/UploadHandler.php | 9 ++-------
 1 file changed, 2 insertions(+), 7 deletions(-)

diff --git a/web/upload/UploadHandler.php b/web/upload/UploadHandler.php
index 15adb406..511ec4b3 100755
--- a/web/upload/UploadHandler.php
+++ b/web/upload/UploadHandler.php
@@ -2,13 +2,8 @@
 
 //session_start();
 
-$host_arr=explode(":", $_SERVER['HTTP_HOST']);
-$hostname=$host_arr[0];
-$port = $_SERVER['SERVER_PORT'];
-$expected_http_origin="https://".$hostname.":".$port;
-if ($_SERVER['HTTP_ORIGIN'] != $expected_http_origin) {
-    die ("Nope.");
-}
+// Preventing CSRF
+prevent_post_csrf(true);
 
 include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
 

From 9277b3780007a371ea7bb067a7a40dc39ed05d0d Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 29 Aug 2021 00:12:09 +0200
Subject: [PATCH 1566/2300] Preventing CSRF in /schedule/backup

---
 web/schedule/backup/index.php | 10 +---------
 1 file changed, 1 insertion(+), 9 deletions(-)

diff --git a/web/schedule/backup/index.php b/web/schedule/backup/index.php
index 06881993..07412e71 100644
--- a/web/schedule/backup/index.php
+++ b/web/schedule/backup/index.php
@@ -1,15 +1,7 @@
 
Date: Sun, 29 Aug 2021 00:14:15 +0200
Subject: [PATCH 1567/2300] Preventing CSRF in /file_manager/fm_api.php

---
 web/file_manager/fm_api.php | 10 +---------
 1 file changed, 1 insertion(+), 9 deletions(-)

diff --git a/web/file_manager/fm_api.php b/web/file_manager/fm_api.php
index 4a4dd9ec..c593b3f6 100644
--- a/web/file_manager/fm_api.php
+++ b/web/file_manager/fm_api.php
@@ -3,15 +3,7 @@
 //error_reporting(NULL);
 
 // Preventing CSRF
-if ($_SERVER['REQUEST_METHOD']=='POST') {
-    $host_arr=explode(":", $_SERVER['HTTP_HOST']);
-    $hostname=$host_arr[0];
-    $port = $_SERVER['SERVER_PORT'];
-    $expected_http_origin="https://".$hostname.":".$port;
-    if ($_SERVER['HTTP_ORIGIN'] != $expected_http_origin) {
-        die ("Nope.");
-    }
-}
+prevent_post_csrf(true);
 
 header('Content-Type: application/json');
 

From 11f1cfcf4e4f575625c91309159e67d40baca28f Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 29 Aug 2021 00:54:57 +0200
Subject: [PATCH 1568/2300] Proper way to fix CSRF in /schedule/backup/

---
 web/schedule/backup/index.php        | 10 +++++++---
 web/templates/admin/list_backup.html |  2 +-
 2 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/web/schedule/backup/index.php b/web/schedule/backup/index.php
index 07412e71..8d51832e 100644
--- a/web/schedule/backup/index.php
+++ b/web/schedule/backup/index.php
@@ -1,14 +1,18 @@
 
       
-        
+        
         
           

From 59edb05f49fed2b141da8d2ad130b6e704bc9649 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 29 Aug 2021 01:20:12 +0200
Subject: [PATCH 1569/2300] Proper way to fix CSRF in /edit/file/

---
 web/edit/file/index.php | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/web/edit/file/index.php b/web/edit/file/index.php
index b36a4656..931b861f 100644
--- a/web/edit/file/index.php
+++ b/web/edit/file/index.php
@@ -1,8 +1,5 @@
 
 
-
+<?=htmlentities($content)?>
@@ -96,6 +99,7 @@ if (($_SESSION['user'] == 'admin') && (!empty($_SESSION['look']))) {
     var makeBackup = function() {
         var params = {
             action: 'backup',
+            token: '',
             path:   ''
         };
         

From 085a25d1658dc818e5ca6729252fcad94dcbfcb6 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 29 Aug 2021 01:59:49 +0200
Subject: [PATCH 1570/2300] Update secure_login.php

---
 web/inc/secure_login.php | 34 ++++++++++++++++++----------------
 1 file changed, 18 insertions(+), 16 deletions(-)

diff --git a/web/inc/secure_login.php b/web/inc/secure_login.php
index ce614ea1..b55d8e31 100644
--- a/web/inc/secure_login.php
+++ b/web/inc/secure_login.php
@@ -53,31 +53,33 @@ if ($secure_gate_check==true) {
 function prevent_post_csrf ($hard_check=false) {
     if (file_exists('/usr/local/vesta/conf_web/dont_check_csrf')) return; 
     if ($_SERVER['REQUEST_METHOD']=='POST') {
-        if ($hard_check==false) {
-            if (isset($_SERVER['HTTP_HOST']) == false) return;
+        if ($hard_check == false) {
             if (isset($_SERVER['HTTP_ORIGIN']) == false) return;
+            if (isset($_SERVER['HTTP_HOST']) == false) return;
             if (isset($_SERVER['SERVER_PORT']) == false) return;
         } else {
-            if (isset($_SERVER['HTTP_HOST']) == false) $_SERVER['HTTP_HOST']='';
-            if (isset($_SERVER['HTTP_ORIGIN']) == false) $_SERVER['HTTP_ORIGIN']='';
-            if (isset($_SERVER['SERVER_PORT']) == false) $_SERVER['HTTP_PORT']='';
+            if (isset($_SERVER['HTTP_ORIGIN']) == false) $_SERVER['HTTP_ORIGIN'] = '';
+            if (isset($_SERVER['HTTP_HOST']) == false) $_SERVER['HTTP_HOST'] = '';
+            if (isset($_SERVER['SERVER_PORT']) == false) $_SERVER['HTTP_PORT'] = '';
         }
-        $_SERVER['HTTP_HOST']=strtolower($_SERVER['HTTP_HOST']);
-        $_SERVER['HTTP_ORIGIN']=strtolower($_SERVER['HTTP_ORIGIN']);
-        if ($hard_check==false) {
+        $_SERVER['HTTP_HOST'] = strtolower($_SERVER['HTTP_HOST']);
+        $_SERVER['HTTP_ORIGIN'] = strtolower($_SERVER['HTTP_ORIGIN']);
+        if ($hard_check == false) {
             if (substr($_SERVER['HTTP_ORIGIN'], 0,7) != "http://" && substr($_SERVER['HTTP_ORIGIN'], 0,8)!="https://") return;
         }
-        $host_arr=explode(":", $_SERVER['HTTP_HOST']);
-        $hostname=$host_arr[0];
+        $host_arr = explode(":", $_SERVER['HTTP_HOST']);
+        $hostname = $host_arr[0];
         $port = $_SERVER['SERVER_PORT'];
-        $expected_http_origin="https://".$hostname.":".$port;
-        $level=1;
-        if ($hard_check==true) $level=2;
+        $expected_http_origin = "https://".$hostname.":".$port;
+        $level = 1;
+        if ($hard_check == true) $level = 2;
         if ($_SERVER['HTTP_ORIGIN'] != $expected_http_origin) {
-            die ("CSRF detected (".$level.").
Your browser sent HTTP_ORIGIN with value: ".$_SERVER['HTTP_ORIGIN']."
myVesta expected HTTP_ORIGIN with value: ".$expected_http_origin."
Probably some browser extension is blocking it... disable all extensions and try again (or try to login with other browser).
If you are system administrator of this server, you can disable CSRF check by doing (as root, in SSH): mkdir /usr/local/vesta/conf_web && touch /usr/local/vesta/conf_web/dont_check_csrf
(but we don't recommend it)
If you are not system administrator of this server and you can't access the hosting panel even you disabled all browser extensions, please copy-paste this message to the system administrator of this server.
Once again, before you disable CSRF check, try to disable all browser extensions or try to login with other browser.");
+            die ("CSRF detected (".$level.").
Your browser sent HTTP_ORIGIN with value: ".$_SERVER['HTTP_ORIGIN']."
myVesta expected HTTP_ORIGIN with value: ".$expected_http_origin."
Probably some browser extension is blocking it... disable all browser extensions and try again (or try to login with other browser).
If you are system administrator of this server, you can disable CSRF check by doing (as root, in SSH): mkdir /usr/local/vesta/conf_web && touch /usr/local/vesta/conf_web/dont_check_csrf
(but we don't recommend it)
If you are not system administrator of this server and you can't access the hosting panel even you disabled all browser extensions, please copy-paste this message to the system administrator of this server.
Once again, before you disable CSRF check, try to disable all browser extensions or try to login with other browser.");
         }
     }
 }
 
-// Preventing all POST CSRF
-if ($secure_gate_check==true) prevent_post_csrf();
+// Preventing all CSRFs
+if ($secure_gate_check == true) {
+    prevent_post_csrf();
+}

From 49905063f634e5d95585664f227520512a324605 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 29 Aug 2021 11:09:24 +0200
Subject: [PATCH 1571/2300] Update secure_login.php

---
 web/inc/secure_login.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/web/inc/secure_login.php b/web/inc/secure_login.php
index b55d8e31..f9452cc3 100644
--- a/web/inc/secure_login.php
+++ b/web/inc/secure_login.php
@@ -54,18 +54,18 @@ function prevent_post_csrf ($hard_check=false) {
     if (file_exists('/usr/local/vesta/conf_web/dont_check_csrf')) return; 
     if ($_SERVER['REQUEST_METHOD']=='POST') {
         if ($hard_check == false) {
-            if (isset($_SERVER['HTTP_ORIGIN']) == false) return;
             if (isset($_SERVER['HTTP_HOST']) == false) return;
             if (isset($_SERVER['SERVER_PORT']) == false) return;
+            if (isset($_SERVER['HTTP_ORIGIN']) == false) return;
         } else {
-            if (isset($_SERVER['HTTP_ORIGIN']) == false) $_SERVER['HTTP_ORIGIN'] = '';
             if (isset($_SERVER['HTTP_HOST']) == false) $_SERVER['HTTP_HOST'] = '';
             if (isset($_SERVER['SERVER_PORT']) == false) $_SERVER['HTTP_PORT'] = '';
+            if (isset($_SERVER['HTTP_ORIGIN']) == false) $_SERVER['HTTP_ORIGIN'] = '';
         }
         $_SERVER['HTTP_HOST'] = strtolower($_SERVER['HTTP_HOST']);
         $_SERVER['HTTP_ORIGIN'] = strtolower($_SERVER['HTTP_ORIGIN']);
         if ($hard_check == false) {
-            if (substr($_SERVER['HTTP_ORIGIN'], 0,7) != "http://" && substr($_SERVER['HTTP_ORIGIN'], 0,8)!="https://") return;
+            if (substr($_SERVER['HTTP_ORIGIN'], 0, 8) != "file:///" && substr($_SERVER['HTTP_ORIGIN'], 0, 7) != "http://" && substr($_SERVER['HTTP_ORIGIN'], 0, 8) != "https://") return;
         }
         $host_arr = explode(":", $_SERVER['HTTP_HOST']);
         $hostname = $host_arr[0];

From eae5c3418a87c58cf69b9d800647429e67550976 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 29 Aug 2021 11:14:11 +0200
Subject: [PATCH 1572/2300] Preventing GET CSRFs

---
 web/inc/secure_login.php | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/web/inc/secure_login.php b/web/inc/secure_login.php
index f9452cc3..93df7b53 100644
--- a/web/inc/secure_login.php
+++ b/web/inc/secure_login.php
@@ -79,7 +79,26 @@ function prevent_post_csrf ($hard_check=false) {
     }
 }
 
+function prevent_get_csrf ($hard_check=false) {
+    if (file_exists('/usr/local/vesta/conf_web/dont_check_csrf')) return; 
+        if (isset($_SERVER['HTTP_HOST']) == false) return;
+        if (isset($_SERVER['SERVER_PORT']) == false) return;
+        if (isset($_SERVER['HTTP_REFERER']) == false) return;
+        $_SERVER['HTTP_HOST'] = strtolower($_SERVER['HTTP_HOST']);
+        $_SERVER['HTTP_ORIGIN'] = strtolower($_SERVER['HTTP_ORIGIN']);
+        if (substr($_SERVER['HTTP_REFERER'], 0, 8) != "file:///" && substr($_SERVER['HTTP_REFERER'], 0, 7) != "http://" && substr($_SERVER['HTTP_REFERER'], 0, 8) != "https://") return;
+        $host_arr = explode(":", $_SERVER['HTTP_HOST']);
+        $hostname = $host_arr[0];
+        $port = $_SERVER['SERVER_PORT'];
+        $expected_http_referer = "https://".$hostname.":".$port;
+        $expected_http_referer_length = strlen($expected_http_referer);
+        if (substr($_SERVER['HTTP_REFERER'], 0, $expected_http_referer_length) != $expected_http_referer) {
+            die ("You clicked on someone's link from other site.
This is just a protection layer to prevent potentially dangerous clicks, so if it was your link - you can proceed safely to your hosting panel.

Technical details:
Your browser sent HTTP_REFERER with value: ".$_SERVER['HTTP_REFERER']."
myVesta expected HTTP_REFERER to begin with value: ".$expected_http_referer."
If you got this error during casual work in your hosting panel, probably some browser extension is blocking HTTP_REFERER... disable all browser extensions and try again (or try to login with other browser).
If you are system administrator of this server, you can disable CSRF check by doing (as root, in SSH): mkdir /usr/local/vesta/conf_web && touch /usr/local/vesta/conf_web/dont_check_csrf
(but we don't recommend it)
If you are not system administrator of this server and you can't access the hosting panel even you clicked \"proceed safely to your hosting panel\" and disabled all browser extensions or changed the browser, please copy-paste this message to the system administrator of this server.
Once again, before you disable CSRF check, try to click \"proceed safely to your hosting panel\", and if that does not help then try to disable all browser extensions or try to login with other browser.");
+        }
+}
+
 // Preventing all CSRFs
 if ($secure_gate_check == true) {
     prevent_post_csrf();
+    prevent_get_csrf();
 }

From 834f939fbea444d1fb1fedff67fe271ad008e2e2 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 29 Aug 2021 11:50:22 +0200
Subject: [PATCH 1573/2300] Exception for function prevent_get_csrf

---
 web/inc/secure_login.php | 37 +++++++++++++++++++++----------------
 1 file changed, 21 insertions(+), 16 deletions(-)

diff --git a/web/inc/secure_login.php b/web/inc/secure_login.php
index 93df7b53..1dfe2541 100644
--- a/web/inc/secure_login.php
+++ b/web/inc/secure_login.php
@@ -79,22 +79,27 @@ function prevent_post_csrf ($hard_check=false) {
     }
 }
 
-function prevent_get_csrf ($hard_check=false) {
-    if (file_exists('/usr/local/vesta/conf_web/dont_check_csrf')) return; 
-        if (isset($_SERVER['HTTP_HOST']) == false) return;
-        if (isset($_SERVER['SERVER_PORT']) == false) return;
-        if (isset($_SERVER['HTTP_REFERER']) == false) return;
-        $_SERVER['HTTP_HOST'] = strtolower($_SERVER['HTTP_HOST']);
-        $_SERVER['HTTP_ORIGIN'] = strtolower($_SERVER['HTTP_ORIGIN']);
-        if (substr($_SERVER['HTTP_REFERER'], 0, 8) != "file:///" && substr($_SERVER['HTTP_REFERER'], 0, 7) != "http://" && substr($_SERVER['HTTP_REFERER'], 0, 8) != "https://") return;
-        $host_arr = explode(":", $_SERVER['HTTP_HOST']);
-        $hostname = $host_arr[0];
-        $port = $_SERVER['SERVER_PORT'];
-        $expected_http_referer = "https://".$hostname.":".$port;
-        $expected_http_referer_length = strlen($expected_http_referer);
-        if (substr($_SERVER['HTTP_REFERER'], 0, $expected_http_referer_length) != $expected_http_referer) {
-            die ("You clicked on someone's link from other site.
This is just a protection layer to prevent potentially dangerous clicks, so if it was your link - you can proceed safely to your hosting panel.

Technical details:
Your browser sent HTTP_REFERER with value: ".$_SERVER['HTTP_REFERER']."
myVesta expected HTTP_REFERER to begin with value: ".$expected_http_referer."
If you got this error during casual work in your hosting panel, probably some browser extension is blocking HTTP_REFERER... disable all browser extensions and try again (or try to login with other browser).
If you are system administrator of this server, you can disable CSRF check by doing (as root, in SSH): mkdir /usr/local/vesta/conf_web && touch /usr/local/vesta/conf_web/dont_check_csrf
(but we don't recommend it)
If you are not system administrator of this server and you can't access the hosting panel even you clicked \"proceed safely to your hosting panel\" and disabled all browser extensions or changed the browser, please copy-paste this message to the system administrator of this server.
Once again, before you disable CSRF check, try to click \"proceed safely to your hosting panel\", and if that does not help then try to disable all browser extensions or try to login with other browser.");
-        }
+function prevent_get_csrf () {
+    global $login_url;
+    if (file_exists('/usr/local/vesta/conf_web/dont_check_csrf')) return;
+    if ($_SERVER['REQUEST_METHOD'] == "GET") {
+        if (isset($_GET[$login_url])) return;
+        if ($_SERVER['REQUEST_URI']=="" || $_SERVER['REQUEST_URI']=="/" || $_SERVER['REQUEST_URI']=="/login/" || $_SERVER['REQUEST_URI']=="/list/web/") return;
+    }
+    if (isset($_SERVER['HTTP_HOST']) == false) return;
+    if (isset($_SERVER['SERVER_PORT']) == false) return;
+    if (isset($_SERVER['HTTP_REFERER']) == false) return;
+    $_SERVER['HTTP_HOST'] = strtolower($_SERVER['HTTP_HOST']);
+    $_SERVER['HTTP_ORIGIN'] = strtolower($_SERVER['HTTP_ORIGIN']);
+    if (substr($_SERVER['HTTP_REFERER'], 0, 8) != "file:///" && substr($_SERVER['HTTP_REFERER'], 0, 7) != "http://" && substr($_SERVER['HTTP_REFERER'], 0, 8) != "https://") return;
+    $host_arr = explode(":", $_SERVER['HTTP_HOST']);
+    $hostname = $host_arr[0];
+    $port = $_SERVER['SERVER_PORT'];
+    $expected_http_referer = "https://".$hostname.":".$port;
+    $expected_http_referer_length = strlen($expected_http_referer);
+    if (substr($_SERVER['HTTP_REFERER'], 0, $expected_http_referer_length) != $expected_http_referer) {
+        die ("You clicked on someone's link from other site.
This is just a protection layer to prevent potentially dangerous clicks, so if it was your link - you can proceed safely to your hosting panel.

Technical details:
Your browser sent HTTP_REFERER with value: ".$_SERVER['HTTP_REFERER']."
myVesta expected HTTP_REFERER to begin with value: ".$expected_http_referer."
If you got this error during casual work in your hosting panel, probably some browser extension is blocking HTTP_REFERER... disable all browser extensions and try again (or try to login with other browser).
If you are system administrator of this server, you can disable CSRF check by doing (as root, in SSH): mkdir /usr/local/vesta/conf_web && touch /usr/local/vesta/conf_web/dont_check_csrf
(but we don't recommend it)
If you are not system administrator of this server and you can't access the hosting panel even you clicked \"proceed safely to your hosting panel\" and disabled all browser extensions or changed the browser, please copy-paste this message to the system administrator of this server.
Once again, before you disable CSRF check, try to click \"proceed safely to your hosting panel\", and if that does not help then try to disable all browser extensions or try to login with other browser.");
+    }
 }
 
 // Preventing all CSRFs

From 8a5469abcd282fe1c916fa960995561ff3954bbd Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 29 Aug 2021 12:39:48 +0200
Subject: [PATCH 1574/2300] Update secure_login.php

---
 web/inc/secure_login.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/inc/secure_login.php b/web/inc/secure_login.php
index 1dfe2541..dcfc2b82 100644
--- a/web/inc/secure_login.php
+++ b/web/inc/secure_login.php
@@ -84,7 +84,7 @@ function prevent_get_csrf () {
     if (file_exists('/usr/local/vesta/conf_web/dont_check_csrf')) return;
     if ($_SERVER['REQUEST_METHOD'] == "GET") {
         if (isset($_GET[$login_url])) return;
-        if ($_SERVER['REQUEST_URI']=="" || $_SERVER['REQUEST_URI']=="/" || $_SERVER['REQUEST_URI']=="/login/" || $_SERVER['REQUEST_URI']=="/list/web/") return;
+        if ($_SERVER['REQUEST_URI']=="" || $_SERVER['REQUEST_URI']=="/" || $_SERVER['REQUEST_URI']=="/login/" || $_SERVER['REQUEST_URI']=="/list/user/" || $_SERVER['REQUEST_URI']=="/list/web/") return;
     }
     if (isset($_SERVER['HTTP_HOST']) == false) return;
     if (isset($_SERVER['SERVER_PORT']) == false) return;

From 7c9da855e8853b2b095dbc2bc1f1840ff9bd3f7c Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 29 Aug 2021 14:05:15 +0200
Subject: [PATCH 1575/2300] Update secure_login.php

---
 web/inc/secure_login.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/web/inc/secure_login.php b/web/inc/secure_login.php
index dcfc2b82..b360c1e8 100644
--- a/web/inc/secure_login.php
+++ b/web/inc/secure_login.php
@@ -74,7 +74,7 @@ function prevent_post_csrf ($hard_check=false) {
         $level = 1;
         if ($hard_check == true) $level = 2;
         if ($_SERVER['HTTP_ORIGIN'] != $expected_http_origin) {
-            die ("CSRF detected (".$level.").
Your browser sent HTTP_ORIGIN with value: ".$_SERVER['HTTP_ORIGIN']."
myVesta expected HTTP_ORIGIN with value: ".$expected_http_origin."
Probably some browser extension is blocking it... disable all browser extensions and try again (or try to login with other browser).
If you are system administrator of this server, you can disable CSRF check by doing (as root, in SSH): mkdir /usr/local/vesta/conf_web && touch /usr/local/vesta/conf_web/dont_check_csrf
(but we don't recommend it)
If you are not system administrator of this server and you can't access the hosting panel even you disabled all browser extensions, please copy-paste this message to the system administrator of this server.
Once again, before you disable CSRF check, try to disable all browser extensions or try to login with other browser.");
+            die ("CSRF detected (".$level.").
Your browser sent HTTP_ORIGIN with value: ".$_SERVER['HTTP_ORIGIN']."
myVesta expected HTTP_ORIGIN with value: ".$expected_http_origin."
Probably some browser extension is blocking it... disable all browser extensions and try again (or try to login with other browser).
If you are system administrator of this server, you can disable CSRF check by doing (as root, in SSH): mkdir -p /usr/local/vesta/conf_web && touch /usr/local/vesta/conf_web/dont_check_csrf
(but we don't recommend it)
If you are not system administrator of this server and you can't access the hosting panel even you disabled all browser extensions, please copy-paste this message to the system administrator of this server.
Once again, before you disable CSRF check, try to disable all browser extensions or try to login with other browser.");
         }
     }
 }
@@ -98,7 +98,7 @@ function prevent_get_csrf () {
     $expected_http_referer = "https://".$hostname.":".$port;
     $expected_http_referer_length = strlen($expected_http_referer);
     if (substr($_SERVER['HTTP_REFERER'], 0, $expected_http_referer_length) != $expected_http_referer) {
-        die ("You clicked on someone's link from other site.
This is just a protection layer to prevent potentially dangerous clicks, so if it was your link - you can proceed safely to your hosting panel.

Technical details:
Your browser sent HTTP_REFERER with value: ".$_SERVER['HTTP_REFERER']."
myVesta expected HTTP_REFERER to begin with value: ".$expected_http_referer."
If you got this error during casual work in your hosting panel, probably some browser extension is blocking HTTP_REFERER... disable all browser extensions and try again (or try to login with other browser).
If you are system administrator of this server, you can disable CSRF check by doing (as root, in SSH): mkdir /usr/local/vesta/conf_web && touch /usr/local/vesta/conf_web/dont_check_csrf
(but we don't recommend it)
If you are not system administrator of this server and you can't access the hosting panel even you clicked \"proceed safely to your hosting panel\" and disabled all browser extensions or changed the browser, please copy-paste this message to the system administrator of this server.
Once again, before you disable CSRF check, try to click \"proceed safely to your hosting panel\", and if that does not help then try to disable all browser extensions or try to login with other browser.");
+        die ("You clicked on someone's link from other site.
This is just a protection layer to prevent potentially dangerous clicks, so if it was your link - you can proceed safely to your hosting panel.

Technical details:
Your browser sent HTTP_REFERER with value: ".$_SERVER['HTTP_REFERER']."
myVesta expected HTTP_REFERER to begin with value: ".$expected_http_referer."
If you got this error during casual work in your hosting panel, probably some browser extension is blocking HTTP_REFERER... disable all browser extensions and try again (or try to login with other browser).
If you are system administrator of this server, you can disable CSRF check by doing (as root, in SSH): mkdir -p /usr/local/vesta/conf_web && touch /usr/local/vesta/conf_web/dont_check_csrf
(but we don't recommend it)
If you are not system administrator of this server and you can't access the hosting panel even you clicked \"proceed safely to your hosting panel\" and disabled all browser extensions or changed the browser, please copy-paste this message to the system administrator of this server.
Once again, before you disable CSRF check, try to click \"proceed safely to your hosting panel\", and if that does not help then try to disable all browser extensions or try to login with other browser.");
     }
 }
 

From 5262b3f4470e7a937dccd3b9d537d6d1543bbca4 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 29 Aug 2021 14:13:03 +0200
Subject: [PATCH 1576/2300] Update secure_login.php

---
 web/inc/secure_login.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/inc/secure_login.php b/web/inc/secure_login.php
index b360c1e8..0fb030fc 100644
--- a/web/inc/secure_login.php
+++ b/web/inc/secure_login.php
@@ -98,7 +98,7 @@ function prevent_get_csrf () {
     $expected_http_referer = "https://".$hostname.":".$port;
     $expected_http_referer_length = strlen($expected_http_referer);
     if (substr($_SERVER['HTTP_REFERER'], 0, $expected_http_referer_length) != $expected_http_referer) {
-        die ("You clicked on someone's link from other site.
This is just a protection layer to prevent potentially dangerous clicks, so if it was your link - you can proceed safely to your hosting panel.

Technical details:
Your browser sent HTTP_REFERER with value: ".$_SERVER['HTTP_REFERER']."
myVesta expected HTTP_REFERER to begin with value: ".$expected_http_referer."
If you got this error during casual work in your hosting panel, probably some browser extension is blocking HTTP_REFERER... disable all browser extensions and try again (or try to login with other browser).
If you are system administrator of this server, you can disable CSRF check by doing (as root, in SSH): mkdir -p /usr/local/vesta/conf_web && touch /usr/local/vesta/conf_web/dont_check_csrf
(but we don't recommend it)
If you are not system administrator of this server and you can't access the hosting panel even you clicked \"proceed safely to your hosting panel\" and disabled all browser extensions or changed the browser, please copy-paste this message to the system administrator of this server.
Once again, before you disable CSRF check, try to click \"proceed safely to your hosting panel\", and if that does not help then try to disable all browser extensions or try to login with other browser.");
+        die ("You clicked on someone's link from other site.
This is just a protection layer to prevent potentially dangerous clicks, so if it was your link (or you got the link from the trusted source) - then you can proceed safely to your hosting panel.

Technical details:
Your browser sent HTTP_REFERER with value: ".$_SERVER['HTTP_REFERER']."
myVesta expected HTTP_REFERER to begin with value: ".$expected_http_referer."
If you got this error during casual work in your hosting panel, probably some browser extension is blocking HTTP_REFERER... disable all browser extensions and try again (or try to login with other browser).
If you are system administrator of this server, you can disable CSRF check by doing (as root, in SSH): mkdir -p /usr/local/vesta/conf_web && touch /usr/local/vesta/conf_web/dont_check_csrf
(but we don't recommend it)
If you are not system administrator of this server and you can't access the hosting panel even you clicked \"proceed safely to your hosting panel\" and disabled all browser extensions or changed the browser, please copy-paste this message to the system administrator of this server.
Once again, before you disable CSRF check, try to click \"proceed safely to your hosting panel\", and if that does not help then try to disable all browser extensions or try to login with other browser.");
     }
 }
 

From 475fe47984df6209cebc741fba02ee65f84e0a4d Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 29 Aug 2021 16:05:33 +0200
Subject: [PATCH 1577/2300] Checking token on adding and deleting favorites

---
 web/add/favorite/index.php    | 7 +++----
 web/delete/favorite/index.php | 5 +++++
 web/js/init.js                | 5 +++--
 3 files changed, 11 insertions(+), 6 deletions(-)

diff --git a/web/add/favorite/index.php b/web/add/favorite/index.php
index e9f2e828..a3054d99 100644
--- a/web/add/favorite/index.php
+++ b/web/add/favorite/index.php
@@ -7,10 +7,9 @@ session_start();
 include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
 
 // Check token
-//    if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) {
-//        header('location: /login/');
-//        exit();
-//    }
+if ((!isset($_REQUEST['token'])) || ($_SESSION['token'] != $_REQUEST['token'])) {
+    die("Wrong token");
+}
 
     // Protect input
     $v_section = escapeshellarg($_REQUEST['v_section']);
diff --git a/web/delete/favorite/index.php b/web/delete/favorite/index.php
index 9f471b9b..093566f9 100644
--- a/web/delete/favorite/index.php
+++ b/web/delete/favorite/index.php
@@ -5,6 +5,11 @@
 
     include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
 
+    // Check token
+    if ((!isset($_REQUEST['token'])) || ($_SESSION['token'] != $_REQUEST['token'])) {
+        die("Wrong token");
+    }
+
     unset($_SESSION['favourites'][strtoupper($_REQUEST['v_section'])][$_REQUEST['v_unit_id']]);
 
     $v_section = escapeshellarg($_REQUEST['v_section']);
diff --git a/web/js/init.js b/web/js/init.js
index 3ac6175e..6c60ff85 100644
--- a/web/js/init.js
+++ b/web/js/init.js
@@ -128,6 +128,7 @@ $(document).ready(function(){
 
               $('.l-unit .l-icon-star').click(function(){
                 var l_unit = $(this).parents('.l-unit');
+                var token = $('#token').attr('token');
 
                 if(l_unit.hasClass('l-unit--starred')){
                   // removing star
@@ -135,7 +136,7 @@ $(document).ready(function(){
                   $.ajax({
                     method: "POST",
                     url: "/delete/favorite/index.php",
-                    data: { v_section: l_unit.attr('v_section'), v_unit_id: l_unit.attr('v_unit_id') }
+                    data: { v_section: l_unit.attr('v_section'), v_unit_id: l_unit.attr('v_unit_id'), token: token }
                   });
 
                   l_unit.attr({'sort-star': 0});
@@ -145,7 +146,7 @@ $(document).ready(function(){
                   $.ajax({
                     method: "POST",
                     url: "/add/favorite/index.php",
-                    data: { v_unit_id: l_unit.attr('v_unit_id'), v_section: l_unit.attr('v_section') }
+                    data: { v_unit_id: l_unit.attr('v_unit_id'), v_section: l_unit.attr('v_section'), token: token }
                   });
 
                   l_unit.attr({'sort-star': 1});

From 693dd2877cdec6da8287d7739f1484102f88652b Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 30 Aug 2021 00:06:32 +0200
Subject: [PATCH 1578/2300] session.cookie_httponly and session.cookie_secure
 in myvesta php-fpm

---
 src/deb/for-download/php/php-fpm.conf | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/deb/for-download/php/php-fpm.conf b/src/deb/for-download/php/php-fpm.conf
index d9a04795..cd0005f8 100644
--- a/src/deb/for-download/php/php-fpm.conf
+++ b/src/deb/for-download/php/php-fpm.conf
@@ -32,3 +32,5 @@ php_admin_value[upload_max_filesize] = 512M
 php_admin_value[max_execution_time] = 600
 php_admin_value[max_input_time] = 600
 php_admin_value[session.save_path] = /usr/local/vesta/data/sessions
+php_admin_flag[session.cookie_httponly] = on
+php_admin_flag[session.cookie_secure] = on

From ab9c10b05c63fc5efdf46d7fc07f6105f43f8104 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 1 Sep 2021 00:24:43 +0200
Subject: [PATCH 1579/2300] Update secure_login.php

---
 web/inc/secure_login.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/web/inc/secure_login.php b/web/inc/secure_login.php
index 0fb030fc..b9e2115c 100644
--- a/web/inc/secure_login.php
+++ b/web/inc/secure_login.php
@@ -85,6 +85,7 @@ function prevent_get_csrf () {
     if ($_SERVER['REQUEST_METHOD'] == "GET") {
         if (isset($_GET[$login_url])) return;
         if ($_SERVER['REQUEST_URI']=="" || $_SERVER['REQUEST_URI']=="/" || $_SERVER['REQUEST_URI']=="/login/" || $_SERVER['REQUEST_URI']=="/list/user/" || $_SERVER['REQUEST_URI']=="/list/web/") return;
+        if ($_SERVER['DOCUMENT_URI']=="/reset/index.php") return;
     }
     if (isset($_SERVER['HTTP_HOST']) == false) return;
     if (isset($_SERVER['SERVER_PORT']) == false) return;

From 3b287934c3bd42cfadd05ea00eba3a125340f59a Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 1 Sep 2021 00:33:16 +0200
Subject: [PATCH 1580/2300] Enabling session.cookie_httponly and
 session.cookie_secure in myvesta php-fpm

---
 src/deb/vesta/postinst | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index fe80212f..dbb7cbd2 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -23,6 +23,18 @@ fi
 echo "1" > /usr/local/vesta/data/upgrades/show_changelog
 chmod a=rw /usr/local/vesta/data/upgrades/show_changelog
 
+# Enabling session.cookie_httponly and session.cookie_secure in myvesta php-fpm
+if [ ! -f "/usr/local/vesta/data/upgrades/enable_cookie_httponly" ]; then
+    touch /usr/local/vesta/data/upgrades/enable_cookie_httponly
+    check_grep=$(grep -c 'cookie_httponly' /usr/local/vesta/php/etc/php-fpm.conf)
+    if [ "$check_grep" -eq 0 ]; then
+        echo "== Enabling session.cookie_httponly and session.cookie_secure in myvesta php-fpm"
+        echo "php_admin_flag[session.cookie_httponly] = on" >> /usr/local/vesta/php/etc/php-fpm.conf
+        echo "php_admin_flag[session.cookie_secure] = on" >> /usr/local/vesta/php/etc/php-fpm.conf
+        systemctl restart vesta
+    fi
+fi
+
 # Enabling TLS for ProFTPD FTPS
 if [ ! -f "/usr/local/vesta/data/upgrades/enable-tls-in-proftpd" ]; then
   if [ -f "/etc/proftpd/proftpd.conf" ]; then

From 584acfd4568e813666718cfa3ea372335ce205f1 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 2 Sep 2021 21:40:40 +0200
Subject: [PATCH 1581/2300] New versions of software in vesta_compile.sh

---
 src/deb/vesta_compile.sh | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/deb/vesta_compile.sh b/src/deb/vesta_compile.sh
index 026e3812..c8308d7f 100644
--- a/src/deb/vesta_compile.sh
+++ b/src/deb/vesta_compile.sh
@@ -58,9 +58,9 @@ BUILD_DATE=$(date +"%d-%b-%Y")
 
 # Set Version for compiling
 VESTA_V=$VESTA_VER"_amd64"
-NGINX_V='1.19.9'
-OPENSSL_V='1.1.1k'
-PCRE_V='8.44'
+NGINX_V='1.21.2'
+OPENSSL_V='1.1.1l'
+PCRE_V='8.45'
 ZLIB_V='1.2.11'
 PHP_V='5.6.40'
 

From 5a6977660cd81230212c7dd93c23a359d72e104c Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 2 Sep 2021 21:47:17 +0200
Subject: [PATCH 1582/2300] Update vst-install-debian.sh

---
 install/vst-install-debian.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index d835bdc5..d419edb6 100755
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1721,6 +1721,7 @@ touch /usr/local/vesta/data/upgrades/roundcube_smtp_auth
 touch /usr/local/vesta/data/upgrades/apache_status_public_access
 touch /usr/local/vesta/data/upgrades/update-cloudflare-ips
 touch /usr/local/vesta/data/upgrades/enable-tls-in-proftpd
+touch /usr/local/vesta/data/upgrades/enable_cookie_httponly
 
 # Secret URL
 secretquery=''

From 9a746ea4845f198e30fc86cea52faf68a91ecbe6 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 4 Sep 2021 01:23:24 +0200
Subject: [PATCH 1583/2300] Adding token for /logout/

---
 web/templates/admin/list_search.html      | 2 +-
 web/templates/admin/list_server_info.html | 2 +-
 web/templates/admin/list_user.html        | 2 +-
 web/templates/admin/list_weblog.html      | 2 +-
 web/templates/admin/panel.html            | 2 +-
 web/templates/user/list_search.html       | 2 +-
 web/templates/user/list_user.html         | 2 +-
 web/templates/user/panel.html             | 2 +-
 8 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/web/templates/admin/list_search.html b/web/templates/admin/list_search.html
index 13aef07f..4483920f 100644
--- a/web/templates/admin/list_search.html
+++ b/web/templates/admin/list_search.html
@@ -71,7 +71,7 @@
               if ($value['USER'] != $user && $value['KEY'] == 'ACCOUNT') {
                 if ($key == $user) {
             ?>
-                    L
+                    L
diff --git a/web/templates/admin/list_server_info.html b/web/templates/admin/list_server_info.html
index eaaf34cd..7a131572 100644
--- a/web/templates/admin/list_server_info.html
+++ b/web/templates/admin/list_server_info.html
@@ -33,7 +33,7 @@
       
         
-          
+          
       
diff --git a/web/templates/admin/list_user.html b/web/templates/admin/list_user.html
index 7dd47577..4ad3daec 100644
--- a/web/templates/admin/list_user.html
+++ b/web/templates/admin/list_user.html
@@ -94,7 +94,7 @@ sort-bandwidth="" sort-disk="
-                  L
+                  L
diff --git a/web/templates/admin/list_weblog.html b/web/templates/admin/list_weblog.html
index 0627c477..1ca837e2 100644
--- a/web/templates/admin/list_weblog.html
+++ b/web/templates/admin/list_weblog.html
@@ -29,7 +29,7 @@
       
         
-          
+          
       
diff --git a/web/templates/admin/panel.html b/web/templates/admin/panel.html
index 80bfdaf1..b4534ccd 100644
--- a/web/templates/admin/panel.html
+++ b/web/templates/admin/panel.html
@@ -26,7 +26,7 @@
       
         "> 
         
-          
+          
       
diff --git a/web/templates/user/list_search.html b/web/templates/user/list_search.html
index a9198d1d..abe3a768 100644
--- a/web/templates/user/list_search.html
+++ b/web/templates/user/list_search.html
@@ -70,7 +70,7 @@
               if ($value['USER'] != $user && $value['KEY'] == 'ACCOUNT') {
                 if ($key == $user) {
             ?>
-                    L
+                    L
diff --git a/web/templates/user/list_user.html b/web/templates/user/list_user.html
index 85ed64c3..e6645900 100644
--- a/web/templates/user/list_user.html
+++ b/web/templates/user/list_user.html
@@ -89,7 +89,7 @@ sort-disk="" sort-star="
-                  L
+                  L
diff --git a/web/templates/user/panel.html b/web/templates/user/panel.html
index dfb544c9..81cd8358 100644
--- a/web/templates/user/panel.html
+++ b/web/templates/user/panel.html
@@ -20,7 +20,7 @@
       
         "> 
         
-          
+          
       

From 82d00b4a5c0e7fd1ebe1f648953122f841eac99e Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 4 Sep 2021 11:29:36 +0200
Subject: [PATCH 1584/2300] Fix for: mv: cannot stat
 '/usr/local/vesta/log/backup.log'

---
 bin/v-backup-users | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-backup-users b/bin/v-backup-users
index 9671c9e8..16a93d6d 100755
--- a/bin/v-backup-users
+++ b/bin/v-backup-users
@@ -39,9 +39,9 @@ log=$VESTA/log/backup.log
 
 $BIN/v-check-vesta-license >/dev/null
 
+touch $log
 if [ ! -z "$NOTIFY_ADMIN_FULL_BACKUP" ]; then
     mv $log $log-`date +"%Y-%m-%d--%H:%M:%S"`
-    touch $log
 fi
 
 # Auto-repair all databases before backuping all accounts

From 7220e011161a08beb2a3539e867535288f15cc8a Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 4 Sep 2021 12:18:09 +0200
Subject: [PATCH 1585/2300] secured php.ini for multi-php

---
 src/deb/for-download/tools/multi-php-install.sh | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/src/deb/for-download/tools/multi-php-install.sh b/src/deb/for-download/tools/multi-php-install.sh
index ffee228e..ce04f573 100644
--- a/src/deb/for-download/tools/multi-php-install.sh
+++ b/src/deb/for-download/tools/multi-php-install.sh
@@ -145,6 +145,9 @@ if [ "$inst_70" -eq 1 ]; then
     if [ $debian_version -eq 10 ]; then
       cp /etc/php/7.3/fpm/php.ini /etc/php/7.0/fpm/php.ini
     fi
+    if [ $debian_version -eq 11 ]; then
+      cp /etc/php/7.4/fpm/php.ini /etc/php/7.0/fpm/php.ini
+    fi
     press_enter "=== Press enter to continue ==============================================================================="
 fi
 
@@ -166,6 +169,9 @@ if [ "$inst_71" -eq 1 ]; then
     if [ $debian_version -eq 10 ]; then
       cp /etc/php/7.3/fpm/php.ini /etc/php/7.1/fpm/php.ini
     fi
+    if [ $debian_version -eq 11 ]; then
+      cp /etc/php/7.4/fpm/php.ini /etc/php/7.1/fpm/php.ini
+    fi
     press_enter "=== Press enter to continue ==============================================================================="
 fi
 
@@ -187,6 +193,9 @@ if [ "$inst_72" -eq 1 ]; then
     if [ $debian_version -eq 10 ]; then
       cp /etc/php/7.3/fpm/php.ini /etc/php/7.2/fpm/php.ini
     fi
+    if [ $debian_version -eq 11 ]; then
+      cp /etc/php/7.4/fpm/php.ini /etc/php/7.2/fpm/php.ini
+    fi
     press_enter "=== Press enter to continue ==============================================================================="
 fi
 
@@ -209,6 +218,9 @@ if [ "$inst_73" -eq 1 ]; then
     if [ $debian_version -eq 9 ]; then
       cp /etc/php/7.0/apache2/php.ini /etc/php/7.3/fpm/php.ini
     fi
+    if [ $debian_version -eq 11 ]; then
+      cp /etc/php/7.4/fpm/php.ini /etc/php/7.3/fpm/php.ini
+    fi
     press_enter "=== Press enter to continue ==============================================================================="
 fi
 

From 329c37a13cd3ef44de901a90ca14181cb6281099 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 4 Sep 2021 12:32:16 +0200
Subject: [PATCH 1586/2300] Update index.php

---
 web/schedule/backup/index.php | 1 -
 1 file changed, 1 deletion(-)

diff --git a/web/schedule/backup/index.php b/web/schedule/backup/index.php
index 8d51832e..be7e713c 100644
--- a/web/schedule/backup/index.php
+++ b/web/schedule/backup/index.php
@@ -8,7 +8,6 @@ include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
 
 // Check token
 if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
-    die($_SESSION['token']);
     header('location: /login/');
     exit();
 }

From 63861e4ffdc009a8f0176fe4733be0c6e261e6fb Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 4 Sep 2021 12:55:40 +0200
Subject: [PATCH 1587/2300] Fix fox CSRF in /dowload/web-log/

---
 web/download/web-log/index.php       | 7 +++++++
 web/templates/admin/list_weblog.html | 4 ++--
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/web/download/web-log/index.php b/web/download/web-log/index.php
index 79b5601c..35ebc335 100644
--- a/web/download/web-log/index.php
+++ b/web/download/web-log/index.php
@@ -3,6 +3,13 @@
 error_reporting(NULL);
 session_start();
 include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
+
+// Check token
+if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
+    header('Location: /login/');
+    exit();
+}
+
 $v_domain = $_GET['domain'];
 $v_domain = escapeshellarg($_GET['domain']);
 if ($_GET['type'] == 'access') $type = 'access';
diff --git a/web/templates/admin/list_weblog.html b/web/templates/admin/list_weblog.html
index 1ca837e2..b46e7979 100644
--- a/web/templates/admin/list_weblog.html
+++ b/web/templates/admin/list_weblog.html
@@ -23,8 +23,8 @@
       
         
         
-        
-        
+        
+        
       


From 93de22a0b3d45fb46e47ff7337445fb074179773 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 4 Sep 2021 15:31:34 +0200
Subject: [PATCH 1588/2300] Fix for CSRF in FileManager and UploadHandler

---
 web/download/file/index.php         |  5 +++++
 web/file_manager/fm_api.php         |  7 +++++--
 web/js/app.js                       |  2 ++
 web/js/file_manager.js              | 13 ++++++++-----
 web/templates/file_manager/main.php |  4 +++-
 web/upload/UploadHandler.php        |  7 ++++++-
 6 files changed, 29 insertions(+), 9 deletions(-)

diff --git a/web/download/file/index.php b/web/download/file/index.php
index efabb0e1..ee1a9989 100644
--- a/web/download/file/index.php
+++ b/web/download/file/index.php
@@ -1,6 +1,11 @@
  GLOBAL = {}; 
 
 
+    
     
         
     
@@ -145,6 +146,7 @@
             var acc = $('');
             $(['A', 'B']).each(function(k, letter) {
                 var url = '/upload/';
+                var token = $('#token').attr('token');
                 $('#file_upload_' + letter).fileupload({
                     singleFileUploads: false,
                     add: function (e, data) {
@@ -154,7 +156,7 @@
                         var file_relocation = FM['TAB_'+tab+'_CURRENT_PATH'];
 
 
-                        $('#file_upload_' + letter).fileupload("option", "url", url + '?dir=' + file_relocation);
+                        $('#file_upload_' + letter).fileupload("option", "url", url + '?token='+token+'&dir=' + file_relocation);
                         acc = $('');
                         show_msg = false;
                         data.submit();
diff --git a/web/upload/UploadHandler.php b/web/upload/UploadHandler.php
index 511ec4b3..48f40b23 100755
--- a/web/upload/UploadHandler.php
+++ b/web/upload/UploadHandler.php
@@ -3,10 +3,15 @@
 //session_start();
 
 // Preventing CSRF
-prevent_post_csrf(true);
+// prevent_post_csrf(true);
 
 include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
 
+// Check token
+if ((!isset($_REQUEST['token'])) || ($_SESSION['token'] != $_REQUEST['token'])) {
+    die("Wrong token or missing token");
+}
+
 // Check login_as feature
 $user = $_SESSION['user'];
 if (($_SESSION['user'] == 'admin') && (!empty($_SESSION['look']))) {

From ee3665ecb7e46d58ef7d9039e0eda55c76254a94 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 4 Sep 2021 19:00:20 +0200
Subject: [PATCH 1589/2300] Update index.php

---
 web/delete/backup/exclusion/index.php | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/web/delete/backup/exclusion/index.php b/web/delete/backup/exclusion/index.php
index 29ad3bd5..7cad5856 100644
--- a/web/delete/backup/exclusion/index.php
+++ b/web/delete/backup/exclusion/index.php
@@ -1,4 +1,7 @@
 
Date: Tue, 14 Sep 2021 20:22:35 +0200
Subject: [PATCH 1590/2300] backuping php-fpm conf file

---
 bin/v-backup-user | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/bin/v-backup-user b/bin/v-backup-user
index 767eba22..52e5134d 100755
--- a/bin/v-backup-user
+++ b/bin/v-backup-user
@@ -151,6 +151,25 @@ if [ ! -z "$WEB_SYSTEM" ] && [ "$WEB" != '*' ]; then
         format_domain_idn
         get_domain_values 'web'
 
+        # backuping php-fpm conf file
+        if [[ $TPL == "PHP-FPM-"* ]]; then
+            fpm_tpl_ver=${TPL:8:2}
+            fpm_ver="${TPL:8:1}.${TPL:9:1}"
+            fpm_folder="$fpm_ver/fpm/pool.d"
+            fpm_path="$fpm_ver/fpm/pool.d/$domain.conf"
+            if [[ $TPL == *"-ioncube" ]]; then
+                fpm_folder="$fpm_ver/fpm/pool.d-ioncube"
+                fpm_path = "$fpm_ver/fpm/pool.d-ioncube/$domain.conf"
+            fi
+            fpm_original_path="/etc/php/$fpm_path"
+            fpm_dest_path="$tmpdir/web/$domain/php/$fpm_path"
+            fpm_dest_folder="$tmpdir/web/$domain/php/$fpm_folder"
+            if [ -f "$fpm_original_path" ]; then
+                mkdir -p $fpm_dest_folder
+                cp $fpm_original_path $fpm_dest_path
+            fi
+        fi
+        
         # Backup web.conf
         cd $tmpdir/web/$domain/
         conf="$USER_DATA/web.conf"

From f36d20641e6818072e02e9a426d56633c272ea50 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 14 Sep 2021 20:24:39 +0200
Subject: [PATCH 1591/2300] Update v-backup-user

---
 bin/v-backup-user | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-backup-user b/bin/v-backup-user
index 52e5134d..e2d7cac9 100755
--- a/bin/v-backup-user
+++ b/bin/v-backup-user
@@ -159,7 +159,7 @@ if [ ! -z "$WEB_SYSTEM" ] && [ "$WEB" != '*' ]; then
             fpm_path="$fpm_ver/fpm/pool.d/$domain.conf"
             if [[ $TPL == *"-ioncube" ]]; then
                 fpm_folder="$fpm_ver/fpm/pool.d-ioncube"
-                fpm_path = "$fpm_ver/fpm/pool.d-ioncube/$domain.conf"
+                fpm_path="$fpm_ver/fpm/pool.d-ioncube/$domain.conf"
             fi
             fpm_original_path="/etc/php/$fpm_path"
             fpm_dest_path="$tmpdir/web/$domain/php/$fpm_path"

From ca76e2bc8cfd1dbecc997742cc6f008e9fb44610 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 14 Sep 2021 21:07:22 +0200
Subject: [PATCH 1592/2300] Allow to specify full path to backup file

---
 bin/v-restore-user | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/bin/v-restore-user b/bin/v-restore-user
index a78ffc4d..c1f19fd8 100755
--- a/bin/v-restore-user
+++ b/bin/v-restore-user
@@ -28,6 +28,11 @@ if [ -z "$BACKUP" ]; then
     BACKUP=/backup
 fi
 
+# Allow to specify full path to backup file
+if [[ $backup == "/backup/"* ]]; then
+    backup="${backup:8}"
+fi
+
 # Includes
 source $VESTA/func/main.sh
 source $VESTA/func/domain.sh

From c93345f669fa62694f353a960374926e96260ce6 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 14 Sep 2021 21:10:10 +0200
Subject: [PATCH 1593/2300] Restoring php-fpm pool.d conf files

---
 bin/v-restore-user | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/bin/v-restore-user b/bin/v-restore-user
index c1f19fd8..4aaab76d 100755
--- a/bin/v-restore-user
+++ b/bin/v-restore-user
@@ -440,6 +440,12 @@ if [ "$web" != 'no' ] && [ ! -z "$WEB_SYSTEM" ]; then
             find $HOMEDIR/$user/web/$domain/ -user $old_uid \
                 -exec chown -h $user:$user {} \;
         fi
+    
+        # Restoring php-fpm pool.d conf files
+        if [ -d "$tmpdir/web/$domain/php" ]; then
+            cp -r $tmpdir/web/$domain/php/ /etc/
+        fi
+
     done
 
     # Adding user to traff queue

From 7ee21aad7b06b2c506165a2af3d2f15b3d79edfa Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 14 Sep 2021 21:43:46 +0200
Subject: [PATCH 1594/2300] Restoring php-fpm pool.d conf files

---
 bin/v-restore-user | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/bin/v-restore-user b/bin/v-restore-user
index 4aaab76d..e9861d46 100755
--- a/bin/v-restore-user
+++ b/bin/v-restore-user
@@ -443,7 +443,10 @@ if [ "$web" != 'no' ] && [ ! -z "$WEB_SYSTEM" ]; then
     
         # Restoring php-fpm pool.d conf files
         if [ -d "$tmpdir/web/$domain/php" ]; then
-            cp -r $tmpdir/web/$domain/php/ /etc/
+            fpmver=$(ls $tmpdir/web/$domain/php/)
+            cp -r $tmpdir/web/$domain/php/$fpmver/ /etc/php/
+            systemctl reset-failed php$fpmver-fpm
+            systemctl restart php$fpmver-fpm
         fi
 
     done

From 73948ac4d1958a08d656aa36b0ebb95a37a97476 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 19 Sep 2021 13:26:45 +0200
Subject: [PATCH 1595/2300] Logging letsencrypt error message

---
 bin/v-add-letsencrypt-domain | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/bin/v-add-letsencrypt-domain b/bin/v-add-letsencrypt-domain
index ed6e5e90..3a7b10b8 100755
--- a/bin/v-add-letsencrypt-domain
+++ b/bin/v-add-letsencrypt-domain
@@ -268,6 +268,8 @@ for auth in $authz; do
         echo "[$(date)] : query_le_v2 \"$url\" \"$payload\" \"$nonce\"" >> /usr/local/vesta/log/letsencrypt.log
         answer=$(query_le_v2 "$url" "$payload" "$nonce")
         echo "[$(date)] : answer=$answer" >> /usr/local/vesta/log/letsencrypt.log
+        url2=$(echo "$answer" |grep -A3 $proto |grep url |cut -f 4 -d \")
+        echo "[$(date)] : url2=$url2" >> /usr/local/vesta/log/letsencrypt.log
         validation=$(echo "$answer"|grep -A1 $proto |tail -n1|cut -f4 -d \")
         echo "[$(date)] : validation=$validation" >> /usr/local/vesta/log/letsencrypt.log
         nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n')
@@ -284,6 +286,9 @@ for auth in $authz; do
             echo "[$(date)] : EXIT=Let's Encrypt domain validation timeout" >> /usr/local/vesta/log/letsencrypt.log
             check_result $E_CONNECT "Let's Encrypt domain validation timeout"
         fi
+        echo "[$(date)] : curl: $url2 :" >> /usr/local/vesta/log/letsencrypt.log
+        get_answer=$(curl -S "$url2")
+        echo "[$(date)] : get_answer=$get_answer" >> /usr/local/vesta/log/letsencrypt.log
         sleeping=$((i*2))
         echo "[$(date)] : sleep $sleeping (i=$i)" >> /usr/local/vesta/log/letsencrypt.log
         sleep $sleeping

From e7b2626d4ca0643cbab3ce40b8d4943830608082 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 24 Sep 2021 10:54:20 +0200
Subject: [PATCH 1596/2300] installing php7.x-imap

---
 install/vst-install-debian.sh | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index d419edb6..99600590 100755
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1598,13 +1598,13 @@ $VESTA/bin/v-add-cron-vesta-autoupdate
 
 echo "=== Installing additional PHP libs"
 if [ "$release" -eq 9 ]; then
-  apt-get -y install php7.0-apcu php7.0-mbstring php7.0-bcmath php7.0-curl php7.0-gd php7.0-intl php7.0-mcrypt php7.0-mysql php7.0-mysqlnd php7.0-pdo php7.0-soap php7.0-json php7.0-xml php7.0-zip php7.0-memcache php7.0-memcached php7.0-zip php7.0-imagick
+  apt-get -y install php7.0-apcu php7.0-mbstring php7.0-bcmath php7.0-curl php7.0-gd php7.0-intl php7.0-mcrypt php7.0-mysql php7.0-mysqlnd php7.0-pdo php7.0-soap php7.0-json php7.0-xml php7.0-zip php7.0-memcache php7.0-memcached php7.0-zip php7.0-imagick php7.0-imap
 fi
 if [ "$release" -eq 10 ]; then
-  apt-get -y install php7.3-apcu php7.3-mbstring php7.3-bcmath php7.3-curl php7.3-gd php7.3-intl php7.3-mysql php7.3-mysqlnd php7.3-pdo php7.3-soap php7.3-json php7.3-xml php7.3-zip php7.3-memcache php7.3-memcached php7.3-zip php7.3-imagick
+  apt-get -y install php7.3-apcu php7.3-mbstring php7.3-bcmath php7.3-curl php7.3-gd php7.3-intl php7.3-mysql php7.3-mysqlnd php7.3-pdo php7.3-soap php7.3-json php7.3-xml php7.3-zip php7.3-memcache php7.3-memcached php7.3-zip php7.3-imagick php7.3-imap
 fi
 if [ "$release" -eq 11 ]; then
-  apt-get -y install php7.4-apcu php7.4-mbstring php7.4-bcmath php7.4-curl php7.4-gd php7.4-intl php7.4-mysql php7.4-mysqlnd php7.4-pdo php7.4-soap php7.4-json php7.4-xml php7.4-zip php7.4-memcache php7.4-memcached php7.4-zip php7.4-imagick
+  apt-get -y install php7.4-apcu php7.4-mbstring php7.4-bcmath php7.4-curl php7.4-gd php7.4-intl php7.4-mysql php7.4-mysqlnd php7.4-pdo php7.4-soap php7.4-json php7.4-xml php7.4-zip php7.4-memcache php7.4-memcached php7.4-zip php7.4-imagick php7.4-imap
 fi
 
 touch /var/log/php-mail.log

From ae99e0c837dd195f37051f9b0cf9531cd79952c3 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 25 Sep 2021 14:17:09 +0200
Subject: [PATCH 1597/2300] Fresh W3TC.json

---
 src/deb/for-download/tools/W3TC.json | 305 ++++++++++++++++++---------
 1 file changed, 200 insertions(+), 105 deletions(-)

diff --git a/src/deb/for-download/tools/W3TC.json b/src/deb/for-download/tools/W3TC.json
index 7e1f0340..d42973d0 100644
--- a/src/deb/for-download/tools/W3TC.json
+++ b/src/deb/for-download/tools/W3TC.json
@@ -1,5 +1,5 @@
 {
-    "version": "0.14.3",
+    "version": "2.1.8",
     "cluster.messagebus.debug": false,
     "cluster.messagebus.enabled": false,
     "cluster.messagebus.sns.region": "",
@@ -11,7 +11,7 @@
     "dbcache.debug_purge": false,
     "dbcache.enabled": true,
     "dbcache.engine": "memcached",
-    "dbcache.file.gc": 3600,
+    "dbcache.file.gc": 7200,
     "dbcache.file.locking": false,
     "dbcache.lifetime": 3600,
     "dbcache.memcached.persistent": true,
@@ -60,24 +60,47 @@
         "\\bsql_calc_found_rows\\b",
         "\\bfound_rows\\(\\)"
     ],
+    "docroot_fix.enable": false,
     "lazyload.enabled": false,
+    "lazyload.threshold": "",
     "lazyload.process_img": true,
     "lazyload.process_background": true,
     "lazyload.googlemaps.google_maps_easy": false,
     "lazyload.googlemaps.wp_google_maps": false,
     "lazyload.googlemaps.wp_google_map_plugin": false,
     "lazyload.exclude": [
-        "skip_lazy"
+        "avia-bg-style-fixed",
+        "data-bgposition=",
+        "data-envira-src=",
+        "data-large_image=",
+        "data-lazy-original=",
+        "data-lazy-src=",
+        "data-lazyload=",
+        "data-lazysrc=",
+        "data-no-lazy=",
+        "data-src=",
+        "data-srcset=",
+        "fullurl=",
+        "lazy-slider-img=",
+        "loading=\"eager\"",
+        "no-lazy",
+        "rev-slidebg",
+        "skip-lazy",
+        "soliloquy-image",
+        "swatch-img",
+        "w3-total-cache",
+        "woocommerce\/assets\/images\/placeholder.png",
+        "wpcf7_captcha"
     ],
     "lazyload.embed_method": "async_head",
     "objectcache.configuration_overloaded": false,
     "objectcache.enabled": true,
     "objectcache.debug": false,
     "objectcache.debug_purge": false,
-    "objectcache.enabled_for_wp_admin": true,
+    "objectcache.enabled_for_wp_admin": false,
     "objectcache.fallback_transients": true,
     "objectcache.engine": "memcached",
-    "objectcache.file.gc": 3600,
+    "objectcache.file.gc": 7200,
     "objectcache.file.locking": false,
     "objectcache.memcached.servers": [
         "127.0.0.1:11211"
@@ -107,7 +130,6 @@
         "global-posts"
     ],
     "objectcache.groups.nonpersistent": [
-        "comment",
         "counts",
         "plugins"
     ],
@@ -120,7 +142,7 @@
     "pgcache.debug_purge": false,
     "pgcache.engine": "memcached",
     "pgcache.file.gc": 3600,
-    "pgcache.file.nfs": true,
+    "pgcache.file.nfs": false,
     "pgcache.file.locking": false,
     "pgcache.lifetime": 86400,
     "pgcache.memcached.servers": [
@@ -137,9 +159,9 @@
     ],
     "pgcache.redis.password": "",
     "pgcache.redis.dbid": 0,
-    "pgcache.cache.query": true,
+    "pgcache.cache.query": false,
     "pgcache.cache.home": true,
-    "pgcache.cache.feed": true,
+    "pgcache.cache.feed": false,
     "pgcache.cache.nginx_handle_xml": false,
     "pgcache.cache.ssl": true,
     "pgcache.cache.404": false,
@@ -167,11 +189,11 @@
     ],
     "pgcache.late_init": false,
     "pgcache.late_caching": false,
-    "pgcache.mirrors.enabled": true,
+    "pgcache.mirrors.enabled": false,
     "pgcache.mirrors.home_urls": [
         ""
     ],
-    "pgcache.reject.front_page": "0",
+    "pgcache.reject.front_page": false,
     "pgcache.reject.logged": true,
     "pgcache.reject.logged_roles": false,
     "pgcache.reject.roles": [
@@ -200,7 +222,7 @@
         "wptouch_switch_toggle"
     ],
     "pgcache.reject.request_head": false,
-    "pgcache.purge.front_page": "1",
+    "pgcache.purge.front_page": true,
     "pgcache.purge.home": true,
     "pgcache.purge.post": true,
     "pgcache.purge.comments": false,
@@ -222,7 +244,7 @@
     ],
     "pgcache.purge.sitemap_regex": "([a-z0-9_\\-]*?)sitemap([a-z0-9_\\-]*)?\\.xml",
     "pgcache.prime.enabled": false,
-    "pgcache.prime.interval": 3600,
+    "pgcache.prime.interval": 900,
     "pgcache.prime.limit": 10,
     "pgcache.prime.sitemap": "",
     "pgcache.prime.post.enabled": false,
@@ -267,8 +289,8 @@
     "minify.debug": false,
     "minify.engine": "file",
     "minify.error.notification": "",
-    "minify.file.gc": "86400",
-    "minify.file.nfs": true,
+    "minify.file.gc": 86400,
+    "minify.file.nfs": false,
     "minify.file.locking": false,
     "minify.memcached.servers": [
         "127.0.0.1:11211"
@@ -284,41 +306,43 @@
     ],
     "minify.redis.password": "",
     "minify.redis.dbid": 0,
-    "minify.rewrite": "1",
+    "minify.rewrite": true,
     "minify.options": [],
     "minify.symlinks": [],
-    "minify.lifetime": "86400",
+    "minify.lifetime": 86400,
     "minify.upload": true,
-    "minify.html.enable": "1",
+    "minify.html.enable": false,
     "minify.html.engine": "html",
-    "minify.html.reject.feed": "0",
-    "minify.html.inline.css": "0",
-    "minify.html.inline.js": "0",
-    "minify.html.strip.crlf": "0",
+    "minify.html.reject.feed": false,
+    "minify.html.inline.css": false,
+    "minify.html.inline.js": false,
+    "minify.html.strip.crlf": false,
     "minify.html.comments.ignore": [
         "google_ad_",
-        "RSPEAK_"
+        "RSPEAK_",
+        "mfunc"
     ],
-    "minify.css.combine": "0",
-    "minify.css.enable": "1",
+    "minify.css.enable": true,
     "minify.css.engine": "css",
-    "minify.css.http2push": "0",
-    "minify.css.strip.comments": "0",
-    "minify.css.strip.crlf": "0",
+    "minify.css.method": "both",
+    "minify.css.http2push": false,
+    "minify.css.strip.comments": false,
+    "minify.css.strip.crlf": false,
     "minify.css.embed": false,
     "minify.css.imports": "",
     "minify.css.groups": [],
-    "minify.js.http2push": "0",
-    "minify.js.enable": "1",
+    "minify.js.http2push": false,
+    "minify.js.enable": true,
     "minify.js.engine": "js",
-    "minify.js.combine.header": "0",
+    "minify.js.method": "both",
+    "minify.js.combine.header": false,
     "minify.js.header.embed_type": "blocking",
     "minify.js.combine.body": false,
     "minify.js.body.embed_type": "blocking",
     "minify.js.combine.footer": false,
     "minify.js.footer.embed_type": "blocking",
-    "minify.js.strip.comments": "0",
-    "minify.js.strip.crlf": "0",
+    "minify.js.strip.comments": false,
+    "minify.js.strip.crlf": false,
     "minify.js.groups": [],
     "minify.yuijs.path.java": "java",
     "minify.yuijs.path.jar": "yuicompressor.jar",
@@ -353,28 +377,20 @@
     "minify.htmltidy.options.clean": false,
     "minify.htmltidy.options.hide-comments": true,
     "minify.htmltidy.options.wrap": 0,
-    "minify.reject.logged": "0",
-    "minify.reject.ua": [
-        ""
-    ],
-    "minify.reject.uri": [
-        ""
-    ],
-    "minify.reject.files.js": [
-        ""
-    ],
-    "minify.reject.files.css": [
-        ""
-    ],
+    "minify.reject.logged": false,
+    "minify.reject.ua": [],
+    "minify.reject.uri": [],
+    "minify.reject.files.js": [],
+    "minify.reject.files.css": [],
     "minify.cache.files": [
         ""
     ],
-    "minify.cache.files_regexp": "0",
+    "minify.cache.files_regexp": false,
     "cdn.configuration_overloaded": false,
     "cdn.enabled": false,
     "cdn.debug": false,
     "cdn.flush_manually": false,
-    "cdn.engine": "maxcdn",
+    "cdn.engine": "stackpath2",
     "cdn.uploads.enable": true,
     "cdn.includes.enable": true,
     "cdn.includes.files": "*.css;*.js;*.gif;*.png;*.jpg;*.xml",
@@ -535,6 +551,9 @@
     "cdnfsd.stackpath2.site_root_domain": 0,
     "cdnfsd.stackpath2.domain": [],
     "cdnfsd.stackpath2.ssl": "auto",
+    "cdnfsd.transparentcdn.client_id": "",
+    "cdnfsd.transparentcdn.client_secret": "",
+    "cdnfsd.transparentcdn.company_id": "",
     "varnish.configuration_overloaded": false,
     "varnish.enabled": false,
     "varnish.debug": false,
@@ -547,7 +566,7 @@
     "browsercache.no404wp": false,
     "browsercache.no404wp.exceptions": [
         "robots\\.txt",
-        "[a-z0-9_\\-]*sitemap[a-z0-9_\\-]*\\.(xml|xsl|html)(\\.gz)?"
+        "[a-z0-9_\\-]*sitemap[a-z0-9_\\.\\-]*\\.(xml|xsl|html)(\\.gz)?"
     ],
     "browsercache.cssjs.last_modified": true,
     "browsercache.cssjs.compression": true,
@@ -623,63 +642,136 @@
     "mobile.configuration_overloaded": false,
     "mobile.enabled": false,
     "mobile.rgroups": {
-        "high": {
+        "tablets": {
             "theme": "",
             "enabled": false,
             "redirect": "",
             "agents": [
-                "android",
-                "mobi",
-                "bada",
-                "incognito",
+                "a1-32ab0",
+                "a210",
+                "a211",
+                "b6000-h",
+                "b8000-h",
+                "bnrv200",
+                "bntv400",
+                "darwin",
+                "gt-n8005",
+                "gt-p3105",
+                "gt-p6810",
+                "gt-p7510",
+                "hmj37",
+                "hp-tablet",
+                "hp\\sslate",
+                "hp\\sslatebook",
+                "ht7s3",
+                "ideatab_a1107",
+                "ideataba2109a",
+                "ideos\\ss7",
+                "imm76d",
+                "ipad",
+                "k00f",
+                "kfjwi",
+                "kfot",
+                "kftt",
                 "kindle",
-                "maemo",
-                "opera\\ mini",
-                "s8000",
-                "series60",
-                "ucbrowser",
-                "ucweb",
-                "webmate",
-                "webos"
+                "l-06c",
+                "lg-f200k",
+                "lg-f200l",
+                "lg-f200s",
+                "m470bsa",
+                "m470bse",
+                "maxwell",
+                "me173x",
+                "mediapad",
+                "midc497",
+                "msi\\senjoy\\s10\\splus",
+                "mz601",
+                "mz616",
+                "nexus",
+                "nookcolor",
+                "pg09410",
+                "pg41200",
+                "pmp5570c",
+                "pmp5588c",
+                "pocketbook",
+                "qmv7a",
+                "sgp311",
+                "sgpt12",
+                "shv-e230k",
+                "shw-m305w",
+                "shw-m380w",
+                "sm-p605",
+                "smarttab",
+                "sonysgp321",
+                "sph-p500",
+                "surfpad",
+                "tab07-200",
+                "tab10-201",
+                "tab465euk",
+                "tab474",
+                "tablet",
+                "tegranote",
+                "tf700t",
+                "thinkpad",
+                "viewpad",
+                "voltaire"
             ]
         },
-        "low": {
+        "phones": {
             "theme": "",
             "enabled": false,
             "redirect": "",
             "agents": [
-                "2\\.0\\ mmp",
+                "(android|bb\\d+|meego).+mobile",
                 "240x320",
+                "2.0\\ mmp",
+                "\\bppc\\b",
+                "acer\\ s100",
                 "alcatel",
                 "amoi",
+                "archos5",
                 "asus",
-                "au\\-mic",
+                "au-mic",
                 "audiovox",
                 "avantgo",
+                "bada",
                 "benq",
                 "bird",
                 "blackberry",
                 "blazer",
                 "cdm",
                 "cellphone",
+                "cupcake",
                 "danger",
                 "ddipocket",
                 "docomo",
+                "docomo\\ ht-03a",
                 "dopod",
-                "elaine\/3\\.0",
+                "dream",
+                "elaine\/3.0",
                 "ericsson",
                 "eudoraweb",
                 "fly",
+                "froyo",
+                "googlebot-mobile",
                 "haier",
                 "hiptop",
-                "hp\\.ipaq",
+                "hp.ipaq",
                 "htc",
+                "htc\\ hero",
+                "htc\\ magic",
+                "htc_dream",
+                "htc_magic",
                 "huawei",
-                "i\\-mobile",
+                "i-mobile",
                 "iemobile",
                 "iemobile\/7",
+                "iemobile\/7.0",
                 "iemobile\/9",
-                "j\\-phone",
+                "incognito",
+                "iphone",
+                "ipod",
+                "j-phone",
                 "kddi",
                 "konka",
                 "kwc",
@@ -687,27 +779,34 @@
                 "lenovo",
                 "lg",
                 "lg\/u990",
+                "lg-gw620",
                 "lge\\ vx",
+                "liquid\\ build",
+                "maemo",
                 "midp",
-                "midp\\-2\\.0",
+                "midp-2.0",
                 "mmef20",
                 "mmp",
                 "mobilephone",
-                "mot\\-v",
+                "mot-mb200",
+                "mot-mb300",
+                "mot-v",
                 "motorola",
-                "msie\\ 10\\.0",
+                "msie\\ 10.0",
                 "netfront",
                 "newgen",
                 "newt",
+                "nexus\\ 7",
+                "nexus\\ one",
                 "nintendo\\ ds",
                 "nintendo\\ wii",
                 "nitro",
                 "nokia",
                 "novarra",
-                "o2",
                 "openweb",
+                "opera\\ mini",
                 "opera\\ mobi",
-                "opera\\.mobi",
+                "opera.mobi",
                 "p160u",
                 "palm",
                 "panasonic",
@@ -719,40 +818,52 @@
                 "playbook",
                 "playstation\\ portable",
                 "portalmmm",
-                "\\bppc\\b",
                 "proxinet",
                 "psp",
                 "qtek",
+                "s8000",
                 "sagem",
                 "samsung",
+                "samsung-s8000",
                 "sanyo",
                 "sch",
-                "sch\\-i800",
+                "sch-i800",
                 "sec",
                 "sendo",
+                "series60.*webkit",
+                "series60\/5.0",
                 "sgh",
                 "sharp",
-                "sharp\\-tq\\-gx10",
+                "sharp-tq-gx10",
                 "small",
                 "smartphone",
                 "softbank",
                 "sonyericsson",
+                "sonyericssone10",
+                "sonyericssonu20",
+                "sonyericssonx10",
                 "sph",
                 "symbian",
                 "symbian\\ os",
                 "symbianos",
+                "t-mobile\\ mytouch\\ 3g",
+                "t-mobile\\ opal",
+                "tattoo",
                 "toshiba",
+                "touch",
                 "treo",
-                "ts21i\\-10",
-                "up\\.browser",
-                "up\\.link",
+                "ts21i-10",
+                "up.browser",
+                "up.link",
                 "uts",
                 "vertu",
                 "vodafone",
                 "wap",
+                "webmate",
+                "webos",
                 "willcome",
                 "windows\\ ce",
-                "windows\\.ce",
+                "windows.ce",
                 "winwap",
                 "xda",
                 "xoom",
@@ -776,13 +887,14 @@
             ]
         }
     },
+    "robots_block.enable": false,
     "common.track_usage": false,
     "common.tweeted": false,
-    "config.check": false,
+    "config.check": true,
     "config.path": "",
     "widget.latest.items": 3,
     "widget.latest_news.items": 5,
-    "widget.pagespeed.enabled": true,
+    "widget.pagespeed.enabled": false,
     "widget.pagespeed.key": "",
     "widget.pagespeed.key.restrict.referrer": "",
     "widget.pagespeed.show_in_admin_bar": false,
@@ -797,34 +909,17 @@
     "timelimit.cdn_test": 300,
     "timelimit.domain_rename": 120,
     "timelimit.minify_recommendations": 600,
-    "common.instance_id": 393748815,
+    "common.instance_id": 1165104676,
     "common.force_master": true,
     "extensions.active": {
-        "newrelic": "w3-total-cache\/Extension_NewRelic_Plugin.php",
-        "fragmentcache": "w3-total-cache\/Extension_FragmentCache_Plugin.php",
-        "swarmify": "w3-total-cache\/Extension_Swarmify_Plugin.php"
+        "fragmentcache": "w3-total-cache\/Extension_FragmentCache_Plugin.php"
     },
     "extensions.active_frontend": [],
     "extensions.active_dropin": [],
     "plugin.license_key": "",
     "plugin.type": "",
-    "common.support": "",
-    "timelimit.cdn_container_create": 300,
+    "jquerymigrate.disabled": false,
     "fragmentcache": {
-        "engine": "memcached",
-        "memcached.servers": [
-            "127.0.0.1:11211"
-        ],
-        "memcached.persistent": "1",
-        "memcached.aws_autodiscovery": "0",
-        "memcached.username": "",
-        "memcached.password": "",
-        "lifetime": "3600",
-        "file.gc": "3600",
-        "groups": ""
-    },
-    "pgcache.bad_behavior_path": "",
-    "newrelic": {
-        "monitoring_type": "apm"
+        "engine": "memcached"
     }
-}
\ No newline at end of file
+}

From d7a656b94fb0af3fa37d27d0c49c825d0304bb53 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 25 Sep 2021 14:35:35 +0200
Subject: [PATCH 1598/2300] roundcube set elastic skin as defalt

---
 install/debian/11/roundcube/main.inc.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/debian/11/roundcube/main.inc.php b/install/debian/11/roundcube/main.inc.php
index 55a4e082..91f32000 100644
--- a/install/debian/11/roundcube/main.inc.php
+++ b/install/debian/11/roundcube/main.inc.php
@@ -685,7 +685,7 @@ $rcmail_config['addressbook_search_mode'] = 0;
 $rcmail_config['default_charset'] = 'UTF-8';
 
 // skin name: folder from skins/
-$rcmail_config['skin'] = 'larry';
+$rcmail_config['skin'] = 'elastic';
 
 // show up to X items in messages list view
 $rcmail_config['mail_pagesize'] = 50;

From 43955dd086cb3da35d3532595ca2ff09bec9bbbc Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 25 Sep 2021 15:30:30 +0200
Subject: [PATCH 1599/2300] Updating apt before installation

---
 install/vst-install-debian.sh | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 99600590..f8f73cb4 100755
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -294,15 +294,18 @@ if [ ! -z "$(grep ^admin: /etc/passwd)" ] && [ -z "$force" ]; then
     check_result 1 "User admin exists"
 fi
 
+echo "Updating apt, please wait..."
+apt-get update > /dev/null 2>&1
+
 # Checking wget
 if [ ! -e '/usr/bin/wget' ]; then
-    apt-get -y install wget
+    apt-get -y install wget > /dev/null 2>&1
     check_result $? "Can't install wget"
 fi
 
 # Check if gnupg2 is installed
 if [ $(dpkg-query -W -f='${Status}' gnupg2 2>/dev/null | grep -c "ok installed") -eq 0 ]; then
-    apt -y install gnupg2
+    apt-get -y install gnupg2 > /dev/null 2>&1
 fi
 
 # Check if apparmor is installed

From e843f1e701fbb77d235cfe68d329f08f1c51444f Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 26 Sep 2021 10:41:18 +0200
Subject: [PATCH 1600/2300] Removing pre-installed exim4

---
 install/vst-install-debian.sh | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index f8f73cb4..d985b525 100755
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -329,6 +329,15 @@ for pkg in exim4 mysql-server apache2 nginx vesta; do
     fi
 done
 rm -f $tmpfile
+
+if [ ! -z "$conflicts" ] && [[ "$conflicts" = *"exim4"* ]]; then
+    echo "=== Removing pre-installed exim4"
+    apt remove --purge -y exim4 exim4-base exim4-config
+    rm -rf /etc/exim4
+    conflicts=$(echo "$conflicts" | sed -e "s/exim4//")
+    conflicts=$(echo "$conflicts" | sed -e "s/ //")
+fi
+
 if [ ! -z "$conflicts" ] && [ -z "$force" ]; then
     echo '!!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!!'
     echo

From f66403eb9fe4b1c09846cbd8e6a35ce62f5105fd Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 26 Sep 2021 11:55:15 +0200
Subject: [PATCH 1601/2300] Better replacing yescrypt to sha512

---
 install/vst-install-debian.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index d985b525..231e2aa3 100755
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1442,7 +1442,7 @@ fi
 
 if [ "$release" -eq 11 ]; then
     # Switching to sha512
-    sed -i "s/obscure yescrypt/obscure sha512/g" /etc/pam.d/common-password
+    sed -i "s/yescrypt/sha512/g" /etc/pam.d/common-password
 fi
 
 # Deleting old admin user

From 1884463e8efe5082237995deaa234a2a4f09c333 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 27 Sep 2021 16:28:49 +0200
Subject: [PATCH 1602/2300] Set original cPanel mail passwords

---
 bin/v-import-cpanel-backup | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/bin/v-import-cpanel-backup b/bin/v-import-cpanel-backup
index fc3c7352..c6005800 100644
--- a/bin/v-import-cpanel-backup
+++ b/bin/v-import-cpanel-backup
@@ -7,7 +7,6 @@
 # This script can import databases and database users and password, 
 # Import domains, subdomains and website files
 # This script import also mail accounts and mails into accounts if previous cpanel run dovecot
-# Mail password not are restored this was reset by new one.
 ###########
 # If you need restore main database user read line 160 or above
 ###########
@@ -272,7 +271,13 @@ if [[ "$sk_maild" != "cur" && "$sk_maild" != "new" && "$sk_maild" != "tmp"  ]];
 					mv ${sk_maild}/${sk_mail_account} /home/${sk_cp_user}/mail/${sk_maild}
 					chown ${sk_cp_user}:mail -R /home/${sk_cp_user}/mail/${sk_maild}
 					find /home/${sk_cp_user}/mail/${sk_maild} -type f -name 'dovecot*' -delete
-					echo "${sk_mail_account}@${sk_maild} | $sk_mail_pass1"	>> /root/sk_mail_password_${sk_cp_user}-${sk_cod}
+					# echo "${sk_mail_account}@${sk_maild} | $sk_mail_pass1"	>> /root/sk_mail_password_${sk_cp_user}-${sk_cod}
+				    echo "Set password for ${sk_mail_account}@${sk_maild}"
+				    pass=$(grep "^${sk_mail_account}:" ${sk_importer_in}/homedir/etc/${sk_maild}/shadow | awk -F  ":" '{print $2}')
+				    newline="${sk_mail_account}:{SHA512-CRYPT}$pass:${sk_cp_user}:mail::/home/${sk_cp_user}:0"
+				    echo $newline
+				    escaped=$(printf '%s\n' "$newline" | sed -e 's/[\/&]/\\&/g')
+				    sed -i "s/^${sk_mail_account}:.*/$escaped/g" /home/${sk_cp_user}/conf/mail/${sk_maild}/passwd
 		done
 	fi
 #else
@@ -351,7 +356,7 @@ tput setaf 4
 echo "##############################"
 echo "cPanel Backup restored"
 echo "Review your content and report any fail"
-echo "I reset mail password not posible restore it yet."
-echo "Check your new passwords runing: cat /root/sk_mail_password_${sk_cp_user}-${sk_cod}"
+# echo "I reset mail password not posible restore it yet."
+# echo "Check your new passwords runing: cat /root/sk_mail_password_${sk_cp_user}-${sk_cod}"
 echo "##############################"
 tput sgr0

From d4411dc92f7c67ab0fba4cee4a1f87b7b21fe043 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 27 Sep 2021 19:12:33 +0200
Subject: [PATCH 1603/2300] Update v-import-cpanel-backup

---
 bin/v-import-cpanel-backup | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-import-cpanel-backup b/bin/v-import-cpanel-backup
index c6005800..a740a44b 100644
--- a/bin/v-import-cpanel-backup
+++ b/bin/v-import-cpanel-backup
@@ -275,7 +275,7 @@ if [[ "$sk_maild" != "cur" && "$sk_maild" != "new" && "$sk_maild" != "tmp"  ]];
 				    echo "Set password for ${sk_mail_account}@${sk_maild}"
 				    pass=$(grep "^${sk_mail_account}:" ${sk_importer_in}/homedir/etc/${sk_maild}/shadow | awk -F  ":" '{print $2}')
 				    newline="${sk_mail_account}:{SHA512-CRYPT}$pass:${sk_cp_user}:mail::/home/${sk_cp_user}:0"
-				    echo $newline
+				    # echo $newline
 				    escaped=$(printf '%s\n' "$newline" | sed -e 's/[\/&]/\\&/g')
 				    sed -i "s/^${sk_mail_account}:.*/$escaped/g" /home/${sk_cp_user}/conf/mail/${sk_maild}/passwd
 		done

From fc483f5d3cf29631f171d545c8790e3727482d8c Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 27 Sep 2021 21:35:47 +0200
Subject: [PATCH 1604/2300] Set original cPanel mail passwords

---
 bin/v-import-cpanel-backup | 20 ++++++++++++++------
 1 file changed, 14 insertions(+), 6 deletions(-)

diff --git a/bin/v-import-cpanel-backup b/bin/v-import-cpanel-backup
index a740a44b..a4d40226 100644
--- a/bin/v-import-cpanel-backup
+++ b/bin/v-import-cpanel-backup
@@ -252,6 +252,11 @@ rm -f sk_sds2 sk_sds
 
 ##################
 # mail
+
+time_n_date=$(date +'%T %F')
+time=$(echo "$time_n_date" |cut -f 1 -d \ )
+date=$(echo "$time_n_date" |cut -f 2 -d \ )
+
 tput setaf 2
 echo "Start Restoring Mails"
 tput sgr0
@@ -272,12 +277,15 @@ if [[ "$sk_maild" != "cur" && "$sk_maild" != "new" && "$sk_maild" != "tmp"  ]];
 					chown ${sk_cp_user}:mail -R /home/${sk_cp_user}/mail/${sk_maild}
 					find /home/${sk_cp_user}/mail/${sk_maild} -type f -name 'dovecot*' -delete
 					# echo "${sk_mail_account}@${sk_maild} | $sk_mail_pass1"	>> /root/sk_mail_password_${sk_cp_user}-${sk_cod}
-				    echo "Set password for ${sk_mail_account}@${sk_maild}"
-				    pass=$(grep "^${sk_mail_account}:" ${sk_importer_in}/homedir/etc/${sk_maild}/shadow | awk -F  ":" '{print $2}')
-				    newline="${sk_mail_account}:{SHA512-CRYPT}$pass:${sk_cp_user}:mail::/home/${sk_cp_user}:0"
-				    # echo $newline
-				    escaped=$(printf '%s\n' "$newline" | sed -e 's/[\/&]/\\&/g')
-				    sed -i "s/^${sk_mail_account}:.*/$escaped/g" /home/${sk_cp_user}/conf/mail/${sk_maild}/passwd
+					echo "Set password for ${sk_mail_account}@${sk_maild}"
+					pass=$(grep "^${sk_mail_account}:" ${sk_importer_in}/homedir/etc/${sk_maild}/shadow | awk -F  ":" '{print $2}')
+					newline="${sk_mail_account}:{SHA512-CRYPT}$pass:${sk_cp_user}:mail::/home/${sk_cp_user}:0"
+					newline2="ACCOUNT='${sk_mail_account}' ALIAS='' AUTOREPLY='no' FWD='' FWD_ONLY='' MD5='{SHA512-CRYPT}$pass' QUOTA='unlimited' U_DISK='0' SUSPENDED='no' TIME='$time' DATE='$date'"
+					# echo $newline
+					escaped=$(printf '%s\n' "$newline" | sed -e 's/[\/&]/\\&/g')
+					escaped2=$(printf '%s\n' "$newline2" | sed -e 's/[\/&]/\\&/g')
+					sed -i "s/^${sk_mail_account}:.*/$escaped/g" /home/${sk_cp_user}/conf/mail/${sk_maild}/passwd
+					sed -i "s/^ACCOUNT='${sk_mail_account}.*/$escaped2/g" /usr/local/vesta/data/users/${sk_cp_user}/mail/${sk_maild}.conf
 		done
 	fi
 #else

From 2ac72e00fb914eee6632ee0937782ceede89ee4f Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 30 Sep 2021 11:02:23 +0200
Subject: [PATCH 1605/2300] Fix Autoreply issue with Exim 4.94+

---
 bin/v-add-mail-account                     |  2 ++
 bin/v-add-mail-domain                      |  2 ++
 bin/v-delete-mail-account                  |  1 +
 func/rebuild.sh                            |  6 ++++++
 install/debian/11/exim/exim4.conf.template |  4 ++--
 install/vst-install-debian.sh              |  1 +
 src/deb/vesta/postinst                     | 11 +++++++++++
 7 files changed, 25 insertions(+), 2 deletions(-)

diff --git a/bin/v-add-mail-account b/bin/v-add-mail-account
index 1675d5d7..81da9e71 100755
--- a/bin/v-add-mail-account
+++ b/bin/v-add-mail-account
@@ -61,6 +61,8 @@ if [[ "$MAIL_SYSTEM" =~ exim ]]; then
     fi
     str="$account:$md5:$user:mail::$HOMEDIR/$user:$quota"
     echo $str >> $HOMEDIR/$user/conf/mail/$domain/passwd
+    userstr="$account:$account:$user:mail:$HOMEDIR/$user"
+    echo $userstr >> $HOMEDIR/$user/conf/mail/$domain/accounts
 fi
 
 # Create mail account folder (mailbox)
diff --git a/bin/v-add-mail-domain b/bin/v-add-mail-domain
index 7c9dbc36..c26dadb2 100755
--- a/bin/v-add-mail-domain
+++ b/bin/v-add-mail-domain
@@ -91,6 +91,7 @@ if [[ "$MAIL_SYSTEM" =~ exim ]]; then
     touch $HOMEDIR/$user/conf/mail/$domain/aliases
     touch $HOMEDIR/$user/conf/mail/$domain/passwd
     touch $HOMEDIR/$user/conf/mail/$domain/fwd_only
+    touch $HOMEDIR/$user/conf/mail/$domain/accounts
     ln -s $HOMEDIR/$user/conf/mail/$domain \
         /etc/$MAIL_SYSTEM/domains/$domain_idn
 
@@ -119,6 +120,7 @@ if [[ "$MAIL_SYSTEM" =~ exim ]]; then
     # Set ownership
     chown -R $MAIL_USER:mail $HOMEDIR/$user/conf/mail/$domain
     chown -R dovecot:mail $HOMEDIR/$user/conf/mail/$domain/passwd
+    chown $MAIL_USER:mail $HOMEDIR/$user/conf/mail/$domain/accounts
     chown $user:mail $HOMEDIR/$user/mail/$domain_idn
 fi
 
diff --git a/bin/v-delete-mail-account b/bin/v-delete-mail-account
index f0da423c..09c41b50 100755
--- a/bin/v-delete-mail-account
+++ b/bin/v-delete-mail-account
@@ -53,6 +53,7 @@ if [[ "$MAIL_SYSTEM" =~ exim ]]; then
 
     sed -i "/^$account@$domain_idn:/d" $HOMEDIR/$user/conf/mail/$domain/aliases
     sed -i "/^$account:/d" $HOMEDIR/$user/conf/mail/$domain/passwd
+    sed -i "/^$account:/d" $HOMEDIR/$user/conf/mail/$domain/accounts
     rm -rf $HOMEDIR/$user/mail/$domain/$account
 fi
 
diff --git a/func/rebuild.sh b/func/rebuild.sh
index b4df3d20..bf04dda0 100644
--- a/func/rebuild.sh
+++ b/func/rebuild.sh
@@ -445,9 +445,12 @@ rebuild_mail_domain_conf() {
         rm -f $HOMEDIR/$user/conf/mail/$domain/protection
         rm -f $HOMEDIR/$user/conf/mail/$domain/passwd
         rm -f $HOMEDIR/$user/conf/mail/$domain/fwd_only
+        rm -f $HOMEDIR/$user/conf/mail/$domain/accounts
+
         touch $HOMEDIR/$user/conf/mail/$domain/aliases
         touch $HOMEDIR/$user/conf/mail/$domain/passwd
         touch $HOMEDIR/$user/conf/mail/$domain/fwd_only
+        touch $HOMEDIR/$user/conf/mail/$domain/accounts
 
         # Adding antispam protection
         if [ "$ANTISPAM" = 'yes' ]; then
@@ -506,6 +509,8 @@ rebuild_mail_domain_conf() {
             fi
             str="$account:$MD5:$user:mail::$HOMEDIR/$user:$QUOTA"
             echo $str >> $HOMEDIR/$user/conf/mail/$domain/passwd
+            userstr="$account:$account:$user:mail:$HOMEDIR/$user"
+            echo $userstr >> $HOMEDIR/$user/conf/mail/$domain/accounts
             for malias in ${ALIAS//,/ }; do
                 echo "$malias@$domain_idn:$account@$domain_idn" >> $dom_aliases
             done
@@ -527,6 +532,7 @@ rebuild_mail_domain_conf() {
         chmod 770 $HOMEDIR/$user/mail/$domain_idn
         chown -R $MAIL_USER:mail $HOMEDIR/$user/conf/mail/$domain
         chown -R dovecot:mail $HOMEDIR/$user/conf/mail/$domain/passwd
+        chown $MAIL_USER:mail $HOMEDIR/$user/conf/mail/$domain/accounts
         chown $user:mail $HOMEDIR/$user/mail/$domain_idn
     fi
 
diff --git a/install/debian/11/exim/exim4.conf.template b/install/debian/11/exim/exim4.conf.template
index 977dc661..d8bca393 100644
--- a/install/debian/11/exim/exim4.conf.template
+++ b/install/debian/11/exim/exim4.conf.template
@@ -381,8 +381,8 @@ address_reply:
 
 userautoreply:
   driver = autoreply
-  file = /etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/autoreply.${lookup{$local_part}dsearch{${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim4/domains/}}}}.msg
-  from = "${lookup{$local_part}dsearch{${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim4/domains/}}}}@${lookup{$domain}dsearch{/etc/exim4/domains/}}"
+  file = /etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/autoreply.${extract{1}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/accounts}}}}.msg
+  from = "${extract{1}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/accounts}}}}@${lookup{$domain}dsearch{/etc/exim4/domains/}}"
   headers = Content-Type: text/plain; charset=utf-8;\nContent-Transfer-Encoding: 8bit
   subject = "${if def:h_Subject: {Autoreply: \"${rfc2047:$h_Subject:}\"} {Autoreply Message}}"
   to = "${sender_address}"
diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 231e2aa3..b73c929f 100755
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1734,6 +1734,7 @@ touch /usr/local/vesta/data/upgrades/apache_status_public_access
 touch /usr/local/vesta/data/upgrades/update-cloudflare-ips
 touch /usr/local/vesta/data/upgrades/enable-tls-in-proftpd
 touch /usr/local/vesta/data/upgrades/enable_cookie_httponly
+touch /usr/local/vesta/data/upgrades/fix_exim_494_autoreply
 
 # Secret URL
 secretquery=''
diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index dbb7cbd2..906cd305 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -23,6 +23,17 @@ fi
 echo "1" > /usr/local/vesta/data/upgrades/show_changelog
 chmod a=rw /usr/local/vesta/data/upgrades/show_changelog
 
+# Fix Autoreply issue with Exim 4.94+
+if [ ! -f "/usr/local/vesta/data/upgrades/fix_exim_494_autoreply" ]; then
+    touch /usr/local/vesta/data/upgrades/fix_exim_494_autoreply
+    if [ -f "/etc/exim4/exim4.conf.template" ]; then 
+        echo "== Fix Autoreply issue with Exim 4.94+"
+        sed -i 's|file = /etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/autoreply.${lookup{$local_part}dsearch{${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim4/domains/}}}}.msg|file = /etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/autoreply.${extract{1}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/accounts}}}}.msg|g'  /etc/exim4/exim4.conf.template
+        sed -i 's| from = "${lookup{$local_part}dsearch{${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim4/domains/}}}}@${lookup{$domain}dsearch{/etc/exim4/domains/}}"| from = "${extract{1}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/accounts}}}}@${lookup{$domain}dsearch{/etc/exim4/domains/}}"|g' /etc/exim4/exim4.conf.template
+        systemctl restart exim4
+    fi
+fi
+
 # Enabling session.cookie_httponly and session.cookie_secure in myvesta php-fpm
 if [ ! -f "/usr/local/vesta/data/upgrades/enable_cookie_httponly" ]; then
     touch /usr/local/vesta/data/upgrades/enable_cookie_httponly

From f236015bdf806bbb8b438b601af9bcad91eef1b6 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 30 Sep 2021 13:40:01 +0200
Subject: [PATCH 1606/2300] Update process for Autoreply fix with Exim 4.94+

---
 src/deb/vesta/postinst | 20 ++++++++++++++------
 1 file changed, 14 insertions(+), 6 deletions(-)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index 906cd305..b644a3cd 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -25,12 +25,20 @@ chmod a=rw /usr/local/vesta/data/upgrades/show_changelog
 
 # Fix Autoreply issue with Exim 4.94+
 if [ ! -f "/usr/local/vesta/data/upgrades/fix_exim_494_autoreply" ]; then
-    touch /usr/local/vesta/data/upgrades/fix_exim_494_autoreply
-    if [ -f "/etc/exim4/exim4.conf.template" ]; then 
-        echo "== Fix Autoreply issue with Exim 4.94+"
-        sed -i 's|file = /etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/autoreply.${lookup{$local_part}dsearch{${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim4/domains/}}}}.msg|file = /etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/autoreply.${extract{1}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/accounts}}}}.msg|g'  /etc/exim4/exim4.conf.template
-        sed -i 's| from = "${lookup{$local_part}dsearch{${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim4/domains/}}}}@${lookup{$domain}dsearch{/etc/exim4/domains/}}"| from = "${extract{1}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/accounts}}}}@${lookup{$domain}dsearch{/etc/exim4/domains/}}"|g' /etc/exim4/exim4.conf.template
-        systemctl restart exim4
+    if [ "$release" -eq 11 ]; then
+        touch /usr/local/vesta/data/upgrades/fix_exim_494_autoreply
+        if [ -f "/etc/exim4/exim4.conf.template" ]; then 
+            echo "== Fix Autoreply issue with Exim 4.94+"
+            sed -i 's|file = /etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/autoreply.${lookup{$local_part}dsearch{${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim4/domains/}}}}.msg|file = /etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/autoreply.${extract{1}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/accounts}}}}.msg|g'  /etc/exim4/exim4.conf.template
+            sed -i 's| from = "${lookup{$local_part}dsearch{${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim4/domains/}}}}@${lookup{$domain}dsearch{/etc/exim4/domains/}}"| from = "${extract{1}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/accounts}}}}@${lookup{$domain}dsearch{/etc/exim4/domains/}}"|g' /etc/exim4/exim4.conf.template
+            for user in $(grep '@' /etc/passwd |cut -f1 -d:); do
+                if [ ! -f "/usr/local/vesta/data/users/$user/user.conf" ]; then
+                    continue;
+                fi
+                v-rebuild-mail-domains $user
+            done
+            systemctl restart exim4
+        fi
     fi
 fi
 

From fd8a44ae23884f345626ffd50bcf47dd11eb95fd Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 30 Sep 2021 13:43:51 +0200
Subject: [PATCH 1607/2300] Update postinst

---
 src/deb/vesta/postinst | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index b644a3cd..8649087b 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -35,7 +35,7 @@ if [ ! -f "/usr/local/vesta/data/upgrades/fix_exim_494_autoreply" ]; then
                 if [ ! -f "/usr/local/vesta/data/users/$user/user.conf" ]; then
                     continue;
                 fi
-                v-rebuild-mail-domains $user
+                /usr/local/vesta/bin/v-rebuild-mail-domains $user
             done
             systemctl restart exim4
         fi

From 9eb21cef4cf2c23c7476de7e4c95d73f2ded53db Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 30 Sep 2021 15:44:18 +0200
Subject: [PATCH 1608/2300] Define mail user in rebuild_mail_domain_conf()

---
 func/rebuild.sh | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/func/rebuild.sh b/func/rebuild.sh
index bf04dda0..23f9d4d7 100644
--- a/func/rebuild.sh
+++ b/func/rebuild.sh
@@ -523,6 +523,12 @@ rebuild_mail_domain_conf() {
         fi
     done
 
+    # Define mail user
+    if [ "$MAIL_SYSTEM" = 'exim4' ]; then
+        MAIL_USER=Debian-exim
+    else
+        MAIL_USER=exim
+    fi
     # Set permissions and ownership
     if [[ "$MAIL_SYSTEM" =~ exim ]]; then
         chmod 660 $USER_DATA/mail/$domain.*

From 402131c22b352e9200c8f141aa516aff53692fec Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 30 Sep 2021 16:41:36 +0200
Subject: [PATCH 1609/2300] Moving v-install-wordpress to --parameters

---
 bin/v-install-wordpress | 23 ++++++++++++++---------
 1 file changed, 14 insertions(+), 9 deletions(-)

diff --git a/bin/v-install-wordpress b/bin/v-install-wordpress
index 8e60dc6f..82c8e6ac 100644
--- a/bin/v-install-wordpress
+++ b/bin/v-install-wordpress
@@ -17,14 +17,15 @@ fi
 # Argument definition
 domain=$1
 
-database="wp";
-if [ $# -gt 1 ]; then
-    database=$2
+# take --parameters
+source /usr/local/vesta/func/handle_parameters.sh
+
+if [ -z "$database" ]; then
+    database="wp"
 fi
 
-email="info@$domain";
-if [ $# -gt 2 ]; then
-    email=$3
+if [ -z "$emil" ]; then
+    email="info@$domain";
 fi
 
 user=$(/usr/local/vesta/bin/v-search-domain-owner $domain)
@@ -83,11 +84,15 @@ PASSWDDB=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 8 | head -n 1)
 #----------------------------------------------------------#
 
 PROTOCOL='http'
-if [ ! -f "/home/$user/conf/web/ssl.$domain.ca" ]; then
-    /usr/local/vesta/bin/v-add-letsencrypt-domain "$user" "$domain" "www.$domain" "yes"
+if [ -z "$SKIP_LE" ]; then
+    if [ ! -f "/home/$user/conf/web/ssl.$domain.ca" ]; then
+        /usr/local/vesta/bin/v-add-letsencrypt-domain "$user" "$domain" "www.$domain" "yes"
+    fi
+else
+    PROTOCOL='https'
 fi
 
-if [ -f "/home/$user/conf/web/ssl.$domain.ca" ]; then
+if [ -f "/home/$user/conf/web/ssl.$domain.ca" ] || [ ! -z "$SKIP_LE" ]; then
     PROTOCOL='https'
     if [ -f "/usr/local/vesta/data/templates/web/nginx/force-https.stpl" ]; then
         /usr/local/vesta/bin/v-change-web-domain-proxy-tpl  "$user" "$domain" "force-https" "jpeg,jpg,png,gif,bmp,ico,svg,tif,tiff,css,js,ttf,otf,webp,txt,csv,rtf,doc,docx,xls,xlsx,ppt,pptx,odf,odp,ods,odt,pdf,psd,ai,eot,eps,ps,zip,tar,tgz,gz,rar,bz2,7z,aac,m4a,mp3,mp4,ogg,wav,wma,3gp,avi,flv,m4v,mkv,mov,mpeg,mpg,wmv,exe,iso,dmg,swf,woff,woff2" "yes"

From def46e8cd7b738b5dce9d94b9a29358e4232af19 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 12 Oct 2021 11:41:04 +0200
Subject: [PATCH 1610/2300] Update v-install-wordpress

---
 bin/v-install-wordpress | 22 +++++++++++-----------
 1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/bin/v-install-wordpress b/bin/v-install-wordpress
index 82c8e6ac..d558dd35 100644
--- a/bin/v-install-wordpress
+++ b/bin/v-install-wordpress
@@ -17,17 +17,6 @@ fi
 # Argument definition
 domain=$1
 
-# take --parameters
-source /usr/local/vesta/func/handle_parameters.sh
-
-if [ -z "$database" ]; then
-    database="wp"
-fi
-
-if [ -z "$emil" ]; then
-    email="info@$domain";
-fi
-
 user=$(/usr/local/vesta/bin/v-search-domain-owner $domain)
 if [ -z "$user" ]; then
     check_result $E_NOTEXIST "domain $domain doesn't exist"
@@ -49,6 +38,17 @@ is_format_valid 'domain' 'database' 'email'
 is_object_valid 'user' 'USER' "$user"
 is_object_unsuspended 'user' 'USER' "$user"
 
+# take --parameters
+source /usr/local/vesta/func/handle_parameters.sh
+
+if [ -z "$database" ]; then
+    database="wp"
+fi
+
+if [ -z "$emil" ]; then
+    email="info@$domain";
+fi
+
 if [ ! -d "/home/$user" ]; then
     echo "User doesn't exist";
     exit 1;

From 8bbfc1255ffacc02c2e45617320b29dd92adbb4d Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 15 Oct 2021 10:33:21 +0200
Subject: [PATCH 1611/2300] Avoiding error if unzip destination exists

---
 bin/v-extract-fs-archive | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-extract-fs-archive b/bin/v-extract-fs-archive
index ec70baba..1ea608af 100755
--- a/bin/v-extract-fs-archive
+++ b/bin/v-extract-fs-archive
@@ -82,7 +82,7 @@ fi
 # Extracting ziped archive
 if [ ! -z "$(echo $src_file |grep -i  '.zip')" ]; then
     sudo -u $user mkdir -p "$dst_dir" >/dev/null 2>&1
-    sudo -u $user unzip "$src_file" -d "$dst_dir" >/dev/null 2>&1
+    sudo -u $user unzip -o "$src_file" -d "$dst_dir" >/dev/null 2>&1
     rc=$?
 fi
 

From a493c140cea6ac604938273c244128fac9d7c807 Mon Sep 17 00:00:00 2001
From: Jaap Marcus <9754650+jaapmarcus@users.noreply.github.com>
Date: Mon, 18 Oct 2021 09:31:48 +0200
Subject: [PATCH 1612/2300] Regex string threaded literally instead as regex

During shellcheck of Hestia source code I noticed the following error matching the line:
^----^ SC2076: Don't quote right-hand side of =~, it'll match literally rather than as a regex.
                                                                                      ^--------------^ SC2076: Don't quote right-hand side of =~, it'll match literally rather
Proof of concept:
root@dev:~# v-add-web-domain jaap jaap..nu
Error: nginx restart failed
root@dev:~# v-add-web-domain jaap jaap..nu
Error: invalid domain format :: jaap..nu
---
 func/main.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/func/main.sh b/func/main.sh
index 5f71bb1f..a92bb59a 100644
--- a/func/main.sh
+++ b/func/main.sh
@@ -551,7 +551,7 @@ is_user_format_valid() {
 is_domain_format_valid() {
     object_name=${2-domain}
     exclude="[!|@|#|$|^|&|*|(|)|+|=|{|}|:|,|<|>|?|_|/|\|\"|'|;|%|\`| ]"
-    if [[ $1 =~ $exclude ]] || [[ $1 =~ ^[0-9]+$ ]] || [[ $1 =~ "\.\." ]] || [[ $1 =~ "$(printf '\t')" ]]; then
+    if [[ $1 =~ $exclude ]] || [[ $1 =~ ^[0-9]+$ ]] || [[ $1 =~ \.\. ]] || [[ $1 =~ $(printf '\t') ]]; then
         check_result $E_INVALID "invalid $object_name format :: $1"
     fi
 }

From f68d0178c810d5353434d9a1f4becb4ef80233c3 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 20 Oct 2021 21:51:17 +0200
Subject: [PATCH 1613/2300] Update multi-php-install.sh

---
 src/deb/for-download/tools/multi-php-install.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/for-download/tools/multi-php-install.sh b/src/deb/for-download/tools/multi-php-install.sh
index ce04f573..4dd830c1 100644
--- a/src/deb/for-download/tools/multi-php-install.sh
+++ b/src/deb/for-download/tools/multi-php-install.sh
@@ -293,6 +293,6 @@ if [ $debian_version -eq 10 ]; then
     a2dismod php8.0
     a2dismod mpm_prefork
     a2enmod mpm_event
-    apt-get -y remove libapache2-mod-php8.0
+    apt-get -y remove libapache2-mod-php*
     service apache2 restart
 fi

From e2537d902655ccd90dcf3930d3925896c7ceefe7 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 20 Oct 2021 23:34:42 +0200
Subject: [PATCH 1614/2300] Set default php in installer

---
 install/vst-install-debian.sh | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index b73c929f..4f48ca0b 100755
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1637,7 +1637,9 @@ if [ "$release" -eq 9 ]; then
       patch -p1 --directory=/ < /root/vesta-temp-dl/vesta/patch/php7.0-dedi.patch
     fi
   fi
+  update-alternatives --set php /usr/bin/php7.0
 fi
+
 if [ "$release" -eq 10 ]; then
   if [ $memory -lt 10000000 ]; then
     echo "=== Patching php7.3-vps"
@@ -1647,8 +1649,10 @@ if [ "$release" -eq 10 ]; then
     echo "=== Patching php7.3-dedi"
     patch /etc/php/7.3/fpm/php.ini < $vestacp/php/php7.3-dedi.patch
   fi
+  update-alternatives --set php /usr/bin/php7.3
   service php7.3-fpm restart
 fi
+
 if [ "$release" -eq 11 ]; then
   if [ $memory -lt 10000000 ]; then
     echo "=== Patching php7.4-vps"
@@ -1658,6 +1662,7 @@ if [ "$release" -eq 11 ]; then
     echo "=== Patching php7.4-dedi"
     patch /etc/php/7.4/fpm/php.ini < $vestacp/php/php7.4-dedi.patch
   fi
+  update-alternatives --set php /usr/bin/php7.4
   service php7.4-fpm restart
 fi
 

From 5633b839e5e3821784aa880c6c35b04038e70039 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 20 Oct 2021 23:36:26 +0200
Subject: [PATCH 1615/2300] Update multi-php-install.sh

---
 src/deb/for-download/tools/multi-php-install.sh | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/deb/for-download/tools/multi-php-install.sh b/src/deb/for-download/tools/multi-php-install.sh
index 4dd830c1..6d30ab25 100644
--- a/src/deb/for-download/tools/multi-php-install.sh
+++ b/src/deb/for-download/tools/multi-php-install.sh
@@ -281,7 +281,7 @@ fi
 apt update
 apt upgrade -y
 
-if [ $debian_version -eq 10 ]; then
+if [ $debian_version -ge 10 ]; then
     a2dismod ruid2
     a2dismod suexec
     a2dismod php5.6
@@ -291,6 +291,7 @@ if [ $debian_version -eq 10 ]; then
     a2dismod php7.3
     a2dismod php7.4
     a2dismod php8.0
+    a2dismod php8.1
     a2dismod mpm_prefork
     a2enmod mpm_event
     apt-get -y remove libapache2-mod-php*

From bc9ca52c3736bd9dc46df38eed98b6231c0dc58a Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 20 Oct 2021 23:48:42 +0200
Subject: [PATCH 1616/2300] Create v-clean-garbage

---
 bin/v-clean-garbage | 35 +++++++++++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)
 create mode 100644 bin/v-clean-garbage

diff --git a/bin/v-clean-garbage b/bin/v-clean-garbage
new file mode 100644
index 00000000..fc354210
--- /dev/null
+++ b/bin/v-clean-garbage
@@ -0,0 +1,35 @@
+#!/bin/bash
+
+nice -n 19 ionice -c 3 find /home/*/tmp/ -type f -delete
+find /home/ -name '.wp-cli' -type d -exec rm -rf {} \;
+
+rm /var/backups/*
+rm /var/cache/apt/archives/*
+cd /var/log
+truncate -s 0 xferlog lastlog faillog btmp syslog;
+find /var/log/ -name "*.log" -type f -exec truncate -s 0 {} \;
+find /var/log/ -name "*.err" -type f -exec truncate -s 0 {} \;
+find /var/log/ -name "errors" -type f -exec truncate -s 0 {} \;
+find /var/log/ -name "*.info" -type f -exec truncate -s 0 {} \;
+find /var/log/ -name "*.warn" -type f -exec truncate -s 0 {} \;
+find /var/log/ -type f -name "*.1" -delete
+find /var/log/ -type f -name "*.2" -delete
+find /var/log/ -type f -name "*.3" -delete
+find /var/log/ -type f -name "*.4" -delete
+find /var/log/ -type f -name "*.5" -delete
+find /var/log/ -type f -name "*.6" -delete
+find /var/log/ -type f -name "*.7" -delete
+find /var/log/ -name "*.gz" -type f -delete
+find /usr/local/vesta/log/ -type f -name "*.log" -exec truncate -s 0 {} \;
+find /usr/local/vesta/log/ -type f -not -name "*.log" -delete
+find /var/log/exim4/ -type f -exec truncate -s 0 {} \;
+
+find /home/*/web/*/public_html/wp-content/aiowps_backups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
+find /home/*/web/*/public_html/wp-content/envato-backups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
+find /home/*/web/*/public_html/wp-content/ai1wm-backups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
+find /home/*/web/*/public_html/wp-content/updraft/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
+find /home/*/web/*/public_html/ -type f -name "error_log" -delete
+find /home/*/web/*/public_html/ -type f -name "error_log.txt" -delete
+find /home/ -type f -name "*.log" -delete
+
+echo "=== Garbage cleaned ==="

From 39c9ebc2a7edbb1dd17fd5b4e6110cb065fba852 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 7 Nov 2021 00:33:45 +0100
Subject: [PATCH 1617/2300] curl --silent in v-add-letsencrypt-domain

---
 bin/v-add-letsencrypt-domain | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-add-letsencrypt-domain b/bin/v-add-letsencrypt-domain
index 3a7b10b8..0cea207c 100755
--- a/bin/v-add-letsencrypt-domain
+++ b/bin/v-add-letsencrypt-domain
@@ -287,7 +287,7 @@ for auth in $authz; do
             check_result $E_CONNECT "Let's Encrypt domain validation timeout"
         fi
         echo "[$(date)] : curl: $url2 :" >> /usr/local/vesta/log/letsencrypt.log
-        get_answer=$(curl -S "$url2")
+        get_answer=$(curl --silent -S "$url2")
         echo "[$(date)] : get_answer=$get_answer" >> /usr/local/vesta/log/letsencrypt.log
         sleeping=$((i*2))
         echo "[$(date)] : sleep $sleeping (i=$i)" >> /usr/local/vesta/log/letsencrypt.log

From 4bb53ff28f22fe5f18a50da493683cfba19983c0 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 7 Nov 2021 14:26:16 +0100
Subject: [PATCH 1618/2300] Properly rebuild_mysql_database password for
 MariaDB > 10.4

---
 func/rebuild.sh | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/func/rebuild.sh b/func/rebuild.sh
index 23f9d4d7..eeef03ee 100644
--- a/func/rebuild.sh
+++ b/func/rebuild.sh
@@ -568,21 +568,30 @@ rebuild_mysql_database() {
         fi
     else
         # mariadb
-        if [ "$(echo $mysql_ver |cut -d '.' -f1)" -eq 5 ]; then
+        mysql_ver_sub=$(echo $mysql_ver |cut -d '.' -f1)
+        mysql_ver_sub_sub=$(echo $mysql_ver |cut -d '.' -f2)
+        if [ "$mysql_ver_sub" -eq 5 ]; then
             # mariadb = 5
             mysql_query "CREATE USER \`$DBUSER\`" > /dev/null
             mysql_query "CREATE USER \`$DBUSER\`@localhost" > /dev/null
+            query="UPDATE mysql.user SET Password='$MD5' WHERE User='$DBUSER'"
         else
             # mariadb = 10
             mysql_query "CREATE USER IF NOT EXISTS \`$DBUSER\`" > /dev/null
             mysql_query "CREATE USER IF NOT EXISTS \`$DBUSER\`@localhost" > /dev/null
+            query="UPDATE mysql.user SET Password='$MD5' WHERE User='$DBUSER'"
+            if [ "$mysql_ver_sub_sub" -ge 4 ]; then
+                query="SET PASSWORD FOR '$DBUSER'@'%' = '$MD5';"
+                query2="SET PASSWORD FOR '$DBUSER'@'localhost' = '$MD5';"
+            fi
         fi
-        # mariadb any version
-        query="UPDATE mysql.user SET Password='$MD5' WHERE User='$DBUSER'"
     fi
     mysql_query "GRANT ALL ON \`$DB\`.* TO \`$DBUSER\`@\`%\`" >/dev/null
     mysql_query "GRANT ALL ON \`$DB\`.* TO \`$DBUSER\`@localhost" >/dev/null
     mysql_query "$query" >/dev/null
+    if [ ! -z "$query2" ]; then
+        mysql_query "$query2" >/dev/null
+    fi
     mysql_query "FLUSH PRIVILEGES" >/dev/null
 }
 

From 14ba4ab999869dacabe670e41a22ebf9e7b1a3e4 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 7 Nov 2021 21:46:52 +0100
Subject: [PATCH 1619/2300] Version 0.9.8-26-50

---
 src/deb/latest.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/latest.txt b/src/deb/latest.txt
index efd44125..53712deb 100644
--- a/src/deb/latest.txt
+++ b/src/deb/latest.txt
@@ -1 +1 @@
-vesta-0.9.8-26-49
+vesta-0.9.8-26-50

From c0cebf526438aac378862e45ac16d6fe774cb6fe Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 7 Nov 2021 21:48:46 +0100
Subject: [PATCH 1620/2300] Update Changelog.md

---
 Changelog.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/Changelog.md b/Changelog.md
index 647187e0..4ecfde8f 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -1,3 +1,7 @@
+Version 0.9.8-26-50 [07-Nov-2021]
+==================================================
+* Many small bugfixes and CSRF fixes
+
 Version 0.9.8-26-49 [17-Jul-2021]
 ==================================================
 * Support for Debian 11

From aba861c8143c0b23a3d327636bf79ebe13cc897d Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 11 Nov 2021 22:54:42 +0100
Subject: [PATCH 1621/2300] check spam if email smaller than 600 KB

---
 install/debian/10/exim/exim4.conf.template | 2 +-
 install/debian/11/exim/exim4.conf.template | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/install/debian/10/exim/exim4.conf.template b/install/debian/10/exim/exim4.conf.template
index cb79ab3c..70577b6e 100644
--- a/install/debian/10/exim/exim4.conf.template
+++ b/install/debian/10/exim/exim4.conf.template
@@ -174,7 +174,7 @@ acl_check_data:
 .ifdef SPAMASSASSIN
   warn   !authenticated = *
          hosts          = !+relay_from_hosts
-         condition      = ${if < {$message_size}{100K}}
+         condition      = ${if < {$message_size}{600K}}
          condition      = ${if eq{$acl_m1}{yes}{yes}{no}}
          spam           = nobody:true/defer_ok
          add_header     = X-Spam-Score: $spam_score_int
diff --git a/install/debian/11/exim/exim4.conf.template b/install/debian/11/exim/exim4.conf.template
index d8bca393..a041b329 100644
--- a/install/debian/11/exim/exim4.conf.template
+++ b/install/debian/11/exim/exim4.conf.template
@@ -174,7 +174,7 @@ acl_check_data:
 .ifdef SPAMASSASSIN
   warn   !authenticated = *
          hosts          = !+relay_from_hosts
-         condition      = ${if < {$message_size}{100K}}
+         condition      = ${if < {$message_size}{600K}}
          condition      = ${if eq{$acl_m1}{yes}{yes}{no}}
          spam           = nobody:true/defer_ok
          add_header     = X-Spam-Score: $spam_score_int

From 8c4be97720bdda6f25db0a94c7150d779679d2f0 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 12 Nov 2021 23:04:46 +0100
Subject: [PATCH 1622/2300] Fix for "chmod: changing permissions"

---
 bin/v-add-web-domain | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-add-web-domain b/bin/v-add-web-domain
index aab09e6a..72de559a 100755
--- a/bin/v-add-web-domain
+++ b/bin/v-add-web-domain
@@ -90,7 +90,7 @@ done
 # Changing file owner & permission
 chown -R $user:$user $HOMEDIR/$user/web/$domain
 chown root:$user /var/log/$WEB_SYSTEM/domains/$domain.* $conf
-sudo -u $user chmod 640 /var/log/$WEB_SYSTEM/domains/$domain.*
+chmod 640 /var/log/$WEB_SYSTEM/domains/$domain.*
 sudo -u $user chmod 751 $HOMEDIR/$user/web/$domain $HOMEDIR/$user/web/$domain/*
 sudo -u $user chmod 551 $HOMEDIR/$user/web/$domain/stats $HOMEDIR/$user/web/$domain/logs
 sudo -u $user chmod 644 $HOMEDIR/$user/web/$domain/public_*html/*.*

From 302e351252d2afa3428381bd11d72a03729a2438 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 14 Nov 2021 19:47:54 +0100
Subject: [PATCH 1623/2300] Many fixes for v-list-sys-services

---
 bin/v-list-sys-services                | 142 ++++++++++++++++++++++---
 web/templates/admin/list_services.html |  12 ++-
 2 files changed, 133 insertions(+), 21 deletions(-)

diff --git a/bin/v-list-sys-services b/bin/v-list-sys-services
index 93f01a11..71133ac4 100755
--- a/bin/v-list-sys-services
+++ b/bin/v-list-sys-services
@@ -18,6 +18,8 @@ source $VESTA/conf/vesta.conf
 
 export PATH=$PATH:/sbin
 
+debug=0
+
 # JSON list function
 json_list() {
     IFS=$'\n'
@@ -50,6 +52,9 @@ shell_list() {
     echo "----   -----   ---   ---   ------"
     while read str; do
         eval $str
+        if [ "$STATE" = "stopped" ]; then
+            STATE='off'
+        fi
         echo "$NAME $STATE $CPU $MEM $RTIME"
     done < <(echo -e "$data" |grep NAME)
 }
@@ -77,8 +82,17 @@ csv_list() {
 get_srv_state() {
     srv=$1
     name=${2-$1}
+    procfolder=$4
+    procfile=$5
     state='running'
+    mem=0
+    cpu=0
+    rtime="0"
 
+    if [ $debug -eq 1 ]; then
+        echo "---------------------"
+        echo "$srv = $name"
+    fi
     # Searching related pids
     if [ -z $3 ]; then
         pids=$(pidof $name |tr ' ' '|')
@@ -88,10 +102,23 @@ get_srv_state() {
     if [ -z "$pids" ] && [ "$name" != 'nginx' ]; then
         pids=$(pgrep $name |tr '\n' '|')
     fi
+    if [ "$name" = 'elasticsearch' ]; then
+        pids=$(ps -Af | grep 'elasticsearch' | grep -v 'grep' | awk '{print $2}' | tr '\n' '|')
+    fi
+    if [ "$name" = 'vesta-nginx' ]; then
+        pids=$(ps -Af | grep 'vesta/nginx' | grep -v 'grep' | awk '{print $2}' | tr '\n' '|')
+    fi
+    if [ "$name" = 'vesta-php' ]; then
+        pids=$(ps -Af | grep 'vesta/php' | grep -v 'grep' | awk '{print $2}' | tr '\n' '|')
+    fi
+    if [ $debug -eq 1 ]; then
+        echo "pids = $pids"
+    fi
 
     # Checking pid
-    if [ ! -z "$pids" ]; then
+    if [ -n "$pids" ]; then
         pid=$(echo "$pids" |cut -f 1 -d '|')
+        pids=${pids%|}
         pids=$(egrep "$pids" $tmp_file)
 
         # Calculating CPU usage
@@ -103,7 +130,22 @@ get_srv_state() {
 
         # Searching pid file
         pid_file=''
-        if [ -e "/var/run/$srv.pid" ]; then
+        if [ ! -z "$procfolder" ]; then
+            if [ -f "/var/run/$procfolder/$srv.pid" ]; then
+                pid_file="/var/run/$procfolder/$srv.pid"
+            fi
+        fi
+        if [ -z "$pid_file" ] && [ ! -z "$procfolder" ] && [ ! -z "$procfile" ]; then
+            if [ -f "/var/run/$procfolder/$procfile.pid" ]; then
+                pid_file="/var/run/$procfolder/$procfile.pid"
+            fi
+        fi
+        if [ -z "$pid_file" ] && [ -z "$procfolder" ] && [ ! -z "$procfile" ]; then
+            if [ -f "/var/run/$procfile.pid" ]; then
+                pid_file="/var/run/$procfile.pid"
+            fi
+        fi
+        if [ -z "$pid_file" ] && [ -e "/var/run/$srv.pid" ]; then
             pid_file="/var/run/$srv.pid"
         fi
         if [ -z "$pid_file" ] && [ -e "/var/run/$srv/$srv.pid" ]; then
@@ -112,18 +154,31 @@ get_srv_state() {
         if [ -z "$pid_file" ] && [ -e "/var/run/$name/$name.pid" ]; then
             pid_file="/var/run/$name/$name.pid"
         fi
+        if [ -z "$pid_file" ] && [ -f "/var/run/$name.pid" ]; then
+            pid_file="/var/run/$name.pid"
+        fi
         if [ -z "$pid_file" ] && [ -e "/proc/$pid" ]; then
             pid_file="/proc/$pid"
         fi
 
+        if [ $debug -eq 1 ]; then
+            echo "$srv = $name = $pid_file"
+        fi
         # Calculating uptime
-        if [ ! -z "$pid_file" ]; then
+        if [ -n "$pid_file" ]; then
             mtime=$(stat -c "%Y" $pid_file)
             rtime=$((ctime - mtime))
             rtime=$((rtime  / 60))
         else
             rtime=0
         fi
+        if [ "$pid_file" = "/proc/$pid" ]; then
+            if [ $debug -eq 1 ]; then
+                echo "getting pid lifetime via ps"
+            fi            
+            rtime=$(ps -p 2877633 -o etimes | tail -n 1 | awk '{print $1}')
+            rtime=$((rtime  / 60))
+        fi
     else
         state='stopped'
         mem=0
@@ -151,14 +206,6 @@ if [ ! -z "$WEB_SYSTEM" ] && [ "$WEB_SYSTEM" != 'remote' ]; then
     data="$data MEM='$mem' RTIME='$rtime'"
 fi
 
-# Checking WEB Backend
-if [ ! -z "$WEB_BACKEND" ] && [ "$WEB_BACKEND" != 'remote' ]; then
-    proc_name=$(ls /usr/sbin/php*fpm* | rev | cut -d'/' -f 1 | rev)
-    get_srv_state $proc_name
-    data="$data\nNAME='$WEB_BACKEND' SYSTEM='backend server' STATE='$state'"
-    data="$data CPU='$cpu' MEM='$mem' RTIME='$rtime'"
-fi
-
 # Checking WEB Proxy
 if [ ! -z "$PROXY_SYSTEM" ] && [ "$PROXY_SYSTEM" != 'remote' ]; then
     get_srv_state $PROXY_SYSTEM
@@ -166,6 +213,18 @@ if [ ! -z "$PROXY_SYSTEM" ] && [ "$PROXY_SYSTEM" != 'remote' ]; then
     data="$data CPU='$cpu' MEM='$mem' RTIME='$rtime'"
 fi
 
+# Checking WEB Backend
+if [ "$WEB_BACKEND" != 'remote' ]; then
+    php_versions=$(ls /usr/sbin/php*fpm* | cut -d'/' -f4 | sed 's|php-fpm||')
+    for version in $php_versions; do
+        proc_name="php-fpm${version}"
+        service_name="php${version}-fpm"
+        get_srv_state "$service_name" "$proc_name" '' 'php'
+        data="$data\nNAME='$service_name' SYSTEM='backend server' STATE='$state'"
+        data="$data CPU='$cpu' MEM='$mem' RTIME='$rtime'"
+    done
+fi
+
 # DNS
 service=$DNS_SYSTEM
 if [ ! -z "$service" ] && [ "$service" != 'remote' ]; then
@@ -177,14 +236,22 @@ fi
 
 # Checking MAIL system
 if [ ! -z "$MAIL_SYSTEM" ] && [ "$MAIL_SYSTEM" != 'remote' ]; then
-    get_srv_state $MAIL_SYSTEM
+    if [ "$MAIL_SYSTEM" = "exim4" ]; then
+        get_srv_state "$MAIL_SYSTEM" "$MAIL_SYSTEM" '' 'exim4' 'exim'
+    else
+        get_srv_state $MAIL_SYSTEM
+    fi
     data="$data\nNAME='$MAIL_SYSTEM' SYSTEM='mail server' STATE='$state'"
     data="$data CPU='$cpu' MEM='$mem' RTIME='$rtime'"
 fi
 
 # Checking MAIL IMAP
 if [ ! -z "$IMAP_SYSTEM" ] && [ "$IMAP_SYSTEM" != 'remote' ]; then
-    get_srv_state $IMAP_SYSTEM
+    if [ "$IMAP_SYSTEM" = "dovecot" ]; then
+        get_srv_state "$IMAP_SYSTEM" "$IMAP_SYSTEM" '' 'dovecot' 'master'
+    else
+        get_srv_state $IMAP_SYSTEM
+    fi
     data="$data\nNAME='$IMAP_SYSTEM' SYSTEM='pop/imap server' STATE='$state'"
     data="$data CPU='$cpu' MEM='$mem' RTIME='$rtime'"
 fi
@@ -200,11 +267,19 @@ if [ ! -z "$ANTIVIRUS_SYSTEM" ] && [ "$ANTIVIRUS_SYSTEM" != 'remote' ]; then
         if [ "$ANTIVIRUS_SYSTEM" == 'clamav-daemon' ];then
             proc_name='clamd'
         fi
-        get_srv_state $ANTIVIRUS_SYSTEM $proc_name
+        get_srv_state $ANTIVIRUS_SYSTEM $proc_name '' 'clamav' 'clamd'
     fi
     data="$data\nNAME='$ANTIVIRUS_SYSTEM' SYSTEM='email antivirus'"
     data="$data STATE='$state' CPU='$cpu' MEM='$mem' RTIME='$rtime'"
     proc_name=''
+    if [ ! -d "/etc/sysconfig" ]; then
+        if [ "$ANTIVIRUS_SYSTEM" == 'clamav-daemon' ];then
+            get_srv_state "clamav-freshclam" "freshclam"
+            data="$data\nNAME='clamav-freshclam' SYSTEM='email antivirus updater'"
+            data="$data STATE='$state' CPU='$cpu' MEM='$mem' RTIME='$rtime'"
+            proc_name=''
+        fi
+    fi
 fi
 
 # Checking MAIL ANTISPAM
@@ -220,6 +295,7 @@ if [ ! -z "$DB_SYSTEM" ] && [ "$DB_SYSTEM" != 'remote' ]; then
         proc_name=''
         service="$db"
         if [ "$service" = 'mysql' ]; then
+            proc_name='mysqld'
             release=$(cat /etc/debian_version | tr "." "\n" | head -n1)
             if [ "$release" -eq 11 ]; then
                 service='mariadb'
@@ -243,7 +319,7 @@ if [ ! -z "$DB_SYSTEM" ] && [ "$DB_SYSTEM" != 'remote' ]; then
                 proc_name='postgres'
             fi
         fi
-        get_srv_state $service $proc_name
+        get_srv_state $service $proc_name '' 'mysqld' 'mysqld'
         data="$data\nNAME='$service' SYSTEM='database server' STATE='$state'"
         data="$data CPU='$cpu' MEM='$mem' RTIME='$rtime'"
         proc_name=''
@@ -259,11 +335,28 @@ fi
 
 # Checking CRON system
 if [ ! -z "$CRON_SYSTEM" ] && [ "$CRON_SYSTEM" != 'remote' ]; then
-    get_srv_state $CRON_SYSTEM
+    get_srv_state "$CRON_SYSTEM" "$CRON_SYSTEM" '' '' 'crond'
     data="$data\nNAME='$CRON_SYSTEM' SYSTEM='job scheduler' STATE='$state'"
     data="$data CPU='$cpu' MEM='$mem' RTIME='$rtime'"
 fi
 
+# Checking SSH daemon
+if [ -e "/etc/ssh/sshd_config" ]; then
+    get_srv_state 'ssh' 'ssh' '' '' 'sshd'
+    data="$data\nNAME='ssh' SYSTEM='SSH Access' STATE='$state'"
+    data="$data CPU='$cpu' MEM='$mem' RTIME='$rtime'"
+fi
+
+# Checking Vesta nginx
+get_srv_state 'vesta' 'vesta-nginx' '' '' 'vesta-nginx'
+data="$data\nNAME='vesta-nginx' SYSTEM='Vesta nginx service' STATE='$state'"
+data="$data CPU='$cpu' MEM='$mem' RTIME='$rtime'"
+
+# Checking Vesta php-fpm
+get_srv_state 'vesta' 'vesta-php' '' '' 'vesta-php'
+data="$data\nNAME='vesta-php' SYSTEM='Vesta php service' STATE='$state'"
+data="$data CPU='$cpu' MEM='$mem' RTIME='$rtime'"
+
 # Checking FIREWALL system
 if [ ! -z "$FIREWALL_SYSTEM" ] && [ "$FIREWALL_SYSTEM" != 'remote' ]; then
     state="stopped"
@@ -277,11 +370,26 @@ fi
 
 # Checking FIREWALL Fail2ban extention
 if [ ! -z "$FIREWALL_EXTENSION" ]; then
-    get_srv_state $FIREWALL_EXTENSION fail2ban-server script
+    get_srv_state "$FIREWALL_EXTENSION" 'fail2ban-server' 'script'
     data="$data\nNAME='$FIREWALL_EXTENSION' SYSTEM='brute-force monitor'"
     data="$data STATE='$state' CPU='$cpu' MEM='$mem' RTIME='$rtime'"
 fi
 
+# Checking ElasticSearch
+if [ -d "/etc/elasticsearch" ]; then
+    get_srv_state 'elasticsearch'
+    data="$data\nNAME='elasticsearch' SYSTEM='ElasticSearch' STATE='$state'"
+    data="$data CPU='$cpu' MEM='$mem' RTIME='$rtime'"
+fi
+
+# Checking Redis
+if [ -d "/etc/redis" ]; then
+    get_srv_state 'redis' 'redis-server' '' 'redis' 'redis-server'
+    data="$data\nNAME='redis' SYSTEM='Redis' STATE='$state'"
+    data="$data CPU='$cpu' MEM='$mem' RTIME='$rtime'"
+fi
+
+
 # Listing data
 case $format in
     json)   json_list ;;
diff --git a/web/templates/admin/list_services.html b/web/templates/admin/list_services.html
index 6012d2a3..45d6b18a 100644
--- a/web/templates/admin/list_services.html
+++ b/web/templates/admin/list_services.html
@@ -121,7 +121,11 @@
             $status = 'suspended';
             $action = 'start';
           }
-
+          
+          $realservice=$key;
+          if ($realservice=="vesta-php") $realservice="vesta";
+          if ($realservice=="vesta-nginx") $realservice="vesta";
+          
           $cpu = $data[$key]['CPU'] / 10;
           $cpu = number_format($cpu, 1);
           if ($cpu == '0.0')  $cpu = 0;
@@ -137,9 +141,9 @@
           
           
             
-                ↵
-                S
-                R
+                ↵
+                S
+                R
             
             
           

From d9202d91b9a0d334db272b738f2996f38fb1a6d9 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 14 Nov 2021 20:01:21 +0100
Subject: [PATCH 1624/2300] Avoid clamav fixes if clamav is disabled

---
 src/deb/vesta/postinst | 119 +++++++++++++++++++++--------------------
 1 file changed, 61 insertions(+), 58 deletions(-)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index 8649087b..c9b9732c 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -141,48 +141,68 @@ if [ "$check_cron" -eq 0 ]; then
     crontab -l | { cat; echo "10 2 * * 6 sudo find /home/*/tmp/ -type f -mtime +5 -exec rm {} \;"; } | crontab -
 fi
 
-# make sure clamav-daemon.service has mkdir fix
-if [ -f "/lib/systemd/system/clamav-daemon.service" ]; then
-    check_grep=$(grep -c 'mkdir' /lib/systemd/system/clamav-daemon.service)
-    if [ "$check_grep" -eq 0 ]; then
-        echo "=== patching clamav-daemon.service"
-        exec_pre1='ExecStartPre=-/bin/mkdir -p /var/run/clamav'
-        exec_pre2='ExecStartPre=-/bin/chown -R clamav:clamav /var/run/clamav'
-        sed -i "s|\[Service\]|[Service]\n$exec_pre1\n$exec_pre2|g" /lib/systemd/system/clamav-daemon.service
-        systemctl daemon-reload
-        systemctl restart clamav-daemon
-        systemctl restart clamav-freshclam
-    fi
-fi
-
-# reverting to default clamd sock
-if [ ! -f "/usr/local/vesta/data/upgrades/change-clamav-socket-v3" ]; then
-    touch /usr/local/vesta/data/upgrades/change-clamav-socket-v3
-    if [ -f "/etc/clamav/clamd.conf" ]; then
-        sed -i "s#/var/lib/clamav/clamd.sock#/var/run/clamav/clamd.ctl#g" /etc/clamav/clamd.conf
-        if [ -f "/etc/exim4/exim4.conf.template" ]; then
-            sed -i "s#/var/lib/clamav/clamd.sock#/var/run/clamav/clamd.ctl#g" /etc/exim4/exim4.conf.template
-        fi
-        if [ -f "/lib/systemd/system/clamav-daemon.socket" ]; then
-            sed -i "s#/var/lib/clamav/clamd.sock#/run/clamav/clamd.ctl#g" /lib/systemd/system/clamav-daemon.socket
-        fi
-        systemctl daemon-reload
-        systemctl restart clamav-daemon
-        systemctl restart clamav-freshclam
-        if [ -f "/etc/exim4/exim4.conf.template" ]; then
-            systemctl restart exim4
-        fi
-    fi
-fi
-
-# reverting to default clamd sock
-if [ ! -f "/usr/local/vesta/data/upgrades/change-clamav-socket-v4" ]; then
-    touch /usr/local/vesta/data/upgrades/change-clamav-socket-v4
-    if [ -f "/etc/clamav/clamd.conf" ]; then
-        check_grep=$(grep -c '/var/lib/clamav/clamd.ctl' /etc/clamav/clamd.conf)
-        if [ "$check_grep" -eq 1 ]; then
-            sed -i "s#/var/lib/clamav/clamd.ctl#/var/run/clamav/clamd.ctl#g" /etc/clamav/clamd.conf
+unit_files="$(systemctl list-unit-files | grep clamav-daemon)"
+if [[ ! "$unit_files" =~ "disabled" ]]; then
+    # make sure clamav-daemon.service has mkdir fix
+    if [ -f "/lib/systemd/system/clamav-daemon.service" ]; then
+        check_grep=$(grep -c 'mkdir' /lib/systemd/system/clamav-daemon.service)
+        if [ "$check_grep" -eq 0 ]; then
+            echo "=== patching clamav-daemon.service"
+            exec_pre1='ExecStartPre=-/bin/mkdir -p /var/run/clamav'
+            exec_pre2='ExecStartPre=-/bin/chown -R clamav:clamav /var/run/clamav'
+            sed -i "s|\[Service\]|[Service]\n$exec_pre1\n$exec_pre2|g" /lib/systemd/system/clamav-daemon.service
+            systemctl daemon-reload
             systemctl restart clamav-daemon
+            systemctl restart clamav-freshclam
+        fi
+    fi
+
+    # reverting to default clamd sock
+    if [ ! -f "/usr/local/vesta/data/upgrades/change-clamav-socket-v3" ]; then
+        touch /usr/local/vesta/data/upgrades/change-clamav-socket-v3
+        if [ -f "/etc/clamav/clamd.conf" ]; then
+            sed -i "s#/var/lib/clamav/clamd.sock#/var/run/clamav/clamd.ctl#g" /etc/clamav/clamd.conf
+            if [ -f "/etc/exim4/exim4.conf.template" ]; then
+                sed -i "s#/var/lib/clamav/clamd.sock#/var/run/clamav/clamd.ctl#g" /etc/exim4/exim4.conf.template
+            fi
+            if [ -f "/lib/systemd/system/clamav-daemon.socket" ]; then
+                sed -i "s#/var/lib/clamav/clamd.sock#/run/clamav/clamd.ctl#g" /lib/systemd/system/clamav-daemon.socket
+            fi
+            systemctl daemon-reload
+            systemctl restart clamav-daemon
+            systemctl restart clamav-freshclam
+            if [ -f "/etc/exim4/exim4.conf.template" ]; then
+                systemctl restart exim4
+            fi
+        fi
+    fi
+
+    # reverting to default clamd sock
+    if [ ! -f "/usr/local/vesta/data/upgrades/change-clamav-socket-v4" ]; then
+        touch /usr/local/vesta/data/upgrades/change-clamav-socket-v4
+        if [ -f "/etc/clamav/clamd.conf" ]; then
+            check_grep=$(grep -c '/var/lib/clamav/clamd.ctl' /etc/clamav/clamd.conf)
+            if [ "$check_grep" -eq 1 ]; then
+                sed -i "s#/var/lib/clamav/clamd.ctl#/var/run/clamav/clamd.ctl#g" /etc/clamav/clamd.conf
+                systemctl restart clamav-daemon
+            fi
+        fi
+    fi
+
+    # Block executable files inside zip/rar/tar archives in ClamAV
+    if [ ! -f "/usr/local/vesta/data/upgrades/clamav_block_exe_in_archives" ]; then
+        touch /usr/local/vesta/data/upgrades/clamav_block_exe_in_archives
+        if [ -f "/etc/exim4/exim4.conf.template" ]; then
+            check_grep=$(grep -c '#CLAMD' /etc/exim4/exim4.conf.template)
+            if [ "$check_grep" -eq 0 ]; then
+                folder="/var/lib/clamav"
+                if [ -d "$folder" ]; then
+                    echo "=== Blocking executable files inside zip/rar/tar archives in ClamAV"
+                    wget -nv -O $folder/foxhole_all.cdb http://c.myvestacp.com/tools/clamav/foxhole_all.cdb
+                    chown clamav:clamav $folder/foxhole_all.cdb
+                    service clamav-daemon restart
+                fi
+            fi
         fi
     fi
 fi
@@ -204,23 +224,6 @@ if [ "$release" -eq 9 ] || [ "$release" -eq 10 ]; then
     fi
 fi
 
-# Block executable files inside zip/rar/tar archives in ClamAV
-if [ ! -f "/usr/local/vesta/data/upgrades/clamav_block_exe_in_archives" ]; then
-    touch /usr/local/vesta/data/upgrades/clamav_block_exe_in_archives
-    if [ -f "/etc/exim4/exim4.conf.template" ]; then
-        check_grep=$(grep -c '#CLAMD' /etc/exim4/exim4.conf.template)
-        if [ "$check_grep" -eq 0 ]; then
-            folder="/var/lib/clamav"
-            if [ -d "$folder" ]; then
-                echo "=== Blocking executable files inside zip/rar/tar archives in ClamAV"
-                wget -nv -O $folder/foxhole_all.cdb http://c.myvestacp.com/tools/clamav/foxhole_all.cdb
-                chown clamav:clamav $folder/foxhole_all.cdb
-                service clamav-daemon restart
-            fi
-        fi
-    fi
-fi
-
 # Clearing letsencrypt pipe
 if [ ! -f "/usr/local/vesta/data/upgrades/clearing-letsencrypt-pipe" ]; then
     touch /usr/local/vesta/data/upgrades/clearing-letsencrypt-pipe

From b42d607ad141e2f82088a2ba629b508cdb812f39 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 14 Nov 2021 20:05:49 +0100
Subject: [PATCH 1625/2300] Version 0.9.8-26-51

---
 src/deb/latest.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/latest.txt b/src/deb/latest.txt
index 53712deb..af812423 100644
--- a/src/deb/latest.txt
+++ b/src/deb/latest.txt
@@ -1 +1 @@
-vesta-0.9.8-26-50
+vesta-0.9.8-26-51

From a7d96a479bfb039b01a75f1845c568e7f9d65fbc Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 14 Nov 2021 20:16:27 +0100
Subject: [PATCH 1626/2300] Fixes only if ClamAV is enabled

---
 src/deb/vesta/postinst | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index c9b9732c..d06501bd 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -141,8 +141,9 @@ if [ "$check_cron" -eq 0 ]; then
     crontab -l | { cat; echo "10 2 * * 6 sudo find /home/*/tmp/ -type f -mtime +5 -exec rm {} \;"; } | crontab -
 fi
 
-unit_files="$(systemctl list-unit-files | grep clamav-daemon)"
-if [[ ! "$unit_files" =~ "disabled" ]]; then
+if [ $(systemctl list-unit-files | grep clamav-daemon | grep -c "disabled") -eq 0 ]; then
+    # Fixes only if ClamAV is enabled
+
     # make sure clamav-daemon.service has mkdir fix
     if [ -f "/lib/systemd/system/clamav-daemon.service" ]; then
         check_grep=$(grep -c 'mkdir' /lib/systemd/system/clamav-daemon.service)

From b62486ddd291382abccf162f2d542942152e613b Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 14 Nov 2021 20:20:29 +0100
Subject: [PATCH 1627/2300] Update Changelog.md

---
 Changelog.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/Changelog.md b/Changelog.md
index 4ecfde8f..3cf4b126 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -1,3 +1,7 @@
+Version 0.9.8-26-51 [14-Nov-2021]
+==================================================
+* Many fixes for "List services" page (v-list-sys-services function)
+
 Version 0.9.8-26-50 [07-Nov-2021]
 ==================================================
 * Many small bugfixes and CSRF fixes

From de5f28459e7e2d53927f100e6ddc05ffc517d4ad Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 14 Nov 2021 21:11:34 +0100
Subject: [PATCH 1628/2300] $pid fix in v-list-sys-services

---
 bin/v-list-sys-services | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-list-sys-services b/bin/v-list-sys-services
index 71133ac4..2b7e7890 100755
--- a/bin/v-list-sys-services
+++ b/bin/v-list-sys-services
@@ -176,7 +176,7 @@ get_srv_state() {
             if [ $debug -eq 1 ]; then
                 echo "getting pid lifetime via ps"
             fi            
-            rtime=$(ps -p 2877633 -o etimes | tail -n 1 | awk '{print $1}')
+            rtime=$(ps -p $pid -o etimes | tail -n 1 | awk '{print $1}')
             rtime=$((rtime  / 60))
         fi
     else

From 8f6fe21dbf10e03705f649bd0e1538698e37cafc Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 17 Nov 2021 15:15:23 +0100
Subject: [PATCH 1629/2300] Dont match wildcardly *domains and databases* while
 restoring

---
 bin/v-restore-user | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/bin/v-restore-user b/bin/v-restore-user
index e9861d46..af451d88 100755
--- a/bin/v-restore-user
+++ b/bin/v-restore-user
@@ -476,7 +476,7 @@ if [ "$dns" != 'no' ] && [ ! -z "$DNS_SYSTEM" ]; then
     if [ -z "$dns" ] || [ "$dns" = '*' ]; then
         domains="$backup_domains"
     else
-        echo "$dns" |tr ',' '\n' > $tmpdir/selected.txt
+        echo "$dns" | tr ',' '\n' | sed -e "s/^/^/" > $tmpdir/selected.txt
         domains=$(echo "$backup_domains" |egrep -f $tmpdir/selected.txt)
     fi
 
@@ -556,7 +556,7 @@ if [ "$mail" != 'no' ] && [ ! -z "$MAIL_SYSTEM" ]; then
     if [ -z "$mail" ] || [ "$mail" = '*' ]; then
         domains="$backup_domains"
     else
-        echo "$mail" |tr ',' '\n' > $tmpdir/selected.txt
+        echo "$mail" | tr ',' '\n' | sed -e "s/^/^/" > $tmpdir/selected.txt
         domains=$(echo "$backup_domains" |egrep -f $tmpdir/selected.txt)
     fi
 
@@ -653,7 +653,7 @@ if [ "$db" != 'no' ] && [ ! -z "$DB_SYSTEM" ]; then
     if [ -z "$db" ] || [ "$db" = '*' ]; then
         databases="$backup_databases"
     else
-        echo "$db" |tr ',' '\n' > $tmpdir/selected.txt
+        echo "$db" |tr ',' '\n' | sed -e "s/$/$/" > $tmpdir/selected.txt
         databases=$(echo "$backup_databases" |egrep -f $tmpdir/selected.txt)
     fi
 

From d36f1a355b3bcb1d37f6a9015b9c81c245f320e6 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Fri, 19 Nov 2021 21:28:19 +0300
Subject: [PATCH 1630/2300] Small improvmemts for login form

---
 web/css/styles.min.css | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/web/css/styles.min.css b/web/css/styles.min.css
index 302f9c01..edc706d5 100644
--- a/web/css/styles.min.css
+++ b/web/css/styles.min.css
@@ -2917,7 +2917,7 @@ a.button.cancel {
   padding: 0;
   text-align: left;
   vertical-align: top;
-  width: 500px;
+  width: 550px;
 }
 
 .login a.error {
@@ -2940,7 +2940,7 @@ a.button.cancel {
   padding: 0 26px 0 0;
   text-align: right;
   vertical-align: top;
-  width: 474px;
+  width: 520px;
 }
 
 .l-unit.selected {

From 47f2ca1d378668ac4882e360ccacbbb172fe8005 Mon Sep 17 00:00:00 2001
From: Anton Reutov 
Date: Fri, 19 Nov 2021 21:29:42 +0300
Subject: [PATCH 1631/2300] Small improvmemts for login form

---
 web/templates/login.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/templates/login.html b/web/templates/login.html
index 47e004de..1fd923fb 100644
--- a/web/templates/login.html
+++ b/web/templates/login.html
@@ -7,7 +7,7 @@
                                 
-                                
             
 
 
 
 
 
       
       
     
 
       
       
     
       
     
 
 
       
     
       
       
                                     
                                 
+                                
                                     
                                     
                                     

From a30d8b8233b78106b9ec7fa79943383550032e99 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 21 Nov 2021 13:41:48 +0100
Subject: [PATCH 1632/2300] Update v-normalize-restored-user

---
 bin/v-normalize-restored-user | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-normalize-restored-user b/bin/v-normalize-restored-user
index 86e1f0b8..5da14543 100644
--- a/bin/v-normalize-restored-user
+++ b/bin/v-normalize-restored-user
@@ -45,7 +45,7 @@ NEWNS2=${arrNS[1]}
 
 for domain in $(/usr/local/vesta/bin/v-list-web-domains $user plain |cut -f 1); do
     if [ -f "/usr/local/vesta/data/users/$user/dns/$domain.conf" ]; then
-        NEWIPV4=$(v-list-dns-domain "$user" "$domain" | grep 'IP:' | awk '{print $2}')
+        NEWIPV4=$(/usr/local/vesta/bin/v-list-dns-domain "$user" "$domain" | grep 'IP:' | awk '{print $2}')
         res=$(grep "'www'" /usr/local/vesta/data/users/$user/dns/$domain.conf)
         eval $res
         OLDIPV4=$VALUE

From dba6c79f71983d45610860ed896ae215c19602be Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 21 Nov 2021 13:43:01 +0100
Subject: [PATCH 1633/2300] Update v-normalize-restored-user

---
 bin/v-normalize-restored-user | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-normalize-restored-user b/bin/v-normalize-restored-user
index 5da14543..91ef29c9 100644
--- a/bin/v-normalize-restored-user
+++ b/bin/v-normalize-restored-user
@@ -79,7 +79,7 @@ sed -i "s#$OLDIPV4#$NEWIPV4#g" /usr/local/vesta/data/users/$user/dns.conf
 sed -i "s#$OLDNS1#$NEWNS1#g" /usr/local/vesta/data/users/$user/dns.conf
 sed -i "s#$OLDNS1#$NEWNS1#g" /usr/local/vesta/data/users/$user/user.conf
 sed -i "s#$OLDNS2#$NEWNS2#g" /usr/local/vesta/data/users/$user/user.conf
-service bind9 reload
+systemctl reload bind9
 
 echo "Done!"
 

From fb0e127adfe42f5f2f6a8204b3890a0abfd21604 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 23 Nov 2021 13:33:34 +0100
Subject: [PATCH 1634/2300] Added memcached to v-list-sys-services

---
 bin/v-list-sys-services | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/bin/v-list-sys-services b/bin/v-list-sys-services
index 2b7e7890..b7a9f351 100755
--- a/bin/v-list-sys-services
+++ b/bin/v-list-sys-services
@@ -389,6 +389,13 @@ if [ -d "/etc/redis" ]; then
     data="$data CPU='$cpu' MEM='$mem' RTIME='$rtime'"
 fi
 
+# Checking Memcached
+if [ -f "/etc/memcached.conf" ]; then
+    get_srv_state 'memcached'
+    data="$data\nNAME='memcached' SYSTEM='Memcached' STATE='$state'"
+    data="$data CPU='$cpu' MEM='$mem' RTIME='$rtime'"
+fi
+
 
 # Listing data
 case $format in

From 706fe4a5e7fc83ee5d1b6758b50b334ff6e31fcc Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 23 Nov 2021 13:37:32 +0100
Subject: [PATCH 1635/2300] Update Changelog.md

---
 Changelog.md | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/Changelog.md b/Changelog.md
index 3cf4b126..9e9a1390 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -1,3 +1,8 @@
+Version 0.9.8-26-52 [23-Nov-2021]
+==================================================
+* Fix for not to match wildcard "*domains" and "databases*" while restoring
+* Added memcached to v-list-sys-services
+
 Version 0.9.8-26-51 [14-Nov-2021]
 ==================================================
 * Many fixes for "List services" page (v-list-sys-services function)

From cf4f5af280f820b9fc36009374f7a530ce57445a Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 23 Nov 2021 13:38:12 +0100
Subject: [PATCH 1636/2300] Update latest.txt

---
 src/deb/latest.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/latest.txt b/src/deb/latest.txt
index af812423..e61c21d3 100644
--- a/src/deb/latest.txt
+++ b/src/deb/latest.txt
@@ -1 +1 @@
-vesta-0.9.8-26-51
+vesta-0.9.8-26-52

From 591bd21615b67b7ebe049afe51555421556c85aa Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 12 Dec 2021 16:24:23 +0100
Subject: [PATCH 1637/2300] default pool.d www.conf files

---
 .../tools/default-pool.d/5.6/www.conf         | 417 ++++++++++++++++
 .../tools/default-pool.d/7.0/www.conf         | 420 ++++++++++++++++
 .../tools/default-pool.d/7.1/www.conf         | 420 ++++++++++++++++
 .../tools/default-pool.d/7.3/www.conf         | 439 +++++++++++++++++
 .../tools/default-pool.d/7.4/www.conf         | 439 +++++++++++++++++
 .../tools/default-pool.d/8.0/www.conf         | 455 +++++++++++++++++
 .../tools/default-pool.d/8.1/www.conf         | 463 ++++++++++++++++++
 7 files changed, 3053 insertions(+)
 create mode 100644 src/deb/for-download/tools/default-pool.d/5.6/www.conf
 create mode 100644 src/deb/for-download/tools/default-pool.d/7.0/www.conf
 create mode 100644 src/deb/for-download/tools/default-pool.d/7.1/www.conf
 create mode 100644 src/deb/for-download/tools/default-pool.d/7.3/www.conf
 create mode 100644 src/deb/for-download/tools/default-pool.d/7.4/www.conf
 create mode 100644 src/deb/for-download/tools/default-pool.d/8.0/www.conf
 create mode 100644 src/deb/for-download/tools/default-pool.d/8.1/www.conf

diff --git a/src/deb/for-download/tools/default-pool.d/5.6/www.conf b/src/deb/for-download/tools/default-pool.d/5.6/www.conf
new file mode 100644
index 00000000..6bc161d0
--- /dev/null
+++ b/src/deb/for-download/tools/default-pool.d/5.6/www.conf
@@ -0,0 +1,417 @@
+; Start a new pool named 'www'.
+; the variable $pool can we used in any directive and will be replaced by the
+; pool name ('www' here)
+[www]
+
+; Per pool prefix
+; It only applies on the following directives:
+; - 'access.log'
+; - 'slowlog'
+; - 'listen' (unixsocket)
+; - 'chroot'
+; - 'chdir'
+; - 'php_values'
+; - 'php_admin_values'
+; When not set, the global prefix (or /usr) applies instead.
+; Note: This directive can also be relative to the global prefix.
+; Default Value: none
+;prefix = /path/to/pools/$pool
+
+; Unix user/group of processes
+; Note: The user is mandatory. If the group is not set, the default user's group
+;       will be used.
+user = www-data
+group = www-data
+
+; The address on which to accept FastCGI requests.
+; Valid syntaxes are:
+;   'ip.add.re.ss:port'    - to listen on a TCP socket to a specific IPv4 address on
+;                            a specific port;
+;   '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
+;                            a specific port;
+;   'port'                 - to listen on a TCP socket to all IPv4 addresses on a
+;                            specific port;
+;   '[::]:port'            - to listen on a TCP socket to all addresses
+;                            (IPv6 and IPv4-mapped) on a specific port;
+;   '/path/to/unix/socket' - to listen on a unix socket.
+; Note: This value is mandatory.
+listen = /run/php/php5.6-fpm.sock
+
+; Set listen(2) backlog.
+; Default Value: 65535 (-1 on FreeBSD and OpenBSD)
+;listen.backlog = 65535
+
+; Set permissions for unix socket, if one is used. In Linux, read/write
+; permissions must be set in order to allow connections from a web server. Many
+; BSD-derived systems allow connections regardless of permissions. 
+; Default Values: user and group are set as the running user
+;                 mode is set to 0660
+listen.owner = www-data
+listen.group = www-data
+;listen.mode = 0660
+; When POSIX Access Control Lists are supported you can set them using
+; these options, value is a comma separated list of user/group names.
+; When set, listen.owner and listen.group are ignored
+;listen.acl_users =
+;listen.acl_groups =
+ 
+; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect.
+; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
+; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
+; must be separated by a comma. If this value is left blank, connections will be
+; accepted from any ip address.
+; Default Value: any
+;listen.allowed_clients = 127.0.0.1
+
+; Specify the nice(2) priority to apply to the pool processes (only if set)
+; The value can vary from -19 (highest priority) to 20 (lower priority)
+; Note: - It will only work if the FPM master process is launched as root
+;       - The pool processes will inherit the master process priority
+;         unless it specified otherwise
+; Default Value: no set
+; process.priority = -19
+
+; Set the process dumpable flag (PR_SET_DUMPABLE prctl) even if the process user
+; or group is differrent than the master process user. It allows to create process
+; core dump and ptrace the process for the pool user.
+; Default Value: no
+; process.dumpable = yes
+
+; Choose how the process manager will control the number of child processes.
+; Possible Values:
+;   static  - a fixed number (pm.max_children) of child processes;
+;   dynamic - the number of child processes are set dynamically based on the
+;             following directives. With this process management, there will be
+;             always at least 1 children.
+;             pm.max_children      - the maximum number of children that can
+;                                    be alive at the same time.
+;             pm.start_servers     - the number of children created on startup.
+;             pm.min_spare_servers - the minimum number of children in 'idle'
+;                                    state (waiting to process). If the number
+;                                    of 'idle' processes is less than this
+;                                    number then some children will be created.
+;             pm.max_spare_servers - the maximum number of children in 'idle'
+;                                    state (waiting to process). If the number
+;                                    of 'idle' processes is greater than this
+;                                    number then some children will be killed.
+;  ondemand - no children are created at startup. Children will be forked when
+;             new requests will connect. The following parameter are used:
+;             pm.max_children           - the maximum number of children that
+;                                         can be alive at the same time.
+;             pm.process_idle_timeout   - The number of seconds after which
+;                                         an idle process will be killed.
+; Note: This value is mandatory.
+pm = dynamic
+
+; The number of child processes to be created when pm is set to 'static' and the
+; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'.
+; This value sets the limit on the number of simultaneous requests that will be
+; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.
+; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP
+; CGI. The below defaults are based on a server without much resources. Don't
+; forget to tweak pm.* to fit your needs.
+; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand'
+; Note: This value is mandatory.
+pm.max_children = 5
+
+; The number of child processes created on startup.
+; Note: Used only when pm is set to 'dynamic'
+; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2
+pm.start_servers = 2
+
+; The desired minimum number of idle server processes.
+; Note: Used only when pm is set to 'dynamic'
+; Note: Mandatory when pm is set to 'dynamic'
+pm.min_spare_servers = 1
+
+; The desired maximum number of idle server processes.
+; Note: Used only when pm is set to 'dynamic'
+; Note: Mandatory when pm is set to 'dynamic'
+pm.max_spare_servers = 3
+
+; The number of seconds after which an idle process will be killed.
+; Note: Used only when pm is set to 'ondemand'
+; Default Value: 10s
+;pm.process_idle_timeout = 10s;
+ 
+; The number of requests each child process should execute before respawning.
+; This can be useful to work around memory leaks in 3rd party libraries. For
+; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
+; Default Value: 0
+;pm.max_requests = 500
+
+; The URI to view the FPM status page. If this value is not set, no URI will be
+; recognized as a status page. It shows the following informations:
+;   pool                 - the name of the pool;
+;   process manager      - static, dynamic or ondemand;
+;   start time           - the date and time FPM has started;
+;   start since          - number of seconds since FPM has started;
+;   accepted conn        - the number of request accepted by the pool;
+;   listen queue         - the number of request in the queue of pending
+;                          connections (see backlog in listen(2));
+;   max listen queue     - the maximum number of requests in the queue
+;                          of pending connections since FPM has started;
+;   listen queue len     - the size of the socket queue of pending connections;
+;   idle processes       - the number of idle processes;
+;   active processes     - the number of active processes;
+;   total processes      - the number of idle + active processes;
+;   max active processes - the maximum number of active processes since FPM
+;                          has started;
+;   max children reached - number of times, the process limit has been reached,
+;                          when pm tries to start more children (works only for
+;                          pm 'dynamic' and 'ondemand');
+; Value are updated in real time.
+; Example output:
+;   pool:                 www
+;   process manager:      static
+;   start time:           01/Jul/2011:17:53:49 +0200
+;   start since:          62636
+;   accepted conn:        190460
+;   listen queue:         0
+;   max listen queue:     1
+;   listen queue len:     42
+;   idle processes:       4
+;   active processes:     11
+;   total processes:      15
+;   max active processes: 12
+;   max children reached: 0
+;
+; By default the status page output is formatted as text/plain. Passing either
+; 'html', 'xml' or 'json' in the query string will return the corresponding
+; output syntax. Example:
+;   http://www.foo.bar/status
+;   http://www.foo.bar/status?json
+;   http://www.foo.bar/status?html
+;   http://www.foo.bar/status?xml
+;
+; By default the status page only outputs short status. Passing 'full' in the
+; query string will also return status for each pool process.
+; Example: 
+;   http://www.foo.bar/status?full
+;   http://www.foo.bar/status?json&full
+;   http://www.foo.bar/status?html&full
+;   http://www.foo.bar/status?xml&full
+; The Full status returns for each process:
+;   pid                  - the PID of the process;
+;   state                - the state of the process (Idle, Running, ...);
+;   start time           - the date and time the process has started;
+;   start since          - the number of seconds since the process has started;
+;   requests             - the number of requests the process has served;
+;   request duration     - the duration in µs of the requests;
+;   request method       - the request method (GET, POST, ...);
+;   request URI          - the request URI with the query string;
+;   content length       - the content length of the request (only with POST);
+;   user                 - the user (PHP_AUTH_USER) (or '-' if not set);
+;   script               - the main script called (or '-' if not set);
+;   last request cpu     - the %cpu the last request consumed
+;                          it's always 0 if the process is not in Idle state
+;                          because CPU calculation is done when the request
+;                          processing has terminated;
+;   last request memory  - the max amount of memory the last request consumed
+;                          it's always 0 if the process is not in Idle state
+;                          because memory calculation is done when the request
+;                          processing has terminated;
+; If the process is in Idle state, then informations are related to the
+; last request the process has served. Otherwise informations are related to
+; the current request being served.
+; Example output:
+;   ************************
+;   pid:                  31330
+;   state:                Running
+;   start time:           01/Jul/2011:17:53:49 +0200
+;   start since:          63087
+;   requests:             12808
+;   request duration:     1250261
+;   request method:       GET
+;   request URI:          /test_mem.php?N=10000
+;   content length:       0
+;   user:                 -
+;   script:               /home/fat/web/docs/php/test_mem.php
+;   last request cpu:     0.00
+;   last request memory:  0
+;
+; Note: There is a real-time FPM status monitoring sample web page available
+;       It's available in: /usr/share/php/5.6/fpm/status.html
+;
+; Note: The value must start with a leading slash (/). The value can be
+;       anything, but it may not be a good idea to use the .php extension or it
+;       may conflict with a real PHP file.
+; Default Value: not set 
+;pm.status_path = /status
+ 
+; The ping URI to call the monitoring page of FPM. If this value is not set, no
+; URI will be recognized as a ping page. This could be used to test from outside
+; that FPM is alive and responding, or to
+; - create a graph of FPM availability (rrd or such);
+; - remove a server from a group if it is not responding (load balancing);
+; - trigger alerts for the operating team (24/7).
+; Note: The value must start with a leading slash (/). The value can be
+;       anything, but it may not be a good idea to use the .php extension or it
+;       may conflict with a real PHP file.
+; Default Value: not set
+;ping.path = /ping
+
+; This directive may be used to customize the response of a ping request. The
+; response is formatted as text/plain with a 200 response code.
+; Default Value: pong
+;ping.response = pong
+
+; The access log file
+; Default: not set
+;access.log = log/$pool.access.log
+
+; The access log format.
+; The following syntax is allowed
+;  %%: the '%' character
+;  %C: %CPU used by the request
+;      it can accept the following format:
+;      - %{user}C for user CPU only
+;      - %{system}C for system CPU only
+;      - %{total}C  for user + system CPU (default)
+;  %d: time taken to serve the request
+;      it can accept the following format:
+;      - %{seconds}d (default)
+;      - %{miliseconds}d
+;      - %{mili}d
+;      - %{microseconds}d
+;      - %{micro}d
+;  %e: an environment variable (same as $_ENV or $_SERVER)
+;      it must be associated with embraces to specify the name of the env
+;      variable. Some exemples:
+;      - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e
+;      - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e
+;  %f: script filename
+;  %l: content-length of the request (for POST request only)
+;  %m: request method
+;  %M: peak of memory allocated by PHP
+;      it can accept the following format:
+;      - %{bytes}M (default)
+;      - %{kilobytes}M
+;      - %{kilo}M
+;      - %{megabytes}M
+;      - %{mega}M
+;  %n: pool name
+;  %o: output header
+;      it must be associated with embraces to specify the name of the header:
+;      - %{Content-Type}o
+;      - %{X-Powered-By}o
+;      - %{Transfert-Encoding}o
+;      - ....
+;  %p: PID of the child that serviced the request
+;  %P: PID of the parent of the child that serviced the request
+;  %q: the query string 
+;  %Q: the '?' character if query string exists
+;  %r: the request URI (without the query string, see %q and %Q)
+;  %R: remote IP address
+;  %s: status (response code)
+;  %t: server time the request was received
+;      it can accept a strftime(3) format:
+;      %d/%b/%Y:%H:%M:%S %z (default)
+;  %T: time the log has been written (the request has finished)
+;      it can accept a strftime(3) format:
+;      %d/%b/%Y:%H:%M:%S %z (default)
+;  %u: remote user
+;
+; Default: "%R - %u %t \"%m %r\" %s"
+;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"
+ 
+; The log file for slow requests
+; Default Value: not set
+; Note: slowlog is mandatory if request_slowlog_timeout is set
+;slowlog = log/$pool.log.slow
+ 
+; The timeout for serving a single request after which a PHP backtrace will be
+; dumped to the 'slowlog' file. A value of '0s' means 'off'.
+; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
+; Default Value: 0
+;request_slowlog_timeout = 0
+ 
+; The timeout for serving a single request after which the worker process will
+; be killed. This option should be used when the 'max_execution_time' ini option
+; does not stop script execution for some reason. A value of '0' means 'off'.
+; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
+; Default Value: 0
+;request_terminate_timeout = 0
+ 
+; Set open file descriptor rlimit.
+; Default Value: system defined value
+;rlimit_files = 1024
+ 
+; Set max core size rlimit.
+; Possible Values: 'unlimited' or an integer greater or equal to 0
+; Default Value: system defined value
+;rlimit_core = 0
+ 
+; Chroot to this directory at the start. This value must be defined as an
+; absolute path. When this value is not set, chroot is not used.
+; Note: you can prefix with '$prefix' to chroot to the pool prefix or one
+; of its subdirectories. If the pool prefix is not set, the global prefix
+; will be used instead.
+; Note: chrooting is a great security feature and should be used whenever 
+;       possible. However, all PHP paths will be relative to the chroot
+;       (error_log, sessions.save_path, ...).
+; Default Value: not set
+;chroot = 
+ 
+; Chdir to this directory at the start.
+; Note: relative path can be used.
+; Default Value: current directory or / when chroot
+;chdir = /var/www
+ 
+; Redirect worker stdout and stderr into main error log. If not set, stdout and
+; stderr will be redirected to /dev/null according to FastCGI specs.
+; Note: on highloaded environement, this can cause some delay in the page
+; process time (several ms).
+; Default Value: no
+;catch_workers_output = yes
+
+; Clear environment in FPM workers
+; Prevents arbitrary environment variables from reaching FPM worker processes
+; by clearing the environment in workers before env vars specified in this
+; pool configuration are added.
+; Setting to "no" will make all environment variables available to PHP code
+; via getenv(), $_ENV and $_SERVER.
+; Default Value: yes
+;clear_env = no
+
+; Limits the extensions of the main script FPM will allow to parse. This can
+; prevent configuration mistakes on the web server side. You should only limit
+; FPM to .php extensions to prevent malicious users to use other extensions to
+; exectute php code.
+; Note: set an empty value to allow all extensions.
+; Default Value: .php
+;security.limit_extensions = .php .php3 .php4 .php5
+ 
+; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
+; the current environment.
+; Default Value: clean env
+;env[HOSTNAME] = $HOSTNAME
+;env[PATH] = /usr/local/bin:/usr/bin:/bin
+;env[TMP] = /tmp
+;env[TMPDIR] = /tmp
+;env[TEMP] = /tmp
+
+; Additional php.ini defines, specific to this pool of workers. These settings
+; overwrite the values previously defined in the php.ini. The directives are the
+; same as the PHP SAPI:
+;   php_value/php_flag             - you can set classic ini defines which can
+;                                    be overwritten from PHP call 'ini_set'. 
+;   php_admin_value/php_admin_flag - these directives won't be overwritten by
+;                                     PHP call 'ini_set'
+; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no.
+
+; Defining 'extension' will load the corresponding shared extension from
+; extension_dir. Defining 'disable_functions' or 'disable_classes' will not
+; overwrite previously defined php.ini values, but will append the new value
+; instead.
+
+; Note: path INI options can be relative and will be expanded with the prefix
+; (pool, global or /usr)
+
+; Default Value: nothing is defined by default except the values in php.ini and
+;                specified at startup with the -d argument
+;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com
+;php_flag[display_errors] = off
+;php_admin_value[error_log] = /var/log/fpm-php.www.log
+;php_admin_flag[log_errors] = on
+;php_admin_value[memory_limit] = 32M
diff --git a/src/deb/for-download/tools/default-pool.d/7.0/www.conf b/src/deb/for-download/tools/default-pool.d/7.0/www.conf
new file mode 100644
index 00000000..5eafe960
--- /dev/null
+++ b/src/deb/for-download/tools/default-pool.d/7.0/www.conf
@@ -0,0 +1,420 @@
+; Start a new pool named 'www'.
+; the variable $pool can be used in any directive and will be replaced by the
+; pool name ('www' here)
+[www]
+
+; Per pool prefix
+; It only applies on the following directives:
+; - 'access.log'
+; - 'slowlog'
+; - 'listen' (unixsocket)
+; - 'chroot'
+; - 'chdir'
+; - 'php_values'
+; - 'php_admin_values'
+; When not set, the global prefix (or /usr) applies instead.
+; Note: This directive can also be relative to the global prefix.
+; Default Value: none
+;prefix = /path/to/pools/$pool
+
+; Unix user/group of processes
+; Note: The user is mandatory. If the group is not set, the default user's group
+;       will be used.
+user = www-data
+group = www-data
+
+; The address on which to accept FastCGI requests.
+; Valid syntaxes are:
+;   'ip.add.re.ss:port'    - to listen on a TCP socket to a specific IPv4 address on
+;                            a specific port;
+;   '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
+;                            a specific port;
+;   'port'                 - to listen on a TCP socket to all addresses
+;                            (IPv6 and IPv4-mapped) on a specific port;
+;   '/path/to/unix/socket' - to listen on a unix socket.
+; Note: This value is mandatory.
+listen = /run/php/php7.0-fpm.sock
+
+; Set listen(2) backlog.
+; Default Value: 511 (-1 on FreeBSD and OpenBSD)
+;listen.backlog = 511
+
+; Set permissions for unix socket, if one is used. In Linux, read/write
+; permissions must be set in order to allow connections from a web server. Many
+; BSD-derived systems allow connections regardless of permissions. The owner
+; and group can be specified either by name or by their numeric IDs.
+; Default Values: user and group are set as the running user
+;                 mode is set to 0660
+listen.owner = www-data
+listen.group = www-data
+;listen.mode = 0660
+; When POSIX Access Control Lists are supported you can set them using
+; these options, value is a comma separated list of user/group names.
+; When set, listen.owner and listen.group are ignored
+;listen.acl_users =
+;listen.acl_groups =
+
+; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect.
+; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
+; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
+; must be separated by a comma. If this value is left blank, connections will be
+; accepted from any ip address.
+; Default Value: any
+;listen.allowed_clients = 127.0.0.1
+
+; Specify the nice(2) priority to apply to the pool processes (only if set)
+; The value can vary from -19 (highest priority) to 20 (lower priority)
+; Note: - It will only work if the FPM master process is launched as root
+;       - The pool processes will inherit the master process priority
+;         unless it specified otherwise
+; Default Value: no set
+; process.priority = -19
+
+; Set the process dumpable flag (PR_SET_DUMPABLE prctl) even if the process user
+; or group is differrent than the master process user. It allows to create process
+; core dump and ptrace the process for the pool user.
+; Default Value: no
+; process.dumpable = yes
+
+; Choose how the process manager will control the number of child processes.
+; Possible Values:
+;   static  - a fixed number (pm.max_children) of child processes;
+;   dynamic - the number of child processes are set dynamically based on the
+;             following directives. With this process management, there will be
+;             always at least 1 children.
+;             pm.max_children      - the maximum number of children that can
+;                                    be alive at the same time.
+;             pm.start_servers     - the number of children created on startup.
+;             pm.min_spare_servers - the minimum number of children in 'idle'
+;                                    state (waiting to process). If the number
+;                                    of 'idle' processes is less than this
+;                                    number then some children will be created.
+;             pm.max_spare_servers - the maximum number of children in 'idle'
+;                                    state (waiting to process). If the number
+;                                    of 'idle' processes is greater than this
+;                                    number then some children will be killed.
+;  ondemand - no children are created at startup. Children will be forked when
+;             new requests will connect. The following parameter are used:
+;             pm.max_children           - the maximum number of children that
+;                                         can be alive at the same time.
+;             pm.process_idle_timeout   - The number of seconds after which
+;                                         an idle process will be killed.
+; Note: This value is mandatory.
+pm = dynamic
+
+; The number of child processes to be created when pm is set to 'static' and the
+; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'.
+; This value sets the limit on the number of simultaneous requests that will be
+; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.
+; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP
+; CGI. The below defaults are based on a server without much resources. Don't
+; forget to tweak pm.* to fit your needs.
+; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand'
+; Note: This value is mandatory.
+pm.max_children = 5
+
+; The number of child processes created on startup.
+; Note: Used only when pm is set to 'dynamic'
+; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2
+pm.start_servers = 2
+
+; The desired minimum number of idle server processes.
+; Note: Used only when pm is set to 'dynamic'
+; Note: Mandatory when pm is set to 'dynamic'
+pm.min_spare_servers = 1
+
+; The desired maximum number of idle server processes.
+; Note: Used only when pm is set to 'dynamic'
+; Note: Mandatory when pm is set to 'dynamic'
+pm.max_spare_servers = 3
+
+; The number of seconds after which an idle process will be killed.
+; Note: Used only when pm is set to 'ondemand'
+; Default Value: 10s
+;pm.process_idle_timeout = 10s;
+
+; The number of requests each child process should execute before respawning.
+; This can be useful to work around memory leaks in 3rd party libraries. For
+; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
+; Default Value: 0
+;pm.max_requests = 500
+
+; The URI to view the FPM status page. If this value is not set, no URI will be
+; recognized as a status page. It shows the following informations:
+;   pool                 - the name of the pool;
+;   process manager      - static, dynamic or ondemand;
+;   start time           - the date and time FPM has started;
+;   start since          - number of seconds since FPM has started;
+;   accepted conn        - the number of request accepted by the pool;
+;   listen queue         - the number of request in the queue of pending
+;                          connections (see backlog in listen(2));
+;   max listen queue     - the maximum number of requests in the queue
+;                          of pending connections since FPM has started;
+;   listen queue len     - the size of the socket queue of pending connections;
+;   idle processes       - the number of idle processes;
+;   active processes     - the number of active processes;
+;   total processes      - the number of idle + active processes;
+;   max active processes - the maximum number of active processes since FPM
+;                          has started;
+;   max children reached - number of times, the process limit has been reached,
+;                          when pm tries to start more children (works only for
+;                          pm 'dynamic' and 'ondemand');
+; Value are updated in real time.
+; Example output:
+;   pool:                 www
+;   process manager:      static
+;   start time:           01/Jul/2011:17:53:49 +0200
+;   start since:          62636
+;   accepted conn:        190460
+;   listen queue:         0
+;   max listen queue:     1
+;   listen queue len:     42
+;   idle processes:       4
+;   active processes:     11
+;   total processes:      15
+;   max active processes: 12
+;   max children reached: 0
+;
+; By default the status page output is formatted as text/plain. Passing either
+; 'html', 'xml' or 'json' in the query string will return the corresponding
+; output syntax. Example:
+;   http://www.foo.bar/status
+;   http://www.foo.bar/status?json
+;   http://www.foo.bar/status?html
+;   http://www.foo.bar/status?xml
+;
+; By default the status page only outputs short status. Passing 'full' in the
+; query string will also return status for each pool process.
+; Example:
+;   http://www.foo.bar/status?full
+;   http://www.foo.bar/status?json&full
+;   http://www.foo.bar/status?html&full
+;   http://www.foo.bar/status?xml&full
+; The Full status returns for each process:
+;   pid                  - the PID of the process;
+;   state                - the state of the process (Idle, Running, ...);
+;   start time           - the date and time the process has started;
+;   start since          - the number of seconds since the process has started;
+;   requests             - the number of requests the process has served;
+;   request duration     - the duration in µs of the requests;
+;   request method       - the request method (GET, POST, ...);
+;   request URI          - the request URI with the query string;
+;   content length       - the content length of the request (only with POST);
+;   user                 - the user (PHP_AUTH_USER) (or '-' if not set);
+;   script               - the main script called (or '-' if not set);
+;   last request cpu     - the %cpu the last request consumed
+;                          it's always 0 if the process is not in Idle state
+;                          because CPU calculation is done when the request
+;                          processing has terminated;
+;   last request memory  - the max amount of memory the last request consumed
+;                          it's always 0 if the process is not in Idle state
+;                          because memory calculation is done when the request
+;                          processing has terminated;
+; If the process is in Idle state, then informations are related to the
+; last request the process has served. Otherwise informations are related to
+; the current request being served.
+; Example output:
+;   ************************
+;   pid:                  31330
+;   state:                Running
+;   start time:           01/Jul/2011:17:53:49 +0200
+;   start since:          63087
+;   requests:             12808
+;   request duration:     1250261
+;   request method:       GET
+;   request URI:          /test_mem.php?N=10000
+;   content length:       0
+;   user:                 -
+;   script:               /home/fat/web/docs/php/test_mem.php
+;   last request cpu:     0.00
+;   last request memory:  0
+;
+; Note: There is a real-time FPM status monitoring sample web page available
+;       It's available in: /usr/share/php/7.0/fpm/status.html
+;
+; Note: The value must start with a leading slash (/). The value can be
+;       anything, but it may not be a good idea to use the .php extension or it
+;       may conflict with a real PHP file.
+; Default Value: not set
+;pm.status_path = /status
+
+; The ping URI to call the monitoring page of FPM. If this value is not set, no
+; URI will be recognized as a ping page. This could be used to test from outside
+; that FPM is alive and responding, or to
+; - create a graph of FPM availability (rrd or such);
+; - remove a server from a group if it is not responding (load balancing);
+; - trigger alerts for the operating team (24/7).
+; Note: The value must start with a leading slash (/). The value can be
+;       anything, but it may not be a good idea to use the .php extension or it
+;       may conflict with a real PHP file.
+; Default Value: not set
+;ping.path = /ping
+
+; This directive may be used to customize the response of a ping request. The
+; response is formatted as text/plain with a 200 response code.
+; Default Value: pong
+;ping.response = pong
+
+; The access log file
+; Default: not set
+;access.log = log/$pool.access.log
+
+; The access log format.
+; The following syntax is allowed
+;  %%: the '%' character
+;  %C: %CPU used by the request
+;      it can accept the following format:
+;      - %{user}C for user CPU only
+;      - %{system}C for system CPU only
+;      - %{total}C  for user + system CPU (default)
+;  %d: time taken to serve the request
+;      it can accept the following format:
+;      - %{seconds}d (default)
+;      - %{miliseconds}d
+;      - %{mili}d
+;      - %{microseconds}d
+;      - %{micro}d
+;  %e: an environment variable (same as $_ENV or $_SERVER)
+;      it must be associated with embraces to specify the name of the env
+;      variable. Some exemples:
+;      - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e
+;      - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e
+;  %f: script filename
+;  %l: content-length of the request (for POST request only)
+;  %m: request method
+;  %M: peak of memory allocated by PHP
+;      it can accept the following format:
+;      - %{bytes}M (default)
+;      - %{kilobytes}M
+;      - %{kilo}M
+;      - %{megabytes}M
+;      - %{mega}M
+;  %n: pool name
+;  %o: output header
+;      it must be associated with embraces to specify the name of the header:
+;      - %{Content-Type}o
+;      - %{X-Powered-By}o
+;      - %{Transfert-Encoding}o
+;      - ....
+;  %p: PID of the child that serviced the request
+;  %P: PID of the parent of the child that serviced the request
+;  %q: the query string
+;  %Q: the '?' character if query string exists
+;  %r: the request URI (without the query string, see %q and %Q)
+;  %R: remote IP address
+;  %s: status (response code)
+;  %t: server time the request was received
+;      it can accept a strftime(3) format:
+;      %d/%b/%Y:%H:%M:%S %z (default)
+;      The strftime(3) format must be encapsuled in a %{}t tag
+;      e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
+;  %T: time the log has been written (the request has finished)
+;      it can accept a strftime(3) format:
+;      %d/%b/%Y:%H:%M:%S %z (default)
+;      The strftime(3) format must be encapsuled in a %{}t tag
+;      e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
+;  %u: remote user
+;
+; Default: "%R - %u %t \"%m %r\" %s"
+;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"
+
+; The log file for slow requests
+; Default Value: not set
+; Note: slowlog is mandatory if request_slowlog_timeout is set
+;slowlog = log/$pool.log.slow
+
+; The timeout for serving a single request after which a PHP backtrace will be
+; dumped to the 'slowlog' file. A value of '0s' means 'off'.
+; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
+; Default Value: 0
+;request_slowlog_timeout = 0
+
+; The timeout for serving a single request after which the worker process will
+; be killed. This option should be used when the 'max_execution_time' ini option
+; does not stop script execution for some reason. A value of '0' means 'off'.
+; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
+; Default Value: 0
+;request_terminate_timeout = 0
+
+; Set open file descriptor rlimit.
+; Default Value: system defined value
+;rlimit_files = 1024
+
+; Set max core size rlimit.
+; Possible Values: 'unlimited' or an integer greater or equal to 0
+; Default Value: system defined value
+;rlimit_core = 0
+
+; Chroot to this directory at the start. This value must be defined as an
+; absolute path. When this value is not set, chroot is not used.
+; Note: you can prefix with '$prefix' to chroot to the pool prefix or one
+; of its subdirectories. If the pool prefix is not set, the global prefix
+; will be used instead.
+; Note: chrooting is a great security feature and should be used whenever
+;       possible. However, all PHP paths will be relative to the chroot
+;       (error_log, sessions.save_path, ...).
+; Default Value: not set
+;chroot =
+
+; Chdir to this directory at the start.
+; Note: relative path can be used.
+; Default Value: current directory or / when chroot
+;chdir = /var/www
+
+; Redirect worker stdout and stderr into main error log. If not set, stdout and
+; stderr will be redirected to /dev/null according to FastCGI specs.
+; Note: on highloaded environement, this can cause some delay in the page
+; process time (several ms).
+; Default Value: no
+;catch_workers_output = yes
+
+; Clear environment in FPM workers
+; Prevents arbitrary environment variables from reaching FPM worker processes
+; by clearing the environment in workers before env vars specified in this
+; pool configuration are added.
+; Setting to "no" will make all environment variables available to PHP code
+; via getenv(), $_ENV and $_SERVER.
+; Default Value: yes
+;clear_env = no
+
+; Limits the extensions of the main script FPM will allow to parse. This can
+; prevent configuration mistakes on the web server side. You should only limit
+; FPM to .php extensions to prevent malicious users to use other extensions to
+; execute php code.
+; Note: set an empty value to allow all extensions.
+; Default Value: .php
+;security.limit_extensions = .php .php3 .php4 .php5 .php7
+
+; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
+; the current environment.
+; Default Value: clean env
+;env[HOSTNAME] = $HOSTNAME
+;env[PATH] = /usr/local/bin:/usr/bin:/bin
+;env[TMP] = /tmp
+;env[TMPDIR] = /tmp
+;env[TEMP] = /tmp
+
+; Additional php.ini defines, specific to this pool of workers. These settings
+; overwrite the values previously defined in the php.ini. The directives are the
+; same as the PHP SAPI:
+;   php_value/php_flag             - you can set classic ini defines which can
+;                                    be overwritten from PHP call 'ini_set'.
+;   php_admin_value/php_admin_flag - these directives won't be overwritten by
+;                                     PHP call 'ini_set'
+; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no.
+
+; Defining 'extension' will load the corresponding shared extension from
+; extension_dir. Defining 'disable_functions' or 'disable_classes' will not
+; overwrite previously defined php.ini values, but will append the new value
+; instead.
+
+; Note: path INI options can be relative and will be expanded with the prefix
+; (pool, global or /usr)
+
+; Default Value: nothing is defined by default except the values in php.ini and
+;                specified at startup with the -d argument
+;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com
+;php_flag[display_errors] = off
+;php_admin_value[error_log] = /var/log/fpm-php.www.log
+;php_admin_flag[log_errors] = on
+;php_admin_value[memory_limit] = 32M
diff --git a/src/deb/for-download/tools/default-pool.d/7.1/www.conf b/src/deb/for-download/tools/default-pool.d/7.1/www.conf
new file mode 100644
index 00000000..fc09b4c0
--- /dev/null
+++ b/src/deb/for-download/tools/default-pool.d/7.1/www.conf
@@ -0,0 +1,420 @@
+; Start a new pool named 'www'.
+; the variable $pool can be used in any directive and will be replaced by the
+; pool name ('www' here)
+[www]
+
+; Per pool prefix
+; It only applies on the following directives:
+; - 'access.log'
+; - 'slowlog'
+; - 'listen' (unixsocket)
+; - 'chroot'
+; - 'chdir'
+; - 'php_values'
+; - 'php_admin_values'
+; When not set, the global prefix (or /usr) applies instead.
+; Note: This directive can also be relative to the global prefix.
+; Default Value: none
+;prefix = /path/to/pools/$pool
+
+; Unix user/group of processes
+; Note: The user is mandatory. If the group is not set, the default user's group
+;       will be used.
+user = www-data
+group = www-data
+
+; The address on which to accept FastCGI requests.
+; Valid syntaxes are:
+;   'ip.add.re.ss:port'    - to listen on a TCP socket to a specific IPv4 address on
+;                            a specific port;
+;   '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
+;                            a specific port;
+;   'port'                 - to listen on a TCP socket to all addresses
+;                            (IPv6 and IPv4-mapped) on a specific port;
+;   '/path/to/unix/socket' - to listen on a unix socket.
+; Note: This value is mandatory.
+listen = /run/php/php7.1-fpm.sock
+
+; Set listen(2) backlog.
+; Default Value: 511 (-1 on FreeBSD and OpenBSD)
+;listen.backlog = 511
+
+; Set permissions for unix socket, if one is used. In Linux, read/write
+; permissions must be set in order to allow connections from a web server. Many
+; BSD-derived systems allow connections regardless of permissions. The owner
+; and group can be specified either by name or by their numeric IDs.
+; Default Values: user and group are set as the running user
+;                 mode is set to 0660
+listen.owner = www-data
+listen.group = www-data
+;listen.mode = 0660
+; When POSIX Access Control Lists are supported you can set them using
+; these options, value is a comma separated list of user/group names.
+; When set, listen.owner and listen.group are ignored
+;listen.acl_users =
+;listen.acl_groups =
+
+; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect.
+; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
+; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
+; must be separated by a comma. If this value is left blank, connections will be
+; accepted from any ip address.
+; Default Value: any
+;listen.allowed_clients = 127.0.0.1
+
+; Specify the nice(2) priority to apply to the pool processes (only if set)
+; The value can vary from -19 (highest priority) to 20 (lower priority)
+; Note: - It will only work if the FPM master process is launched as root
+;       - The pool processes will inherit the master process priority
+;         unless it specified otherwise
+; Default Value: no set
+; process.priority = -19
+
+; Set the process dumpable flag (PR_SET_DUMPABLE prctl) even if the process user
+; or group is differrent than the master process user. It allows to create process
+; core dump and ptrace the process for the pool user.
+; Default Value: no
+; process.dumpable = yes
+
+; Choose how the process manager will control the number of child processes.
+; Possible Values:
+;   static  - a fixed number (pm.max_children) of child processes;
+;   dynamic - the number of child processes are set dynamically based on the
+;             following directives. With this process management, there will be
+;             always at least 1 children.
+;             pm.max_children      - the maximum number of children that can
+;                                    be alive at the same time.
+;             pm.start_servers     - the number of children created on startup.
+;             pm.min_spare_servers - the minimum number of children in 'idle'
+;                                    state (waiting to process). If the number
+;                                    of 'idle' processes is less than this
+;                                    number then some children will be created.
+;             pm.max_spare_servers - the maximum number of children in 'idle'
+;                                    state (waiting to process). If the number
+;                                    of 'idle' processes is greater than this
+;                                    number then some children will be killed.
+;  ondemand - no children are created at startup. Children will be forked when
+;             new requests will connect. The following parameter are used:
+;             pm.max_children           - the maximum number of children that
+;                                         can be alive at the same time.
+;             pm.process_idle_timeout   - The number of seconds after which
+;                                         an idle process will be killed.
+; Note: This value is mandatory.
+pm = dynamic
+
+; The number of child processes to be created when pm is set to 'static' and the
+; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'.
+; This value sets the limit on the number of simultaneous requests that will be
+; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.
+; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP
+; CGI. The below defaults are based on a server without much resources. Don't
+; forget to tweak pm.* to fit your needs.
+; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand'
+; Note: This value is mandatory.
+pm.max_children = 5
+
+; The number of child processes created on startup.
+; Note: Used only when pm is set to 'dynamic'
+; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2
+pm.start_servers = 2
+
+; The desired minimum number of idle server processes.
+; Note: Used only when pm is set to 'dynamic'
+; Note: Mandatory when pm is set to 'dynamic'
+pm.min_spare_servers = 1
+
+; The desired maximum number of idle server processes.
+; Note: Used only when pm is set to 'dynamic'
+; Note: Mandatory when pm is set to 'dynamic'
+pm.max_spare_servers = 3
+
+; The number of seconds after which an idle process will be killed.
+; Note: Used only when pm is set to 'ondemand'
+; Default Value: 10s
+;pm.process_idle_timeout = 10s;
+
+; The number of requests each child process should execute before respawning.
+; This can be useful to work around memory leaks in 3rd party libraries. For
+; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
+; Default Value: 0
+;pm.max_requests = 500
+
+; The URI to view the FPM status page. If this value is not set, no URI will be
+; recognized as a status page. It shows the following informations:
+;   pool                 - the name of the pool;
+;   process manager      - static, dynamic or ondemand;
+;   start time           - the date and time FPM has started;
+;   start since          - number of seconds since FPM has started;
+;   accepted conn        - the number of request accepted by the pool;
+;   listen queue         - the number of request in the queue of pending
+;                          connections (see backlog in listen(2));
+;   max listen queue     - the maximum number of requests in the queue
+;                          of pending connections since FPM has started;
+;   listen queue len     - the size of the socket queue of pending connections;
+;   idle processes       - the number of idle processes;
+;   active processes     - the number of active processes;
+;   total processes      - the number of idle + active processes;
+;   max active processes - the maximum number of active processes since FPM
+;                          has started;
+;   max children reached - number of times, the process limit has been reached,
+;                          when pm tries to start more children (works only for
+;                          pm 'dynamic' and 'ondemand');
+; Value are updated in real time.
+; Example output:
+;   pool:                 www
+;   process manager:      static
+;   start time:           01/Jul/2011:17:53:49 +0200
+;   start since:          62636
+;   accepted conn:        190460
+;   listen queue:         0
+;   max listen queue:     1
+;   listen queue len:     42
+;   idle processes:       4
+;   active processes:     11
+;   total processes:      15
+;   max active processes: 12
+;   max children reached: 0
+;
+; By default the status page output is formatted as text/plain. Passing either
+; 'html', 'xml' or 'json' in the query string will return the corresponding
+; output syntax. Example:
+;   http://www.foo.bar/status
+;   http://www.foo.bar/status?json
+;   http://www.foo.bar/status?html
+;   http://www.foo.bar/status?xml
+;
+; By default the status page only outputs short status. Passing 'full' in the
+; query string will also return status for each pool process.
+; Example:
+;   http://www.foo.bar/status?full
+;   http://www.foo.bar/status?json&full
+;   http://www.foo.bar/status?html&full
+;   http://www.foo.bar/status?xml&full
+; The Full status returns for each process:
+;   pid                  - the PID of the process;
+;   state                - the state of the process (Idle, Running, ...);
+;   start time           - the date and time the process has started;
+;   start since          - the number of seconds since the process has started;
+;   requests             - the number of requests the process has served;
+;   request duration     - the duration in µs of the requests;
+;   request method       - the request method (GET, POST, ...);
+;   request URI          - the request URI with the query string;
+;   content length       - the content length of the request (only with POST);
+;   user                 - the user (PHP_AUTH_USER) (or '-' if not set);
+;   script               - the main script called (or '-' if not set);
+;   last request cpu     - the %cpu the last request consumed
+;                          it's always 0 if the process is not in Idle state
+;                          because CPU calculation is done when the request
+;                          processing has terminated;
+;   last request memory  - the max amount of memory the last request consumed
+;                          it's always 0 if the process is not in Idle state
+;                          because memory calculation is done when the request
+;                          processing has terminated;
+; If the process is in Idle state, then informations are related to the
+; last request the process has served. Otherwise informations are related to
+; the current request being served.
+; Example output:
+;   ************************
+;   pid:                  31330
+;   state:                Running
+;   start time:           01/Jul/2011:17:53:49 +0200
+;   start since:          63087
+;   requests:             12808
+;   request duration:     1250261
+;   request method:       GET
+;   request URI:          /test_mem.php?N=10000
+;   content length:       0
+;   user:                 -
+;   script:               /home/fat/web/docs/php/test_mem.php
+;   last request cpu:     0.00
+;   last request memory:  0
+;
+; Note: There is a real-time FPM status monitoring sample web page available
+;       It's available in: /usr/share/php/7.1/fpm/status.html
+;
+; Note: The value must start with a leading slash (/). The value can be
+;       anything, but it may not be a good idea to use the .php extension or it
+;       may conflict with a real PHP file.
+; Default Value: not set
+;pm.status_path = /status
+
+; The ping URI to call the monitoring page of FPM. If this value is not set, no
+; URI will be recognized as a ping page. This could be used to test from outside
+; that FPM is alive and responding, or to
+; - create a graph of FPM availability (rrd or such);
+; - remove a server from a group if it is not responding (load balancing);
+; - trigger alerts for the operating team (24/7).
+; Note: The value must start with a leading slash (/). The value can be
+;       anything, but it may not be a good idea to use the .php extension or it
+;       may conflict with a real PHP file.
+; Default Value: not set
+;ping.path = /ping
+
+; This directive may be used to customize the response of a ping request. The
+; response is formatted as text/plain with a 200 response code.
+; Default Value: pong
+;ping.response = pong
+
+; The access log file
+; Default: not set
+;access.log = log/$pool.access.log
+
+; The access log format.
+; The following syntax is allowed
+;  %%: the '%' character
+;  %C: %CPU used by the request
+;      it can accept the following format:
+;      - %{user}C for user CPU only
+;      - %{system}C for system CPU only
+;      - %{total}C  for user + system CPU (default)
+;  %d: time taken to serve the request
+;      it can accept the following format:
+;      - %{seconds}d (default)
+;      - %{miliseconds}d
+;      - %{mili}d
+;      - %{microseconds}d
+;      - %{micro}d
+;  %e: an environment variable (same as $_ENV or $_SERVER)
+;      it must be associated with embraces to specify the name of the env
+;      variable. Some exemples:
+;      - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e
+;      - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e
+;  %f: script filename
+;  %l: content-length of the request (for POST request only)
+;  %m: request method
+;  %M: peak of memory allocated by PHP
+;      it can accept the following format:
+;      - %{bytes}M (default)
+;      - %{kilobytes}M
+;      - %{kilo}M
+;      - %{megabytes}M
+;      - %{mega}M
+;  %n: pool name
+;  %o: output header
+;      it must be associated with embraces to specify the name of the header:
+;      - %{Content-Type}o
+;      - %{X-Powered-By}o
+;      - %{Transfert-Encoding}o
+;      - ....
+;  %p: PID of the child that serviced the request
+;  %P: PID of the parent of the child that serviced the request
+;  %q: the query string
+;  %Q: the '?' character if query string exists
+;  %r: the request URI (without the query string, see %q and %Q)
+;  %R: remote IP address
+;  %s: status (response code)
+;  %t: server time the request was received
+;      it can accept a strftime(3) format:
+;      %d/%b/%Y:%H:%M:%S %z (default)
+;      The strftime(3) format must be encapsuled in a %{}t tag
+;      e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
+;  %T: time the log has been written (the request has finished)
+;      it can accept a strftime(3) format:
+;      %d/%b/%Y:%H:%M:%S %z (default)
+;      The strftime(3) format must be encapsuled in a %{}t tag
+;      e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
+;  %u: remote user
+;
+; Default: "%R - %u %t \"%m %r\" %s"
+;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"
+
+; The log file for slow requests
+; Default Value: not set
+; Note: slowlog is mandatory if request_slowlog_timeout is set
+;slowlog = log/$pool.log.slow
+
+; The timeout for serving a single request after which a PHP backtrace will be
+; dumped to the 'slowlog' file. A value of '0s' means 'off'.
+; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
+; Default Value: 0
+;request_slowlog_timeout = 0
+
+; The timeout for serving a single request after which the worker process will
+; be killed. This option should be used when the 'max_execution_time' ini option
+; does not stop script execution for some reason. A value of '0' means 'off'.
+; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
+; Default Value: 0
+;request_terminate_timeout = 0
+
+; Set open file descriptor rlimit.
+; Default Value: system defined value
+;rlimit_files = 1024
+
+; Set max core size rlimit.
+; Possible Values: 'unlimited' or an integer greater or equal to 0
+; Default Value: system defined value
+;rlimit_core = 0
+
+; Chroot to this directory at the start. This value must be defined as an
+; absolute path. When this value is not set, chroot is not used.
+; Note: you can prefix with '$prefix' to chroot to the pool prefix or one
+; of its subdirectories. If the pool prefix is not set, the global prefix
+; will be used instead.
+; Note: chrooting is a great security feature and should be used whenever
+;       possible. However, all PHP paths will be relative to the chroot
+;       (error_log, sessions.save_path, ...).
+; Default Value: not set
+;chroot =
+
+; Chdir to this directory at the start.
+; Note: relative path can be used.
+; Default Value: current directory or / when chroot
+;chdir = /var/www
+
+; Redirect worker stdout and stderr into main error log. If not set, stdout and
+; stderr will be redirected to /dev/null according to FastCGI specs.
+; Note: on highloaded environement, this can cause some delay in the page
+; process time (several ms).
+; Default Value: no
+;catch_workers_output = yes
+
+; Clear environment in FPM workers
+; Prevents arbitrary environment variables from reaching FPM worker processes
+; by clearing the environment in workers before env vars specified in this
+; pool configuration are added.
+; Setting to "no" will make all environment variables available to PHP code
+; via getenv(), $_ENV and $_SERVER.
+; Default Value: yes
+;clear_env = no
+
+; Limits the extensions of the main script FPM will allow to parse. This can
+; prevent configuration mistakes on the web server side. You should only limit
+; FPM to .php extensions to prevent malicious users to use other extensions to
+; execute php code.
+; Note: set an empty value to allow all extensions.
+; Default Value: .php
+;security.limit_extensions = .php .php3 .php4 .php5 .php7
+
+; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
+; the current environment.
+; Default Value: clean env
+;env[HOSTNAME] = $HOSTNAME
+;env[PATH] = /usr/local/bin:/usr/bin:/bin
+;env[TMP] = /tmp
+;env[TMPDIR] = /tmp
+;env[TEMP] = /tmp
+
+; Additional php.ini defines, specific to this pool of workers. These settings
+; overwrite the values previously defined in the php.ini. The directives are the
+; same as the PHP SAPI:
+;   php_value/php_flag             - you can set classic ini defines which can
+;                                    be overwritten from PHP call 'ini_set'.
+;   php_admin_value/php_admin_flag - these directives won't be overwritten by
+;                                     PHP call 'ini_set'
+; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no.
+
+; Defining 'extension' will load the corresponding shared extension from
+; extension_dir. Defining 'disable_functions' or 'disable_classes' will not
+; overwrite previously defined php.ini values, but will append the new value
+; instead.
+
+; Note: path INI options can be relative and will be expanded with the prefix
+; (pool, global or /usr)
+
+; Default Value: nothing is defined by default except the values in php.ini and
+;                specified at startup with the -d argument
+;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com
+;php_flag[display_errors] = off
+;php_admin_value[error_log] = /var/log/fpm-php.www.log
+;php_admin_flag[log_errors] = on
+;php_admin_value[memory_limit] = 32M
diff --git a/src/deb/for-download/tools/default-pool.d/7.3/www.conf b/src/deb/for-download/tools/default-pool.d/7.3/www.conf
new file mode 100644
index 00000000..03ce7b03
--- /dev/null
+++ b/src/deb/for-download/tools/default-pool.d/7.3/www.conf
@@ -0,0 +1,439 @@
+; Start a new pool named 'www'.
+; the variable $pool can be used in any directive and will be replaced by the
+; pool name ('www' here)
+[www]
+
+; Per pool prefix
+; It only applies on the following directives:
+; - 'access.log'
+; - 'slowlog'
+; - 'listen' (unixsocket)
+; - 'chroot'
+; - 'chdir'
+; - 'php_values'
+; - 'php_admin_values'
+; When not set, the global prefix (or /usr) applies instead.
+; Note: This directive can also be relative to the global prefix.
+; Default Value: none
+;prefix = /path/to/pools/$pool
+
+; Unix user/group of processes
+; Note: The user is mandatory. If the group is not set, the default user's group
+;       will be used.
+user = www-data
+group = www-data
+
+; The address on which to accept FastCGI requests.
+; Valid syntaxes are:
+;   'ip.add.re.ss:port'    - to listen on a TCP socket to a specific IPv4 address on
+;                            a specific port;
+;   '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
+;                            a specific port;
+;   'port'                 - to listen on a TCP socket to all addresses
+;                            (IPv6 and IPv4-mapped) on a specific port;
+;   '/path/to/unix/socket' - to listen on a unix socket.
+; Note: This value is mandatory.
+listen = /run/php/php7.3-fpm.sock
+
+; Set listen(2) backlog.
+; Default Value: 511 (-1 on FreeBSD and OpenBSD)
+;listen.backlog = 511
+
+; Set permissions for unix socket, if one is used. In Linux, read/write
+; permissions must be set in order to allow connections from a web server. Many
+; BSD-derived systems allow connections regardless of permissions. The owner
+; and group can be specified either by name or by their numeric IDs.
+; Default Values: user and group are set as the running user
+;                 mode is set to 0660
+listen.owner = www-data
+listen.group = www-data
+;listen.mode = 0660
+; When POSIX Access Control Lists are supported you can set them using
+; these options, value is a comma separated list of user/group names.
+; When set, listen.owner and listen.group are ignored
+;listen.acl_users =
+;listen.acl_groups =
+
+; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect.
+; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
+; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
+; must be separated by a comma. If this value is left blank, connections will be
+; accepted from any ip address.
+; Default Value: any
+;listen.allowed_clients = 127.0.0.1
+
+; Specify the nice(2) priority to apply to the pool processes (only if set)
+; The value can vary from -19 (highest priority) to 20 (lower priority)
+; Note: - It will only work if the FPM master process is launched as root
+;       - The pool processes will inherit the master process priority
+;         unless it specified otherwise
+; Default Value: no set
+; process.priority = -19
+
+; Set the process dumpable flag (PR_SET_DUMPABLE prctl) even if the process user
+; or group is differrent than the master process user. It allows to create process
+; core dump and ptrace the process for the pool user.
+; Default Value: no
+; process.dumpable = yes
+
+; Choose how the process manager will control the number of child processes.
+; Possible Values:
+;   static  - a fixed number (pm.max_children) of child processes;
+;   dynamic - the number of child processes are set dynamically based on the
+;             following directives. With this process management, there will be
+;             always at least 1 children.
+;             pm.max_children      - the maximum number of children that can
+;                                    be alive at the same time.
+;             pm.start_servers     - the number of children created on startup.
+;             pm.min_spare_servers - the minimum number of children in 'idle'
+;                                    state (waiting to process). If the number
+;                                    of 'idle' processes is less than this
+;                                    number then some children will be created.
+;             pm.max_spare_servers - the maximum number of children in 'idle'
+;                                    state (waiting to process). If the number
+;                                    of 'idle' processes is greater than this
+;                                    number then some children will be killed.
+;  ondemand - no children are created at startup. Children will be forked when
+;             new requests will connect. The following parameter are used:
+;             pm.max_children           - the maximum number of children that
+;                                         can be alive at the same time.
+;             pm.process_idle_timeout   - The number of seconds after which
+;                                         an idle process will be killed.
+; Note: This value is mandatory.
+pm = dynamic
+
+; The number of child processes to be created when pm is set to 'static' and the
+; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'.
+; This value sets the limit on the number of simultaneous requests that will be
+; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.
+; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP
+; CGI. The below defaults are based on a server without much resources. Don't
+; forget to tweak pm.* to fit your needs.
+; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand'
+; Note: This value is mandatory.
+pm.max_children = 5
+
+; The number of child processes created on startup.
+; Note: Used only when pm is set to 'dynamic'
+; Default Value: min_spare_servers + (max_spare_servers - min_spare_servers) / 2
+pm.start_servers = 2
+
+; The desired minimum number of idle server processes.
+; Note: Used only when pm is set to 'dynamic'
+; Note: Mandatory when pm is set to 'dynamic'
+pm.min_spare_servers = 1
+
+; The desired maximum number of idle server processes.
+; Note: Used only when pm is set to 'dynamic'
+; Note: Mandatory when pm is set to 'dynamic'
+pm.max_spare_servers = 3
+
+; The number of seconds after which an idle process will be killed.
+; Note: Used only when pm is set to 'ondemand'
+; Default Value: 10s
+;pm.process_idle_timeout = 10s;
+
+; The number of requests each child process should execute before respawning.
+; This can be useful to work around memory leaks in 3rd party libraries. For
+; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
+; Default Value: 0
+;pm.max_requests = 500
+
+; The URI to view the FPM status page. If this value is not set, no URI will be
+; recognized as a status page. It shows the following informations:
+;   pool                 - the name of the pool;
+;   process manager      - static, dynamic or ondemand;
+;   start time           - the date and time FPM has started;
+;   start since          - number of seconds since FPM has started;
+;   accepted conn        - the number of request accepted by the pool;
+;   listen queue         - the number of request in the queue of pending
+;                          connections (see backlog in listen(2));
+;   max listen queue     - the maximum number of requests in the queue
+;                          of pending connections since FPM has started;
+;   listen queue len     - the size of the socket queue of pending connections;
+;   idle processes       - the number of idle processes;
+;   active processes     - the number of active processes;
+;   total processes      - the number of idle + active processes;
+;   max active processes - the maximum number of active processes since FPM
+;                          has started;
+;   max children reached - number of times, the process limit has been reached,
+;                          when pm tries to start more children (works only for
+;                          pm 'dynamic' and 'ondemand');
+; Value are updated in real time.
+; Example output:
+;   pool:                 www
+;   process manager:      static
+;   start time:           01/Jul/2011:17:53:49 +0200
+;   start since:          62636
+;   accepted conn:        190460
+;   listen queue:         0
+;   max listen queue:     1
+;   listen queue len:     42
+;   idle processes:       4
+;   active processes:     11
+;   total processes:      15
+;   max active processes: 12
+;   max children reached: 0
+;
+; By default the status page output is formatted as text/plain. Passing either
+; 'html', 'xml' or 'json' in the query string will return the corresponding
+; output syntax. Example:
+;   http://www.foo.bar/status
+;   http://www.foo.bar/status?json
+;   http://www.foo.bar/status?html
+;   http://www.foo.bar/status?xml
+;
+; By default the status page only outputs short status. Passing 'full' in the
+; query string will also return status for each pool process.
+; Example:
+;   http://www.foo.bar/status?full
+;   http://www.foo.bar/status?json&full
+;   http://www.foo.bar/status?html&full
+;   http://www.foo.bar/status?xml&full
+; The Full status returns for each process:
+;   pid                  - the PID of the process;
+;   state                - the state of the process (Idle, Running, ...);
+;   start time           - the date and time the process has started;
+;   start since          - the number of seconds since the process has started;
+;   requests             - the number of requests the process has served;
+;   request duration     - the duration in µs of the requests;
+;   request method       - the request method (GET, POST, ...);
+;   request URI          - the request URI with the query string;
+;   content length       - the content length of the request (only with POST);
+;   user                 - the user (PHP_AUTH_USER) (or '-' if not set);
+;   script               - the main script called (or '-' if not set);
+;   last request cpu     - the %cpu the last request consumed
+;                          it's always 0 if the process is not in Idle state
+;                          because CPU calculation is done when the request
+;                          processing has terminated;
+;   last request memory  - the max amount of memory the last request consumed
+;                          it's always 0 if the process is not in Idle state
+;                          because memory calculation is done when the request
+;                          processing has terminated;
+; If the process is in Idle state, then informations are related to the
+; last request the process has served. Otherwise informations are related to
+; the current request being served.
+; Example output:
+;   ************************
+;   pid:                  31330
+;   state:                Running
+;   start time:           01/Jul/2011:17:53:49 +0200
+;   start since:          63087
+;   requests:             12808
+;   request duration:     1250261
+;   request method:       GET
+;   request URI:          /test_mem.php?N=10000
+;   content length:       0
+;   user:                 -
+;   script:               /home/fat/web/docs/php/test_mem.php
+;   last request cpu:     0.00
+;   last request memory:  0
+;
+; Note: There is a real-time FPM status monitoring sample web page available
+;       It's available in: /usr/share/php/7.3/fpm/status.html
+;
+; Note: The value must start with a leading slash (/). The value can be
+;       anything, but it may not be a good idea to use the .php extension or it
+;       may conflict with a real PHP file.
+; Default Value: not set
+;pm.status_path = /status
+
+; The ping URI to call the monitoring page of FPM. If this value is not set, no
+; URI will be recognized as a ping page. This could be used to test from outside
+; that FPM is alive and responding, or to
+; - create a graph of FPM availability (rrd or such);
+; - remove a server from a group if it is not responding (load balancing);
+; - trigger alerts for the operating team (24/7).
+; Note: The value must start with a leading slash (/). The value can be
+;       anything, but it may not be a good idea to use the .php extension or it
+;       may conflict with a real PHP file.
+; Default Value: not set
+;ping.path = /ping
+
+; This directive may be used to customize the response of a ping request. The
+; response is formatted as text/plain with a 200 response code.
+; Default Value: pong
+;ping.response = pong
+
+; The access log file
+; Default: not set
+;access.log = log/$pool.access.log
+
+; The access log format.
+; The following syntax is allowed
+;  %%: the '%' character
+;  %C: %CPU used by the request
+;      it can accept the following format:
+;      - %{user}C for user CPU only
+;      - %{system}C for system CPU only
+;      - %{total}C  for user + system CPU (default)
+;  %d: time taken to serve the request
+;      it can accept the following format:
+;      - %{seconds}d (default)
+;      - %{miliseconds}d
+;      - %{mili}d
+;      - %{microseconds}d
+;      - %{micro}d
+;  %e: an environment variable (same as $_ENV or $_SERVER)
+;      it must be associated with embraces to specify the name of the env
+;      variable. Some exemples:
+;      - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e
+;      - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e
+;  %f: script filename
+;  %l: content-length of the request (for POST request only)
+;  %m: request method
+;  %M: peak of memory allocated by PHP
+;      it can accept the following format:
+;      - %{bytes}M (default)
+;      - %{kilobytes}M
+;      - %{kilo}M
+;      - %{megabytes}M
+;      - %{mega}M
+;  %n: pool name
+;  %o: output header
+;      it must be associated with embraces to specify the name of the header:
+;      - %{Content-Type}o
+;      - %{X-Powered-By}o
+;      - %{Transfert-Encoding}o
+;      - ....
+;  %p: PID of the child that serviced the request
+;  %P: PID of the parent of the child that serviced the request
+;  %q: the query string
+;  %Q: the '?' character if query string exists
+;  %r: the request URI (without the query string, see %q and %Q)
+;  %R: remote IP address
+;  %s: status (response code)
+;  %t: server time the request was received
+;      it can accept a strftime(3) format:
+;      %d/%b/%Y:%H:%M:%S %z (default)
+;      The strftime(3) format must be encapsuled in a %{}t tag
+;      e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
+;  %T: time the log has been written (the request has finished)
+;      it can accept a strftime(3) format:
+;      %d/%b/%Y:%H:%M:%S %z (default)
+;      The strftime(3) format must be encapsuled in a %{}t tag
+;      e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
+;  %u: remote user
+;
+; Default: "%R - %u %t \"%m %r\" %s"
+;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"
+
+; The log file for slow requests
+; Default Value: not set
+; Note: slowlog is mandatory if request_slowlog_timeout is set
+;slowlog = log/$pool.log.slow
+
+; The timeout for serving a single request after which a PHP backtrace will be
+; dumped to the 'slowlog' file. A value of '0s' means 'off'.
+; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
+; Default Value: 0
+;request_slowlog_timeout = 0
+
+; Depth of slow log stack trace.
+; Default Value: 20
+;request_slowlog_trace_depth = 20
+
+; The timeout for serving a single request after which the worker process will
+; be killed. This option should be used when the 'max_execution_time' ini option
+; does not stop script execution for some reason. A value of '0' means 'off'.
+; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
+; Default Value: 0
+;request_terminate_timeout = 0
+
+; The timeout set by 'request_terminate_timeout' ini option is not engaged after
+; application calls 'fastcgi_finish_request' or when application has finished and
+; shutdown functions are being called (registered via register_shutdown_function).
+; This option will enable timeout limit to be applied unconditionally
+; even in such cases.
+; Default Value: no
+;request_terminate_timeout_track_finished = no
+
+; Set open file descriptor rlimit.
+; Default Value: system defined value
+;rlimit_files = 1024
+
+; Set max core size rlimit.
+; Possible Values: 'unlimited' or an integer greater or equal to 0
+; Default Value: system defined value
+;rlimit_core = 0
+
+; Chroot to this directory at the start. This value must be defined as an
+; absolute path. When this value is not set, chroot is not used.
+; Note: you can prefix with '$prefix' to chroot to the pool prefix or one
+; of its subdirectories. If the pool prefix is not set, the global prefix
+; will be used instead.
+; Note: chrooting is a great security feature and should be used whenever
+;       possible. However, all PHP paths will be relative to the chroot
+;       (error_log, sessions.save_path, ...).
+; Default Value: not set
+;chroot =
+
+; Chdir to this directory at the start.
+; Note: relative path can be used.
+; Default Value: current directory or / when chroot
+;chdir = /var/www
+
+; Redirect worker stdout and stderr into main error log. If not set, stdout and
+; stderr will be redirected to /dev/null according to FastCGI specs.
+; Note: on highloaded environement, this can cause some delay in the page
+; process time (several ms).
+; Default Value: no
+;catch_workers_output = yes
+
+; Decorate worker output with prefix and suffix containing information about
+; the child that writes to the log and if stdout or stderr is used as well as
+; log level and time. This options is used only if catch_workers_output is yes.
+; Settings to "no" will output data as written to the stdout or stderr.
+; Default value: yes
+;decorate_workers_output = no
+
+; Clear environment in FPM workers
+; Prevents arbitrary environment variables from reaching FPM worker processes
+; by clearing the environment in workers before env vars specified in this
+; pool configuration are added.
+; Setting to "no" will make all environment variables available to PHP code
+; via getenv(), $_ENV and $_SERVER.
+; Default Value: yes
+;clear_env = no
+
+; Limits the extensions of the main script FPM will allow to parse. This can
+; prevent configuration mistakes on the web server side. You should only limit
+; FPM to .php extensions to prevent malicious users to use other extensions to
+; execute php code.
+; Note: set an empty value to allow all extensions.
+; Default Value: .php
+;security.limit_extensions = .php .php3 .php4 .php5 .php7
+
+; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
+; the current environment.
+; Default Value: clean env
+;env[HOSTNAME] = $HOSTNAME
+;env[PATH] = /usr/local/bin:/usr/bin:/bin
+;env[TMP] = /tmp
+;env[TMPDIR] = /tmp
+;env[TEMP] = /tmp
+
+; Additional php.ini defines, specific to this pool of workers. These settings
+; overwrite the values previously defined in the php.ini. The directives are the
+; same as the PHP SAPI:
+;   php_value/php_flag             - you can set classic ini defines which can
+;                                    be overwritten from PHP call 'ini_set'.
+;   php_admin_value/php_admin_flag - these directives won't be overwritten by
+;                                     PHP call 'ini_set'
+; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no.
+
+; Defining 'extension' will load the corresponding shared extension from
+; extension_dir. Defining 'disable_functions' or 'disable_classes' will not
+; overwrite previously defined php.ini values, but will append the new value
+; instead.
+
+; Note: path INI options can be relative and will be expanded with the prefix
+; (pool, global or /usr)
+
+; Default Value: nothing is defined by default except the values in php.ini and
+;                specified at startup with the -d argument
+;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com
+;php_flag[display_errors] = off
+;php_admin_value[error_log] = /var/log/fpm-php.www.log
+;php_admin_flag[log_errors] = on
+;php_admin_value[memory_limit] = 32M
diff --git a/src/deb/for-download/tools/default-pool.d/7.4/www.conf b/src/deb/for-download/tools/default-pool.d/7.4/www.conf
new file mode 100644
index 00000000..8ef08a99
--- /dev/null
+++ b/src/deb/for-download/tools/default-pool.d/7.4/www.conf
@@ -0,0 +1,439 @@
+; Start a new pool named 'www'.
+; the variable $pool can be used in any directive and will be replaced by the
+; pool name ('www' here)
+[www]
+
+; Per pool prefix
+; It only applies on the following directives:
+; - 'access.log'
+; - 'slowlog'
+; - 'listen' (unixsocket)
+; - 'chroot'
+; - 'chdir'
+; - 'php_values'
+; - 'php_admin_values'
+; When not set, the global prefix (or /usr) applies instead.
+; Note: This directive can also be relative to the global prefix.
+; Default Value: none
+;prefix = /path/to/pools/$pool
+
+; Unix user/group of processes
+; Note: The user is mandatory. If the group is not set, the default user's group
+;       will be used.
+user = www-data
+group = www-data
+
+; The address on which to accept FastCGI requests.
+; Valid syntaxes are:
+;   'ip.add.re.ss:port'    - to listen on a TCP socket to a specific IPv4 address on
+;                            a specific port;
+;   '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
+;                            a specific port;
+;   'port'                 - to listen on a TCP socket to all addresses
+;                            (IPv6 and IPv4-mapped) on a specific port;
+;   '/path/to/unix/socket' - to listen on a unix socket.
+; Note: This value is mandatory.
+listen = /run/php/php7.4-fpm.sock
+
+; Set listen(2) backlog.
+; Default Value: 511 (-1 on FreeBSD and OpenBSD)
+;listen.backlog = 511
+
+; Set permissions for unix socket, if one is used. In Linux, read/write
+; permissions must be set in order to allow connections from a web server. Many
+; BSD-derived systems allow connections regardless of permissions. The owner
+; and group can be specified either by name or by their numeric IDs.
+; Default Values: user and group are set as the running user
+;                 mode is set to 0660
+listen.owner = www-data
+listen.group = www-data
+;listen.mode = 0660
+; When POSIX Access Control Lists are supported you can set them using
+; these options, value is a comma separated list of user/group names.
+; When set, listen.owner and listen.group are ignored
+;listen.acl_users =
+;listen.acl_groups =
+
+; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect.
+; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
+; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
+; must be separated by a comma. If this value is left blank, connections will be
+; accepted from any ip address.
+; Default Value: any
+;listen.allowed_clients = 127.0.0.1
+
+; Specify the nice(2) priority to apply to the pool processes (only if set)
+; The value can vary from -19 (highest priority) to 20 (lower priority)
+; Note: - It will only work if the FPM master process is launched as root
+;       - The pool processes will inherit the master process priority
+;         unless it specified otherwise
+; Default Value: no set
+; process.priority = -19
+
+; Set the process dumpable flag (PR_SET_DUMPABLE prctl) even if the process user
+; or group is differrent than the master process user. It allows to create process
+; core dump and ptrace the process for the pool user.
+; Default Value: no
+; process.dumpable = yes
+
+; Choose how the process manager will control the number of child processes.
+; Possible Values:
+;   static  - a fixed number (pm.max_children) of child processes;
+;   dynamic - the number of child processes are set dynamically based on the
+;             following directives. With this process management, there will be
+;             always at least 1 children.
+;             pm.max_children      - the maximum number of children that can
+;                                    be alive at the same time.
+;             pm.start_servers     - the number of children created on startup.
+;             pm.min_spare_servers - the minimum number of children in 'idle'
+;                                    state (waiting to process). If the number
+;                                    of 'idle' processes is less than this
+;                                    number then some children will be created.
+;             pm.max_spare_servers - the maximum number of children in 'idle'
+;                                    state (waiting to process). If the number
+;                                    of 'idle' processes is greater than this
+;                                    number then some children will be killed.
+;  ondemand - no children are created at startup. Children will be forked when
+;             new requests will connect. The following parameter are used:
+;             pm.max_children           - the maximum number of children that
+;                                         can be alive at the same time.
+;             pm.process_idle_timeout   - The number of seconds after which
+;                                         an idle process will be killed.
+; Note: This value is mandatory.
+pm = dynamic
+
+; The number of child processes to be created when pm is set to 'static' and the
+; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'.
+; This value sets the limit on the number of simultaneous requests that will be
+; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.
+; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP
+; CGI. The below defaults are based on a server without much resources. Don't
+; forget to tweak pm.* to fit your needs.
+; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand'
+; Note: This value is mandatory.
+pm.max_children = 5
+
+; The number of child processes created on startup.
+; Note: Used only when pm is set to 'dynamic'
+; Default Value: (min_spare_servers + max_spare_servers) / 2
+pm.start_servers = 2
+
+; The desired minimum number of idle server processes.
+; Note: Used only when pm is set to 'dynamic'
+; Note: Mandatory when pm is set to 'dynamic'
+pm.min_spare_servers = 1
+
+; The desired maximum number of idle server processes.
+; Note: Used only when pm is set to 'dynamic'
+; Note: Mandatory when pm is set to 'dynamic'
+pm.max_spare_servers = 3
+
+; The number of seconds after which an idle process will be killed.
+; Note: Used only when pm is set to 'ondemand'
+; Default Value: 10s
+;pm.process_idle_timeout = 10s;
+
+; The number of requests each child process should execute before respawning.
+; This can be useful to work around memory leaks in 3rd party libraries. For
+; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
+; Default Value: 0
+;pm.max_requests = 500
+
+; The URI to view the FPM status page. If this value is not set, no URI will be
+; recognized as a status page. It shows the following informations:
+;   pool                 - the name of the pool;
+;   process manager      - static, dynamic or ondemand;
+;   start time           - the date and time FPM has started;
+;   start since          - number of seconds since FPM has started;
+;   accepted conn        - the number of request accepted by the pool;
+;   listen queue         - the number of request in the queue of pending
+;                          connections (see backlog in listen(2));
+;   max listen queue     - the maximum number of requests in the queue
+;                          of pending connections since FPM has started;
+;   listen queue len     - the size of the socket queue of pending connections;
+;   idle processes       - the number of idle processes;
+;   active processes     - the number of active processes;
+;   total processes      - the number of idle + active processes;
+;   max active processes - the maximum number of active processes since FPM
+;                          has started;
+;   max children reached - number of times, the process limit has been reached,
+;                          when pm tries to start more children (works only for
+;                          pm 'dynamic' and 'ondemand');
+; Value are updated in real time.
+; Example output:
+;   pool:                 www
+;   process manager:      static
+;   start time:           01/Jul/2011:17:53:49 +0200
+;   start since:          62636
+;   accepted conn:        190460
+;   listen queue:         0
+;   max listen queue:     1
+;   listen queue len:     42
+;   idle processes:       4
+;   active processes:     11
+;   total processes:      15
+;   max active processes: 12
+;   max children reached: 0
+;
+; By default the status page output is formatted as text/plain. Passing either
+; 'html', 'xml' or 'json' in the query string will return the corresponding
+; output syntax. Example:
+;   http://www.foo.bar/status
+;   http://www.foo.bar/status?json
+;   http://www.foo.bar/status?html
+;   http://www.foo.bar/status?xml
+;
+; By default the status page only outputs short status. Passing 'full' in the
+; query string will also return status for each pool process.
+; Example:
+;   http://www.foo.bar/status?full
+;   http://www.foo.bar/status?json&full
+;   http://www.foo.bar/status?html&full
+;   http://www.foo.bar/status?xml&full
+; The Full status returns for each process:
+;   pid                  - the PID of the process;
+;   state                - the state of the process (Idle, Running, ...);
+;   start time           - the date and time the process has started;
+;   start since          - the number of seconds since the process has started;
+;   requests             - the number of requests the process has served;
+;   request duration     - the duration in µs of the requests;
+;   request method       - the request method (GET, POST, ...);
+;   request URI          - the request URI with the query string;
+;   content length       - the content length of the request (only with POST);
+;   user                 - the user (PHP_AUTH_USER) (or '-' if not set);
+;   script               - the main script called (or '-' if not set);
+;   last request cpu     - the %cpu the last request consumed
+;                          it's always 0 if the process is not in Idle state
+;                          because CPU calculation is done when the request
+;                          processing has terminated;
+;   last request memory  - the max amount of memory the last request consumed
+;                          it's always 0 if the process is not in Idle state
+;                          because memory calculation is done when the request
+;                          processing has terminated;
+; If the process is in Idle state, then informations are related to the
+; last request the process has served. Otherwise informations are related to
+; the current request being served.
+; Example output:
+;   ************************
+;   pid:                  31330
+;   state:                Running
+;   start time:           01/Jul/2011:17:53:49 +0200
+;   start since:          63087
+;   requests:             12808
+;   request duration:     1250261
+;   request method:       GET
+;   request URI:          /test_mem.php?N=10000
+;   content length:       0
+;   user:                 -
+;   script:               /home/fat/web/docs/php/test_mem.php
+;   last request cpu:     0.00
+;   last request memory:  0
+;
+; Note: There is a real-time FPM status monitoring sample web page available
+;       It's available in: /usr/share/php/7.4/fpm/status.html
+;
+; Note: The value must start with a leading slash (/). The value can be
+;       anything, but it may not be a good idea to use the .php extension or it
+;       may conflict with a real PHP file.
+; Default Value: not set
+;pm.status_path = /status
+
+; The ping URI to call the monitoring page of FPM. If this value is not set, no
+; URI will be recognized as a ping page. This could be used to test from outside
+; that FPM is alive and responding, or to
+; - create a graph of FPM availability (rrd or such);
+; - remove a server from a group if it is not responding (load balancing);
+; - trigger alerts for the operating team (24/7).
+; Note: The value must start with a leading slash (/). The value can be
+;       anything, but it may not be a good idea to use the .php extension or it
+;       may conflict with a real PHP file.
+; Default Value: not set
+;ping.path = /ping
+
+; This directive may be used to customize the response of a ping request. The
+; response is formatted as text/plain with a 200 response code.
+; Default Value: pong
+;ping.response = pong
+
+; The access log file
+; Default: not set
+;access.log = log/$pool.access.log
+
+; The access log format.
+; The following syntax is allowed
+;  %%: the '%' character
+;  %C: %CPU used by the request
+;      it can accept the following format:
+;      - %{user}C for user CPU only
+;      - %{system}C for system CPU only
+;      - %{total}C  for user + system CPU (default)
+;  %d: time taken to serve the request
+;      it can accept the following format:
+;      - %{seconds}d (default)
+;      - %{miliseconds}d
+;      - %{mili}d
+;      - %{microseconds}d
+;      - %{micro}d
+;  %e: an environment variable (same as $_ENV or $_SERVER)
+;      it must be associated with embraces to specify the name of the env
+;      variable. Some exemples:
+;      - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e
+;      - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e
+;  %f: script filename
+;  %l: content-length of the request (for POST request only)
+;  %m: request method
+;  %M: peak of memory allocated by PHP
+;      it can accept the following format:
+;      - %{bytes}M (default)
+;      - %{kilobytes}M
+;      - %{kilo}M
+;      - %{megabytes}M
+;      - %{mega}M
+;  %n: pool name
+;  %o: output header
+;      it must be associated with embraces to specify the name of the header:
+;      - %{Content-Type}o
+;      - %{X-Powered-By}o
+;      - %{Transfert-Encoding}o
+;      - ....
+;  %p: PID of the child that serviced the request
+;  %P: PID of the parent of the child that serviced the request
+;  %q: the query string
+;  %Q: the '?' character if query string exists
+;  %r: the request URI (without the query string, see %q and %Q)
+;  %R: remote IP address
+;  %s: status (response code)
+;  %t: server time the request was received
+;      it can accept a strftime(3) format:
+;      %d/%b/%Y:%H:%M:%S %z (default)
+;      The strftime(3) format must be encapsuled in a %{}t tag
+;      e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
+;  %T: time the log has been written (the request has finished)
+;      it can accept a strftime(3) format:
+;      %d/%b/%Y:%H:%M:%S %z (default)
+;      The strftime(3) format must be encapsuled in a %{}t tag
+;      e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
+;  %u: remote user
+;
+; Default: "%R - %u %t \"%m %r\" %s"
+;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"
+
+; The log file for slow requests
+; Default Value: not set
+; Note: slowlog is mandatory if request_slowlog_timeout is set
+;slowlog = log/$pool.log.slow
+
+; The timeout for serving a single request after which a PHP backtrace will be
+; dumped to the 'slowlog' file. A value of '0s' means 'off'.
+; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
+; Default Value: 0
+;request_slowlog_timeout = 0
+
+; Depth of slow log stack trace.
+; Default Value: 20
+;request_slowlog_trace_depth = 20
+
+; The timeout for serving a single request after which the worker process will
+; be killed. This option should be used when the 'max_execution_time' ini option
+; does not stop script execution for some reason. A value of '0' means 'off'.
+; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
+; Default Value: 0
+;request_terminate_timeout = 0
+
+; The timeout set by 'request_terminate_timeout' ini option is not engaged after
+; application calls 'fastcgi_finish_request' or when application has finished and
+; shutdown functions are being called (registered via register_shutdown_function).
+; This option will enable timeout limit to be applied unconditionally
+; even in such cases.
+; Default Value: no
+;request_terminate_timeout_track_finished = no
+
+; Set open file descriptor rlimit.
+; Default Value: system defined value
+;rlimit_files = 1024
+
+; Set max core size rlimit.
+; Possible Values: 'unlimited' or an integer greater or equal to 0
+; Default Value: system defined value
+;rlimit_core = 0
+
+; Chroot to this directory at the start. This value must be defined as an
+; absolute path. When this value is not set, chroot is not used.
+; Note: you can prefix with '$prefix' to chroot to the pool prefix or one
+; of its subdirectories. If the pool prefix is not set, the global prefix
+; will be used instead.
+; Note: chrooting is a great security feature and should be used whenever
+;       possible. However, all PHP paths will be relative to the chroot
+;       (error_log, sessions.save_path, ...).
+; Default Value: not set
+;chroot =
+
+; Chdir to this directory at the start.
+; Note: relative path can be used.
+; Default Value: current directory or / when chroot
+;chdir = /var/www
+
+; Redirect worker stdout and stderr into main error log. If not set, stdout and
+; stderr will be redirected to /dev/null according to FastCGI specs.
+; Note: on highloaded environement, this can cause some delay in the page
+; process time (several ms).
+; Default Value: no
+;catch_workers_output = yes
+
+; Decorate worker output with prefix and suffix containing information about
+; the child that writes to the log and if stdout or stderr is used as well as
+; log level and time. This options is used only if catch_workers_output is yes.
+; Settings to "no" will output data as written to the stdout or stderr.
+; Default value: yes
+;decorate_workers_output = no
+
+; Clear environment in FPM workers
+; Prevents arbitrary environment variables from reaching FPM worker processes
+; by clearing the environment in workers before env vars specified in this
+; pool configuration are added.
+; Setting to "no" will make all environment variables available to PHP code
+; via getenv(), $_ENV and $_SERVER.
+; Default Value: yes
+;clear_env = no
+
+; Limits the extensions of the main script FPM will allow to parse. This can
+; prevent configuration mistakes on the web server side. You should only limit
+; FPM to .php extensions to prevent malicious users to use other extensions to
+; execute php code.
+; Note: set an empty value to allow all extensions.
+; Default Value: .php
+;security.limit_extensions = .php .php3 .php4 .php5 .php7
+
+; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
+; the current environment.
+; Default Value: clean env
+;env[HOSTNAME] = $HOSTNAME
+;env[PATH] = /usr/local/bin:/usr/bin:/bin
+;env[TMP] = /tmp
+;env[TMPDIR] = /tmp
+;env[TEMP] = /tmp
+
+; Additional php.ini defines, specific to this pool of workers. These settings
+; overwrite the values previously defined in the php.ini. The directives are the
+; same as the PHP SAPI:
+;   php_value/php_flag             - you can set classic ini defines which can
+;                                    be overwritten from PHP call 'ini_set'.
+;   php_admin_value/php_admin_flag - these directives won't be overwritten by
+;                                     PHP call 'ini_set'
+; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no.
+
+; Defining 'extension' will load the corresponding shared extension from
+; extension_dir. Defining 'disable_functions' or 'disable_classes' will not
+; overwrite previously defined php.ini values, but will append the new value
+; instead.
+
+; Note: path INI options can be relative and will be expanded with the prefix
+; (pool, global or /usr)
+
+; Default Value: nothing is defined by default except the values in php.ini and
+;                specified at startup with the -d argument
+;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com
+;php_flag[display_errors] = off
+;php_admin_value[error_log] = /var/log/fpm-php.www.log
+;php_admin_flag[log_errors] = on
+;php_admin_value[memory_limit] = 32M
diff --git a/src/deb/for-download/tools/default-pool.d/8.0/www.conf b/src/deb/for-download/tools/default-pool.d/8.0/www.conf
new file mode 100644
index 00000000..e21e6158
--- /dev/null
+++ b/src/deb/for-download/tools/default-pool.d/8.0/www.conf
@@ -0,0 +1,455 @@
+; Start a new pool named 'www'.
+; the variable $pool can be used in any directive and will be replaced by the
+; pool name ('www' here)
+[www]
+
+; Per pool prefix
+; It only applies on the following directives:
+; - 'access.log'
+; - 'slowlog'
+; - 'listen' (unixsocket)
+; - 'chroot'
+; - 'chdir'
+; - 'php_values'
+; - 'php_admin_values'
+; When not set, the global prefix (or /usr) applies instead.
+; Note: This directive can also be relative to the global prefix.
+; Default Value: none
+;prefix = /path/to/pools/$pool
+
+; Unix user/group of processes
+; Note: The user is mandatory. If the group is not set, the default user's group
+;       will be used.
+user = www-data
+group = www-data
+
+; The address on which to accept FastCGI requests.
+; Valid syntaxes are:
+;   'ip.add.re.ss:port'    - to listen on a TCP socket to a specific IPv4 address on
+;                            a specific port;
+;   '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
+;                            a specific port;
+;   'port'                 - to listen on a TCP socket to all addresses
+;                            (IPv6 and IPv4-mapped) on a specific port;
+;   '/path/to/unix/socket' - to listen on a unix socket.
+; Note: This value is mandatory.
+listen = /run/php/php8.0-fpm.sock
+
+; Set listen(2) backlog.
+; Default Value: 511 (-1 on FreeBSD and OpenBSD)
+;listen.backlog = 511
+
+; Set permissions for unix socket, if one is used. In Linux, read/write
+; permissions must be set in order to allow connections from a web server. Many
+; BSD-derived systems allow connections regardless of permissions. The owner
+; and group can be specified either by name or by their numeric IDs.
+; Default Values: user and group are set as the running user
+;                 mode is set to 0660
+listen.owner = www-data
+listen.group = www-data
+;listen.mode = 0660
+; When POSIX Access Control Lists are supported you can set them using
+; these options, value is a comma separated list of user/group names.
+; When set, listen.owner and listen.group are ignored
+;listen.acl_users =
+;listen.acl_groups =
+
+; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect.
+; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
+; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
+; must be separated by a comma. If this value is left blank, connections will be
+; accepted from any ip address.
+; Default Value: any
+;listen.allowed_clients = 127.0.0.1
+
+; Specify the nice(2) priority to apply to the pool processes (only if set)
+; The value can vary from -19 (highest priority) to 20 (lower priority)
+; Note: - It will only work if the FPM master process is launched as root
+;       - The pool processes will inherit the master process priority
+;         unless it specified otherwise
+; Default Value: no set
+; process.priority = -19
+
+; Set the process dumpable flag (PR_SET_DUMPABLE prctl) even if the process user
+; or group is different than the master process user. It allows to create process
+; core dump and ptrace the process for the pool user.
+; Default Value: no
+; process.dumpable = yes
+
+; Choose how the process manager will control the number of child processes.
+; Possible Values:
+;   static  - a fixed number (pm.max_children) of child processes;
+;   dynamic - the number of child processes are set dynamically based on the
+;             following directives. With this process management, there will be
+;             always at least 1 children.
+;             pm.max_children      - the maximum number of children that can
+;                                    be alive at the same time.
+;             pm.start_servers     - the number of children created on startup.
+;             pm.min_spare_servers - the minimum number of children in 'idle'
+;                                    state (waiting to process). If the number
+;                                    of 'idle' processes is less than this
+;                                    number then some children will be created.
+;             pm.max_spare_servers - the maximum number of children in 'idle'
+;                                    state (waiting to process). If the number
+;                                    of 'idle' processes is greater than this
+;                                    number then some children will be killed.
+;  ondemand - no children are created at startup. Children will be forked when
+;             new requests will connect. The following parameter are used:
+;             pm.max_children           - the maximum number of children that
+;                                         can be alive at the same time.
+;             pm.process_idle_timeout   - The number of seconds after which
+;                                         an idle process will be killed.
+; Note: This value is mandatory.
+pm = dynamic
+
+; The number of child processes to be created when pm is set to 'static' and the
+; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'.
+; This value sets the limit on the number of simultaneous requests that will be
+; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.
+; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP
+; CGI. The below defaults are based on a server without much resources. Don't
+; forget to tweak pm.* to fit your needs.
+; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand'
+; Note: This value is mandatory.
+pm.max_children = 5
+
+; The number of child processes created on startup.
+; Note: Used only when pm is set to 'dynamic'
+; Default Value: (min_spare_servers + max_spare_servers) / 2
+pm.start_servers = 2
+
+; The desired minimum number of idle server processes.
+; Note: Used only when pm is set to 'dynamic'
+; Note: Mandatory when pm is set to 'dynamic'
+pm.min_spare_servers = 1
+
+; The desired maximum number of idle server processes.
+; Note: Used only when pm is set to 'dynamic'
+; Note: Mandatory when pm is set to 'dynamic'
+pm.max_spare_servers = 3
+
+; The number of seconds after which an idle process will be killed.
+; Note: Used only when pm is set to 'ondemand'
+; Default Value: 10s
+;pm.process_idle_timeout = 10s;
+
+; The number of requests each child process should execute before respawning.
+; This can be useful to work around memory leaks in 3rd party libraries. For
+; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
+; Default Value: 0
+;pm.max_requests = 500
+
+; The URI to view the FPM status page. If this value is not set, no URI will be
+; recognized as a status page. It shows the following information:
+;   pool                 - the name of the pool;
+;   process manager      - static, dynamic or ondemand;
+;   start time           - the date and time FPM has started;
+;   start since          - number of seconds since FPM has started;
+;   accepted conn        - the number of request accepted by the pool;
+;   listen queue         - the number of request in the queue of pending
+;                          connections (see backlog in listen(2));
+;   max listen queue     - the maximum number of requests in the queue
+;                          of pending connections since FPM has started;
+;   listen queue len     - the size of the socket queue of pending connections;
+;   idle processes       - the number of idle processes;
+;   active processes     - the number of active processes;
+;   total processes      - the number of idle + active processes;
+;   max active processes - the maximum number of active processes since FPM
+;                          has started;
+;   max children reached - number of times, the process limit has been reached,
+;                          when pm tries to start more children (works only for
+;                          pm 'dynamic' and 'ondemand');
+; Value are updated in real time.
+; Example output:
+;   pool:                 www
+;   process manager:      static
+;   start time:           01/Jul/2011:17:53:49 +0200
+;   start since:          62636
+;   accepted conn:        190460
+;   listen queue:         0
+;   max listen queue:     1
+;   listen queue len:     42
+;   idle processes:       4
+;   active processes:     11
+;   total processes:      15
+;   max active processes: 12
+;   max children reached: 0
+;
+; By default the status page output is formatted as text/plain. Passing either
+; 'html', 'xml' or 'json' in the query string will return the corresponding
+; output syntax. Example:
+;   http://www.foo.bar/status
+;   http://www.foo.bar/status?json
+;   http://www.foo.bar/status?html
+;   http://www.foo.bar/status?xml
+;
+; By default the status page only outputs short status. Passing 'full' in the
+; query string will also return status for each pool process.
+; Example:
+;   http://www.foo.bar/status?full
+;   http://www.foo.bar/status?json&full
+;   http://www.foo.bar/status?html&full
+;   http://www.foo.bar/status?xml&full
+; The Full status returns for each process:
+;   pid                  - the PID of the process;
+;   state                - the state of the process (Idle, Running, ...);
+;   start time           - the date and time the process has started;
+;   start since          - the number of seconds since the process has started;
+;   requests             - the number of requests the process has served;
+;   request duration     - the duration in µs of the requests;
+;   request method       - the request method (GET, POST, ...);
+;   request URI          - the request URI with the query string;
+;   content length       - the content length of the request (only with POST);
+;   user                 - the user (PHP_AUTH_USER) (or '-' if not set);
+;   script               - the main script called (or '-' if not set);
+;   last request cpu     - the %cpu the last request consumed
+;                          it's always 0 if the process is not in Idle state
+;                          because CPU calculation is done when the request
+;                          processing has terminated;
+;   last request memory  - the max amount of memory the last request consumed
+;                          it's always 0 if the process is not in Idle state
+;                          because memory calculation is done when the request
+;                          processing has terminated;
+; If the process is in Idle state, then informations are related to the
+; last request the process has served. Otherwise informations are related to
+; the current request being served.
+; Example output:
+;   ************************
+;   pid:                  31330
+;   state:                Running
+;   start time:           01/Jul/2011:17:53:49 +0200
+;   start since:          63087
+;   requests:             12808
+;   request duration:     1250261
+;   request method:       GET
+;   request URI:          /test_mem.php?N=10000
+;   content length:       0
+;   user:                 -
+;   script:               /home/fat/web/docs/php/test_mem.php
+;   last request cpu:     0.00
+;   last request memory:  0
+;
+; Note: There is a real-time FPM status monitoring sample web page available
+;       It's available in: /usr/share/php/8.0/fpm/status.html
+;
+; Note: The value must start with a leading slash (/). The value can be
+;       anything, but it may not be a good idea to use the .php extension or it
+;       may conflict with a real PHP file.
+; Default Value: not set
+;pm.status_path = /status
+
+; The address on which to accept FastCGI status request. This creates a new
+; invisible pool that can handle requests independently. This is useful
+; if the main pool is busy with long running requests because it is still possible
+; to get the status before finishing the long running requests.
+;
+; Valid syntaxes are:
+;   'ip.add.re.ss:port'    - to listen on a TCP socket to a specific IPv4 address on
+;                            a specific port;
+;   '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
+;                            a specific port;
+;   'port'                 - to listen on a TCP socket to all addresses
+;                            (IPv6 and IPv4-mapped) on a specific port;
+;   '/path/to/unix/socket' - to listen on a unix socket.
+; Default Value: value of the listen option
+;pm.status_listen = 127.0.0.1:9001
+
+; The ping URI to call the monitoring page of FPM. If this value is not set, no
+; URI will be recognized as a ping page. This could be used to test from outside
+; that FPM is alive and responding, or to
+; - create a graph of FPM availability (rrd or such);
+; - remove a server from a group if it is not responding (load balancing);
+; - trigger alerts for the operating team (24/7).
+; Note: The value must start with a leading slash (/). The value can be
+;       anything, but it may not be a good idea to use the .php extension or it
+;       may conflict with a real PHP file.
+; Default Value: not set
+;ping.path = /ping
+
+; This directive may be used to customize the response of a ping request. The
+; response is formatted as text/plain with a 200 response code.
+; Default Value: pong
+;ping.response = pong
+
+; The access log file
+; Default: not set
+;access.log = log/$pool.access.log
+
+; The access log format.
+; The following syntax is allowed
+;  %%: the '%' character
+;  %C: %CPU used by the request
+;      it can accept the following format:
+;      - %{user}C for user CPU only
+;      - %{system}C for system CPU only
+;      - %{total}C  for user + system CPU (default)
+;  %d: time taken to serve the request
+;      it can accept the following format:
+;      - %{seconds}d (default)
+;      - %{milliseconds}d
+;      - %{mili}d
+;      - %{microseconds}d
+;      - %{micro}d
+;  %e: an environment variable (same as $_ENV or $_SERVER)
+;      it must be associated with embraces to specify the name of the env
+;      variable. Some examples:
+;      - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e
+;      - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e
+;  %f: script filename
+;  %l: content-length of the request (for POST request only)
+;  %m: request method
+;  %M: peak of memory allocated by PHP
+;      it can accept the following format:
+;      - %{bytes}M (default)
+;      - %{kilobytes}M
+;      - %{kilo}M
+;      - %{megabytes}M
+;      - %{mega}M
+;  %n: pool name
+;  %o: output header
+;      it must be associated with embraces to specify the name of the header:
+;      - %{Content-Type}o
+;      - %{X-Powered-By}o
+;      - %{Transfert-Encoding}o
+;      - ....
+;  %p: PID of the child that serviced the request
+;  %P: PID of the parent of the child that serviced the request
+;  %q: the query string
+;  %Q: the '?' character if query string exists
+;  %r: the request URI (without the query string, see %q and %Q)
+;  %R: remote IP address
+;  %s: status (response code)
+;  %t: server time the request was received
+;      it can accept a strftime(3) format:
+;      %d/%b/%Y:%H:%M:%S %z (default)
+;      The strftime(3) format must be encapsuled in a %{}t tag
+;      e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
+;  %T: time the log has been written (the request has finished)
+;      it can accept a strftime(3) format:
+;      %d/%b/%Y:%H:%M:%S %z (default)
+;      The strftime(3) format must be encapsuled in a %{}t tag
+;      e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
+;  %u: remote user
+;
+; Default: "%R - %u %t \"%m %r\" %s"
+;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{mili}d %{kilo}M %C%%"
+
+; The log file for slow requests
+; Default Value: not set
+; Note: slowlog is mandatory if request_slowlog_timeout is set
+;slowlog = log/$pool.log.slow
+
+; The timeout for serving a single request after which a PHP backtrace will be
+; dumped to the 'slowlog' file. A value of '0s' means 'off'.
+; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
+; Default Value: 0
+;request_slowlog_timeout = 0
+
+; Depth of slow log stack trace.
+; Default Value: 20
+;request_slowlog_trace_depth = 20
+
+; The timeout for serving a single request after which the worker process will
+; be killed. This option should be used when the 'max_execution_time' ini option
+; does not stop script execution for some reason. A value of '0' means 'off'.
+; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
+; Default Value: 0
+;request_terminate_timeout = 0
+
+; The timeout set by 'request_terminate_timeout' ini option is not engaged after
+; application calls 'fastcgi_finish_request' or when application has finished and
+; shutdown functions are being called (registered via register_shutdown_function).
+; This option will enable timeout limit to be applied unconditionally
+; even in such cases.
+; Default Value: no
+;request_terminate_timeout_track_finished = no
+
+; Set open file descriptor rlimit.
+; Default Value: system defined value
+;rlimit_files = 1024
+
+; Set max core size rlimit.
+; Possible Values: 'unlimited' or an integer greater or equal to 0
+; Default Value: system defined value
+;rlimit_core = 0
+
+; Chroot to this directory at the start. This value must be defined as an
+; absolute path. When this value is not set, chroot is not used.
+; Note: you can prefix with '$prefix' to chroot to the pool prefix or one
+; of its subdirectories. If the pool prefix is not set, the global prefix
+; will be used instead.
+; Note: chrooting is a great security feature and should be used whenever
+;       possible. However, all PHP paths will be relative to the chroot
+;       (error_log, sessions.save_path, ...).
+; Default Value: not set
+;chroot =
+
+; Chdir to this directory at the start.
+; Note: relative path can be used.
+; Default Value: current directory or / when chroot
+;chdir = /var/www
+
+; Redirect worker stdout and stderr into main error log. If not set, stdout and
+; stderr will be redirected to /dev/null according to FastCGI specs.
+; Note: on highloaded environment, this can cause some delay in the page
+; process time (several ms).
+; Default Value: no
+;catch_workers_output = yes
+
+; Decorate worker output with prefix and suffix containing information about
+; the child that writes to the log and if stdout or stderr is used as well as
+; log level and time. This options is used only if catch_workers_output is yes.
+; Settings to "no" will output data as written to the stdout or stderr.
+; Default value: yes
+;decorate_workers_output = no
+
+; Clear environment in FPM workers
+; Prevents arbitrary environment variables from reaching FPM worker processes
+; by clearing the environment in workers before env vars specified in this
+; pool configuration are added.
+; Setting to "no" will make all environment variables available to PHP code
+; via getenv(), $_ENV and $_SERVER.
+; Default Value: yes
+;clear_env = no
+
+; Limits the extensions of the main script FPM will allow to parse. This can
+; prevent configuration mistakes on the web server side. You should only limit
+; FPM to .php extensions to prevent malicious users to use other extensions to
+; execute php code.
+; Note: set an empty value to allow all extensions.
+; Default Value: .php
+;security.limit_extensions = .php .php3 .php4 .php5 .php7
+
+; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
+; the current environment.
+; Default Value: clean env
+;env[HOSTNAME] = $HOSTNAME
+;env[PATH] = /usr/local/bin:/usr/bin:/bin
+;env[TMP] = /tmp
+;env[TMPDIR] = /tmp
+;env[TEMP] = /tmp
+
+; Additional php.ini defines, specific to this pool of workers. These settings
+; overwrite the values previously defined in the php.ini. The directives are the
+; same as the PHP SAPI:
+;   php_value/php_flag             - you can set classic ini defines which can
+;                                    be overwritten from PHP call 'ini_set'.
+;   php_admin_value/php_admin_flag - these directives won't be overwritten by
+;                                     PHP call 'ini_set'
+; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no.
+
+; Defining 'extension' will load the corresponding shared extension from
+; extension_dir. Defining 'disable_functions' or 'disable_classes' will not
+; overwrite previously defined php.ini values, but will append the new value
+; instead.
+
+; Note: path INI options can be relative and will be expanded with the prefix
+; (pool, global or /usr)
+
+; Default Value: nothing is defined by default except the values in php.ini and
+;                specified at startup with the -d argument
+;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com
+;php_flag[display_errors] = off
+;php_admin_value[error_log] = /var/log/fpm-php.www.log
+;php_admin_flag[log_errors] = on
+;php_admin_value[memory_limit] = 32M
diff --git a/src/deb/for-download/tools/default-pool.d/8.1/www.conf b/src/deb/for-download/tools/default-pool.d/8.1/www.conf
new file mode 100644
index 00000000..5278cea0
--- /dev/null
+++ b/src/deb/for-download/tools/default-pool.d/8.1/www.conf
@@ -0,0 +1,463 @@
+; Start a new pool named 'www'.
+; the variable $pool can be used in any directive and will be replaced by the
+; pool name ('www' here)
+[www]
+
+; Per pool prefix
+; It only applies on the following directives:
+; - 'access.log'
+; - 'slowlog'
+; - 'listen' (unixsocket)
+; - 'chroot'
+; - 'chdir'
+; - 'php_values'
+; - 'php_admin_values'
+; When not set, the global prefix (or /usr) applies instead.
+; Note: This directive can also be relative to the global prefix.
+; Default Value: none
+;prefix = /path/to/pools/$pool
+
+; Unix user/group of processes
+; Note: The user is mandatory. If the group is not set, the default user's group
+;       will be used.
+user = www-data
+group = www-data
+
+; The address on which to accept FastCGI requests.
+; Valid syntaxes are:
+;   'ip.add.re.ss:port'    - to listen on a TCP socket to a specific IPv4 address on
+;                            a specific port;
+;   '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
+;                            a specific port;
+;   'port'                 - to listen on a TCP socket to all addresses
+;                            (IPv6 and IPv4-mapped) on a specific port;
+;   '/path/to/unix/socket' - to listen on a unix socket.
+; Note: This value is mandatory.
+listen = /run/php/php8.1-fpm.sock
+
+; Set listen(2) backlog.
+; Default Value: 511 (-1 on FreeBSD and OpenBSD)
+;listen.backlog = 511
+
+; Set permissions for unix socket, if one is used. In Linux, read/write
+; permissions must be set in order to allow connections from a web server. Many
+; BSD-derived systems allow connections regardless of permissions. The owner
+; and group can be specified either by name or by their numeric IDs.
+; Default Values: user and group are set as the running user
+;                 mode is set to 0660
+listen.owner = www-data
+listen.group = www-data
+;listen.mode = 0660
+; When POSIX Access Control Lists are supported you can set them using
+; these options, value is a comma separated list of user/group names.
+; When set, listen.owner and listen.group are ignored
+;listen.acl_users =
+;listen.acl_groups =
+
+; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect.
+; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
+; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
+; must be separated by a comma. If this value is left blank, connections will be
+; accepted from any ip address.
+; Default Value: any
+;listen.allowed_clients = 127.0.0.1
+
+; Specify the nice(2) priority to apply to the pool processes (only if set)
+; The value can vary from -19 (highest priority) to 20 (lower priority)
+; Note: - It will only work if the FPM master process is launched as root
+;       - The pool processes will inherit the master process priority
+;         unless it specified otherwise
+; Default Value: no set
+; process.priority = -19
+
+; Set the process dumpable flag (PR_SET_DUMPABLE prctl) even if the process user
+; or group is different than the master process user. It allows to create process
+; core dump and ptrace the process for the pool user.
+; Default Value: no
+; process.dumpable = yes
+
+; Choose how the process manager will control the number of child processes.
+; Possible Values:
+;   static  - a fixed number (pm.max_children) of child processes;
+;   dynamic - the number of child processes are set dynamically based on the
+;             following directives. With this process management, there will be
+;             always at least 1 children.
+;             pm.max_children      - the maximum number of children that can
+;                                    be alive at the same time.
+;             pm.start_servers     - the number of children created on startup.
+;             pm.min_spare_servers - the minimum number of children in 'idle'
+;                                    state (waiting to process). If the number
+;                                    of 'idle' processes is less than this
+;                                    number then some children will be created.
+;             pm.max_spare_servers - the maximum number of children in 'idle'
+;                                    state (waiting to process). If the number
+;                                    of 'idle' processes is greater than this
+;                                    number then some children will be killed.
+;             pm.max_spawn_rate    - the maximum number of rate to spawn child
+;                                    processes at once.
+;  ondemand - no children are created at startup. Children will be forked when
+;             new requests will connect. The following parameter are used:
+;             pm.max_children           - the maximum number of children that
+;                                         can be alive at the same time.
+;             pm.process_idle_timeout   - The number of seconds after which
+;                                         an idle process will be killed.
+; Note: This value is mandatory.
+pm = dynamic
+
+; The number of child processes to be created when pm is set to 'static' and the
+; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'.
+; This value sets the limit on the number of simultaneous requests that will be
+; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.
+; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP
+; CGI. The below defaults are based on a server without much resources. Don't
+; forget to tweak pm.* to fit your needs.
+; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand'
+; Note: This value is mandatory.
+pm.max_children = 5
+
+; The number of child processes created on startup.
+; Note: Used only when pm is set to 'dynamic'
+; Default Value: (min_spare_servers + max_spare_servers) / 2
+pm.start_servers = 2
+
+; The desired minimum number of idle server processes.
+; Note: Used only when pm is set to 'dynamic'
+; Note: Mandatory when pm is set to 'dynamic'
+pm.min_spare_servers = 1
+
+; The desired maximum number of idle server processes.
+; Note: Used only when pm is set to 'dynamic'
+; Note: Mandatory when pm is set to 'dynamic'
+pm.max_spare_servers = 3
+
+; The number of rate to spawn child processes at once.
+; Note: Used only when pm is set to 'dynamic'
+; Note: Mandatory when pm is set to 'dynamic'
+; Default Value: 32
+;pm.max_spawn_rate = 32
+
+; The number of seconds after which an idle process will be killed.
+; Note: Used only when pm is set to 'ondemand'
+; Default Value: 10s
+;pm.process_idle_timeout = 10s;
+
+; The number of requests each child process should execute before respawning.
+; This can be useful to work around memory leaks in 3rd party libraries. For
+; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
+; Default Value: 0
+;pm.max_requests = 500
+
+; The URI to view the FPM status page. If this value is not set, no URI will be
+; recognized as a status page. It shows the following information:
+;   pool                 - the name of the pool;
+;   process manager      - static, dynamic or ondemand;
+;   start time           - the date and time FPM has started;
+;   start since          - number of seconds since FPM has started;
+;   accepted conn        - the number of request accepted by the pool;
+;   listen queue         - the number of request in the queue of pending
+;                          connections (see backlog in listen(2));
+;   max listen queue     - the maximum number of requests in the queue
+;                          of pending connections since FPM has started;
+;   listen queue len     - the size of the socket queue of pending connections;
+;   idle processes       - the number of idle processes;
+;   active processes     - the number of active processes;
+;   total processes      - the number of idle + active processes;
+;   max active processes - the maximum number of active processes since FPM
+;                          has started;
+;   max children reached - number of times, the process limit has been reached,
+;                          when pm tries to start more children (works only for
+;                          pm 'dynamic' and 'ondemand');
+; Value are updated in real time.
+; Example output:
+;   pool:                 www
+;   process manager:      static
+;   start time:           01/Jul/2011:17:53:49 +0200
+;   start since:          62636
+;   accepted conn:        190460
+;   listen queue:         0
+;   max listen queue:     1
+;   listen queue len:     42
+;   idle processes:       4
+;   active processes:     11
+;   total processes:      15
+;   max active processes: 12
+;   max children reached: 0
+;
+; By default the status page output is formatted as text/plain. Passing either
+; 'html', 'xml' or 'json' in the query string will return the corresponding
+; output syntax. Example:
+;   http://www.foo.bar/status
+;   http://www.foo.bar/status?json
+;   http://www.foo.bar/status?html
+;   http://www.foo.bar/status?xml
+;
+; By default the status page only outputs short status. Passing 'full' in the
+; query string will also return status for each pool process.
+; Example:
+;   http://www.foo.bar/status?full
+;   http://www.foo.bar/status?json&full
+;   http://www.foo.bar/status?html&full
+;   http://www.foo.bar/status?xml&full
+; The Full status returns for each process:
+;   pid                  - the PID of the process;
+;   state                - the state of the process (Idle, Running, ...);
+;   start time           - the date and time the process has started;
+;   start since          - the number of seconds since the process has started;
+;   requests             - the number of requests the process has served;
+;   request duration     - the duration in µs of the requests;
+;   request method       - the request method (GET, POST, ...);
+;   request URI          - the request URI with the query string;
+;   content length       - the content length of the request (only with POST);
+;   user                 - the user (PHP_AUTH_USER) (or '-' if not set);
+;   script               - the main script called (or '-' if not set);
+;   last request cpu     - the %cpu the last request consumed
+;                          it's always 0 if the process is not in Idle state
+;                          because CPU calculation is done when the request
+;                          processing has terminated;
+;   last request memory  - the max amount of memory the last request consumed
+;                          it's always 0 if the process is not in Idle state
+;                          because memory calculation is done when the request
+;                          processing has terminated;
+; If the process is in Idle state, then informations are related to the
+; last request the process has served. Otherwise informations are related to
+; the current request being served.
+; Example output:
+;   ************************
+;   pid:                  31330
+;   state:                Running
+;   start time:           01/Jul/2011:17:53:49 +0200
+;   start since:          63087
+;   requests:             12808
+;   request duration:     1250261
+;   request method:       GET
+;   request URI:          /test_mem.php?N=10000
+;   content length:       0
+;   user:                 -
+;   script:               /home/fat/web/docs/php/test_mem.php
+;   last request cpu:     0.00
+;   last request memory:  0
+;
+; Note: There is a real-time FPM status monitoring sample web page available
+;       It's available in: /usr/share/php/8.1/fpm/status.html
+;
+; Note: The value must start with a leading slash (/). The value can be
+;       anything, but it may not be a good idea to use the .php extension or it
+;       may conflict with a real PHP file.
+; Default Value: not set
+;pm.status_path = /status
+
+; The address on which to accept FastCGI status request. This creates a new
+; invisible pool that can handle requests independently. This is useful
+; if the main pool is busy with long running requests because it is still possible
+; to get the status before finishing the long running requests.
+;
+; Valid syntaxes are:
+;   'ip.add.re.ss:port'    - to listen on a TCP socket to a specific IPv4 address on
+;                            a specific port;
+;   '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
+;                            a specific port;
+;   'port'                 - to listen on a TCP socket to all addresses
+;                            (IPv6 and IPv4-mapped) on a specific port;
+;   '/path/to/unix/socket' - to listen on a unix socket.
+; Default Value: value of the listen option
+;pm.status_listen = 127.0.0.1:9001
+
+; The ping URI to call the monitoring page of FPM. If this value is not set, no
+; URI will be recognized as a ping page. This could be used to test from outside
+; that FPM is alive and responding, or to
+; - create a graph of FPM availability (rrd or such);
+; - remove a server from a group if it is not responding (load balancing);
+; - trigger alerts for the operating team (24/7).
+; Note: The value must start with a leading slash (/). The value can be
+;       anything, but it may not be a good idea to use the .php extension or it
+;       may conflict with a real PHP file.
+; Default Value: not set
+;ping.path = /ping
+
+; This directive may be used to customize the response of a ping request. The
+; response is formatted as text/plain with a 200 response code.
+; Default Value: pong
+;ping.response = pong
+
+; The access log file
+; Default: not set
+;access.log = log/$pool.access.log
+
+; The access log format.
+; The following syntax is allowed
+;  %%: the '%' character
+;  %C: %CPU used by the request
+;      it can accept the following format:
+;      - %{user}C for user CPU only
+;      - %{system}C for system CPU only
+;      - %{total}C  for user + system CPU (default)
+;  %d: time taken to serve the request
+;      it can accept the following format:
+;      - %{seconds}d (default)
+;      - %{milliseconds}d
+;      - %{milli}d
+;      - %{microseconds}d
+;      - %{micro}d
+;  %e: an environment variable (same as $_ENV or $_SERVER)
+;      it must be associated with embraces to specify the name of the env
+;      variable. Some examples:
+;      - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e
+;      - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e
+;  %f: script filename
+;  %l: content-length of the request (for POST request only)
+;  %m: request method
+;  %M: peak of memory allocated by PHP
+;      it can accept the following format:
+;      - %{bytes}M (default)
+;      - %{kilobytes}M
+;      - %{kilo}M
+;      - %{megabytes}M
+;      - %{mega}M
+;  %n: pool name
+;  %o: output header
+;      it must be associated with embraces to specify the name of the header:
+;      - %{Content-Type}o
+;      - %{X-Powered-By}o
+;      - %{Transfert-Encoding}o
+;      - ....
+;  %p: PID of the child that serviced the request
+;  %P: PID of the parent of the child that serviced the request
+;  %q: the query string
+;  %Q: the '?' character if query string exists
+;  %r: the request URI (without the query string, see %q and %Q)
+;  %R: remote IP address
+;  %s: status (response code)
+;  %t: server time the request was received
+;      it can accept a strftime(3) format:
+;      %d/%b/%Y:%H:%M:%S %z (default)
+;      The strftime(3) format must be encapsulated in a %{}t tag
+;      e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
+;  %T: time the log has been written (the request has finished)
+;      it can accept a strftime(3) format:
+;      %d/%b/%Y:%H:%M:%S %z (default)
+;      The strftime(3) format must be encapsulated in a %{}t tag
+;      e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
+;  %u: remote user
+;
+; Default: "%R - %u %t \"%m %r\" %s"
+;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{milli}d %{kilo}M %C%%"
+
+; The log file for slow requests
+; Default Value: not set
+; Note: slowlog is mandatory if request_slowlog_timeout is set
+;slowlog = log/$pool.log.slow
+
+; The timeout for serving a single request after which a PHP backtrace will be
+; dumped to the 'slowlog' file. A value of '0s' means 'off'.
+; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
+; Default Value: 0
+;request_slowlog_timeout = 0
+
+; Depth of slow log stack trace.
+; Default Value: 20
+;request_slowlog_trace_depth = 20
+
+; The timeout for serving a single request after which the worker process will
+; be killed. This option should be used when the 'max_execution_time' ini option
+; does not stop script execution for some reason. A value of '0' means 'off'.
+; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
+; Default Value: 0
+;request_terminate_timeout = 0
+
+; The timeout set by 'request_terminate_timeout' ini option is not engaged after
+; application calls 'fastcgi_finish_request' or when application has finished and
+; shutdown functions are being called (registered via register_shutdown_function).
+; This option will enable timeout limit to be applied unconditionally
+; even in such cases.
+; Default Value: no
+;request_terminate_timeout_track_finished = no
+
+; Set open file descriptor rlimit.
+; Default Value: system defined value
+;rlimit_files = 1024
+
+; Set max core size rlimit.
+; Possible Values: 'unlimited' or an integer greater or equal to 0
+; Default Value: system defined value
+;rlimit_core = 0
+
+; Chroot to this directory at the start. This value must be defined as an
+; absolute path. When this value is not set, chroot is not used.
+; Note: you can prefix with '$prefix' to chroot to the pool prefix or one
+; of its subdirectories. If the pool prefix is not set, the global prefix
+; will be used instead.
+; Note: chrooting is a great security feature and should be used whenever
+;       possible. However, all PHP paths will be relative to the chroot
+;       (error_log, sessions.save_path, ...).
+; Default Value: not set
+;chroot =
+
+; Chdir to this directory at the start.
+; Note: relative path can be used.
+; Default Value: current directory or / when chroot
+;chdir = /var/www
+
+; Redirect worker stdout and stderr into main error log. If not set, stdout and
+; stderr will be redirected to /dev/null according to FastCGI specs.
+; Note: on highloaded environment, this can cause some delay in the page
+; process time (several ms).
+; Default Value: no
+;catch_workers_output = yes
+
+; Decorate worker output with prefix and suffix containing information about
+; the child that writes to the log and if stdout or stderr is used as well as
+; log level and time. This options is used only if catch_workers_output is yes.
+; Settings to "no" will output data as written to the stdout or stderr.
+; Default value: yes
+;decorate_workers_output = no
+
+; Clear environment in FPM workers
+; Prevents arbitrary environment variables from reaching FPM worker processes
+; by clearing the environment in workers before env vars specified in this
+; pool configuration are added.
+; Setting to "no" will make all environment variables available to PHP code
+; via getenv(), $_ENV and $_SERVER.
+; Default Value: yes
+;clear_env = no
+
+; Limits the extensions of the main script FPM will allow to parse. This can
+; prevent configuration mistakes on the web server side. You should only limit
+; FPM to .php extensions to prevent malicious users to use other extensions to
+; execute php code.
+; Note: set an empty value to allow all extensions.
+; Default Value: .php
+;security.limit_extensions = .php .php3 .php4 .php5 .php7
+
+; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
+; the current environment.
+; Default Value: clean env
+;env[HOSTNAME] = $HOSTNAME
+;env[PATH] = /usr/local/bin:/usr/bin:/bin
+;env[TMP] = /tmp
+;env[TMPDIR] = /tmp
+;env[TEMP] = /tmp
+
+; Additional php.ini defines, specific to this pool of workers. These settings
+; overwrite the values previously defined in the php.ini. The directives are the
+; same as the PHP SAPI:
+;   php_value/php_flag             - you can set classic ini defines which can
+;                                    be overwritten from PHP call 'ini_set'.
+;   php_admin_value/php_admin_flag - these directives won't be overwritten by
+;                                     PHP call 'ini_set'
+; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no.
+
+; Defining 'extension' will load the corresponding shared extension from
+; extension_dir. Defining 'disable_functions' or 'disable_classes' will not
+; overwrite previously defined php.ini values, but will append the new value
+; instead.
+
+; Note: path INI options can be relative and will be expanded with the prefix
+; (pool, global or /usr)
+
+; Default Value: nothing is defined by default except the values in php.ini and
+;                specified at startup with the -d argument
+;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com
+;php_flag[display_errors] = off
+;php_admin_value[error_log] = /var/log/fpm-php.www.log
+;php_admin_flag[log_errors] = on
+;php_admin_value[memory_limit] = 32M

From c7b872b7787c38b89cc2683b2abf369bb920c024 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 12 Dec 2021 16:28:16 +0100
Subject: [PATCH 1638/2300] check_if_service_exists() function

---
 func/main.sh | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/func/main.sh b/func/main.sh
index a92bb59a..69737c72 100644
--- a/func/main.sh
+++ b/func/main.sh
@@ -1114,3 +1114,11 @@ send_email_to_admin() {
     fi
     echo "$2" | $SENDMAIL -s "$1" "$email" 'yes'
 }
+
+check_if_service_exists() {
+    if [ $(systemctl list-units --all -t service --full --no-legend | grep -c "$1") -gt 0 ]; then
+        echo "1"
+    else
+        echo "0"
+    fi
+}

From 77de50a6cd759b0ded4b67f9b5a0dcf522af92b2 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 12 Dec 2021 16:31:21 +0100
Subject: [PATCH 1639/2300] Create v-ensure-poold-folders-not-empty

---
 bin/v-ensure-poold-folders-not-empty | 31 ++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100644 bin/v-ensure-poold-folders-not-empty

diff --git a/bin/v-ensure-poold-folders-not-empty b/bin/v-ensure-poold-folders-not-empty
new file mode 100644
index 00000000..cb89765f
--- /dev/null
+++ b/bin/v-ensure-poold-folders-not-empty
@@ -0,0 +1,31 @@
+#!/bin/bash
+# info: ensure that pool.d folders are not empty
+# options: 
+#
+# The function ensure that pool.d folders are not empty
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Includes
+source $VESTA/func/main.sh
+source $VESTA/func/domain.sh
+
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+ensure_poold_folders_not_empty
+
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+# Logging
+log_event "$OK" "$ARGUMENTS"
+
+exit

From 3c17e159a1ceafd88c627381d29e6608e462f899 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 12 Dec 2021 16:49:24 +0100
Subject: [PATCH 1640/2300] Ensure that pool.d folders are not empty

---
 func/domain.sh | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

diff --git a/func/domain.sh b/func/domain.sh
index 6bd05b91..9310e9c4 100644
--- a/func/domain.sh
+++ b/func/domain.sh
@@ -590,3 +590,28 @@ is_domain_new() {
 get_domain_values() {
     eval $(grep "DOMAIN='$domain'" $USER_DATA/$1.conf)
 }
+
+# Ensure that pool.d folders are not empty
+ensure_poold_folders_not_empty () {
+    for D in /etc/php/*; do
+        if [ -d "${D}" ]; then
+            BD=$(basename ${D})
+            POOLD="${D}/fpm/pool.d"
+            if [ -d "$POOLD" ]; then
+                # echo $POOLD
+                # service_to_check="php${BD}-fpm"
+                # service_exists=$(check_if_service_exists $service_to_check)
+                # if [ $service_exists -eq 1 ]; then
+                    # echo "$BD = $service_to_check = $POOLD = $service_exists"
+                    ls=$(ls $POOLD | grep -c '.conf')
+                    if [ $ls -eq 0 ]; then
+                        # echo "$BD = $POOLD = $ls"
+                        if [ -f "/usr/local/vesta/src/deb/for-download/tools/default-pool.d/$BD/www.conf" ] && [ ! -f "/etc/php/$BD/fpm/pool.d/www.conf" ]; then
+                            cp /usr/local/vesta/src/deb/for-download/tools/default-pool.d/$BD/www.conf /etc/php/$BD/fpm/pool.d/www.conf
+                        fi
+                    fi
+                # fi
+            fi
+        fi
+    done
+}

From 9c04bb8417530d31713b0efac416715ea832ad4c Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 12 Dec 2021 17:25:19 +0100
Subject: [PATCH 1641/2300] Ensure pool.d folders after template changes

---
 func/domain.sh | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/func/domain.sh b/func/domain.sh
index 9310e9c4..f2a45e71 100644
--- a/func/domain.sh
+++ b/func/domain.sh
@@ -225,6 +225,10 @@ add_web_config() {
             $user $domain $local_ip $HOMEDIR \
             $HOMEDIR/$user/web/$domain/public_html
     fi
+
+    if [[ "$2" =~ ^PHP-FPM ]]; then
+        ensure_poold_folders_not_empty
+    fi
 }
 
 # Get config top and bottom line number

From 353526d2897944357275b734c9a410843528ab83 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 12 Dec 2021 17:31:50 +0100
Subject: [PATCH 1642/2300] Update postinst

---
 src/deb/vesta/postinst | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index d06501bd..de6fa3b0 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -15,6 +15,8 @@ if [ ! -e "/usr/local/vesta/data/users/admin" ]; then
     exit
 fi
 
+/usr/local/vesta/bin/v-ensure-poold-folders-not-empty
+
 if [ ! -d "/usr/local/vesta/data/upgrades" ]; then
     mkdir -p /usr/local/vesta/data/upgrades
 fi

From 3b9d81bc807039483282348abebf9e184e1725cc Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 12 Dec 2021 17:32:45 +0100
Subject: [PATCH 1643/2300] Version 0.9.8-26-53

---
 src/deb/latest.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/latest.txt b/src/deb/latest.txt
index e61c21d3..1fa6aa49 100644
--- a/src/deb/latest.txt
+++ b/src/deb/latest.txt
@@ -1 +1 @@
-vesta-0.9.8-26-52
+vesta-0.9.8-26-53

From 5631e6d732b89ca215ee790321f67bf19f8f25bc Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 12 Dec 2021 17:35:18 +0100
Subject: [PATCH 1644/2300] Update Changelog.md

---
 Changelog.md | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/Changelog.md b/Changelog.md
index 9e9a1390..ca274724 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -1,3 +1,8 @@
+Version 0.9.8-26-53 [12-Dec-2021]
+==================================================
+* Support for PHP 8.1
+* Function to ensure that pool.d folders are not empty
+
 Version 0.9.8-26-52 [23-Nov-2021]
 ==================================================
 * Fix for not to match wildcard "*domains" and "databases*" while restoring

From c03d8cd75eab317feb7e0753b40a6c6c3ddfe9af Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 12 Dec 2021 19:25:40 +0100
Subject: [PATCH 1645/2300] PHP-FPM 8.1 templates

---
 .../tools/apache-fpm-tpl/PHP-FPM-81-public.sh | 112 ++++++++++++++++++
 .../apache-fpm-tpl/PHP-FPM-81-public.stpl     |  44 +++++++
 .../apache-fpm-tpl/PHP-FPM-81-public.tpl      |  38 ++++++
 .../tools/apache-fpm-tpl/PHP-FPM-81.sh        | 112 ++++++++++++++++++
 .../tools/apache-fpm-tpl/PHP-FPM-81.stpl      |  44 +++++++
 .../tools/apache-fpm-tpl/PHP-FPM-81.tpl       |  38 ++++++
 6 files changed, 388 insertions(+)
 create mode 100644 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81-public.sh
 create mode 100644 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81-public.stpl
 create mode 100644 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81-public.tpl
 create mode 100644 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81.sh
 create mode 100644 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81.stpl
 create mode 100644 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81.tpl

diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81-public.sh b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81-public.sh
new file mode 100644
index 00000000..67c8ccfb
--- /dev/null
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81-public.sh
@@ -0,0 +1,112 @@
+#!/bin/bash
+# Adding php pool conf
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+pool_conf="[$2]
+
+listen = /run/php/php8.1-fpm-$2.sock
+listen.owner = $1
+listen.group = $1
+listen.mode = 0666
+
+user = $1
+group = $1
+
+pm = ondemand
+pm.max_children = 8
+request_terminate_timeout = 90s
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/$1/tmp
+php_admin_value[session.save_path] = /home/$1/tmp
+php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
+php_admin_value[upload_max_filesize] = 80M
+php_admin_value[max_execution_time] = 30
+php_admin_value[post_max_size] = 80M
+php_admin_value[memory_limit] = 256M
+php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
+php_admin_flag[mysql.allow_persistent] = off
+php_admin_flag[safe_mode] = off
+
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/$1/tmp
+env[TMPDIR] = /home/$1/tmp
+env[TEMP] = /home/$1/tmp
+"
+
+pool_file_56="/etc/php/5.6/fpm/pool.d/$2.conf"
+pool_file_70="/etc/php/7.0/fpm/pool.d/$2.conf"
+pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
+pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
+pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
+pool_file_74="/etc/php/7.4/fpm/pool.d/$2.conf"
+pool_file_80="/etc/php/8.0/fpm/pool.d/$2.conf"
+pool_file_81="/etc/php/8.1/fpm/pool.d/$2.conf"
+
+if [ -f "$pool_file_56" ]; then
+    rm $pool_file_56
+    systemctl reset-failed php5.6-fpm
+    systemctl restart php5.6-fpm
+fi
+
+if [ -f "$pool_file_70" ]; then
+    rm $pool_file_70
+    systemctl reset-failed php7.0-fpm
+    systemctl restart php7.0-fpm
+fi
+
+if [ -f "$pool_file_71" ]; then
+    rm $pool_file_71
+    systemctl reset-failed php7.1-fpm
+    systemctl restart php7.1-fpm
+fi
+
+if [ -f "$pool_file_72" ]; then
+    rm $pool_file_72
+    systemctl reset-failed php7.2-fpm
+    systemctl restart php7.2-fpm
+fi
+
+if [ -f "$pool_file_73" ]; then
+    rm $pool_file_73
+    systemctl reset-failed php7.3-fpm
+    systemctl restart php7.3-fpm
+fi
+
+if [ -f "$pool_file_74" ]; then
+    rm $pool_file_74
+    systemctl reset-failed php7.4-fpm
+    systemctl restart php7.4-fpm
+fi
+
+if [ -f "$pool_file_80" ]; then
+    rm $pool_file_80
+    systemctl reset-failed php8.0-fpm
+    systemctl restart php8.0-fpm
+fi
+
+write_file=0
+if [ ! -f "$pool_file_81" ]; then
+  write_file=1
+else
+  user_count=$(grep -c "/home/$1/" $pool_file_81)
+  if [ $user_count -eq 0 ]; then
+    write_file=1
+  fi
+fi
+if [ $write_file -eq 1 ]; then
+    echo "$pool_conf" > $pool_file_81
+    systemctl reset-failed php8.1-fpm
+    systemctl restart php8.1-fpm
+fi
+if [ -f "/etc/php/8.1/fpm/pool.d/www.conf" ]; then
+    rm /etc/php/8.1/fpm/pool.d/www.conf
+fi
+
+exit 0
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81-public.stpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81-public.stpl
new file mode 100644
index 00000000..0d6404ec
--- /dev/null
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81-public.stpl
@@ -0,0 +1,44 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %sdocroot%/public
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+    
+    
+        AllowOverride All
+        SSLRequireSSL
+        Options +Includes -Indexes +ExecCGI
+	
+    SSLEngine on
+    SSLVerifyClient none
+    SSLCertificateFile %ssl_crt%
+    SSLCertificateKeyFile %ssl_key%
+    %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+#    
+#        RMode config
+#        RUidGid %user% %group%
+#        RGroups www-data
+#    
+#    
+#        AssignUserID %user% %group%
+#    
+
+    
+        SetHandler "proxy:unix:/run/php/php8.1-fpm-%domain%.sock|fcgi://localhost/"
+    
+    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
+
+    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81-public.tpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81-public.tpl
new file mode 100644
index 00000000..f2814063
--- /dev/null
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81-public.tpl
@@ -0,0 +1,38 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %docroot%/public
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+    
+    
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+    
+#    
+#        RMode config
+#        RUidGid %user% %group%
+#        RGroups www-data
+#    
+#    
+#        AssignUserID %user% %group%
+#    
+
+    
+        SetHandler "proxy:unix:/run/php/php8.1-fpm-%domain%.sock|fcgi://localhost/"
+    
+    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
+
+    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81.sh b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81.sh
new file mode 100644
index 00000000..67c8ccfb
--- /dev/null
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81.sh
@@ -0,0 +1,112 @@
+#!/bin/bash
+# Adding php pool conf
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+pool_conf="[$2]
+
+listen = /run/php/php8.1-fpm-$2.sock
+listen.owner = $1
+listen.group = $1
+listen.mode = 0666
+
+user = $1
+group = $1
+
+pm = ondemand
+pm.max_children = 8
+request_terminate_timeout = 90s
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/$1/tmp
+php_admin_value[session.save_path] = /home/$1/tmp
+php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
+php_admin_value[upload_max_filesize] = 80M
+php_admin_value[max_execution_time] = 30
+php_admin_value[post_max_size] = 80M
+php_admin_value[memory_limit] = 256M
+php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
+php_admin_flag[mysql.allow_persistent] = off
+php_admin_flag[safe_mode] = off
+
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/$1/tmp
+env[TMPDIR] = /home/$1/tmp
+env[TEMP] = /home/$1/tmp
+"
+
+pool_file_56="/etc/php/5.6/fpm/pool.d/$2.conf"
+pool_file_70="/etc/php/7.0/fpm/pool.d/$2.conf"
+pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
+pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
+pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
+pool_file_74="/etc/php/7.4/fpm/pool.d/$2.conf"
+pool_file_80="/etc/php/8.0/fpm/pool.d/$2.conf"
+pool_file_81="/etc/php/8.1/fpm/pool.d/$2.conf"
+
+if [ -f "$pool_file_56" ]; then
+    rm $pool_file_56
+    systemctl reset-failed php5.6-fpm
+    systemctl restart php5.6-fpm
+fi
+
+if [ -f "$pool_file_70" ]; then
+    rm $pool_file_70
+    systemctl reset-failed php7.0-fpm
+    systemctl restart php7.0-fpm
+fi
+
+if [ -f "$pool_file_71" ]; then
+    rm $pool_file_71
+    systemctl reset-failed php7.1-fpm
+    systemctl restart php7.1-fpm
+fi
+
+if [ -f "$pool_file_72" ]; then
+    rm $pool_file_72
+    systemctl reset-failed php7.2-fpm
+    systemctl restart php7.2-fpm
+fi
+
+if [ -f "$pool_file_73" ]; then
+    rm $pool_file_73
+    systemctl reset-failed php7.3-fpm
+    systemctl restart php7.3-fpm
+fi
+
+if [ -f "$pool_file_74" ]; then
+    rm $pool_file_74
+    systemctl reset-failed php7.4-fpm
+    systemctl restart php7.4-fpm
+fi
+
+if [ -f "$pool_file_80" ]; then
+    rm $pool_file_80
+    systemctl reset-failed php8.0-fpm
+    systemctl restart php8.0-fpm
+fi
+
+write_file=0
+if [ ! -f "$pool_file_81" ]; then
+  write_file=1
+else
+  user_count=$(grep -c "/home/$1/" $pool_file_81)
+  if [ $user_count -eq 0 ]; then
+    write_file=1
+  fi
+fi
+if [ $write_file -eq 1 ]; then
+    echo "$pool_conf" > $pool_file_81
+    systemctl reset-failed php8.1-fpm
+    systemctl restart php8.1-fpm
+fi
+if [ -f "/etc/php/8.1/fpm/pool.d/www.conf" ]; then
+    rm /etc/php/8.1/fpm/pool.d/www.conf
+fi
+
+exit 0
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81.stpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81.stpl
new file mode 100644
index 00000000..fb191d03
--- /dev/null
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81.stpl
@@ -0,0 +1,44 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %sdocroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+    
+    
+        AllowOverride All
+        SSLRequireSSL
+        Options +Includes -Indexes +ExecCGI
+	
+    SSLEngine on
+    SSLVerifyClient none
+    SSLCertificateFile %ssl_crt%
+    SSLCertificateKeyFile %ssl_key%
+    %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+#    
+#        RMode config
+#        RUidGid %user% %group%
+#        RGroups www-data
+#    
+#    
+#        AssignUserID %user% %group%
+#    
+
+    
+        SetHandler "proxy:unix:/run/php/php8.1-fpm-%domain%.sock|fcgi://localhost/"
+    
+    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
+
+    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81.tpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81.tpl
new file mode 100644
index 00000000..1a02ec15
--- /dev/null
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81.tpl
@@ -0,0 +1,38 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %docroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+    
+    
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+    
+#    
+#        RMode config
+#        RUidGid %user% %group%
+#        RGroups www-data
+#    
+#    
+#        AssignUserID %user% %group%
+#    
+
+    
+        SetHandler "proxy:unix:/run/php/php8.1-fpm-%domain%.sock|fcgi://localhost/"
+    
+    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
+
+    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+

From a17af106fdf529355f69dc26325263901471524c Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 12 Dec 2021 19:38:43 +0100
Subject: [PATCH 1646/2300] Support for PHP 8.1

---
 .../for-download/tools/multi-php-install.sh   | 59 ++++++++++++++-----
 1 file changed, 45 insertions(+), 14 deletions(-)

diff --git a/src/deb/for-download/tools/multi-php-install.sh b/src/deb/for-download/tools/multi-php-install.sh
index 6d30ab25..9380fe25 100644
--- a/src/deb/for-download/tools/multi-php-install.sh
+++ b/src/deb/for-download/tools/multi-php-install.sh
@@ -11,6 +11,7 @@ inst_72=0
 inst_73=0
 inst_74=0
 inst_80=0
+inst_81=0
 
 #######################################################################
 
@@ -48,8 +49,11 @@ fi
 if [ $# -gt 7 ]; then
     inst_80=$8
 fi
+if [ $# -gt 8 ]; then
+    inst_81=$9
+fi
 
-if [ $inst_56 -eq 1 ] || [ $inst_70 -eq 1 ] || [ $inst_71 -eq 1 ] || [ $inst_72 -eq 1 ] || [ $inst_73 -eq 1 ] || [ $inst_74 -eq 1 ] || [ $inst_80 -eq 1 ]; then
+if [ $inst_56 -eq 1 ] || [ $inst_70 -eq 1 ] || [ $inst_71 -eq 1 ] || [ $inst_72 -eq 1 ] || [ $inst_73 -eq 1 ] || [ $inst_74 -eq 1 ] || [ $inst_80 -eq 1 ] || [ $inst_81 -eq 1 ]; then
     inst_repo=1
 fi
 
@@ -277,23 +281,50 @@ if [ "$inst_80" -eq 1 ]; then
     press_enter "=== PHP 8.0 installed, press enter to continue ==============================================================================="
 fi
 
+if [ "$inst_81" -eq 1 ]; then
+    press_enter "=== Press enter to install PHP 8.1 ==============================================================================="
+    apt -y install php8.1-mbstring php8.1-bcmath php8.1-cli php8.1-curl php8.1-fpm php8.1-gd php8.1-intl php8.1-mysql php8.1-soap php8.1-xml php8.1-zip php8.1-memcache php8.1-memcached
+    update-rc.d php8.1-fpm defaults
+    a2enconf php8.1-fpm
+    a2dismod php8.1
+    apt-get -y remove libapache2-mod-php8.1
+    systemctl restart apache2
+    cp -r /etc/php/8.1/ /root/vst_install_backups/php8.1/
+    wget -nv https://c.myvestacp.com/tools/apache-fpm-tpl/PHP-FPM-81.stpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-81.stpl
+    wget -nv https://c.myvestacp.com/tools/apache-fpm-tpl/PHP-FPM-81.tpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-81.tpl
+    wget -nv https://c.myvestacp.com/tools/apache-fpm-tpl/PHP-FPM-81.sh -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-81.sh
+    wget -nv https://c.myvestacp.com/tools/apache-fpm-tpl/PHP-FPM-81-public.stpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-81-public.stpl
+    wget -nv https://c.myvestacp.com/tools/apache-fpm-tpl/PHP-FPM-81-public.tpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-81-public.tpl
+    wget -nv https://c.myvestacp.com/tools/apache-fpm-tpl/PHP-FPM-81-public.sh -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-81-public.sh
+    chmod a+x /usr/local/vesta/data/templates/web/apache2/PHP-FPM-81.sh
+    chmod a+x /usr/local/vesta/data/templates/web/apache2/PHP-FPM-81-public.sh
+    echo "=== Patching php.ini for php8.1"
+    wget -nv https://c.myvestacp.com/tools/patches/php8.0.patch -O /root/php8.1.patch
+    patch /etc/php/8.1/fpm/php.ini < /root/php8.1.patch
+    if [ $memory -gt 9999999 ]; then
+        sed -i "s|opcache.memory_consumption=512|opcache.memory_consumption=2048|g" /etc/php/8.1/fpm/php.ini
+    fi
+    service php8.1-fpm restart
+    press_enter "=== PHP 8.1 installed, press enter to continue ==============================================================================="
+fi
+
 
 apt update
 apt upgrade -y
 
 if [ $debian_version -ge 10 ]; then
-    a2dismod ruid2
-    a2dismod suexec
-    a2dismod php5.6
-    a2dismod php7.0
-    a2dismod php7.1
-    a2dismod php7.2
-    a2dismod php7.3
-    a2dismod php7.4
-    a2dismod php8.0
-    a2dismod php8.1
-    a2dismod mpm_prefork
-    a2enmod mpm_event
-    apt-get -y remove libapache2-mod-php*
+    a2dismod ruid2 > /dev/null 2>&1
+    a2dismod suexec > /dev/null 2>&1
+    a2dismod php5.6 > /dev/null 2>&1
+    a2dismod php7.0 > /dev/null 2>&1
+    a2dismod php7.1 > /dev/null 2>&1
+    a2dismod php7.2 > /dev/null 2>&1
+    a2dismod php7.3 > /dev/null 2>&1
+    a2dismod php7.4 > /dev/null 2>&1
+    a2dismod php8.0 > /dev/null 2>&1
+    a2dismod php8.1 > /dev/null 2>&1
+    a2dismod mpm_prefork > /dev/null 2>&1
+    a2enmod mpm_event > /dev/null 2>&1
+    apt-get -y remove libapache2-mod-php* > /dev/null 2>&1
     service apache2 restart
 fi

From 549ba4e1546437aabdbd2add33a8b3e9e0042341 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 12 Dec 2021 19:39:37 +0100
Subject: [PATCH 1647/2300] Update multi-php-install.sh

---
 src/deb/for-download/tools/multi-php-install.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/deb/for-download/tools/multi-php-install.sh b/src/deb/for-download/tools/multi-php-install.sh
index 9380fe25..20badca8 100644
--- a/src/deb/for-download/tools/multi-php-install.sh
+++ b/src/deb/for-download/tools/multi-php-install.sh
@@ -309,8 +309,8 @@ if [ "$inst_81" -eq 1 ]; then
 fi
 
 
-apt update
-apt upgrade -y
+apt update > /dev/null 2>&1
+apt upgrade -y > /dev/null 2>&1
 
 if [ $debian_version -ge 10 ]; then
     a2dismod ruid2 > /dev/null 2>&1

From 71bdbfbcf533b5464b71a1ae0cacb90b0226e2b0 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 12 Dec 2021 20:27:57 +0100
Subject: [PATCH 1648/2300] php8.1.patch

---
 .../for-download/tools/patches/php8.1.patch   | 77 +++++++++++++++++++
 1 file changed, 77 insertions(+)
 create mode 100644 src/deb/for-download/tools/patches/php8.1.patch

diff --git a/src/deb/for-download/tools/patches/php8.1.patch b/src/deb/for-download/tools/patches/php8.1.patch
new file mode 100644
index 00000000..479af689
--- /dev/null
+++ b/src/deb/for-download/tools/patches/php8.1.patch
@@ -0,0 +1,77 @@
+--- /etc/php/8.1/fpm/php.ini.orig	2021-11-25 21:48:52.000000000 +0100
++++ /etc/php/8.1/fpm/php.ini	2021-12-12 20:25:01.000000000 +0100
+@@ -320,7 +320,7 @@
+ ; This directive allows you to disable certain functions.
+ ; It receives a comma-delimited list of function names.
+ ; https://php.net/disable-functions
+-disable_functions = 
++disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,exec,system,passthru,shell_exec,proc_open,popen
+ 
+ ; This directive allows you to disable certain classes.
+ ; It receives a comma-delimited list of class names.
+@@ -423,11 +423,11 @@
+ ;max_input_nesting_level = 64
+ 
+ ; How many GET/POST/COOKIE input variables may be accepted
+-;max_input_vars = 1000
++max_input_vars = 6000
+ 
+ ; Maximum amount of memory a script may consume
+ ; https://php.net/memory-limit
+-memory_limit = 128M
++memory_limit = 256M
+ 
+ ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+ ; Error handling and logging ;
+@@ -695,7 +695,7 @@
+ ; Its value may be 0 to disable the limit. It is ignored if POST data reading
+ ; is disabled through enable_post_data_reading.
+ ; https://php.net/post-max-size
+-post_max_size = 8M
++post_max_size = 50M
+ 
+ ; Automatically add files before PHP document.
+ ; https://php.net/auto-prepend-file
+@@ -847,7 +847,7 @@
+ 
+ ; Maximum allowed size for uploaded files.
+ ; https://php.net/upload-max-filesize
+-upload_max_filesize = 2M
++upload_max_filesize = 50M
+ 
+ ; Maximum number of files that can be uploaded via a single request
+ max_file_uploads = 20
+@@ -1093,7 +1093,7 @@
+ 
+ ; The path to a log file that will log all mail() calls. Log entries include
+ ; the full path of the script, line number, To address and headers.
+-;mail.log =
++mail.log = /var/log/php-mail.log
+ ; Log mail to syslog (Event Log on Windows).
+ ;mail.log = syslog
+ 
+@@ -1764,20 +1764,20 @@
+ 
+ [opcache]
+ ; Determines if Zend OPCache is enabled
+-;opcache.enable=1
++opcache.enable=1
+ 
+ ; Determines if Zend OPCache is enabled for the CLI version of PHP
+-;opcache.enable_cli=0
++opcache.enable_cli=0
+ 
+ ; The OPcache shared memory storage size.
+-;opcache.memory_consumption=128
++opcache.memory_consumption=512
+ 
+ ; The amount of memory for interned strings in Mbytes.
+ ;opcache.interned_strings_buffer=8
+ 
+ ; The maximum number of keys (scripts) in the OPcache hash table.
+ ; Only numbers between 200 and 1000000 are allowed.
+-;opcache.max_accelerated_files=10000
++opcache.max_accelerated_files=100000
+ 
+ ; The maximum percentage of "wasted" memory until a restart is scheduled.
+ ;opcache.max_wasted_percentage=5

From d399d74fd98de86e88e160469cc479021d1c8e08 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 12 Dec 2021 20:29:25 +0100
Subject: [PATCH 1649/2300] Update multi-php-install.sh

---
 src/deb/for-download/tools/multi-php-install.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/for-download/tools/multi-php-install.sh b/src/deb/for-download/tools/multi-php-install.sh
index 20badca8..1b3ff855 100644
--- a/src/deb/for-download/tools/multi-php-install.sh
+++ b/src/deb/for-download/tools/multi-php-install.sh
@@ -299,7 +299,7 @@ if [ "$inst_81" -eq 1 ]; then
     chmod a+x /usr/local/vesta/data/templates/web/apache2/PHP-FPM-81.sh
     chmod a+x /usr/local/vesta/data/templates/web/apache2/PHP-FPM-81-public.sh
     echo "=== Patching php.ini for php8.1"
-    wget -nv https://c.myvestacp.com/tools/patches/php8.0.patch -O /root/php8.1.patch
+    wget -nv https://c.myvestacp.com/tools/patches/php8.1.patch -O /root/php8.1.patch
     patch /etc/php/8.1/fpm/php.ini < /root/php8.1.patch
     if [ $memory -gt 9999999 ]; then
         sed -i "s|opcache.memory_consumption=512|opcache.memory_consumption=2048|g" /etc/php/8.1/fpm/php.ini

From 4ec64b019162cd6d53a2dd93ea1aa3651e9d6426 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 12 Dec 2021 21:14:15 +0100
Subject: [PATCH 1650/2300] Update keep_mpm_event.sh

---
 upd/keep_mpm_event.sh | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/upd/keep_mpm_event.sh b/upd/keep_mpm_event.sh
index 36ccae5f..9095a601 100644
--- a/upd/keep_mpm_event.sh
+++ b/upd/keep_mpm_event.sh
@@ -21,8 +21,8 @@ if [ "$1" = 'background' ]; then
             if [ "$check_grep" -eq 1 ]; then
                 echo "=== OK, we have Apache2"
                 release=$(cat /etc/debian_version | tr "." "\n" | head -n1)
-                if [ "$release" -eq 10 ]; then
-                    echo "=== OK, it's Debian 10"
+                if [ "$release" -ge 10 ]; then
+                    echo "=== OK, it's Debian 10 or 11"
                     switch_to_mpm_event=1
                 else
                     check_grep=$(/usr/local/vesta/bin/v-list-sys-web-status | grep -c "Server MPM: event")
@@ -40,6 +40,7 @@ fi
 
 if [ "$switch_to_mpm_event" -eq 1 ]; then
     echo "=== OK, let's ensure mpm_event"
+
     a2dismod ruid2 > /dev/null 2>&1
     a2dismod suexec > /dev/null 2>&1
     a2dismod php5.6 > /dev/null 2>&1
@@ -49,10 +50,10 @@ if [ "$switch_to_mpm_event" -eq 1 ]; then
     a2dismod php7.3 > /dev/null 2>&1
     a2dismod php7.4 > /dev/null 2>&1
     a2dismod php8.0 > /dev/null 2>&1
+    a2dismod php8.1 > /dev/null 2>&1
     a2dismod mpm_prefork > /dev/null 2>&1
     a2enmod mpm_event > /dev/null 2>&1
-    apt-get -y remove libapache2-mod-php7.4 > /dev/null 2>&1
-    apt-get -y remove libapache2-mod-php8.0 > /dev/null 2>&1
+    apt-get -y remove libapache2-mod-php* > /dev/null 2>&1
     service apache2 restart
     echo "=== Done!"
 fi

From 98dcbbc691549d2145695e3da864a3d79c8cbae6 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 12 Dec 2021 21:16:22 +0100
Subject: [PATCH 1651/2300] Update postinst

---
 src/deb/vesta/postinst | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index de6fa3b0..01b6ac48 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -211,8 +211,8 @@ if [ $(systemctl list-unit-files | grep clamav-daemon | grep -c "disabled") -eq
 fi
 
 # Making sure mpm_event will stay
-if [ ! -f "/usr/local/vesta/data/upgrades/keeping-mpm-event-2" ]; then
-    touch /usr/local/vesta/data/upgrades/keeping-mpm-event-2
+if [ ! -f "/usr/local/vesta/data/upgrades/keeping-mpm-event-3" ]; then
+    touch /usr/local/vesta/data/upgrades/keeping-mpm-event-3
     echo "=== scheduling keeping-mpm-event check script"
     echo "bash /usr/local/vesta/upd/keep_mpm_event.sh 'background' >> /usr/local/vesta/data/upgrades/keeping-mpm-event.log 2>&1" >> /usr/local/vesta/data/queue/restart.pipe
     /usr/local/vesta/bin/v-add-cron-restart-job > /dev/null 2>&1

From 93d8ca4a81f9d9043d70d0feff3019239b71d561 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 12 Dec 2021 21:17:24 +0100
Subject: [PATCH 1652/2300] Update vst-install-debian.sh

---
 install/vst-install-debian.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 4f48ca0b..fef0b8f7 100755
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1730,6 +1730,7 @@ touch /usr/local/vesta/data/upgrades/change-clamav-socket-v3
 touch /usr/local/vesta/data/upgrades/change-clamav-socket-v4
 touch /usr/local/vesta/data/upgrades/keeping-mpm-event
 touch /usr/local/vesta/data/upgrades/keeping-mpm-event-2
+touch /usr/local/vesta/data/upgrades/keeping-mpm-event-3
 touch /usr/local/vesta/data/upgrades/fix_ssl_directive_in_templates
 touch /usr/local/vesta/data/upgrades/clamav_block_exe_in_archives
 touch /usr/local/vesta/data/upgrades/clearing-letsencrypt-pipe

From 39fd40f0cc4e67533d4d39c3ed4dc889604c9e82 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 13 Dec 2021 00:57:03 +0100
Subject: [PATCH 1653/2300] Update multi-php-install.sh

---
 src/deb/for-download/tools/multi-php-install.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/deb/for-download/tools/multi-php-install.sh b/src/deb/for-download/tools/multi-php-install.sh
index 1b3ff855..e847df17 100644
--- a/src/deb/for-download/tools/multi-php-install.sh
+++ b/src/deb/for-download/tools/multi-php-install.sh
@@ -81,6 +81,7 @@ echo "inst_72=$inst_72"
 echo "inst_73=$inst_73"
 echo "inst_74=$inst_74"
 echo "inst_80=$inst_80"
+echo "inst_81=$inst_81"
 echo "wait_to_press_enter=$wait_to_press_enter"
 
 press_enter "=== Press enter to continue ==============================================================================="

From 11b5f0d9c763d86bf52715fa2107a39ab5ea102a Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 16 Dec 2021 23:53:46 +0100
Subject: [PATCH 1654/2300] Delete create_wp_http

---
 src/deb/for-download/tools/create_wp_http | 104 ----------------------
 1 file changed, 104 deletions(-)
 delete mode 100644 src/deb/for-download/tools/create_wp_http

diff --git a/src/deb/for-download/tools/create_wp_http b/src/deb/for-download/tools/create_wp_http
deleted file mode 100644
index a3d69cf4..00000000
--- a/src/deb/for-download/tools/create_wp_http
+++ /dev/null
@@ -1,104 +0,0 @@
-#!/bin/bash
-
-if [ $# -lt 1 ]; then
-    echo usage: create_wp_http domain [db_name] [email]
-    exit 1
-fi
-
-domain=$1
-
-PATH=$PATH:/usr/local/vesta/bin
-export PATH
-
-user=$(/usr/local/vesta/bin/v-search-domain-owner $domain)
-
-START_DB="wp";
-if [ $# -gt 1 ]; then
-    START_DB=$2
-fi
-
-email="info@$domain";
-if [ $# -gt 2 ]; then
-    email=$3
-fi
-
-if [ ! -d "/home/$user" ]; then
-    echo "User doesn't exist";
-    exit 1;
-fi
-
-if [ ! -d "/home/$user/web/$domain/public_html" ]; then
-    echo "Domain doesn't exist";
-    exit 1;
-fi
-
-WORKINGDIR="/home/$user/web/$domain/public_html"
-# FILE=latest.tar.gz
-
-rm -rf $WORKINGDIR/*
-
-#DBUSERSUF=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 5 | head -n 1)
-DBUSERSUF="$START_DB";
-DBUSERSUFB="$START_DB";
-DBUSER=$user\_$DBUSERSUFB;
-DB_OK=0;
-if [ ! -d "/var/lib/mysql/$DBUSER" ]; then
-    DB_OK=1;
-fi
-
-if [ "$DB_OK" -eq "0" ]; then
-i=1;
-while [ $i -lt 99 ]
-do
-i=$((i+1));
-DBUSERSUF="${DBUSERSUFB}${i}";
-DBUSER=$user\_$DBUSERSUF;
-if [ ! -d "/var/lib/mysql/$DBUSER" ]; then
-break;
-fi
-done
-fi
-
-PASSWDDB=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 8 | head -n 1)
-
-v-add-database $user $DBUSERSUF $DBUSERSUF $PASSWDDB mysql
-
-cd /home/$user
-
-rm -rf /home/$user/wp
-curl -O https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar
-chmod +x wp-cli.phar
-sudo mv wp-cli.phar wp
-
-cd /home/$user/web/$domain/public_html
-
-sudo -H -u$user /home/$user/wp core download
-sudo -H -u$user /home/$user/wp core config --dbname=$DBUSER --dbuser=$DBUSER --dbpass=$PASSWDDB
-
-password=$(LC_CTYPE=C tr -dc A-Za-z0-9_\!\@\#\$\%\^\&\*\(\)-+= < /dev/urandom | head -c 12)
-
-sudo -H -u$user /home/$user/wp core install --url="$domain" --title="$domain" --admin_user="admin" --admin_password="$password" --admin_email="$email" --path=$WORKINGDIR
-
-#FIX za https://github.com/wp-cli/wp-cli/issues/2632
-
-mysql -u$DBUSER -p$PASSWDDB -e "USE $DBUSER; update wp_options set option_value = 'http://$domain' where option_name = 'siteurl'; update wp_options set option_value = 'http://$domain' where option_name = 'home';"
-
-# clear
-
-echo "================================================================="
-echo "Installation is complete. Your username/password is listed below."
-echo ""
-echo "Site: http://$domain/"
-echo ""
-echo "Login: http://$domain/wp-admin/"
-echo "Username: admin"
-echo "Password: $password"
-echo ""
-echo "================================================================="
-
-chown -R $user:$user $WORKINGDIR
-
-rm -rf /home/$user/wp
-
-echo "create_wp: Done."
-exit 0
\ No newline at end of file

From 5b9672b26f0613a1f4dac641d719e7ebc8744362 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 16 Dec 2021 23:56:59 +0100
Subject: [PATCH 1655/2300] Add files via upload

---
 .../for-download/tools/roundcube-filters.tgz    | Bin 0 -> 13187 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)
 create mode 100644 src/deb/for-download/tools/roundcube-filters.tgz

diff --git a/src/deb/for-download/tools/roundcube-filters.tgz b/src/deb/for-download/tools/roundcube-filters.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..c7c496906d78e603e3ae069f0d5167ecee86d7e1
GIT binary patch
literal 13187
zcmV-}GknY+iwFSmiMC+?1MFSva}!6l=WF~|bh)2+|xY|jWjcw
zkq{=kQKy2XneKB=pYHzsx~ET%QdHE5s>L@v$J7C7Yi}?A3#sxi|J>Qr+1uOO(X+L;
zXG2G4XIJ-@4XF2d8f7O#)3J)s231k?YWc$M|BI%S)&5zWJc`pKc1#i*u7fr3mY$xV
z_V4Z9+P$H(ySEeiKu_-$xZc?f-!`C*hFjv3e&_Aq{~EM78ip=F6?t20XRM<^$!HOWo=t)M%S}_@pzVCHI~g}V=~d>f-czIsJ)BH;d%RX
ztR1aVg5PfMEag9@Q78Av$VhCYJEo}VcvnY9XZ*k3*?TaVArfw*sRgzfeH$qKnL6Aao#g1u0)toM;M9s%!whpws)GuR+3|ND-KhD2#
z8U2Pz2bds@NfM1TI3%VjhAbqFA;Lvk;j(>ihA@)J2-5Ko(iON&kVbSJI*|q+lB@{3
zo>U3e2}%a3gZ%w*w;IqY5-h-9%M}NdA)|b)X&U#{RMkgh?J4
zvvR&}$W&6q7}fjZ<{g#?gKfiPV3dGUtk0k`ZYix$zFpM~6%7(yRfa1SZy`xwt?sT)
zj{%sKdL0@%nZZfKxhRF7Z{^2MO%^vCV5
zTzr<=m)S=qx>T|shR_fdsXkgJhFukjSB`z%7UVA7FVZBDHG-gHnFC9+hHqLn`1rLl
zXmOm*itXLd#Z@Dg(Iv5U;LUx9(VK&Nhr9djT)gKiI?-5rnjhdwQjvA&HyXD{peh;y
z^EeQQB7EJ}8gE6cQP>BT=cRt=Rm8dkg;O*gqjHjsxmKhqB3xx32m0B#Af6J|V5v3x
z5zWpGZG{7~ivU9+9pg|GPil!B?=stJFDj74&Rz8tC1T>u19cXa6NeAhSyW5xsu`NVsh)WIP<=&@;KZK?>nkdYiG6$PE1DG(gY_2G6K~Y%VJJFSr<+tI
zabSO)MUBLPI@?t{nmD+pzM{ICI8>*bjH8Le+v_VjmPs7?OXQ*lc5UDJ&aRjwM9Q61
zq^ttG1@NWFK_!5GsLHY51;sEe$P!tANh2kiMI?VWs7eG=31BAw@KV1-<$>N8EmxBJ<2$O3bdKCKd+o)VQA8C5wN+5Dl*9%g_=WpS9u+S8(emKQzs{!Ju%{a4oh
z4b~B|{_EVb#k2lnj{%zNzja9e;H!yN1_G^psMWJnXx(gP&_}c78QRT7hkf5QX=mA<
z+wvf0D?Ca@M-)}iK-+t*jcCkHrK!~wX{17WESX%0Z*B_
z-nTT6W4emVs0p(IDHlwY6<3gF_6ks&BOY0bLECbYq*Wlq^BOIzjDrPtRwlu}w^?xn)tFy7
zwQ>Q0UFCjn`GZ6>jco>&wXl8hy-IFn>RQ2v3s8Q><8xG)XNJtd?R((n2~?O~ndBCL
z;z=`OVJ_BMra?23N%)d7L~)c&Lj+ri%hUx{yJ@TCKs4xCs1Rewfr40DaWM}IxBJR{
zuwa=SCfzODY^eYH?NZe)d^2xeB7E@|lmO~I6mh=SEIrV0;NPP5{V%qDB|6krc*
zVLGe@4WjbgY$zqT9=Y0hGWFeI!-v<(w0C~xJYpBTVr3;^qC~zUkDQ4b>g{{-d93?)NEMlw!j{HcEX
zkjA!#R6nxcC1q2&t8%*hu1)tlb_CM=8$?%0Diy@?dvo_#;E`M}4e!Jn+6_?e@&OXC
znnE&oSVtluDq>*}(fHQ%H6m(C5z{JbB$O_-R#dXxO){`V@3Y$0vLskeARGExBXWmT
zx20T)zcv1HyzKcGBFo@W)5~GZDM0^vTh3s!Cx);lHc}&mYWijn4?2dOK8gfN&_3v<
zDz}w_evrFg6=bvbMWW3;(CEbNbr4~?z@on>zz!02Qb
z4b6~2kzU=>GI>F^GEs{sBH8NYia$eN5-G|;ql7WVSgC7<&_vehr6Uvz3N-JRV4m4y
zBQXK1qJ+`X92VqJ;83$>Wu9~-Cn>9>vo`X_e>)1SF&GmX|FN~xi~n6s{9lh$&-`Ci
zv=Gp@av=?i!{wQMQC_JI@;hK$<*rLXApZ`0R#6t0(?AL04-kp4U^U{4^hDFCjP=|V
zmHLBz?&mCwpCnd?6j=!*fbANyBauPKd6_oO34#Q&V8!@3b8F#
z-hYSj7*(S2z<$65a5+jT)NCKNgNYzBD1u>>Mj=-phzuzv-N)qOw
z+$|xxIc2hf406PVLi<4i#krrukR5=rvM~dYUE*C6BZt?!n+b4!%N>i
z+q%H1F_MXty9+M0=FH!LUvpQ+1UcgBz;-YiQs5uMZk?!nup=`%g!}Ba1pFmclK}pTv-}0
zH9Y1COuqQ<99wA&#)R$vcXfK6|8#F@?*Fe#s`2^H>g1=Z6W^{*{e`cy7GATUUhUYe)Qw&_`>SM+0}_NYZp!yZ+%ug^;rxKZAAyDw-`op!G$5+SU{zbU?_~Dt=@u}j;hihMb$4ZQUxjON`s~=26;*PRT
zG4b)^M_(0hea>xP;QwCs2nytp)ro7Xlh?rweJDWc53A$nN*1!Oz8V4L^9#jG*Fbg!NI=K>_1dlCPhYH#f6A;F{~mgDMJH?S)xV(R
z%m2=y%Essj|6zGZpMT&W{BKEGB|FKg-1PL)nWl!W~J_eV<$vcD9gWcu
zy8iF+#Q*hlH2HsBlF9$^ms`*)?TtyVw4nb+=Go&u^jAfus2#mCdcZ#UY8@`r5PLb0
zG+H{Vn^dHR8u4=cdF^UqQNl?gW1%ryo0Q0bPpr+o&47)~oxVGogB2U05u#VNSKqr7
zsYGS0hD|f}DF|mpnuOt`=qlD&7=nnkI-gza65X4g+($@OP}U%>P0wWRR>WOTvoTyv
zhjQ1CQC-on#I}ZO+4qEQZSOL=1=bSt2xSTPYE5={HayELF$H=J@!9F5kU82`XVTR_
zBkgtaoz5c!)v(K{pbWO7aLNYPzcumxMv^c8J8!&djE?aA-`?i_?+Z$G#sAPKL`e~4
zFYVBwONFu|R>`yR?iymvpz!D%_7_kcS*2=<_yGfCU=C9ZPN%7YzyX$;sQl++
zmqlH*SmxzIZkvdaN+o5CvVh}2+kAt6XyYkSvwEe7%#6%oW*3dZj4+{+OFps(6Pt1*
z4cV$#+q3Qf`{KXzI?BdiOxXIbv%`D-ySe^bpY)vKe?m_MSkVku>}ZCnM**HK`p0$r
z3zjEGjUz}7JTP$B3e;#&fRK`;YEh6ysstDLJW(C1I|QjTXqzjvfAth}{$p?**MD2Kde?tFTblg89_jg>
z|418H6&m%N^u-+kQ6#o7$&e&v59#VY1hPGg)9f)S`fVKou^WjWyvW^PPa~i87>F&h
zu9F~`xhc9ik&b~_GXKpEfiz(J`{KXzdh-S-*bw3QU#}Pco4^0FKB+GJhY=U{3XnZ`
zba7f27pIYL311Efc?P(6JNE-osTxEAZxMl{2s(t9E-y|uBRq?F+=Q@*WoUpQW$7|fnAEWv_R0VVMPuo*
zZm5PR7*Pq~Ev#c}Q;MLY7{FPeB9N~@YuX+oNTVW^J*BE3zp2?>+E1+)@pthSSh{R*
zccH$}xLe378;Eizk1DE$eam=RfN1y#v<4K1mc&SRx@jaDcnj8Db7N?TseJ)Va=ooJZBDOvkD$(|qyY`Jsu%U`!bP_j-Q+4e-CCiT~@7YQ_KJsSlrC
z`MP-VS_u9Z@82mNzf-*R`I9e>|N8y;;^~uBkAHl0sd)R$+RfvS=g);40y%r4_|cEm
zPksD)@@IeeFHRkQJbUl)!-swxu=dG4?@gNuil?X6F5UFaQpO99AIz?Ob}fhzil=To
zy?C`=Xn*?IrKjg+inl&{{NP;i{M6&w@76w_dUE|CcsLTQo6TUh%G#-qivPSE5!9ca
zo%;30)jqTQ+NB$&h=_P@Y2`H!*IHK8qn8T_1N7qe6Kh{zD)psmSYGN)A?R&(tf!MR
z)+wb(n7wxAJjsNfTy#J$nYi|?(*CW+<{xAQ1ekwn^
ze0+I4KOMpV`Ttq|Apa=;Ab&sqFh8?=B0rbEm7mW~qaYcTq~OZ;s5&X+zX1i~`Csz4
zmQUtq^1lSpL;e!vJD#5ggQmcg`^%I0`w0G-@uv$`gXOb+T#^4af6I?1@?SuWf631W
z@Ie4PS5O
zXW>7v2SI(O^YhDRq0TeQW#QX3&`+MII)XbhO!FLTdAK!`pF(Dn
z&v1uNo3_j_TcRyROr;-|IsyW}xVzOkXixqr>Ixjh8j^pMvapORUq#Vf^Vg@Isgr%SGp1U&^Aq$81{BlI
zsEkCkFlt!UmrsD@H3WCLXt_IpYxiqeW$!;?G1@;pi!RxDlg?HmQG#CnPb*0^mjW!Cf*
z57e_x5z&r{eH_!0RLK&IQi`UVB17qHCr)C%k7J0D;`yRQxU;UtpW}f=(c}19_t7Lp
zcF3OL@?=AHaGovs;=l7d%ZV(?Nn
zE7HFkV86(GW^mW3xoc_mRUjsA;QF~`FG0x+V4=&CNCwr!(7FEH4Mx|)REYSlFpJ-b
zZ2sPyn!AqRW|D(^?s^SuqY^`Pc8gf3yM~QnlE$hK{f%MvWW)4%Ev8fk4tR{QMMgPL
zC0ag?7(E{4?eT)stwFez*XiMri05q}&bCotPS(nHM}n^7YB~Fm)r-cVW_mHn|M{<+
zIJ}PMzdJg;>%Xq%{@=Q!`hNc}?mIFh`Ty-b+j1L6cF)9D
zv>=uNctJoUWyvNDTGY+b#*$ScW$%Wof(Mu(G2&nbo(pfbs&Y@Il9zqRYpVR1hg4;g
z*l{_w^PuuO^+$Wo>C1G_1sG72oU93#MPR!7^y$;*)~8SR?8ExN%e>nqn|9N5m-^}Or*#D0w
zpo=_ENd9^G05_cjYud}-V5MZm^zOIJMI}mAeq#AW7XD$TL6vjh_zJm0=(Ehq13riD
zGpKa-x4zwTVp!{;#pWYtV`~pz{zET(+hZs0v-w{5HinkG1`E{WRDRuCki^njB8?G^
zQYf=5w}#1qq|+RxTgQcCQVJz+y*GiyM}o4mtoJ~2+ziu=@CFWlk=ub_#7N`BN~ZZv
zNK?x89B3Kjr04Z5(hK$fDCysOgZF=4Si?~ipZ*a3^!xo824MTe
zS7G3Rpchons(%4;y8hp`!WgdxIw@b?o$Og4X(j7B$FuAg|5;=JZoT-o@re`1MMmJk
zi?5=Gwa5&NKcXiOdCqMljPjf>DsJUKzA3D*cN|t0(&L)f8eJ}*5%&C1a$0b@E8Kee*dGS54Y>FBJ^j`dHlm(c#EBCCT
z3$ILj!YLo?d_3#=kdqhR95{PU+-Bq81eu#zCop3tjt@hKnQJ?1b8JEaouT2rpmi#n
z7i+&?@JHHz;MHAs4{d%248r;LF~j~}S-qBB|E*qs=VJf&jeMm2=kveQu#z~~wC$~l
zHRk^MP4Sh_Pe-QT7?ESwh?_Bu*Z|0M|msh+&JgW7kd}=jOIR^KX
zS+*T9^jQzVyBV-Jpg?v6E;Trz;MjtKfJG%fABGNQlMOxG0bhz-yt!a$Y`LCT=R*BX
zt#$+VxUt1bXQgwccEh5(gxTW&R@ngL&q3}T&vV)PC*s?U#COMm*Ky;G+6~)*#eFbw
zLbe&kNyr{KaTpx1_bvQ&1C-rx1U^|OOg3sY&`mKOyhZ$KRj(GV)wb~#H)=^Eop4$l
z2MKuVw8ykoTkf#i!J+R3mJJL0$r36)m&%x;cy}UhLgxEc>$Q~*d*VZFW{akd(RjVK
z+F_3!-x@nC!FssEMokfHBMr1&?J!W`tS+9^8O@YLG@X%v?`5bfm>E~KNk{}?P5v|E
z8nimKyD%Hhku{!p&RXrW&pu0awCF)o&o$N%=r`K%eF9$WVG!E%Lt@;nfnG*9#)Pou
z{jEp02rygiEVrsp5Q4gVsXK7}?!byhwV}gvjJS87QylB
z_CT{F6OEzU48)ytcxD*Tqr<@bGskvgzHb+JUT_F{h5??gHSnB>voK>-T_DD~UFPo6
z4_qulH5rb?O0QAXMm@A}=aTmQ)T-X~L6Dy%zTC>j
zZu~%T4DA8yn3nrs;*vhV^j>g?>S1h!`&=(0zCt00rXR5FfU7QNcNczh+J?@78zhk;
z6dQx7#O-1nct=NLhMQ*)Ol><-C7cMr1p%N+l@Nd|wqtZr7!6~~kAaD!1j&VU
zR*X7h*N0K@a<+sXfWIFhhdqD^4cKjmec~Pjyya?nOO#3=m}Bc?i$lwgxb~0M*zF`n
zd4Y;|L&t}&dT)=D#0J*%VYYqX@g(Lwg6Vtc971Eqf(9gyL#X6~5C|Csv1>DsPa7vE
z@#$O29th)|sWgEOW0(ynJ_JjVT61=#^DZ^NM%K4uk#l4y^sm$o5^?
z$;uiifu$M4dIWQx?7>qV3NQhTEEtC!g20&sCG^Sm-KBTI_}Hk=0xq>;mNlpbtWO*_
z?r4Yz>lKIYK>26HVDZQe?WGC0ug5GJhVCSec)M){>y{Npxc9j=93{{vx!Q-J8;gt*
z%TFxnVY7*aLWPD&IQpC>(m0_jkBx$f^w~u_4h7SZe2|{cK@eirbURLmj0;*ZG<2Zk
zA`cvY@|8Sr*TK0B1Jq=L;D}ZRAvk0$8~|gOmBi6;j)03q&uZN;!88~mf#pkl>JLD(
zucbD$%h9S!b%N`Vx-sB78zgbehl1eaAn*oOh$8Oec-jm+gJfcZz2^Pv8)4)?kXC?&
z$XaH$$WOpdb1p!m(9~m1a<@?_NurgS{?1G$1!>r}+{3I60QG*%K26rEw0{if`B^Qp
z4Vu#dZEgb@{B@nv1HtGx3ZatA*!$su3l)G(IPsRV#M=c2DG42o!GyU6sDVvZP&3=>
zGg~VjoO#}im6Dp9lvJbFQ}R;6dptOJWnAi#VkWYo|yxTkZHfku#m
za1RL0nTnS`AY(X4_Fx1@lE;=Mp*X=UD(Ac;5aH8+Lki>UQ25Xp-~2Ic^Bt542l(!0
znD~M0%+!R;K8B^GJ46S8cox+SxXU0dfCG21dHNXC^@13ekJ6jNyX8k@*&cr3lmmLPdg$zeu^ZK?
zJ?IwnD0YbvNUGprw4SFV*Qb1$;JM)Fl1I%~%W_MO;{_nw!fOEC%Iop=svZ&oma_X4
zwBVz=s?Q$kSTJrAtS9HBxea;~%3!RhE<<6&hp?yuz1PxF<{EEJ^H)&EWgHem$|(XP
zn~@hO-5mN+*z_*tPlgU1G(Z@Fi7amqM>!hnD4D7e;5J0YEukiUbiiGek9Bs45Ah1a
za1d6~Oux3kA~?X_1_&#Tl4C1zY)c1XF8UP0tS%M;h@2SK&CRVlxF!%Zs8_<}$$ki&
zoK=&z$8>?_hxpopiDAce1>pyd&aqbhB4v-D|V!Uezb&
z&ktIZplRyJ=@giNBOLCB
z0bffX-q&a0y=vm^U>dHLo*Xfmp3E1UdVX@f)9K)7()3$!$Z^p`rCdYd6oTfr>@ehj@+SGj}`qL~~>GwqHgg{TZb_P#M
z%SK@lSaMG=+A7q&Fg2hMxZ}usPovf#2uL#;L7g=#MHczuvU~Mft3W{R@@No6ercW}
zzyhrK=SdKAZHyW|B6$&6dUm~2X`8En^Ui&bVfy~h)$3PRv+w^{y}EL-|MNyZV*j`M
z_S-e~w%Yt*^y@Wl^6(BaJ3aVhuFW27Fvormz7n!F^sFdSj;nJ73uhQvi0Zh{)$tcK
zkibbY01uHZ##XeCfmJVnk}q)>U&=vaMixVV5O29)i-lq1b-jijuFV%nRi>qOX;lhi
ztVWGYh}7&rOA9OMAPR>f=v-WGgQlNa0dtQM*Df0X#_0QF@T>9aYQ}aGpK}a&R&ldM
zG-s@~!Lz7-tpRF2*A_TH3&Uvp!e+90P*-_E|o}
zF9bRq5(D=b|FX8W=fr*51N4WE>_#9E4x!##qRDzqFDhgasI6KqZE(z&HlTxM$xcKY
zqugenI%iFRXY3cW>po?fxhT_M4On3oDC0
zvTUO*1c7R`nOWEp<0$|lmnVG>mP|P)LUr}Y9|ECMke<`Oj)yUiT~;_KrMjk!Kvd~l
zB%e`!6xj;7k?_OiPAFo5oExOb;VlCyiVJ5j28$9k
z8%8?40+jA}XH#|aD8jS_Njynn4wv$WQvliO^fm(9>GSxMs@HjjRmBUtD)IUR~=WbL}XLu#Zs!7lAm=?NSW(N*m
z;sHyeTOH~LhVjM8=o1~wU1Qp5;qFhD1Vuxp++I>Ess(hcEkL(?ZaE5+&Lq<~7GS!=
z{v>pEry1a^&PQ3OEr`enim!rUMQm~3IYu^Hr1JtIe;xQ_LGJILL9!JFL
zL+y@&y2LKS+?=H)|M8~{bT<|jXbw3KndRBBrH(ob4jq_Et#pb|qtfD@#+d~*_3khA
zru2e?V!3{@=T}DY*y{r&-T1iA{lXmPMiXGK1wKJVk0eM`n92IquS#SdQa6
zC&x`~^m8yA%Y9x0`{g^ClNk%Jd>yP=&`%*velB)>E{qp)ZCrG71-DFc4R>i6Bz~+J
zlotE)OD3P@3CN4Z+KwC&eJHZDFPztW1?e*?`zWxDFyBZw%v2z^0tBGC+JSmXc2E3N
zekey*En*1mrmB^8rmhW0Gwh2D_p}BDKfadW4=W+N2V+n2+=nLy}RU
z9SKAX7@rvuNf61i<%KE8=jxj_9%?Ubh%j(;evXfyS7~gzptW_MZ^QNpR->)q$GaBDO$CE2
zB%Rd8lm?LlwOe^YKGzpourMrg)@4{uW5?3vZ6^LD7uO>|)&oCRE=UG}eO$U61il%o
zHDJLS7)gg2L7<5}M>5wQrWze-UglH)NIH%R$GCWvf~u)GYi;uXkSrWRCJ;lt&Y
z%Z1XFwi``6>sV3_Lo*p6$wuNp`e@r#%CE8J_nkv@338VhXw0&nt6S(*MiXb~S{|kT
zG;w#$gO#@vnd8*Lf+;j(d74UEzNYTEVb%0^zHaK-kOkI~gv@#c_ZMWCtN^z1?+CW|
zrRo`B1k|rQN
zH9#&pr*4a`R>*Pf^PI)NYjQ9txGXCF>ZX&&#s6fDC-RlP7bLc`ZGAt8KkK`w3Ny9N
zh2PT-C^prYT3h<(ecRpLZ5CEhI}_Rt#Lpr>@>-6cL4x$IGcu&+UGlmNW;BX7g7ae5
zNEeC~Ta*bVZQ9H!(61`dC_!p-eo8RD-M}RnZoB)qwTv-UGvqFdnk9pgdpue-fjb>N
z>rvtf1!L$zQ*iAt@c53#N-E}9PKu@3Ai>Uh8KE=j>&CawiIS6l&BC`j^|d;12O?lN
z(;nY%SIF@v5`??ub%F#Oc$Pp`=ugnz}m2P73Ls;p*4GzvAk&|D#h>K)Ums
zoC@IQnwE@kO+B)4-t)-8@^E6Y9-6~UY4HU`8TG7^iGs0{L7=}C>T~K)6Zy45D>qWD
z_{RA`aXh}!8tE4DV;
zo_$t1#%0qg&%uglMVr+Fzm7hMRM2GX{lP}A)|5O2X!3q{uu%e8
zU7yYh>E<$E|#5GmTnz$~rJ1p_JkK=m-|~5cuMTnE)nDKY?}4vgyMFja*!P;~;#
z%h0P$L*k;ZhiM)7mtVVpkwO4=488O=P&|QXOK~t+TY2Zo~fFgT}vuIN#-DFwfn=F|`@H{lE2BN!{<&Ja#uER^mrn$LgHF!)~Oj&>@W@-yM
z2_|7M$+pq+ddD4&2tGyamDBbh}E+
zhwiJi3~hr-Y+NCpW&v6r{jupnHy8D=aq2u6=Tiis3bG`%7TPvlL4dlf5p_%FyU|(4
zK?-jZ=miKnM-vZ|LhG07ZC)x&mzEvgqslv1o~}zP*;i>LRI)5ea>*K0x+2@9Nfz{c
zRkh*~<}A19#9|+?!UDD?h{v>s^uoDlht9Ql!J!j2bx==DU^6O12e6oKsaZA76Pc2-
zMZ|CN@w7S7TkKMg?OM3BLT=Znda0K^Fd>owDaToOEha&Ey5K@Fr|M7FshY{K+O+Xv
zoo%(81}GZ9w|%z4^YWf6qy$d+-ro>jdLm^u6OjL}ldc3!o{lTkmKCL8PP)6$jFGi5
zHPy#s5i!3aLF!0?bNbIO|MK*IPQPXF=STSO4=?}W^y||fPQN|sZ(sfuJoo|r`w>gOWv4&9{Oi+i@Hc#gX2lirklPF@K%4(~`HwIE7K;80
zfSvv~d-*p2?uXOwUj7~Y{FX89{YqL$Ey`7{L4R;g`Izf1l?j|Dk|2vB)Ab<I81k%-d_!fbw0!4Q{@KpcjDYoJ
zb`+BS0bZJv<#fD|RbA4VDdZFOFF?ERPrrtLfy^)eX>RW3WYxvEhgaHhIj*ZwNZlz*
z^z85=>;(&!;m?cb9ziMVm5xG5%dByAMl=$5L$ZOFhA+X>uIrUH69*i|FyT+Q8{x
zRoNYH(OzxAWWRED=a)~a6JE%aIiFPnrH@SuITUl_{5<(eoM}#O(G;JZSM#v-@A+Ql
z;NgNXzs4b-(}<@qyXY~?@>v)KM{?3A3j7roqsU}rE>KWudee94G6z8PCB1etQTBL6
z+39Y)u$G?|Z!-)J79O3b3&8dKnTNXNd3CktXdEx6s%Ji7&H<*O7IpEin;w+s8@@c;
zvbc+P@-ea4%qFo_I;5_##Pma@z054+kF=VH3yjkRtrS%}BC$SCw~gOAQKLe4<~2D*
z9cs${k|>tzbHOtx5y%lm&+GNnCY;ZK3WK1tj!dX6&1|)EJTGzHXBwvFW9PBUzG73K
p&R$jD0RXID9IpTX

literal 0
HcmV?d00001


From e44da1ee669cbab77c96e1ed72ddc2f028adac7f Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 17 Dec 2021 00:36:35 +0100
Subject: [PATCH 1656/2300] Add files via upload

---
 .../tools/install-new-roundcube.sh            | 176 ++++++++++++++++++
 1 file changed, 176 insertions(+)
 create mode 100644 src/deb/for-download/tools/install-new-roundcube.sh

diff --git a/src/deb/for-download/tools/install-new-roundcube.sh b/src/deb/for-download/tools/install-new-roundcube.sh
new file mode 100644
index 00000000..a2409e71
--- /dev/null
+++ b/src/deb/for-download/tools/install-new-roundcube.sh
@@ -0,0 +1,176 @@
+#!/bin/bash
+
+USER='webmail'
+DOMAIN='' # enter domain or subdomain
+
+VERSION='1.5.1'
+DOWNLOAD="https://github.com/roundcube/roundcubemail/releases/download/$VERSION/roundcubemail-$VERSION-complete.tar.gz"
+
+LOGINMESSAGE1='Click here for NEW Webmail'
+LOGINMESSAGE2='(it is adapted to mobile phones)'
+
+DATABASE_NAME_WITHOUT_PREFIX="roundcube"
+DATABASE_NAME="${USER}_roundcube"
+
+#############################################################################################################################
+
+if [ $# -gt 0 ]; then
+    USER=$1
+fi
+if [ $# -gt 1 ]; then
+    DOMAIN=$2
+fi
+
+if [ -z "$USER" ] || [ -z "$DOMAIN" ]; then
+    echo "Usage:"
+    echo "bash install-new-roundcube.sh VESTAUSER YOURDOMAIN.com"
+    exit 1
+fi
+
+source /usr/local/vesta/func/main.sh
+source /usr/local/vesta/func/db.sh
+
+# Defining password-gen function
+gen_pass() {
+    MATRIX='0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'
+    LENGTH=32
+    while [ ${n:=1} -le $LENGTH ]; do
+        PASS="$PASS${MATRIX:$(($RANDOM%${#MATRIX})):1}"
+        let n+=1
+    done
+    echo "$PASS"
+}
+DATABASE_PASSWORD=$(gen_pass)
+
+fix_ownership() {
+    chown -R $USER:$USER /home/$USER/web/$DOMAIN/public_html/
+    find /home/$USER/web/$DOMAIN/public_html/ -type d -exec chmod 755 {} +
+    find /home/$USER/web/$DOMAIN/public_html/ -type f -exec chmod 644 {} +
+}
+
+
+if [ ! -d "/home/$USER" ]; then
+    echo "== Creating user: $USER"
+    USER_PASSWORD=$(gen_pass)
+    /usr/local/vesta/bin/v-add-user "$USER" "$USER_PASSWORD" "admin@$DOMAIN" 'default' 'Webmail' 'Roundcube'
+    /usr/local/vesta/bin/v-change-user-language "$USER" 'en'
+fi
+
+if [ ! -d "/home/$USER/web/$DOMAIN" ]; then
+    echo "== Adding domain: $DOMAIN"
+    /usr/local/vesta/bin/v-add-domain "$USER" "$DOMAIN" "" "yes"
+    if [ ! -d "/home/$USER/web/$DOMAIN" ]; then
+        echo "ERROR: Can't create domain $DOMAIN, maybe it's already created under the other user?"
+        exit 1
+    fi
+    if [ -f "/usr/local/vesta/data/templates/web/apache2/PHP-FPM-74.tpl" ]; then
+        /usr/local/vesta/bin/v-change-web-domain-tpl "$USER" "$DOMAIN" 'PHP-FPM-74' 'yes'
+    fi
+fi
+
+pub_ip=$(curl -4 -s https://scripts.myvestacp.com/ip.php)
+domain_host_ip=$(host $DOMAIN | head -n 1 | awk '{print $NF}')
+if [ "$pub_ip" != "$domain_host_ip" ]; then
+    echo "ERROR:"
+    echo "$DOMAIN is not pointing to $pub_ip"
+    echo "I see it is pointing to $domain_host_ip"
+    read -p "Are you sure you want to continue? (y/n)" answer
+    if [ "$answer" = "y" ] || [ "$answer" = "Y" ]; then
+        echo "Okay, we will continue."
+    else
+        echo "OK, good bye!"
+        exit 1
+    fi
+fi
+
+number_of_files=$(ls /home/$USER/web/$DOMAIN/public_html | wc -l)
+if [ $number_of_files -eq 2 ] && [ -f "/home/$USER/web/$DOMAIN/public_html/index.html" ] && [ -f "/home/$USER/web/$DOMAIN/public_html/robots.txt" ]; then
+    rm /home/$USER/web/$DOMAIN/public_html/index.html
+    rm /home/$USER/web/$DOMAIN/public_html/robots.txt
+else
+    echo "== public_html folder is not empty, aborting."
+    exit 1
+fi
+
+
+if [ ! -f "/home/$USER/conf/web/ssl.$DOMAIN.ca" ]; then
+    www_host="www.$DOMAIN"
+    www_host_ip=$(host $www_host | head -n 1 | awk '{print $NF}')
+    if [ "$www_host_ip" != "$domain_host_ip" ]; then
+        echo "=== Deleting www"
+        www_host=""
+        /usr/local/vesta/bin/v-delete-web-domain-alias "$USER" "$DOMAIN" "$www_host" 'no'
+        /usr/local/vesta/bin/v-delete-dns-on-web-alias "$USER" "$DOMAIN" "$www_host" 'no'
+    fi
+    echo "== Installing LetsEncrypt SSL, please wait..."
+    /usr/local/vesta/bin/v-add-letsencrypt-domain "$USER" "$DOMAIN" "$www_host" 'yes'
+    /usr/local/vesta/bin/v-change-web-domain-proxy-tpl "$USER" "$DOMAIN" 'force-https' 'jpg,jpeg,gif,png,ico,svg,css,zip,tgz,gz,rar,bz2,doc,xls,exe,pdf,ppt,txt,odt,ods,odp,odf,tar,wav,bmp,rtf,js,mp3,avi,mpeg,flv,woff,woff2' 'yes'
+fi
+
+echo "== Downloading Roundcube..."
+wget -nv "$DOWNLOAD" -O /root/roundcubemail.tar.gz
+
+echo "== Extracting Roundcube..."
+tar --directory /home/$USER/web/$DOMAIN/public_html --strip-components=1 -xzf /root/roundcubemail.tar.gz roundcubemail-$VERSION/
+
+fix_ownership
+
+DB_EXISTS=$(check_if_database_exists "$USER" "$DATABASE_NAME")
+if [ "$DB_EXISTS" = "no" ]; then
+    echo "== Creating database: $DATABASE_NAME"
+    /usr/local/vesta/bin/v-add-database "$USER" "$DATABASE_NAME_WITHOUT_PREFIX" "$DATABASE_NAME_WITHOUT_PREFIX" "$DATABASE_PASSWORD" 'mysql' 'localhost' 'utf8'
+fi
+
+if [ -f "/usr/local/vesta/data/templates/web/apache2/PHP-FPM-73.tpl" ]; then
+    echo "================================"
+    echo "== Installing php7.3-imap module"
+    apt update
+    apt install -y php7.3-imap
+    echo "================================"
+fi
+if [ -f "/usr/local/vesta/data/templates/web/apache2/PHP-FPM-74.tpl" ]; then
+    echo "================================"
+    echo "== Installing php7.4-imap module"
+    apt update
+    apt install -y php7.4-imap
+    echo "================================"
+fi
+
+echo "-------------------------------------"
+echo "Go to:"
+echo "https://${DOMAIN}/installer/"
+echo "... and finish the Roundcube installation."
+echo ""
+echo "You will be asked for:"
+echo "Database user: $DATABASE_NAME"
+echo "Database name: $DATABASE_NAME"
+echo "Database pass: $DATABASE_PASSWORD"
+echo ""
+echo "Suggestion: plugins to be enabled: new_user_dialog, password"
+echo "-------------------------------------"
+echo ""
+echo "=== When you click 'Initialize database' button (and see DB Write: OK), you can consider the installation as done."
+read -p "=== Then press Enter here, and this script will remove /home/$USER/web/$DOMAIN/public_html/installer folder ==="
+rm -rf /home/$USER/web/$DOMAIN/public_html/installer
+
+if [ -d "/home/$USER/web/$DOMAIN/public_html/plugins/password" ]; then
+    cp /usr/share/roundcube/plugins/password/config.inc.php /home/$USER/web/$DOMAIN/public_html/plugins/password/config.inc.php
+    cp /usr/share/roundcube/plugins/password/drivers/vesta.php /home/$USER/web/$DOMAIN/public_html/plugins/password/drivers/vesta.php
+fi
+
+wget -nv https://c.myvestacp.com/tools/roundcube-filters.tgz -O /root/roundcube-filters.tgz
+tar --directory /home/$USER/web/$DOMAIN/public_html/plugins -xzf /root/roundcube-filters.tgz
+
+sed -i "s/\$config\['plugins'\] = \[/\$config['plugins'] = ['filters', /g" /home/$USER/web/$DOMAIN/public_html/config/config.inc.php
+echo "\$config['session_lifetime'] = 1080;" >> /home/$USER/web/$DOMAIN/public_html/config/config.inc.php
+
+fix_ownership
+
+sed -i "s||

$LOGINMESSAGE1
$LOGINMESSAGE2

\n\n|g" /usr/share/roundcube/skins/larry/templates/login.html
+
+
+echo "-------------------------------------"
+echo "Roundcube installed!"
+echo "Go to:"
+echo "https://${DOMAIN}/"
+echo "-------------------------------------"

From b965a3d1844e946328ecd25fc561202fd4fc456b Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 17 Dec 2021 00:42:45 +0100
Subject: [PATCH 1657/2300] Delete install-new-roundcube.sh

---
 .../tools/install-new-roundcube.sh            | 176 ------------------
 1 file changed, 176 deletions(-)
 delete mode 100644 src/deb/for-download/tools/install-new-roundcube.sh

diff --git a/src/deb/for-download/tools/install-new-roundcube.sh b/src/deb/for-download/tools/install-new-roundcube.sh
deleted file mode 100644
index a2409e71..00000000
--- a/src/deb/for-download/tools/install-new-roundcube.sh
+++ /dev/null
@@ -1,176 +0,0 @@
-#!/bin/bash
-
-USER='webmail'
-DOMAIN='' # enter domain or subdomain
-
-VERSION='1.5.1'
-DOWNLOAD="https://github.com/roundcube/roundcubemail/releases/download/$VERSION/roundcubemail-$VERSION-complete.tar.gz"
-
-LOGINMESSAGE1='Click here for NEW Webmail'
-LOGINMESSAGE2='(it is adapted to mobile phones)'
-
-DATABASE_NAME_WITHOUT_PREFIX="roundcube"
-DATABASE_NAME="${USER}_roundcube"
-
-#############################################################################################################################
-
-if [ $# -gt 0 ]; then
-    USER=$1
-fi
-if [ $# -gt 1 ]; then
-    DOMAIN=$2
-fi
-
-if [ -z "$USER" ] || [ -z "$DOMAIN" ]; then
-    echo "Usage:"
-    echo "bash install-new-roundcube.sh VESTAUSER YOURDOMAIN.com"
-    exit 1
-fi
-
-source /usr/local/vesta/func/main.sh
-source /usr/local/vesta/func/db.sh
-
-# Defining password-gen function
-gen_pass() {
-    MATRIX='0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'
-    LENGTH=32
-    while [ ${n:=1} -le $LENGTH ]; do
-        PASS="$PASS${MATRIX:$(($RANDOM%${#MATRIX})):1}"
-        let n+=1
-    done
-    echo "$PASS"
-}
-DATABASE_PASSWORD=$(gen_pass)
-
-fix_ownership() {
-    chown -R $USER:$USER /home/$USER/web/$DOMAIN/public_html/
-    find /home/$USER/web/$DOMAIN/public_html/ -type d -exec chmod 755 {} +
-    find /home/$USER/web/$DOMAIN/public_html/ -type f -exec chmod 644 {} +
-}
-
-
-if [ ! -d "/home/$USER" ]; then
-    echo "== Creating user: $USER"
-    USER_PASSWORD=$(gen_pass)
-    /usr/local/vesta/bin/v-add-user "$USER" "$USER_PASSWORD" "admin@$DOMAIN" 'default' 'Webmail' 'Roundcube'
-    /usr/local/vesta/bin/v-change-user-language "$USER" 'en'
-fi
-
-if [ ! -d "/home/$USER/web/$DOMAIN" ]; then
-    echo "== Adding domain: $DOMAIN"
-    /usr/local/vesta/bin/v-add-domain "$USER" "$DOMAIN" "" "yes"
-    if [ ! -d "/home/$USER/web/$DOMAIN" ]; then
-        echo "ERROR: Can't create domain $DOMAIN, maybe it's already created under the other user?"
-        exit 1
-    fi
-    if [ -f "/usr/local/vesta/data/templates/web/apache2/PHP-FPM-74.tpl" ]; then
-        /usr/local/vesta/bin/v-change-web-domain-tpl "$USER" "$DOMAIN" 'PHP-FPM-74' 'yes'
-    fi
-fi
-
-pub_ip=$(curl -4 -s https://scripts.myvestacp.com/ip.php)
-domain_host_ip=$(host $DOMAIN | head -n 1 | awk '{print $NF}')
-if [ "$pub_ip" != "$domain_host_ip" ]; then
-    echo "ERROR:"
-    echo "$DOMAIN is not pointing to $pub_ip"
-    echo "I see it is pointing to $domain_host_ip"
-    read -p "Are you sure you want to continue? (y/n)" answer
-    if [ "$answer" = "y" ] || [ "$answer" = "Y" ]; then
-        echo "Okay, we will continue."
-    else
-        echo "OK, good bye!"
-        exit 1
-    fi
-fi
-
-number_of_files=$(ls /home/$USER/web/$DOMAIN/public_html | wc -l)
-if [ $number_of_files -eq 2 ] && [ -f "/home/$USER/web/$DOMAIN/public_html/index.html" ] && [ -f "/home/$USER/web/$DOMAIN/public_html/robots.txt" ]; then
-    rm /home/$USER/web/$DOMAIN/public_html/index.html
-    rm /home/$USER/web/$DOMAIN/public_html/robots.txt
-else
-    echo "== public_html folder is not empty, aborting."
-    exit 1
-fi
-
-
-if [ ! -f "/home/$USER/conf/web/ssl.$DOMAIN.ca" ]; then
-    www_host="www.$DOMAIN"
-    www_host_ip=$(host $www_host | head -n 1 | awk '{print $NF}')
-    if [ "$www_host_ip" != "$domain_host_ip" ]; then
-        echo "=== Deleting www"
-        www_host=""
-        /usr/local/vesta/bin/v-delete-web-domain-alias "$USER" "$DOMAIN" "$www_host" 'no'
-        /usr/local/vesta/bin/v-delete-dns-on-web-alias "$USER" "$DOMAIN" "$www_host" 'no'
-    fi
-    echo "== Installing LetsEncrypt SSL, please wait..."
-    /usr/local/vesta/bin/v-add-letsencrypt-domain "$USER" "$DOMAIN" "$www_host" 'yes'
-    /usr/local/vesta/bin/v-change-web-domain-proxy-tpl "$USER" "$DOMAIN" 'force-https' 'jpg,jpeg,gif,png,ico,svg,css,zip,tgz,gz,rar,bz2,doc,xls,exe,pdf,ppt,txt,odt,ods,odp,odf,tar,wav,bmp,rtf,js,mp3,avi,mpeg,flv,woff,woff2' 'yes'
-fi
-
-echo "== Downloading Roundcube..."
-wget -nv "$DOWNLOAD" -O /root/roundcubemail.tar.gz
-
-echo "== Extracting Roundcube..."
-tar --directory /home/$USER/web/$DOMAIN/public_html --strip-components=1 -xzf /root/roundcubemail.tar.gz roundcubemail-$VERSION/
-
-fix_ownership
-
-DB_EXISTS=$(check_if_database_exists "$USER" "$DATABASE_NAME")
-if [ "$DB_EXISTS" = "no" ]; then
-    echo "== Creating database: $DATABASE_NAME"
-    /usr/local/vesta/bin/v-add-database "$USER" "$DATABASE_NAME_WITHOUT_PREFIX" "$DATABASE_NAME_WITHOUT_PREFIX" "$DATABASE_PASSWORD" 'mysql' 'localhost' 'utf8'
-fi
-
-if [ -f "/usr/local/vesta/data/templates/web/apache2/PHP-FPM-73.tpl" ]; then
-    echo "================================"
-    echo "== Installing php7.3-imap module"
-    apt update
-    apt install -y php7.3-imap
-    echo "================================"
-fi
-if [ -f "/usr/local/vesta/data/templates/web/apache2/PHP-FPM-74.tpl" ]; then
-    echo "================================"
-    echo "== Installing php7.4-imap module"
-    apt update
-    apt install -y php7.4-imap
-    echo "================================"
-fi
-
-echo "-------------------------------------"
-echo "Go to:"
-echo "https://${DOMAIN}/installer/"
-echo "... and finish the Roundcube installation."
-echo ""
-echo "You will be asked for:"
-echo "Database user: $DATABASE_NAME"
-echo "Database name: $DATABASE_NAME"
-echo "Database pass: $DATABASE_PASSWORD"
-echo ""
-echo "Suggestion: plugins to be enabled: new_user_dialog, password"
-echo "-------------------------------------"
-echo ""
-echo "=== When you click 'Initialize database' button (and see DB Write: OK), you can consider the installation as done."
-read -p "=== Then press Enter here, and this script will remove /home/$USER/web/$DOMAIN/public_html/installer folder ==="
-rm -rf /home/$USER/web/$DOMAIN/public_html/installer
-
-if [ -d "/home/$USER/web/$DOMAIN/public_html/plugins/password" ]; then
-    cp /usr/share/roundcube/plugins/password/config.inc.php /home/$USER/web/$DOMAIN/public_html/plugins/password/config.inc.php
-    cp /usr/share/roundcube/plugins/password/drivers/vesta.php /home/$USER/web/$DOMAIN/public_html/plugins/password/drivers/vesta.php
-fi
-
-wget -nv https://c.myvestacp.com/tools/roundcube-filters.tgz -O /root/roundcube-filters.tgz
-tar --directory /home/$USER/web/$DOMAIN/public_html/plugins -xzf /root/roundcube-filters.tgz
-
-sed -i "s/\$config\['plugins'\] = \[/\$config['plugins'] = ['filters', /g" /home/$USER/web/$DOMAIN/public_html/config/config.inc.php
-echo "\$config['session_lifetime'] = 1080;" >> /home/$USER/web/$DOMAIN/public_html/config/config.inc.php
-
-fix_ownership
-
-sed -i "s||

$LOGINMESSAGE1
$LOGINMESSAGE2

\n\n|g" /usr/share/roundcube/skins/larry/templates/login.html
-
-
-echo "-------------------------------------"
-echo "Roundcube installed!"
-echo "Go to:"
-echo "https://${DOMAIN}/"
-echo "-------------------------------------"

From 5fa3645004704c48d03bf28d7f4ce8aa7f3feea8 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 17 Dec 2021 00:43:49 +0100
Subject: [PATCH 1658/2300] Adding install-new-roundcube.sh

---
 .../tools/install-new-roundcube.sh            | 176 ++++++++++++++++++
 1 file changed, 176 insertions(+)
 create mode 100644 src/deb/for-download/tools/install-new-roundcube.sh

diff --git a/src/deb/for-download/tools/install-new-roundcube.sh b/src/deb/for-download/tools/install-new-roundcube.sh
new file mode 100644
index 00000000..9e0dc6cc
--- /dev/null
+++ b/src/deb/for-download/tools/install-new-roundcube.sh
@@ -0,0 +1,176 @@
+#!/bin/bash
+
+USER='webmail'
+DOMAIN='' # enter domain or subdomain
+
+VERSION='1.5.1'
+DOWNLOAD="https://github.com/roundcube/roundcubemail/releases/download/$VERSION/roundcubemail-$VERSION-complete.tar.gz"
+
+LOGINMESSAGE1='Click here for NEW Webmail'
+LOGINMESSAGE2='(it is adapted to mobile phones)'
+
+DATABASE_NAME_WITHOUT_PREFIX="roundcube"
+DATABASE_NAME="${USER}_roundcube"
+
+#############################################################################################################################
+
+if [ $# -gt 0 ]; then
+    USER=$1
+fi
+if [ $# -gt 1 ]; then
+    DOMAIN=$2
+fi
+
+if [ -z "$USER" ] || [ -z "$DOMAIN" ]; then
+    echo "Usage:"
+    echo "bash install-new-roundcube.sh VESTAUSER YOURDOMAIN.com"
+    exit 1
+fi
+
+source /usr/local/vesta/func/main.sh
+source /usr/local/vesta/func/db.sh
+
+# Defining password-gen function
+gen_pass() {
+    MATRIX='0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'
+    LENGTH=32
+    while [ ${n:=1} -le $LENGTH ]; do
+        PASS="$PASS${MATRIX:$(($RANDOM%${#MATRIX})):1}"
+        let n+=1
+    done
+    echo "$PASS"
+}
+DATABASE_PASSWORD=$(gen_pass)
+
+fix_ownership() {
+    chown -R $USER:$USER /home/$USER/web/$DOMAIN/public_html/
+    find /home/$USER/web/$DOMAIN/public_html/ -type d -exec chmod 755 {} +
+    find /home/$USER/web/$DOMAIN/public_html/ -type f -exec chmod 644 {} +
+}
+
+
+if [ ! -d "/home/$USER" ]; then
+    echo "== Creating user: $USER"
+    USER_PASSWORD=$(gen_pass)
+    /usr/local/vesta/bin/v-add-user "$USER" "$USER_PASSWORD" "admin@$DOMAIN" 'default' 'Webmail' 'Roundcube'
+    /usr/local/vesta/bin/v-change-user-language "$USER" 'en'
+fi
+
+if [ ! -d "/home/$USER/web/$DOMAIN" ]; then
+    echo "== Adding domain: $DOMAIN"
+    /usr/local/vesta/bin/v-add-domain "$USER" "$DOMAIN" "" "yes"
+    if [ ! -d "/home/$USER/web/$DOMAIN" ]; then
+        echo "ERROR: Can't create domain $DOMAIN, maybe it's already created under the other user?"
+        exit 1
+    fi
+    if [ -f "/usr/local/vesta/data/templates/web/apache2/PHP-FPM-74.tpl" ]; then
+        /usr/local/vesta/bin/v-change-web-domain-tpl "$USER" "$DOMAIN" 'PHP-FPM-74' 'yes'
+    fi
+fi
+
+pub_ip=$(curl -4 -s https://scripts.myvestacp.com/ip.php)
+domain_host_ip=$(host $DOMAIN | head -n 1 | awk '{print $NF}')
+if [ "$pub_ip" != "$domain_host_ip" ]; then
+    echo "ERROR:"
+    echo "$DOMAIN is not pointing to $pub_ip"
+    echo "I see it is pointing to $domain_host_ip"
+    read -p "Are you sure you want to continue? (y/n)" answer
+    if [ "$answer" = "y" ] || [ "$answer" = "Y" ]; then
+        echo "Okay, we will continue."
+    else
+        echo "OK, good bye!"
+        exit 1
+    fi
+fi
+
+number_of_files=$(ls /home/$USER/web/$DOMAIN/public_html | wc -l)
+if [ $number_of_files -eq 2 ] && [ -f "/home/$USER/web/$DOMAIN/public_html/index.html" ] && [ -f "/home/$USER/web/$DOMAIN/public_html/robots.txt" ]; then
+    rm /home/$USER/web/$DOMAIN/public_html/index.html
+    rm /home/$USER/web/$DOMAIN/public_html/robots.txt
+else
+    echo "== public_html folder is not empty, aborting."
+    exit 1
+fi
+
+
+if [ ! -f "/home/$USER/conf/web/ssl.$DOMAIN.ca" ]; then
+    www_host="www.$DOMAIN"
+    www_host_ip=$(host $www_host | head -n 1 | awk '{print $NF}')
+    if [ "$www_host_ip" != "$domain_host_ip" ]; then
+        echo "=== Deleting www"
+        www_host=""
+        /usr/local/vesta/bin/v-delete-web-domain-alias "$USER" "$DOMAIN" "$www_host" 'no'
+        /usr/local/vesta/bin/v-delete-dns-on-web-alias "$USER" "$DOMAIN" "$www_host" 'no'
+    fi
+    echo "== Installing LetsEncrypt SSL, please wait..."
+    /usr/local/vesta/bin/v-add-letsencrypt-domain "$USER" "$DOMAIN" "$www_host" 'yes'
+    /usr/local/vesta/bin/v-change-web-domain-proxy-tpl "$USER" "$DOMAIN" 'force-https' 'jpg,jpeg,gif,png,ico,svg,css,zip,tgz,gz,rar,bz2,doc,xls,exe,pdf,ppt,txt,odt,ods,odp,odf,tar,wav,bmp,rtf,js,mp3,avi,mpeg,flv,woff,woff2' 'yes'
+fi
+
+echo "== Downloading Roundcube..."
+wget -nv "$DOWNLOAD" -O /root/roundcubemail.tar.gz
+
+echo "== Extracting Roundcube..."
+tar --directory /home/$USER/web/$DOMAIN/public_html --strip-components=1 -xzf /root/roundcubemail.tar.gz roundcubemail-$VERSION/
+
+fix_ownership
+
+DB_EXISTS=$(check_if_database_exists "$USER" "$DATABASE_NAME")
+if [ "$DB_EXISTS" = "no" ]; then
+    echo "== Creating database: $DATABASE_NAME"
+    /usr/local/vesta/bin/v-add-database "$USER" "$DATABASE_NAME_WITHOUT_PREFIX" "$DATABASE_NAME_WITHOUT_PREFIX" "$DATABASE_PASSWORD" 'mysql' 'localhost' 'utf8'
+fi
+
+if [ -f "/usr/local/vesta/data/templates/web/apache2/PHP-FPM-73.tpl" ]; then
+    echo "================================"
+    echo "== Installing php7.3-imap module"
+    apt update
+    apt install -y php7.3-imap
+    echo "================================"
+fi
+if [ -f "/usr/local/vesta/data/templates/web/apache2/PHP-FPM-74.tpl" ]; then
+    echo "================================"
+    echo "== Installing php7.4-imap module"
+    apt update
+    apt install -y php7.4-imap
+    echo "================================"
+fi
+
+echo "-------------------------------------"
+echo "Go to:"
+echo "https://${DOMAIN}/installer/"
+echo "... and finish the Roundcube installation."
+echo ""
+echo "You will be asked for:"
+echo "Database user: $DATABASE_NAME"
+echo "Database name: $DATABASE_NAME"
+echo "Database pass: $DATABASE_PASSWORD"
+echo ""
+echo "Suggestion: plugins to be enabled: new_user_dialog, password"
+echo "-------------------------------------"
+echo ""
+echo "=== When you click 'Initialize database' button (and see DB Write: OK), you can consider the installation as done."
+read -p "=== Then press Enter here, and this script will remove /home/$USER/web/$DOMAIN/public_html/installer folder ==="
+rm -rf /home/$USER/web/$DOMAIN/public_html/installer
+
+if [ -d "/home/$USER/web/$DOMAIN/public_html/plugins/password" ]; then
+    cp /usr/share/roundcube/plugins/password/config.inc.php /home/$USER/web/$DOMAIN/public_html/plugins/password/config.inc.php
+    cp /usr/share/roundcube/plugins/password/drivers/vesta.php /home/$USER/web/$DOMAIN/public_html/plugins/password/drivers/vesta.php
+fi
+
+wget -nv https://c.myvestacp.com/tools/roundcube-filters.tgz -O /root/roundcube-filters.tgz
+tar --directory /home/$USER/web/$DOMAIN/public_html/plugins -xzf /root/roundcube-filters.tgz
+
+sed -i "s/\$config\['plugins'\] = \[/\$config['plugins'] = ['filters', /g" /home/$USER/web/$DOMAIN/public_html/config/config.inc.php
+echo "\$config['session_lifetime'] = 1080;" >> /home/$USER/web/$DOMAIN/public_html/config/config.inc.php
+
+fix_ownership
+
+sed -i "s||

$LOGINMESSAGE1
$LOGINMESSAGE2

\n\n|g" /usr/share/roundcube/skins/larry/templates/login.html
+
+
+echo "-------------------------------------"
+echo "Roundcube installed!"
+echo "Go to:"
+echo "https://${DOMAIN}/"
+echo "-------------------------------------"

From 774faa2d982069e2524dc64aec3dae38b0bbbfe7 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 17 Dec 2021 01:18:49 +0100
Subject: [PATCH 1659/2300] Update install-new-roundcube.sh

---
 src/deb/for-download/tools/install-new-roundcube.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/for-download/tools/install-new-roundcube.sh b/src/deb/for-download/tools/install-new-roundcube.sh
index 9e0dc6cc..d545973c 100644
--- a/src/deb/for-download/tools/install-new-roundcube.sh
+++ b/src/deb/for-download/tools/install-new-roundcube.sh
@@ -7,7 +7,7 @@ VERSION='1.5.1'
 DOWNLOAD="https://github.com/roundcube/roundcubemail/releases/download/$VERSION/roundcubemail-$VERSION-complete.tar.gz"
 
 LOGINMESSAGE1='Click here for NEW Webmail'
-LOGINMESSAGE2='(it is adapted to mobile phones)'
+LOGINMESSAGE2='(it is adapted for mobile phones too)'
 
 DATABASE_NAME_WITHOUT_PREFIX="roundcube"
 DATABASE_NAME="${USER}_roundcube"

From 6db07c4aa57bddc62cacdadc5e142467ff52f44d Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 17 Dec 2021 16:38:43 +0100
Subject: [PATCH 1660/2300] Starting FreshClam during myVesta installation

---
 install/vst-install-debian.sh | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index fef0b8f7..34b55527 100755
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1321,6 +1321,11 @@ if [ "$clamd" = 'yes' ]; then
     fi
     service clamav-daemon start
     check_result $? "clamav-daeom start failed"
+    
+    systemctl status clamav-freshclam.service > /dev/null 2>&1
+    if [ $? -ne 0 ]; then
+        systemctl start clamav-freshclam.service
+    fi
 fi
 
 

From e0530d895ad942df180a0d9f6ac34d35bf896c0d Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 17 Dec 2021 18:12:47 +0100
Subject: [PATCH 1661/2300] Update vst-install-debian.sh

---
 install/vst-install-debian.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 34b55527..a90414e0 100755
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1746,6 +1746,7 @@ touch /usr/local/vesta/data/upgrades/update-cloudflare-ips
 touch /usr/local/vesta/data/upgrades/enable-tls-in-proftpd
 touch /usr/local/vesta/data/upgrades/enable_cookie_httponly
 touch /usr/local/vesta/data/upgrades/fix_exim_494_autoreply
+touch /usr/local/vesta/data/upgrades/freshclam_start
 
 # Secret URL
 secretquery=''

From 5d87f24b3f1be07e7013747ad06e4efb26c19559 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 17 Dec 2021 18:19:25 +0100
Subject: [PATCH 1662/2300] Checking if FreshClam is started after installation

---
 src/deb/vesta/postinst | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index 01b6ac48..e2a1219c 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -25,6 +25,18 @@ fi
 echo "1" > /usr/local/vesta/data/upgrades/show_changelog
 chmod a=rw /usr/local/vesta/data/upgrades/show_changelog
 
+# Checking if FreshClam is started after installation
+if [ ! -f "/usr/local/vesta/data/upgrades/freshclam_start" ]; then
+    clamavup=$(/usr/local/vesta/bin/v-list-sys-services | grep 'clamav-daemon' | grep -c 'running')
+    freshclamdown=$(/usr/local/vesta/bin/v-list-sys-services | grep 'clamav-freshclam' | grep -c 'off')
+    if [ $clamavup -eq 1 ] && [ $freshclamdown -eq 1 ]; then
+        echo "== Starting FreshClam"
+        systemctl enable clamav-freshclam.service
+        systemctl start clamav-freshclam.service
+    fi
+    touch /usr/local/vesta/data/upgrades/freshclam_start
+fi
+
 # Fix Autoreply issue with Exim 4.94+
 if [ ! -f "/usr/local/vesta/data/upgrades/fix_exim_494_autoreply" ]; then
     if [ "$release" -eq 11 ]; then

From a0ad0c6101c40f88ec04a18f44925234c039503b Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 17 Dec 2021 19:16:50 +0100
Subject: [PATCH 1663/2300] Update sr.php

---
 web/inc/i18n/sr.php | 48 ++++++++++++++++++++++-----------------------
 1 file changed, 24 insertions(+), 24 deletions(-)

diff --git a/web/inc/i18n/sr.php b/web/inc/i18n/sr.php
index 4cb8db27..dc215f26 100644
--- a/web/inc/i18n/sr.php
+++ b/web/inc/i18n/sr.php
@@ -26,7 +26,7 @@ $LANG['sr'] = array(
     'BACKUP'  => 'BACKUP',
 
     'LOGIN'  => 'LOGIN',
-    'RESET PASSWORD'  => 'PROMENA ŠIFRE',
+    'RESET PASSWORD'  => 'PROMENA PASSWORDA',
     'SEARCH'  => 'PRETRAGA',
     'PACKAGE'  => 'PAKET',
     'RRD'  => 'RRD',
@@ -278,8 +278,8 @@ $LANG['sr'] = array(
     'Release'  => 'Distribucija',
     'Architecture'  => 'Arhitektura',
     'Object'  => 'Predmet',
-    'Username'  => 'Korisničko ime',
-    'Password'  => 'Šifra',
+    'Username'  => 'Username',
+    'Password'  => 'Password',
     'Email'  => 'Email',
     'Package'  => 'Paket',
     'Language'  => 'Jezik',
@@ -303,7 +303,7 @@ $LANG['sr'] = array(
     'Statistics Authorization'  => 'Autorizacija za statistiku',
     'Statistics Auth'  => 'Autorizacija statistiku',
     'Account'  => 'Nalog',
-    'Prefix will be automaticaly added to username'  => 'Prefiks %s će automatski biti pridodat korisničkom imenu',
+    'Prefix will be automaticaly added to username'  => 'Prefiks %s će automatski biti pridodat username-u',
     'Send FTP credentials to email'  => 'Pošalji FTP login podatke na mail adresu',
     'Expiration Date'  => 'Datum isteka',
     'YYYY-MM-DD'  => 'YYYY-MM-DD',
@@ -316,7 +316,7 @@ $LANG['sr'] = array(
     'Message'  => 'Poruka',
     'use local-part'  => 'unesi samo početni deo (bez @domen.com dela)',
     'one or more email addresses'  => 'jedna ili više email adresa',
-    'Prefix will be automaticaly added to database name and database user'  => 'Prefiks %s se automatski dodaje na ime baze i na korisničko ime baze',
+    'Prefix will be automaticaly added to database name and database user'  => 'Prefiks %s se automatski dodaje na ime baze i na username baze',
     'Database'  => 'Baza podataka',
     'Type'  => 'Tip',
     'Minute'  => 'Minut',
@@ -346,8 +346,8 @@ $LANG['sr'] = array(
     'aliases'  => 'aliasa',
     'records'  => 'zapisa',
     'jobs'  => 'jobs',
-    'username'  => 'korisničko ime',
-    'password'  => 'šifra',
+    'username'  => 'username',
+    'password'  => 'password',
     'type'  => 'tip',
     'charset'  => 'charset',
     'domain'  => 'domen',
@@ -366,10 +366,10 @@ $LANG['sr'] = array(
     'account'  => 'nalog',
     'ssl certificate'  => 'ssl certifikat',
     'ssl key'  => 'ssl ključ',
-    'stats user password'  => 'šifra za korisničku statistiku',
-    'stats username'  => 'stats korisničko ime',
-    'stats password'  => 'stats šifra',
-    'ftp user password'  => 'ftp šifra',
+    'stats user password'  => 'password za korisničku statistiku',
+    'stats username'  => 'stats username',
+    'stats password'  => 'stats password',
+    'ftp user password'  => 'ftp password',
     'ftp user'  => 'ftp username',
     'Last 70 lines of %s.%s.log' => 'Zadnjih 70. redova od %s.%s.log',
     'AccessLog' => 'AccessLog',
@@ -490,11 +490,11 @@ $LANG['sr'] = array(
     'LOGGED_IN_AS'  => 'Ulogovani ste kao %s',
     'Error'  => 'Greška',
     'Invalid username or password'  => 'Pogrešni login podaci',
-    'Invalid username or code'  => 'Pogrešno korisničko ime ili kod',
+    'Invalid username or code'  => 'Pogrešan username ili kod',
     'Passwords not match'  => 'Passwordi se ne poklapaju',
     'Please enter valid email address.'  => 'Potrebno je uneti validnu email adresu.',
     'Field "%s" can not be blank.'  => 'Polja "%s" ne smeju biti prazna.',
-    'Password is too short.'  => 'Šifra je previše kratka (najmanje 6 znakova)',
+    'Password is too short.'  => 'Password je previše kratak (najmanje 6 znakova)',
     'Error code:'  => 'Greška koda: %s',
     'SERVICE_ACTION_FAILED'  => '"%s" "%s" nije uspelo',
     'IP address is in use' => 'IP adresa se već koristi',
@@ -510,28 +510,28 @@ $LANG['sr'] = array(
     'CRON_EXCLUSIONS' => 'Da bi izuzeo sve cron-job-ove unesi zvezdicu *',
     'USER_EXCLUSIONS' => 'Unesi direktorijume, po jedan u svakoj liniji. Da bi izuzeo sve direktorijume unesi zvezdicu *',
 
-    'Welcome to Vesta Control Panel'  => 'Dobrodošli u Vesta kontrolni panel',
-    'MAIL_FROM'  => 'Vesta kontrolni panel ',
+    'Welcome to Vesta Control Panel'  => 'Dobrodošli u myVesta kontrolni panel',
+    'MAIL_FROM'  => 'myVesta kontrolni panel ',
     'GREETINGS_GORDON_FREEMAN' => "Poštovani %s %s,\n",
     'GREETINGS' => "Poštovani,\n",
-    'ACCOUNT_READY' => "Vaš hosting nalog je kreiran i spreman za korišćenje.\n\nhttps://%s/login/\nKorisničko ime: %s\nŠifra: %s\n\n--\nVesta kontrolni panel\n",
+    'ACCOUNT_READY' => "Vaš hosting nalog je kreiran i spreman za korišćenje.\n\nhttps://%s/login/\nUsername: %s\nPassword: %s\n\n--\nmyVesta kontrolni panel\n",
 
     'FTP login credentials'  => 'FTP podaci',
-    'FTP_ACCOUNT_READY' => "FTP nalog je kreiran. Koristite sledeće podatke kako biste se ulogovali:\n\nHostname: %s\nKorisničko ime: %s_%s\nŠifra: %s\n\n--\nVesta kontrolni panel\n",
+    'FTP_ACCOUNT_READY' => "FTP nalog je kreiran. Koristite sledeće podatke kako biste se ulogovali:\n\nHostname: %s\nUsername: %s_%s\nPassword: %s\n\n--\nmyVesta kontrolni panel\n",
 
     'Database Credentials'  => 'Podaci baze podataka',
-    'DATABASE_READY' => "Baza podataka je kreirana. Koristite sledeće podatke kako biste se ulogovali:\n\nDatabase: %s\nKorisničko ime: %s\nŠifra: %s\n%s\n\n--\nVesta kontrolni panel\n",
+    'DATABASE_READY' => "Baza podataka je kreirana. Koristite sledeće podatke kako biste se ulogovali:\n\nDatabase: %s\nUsername: %s\nPassword: %s\n%s\n\n--\nmyVesta kontrolni panel\n",
 
-    'forgot password'  => 'zaboravljena šifra',
+    'forgot password'  => 'zaboravljen password',
     'Confirm'  => 'Potvrditi',
-    'New Password'  => 'Nova šifra',
-    'Confirm Password'  => 'Potvrdi šifru',
+    'New Password'  => 'Nov password',
+    'Confirm Password'  => 'Potvrdi password',
     'Reset'  => 'Reset',
     'Reset Code'  => 'Resetuj kod',
     'RESET_NOTICE'  => '',
-    'RESET_CODE_SENT'  => 'Kod resetovane šifre je poslat na vašu email adresu
',
-    'MAIL_RESET_SUBJECT'  => 'Šifra je resetovana %s',
-    'PASSWORD_RESET_REQUEST' => "Za resetovanje šifre sledite link:\nhttps://%s/reset/?action=confirm&user=%s&code=%s\n\nIli, možete ići na https://%s/reset/?action=code&user=%s i uneti kod:\n%s\n\nAko niste tražili resetovanje šifre, ignorišite ovu poruku i prihvatite naše izvinjenje.\n\n--\nVesta kontrolni panel\n",
+    'RESET_CODE_SENT'  => 'Kod resetovanog passworda je poslat na vašu email adresu
',
+    'MAIL_RESET_SUBJECT'  => 'Password je resetovan %s',
+    'PASSWORD_RESET_REQUEST' => "Za resetovanje passworda sledite link:\nhttps://%s/reset/?action=confirm&user=%s&code=%s\n\nIli, možete ići na https://%s/reset/?action=code&user=%s i uneti kod:\n%s\n\nAko niste tražili resetovanje passworda, ignorišite ovu poruku i prihvatite naše izvinjenje.\n\n--\nmyVesta kontrolni panel\n",
 
     'Jan' => 'Jan',
     'Feb' => 'Feb',

From ecc06404159bb0c3978af10c8249de2cc96b7a1b Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 17 Dec 2021 19:35:20 +0100
Subject: [PATCH 1664/2300] Update Changelog.md

---
 Changelog.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/Changelog.md b/Changelog.md
index ca274724..a25b40bc 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -1,3 +1,7 @@
+Version 0.9.8-26-54 [17-Dec-2021]
+==================================================
+* Checking if FreshClam is started after installation
+
 Version 0.9.8-26-53 [12-Dec-2021]
 ==================================================
 * Support for PHP 8.1

From d89da4f51b34116bbed949566305762e8da3cde1 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 17 Dec 2021 19:36:17 +0100
Subject: [PATCH 1665/2300] Version 0.9.8-26-54

---
 src/deb/latest.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/latest.txt b/src/deb/latest.txt
index 1fa6aa49..2c883b97 100644
--- a/src/deb/latest.txt
+++ b/src/deb/latest.txt
@@ -1 +1 @@
-vesta-0.9.8-26-53
+vesta-0.9.8-26-54

From 2ee193873ffc473b6e33476846a7f57f357ab12b Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 17 Dec 2021 22:36:49 +0100
Subject: [PATCH 1666/2300] Update install-new-roundcube.sh

---
 src/deb/for-download/tools/install-new-roundcube.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/for-download/tools/install-new-roundcube.sh b/src/deb/for-download/tools/install-new-roundcube.sh
index d545973c..7350db16 100644
--- a/src/deb/for-download/tools/install-new-roundcube.sh
+++ b/src/deb/for-download/tools/install-new-roundcube.sh
@@ -98,9 +98,9 @@ if [ ! -f "/home/$USER/conf/web/ssl.$DOMAIN.ca" ]; then
     www_host_ip=$(host $www_host | head -n 1 | awk '{print $NF}')
     if [ "$www_host_ip" != "$domain_host_ip" ]; then
         echo "=== Deleting www"
-        www_host=""
         /usr/local/vesta/bin/v-delete-web-domain-alias "$USER" "$DOMAIN" "$www_host" 'no'
         /usr/local/vesta/bin/v-delete-dns-on-web-alias "$USER" "$DOMAIN" "$www_host" 'no'
+        www_host=""
     fi
     echo "== Installing LetsEncrypt SSL, please wait..."
     /usr/local/vesta/bin/v-add-letsencrypt-domain "$USER" "$DOMAIN" "$www_host" 'yes'

From 90db1084ec0bdbcfd262797e5ad4693a4f678025 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 19 Dec 2021 01:08:43 +0100
Subject: [PATCH 1667/2300] Update install-new-roundcube.sh

---
 .../for-download/tools/install-new-roundcube.sh   | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/src/deb/for-download/tools/install-new-roundcube.sh b/src/deb/for-download/tools/install-new-roundcube.sh
index 7350db16..42ac73a0 100644
--- a/src/deb/for-download/tools/install-new-roundcube.sh
+++ b/src/deb/for-download/tools/install-new-roundcube.sh
@@ -84,15 +84,16 @@ if [ "$pub_ip" != "$domain_host_ip" ]; then
 fi
 
 number_of_files=$(ls /home/$USER/web/$DOMAIN/public_html | wc -l)
-if [ $number_of_files -eq 2 ] && [ -f "/home/$USER/web/$DOMAIN/public_html/index.html" ] && [ -f "/home/$USER/web/$DOMAIN/public_html/robots.txt" ]; then
-    rm /home/$USER/web/$DOMAIN/public_html/index.html
-    rm /home/$USER/web/$DOMAIN/public_html/robots.txt
-else
-    echo "== public_html folder is not empty, aborting."
-    exit 1
+if [ $number_of_files -ne 0 ]; then
+    if [ $number_of_files -eq 2 ] && [ -f "/home/$USER/web/$DOMAIN/public_html/index.html" ] && [ -f "/home/$USER/web/$DOMAIN/public_html/robots.txt" ]; then
+        rm /home/$USER/web/$DOMAIN/public_html/index.html
+        rm /home/$USER/web/$DOMAIN/public_html/robots.txt
+    else
+        echo "== public_html folder is not empty, aborting."
+        exit 1
+    fi
 fi
 
-
 if [ ! -f "/home/$USER/conf/web/ssl.$DOMAIN.ca" ]; then
     www_host="www.$DOMAIN"
     www_host_ip=$(host $www_host | head -n 1 | awk '{print $NF}')

From fee11ca777397a693307912643b31c89fe642602 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 19 Dec 2021 01:56:35 +0100
Subject: [PATCH 1668/2300] Update install-new-roundcube.sh

---
 src/deb/for-download/tools/install-new-roundcube.sh | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/deb/for-download/tools/install-new-roundcube.sh b/src/deb/for-download/tools/install-new-roundcube.sh
index 42ac73a0..95e1d1cd 100644
--- a/src/deb/for-download/tools/install-new-roundcube.sh
+++ b/src/deb/for-download/tools/install-new-roundcube.sh
@@ -120,6 +120,9 @@ DB_EXISTS=$(check_if_database_exists "$USER" "$DATABASE_NAME")
 if [ "$DB_EXISTS" = "no" ]; then
     echo "== Creating database: $DATABASE_NAME"
     /usr/local/vesta/bin/v-add-database "$USER" "$DATABASE_NAME_WITHOUT_PREFIX" "$DATABASE_NAME_WITHOUT_PREFIX" "$DATABASE_PASSWORD" 'mysql' 'localhost' 'utf8'
+else
+    echo "== Database $DATABASE_NAME already exists, and it's maybe used by another site. I will not continue. Please edit this script and enter other database name."
+    exit 1
 fi
 
 if [ -f "/usr/local/vesta/data/templates/web/apache2/PHP-FPM-73.tpl" ]; then
@@ -167,7 +170,10 @@ echo "\$config['session_lifetime'] = 1080;" >> /home/$USER/web/$DOMAIN/public_ht
 
 fix_ownership
 
-sed -i "s||

$LOGINMESSAGE1
$LOGINMESSAGE2

\n\n|g" /usr/share/roundcube/skins/larry/templates/login.html
+check_grep=$(grep -c 'color: white; font-size: 12pt' /usr/share/roundcube/skins/larry/templates/login.html)
+if [ "$check_grep" -eq 0 ]; then
+    sed -i "s||

$LOGINMESSAGE1
$LOGINMESSAGE2

\n\n|g" /usr/share/roundcube/skins/larry/templates/login.html
+fi
 
 
 echo "-------------------------------------"

From 909619ef6916ad320efeed4fc956a1674e7eec48 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 19 Dec 2021 16:06:13 +0100
Subject: [PATCH 1669/2300] Update v-clean-garbage

---
 bin/v-clean-garbage | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/bin/v-clean-garbage b/bin/v-clean-garbage
index fc354210..1a98759d 100644
--- a/bin/v-clean-garbage
+++ b/bin/v-clean-garbage
@@ -28,8 +28,8 @@ find /home/*/web/*/public_html/wp-content/aiowps_backups/ -type f -not -name ".h
 find /home/*/web/*/public_html/wp-content/envato-backups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
 find /home/*/web/*/public_html/wp-content/ai1wm-backups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
 find /home/*/web/*/public_html/wp-content/updraft/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
-find /home/*/web/*/public_html/ -type f -name "error_log" -delete
-find /home/*/web/*/public_html/ -type f -name "error_log.txt" -delete
-find /home/ -type f -name "*.log" -delete
+find /home/*/web/*/public_html/ -type f -name "error_log" -exec truncate -s 0 {} \;
+find /home/*/web/*/public_html/ -type f -name "error_log.txt" -exec truncate -s 0 {} \;
+find /home/ -type f -name "*.log" -exec truncate -s 0 {} \;
 
 echo "=== Garbage cleaned ==="

From aa85d2e58177f32f84f91cd837e032db9ef33bb8 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 25 Dec 2021 13:36:08 +0100
Subject: [PATCH 1670/2300] Update install-softaculous.sh

---
 src/deb/for-download/tools/install-softaculous.sh | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/deb/for-download/tools/install-softaculous.sh b/src/deb/for-download/tools/install-softaculous.sh
index ba586930..b209c68d 100644
--- a/src/deb/for-download/tools/install-softaculous.sh
+++ b/src/deb/for-download/tools/install-softaculous.sh
@@ -15,7 +15,7 @@ rm -rf /usr/local/vesta/web/softaculous/
 
 apt update
 
-apt install --reinstall vesta-php
+# apt install --reinstall vesta-php
 
 apt install --reinstall vesta-ioncube vesta-softaculous
 
@@ -28,7 +28,11 @@ if [ -f "/usr/local/vesta/web/inc/login_url.php-bak" ]; then
     mv /usr/local/vesta/web/inc/login_url.php-bak /usr/local/vesta/web/inc/login_url.php
 fi
 
+echo ""
+echo ""
 echo "=== Softaculous installation done ==="
+echo ""
 echo "Wait for about 5 minutes so softaculous-cron download all packages."
 echo "You can check if it is still downloading packages by running command:"
-echo 'ps -Af | grep "cron.php"  | grep -v "grep"'
+echo 'ps -Af | grep "cron.php" | grep -v "grep"'
+echo ""

From 91fe4bc7c5f90a1fd692e10b5f7da9012d23d176 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 9 Jan 2022 14:43:45 +0100
Subject: [PATCH 1671/2300] Exclude /var/log/apt/* while cleaning garbage

---
 bin/v-clean-garbage | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-clean-garbage b/bin/v-clean-garbage
index 1a98759d..ccee5fb5 100644
--- a/bin/v-clean-garbage
+++ b/bin/v-clean-garbage
@@ -7,7 +7,7 @@ rm /var/backups/*
 rm /var/cache/apt/archives/*
 cd /var/log
 truncate -s 0 xferlog lastlog faillog btmp syslog;
-find /var/log/ -name "*.log" -type f -exec truncate -s 0 {} \;
+find /var/log/ -name "*.log" -not -path "/var/log/apt/*" -type f -exec truncate -s 0 {} \;
 find /var/log/ -name "*.err" -type f -exec truncate -s 0 {} \;
 find /var/log/ -name "errors" -type f -exec truncate -s 0 {} \;
 find /var/log/ -name "*.info" -type f -exec truncate -s 0 {} \;

From d30c9f584e455fe0175fc4da0dd329e09eca2654 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 22 Jan 2022 16:15:24 +0100
Subject: [PATCH 1672/2300] Update install-new-roundcube.sh

---
 src/deb/for-download/tools/install-new-roundcube.sh | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/src/deb/for-download/tools/install-new-roundcube.sh b/src/deb/for-download/tools/install-new-roundcube.sh
index 95e1d1cd..ff218ccb 100644
--- a/src/deb/for-download/tools/install-new-roundcube.sh
+++ b/src/deb/for-download/tools/install-new-roundcube.sh
@@ -155,6 +155,18 @@ echo "-------------------------------------"
 echo ""
 echo "=== When you click 'Initialize database' button (and see DB Write: OK), you can consider the installation as done."
 read -p "=== Then press Enter here, and this script will remove /home/$USER/web/$DOMAIN/public_html/installer folder ==="
+
+if [ ! -f "/home/$USER/web/$DOMAIN/public_html/config/config.inc.php" ]; then
+    echo "=== ERROR: You didn't finish the installation."
+    echo "=== Please read carefully what is written above."
+    read -p "=== Then press Enter when you finish installation ==="
+fi
+if [ ! -f "/home/$USER/web/$DOMAIN/public_html/config/config.inc.php" ]; then
+    echo "=== ERROR: You didn't finish the installation."
+    echo "=== Sorry, the script will exit now."
+    exit 1;
+fi
+
 rm -rf /home/$USER/web/$DOMAIN/public_html/installer
 
 if [ -d "/home/$USER/web/$DOMAIN/public_html/plugins/password" ]; then

From e91976613c9921e7270ec4dd52ae1dd7bcc844c6 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 23 Jan 2022 15:41:28 +0100
Subject: [PATCH 1673/2300] mysql8 create user, set password, grant

---
 func/db.sh      | 125 ++++++++++++++++++++++++++++++++++++++----------
 func/rebuild.sh |  18 ++++---
 2 files changed, 113 insertions(+), 30 deletions(-)

diff --git a/func/db.sh b/func/db.sh
index 1373d741..deb9e5b8 100644
--- a/func/db.sh
+++ b/func/db.sh
@@ -202,21 +202,57 @@ decrease_dbhost_values() {
 add_mysql_database() {
     mysql_connect $host
 
+    mysql_ver_sub=$(echo $mysql_ver |cut -d '.' -f1)
+    mysql_ver_sub_sub=$(echo $mysql_ver |cut -d '.' -f2)
+
     query="CREATE DATABASE \`$database\` CHARACTER SET $charset"
     mysql_query "$query" > /dev/null
 
-    query="GRANT ALL ON \`$database\`.* TO \`$dbuser\`@\`%\`
-        IDENTIFIED BY '$dbpass'"
-    mysql_query "$query" > /dev/null
+    if [ "$mysql_fork" = "mysql" ] && [ "$mysql_ver_sub" -ge 8 ] ; then
+        query="CREATE USER \`$dbuser\`@\`%\`
+            IDENTIFIED BY '$dbpass'"
+        mysql_query "$query" > /dev/null
 
-    query="GRANT ALL ON \`$database\`.* TO \`$dbuser\`@localhost
-        IDENTIFIED BY '$dbpass'"
-    mysql_query "$query" > /dev/null
+        query="CREATE USER \`$dbuser\`@localhost
+            IDENTIFIED BY '$dbpass'"
+        mysql_query "$query" > /dev/null
 
-    if [ "$(echo $mysql_ver |cut -d '.' -f2)" -ge 7 ]; then
-        md5=$(mysql_query "SHOW CREATE USER \`$dbuser\`" 2>/dev/null)
-        md5=$(echo "$md5" |grep password |cut -f8 -d \')
+        query="GRANT ALL ON \`$database\`.* TO \`$dbuser\`@\`%\`"
+        mysql_query "$query" > /dev/null
+
+        query="GRANT ALL ON \`$database\`.* TO \`$dbuser\`@localhost"
+        mysql_query "$query" > /dev/null
     else
+        query="GRANT ALL ON \`$database\`.* TO \`$dbuser\`@\`%\`
+            IDENTIFIED BY '$dbpass'"
+        mysql_query "$query" > /dev/null
+
+        query="GRANT ALL ON \`$database\`.* TO \`$dbuser\`@localhost
+            IDENTIFIED BY '$dbpass'"
+        mysql_query "$query" > /dev/null
+    fi
+
+    if [ "$mysql_fork" = "mysql" ]; then
+        # mysql
+        if [ "$mysql_ver_sub" -ge 8 ] || { [ "$mysql_ver_sub" -eq 5 ] && [ "$mysql_ver_sub_sub" -ge 7 ]; } then
+            if [ "$mysql_ver_sub" -ge 8 ]; then
+                # mysql >= 8
+                md5=$(mysql_query "SHOW CREATE USER \`$dbuser\`" 2>/dev/null)
+                # echo $md5
+                md5=$(echo "$md5" |grep password |cut -f4 -d \')
+                # echo $md5
+            else
+                # mysql < 8
+                md5=$(mysql_query "SHOW CREATE USER \`$dbuser\`" 2>/dev/null)
+                md5=$(echo "$md5" |grep password |cut -f8 -d \')
+            fi
+        else
+            # mysql < 5.7
+            md5=$(mysql_query "SHOW GRANTS FOR \`$dbuser\`" 2>/dev/null)
+            md5=$(echo "$md5" |grep PASSW|tr ' ' '\n' |tail -n1 |cut -f 2 -d \')
+        fi
+    else
+        # mariadb
         md5=$(mysql_query "SHOW GRANTS FOR \`$dbuser\`" 2>/dev/null)
         md5=$(echo "$md5" |grep PASSW|tr ' ' '\n' |tail -n1 |cut -f 2 -d \')
     fi
@@ -267,22 +303,63 @@ get_database_values() {
 # Change MySQL database password
 change_mysql_password() {
     mysql_connect $HOST
-    query="GRANT ALL ON \`$database\`.* TO \`$DBUSER\`@\`%\`
-        IDENTIFIED BY '$dbpass'"
-    mysql_query "$query" > /dev/null
-
-    query="GRANT ALL ON \`$database\`.* TO \`$DBUSER\`@localhost
-        IDENTIFIED BY '$dbpass'"
-    mysql_query "$query" > /dev/null
     
-if [ "$(echo $mysql_ver |cut -d '.' -f2)" -ge 7 ]; then
- 
-    md5=$(mysql_query "SHOW CREATE USER \`$DBUSER\`" 2>/dev/null)
-    md5=$(echo "$md5" |grep password |cut -f8 -d \')
-else
-    md5=$(mysql_query "SHOW GRANTS FOR \`$DBUSER\`" 2>/dev/null)
-    md5=$(echo "$md5" |grep PASSW|tr ' ' '\n' |tail -n1 |cut -f 2 -d \')
-fi
+    mysql_ver_sub=$(echo $mysql_ver |cut -d '.' -f1)
+    mysql_ver_sub_sub=$(echo $mysql_ver |cut -d '.' -f2)
+
+    if [ "$mysql_fork" = "mysql" ]; then
+        # mysql
+        if [ "$mysql_ver_sub" -ge 8 ]; then
+            # mysql >= 8
+            query="SET PASSWORD FOR \`$DBUSER\`@\`%\` = '$dbpass'"
+            mysql_query "$query" > /dev/null
+            query="SET PASSWORD FOR \`$DBUSER\`@localhost = '$dbpass'"
+            mysql_query "$query" > /dev/null
+        else
+            # mysql < 8
+            query="GRANT ALL ON \`$database\`.* TO \`$DBUSER\`@\`%\`
+                IDENTIFIED BY '$dbpass'"
+            mysql_query "$query" > /dev/null
+
+            query="GRANT ALL ON \`$database\`.* TO \`$DBUSER\`@localhost
+                IDENTIFIED BY '$dbpass'"
+            mysql_query "$query" > /dev/null
+        fi
+    else
+        # mariadb
+        query="GRANT ALL ON \`$database\`.* TO \`$DBUSER\`@\`%\`
+            IDENTIFIED BY '$dbpass'"
+        mysql_query "$query" > /dev/null
+
+        query="GRANT ALL ON \`$database\`.* TO \`$DBUSER\`@localhost
+            IDENTIFIED BY '$dbpass'"
+        mysql_query "$query" > /dev/null
+    fi
+
+    if [ "$mysql_fork" = "mysql" ]; then
+        # mysql
+        if [ "$mysql_ver_sub" -ge 8 ] || { [ "$mysql_ver_sub" -eq 5 ] && [ "$mysql_ver_sub_sub" -ge 7 ]; } then
+            if [ "$mysql_ver_sub" -ge 8 ]; then
+                # mysql >= 8
+                md5=$(mysql_query "SHOW CREATE USER \`$DBUSER\`" 2>/dev/null)
+                # echo $md5
+                md5=$(echo "$md5" |grep password |cut -f4 -d \')
+                # echo $md5
+            else
+                # mysql < 8
+                md5=$(mysql_query "SHOW CREATE USER \`$DBUSER\`" 2>/dev/null)
+                md5=$(echo "$md5" |grep password |cut -f8 -d \')
+            fi
+        else
+            # mysql < 5.7
+            md5=$(mysql_query "SHOW GRANTS FOR \`$DBUSER\`" 2>/dev/null)
+            md5=$(echo "$md5" |grep PASSW|tr ' ' '\n' |tail -n1 |cut -f 2 -d \')
+        fi
+    else
+        # mariadb
+        md5=$(mysql_query "SHOW GRANTS FOR \`$DBUSER\`" 2>/dev/null)
+        md5=$(echo "$md5" |grep PASSW|tr ' ' '\n' |tail -n1 |cut -f 2 -d \')
+    fi
 }
 
 # Change PostgreSQL database password
diff --git a/func/rebuild.sh b/func/rebuild.sh
index eeef03ee..b4a5f73d 100644
--- a/func/rebuild.sh
+++ b/func/rebuild.sh
@@ -556,12 +556,15 @@ rebuild_mysql_database() {
     mysql_query "CREATE DATABASE \`$DB\` CHARACTER SET $CHARSET" >/dev/null
     if [ "$mysql_fork" = "mysql" ]; then
         # mysql
-        if [ "$(echo $mysql_ver |cut -d '.' -f2)" -ge 7 ]; then
+        mysql_ver_sub=$(echo $mysql_ver |cut -d '.' -f1)
+        mysql_ver_sub_sub=$(echo $mysql_ver |cut -d '.' -f2)
+        if [ "$mysql_ver_sub" -ge 8 ] || { [ "$mysql_ver_sub" -eq 5 ] && [ "$mysql_ver_sub_sub" -ge 7 ]; } then
             # mysql >= 5.7
-            mysql_query "CREATE USER IF NOT EXISTS \`$DBUSER\`" > /dev/null
-            mysql_query "CREATE USER IF NOT EXISTS \`$DBUSER\`@localhost" > /dev/null
-            query="UPDATE mysql.user SET authentication_string='$MD5'"
-            query="$query WHERE User='$DBUSER'"
+            # if [ "$mysql_ver_sub" -eq 5 ] && [ "$mysql_ver_sub_sub" -ge 7 ]; then
+                mysql_query "CREATE USER IF NOT EXISTS \`$DBUSER\`" > /dev/null
+                mysql_query "CREATE USER IF NOT EXISTS \`$DBUSER\`@localhost" > /dev/null
+                query="UPDATE mysql.user SET authentication_string='$MD5'"
+                query="$query WHERE User='$DBUSER'"
         else
             # mysql < 5.7
             query="UPDATE mysql.user SET Password='$MD5' WHERE User='$DBUSER'"
@@ -579,10 +582,13 @@ rebuild_mysql_database() {
             # mariadb = 10
             mysql_query "CREATE USER IF NOT EXISTS \`$DBUSER\`" > /dev/null
             mysql_query "CREATE USER IF NOT EXISTS \`$DBUSER\`@localhost" > /dev/null
-            query="UPDATE mysql.user SET Password='$MD5' WHERE User='$DBUSER'"
             if [ "$mysql_ver_sub_sub" -ge 4 ]; then
+                # mariadb >= 10.4
                 query="SET PASSWORD FOR '$DBUSER'@'%' = '$MD5';"
                 query2="SET PASSWORD FOR '$DBUSER'@'localhost' = '$MD5';"
+            else
+                # mariadb < 10.4
+                query="UPDATE mysql.user SET Password='$MD5' WHERE User='$DBUSER'"
             fi
         fi
     fi

From f0f28da12e886c3a284d4e304a767c35dd5ffd74 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 23 Jan 2022 23:46:17 +0100
Subject: [PATCH 1674/2300] phpmyadmin installer mysql8 suppodrt

---
 install/debian/10/pma/pma.sh | 10 ++++++++++
 install/debian/11/pma/pma.sh | 10 ++++++++++
 2 files changed, 20 insertions(+)

diff --git a/install/debian/10/pma/pma.sh b/install/debian/10/pma/pma.sh
index eb4be110..f04f3f8e 100644
--- a/install/debian/10/pma/pma.sh
+++ b/install/debian/10/pma/pma.sh
@@ -146,12 +146,22 @@ CREATE DATABASE $PMADB;
 MYSQL_PMA2
 
 #GRANT PMA USE SOME RIGHTS
+if [ ! -f "/etc/apt/sources.list.d/mysql.list" ]; then
+# MariaDB
 mysql -uroot <
Date: Mon, 24 Jan 2022 20:41:48 +0100
Subject: [PATCH 1675/2300] Detection of MySQL 8 in v-list-sys-services

---
 bin/v-list-sys-services | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-list-sys-services b/bin/v-list-sys-services
index b7a9f351..cddb59be 100755
--- a/bin/v-list-sys-services
+++ b/bin/v-list-sys-services
@@ -297,7 +297,7 @@ if [ ! -z "$DB_SYSTEM" ] && [ "$DB_SYSTEM" != 'remote' ]; then
         if [ "$service" = 'mysql' ]; then
             proc_name='mysqld'
             release=$(cat /etc/debian_version | tr "." "\n" | head -n1)
-            if [ "$release" -eq 11 ]; then
+            if [ "$release" -eq 11 ] && [ ! -f "/etc/apt/sources.list.d/mysql.list" ]; then
                 service='mariadb'
                 proc_name='mariadbd'
             fi

From 9090a21bc7aa2fee1b33d6d17dfe6212a21e186d Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 24 Jan 2022 20:43:41 +0100
Subject: [PATCH 1676/2300] MySQL 8 support as installer option

---
 install/vst-install-debian.sh | 437 ++++++++++++++++++++++------------
 1 file changed, 287 insertions(+), 150 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index a90414e0..f4920005 100755
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# myVesta Debian installer v.05
+# myVesta Debian installer v 0.9
 
 #----------------------------------------------------------#
 #                  Variables&Functions                     #
@@ -89,7 +89,8 @@ help() {
   -v, --vsftpd            Install Vsftpd        [yes|no]  default: no
   -j, --proftpd           Install ProFTPD       [yes|no]  default: yes
   -k, --named             Install Bind          [yes|no]  default: yes
-  -m, --mysql             Install MySQL         [yes|no]  default: yes
+  -m, --mysql             Install MariaDB       [yes|no]  default: yes
+  -d, --mysql8            Install MySQL 8       [yes|no]  default: no
   -g, --postgresql        Install PostgreSQL    [yes|no]  default: no
   -x, --exim              Install Exim          [yes|no]  default: yes
   -z, --dovecot           Install Dovecot       [yes|no]  default: yes
@@ -159,6 +160,25 @@ set_default_lang() {
     fi
 }
 
+ensure_startup() {
+    echo "- making sure startup is enabled for: $1"
+    currentservice=$1
+    unit_files="$(systemctl list-unit-files |grep $currentservice)"
+    if [[ "$unit_files" =~ "disabled" ]]; then
+        systemctl enable $currentservice
+    fi
+}
+
+ensure_start() {
+    echo "- making sure $1 is started"
+    currentservice=$1
+    systemctl status $currentservice.service > /dev/null 2>&1
+    r=$?
+    if [ $r -ne 0 ]; then
+        systemctl start $currentservice
+        check_result $? "$currentservice start failed"
+    fi
+}
 
 #----------------------------------------------------------#
 #                    Verifications                         #
@@ -178,6 +198,7 @@ for arg; do
         --proftpd)              args="${args}-j " ;;
         --named)                args="${args}-k " ;;
         --mysql)                args="${args}-m " ;;
+        --mysql8)               args="${args}-d " ;;
         --postgresql)           args="${args}-g " ;;
         --mongodb)              args="${args}-d " ;;
         --exim)                 args="${args}-x " ;;
@@ -213,7 +234,8 @@ while getopts "a:n:w:v:j:k:m:g:d:x:z:c:t:i:b:r:o:q:l:y:s:e:p:u:1:fh" Option; do
         v) vsftpd=$OPTARG ;;            # Vsftpd
         j) proftpd=$OPTARG ;;           # Proftpd
         k) named=$OPTARG ;;             # Named
-        m) mysql=$OPTARG ;;             # MySQL
+        m) mysql=$OPTARG ;;             # MariaDB
+        d) mysql8=$OPTARG ;;            # MySQL8
         g) postgresql=$OPTARG ;;        # PostgreSQL
         d) mongodb=$OPTARG ;;           # MongoDB (unsupported)
         x) exim=$OPTARG ;;              # Exim
@@ -246,6 +268,7 @@ set_default_value 'vsftpd' 'no'
 set_default_value 'proftpd' 'yes'
 set_default_value 'named' 'yes'
 set_default_value 'mysql' 'yes'
+set_default_value 'mysql8' 'no'
 set_default_value 'postgresql' 'no'
 set_default_value 'mongodb' 'no'
 set_default_value 'exim' 'yes'
@@ -280,6 +303,9 @@ fi
 if [ "$iptables" = 'no' ]; then
     fail2ban='no'
 fi
+if [ "$mysql8" = 'yes' ]; then
+    mysql='no'
+fi
 
 # Checking root permissions
 if [ "x$(id -u)" != 'x0' ]; then
@@ -412,7 +438,10 @@ fi
 
 # DB stack
 if [ "$mysql" = 'yes' ]; then
-    echo '   - MySQL Database server'
+    echo '   - MariaDB Database server'
+fi
+if [ "$mysql8" = 'yes' ]; then
+    echo '   - MySQL 8 Database server'
 fi
 if [ "$postgresql" = 'yes' ]; then
     echo '   - PostgreSQL Database server'
@@ -519,8 +548,8 @@ sleep 5
 #                      Checking swap                       #
 #----------------------------------------------------------#
 
-# Checking swap on small instances
 if [ -z "$(swapon -s)" ] && [ $memory -lt 1000000 ]; then
+    echo "== Checking swap on small instances"
     fallocate -l 1G /swapfile
     chmod 600 /swapfile
     mkswap /swapfile
@@ -533,19 +562,17 @@ fi
 #                   Install repository                     #
 #----------------------------------------------------------#
 
-# Updating system
+echo "=== Updating system (apt-get -y upgrade)"
 apt-get -y upgrade
 check_result $? 'apt-get upgrade failed'
 
-# Installing nginx repo
+echo "=== Installing nginx repo"
 apt=/etc/apt/sources.list.d
-# if [ "$release" -ne 11 ]; then
-    echo "deb http://nginx.org/packages/debian/ $codename nginx" > $apt/nginx.list
-    wget http://nginx.org/keys/nginx_signing.key -O /tmp/nginx_signing.key
-    apt-key add /tmp/nginx_signing.key
-# fi
+echo "deb http://nginx.org/packages/debian/ $codename nginx" > $apt/nginx.list
+wget http://nginx.org/keys/nginx_signing.key -O /tmp/nginx_signing.key
+apt-key add /tmp/nginx_signing.key
 
-# Installing vesta repo
+echo "=== Installing myVesta repo"
 echo "deb http://$RHOST/$codename/ $codename vesta" > $apt/vesta.list
 wget $CHOST/deb_signing.key -O deb_signing.key
 apt-key add deb_signing.key
@@ -566,12 +593,13 @@ fi
 #                         Backup                           #
 #----------------------------------------------------------#
 
-# Creating backup directory tree
+echo "=== Creating backup directory tree"
 mkdir -p $vst_backups
 cd $vst_backups
 mkdir nginx apache2 php php5 php5-fpm vsftpd proftpd bind exim4 dovecot clamd
 mkdir spamassassin mysql postgresql mongodb vesta
 
+echo "=== Backing up old configs"
 # Backing up Nginx configuration
 service nginx stop > /dev/null 2>&1
 cp -r /etc/nginx/* $vst_backups/nginx >/dev/null 2>&1
@@ -689,9 +717,47 @@ if [ "$mysql" = 'no' ]; then
     software=$(echo "$software" | sed -e 's/mysql-server//')
     software=$(echo "$software" | sed -e 's/mysql-client//')
     software=$(echo "$software" | sed -e 's/mysql-common//')
+    software=$(echo "$software" | sed -e 's/mariadb-server//')
+    software=$(echo "$software" | sed -e 's/mariadb-client//')
+    software=$(echo "$software" | sed -e 's/mariadb-common//')
     software=$(echo "$software" | sed -e 's/php5-mysql//')
     software=$(echo "$software" | sed -e 's/php-mysql//')
     software=$(echo "$software" | sed -e 's/phpMyAdmin//')
+    software=$(echo "$software" | sed -e 's/phpmyadmin//')
+    software=$(echo "$software" | sed -e 's/roundcube-mysql//')
+fi
+if [ "$mysql8" = 'yes' ]; then
+    echo "=== Preparing MySQL 8 apt repo"
+    software=$(echo "$software" | sed -e 's/exim4-daemon-heavy//')
+    software=$(echo "$software" | sed -e 's/exim4//')
+    #software="$software php-mysql roundcube-mysql"
+    echo "### THIS FILE IS AUTOMATICALLY CONFIGURED ###" > /etc/apt/sources.list.d/mysql.list
+    echo "# You may comment out entries below, but any other modifications may be lost." >> /etc/apt/sources.list.d/mysql.list
+    echo "# Use command 'dpkg-reconfigure mysql-apt-config' as root for modifications." >> /etc/apt/sources.list.d/mysql.list
+    echo "deb http://repo.mysql.com/apt/debian/ $codename mysql-apt-config" >> /etc/apt/sources.list.d/mysql.list
+    echo "deb http://repo.mysql.com/apt/debian/ $codename mysql-8.0" >> /etc/apt/sources.list.d/mysql.list
+    echo "deb http://repo.mysql.com/apt/debian/ $codename mysql-tools" >> /etc/apt/sources.list.d/mysql.list
+    echo "#deb http://repo.mysql.com/apt/debian/ $codename mysql-tools-preview" >> /etc/apt/sources.list.d/mysql.list
+    echo "deb-src http://repo.mysql.com/apt/debian/ $codename mysql-8.0" >> /etc/apt/sources.list.d/mysql.list
+
+    # apt-key adv --keyserver pgp.mit.edu --recv-keys 3A79BD29
+    key="467B942D3A79BD29"
+    readonly key
+    GNUPGHOME="$(mktemp -d)"
+    export GNUPGHOME
+    for keyserver in $(shuf -e ha.pool.sks-keyservers.net hkp://p80.pool.sks-keyservers.net:80 keyserver.ubuntu.com hkp://keyserver.ubuntu.com:80)
+    do
+        gpg --keyserver "${keyserver}" --recv-keys "${key}" 2>&1 && break
+    done
+    gpg --export "${key}" > /etc/apt/trusted.gpg.d/mysql.gpg
+    gpgconf --kill all
+    rm -rf "${GNUPGHOME}"
+    unset GNUPGHOME
+    
+    mpass=$(gen_pass)
+    debconf-set-selections <<< "mysql-community-server mysql-community-server/root-pass password $mpass"
+    debconf-set-selections <<< "mysql-community-server mysql-community-server/re-root-pass password $mpass"
+    debconf-set-selections <<< "mysql-community-server mysql-server/default-auth-override select Use Legacy Authentication Method (Retain MySQL 5.x Compatibility)"
 fi
 if [ "$postgresql" = 'no' ]; then
     software=$(echo "$software" | sed -e 's/postgresql-contrib//')
@@ -713,17 +779,42 @@ fi
 #----------------------------------------------------------#
 
 # Update system packages
+echo "=== Running: apt-get update"
 apt-get update
 
-# Disable daemon autostart /usr/share/doc/sysv-rc/README.policy-rc.d.gz
+echo "=== Disable daemon autostart /usr/share/doc/sysv-rc/README.policy-rc.d.gz"
 echo -e '#!/bin/sh \nexit 101' > /usr/sbin/policy-rc.d
 chmod a+x /usr/sbin/policy-rc.d
 
-# Install apt packages
+if [ "$mysql8" = 'yes' ]; then
+    echo "=== Installing MySQL 8"
+    apt-get -y install mysql-server mysql-client mysql-common
+    #update-rc.d mysql defaults
+    currentservice='mysql'
+    ensure_startup $currentservice
+    ensure_start $currentservice
+    echo -e "[client]\npassword='$mpass'\n" > /root/.my.cnf
+    chmod 600 /root/.my.cnf
+    mysqladmin -u root password $mpass
+fi
+
+echo "=== Installing all apt packages"
+# echo "apt-get -y install $software"
 apt-get -y install $software
+
 check_result $? "apt-get install failed"
 
-# Restore  policy
+if [ "$mysql8" = 'yes' ]; then
+    if [ "$exim" = 'yes' ]; then
+        echo "=== Installing exim4"
+        apt-get -y install exim4 exim4-daemon-heavy
+    fi
+    echo "=== Installing phpmyadmin"
+    #apt-get -y --no-install-recommends install phpmyadmin
+    apt-get -y install phpmyadmin
+fi
+
+echo "=== Enabling daemon autostart"
 rm -f /usr/sbin/policy-rc.d
 
 
@@ -731,21 +822,21 @@ rm -f /usr/sbin/policy-rc.d
 #                     Configure system                     #
 #----------------------------------------------------------#
 
-# Enable SSH password auth
+echo "== Enable SSH password auth"
 sed -i "s/rdAuthentication no/rdAuthentication yes/g" /etc/ssh/sshd_config
-service ssh restart
+systemctl restart ssh
 
-# Disable awstats cron
+echo "== Disable awstats cron"
 rm -f /etc/cron.d/awstats
 
-# Set directory color
+echo "== Set directory color"
 echo 'LS_COLORS="$LS_COLORS:di=00;33"' >> /etc/profile
 
-# Register /sbin/nologin and /usr/sbin/nologin
+echo "== Register /sbin/nologin and /usr/sbin/nologin"
 echo "/sbin/nologin" >> /etc/shells
 echo "/usr/sbin/nologin" >> /etc/shells
 
-# NTP Synchronization
+echo "== NTP Synchronization"
 echo '#!/bin/sh' > /etc/cron.daily/ntpdate
 echo "$(which ntpdate) -s pool.ntp.org" >> /etc/cron.daily/ntpdate
 chmod 775 /etc/cron.daily/ntpdate
@@ -766,12 +857,12 @@ fi
 #                     Configure VESTA                      #
 #----------------------------------------------------------#
 
-# Installing sudo configuration
+echo "== Installing sudo configuration"
 mkdir -p /etc/sudoers.d
 cp -f $vestacp/sudo/admin /etc/sudoers.d/
 chmod 440 /etc/sudoers.d/admin
 
-# Configuring system env
+echo "== Configuring system env"
 echo "export VESTA='$VESTA'" > /etc/profile.d/vesta.sh
 chmod 755 /etc/profile.d/vesta.sh
 source /etc/profile.d/vesta.sh
@@ -779,10 +870,10 @@ echo 'PATH=$PATH:'$VESTA'/bin' >> /root/.bash_profile
 echo 'export PATH' >> /root/.bash_profile
 source /root/.bash_profile
 
-# Configuring logrotate for Vesta logs
+echo "== Copying logrotate for myVesta logs"
 cp -f $vestacp/logrotate/vesta /etc/logrotate.d/
 
-# Building directory tree and creating some blank files for vesta
+echo "== Building directory tree and creating some blank files for myVesta"
 mkdir -p $VESTA/conf $VESTA/log $VESTA/ssl $VESTA/data/ips \
     $VESTA/data/queue $VESTA/data/users $VESTA/data/firewall \
     $VESTA/data/sessions
@@ -797,7 +888,7 @@ rm -f /var/log/vesta
 ln -s $VESTA/log /var/log/vesta
 chmod 770 $VESTA/data/sessions
 
-# Generating vesta configuration
+echo "== Generating vesta.conf"
 rm -f $VESTA/conf/vesta.conf 2>/dev/null
 touch $VESTA/conf/vesta.conf
 chmod 660 $VESTA/conf/vesta.conf
@@ -891,14 +982,14 @@ echo "LANGUAGE='$lang'" >> $VESTA/conf/vesta.conf
 # Version
 echo "VERSION='0.9.8'" >> $VESTA/conf/vesta.conf
 
-# Installing hosting packages
+echo "== Copying packages"
 cp -rf $vestacp/packages $VESTA/data/
 
-# Installing templates
+echo "== Copying templates"
 cp -rf $vestacp/templates $VESTA/data/
 
 if [ "$release" -eq 10 ]; then
-    # Symlink missing templates
+    echo "== Symlink missing templates"
     ln -s /usr/local/vesta/data/templates/web/nginx/hosting.sh /usr/local/vesta/data/templates/web/nginx/default.sh
     ln -s /usr/local/vesta/data/templates/web/nginx/hosting.tpl /usr/local/vesta/data/templates/web/nginx/default.tpl
     ln -s /usr/local/vesta/data/templates/web/nginx/hosting.stpl /usr/local/vesta/data/templates/web/nginx/default.stpl
@@ -914,7 +1005,7 @@ if [ "$release" -eq 10 ]; then
     ln  -s /usr/local/vesta/data/templates/web/nginx/php-fpm/default.tpl /usr/local/vesta/data/templates/web/nginx/php-fpm/PHP-FPM-73.tpl
 fi
 if [ "$release" -eq 11 ]; then
-    # Symlink missing templates
+    echo "== Symlink missing templates"
     ln -s /usr/local/vesta/data/templates/web/nginx/hosting.sh /usr/local/vesta/data/templates/web/nginx/default.sh
     ln -s /usr/local/vesta/data/templates/web/nginx/hosting.tpl /usr/local/vesta/data/templates/web/nginx/default.tpl
     ln -s /usr/local/vesta/data/templates/web/nginx/hosting.stpl /usr/local/vesta/data/templates/web/nginx/default.stpl
@@ -930,7 +1021,7 @@ if [ "$release" -eq 11 ]; then
     ln  -s /usr/local/vesta/data/templates/web/nginx/php-fpm/default.tpl /usr/local/vesta/data/templates/web/nginx/php-fpm/PHP-FPM-74.tpl
 fi
 
-# Set nameservers
+echo "== Set nameservers address"
 sed -i "s/YOURHOSTNAME1/ns1.$servername/" /usr/local/vesta/data/packages/default.pkg
 sed -i "s/YOURHOSTNAME2/ns2.$servername/" /usr/local/vesta/data/packages/default.pkg
 sed -i "s/ns1.domain.tld/ns1.$servername/" /usr/local/vesta/data/packages/default.pkg
@@ -938,17 +1029,17 @@ sed -i "s/ns2.domain.tld/ns2.$servername/" /usr/local/vesta/data/packages/defaul
 sed -i "s/ns1.example.com/ns1.$servername/" /usr/local/vesta/data/packages/default.pkg
 sed -i "s/ns2.example.com/ns2.$servername/" /usr/local/vesta/data/packages/default.pkg
 
-# Copying index.html to default documentroot
+echo "== Copying index.html to default documentroot"
 cp $VESTA/data/templates/web/skel/public_html/index.html /var/www/
 sed -i 's/%domain%/It worked!/g' /var/www/index.html
 
-# Installing firewall rules
+echo "== Copying firewall rules"
 cp -rf $vestacp/firewall $VESTA/data/
 
-# Configuring server hostname
+echo "== Configuring server hostname: $servername"
 $VESTA/bin/v-change-sys-hostname $servername 2>/dev/null
 
-# Generating SSL certificate
+echo "== Generating myVesta unsigned SSL certificate"
 $VESTA/bin/v-generate-ssl-cert $(hostname) $email 'US' 'California' \
      'San Francisco' 'Vesta Control Panel' 'IT' > /tmp/vst.pem
 
@@ -957,7 +1048,6 @@ crt_end=$(grep -n "END CERTIFICATE-" /tmp/vst.pem |cut -f 1 -d:)
 key_start=$(grep -n "BEGIN RSA" /tmp/vst.pem |cut -f 1 -d:)
 key_end=$(grep -n  "END RSA" /tmp/vst.pem |cut -f 1 -d:)
 
-# Adding SSL certificate
 cd $VESTA/ssl
 sed -n "1,${crt_end}p" /tmp/vst.pem > certificate.crt
 sed -n "$key_start,${key_end}p" /tmp/vst.pem > certificate.key
@@ -971,6 +1061,7 @@ rm /tmp/vst.pem
 #----------------------------------------------------------#
 
 if [ "$nginx" = 'yes' ]; then
+    echo "=== Configure nginx"
     rm -f /etc/nginx/conf.d/*.conf
     cp -f $vestacp/nginx/nginx.conf /etc/nginx/
     cp -f $vestacp/nginx/status.conf /etc/nginx/conf.d/
@@ -980,9 +1071,11 @@ if [ "$nginx" = 'yes' ]; then
     cp -f $vestacp/logrotate/nginx /etc/logrotate.d/
     echo > /etc/nginx/conf.d/vesta.conf
     mkdir -p /var/log/nginx/domains
-    update-rc.d nginx defaults
-    service nginx start
-    check_result $? "nginx start failed"
+    #update-rc.d nginx defaults
+    #service nginx start
+    currentservice='nginx'
+    ensure_startup $currentservice
+    ensure_start $currentservice
 fi
 
 
@@ -991,6 +1084,7 @@ fi
 #----------------------------------------------------------#
 
 if [ "$apache" = 'yes'  ]; then
+    echo "=== Configure Apache"
     cp -f $vestacp/apache2/apache2.conf /etc/apache2/
     cp -f $vestacp/apache2/status.conf /etc/apache2/mods-enabled/
     cp -f  $vestacp/logrotate/apache2 /etc/logrotate.d/
@@ -1013,12 +1107,16 @@ if [ "$apache" = 'yes'  ]; then
     chmod a+x /var/log/apache2
     chmod 640 /var/log/apache2/access.log /var/log/apache2/error.log
     chmod 751 /var/log/apache2/domains
-    update-rc.d apache2 defaults
-    service apache2 start
-    check_result $? "apache2 start failed"
+    #update-rc.d apache2 defaults
+    #service apache2 start
+    currentservice='apache2'
+    ensure_startup $currentservice
+    ensure_start $currentservice
 else
-    update-rc.d apache2 disable >/dev/null 2>&1
-    service apache2 stop >/dev/null 2>&1
+    #update-rc.d apache2 disable >/dev/null 2>&1
+    #service apache2 stop >/dev/null 2>&1
+    systemctl disable apache2
+    systemctl stop apache2
 fi
 
 
@@ -1027,26 +1125,31 @@ fi
 #----------------------------------------------------------#
 
 if [ "$phpfpm" = 'yes' ]; then
+    echo "=== Configure PHP-FPM"
     if [ "$release" -eq 11 ]; then
         cp -f $vestacp/php-fpm/www.conf /etc/php/7.4/fpm/pool.d/www.conf
-        update-rc.d php7.4-fpm defaults
-        service php7.4-fpm start
-        check_result $? "php-fpm start failed"
+        #update-rc.d php7.4-fpm defaults
+        currentservice='php7.4-fpm'
+        ensure_startup $currentservice
+        ensure_start $currentservice
     elif [ "$release" -eq 10 ]; then
         cp -f $vestacp/php-fpm/www.conf /etc/php/7.3/fpm/pool.d/www.conf
-        update-rc.d php7.3-fpm defaults
-        service php7.3-fpm start
-        check_result $? "php-fpm start failed"
+        #update-rc.d php7.3-fpm defaults
+        currentservice='php7.3-fpm'
+        ensure_startup $currentservice
+        ensure_start $currentservice
     elif [ "$release" -eq 9 ]; then
         cp -f $vestacp/php-fpm/www.conf /etc/php/7.0/fpm/pool.d/www.conf
-        update-rc.d php7.0-fpm defaults
-        service php7.0-fpm start
-        check_result $? "php-fpm start failed"
+        #update-rc.d php7.0-fpm defaults
+        currentservice='php7.0-fpm'
+        ensure_startup $currentservice
+        ensure_start $currentservice
     else
         cp -f $vestacp/php5-fpm/www.conf /etc/php5/fpm/pool.d/www.conf
-        update-rc.d php5-fpm defaults
-        service php5-fpm start
-        check_result $? "php-fpm start failed"
+        #update-rc.d php5-fpm defaults
+        currentservice='php5-fpm'
+        ensure_startup $currentservice
+        ensure_start $currentservice
     fi
 fi
 
@@ -1055,6 +1158,7 @@ fi
 #                     Configure PHP                        #
 #----------------------------------------------------------#
 
+echo "=== Configure PHP timezone"
 ZONE=$(timedatectl 2>/dev/null|grep Timezone|awk '{print $2}')
 if [ -z "$ZONE" ]; then
     ZONE='UTC'
@@ -1070,10 +1174,12 @@ done
 #----------------------------------------------------------#
 
 if [ "$vsftpd" = 'yes' ]; then
+    echo "=== Configure VSFTPD"
     cp -f $vestacp/vsftpd/vsftpd.conf /etc/
-    update-rc.d vsftpd defaults
-    service vsftpd start
-    check_result $? "vsftpd start failed"
+    #update-rc.d vsftpd defaults
+    currentservice='vsftpd'
+    ensure_startup $currentservice
+    ensure_start $currentservice
 
     # To be deleted after release 0.9.8-18
     echo "/sbin/nologin" >> /etc/shells
@@ -1085,18 +1191,14 @@ fi
 #----------------------------------------------------------#
 
 if [ "$proftpd" = 'yes' ]; then
+    echo "=== Configure ProFTPD"
     echo "127.0.0.1 $servername" >> /etc/hosts
     cp -f $vestacp/proftpd/proftpd.conf /etc/proftpd/
     cp -f $vestacp/proftpd/tls.conf /etc/proftpd/
-    update-rc.d proftpd defaults
-    service proftpd start
-    check_result $? "proftpd start failed"
-    if [ "$release" -eq 11 ]; then
-        unit_files="$(systemctl list-unit-files |grep proftpd)"
-        if [[ "$unit_files" =~ "disabled" ]]; then
-            systemctl enable proftpd
-        fi
-    fi
+    #update-rc.d proftpd defaults
+    currentservice='proftpd'
+    ensure_startup $currentservice
+    ensure_start $currentservice
 fi
 
 
@@ -1104,34 +1206,39 @@ fi
 #                  Configure MySQL/MariaDB                 #
 #----------------------------------------------------------#
 
-if [ "$mysql" = 'yes' ]; then
-    mycnf="my-small.cnf"
-    if [ $memory -gt 1200000 ]; then
-        mycnf="my-medium.cnf"
-    fi
-    if [ $memory -gt 3900000 ]; then
-        mycnf="my-large.cnf"
-    fi
+if [ "$mysql" = 'yes' ] || [ "$mysql8" = 'yes' ]; then
+    if [ "$mysql" = 'yes' ]; then
+        echo "=== Configure MariaDB"
+        mycnf="my-small.cnf"
+        if [ $memory -gt 1200000 ]; then
+            mycnf="my-medium.cnf"
+        fi
+        if [ $memory -gt 3900000 ]; then
+            mycnf="my-large.cnf"
+        fi
 
-    # MySQL configuration
-    cp -f $vestacp/mysql/$mycnf /etc/mysql/my.cnf
-    mysql_install_db
-    update-rc.d mysql defaults
-    service mysql start
-    check_result $? "mysql start failed"
+        # MySQL configuration
+        cp -f $vestacp/mysql/$mycnf /etc/mysql/my.cnf
+        mysql_install_db
+        # update-rc.d mysql defaults
+        currentservice='mysql'
+        ensure_startup $currentservice
+        ensure_start $currentservice
 
-    # Securing MySQL installation
-    mpass=$(gen_pass)
-    mysqladmin -u root password $mpass
-    echo -e "[client]\npassword='$mpass'\n" > /root/.my.cnf
-    chmod 600 /root/.my.cnf
-    mysql -e "DELETE FROM mysql.user WHERE User=''"
-    mysql -e "DROP DATABASE test" >/dev/null 2>&1
-    mysql -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%'"
-    mysql -e "DELETE FROM mysql.user WHERE user='' or password='';"
-    mysql -e "FLUSH PRIVILEGES"
+        # Securing MySQL installation
+        mpass=$(gen_pass)
+        mysqladmin -u root password $mpass
+        echo -e "[client]\npassword='$mpass'\n" > /root/.my.cnf
+        chmod 600 /root/.my.cnf
+        mysql -e "DELETE FROM mysql.user WHERE User=''"
+        mysql -e "DROP DATABASE test" >/dev/null 2>&1
+        mysql -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%'"
+        mysql -e "DELETE FROM mysql.user WHERE user='' or password='';"
+        mysql -e "FLUSH PRIVILEGES"
+    fi
 
     # Configuring phpMyAdmin
+    echo "=== Configure phpMyAdmin"
     if [ "$release" -eq 10 ]; then
         mkdir /etc/phpmyadmin
         mkdir -p /var/lib/phpmyadmin/tmp
@@ -1148,7 +1255,7 @@ if [ "$mysql" = 'yes' ]; then
       mkdir /usr/share/phpmyadmin
       
       pma_v='4.9.7'
-      echo "(*) Installing phpMyAdmin version v$pma_v..."
+      echo "=== Installing phpMyAdmin version v$pma_v (Debian10 custom part)"
 
       cd /root/phpmyadmin
 
@@ -1183,6 +1290,7 @@ if [ "$mysql" = 'yes' ]; then
       echo "\$cfg['blowfish_secret'] = '$blowfish';" >> /etc/phpmyadmin/config.inc.php
   fi
   if [ "$release" -eq 11 ]; then
+      echo "=== Configure phpMyAdmin (Debian11 custom part)"
       # Set config and log directory
       sed -i "s|define('CONFIG_DIR', '');|define('CONFIG_DIR', '/etc/phpmyadmin/');|" /usr/share/phpmyadmin/libraries/vendor_config.php
       sed -i "s|define('TEMP_DIR', './tmp/');|define('TEMP_DIR', '/var/lib/phpmyadmin/tmp/');|" /usr/share/phpmyadmin/libraries/vendor_config.php
@@ -1205,9 +1313,12 @@ fi
 #----------------------------------------------------------#
 
 if [ "$postgresql" = 'yes' ]; then
+    echo "=== Configure PostgreSQL"
     ppass=$(gen_pass)
     cp -f $vestacp/postgresql/pg_hba.conf /etc/postgresql/*/main/
-    service postgresql restart
+    currentservice='postgresql'
+    ensure_startup $currentservice
+    ensure_start $currentservice
     sudo -u postgres psql -c "ALTER USER postgres WITH PASSWORD '$ppass'"
 
     # Configuring phpPgAdmin
@@ -1223,6 +1334,7 @@ fi
 #----------------------------------------------------------#
 
 if [ "$named" = 'yes' ]; then
+    echo "=== Configure Bind9"
     cp -f $vestacp/bind/named.conf /etc/bind/
     sed -i "s%listen-on%//listen%" /etc/bind/named.conf.options
     chown root:bind /etc/bind/named.conf
@@ -1237,9 +1349,10 @@ if [ "$named" = 'yes' ]; then
           service apparmor restart
       # fi
     fi
-    update-rc.d bind9 defaults
-    service bind9 start
-    check_result $? "bind9 start failed"
+    # update-rc.d bind9 defaults
+    currentservice='bind9'
+    ensure_startup $currentservice
+    ensure_start $currentservice
 fi
 
 #----------------------------------------------------------#
@@ -1247,6 +1360,7 @@ fi
 #----------------------------------------------------------#
 
 if [ "$exim" = 'yes' ]; then
+    echo "=== Configure Exim"
     gpasswd -a Debian-exim mail
     cp -f $vestacp/exim/exim4.conf.template /etc/exim4/
     cp -f $vestacp/exim/dnsbl.conf /etc/exim4/
@@ -1272,8 +1386,10 @@ if [ "$exim" = 'yes' ]; then
     update-rc.d -f postfix remove > /dev/null 2>&1
     service postfix stop > /dev/null 2>&1
 
-    update-rc.d exim4 defaults
-    service exim4 start
+    #update-rc.d exim4 defaults
+    currentservice='exim4'
+    ensure_startup $currentservice
+    ensure_start $currentservice
 fi
 
 
@@ -1282,13 +1398,15 @@ fi
 #----------------------------------------------------------#
 
 if [ "$dovecot" = 'yes' ]; then
+    echo "=== Configure Dovecot"
     gpasswd -a dovecot mail
     cp -rf $vestacp/dovecot /etc/
     cp -f $vestacp/logrotate/dovecot /etc/logrotate.d/
     chown -R root:root /etc/dovecot*
-    update-rc.d dovecot defaults
-    service dovecot start
-    check_result $? "dovecot start failed"
+    # update-rc.d dovecot defaults
+    currentservice='dovecot'
+    ensure_startup $currentservice
+    ensure_start $currentservice
 fi
 
 
@@ -1297,13 +1415,20 @@ fi
 #----------------------------------------------------------#
 
 if [ "$clamd" = 'yes' ]; then
+    echo "=== Configure ClamAV"
     gpasswd -a clamav mail
     gpasswd -a clamav Debian-exim
     cp -f $vestacp/clamav/clamd.conf /etc/clamav/
     mkdir -p /var/lib/clamav
     /usr/bin/freshclam
-    update-rc.d clamav-daemon defaults
-    if [ ! -d "/var/run/clamav" ]; then
+
+    # update-rc.d clamav-daemon defaults
+    currentservice='clamav-daemon'
+    ensure_startup $currentservice
+    currentservice='clamav-freshclam'
+    ensure_startup $currentservice
+    
+ if [ ! -d "/var/run/clamav" ]; then
         mkdir /var/run/clamav
     fi
     chown -R clamav:clamav /var/run/clamav
@@ -1319,13 +1444,11 @@ if [ "$clamd" = 'yes' ]; then
         wget -nv -O $clamavfolder/foxhole_all.cdb http://c.myvestacp.com/tools/clamav/foxhole_all.cdb
         chown clamav:clamav $clamavfolder/foxhole_all.cdb
     fi
-    service clamav-daemon start
-    check_result $? "clamav-daeom start failed"
     
-    systemctl status clamav-freshclam.service > /dev/null 2>&1
-    if [ $? -ne 0 ]; then
-        systemctl start clamav-freshclam.service
-    fi
+    currentservice='clamav-daemon'
+    ensure_start $currentservice
+    currentservice='clamav-freshclam'
+    ensure_start $currentservice
 fi
 
 
@@ -1334,14 +1457,12 @@ fi
 #----------------------------------------------------------#
 
 if [ "$spamd" = 'yes' ]; then
-    update-rc.d spamassassin defaults
+    echo "=== Configure SpamAssassin"
+    #update-rc.d spamassassin defaults
     sed -i "s/ENABLED=0/ENABLED=1/" /etc/default/spamassassin
-    service spamassassin start
-    check_result $? "spamassassin start failed"
-    unit_files="$(systemctl list-unit-files |grep spamassassin)"
-    if [[ "$unit_files" =~ "disabled" ]]; then
-        systemctl enable spamassassin
-    fi
+    currentservice='spamassassin'
+    ensure_startup $currentservice
+    ensure_start $currentservice
 fi
 
 
@@ -1349,7 +1470,8 @@ fi
 #                   Configure RoundCube                    #
 #----------------------------------------------------------#
 
-if [ "$exim" = 'yes' ] && [ "$mysql" = 'yes' ]; then
+if [ "$exim" = 'yes' ] && { [ "$mysql" = 'yes' ] || [ "$mysql8" = 'yes' ]; } then
+    echo "=== Configure RoundCube"
     if [ "$apache" = 'yes' ]; then
         cp -f $vestacp/roundcube/apache.conf /etc/roundcube/
         ln -s /etc/roundcube/apache.conf /etc/apache2/conf.d/roundcube.conf
@@ -1365,8 +1487,14 @@ if [ "$exim" = 'yes' ] && [ "$mysql" = 'yes' ]; then
     cp -f $vestacp/roundcube/config.inc.php /etc/roundcube/plugins/password/
     r="$(gen_pass)"
     mysql -e "CREATE DATABASE roundcube"
-    mysql -e "GRANT ALL ON roundcube.* 
-        TO roundcube@localhost IDENTIFIED BY '$r'"
+    if [ "$mysql8" = 'yes' ]; then
+        mysql -e "CREATE USER 'roundcube'@'localhost' IDENTIFIED BY '$r';"
+        mysql -e "GRANT ALL ON roundcube.* 
+            TO roundcube@localhost"
+    else
+        mysql -e "GRANT ALL ON roundcube.* 
+            TO roundcube@localhost IDENTIFIED BY '$r'"
+    fi
     sed -i "s/%password%/$r/g" /etc/roundcube/db.inc.php
     sed -i "s/localhost/$servername/g" \
         /etc/roundcube/plugins/password/config.inc.php
@@ -1415,6 +1543,7 @@ fi
 #----------------------------------------------------------#
 
 if [ "$fail2ban" = 'yes' ]; then
+    echo "=== Configure Fail2Ban"
     cp -rf $vestacp/fail2ban /etc/
     if [ "$dovecot" = 'no' ]; then
         fline=$(cat /etc/fail2ban/jail.local |grep -n dovecot-iptables -A 2)
@@ -1435,9 +1564,11 @@ if [ "$fail2ban" = 'yes' ]; then
         fline=$(echo "$fline" |grep enabled |tail -n1 |cut -f 1 -d -)
         sed -i "${fline}s/false/true/" /etc/fail2ban/jail.local
     fi 
-    update-rc.d fail2ban defaults
-    service fail2ban start
-    check_result $? "fail2ban start failed"
+    #update-rc.d fail2ban defaults
+    currentservice='fail2ban'
+    ensure_startup $currentservice
+    ensure_start $currentservice
+    echo "- leaving fail2ban config"
 fi
 
 
@@ -1445,12 +1576,13 @@ fi
 #                   Configure Admin User                   #
 #----------------------------------------------------------#
 
+echo "=== Configure Admin User"
 if [ "$release" -eq 11 ]; then
-    # Switching to sha512
+    echo "=== Switching to sha512"
     sed -i "s/yescrypt/sha512/g" /etc/pam.d/common-password
 fi
 
-# Deleting old admin user
+echo "== Deleting old admin user"
 if [ ! -z "$(grep ^admin: /etc/passwd)" ] && [ "$force" = 'yes' ]; then
     chattr -i /home/admin/conf > /dev/null 2>&1
     userdel -f admin >/dev/null 2>&1
@@ -1462,14 +1594,14 @@ if [ ! -z "$(grep ^admin: /etc/group)" ]; then
     groupdel admin > /dev/null 2>&1
 fi
 
-# Adding vesta account
+echo "== Adding vesta account"
 $VESTA/bin/v-add-user admin $vpass $email default System Administrator
 check_result $? "can't create admin user"
 $VESTA/bin/v-change-user-shell admin bash
 $VESTA/bin/v-change-user-language admin $lang
 
-# RoundCube permissions fix
-if [ "$exim" = 'yes' ] && [ "$mysql" = 'yes' ]; then
+if [ "$exim" = 'yes' ] && { [ "$mysql" = 'yes' ] || [ "$mysql8" = 'yes' ]; } then
+    echo "== RoundCube permissions fix"
     if [ ! -d "/var/log/roundcube" ]; then
         mkdir /var/log/roundcube
     fi
@@ -1479,28 +1611,30 @@ fi
 # Vesta data sessions permissions
 chown admin:admin $VESTA/data/sessions
 
-# Configuring system ips
+echo "== Configuring system ips"
 $VESTA/bin/v-update-sys-ip
 
-# Get main ip
+echo "== Get main ip"
 ip=$(ip addr|grep 'inet '|grep global|head -n1|awk '{print $2}'|cut -f1 -d/)
 local_ip=$ip
 
 # Firewall configuration
 if [ "$iptables" = 'yes' ]; then
+    echo "== Firewall configuration"
     $VESTA/bin/v-update-firewall
 fi
 
-# Get public ip
+echo "== Get public ip"
 pub_ip=$(curl -4 -s https://scripts.myvestacp.com/ip.php)
 
 if [ ! -z "$pub_ip" ] && [ "$pub_ip" != "$ip" ]; then
+    echo "== NAT detected"
     $VESTA/bin/v-change-sys-ip-nat $ip $pub_ip
     ip=$pub_ip
 fi
 
-# Configuring libapache2-mod-remoteip
 if [ "$apache" = 'yes' ] && [ "$nginx"  = 'yes' ] ; then
+    echo "== Configuring libapache2-mod-remoteip"
     cd /etc/apache2/mods-available
     echo "" > remoteip.conf
     echo "  RemoteIPHeader X-Real-IP" >> remoteip.conf
@@ -1519,30 +1653,31 @@ if [ "$apache" = 'yes' ] && [ "$nginx"  = 'yes' ] ; then
     service apache2 restart
 fi
 
-# Configuring mysql host
-if [ "$mysql" = 'yes' ]; then
-     $VESTA/bin/v-add-database-host mysql localhost root $mpass
-     # $VESTA/bin/v-add-database admin default default $(gen_pass) mysql
+if [ "$mysql" = 'yes' ] || [ "$mysql8" = 'yes' ]; then
+    echo "== Configuring mysql host"
+    $VESTA/bin/v-add-database-host mysql localhost root $mpass
+    # $VESTA/bin/v-add-database admin default default $(gen_pass) mysql
 fi
 
-# Configuring pgsql host
 if [ "$postgresql" = 'yes' ]; then
+    echo "== Configuring pgsql host"
     $VESTA/bin/v-add-database-host pgsql localhost postgres $ppass
     $VESTA/bin/v-add-database admin db db $(gen_pass) pgsql
 fi
 
-# Adding default domain
+echo "== Adding default domain"
 $VESTA/bin/v-add-domain admin $servername
 check_result $? "can't create $servername domain"
 
 if [ "$named" = 'yes' ]; then
-    # Adding ns1 and ns2 A records
+    echo "== Adding ns1 and ns2 A records"
     /usr/local/vesta/bin/v-add-dns-record 'admin' "$servername" 'ns1' 'A' "$pub_ip"
     /usr/local/vesta/bin/v-add-dns-record 'admin' "$servername" 'ns2' 'A' "$pub_ip"
 fi
 
 if [ "$release" -eq 10 ]; then
   if [ -f "/etc/php/7.3/fpm/pool.d/$servername.conf" ]; then
+    echo "== FPM pool.d $servername tweaks"
     sed -i "/^group =/c\group = www-data" /etc/php/7.3/fpm/pool.d/$servername.conf
     sed -i "/max_execution_time/c\php_admin_value[max_execution_time] = 900" /etc/php/7.3/fpm/pool.d/$servername.conf
     sed -i "/request_terminate_timeout/c\request_terminate_timeout = 900s" /etc/php/7.3/fpm/pool.d/$servername.conf
@@ -1555,6 +1690,7 @@ if [ "$release" -eq 10 ]; then
 fi
 if [ "$release" -eq 11 ]; then
   if [ -f "/etc/php/7.4/fpm/pool.d/$servername.conf" ]; then
+    echo "== FPM pool.d $servername tweaks"
     sed -i "/^group =/c\group = www-data" /etc/php/7.4/fpm/pool.d/$servername.conf
     sed -i "/max_execution_time/c\php_admin_value[max_execution_time] = 900" /etc/php/7.4/fpm/pool.d/$servername.conf
     sed -i "/request_terminate_timeout/c\request_terminate_timeout = 900s" /etc/php/7.4/fpm/pool.d/$servername.conf
@@ -1566,7 +1702,7 @@ if [ "$release" -eq 11 ]; then
   fi
 fi
 
-# Adding cron jobs
+echo "== Adding cron jobs"
 command="sudo $VESTA/bin/v-update-sys-queue disk"
 $VESTA/bin/v-add-cron-job 'admin' '15' '02' '*' '*' '*' "$command"
 command="sudo $VESTA/bin/v-update-sys-queue traffic"
@@ -1583,29 +1719,30 @@ command="sudo $VESTA/bin/v-update-sys-rrd"
 $VESTA/bin/v-add-cron-job 'admin' '*/5' '*' '*' '*' '*' "$command"
 service cron restart
 
-# Building inititall rrd images
+echo "== Building inititall rrd images"
 $VESTA/bin/v-update-sys-rrd
 
-# Enabling file system quota
 if [ "$quota" = 'yes' ]; then
+    echo "== Enabling file system quota"
     $VESTA/bin/v-add-sys-quota
 fi
 
-# Enabling softaculous plugin
+echo "== Enabling softaculous plugin"
 if [ "$softaculous" = 'yes' ]; then
     $VESTA/bin/v-add-vesta-softaculous
 fi
 
 # Starting vesta service
-update-rc.d vesta defaults
-service vesta start
-check_result $? "vesta start failed"
+#update-rc.d vesta defaults
+currentservice='vesta'
+ensure_startup $currentservice
+ensure_start $currentservice
 chown admin:admin $VESTA/data/sessions
 
-# Adding notifications
+echo "== Adding notifications"
 $VESTA/upd/add_notifications.sh
 
-# Adding cronjob for autoupdates
+echo "== Adding cronjob for autoupdates"
 $VESTA/bin/v-add-cron-vesta-autoupdate
 
 

From 5a0914b71b35999440bd00e30618dfca1d3caa44 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 24 Jan 2022 23:20:31 +0100
Subject: [PATCH 1677/2300] Update vst-install-debian.sh

---
 install/vst-install-debian.sh | 1 -
 1 file changed, 1 deletion(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index f4920005..2dbd2c11 100755
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1568,7 +1568,6 @@ if [ "$fail2ban" = 'yes' ]; then
     currentservice='fail2ban'
     ensure_startup $currentservice
     ensure_start $currentservice
-    echo "- leaving fail2ban config"
 fi
 
 

From a4251739e9b979a43e929e6be7dc71c8fd67b921 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 1 Feb 2022 16:19:16 +0100
Subject: [PATCH 1678/2300] Update install-new-roundcube.sh

---
 src/deb/for-download/tools/install-new-roundcube.sh | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/deb/for-download/tools/install-new-roundcube.sh b/src/deb/for-download/tools/install-new-roundcube.sh
index ff218ccb..2494e590 100644
--- a/src/deb/for-download/tools/install-new-roundcube.sh
+++ b/src/deb/for-download/tools/install-new-roundcube.sh
@@ -187,6 +187,11 @@ if [ "$check_grep" -eq 0 ]; then
     sed -i "s||

$LOGINMESSAGE1
$LOGINMESSAGE2

\n\n|g" /usr/share/roundcube/skins/larry/templates/login.html
 fi
 
+check_grep=$(grep -c 'MAIL_URL=' /usr/local/vesta/conf/vesta.conf)
+if [ "$check_grep" -eq 0 ]; then
+    echo "MAIL_URL='https://$DOMAIN/'" >> /usr/local/vesta/conf/vesta.conf
+fi
+
 
 echo "-------------------------------------"
 echo "Roundcube installed!"

From 29b83e7f7629a3d482e7d49bad3ce60b53eaced0 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 8 Feb 2022 11:39:03 +0100
Subject: [PATCH 1679/2300] Update install-new-roundcube.sh

---
 src/deb/for-download/tools/install-new-roundcube.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/for-download/tools/install-new-roundcube.sh b/src/deb/for-download/tools/install-new-roundcube.sh
index 2494e590..8996fa75 100644
--- a/src/deb/for-download/tools/install-new-roundcube.sh
+++ b/src/deb/for-download/tools/install-new-roundcube.sh
@@ -3,7 +3,7 @@
 USER='webmail'
 DOMAIN='' # enter domain or subdomain
 
-VERSION='1.5.1'
+VERSION='1.5.2'
 DOWNLOAD="https://github.com/roundcube/roundcubemail/releases/download/$VERSION/roundcubemail-$VERSION-complete.tar.gz"
 
 LOGINMESSAGE1='Click here for NEW Webmail'

From 8c186156fd71b8fdb97b62ff818dc73303efd2ae Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 11 Feb 2022 16:43:39 +0100
Subject: [PATCH 1680/2300] Update v-clean-garbage

---
 bin/v-clean-garbage | 1 +
 1 file changed, 1 insertion(+)

diff --git a/bin/v-clean-garbage b/bin/v-clean-garbage
index ccee5fb5..067ecd58 100644
--- a/bin/v-clean-garbage
+++ b/bin/v-clean-garbage
@@ -27,6 +27,7 @@ find /var/log/exim4/ -type f -exec truncate -s 0 {} \;
 find /home/*/web/*/public_html/wp-content/aiowps_backups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
 find /home/*/web/*/public_html/wp-content/envato-backups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
 find /home/*/web/*/public_html/wp-content/ai1wm-backups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
+find /home/*/web/*/public_html/wp-content/wpvividbackups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
 find /home/*/web/*/public_html/wp-content/updraft/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
 find /home/*/web/*/public_html/ -type f -name "error_log" -exec truncate -s 0 {} \;
 find /home/*/web/*/public_html/ -type f -name "error_log.txt" -exec truncate -s 0 {} \;

From 2f115195d4870a0cb11c92f01f8f5249ee7a05f0 Mon Sep 17 00:00:00 2001
From: Umut Korkmaz 
Date: Wed, 16 Feb 2022 20:24:10 +0300
Subject: [PATCH 1681/2300] Update v-install-wordpress

if the user reached the database limit abort the installation
---
 bin/v-install-wordpress | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/bin/v-install-wordpress b/bin/v-install-wordpress
index d558dd35..95f6f353 100644
--- a/bin/v-install-wordpress
+++ b/bin/v-install-wordpress
@@ -29,6 +29,12 @@ source /etc/profile
 source /usr/local/vesta/func/main.sh
 source /usr/local/vesta/func/db.sh
 
+
+if [[ $(is_package_full 'DATABASES') = *reached* ]]; then
+        echo "Database limit is reached. Delete database or upgrade user package."
+        exit
+fi
+
 #----------------------------------------------------------#
 #                    Verifications                         #
 #----------------------------------------------------------#

From 7331a39aceca45c2d46590ef6338cba2f83593b1 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 4 Mar 2022 18:53:06 +0100
Subject: [PATCH 1682/2300] srdb cli in v-clone-website

---
 bin/v-clone-website | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/bin/v-clone-website b/bin/v-clone-website
index 7ed3046c..93e5ffc4 100644
--- a/bin/v-clone-website
+++ b/bin/v-clone-website
@@ -222,12 +222,11 @@ fi
 
 if [ $IT_IS_WP -eq 0 ]; then
     if [ ! -f "/root/Search-Replace-DB-master/srdb.cli.php" ]; then
-        echo "Please download https://interconnectit.com/products/search-and-replace-for-wordpress-databases/ and extract to /root/Search-Replace-DB-master/"
-        exit 13
-    fi
-    if [ ! -f "/usr/bin/php7.0" ]; then
-        echo "Please download https://c.myvestacp.com/tools/multi-php-install.sh and install php 7.0"
-        exit 14
+        if [ ! -f "/usr/bin/git" ]; then
+            apt-get update > /dev/null 2>&1
+            apt-get -y install git > /dev/null 2>&1
+        fi
+        git clone https://github.com/interconnectit/Search-Replace-DB.git
     fi
 else
     if [ ! -f "/usr/local/bin/wp" ]; then
@@ -338,7 +337,7 @@ fi
 
 if [ $IT_IS_WP -eq 0 ]; then
     echo "=== Replacing $FROM_DOMAIN to $TO_DOMAIN in database $TO_DATABASE_NAME"
-    php7.0 /root/Search-Replace-DB-master/srdb.cli.php -h localhost -n "$TO_DATABASE_NAME" -u "$TO_DATABASE_USERNAME" -p "$TO_DATABASE_PASSWORD" -s "$FROM_DOMAIN" -r "$TO_DOMAIN"
+    php /root/Search-Replace-DB/srdb.cli.php -h localhost -n "$TO_DATABASE_NAME" -u "$TO_DATABASE_USERNAME" -p "$TO_DATABASE_PASSWORD" -s "$FROM_DOMAIN" -r "$TO_DOMAIN"
     if [ "$FROM_USER" != "$TO_USER" ]; then
         echo "=== Replacing /home/$FROM_USER/ to /home/$TO_USER/ in database $TO_DATABASE_NAME"
         php7.0 /root/Search-Replace-DB-master/srdb.cli.php -h localhost -n "$TO_DATABASE_NAME" -u "$TO_DATABASE_USERNAME" -p "$TO_DATABASE_PASSWORD" -s "/home/$FROM_USER/" -r "/home/$TO_USER/"

From 81b63267cfea7d3e81422d85f60ea2b96f04d1c7 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 4 Mar 2022 18:54:15 +0100
Subject: [PATCH 1683/2300] Update v-clone-website

---
 bin/v-clone-website | 1 +
 1 file changed, 1 insertion(+)

diff --git a/bin/v-clone-website b/bin/v-clone-website
index 93e5ffc4..8247d78d 100644
--- a/bin/v-clone-website
+++ b/bin/v-clone-website
@@ -226,6 +226,7 @@ if [ $IT_IS_WP -eq 0 ]; then
             apt-get update > /dev/null 2>&1
             apt-get -y install git > /dev/null 2>&1
         fi
+        cd /root
         git clone https://github.com/interconnectit/Search-Replace-DB.git
     fi
 else

From dd09dbe748e16bdcd2244ef4205d6bd1e642a69b Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 4 Mar 2022 20:30:40 +0100
Subject: [PATCH 1684/2300] Update v-clone-website

---
 bin/v-clone-website | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/bin/v-clone-website b/bin/v-clone-website
index 8247d78d..e055d1a3 100644
--- a/bin/v-clone-website
+++ b/bin/v-clone-website
@@ -221,7 +221,7 @@ fi
 # ----------- CHECK -------------
 
 if [ $IT_IS_WP -eq 0 ]; then
-    if [ ! -f "/root/Search-Replace-DB-master/srdb.cli.php" ]; then
+    if [ ! -f "/root/Search-Replace-DB/srdb.cli.php" ]; then
         if [ ! -f "/usr/bin/git" ]; then
             apt-get update > /dev/null 2>&1
             apt-get -y install git > /dev/null 2>&1
@@ -341,7 +341,7 @@ if [ $IT_IS_WP -eq 0 ]; then
     php /root/Search-Replace-DB/srdb.cli.php -h localhost -n "$TO_DATABASE_NAME" -u "$TO_DATABASE_USERNAME" -p "$TO_DATABASE_PASSWORD" -s "$FROM_DOMAIN" -r "$TO_DOMAIN"
     if [ "$FROM_USER" != "$TO_USER" ]; then
         echo "=== Replacing /home/$FROM_USER/ to /home/$TO_USER/ in database $TO_DATABASE_NAME"
-        php7.0 /root/Search-Replace-DB-master/srdb.cli.php -h localhost -n "$TO_DATABASE_NAME" -u "$TO_DATABASE_USERNAME" -p "$TO_DATABASE_PASSWORD" -s "/home/$FROM_USER/" -r "/home/$TO_USER/"
+        php /root/Search-Replace-DB/srdb.cli.php -h localhost -n "$TO_DATABASE_NAME" -u "$TO_DATABASE_USERNAME" -p "$TO_DATABASE_PASSWORD" -s "/home/$FROM_USER/" -r "/home/$TO_USER/"
     fi
 else
     cd $TO_FOLDER

From 54c3fd1e13297a6451e92c69a246763064b4069d Mon Sep 17 00:00:00 2001
From: myvesta 
Date: Fri, 11 Mar 2022 15:55:00 +0100
Subject: [PATCH 1685/2300] Blocking in nginx everything that begins with dot

---
 install/debian/10/templates/web/nginx/caching.stpl              | 2 +-
 install/debian/10/templates/web/nginx/caching.tpl               | 2 +-
 install/debian/10/templates/web/nginx/force-https-legacy.stpl   | 2 +-
 install/debian/10/templates/web/nginx/force-https-public.stpl   | 2 +-
 .../10/templates/web/nginx/force-https-webmail-phpmyadmin.stpl  | 2 +-
 install/debian/10/templates/web/nginx/force-https.stpl          | 2 +-
 install/debian/10/templates/web/nginx/hosting-legacy.stpl       | 2 +-
 install/debian/10/templates/web/nginx/hosting-legacy.tpl        | 2 +-
 install/debian/10/templates/web/nginx/hosting-public.stpl       | 2 +-
 install/debian/10/templates/web/nginx/hosting-public.tpl        | 2 +-
 .../10/templates/web/nginx/hosting-webmail-phpmyadmin.stpl      | 2 +-
 .../10/templates/web/nginx/hosting-webmail-phpmyadmin.tpl       | 2 +-
 install/debian/10/templates/web/nginx/hosting.stpl              | 2 +-
 install/debian/10/templates/web/nginx/hosting.tpl               | 2 +-
 install/debian/10/templates/web/nginx/private-force-https.stpl  | 2 +-
 install/debian/10/templates/web/nginx/private-hosting.stpl      | 2 +-
 install/debian/10/templates/web/nginx/private-hosting.tpl       | 2 +-
 install/debian/11/templates/web/nginx/caching.stpl              | 2 +-
 install/debian/11/templates/web/nginx/caching.tpl               | 2 +-
 install/debian/11/templates/web/nginx/force-https-legacy.stpl   | 2 +-
 install/debian/11/templates/web/nginx/force-https-public.stpl   | 2 +-
 .../11/templates/web/nginx/force-https-webmail-phpmyadmin.stpl  | 2 +-
 install/debian/11/templates/web/nginx/force-https.stpl          | 2 +-
 install/debian/11/templates/web/nginx/hosting-legacy.stpl       | 2 +-
 install/debian/11/templates/web/nginx/hosting-legacy.tpl        | 2 +-
 install/debian/11/templates/web/nginx/hosting-public.stpl       | 2 +-
 install/debian/11/templates/web/nginx/hosting-public.tpl        | 2 +-
 .../11/templates/web/nginx/hosting-webmail-phpmyadmin.stpl      | 2 +-
 .../11/templates/web/nginx/hosting-webmail-phpmyadmin.tpl       | 2 +-
 install/debian/11/templates/web/nginx/hosting.stpl              | 2 +-
 install/debian/11/templates/web/nginx/hosting.tpl               | 2 +-
 install/debian/11/templates/web/nginx/private-force-https.stpl  | 2 +-
 install/debian/11/templates/web/nginx/private-hosting.stpl      | 2 +-
 install/debian/11/templates/web/nginx/private-hosting.tpl       | 2 +-
 install/debian/7/templates/web/nginx/caching.stpl               | 2 +-
 install/debian/7/templates/web/nginx/caching.tpl                | 2 +-
 install/debian/7/templates/web/nginx/default.stpl               | 2 +-
 install/debian/7/templates/web/nginx/default.tpl                | 2 +-
 install/debian/7/templates/web/nginx/hosting.stpl               | 2 +-
 install/debian/7/templates/web/nginx/hosting.tpl                | 2 +-
 install/debian/7/templates/web/nginx/http2.stpl                 | 2 +-
 install/debian/7/templates/web/nginx/http2.tpl                  | 2 +-
 install/debian/8/templates/web/nginx/caching.stpl               | 2 +-
 install/debian/8/templates/web/nginx/caching.tpl                | 2 +-
 install/debian/8/templates/web/nginx/default.stpl               | 2 +-
 install/debian/8/templates/web/nginx/default.tpl                | 2 +-
 install/debian/8/templates/web/nginx/hosting.stpl               | 2 +-
 install/debian/8/templates/web/nginx/hosting.tpl                | 2 +-
 install/debian/8/templates/web/nginx/http2.stpl                 | 2 +-
 install/debian/8/templates/web/nginx/http2.tpl                  | 2 +-
 install/debian/9/templates/web/nginx/caching.stpl               | 2 +-
 install/debian/9/templates/web/nginx/caching.tpl                | 2 +-
 install/debian/9/templates/web/nginx/default.stpl               | 2 +-
 install/debian/9/templates/web/nginx/default.tpl                | 2 +-
 install/debian/9/templates/web/nginx/hosting.stpl               | 2 +-
 install/debian/9/templates/web/nginx/hosting.tpl                | 2 +-
 install/debian/9/templates/web/nginx/http2.stpl                 | 2 +-
 install/debian/9/templates/web/nginx/http2.tpl                  | 2 +-
 install/rhel/5/templates/web/nginx/caching.stpl                 | 2 +-
 install/rhel/5/templates/web/nginx/caching.tpl                  | 2 +-
 install/rhel/5/templates/web/nginx/default.stpl                 | 2 +-
 install/rhel/5/templates/web/nginx/default.tpl                  | 2 +-
 install/rhel/5/templates/web/nginx/hosting.stpl                 | 2 +-
 install/rhel/5/templates/web/nginx/hosting.tpl                  | 2 +-
 install/rhel/5/templates/web/nginx/http2.stpl                   | 2 +-
 install/rhel/5/templates/web/nginx/http2.tpl                    | 2 +-
 install/rhel/6/templates/web/nginx/caching.stpl                 | 2 +-
 install/rhel/6/templates/web/nginx/caching.tpl                  | 2 +-
 install/rhel/6/templates/web/nginx/default.stpl                 | 2 +-
 install/rhel/6/templates/web/nginx/default.tpl                  | 2 +-
 install/rhel/6/templates/web/nginx/hosting.stpl                 | 2 +-
 install/rhel/6/templates/web/nginx/hosting.tpl                  | 2 +-
 install/rhel/6/templates/web/nginx/http2.stpl                   | 2 +-
 install/rhel/6/templates/web/nginx/http2.tpl                    | 2 +-
 install/rhel/7/templates/web/nginx/caching.stpl                 | 2 +-
 install/rhel/7/templates/web/nginx/caching.tpl                  | 2 +-
 install/rhel/7/templates/web/nginx/default.stpl                 | 2 +-
 install/rhel/7/templates/web/nginx/default.tpl                  | 2 +-
 install/rhel/7/templates/web/nginx/hosting.stpl                 | 2 +-
 install/rhel/7/templates/web/nginx/hosting.tpl                  | 2 +-
 install/rhel/7/templates/web/nginx/http2.stpl                   | 2 +-
 install/rhel/7/templates/web/nginx/http2.tpl                    | 2 +-
 install/ubuntu/12.04/templates/web/nginx/caching.stpl           | 2 +-
 install/ubuntu/12.04/templates/web/nginx/caching.tpl            | 2 +-
 install/ubuntu/12.04/templates/web/nginx/default.stpl           | 2 +-
 install/ubuntu/12.04/templates/web/nginx/default.tpl            | 2 +-
 install/ubuntu/12.04/templates/web/nginx/hosting.stpl           | 2 +-
 install/ubuntu/12.04/templates/web/nginx/hosting.tpl            | 2 +-
 install/ubuntu/12.04/templates/web/nginx/http2.stpl             | 2 +-
 install/ubuntu/12.04/templates/web/nginx/http2.tpl              | 2 +-
 install/ubuntu/12.10/templates/web/nginx/caching.stpl           | 2 +-
 install/ubuntu/12.10/templates/web/nginx/caching.tpl            | 2 +-
 install/ubuntu/12.10/templates/web/nginx/default.stpl           | 2 +-
 install/ubuntu/12.10/templates/web/nginx/default.tpl            | 2 +-
 install/ubuntu/12.10/templates/web/nginx/hosting.stpl           | 2 +-
 install/ubuntu/12.10/templates/web/nginx/hosting.tpl            | 2 +-
 install/ubuntu/12.10/templates/web/nginx/http2.stpl             | 2 +-
 install/ubuntu/12.10/templates/web/nginx/http2.tpl              | 2 +-
 install/ubuntu/13.04/templates/web/nginx/caching.stpl           | 2 +-
 install/ubuntu/13.04/templates/web/nginx/caching.tpl            | 2 +-
 install/ubuntu/13.04/templates/web/nginx/default.stpl           | 2 +-
 install/ubuntu/13.04/templates/web/nginx/default.tpl            | 2 +-
 install/ubuntu/13.04/templates/web/nginx/hosting.stpl           | 2 +-
 install/ubuntu/13.04/templates/web/nginx/hosting.tpl            | 2 +-
 install/ubuntu/13.04/templates/web/nginx/http2.stpl             | 2 +-
 install/ubuntu/13.04/templates/web/nginx/http2.tpl              | 2 +-
 install/ubuntu/13.10/templates/web/nginx/caching.stpl           | 2 +-
 install/ubuntu/13.10/templates/web/nginx/caching.tpl            | 2 +-
 install/ubuntu/13.10/templates/web/nginx/default.stpl           | 2 +-
 install/ubuntu/13.10/templates/web/nginx/default.tpl            | 2 +-
 install/ubuntu/13.10/templates/web/nginx/hosting.stpl           | 2 +-
 install/ubuntu/13.10/templates/web/nginx/hosting.tpl            | 2 +-
 install/ubuntu/13.10/templates/web/nginx/http2.stpl             | 2 +-
 install/ubuntu/13.10/templates/web/nginx/http2.tpl              | 2 +-
 install/ubuntu/14.04/templates/web/nginx/caching.stpl           | 2 +-
 install/ubuntu/14.04/templates/web/nginx/caching.tpl            | 2 +-
 install/ubuntu/14.04/templates/web/nginx/default.stpl           | 2 +-
 install/ubuntu/14.04/templates/web/nginx/default.tpl            | 2 +-
 install/ubuntu/14.04/templates/web/nginx/hosting.stpl           | 2 +-
 install/ubuntu/14.04/templates/web/nginx/hosting.tpl            | 2 +-
 install/ubuntu/14.04/templates/web/nginx/http2.stpl             | 2 +-
 install/ubuntu/14.04/templates/web/nginx/http2.tpl              | 2 +-
 install/ubuntu/14.10/templates/web/nginx/caching.stpl           | 2 +-
 install/ubuntu/14.10/templates/web/nginx/caching.tpl            | 2 +-
 install/ubuntu/14.10/templates/web/nginx/default.stpl           | 2 +-
 install/ubuntu/14.10/templates/web/nginx/default.tpl            | 2 +-
 install/ubuntu/14.10/templates/web/nginx/hosting.stpl           | 2 +-
 install/ubuntu/14.10/templates/web/nginx/hosting.tpl            | 2 +-
 install/ubuntu/14.10/templates/web/nginx/http2.stpl             | 2 +-
 install/ubuntu/14.10/templates/web/nginx/http2.tpl              | 2 +-
 install/ubuntu/15.04/templates/web/nginx/caching.stpl           | 2 +-
 install/ubuntu/15.04/templates/web/nginx/caching.tpl            | 2 +-
 install/ubuntu/15.04/templates/web/nginx/default.stpl           | 2 +-
 install/ubuntu/15.04/templates/web/nginx/default.tpl            | 2 +-
 install/ubuntu/15.04/templates/web/nginx/hosting.stpl           | 2 +-
 install/ubuntu/15.04/templates/web/nginx/hosting.tpl            | 2 +-
 install/ubuntu/15.04/templates/web/nginx/http2.stpl             | 2 +-
 install/ubuntu/15.04/templates/web/nginx/http2.tpl              | 2 +-
 install/ubuntu/15.10/templates/web/nginx/caching.stpl           | 2 +-
 install/ubuntu/15.10/templates/web/nginx/caching.tpl            | 2 +-
 install/ubuntu/15.10/templates/web/nginx/default.stpl           | 2 +-
 install/ubuntu/15.10/templates/web/nginx/default.tpl            | 2 +-
 install/ubuntu/15.10/templates/web/nginx/hosting.stpl           | 2 +-
 install/ubuntu/15.10/templates/web/nginx/hosting.tpl            | 2 +-
 install/ubuntu/15.10/templates/web/nginx/http2.stpl             | 2 +-
 install/ubuntu/15.10/templates/web/nginx/http2.tpl              | 2 +-
 install/ubuntu/16.04/templates/web/nginx/caching.stpl           | 2 +-
 install/ubuntu/16.04/templates/web/nginx/caching.tpl            | 2 +-
 install/ubuntu/16.04/templates/web/nginx/default.stpl           | 2 +-
 install/ubuntu/16.04/templates/web/nginx/default.tpl            | 2 +-
 install/ubuntu/16.04/templates/web/nginx/hosting.stpl           | 2 +-
 install/ubuntu/16.04/templates/web/nginx/hosting.tpl            | 2 +-
 install/ubuntu/16.04/templates/web/nginx/http2.stpl             | 2 +-
 install/ubuntu/16.04/templates/web/nginx/http2.tpl              | 2 +-
 install/ubuntu/16.10/templates/web/nginx/caching.stpl           | 2 +-
 install/ubuntu/16.10/templates/web/nginx/caching.tpl            | 2 +-
 install/ubuntu/16.10/templates/web/nginx/default.stpl           | 2 +-
 install/ubuntu/16.10/templates/web/nginx/default.tpl            | 2 +-
 install/ubuntu/16.10/templates/web/nginx/hosting.stpl           | 2 +-
 install/ubuntu/16.10/templates/web/nginx/hosting.tpl            | 2 +-
 install/ubuntu/16.10/templates/web/nginx/http2.stpl             | 2 +-
 install/ubuntu/16.10/templates/web/nginx/http2.tpl              | 2 +-
 install/ubuntu/17.04/templates/web/nginx/caching.stpl           | 2 +-
 install/ubuntu/17.04/templates/web/nginx/caching.tpl            | 2 +-
 install/ubuntu/17.04/templates/web/nginx/default.stpl           | 2 +-
 install/ubuntu/17.04/templates/web/nginx/default.tpl            | 2 +-
 install/ubuntu/17.04/templates/web/nginx/hosting.stpl           | 2 +-
 install/ubuntu/17.04/templates/web/nginx/hosting.tpl            | 2 +-
 install/ubuntu/17.04/templates/web/nginx/http2.stpl             | 2 +-
 install/ubuntu/17.04/templates/web/nginx/http2.tpl              | 2 +-
 install/ubuntu/17.10/templates/web/nginx/caching.stpl           | 2 +-
 install/ubuntu/17.10/templates/web/nginx/caching.tpl            | 2 +-
 install/ubuntu/17.10/templates/web/nginx/default.stpl           | 2 +-
 install/ubuntu/17.10/templates/web/nginx/default.tpl            | 2 +-
 install/ubuntu/17.10/templates/web/nginx/hosting.stpl           | 2 +-
 install/ubuntu/17.10/templates/web/nginx/hosting.tpl            | 2 +-
 install/ubuntu/17.10/templates/web/nginx/http2.stpl             | 2 +-
 install/ubuntu/17.10/templates/web/nginx/http2.tpl              | 2 +-
 install/ubuntu/18.04/templates/web/nginx/caching.stpl           | 2 +-
 install/ubuntu/18.04/templates/web/nginx/caching.tpl            | 2 +-
 install/ubuntu/18.04/templates/web/nginx/default.stpl           | 2 +-
 install/ubuntu/18.04/templates/web/nginx/default.tpl            | 2 +-
 install/ubuntu/18.04/templates/web/nginx/hosting.stpl           | 2 +-
 install/ubuntu/18.04/templates/web/nginx/hosting.tpl            | 2 +-
 install/ubuntu/18.04/templates/web/nginx/http2.stpl             | 2 +-
 install/ubuntu/18.04/templates/web/nginx/http2.tpl              | 2 +-
 install/ubuntu/18.10/templates/web/nginx/caching.stpl           | 2 +-
 install/ubuntu/18.10/templates/web/nginx/caching.tpl            | 2 +-
 install/ubuntu/18.10/templates/web/nginx/default.stpl           | 2 +-
 install/ubuntu/18.10/templates/web/nginx/default.tpl            | 2 +-
 install/ubuntu/18.10/templates/web/nginx/hosting.stpl           | 2 +-
 install/ubuntu/18.10/templates/web/nginx/hosting.tpl            | 2 +-
 install/ubuntu/18.10/templates/web/nginx/http2.stpl             | 2 +-
 install/ubuntu/18.10/templates/web/nginx/http2.tpl              | 2 +-
 .../nodejs-nginx-templates/node-app-3000-no-https-force.stpl    | 2 +-
 .../nodejs-nginx-templates/node-app-3000-no-https-force.tpl     | 2 +-
 .../nodejs-nginx-templates/node-app-3000-pass-to-https.stpl     | 2 +-
 .../tools/nodejs-nginx-templates/node-app-3000.stpl             | 2 +-
 .../node-app-4000-and-websocket-6001.stpl                       | 2 +-
 .../node-app-also-handle-static-files-3000.stpl                 | 2 +-
 .../node-app-also-handle-static-files-3000.tpl                  | 2 +-
 .../force-https-firewall-burst-2-speed-2-conn-4.stpl            | 2 +-
 .../rate-limit-tpl/force-https-firewall-burst-2-speed-2.stpl    | 2 +-
 .../tools/rate-limit-tpl/force-https-firewall-burst-2.stpl      | 2 +-
 .../for-download/tools/rate-limit-tpl/force-https-firewall.stpl | 2 +-
 .../rate-limit-tpl/hosting-firewall-burst-2-speed-2-conn-4.stpl | 2 +-
 .../rate-limit-tpl/hosting-firewall-burst-2-speed-2-conn-4.tpl  | 2 +-
 .../tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2.stpl  | 2 +-
 .../tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2.tpl   | 2 +-
 .../tools/rate-limit-tpl/hosting-firewall-burst-2.stpl          | 2 +-
 .../tools/rate-limit-tpl/hosting-firewall-burst-2.tpl           | 2 +-
 src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.stpl | 2 +-
 src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.tpl  | 2 +-
 213 files changed, 213 insertions(+), 213 deletions(-)

diff --git a/install/debian/10/templates/web/nginx/caching.stpl b/install/debian/10/templates/web/nginx/caching.stpl
index 868e2fe9..2302b419 100644
--- a/install/debian/10/templates/web/nginx/caching.stpl
+++ b/install/debian/10/templates/web/nginx/caching.stpl
@@ -33,7 +33,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/10/templates/web/nginx/caching.tpl b/install/debian/10/templates/web/nginx/caching.tpl
index 36761b65..a1a89549 100644
--- a/install/debian/10/templates/web/nginx/caching.tpl
+++ b/install/debian/10/templates/web/nginx/caching.tpl
@@ -31,7 +31,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/10/templates/web/nginx/force-https-legacy.stpl b/install/debian/10/templates/web/nginx/force-https-legacy.stpl
index 01a4eea3..db3714c2 100644
--- a/install/debian/10/templates/web/nginx/force-https-legacy.stpl
+++ b/install/debian/10/templates/web/nginx/force-https-legacy.stpl
@@ -25,7 +25,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/10/templates/web/nginx/force-https-public.stpl b/install/debian/10/templates/web/nginx/force-https-public.stpl
index 22951ae5..9c11d06d 100644
--- a/install/debian/10/templates/web/nginx/force-https-public.stpl
+++ b/install/debian/10/templates/web/nginx/force-https-public.stpl
@@ -25,7 +25,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/10/templates/web/nginx/force-https-webmail-phpmyadmin.stpl b/install/debian/10/templates/web/nginx/force-https-webmail-phpmyadmin.stpl
index dac7adaf..45e05c3b 100644
--- a/install/debian/10/templates/web/nginx/force-https-webmail-phpmyadmin.stpl
+++ b/install/debian/10/templates/web/nginx/force-https-webmail-phpmyadmin.stpl
@@ -49,7 +49,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/10/templates/web/nginx/force-https.stpl b/install/debian/10/templates/web/nginx/force-https.stpl
index 4a8185c8..2abae221 100644
--- a/install/debian/10/templates/web/nginx/force-https.stpl
+++ b/install/debian/10/templates/web/nginx/force-https.stpl
@@ -25,7 +25,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/10/templates/web/nginx/hosting-legacy.stpl b/install/debian/10/templates/web/nginx/hosting-legacy.stpl
index cc0370c6..16874648 100644
--- a/install/debian/10/templates/web/nginx/hosting-legacy.stpl
+++ b/install/debian/10/templates/web/nginx/hosting-legacy.stpl
@@ -25,7 +25,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/10/templates/web/nginx/hosting-legacy.tpl b/install/debian/10/templates/web/nginx/hosting-legacy.tpl
index 15961c95..541e560a 100644
--- a/install/debian/10/templates/web/nginx/hosting-legacy.tpl
+++ b/install/debian/10/templates/web/nginx/hosting-legacy.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/10/templates/web/nginx/hosting-public.stpl b/install/debian/10/templates/web/nginx/hosting-public.stpl
index 22951ae5..9c11d06d 100644
--- a/install/debian/10/templates/web/nginx/hosting-public.stpl
+++ b/install/debian/10/templates/web/nginx/hosting-public.stpl
@@ -25,7 +25,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/10/templates/web/nginx/hosting-public.tpl b/install/debian/10/templates/web/nginx/hosting-public.tpl
index 9ff417ba..756ede37 100644
--- a/install/debian/10/templates/web/nginx/hosting-public.tpl
+++ b/install/debian/10/templates/web/nginx/hosting-public.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.stpl b/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.stpl
index dac7adaf..45e05c3b 100644
--- a/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.stpl
+++ b/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.stpl
@@ -49,7 +49,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.tpl b/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.tpl
index 5f601672..da7dc9b2 100644
--- a/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.tpl
+++ b/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.tpl
@@ -46,7 +46,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/10/templates/web/nginx/hosting.stpl b/install/debian/10/templates/web/nginx/hosting.stpl
index 30fe0f74..e6ce0670 100644
--- a/install/debian/10/templates/web/nginx/hosting.stpl
+++ b/install/debian/10/templates/web/nginx/hosting.stpl
@@ -25,7 +25,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/10/templates/web/nginx/hosting.tpl b/install/debian/10/templates/web/nginx/hosting.tpl
index 262417b1..87c2f824 100644
--- a/install/debian/10/templates/web/nginx/hosting.tpl
+++ b/install/debian/10/templates/web/nginx/hosting.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/10/templates/web/nginx/private-force-https.stpl b/install/debian/10/templates/web/nginx/private-force-https.stpl
index 2b4e42cc..164cec16 100644
--- a/install/debian/10/templates/web/nginx/private-force-https.stpl
+++ b/install/debian/10/templates/web/nginx/private-force-https.stpl
@@ -27,7 +27,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/10/templates/web/nginx/private-hosting.stpl b/install/debian/10/templates/web/nginx/private-hosting.stpl
index 60b23c55..dbd5bec9 100644
--- a/install/debian/10/templates/web/nginx/private-hosting.stpl
+++ b/install/debian/10/templates/web/nginx/private-hosting.stpl
@@ -27,7 +27,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/10/templates/web/nginx/private-hosting.tpl b/install/debian/10/templates/web/nginx/private-hosting.tpl
index da70045f..5fd75be5 100644
--- a/install/debian/10/templates/web/nginx/private-hosting.tpl
+++ b/install/debian/10/templates/web/nginx/private-hosting.tpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/11/templates/web/nginx/caching.stpl b/install/debian/11/templates/web/nginx/caching.stpl
index 868e2fe9..2302b419 100644
--- a/install/debian/11/templates/web/nginx/caching.stpl
+++ b/install/debian/11/templates/web/nginx/caching.stpl
@@ -33,7 +33,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/11/templates/web/nginx/caching.tpl b/install/debian/11/templates/web/nginx/caching.tpl
index 36761b65..a1a89549 100644
--- a/install/debian/11/templates/web/nginx/caching.tpl
+++ b/install/debian/11/templates/web/nginx/caching.tpl
@@ -31,7 +31,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/11/templates/web/nginx/force-https-legacy.stpl b/install/debian/11/templates/web/nginx/force-https-legacy.stpl
index 01a4eea3..db3714c2 100644
--- a/install/debian/11/templates/web/nginx/force-https-legacy.stpl
+++ b/install/debian/11/templates/web/nginx/force-https-legacy.stpl
@@ -25,7 +25,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/11/templates/web/nginx/force-https-public.stpl b/install/debian/11/templates/web/nginx/force-https-public.stpl
index 22951ae5..9c11d06d 100644
--- a/install/debian/11/templates/web/nginx/force-https-public.stpl
+++ b/install/debian/11/templates/web/nginx/force-https-public.stpl
@@ -25,7 +25,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/11/templates/web/nginx/force-https-webmail-phpmyadmin.stpl b/install/debian/11/templates/web/nginx/force-https-webmail-phpmyadmin.stpl
index dac7adaf..45e05c3b 100644
--- a/install/debian/11/templates/web/nginx/force-https-webmail-phpmyadmin.stpl
+++ b/install/debian/11/templates/web/nginx/force-https-webmail-phpmyadmin.stpl
@@ -49,7 +49,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/11/templates/web/nginx/force-https.stpl b/install/debian/11/templates/web/nginx/force-https.stpl
index 4a8185c8..2abae221 100644
--- a/install/debian/11/templates/web/nginx/force-https.stpl
+++ b/install/debian/11/templates/web/nginx/force-https.stpl
@@ -25,7 +25,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/11/templates/web/nginx/hosting-legacy.stpl b/install/debian/11/templates/web/nginx/hosting-legacy.stpl
index cc0370c6..16874648 100644
--- a/install/debian/11/templates/web/nginx/hosting-legacy.stpl
+++ b/install/debian/11/templates/web/nginx/hosting-legacy.stpl
@@ -25,7 +25,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/11/templates/web/nginx/hosting-legacy.tpl b/install/debian/11/templates/web/nginx/hosting-legacy.tpl
index 15961c95..541e560a 100644
--- a/install/debian/11/templates/web/nginx/hosting-legacy.tpl
+++ b/install/debian/11/templates/web/nginx/hosting-legacy.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/11/templates/web/nginx/hosting-public.stpl b/install/debian/11/templates/web/nginx/hosting-public.stpl
index 22951ae5..9c11d06d 100644
--- a/install/debian/11/templates/web/nginx/hosting-public.stpl
+++ b/install/debian/11/templates/web/nginx/hosting-public.stpl
@@ -25,7 +25,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/11/templates/web/nginx/hosting-public.tpl b/install/debian/11/templates/web/nginx/hosting-public.tpl
index 9ff417ba..756ede37 100644
--- a/install/debian/11/templates/web/nginx/hosting-public.tpl
+++ b/install/debian/11/templates/web/nginx/hosting-public.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/11/templates/web/nginx/hosting-webmail-phpmyadmin.stpl b/install/debian/11/templates/web/nginx/hosting-webmail-phpmyadmin.stpl
index dac7adaf..45e05c3b 100644
--- a/install/debian/11/templates/web/nginx/hosting-webmail-phpmyadmin.stpl
+++ b/install/debian/11/templates/web/nginx/hosting-webmail-phpmyadmin.stpl
@@ -49,7 +49,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/11/templates/web/nginx/hosting-webmail-phpmyadmin.tpl b/install/debian/11/templates/web/nginx/hosting-webmail-phpmyadmin.tpl
index 5f601672..da7dc9b2 100644
--- a/install/debian/11/templates/web/nginx/hosting-webmail-phpmyadmin.tpl
+++ b/install/debian/11/templates/web/nginx/hosting-webmail-phpmyadmin.tpl
@@ -46,7 +46,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/11/templates/web/nginx/hosting.stpl b/install/debian/11/templates/web/nginx/hosting.stpl
index 30fe0f74..e6ce0670 100644
--- a/install/debian/11/templates/web/nginx/hosting.stpl
+++ b/install/debian/11/templates/web/nginx/hosting.stpl
@@ -25,7 +25,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/11/templates/web/nginx/hosting.tpl b/install/debian/11/templates/web/nginx/hosting.tpl
index 262417b1..87c2f824 100644
--- a/install/debian/11/templates/web/nginx/hosting.tpl
+++ b/install/debian/11/templates/web/nginx/hosting.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/11/templates/web/nginx/private-force-https.stpl b/install/debian/11/templates/web/nginx/private-force-https.stpl
index 2b4e42cc..164cec16 100644
--- a/install/debian/11/templates/web/nginx/private-force-https.stpl
+++ b/install/debian/11/templates/web/nginx/private-force-https.stpl
@@ -27,7 +27,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/11/templates/web/nginx/private-hosting.stpl b/install/debian/11/templates/web/nginx/private-hosting.stpl
index 60b23c55..dbd5bec9 100644
--- a/install/debian/11/templates/web/nginx/private-hosting.stpl
+++ b/install/debian/11/templates/web/nginx/private-hosting.stpl
@@ -27,7 +27,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/11/templates/web/nginx/private-hosting.tpl b/install/debian/11/templates/web/nginx/private-hosting.tpl
index da70045f..5fd75be5 100644
--- a/install/debian/11/templates/web/nginx/private-hosting.tpl
+++ b/install/debian/11/templates/web/nginx/private-hosting.tpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/7/templates/web/nginx/caching.stpl b/install/debian/7/templates/web/nginx/caching.stpl
index e149b98b..62be58ba 100644
--- a/install/debian/7/templates/web/nginx/caching.stpl
+++ b/install/debian/7/templates/web/nginx/caching.stpl
@@ -33,7 +33,7 @@ server {
         proxy_pass https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/7/templates/web/nginx/caching.tpl b/install/debian/7/templates/web/nginx/caching.tpl
index 36761b65..a1a89549 100644
--- a/install/debian/7/templates/web/nginx/caching.tpl
+++ b/install/debian/7/templates/web/nginx/caching.tpl
@@ -31,7 +31,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/7/templates/web/nginx/default.stpl b/install/debian/7/templates/web/nginx/default.stpl
index 0e669b3d..7672d9ac 100644
--- a/install/debian/7/templates/web/nginx/default.stpl
+++ b/install/debian/7/templates/web/nginx/default.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/7/templates/web/nginx/default.tpl b/install/debian/7/templates/web/nginx/default.tpl
index 4d5c774b..0e200e92 100644
--- a/install/debian/7/templates/web/nginx/default.tpl
+++ b/install/debian/7/templates/web/nginx/default.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/7/templates/web/nginx/hosting.stpl b/install/debian/7/templates/web/nginx/hosting.stpl
index 62620789..3f4ad39b 100644
--- a/install/debian/7/templates/web/nginx/hosting.stpl
+++ b/install/debian/7/templates/web/nginx/hosting.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/7/templates/web/nginx/hosting.tpl b/install/debian/7/templates/web/nginx/hosting.tpl
index 15961c95..541e560a 100644
--- a/install/debian/7/templates/web/nginx/hosting.tpl
+++ b/install/debian/7/templates/web/nginx/hosting.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/7/templates/web/nginx/http2.stpl b/install/debian/7/templates/web/nginx/http2.stpl
index f225becd..b694d1c2 100644
--- a/install/debian/7/templates/web/nginx/http2.stpl
+++ b/install/debian/7/templates/web/nginx/http2.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/7/templates/web/nginx/http2.tpl b/install/debian/7/templates/web/nginx/http2.tpl
index 4d5c774b..0e200e92 100644
--- a/install/debian/7/templates/web/nginx/http2.tpl
+++ b/install/debian/7/templates/web/nginx/http2.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/8/templates/web/nginx/caching.stpl b/install/debian/8/templates/web/nginx/caching.stpl
index 3c56004d..86ba5c78 100644
--- a/install/debian/8/templates/web/nginx/caching.stpl
+++ b/install/debian/8/templates/web/nginx/caching.stpl
@@ -33,7 +33,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/8/templates/web/nginx/caching.tpl b/install/debian/8/templates/web/nginx/caching.tpl
index 36761b65..a1a89549 100644
--- a/install/debian/8/templates/web/nginx/caching.tpl
+++ b/install/debian/8/templates/web/nginx/caching.tpl
@@ -31,7 +31,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/8/templates/web/nginx/default.stpl b/install/debian/8/templates/web/nginx/default.stpl
index 0e669b3d..7672d9ac 100644
--- a/install/debian/8/templates/web/nginx/default.stpl
+++ b/install/debian/8/templates/web/nginx/default.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/8/templates/web/nginx/default.tpl b/install/debian/8/templates/web/nginx/default.tpl
index 4d5c774b..0e200e92 100644
--- a/install/debian/8/templates/web/nginx/default.tpl
+++ b/install/debian/8/templates/web/nginx/default.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/8/templates/web/nginx/hosting.stpl b/install/debian/8/templates/web/nginx/hosting.stpl
index 62620789..3f4ad39b 100644
--- a/install/debian/8/templates/web/nginx/hosting.stpl
+++ b/install/debian/8/templates/web/nginx/hosting.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/8/templates/web/nginx/hosting.tpl b/install/debian/8/templates/web/nginx/hosting.tpl
index 15961c95..541e560a 100644
--- a/install/debian/8/templates/web/nginx/hosting.tpl
+++ b/install/debian/8/templates/web/nginx/hosting.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/8/templates/web/nginx/http2.stpl b/install/debian/8/templates/web/nginx/http2.stpl
index f225becd..b694d1c2 100644
--- a/install/debian/8/templates/web/nginx/http2.stpl
+++ b/install/debian/8/templates/web/nginx/http2.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/8/templates/web/nginx/http2.tpl b/install/debian/8/templates/web/nginx/http2.tpl
index 4d5c774b..0e200e92 100644
--- a/install/debian/8/templates/web/nginx/http2.tpl
+++ b/install/debian/8/templates/web/nginx/http2.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/9/templates/web/nginx/caching.stpl b/install/debian/9/templates/web/nginx/caching.stpl
index 868e2fe9..2302b419 100644
--- a/install/debian/9/templates/web/nginx/caching.stpl
+++ b/install/debian/9/templates/web/nginx/caching.stpl
@@ -33,7 +33,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/9/templates/web/nginx/caching.tpl b/install/debian/9/templates/web/nginx/caching.tpl
index 36761b65..a1a89549 100644
--- a/install/debian/9/templates/web/nginx/caching.tpl
+++ b/install/debian/9/templates/web/nginx/caching.tpl
@@ -31,7 +31,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/9/templates/web/nginx/default.stpl b/install/debian/9/templates/web/nginx/default.stpl
index f225becd..b694d1c2 100644
--- a/install/debian/9/templates/web/nginx/default.stpl
+++ b/install/debian/9/templates/web/nginx/default.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/9/templates/web/nginx/default.tpl b/install/debian/9/templates/web/nginx/default.tpl
index 4d5c774b..0e200e92 100644
--- a/install/debian/9/templates/web/nginx/default.tpl
+++ b/install/debian/9/templates/web/nginx/default.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/9/templates/web/nginx/hosting.stpl b/install/debian/9/templates/web/nginx/hosting.stpl
index 3b0e8ce9..736751d5 100644
--- a/install/debian/9/templates/web/nginx/hosting.stpl
+++ b/install/debian/9/templates/web/nginx/hosting.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/9/templates/web/nginx/hosting.tpl b/install/debian/9/templates/web/nginx/hosting.tpl
index 15961c95..541e560a 100644
--- a/install/debian/9/templates/web/nginx/hosting.tpl
+++ b/install/debian/9/templates/web/nginx/hosting.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/9/templates/web/nginx/http2.stpl b/install/debian/9/templates/web/nginx/http2.stpl
index f225becd..b694d1c2 100644
--- a/install/debian/9/templates/web/nginx/http2.stpl
+++ b/install/debian/9/templates/web/nginx/http2.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/9/templates/web/nginx/http2.tpl b/install/debian/9/templates/web/nginx/http2.tpl
index 4d5c774b..0e200e92 100644
--- a/install/debian/9/templates/web/nginx/http2.tpl
+++ b/install/debian/9/templates/web/nginx/http2.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/5/templates/web/nginx/caching.stpl b/install/rhel/5/templates/web/nginx/caching.stpl
index 5e1ac757..2d8cb3ca 100755
--- a/install/rhel/5/templates/web/nginx/caching.stpl
+++ b/install/rhel/5/templates/web/nginx/caching.stpl
@@ -33,7 +33,7 @@ server {
         proxy_pass https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/5/templates/web/nginx/caching.tpl b/install/rhel/5/templates/web/nginx/caching.tpl
index 6d727c67..677fea6f 100755
--- a/install/rhel/5/templates/web/nginx/caching.tpl
+++ b/install/rhel/5/templates/web/nginx/caching.tpl
@@ -31,7 +31,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/5/templates/web/nginx/default.stpl b/install/rhel/5/templates/web/nginx/default.stpl
index 22bbd55a..cd350432 100755
--- a/install/rhel/5/templates/web/nginx/default.stpl
+++ b/install/rhel/5/templates/web/nginx/default.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/5/templates/web/nginx/default.tpl b/install/rhel/5/templates/web/nginx/default.tpl
index c1fec114..d7fa634c 100755
--- a/install/rhel/5/templates/web/nginx/default.tpl
+++ b/install/rhel/5/templates/web/nginx/default.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/5/templates/web/nginx/hosting.stpl b/install/rhel/5/templates/web/nginx/hosting.stpl
index c3414149..8985f0aa 100755
--- a/install/rhel/5/templates/web/nginx/hosting.stpl
+++ b/install/rhel/5/templates/web/nginx/hosting.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/5/templates/web/nginx/hosting.tpl b/install/rhel/5/templates/web/nginx/hosting.tpl
index 44d87496..41fe0c43 100755
--- a/install/rhel/5/templates/web/nginx/hosting.tpl
+++ b/install/rhel/5/templates/web/nginx/hosting.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/5/templates/web/nginx/http2.stpl b/install/rhel/5/templates/web/nginx/http2.stpl
index f225becd..b694d1c2 100644
--- a/install/rhel/5/templates/web/nginx/http2.stpl
+++ b/install/rhel/5/templates/web/nginx/http2.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/5/templates/web/nginx/http2.tpl b/install/rhel/5/templates/web/nginx/http2.tpl
index 4d5c774b..0e200e92 100644
--- a/install/rhel/5/templates/web/nginx/http2.tpl
+++ b/install/rhel/5/templates/web/nginx/http2.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/6/templates/web/nginx/caching.stpl b/install/rhel/6/templates/web/nginx/caching.stpl
index 5e1ac757..2d8cb3ca 100755
--- a/install/rhel/6/templates/web/nginx/caching.stpl
+++ b/install/rhel/6/templates/web/nginx/caching.stpl
@@ -33,7 +33,7 @@ server {
         proxy_pass https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/6/templates/web/nginx/caching.tpl b/install/rhel/6/templates/web/nginx/caching.tpl
index 6d727c67..677fea6f 100755
--- a/install/rhel/6/templates/web/nginx/caching.tpl
+++ b/install/rhel/6/templates/web/nginx/caching.tpl
@@ -31,7 +31,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/6/templates/web/nginx/default.stpl b/install/rhel/6/templates/web/nginx/default.stpl
index 22bbd55a..cd350432 100755
--- a/install/rhel/6/templates/web/nginx/default.stpl
+++ b/install/rhel/6/templates/web/nginx/default.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/6/templates/web/nginx/default.tpl b/install/rhel/6/templates/web/nginx/default.tpl
index c1fec114..d7fa634c 100755
--- a/install/rhel/6/templates/web/nginx/default.tpl
+++ b/install/rhel/6/templates/web/nginx/default.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/6/templates/web/nginx/hosting.stpl b/install/rhel/6/templates/web/nginx/hosting.stpl
index c3414149..8985f0aa 100755
--- a/install/rhel/6/templates/web/nginx/hosting.stpl
+++ b/install/rhel/6/templates/web/nginx/hosting.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/6/templates/web/nginx/hosting.tpl b/install/rhel/6/templates/web/nginx/hosting.tpl
index 44d87496..41fe0c43 100755
--- a/install/rhel/6/templates/web/nginx/hosting.tpl
+++ b/install/rhel/6/templates/web/nginx/hosting.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/6/templates/web/nginx/http2.stpl b/install/rhel/6/templates/web/nginx/http2.stpl
index cfdb9188..3f13ff22 100644
--- a/install/rhel/6/templates/web/nginx/http2.stpl
+++ b/install/rhel/6/templates/web/nginx/http2.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/6/templates/web/nginx/http2.tpl b/install/rhel/6/templates/web/nginx/http2.tpl
index b20e2922..b51af9bf 100644
--- a/install/rhel/6/templates/web/nginx/http2.tpl
+++ b/install/rhel/6/templates/web/nginx/http2.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/7/templates/web/nginx/caching.stpl b/install/rhel/7/templates/web/nginx/caching.stpl
index 5e1ac757..2d8cb3ca 100755
--- a/install/rhel/7/templates/web/nginx/caching.stpl
+++ b/install/rhel/7/templates/web/nginx/caching.stpl
@@ -33,7 +33,7 @@ server {
         proxy_pass https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/7/templates/web/nginx/caching.tpl b/install/rhel/7/templates/web/nginx/caching.tpl
index 6d727c67..677fea6f 100755
--- a/install/rhel/7/templates/web/nginx/caching.tpl
+++ b/install/rhel/7/templates/web/nginx/caching.tpl
@@ -31,7 +31,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/7/templates/web/nginx/default.stpl b/install/rhel/7/templates/web/nginx/default.stpl
index 22bbd55a..cd350432 100755
--- a/install/rhel/7/templates/web/nginx/default.stpl
+++ b/install/rhel/7/templates/web/nginx/default.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/7/templates/web/nginx/default.tpl b/install/rhel/7/templates/web/nginx/default.tpl
index c1fec114..d7fa634c 100755
--- a/install/rhel/7/templates/web/nginx/default.tpl
+++ b/install/rhel/7/templates/web/nginx/default.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/7/templates/web/nginx/hosting.stpl b/install/rhel/7/templates/web/nginx/hosting.stpl
index c3414149..8985f0aa 100755
--- a/install/rhel/7/templates/web/nginx/hosting.stpl
+++ b/install/rhel/7/templates/web/nginx/hosting.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/7/templates/web/nginx/hosting.tpl b/install/rhel/7/templates/web/nginx/hosting.tpl
index 44d87496..41fe0c43 100755
--- a/install/rhel/7/templates/web/nginx/hosting.tpl
+++ b/install/rhel/7/templates/web/nginx/hosting.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/7/templates/web/nginx/http2.stpl b/install/rhel/7/templates/web/nginx/http2.stpl
index f225becd..b694d1c2 100644
--- a/install/rhel/7/templates/web/nginx/http2.stpl
+++ b/install/rhel/7/templates/web/nginx/http2.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/7/templates/web/nginx/http2.tpl b/install/rhel/7/templates/web/nginx/http2.tpl
index 4d5c774b..0e200e92 100644
--- a/install/rhel/7/templates/web/nginx/http2.tpl
+++ b/install/rhel/7/templates/web/nginx/http2.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/12.04/templates/web/nginx/caching.stpl b/install/ubuntu/12.04/templates/web/nginx/caching.stpl
index e149b98b..62be58ba 100755
--- a/install/ubuntu/12.04/templates/web/nginx/caching.stpl
+++ b/install/ubuntu/12.04/templates/web/nginx/caching.stpl
@@ -33,7 +33,7 @@ server {
         proxy_pass https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/12.04/templates/web/nginx/caching.tpl b/install/ubuntu/12.04/templates/web/nginx/caching.tpl
index 36761b65..a1a89549 100755
--- a/install/ubuntu/12.04/templates/web/nginx/caching.tpl
+++ b/install/ubuntu/12.04/templates/web/nginx/caching.tpl
@@ -31,7 +31,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/12.04/templates/web/nginx/default.stpl b/install/ubuntu/12.04/templates/web/nginx/default.stpl
index 0e669b3d..7672d9ac 100755
--- a/install/ubuntu/12.04/templates/web/nginx/default.stpl
+++ b/install/ubuntu/12.04/templates/web/nginx/default.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/12.04/templates/web/nginx/default.tpl b/install/ubuntu/12.04/templates/web/nginx/default.tpl
index 4d5c774b..0e200e92 100755
--- a/install/ubuntu/12.04/templates/web/nginx/default.tpl
+++ b/install/ubuntu/12.04/templates/web/nginx/default.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/12.04/templates/web/nginx/hosting.stpl b/install/ubuntu/12.04/templates/web/nginx/hosting.stpl
index 62620789..3f4ad39b 100755
--- a/install/ubuntu/12.04/templates/web/nginx/hosting.stpl
+++ b/install/ubuntu/12.04/templates/web/nginx/hosting.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/12.04/templates/web/nginx/hosting.tpl b/install/ubuntu/12.04/templates/web/nginx/hosting.tpl
index 15961c95..541e560a 100755
--- a/install/ubuntu/12.04/templates/web/nginx/hosting.tpl
+++ b/install/ubuntu/12.04/templates/web/nginx/hosting.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/12.04/templates/web/nginx/http2.stpl b/install/ubuntu/12.04/templates/web/nginx/http2.stpl
index f225becd..b694d1c2 100644
--- a/install/ubuntu/12.04/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/12.04/templates/web/nginx/http2.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/12.04/templates/web/nginx/http2.tpl b/install/ubuntu/12.04/templates/web/nginx/http2.tpl
index 4d5c774b..0e200e92 100644
--- a/install/ubuntu/12.04/templates/web/nginx/http2.tpl
+++ b/install/ubuntu/12.04/templates/web/nginx/http2.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/12.10/templates/web/nginx/caching.stpl b/install/ubuntu/12.10/templates/web/nginx/caching.stpl
index e149b98b..62be58ba 100755
--- a/install/ubuntu/12.10/templates/web/nginx/caching.stpl
+++ b/install/ubuntu/12.10/templates/web/nginx/caching.stpl
@@ -33,7 +33,7 @@ server {
         proxy_pass https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/12.10/templates/web/nginx/caching.tpl b/install/ubuntu/12.10/templates/web/nginx/caching.tpl
index 36761b65..a1a89549 100755
--- a/install/ubuntu/12.10/templates/web/nginx/caching.tpl
+++ b/install/ubuntu/12.10/templates/web/nginx/caching.tpl
@@ -31,7 +31,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/12.10/templates/web/nginx/default.stpl b/install/ubuntu/12.10/templates/web/nginx/default.stpl
index 0e669b3d..7672d9ac 100755
--- a/install/ubuntu/12.10/templates/web/nginx/default.stpl
+++ b/install/ubuntu/12.10/templates/web/nginx/default.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/12.10/templates/web/nginx/default.tpl b/install/ubuntu/12.10/templates/web/nginx/default.tpl
index 4d5c774b..0e200e92 100755
--- a/install/ubuntu/12.10/templates/web/nginx/default.tpl
+++ b/install/ubuntu/12.10/templates/web/nginx/default.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/12.10/templates/web/nginx/hosting.stpl b/install/ubuntu/12.10/templates/web/nginx/hosting.stpl
index 62620789..3f4ad39b 100755
--- a/install/ubuntu/12.10/templates/web/nginx/hosting.stpl
+++ b/install/ubuntu/12.10/templates/web/nginx/hosting.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/12.10/templates/web/nginx/hosting.tpl b/install/ubuntu/12.10/templates/web/nginx/hosting.tpl
index 15961c95..541e560a 100755
--- a/install/ubuntu/12.10/templates/web/nginx/hosting.tpl
+++ b/install/ubuntu/12.10/templates/web/nginx/hosting.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/12.10/templates/web/nginx/http2.stpl b/install/ubuntu/12.10/templates/web/nginx/http2.stpl
index f225becd..b694d1c2 100644
--- a/install/ubuntu/12.10/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/12.10/templates/web/nginx/http2.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/12.10/templates/web/nginx/http2.tpl b/install/ubuntu/12.10/templates/web/nginx/http2.tpl
index 4d5c774b..0e200e92 100644
--- a/install/ubuntu/12.10/templates/web/nginx/http2.tpl
+++ b/install/ubuntu/12.10/templates/web/nginx/http2.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/13.04/templates/web/nginx/caching.stpl b/install/ubuntu/13.04/templates/web/nginx/caching.stpl
index e149b98b..62be58ba 100755
--- a/install/ubuntu/13.04/templates/web/nginx/caching.stpl
+++ b/install/ubuntu/13.04/templates/web/nginx/caching.stpl
@@ -33,7 +33,7 @@ server {
         proxy_pass https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/13.04/templates/web/nginx/caching.tpl b/install/ubuntu/13.04/templates/web/nginx/caching.tpl
index 36761b65..a1a89549 100755
--- a/install/ubuntu/13.04/templates/web/nginx/caching.tpl
+++ b/install/ubuntu/13.04/templates/web/nginx/caching.tpl
@@ -31,7 +31,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/13.04/templates/web/nginx/default.stpl b/install/ubuntu/13.04/templates/web/nginx/default.stpl
index 0e669b3d..7672d9ac 100755
--- a/install/ubuntu/13.04/templates/web/nginx/default.stpl
+++ b/install/ubuntu/13.04/templates/web/nginx/default.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/13.04/templates/web/nginx/default.tpl b/install/ubuntu/13.04/templates/web/nginx/default.tpl
index 4d5c774b..0e200e92 100755
--- a/install/ubuntu/13.04/templates/web/nginx/default.tpl
+++ b/install/ubuntu/13.04/templates/web/nginx/default.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/13.04/templates/web/nginx/hosting.stpl b/install/ubuntu/13.04/templates/web/nginx/hosting.stpl
index 62620789..3f4ad39b 100755
--- a/install/ubuntu/13.04/templates/web/nginx/hosting.stpl
+++ b/install/ubuntu/13.04/templates/web/nginx/hosting.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/13.04/templates/web/nginx/hosting.tpl b/install/ubuntu/13.04/templates/web/nginx/hosting.tpl
index 15961c95..541e560a 100755
--- a/install/ubuntu/13.04/templates/web/nginx/hosting.tpl
+++ b/install/ubuntu/13.04/templates/web/nginx/hosting.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/13.04/templates/web/nginx/http2.stpl b/install/ubuntu/13.04/templates/web/nginx/http2.stpl
index f225becd..b694d1c2 100644
--- a/install/ubuntu/13.04/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/13.04/templates/web/nginx/http2.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/13.04/templates/web/nginx/http2.tpl b/install/ubuntu/13.04/templates/web/nginx/http2.tpl
index 4d5c774b..0e200e92 100644
--- a/install/ubuntu/13.04/templates/web/nginx/http2.tpl
+++ b/install/ubuntu/13.04/templates/web/nginx/http2.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/13.10/templates/web/nginx/caching.stpl b/install/ubuntu/13.10/templates/web/nginx/caching.stpl
index e149b98b..62be58ba 100755
--- a/install/ubuntu/13.10/templates/web/nginx/caching.stpl
+++ b/install/ubuntu/13.10/templates/web/nginx/caching.stpl
@@ -33,7 +33,7 @@ server {
         proxy_pass https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/13.10/templates/web/nginx/caching.tpl b/install/ubuntu/13.10/templates/web/nginx/caching.tpl
index 36761b65..a1a89549 100755
--- a/install/ubuntu/13.10/templates/web/nginx/caching.tpl
+++ b/install/ubuntu/13.10/templates/web/nginx/caching.tpl
@@ -31,7 +31,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/13.10/templates/web/nginx/default.stpl b/install/ubuntu/13.10/templates/web/nginx/default.stpl
index 0e669b3d..7672d9ac 100755
--- a/install/ubuntu/13.10/templates/web/nginx/default.stpl
+++ b/install/ubuntu/13.10/templates/web/nginx/default.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/13.10/templates/web/nginx/default.tpl b/install/ubuntu/13.10/templates/web/nginx/default.tpl
index 4d5c774b..0e200e92 100755
--- a/install/ubuntu/13.10/templates/web/nginx/default.tpl
+++ b/install/ubuntu/13.10/templates/web/nginx/default.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/13.10/templates/web/nginx/hosting.stpl b/install/ubuntu/13.10/templates/web/nginx/hosting.stpl
index 62620789..3f4ad39b 100755
--- a/install/ubuntu/13.10/templates/web/nginx/hosting.stpl
+++ b/install/ubuntu/13.10/templates/web/nginx/hosting.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/13.10/templates/web/nginx/hosting.tpl b/install/ubuntu/13.10/templates/web/nginx/hosting.tpl
index 15961c95..541e560a 100755
--- a/install/ubuntu/13.10/templates/web/nginx/hosting.tpl
+++ b/install/ubuntu/13.10/templates/web/nginx/hosting.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/13.10/templates/web/nginx/http2.stpl b/install/ubuntu/13.10/templates/web/nginx/http2.stpl
index f225becd..b694d1c2 100644
--- a/install/ubuntu/13.10/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/13.10/templates/web/nginx/http2.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/13.10/templates/web/nginx/http2.tpl b/install/ubuntu/13.10/templates/web/nginx/http2.tpl
index 4d5c774b..0e200e92 100644
--- a/install/ubuntu/13.10/templates/web/nginx/http2.tpl
+++ b/install/ubuntu/13.10/templates/web/nginx/http2.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/14.04/templates/web/nginx/caching.stpl b/install/ubuntu/14.04/templates/web/nginx/caching.stpl
index e149b98b..62be58ba 100755
--- a/install/ubuntu/14.04/templates/web/nginx/caching.stpl
+++ b/install/ubuntu/14.04/templates/web/nginx/caching.stpl
@@ -33,7 +33,7 @@ server {
         proxy_pass https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/14.04/templates/web/nginx/caching.tpl b/install/ubuntu/14.04/templates/web/nginx/caching.tpl
index 36761b65..a1a89549 100755
--- a/install/ubuntu/14.04/templates/web/nginx/caching.tpl
+++ b/install/ubuntu/14.04/templates/web/nginx/caching.tpl
@@ -31,7 +31,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/14.04/templates/web/nginx/default.stpl b/install/ubuntu/14.04/templates/web/nginx/default.stpl
index 0e669b3d..7672d9ac 100755
--- a/install/ubuntu/14.04/templates/web/nginx/default.stpl
+++ b/install/ubuntu/14.04/templates/web/nginx/default.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/14.04/templates/web/nginx/default.tpl b/install/ubuntu/14.04/templates/web/nginx/default.tpl
index 4d5c774b..0e200e92 100755
--- a/install/ubuntu/14.04/templates/web/nginx/default.tpl
+++ b/install/ubuntu/14.04/templates/web/nginx/default.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/14.04/templates/web/nginx/hosting.stpl b/install/ubuntu/14.04/templates/web/nginx/hosting.stpl
index 62620789..3f4ad39b 100755
--- a/install/ubuntu/14.04/templates/web/nginx/hosting.stpl
+++ b/install/ubuntu/14.04/templates/web/nginx/hosting.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/14.04/templates/web/nginx/hosting.tpl b/install/ubuntu/14.04/templates/web/nginx/hosting.tpl
index 15961c95..541e560a 100755
--- a/install/ubuntu/14.04/templates/web/nginx/hosting.tpl
+++ b/install/ubuntu/14.04/templates/web/nginx/hosting.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/14.04/templates/web/nginx/http2.stpl b/install/ubuntu/14.04/templates/web/nginx/http2.stpl
index f225becd..b694d1c2 100644
--- a/install/ubuntu/14.04/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/14.04/templates/web/nginx/http2.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/14.04/templates/web/nginx/http2.tpl b/install/ubuntu/14.04/templates/web/nginx/http2.tpl
index 4d5c774b..0e200e92 100644
--- a/install/ubuntu/14.04/templates/web/nginx/http2.tpl
+++ b/install/ubuntu/14.04/templates/web/nginx/http2.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/14.10/templates/web/nginx/caching.stpl b/install/ubuntu/14.10/templates/web/nginx/caching.stpl
index e149b98b..62be58ba 100755
--- a/install/ubuntu/14.10/templates/web/nginx/caching.stpl
+++ b/install/ubuntu/14.10/templates/web/nginx/caching.stpl
@@ -33,7 +33,7 @@ server {
         proxy_pass https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/14.10/templates/web/nginx/caching.tpl b/install/ubuntu/14.10/templates/web/nginx/caching.tpl
index 36761b65..a1a89549 100755
--- a/install/ubuntu/14.10/templates/web/nginx/caching.tpl
+++ b/install/ubuntu/14.10/templates/web/nginx/caching.tpl
@@ -31,7 +31,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/14.10/templates/web/nginx/default.stpl b/install/ubuntu/14.10/templates/web/nginx/default.stpl
index 0e669b3d..7672d9ac 100755
--- a/install/ubuntu/14.10/templates/web/nginx/default.stpl
+++ b/install/ubuntu/14.10/templates/web/nginx/default.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/14.10/templates/web/nginx/default.tpl b/install/ubuntu/14.10/templates/web/nginx/default.tpl
index 4d5c774b..0e200e92 100755
--- a/install/ubuntu/14.10/templates/web/nginx/default.tpl
+++ b/install/ubuntu/14.10/templates/web/nginx/default.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/14.10/templates/web/nginx/hosting.stpl b/install/ubuntu/14.10/templates/web/nginx/hosting.stpl
index 62620789..3f4ad39b 100755
--- a/install/ubuntu/14.10/templates/web/nginx/hosting.stpl
+++ b/install/ubuntu/14.10/templates/web/nginx/hosting.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/14.10/templates/web/nginx/hosting.tpl b/install/ubuntu/14.10/templates/web/nginx/hosting.tpl
index 15961c95..541e560a 100755
--- a/install/ubuntu/14.10/templates/web/nginx/hosting.tpl
+++ b/install/ubuntu/14.10/templates/web/nginx/hosting.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/14.10/templates/web/nginx/http2.stpl b/install/ubuntu/14.10/templates/web/nginx/http2.stpl
index f225becd..b694d1c2 100644
--- a/install/ubuntu/14.10/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/14.10/templates/web/nginx/http2.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/14.10/templates/web/nginx/http2.tpl b/install/ubuntu/14.10/templates/web/nginx/http2.tpl
index 4d5c774b..0e200e92 100644
--- a/install/ubuntu/14.10/templates/web/nginx/http2.tpl
+++ b/install/ubuntu/14.10/templates/web/nginx/http2.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/15.04/templates/web/nginx/caching.stpl b/install/ubuntu/15.04/templates/web/nginx/caching.stpl
index e149b98b..62be58ba 100755
--- a/install/ubuntu/15.04/templates/web/nginx/caching.stpl
+++ b/install/ubuntu/15.04/templates/web/nginx/caching.stpl
@@ -33,7 +33,7 @@ server {
         proxy_pass https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/15.04/templates/web/nginx/caching.tpl b/install/ubuntu/15.04/templates/web/nginx/caching.tpl
index 36761b65..a1a89549 100755
--- a/install/ubuntu/15.04/templates/web/nginx/caching.tpl
+++ b/install/ubuntu/15.04/templates/web/nginx/caching.tpl
@@ -31,7 +31,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/15.04/templates/web/nginx/default.stpl b/install/ubuntu/15.04/templates/web/nginx/default.stpl
index 0e669b3d..7672d9ac 100755
--- a/install/ubuntu/15.04/templates/web/nginx/default.stpl
+++ b/install/ubuntu/15.04/templates/web/nginx/default.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/15.04/templates/web/nginx/default.tpl b/install/ubuntu/15.04/templates/web/nginx/default.tpl
index 4d5c774b..0e200e92 100755
--- a/install/ubuntu/15.04/templates/web/nginx/default.tpl
+++ b/install/ubuntu/15.04/templates/web/nginx/default.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/15.04/templates/web/nginx/hosting.stpl b/install/ubuntu/15.04/templates/web/nginx/hosting.stpl
index 62620789..3f4ad39b 100755
--- a/install/ubuntu/15.04/templates/web/nginx/hosting.stpl
+++ b/install/ubuntu/15.04/templates/web/nginx/hosting.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/15.04/templates/web/nginx/hosting.tpl b/install/ubuntu/15.04/templates/web/nginx/hosting.tpl
index 15961c95..541e560a 100755
--- a/install/ubuntu/15.04/templates/web/nginx/hosting.tpl
+++ b/install/ubuntu/15.04/templates/web/nginx/hosting.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/15.04/templates/web/nginx/http2.stpl b/install/ubuntu/15.04/templates/web/nginx/http2.stpl
index f225becd..b694d1c2 100644
--- a/install/ubuntu/15.04/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/15.04/templates/web/nginx/http2.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/15.04/templates/web/nginx/http2.tpl b/install/ubuntu/15.04/templates/web/nginx/http2.tpl
index 4d5c774b..0e200e92 100644
--- a/install/ubuntu/15.04/templates/web/nginx/http2.tpl
+++ b/install/ubuntu/15.04/templates/web/nginx/http2.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/15.10/templates/web/nginx/caching.stpl b/install/ubuntu/15.10/templates/web/nginx/caching.stpl
index e149b98b..62be58ba 100755
--- a/install/ubuntu/15.10/templates/web/nginx/caching.stpl
+++ b/install/ubuntu/15.10/templates/web/nginx/caching.stpl
@@ -33,7 +33,7 @@ server {
         proxy_pass https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/15.10/templates/web/nginx/caching.tpl b/install/ubuntu/15.10/templates/web/nginx/caching.tpl
index 36761b65..a1a89549 100755
--- a/install/ubuntu/15.10/templates/web/nginx/caching.tpl
+++ b/install/ubuntu/15.10/templates/web/nginx/caching.tpl
@@ -31,7 +31,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/15.10/templates/web/nginx/default.stpl b/install/ubuntu/15.10/templates/web/nginx/default.stpl
index 0e669b3d..7672d9ac 100755
--- a/install/ubuntu/15.10/templates/web/nginx/default.stpl
+++ b/install/ubuntu/15.10/templates/web/nginx/default.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/15.10/templates/web/nginx/default.tpl b/install/ubuntu/15.10/templates/web/nginx/default.tpl
index 4d5c774b..0e200e92 100755
--- a/install/ubuntu/15.10/templates/web/nginx/default.tpl
+++ b/install/ubuntu/15.10/templates/web/nginx/default.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/15.10/templates/web/nginx/hosting.stpl b/install/ubuntu/15.10/templates/web/nginx/hosting.stpl
index 62620789..3f4ad39b 100755
--- a/install/ubuntu/15.10/templates/web/nginx/hosting.stpl
+++ b/install/ubuntu/15.10/templates/web/nginx/hosting.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/15.10/templates/web/nginx/hosting.tpl b/install/ubuntu/15.10/templates/web/nginx/hosting.tpl
index 15961c95..541e560a 100755
--- a/install/ubuntu/15.10/templates/web/nginx/hosting.tpl
+++ b/install/ubuntu/15.10/templates/web/nginx/hosting.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/15.10/templates/web/nginx/http2.stpl b/install/ubuntu/15.10/templates/web/nginx/http2.stpl
index f225becd..b694d1c2 100644
--- a/install/ubuntu/15.10/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/15.10/templates/web/nginx/http2.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/15.10/templates/web/nginx/http2.tpl b/install/ubuntu/15.10/templates/web/nginx/http2.tpl
index 4d5c774b..0e200e92 100644
--- a/install/ubuntu/15.10/templates/web/nginx/http2.tpl
+++ b/install/ubuntu/15.10/templates/web/nginx/http2.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/16.04/templates/web/nginx/caching.stpl b/install/ubuntu/16.04/templates/web/nginx/caching.stpl
index e149b98b..62be58ba 100755
--- a/install/ubuntu/16.04/templates/web/nginx/caching.stpl
+++ b/install/ubuntu/16.04/templates/web/nginx/caching.stpl
@@ -33,7 +33,7 @@ server {
         proxy_pass https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/16.04/templates/web/nginx/caching.tpl b/install/ubuntu/16.04/templates/web/nginx/caching.tpl
index 36761b65..a1a89549 100755
--- a/install/ubuntu/16.04/templates/web/nginx/caching.tpl
+++ b/install/ubuntu/16.04/templates/web/nginx/caching.tpl
@@ -31,7 +31,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/16.04/templates/web/nginx/default.stpl b/install/ubuntu/16.04/templates/web/nginx/default.stpl
index 0e669b3d..7672d9ac 100755
--- a/install/ubuntu/16.04/templates/web/nginx/default.stpl
+++ b/install/ubuntu/16.04/templates/web/nginx/default.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/16.04/templates/web/nginx/default.tpl b/install/ubuntu/16.04/templates/web/nginx/default.tpl
index 4d5c774b..0e200e92 100755
--- a/install/ubuntu/16.04/templates/web/nginx/default.tpl
+++ b/install/ubuntu/16.04/templates/web/nginx/default.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/16.04/templates/web/nginx/hosting.stpl b/install/ubuntu/16.04/templates/web/nginx/hosting.stpl
index 62620789..3f4ad39b 100755
--- a/install/ubuntu/16.04/templates/web/nginx/hosting.stpl
+++ b/install/ubuntu/16.04/templates/web/nginx/hosting.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/16.04/templates/web/nginx/hosting.tpl b/install/ubuntu/16.04/templates/web/nginx/hosting.tpl
index 15961c95..541e560a 100755
--- a/install/ubuntu/16.04/templates/web/nginx/hosting.tpl
+++ b/install/ubuntu/16.04/templates/web/nginx/hosting.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/16.04/templates/web/nginx/http2.stpl b/install/ubuntu/16.04/templates/web/nginx/http2.stpl
index f225becd..b694d1c2 100644
--- a/install/ubuntu/16.04/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/16.04/templates/web/nginx/http2.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/16.04/templates/web/nginx/http2.tpl b/install/ubuntu/16.04/templates/web/nginx/http2.tpl
index 4d5c774b..0e200e92 100644
--- a/install/ubuntu/16.04/templates/web/nginx/http2.tpl
+++ b/install/ubuntu/16.04/templates/web/nginx/http2.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/16.10/templates/web/nginx/caching.stpl b/install/ubuntu/16.10/templates/web/nginx/caching.stpl
index e149b98b..62be58ba 100755
--- a/install/ubuntu/16.10/templates/web/nginx/caching.stpl
+++ b/install/ubuntu/16.10/templates/web/nginx/caching.stpl
@@ -33,7 +33,7 @@ server {
         proxy_pass https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/16.10/templates/web/nginx/caching.tpl b/install/ubuntu/16.10/templates/web/nginx/caching.tpl
index 36761b65..a1a89549 100755
--- a/install/ubuntu/16.10/templates/web/nginx/caching.tpl
+++ b/install/ubuntu/16.10/templates/web/nginx/caching.tpl
@@ -31,7 +31,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/16.10/templates/web/nginx/default.stpl b/install/ubuntu/16.10/templates/web/nginx/default.stpl
index 0e669b3d..7672d9ac 100755
--- a/install/ubuntu/16.10/templates/web/nginx/default.stpl
+++ b/install/ubuntu/16.10/templates/web/nginx/default.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/16.10/templates/web/nginx/default.tpl b/install/ubuntu/16.10/templates/web/nginx/default.tpl
index 4d5c774b..0e200e92 100755
--- a/install/ubuntu/16.10/templates/web/nginx/default.tpl
+++ b/install/ubuntu/16.10/templates/web/nginx/default.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/16.10/templates/web/nginx/hosting.stpl b/install/ubuntu/16.10/templates/web/nginx/hosting.stpl
index 62620789..3f4ad39b 100755
--- a/install/ubuntu/16.10/templates/web/nginx/hosting.stpl
+++ b/install/ubuntu/16.10/templates/web/nginx/hosting.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/16.10/templates/web/nginx/hosting.tpl b/install/ubuntu/16.10/templates/web/nginx/hosting.tpl
index 15961c95..541e560a 100755
--- a/install/ubuntu/16.10/templates/web/nginx/hosting.tpl
+++ b/install/ubuntu/16.10/templates/web/nginx/hosting.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/16.10/templates/web/nginx/http2.stpl b/install/ubuntu/16.10/templates/web/nginx/http2.stpl
index f225becd..b694d1c2 100644
--- a/install/ubuntu/16.10/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/16.10/templates/web/nginx/http2.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/16.10/templates/web/nginx/http2.tpl b/install/ubuntu/16.10/templates/web/nginx/http2.tpl
index 4d5c774b..0e200e92 100644
--- a/install/ubuntu/16.10/templates/web/nginx/http2.tpl
+++ b/install/ubuntu/16.10/templates/web/nginx/http2.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/17.04/templates/web/nginx/caching.stpl b/install/ubuntu/17.04/templates/web/nginx/caching.stpl
index e149b98b..62be58ba 100755
--- a/install/ubuntu/17.04/templates/web/nginx/caching.stpl
+++ b/install/ubuntu/17.04/templates/web/nginx/caching.stpl
@@ -33,7 +33,7 @@ server {
         proxy_pass https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/17.04/templates/web/nginx/caching.tpl b/install/ubuntu/17.04/templates/web/nginx/caching.tpl
index 36761b65..a1a89549 100755
--- a/install/ubuntu/17.04/templates/web/nginx/caching.tpl
+++ b/install/ubuntu/17.04/templates/web/nginx/caching.tpl
@@ -31,7 +31,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/17.04/templates/web/nginx/default.stpl b/install/ubuntu/17.04/templates/web/nginx/default.stpl
index 0e669b3d..7672d9ac 100755
--- a/install/ubuntu/17.04/templates/web/nginx/default.stpl
+++ b/install/ubuntu/17.04/templates/web/nginx/default.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/17.04/templates/web/nginx/default.tpl b/install/ubuntu/17.04/templates/web/nginx/default.tpl
index 4d5c774b..0e200e92 100755
--- a/install/ubuntu/17.04/templates/web/nginx/default.tpl
+++ b/install/ubuntu/17.04/templates/web/nginx/default.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/17.04/templates/web/nginx/hosting.stpl b/install/ubuntu/17.04/templates/web/nginx/hosting.stpl
index 1ef8994b..587b02c7 100755
--- a/install/ubuntu/17.04/templates/web/nginx/hosting.stpl
+++ b/install/ubuntu/17.04/templates/web/nginx/hosting.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/17.04/templates/web/nginx/hosting.tpl b/install/ubuntu/17.04/templates/web/nginx/hosting.tpl
index 15961c95..541e560a 100755
--- a/install/ubuntu/17.04/templates/web/nginx/hosting.tpl
+++ b/install/ubuntu/17.04/templates/web/nginx/hosting.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/17.04/templates/web/nginx/http2.stpl b/install/ubuntu/17.04/templates/web/nginx/http2.stpl
index f225becd..b694d1c2 100644
--- a/install/ubuntu/17.04/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/17.04/templates/web/nginx/http2.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/17.04/templates/web/nginx/http2.tpl b/install/ubuntu/17.04/templates/web/nginx/http2.tpl
index 4d5c774b..0e200e92 100644
--- a/install/ubuntu/17.04/templates/web/nginx/http2.tpl
+++ b/install/ubuntu/17.04/templates/web/nginx/http2.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/17.10/templates/web/nginx/caching.stpl b/install/ubuntu/17.10/templates/web/nginx/caching.stpl
index e149b98b..62be58ba 100755
--- a/install/ubuntu/17.10/templates/web/nginx/caching.stpl
+++ b/install/ubuntu/17.10/templates/web/nginx/caching.stpl
@@ -33,7 +33,7 @@ server {
         proxy_pass https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/17.10/templates/web/nginx/caching.tpl b/install/ubuntu/17.10/templates/web/nginx/caching.tpl
index 36761b65..a1a89549 100755
--- a/install/ubuntu/17.10/templates/web/nginx/caching.tpl
+++ b/install/ubuntu/17.10/templates/web/nginx/caching.tpl
@@ -31,7 +31,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/17.10/templates/web/nginx/default.stpl b/install/ubuntu/17.10/templates/web/nginx/default.stpl
index 0e669b3d..7672d9ac 100755
--- a/install/ubuntu/17.10/templates/web/nginx/default.stpl
+++ b/install/ubuntu/17.10/templates/web/nginx/default.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/17.10/templates/web/nginx/default.tpl b/install/ubuntu/17.10/templates/web/nginx/default.tpl
index 4d5c774b..0e200e92 100755
--- a/install/ubuntu/17.10/templates/web/nginx/default.tpl
+++ b/install/ubuntu/17.10/templates/web/nginx/default.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/17.10/templates/web/nginx/hosting.stpl b/install/ubuntu/17.10/templates/web/nginx/hosting.stpl
index 1ef8994b..587b02c7 100755
--- a/install/ubuntu/17.10/templates/web/nginx/hosting.stpl
+++ b/install/ubuntu/17.10/templates/web/nginx/hosting.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/17.10/templates/web/nginx/hosting.tpl b/install/ubuntu/17.10/templates/web/nginx/hosting.tpl
index 15961c95..541e560a 100755
--- a/install/ubuntu/17.10/templates/web/nginx/hosting.tpl
+++ b/install/ubuntu/17.10/templates/web/nginx/hosting.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/17.10/templates/web/nginx/http2.stpl b/install/ubuntu/17.10/templates/web/nginx/http2.stpl
index f225becd..b694d1c2 100644
--- a/install/ubuntu/17.10/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/17.10/templates/web/nginx/http2.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/17.10/templates/web/nginx/http2.tpl b/install/ubuntu/17.10/templates/web/nginx/http2.tpl
index 4d5c774b..0e200e92 100644
--- a/install/ubuntu/17.10/templates/web/nginx/http2.tpl
+++ b/install/ubuntu/17.10/templates/web/nginx/http2.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/18.04/templates/web/nginx/caching.stpl b/install/ubuntu/18.04/templates/web/nginx/caching.stpl
index e149b98b..62be58ba 100755
--- a/install/ubuntu/18.04/templates/web/nginx/caching.stpl
+++ b/install/ubuntu/18.04/templates/web/nginx/caching.stpl
@@ -33,7 +33,7 @@ server {
         proxy_pass https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/18.04/templates/web/nginx/caching.tpl b/install/ubuntu/18.04/templates/web/nginx/caching.tpl
index 36761b65..a1a89549 100755
--- a/install/ubuntu/18.04/templates/web/nginx/caching.tpl
+++ b/install/ubuntu/18.04/templates/web/nginx/caching.tpl
@@ -31,7 +31,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/18.04/templates/web/nginx/default.stpl b/install/ubuntu/18.04/templates/web/nginx/default.stpl
index 0e669b3d..7672d9ac 100755
--- a/install/ubuntu/18.04/templates/web/nginx/default.stpl
+++ b/install/ubuntu/18.04/templates/web/nginx/default.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/18.04/templates/web/nginx/default.tpl b/install/ubuntu/18.04/templates/web/nginx/default.tpl
index 4d5c774b..0e200e92 100755
--- a/install/ubuntu/18.04/templates/web/nginx/default.tpl
+++ b/install/ubuntu/18.04/templates/web/nginx/default.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/18.04/templates/web/nginx/hosting.stpl b/install/ubuntu/18.04/templates/web/nginx/hosting.stpl
index 1ef8994b..587b02c7 100755
--- a/install/ubuntu/18.04/templates/web/nginx/hosting.stpl
+++ b/install/ubuntu/18.04/templates/web/nginx/hosting.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/18.04/templates/web/nginx/hosting.tpl b/install/ubuntu/18.04/templates/web/nginx/hosting.tpl
index 15961c95..541e560a 100755
--- a/install/ubuntu/18.04/templates/web/nginx/hosting.tpl
+++ b/install/ubuntu/18.04/templates/web/nginx/hosting.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/18.04/templates/web/nginx/http2.stpl b/install/ubuntu/18.04/templates/web/nginx/http2.stpl
index f225becd..b694d1c2 100644
--- a/install/ubuntu/18.04/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/18.04/templates/web/nginx/http2.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/18.04/templates/web/nginx/http2.tpl b/install/ubuntu/18.04/templates/web/nginx/http2.tpl
index 4d5c774b..0e200e92 100644
--- a/install/ubuntu/18.04/templates/web/nginx/http2.tpl
+++ b/install/ubuntu/18.04/templates/web/nginx/http2.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/18.10/templates/web/nginx/caching.stpl b/install/ubuntu/18.10/templates/web/nginx/caching.stpl
index e149b98b..62be58ba 100755
--- a/install/ubuntu/18.10/templates/web/nginx/caching.stpl
+++ b/install/ubuntu/18.10/templates/web/nginx/caching.stpl
@@ -33,7 +33,7 @@ server {
         proxy_pass https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/18.10/templates/web/nginx/caching.tpl b/install/ubuntu/18.10/templates/web/nginx/caching.tpl
index 36761b65..a1a89549 100755
--- a/install/ubuntu/18.10/templates/web/nginx/caching.tpl
+++ b/install/ubuntu/18.10/templates/web/nginx/caching.tpl
@@ -31,7 +31,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/18.10/templates/web/nginx/default.stpl b/install/ubuntu/18.10/templates/web/nginx/default.stpl
index 0e669b3d..7672d9ac 100755
--- a/install/ubuntu/18.10/templates/web/nginx/default.stpl
+++ b/install/ubuntu/18.10/templates/web/nginx/default.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/18.10/templates/web/nginx/default.tpl b/install/ubuntu/18.10/templates/web/nginx/default.tpl
index 4d5c774b..0e200e92 100755
--- a/install/ubuntu/18.10/templates/web/nginx/default.tpl
+++ b/install/ubuntu/18.10/templates/web/nginx/default.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/18.10/templates/web/nginx/hosting.stpl b/install/ubuntu/18.10/templates/web/nginx/hosting.stpl
index 1ef8994b..587b02c7 100755
--- a/install/ubuntu/18.10/templates/web/nginx/hosting.stpl
+++ b/install/ubuntu/18.10/templates/web/nginx/hosting.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/18.10/templates/web/nginx/hosting.tpl b/install/ubuntu/18.10/templates/web/nginx/hosting.tpl
index 15961c95..541e560a 100755
--- a/install/ubuntu/18.10/templates/web/nginx/hosting.tpl
+++ b/install/ubuntu/18.10/templates/web/nginx/hosting.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/18.10/templates/web/nginx/http2.stpl b/install/ubuntu/18.10/templates/web/nginx/http2.stpl
index f225becd..b694d1c2 100644
--- a/install/ubuntu/18.10/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/18.10/templates/web/nginx/http2.stpl
@@ -24,7 +24,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/18.10/templates/web/nginx/http2.tpl b/install/ubuntu/18.10/templates/web/nginx/http2.tpl
index 4d5c774b..0e200e92 100644
--- a/install/ubuntu/18.10/templates/web/nginx/http2.tpl
+++ b/install/ubuntu/18.10/templates/web/nginx/http2.tpl
@@ -22,7 +22,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/src/deb/for-download/tools/nodejs-nginx-templates/node-app-3000-no-https-force.stpl b/src/deb/for-download/tools/nodejs-nginx-templates/node-app-3000-no-https-force.stpl
index 85fb4a95..0978f452 100644
--- a/src/deb/for-download/tools/nodejs-nginx-templates/node-app-3000-no-https-force.stpl
+++ b/src/deb/for-download/tools/nodejs-nginx-templates/node-app-3000-no-https-force.stpl
@@ -41,7 +41,7 @@ server {
     }
 
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/src/deb/for-download/tools/nodejs-nginx-templates/node-app-3000-no-https-force.tpl b/src/deb/for-download/tools/nodejs-nginx-templates/node-app-3000-no-https-force.tpl
index fff0aebb..933eea6d 100644
--- a/src/deb/for-download/tools/nodejs-nginx-templates/node-app-3000-no-https-force.tpl
+++ b/src/deb/for-download/tools/nodejs-nginx-templates/node-app-3000-no-https-force.tpl
@@ -32,7 +32,7 @@ server {
         alias   %home%/%user%/web/%domain%/document_errors/;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/src/deb/for-download/tools/nodejs-nginx-templates/node-app-3000-pass-to-https.stpl b/src/deb/for-download/tools/nodejs-nginx-templates/node-app-3000-pass-to-https.stpl
index a392afef..4e75c188 100644
--- a/src/deb/for-download/tools/nodejs-nginx-templates/node-app-3000-pass-to-https.stpl
+++ b/src/deb/for-download/tools/nodejs-nginx-templates/node-app-3000-pass-to-https.stpl
@@ -41,7 +41,7 @@ server {
     }
 
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/src/deb/for-download/tools/nodejs-nginx-templates/node-app-3000.stpl b/src/deb/for-download/tools/nodejs-nginx-templates/node-app-3000.stpl
index 85fb4a95..0978f452 100644
--- a/src/deb/for-download/tools/nodejs-nginx-templates/node-app-3000.stpl
+++ b/src/deb/for-download/tools/nodejs-nginx-templates/node-app-3000.stpl
@@ -41,7 +41,7 @@ server {
     }
 
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/src/deb/for-download/tools/nodejs-nginx-templates/node-app-4000-and-websocket-6001.stpl b/src/deb/for-download/tools/nodejs-nginx-templates/node-app-4000-and-websocket-6001.stpl
index 0def9f53..d1781ee6 100644
--- a/src/deb/for-download/tools/nodejs-nginx-templates/node-app-4000-and-websocket-6001.stpl
+++ b/src/deb/for-download/tools/nodejs-nginx-templates/node-app-4000-and-websocket-6001.stpl
@@ -57,7 +57,7 @@ server {
     }
 
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/src/deb/for-download/tools/nodejs-nginx-templates/node-app-also-handle-static-files-3000.stpl b/src/deb/for-download/tools/nodejs-nginx-templates/node-app-also-handle-static-files-3000.stpl
index 9b0a5853..e22d4ccc 100644
--- a/src/deb/for-download/tools/nodejs-nginx-templates/node-app-also-handle-static-files-3000.stpl
+++ b/src/deb/for-download/tools/nodejs-nginx-templates/node-app-also-handle-static-files-3000.stpl
@@ -26,7 +26,7 @@ server {
     }
 
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/src/deb/for-download/tools/nodejs-nginx-templates/node-app-also-handle-static-files-3000.tpl b/src/deb/for-download/tools/nodejs-nginx-templates/node-app-also-handle-static-files-3000.tpl
index 93267737..bb298e66 100644
--- a/src/deb/for-download/tools/nodejs-nginx-templates/node-app-also-handle-static-files-3000.tpl
+++ b/src/deb/for-download/tools/nodejs-nginx-templates/node-app-also-handle-static-files-3000.tpl
@@ -17,7 +17,7 @@ server {
         # try_files $uri $uri/ =404;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2-conn-4.stpl b/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2-conn-4.stpl
index 2597eb7f..c993be39 100644
--- a/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2-conn-4.stpl
+++ b/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2-conn-4.stpl
@@ -28,7 +28,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2.stpl b/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2.stpl
index 6d4250ff..2b4fa14e 100644
--- a/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2.stpl
+++ b/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2.stpl
@@ -28,7 +28,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2.stpl b/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2.stpl
index ab527372..289116df 100644
--- a/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2.stpl
+++ b/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2.stpl
@@ -28,7 +28,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall.stpl b/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall.stpl
index dbb239fb..b06aca58 100644
--- a/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall.stpl
+++ b/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall.stpl
@@ -28,7 +28,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2-conn-4.stpl b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2-conn-4.stpl
index 87c34de1..05ede9e6 100644
--- a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2-conn-4.stpl
+++ b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2-conn-4.stpl
@@ -28,7 +28,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2-conn-4.tpl b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2-conn-4.tpl
index cfcba2e8..15fe6fe5 100644
--- a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2-conn-4.tpl
+++ b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2-conn-4.tpl
@@ -25,7 +25,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2.stpl b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2.stpl
index 4318c814..e02ce616 100644
--- a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2.stpl
+++ b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2.stpl
@@ -28,7 +28,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2.tpl b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2.tpl
index d09c841b..03426c6e 100644
--- a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2.tpl
+++ b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2.tpl
@@ -25,7 +25,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2.stpl b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2.stpl
index 24bf0c1f..d43b7529 100644
--- a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2.stpl
+++ b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2.stpl
@@ -28,7 +28,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2.tpl b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2.tpl
index 3b382c15..c93bc951 100644
--- a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2.tpl
+++ b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2.tpl
@@ -25,7 +25,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.stpl b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.stpl
index a5d163e3..c2274a43 100644
--- a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.stpl
+++ b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.stpl
@@ -28,7 +28,7 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.tpl b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.tpl
index 1441a6a9..deed2b71 100644
--- a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.tpl
+++ b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.tpl
@@ -25,7 +25,7 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.ht    {return 404;}
+    location ~ /\.      {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}

From bda54c4ec4194d1a1d994676fab9bae7a08657f4 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 24 Mar 2022 18:20:31 +0100
Subject: [PATCH 1686/2300] handle --parameters without shifting

---
 func/handle_parameters.sh | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/func/handle_parameters.sh b/func/handle_parameters.sh
index ba5bd36f..32e09312 100644
--- a/func/handle_parameters.sh
+++ b/func/handle_parameters.sh
@@ -1,4 +1,5 @@
 # handle --parameters=val
+
 handle_parameter() {
     origparam=$1
     searchstring="="
@@ -7,14 +8,12 @@ handle_parameter() {
         var_without_minuses=${origparam:2}
         var=${var_without_minuses%%=*}
         val=${origparam#*$searchstring}
-        #echo $var
-        #echo $val
+        # echo "$var = $val"
         printf -v "$var" '%s' "$val"
     fi
 }
 numargs=$#
 for ((i=1 ; i <= numargs ; i++))
 do
-    handle_parameter $1
-    shift
+    handle_parameter ${@:$i:1}
 done

From 6523a2daf953409499ab2eb269fdd358d92f2ae1 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 24 Mar 2022 20:26:16 +0100
Subject: [PATCH 1687/2300] OpenCart detection

---
 bin/v-get-database-credentials-of-domain | 37 ++++++++++++++++++++++--
 1 file changed, 35 insertions(+), 2 deletions(-)

diff --git a/bin/v-get-database-credentials-of-domain b/bin/v-get-database-credentials-of-domain
index 60164226..22550d7a 100644
--- a/bin/v-get-database-credentials-of-domain
+++ b/bin/v-get-database-credentials-of-domain
@@ -46,11 +46,12 @@ fi
 #                       Action                             #
 #----------------------------------------------------------#
 
-SITE_FOLDER="/home/$USER/web/$DOMAIN/public_html"
+PUBLIC_HTML='public_html';
 CHECK_PUBLIC_SHTML=$(/usr/local/vesta/bin/v-list-web-domain "$USER" "$DOMAIN" | grep 'SSL:' | grep -c 'single')
 if [ $CHECK_PUBLIC_SHTML -eq 1 ]; then
-    SITE_FOLDER="/home/$USER/web/$DOMAIN/public_shtml"
+    PUBLIC_HTML='public_shtml';
 fi
+SITE_FOLDER="/home/$USER/web/$DOMAIN/$PUBLIC_HTML"
 
 if [ ! -z "$SUBFOLDER" ]; then
     SITE_FOLDER="${SITE_FOLDER}/${SUBFOLDER}"
@@ -68,6 +69,16 @@ if [ -f "$SITE_FOLDER/configuration.php" ]; then
     CONFIG_FILE="configuration.php"
     CONFIG_FILE_FULL_PATH="$SITE_FOLDER/$CONFIG_FILE"
 fi
+if [ -f "$SITE_FOLDER/system/engine/model.php" ]; then
+    check_grep=$(grep -c 'OpenCart' $SITE_FOLDER/system/engine/model.php)
+    if [ "$check_grep" -gt 0 ]; then
+        CMS_TYPE='opencart'
+        CONFIG_FILE="$PUBLIC_HTML/config.php"
+        SUBFOLDER='..'
+        SITE_FOLDER="${SITE_FOLDER}/.."
+        CONFIG_FILE_FULL_PATH="$SITE_FOLDER/$CONFIG_FILE"
+    fi
+fi
 
 if [ "$CMS_TYPE" = "wordpress" ]; then
     CONFIG_FILE_FULL_PATH_BACKUP="${CONFIG_FILE_FULL_PATH}_backup"
@@ -97,6 +108,20 @@ if [ "$CMS_TYPE" = "joomla" ]; then
     rm $CONFIG_FILE_FULL_PATH_BACKUP
 fi
 
+if [ "$CMS_TYPE" = "opencart" ]; then
+    CONFIG_FILE_FULL_PATH_BACKUP="${CONFIG_FILE_FULL_PATH}_backup"
+    cp $CONFIG_FILE_FULL_PATH $CONFIG_FILE_FULL_PATH_BACKUP
+    sed -i "s|//.*$||g" $CONFIG_FILE_FULL_PATH_BACKUP
+    sed -i "s|('|( '|g" $CONFIG_FILE_FULL_PATH_BACKUP
+    sed -i "s|');|' );|g" $CONFIG_FILE_FULL_PATH_BACKUP
+    DATABASE_NAME=$(grep 'DB_DATABASE' $CONFIG_FILE_FULL_PATH_BACKUP | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
+    DATABASE_USERNAME=$(grep 'DB_USERNAME' $CONFIG_FILE_FULL_PATH_BACKUP | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
+    DATABASE_PASSWORD=$(grep 'DB_PASSWORD' $CONFIG_FILE_FULL_PATH_BACKUP | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
+    DATABASE_HOSTNAME=$(grep 'DB_HOST' $CONFIG_FILE_FULL_PATH_BACKUP | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")
+    rm $CONFIG_FILE_FULL_PATH_BACKUP
+fi
+
+
 if [ ! -z "$DATABASE_NAME" ]; then
     DATABASE_NAME_WITHOUT_USER_PREFIX=$(get_database_name_without_user_prefix "$USER" "$DATABASE_NAME")
 fi
@@ -134,9 +159,17 @@ echo "CMS_TYPE=$CMS_TYPE"
 SITE_FOLDER=$(escape_shell_quote $SITE_FOLDER)
 echo "SITE_FOLDER=$SITE_FOLDER"
 
+SUBFOLDER=$(escape_shell_quote $SUBFOLDER)
+echo "SITE_SUBFOLDER=$SUBFOLDER"
+
 USER=$(escape_shell_quote $USER)
 echo "SITE_USER=$USER"
 
+if [ "$CMS_TYPE" = "'opencart'" ]; then
+    echo "SEARCH_FOR_CONFIGS_DATABASE_NAME=1"
+    echo "SEARCH_FOR_CONFIGS_DATABASE_USERNAME=1"
+fi
+
 #----------------------------------------------------------#
 #                       Vesta                              #
 #----------------------------------------------------------#

From ebb6b5406581e79aca4881a67b301c221a28c307 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 24 Mar 2022 20:31:43 +0100
Subject: [PATCH 1688/2300] Many improvements in v-clone-website

---
 bin/v-clone-website | 81 ++++++++++++++++++++++++++++++++++++++-------
 1 file changed, 69 insertions(+), 12 deletions(-)

diff --git a/bin/v-clone-website b/bin/v-clone-website
index e055d1a3..2c38eef9 100644
--- a/bin/v-clone-website
+++ b/bin/v-clone-website
@@ -14,11 +14,12 @@ if [ $# -lt 2 ]; then
     echo "--FROM_DATABASE_NAME=..."
     echo "--FROM_DATABASE_USERNAME=..."
     echo "--FROM_DATABASE_PASSWORD=..."
-    echo "--FROM_CONFIG_FILE=..."
+    echo "--CONFIG_FILE=..."
     echo "--TO_USER=..."
     echo "--TO_DATABASE_NAME=..."
     echo "--TO_DATABASE_USERNAME=..."
     echo "--TO_DATABASE_PASSWORD=..."
+    echo "--SITE_SUBFOLDER=..."
     exit 1
 fi
 
@@ -50,6 +51,9 @@ TO_DATABASE_NAME=''
 TO_DATABASE_USERNAME=''
 TO_DATABASE_PASSWORD=''
 DATABASE_SUFIX='_migrated'
+SITE_SUBFOLDER=''
+SEARCH_FOR_CONFIGS_DATABASE_NAME=''
+SEARCH_FOR_CONFIGS_DATABASE_USERNAME=''
 
 #----------------------------------------------------------#
 #                    Verifications                         #
@@ -61,7 +65,16 @@ is_domain_format_valid "$TO_DOMAIN"
 
 FROM_USER=$user
 
-r=$(/usr/local/vesta/bin/v-get-database-credentials-of-domain "$FROM_DOMAIN")
+# take --parameters
+source /usr/local/vesta/func/handle_parameters.sh
+
+if [ -z "$SITE_SUBFOLDER" ]; then
+    r=$(/usr/local/vesta/bin/v-get-database-credentials-of-domain "$FROM_DOMAIN")
+else
+    r=$(/usr/local/vesta/bin/v-get-database-credentials-of-domain "$FROM_DOMAIN" "$SITE_SUBFOLDER")
+fi
+#echo $r
+#exit
 eval $r
 
 # take --parameters
@@ -155,6 +168,9 @@ CHECK_PUBLIC_SHTML=$(/usr/local/vesta/bin/v-list-web-domain "$TO_USER" "$TO_DOMA
 if [ $CHECK_PUBLIC_SHTML -eq 1 ]; then
     TO_FOLDER="/home/$TO_USER/web/$TO_DOMAIN/public_shtml"
 fi
+if [ ! -z "$SITE_SUBFOLDER" ]; then
+    TO_FOLDER="$TO_FOLDER/$SITE_SUBFOLDER"
+fi
 
 TO_CONFIG_FILE_FULL_PATH="$TO_FOLDER/$FROM_CONFIG_FILE"
 
@@ -218,6 +234,12 @@ if [ $FROM_DOMAIN_HAS_SSL -eq 1 ] && [ $TO_DOMAIN_HAS_SSL -eq 0 ]; then
     SHOULD_INSTALL_SSL=1
 fi
 
+FROM_FPM_VER=""
+if [[ $FROM_DOMAIN_TPL == "PHP-FPM-"* ]]; then
+    FROM_FPM_TPL_VER=${FROM_DOMAIN_TPL:8:2}
+    FROM_FPM_VER="${FROM_DOMAIN_TPL:8:1}.${FROM_DOMAIN_TPL:9:1}"
+fi
+
 # ----------- CHECK -------------
 
 if [ $IT_IS_WP -eq 0 ]; then
@@ -240,13 +262,16 @@ fi
 # ----------- PRINT -------------
 
 echo "==============================================================================="
-echo "FROM_DOMAIN = $FROM_DOMAIN"
-echo "TO_DOMAIN   = $TO_DOMAIN"
-echo "FROM_USER = $FROM_USER"
-echo "TO_USER   = $TO_USER"
-echo "FROM_FOLDER = $FROM_FOLDER"
-echo "TO_FOLDER   = $TO_FOLDER"
-echo "IT_IS_WP = $IT_IS_WP"
+echo "FROM_DOMAIN    = $FROM_DOMAIN"
+echo "TO_DOMAIN      = $TO_DOMAIN"
+echo "FROM_USER      = $FROM_USER"
+echo "TO_USER        = $TO_USER"
+echo "SITE_SUBFOLDER = $SITE_SUBFOLDER"
+echo "FROM_FOLDER    = $FROM_FOLDER"
+echo "TO_FOLDER      = $TO_FOLDER"
+echo "CMS_TYPE       = $CMS_TYPE"
+echo "IT_IS_WP       = $IT_IS_WP"
+echo "CONFIG_FILE    = $CONFIG_FILE"
 echo "FROM_CONFIG_FILE_FULL_PATH = $FROM_CONFIG_FILE_FULL_PATH"
 echo "TO_CONFIG_FILE_FULL_PATH   = $TO_CONFIG_FILE_FULL_PATH"
 echo "FROM_DATABASE_NAME = $FROM_DATABASE_NAME"
@@ -264,8 +289,11 @@ echo "CREATE_TO_USER        = $CREATE_TO_USER"
 echo "CREATE_TO_DOMAIN      = $CREATE_TO_DOMAIN"
 echo "SHOULD_INSTALL_SSL    = $SHOULD_INSTALL_SSL"
 echo "FROM_DOMAIN_TPL       = $FROM_DOMAIN_TPL"
+echo "FROM_FPM_VER          = $FROM_FPM_VER"
 echo "FROM_DOMAIN_PROXY_TPL = $FROM_DOMAIN_PROXY_TPL"
 echo "FROM_DOMAIN_PROXY_EXT = $FROM_DOMAIN_PROXY_EXT"
+echo "SEARCH_FOR_CONFIGS_DATABASE_NAME     = $SEARCH_FOR_CONFIGS_DATABASE_NAME"
+echo "SEARCH_FOR_CONFIGS_DATABASE_USERNAME = $SEARCH_FOR_CONFIGS_DATABASE_USERNAME"
 echo "==============================================================================="
 read -p "=== Press Enter to continue ==="
 
@@ -297,6 +325,15 @@ if [ ! -z "$FROM_DOMAIN_TPL" ]; then
     echo "=== Set $FROM_DOMAIN_TPL template to domain $TO_DOMAIN"
     /usr/local/vesta/bin/v-change-web-domain-tpl "$TO_USER" "$TO_DOMAIN" "$FROM_DOMAIN_TPL" "yes"
 fi
+if [ "$SITE_SUBFOLDER" = ".." ]; then
+    if [ ! -z "$FROM_FPM_VER" ]; then
+        POOLD_FILE="/etc/php/$FROM_FPM_VER/fpm/pool.d/$TO_DOMAIN.conf"
+        echo "=== Removing public_html from open_basedir in $POOLD_FILE"
+        sed -i "s|/public_html:|:|g" $POOLD_FILE
+        sed -i "s|/public_shtml:|:|g" $POOLD_FILE
+        systemctl restart php${FROM_FPM_VER}-fpm
+    fi
+fi
 
 if [ ! -z "$FROM_DOMAIN_PROXY_TPL" ]; then
     echo "=== Set $FROM_DOMAIN_PROXY_TPL proxy template to domain $TO_DOMAIN"
@@ -320,7 +357,13 @@ echo "=== Importing to database $TO_DATABASE_NAME"
 mysql $TO_DATABASE_NAME < $FROM_DATABASE_NAME.sql
 
 echo "=== Copying files from $FROM_FOLDER to folder $TO_FOLDER"
-rsync -a --delete $FROM_FOLDER/ $TO_FOLDER/
+if [ "$SITE_SUBFOLDER" != ".." ]; then
+    echo "====== Executing: rsync -a --delete $FROM_FOLDER/ $TO_FOLDER/"
+    rsync -a --delete $FROM_FOLDER/ $TO_FOLDER/
+else
+    echo "====== Executing: rsync -a --delete --exclude 'logs/*' $FROM_FOLDER/ $TO_FOLDER/"
+    rsync -a --delete --exclude 'logs/*' $FROM_FOLDER/ $TO_FOLDER/
+fi
 echo "=== Chowning to $TO_USER:$TO_USER in folder $TO_FOLDER"
 chown -R $TO_USER:$TO_USER $TO_FOLDER
 
@@ -328,13 +371,27 @@ replace_php_config_value "${FROM_DATABASE_NAME}" "${TO_DATABASE_NAME}" "$TO_CONF
 replace_php_config_value "${FROM_DATABASE_USERNAME}" "${TO_DATABASE_USERNAME}" "$TO_CONFIG_FILE_FULL_PATH" "yes"
 replace_php_config_value "${FROM_DATABASE_PASSWORD}" "${TO_DATABASE_PASSWORD}" "$TO_CONFIG_FILE_FULL_PATH" "yes"
 
-echo "=== Replacing $FROM_DOMAIN to $TO_DOMAIN in folder $TO_FOLDER"
+echo "=== Replacing $FROM_DOMAIN to $TO_DOMAIN by searching in folder $TO_FOLDER"
 REGEXP_FROM_DOMAIN="${FROM_DOMAIN//\./\\.}"
 grep -rl "$REGEXP_FROM_DOMAIN" $TO_FOLDER | xargs sed -i "s#$REGEXP_FROM_DOMAIN#$TO_DOMAIN#g"
 if [ "$FROM_USER" != "$TO_USER" ]; then
-    echo "=== Replacing /home/$FROM_USER/ to /home/$TO_USER/ in folder $TO_FOLDER"
+    echo "=== Replacing /home/$FROM_USER/ to /home/$TO_USER/ by searching in folder $TO_FOLDER"
     grep -rl "/home/$FROM_USER/" $TO_FOLDER | xargs sed -i "s#/home/$FROM_USER/#/home/$TO_USER/#g"
 fi
+if [ ! -z "$SEARCH_FOR_CONFIGS_DATABASE_NAME" ]; then
+    echo "=== Replacing ${FROM_DATABASE_NAME} to ${TO_DATABASE_NAME} by searching in folder $TO_FOLDER [SEARCH_FOR_CONFIGS_DATABASE_NAME]"
+    grep -rl "${FROM_DATABASE_NAME}" $TO_FOLDER | xargs sed -i "s#${FROM_DATABASE_NAME}#${TO_DATABASE_NAME}#g"
+fi
+if [ ! -z "$SEARCH_FOR_CONFIGS_DATABASE_USERNAME" ]; then
+    DO_SEARCH_FOR_CONFIGS_DATABASE_USERNAME=1;
+    if [ ! -z "$SEARCH_FOR_CONFIGS_DATABASE_NAME" ] && [ "$SEARCH_FOR_CONFIGS_DATABASE_NAME" = "$SEARCH_FOR_CONFIGS_DATABASE_USERNAME" ]; then
+        DO_SEARCH_FOR_CONFIGS_DATABASE_USERNAME=0
+    fi
+    if [ $DO_SEARCH_FOR_CONFIGS_DATABASE_USERNAME -eq 1 ]; then
+        echo "=== Replacing ${FROM_DATABASE_USERNAME} to ${TO_DATABASE_USERNAME} by searching in folder $TO_FOLDER [SEARCH_FOR_CONFIGS_DATABASE_USERNAME]"
+        grep -rl "${FROM_DATABASE_USERNAME}" $TO_FOLDER | xargs sed -i "s#${FROM_DATABASE_USERNAME}#${TO_DATABASE_USERNAME}#g"
+    fi
+fi
 
 if [ $IT_IS_WP -eq 0 ]; then
     echo "=== Replacing $FROM_DOMAIN to $TO_DOMAIN in database $TO_DATABASE_NAME"

From 355ae012223927707580a75f534b3bee0201e4d6 Mon Sep 17 00:00:00 2001
From: myvesta 
Date: Wed, 30 Mar 2022 13:50:29 +0200
Subject: [PATCH 1689/2300] Reverting blocking in nginx everything that begins
 with dot

---
 install/debian/10/templates/web/nginx/caching.tpl              | 3 ++-
 install/debian/10/templates/web/nginx/hosting-legacy.tpl       | 3 ++-
 install/debian/10/templates/web/nginx/hosting-public.tpl       | 3 ++-
 .../10/templates/web/nginx/hosting-webmail-phpmyadmin.tpl      | 3 ++-
 install/debian/10/templates/web/nginx/hosting.tpl              | 3 ++-
 install/debian/10/templates/web/nginx/php-fpm/pyrocms.tpl      | 2 +-
 install/debian/10/templates/web/nginx/private-hosting.tpl      | 3 ++-
 install/debian/11/templates/web/nginx/caching.tpl              | 3 ++-
 install/debian/11/templates/web/nginx/hosting-legacy.tpl       | 3 ++-
 install/debian/11/templates/web/nginx/hosting-public.tpl       | 3 ++-
 .../11/templates/web/nginx/hosting-webmail-phpmyadmin.tpl      | 3 ++-
 install/debian/11/templates/web/nginx/hosting.tpl              | 3 ++-
 install/debian/11/templates/web/nginx/php-fpm/pyrocms.tpl      | 2 +-
 install/debian/11/templates/web/nginx/private-hosting.tpl      | 3 ++-
 install/debian/7/templates/web/nginx/caching.tpl               | 3 ++-
 install/debian/7/templates/web/nginx/default.tpl               | 3 ++-
 install/debian/7/templates/web/nginx/hosting.tpl               | 3 ++-
 install/debian/7/templates/web/nginx/http2.tpl                 | 3 ++-
 install/debian/7/templates/web/nginx/php5-fpm/pyrocms.tpl      | 2 +-
 install/debian/8/templates/web/nginx/caching.tpl               | 3 ++-
 install/debian/8/templates/web/nginx/default.tpl               | 3 ++-
 install/debian/8/templates/web/nginx/hosting.tpl               | 3 ++-
 install/debian/8/templates/web/nginx/http2.tpl                 | 3 ++-
 install/debian/8/templates/web/nginx/php5-fpm/pyrocms.tpl      | 2 +-
 install/debian/9/templates/web/nginx/caching.tpl               | 3 ++-
 install/debian/9/templates/web/nginx/default.tpl               | 3 ++-
 install/debian/9/templates/web/nginx/hosting.tpl               | 3 ++-
 install/debian/9/templates/web/nginx/http2.tpl                 | 3 ++-
 install/debian/9/templates/web/nginx/php-fpm/pyrocms.tpl       | 2 +-
 install/rhel/5/templates/web/nginx/caching.tpl                 | 3 ++-
 install/rhel/5/templates/web/nginx/default.tpl                 | 3 ++-
 install/rhel/5/templates/web/nginx/hosting.tpl                 | 3 ++-
 install/rhel/5/templates/web/nginx/http2.tpl                   | 3 ++-
 install/rhel/5/templates/web/nginx/php-fpm/pyrocms.tpl         | 2 +-
 install/rhel/6/templates/web/nginx/caching.tpl                 | 3 ++-
 install/rhel/6/templates/web/nginx/default.tpl                 | 3 ++-
 install/rhel/6/templates/web/nginx/hosting.tpl                 | 3 ++-
 install/rhel/6/templates/web/nginx/http2.tpl                   | 3 ++-
 install/rhel/6/templates/web/nginx/php-fpm/pyrocms.tpl         | 2 +-
 install/rhel/7/templates/web/nginx/caching.tpl                 | 3 ++-
 install/rhel/7/templates/web/nginx/default.tpl                 | 3 ++-
 install/rhel/7/templates/web/nginx/hosting.tpl                 | 3 ++-
 install/rhel/7/templates/web/nginx/http2.tpl                   | 3 ++-
 install/rhel/7/templates/web/nginx/php-fpm/pyrocms.tpl         | 2 +-
 install/ubuntu/12.04/templates/web/nginx/caching.tpl           | 3 ++-
 install/ubuntu/12.04/templates/web/nginx/default.tpl           | 3 ++-
 install/ubuntu/12.04/templates/web/nginx/hosting.tpl           | 3 ++-
 install/ubuntu/12.04/templates/web/nginx/http2.tpl             | 3 ++-
 install/ubuntu/12.04/templates/web/nginx/php-fpm/pyrocms.tpl   | 2 +-
 install/ubuntu/12.10/templates/web/nginx/caching.tpl           | 3 ++-
 install/ubuntu/12.10/templates/web/nginx/default.tpl           | 3 ++-
 install/ubuntu/12.10/templates/web/nginx/hosting.tpl           | 3 ++-
 install/ubuntu/12.10/templates/web/nginx/http2.tpl             | 3 ++-
 install/ubuntu/12.10/templates/web/nginx/php-fpm/pyrocms.tpl   | 2 +-
 install/ubuntu/13.04/templates/web/nginx/caching.tpl           | 3 ++-
 install/ubuntu/13.04/templates/web/nginx/default.tpl           | 3 ++-
 install/ubuntu/13.04/templates/web/nginx/hosting.tpl           | 3 ++-
 install/ubuntu/13.04/templates/web/nginx/http2.tpl             | 3 ++-
 install/ubuntu/13.04/templates/web/nginx/php-fpm/pyrocms.tpl   | 2 +-
 install/ubuntu/13.10/templates/web/nginx/caching.tpl           | 3 ++-
 install/ubuntu/13.10/templates/web/nginx/default.tpl           | 3 ++-
 install/ubuntu/13.10/templates/web/nginx/hosting.tpl           | 3 ++-
 install/ubuntu/13.10/templates/web/nginx/http2.tpl             | 3 ++-
 install/ubuntu/13.10/templates/web/nginx/php-fpm/pyrocms.tpl   | 2 +-
 install/ubuntu/14.04/templates/web/nginx/caching.tpl           | 3 ++-
 install/ubuntu/14.04/templates/web/nginx/default.tpl           | 3 ++-
 install/ubuntu/14.04/templates/web/nginx/hosting.tpl           | 3 ++-
 install/ubuntu/14.04/templates/web/nginx/http2.tpl             | 3 ++-
 install/ubuntu/14.04/templates/web/nginx/php-fpm/pyrocms.tpl   | 2 +-
 install/ubuntu/14.10/templates/web/nginx/caching.tpl           | 3 ++-
 install/ubuntu/14.10/templates/web/nginx/default.tpl           | 3 ++-
 install/ubuntu/14.10/templates/web/nginx/hosting.tpl           | 3 ++-
 install/ubuntu/14.10/templates/web/nginx/http2.tpl             | 3 ++-
 install/ubuntu/14.10/templates/web/nginx/php-fpm/pyrocms.tpl   | 2 +-
 install/ubuntu/15.04/templates/web/nginx/caching.tpl           | 3 ++-
 install/ubuntu/15.04/templates/web/nginx/default.tpl           | 3 ++-
 install/ubuntu/15.04/templates/web/nginx/hosting.tpl           | 3 ++-
 install/ubuntu/15.04/templates/web/nginx/http2.tpl             | 3 ++-
 install/ubuntu/15.04/templates/web/nginx/php-fpm/pyrocms.tpl   | 2 +-
 install/ubuntu/15.10/templates/web/nginx/caching.tpl           | 3 ++-
 install/ubuntu/15.10/templates/web/nginx/default.tpl           | 3 ++-
 install/ubuntu/15.10/templates/web/nginx/hosting.tpl           | 3 ++-
 install/ubuntu/15.10/templates/web/nginx/http2.tpl             | 3 ++-
 install/ubuntu/15.10/templates/web/nginx/php-fpm/pyrocms.tpl   | 2 +-
 install/ubuntu/16.04/templates/web/nginx/caching.tpl           | 3 ++-
 install/ubuntu/16.04/templates/web/nginx/default.tpl           | 3 ++-
 install/ubuntu/16.04/templates/web/nginx/hosting.tpl           | 3 ++-
 install/ubuntu/16.04/templates/web/nginx/http2.tpl             | 3 ++-
 install/ubuntu/16.04/templates/web/nginx/php-fpm/pyrocms.tpl   | 2 +-
 install/ubuntu/16.10/templates/web/nginx/caching.tpl           | 3 ++-
 install/ubuntu/16.10/templates/web/nginx/default.tpl           | 3 ++-
 install/ubuntu/16.10/templates/web/nginx/hosting.tpl           | 3 ++-
 install/ubuntu/16.10/templates/web/nginx/http2.tpl             | 3 ++-
 install/ubuntu/16.10/templates/web/nginx/php-fpm/pyrocms.tpl   | 2 +-
 install/ubuntu/17.04/templates/web/nginx/caching.tpl           | 3 ++-
 install/ubuntu/17.04/templates/web/nginx/default.tpl           | 3 ++-
 install/ubuntu/17.04/templates/web/nginx/hosting.tpl           | 3 ++-
 install/ubuntu/17.04/templates/web/nginx/http2.tpl             | 3 ++-
 install/ubuntu/17.04/templates/web/nginx/php-fpm/pyrocms.tpl   | 2 +-
 install/ubuntu/17.10/templates/web/nginx/caching.tpl           | 3 ++-
 install/ubuntu/17.10/templates/web/nginx/default.tpl           | 3 ++-
 install/ubuntu/17.10/templates/web/nginx/hosting.tpl           | 3 ++-
 install/ubuntu/17.10/templates/web/nginx/http2.tpl             | 3 ++-
 install/ubuntu/17.10/templates/web/nginx/php-fpm/pyrocms.tpl   | 2 +-
 install/ubuntu/18.04/templates/web/nginx/caching.tpl           | 3 ++-
 install/ubuntu/18.04/templates/web/nginx/default.tpl           | 3 ++-
 install/ubuntu/18.04/templates/web/nginx/hosting.tpl           | 3 ++-
 install/ubuntu/18.04/templates/web/nginx/http2.tpl             | 3 ++-
 install/ubuntu/18.04/templates/web/nginx/php-fpm/pyrocms.tpl   | 2 +-
 install/ubuntu/18.10/templates/web/nginx/caching.tpl           | 3 ++-
 install/ubuntu/18.10/templates/web/nginx/default.tpl           | 3 ++-
 install/ubuntu/18.10/templates/web/nginx/hosting.tpl           | 3 ++-
 install/ubuntu/18.10/templates/web/nginx/http2.tpl             | 3 ++-
 install/ubuntu/18.10/templates/web/nginx/php-fpm/pyrocms.tpl   | 2 +-
 .../nodejs-nginx-templates/node-app-3000-no-https-force.tpl    | 3 ++-
 .../node-app-also-handle-static-files-3000.tpl                 | 3 ++-
 .../rate-limit-tpl/hosting-firewall-burst-2-speed-2-conn-4.tpl | 3 ++-
 .../tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2.tpl  | 3 ++-
 .../tools/rate-limit-tpl/hosting-firewall-burst-2.tpl          | 3 ++-
 src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.tpl | 3 ++-
 120 files changed, 218 insertions(+), 120 deletions(-)

diff --git a/install/debian/10/templates/web/nginx/caching.tpl b/install/debian/10/templates/web/nginx/caching.tpl
index a1a89549..73de28d5 100644
--- a/install/debian/10/templates/web/nginx/caching.tpl
+++ b/install/debian/10/templates/web/nginx/caching.tpl
@@ -31,7 +31,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/10/templates/web/nginx/hosting-legacy.tpl b/install/debian/10/templates/web/nginx/hosting-legacy.tpl
index 541e560a..a41d4054 100644
--- a/install/debian/10/templates/web/nginx/hosting-legacy.tpl
+++ b/install/debian/10/templates/web/nginx/hosting-legacy.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/10/templates/web/nginx/hosting-public.tpl b/install/debian/10/templates/web/nginx/hosting-public.tpl
index 756ede37..f5d8b327 100644
--- a/install/debian/10/templates/web/nginx/hosting-public.tpl
+++ b/install/debian/10/templates/web/nginx/hosting-public.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.tpl b/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.tpl
index da7dc9b2..f84f4781 100644
--- a/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.tpl
+++ b/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.tpl
@@ -46,7 +46,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/10/templates/web/nginx/hosting.tpl b/install/debian/10/templates/web/nginx/hosting.tpl
index 87c2f824..61469ad2 100644
--- a/install/debian/10/templates/web/nginx/hosting.tpl
+++ b/install/debian/10/templates/web/nginx/hosting.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/pyrocms.tpl b/install/debian/10/templates/web/nginx/php-fpm/pyrocms.tpl
index 297fe0e8..b92861b0 100644
--- a/install/debian/10/templates/web/nginx/php-fpm/pyrocms.tpl
+++ b/install/debian/10/templates/web/nginx/php-fpm/pyrocms.tpl
@@ -33,7 +33,7 @@ server {
 
     location = /robots.txt  { access_log off; log_not_found off; }
     location = /favicon.ico { access_log off; log_not_found off; }
-    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
     location ~ ~$           { access_log off; log_not_found off; deny all; }
 
     error_page  403 /error/404.html;
diff --git a/install/debian/10/templates/web/nginx/private-hosting.tpl b/install/debian/10/templates/web/nginx/private-hosting.tpl
index 5fd75be5..a8ee840e 100644
--- a/install/debian/10/templates/web/nginx/private-hosting.tpl
+++ b/install/debian/10/templates/web/nginx/private-hosting.tpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/11/templates/web/nginx/caching.tpl b/install/debian/11/templates/web/nginx/caching.tpl
index a1a89549..73de28d5 100644
--- a/install/debian/11/templates/web/nginx/caching.tpl
+++ b/install/debian/11/templates/web/nginx/caching.tpl
@@ -31,7 +31,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/11/templates/web/nginx/hosting-legacy.tpl b/install/debian/11/templates/web/nginx/hosting-legacy.tpl
index 541e560a..a41d4054 100644
--- a/install/debian/11/templates/web/nginx/hosting-legacy.tpl
+++ b/install/debian/11/templates/web/nginx/hosting-legacy.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/11/templates/web/nginx/hosting-public.tpl b/install/debian/11/templates/web/nginx/hosting-public.tpl
index 756ede37..f5d8b327 100644
--- a/install/debian/11/templates/web/nginx/hosting-public.tpl
+++ b/install/debian/11/templates/web/nginx/hosting-public.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/11/templates/web/nginx/hosting-webmail-phpmyadmin.tpl b/install/debian/11/templates/web/nginx/hosting-webmail-phpmyadmin.tpl
index da7dc9b2..f84f4781 100644
--- a/install/debian/11/templates/web/nginx/hosting-webmail-phpmyadmin.tpl
+++ b/install/debian/11/templates/web/nginx/hosting-webmail-phpmyadmin.tpl
@@ -46,7 +46,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/11/templates/web/nginx/hosting.tpl b/install/debian/11/templates/web/nginx/hosting.tpl
index 87c2f824..61469ad2 100644
--- a/install/debian/11/templates/web/nginx/hosting.tpl
+++ b/install/debian/11/templates/web/nginx/hosting.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/pyrocms.tpl b/install/debian/11/templates/web/nginx/php-fpm/pyrocms.tpl
index 297fe0e8..b92861b0 100644
--- a/install/debian/11/templates/web/nginx/php-fpm/pyrocms.tpl
+++ b/install/debian/11/templates/web/nginx/php-fpm/pyrocms.tpl
@@ -33,7 +33,7 @@ server {
 
     location = /robots.txt  { access_log off; log_not_found off; }
     location = /favicon.ico { access_log off; log_not_found off; }
-    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
     location ~ ~$           { access_log off; log_not_found off; deny all; }
 
     error_page  403 /error/404.html;
diff --git a/install/debian/11/templates/web/nginx/private-hosting.tpl b/install/debian/11/templates/web/nginx/private-hosting.tpl
index 5fd75be5..a8ee840e 100644
--- a/install/debian/11/templates/web/nginx/private-hosting.tpl
+++ b/install/debian/11/templates/web/nginx/private-hosting.tpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/7/templates/web/nginx/caching.tpl b/install/debian/7/templates/web/nginx/caching.tpl
index a1a89549..73de28d5 100644
--- a/install/debian/7/templates/web/nginx/caching.tpl
+++ b/install/debian/7/templates/web/nginx/caching.tpl
@@ -31,7 +31,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/7/templates/web/nginx/default.tpl b/install/debian/7/templates/web/nginx/default.tpl
index 0e200e92..bebd47a2 100644
--- a/install/debian/7/templates/web/nginx/default.tpl
+++ b/install/debian/7/templates/web/nginx/default.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/7/templates/web/nginx/hosting.tpl b/install/debian/7/templates/web/nginx/hosting.tpl
index 541e560a..a41d4054 100644
--- a/install/debian/7/templates/web/nginx/hosting.tpl
+++ b/install/debian/7/templates/web/nginx/hosting.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/7/templates/web/nginx/http2.tpl b/install/debian/7/templates/web/nginx/http2.tpl
index 0e200e92..bebd47a2 100644
--- a/install/debian/7/templates/web/nginx/http2.tpl
+++ b/install/debian/7/templates/web/nginx/http2.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/7/templates/web/nginx/php5-fpm/pyrocms.tpl b/install/debian/7/templates/web/nginx/php5-fpm/pyrocms.tpl
index 297fe0e8..b92861b0 100644
--- a/install/debian/7/templates/web/nginx/php5-fpm/pyrocms.tpl
+++ b/install/debian/7/templates/web/nginx/php5-fpm/pyrocms.tpl
@@ -33,7 +33,7 @@ server {
 
     location = /robots.txt  { access_log off; log_not_found off; }
     location = /favicon.ico { access_log off; log_not_found off; }
-    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
     location ~ ~$           { access_log off; log_not_found off; deny all; }
 
     error_page  403 /error/404.html;
diff --git a/install/debian/8/templates/web/nginx/caching.tpl b/install/debian/8/templates/web/nginx/caching.tpl
index a1a89549..73de28d5 100644
--- a/install/debian/8/templates/web/nginx/caching.tpl
+++ b/install/debian/8/templates/web/nginx/caching.tpl
@@ -31,7 +31,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/8/templates/web/nginx/default.tpl b/install/debian/8/templates/web/nginx/default.tpl
index 0e200e92..bebd47a2 100644
--- a/install/debian/8/templates/web/nginx/default.tpl
+++ b/install/debian/8/templates/web/nginx/default.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/8/templates/web/nginx/hosting.tpl b/install/debian/8/templates/web/nginx/hosting.tpl
index 541e560a..a41d4054 100644
--- a/install/debian/8/templates/web/nginx/hosting.tpl
+++ b/install/debian/8/templates/web/nginx/hosting.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/8/templates/web/nginx/http2.tpl b/install/debian/8/templates/web/nginx/http2.tpl
index 0e200e92..bebd47a2 100644
--- a/install/debian/8/templates/web/nginx/http2.tpl
+++ b/install/debian/8/templates/web/nginx/http2.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/8/templates/web/nginx/php5-fpm/pyrocms.tpl b/install/debian/8/templates/web/nginx/php5-fpm/pyrocms.tpl
index 297fe0e8..b92861b0 100644
--- a/install/debian/8/templates/web/nginx/php5-fpm/pyrocms.tpl
+++ b/install/debian/8/templates/web/nginx/php5-fpm/pyrocms.tpl
@@ -33,7 +33,7 @@ server {
 
     location = /robots.txt  { access_log off; log_not_found off; }
     location = /favicon.ico { access_log off; log_not_found off; }
-    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
     location ~ ~$           { access_log off; log_not_found off; deny all; }
 
     error_page  403 /error/404.html;
diff --git a/install/debian/9/templates/web/nginx/caching.tpl b/install/debian/9/templates/web/nginx/caching.tpl
index a1a89549..73de28d5 100644
--- a/install/debian/9/templates/web/nginx/caching.tpl
+++ b/install/debian/9/templates/web/nginx/caching.tpl
@@ -31,7 +31,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/9/templates/web/nginx/default.tpl b/install/debian/9/templates/web/nginx/default.tpl
index 0e200e92..bebd47a2 100644
--- a/install/debian/9/templates/web/nginx/default.tpl
+++ b/install/debian/9/templates/web/nginx/default.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/9/templates/web/nginx/hosting.tpl b/install/debian/9/templates/web/nginx/hosting.tpl
index 541e560a..a41d4054 100644
--- a/install/debian/9/templates/web/nginx/hosting.tpl
+++ b/install/debian/9/templates/web/nginx/hosting.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/9/templates/web/nginx/http2.tpl b/install/debian/9/templates/web/nginx/http2.tpl
index 0e200e92..bebd47a2 100644
--- a/install/debian/9/templates/web/nginx/http2.tpl
+++ b/install/debian/9/templates/web/nginx/http2.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/9/templates/web/nginx/php-fpm/pyrocms.tpl b/install/debian/9/templates/web/nginx/php-fpm/pyrocms.tpl
index 297fe0e8..b92861b0 100644
--- a/install/debian/9/templates/web/nginx/php-fpm/pyrocms.tpl
+++ b/install/debian/9/templates/web/nginx/php-fpm/pyrocms.tpl
@@ -33,7 +33,7 @@ server {
 
     location = /robots.txt  { access_log off; log_not_found off; }
     location = /favicon.ico { access_log off; log_not_found off; }
-    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
     location ~ ~$           { access_log off; log_not_found off; deny all; }
 
     error_page  403 /error/404.html;
diff --git a/install/rhel/5/templates/web/nginx/caching.tpl b/install/rhel/5/templates/web/nginx/caching.tpl
index 677fea6f..fc721982 100755
--- a/install/rhel/5/templates/web/nginx/caching.tpl
+++ b/install/rhel/5/templates/web/nginx/caching.tpl
@@ -31,7 +31,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/5/templates/web/nginx/default.tpl b/install/rhel/5/templates/web/nginx/default.tpl
index d7fa634c..e49081a5 100755
--- a/install/rhel/5/templates/web/nginx/default.tpl
+++ b/install/rhel/5/templates/web/nginx/default.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/5/templates/web/nginx/hosting.tpl b/install/rhel/5/templates/web/nginx/hosting.tpl
index 41fe0c43..de42b9df 100755
--- a/install/rhel/5/templates/web/nginx/hosting.tpl
+++ b/install/rhel/5/templates/web/nginx/hosting.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/5/templates/web/nginx/http2.tpl b/install/rhel/5/templates/web/nginx/http2.tpl
index 0e200e92..bebd47a2 100644
--- a/install/rhel/5/templates/web/nginx/http2.tpl
+++ b/install/rhel/5/templates/web/nginx/http2.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/5/templates/web/nginx/php-fpm/pyrocms.tpl b/install/rhel/5/templates/web/nginx/php-fpm/pyrocms.tpl
index 297fe0e8..b92861b0 100644
--- a/install/rhel/5/templates/web/nginx/php-fpm/pyrocms.tpl
+++ b/install/rhel/5/templates/web/nginx/php-fpm/pyrocms.tpl
@@ -33,7 +33,7 @@ server {
 
     location = /robots.txt  { access_log off; log_not_found off; }
     location = /favicon.ico { access_log off; log_not_found off; }
-    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
     location ~ ~$           { access_log off; log_not_found off; deny all; }
 
     error_page  403 /error/404.html;
diff --git a/install/rhel/6/templates/web/nginx/caching.tpl b/install/rhel/6/templates/web/nginx/caching.tpl
index 677fea6f..fc721982 100755
--- a/install/rhel/6/templates/web/nginx/caching.tpl
+++ b/install/rhel/6/templates/web/nginx/caching.tpl
@@ -31,7 +31,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/6/templates/web/nginx/default.tpl b/install/rhel/6/templates/web/nginx/default.tpl
index d7fa634c..e49081a5 100755
--- a/install/rhel/6/templates/web/nginx/default.tpl
+++ b/install/rhel/6/templates/web/nginx/default.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/6/templates/web/nginx/hosting.tpl b/install/rhel/6/templates/web/nginx/hosting.tpl
index 41fe0c43..de42b9df 100755
--- a/install/rhel/6/templates/web/nginx/hosting.tpl
+++ b/install/rhel/6/templates/web/nginx/hosting.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/6/templates/web/nginx/http2.tpl b/install/rhel/6/templates/web/nginx/http2.tpl
index b51af9bf..9344a7a9 100644
--- a/install/rhel/6/templates/web/nginx/http2.tpl
+++ b/install/rhel/6/templates/web/nginx/http2.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/6/templates/web/nginx/php-fpm/pyrocms.tpl b/install/rhel/6/templates/web/nginx/php-fpm/pyrocms.tpl
index 297fe0e8..b92861b0 100644
--- a/install/rhel/6/templates/web/nginx/php-fpm/pyrocms.tpl
+++ b/install/rhel/6/templates/web/nginx/php-fpm/pyrocms.tpl
@@ -33,7 +33,7 @@ server {
 
     location = /robots.txt  { access_log off; log_not_found off; }
     location = /favicon.ico { access_log off; log_not_found off; }
-    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
     location ~ ~$           { access_log off; log_not_found off; deny all; }
 
     error_page  403 /error/404.html;
diff --git a/install/rhel/7/templates/web/nginx/caching.tpl b/install/rhel/7/templates/web/nginx/caching.tpl
index 677fea6f..fc721982 100755
--- a/install/rhel/7/templates/web/nginx/caching.tpl
+++ b/install/rhel/7/templates/web/nginx/caching.tpl
@@ -31,7 +31,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/7/templates/web/nginx/default.tpl b/install/rhel/7/templates/web/nginx/default.tpl
index d7fa634c..e49081a5 100755
--- a/install/rhel/7/templates/web/nginx/default.tpl
+++ b/install/rhel/7/templates/web/nginx/default.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/7/templates/web/nginx/hosting.tpl b/install/rhel/7/templates/web/nginx/hosting.tpl
index 41fe0c43..de42b9df 100755
--- a/install/rhel/7/templates/web/nginx/hosting.tpl
+++ b/install/rhel/7/templates/web/nginx/hosting.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/7/templates/web/nginx/http2.tpl b/install/rhel/7/templates/web/nginx/http2.tpl
index 0e200e92..bebd47a2 100644
--- a/install/rhel/7/templates/web/nginx/http2.tpl
+++ b/install/rhel/7/templates/web/nginx/http2.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/7/templates/web/nginx/php-fpm/pyrocms.tpl b/install/rhel/7/templates/web/nginx/php-fpm/pyrocms.tpl
index 297fe0e8..b92861b0 100644
--- a/install/rhel/7/templates/web/nginx/php-fpm/pyrocms.tpl
+++ b/install/rhel/7/templates/web/nginx/php-fpm/pyrocms.tpl
@@ -33,7 +33,7 @@ server {
 
     location = /robots.txt  { access_log off; log_not_found off; }
     location = /favicon.ico { access_log off; log_not_found off; }
-    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
     location ~ ~$           { access_log off; log_not_found off; deny all; }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/12.04/templates/web/nginx/caching.tpl b/install/ubuntu/12.04/templates/web/nginx/caching.tpl
index a1a89549..73de28d5 100755
--- a/install/ubuntu/12.04/templates/web/nginx/caching.tpl
+++ b/install/ubuntu/12.04/templates/web/nginx/caching.tpl
@@ -31,7 +31,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/12.04/templates/web/nginx/default.tpl b/install/ubuntu/12.04/templates/web/nginx/default.tpl
index 0e200e92..bebd47a2 100755
--- a/install/ubuntu/12.04/templates/web/nginx/default.tpl
+++ b/install/ubuntu/12.04/templates/web/nginx/default.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/12.04/templates/web/nginx/hosting.tpl b/install/ubuntu/12.04/templates/web/nginx/hosting.tpl
index 541e560a..a41d4054 100755
--- a/install/ubuntu/12.04/templates/web/nginx/hosting.tpl
+++ b/install/ubuntu/12.04/templates/web/nginx/hosting.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/12.04/templates/web/nginx/http2.tpl b/install/ubuntu/12.04/templates/web/nginx/http2.tpl
index 0e200e92..bebd47a2 100644
--- a/install/ubuntu/12.04/templates/web/nginx/http2.tpl
+++ b/install/ubuntu/12.04/templates/web/nginx/http2.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/pyrocms.tpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/pyrocms.tpl
index 297fe0e8..b92861b0 100644
--- a/install/ubuntu/12.04/templates/web/nginx/php-fpm/pyrocms.tpl
+++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/pyrocms.tpl
@@ -33,7 +33,7 @@ server {
 
     location = /robots.txt  { access_log off; log_not_found off; }
     location = /favicon.ico { access_log off; log_not_found off; }
-    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
     location ~ ~$           { access_log off; log_not_found off; deny all; }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/12.10/templates/web/nginx/caching.tpl b/install/ubuntu/12.10/templates/web/nginx/caching.tpl
index a1a89549..73de28d5 100755
--- a/install/ubuntu/12.10/templates/web/nginx/caching.tpl
+++ b/install/ubuntu/12.10/templates/web/nginx/caching.tpl
@@ -31,7 +31,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/12.10/templates/web/nginx/default.tpl b/install/ubuntu/12.10/templates/web/nginx/default.tpl
index 0e200e92..bebd47a2 100755
--- a/install/ubuntu/12.10/templates/web/nginx/default.tpl
+++ b/install/ubuntu/12.10/templates/web/nginx/default.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/12.10/templates/web/nginx/hosting.tpl b/install/ubuntu/12.10/templates/web/nginx/hosting.tpl
index 541e560a..a41d4054 100755
--- a/install/ubuntu/12.10/templates/web/nginx/hosting.tpl
+++ b/install/ubuntu/12.10/templates/web/nginx/hosting.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/12.10/templates/web/nginx/http2.tpl b/install/ubuntu/12.10/templates/web/nginx/http2.tpl
index 0e200e92..bebd47a2 100644
--- a/install/ubuntu/12.10/templates/web/nginx/http2.tpl
+++ b/install/ubuntu/12.10/templates/web/nginx/http2.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/pyrocms.tpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/pyrocms.tpl
index 297fe0e8..b92861b0 100644
--- a/install/ubuntu/12.10/templates/web/nginx/php-fpm/pyrocms.tpl
+++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/pyrocms.tpl
@@ -33,7 +33,7 @@ server {
 
     location = /robots.txt  { access_log off; log_not_found off; }
     location = /favicon.ico { access_log off; log_not_found off; }
-    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
     location ~ ~$           { access_log off; log_not_found off; deny all; }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/13.04/templates/web/nginx/caching.tpl b/install/ubuntu/13.04/templates/web/nginx/caching.tpl
index a1a89549..73de28d5 100755
--- a/install/ubuntu/13.04/templates/web/nginx/caching.tpl
+++ b/install/ubuntu/13.04/templates/web/nginx/caching.tpl
@@ -31,7 +31,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/13.04/templates/web/nginx/default.tpl b/install/ubuntu/13.04/templates/web/nginx/default.tpl
index 0e200e92..bebd47a2 100755
--- a/install/ubuntu/13.04/templates/web/nginx/default.tpl
+++ b/install/ubuntu/13.04/templates/web/nginx/default.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/13.04/templates/web/nginx/hosting.tpl b/install/ubuntu/13.04/templates/web/nginx/hosting.tpl
index 541e560a..a41d4054 100755
--- a/install/ubuntu/13.04/templates/web/nginx/hosting.tpl
+++ b/install/ubuntu/13.04/templates/web/nginx/hosting.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/13.04/templates/web/nginx/http2.tpl b/install/ubuntu/13.04/templates/web/nginx/http2.tpl
index 0e200e92..bebd47a2 100644
--- a/install/ubuntu/13.04/templates/web/nginx/http2.tpl
+++ b/install/ubuntu/13.04/templates/web/nginx/http2.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/pyrocms.tpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/pyrocms.tpl
index 297fe0e8..b92861b0 100644
--- a/install/ubuntu/13.04/templates/web/nginx/php-fpm/pyrocms.tpl
+++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/pyrocms.tpl
@@ -33,7 +33,7 @@ server {
 
     location = /robots.txt  { access_log off; log_not_found off; }
     location = /favicon.ico { access_log off; log_not_found off; }
-    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
     location ~ ~$           { access_log off; log_not_found off; deny all; }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/13.10/templates/web/nginx/caching.tpl b/install/ubuntu/13.10/templates/web/nginx/caching.tpl
index a1a89549..73de28d5 100755
--- a/install/ubuntu/13.10/templates/web/nginx/caching.tpl
+++ b/install/ubuntu/13.10/templates/web/nginx/caching.tpl
@@ -31,7 +31,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/13.10/templates/web/nginx/default.tpl b/install/ubuntu/13.10/templates/web/nginx/default.tpl
index 0e200e92..bebd47a2 100755
--- a/install/ubuntu/13.10/templates/web/nginx/default.tpl
+++ b/install/ubuntu/13.10/templates/web/nginx/default.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/13.10/templates/web/nginx/hosting.tpl b/install/ubuntu/13.10/templates/web/nginx/hosting.tpl
index 541e560a..a41d4054 100755
--- a/install/ubuntu/13.10/templates/web/nginx/hosting.tpl
+++ b/install/ubuntu/13.10/templates/web/nginx/hosting.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/13.10/templates/web/nginx/http2.tpl b/install/ubuntu/13.10/templates/web/nginx/http2.tpl
index 0e200e92..bebd47a2 100644
--- a/install/ubuntu/13.10/templates/web/nginx/http2.tpl
+++ b/install/ubuntu/13.10/templates/web/nginx/http2.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/pyrocms.tpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/pyrocms.tpl
index 297fe0e8..b92861b0 100644
--- a/install/ubuntu/13.10/templates/web/nginx/php-fpm/pyrocms.tpl
+++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/pyrocms.tpl
@@ -33,7 +33,7 @@ server {
 
     location = /robots.txt  { access_log off; log_not_found off; }
     location = /favicon.ico { access_log off; log_not_found off; }
-    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
     location ~ ~$           { access_log off; log_not_found off; deny all; }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/14.04/templates/web/nginx/caching.tpl b/install/ubuntu/14.04/templates/web/nginx/caching.tpl
index a1a89549..73de28d5 100755
--- a/install/ubuntu/14.04/templates/web/nginx/caching.tpl
+++ b/install/ubuntu/14.04/templates/web/nginx/caching.tpl
@@ -31,7 +31,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/14.04/templates/web/nginx/default.tpl b/install/ubuntu/14.04/templates/web/nginx/default.tpl
index 0e200e92..bebd47a2 100755
--- a/install/ubuntu/14.04/templates/web/nginx/default.tpl
+++ b/install/ubuntu/14.04/templates/web/nginx/default.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/14.04/templates/web/nginx/hosting.tpl b/install/ubuntu/14.04/templates/web/nginx/hosting.tpl
index 541e560a..a41d4054 100755
--- a/install/ubuntu/14.04/templates/web/nginx/hosting.tpl
+++ b/install/ubuntu/14.04/templates/web/nginx/hosting.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/14.04/templates/web/nginx/http2.tpl b/install/ubuntu/14.04/templates/web/nginx/http2.tpl
index 0e200e92..bebd47a2 100644
--- a/install/ubuntu/14.04/templates/web/nginx/http2.tpl
+++ b/install/ubuntu/14.04/templates/web/nginx/http2.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/pyrocms.tpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/pyrocms.tpl
index 297fe0e8..b92861b0 100644
--- a/install/ubuntu/14.04/templates/web/nginx/php-fpm/pyrocms.tpl
+++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/pyrocms.tpl
@@ -33,7 +33,7 @@ server {
 
     location = /robots.txt  { access_log off; log_not_found off; }
     location = /favicon.ico { access_log off; log_not_found off; }
-    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
     location ~ ~$           { access_log off; log_not_found off; deny all; }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/14.10/templates/web/nginx/caching.tpl b/install/ubuntu/14.10/templates/web/nginx/caching.tpl
index a1a89549..73de28d5 100755
--- a/install/ubuntu/14.10/templates/web/nginx/caching.tpl
+++ b/install/ubuntu/14.10/templates/web/nginx/caching.tpl
@@ -31,7 +31,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/14.10/templates/web/nginx/default.tpl b/install/ubuntu/14.10/templates/web/nginx/default.tpl
index 0e200e92..bebd47a2 100755
--- a/install/ubuntu/14.10/templates/web/nginx/default.tpl
+++ b/install/ubuntu/14.10/templates/web/nginx/default.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/14.10/templates/web/nginx/hosting.tpl b/install/ubuntu/14.10/templates/web/nginx/hosting.tpl
index 541e560a..a41d4054 100755
--- a/install/ubuntu/14.10/templates/web/nginx/hosting.tpl
+++ b/install/ubuntu/14.10/templates/web/nginx/hosting.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/14.10/templates/web/nginx/http2.tpl b/install/ubuntu/14.10/templates/web/nginx/http2.tpl
index 0e200e92..bebd47a2 100644
--- a/install/ubuntu/14.10/templates/web/nginx/http2.tpl
+++ b/install/ubuntu/14.10/templates/web/nginx/http2.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/pyrocms.tpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/pyrocms.tpl
index 297fe0e8..b92861b0 100644
--- a/install/ubuntu/14.10/templates/web/nginx/php-fpm/pyrocms.tpl
+++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/pyrocms.tpl
@@ -33,7 +33,7 @@ server {
 
     location = /robots.txt  { access_log off; log_not_found off; }
     location = /favicon.ico { access_log off; log_not_found off; }
-    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
     location ~ ~$           { access_log off; log_not_found off; deny all; }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/15.04/templates/web/nginx/caching.tpl b/install/ubuntu/15.04/templates/web/nginx/caching.tpl
index a1a89549..73de28d5 100755
--- a/install/ubuntu/15.04/templates/web/nginx/caching.tpl
+++ b/install/ubuntu/15.04/templates/web/nginx/caching.tpl
@@ -31,7 +31,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/15.04/templates/web/nginx/default.tpl b/install/ubuntu/15.04/templates/web/nginx/default.tpl
index 0e200e92..bebd47a2 100755
--- a/install/ubuntu/15.04/templates/web/nginx/default.tpl
+++ b/install/ubuntu/15.04/templates/web/nginx/default.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/15.04/templates/web/nginx/hosting.tpl b/install/ubuntu/15.04/templates/web/nginx/hosting.tpl
index 541e560a..a41d4054 100755
--- a/install/ubuntu/15.04/templates/web/nginx/hosting.tpl
+++ b/install/ubuntu/15.04/templates/web/nginx/hosting.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/15.04/templates/web/nginx/http2.tpl b/install/ubuntu/15.04/templates/web/nginx/http2.tpl
index 0e200e92..bebd47a2 100644
--- a/install/ubuntu/15.04/templates/web/nginx/http2.tpl
+++ b/install/ubuntu/15.04/templates/web/nginx/http2.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/pyrocms.tpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/pyrocms.tpl
index 297fe0e8..b92861b0 100644
--- a/install/ubuntu/15.04/templates/web/nginx/php-fpm/pyrocms.tpl
+++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/pyrocms.tpl
@@ -33,7 +33,7 @@ server {
 
     location = /robots.txt  { access_log off; log_not_found off; }
     location = /favicon.ico { access_log off; log_not_found off; }
-    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
     location ~ ~$           { access_log off; log_not_found off; deny all; }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/15.10/templates/web/nginx/caching.tpl b/install/ubuntu/15.10/templates/web/nginx/caching.tpl
index a1a89549..73de28d5 100755
--- a/install/ubuntu/15.10/templates/web/nginx/caching.tpl
+++ b/install/ubuntu/15.10/templates/web/nginx/caching.tpl
@@ -31,7 +31,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/15.10/templates/web/nginx/default.tpl b/install/ubuntu/15.10/templates/web/nginx/default.tpl
index 0e200e92..bebd47a2 100755
--- a/install/ubuntu/15.10/templates/web/nginx/default.tpl
+++ b/install/ubuntu/15.10/templates/web/nginx/default.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/15.10/templates/web/nginx/hosting.tpl b/install/ubuntu/15.10/templates/web/nginx/hosting.tpl
index 541e560a..a41d4054 100755
--- a/install/ubuntu/15.10/templates/web/nginx/hosting.tpl
+++ b/install/ubuntu/15.10/templates/web/nginx/hosting.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/15.10/templates/web/nginx/http2.tpl b/install/ubuntu/15.10/templates/web/nginx/http2.tpl
index 0e200e92..bebd47a2 100644
--- a/install/ubuntu/15.10/templates/web/nginx/http2.tpl
+++ b/install/ubuntu/15.10/templates/web/nginx/http2.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/pyrocms.tpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/pyrocms.tpl
index 297fe0e8..b92861b0 100644
--- a/install/ubuntu/15.10/templates/web/nginx/php-fpm/pyrocms.tpl
+++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/pyrocms.tpl
@@ -33,7 +33,7 @@ server {
 
     location = /robots.txt  { access_log off; log_not_found off; }
     location = /favicon.ico { access_log off; log_not_found off; }
-    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
     location ~ ~$           { access_log off; log_not_found off; deny all; }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/16.04/templates/web/nginx/caching.tpl b/install/ubuntu/16.04/templates/web/nginx/caching.tpl
index a1a89549..73de28d5 100755
--- a/install/ubuntu/16.04/templates/web/nginx/caching.tpl
+++ b/install/ubuntu/16.04/templates/web/nginx/caching.tpl
@@ -31,7 +31,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/16.04/templates/web/nginx/default.tpl b/install/ubuntu/16.04/templates/web/nginx/default.tpl
index 0e200e92..bebd47a2 100755
--- a/install/ubuntu/16.04/templates/web/nginx/default.tpl
+++ b/install/ubuntu/16.04/templates/web/nginx/default.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/16.04/templates/web/nginx/hosting.tpl b/install/ubuntu/16.04/templates/web/nginx/hosting.tpl
index 541e560a..a41d4054 100755
--- a/install/ubuntu/16.04/templates/web/nginx/hosting.tpl
+++ b/install/ubuntu/16.04/templates/web/nginx/hosting.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/16.04/templates/web/nginx/http2.tpl b/install/ubuntu/16.04/templates/web/nginx/http2.tpl
index 0e200e92..bebd47a2 100644
--- a/install/ubuntu/16.04/templates/web/nginx/http2.tpl
+++ b/install/ubuntu/16.04/templates/web/nginx/http2.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/pyrocms.tpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/pyrocms.tpl
index 297fe0e8..b92861b0 100644
--- a/install/ubuntu/16.04/templates/web/nginx/php-fpm/pyrocms.tpl
+++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/pyrocms.tpl
@@ -33,7 +33,7 @@ server {
 
     location = /robots.txt  { access_log off; log_not_found off; }
     location = /favicon.ico { access_log off; log_not_found off; }
-    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
     location ~ ~$           { access_log off; log_not_found off; deny all; }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/16.10/templates/web/nginx/caching.tpl b/install/ubuntu/16.10/templates/web/nginx/caching.tpl
index a1a89549..73de28d5 100755
--- a/install/ubuntu/16.10/templates/web/nginx/caching.tpl
+++ b/install/ubuntu/16.10/templates/web/nginx/caching.tpl
@@ -31,7 +31,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/16.10/templates/web/nginx/default.tpl b/install/ubuntu/16.10/templates/web/nginx/default.tpl
index 0e200e92..bebd47a2 100755
--- a/install/ubuntu/16.10/templates/web/nginx/default.tpl
+++ b/install/ubuntu/16.10/templates/web/nginx/default.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/16.10/templates/web/nginx/hosting.tpl b/install/ubuntu/16.10/templates/web/nginx/hosting.tpl
index 541e560a..a41d4054 100755
--- a/install/ubuntu/16.10/templates/web/nginx/hosting.tpl
+++ b/install/ubuntu/16.10/templates/web/nginx/hosting.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/16.10/templates/web/nginx/http2.tpl b/install/ubuntu/16.10/templates/web/nginx/http2.tpl
index 0e200e92..bebd47a2 100644
--- a/install/ubuntu/16.10/templates/web/nginx/http2.tpl
+++ b/install/ubuntu/16.10/templates/web/nginx/http2.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/pyrocms.tpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/pyrocms.tpl
index 297fe0e8..b92861b0 100644
--- a/install/ubuntu/16.10/templates/web/nginx/php-fpm/pyrocms.tpl
+++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/pyrocms.tpl
@@ -33,7 +33,7 @@ server {
 
     location = /robots.txt  { access_log off; log_not_found off; }
     location = /favicon.ico { access_log off; log_not_found off; }
-    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
     location ~ ~$           { access_log off; log_not_found off; deny all; }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/17.04/templates/web/nginx/caching.tpl b/install/ubuntu/17.04/templates/web/nginx/caching.tpl
index a1a89549..73de28d5 100755
--- a/install/ubuntu/17.04/templates/web/nginx/caching.tpl
+++ b/install/ubuntu/17.04/templates/web/nginx/caching.tpl
@@ -31,7 +31,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/17.04/templates/web/nginx/default.tpl b/install/ubuntu/17.04/templates/web/nginx/default.tpl
index 0e200e92..bebd47a2 100755
--- a/install/ubuntu/17.04/templates/web/nginx/default.tpl
+++ b/install/ubuntu/17.04/templates/web/nginx/default.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/17.04/templates/web/nginx/hosting.tpl b/install/ubuntu/17.04/templates/web/nginx/hosting.tpl
index 541e560a..a41d4054 100755
--- a/install/ubuntu/17.04/templates/web/nginx/hosting.tpl
+++ b/install/ubuntu/17.04/templates/web/nginx/hosting.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/17.04/templates/web/nginx/http2.tpl b/install/ubuntu/17.04/templates/web/nginx/http2.tpl
index 0e200e92..bebd47a2 100644
--- a/install/ubuntu/17.04/templates/web/nginx/http2.tpl
+++ b/install/ubuntu/17.04/templates/web/nginx/http2.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/pyrocms.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/pyrocms.tpl
index 297fe0e8..b92861b0 100644
--- a/install/ubuntu/17.04/templates/web/nginx/php-fpm/pyrocms.tpl
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/pyrocms.tpl
@@ -33,7 +33,7 @@ server {
 
     location = /robots.txt  { access_log off; log_not_found off; }
     location = /favicon.ico { access_log off; log_not_found off; }
-    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
     location ~ ~$           { access_log off; log_not_found off; deny all; }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/17.10/templates/web/nginx/caching.tpl b/install/ubuntu/17.10/templates/web/nginx/caching.tpl
index a1a89549..73de28d5 100755
--- a/install/ubuntu/17.10/templates/web/nginx/caching.tpl
+++ b/install/ubuntu/17.10/templates/web/nginx/caching.tpl
@@ -31,7 +31,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/17.10/templates/web/nginx/default.tpl b/install/ubuntu/17.10/templates/web/nginx/default.tpl
index 0e200e92..bebd47a2 100755
--- a/install/ubuntu/17.10/templates/web/nginx/default.tpl
+++ b/install/ubuntu/17.10/templates/web/nginx/default.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/17.10/templates/web/nginx/hosting.tpl b/install/ubuntu/17.10/templates/web/nginx/hosting.tpl
index 541e560a..a41d4054 100755
--- a/install/ubuntu/17.10/templates/web/nginx/hosting.tpl
+++ b/install/ubuntu/17.10/templates/web/nginx/hosting.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/17.10/templates/web/nginx/http2.tpl b/install/ubuntu/17.10/templates/web/nginx/http2.tpl
index 0e200e92..bebd47a2 100644
--- a/install/ubuntu/17.10/templates/web/nginx/http2.tpl
+++ b/install/ubuntu/17.10/templates/web/nginx/http2.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/pyrocms.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/pyrocms.tpl
index 297fe0e8..b92861b0 100644
--- a/install/ubuntu/17.10/templates/web/nginx/php-fpm/pyrocms.tpl
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/pyrocms.tpl
@@ -33,7 +33,7 @@ server {
 
     location = /robots.txt  { access_log off; log_not_found off; }
     location = /favicon.ico { access_log off; log_not_found off; }
-    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
     location ~ ~$           { access_log off; log_not_found off; deny all; }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/18.04/templates/web/nginx/caching.tpl b/install/ubuntu/18.04/templates/web/nginx/caching.tpl
index a1a89549..73de28d5 100755
--- a/install/ubuntu/18.04/templates/web/nginx/caching.tpl
+++ b/install/ubuntu/18.04/templates/web/nginx/caching.tpl
@@ -31,7 +31,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/18.04/templates/web/nginx/default.tpl b/install/ubuntu/18.04/templates/web/nginx/default.tpl
index 0e200e92..bebd47a2 100755
--- a/install/ubuntu/18.04/templates/web/nginx/default.tpl
+++ b/install/ubuntu/18.04/templates/web/nginx/default.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/18.04/templates/web/nginx/hosting.tpl b/install/ubuntu/18.04/templates/web/nginx/hosting.tpl
index 541e560a..a41d4054 100755
--- a/install/ubuntu/18.04/templates/web/nginx/hosting.tpl
+++ b/install/ubuntu/18.04/templates/web/nginx/hosting.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/18.04/templates/web/nginx/http2.tpl b/install/ubuntu/18.04/templates/web/nginx/http2.tpl
index 0e200e92..bebd47a2 100644
--- a/install/ubuntu/18.04/templates/web/nginx/http2.tpl
+++ b/install/ubuntu/18.04/templates/web/nginx/http2.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/pyrocms.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/pyrocms.tpl
index 297fe0e8..b92861b0 100644
--- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/pyrocms.tpl
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/pyrocms.tpl
@@ -33,7 +33,7 @@ server {
 
     location = /robots.txt  { access_log off; log_not_found off; }
     location = /favicon.ico { access_log off; log_not_found off; }
-    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
     location ~ ~$           { access_log off; log_not_found off; deny all; }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/18.10/templates/web/nginx/caching.tpl b/install/ubuntu/18.10/templates/web/nginx/caching.tpl
index a1a89549..73de28d5 100755
--- a/install/ubuntu/18.10/templates/web/nginx/caching.tpl
+++ b/install/ubuntu/18.10/templates/web/nginx/caching.tpl
@@ -31,7 +31,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/18.10/templates/web/nginx/default.tpl b/install/ubuntu/18.10/templates/web/nginx/default.tpl
index 0e200e92..bebd47a2 100755
--- a/install/ubuntu/18.10/templates/web/nginx/default.tpl
+++ b/install/ubuntu/18.10/templates/web/nginx/default.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/18.10/templates/web/nginx/hosting.tpl b/install/ubuntu/18.10/templates/web/nginx/hosting.tpl
index 541e560a..a41d4054 100755
--- a/install/ubuntu/18.10/templates/web/nginx/hosting.tpl
+++ b/install/ubuntu/18.10/templates/web/nginx/hosting.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/18.10/templates/web/nginx/http2.tpl b/install/ubuntu/18.10/templates/web/nginx/http2.tpl
index 0e200e92..bebd47a2 100644
--- a/install/ubuntu/18.10/templates/web/nginx/http2.tpl
+++ b/install/ubuntu/18.10/templates/web/nginx/http2.tpl
@@ -22,7 +22,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/pyrocms.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/pyrocms.tpl
index 297fe0e8..b92861b0 100644
--- a/install/ubuntu/18.10/templates/web/nginx/php-fpm/pyrocms.tpl
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/pyrocms.tpl
@@ -33,7 +33,7 @@ server {
 
     location = /robots.txt  { access_log off; log_not_found off; }
     location = /favicon.ico { access_log off; log_not_found off; }
-    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
     location ~ ~$           { access_log off; log_not_found off; deny all; }
 
     error_page  403 /error/404.html;
diff --git a/src/deb/for-download/tools/nodejs-nginx-templates/node-app-3000-no-https-force.tpl b/src/deb/for-download/tools/nodejs-nginx-templates/node-app-3000-no-https-force.tpl
index 933eea6d..29aadf7b 100644
--- a/src/deb/for-download/tools/nodejs-nginx-templates/node-app-3000-no-https-force.tpl
+++ b/src/deb/for-download/tools/nodejs-nginx-templates/node-app-3000-no-https-force.tpl
@@ -32,7 +32,8 @@ server {
         alias   %home%/%user%/web/%domain%/document_errors/;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/src/deb/for-download/tools/nodejs-nginx-templates/node-app-also-handle-static-files-3000.tpl b/src/deb/for-download/tools/nodejs-nginx-templates/node-app-also-handle-static-files-3000.tpl
index bb298e66..a62f7275 100644
--- a/src/deb/for-download/tools/nodejs-nginx-templates/node-app-also-handle-static-files-3000.tpl
+++ b/src/deb/for-download/tools/nodejs-nginx-templates/node-app-also-handle-static-files-3000.tpl
@@ -17,7 +17,8 @@ server {
         # try_files $uri $uri/ =404;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2-conn-4.tpl b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2-conn-4.tpl
index 15fe6fe5..13657bd3 100644
--- a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2-conn-4.tpl
+++ b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2-conn-4.tpl
@@ -25,7 +25,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2.tpl b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2.tpl
index 03426c6e..a4035844 100644
--- a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2.tpl
+++ b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2.tpl
@@ -25,7 +25,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2.tpl b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2.tpl
index c93bc951..9e0edcf8 100644
--- a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2.tpl
+++ b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2.tpl
@@ -25,7 +25,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.tpl b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.tpl
index deed2b71..9438e532 100644
--- a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.tpl
+++ b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.tpl
@@ -25,7 +25,8 @@ server {
         proxy_pass      http://%ip%:%web_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}

From 3cf64450a2f7bac6ba3417e01ee0cd9e1900b524 Mon Sep 17 00:00:00 2001
From: myvesta 
Date: Wed, 30 Mar 2022 14:12:30 +0200
Subject: [PATCH 1690/2300] Blocking in nginx .env

---
 install/debian/10/templates/web/nginx/caching.stpl             | 3 ++-
 install/debian/10/templates/web/nginx/force-https-legacy.stpl  | 3 ++-
 install/debian/10/templates/web/nginx/force-https-public.stpl  | 3 ++-
 .../10/templates/web/nginx/force-https-webmail-phpmyadmin.stpl | 3 ++-
 install/debian/10/templates/web/nginx/force-https.stpl         | 3 ++-
 install/debian/10/templates/web/nginx/hosting-legacy.stpl      | 3 ++-
 install/debian/10/templates/web/nginx/hosting-public.stpl      | 3 ++-
 .../10/templates/web/nginx/hosting-webmail-phpmyadmin.stpl     | 3 ++-
 install/debian/10/templates/web/nginx/hosting.stpl             | 3 ++-
 install/debian/10/templates/web/nginx/php-fpm/pyrocms.stpl     | 2 +-
 install/debian/10/templates/web/nginx/private-force-https.stpl | 3 ++-
 install/debian/10/templates/web/nginx/private-hosting.stpl     | 3 ++-
 install/debian/11/templates/web/nginx/caching.stpl             | 3 ++-
 install/debian/11/templates/web/nginx/force-https-legacy.stpl  | 3 ++-
 install/debian/11/templates/web/nginx/force-https-public.stpl  | 3 ++-
 .../11/templates/web/nginx/force-https-webmail-phpmyadmin.stpl | 3 ++-
 install/debian/11/templates/web/nginx/force-https.stpl         | 3 ++-
 install/debian/11/templates/web/nginx/hosting-legacy.stpl      | 3 ++-
 install/debian/11/templates/web/nginx/hosting-public.stpl      | 3 ++-
 .../11/templates/web/nginx/hosting-webmail-phpmyadmin.stpl     | 3 ++-
 install/debian/11/templates/web/nginx/hosting.stpl             | 3 ++-
 install/debian/11/templates/web/nginx/php-fpm/pyrocms.stpl     | 2 +-
 install/debian/11/templates/web/nginx/private-force-https.stpl | 3 ++-
 install/debian/11/templates/web/nginx/private-hosting.stpl     | 3 ++-
 install/debian/7/templates/web/nginx/caching.stpl              | 3 ++-
 install/debian/7/templates/web/nginx/default.stpl              | 3 ++-
 install/debian/7/templates/web/nginx/hosting.stpl              | 3 ++-
 install/debian/7/templates/web/nginx/http2.stpl                | 3 ++-
 install/debian/7/templates/web/nginx/php5-fpm/pyrocms.stpl     | 2 +-
 install/debian/8/templates/web/nginx/caching.stpl              | 3 ++-
 install/debian/8/templates/web/nginx/default.stpl              | 3 ++-
 install/debian/8/templates/web/nginx/hosting.stpl              | 3 ++-
 install/debian/8/templates/web/nginx/http2.stpl                | 3 ++-
 install/debian/8/templates/web/nginx/php5-fpm/pyrocms.stpl     | 2 +-
 install/debian/9/templates/web/nginx/caching.stpl              | 3 ++-
 install/debian/9/templates/web/nginx/default.stpl              | 3 ++-
 install/debian/9/templates/web/nginx/hosting.stpl              | 3 ++-
 install/debian/9/templates/web/nginx/http2.stpl                | 3 ++-
 install/debian/9/templates/web/nginx/php-fpm/pyrocms.stpl      | 2 +-
 install/rhel/5/templates/web/nginx/caching.stpl                | 3 ++-
 install/rhel/5/templates/web/nginx/default.stpl                | 3 ++-
 install/rhel/5/templates/web/nginx/hosting.stpl                | 3 ++-
 install/rhel/5/templates/web/nginx/http2.stpl                  | 3 ++-
 install/rhel/5/templates/web/nginx/php-fpm/pyrocms.stpl        | 2 +-
 install/rhel/6/templates/web/nginx/caching.stpl                | 3 ++-
 install/rhel/6/templates/web/nginx/default.stpl                | 3 ++-
 install/rhel/6/templates/web/nginx/hosting.stpl                | 3 ++-
 install/rhel/6/templates/web/nginx/http2.stpl                  | 3 ++-
 install/rhel/6/templates/web/nginx/php-fpm/pyrocms.stpl        | 2 +-
 install/rhel/7/templates/web/nginx/caching.stpl                | 3 ++-
 install/rhel/7/templates/web/nginx/default.stpl                | 3 ++-
 install/rhel/7/templates/web/nginx/hosting.stpl                | 3 ++-
 install/rhel/7/templates/web/nginx/http2.stpl                  | 3 ++-
 install/rhel/7/templates/web/nginx/php-fpm/pyrocms.stpl        | 2 +-
 install/ubuntu/12.04/templates/web/nginx/caching.stpl          | 3 ++-
 install/ubuntu/12.04/templates/web/nginx/default.stpl          | 3 ++-
 install/ubuntu/12.04/templates/web/nginx/hosting.stpl          | 3 ++-
 install/ubuntu/12.04/templates/web/nginx/http2.stpl            | 3 ++-
 install/ubuntu/12.04/templates/web/nginx/php-fpm/pyrocms.stpl  | 2 +-
 install/ubuntu/12.10/templates/web/nginx/caching.stpl          | 3 ++-
 install/ubuntu/12.10/templates/web/nginx/default.stpl          | 3 ++-
 install/ubuntu/12.10/templates/web/nginx/hosting.stpl          | 3 ++-
 install/ubuntu/12.10/templates/web/nginx/http2.stpl            | 3 ++-
 install/ubuntu/12.10/templates/web/nginx/php-fpm/pyrocms.stpl  | 2 +-
 install/ubuntu/13.04/templates/web/nginx/caching.stpl          | 3 ++-
 install/ubuntu/13.04/templates/web/nginx/default.stpl          | 3 ++-
 install/ubuntu/13.04/templates/web/nginx/hosting.stpl          | 3 ++-
 install/ubuntu/13.04/templates/web/nginx/http2.stpl            | 3 ++-
 install/ubuntu/13.04/templates/web/nginx/php-fpm/pyrocms.stpl  | 2 +-
 install/ubuntu/13.10/templates/web/nginx/caching.stpl          | 3 ++-
 install/ubuntu/13.10/templates/web/nginx/default.stpl          | 3 ++-
 install/ubuntu/13.10/templates/web/nginx/hosting.stpl          | 3 ++-
 install/ubuntu/13.10/templates/web/nginx/http2.stpl            | 3 ++-
 install/ubuntu/13.10/templates/web/nginx/php-fpm/pyrocms.stpl  | 2 +-
 install/ubuntu/14.04/templates/web/nginx/caching.stpl          | 3 ++-
 install/ubuntu/14.04/templates/web/nginx/default.stpl          | 3 ++-
 install/ubuntu/14.04/templates/web/nginx/hosting.stpl          | 3 ++-
 install/ubuntu/14.04/templates/web/nginx/http2.stpl            | 3 ++-
 install/ubuntu/14.04/templates/web/nginx/php-fpm/pyrocms.stpl  | 2 +-
 install/ubuntu/14.10/templates/web/nginx/caching.stpl          | 3 ++-
 install/ubuntu/14.10/templates/web/nginx/default.stpl          | 3 ++-
 install/ubuntu/14.10/templates/web/nginx/hosting.stpl          | 3 ++-
 install/ubuntu/14.10/templates/web/nginx/http2.stpl            | 3 ++-
 install/ubuntu/14.10/templates/web/nginx/php-fpm/pyrocms.stpl  | 2 +-
 install/ubuntu/15.04/templates/web/nginx/caching.stpl          | 3 ++-
 install/ubuntu/15.04/templates/web/nginx/default.stpl          | 3 ++-
 install/ubuntu/15.04/templates/web/nginx/hosting.stpl          | 3 ++-
 install/ubuntu/15.04/templates/web/nginx/http2.stpl            | 3 ++-
 install/ubuntu/15.04/templates/web/nginx/php-fpm/pyrocms.stpl  | 2 +-
 install/ubuntu/15.10/templates/web/nginx/caching.stpl          | 3 ++-
 install/ubuntu/15.10/templates/web/nginx/default.stpl          | 3 ++-
 install/ubuntu/15.10/templates/web/nginx/hosting.stpl          | 3 ++-
 install/ubuntu/15.10/templates/web/nginx/http2.stpl            | 3 ++-
 install/ubuntu/15.10/templates/web/nginx/php-fpm/pyrocms.stpl  | 2 +-
 install/ubuntu/16.04/templates/web/nginx/caching.stpl          | 3 ++-
 install/ubuntu/16.04/templates/web/nginx/default.stpl          | 3 ++-
 install/ubuntu/16.04/templates/web/nginx/hosting.stpl          | 3 ++-
 install/ubuntu/16.04/templates/web/nginx/http2.stpl            | 3 ++-
 install/ubuntu/16.04/templates/web/nginx/php-fpm/pyrocms.stpl  | 2 +-
 install/ubuntu/16.10/templates/web/nginx/caching.stpl          | 3 ++-
 install/ubuntu/16.10/templates/web/nginx/default.stpl          | 3 ++-
 install/ubuntu/16.10/templates/web/nginx/hosting.stpl          | 3 ++-
 install/ubuntu/16.10/templates/web/nginx/http2.stpl            | 3 ++-
 install/ubuntu/16.10/templates/web/nginx/php-fpm/pyrocms.stpl  | 2 +-
 install/ubuntu/17.04/templates/web/nginx/caching.stpl          | 3 ++-
 install/ubuntu/17.04/templates/web/nginx/default.stpl          | 3 ++-
 install/ubuntu/17.04/templates/web/nginx/hosting.stpl          | 3 ++-
 install/ubuntu/17.04/templates/web/nginx/http2.stpl            | 3 ++-
 install/ubuntu/17.04/templates/web/nginx/php-fpm/pyrocms.stpl  | 2 +-
 install/ubuntu/17.10/templates/web/nginx/caching.stpl          | 3 ++-
 install/ubuntu/17.10/templates/web/nginx/default.stpl          | 3 ++-
 install/ubuntu/17.10/templates/web/nginx/hosting.stpl          | 3 ++-
 install/ubuntu/17.10/templates/web/nginx/http2.stpl            | 3 ++-
 install/ubuntu/17.10/templates/web/nginx/php-fpm/pyrocms.stpl  | 2 +-
 install/ubuntu/18.04/templates/web/nginx/caching.stpl          | 3 ++-
 install/ubuntu/18.04/templates/web/nginx/default.stpl          | 3 ++-
 install/ubuntu/18.04/templates/web/nginx/hosting.stpl          | 3 ++-
 install/ubuntu/18.04/templates/web/nginx/http2.stpl            | 3 ++-
 install/ubuntu/18.04/templates/web/nginx/php-fpm/pyrocms.stpl  | 2 +-
 install/ubuntu/18.10/templates/web/nginx/caching.stpl          | 3 ++-
 install/ubuntu/18.10/templates/web/nginx/default.stpl          | 3 ++-
 install/ubuntu/18.10/templates/web/nginx/hosting.stpl          | 3 ++-
 install/ubuntu/18.10/templates/web/nginx/http2.stpl            | 3 ++-
 install/ubuntu/18.10/templates/web/nginx/php-fpm/pyrocms.stpl  | 2 +-
 .../nodejs-nginx-templates/node-app-3000-no-https-force.stpl   | 3 ++-
 .../nodejs-nginx-templates/node-app-3000-pass-to-https.stpl    | 3 ++-
 .../tools/nodejs-nginx-templates/node-app-3000.stpl            | 3 ++-
 .../node-app-4000-and-websocket-6001.stpl                      | 3 ++-
 .../node-app-also-handle-static-files-3000.stpl                | 3 ++-
 .../force-https-firewall-burst-2-speed-2-conn-4.stpl           | 3 ++-
 .../rate-limit-tpl/force-https-firewall-burst-2-speed-2.stpl   | 3 ++-
 .../tools/rate-limit-tpl/force-https-firewall-burst-2.stpl     | 3 ++-
 .../tools/rate-limit-tpl/force-https-firewall.stpl             | 3 ++-
 .../hosting-firewall-burst-2-speed-2-conn-4.stpl               | 3 ++-
 .../tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2.stpl | 3 ++-
 .../tools/rate-limit-tpl/hosting-firewall-burst-2.stpl         | 3 ++-
 .../for-download/tools/rate-limit-tpl/hosting-firewall.stpl    | 3 ++-
 137 files changed, 252 insertions(+), 137 deletions(-)

diff --git a/install/debian/10/templates/web/nginx/caching.stpl b/install/debian/10/templates/web/nginx/caching.stpl
index 2302b419..f5c9740f 100644
--- a/install/debian/10/templates/web/nginx/caching.stpl
+++ b/install/debian/10/templates/web/nginx/caching.stpl
@@ -33,7 +33,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/10/templates/web/nginx/force-https-legacy.stpl b/install/debian/10/templates/web/nginx/force-https-legacy.stpl
index db3714c2..79e55a26 100644
--- a/install/debian/10/templates/web/nginx/force-https-legacy.stpl
+++ b/install/debian/10/templates/web/nginx/force-https-legacy.stpl
@@ -25,7 +25,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/10/templates/web/nginx/force-https-public.stpl b/install/debian/10/templates/web/nginx/force-https-public.stpl
index 9c11d06d..ac422df6 100644
--- a/install/debian/10/templates/web/nginx/force-https-public.stpl
+++ b/install/debian/10/templates/web/nginx/force-https-public.stpl
@@ -25,7 +25,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/10/templates/web/nginx/force-https-webmail-phpmyadmin.stpl b/install/debian/10/templates/web/nginx/force-https-webmail-phpmyadmin.stpl
index 45e05c3b..7e0e71d1 100644
--- a/install/debian/10/templates/web/nginx/force-https-webmail-phpmyadmin.stpl
+++ b/install/debian/10/templates/web/nginx/force-https-webmail-phpmyadmin.stpl
@@ -49,7 +49,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/10/templates/web/nginx/force-https.stpl b/install/debian/10/templates/web/nginx/force-https.stpl
index 2abae221..33fab443 100644
--- a/install/debian/10/templates/web/nginx/force-https.stpl
+++ b/install/debian/10/templates/web/nginx/force-https.stpl
@@ -25,7 +25,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/10/templates/web/nginx/hosting-legacy.stpl b/install/debian/10/templates/web/nginx/hosting-legacy.stpl
index 16874648..a34b4bf1 100644
--- a/install/debian/10/templates/web/nginx/hosting-legacy.stpl
+++ b/install/debian/10/templates/web/nginx/hosting-legacy.stpl
@@ -25,7 +25,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/10/templates/web/nginx/hosting-public.stpl b/install/debian/10/templates/web/nginx/hosting-public.stpl
index 9c11d06d..ac422df6 100644
--- a/install/debian/10/templates/web/nginx/hosting-public.stpl
+++ b/install/debian/10/templates/web/nginx/hosting-public.stpl
@@ -25,7 +25,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.stpl b/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.stpl
index 45e05c3b..7e0e71d1 100644
--- a/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.stpl
+++ b/install/debian/10/templates/web/nginx/hosting-webmail-phpmyadmin.stpl
@@ -49,7 +49,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/10/templates/web/nginx/hosting.stpl b/install/debian/10/templates/web/nginx/hosting.stpl
index e6ce0670..755caadf 100644
--- a/install/debian/10/templates/web/nginx/hosting.stpl
+++ b/install/debian/10/templates/web/nginx/hosting.stpl
@@ -25,7 +25,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/10/templates/web/nginx/php-fpm/pyrocms.stpl b/install/debian/10/templates/web/nginx/php-fpm/pyrocms.stpl
index 6d44f20f..d26ed9f4 100644
--- a/install/debian/10/templates/web/nginx/php-fpm/pyrocms.stpl
+++ b/install/debian/10/templates/web/nginx/php-fpm/pyrocms.stpl
@@ -36,7 +36,7 @@ server {
 
     location = /robots.txt  { access_log off; log_not_found off; }
     location = /favicon.ico { access_log off; log_not_found off; }
-    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
     location ~ ~$           { access_log off; log_not_found off; deny all; }
 
     error_page  403 /error/404.html;
diff --git a/install/debian/10/templates/web/nginx/private-force-https.stpl b/install/debian/10/templates/web/nginx/private-force-https.stpl
index 164cec16..64094fb8 100644
--- a/install/debian/10/templates/web/nginx/private-force-https.stpl
+++ b/install/debian/10/templates/web/nginx/private-force-https.stpl
@@ -27,7 +27,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/10/templates/web/nginx/private-hosting.stpl b/install/debian/10/templates/web/nginx/private-hosting.stpl
index dbd5bec9..fd9471bd 100644
--- a/install/debian/10/templates/web/nginx/private-hosting.stpl
+++ b/install/debian/10/templates/web/nginx/private-hosting.stpl
@@ -27,7 +27,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/11/templates/web/nginx/caching.stpl b/install/debian/11/templates/web/nginx/caching.stpl
index 2302b419..f5c9740f 100644
--- a/install/debian/11/templates/web/nginx/caching.stpl
+++ b/install/debian/11/templates/web/nginx/caching.stpl
@@ -33,7 +33,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/11/templates/web/nginx/force-https-legacy.stpl b/install/debian/11/templates/web/nginx/force-https-legacy.stpl
index db3714c2..79e55a26 100644
--- a/install/debian/11/templates/web/nginx/force-https-legacy.stpl
+++ b/install/debian/11/templates/web/nginx/force-https-legacy.stpl
@@ -25,7 +25,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/11/templates/web/nginx/force-https-public.stpl b/install/debian/11/templates/web/nginx/force-https-public.stpl
index 9c11d06d..ac422df6 100644
--- a/install/debian/11/templates/web/nginx/force-https-public.stpl
+++ b/install/debian/11/templates/web/nginx/force-https-public.stpl
@@ -25,7 +25,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/11/templates/web/nginx/force-https-webmail-phpmyadmin.stpl b/install/debian/11/templates/web/nginx/force-https-webmail-phpmyadmin.stpl
index 45e05c3b..7e0e71d1 100644
--- a/install/debian/11/templates/web/nginx/force-https-webmail-phpmyadmin.stpl
+++ b/install/debian/11/templates/web/nginx/force-https-webmail-phpmyadmin.stpl
@@ -49,7 +49,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/11/templates/web/nginx/force-https.stpl b/install/debian/11/templates/web/nginx/force-https.stpl
index 2abae221..33fab443 100644
--- a/install/debian/11/templates/web/nginx/force-https.stpl
+++ b/install/debian/11/templates/web/nginx/force-https.stpl
@@ -25,7 +25,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/11/templates/web/nginx/hosting-legacy.stpl b/install/debian/11/templates/web/nginx/hosting-legacy.stpl
index 16874648..a34b4bf1 100644
--- a/install/debian/11/templates/web/nginx/hosting-legacy.stpl
+++ b/install/debian/11/templates/web/nginx/hosting-legacy.stpl
@@ -25,7 +25,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/11/templates/web/nginx/hosting-public.stpl b/install/debian/11/templates/web/nginx/hosting-public.stpl
index 9c11d06d..ac422df6 100644
--- a/install/debian/11/templates/web/nginx/hosting-public.stpl
+++ b/install/debian/11/templates/web/nginx/hosting-public.stpl
@@ -25,7 +25,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/11/templates/web/nginx/hosting-webmail-phpmyadmin.stpl b/install/debian/11/templates/web/nginx/hosting-webmail-phpmyadmin.stpl
index 45e05c3b..7e0e71d1 100644
--- a/install/debian/11/templates/web/nginx/hosting-webmail-phpmyadmin.stpl
+++ b/install/debian/11/templates/web/nginx/hosting-webmail-phpmyadmin.stpl
@@ -49,7 +49,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/11/templates/web/nginx/hosting.stpl b/install/debian/11/templates/web/nginx/hosting.stpl
index e6ce0670..755caadf 100644
--- a/install/debian/11/templates/web/nginx/hosting.stpl
+++ b/install/debian/11/templates/web/nginx/hosting.stpl
@@ -25,7 +25,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/11/templates/web/nginx/php-fpm/pyrocms.stpl b/install/debian/11/templates/web/nginx/php-fpm/pyrocms.stpl
index 6d44f20f..d26ed9f4 100644
--- a/install/debian/11/templates/web/nginx/php-fpm/pyrocms.stpl
+++ b/install/debian/11/templates/web/nginx/php-fpm/pyrocms.stpl
@@ -36,7 +36,7 @@ server {
 
     location = /robots.txt  { access_log off; log_not_found off; }
     location = /favicon.ico { access_log off; log_not_found off; }
-    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
     location ~ ~$           { access_log off; log_not_found off; deny all; }
 
     error_page  403 /error/404.html;
diff --git a/install/debian/11/templates/web/nginx/private-force-https.stpl b/install/debian/11/templates/web/nginx/private-force-https.stpl
index 164cec16..64094fb8 100644
--- a/install/debian/11/templates/web/nginx/private-force-https.stpl
+++ b/install/debian/11/templates/web/nginx/private-force-https.stpl
@@ -27,7 +27,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/11/templates/web/nginx/private-hosting.stpl b/install/debian/11/templates/web/nginx/private-hosting.stpl
index dbd5bec9..fd9471bd 100644
--- a/install/debian/11/templates/web/nginx/private-hosting.stpl
+++ b/install/debian/11/templates/web/nginx/private-hosting.stpl
@@ -27,7 +27,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/7/templates/web/nginx/caching.stpl b/install/debian/7/templates/web/nginx/caching.stpl
index 62be58ba..61b74814 100644
--- a/install/debian/7/templates/web/nginx/caching.stpl
+++ b/install/debian/7/templates/web/nginx/caching.stpl
@@ -33,7 +33,8 @@ server {
         proxy_pass https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/7/templates/web/nginx/default.stpl b/install/debian/7/templates/web/nginx/default.stpl
index 7672d9ac..418305a8 100644
--- a/install/debian/7/templates/web/nginx/default.stpl
+++ b/install/debian/7/templates/web/nginx/default.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/7/templates/web/nginx/hosting.stpl b/install/debian/7/templates/web/nginx/hosting.stpl
index 3f4ad39b..fc70c266 100644
--- a/install/debian/7/templates/web/nginx/hosting.stpl
+++ b/install/debian/7/templates/web/nginx/hosting.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/7/templates/web/nginx/http2.stpl b/install/debian/7/templates/web/nginx/http2.stpl
index b694d1c2..5a958ca4 100644
--- a/install/debian/7/templates/web/nginx/http2.stpl
+++ b/install/debian/7/templates/web/nginx/http2.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/7/templates/web/nginx/php5-fpm/pyrocms.stpl b/install/debian/7/templates/web/nginx/php5-fpm/pyrocms.stpl
index 5ffc9ed5..a721dd81 100644
--- a/install/debian/7/templates/web/nginx/php5-fpm/pyrocms.stpl
+++ b/install/debian/7/templates/web/nginx/php5-fpm/pyrocms.stpl
@@ -37,7 +37,7 @@ server {
 
     location = /robots.txt  { access_log off; log_not_found off; }
     location = /favicon.ico { access_log off; log_not_found off; }
-    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
     location ~ ~$           { access_log off; log_not_found off; deny all; }
 
     error_page  403 /error/404.html;
diff --git a/install/debian/8/templates/web/nginx/caching.stpl b/install/debian/8/templates/web/nginx/caching.stpl
index 86ba5c78..d104643a 100644
--- a/install/debian/8/templates/web/nginx/caching.stpl
+++ b/install/debian/8/templates/web/nginx/caching.stpl
@@ -33,7 +33,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/8/templates/web/nginx/default.stpl b/install/debian/8/templates/web/nginx/default.stpl
index 7672d9ac..418305a8 100644
--- a/install/debian/8/templates/web/nginx/default.stpl
+++ b/install/debian/8/templates/web/nginx/default.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/8/templates/web/nginx/hosting.stpl b/install/debian/8/templates/web/nginx/hosting.stpl
index 3f4ad39b..fc70c266 100644
--- a/install/debian/8/templates/web/nginx/hosting.stpl
+++ b/install/debian/8/templates/web/nginx/hosting.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/8/templates/web/nginx/http2.stpl b/install/debian/8/templates/web/nginx/http2.stpl
index b694d1c2..5a958ca4 100644
--- a/install/debian/8/templates/web/nginx/http2.stpl
+++ b/install/debian/8/templates/web/nginx/http2.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/8/templates/web/nginx/php5-fpm/pyrocms.stpl b/install/debian/8/templates/web/nginx/php5-fpm/pyrocms.stpl
index 5ffc9ed5..a721dd81 100644
--- a/install/debian/8/templates/web/nginx/php5-fpm/pyrocms.stpl
+++ b/install/debian/8/templates/web/nginx/php5-fpm/pyrocms.stpl
@@ -37,7 +37,7 @@ server {
 
     location = /robots.txt  { access_log off; log_not_found off; }
     location = /favicon.ico { access_log off; log_not_found off; }
-    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
     location ~ ~$           { access_log off; log_not_found off; deny all; }
 
     error_page  403 /error/404.html;
diff --git a/install/debian/9/templates/web/nginx/caching.stpl b/install/debian/9/templates/web/nginx/caching.stpl
index 2302b419..f5c9740f 100644
--- a/install/debian/9/templates/web/nginx/caching.stpl
+++ b/install/debian/9/templates/web/nginx/caching.stpl
@@ -33,7 +33,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/9/templates/web/nginx/default.stpl b/install/debian/9/templates/web/nginx/default.stpl
index b694d1c2..5a958ca4 100644
--- a/install/debian/9/templates/web/nginx/default.stpl
+++ b/install/debian/9/templates/web/nginx/default.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/9/templates/web/nginx/hosting.stpl b/install/debian/9/templates/web/nginx/hosting.stpl
index 736751d5..605fa875 100644
--- a/install/debian/9/templates/web/nginx/hosting.stpl
+++ b/install/debian/9/templates/web/nginx/hosting.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/9/templates/web/nginx/http2.stpl b/install/debian/9/templates/web/nginx/http2.stpl
index b694d1c2..5a958ca4 100644
--- a/install/debian/9/templates/web/nginx/http2.stpl
+++ b/install/debian/9/templates/web/nginx/http2.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/debian/9/templates/web/nginx/php-fpm/pyrocms.stpl b/install/debian/9/templates/web/nginx/php-fpm/pyrocms.stpl
index 5ffc9ed5..a721dd81 100644
--- a/install/debian/9/templates/web/nginx/php-fpm/pyrocms.stpl
+++ b/install/debian/9/templates/web/nginx/php-fpm/pyrocms.stpl
@@ -37,7 +37,7 @@ server {
 
     location = /robots.txt  { access_log off; log_not_found off; }
     location = /favicon.ico { access_log off; log_not_found off; }
-    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
     location ~ ~$           { access_log off; log_not_found off; deny all; }
 
     error_page  403 /error/404.html;
diff --git a/install/rhel/5/templates/web/nginx/caching.stpl b/install/rhel/5/templates/web/nginx/caching.stpl
index 2d8cb3ca..720b880b 100755
--- a/install/rhel/5/templates/web/nginx/caching.stpl
+++ b/install/rhel/5/templates/web/nginx/caching.stpl
@@ -33,7 +33,8 @@ server {
         proxy_pass https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/5/templates/web/nginx/default.stpl b/install/rhel/5/templates/web/nginx/default.stpl
index cd350432..92804815 100755
--- a/install/rhel/5/templates/web/nginx/default.stpl
+++ b/install/rhel/5/templates/web/nginx/default.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/5/templates/web/nginx/hosting.stpl b/install/rhel/5/templates/web/nginx/hosting.stpl
index 8985f0aa..10dae25e 100755
--- a/install/rhel/5/templates/web/nginx/hosting.stpl
+++ b/install/rhel/5/templates/web/nginx/hosting.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/5/templates/web/nginx/http2.stpl b/install/rhel/5/templates/web/nginx/http2.stpl
index b694d1c2..5a958ca4 100644
--- a/install/rhel/5/templates/web/nginx/http2.stpl
+++ b/install/rhel/5/templates/web/nginx/http2.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/5/templates/web/nginx/php-fpm/pyrocms.stpl b/install/rhel/5/templates/web/nginx/php-fpm/pyrocms.stpl
index 5ffc9ed5..a721dd81 100644
--- a/install/rhel/5/templates/web/nginx/php-fpm/pyrocms.stpl
+++ b/install/rhel/5/templates/web/nginx/php-fpm/pyrocms.stpl
@@ -37,7 +37,7 @@ server {
 
     location = /robots.txt  { access_log off; log_not_found off; }
     location = /favicon.ico { access_log off; log_not_found off; }
-    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
     location ~ ~$           { access_log off; log_not_found off; deny all; }
 
     error_page  403 /error/404.html;
diff --git a/install/rhel/6/templates/web/nginx/caching.stpl b/install/rhel/6/templates/web/nginx/caching.stpl
index 2d8cb3ca..720b880b 100755
--- a/install/rhel/6/templates/web/nginx/caching.stpl
+++ b/install/rhel/6/templates/web/nginx/caching.stpl
@@ -33,7 +33,8 @@ server {
         proxy_pass https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/6/templates/web/nginx/default.stpl b/install/rhel/6/templates/web/nginx/default.stpl
index cd350432..92804815 100755
--- a/install/rhel/6/templates/web/nginx/default.stpl
+++ b/install/rhel/6/templates/web/nginx/default.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/6/templates/web/nginx/hosting.stpl b/install/rhel/6/templates/web/nginx/hosting.stpl
index 8985f0aa..10dae25e 100755
--- a/install/rhel/6/templates/web/nginx/hosting.stpl
+++ b/install/rhel/6/templates/web/nginx/hosting.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/6/templates/web/nginx/http2.stpl b/install/rhel/6/templates/web/nginx/http2.stpl
index 3f13ff22..0810e9d4 100644
--- a/install/rhel/6/templates/web/nginx/http2.stpl
+++ b/install/rhel/6/templates/web/nginx/http2.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/6/templates/web/nginx/php-fpm/pyrocms.stpl b/install/rhel/6/templates/web/nginx/php-fpm/pyrocms.stpl
index 5ffc9ed5..a721dd81 100644
--- a/install/rhel/6/templates/web/nginx/php-fpm/pyrocms.stpl
+++ b/install/rhel/6/templates/web/nginx/php-fpm/pyrocms.stpl
@@ -37,7 +37,7 @@ server {
 
     location = /robots.txt  { access_log off; log_not_found off; }
     location = /favicon.ico { access_log off; log_not_found off; }
-    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
     location ~ ~$           { access_log off; log_not_found off; deny all; }
 
     error_page  403 /error/404.html;
diff --git a/install/rhel/7/templates/web/nginx/caching.stpl b/install/rhel/7/templates/web/nginx/caching.stpl
index 2d8cb3ca..720b880b 100755
--- a/install/rhel/7/templates/web/nginx/caching.stpl
+++ b/install/rhel/7/templates/web/nginx/caching.stpl
@@ -33,7 +33,8 @@ server {
         proxy_pass https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/7/templates/web/nginx/default.stpl b/install/rhel/7/templates/web/nginx/default.stpl
index cd350432..92804815 100755
--- a/install/rhel/7/templates/web/nginx/default.stpl
+++ b/install/rhel/7/templates/web/nginx/default.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/7/templates/web/nginx/hosting.stpl b/install/rhel/7/templates/web/nginx/hosting.stpl
index 8985f0aa..10dae25e 100755
--- a/install/rhel/7/templates/web/nginx/hosting.stpl
+++ b/install/rhel/7/templates/web/nginx/hosting.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/7/templates/web/nginx/http2.stpl b/install/rhel/7/templates/web/nginx/http2.stpl
index b694d1c2..5a958ca4 100644
--- a/install/rhel/7/templates/web/nginx/http2.stpl
+++ b/install/rhel/7/templates/web/nginx/http2.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/rhel/7/templates/web/nginx/php-fpm/pyrocms.stpl b/install/rhel/7/templates/web/nginx/php-fpm/pyrocms.stpl
index 5ffc9ed5..a721dd81 100644
--- a/install/rhel/7/templates/web/nginx/php-fpm/pyrocms.stpl
+++ b/install/rhel/7/templates/web/nginx/php-fpm/pyrocms.stpl
@@ -37,7 +37,7 @@ server {
 
     location = /robots.txt  { access_log off; log_not_found off; }
     location = /favicon.ico { access_log off; log_not_found off; }
-    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
     location ~ ~$           { access_log off; log_not_found off; deny all; }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/12.04/templates/web/nginx/caching.stpl b/install/ubuntu/12.04/templates/web/nginx/caching.stpl
index 62be58ba..61b74814 100755
--- a/install/ubuntu/12.04/templates/web/nginx/caching.stpl
+++ b/install/ubuntu/12.04/templates/web/nginx/caching.stpl
@@ -33,7 +33,8 @@ server {
         proxy_pass https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/12.04/templates/web/nginx/default.stpl b/install/ubuntu/12.04/templates/web/nginx/default.stpl
index 7672d9ac..418305a8 100755
--- a/install/ubuntu/12.04/templates/web/nginx/default.stpl
+++ b/install/ubuntu/12.04/templates/web/nginx/default.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/12.04/templates/web/nginx/hosting.stpl b/install/ubuntu/12.04/templates/web/nginx/hosting.stpl
index 3f4ad39b..fc70c266 100755
--- a/install/ubuntu/12.04/templates/web/nginx/hosting.stpl
+++ b/install/ubuntu/12.04/templates/web/nginx/hosting.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/12.04/templates/web/nginx/http2.stpl b/install/ubuntu/12.04/templates/web/nginx/http2.stpl
index b694d1c2..5a958ca4 100644
--- a/install/ubuntu/12.04/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/12.04/templates/web/nginx/http2.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/pyrocms.stpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/pyrocms.stpl
index 5ffc9ed5..a721dd81 100644
--- a/install/ubuntu/12.04/templates/web/nginx/php-fpm/pyrocms.stpl
+++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/pyrocms.stpl
@@ -37,7 +37,7 @@ server {
 
     location = /robots.txt  { access_log off; log_not_found off; }
     location = /favicon.ico { access_log off; log_not_found off; }
-    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
     location ~ ~$           { access_log off; log_not_found off; deny all; }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/12.10/templates/web/nginx/caching.stpl b/install/ubuntu/12.10/templates/web/nginx/caching.stpl
index 62be58ba..61b74814 100755
--- a/install/ubuntu/12.10/templates/web/nginx/caching.stpl
+++ b/install/ubuntu/12.10/templates/web/nginx/caching.stpl
@@ -33,7 +33,8 @@ server {
         proxy_pass https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/12.10/templates/web/nginx/default.stpl b/install/ubuntu/12.10/templates/web/nginx/default.stpl
index 7672d9ac..418305a8 100755
--- a/install/ubuntu/12.10/templates/web/nginx/default.stpl
+++ b/install/ubuntu/12.10/templates/web/nginx/default.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/12.10/templates/web/nginx/hosting.stpl b/install/ubuntu/12.10/templates/web/nginx/hosting.stpl
index 3f4ad39b..fc70c266 100755
--- a/install/ubuntu/12.10/templates/web/nginx/hosting.stpl
+++ b/install/ubuntu/12.10/templates/web/nginx/hosting.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/12.10/templates/web/nginx/http2.stpl b/install/ubuntu/12.10/templates/web/nginx/http2.stpl
index b694d1c2..5a958ca4 100644
--- a/install/ubuntu/12.10/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/12.10/templates/web/nginx/http2.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/pyrocms.stpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/pyrocms.stpl
index 5ffc9ed5..a721dd81 100644
--- a/install/ubuntu/12.10/templates/web/nginx/php-fpm/pyrocms.stpl
+++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/pyrocms.stpl
@@ -37,7 +37,7 @@ server {
 
     location = /robots.txt  { access_log off; log_not_found off; }
     location = /favicon.ico { access_log off; log_not_found off; }
-    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
     location ~ ~$           { access_log off; log_not_found off; deny all; }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/13.04/templates/web/nginx/caching.stpl b/install/ubuntu/13.04/templates/web/nginx/caching.stpl
index 62be58ba..61b74814 100755
--- a/install/ubuntu/13.04/templates/web/nginx/caching.stpl
+++ b/install/ubuntu/13.04/templates/web/nginx/caching.stpl
@@ -33,7 +33,8 @@ server {
         proxy_pass https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/13.04/templates/web/nginx/default.stpl b/install/ubuntu/13.04/templates/web/nginx/default.stpl
index 7672d9ac..418305a8 100755
--- a/install/ubuntu/13.04/templates/web/nginx/default.stpl
+++ b/install/ubuntu/13.04/templates/web/nginx/default.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/13.04/templates/web/nginx/hosting.stpl b/install/ubuntu/13.04/templates/web/nginx/hosting.stpl
index 3f4ad39b..fc70c266 100755
--- a/install/ubuntu/13.04/templates/web/nginx/hosting.stpl
+++ b/install/ubuntu/13.04/templates/web/nginx/hosting.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/13.04/templates/web/nginx/http2.stpl b/install/ubuntu/13.04/templates/web/nginx/http2.stpl
index b694d1c2..5a958ca4 100644
--- a/install/ubuntu/13.04/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/13.04/templates/web/nginx/http2.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/pyrocms.stpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/pyrocms.stpl
index 5ffc9ed5..a721dd81 100644
--- a/install/ubuntu/13.04/templates/web/nginx/php-fpm/pyrocms.stpl
+++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/pyrocms.stpl
@@ -37,7 +37,7 @@ server {
 
     location = /robots.txt  { access_log off; log_not_found off; }
     location = /favicon.ico { access_log off; log_not_found off; }
-    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
     location ~ ~$           { access_log off; log_not_found off; deny all; }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/13.10/templates/web/nginx/caching.stpl b/install/ubuntu/13.10/templates/web/nginx/caching.stpl
index 62be58ba..61b74814 100755
--- a/install/ubuntu/13.10/templates/web/nginx/caching.stpl
+++ b/install/ubuntu/13.10/templates/web/nginx/caching.stpl
@@ -33,7 +33,8 @@ server {
         proxy_pass https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/13.10/templates/web/nginx/default.stpl b/install/ubuntu/13.10/templates/web/nginx/default.stpl
index 7672d9ac..418305a8 100755
--- a/install/ubuntu/13.10/templates/web/nginx/default.stpl
+++ b/install/ubuntu/13.10/templates/web/nginx/default.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/13.10/templates/web/nginx/hosting.stpl b/install/ubuntu/13.10/templates/web/nginx/hosting.stpl
index 3f4ad39b..fc70c266 100755
--- a/install/ubuntu/13.10/templates/web/nginx/hosting.stpl
+++ b/install/ubuntu/13.10/templates/web/nginx/hosting.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/13.10/templates/web/nginx/http2.stpl b/install/ubuntu/13.10/templates/web/nginx/http2.stpl
index b694d1c2..5a958ca4 100644
--- a/install/ubuntu/13.10/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/13.10/templates/web/nginx/http2.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/pyrocms.stpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/pyrocms.stpl
index 5ffc9ed5..a721dd81 100644
--- a/install/ubuntu/13.10/templates/web/nginx/php-fpm/pyrocms.stpl
+++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/pyrocms.stpl
@@ -37,7 +37,7 @@ server {
 
     location = /robots.txt  { access_log off; log_not_found off; }
     location = /favicon.ico { access_log off; log_not_found off; }
-    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
     location ~ ~$           { access_log off; log_not_found off; deny all; }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/14.04/templates/web/nginx/caching.stpl b/install/ubuntu/14.04/templates/web/nginx/caching.stpl
index 62be58ba..61b74814 100755
--- a/install/ubuntu/14.04/templates/web/nginx/caching.stpl
+++ b/install/ubuntu/14.04/templates/web/nginx/caching.stpl
@@ -33,7 +33,8 @@ server {
         proxy_pass https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/14.04/templates/web/nginx/default.stpl b/install/ubuntu/14.04/templates/web/nginx/default.stpl
index 7672d9ac..418305a8 100755
--- a/install/ubuntu/14.04/templates/web/nginx/default.stpl
+++ b/install/ubuntu/14.04/templates/web/nginx/default.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/14.04/templates/web/nginx/hosting.stpl b/install/ubuntu/14.04/templates/web/nginx/hosting.stpl
index 3f4ad39b..fc70c266 100755
--- a/install/ubuntu/14.04/templates/web/nginx/hosting.stpl
+++ b/install/ubuntu/14.04/templates/web/nginx/hosting.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/14.04/templates/web/nginx/http2.stpl b/install/ubuntu/14.04/templates/web/nginx/http2.stpl
index b694d1c2..5a958ca4 100644
--- a/install/ubuntu/14.04/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/14.04/templates/web/nginx/http2.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/pyrocms.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/pyrocms.stpl
index 5ffc9ed5..a721dd81 100644
--- a/install/ubuntu/14.04/templates/web/nginx/php-fpm/pyrocms.stpl
+++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/pyrocms.stpl
@@ -37,7 +37,7 @@ server {
 
     location = /robots.txt  { access_log off; log_not_found off; }
     location = /favicon.ico { access_log off; log_not_found off; }
-    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
     location ~ ~$           { access_log off; log_not_found off; deny all; }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/14.10/templates/web/nginx/caching.stpl b/install/ubuntu/14.10/templates/web/nginx/caching.stpl
index 62be58ba..61b74814 100755
--- a/install/ubuntu/14.10/templates/web/nginx/caching.stpl
+++ b/install/ubuntu/14.10/templates/web/nginx/caching.stpl
@@ -33,7 +33,8 @@ server {
         proxy_pass https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/14.10/templates/web/nginx/default.stpl b/install/ubuntu/14.10/templates/web/nginx/default.stpl
index 7672d9ac..418305a8 100755
--- a/install/ubuntu/14.10/templates/web/nginx/default.stpl
+++ b/install/ubuntu/14.10/templates/web/nginx/default.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/14.10/templates/web/nginx/hosting.stpl b/install/ubuntu/14.10/templates/web/nginx/hosting.stpl
index 3f4ad39b..fc70c266 100755
--- a/install/ubuntu/14.10/templates/web/nginx/hosting.stpl
+++ b/install/ubuntu/14.10/templates/web/nginx/hosting.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/14.10/templates/web/nginx/http2.stpl b/install/ubuntu/14.10/templates/web/nginx/http2.stpl
index b694d1c2..5a958ca4 100644
--- a/install/ubuntu/14.10/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/14.10/templates/web/nginx/http2.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/pyrocms.stpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/pyrocms.stpl
index 5ffc9ed5..a721dd81 100644
--- a/install/ubuntu/14.10/templates/web/nginx/php-fpm/pyrocms.stpl
+++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/pyrocms.stpl
@@ -37,7 +37,7 @@ server {
 
     location = /robots.txt  { access_log off; log_not_found off; }
     location = /favicon.ico { access_log off; log_not_found off; }
-    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
     location ~ ~$           { access_log off; log_not_found off; deny all; }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/15.04/templates/web/nginx/caching.stpl b/install/ubuntu/15.04/templates/web/nginx/caching.stpl
index 62be58ba..61b74814 100755
--- a/install/ubuntu/15.04/templates/web/nginx/caching.stpl
+++ b/install/ubuntu/15.04/templates/web/nginx/caching.stpl
@@ -33,7 +33,8 @@ server {
         proxy_pass https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/15.04/templates/web/nginx/default.stpl b/install/ubuntu/15.04/templates/web/nginx/default.stpl
index 7672d9ac..418305a8 100755
--- a/install/ubuntu/15.04/templates/web/nginx/default.stpl
+++ b/install/ubuntu/15.04/templates/web/nginx/default.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/15.04/templates/web/nginx/hosting.stpl b/install/ubuntu/15.04/templates/web/nginx/hosting.stpl
index 3f4ad39b..fc70c266 100755
--- a/install/ubuntu/15.04/templates/web/nginx/hosting.stpl
+++ b/install/ubuntu/15.04/templates/web/nginx/hosting.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/15.04/templates/web/nginx/http2.stpl b/install/ubuntu/15.04/templates/web/nginx/http2.stpl
index b694d1c2..5a958ca4 100644
--- a/install/ubuntu/15.04/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/15.04/templates/web/nginx/http2.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/pyrocms.stpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/pyrocms.stpl
index 5ffc9ed5..a721dd81 100644
--- a/install/ubuntu/15.04/templates/web/nginx/php-fpm/pyrocms.stpl
+++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/pyrocms.stpl
@@ -37,7 +37,7 @@ server {
 
     location = /robots.txt  { access_log off; log_not_found off; }
     location = /favicon.ico { access_log off; log_not_found off; }
-    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
     location ~ ~$           { access_log off; log_not_found off; deny all; }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/15.10/templates/web/nginx/caching.stpl b/install/ubuntu/15.10/templates/web/nginx/caching.stpl
index 62be58ba..61b74814 100755
--- a/install/ubuntu/15.10/templates/web/nginx/caching.stpl
+++ b/install/ubuntu/15.10/templates/web/nginx/caching.stpl
@@ -33,7 +33,8 @@ server {
         proxy_pass https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/15.10/templates/web/nginx/default.stpl b/install/ubuntu/15.10/templates/web/nginx/default.stpl
index 7672d9ac..418305a8 100755
--- a/install/ubuntu/15.10/templates/web/nginx/default.stpl
+++ b/install/ubuntu/15.10/templates/web/nginx/default.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/15.10/templates/web/nginx/hosting.stpl b/install/ubuntu/15.10/templates/web/nginx/hosting.stpl
index 3f4ad39b..fc70c266 100755
--- a/install/ubuntu/15.10/templates/web/nginx/hosting.stpl
+++ b/install/ubuntu/15.10/templates/web/nginx/hosting.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/15.10/templates/web/nginx/http2.stpl b/install/ubuntu/15.10/templates/web/nginx/http2.stpl
index b694d1c2..5a958ca4 100644
--- a/install/ubuntu/15.10/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/15.10/templates/web/nginx/http2.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/pyrocms.stpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/pyrocms.stpl
index 5ffc9ed5..a721dd81 100644
--- a/install/ubuntu/15.10/templates/web/nginx/php-fpm/pyrocms.stpl
+++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/pyrocms.stpl
@@ -37,7 +37,7 @@ server {
 
     location = /robots.txt  { access_log off; log_not_found off; }
     location = /favicon.ico { access_log off; log_not_found off; }
-    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
     location ~ ~$           { access_log off; log_not_found off; deny all; }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/16.04/templates/web/nginx/caching.stpl b/install/ubuntu/16.04/templates/web/nginx/caching.stpl
index 62be58ba..61b74814 100755
--- a/install/ubuntu/16.04/templates/web/nginx/caching.stpl
+++ b/install/ubuntu/16.04/templates/web/nginx/caching.stpl
@@ -33,7 +33,8 @@ server {
         proxy_pass https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/16.04/templates/web/nginx/default.stpl b/install/ubuntu/16.04/templates/web/nginx/default.stpl
index 7672d9ac..418305a8 100755
--- a/install/ubuntu/16.04/templates/web/nginx/default.stpl
+++ b/install/ubuntu/16.04/templates/web/nginx/default.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/16.04/templates/web/nginx/hosting.stpl b/install/ubuntu/16.04/templates/web/nginx/hosting.stpl
index 3f4ad39b..fc70c266 100755
--- a/install/ubuntu/16.04/templates/web/nginx/hosting.stpl
+++ b/install/ubuntu/16.04/templates/web/nginx/hosting.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/16.04/templates/web/nginx/http2.stpl b/install/ubuntu/16.04/templates/web/nginx/http2.stpl
index b694d1c2..5a958ca4 100644
--- a/install/ubuntu/16.04/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/16.04/templates/web/nginx/http2.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/pyrocms.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/pyrocms.stpl
index 5ffc9ed5..a721dd81 100644
--- a/install/ubuntu/16.04/templates/web/nginx/php-fpm/pyrocms.stpl
+++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/pyrocms.stpl
@@ -37,7 +37,7 @@ server {
 
     location = /robots.txt  { access_log off; log_not_found off; }
     location = /favicon.ico { access_log off; log_not_found off; }
-    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
     location ~ ~$           { access_log off; log_not_found off; deny all; }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/16.10/templates/web/nginx/caching.stpl b/install/ubuntu/16.10/templates/web/nginx/caching.stpl
index 62be58ba..61b74814 100755
--- a/install/ubuntu/16.10/templates/web/nginx/caching.stpl
+++ b/install/ubuntu/16.10/templates/web/nginx/caching.stpl
@@ -33,7 +33,8 @@ server {
         proxy_pass https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/16.10/templates/web/nginx/default.stpl b/install/ubuntu/16.10/templates/web/nginx/default.stpl
index 7672d9ac..418305a8 100755
--- a/install/ubuntu/16.10/templates/web/nginx/default.stpl
+++ b/install/ubuntu/16.10/templates/web/nginx/default.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/16.10/templates/web/nginx/hosting.stpl b/install/ubuntu/16.10/templates/web/nginx/hosting.stpl
index 3f4ad39b..fc70c266 100755
--- a/install/ubuntu/16.10/templates/web/nginx/hosting.stpl
+++ b/install/ubuntu/16.10/templates/web/nginx/hosting.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/16.10/templates/web/nginx/http2.stpl b/install/ubuntu/16.10/templates/web/nginx/http2.stpl
index b694d1c2..5a958ca4 100644
--- a/install/ubuntu/16.10/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/16.10/templates/web/nginx/http2.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/pyrocms.stpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/pyrocms.stpl
index 5ffc9ed5..a721dd81 100644
--- a/install/ubuntu/16.10/templates/web/nginx/php-fpm/pyrocms.stpl
+++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/pyrocms.stpl
@@ -37,7 +37,7 @@ server {
 
     location = /robots.txt  { access_log off; log_not_found off; }
     location = /favicon.ico { access_log off; log_not_found off; }
-    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
     location ~ ~$           { access_log off; log_not_found off; deny all; }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/17.04/templates/web/nginx/caching.stpl b/install/ubuntu/17.04/templates/web/nginx/caching.stpl
index 62be58ba..61b74814 100755
--- a/install/ubuntu/17.04/templates/web/nginx/caching.stpl
+++ b/install/ubuntu/17.04/templates/web/nginx/caching.stpl
@@ -33,7 +33,8 @@ server {
         proxy_pass https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/17.04/templates/web/nginx/default.stpl b/install/ubuntu/17.04/templates/web/nginx/default.stpl
index 7672d9ac..418305a8 100755
--- a/install/ubuntu/17.04/templates/web/nginx/default.stpl
+++ b/install/ubuntu/17.04/templates/web/nginx/default.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/17.04/templates/web/nginx/hosting.stpl b/install/ubuntu/17.04/templates/web/nginx/hosting.stpl
index 587b02c7..3e3567d6 100755
--- a/install/ubuntu/17.04/templates/web/nginx/hosting.stpl
+++ b/install/ubuntu/17.04/templates/web/nginx/hosting.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/17.04/templates/web/nginx/http2.stpl b/install/ubuntu/17.04/templates/web/nginx/http2.stpl
index b694d1c2..5a958ca4 100644
--- a/install/ubuntu/17.04/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/17.04/templates/web/nginx/http2.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/pyrocms.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/pyrocms.stpl
index 5ffc9ed5..a721dd81 100644
--- a/install/ubuntu/17.04/templates/web/nginx/php-fpm/pyrocms.stpl
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/pyrocms.stpl
@@ -37,7 +37,7 @@ server {
 
     location = /robots.txt  { access_log off; log_not_found off; }
     location = /favicon.ico { access_log off; log_not_found off; }
-    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
     location ~ ~$           { access_log off; log_not_found off; deny all; }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/17.10/templates/web/nginx/caching.stpl b/install/ubuntu/17.10/templates/web/nginx/caching.stpl
index 62be58ba..61b74814 100755
--- a/install/ubuntu/17.10/templates/web/nginx/caching.stpl
+++ b/install/ubuntu/17.10/templates/web/nginx/caching.stpl
@@ -33,7 +33,8 @@ server {
         proxy_pass https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/17.10/templates/web/nginx/default.stpl b/install/ubuntu/17.10/templates/web/nginx/default.stpl
index 7672d9ac..418305a8 100755
--- a/install/ubuntu/17.10/templates/web/nginx/default.stpl
+++ b/install/ubuntu/17.10/templates/web/nginx/default.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/17.10/templates/web/nginx/hosting.stpl b/install/ubuntu/17.10/templates/web/nginx/hosting.stpl
index 587b02c7..3e3567d6 100755
--- a/install/ubuntu/17.10/templates/web/nginx/hosting.stpl
+++ b/install/ubuntu/17.10/templates/web/nginx/hosting.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/17.10/templates/web/nginx/http2.stpl b/install/ubuntu/17.10/templates/web/nginx/http2.stpl
index b694d1c2..5a958ca4 100644
--- a/install/ubuntu/17.10/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/17.10/templates/web/nginx/http2.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/pyrocms.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/pyrocms.stpl
index 5ffc9ed5..a721dd81 100644
--- a/install/ubuntu/17.10/templates/web/nginx/php-fpm/pyrocms.stpl
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/pyrocms.stpl
@@ -37,7 +37,7 @@ server {
 
     location = /robots.txt  { access_log off; log_not_found off; }
     location = /favicon.ico { access_log off; log_not_found off; }
-    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
     location ~ ~$           { access_log off; log_not_found off; deny all; }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/18.04/templates/web/nginx/caching.stpl b/install/ubuntu/18.04/templates/web/nginx/caching.stpl
index 62be58ba..61b74814 100755
--- a/install/ubuntu/18.04/templates/web/nginx/caching.stpl
+++ b/install/ubuntu/18.04/templates/web/nginx/caching.stpl
@@ -33,7 +33,8 @@ server {
         proxy_pass https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/18.04/templates/web/nginx/default.stpl b/install/ubuntu/18.04/templates/web/nginx/default.stpl
index 7672d9ac..418305a8 100755
--- a/install/ubuntu/18.04/templates/web/nginx/default.stpl
+++ b/install/ubuntu/18.04/templates/web/nginx/default.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/18.04/templates/web/nginx/hosting.stpl b/install/ubuntu/18.04/templates/web/nginx/hosting.stpl
index 587b02c7..3e3567d6 100755
--- a/install/ubuntu/18.04/templates/web/nginx/hosting.stpl
+++ b/install/ubuntu/18.04/templates/web/nginx/hosting.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/18.04/templates/web/nginx/http2.stpl b/install/ubuntu/18.04/templates/web/nginx/http2.stpl
index b694d1c2..5a958ca4 100644
--- a/install/ubuntu/18.04/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/18.04/templates/web/nginx/http2.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/pyrocms.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/pyrocms.stpl
index c9f91854..b8bf770a 100644
--- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/pyrocms.stpl
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/pyrocms.stpl
@@ -36,7 +36,7 @@ server {
 
     location = /robots.txt  { access_log off; log_not_found off; }
     location = /favicon.ico { access_log off; log_not_found off; }
-    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
     location ~ ~$           { access_log off; log_not_found off; deny all; }
 
     error_page  403 /error/404.html;
diff --git a/install/ubuntu/18.10/templates/web/nginx/caching.stpl b/install/ubuntu/18.10/templates/web/nginx/caching.stpl
index 62be58ba..61b74814 100755
--- a/install/ubuntu/18.10/templates/web/nginx/caching.stpl
+++ b/install/ubuntu/18.10/templates/web/nginx/caching.stpl
@@ -33,7 +33,8 @@ server {
         proxy_pass https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/18.10/templates/web/nginx/default.stpl b/install/ubuntu/18.10/templates/web/nginx/default.stpl
index 7672d9ac..418305a8 100755
--- a/install/ubuntu/18.10/templates/web/nginx/default.stpl
+++ b/install/ubuntu/18.10/templates/web/nginx/default.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/18.10/templates/web/nginx/hosting.stpl b/install/ubuntu/18.10/templates/web/nginx/hosting.stpl
index 587b02c7..3e3567d6 100755
--- a/install/ubuntu/18.10/templates/web/nginx/hosting.stpl
+++ b/install/ubuntu/18.10/templates/web/nginx/hosting.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/18.10/templates/web/nginx/http2.stpl b/install/ubuntu/18.10/templates/web/nginx/http2.stpl
index b694d1c2..5a958ca4 100644
--- a/install/ubuntu/18.10/templates/web/nginx/http2.stpl
+++ b/install/ubuntu/18.10/templates/web/nginx/http2.stpl
@@ -24,7 +24,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/pyrocms.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/pyrocms.stpl
index c9f91854..b8bf770a 100644
--- a/install/ubuntu/18.10/templates/web/nginx/php-fpm/pyrocms.stpl
+++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/pyrocms.stpl
@@ -36,7 +36,7 @@ server {
 
     location = /robots.txt  { access_log off; log_not_found off; }
     location = /favicon.ico { access_log off; log_not_found off; }
-    location ~ /\.          { access_log off; log_not_found off; deny all; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
     location ~ ~$           { access_log off; log_not_found off; deny all; }
 
     error_page  403 /error/404.html;
diff --git a/src/deb/for-download/tools/nodejs-nginx-templates/node-app-3000-no-https-force.stpl b/src/deb/for-download/tools/nodejs-nginx-templates/node-app-3000-no-https-force.stpl
index 0978f452..d66f80be 100644
--- a/src/deb/for-download/tools/nodejs-nginx-templates/node-app-3000-no-https-force.stpl
+++ b/src/deb/for-download/tools/nodejs-nginx-templates/node-app-3000-no-https-force.stpl
@@ -41,7 +41,8 @@ server {
     }
 
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/src/deb/for-download/tools/nodejs-nginx-templates/node-app-3000-pass-to-https.stpl b/src/deb/for-download/tools/nodejs-nginx-templates/node-app-3000-pass-to-https.stpl
index 4e75c188..27dd354b 100644
--- a/src/deb/for-download/tools/nodejs-nginx-templates/node-app-3000-pass-to-https.stpl
+++ b/src/deb/for-download/tools/nodejs-nginx-templates/node-app-3000-pass-to-https.stpl
@@ -41,7 +41,8 @@ server {
     }
 
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/src/deb/for-download/tools/nodejs-nginx-templates/node-app-3000.stpl b/src/deb/for-download/tools/nodejs-nginx-templates/node-app-3000.stpl
index 0978f452..d66f80be 100644
--- a/src/deb/for-download/tools/nodejs-nginx-templates/node-app-3000.stpl
+++ b/src/deb/for-download/tools/nodejs-nginx-templates/node-app-3000.stpl
@@ -41,7 +41,8 @@ server {
     }
 
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/src/deb/for-download/tools/nodejs-nginx-templates/node-app-4000-and-websocket-6001.stpl b/src/deb/for-download/tools/nodejs-nginx-templates/node-app-4000-and-websocket-6001.stpl
index d1781ee6..d8a23009 100644
--- a/src/deb/for-download/tools/nodejs-nginx-templates/node-app-4000-and-websocket-6001.stpl
+++ b/src/deb/for-download/tools/nodejs-nginx-templates/node-app-4000-and-websocket-6001.stpl
@@ -57,7 +57,8 @@ server {
     }
 
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/src/deb/for-download/tools/nodejs-nginx-templates/node-app-also-handle-static-files-3000.stpl b/src/deb/for-download/tools/nodejs-nginx-templates/node-app-also-handle-static-files-3000.stpl
index e22d4ccc..a6a0b744 100644
--- a/src/deb/for-download/tools/nodejs-nginx-templates/node-app-also-handle-static-files-3000.stpl
+++ b/src/deb/for-download/tools/nodejs-nginx-templates/node-app-also-handle-static-files-3000.stpl
@@ -26,7 +26,8 @@ server {
     }
 
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2-conn-4.stpl b/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2-conn-4.stpl
index c993be39..d770ac6a 100644
--- a/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2-conn-4.stpl
+++ b/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2-conn-4.stpl
@@ -28,7 +28,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2.stpl b/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2.stpl
index 2b4fa14e..a2f7f9f2 100644
--- a/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2.stpl
+++ b/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2.stpl
@@ -28,7 +28,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2.stpl b/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2.stpl
index 289116df..6118fa82 100644
--- a/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2.stpl
+++ b/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2.stpl
@@ -28,7 +28,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall.stpl b/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall.stpl
index b06aca58..b4468a6a 100644
--- a/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall.stpl
+++ b/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall.stpl
@@ -28,7 +28,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2-conn-4.stpl b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2-conn-4.stpl
index 05ede9e6..df269ad4 100644
--- a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2-conn-4.stpl
+++ b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2-conn-4.stpl
@@ -28,7 +28,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2.stpl b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2.stpl
index e02ce616..8e0a0f5a 100644
--- a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2.stpl
+++ b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2-speed-2.stpl
@@ -28,7 +28,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2.stpl b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2.stpl
index d43b7529..9649671d 100644
--- a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2.stpl
+++ b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall-burst-2.stpl
@@ -28,7 +28,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}
diff --git a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.stpl b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.stpl
index c2274a43..21acb34b 100644
--- a/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.stpl
+++ b/src/deb/for-download/tools/rate-limit-tpl/hosting-firewall.stpl
@@ -28,7 +28,8 @@ server {
         proxy_pass      https://%ip%:%web_ssl_port%;
     }
 
-    location ~ /\.      {return 404;}
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
     location ~ /\.svn/  {return 404;}
     location ~ /\.git/  {return 404;}
     location ~ /\.hg/   {return 404;}

From 1cbd6a57973a34bd29aec16097c7ba24e29ec482 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 31 Mar 2022 16:12:46 +0200
Subject: [PATCH 1691/2300] Update v-get-database-credentials-of-domain

---
 bin/v-get-database-credentials-of-domain | 1 +
 1 file changed, 1 insertion(+)

diff --git a/bin/v-get-database-credentials-of-domain b/bin/v-get-database-credentials-of-domain
index 22550d7a..cb5729b0 100644
--- a/bin/v-get-database-credentials-of-domain
+++ b/bin/v-get-database-credentials-of-domain
@@ -84,6 +84,7 @@ if [ "$CMS_TYPE" = "wordpress" ]; then
     CONFIG_FILE_FULL_PATH_BACKUP="${CONFIG_FILE_FULL_PATH}_backup"
     cp $CONFIG_FILE_FULL_PATH $CONFIG_FILE_FULL_PATH_BACKUP
     sed -i "s|//.*$||g" $CONFIG_FILE_FULL_PATH_BACKUP
+    sed -i "s|\"|'|g" $CONFIG_FILE_FULL_PATH_BACKUP
     sed -i "s|('|( '|g" $CONFIG_FILE_FULL_PATH_BACKUP
     sed -i "s|');|' );|g" $CONFIG_FILE_FULL_PATH_BACKUP
     DATABASE_NAME=$(grep 'DB_NAME' $CONFIG_FILE_FULL_PATH_BACKUP | awk '{print $3}' | sed -e "s/^'//" -e "s/'$//")

From 8bbf4ef361607907971e35203a7214b913a2d987 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 2 Apr 2022 10:12:05 +0200
Subject: [PATCH 1692/2300] Update install-new-roundcube.sh

---
 src/deb/for-download/tools/install-new-roundcube.sh | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/deb/for-download/tools/install-new-roundcube.sh b/src/deb/for-download/tools/install-new-roundcube.sh
index 8996fa75..4d03160e 100644
--- a/src/deb/for-download/tools/install-new-roundcube.sh
+++ b/src/deb/for-download/tools/install-new-roundcube.sh
@@ -10,7 +10,6 @@ LOGINMESSAGE1='Click here for NEW Webmail'
 LOGINMESSAGE2='(it is adapted for mobile phones too)'
 
 DATABASE_NAME_WITHOUT_PREFIX="roundcube"
-DATABASE_NAME="${USER}_roundcube"
 
 #############################################################################################################################
 
@@ -21,6 +20,8 @@ if [ $# -gt 1 ]; then
     DOMAIN=$2
 fi
 
+DATABASE_NAME="${USER}_roundcube"
+
 if [ -z "$USER" ] || [ -z "$DOMAIN" ]; then
     echo "Usage:"
     echo "bash install-new-roundcube.sh VESTAUSER YOURDOMAIN.com"

From add252bbd71840f4cfa7c96c7997323d92632e95 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 2 Apr 2022 10:13:37 +0200
Subject: [PATCH 1693/2300] Update install-new-roundcube.sh

---
 src/deb/for-download/tools/install-new-roundcube.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/for-download/tools/install-new-roundcube.sh b/src/deb/for-download/tools/install-new-roundcube.sh
index 4d03160e..a746ff59 100644
--- a/src/deb/for-download/tools/install-new-roundcube.sh
+++ b/src/deb/for-download/tools/install-new-roundcube.sh
@@ -20,7 +20,7 @@ if [ $# -gt 1 ]; then
     DOMAIN=$2
 fi
 
-DATABASE_NAME="${USER}_roundcube"
+DATABASE_NAME="${USER}_${DATABASE_NAME_WITHOUT_PREFIX}"
 
 if [ -z "$USER" ] || [ -z "$DOMAIN" ]; then
     echo "Usage:"

From 547d5f0c5be550028d17d85989792d01cabc4637 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 25 Apr 2022 21:13:46 +0200
Subject: [PATCH 1694/2300] Preventing brute-force reseting password

---
 bin/v-change-user-rkey     |  60 +++++++++++++++++++
 bin/v-log-failed-login     |  31 ++++++++++
 web/reset/index.php        | 114 +++++++++++++++++++++++++++----------
 web/templates/reset_1.html |  17 +++++-
 web/templates/reset_2.html |   5 +-
 web/templates/reset_3.html |   5 +-
 6 files changed, 195 insertions(+), 37 deletions(-)
 create mode 100644 bin/v-change-user-rkey
 create mode 100644 bin/v-log-failed-login

diff --git a/bin/v-change-user-rkey b/bin/v-change-user-rkey
new file mode 100644
index 00000000..6a11eed2
--- /dev/null
+++ b/bin/v-change-user-rkey
@@ -0,0 +1,60 @@
+#!/bin/bash
+# info: change user rkey
+# options: USER
+#
+# The function changes user's RKEY value.
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument definition
+user=$1
+
+# Includes
+source $VESTA/func/main.sh
+source $VESTA/conf/vesta.conf
+
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+if [ "$user" = "root" ]; then
+    check_result $E_FORBIDEN "Changing root password is forbiden"
+fi
+
+check_args '1' "$#" 'USER'
+is_format_valid 'user'
+is_object_valid 'user' 'USER' "$user"
+is_object_unsuspended 'user' 'USER' "$user"
+
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+hash=$(generate_password)
+d=$(date +%s)
+
+# Changing RKEY value
+update_user_value "$user" '$RKEY' "$hash"
+
+#check if RKEYEXP exists
+if [ -z "$(grep RKEYEXP $USER_DATA/user.conf)" ]; then
+    sed -i "s/^RKEY/RKEYEXP='$d'\nRKEY/g" $USER_DATA/user.conf
+else
+    update_user_value "$user" '$RKEYEXP' "$d"
+fi
+
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+# Logging
+log_history "changed rkey"
+log_event "$OK" "$ARGUMENTS"
+
+exit
diff --git a/bin/v-log-failed-login b/bin/v-log-failed-login
new file mode 100644
index 00000000..76bfd36a
--- /dev/null
+++ b/bin/v-log-failed-login
@@ -0,0 +1,31 @@
+#!/bin/bash
+# info: log failed login attempt
+# options: USER [IP]
+#
+# The function log failed login attempt
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument definition
+user=$1
+ip=${2-127.0.0.1}
+
+time_n_date=$(date +'%T %F')
+time=$(echo "$time_n_date" |cut -f 1 -d \ )
+date=$(echo "$time_n_date" |cut -f 2 -d \ )
+
+
+#----------------------------------------------------------#
+#                           Action                         #
+#----------------------------------------------------------#
+
+echo "$date $time $user $ip failed to login" >> $VESTA/log/auth.log
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+exit 0
diff --git a/web/reset/index.php b/web/reset/index.php
index e4a7608f..9a42b2cb 100644
--- a/web/reset/index.php
+++ b/web/reset/index.php
@@ -2,6 +2,7 @@
 session_start();
 define('NO_AUTH_REQUIRED',true);
 $TAB = 'RESET PASSWORD';
+$v_ip = $_SERVER['REMOTE_ADDR'];
 
 if (isset($_SESSION['user'])) {
     header("Location: /list/user");
@@ -11,35 +12,72 @@ if (isset($_SESSION['user'])) {
 include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");
 
 if ((!empty($_POST['user'])) && (empty($_POST['code']))) {
+
+    // Check token
+    if ((!isset($_REQUEST['token'])) || ($_SESSION['token'] != $_REQUEST['token'])) {
+        die("Wrong token or missing token");
+    }
+
     $v_user = escapeshellarg($_POST['user']);
     $user = $_POST['user'];
+    $email = $_POST['email'];
     $cmd="/usr/bin/sudo /usr/local/vesta/bin/v-list-user";
     exec ($cmd." ".$v_user." json", $output, $return_var);
     if ( $return_var == 0 ) {
         $data = json_decode(implode('', $output), true);
-        $rkey = $data[$user]['RKEY'];
-        $fname = $data[$user]['FNAME'];
-        $lname = $data[$user]['LNAME'];
-        $contact = $data[$user]['CONTACT'];
-        $to = $data[$user]['CONTACT'];
-        $subject = __('MAIL_RESET_SUBJECT',date("Y-m-d H:i:s"));
-        $hostname = exec('hostname');
-        $from = __('MAIL_FROM',$hostname);
-        if (!empty($fname)) {
-            $mailtext = __('GREETINGS_GORDON_FREEMAN',$fname,$lname);
-        } else {
-            $mailtext = __('GREETINGS');
-        }
-        $mailtext .= __('PASSWORD_RESET_REQUEST',$hostname.":".$_SERVER['SERVER_PORT'],$user,$rkey,$hostname.":".$_SERVER['SERVER_PORT'],$user,$rkey);
-        if (!empty($rkey)) send_email($to, $subject, $mailtext, $from);
         unset($output);
+        exec("/usr/bin/sudo /usr/local/vesta/bin/v-get-user-value ".$v_user." RKEYEXP", $output, $return_var);
+        $rkeyexp = trim(implode('', $output));
+        if (strlen($rkeyexp)>9) $rkeyexp=intval($rkeyexp);
+        unset($output);
+        if ($rkeyexp === null || $rkeyexp < time() - 900) {
+            if ($email == $data[$user]['CONTACT']) {
+                exec("/usr/bin/sudo /usr/local/vesta/bin/v-change-user-rkey ".$v_user, $output, $return_var);
+                unset($output);
+                $CMD="/usr/bin/sudo /usr/local/vesta/bin/v-get-user-value ".$v_user." RKEY";
+                exec($CMD, $output, $return_var);
+                $rkey = trim(implode('', $output));
+                //unset($output);
+                //echo $rkey; exit;
+                //echo $CMD."\n
";
+                //var_dump($rkey); exit;
+                $fname = $data[$user]['FNAME'];
+                $lname = $data[$user]['LNAME'];
+                $contact = $data[$user]['CONTACT'];
+                $to = $data[$user]['CONTACT'];
+                $subject = __('MAIL_RESET_SUBJECT',date("Y-m-d H:i:s"));
+                $hostname = exec('hostname');
+                $from = __('MAIL_FROM',$hostname);
+                if (!empty($fname)) {
+                    $mailtext = __('GREETINGS_GORDON_FREEMAN',$fname,$lname);        
+                } else {
+                    $mailtext = __('GREETINGS');
+                }
+                $mailtext .= __('PASSWORD_RESET_REQUEST',$hostname.":".$_SERVER['SERVER_PORT'],$user,$rkey,$hostname.":".$_SERVER['SERVER_PORT'],$user,$rkey);
+                if (!empty($rkey)) {
+                    send_email($to, $subject, $mailtext, $from);
+                    header("Location: /reset/?action=code&user=".$_POST['user']);
+                }
+            } else {
+                $ERROR = "".__('User and email not matched')."";
+                exec("/usr/bin/sudo /usr/local/vesta/bin/v-log-failed-login " . $v_user . " " . $v_ip, $output, $return_var);
+            }
+        } else {
+            $ERROR = "".__('Please wait 15 minutes before sending a new request')."";
+        }
+    } else {
+        $ERROR = "".__('User and email not matched')."";
     }
-
-    header("Location: /reset/?action=code&user=".$_POST['user']);
-    exit;
+    unset($output);
 }
 
 if ((!empty($_POST['user'])) && (!empty($_POST['code'])) && (!empty($_POST['password'])) ) {
+
+    // Check token
+    if ((!isset($_REQUEST['token'])) || ($_SESSION['token'] != $_REQUEST['token'])) {
+        die("Wrong token or missing token");
+    }
+
     if ( $_POST['password'] == $_POST['password_confirm'] ) {
         $v_user = escapeshellarg($_POST['user']);
         $user = $_POST['user'];
@@ -47,26 +85,42 @@ if ((!empty($_POST['user'])) && (!empty($_POST['code'])) && (!empty($_POST['pass
         exec ($cmd." ".$v_user." json", $output, $return_var);
         if ( $return_var == 0 ) {
             $data = json_decode(implode('', $output), true);
+            unset($output);
             $rkey = $data[$user]['RKEY'];
             if (hash_equals($rkey, $_POST['code'])) {
-                $v_password = tempnam("/tmp","vst");
-                $fp = fopen($v_password, "w");
-                fwrite($fp, $_POST['password']."\n");
-                fclose($fp);
-                $cmd="/usr/bin/sudo /usr/local/vesta/bin/v-change-user-password";
-                exec ($cmd." ".$v_user." ".$v_password, $output, $return_var);
-                unlink($v_password);
-                if ( $return_var > 0 ) {
-                    $ERROR = "".__('An internal error occurred')."";
+                unset($output);
+                exec("/usr/bin/sudo /usr/local/vesta/bin/v-get-user-value ".$v_user." RKEYEXP", $output, $return_var);
+                $rkeyexp = trim(implode('', $output));
+                if (strlen($rkeyexp)>9) $rkeyexp=intval($rkeyexp);
+                unset($output);
+                if ($rkeyexp > time() - 900) {
+                    $v_password = tempnam("/tmp","vst");
+                    $fp = fopen($v_password, "w");
+                    fwrite($fp, $_POST['password']."\n");
+                    fclose($fp);
+                    $cmd="/usr/bin/sudo /usr/local/vesta/bin/v-change-user-password";
+                    exec ($cmd." ".$v_user." ".$v_password, $output, $return_var);
+                    unlink($v_password);
+                    if ( $return_var > 0 ) {
+                        sleep(5);
+                        $ERROR = "".__('An internal error occurred')."";
+                    } else {
+                        $_SESSION['user'] = $_POST['user'];
+                        header("Location: /");
+                        exit;
+                    }
                 } else {
-                    $_SESSION['user'] = $_POST['user'];
-                    header("Location: /");
-                    exit;
+                    sleep(5);
+                    $ERROR = "".__('Code has been expired')."";
+                    exec("/usr/bin/sudo /usr/local/vesta/bin/v-log-failed-login " . $v_user . " " . $v_ip, $output, $return_var);
                 }
             } else {
+                sleep(5);
                 $ERROR = "".__('Invalid username or code')."";
+                exec("/usr/bin/sudo /usr/local/vesta/bin/v-log-failed-login " . $v_user . " " . $v_ip, $output, $return_var);
             }
         } else {
+            sleep(5);
             $ERROR = "".__('Invalid username or code')."";
         }
     } else {
diff --git a/web/templates/reset_1.html b/web/templates/reset_1.html
index b48f3706..87c9235a 100644
--- a/web/templates/reset_1.html
+++ b/web/templates/reset_1.html
@@ -5,13 +5,14 @@
                         

                             
                                 
-                                    
+                                    
                                 
                                 
                                     
                                         
@@ -25,9 +26,19 @@
                                                     
+                                            
+                                                
+                                            
+                                            
+                                                
+                                            
@@ -39,7 +50,7 @@
                                 
diff --git a/web/templates/reset_2.html b/web/templates/reset_2.html
index 58c3b94f..94fd9fea 100644
--- a/web/templates/reset_2.html
+++ b/web/templates/reset_2.html
@@ -5,13 +5,14 @@
                         
                                             
                                             
+                                                
                                                 
                                             
                                             
                                                 
                                             
+                                                    
+                                                

+                                                    
+                                                
                                             
                                                 
-                                                    
+                                                    
                                                     
                                                 
                                             

                                     
                                         
-                                        vestacp.com
+                                        myvestacp.com
                                     
                                 
                             

                             
                                 
-                                    
+                                    
                                 
                                 
                                     
                                         
@@ -39,7 +40,7 @@
                                 
diff --git a/web/templates/reset_3.html b/web/templates/reset_3.html
index 0cc54bda..3d5ebb9d 100644
--- a/web/templates/reset_3.html
+++ b/web/templates/reset_3.html
@@ -5,7 +5,7 @@
                         
                                             
                                                 
+                                                    
                                                     
                                                 
                                             

                                     
                                         
-                                        vestacp.com
+                                        myvestacp.com
                                     
                                 
                             
@@ -47,7 +48,7 @@
                                 

From 475b7eac6be1a4e7221b0b1cd288fbadaa60c688 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 25 Apr 2022 21:23:02 +0200
Subject: [PATCH 1695/2300] Generating 16 chars password for users

---
 func/main.sh              | 2 +-
 web/js/pages/add_user.js  | 2 +-
 web/js/pages/edit_user.js | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/func/main.sh b/func/main.sh
index 69737c72..9346e918 100644
--- a/func/main.sh
+++ b/func/main.sh
@@ -152,7 +152,7 @@ generate_password() {
         matrix=0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz
     fi
     if [ -z "$lenght" ]; then
-        lenght=10
+        lenght=16
     fi
     i=1
     while [ $i -le $lenght ]; do
diff --git a/web/js/pages/add_user.js b/web/js/pages/add_user.js
index 510ed167..597c869e 100644
--- a/web/js/pages/add_user.js
+++ b/web/js/pages/add_user.js
@@ -7,7 +7,7 @@ $(function() {
 
 randomString = function() {
     var chars = '0123456789ABCDEFGHIJKLMNOPQRSTUVWXTZabcdefghiklmnopqrstuvwxyz';
-    var string_length = 10;
+    var string_length = 16;
     var randomstring = '';
     for (var i = 0; i < string_length; i++) {
         var rnum = Math.floor(Math.random() * chars.length);
diff --git a/web/js/pages/edit_user.js b/web/js/pages/edit_user.js
index 439aeab0..381f4330 100644
--- a/web/js/pages/edit_user.js
+++ b/web/js/pages/edit_user.js
@@ -1,6 +1,6 @@
 function randomString() {
     var chars = '0123456789ABCDEFGHIJKLMNOPQRSTUVWXTZabcdefghiklmnopqrstuvwxyz';
-    var string_length = 10;
+    var string_length = 16;
     var randomstring = '';
     for (var i = 0; i < string_length; i++) {
         var rnum = Math.floor(Math.random() * chars.length);

From da69aaa7aa1d44d85f68b623ea85db48638ca68d Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 25 Apr 2022 22:09:23 +0200
Subject: [PATCH 1696/2300] Update v-log-failed-login

---
 bin/v-log-failed-login | 1 +
 1 file changed, 1 insertion(+)

diff --git a/bin/v-log-failed-login b/bin/v-log-failed-login
index 76bfd36a..c164d060 100644
--- a/bin/v-log-failed-login
+++ b/bin/v-log-failed-login
@@ -29,3 +29,4 @@ echo "$date $time $user $ip failed to login" >> $VESTA/log/auth.log
 #----------------------------------------------------------#
 
 exit 0
+

From 822541d1c57d5926111e8b291a41fdb5a13f6377 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 25 Apr 2022 22:12:19 +0200
Subject: [PATCH 1697/2300] Delete v-log-failed-login

---
 bin/v-log-failed-login | 32 --------------------------------
 1 file changed, 32 deletions(-)
 delete mode 100644 bin/v-log-failed-login

diff --git a/bin/v-log-failed-login b/bin/v-log-failed-login
deleted file mode 100644
index c164d060..00000000
--- a/bin/v-log-failed-login
+++ /dev/null
@@ -1,32 +0,0 @@
-#!/bin/bash
-# info: log failed login attempt
-# options: USER [IP]
-#
-# The function log failed login attempt
-
-
-#----------------------------------------------------------#
-#                    Variable&Function                     #
-#----------------------------------------------------------#
-
-# Argument definition
-user=$1
-ip=${2-127.0.0.1}
-
-time_n_date=$(date +'%T %F')
-time=$(echo "$time_n_date" |cut -f 1 -d \ )
-date=$(echo "$time_n_date" |cut -f 2 -d \ )
-
-
-#----------------------------------------------------------#
-#                           Action                         #
-#----------------------------------------------------------#
-
-echo "$date $time $user $ip failed to login" >> $VESTA/log/auth.log
-
-#----------------------------------------------------------#
-#                       Vesta                              #
-#----------------------------------------------------------#
-
-exit 0
-

From fca4ca66d4755ea566e2fa26a75689c323fa7e44 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 25 Apr 2022 22:13:46 +0200
Subject: [PATCH 1698/2300] Delete v-change-user-rkey

---
 bin/v-change-user-rkey | 60 ------------------------------------------
 1 file changed, 60 deletions(-)
 delete mode 100644 bin/v-change-user-rkey

diff --git a/bin/v-change-user-rkey b/bin/v-change-user-rkey
deleted file mode 100644
index 6a11eed2..00000000
--- a/bin/v-change-user-rkey
+++ /dev/null
@@ -1,60 +0,0 @@
-#!/bin/bash
-# info: change user rkey
-# options: USER
-#
-# The function changes user's RKEY value.
-
-
-#----------------------------------------------------------#
-#                    Variable&Function                     #
-#----------------------------------------------------------#
-
-# Argument definition
-user=$1
-
-# Includes
-source $VESTA/func/main.sh
-source $VESTA/conf/vesta.conf
-
-
-#----------------------------------------------------------#
-#                    Verifications                         #
-#----------------------------------------------------------#
-
-if [ "$user" = "root" ]; then
-    check_result $E_FORBIDEN "Changing root password is forbiden"
-fi
-
-check_args '1' "$#" 'USER'
-is_format_valid 'user'
-is_object_valid 'user' 'USER' "$user"
-is_object_unsuspended 'user' 'USER' "$user"
-
-
-#----------------------------------------------------------#
-#                       Action                             #
-#----------------------------------------------------------#
-
-hash=$(generate_password)
-d=$(date +%s)
-
-# Changing RKEY value
-update_user_value "$user" '$RKEY' "$hash"
-
-#check if RKEYEXP exists
-if [ -z "$(grep RKEYEXP $USER_DATA/user.conf)" ]; then
-    sed -i "s/^RKEY/RKEYEXP='$d'\nRKEY/g" $USER_DATA/user.conf
-else
-    update_user_value "$user" '$RKEYEXP' "$d"
-fi
-
-
-#----------------------------------------------------------#
-#                       Vesta                              #
-#----------------------------------------------------------#
-
-# Logging
-log_history "changed rkey"
-log_event "$OK" "$ARGUMENTS"
-
-exit

From 74e9dd4abf6f5137e44944b02fdc501f335bfa8b Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 25 Apr 2022 22:16:34 +0200
Subject: [PATCH 1699/2300] Linux EOL in v-log-failed-login and
 v-change-user-rkey

---
 bin/v-change-user-rkey | 60 ++++++++++++++++++++++++++++++++++++++++++
 bin/v-log-failed-login | 31 ++++++++++++++++++++++
 2 files changed, 91 insertions(+)
 create mode 100644 bin/v-change-user-rkey
 create mode 100644 bin/v-log-failed-login

diff --git a/bin/v-change-user-rkey b/bin/v-change-user-rkey
new file mode 100644
index 00000000..38777e4c
--- /dev/null
+++ b/bin/v-change-user-rkey
@@ -0,0 +1,60 @@
+#!/bin/bash
+# info: change user rkey
+# options: USER
+#
+# The function changes user's RKEY value.
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument definition
+user=$1
+
+# Includes
+source $VESTA/func/main.sh
+source $VESTA/conf/vesta.conf
+
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+if [ "$user" = "root" ]; then
+    check_result $E_FORBIDEN "Changing root password is forbiden"
+fi
+
+check_args '1' "$#" 'USER'
+is_format_valid 'user'
+is_object_valid 'user' 'USER' "$user"
+is_object_unsuspended 'user' 'USER' "$user"
+
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+hash=$(generate_password)
+d=$(date +%s)
+
+# Changing RKEY value
+update_user_value "$user" '$RKEY' "$hash"
+
+#check if RKEYEXP exists
+if [ -z "$(grep RKEYEXP $USER_DATA/user.conf)" ]; then
+    sed -i "s/^RKEY/RKEYEXP='$d'\nRKEY/g" $USER_DATA/user.conf
+else
+    update_user_value "$user" '$RKEYEXP' "$d"
+fi
+
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+# Logging
+log_history "changed rkey"
+log_event "$OK" "$ARGUMENTS"
+
+exit
diff --git a/bin/v-log-failed-login b/bin/v-log-failed-login
new file mode 100644
index 00000000..66b9b808
--- /dev/null
+++ b/bin/v-log-failed-login
@@ -0,0 +1,31 @@
+#!/bin/bash
+# info: log failed login attempt
+# options: USER [IP]
+#
+# The function log failed login attempt
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument definition
+user=$1
+ip=${2-127.0.0.1}
+
+time_n_date=$(date +'%T %F')
+time=$(echo "$time_n_date" |cut -f 1 -d \ )
+date=$(echo "$time_n_date" |cut -f 2 -d \ )
+
+
+#----------------------------------------------------------#
+#                           Action                         #
+#----------------------------------------------------------#
+
+echo "$date $time $user $ip failed to login" >> $VESTA/log/auth.log
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+exit 0

From 1c4cce181a6a9377b267583e5ebe74a0523a735a Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 25 Apr 2022 22:34:33 +0200
Subject: [PATCH 1700/2300] Making sure yescrypt is disabled

---
 src/deb/vesta/postinst | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index e2a1219c..565047f1 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -25,6 +25,12 @@ fi
 echo "1" > /usr/local/vesta/data/upgrades/show_changelog
 chmod a=rw /usr/local/vesta/data/upgrades/show_changelog
 
+
+# Making sure yescrypt is disabled
+if [ "$release" -eq 11 ]; then
+    sed -i "s/yescrypt/sha512/g" /etc/pam.d/common-password
+fi
+
 # Checking if FreshClam is started after installation
 if [ ! -f "/usr/local/vesta/data/upgrades/freshclam_start" ]; then
     clamavup=$(/usr/local/vesta/bin/v-list-sys-services | grep 'clamav-daemon' | grep -c 'running')

From d98d67d5a13f3ec18be234efe75c9770e4ebc51d Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 25 Apr 2022 22:39:52 +0200
Subject: [PATCH 1701/2300] Update Changelog.md

---
 Changelog.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/Changelog.md b/Changelog.md
index a25b40bc..9c98c282 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -1,3 +1,9 @@
+Version 0.9.8-26-55 [26-Apr-2022]
+==================================================
+* Support for MySQL 8
+* Preventing brute-force resetting password
+* Many minor bugfixes
+
 Version 0.9.8-26-54 [17-Dec-2021]
 ==================================================
 * Checking if FreshClam is started after installation

From 247dce94f80c07469e24660ed9e3d8e927e34498 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 25 Apr 2022 22:41:53 +0200
Subject: [PATCH 1702/2300] Version 0.9.8-26-55

---
 src/deb/latest.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/latest.txt b/src/deb/latest.txt
index 2c883b97..f9160904 100644
--- a/src/deb/latest.txt
+++ b/src/deb/latest.txt
@@ -1 +1 @@
-vesta-0.9.8-26-54
+vesta-0.9.8-26-55

From f2809eeb6775da02d63f1a763a49a67326a27150 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 25 Apr 2022 23:38:47 +0200
Subject: [PATCH 1703/2300] Update Changelog.md

---
 Changelog.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Changelog.md b/Changelog.md
index 9c98c282..819eea8c 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -1,7 +1,7 @@
 Version 0.9.8-26-55 [26-Apr-2022]
 ==================================================
 * Support for MySQL 8
-* Preventing brute-force resetting password
+* Preventing brute-force resetting password  (thanks to HestiaCP @hestiacp for fix)
 * Many minor bugfixes
 
 Version 0.9.8-26-54 [17-Dec-2021]

From 3a688f33fac01ee2c75c8243598f2f4a9d46d79e Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 7 May 2022 12:45:33 +0200
Subject: [PATCH 1704/2300] Update vst-install-debian.sh

---
 install/vst-install-debian.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 2dbd2c11..6f9410e4 100755
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1610,7 +1610,7 @@ fi
 # Vesta data sessions permissions
 chown admin:admin $VESTA/data/sessions
 
-echo "== Configuring system ips"
+echo "== Configuring system ips (this can take a few minutes, relax)"
 $VESTA/bin/v-update-sys-ip
 
 echo "== Get main ip"

From aeb210433f28d19b4871750f40e3fcecfdd62419 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 7 May 2022 14:23:11 +0200
Subject: [PATCH 1705/2300] conf/mariadb_installed and conf/mysql8_installed

---
 install/vst-install-debian.sh | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 6f9410e4..8e87f737 100755
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1207,6 +1207,14 @@ fi
 #----------------------------------------------------------#
 
 if [ "$mysql" = 'yes' ] || [ "$mysql8" = 'yes' ]; then
+
+    if [ "$mysql" = 'yes' ]; then
+        touch $VESTA/conf/mariadb_installed
+    fi
+    if [ "$mysql8" = 'yes' ]; then
+        touch $VESTA/conf/mysql8_installed
+    fi
+
     if [ "$mysql" = 'yes' ]; then
         echo "=== Configure MariaDB"
         mycnf="my-small.cnf"

From 18e42c954060377ca53e9ef80702eb5ccc9a31a5 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 7 May 2022 21:11:10 +0200
Subject: [PATCH 1706/2300] exim4.conf.template-RC

---
 install/debian/11/exim/exim4.conf.template-RC | 440 ++++++++++++++++++
 1 file changed, 440 insertions(+)
 create mode 100644 install/debian/11/exim/exim4.conf.template-RC

diff --git a/install/debian/11/exim/exim4.conf.template-RC b/install/debian/11/exim/exim4.conf.template-RC
new file mode 100644
index 00000000..9c5fc671
--- /dev/null
+++ b/install/debian/11/exim/exim4.conf.template-RC
@@ -0,0 +1,440 @@
+######################################################################
+#                                                                    #
+#          Exim configuration file for Vesta Control Panel           #
+#                                                                    #
+######################################################################
+
+#SPAMASSASSIN = yes
+#SPAM_SCORE = 50
+#CLAMD =  yes
+
+disable_ipv6=true
+add_environment=<; PATH=/bin:/usr/bin
+keep_environment=
+
+#local_interfaces =  0.0.0.0
+#smtp_active_hostname = ${lookup{$interface_address}lsearch{/etc/exim4/virtual/helo_data}{$value}}
+#smtp_banner = "$smtp_active_hostname ESMTP $tod_full"
+
+domainlist local_domains = dsearch;/etc/exim4/domains/
+domainlist relay_to_domains = dsearch;/etc/exim4/domains/
+hostlist relay_from_hosts = 127.0.0.1
+hostlist whitelist = net-iplsearch;/etc/exim4/white-blocks.conf
+hostlist spammers = net-iplsearch;/etc/exim4/spam-blocks.conf
+no_local_from_check
+untrusted_set_sender = *
+acl_smtp_connect = acl_check_spammers
+acl_smtp_mail = acl_check_mail
+acl_smtp_rcpt = acl_check_rcpt
+acl_smtp_data = acl_check_data
+acl_smtp_mime = acl_check_mime
+
+LIMIT_PER_EMAIL_ACCOUNT_MAX_RECIPIENTS = 15
+LIMIT_PER_HOSTING_ACCOUNT_MAX_RECIPIENTS = 5
+LIMIT_PER_EMAIL_ACCOUNT_MAX_SENT_EMAILS_PER_HOUR = 40
+LIMIT_PER_HOSTING_ACCOUNT_MAX_SENT_EMAILS_PER_HOUR = 40
+
+recipients_max = 150
+recipients_max_reject = true
+
+# log_selector = +smtp_connection
+smtp_accept_max = 50
+smtp_accept_max_per_host = 4
+
+.ifdef SPAMASSASSIN
+spamd_address = 127.0.0.1 783
+.endif
+
+.ifdef CLAMD
+av_scanner = clamd: /var/run/clamav/clamd.ctl
+.endif
+
+tls_advertise_hosts = *
+tls_certificate = /usr/local/vesta/ssl/$received_ip_address.crt
+tls_privatekey = /usr/local/vesta/ssl/$received_ip_address.key
+
+daemon_smtp_ports = 25 : 465 : 587 : 2525
+tls_on_connect_ports = 465
+never_users = root
+host_lookup = *
+rfc1413_hosts = *
+rfc1413_query_timeout = 0s
+ignore_bounce_errors_after = 2d
+timeout_frozen_after = 7d
+
+DKIM_DOMAIN = ${lc:${domain:$h_from:}}
+DKIM_FILE = /etc/exim4/domains/${lookup{${lc:${domain:$h_from:}}}dsearch{/etc/exim4/domains/}}/dkim.pem
+DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}
+
+
+
+######################################################################
+#                       ACL CONFIGURATION                            #
+#         Specifies access control lists for incoming SMTP mail      #
+######################################################################
+
+acl_not_smtp = acl_not_smtp
+
+begin acl
+
+acl_not_smtp:
+  deny message = Too many recipients, limit is $acl_c_max_recipients recipients
+  set acl_c_max_recipients=${lookup{$authenticated_id}lsearch{/etc/exim4/limit_per_hosting_account_max_recipients}{$value}{LIMIT_PER_HOSTING_ACCOUNT_MAX_RECIPIENTS}}
+  condition = ${if >{$rcpt_count}{$acl_c_max_recipients}}
+
+  deny message = Hosting account is sending too much emails [limitlog]: deny / account / $authenticated_id / $sender_rate / $sender_rate_period [limit=$acl_c_limit_per_hour]
+  set acl_c_limit_per_hour=${lookup{$authenticated_id}lsearch{/etc/exim4/limit_per_hosting_account_max_sent_emails_per_hour}{$value}{LIMIT_PER_HOSTING_ACCOUNT_MAX_SENT_EMAILS_PER_HOUR}}
+  ratelimit = $acl_c_limit_per_hour / 1h / $authenticated_id
+
+  warn ratelimit = 0 / 1h / strict / $authenticated_id
+  set acl_c_limit_per_hour=${lookup{$authenticated_id}lsearch{/etc/exim4/limit_per_hosting_account_max_sent_emails_per_hour}{$value}{LIMIT_PER_HOSTING_ACCOUNT_MAX_SENT_EMAILS_PER_HOUR}}
+  log_message = Sender rate [limitlog]: log / account / $authenticated_id / $sender_rate / $sender_rate_period [limit=$acl_c_limit_per_hour]
+
+  warn    set acl_m3    = yes
+
+  accept
+
+acl_check_spammers:
+  accept  hosts         = +whitelist
+
+  drop    message       = Your host in blacklist on this server.
+          log_message   = Host in blacklist
+          hosts         = +spammers
+
+  accept
+
+
+acl_check_mail:
+  deny    condition     = ${if eq{$sender_helo_name}{}}
+          message       = HELO required before MAIL
+
+  drop    message       = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid
+          condition     = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}}
+          condition     = ${if match{${lc:$sender_host_name}}{.telenor.rs}{false}{true}}
+          condition     = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}}
+          delay         = 45s
+
+  drop    condition     = ${if isip{$sender_helo_name}}
+          message       = Access denied - Invalid HELO name (See RFC2821 4.1.3)
+
+  drop    condition     = ${if eq{[$interface_address]}{$sender_helo_name}}
+          message       = $interface_address is _my_ address
+
+  accept
+
+
+acl_check_rcpt:
+  accept  hosts         = :
+
+  deny message = Too many recipients, limit is $acl_c_max_recipients recipients
+  set acl_c_max_recipients=${lookup{$authenticated_id}lsearch{/etc/exim4/limit_per_email_account_max_recipients}{$value}{LIMIT_PER_EMAIL_ACCOUNT_MAX_RECIPIENTS}}
+  condition = ${if >{$rcpt_count}{$acl_c_max_recipients}}
+
+  deny message = Email account is sending too much emails [limitlog]: deny / email / $authenticated_id / $sender_rate / $sender_rate_period [limit=$acl_c_limit_per_hour]
+  set acl_c_limit_per_hour=${lookup{$authenticated_id}lsearch{/etc/exim4/limit_per_email_account_max_sent_emails_per_hour}{$value}{LIMIT_PER_EMAIL_ACCOUNT_MAX_SENT_EMAILS_PER_HOUR}}
+  ratelimit = $acl_c_limit_per_hour / 1h / $authenticated_id
+
+  warn ratelimit = 0 / 1h / strict / $authenticated_id
+  set acl_c_limit_per_hour=${lookup{$authenticated_id}lsearch{/etc/exim4/limit_per_email_account_max_sent_emails_per_hour}{$value}{LIMIT_PER_EMAIL_ACCOUNT_MAX_SENT_EMAILS_PER_HOUR}}
+  log_message = Sender rate [limitlog]: log / email / $authenticated_id / $sender_rate / $sender_rate_period [limit=$acl_c_limit_per_hour]
+
+  warn    set acl_m3    = no
+  
+  deny    message       = Restricted characters in address
+          domains       = +local_domains
+          local_parts   = ^[.] : ^.*[@%!/|]
+
+  deny    message       = Restricted characters in address
+          domains       = !+local_domains
+          local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
+
+  require verify        = sender
+
+  accept  hosts         = +relay_from_hosts
+          control       = submission
+
+  accept  authenticated = *
+          control       = submission/domain=
+
+  deny    message       = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
+          hosts         = !+whitelist
+          dnslists      = ${readfile {/etc/exim4/dnsbl.conf}{:}}
+
+  require message       = relay not permitted
+          domains       = +local_domains : +relay_to_domains
+
+  deny    message       = smtp auth requried
+         sender_domains = +local_domains
+         !authenticated = *
+
+  require verify        = recipient
+
+.ifdef CLAMD
+  warn    set acl_m0    = no
+
+  warn    condition     = ${if exists {/etc/exim4/domains/$domain/antivirus}{yes}{no}}
+          set acl_m0    = yes
+.endif
+
+.ifdef SPAMASSASSIN
+  warn    set acl_m1    = no
+
+  warn    condition     = ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}}
+          set acl_m1    = yes
+.endif
+
+  accept
+
+
+acl_check_data:
+
+  deny senders = /etc/exim4/deny_senders
+
+.ifdef CLAMD
+  deny   message        = Message contains a virus ($malware_name) and has been rejected
+         malware        = */defer_ok
+         condition      = ${if eq{$acl_m0}{yes}{yes}{no}}
+.endif
+
+.ifdef SPAMASSASSIN
+  warn   !authenticated = *
+         hosts          = !+relay_from_hosts
+         condition      = ${if < {$message_size}{600K}}
+         condition      = ${if eq{$acl_m1}{yes}{yes}{no}}
+         spam           = nobody:true/defer_ok
+         add_header     = X-Spam-Score: $spam_score_int
+         add_header     = X-Spam-Bar: $spam_bar
+         add_header     = X-Spam-Report: $spam_report
+         set acl_m2     = $spam_score_int
+
+  warn   condition      = ${if !eq{$acl_m2}{} {yes}{no}}
+         condition      = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}}
+         add_header     = X-Spam-Status: Yes
+         message        = SpamAssassin detected spam (from $sender_address to $recipients).
+.endif
+
+  accept
+
+
+acl_check_mime:
+  deny   message        = Blacklisted file extension detected
+         condition      = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh|\.jar)$\N}{1}{0}}
+
+  accept
+
+
+
+######################################################################
+#                   AUTHENTICATION CONFIGURATION                     #
+######################################################################
+begin authenticators
+
+dovecot_plain:
+  driver = dovecot
+  public_name = PLAIN
+  server_socket = /var/run/dovecot/auth-client
+  server_set_id = $auth1
+
+dovecot_login:
+  driver = dovecot
+  public_name = LOGIN
+  server_socket = /var/run/dovecot/auth-client
+  server_set_id = $auth1
+
+
+
+######################################################################
+#                      ROUTERS CONFIGURATION                         #
+#               Specifies how addresses are handled                  #
+######################################################################
+begin routers
+
+#smarthost:
+#  driver = manualroute
+#  domains = ! +local_domains
+#  transport = remote_smtp
+#  route_list = * smartrelay.vestacp.com
+#  no_more
+#  no_verify
+
+dnslookup:
+  driver = dnslookup
+  domains = !+local_domains
+  transport = remote_smtp
+  no_more
+
+localuser_spam:
+  driver = accept
+  transport = local_spam_delivery
+  condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}{yes}{no_such_user}}}}
+
+userforward:
+  driver = redirect
+  check_local_user
+  file = $home/.forward
+  require_files = ${local_part}:+${home}/.forward
+  domains = +local_domains
+  allow_filter
+  no_verify
+  no_expn
+  check_ancestor
+  file_transport = address_file
+  pipe_transport = address_pipe
+  reply_transport = address_reply
+
+procmail:
+  driver = accept
+  check_local_user
+  require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail
+  transport = procmail
+  no_verify
+
+autoreplay:
+  driver = accept
+  require_files = /etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/autoreply.${local_part}.msg
+  condition = ${if exists{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/autoreply.${local_part}.msg}{yes}{no}}
+  retry_use_local_part
+  transport = userautoreply
+  unseen
+
+aliases:
+  driver = redirect
+  headers_add = X-redirected: yes
+  data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/aliases}}}}
+  require_files = /etc/exim4/domains/$domain/aliases
+  redirect_router = dnslookup
+  pipe_transport = address_pipe
+  unseen
+
+localuser_fwd_only:
+  driver = accept
+  transport = devnull
+  condition = ${if exists{/etc/exim4/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/fwd_only}{true}{false}}}}
+
+localuser:
+  driver = accept
+  transport = local_delivery
+  condition = ${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}{true}{false}}
+
+catchall:
+  driver = redirect
+  headers_add = X-redirected: yes
+  require_files = /etc/exim4/domains/$domain/aliases
+  data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/aliases}}}}
+  file_transport = local_delivery
+  redirect_router = dnslookup
+
+terminate_alias:
+  driver = accept
+  transport = devnull
+  condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/aliases}{true}{false}}
+
+
+
+######################################################################
+#                      TRANSPORTS CONFIGURATION                      #
+######################################################################
+begin transports
+
+remote_smtp:
+  driver = smtp
+  #interface = ${if eq{$acl_m3}{yes}{FIRSTIP}{${lookup{$sender_address_domain}lsearch{/etc/exim4/virtual/interfaces} {$value}{SECONDIP}}}}
+  #helo_data = "${if eq{$acl_m3}{yes}{FIRSTHOST}{${lookup{$sending_ip_address}lsearch{/etc/exim4/virtual/helo_data}{$value}{SECONDHOST}}}}"
+  dkim_domain = DKIM_DOMAIN
+  dkim_selector = mail
+  dkim_private_key = DKIM_PRIVATE_KEY
+  dkim_canon = relaxed
+  dkim_strict = 0
+  hosts_try_chunking = !93.188.3.0/24
+
+procmail:
+  driver = pipe
+  command = "/usr/bin/procmail -d $local_part"
+  return_path_add
+  delivery_date_add
+  envelope_to_add
+  user = $local_part
+  initgroups
+  return_output
+
+local_delivery:
+  driver = appendfile
+  maildir_format
+  maildir_use_size_file
+  user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}
+  group = mail
+  create_directory
+  directory_mode = 770
+  mode = 660
+  use_lockfile = no
+  delivery_date_add
+  envelope_to_add
+  return_path_add
+  directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim4/domains/}}/${lookup{$local_part}dsearch{${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim4/domains/}}}}"
+  quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}M
+  quota_warn_threshold = 75%
+
+local_spam_delivery:
+  driver = appendfile
+  maildir_format
+  maildir_use_size_file
+  user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}
+  group = mail
+  create_directory
+  directory_mode = 770
+  mode = 660
+  use_lockfile = no
+  delivery_date_add
+  envelope_to_add
+  return_path_add
+  directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim4/domains/}}/${lookup{$local_part}dsearch{${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim4/domains/}}}}/.Spam"
+  quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}M
+  quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim4/domains/}}/${lookup{$local_part}dsearch{${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim4/domains/}}}}"
+  quota_warn_threshold = 75%
+
+address_pipe:
+  driver = pipe
+  return_output
+
+address_file:
+  driver = appendfile
+  delivery_date_add
+  envelope_to_add
+  return_path_add
+
+address_reply:
+  driver = autoreply
+
+userautoreply:
+  driver = autoreply
+  file = /etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/autoreply.${extract{1}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/accounts}}}}.msg
+  from = "${extract{1}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/accounts}}}}@${lookup{$domain}dsearch{/etc/exim4/domains/}}"
+  headers = Content-Type: text/plain; charset=utf-8;\nContent-Transfer-Encoding: 8bit
+  subject = "${if def:h_Subject: {Autoreply: \"${rfc2047:$h_Subject:}\"} {Autoreply Message}}"
+  to = "${sender_address}"
+
+devnull:
+  driver = appendfile
+  file = /dev/null
+
+
+
+######################################################################
+#                      RETRY CONFIGURATION                           #
+######################################################################
+begin retry
+
+# Address or Domain    Error       Retries
+# -----------------    -----       -------
+*                      *           F,2h,15m; G,16h,1h,1.5; F,4d,6h
+
+
+
+######################################################################
+#                      REWRITE CONFIGURATION                         #
+######################################################################
+begin rewrite
+
+
+
+######################################################################

From f49479043f1894dd448b13a7c5054157d3d2f235 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 7 May 2022 21:39:40 +0200
Subject: [PATCH 1707/2300] Update v-make-separated-ip-for-email

---
 bin/v-make-separated-ip-for-email | 39 ++++++++++++++++++++++++-------
 1 file changed, 31 insertions(+), 8 deletions(-)

diff --git a/bin/v-make-separated-ip-for-email b/bin/v-make-separated-ip-for-email
index 6ede0d04..6ca4343b 100644
--- a/bin/v-make-separated-ip-for-email
+++ b/bin/v-make-separated-ip-for-email
@@ -137,18 +137,41 @@ $VESTA/bin/v-make-ip-ssl "$MAIL_USER" "$MAIL_HOSTNAME"
 check_grep=$(grep -c 'smtp_active_hostname' /etc/exim4/exim4.conf.template)
 if [ "$check_grep" -eq 0 ]; then
     echo "=== patching exim4.conf.template"
-    patch /etc/exim4/exim4.conf.template < /usr/local/vesta/src/deb/for-download/tools/patches/separate-mail-ip.patch
+    mv /etc/exim4/exim4.conf.template /etc/exim4/exim4.conf.template-backup
+    cp /usr/local/vesta/install/debian/11/exim/exim4.conf.template-RC /etc/exim4/exim4.conf.template
+    sed -i "s|FIRSTIP|$HOST_IP|g" /etc/exim4/exim4.conf.template
+    sed -i "s|SECONDIP|$MAIL_IP|g" /etc/exim4/exim4.conf.template
+    sed -i "s|FIRSTHOST|$HOSTNAME|g" /etc/exim4/exim4.conf.template
+    sed -i "s|SECONDHOST|$MAIL_HOSTNAME|g" /etc/exim4/exim4.conf.template
+    sed -i "s|#local_interfaces|local_interfaces|g" /etc/exim4/exim4.conf.template
+    sed -i "s|#smtp_active_hostname|smtp_active_hostname|g" /etc/exim4/exim4.conf.template
+    sed -i "s|#smtp_banner|smtp_banner|g" /etc/exim4/exim4.conf.template
+    sed -i "s|#interface =|interface =|g" /etc/exim4/exim4.conf.template
+    sed -i "s|#helo_data =|helo_data =|g" /etc/exim4/exim4.conf.template
+    touch /etc/exim4/limit_per_email_account_max_sent_emails_per_hour
+    touch /etc/exim4/limit_per_email_account_max_recipients
+    touch /etc/exim4/limit_per_hosting_account_max_sent_emails_per_hour
+    touch /etc/exim4/limit_per_hosting_account_max_recipients
+    check_grep=$(grep -c '#SPAMASSASSIN' /etc/exim4/exim4.conf.template-backup)
+    if [ "$check_grep" -eq 0 ]; then
+        sed -i "s|#SPAMASSASSIN|SPAMASSASSIN|g" /etc/exim4/exim4.conf.template
+    fi
+    check_grep=$(grep -c '#SPAM_SCORE' /etc/exim4/exim4.conf.template-backup)
+    if [ "$check_grep" -eq 0 ]; then
+        sed -i "s|#SPAM_SCORE|SPAM_SCORE|g" /etc/exim4/exim4.conf.template
+    fi
+    check_grep=$(grep -c '#CLAMD' /etc/exim4/exim4.conf.template-backup)
+    if [ "$check_grep" -eq 0 ]; then
+        sed -i "s|#CLAMD|CLAMD|g" /etc/exim4/exim4.conf.template
+    fi
+    systemctl restart exim4
     if [ $? -ne 0 ]; then
+        cp /etc/exim4/exim4.conf.template-backup /etc/exim4/exim4.conf.template
+        systemctl restart exim4
         echo "=== Patching failed, aborting"
         exit 1
-    else
-        echo "=== Patching successful"
-        sed -i "s|IP1|$HOST_IP|g" /etc/exim4/exim4.conf.template
-        sed -i "s|IP2|$MAIL_IP|g" /etc/exim4/exim4.conf.template
-        sed -i "s|HOST1|$HOSTNAME|g" /etc/exim4/exim4.conf.template
-        sed -i "s|HOST2|$MAIL_HOSTNAME|g" /etc/exim4/exim4.conf.template
-        service exim4 restart
     fi
+    echo "=== Patching successful"
 else
     echo "=== exim4.conf.template already patched"
 fi

From 23ba131e6978e7bb3fa2b7a5173ebd7d1df93edc Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 7 May 2022 22:21:20 +0200
Subject: [PATCH 1708/2300] Update v-make-separated-ip-for-email

---
 bin/v-make-separated-ip-for-email | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-make-separated-ip-for-email b/bin/v-make-separated-ip-for-email
index 6ca4343b..69c8565b 100644
--- a/bin/v-make-separated-ip-for-email
+++ b/bin/v-make-separated-ip-for-email
@@ -40,7 +40,7 @@ fi
 #                    Verifications                         #
 #----------------------------------------------------------#
 
-check_args '2' "$#" 'MAIL_HOSTNAME MAIL_IP'
+check_args '2' "$#" 'MAIL_HOSTNAME MAIL_IP [NETMASK]'
 is_domain_format_valid "$MAIL_HOSTNAME"
 is_ip_format_valid "$MAIL_IP"
 

From aaf20378b1a2888f81af624e582486ef6507f849 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 8 May 2022 15:59:46 +0200
Subject: [PATCH 1709/2300] Create barracuda.cf

---
 .../for-download/tools/spamassassin/barracuda.cf  | 15 +++++++++++++++
 1 file changed, 15 insertions(+)
 create mode 100644 src/deb/for-download/tools/spamassassin/barracuda.cf

diff --git a/src/deb/for-download/tools/spamassassin/barracuda.cf b/src/deb/for-download/tools/spamassassin/barracuda.cf
new file mode 100644
index 00000000..8d0fada9
--- /dev/null
+++ b/src/deb/for-download/tools/spamassassin/barracuda.cf
@@ -0,0 +1,15 @@
+header IN_BCUDA_RBL rbleval:check_rbl('bcuda', 'b.barracudacentral.org')
+describe IN_BCUDA_RBL Received via a relay listed by Barracuda BRBL
+tflags IN_BCUDA_RBL net
+
+header RCVD_IN_BCUDA_RELAY rbleval:check_rbl_results_for('bcuda', '127.0.0.2')
+describe RCVD_IN_BCUDA_RELAY BCUDA: relay ip is convicted spammer
+tflags RCVD_IN_BCUDA_RELAY net
+
+score RCVD_IN_BCUDA_RBL 1.50
+score RCVD_IN_BCUDA_RELAY 1.50
+
+header IN_BCUDA_HOP rbleval:check_rbl('bcuda-notfirsthop', 'b.barracudacentral.org')
+describe IN_BCUDA_HOP Received via a relay listed by Barracuda BRBL
+tflags IN_BCUDA_HOP net
+score RCVD_IN_BCUDA_HOP 1.50

From d8fb531865e8c899e2f5f9e1ceb90bf643b8f507 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 8 May 2022 16:24:56 +0200
Subject: [PATCH 1710/2300] Update barracuda.cf

---
 src/deb/for-download/tools/spamassassin/barracuda.cf | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/deb/for-download/tools/spamassassin/barracuda.cf b/src/deb/for-download/tools/spamassassin/barracuda.cf
index 8d0fada9..4491d645 100644
--- a/src/deb/for-download/tools/spamassassin/barracuda.cf
+++ b/src/deb/for-download/tools/spamassassin/barracuda.cf
@@ -6,10 +6,10 @@ header RCVD_IN_BCUDA_RELAY rbleval:check_rbl_results_for('bcuda', '127.0.0.2')
 describe RCVD_IN_BCUDA_RELAY BCUDA: relay ip is convicted spammer
 tflags RCVD_IN_BCUDA_RELAY net
 
-score RCVD_IN_BCUDA_RBL 1.50
-score RCVD_IN_BCUDA_RELAY 1.50
+score RCVD_IN_BCUDA_RBL 1.00
+score RCVD_IN_BCUDA_RELAY 3.00
 
 header IN_BCUDA_HOP rbleval:check_rbl('bcuda-notfirsthop', 'b.barracudacentral.org')
 describe IN_BCUDA_HOP Received via a relay listed by Barracuda BRBL
 tflags IN_BCUDA_HOP net
-score RCVD_IN_BCUDA_HOP 1.50
+score RCVD_IN_BCUDA_HOP 1.00

From 360abd80c07a00d9ad7f546f3d2af45bee89b4dd Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 21 May 2022 12:42:29 +0200
Subject: [PATCH 1711/2300] Update v-make-separated-ip-for-email

---
 bin/v-make-separated-ip-for-email | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-make-separated-ip-for-email b/bin/v-make-separated-ip-for-email
index 69c8565b..a26c68e3 100644
--- a/bin/v-make-separated-ip-for-email
+++ b/bin/v-make-separated-ip-for-email
@@ -40,7 +40,7 @@ fi
 #                    Verifications                         #
 #----------------------------------------------------------#
 
-check_args '2' "$#" 'MAIL_HOSTNAME MAIL_IP [NETMASK]'
+check_args '2' "$#" 'MAIL_HOSTNAME MAIL_IP [NETMASK] [INTERFACE]'
 is_domain_format_valid "$MAIL_HOSTNAME"
 is_ip_format_valid "$MAIL_IP"
 

From 93f2a62ee84e0642a472136549fe9a6f10f2b367 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 27 May 2022 23:28:25 +0200
Subject: [PATCH 1712/2300] Fixing insane HTML form bug in Lisr backup details
 page

Without this fix, selecting first item and skiping next item and selecting any other item below, resulted with selected only first item in HTML form array
---
 web/templates/admin/list_backup_detail.html | 46 +++++++++++----------
 1 file changed, 25 insertions(+), 21 deletions(-)

diff --git a/web/templates/admin/list_backup_detail.html b/web/templates/admin/list_backup_detail.html
index 096f5198..b2f378d0 100644
--- a/web/templates/admin/list_backup_detail.html
+++ b/web/templates/admin/list_backup_detail.html
@@ -1,15 +1,18 @@
+
+


+
       
-        
+        
         
           

                             
                                 
-                                    
+                                    
                                 
                                 
                                     
@@ -15,6 +15,7 @@
                                                     
                                                     
                                                     
+                                                    
                                                     
                                                 
                                             

                                     
                                         
-                                        vestacp.com
+                                        myvestacp.com
                                     
                                 
                             

     
-              
             
-                
-                
-              
               
-                
                 
                 
                 
@@ -31,7 +34,7 @@
     
 
 
-    
+    
     
         
       :
@@ -45,11 +48,11 @@
             ++$i;
       ?>
 
-      
+      
         
           
             
-            
+            
           
           
           
@@ -96,11 +99,11 @@
           if (!empty($key)) {
       ?>
 
-      
+      
         
           
             
-            
+            
           
           
           
@@ -144,11 +147,11 @@
           if (!empty($key)) {
       ?>
 
-      
+      
         
           
             
-            
+            
           
           
           
@@ -191,11 +194,11 @@
           if (!empty($key)) {
       ?>
 
-      
+      
         
           
             
-            
+            
           
           
           
@@ -239,11 +242,11 @@
           if (!empty($key)) {
       ?>
 
-      
+      
         
           
             
-            
+            
           
           
           
@@ -287,11 +290,11 @@
           if (!empty($key)) {
       ?>
 
-      
+      
         
           
             
-            
+            
           
           
           
@@ -326,11 +329,11 @@
       
       
 
-      
+      
         
           
             
-            
+            
           
           
           
@@ -388,3 +391,4 @@
         
       
     
+

From c787f2c235c366d1dbf1152ae01a18cbefd52861 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 27 May 2022 23:46:39 +0200
Subject: [PATCH 1713/2300] Adding Barracuda RBL to SpamAssassin

---
 src/deb/vesta/postinst | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index 565047f1..8bda7d8d 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -31,6 +31,21 @@ if [ "$release" -eq 11 ]; then
     sed -i "s/yescrypt/sha512/g" /etc/pam.d/common-password
 fi
 
+# Adding Barracuda RBL to SpamAssassin
+if [ ! -f "/usr/local/vesta/data/upgrades/barracuda_rbl" ]; then
+    spamassassin_installed=$(/usr/local/vesta/bin/v-list-sys-services | grep -c 'spamassassin')
+    spamassassin_running=$(/usr/local/vesta/bin/v-list-sys-services | grep 'spamassassin' | grep -c 'running')
+    if [ $spamassassin_installed -eq 1 ]; then
+        echo "== Adding Barracuda RBL to SpamAssassin"
+        wget -nv -O /etc/spamassassin/barracuda.cf http://c.myvestacp.com/tools/spamassassin/barracuda.cf
+    fi
+    if [ $spamassassin_running -eq 1 ]; then
+        echo "== Restarting SpamAssassin"
+        systemctl restart spamassassin
+    fi
+    touch /usr/local/vesta/data/upgrades/barracuda_rbl
+fi
+
 # Checking if FreshClam is started after installation
 if [ ! -f "/usr/local/vesta/data/upgrades/freshclam_start" ]; then
     clamavup=$(/usr/local/vesta/bin/v-list-sys-services | grep 'clamav-daemon' | grep -c 'running')

From 67ba371722abf9545b53fbc8c2999654a643d60c Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 27 May 2022 23:50:14 +0200
Subject: [PATCH 1714/2300] Barracuda RBL in installer

---
 install/vst-install-debian.sh | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 8e87f737..aa1d043c 100755
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1468,9 +1468,11 @@ if [ "$spamd" = 'yes' ]; then
     echo "=== Configure SpamAssassin"
     #update-rc.d spamassassin defaults
     sed -i "s/ENABLED=0/ENABLED=1/" /etc/default/spamassassin
+    wget -nv -O /etc/spamassassin/barracuda.cf http://c.myvestacp.com/tools/spamassassin/barracuda.cf
     currentservice='spamassassin'
     ensure_startup $currentservice
-    ensure_start $currentservice
+    # ensure_start $currentservice
+    systemctl restart spamassassin
 fi
 
 
@@ -1891,6 +1893,7 @@ touch /usr/local/vesta/data/upgrades/enable-tls-in-proftpd
 touch /usr/local/vesta/data/upgrades/enable_cookie_httponly
 touch /usr/local/vesta/data/upgrades/fix_exim_494_autoreply
 touch /usr/local/vesta/data/upgrades/freshclam_start
+touch /usr/local/vesta/data/upgrades/barracuda_rbl
 
 # Secret URL
 secretquery=''

From 748d42ead7d7a49ba376654e99183ab3e460c374 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 27 May 2022 23:55:58 +0200
Subject: [PATCH 1715/2300] Update Changelog.md

---
 Changelog.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/Changelog.md b/Changelog.md
index 819eea8c..002cd045 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -1,3 +1,9 @@
+Version 0.9.8-26-56 [28-May-2022]
+==================================================
+* Adding Barracuda RBL to SpamAssassin
+* Fixing insane HTML form bug in List backup items page
+* Script for easy adding second IP address for SMTP authenticated users only (v-make-separated-ip-for-email)
+
 Version 0.9.8-26-55 [26-Apr-2022]
 ==================================================
 * Support for MySQL 8

From 8dd8cd07679e8d041cd3c8f24fd264cb9b56ffad Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 27 May 2022 23:57:37 +0200
Subject: [PATCH 1716/2300] Version 0.9.8-26-56

---
 src/deb/latest.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/latest.txt b/src/deb/latest.txt
index f9160904..2a785f14 100644
--- a/src/deb/latest.txt
+++ b/src/deb/latest.txt
@@ -1 +1 @@
-vesta-0.9.8-26-55
+vesta-0.9.8-26-56

From 0f86941e8e507e072a9396fa136770c0403a5e7b Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 4 Jun 2022 19:06:23 +0200
Subject: [PATCH 1717/2300] Fix for Sed Injection Vulnerability

---
 bin/v-change-sys-config-value |  1 +
 func/main.sh                  | 17 +++++++++++++++++
 2 files changed, 18 insertions(+)

diff --git a/bin/v-change-sys-config-value b/bin/v-change-sys-config-value
index 10657656..3681075c 100755
--- a/bin/v-change-sys-config-value
+++ b/bin/v-change-sys-config-value
@@ -28,6 +28,7 @@ PATH="$PATH:/usr/local/sbin:/sbin:/usr/sbin:/root/bin"
 check_args '2' "$#" 'KEY VALUE'
 is_format_valid 'key'
 
+format_no_quotes "$value" 'value'
 
 #----------------------------------------------------------#
 #                       Action                             #
diff --git a/func/main.sh b/func/main.sh
index 9346e918..c4169b01 100644
--- a/func/main.sh
+++ b/func/main.sh
@@ -838,6 +838,22 @@ is_format_valid_shell() {
         exit $E_INVALID	
     fi	
 }
+
+format_no_quotes() {
+    exclude="['|\"]"
+    if [[ "$1" =~ $exclude ]]; then
+       check_result "$E_INVALID" "Invalid $2 contains qoutes (\" or ') :: $1"
+    fi
+    is_no_new_line_format "$1"
+}
+
+is_no_new_line_format() {
+    test=$(echo "$1" | head -n1 );
+    if [[ "$test" != "$1" ]]; then
+      check_result "$E_INVALID" "invalid value :: $1"
+    fi
+}
+
 # Format validation controller
 is_format_valid() {
     for arg_name in $*; do
@@ -846,6 +862,7 @@ is_format_valid() {
             case $arg_name in
                 account)        is_user_format_valid "$arg" "$arg_name";;
                 action)         is_fw_action_format_valid "$arg";;
+                alias)          is_alias_format_valid "$arg" ;;
                 aliases)        is_alias_format_valid "$arg" ;;
                 antispam)       is_boolean_format_valid "$arg" 'antispam' ;;
                 antivirus)      is_boolean_format_valid "$arg" 'antivirus' ;;

From c7aa6ec7494bc3b7ac4885182383c1bf88692c1b Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 6 Jul 2022 12:48:09 +0200
Subject: [PATCH 1718/2300] Fix for Exim4 fastopen with Gmail services
 (Debian11)

---
 install/debian/11/exim/exim4.conf.template | 1 +
 1 file changed, 1 insertion(+)

diff --git a/install/debian/11/exim/exim4.conf.template b/install/debian/11/exim/exim4.conf.template
index a041b329..4b3c0dd9 100644
--- a/install/debian/11/exim/exim4.conf.template
+++ b/install/debian/11/exim/exim4.conf.template
@@ -319,6 +319,7 @@ remote_smtp:
   dkim_private_key = DKIM_PRIVATE_KEY
   dkim_canon = relaxed
   dkim_strict = 0
+  hosts_try_fastopen = !*.l.google.com
   hosts_try_chunking = !93.188.3.0/24
 
 procmail:

From 2598785a755bc59d2691fc17c6bce400ae188641 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 6 Jul 2022 13:25:34 +0200
Subject: [PATCH 1719/2300] Fix for Exim4 fastopen with Gmail services
 (Debian11)

---
 install/debian/11/exim/exim4.conf.template-RC | 1 +
 1 file changed, 1 insertion(+)

diff --git a/install/debian/11/exim/exim4.conf.template-RC b/install/debian/11/exim/exim4.conf.template-RC
index 9c5fc671..605d848a 100644
--- a/install/debian/11/exim/exim4.conf.template-RC
+++ b/install/debian/11/exim/exim4.conf.template-RC
@@ -345,6 +345,7 @@ remote_smtp:
   dkim_private_key = DKIM_PRIVATE_KEY
   dkim_canon = relaxed
   dkim_strict = 0
+  hosts_try_fastopen = !*.l.google.com
   hosts_try_chunking = !93.188.3.0/24
 
 procmail:

From cf8a49f7394e91f4d8ee22040695f7ef0d914122 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 6 Jul 2022 14:38:58 +0200
Subject: [PATCH 1720/2300] Patch for GMail SMTP timeouts

---
 src/deb/vesta/postinst | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index 8bda7d8d..cc798224 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -31,6 +31,24 @@ if [ "$release" -eq 11 ]; then
     sed -i "s/yescrypt/sha512/g" /etc/pam.d/common-password
 fi
 
+# Fixing Gmail hosts_try_fastopen in Exim4
+if [ "$release" -eq 11 ]; then
+	if [ -f "/etc/exim4/exim4.conf.template" ]; then 
+		check_grep=$(grep -c 'hosts_try_fastopen' /etc/exim4/exim4.conf.template)
+		if [ "$check_grep" -eq 0 ]; then
+					echo "=== Fixing Gmail hosts_try_fastopen in Exim4"
+					FIND="dkim_strict = 0"
+					ADD="  hosts_try_fastopen = \!\*.l.google.com"
+					sed -i "s#$FIND#$FIND\n$ADD#g" /etc/exim4/exim4.conf.template
+					systemctl restart exim4
+					
+					sed -i "s/net.ipv4.tcp_window_scaling/#net.ipv4.tcp_window_scaling/g" /etc/sysctl.conf
+					echo 1 > /proc/sys/net/ipv4/tcp_window_scaling
+		fi
+	fi
+fi
+
+
 # Adding Barracuda RBL to SpamAssassin
 if [ ! -f "/usr/local/vesta/data/upgrades/barracuda_rbl" ]; then
     spamassassin_installed=$(/usr/local/vesta/bin/v-list-sys-services | grep -c 'spamassassin')

From 7f1de189dd0181fde52a7db560122f844e2d344e Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 6 Jul 2022 15:08:12 +0200
Subject: [PATCH 1721/2300] Update Changelog.md

---
 Changelog.md | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/Changelog.md b/Changelog.md
index 002cd045..17494c79 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -1,3 +1,8 @@
+Version 0.9.8-26-57 [06-Jul-2022]
+==================================================
+* Fix for GMail SMTP timeouts on Debian11
+* [Security] Fix for Local Sed Injection Vulnerability ( credits to @cleemy-desu-wayo )
+
 Version 0.9.8-26-56 [28-May-2022]
 ==================================================
 * Adding Barracuda RBL to SpamAssassin
@@ -7,7 +12,7 @@ Version 0.9.8-26-56 [28-May-2022]
 Version 0.9.8-26-55 [26-Apr-2022]
 ==================================================
 * Support for MySQL 8
-* Preventing brute-force resetting password  (thanks to HestiaCP @hestiacp for fix)
+* [Security] Preventing brute-force resetting password  (thanks to HestiaCP @hestiacp for fix)
 * Many minor bugfixes
 
 Version 0.9.8-26-54 [17-Dec-2021]

From 16f18bd8b3d007018c18843a7dea1e8d1c9d7da8 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 6 Jul 2022 15:09:22 +0200
Subject: [PATCH 1722/2300] Version 0.9.8-26-57

---
 src/deb/latest.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/latest.txt b/src/deb/latest.txt
index 2a785f14..162eec34 100644
--- a/src/deb/latest.txt
+++ b/src/deb/latest.txt
@@ -1 +1 @@
-vesta-0.9.8-26-56
+vesta-0.9.8-26-57

From d3bde491c73460edf0d2e0feff7ca55f8a7920c6 Mon Sep 17 00:00:00 2001
From: Umut Korkmaz 
Date: Wed, 6 Jul 2022 19:43:11 +0300
Subject: [PATCH 1723/2300] fix typo

---
 bin/v-copy-fs-file | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-copy-fs-file b/bin/v-copy-fs-file
index 792956ec..87447b40 100755
--- a/bin/v-copy-fs-file
+++ b/bin/v-copy-fs-file
@@ -43,7 +43,7 @@ fi
 # Checking destination path
 rpath=$(readlink -f "$dst_file")
 if [ -z "$(echo $rpath |egrep "^/tmp|^$homedir")" ]; then
-    echo "Error: ivalid destination path $dst_file"
+    echo "Error: invalid destination path $dst_file"
     exit 2
 fi
 

From b13b82112a0b26ec0db5f56f34de75b786ff0da9 Mon Sep 17 00:00:00 2001
From: divinity76 
Date: Sat, 9 Jul 2022 11:16:02 +0200
Subject: [PATCH 1724/2300] avoid out-of-memory serving large logfiles

large logfiles previously resulted in out-of-memory errors, see https://github.com/hestiacp/hestiacp/issues/2736

hestacp PR: https://github.com/hestiacp/hestiacp/pull/2741

and no, removing the php end tag was not an accident, it was intentional. end tags, ideally, should only be used when they're absolutely required, because they can easily introduce bugs like printing a newline after the end tag.
---
 web/download/web-log/index.php | 19 +++++++++++++------
 1 file changed, 13 insertions(+), 6 deletions(-)

diff --git a/web/download/web-log/index.php b/web/download/web-log/index.php
index 35ebc335..9078d20c 100644
--- a/web/download/web-log/index.php
+++ b/web/download/web-log/index.php
@@ -25,11 +25,18 @@ $v_domain = escapeshellarg($_GET['domain']);
 if ($_GET['type'] == 'access') $type = 'access';
 if ($_GET['type'] == 'error') $type = 'error';
 
-exec (VESTA_CMD."v-list-web-domain-".$type."log $user ".$v_domain." 5000", $output, $return_var);
-if ($return_var == 0 ) {
-    foreach($output as $file) {
-        echo $file . "\n";
-    }
+
+
+$cmd = implode(" ", array(
+    escapeshellarg(HESTIA_CMD . "v-list-web-domain-" . $type . "log"),
+    escapeshellarg($user),
+    escapeshellarg($v_domain),
+    "5000",
+));
+passthru($cmd, $return_var);
+if ($return_var != 0) {
+    $errstr = "Internal server error: command returned non-zero: {$return_var}: {$cmd}";
+    echo $errstr;
+    throw new Exception($errstr); // make sure it ends up in an errorlog somewhere
 }
 
-?>

From b09d244af7ab6dd93f07e63331b483c5f8d10dd7 Mon Sep 17 00:00:00 2001
From: divinity76 
Date: Sat, 9 Jul 2022 11:18:30 +0200
Subject: [PATCH 1725/2300] code-breaking-typo

from copypasta
---
 web/download/web-log/index.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/download/web-log/index.php b/web/download/web-log/index.php
index 9078d20c..e9c63a8d 100644
--- a/web/download/web-log/index.php
+++ b/web/download/web-log/index.php
@@ -28,7 +28,7 @@ if ($_GET['type'] == 'error') $type = 'error';
 
 
 $cmd = implode(" ", array(
-    escapeshellarg(HESTIA_CMD . "v-list-web-domain-" . $type . "log"),
+    escapeshellarg(VESTA_CMD . "v-list-web-domain-" . $type . "log"),
     escapeshellarg($user),
     escapeshellarg($v_domain),
     "5000",

From e65af22a54337f96e2abe2b612efc2b1533c3775 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 12 Jul 2022 18:10:31 +0200
Subject: [PATCH 1726/2300] hash_equals() in /reset/mail/

Thanks to @divinity76
---
 web/reset/mail/index.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/reset/mail/index.php b/web/reset/mail/index.php
index 5419d8ea..c0524ebb 100644
--- a/web/reset/mail/index.php
+++ b/web/reset/mail/index.php
@@ -149,7 +149,7 @@ if ((!empty($_POST['email'])) && (!empty($_POST['password'])) && (!empty($_POST[
         $n_hash = '{MD5}'.$n_hash;
 
         // Change password
-        if ( $v_hash == $n_hash ) {
+        if ( hash_equals($v_hash, $n_hash ) ) {
             $v_new_password = tempnam("/tmp","vst");
             $fp = fopen($v_new_password, "w");
             fwrite($fp, $_POST['new']."\n");

From 1a081dfdbe72eac0aeaf3a27a52f1ff3df8e4555 Mon Sep 17 00:00:00 2001
From: divinity76 
Date: Tue, 12 Jul 2022 19:14:55 +0200
Subject: [PATCH 1727/2300] workaround for passthru() being disabled

---
 web/download/web-log/index.php | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/web/download/web-log/index.php b/web/download/web-log/index.php
index e9c63a8d..4bef3528 100644
--- a/web/download/web-log/index.php
+++ b/web/download/web-log/index.php
@@ -26,14 +26,24 @@ if ($_GET['type'] == 'access') $type = 'access';
 if ($_GET['type'] == 'error') $type = 'error';
 
 
-
 $cmd = implode(" ", array(
     escapeshellarg(VESTA_CMD . "v-list-web-domain-" . $type . "log"),
     escapeshellarg($user),
     escapeshellarg($v_domain),
     "5000",
 ));
-passthru($cmd, $return_var);
+
+if(is_callable("passthru")){
+    passthru($cmd, $return_var);
+} else{
+    // passthru is disabled, workaround it by writing the output to a file then reading the file. 
+    // this is slower than passthru, but avoids running out of RAM...
+    $passthru_is_disabled_workaround_handle = tmpfile();
+    $passthru_is_disabled_workaround_file = stream_get_meta_data($passthru_is_disabled_workaround_handle)['uri'];
+    exec ($cmd . " > " . escapeshellarg($passthru_is_disabled_workaround_file), $output, $return_var);
+    readfile($passthru_is_disabled_workaround_file);
+    fclose($passthru_is_disabled_workaround_handle); // fclose(tmpfile()) automatically deletes the file, unlink is not required :)
+}
 if ($return_var != 0) {
     $errstr = "Internal server error: command returned non-zero: {$return_var}: {$cmd}";
     echo $errstr;

From 5aebfde6cf471fc69d46f2287c6a285d16f96013 Mon Sep 17 00:00:00 2001
From: divinity76 
Date: Tue, 12 Jul 2022 19:17:01 +0200
Subject: [PATCH 1728/2300] avoid double-quoting v_domain

---
 web/download/web-log/index.php | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/web/download/web-log/index.php b/web/download/web-log/index.php
index 4bef3528..5e882c89 100644
--- a/web/download/web-log/index.php
+++ b/web/download/web-log/index.php
@@ -10,8 +10,6 @@ if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) {
     exit();
 }
 
-$v_domain = $_GET['domain'];
-$v_domain = escapeshellarg($_GET['domain']);
 if ($_GET['type'] == 'access') $type = 'access';
 if ($_GET['type'] == 'error') $type = 'error';
 
@@ -21,7 +19,7 @@ header("Content-Disposition: attachment; filename=".$_GET['domain'].".".$type."-
 header("Content-Type: application/octet-stream; "); 
 header("Content-Transfer-Encoding: binary");
 
-$v_domain = escapeshellarg($_GET['domain']);
+$v_domain = $_GET['domain'];
 if ($_GET['type'] == 'access') $type = 'access';
 if ($_GET['type'] == 'error') $type = 'error';
 

From 15c5bdac5134f398288f6c81f30aa9b3f51744a5 Mon Sep 17 00:00:00 2001
From: divinity76 
Date: Tue, 12 Jul 2022 20:07:55 +0200
Subject: [PATCH 1729/2300] turns out VESTA_CMD is 2 commands

---
 web/download/web-log/index.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/download/web-log/index.php b/web/download/web-log/index.php
index 5e882c89..b9859c6f 100644
--- a/web/download/web-log/index.php
+++ b/web/download/web-log/index.php
@@ -25,7 +25,7 @@ if ($_GET['type'] == 'error') $type = 'error';
 
 
 $cmd = implode(" ", array(
-    escapeshellarg(VESTA_CMD . "v-list-web-domain-" . $type . "log"),
+    VESTA_CMD . "v-list-web-domain-" . $type . "log",
     escapeshellarg($user),
     escapeshellarg($v_domain),
     "5000",

From b2d7c5a1fd6525a91c4e1227ee16797a1f0e1f37 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 12 Jul 2022 20:40:20 +0200
Subject: [PATCH 1730/2300] Fix for PHP Notice in vesta-php

---
 web/inc/secure_login.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/web/inc/secure_login.php b/web/inc/secure_login.php
index b9e2115c..3ae149d5 100644
--- a/web/inc/secure_login.php
+++ b/web/inc/secure_login.php
@@ -91,7 +91,8 @@ function prevent_get_csrf () {
     if (isset($_SERVER['SERVER_PORT']) == false) return;
     if (isset($_SERVER['HTTP_REFERER']) == false) return;
     $_SERVER['HTTP_HOST'] = strtolower($_SERVER['HTTP_HOST']);
-    $_SERVER['HTTP_ORIGIN'] = strtolower($_SERVER['HTTP_ORIGIN']);
+    if (isset($_SERVER['HTTP_ORIGIN'])) $_SERVER['HTTP_ORIGIN'] = strtolower($_SERVER['HTTP_ORIGIN']);
+    else $_SERVER['HTTP_ORIGIN']='';
     if (substr($_SERVER['HTTP_REFERER'], 0, 8) != "file:///" && substr($_SERVER['HTTP_REFERER'], 0, 7) != "http://" && substr($_SERVER['HTTP_REFERER'], 0, 8) != "https://") return;
     $host_arr = explode(":", $_SERVER['HTTP_HOST']);
     $hostname = $host_arr[0];

From 94d7c20a3bba372159b4f576a0cc525c318fce93 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 12 Jul 2022 20:42:10 +0200
Subject: [PATCH 1731/2300] Version 0.9.8-26-58

---
 src/deb/latest.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/latest.txt b/src/deb/latest.txt
index 162eec34..5a056019 100644
--- a/src/deb/latest.txt
+++ b/src/deb/latest.txt
@@ -1 +1 @@
-vesta-0.9.8-26-57
+vesta-0.9.8-26-58

From 8b1c8b658da9302b39fdb9d0b88f3d089522fc9d Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 12 Jul 2022 20:47:56 +0200
Subject: [PATCH 1732/2300] Update Changelog.md

---
 Changelog.md | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/Changelog.md b/Changelog.md
index 17494c79..c0dcbd49 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -1,3 +1,8 @@
+Version 0.9.8-26-58 [12-Jul-2022]
+==================================================
+* [Security] hash_equals() in /reset/mail/ (credits to @divinity76 )
+* Fix for an boring PHP Notice in vesta-php
+
 Version 0.9.8-26-57 [06-Jul-2022]
 ==================================================
 * Fix for GMail SMTP timeouts on Debian11

From 6d365026236d98a425dfd4183eb4b60c6c2d54e2 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 12 Jul 2022 20:52:41 +0200
Subject: [PATCH 1733/2300] Update Changelog.md

---
 Changelog.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Changelog.md b/Changelog.md
index c0dcbd49..b7e52d49 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -1,6 +1,7 @@
 Version 0.9.8-26-58 [12-Jul-2022]
 ==================================================
 * [Security] hash_equals() in /reset/mail/ (credits to @divinity76 )
+* Avoid out-of-memory while downloading large log files from panel (credits to @divinity76 )
 * Fix for an boring PHP Notice in vesta-php
 
 Version 0.9.8-26-57 [06-Jul-2022]

From d625c9722ac512f873b3dcb8182e5ffaddc36c3c Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 12 Jul 2022 21:00:33 +0200
Subject: [PATCH 1734/2300] Fix for an boring PHP Notice in vesta-php

---
 web/inc/secure_login.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/web/inc/secure_login.php b/web/inc/secure_login.php
index 3ae149d5..7f8c8d15 100644
--- a/web/inc/secure_login.php
+++ b/web/inc/secure_login.php
@@ -63,7 +63,8 @@ function prevent_post_csrf ($hard_check=false) {
             if (isset($_SERVER['HTTP_ORIGIN']) == false) $_SERVER['HTTP_ORIGIN'] = '';
         }
         $_SERVER['HTTP_HOST'] = strtolower($_SERVER['HTTP_HOST']);
-        $_SERVER['HTTP_ORIGIN'] = strtolower($_SERVER['HTTP_ORIGIN']);
+        if (isset($_SERVER['HTTP_ORIGIN'])) $_SERVER['HTTP_ORIGIN'] = strtolower($_SERVER['HTTP_ORIGIN']);
+        else $_SERVER['HTTP_ORIGIN']='';
         if ($hard_check == false) {
             if (substr($_SERVER['HTTP_ORIGIN'], 0, 8) != "file:///" && substr($_SERVER['HTTP_ORIGIN'], 0, 7) != "http://" && substr($_SERVER['HTTP_ORIGIN'], 0, 8) != "https://") return;
         }

From bc67f1028a1d6247d5cec6edb35733348d73e46f Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 12 Jul 2022 21:08:30 +0200
Subject: [PATCH 1735/2300] Fix for an boring PHP Notice in vesta-php

---
 web/inc/secure_login.php | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/web/inc/secure_login.php b/web/inc/secure_login.php
index 7f8c8d15..3dcdb0ae 100644
--- a/web/inc/secure_login.php
+++ b/web/inc/secure_login.php
@@ -63,8 +63,7 @@ function prevent_post_csrf ($hard_check=false) {
             if (isset($_SERVER['HTTP_ORIGIN']) == false) $_SERVER['HTTP_ORIGIN'] = '';
         }
         $_SERVER['HTTP_HOST'] = strtolower($_SERVER['HTTP_HOST']);
-        if (isset($_SERVER['HTTP_ORIGIN'])) $_SERVER['HTTP_ORIGIN'] = strtolower($_SERVER['HTTP_ORIGIN']);
-        else $_SERVER['HTTP_ORIGIN']='';
+        $_SERVER['HTTP_ORIGIN'] = strtolower($_SERVER['HTTP_ORIGIN']);
         if ($hard_check == false) {
             if (substr($_SERVER['HTTP_ORIGIN'], 0, 8) != "file:///" && substr($_SERVER['HTTP_ORIGIN'], 0, 7) != "http://" && substr($_SERVER['HTTP_ORIGIN'], 0, 8) != "https://") return;
         }
@@ -92,8 +91,6 @@ function prevent_get_csrf () {
     if (isset($_SERVER['SERVER_PORT']) == false) return;
     if (isset($_SERVER['HTTP_REFERER']) == false) return;
     $_SERVER['HTTP_HOST'] = strtolower($_SERVER['HTTP_HOST']);
-    if (isset($_SERVER['HTTP_ORIGIN'])) $_SERVER['HTTP_ORIGIN'] = strtolower($_SERVER['HTTP_ORIGIN']);
-    else $_SERVER['HTTP_ORIGIN']='';
     if (substr($_SERVER['HTTP_REFERER'], 0, 8) != "file:///" && substr($_SERVER['HTTP_REFERER'], 0, 7) != "http://" && substr($_SERVER['HTTP_REFERER'], 0, 8) != "https://") return;
     $host_arr = explode(":", $_SERVER['HTTP_HOST']);
     $hostname = $host_arr[0];

From d48f6cc4281bd3620f8ed8f7d9ab1dbdb105be7d Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 29 Jul 2022 00:34:52 +0200
Subject: [PATCH 1736/2300] typo fix

---
 bin/v-install-wordpress | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-install-wordpress b/bin/v-install-wordpress
index 95f6f353..bdf56f72 100644
--- a/bin/v-install-wordpress
+++ b/bin/v-install-wordpress
@@ -51,7 +51,7 @@ if [ -z "$database" ]; then
     database="wp"
 fi
 
-if [ -z "$emil" ]; then
+if [ -z "$email" ]; then
     email="info@$domain";
 fi
 

From 44cf0b53063145c88a2b8b809c109582364ec6c1 Mon Sep 17 00:00:00 2001
From: Umut Korkmaz 
Date: Tue, 2 Aug 2022 17:24:55 +0300
Subject: [PATCH 1737/2300] Fixed #142

---
 web/templates/admin/list_firewall.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/templates/admin/list_firewall.html b/web/templates/admin/list_firewall.html
index 889de6a2..a12c9daf 100644
--- a/web/templates/admin/list_firewall.html
+++ b/web/templates/admin/list_firewall.html
@@ -120,7 +120,7 @@ sort-ip="" sort-comment="
             
             
-            
+            
             
           
           

From 5518e0e0598661a286fbb17bc0b05cec0a3df29e Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 24 Sep 2022 11:55:07 +0200
Subject: [PATCH 1738/2300] Update v-clean-garbage

---
 bin/v-clean-garbage | 1 +
 1 file changed, 1 insertion(+)

diff --git a/bin/v-clean-garbage b/bin/v-clean-garbage
index 067ecd58..62bb39c8 100644
--- a/bin/v-clean-garbage
+++ b/bin/v-clean-garbage
@@ -29,6 +29,7 @@ find /home/*/web/*/public_html/wp-content/envato-backups/ -type f -not -name ".h
 find /home/*/web/*/public_html/wp-content/ai1wm-backups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
 find /home/*/web/*/public_html/wp-content/wpvividbackups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
 find /home/*/web/*/public_html/wp-content/updraft/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
+find /home/*/web/*/public_html/ -type f -name "*.wpress" -delete
 find /home/*/web/*/public_html/ -type f -name "error_log" -exec truncate -s 0 {} \;
 find /home/*/web/*/public_html/ -type f -name "error_log.txt" -exec truncate -s 0 {} \;
 find /home/ -type f -name "*.log" -exec truncate -s 0 {} \;

From e5a03804aa8f8f5f1906778b94b9dc6f89c46578 Mon Sep 17 00:00:00 2001
From: N1ebieski 
Date: Sun, 25 Sep 2022 14:47:31 +0200
Subject: [PATCH 1739/2300] Include "hidden" files to backup

Files like .htaccess, .env, .git etc
---
 bin/v-backup-user | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-backup-user b/bin/v-backup-user
index e2d7cac9..8bd0bb25 100755
--- a/bin/v-backup-user
+++ b/bin/v-backup-user
@@ -265,7 +265,7 @@ if [ ! -z "$WEB_SYSTEM" ] && [ "$WEB" != '*' ]; then
         set +f
 
         # Backup files
-        tar --anchored -cpf- ${fargs[@]} * |gzip -$BACKUP_GZIP - > $tmpdir/web/$domain/domain_data.tar.gz
+        tar --anchored -cpf- ${fargs[@]} --exclude={'./','../'} . |gzip -$BACKUP_GZIP - > $tmpdir/web/$domain/domain_data.tar.gz
     done
 
     # Print total

From 25d3fef4aa6f53b09249fae8001e4357f8215b70 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 26 Sep 2022 14:27:39 +0200
Subject: [PATCH 1740/2300] Create v-fix-user-permissions

---
 bin/v-fix-user-permissions | 55 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 55 insertions(+)
 create mode 100644 bin/v-fix-user-permissions

diff --git a/bin/v-fix-user-permissions b/bin/v-fix-user-permissions
new file mode 100644
index 00000000..fa902ec3
--- /dev/null
+++ b/bin/v-fix-user-permissions
@@ -0,0 +1,55 @@
+#!/bin/bash
+
+# info:
+# This script will fix files permissions for desired user (if ownership is lost or files have wrong chmod)
+
+# options: user
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+whoami=$(whoami)
+if [ "$whoami" != "root" ] && [ "$whoami" != "admin" ] ; then
+    echo "You must be root or admin to execute this script";
+    exit 1;
+fi
+
+# Argument definition
+user=$1
+
+# Includes
+source $VESTA/func/main.sh
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '1' "$#" 'USER'
+is_format_valid 'user'
+is_object_valid 'user' 'USER' "$user"
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+find /home/$user/conf/mail/ -type d -exec chown Debian-exim:mail {} \;
+find /home/$user/conf/mail/*/ -type f -exec chown Debian-exim:mail {} \;
+find /home/$user/conf/mail/*/ -name "passwd" -type f -exec chown dovecot:mail {} \;
+find /home/$user/mail/ -type d -exec chown $user:mail {} \;
+find /home/$user/mail/*/ -type d -exec chown $user:mail {} \;
+find /home/$user/mail/*/ -type f -exec chown $user:mail {} \;
+
+find /home/$user/conf/dns/ -type f -exec chown root:bind {} \;
+find /home/$user/conf/ -type d -exec chown root:root {} \;
+
+find /home/$user/web/*/public_html/ -type d -exec chmod 755 {} +
+find /home/$user/web/*/public_html/ -type f -exec chmod 644 {} +
+find /home/$user/web/*/public_html/ -exec chown $user:$user {} \;
+
+echo "Done, permissions fixed for user: $user"
+
+# Logging
+log_event "$OK" "$ARGUMENTS"
+
+exit

From 7f38c8ceafd9abc8c11224902ee3cfbbb837177b Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 14 Oct 2022 16:00:02 +0200
Subject: [PATCH 1741/2300] Restart DNS after adding acme_challenge TXT record

---
 bin/v-add-letsencrypt-domain | 1 +
 1 file changed, 1 insertion(+)

diff --git a/bin/v-add-letsencrypt-domain b/bin/v-add-letsencrypt-domain
index 0cea207c..2940bbb6 100755
--- a/bin/v-add-letsencrypt-domain
+++ b/bin/v-add-letsencrypt-domain
@@ -200,6 +200,7 @@ for auth in $authz; do
             echo "[$(date)] : EXIT=DNS _acme-challenge record wasn't created" >> /usr/local/vesta/log/letsencrypt.log
         fi
         check_result $exitstatus "DNS _acme-challenge record wasn't created"
+        $BIN/v-restart-dns
     else
         if [ "$WEB_SYSTEM" = 'nginx' ] || [ ! -z "$PROXY_SYSTEM" ]; then
             if [ -f "/usr/local/vesta/web/inc/nginx_proxy" ]; then

From 93c1414217ea13ca8b3edcb54ad2f0a73039b325 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 14 Oct 2022 18:38:39 +0200
Subject: [PATCH 1742/2300] systemctl instead of service in v-restart-dns

---
 bin/v-restart-dns | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/bin/v-restart-dns b/bin/v-restart-dns
index 4e7712a7..f96937a1 100755
--- a/bin/v-restart-dns
+++ b/bin/v-restart-dns
@@ -55,9 +55,10 @@ if [ -z "$DNS_SYSTEM" ] || [ "$DNS_SYSTEM" = 'remote' ] ; then
 fi
 
 # Restart system
-service $DNS_SYSTEM reload >/dev/null 2>&1
+systemctl reset-failed $DNS_SYSTEM
+systemctl reload $DNS_SYSTEM >/dev/null 2>&1
 if [ $? -ne 0 ]; then
-    service $DNS_SYSTEM restart >/dev/null 2>&1
+    systemctl restart $DNS_SYSTEM >/dev/null 2>&1
     if [ $? -ne 0 ]; then
         send_email_report
         check_result $E_RESTART "$DNS_SYSTEM restart failed"

From 374b4da5bc6f440c09eaa2937e631fbbd09df6e5 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 2 Nov 2022 19:57:48 +0100
Subject: [PATCH 1743/2300] Update W3TC.json

---
 src/deb/for-download/tools/W3TC.json | 36 ++++++++++++++++++++++++----
 1 file changed, 32 insertions(+), 4 deletions(-)

diff --git a/src/deb/for-download/tools/W3TC.json b/src/deb/for-download/tools/W3TC.json
index d42973d0..0ca4cf8d 100644
--- a/src/deb/for-download/tools/W3TC.json
+++ b/src/deb/for-download/tools/W3TC.json
@@ -1,5 +1,5 @@
 {
-    "version": "2.1.8",
+    "version": "2.2.7",
     "cluster.messagebus.debug": false,
     "cluster.messagebus.enabled": false,
     "cluster.messagebus.sns.region": "",
@@ -26,8 +26,12 @@
     "dbcache.redis.servers": [
         "127.0.0.1:6379"
     ],
+    "dbcache.redis.verify_tls_certificates": true,
     "dbcache.redis.password": "",
     "dbcache.redis.dbid": 0,
+    "dbcache.redis.timeout": 0,
+    "dbcache.redis.retry_interval": 0,
+    "dbcache.redis.read_timeout": 0,
     "dbcache.use_filters": false,
     "dbcache.reject.constants": [
         "APP_REQUEST",
@@ -114,8 +118,12 @@
     "objectcache.redis.servers": [
         "127.0.0.1:6379"
     ],
+    "objectcache.redis.verify_tls_certificates": true,
     "objectcache.redis.password": "",
     "objectcache.redis.dbid": 0,
+    "objectcache.redis.timeout": 0,
+    "objectcache.redis.retry_interval": 0,
+    "objectcache.redis.read_timeout": 0,
     "objectcache.groups.global": [
         "users",
         "userlogins",
@@ -140,7 +148,7 @@
     "pgcache.comment_cookie_ttl": 86400,
     "pgcache.debug": false,
     "pgcache.debug_purge": false,
-    "pgcache.engine": "memcached",
+    "pgcache.engine": "file_generic",
     "pgcache.file.gc": 3600,
     "pgcache.file.nfs": false,
     "pgcache.file.locking": false,
@@ -157,8 +165,12 @@
     "pgcache.redis.servers": [
         "127.0.0.1:6379"
     ],
+    "pgcache.redis.verify_tls_certificates": true,
     "pgcache.redis.password": "",
     "pgcache.redis.dbid": 0,
+    "pgcache.redis.timeout": 0,
+    "pgcache.redis.retry_interval": 0,
+    "pgcache.redis.read_timeout": 0,
     "pgcache.cache.query": false,
     "pgcache.cache.home": true,
     "pgcache.cache.feed": false,
@@ -304,8 +316,12 @@
     "minify.redis.servers": [
         "127.0.0.1:6379"
     ],
+    "minify.redis.verify_tls_certificates": true,
     "minify.redis.password": "",
     "minify.redis.dbid": 0,
+    "minify.redis.timeout": 0,
+    "minify.redis.retry_interval": 0,
+    "minify.redis.read_timeout": 0,
     "minify.rewrite": true,
     "minify.options": [],
     "minify.symlinks": [],
@@ -446,6 +462,7 @@
     "cdn.s3.bucket.location": "us-east-1",
     "cdn.s3.cname": [],
     "cdn.s3.ssl": "auto",
+    "cdn.s3.public_objects": "enabled",
     "cdn.s3_compatible.api_host": "auto",
     "cdn.cf.key": "",
     "cdn.cf.secret": "",
@@ -454,6 +471,7 @@
     "cdn.cf.id": "",
     "cdn.cf.cname": [],
     "cdn.cf.ssl": "auto",
+    "cdn.cf.public_objects": "enabled",
     "cdn.cf2.key": "",
     "cdn.cf2.secret": "",
     "cdn.cf2.id": "",
@@ -887,8 +905,7 @@
             ]
         }
     },
-    "robots_block.enable": false,
-    "common.track_usage": false,
+    "common.track_usage": true,
     "common.tweeted": false,
     "config.check": true,
     "config.path": "",
@@ -919,7 +936,18 @@
     "plugin.license_key": "",
     "plugin.type": "",
     "jquerymigrate.disabled": false,
+    "imageservice": {
+        "compression": "lossy",
+        "auto": "enabled",
+        "visibility": "never"
+    },
+    "imageservice.configuration_overloaded": true,
+    "robots_block.enable": false,
     "fragmentcache": {
         "engine": "memcached"
+    },
+    "pgcache.bad_behavior_path": "",
+    "newrelic": {
+        "monitoring_type": "apm"
     }
 }

From c6d226023e4427223a691ea0b4b00f20b2a9f244 Mon Sep 17 00:00:00 2001
From: Jaap Marcus <9754650+jaapmarcus@users.noreply.github.com>
Date: Thu, 3 Nov 2022 07:14:43 +0100
Subject: [PATCH 1744/2300] Unsuspend database does not restore permissions
 remote users

See https://github.com/hestiacp/hestiacp/issues/3011 and https://github.com/hestiacp/hestiacp/issues/3014
---
 func/db.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/func/db.sh b/func/db.sh
index deb9e5b8..20230fec 100644
--- a/func/db.sh
+++ b/func/db.sh
@@ -468,7 +468,7 @@ suspend_pgsql_database() {
 # Unsuspend MySQL database
 unsuspend_mysql_database() {
     mysql_connect $HOST
-    query="GRANT ALL ON \`$database\`.* FROM \`$DBUSER\`@\`%\`"
+    query="GRANT ALL ON \`$database\`.* TO \`$DBUSER\`@\`%\`"
     mysql_query "$query" > /dev/null
     query="GRANT ALL ON \`$database\`.* TO \`$DBUSER\`@localhost"
     mysql_query "$query" > /dev/null

From c182d7f0a701c7deb455bf49879340cf6b0bb164 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 3 Nov 2022 15:19:08 +0100
Subject: [PATCH 1745/2300] Create fix-fpm-poold.sh

---
 .../tools/patches/fix-fpm-poold.sh            | 40 +++++++++++++++++++
 1 file changed, 40 insertions(+)
 create mode 100644 src/deb/for-download/tools/patches/fix-fpm-poold.sh

diff --git a/src/deb/for-download/tools/patches/fix-fpm-poold.sh b/src/deb/for-download/tools/patches/fix-fpm-poold.sh
new file mode 100644
index 00000000..6c7443b1
--- /dev/null
+++ b/src/deb/for-download/tools/patches/fix-fpm-poold.sh
@@ -0,0 +1,40 @@
+#!/bin/bash
+
+if [ -d "/etc/php" ]; then
+    OLDVAL='php_admin_value\[upload_max_filesize\] = 80M'
+    NEWVAL='php_admin_value\[upload_max_filesize\] = 800M'
+    find /etc/php/*/fpm/pool.d/ -name "*.conf" -type f -exec grep -l "$OLDVAL" {} \; | xargs sed -i "s|$OLDVAL|$NEWVAL|g"
+    find /usr/local/vesta/data/templates/web/apache2/ -type f -name "*.sh" -exec grep -l "$OLDVAL" {} \; | xargs sed -i "s|$OLDVAL|$NEWVAL|g"
+
+    OLDVAL='php_admin_value\[post_max_size\] = 80M'
+    NEWVAL='php_admin_value\[post_max_size\] = 800M'
+    find /etc/php/*/fpm/pool.d/ -name "*.conf" -type f -exec grep -l "$OLDVAL" {} \; | xargs sed -i "s|$OLDVAL|$NEWVAL|g"
+    find /usr/local/vesta/data/templates/web/apache2/ -type f -name "*.sh" -exec grep -l "$OLDVAL" {} \; | xargs sed -i "s|$OLDVAL|$NEWVAL|g"
+
+    OLDVAL='php_admin_value\[memory_limit\] = 256M'
+    NEWVAL='php_admin_value\[memory_limit\] = 512M'
+    find /etc/php/*/fpm/pool.d/ -name "*.conf" -type f -exec grep -l "$OLDVAL" {} \; | xargs sed -i "s|$OLDVAL|$NEWVAL|g"
+    find /usr/local/vesta/data/templates/web/apache2/ -type f -name "*.sh" -exec grep -l "$OLDVAL" {} \; | xargs sed -i "s|$OLDVAL|$NEWVAL|g"
+
+    OLDVAL='pm.max_children = 8'
+    NEWVAL='pm.max_children = 3'
+    find /etc/php/*/fpm/pool.d/ -name "*.conf" -type f -exec grep -l "$OLDVAL" {} \; | xargs sed -i "s|$OLDVAL|$NEWVAL|g"
+    find /usr/local/vesta/data/templates/web/apache2/ -type f -name "*.sh" -exec grep -l "$OLDVAL" {} \; | xargs sed -i "s|$OLDVAL|$NEWVAL|g"
+
+    OLDVAL='request_terminate_timeout = 90s'
+    NEWVAL='request_terminate_timeout = 360s'
+    find /etc/php/*/fpm/pool.d/ -name "*.conf" -type f -exec grep -l "$OLDVAL" {} \; | xargs sed -i "s|$OLDVAL|$NEWVAL|g"
+    find /usr/local/vesta/data/templates/web/apache2/ -type f -name "*.sh" -exec grep -l "$OLDVAL" {} \; | xargs sed -i "s|$OLDVAL|$NEWVAL|g"
+
+    OLDVAL='php_admin_value\[max_execution_time\] = 30'
+    NEWVAL='php_admin_value\[max_execution_time\] = 300'
+    find /etc/php/*/fpm/pool.d/ -name "*.conf" -type f -exec grep -l "$OLDVAL" {} \; | xargs sed -i "s|$OLDVAL|$NEWVAL|g"
+    find /usr/local/vesta/data/templates/web/apache2/ -type f -name "*.sh" -exec grep -l "$OLDVAL" {} \; | xargs sed -i "s|$OLDVAL|$NEWVAL|g"
+
+    systemctl --full --type service --all | grep "php...-fpm" | awk '{print $1}' | xargs systemctl restart
+fi
+
+if [ -f "/etc/apache2/mods-enabled/mpm_event.conf"]; then
+    sed -i "s#MaxRequestWorkers.*#MaxRequestWorkers        600#g" /etc/apache2/mods-enabled/mpm_event.conf
+    systemctl restart apache2
+fi

From 039dca41c395ae2de9332da083299f82e01e3e87 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 3 Nov 2022 15:23:15 +0100
Subject: [PATCH 1746/2300] Update fix-fpm-poold.sh

---
 src/deb/for-download/tools/patches/fix-fpm-poold.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/for-download/tools/patches/fix-fpm-poold.sh b/src/deb/for-download/tools/patches/fix-fpm-poold.sh
index 6c7443b1..20879cb7 100644
--- a/src/deb/for-download/tools/patches/fix-fpm-poold.sh
+++ b/src/deb/for-download/tools/patches/fix-fpm-poold.sh
@@ -34,7 +34,7 @@ if [ -d "/etc/php" ]; then
     systemctl --full --type service --all | grep "php...-fpm" | awk '{print $1}' | xargs systemctl restart
 fi
 
-if [ -f "/etc/apache2/mods-enabled/mpm_event.conf"]; then
+if [ -f "/etc/apache2/mods-enabled/mpm_event.conf" ]; then
     sed -i "s#MaxRequestWorkers.*#MaxRequestWorkers        600#g" /etc/apache2/mods-enabled/mpm_event.conf
     systemctl restart apache2
 fi

From 402a4286d3ff95994de80eaa29481c666f9a6153 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 3 Nov 2022 15:37:43 +0100
Subject: [PATCH 1747/2300] Update fix-fpm-poold.sh

---
 src/deb/for-download/tools/patches/fix-fpm-poold.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/for-download/tools/patches/fix-fpm-poold.sh b/src/deb/for-download/tools/patches/fix-fpm-poold.sh
index 20879cb7..e83c11a5 100644
--- a/src/deb/for-download/tools/patches/fix-fpm-poold.sh
+++ b/src/deb/for-download/tools/patches/fix-fpm-poold.sh
@@ -28,7 +28,7 @@ if [ -d "/etc/php" ]; then
 
     OLDVAL='php_admin_value\[max_execution_time\] = 30'
     NEWVAL='php_admin_value\[max_execution_time\] = 300'
-    find /etc/php/*/fpm/pool.d/ -name "*.conf" -type f -exec grep -l "$OLDVAL" {} \; | xargs sed -i "s|$OLDVAL|$NEWVAL|g"
+    find /etc/php/*/fpm/pool.d/ -name "*.conf" -type f -exec grep -l "$OLDVAL" {} \; | xargs sed -i "s|$OLDVAL$|$NEWVAL|g"
     find /usr/local/vesta/data/templates/web/apache2/ -type f -name "*.sh" -exec grep -l "$OLDVAL" {} \; | xargs sed -i "s|$OLDVAL|$NEWVAL|g"
 
     systemctl --full --type service --all | grep "php...-fpm" | awk '{print $1}' | xargs systemctl restart

From af11a4cbf2afb438f31bd77bd1fcb408d62da581 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 4 Nov 2022 20:09:50 +0100
Subject: [PATCH 1748/2300] Update fix-fpm-poold.sh

---
 src/deb/for-download/tools/patches/fix-fpm-poold.sh | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/src/deb/for-download/tools/patches/fix-fpm-poold.sh b/src/deb/for-download/tools/patches/fix-fpm-poold.sh
index e83c11a5..f9b562a9 100644
--- a/src/deb/for-download/tools/patches/fix-fpm-poold.sh
+++ b/src/deb/for-download/tools/patches/fix-fpm-poold.sh
@@ -21,15 +21,15 @@ if [ -d "/etc/php" ]; then
     find /etc/php/*/fpm/pool.d/ -name "*.conf" -type f -exec grep -l "$OLDVAL" {} \; | xargs sed -i "s|$OLDVAL|$NEWVAL|g"
     find /usr/local/vesta/data/templates/web/apache2/ -type f -name "*.sh" -exec grep -l "$OLDVAL" {} \; | xargs sed -i "s|$OLDVAL|$NEWVAL|g"
 
-    OLDVAL='request_terminate_timeout = 90s'
+    OLDVAL='request_terminate_timeout = '
     NEWVAL='request_terminate_timeout = 360s'
-    find /etc/php/*/fpm/pool.d/ -name "*.conf" -type f -exec grep -l "$OLDVAL" {} \; | xargs sed -i "s|$OLDVAL|$NEWVAL|g"
-    find /usr/local/vesta/data/templates/web/apache2/ -type f -name "*.sh" -exec grep -l "$OLDVAL" {} \; | xargs sed -i "s|$OLDVAL|$NEWVAL|g"
+    find /etc/php/*/fpm/pool.d/ -name "*.conf" -type f -exec grep -l "$OLDVAL" {} \; | xargs sed -i "s|$OLDVAL.*|$NEWVAL|g"
+    find /usr/local/vesta/data/templates/web/apache2/ -type f -name "*.sh" -exec grep -l "$OLDVAL" {} \; | xargs sed -i "s|$OLDVAL.*|$NEWVAL|g"
 
-    OLDVAL='php_admin_value\[max_execution_time\] = 30'
+    OLDVAL='php_admin_value\[max_execution_time\] = '
     NEWVAL='php_admin_value\[max_execution_time\] = 300'
-    find /etc/php/*/fpm/pool.d/ -name "*.conf" -type f -exec grep -l "$OLDVAL" {} \; | xargs sed -i "s|$OLDVAL$|$NEWVAL|g"
-    find /usr/local/vesta/data/templates/web/apache2/ -type f -name "*.sh" -exec grep -l "$OLDVAL" {} \; | xargs sed -i "s|$OLDVAL|$NEWVAL|g"
+    find /etc/php/*/fpm/pool.d/ -name "*.conf" -type f -exec grep -l "$OLDVAL" {} \; | xargs sed -i "s|$OLDVAL.*|$NEWVAL|g"
+    find /usr/local/vesta/data/templates/web/apache2/ -type f -name "*.sh" -exec grep -l "$OLDVAL" {} \; | xargs sed -i "s|$OLDVAL.*|$NEWVAL|g"
 
     systemctl --full --type service --all | grep "php...-fpm" | awk '{print $1}' | xargs systemctl restart
 fi

From f89065a80a8095baed2d4f3b0178db59c942e088 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 9 Nov 2022 10:35:38 +0100
Subject: [PATCH 1749/2300] Create create-mail-sync.sh

---
 .../for-download/tools/create-mail-sync.sh    | 87 +++++++++++++++++++
 1 file changed, 87 insertions(+)
 create mode 100644 src/deb/for-download/tools/create-mail-sync.sh

diff --git a/src/deb/for-download/tools/create-mail-sync.sh b/src/deb/for-download/tools/create-mail-sync.sh
new file mode 100644
index 00000000..e325754e
--- /dev/null
+++ b/src/deb/for-download/tools/create-mail-sync.sh
@@ -0,0 +1,87 @@
+#!/bin/bash
+
+##################################
+# usage: ./create-mail-sync.sh SRCHOST EMAIL PASSWORD-ON-REMOTE-SERVER [PASSWORD-ON-THIS-SERVER] [TEST]
+##################################
+
+if [ $# -lt 3 ]; then
+    echo "usage: ./create-mail-sync.sh SRCHOST EMAIL PASSWORD-ON-REMOTE-SERVER [PASSWORD-ON-THIS-SERVER] [TEST]"
+    exit 1
+fi
+
+if [ $# -eq 3 ]; then
+SRCHOST=$1
+EMAIL=$2
+PASS=$3
+PASS2=$3
+TEST=1
+fi
+
+if [ $# -eq 4 ]; then
+SRCHOST=$1
+EMAIL=$2
+PASS=$3
+PASS2=$4
+TEST=1
+fi
+
+if [ $# -eq 5 ]; then
+SRCHOST=$1
+EMAIL=$2
+PASS=$3
+PASS2=$4
+TEST=$5
+fi
+
+TESTOPT=""
+if [[ $TEST -eq 1 ]]; then
+	TESTOPT="--justlogin"
+fi
+
+if [ ! -d "accounts" ]; then
+    mkdir accounts
+fi
+if [ -f "accounts/$EMAIL" ]; then
+	echo "********* $EMAIL ALREADY EXISTS !!! ************"
+    exit 1;
+    exit
+fi
+
+echo "Writing to: accounts/$EMAIL"
+echo "#!/bin/bash
+
+# --- 
+# SRCHOST = $SRCHOST
+# email   = $EMAIL
+# pass    = $PASS
+# pass2   = $PASS2
+# test    = $TEST
+# ---
+
+/root/imapsync/imapsync --host1  $SRCHOST   --user1 $EMAIL   --password1 '$PASS' --ssl1 --host2 localhost   --user2 $EMAIL   --password2 '$PASS2' $TESTOPT --addheader  --automap \"\$@\"
+
+exit;
+# ---
+" > accounts/$EMAIL
+
+chmod a=rwx accounts/$EMAIL
+
+if [[ $TEST -eq 0 ]]; then
+	exit 0;
+fi
+
+accounts/$EMAIL
+RET=$?
+
+if [ $RET -eq 0 ]; then
+	# echo "./create-mail-sync.sh $EMAIL $PASS $PASS2 $TEST"
+	sed -i "s/--justlogin//g" accounts/$EMAIL
+	echo "--- OK! ---"
+	echo "./create-mail-sync.sh '$SRCHOST' '$EMAIL' '$PASS' '$PASS2' $TEST" >> accounts.log
+else
+	echo "********* $EMAIL ERROR !!! [ret: $RET ] ************"
+	echo "********* $EMAIL ERROR !!! [ret: $RET ] ************"
+	echo "********* $EMAIL ERROR !!! [ret: $RET ] ************"
+	rm accounts/$EMAIL
+fi
+exit $RET;

From 8d4eee37d03c4884ef1aabc5bd58581f6617dcbc Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 9 Nov 2022 15:36:57 +0100
Subject: [PATCH 1750/2300] Create scanps.sh

---
 src/deb/for-download/tools/scanps/scanps.sh | 7 +++++++
 1 file changed, 7 insertions(+)
 create mode 100644 src/deb/for-download/tools/scanps/scanps.sh

diff --git a/src/deb/for-download/tools/scanps/scanps.sh b/src/deb/for-download/tools/scanps/scanps.sh
new file mode 100644
index 00000000..fa9129f3
--- /dev/null
+++ b/src/deb/for-download/tools/scanps/scanps.sh
@@ -0,0 +1,7 @@
+#!/bin/bash
+
+# run 'crontab -e' and add the following:
+# 0,5,10,15,20,25,30,35,40,45,50,55 * * * * /home/scanps.sh > /dev/null 2>&1
+
+cd /home
+php scanps.php

From aa493287f3b77aba380e3cd9cf0d8cc39a9fb0da Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 9 Nov 2022 16:15:48 +0100
Subject: [PATCH 1751/2300] Create scanps.php

---
 src/deb/for-download/tools/scanps/scanps.php | 58 ++++++++++++++++++++
 1 file changed, 58 insertions(+)
 create mode 100644 src/deb/for-download/tools/scanps/scanps.php

diff --git a/src/deb/for-download/tools/scanps/scanps.php b/src/deb/for-download/tools/scanps/scanps.php
new file mode 100644
index 00000000..7b52064d
--- /dev/null
+++ b/src/deb/for-download/tools/scanps/scanps.php
@@ -0,0 +1,58 @@
+ ")!==FALSE) $command.=" 2> /dev/null";
+    else {
+        if (strpos($command, " 2>&1")===FALSE) $command.=" 2>&1";
+    }
+    $ret = exec($command, $out, $ret_no);
+    return implode("\n", $out);
+}
+
+function is_there($list, $what) {
+    $arr=explode("\n", $list);
+    $c=count($arr);
+    for ($i=1; $i<$c; $i++) if (strpos($arr[$i], $what)!==false) return true;
+    return false;
+}
+
+$list=my_exec("ps -Af");
+if (is_there($list, "apt")) exit; // the server is in upgrading proccess
+
+$search_for1="mysqld";
+$search_for2="mariadbd";
+$v1=is_there($list, $search_for1);
+$v2=is_there($list, $search_for2);
+$sufix="";
+
+if ($v1==false && $v2==false) {
+    echo "- reboot\n";
+    $buffer="- reboot\n".$list;
+    $sufix="_".time();
+    $fp = fopen('/home/cron'.$sufix.'.log', 'w');
+    fwrite($fp, $buffer);
+    fclose($fp);
+    $out=array();
+    $ret_no=0;
+    $uname_arr=posix_uname();
+    $hostname=$uname_arr['nodename'];
+    $email=my_exec("/usr/local/vesta/bin/v-list-user 'admin' | grep 'EMAIL' | awk '{print $2}'");
+    mail($email, 'VPS reboot - '.$hostname, $buffer, "From: ".$hostname." ");
+    sleep(10);
+    $ret = exec("sudo reboot", $out, $ret_no);
+    exit;
+} else {
+    echo "- mysql ok\n";
+    $fp = fopen('/home/cron.log', 'w');
+    fwrite($fp, "- mysql ok");
+    fclose($fp);
+    exit;
+}

From 7e37ed471112acd4ac8a5bb654921b19303622f7 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 9 Nov 2022 17:04:10 +0100
Subject: [PATCH 1752/2300] scanps fixes

---
 src/deb/for-download/tools/scanps/scanps.php | 18 ++++++++++--------
 src/deb/for-download/tools/scanps/scanps.sh  |  4 ++--
 2 files changed, 12 insertions(+), 10 deletions(-)

diff --git a/src/deb/for-download/tools/scanps/scanps.php b/src/deb/for-download/tools/scanps/scanps.php
index 7b52064d..d2dbd2b3 100644
--- a/src/deb/for-download/tools/scanps/scanps.php
+++ b/src/deb/for-download/tools/scanps/scanps.php
@@ -1,10 +1,12 @@
  /dev/null 2>&1
 
 function my_exec($command) {
     $out=array();
@@ -37,21 +39,21 @@ if ($v1==false && $v2==false) {
     echo "- reboot\n";
     $buffer="- reboot\n".$list;
     $sufix="_".time();
-    $fp = fopen('/home/cron'.$sufix.'.log', 'w');
+    $fp = fopen('/var/log/scanps_cron'.$sufix.'.log', 'w');
     fwrite($fp, $buffer);
     fclose($fp);
     $out=array();
     $ret_no=0;
     $uname_arr=posix_uname();
     $hostname=$uname_arr['nodename'];
-    $email=my_exec("/usr/local/vesta/bin/v-list-user 'admin' | grep 'EMAIL' | awk '{print $2}'");
+    $email=my_exec("export VESTA=/usr/local/vesta && /usr/local/vesta/bin/v-list-user 'admin' | grep 'EMAIL' | awk '{print $2}'");
     mail($email, 'VPS reboot - '.$hostname, $buffer, "From: ".$hostname." ");
     sleep(10);
     $ret = exec("sudo reboot", $out, $ret_no);
     exit;
 } else {
     echo "- mysql ok\n";
-    $fp = fopen('/home/cron.log', 'w');
+    $fp = fopen('/var/log/scanps_cron.log', 'w');
     fwrite($fp, "- mysql ok");
     fclose($fp);
     exit;
diff --git a/src/deb/for-download/tools/scanps/scanps.sh b/src/deb/for-download/tools/scanps/scanps.sh
index fa9129f3..b693d21a 100644
--- a/src/deb/for-download/tools/scanps/scanps.sh
+++ b/src/deb/for-download/tools/scanps/scanps.sh
@@ -1,7 +1,7 @@
 #!/bin/bash
 
 # run 'crontab -e' and add the following:
-# 0,5,10,15,20,25,30,35,40,45,50,55 * * * * /home/scanps.sh > /dev/null 2>&1
+# */5 * * * * /home/scanps.sh > /dev/null 2>&1
 
 cd /home
-php scanps.php
+php scanps.php
\ No newline at end of file

From 595dd5dffd5b90adde74e55f477170d903d2ac3d Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 9 Nov 2022 19:00:15 +0100
Subject: [PATCH 1753/2300] Delete create-mail-sync.sh

---
 .../for-download/tools/create-mail-sync.sh    | 87 -------------------
 1 file changed, 87 deletions(-)
 delete mode 100644 src/deb/for-download/tools/create-mail-sync.sh

diff --git a/src/deb/for-download/tools/create-mail-sync.sh b/src/deb/for-download/tools/create-mail-sync.sh
deleted file mode 100644
index e325754e..00000000
--- a/src/deb/for-download/tools/create-mail-sync.sh
+++ /dev/null
@@ -1,87 +0,0 @@
-#!/bin/bash
-
-##################################
-# usage: ./create-mail-sync.sh SRCHOST EMAIL PASSWORD-ON-REMOTE-SERVER [PASSWORD-ON-THIS-SERVER] [TEST]
-##################################
-
-if [ $# -lt 3 ]; then
-    echo "usage: ./create-mail-sync.sh SRCHOST EMAIL PASSWORD-ON-REMOTE-SERVER [PASSWORD-ON-THIS-SERVER] [TEST]"
-    exit 1
-fi
-
-if [ $# -eq 3 ]; then
-SRCHOST=$1
-EMAIL=$2
-PASS=$3
-PASS2=$3
-TEST=1
-fi
-
-if [ $# -eq 4 ]; then
-SRCHOST=$1
-EMAIL=$2
-PASS=$3
-PASS2=$4
-TEST=1
-fi
-
-if [ $# -eq 5 ]; then
-SRCHOST=$1
-EMAIL=$2
-PASS=$3
-PASS2=$4
-TEST=$5
-fi
-
-TESTOPT=""
-if [[ $TEST -eq 1 ]]; then
-	TESTOPT="--justlogin"
-fi
-
-if [ ! -d "accounts" ]; then
-    mkdir accounts
-fi
-if [ -f "accounts/$EMAIL" ]; then
-	echo "********* $EMAIL ALREADY EXISTS !!! ************"
-    exit 1;
-    exit
-fi
-
-echo "Writing to: accounts/$EMAIL"
-echo "#!/bin/bash
-
-# --- 
-# SRCHOST = $SRCHOST
-# email   = $EMAIL
-# pass    = $PASS
-# pass2   = $PASS2
-# test    = $TEST
-# ---
-
-/root/imapsync/imapsync --host1  $SRCHOST   --user1 $EMAIL   --password1 '$PASS' --ssl1 --host2 localhost   --user2 $EMAIL   --password2 '$PASS2' $TESTOPT --addheader  --automap \"\$@\"
-
-exit;
-# ---
-" > accounts/$EMAIL
-
-chmod a=rwx accounts/$EMAIL
-
-if [[ $TEST -eq 0 ]]; then
-	exit 0;
-fi
-
-accounts/$EMAIL
-RET=$?
-
-if [ $RET -eq 0 ]; then
-	# echo "./create-mail-sync.sh $EMAIL $PASS $PASS2 $TEST"
-	sed -i "s/--justlogin//g" accounts/$EMAIL
-	echo "--- OK! ---"
-	echo "./create-mail-sync.sh '$SRCHOST' '$EMAIL' '$PASS' '$PASS2' $TEST" >> accounts.log
-else
-	echo "********* $EMAIL ERROR !!! [ret: $RET ] ************"
-	echo "********* $EMAIL ERROR !!! [ret: $RET ] ************"
-	echo "********* $EMAIL ERROR !!! [ret: $RET ] ************"
-	rm accounts/$EMAIL
-fi
-exit $RET;

From 56484d4b01561ff79c30556f881bad65c006547c Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 9 Nov 2022 19:01:02 +0100
Subject: [PATCH 1754/2300] Create run-all.sh

---
 src/deb/for-download/tools/imapsync/run-all.sh | 10 ++++++++++
 1 file changed, 10 insertions(+)
 create mode 100644 src/deb/for-download/tools/imapsync/run-all.sh

diff --git a/src/deb/for-download/tools/imapsync/run-all.sh b/src/deb/for-download/tools/imapsync/run-all.sh
new file mode 100644
index 00000000..fa535927
--- /dev/null
+++ b/src/deb/for-download/tools/imapsync/run-all.sh
@@ -0,0 +1,10 @@
+#!/bin/bash
+
+cd accounts
+
+for name in *
+do
+    if [ -f "$name" ]; then
+        ./$name
+    fi
+done

From f5d3d97dfbf0a52647ebd4470df905950f65d9e1 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 9 Nov 2022 19:01:33 +0100
Subject: [PATCH 1755/2300] Add files via upload

---
 .../tools/imapsync/create-mail-sync.sh        | 87 +++++++++++++++++++
 1 file changed, 87 insertions(+)
 create mode 100644 src/deb/for-download/tools/imapsync/create-mail-sync.sh

diff --git a/src/deb/for-download/tools/imapsync/create-mail-sync.sh b/src/deb/for-download/tools/imapsync/create-mail-sync.sh
new file mode 100644
index 00000000..e325754e
--- /dev/null
+++ b/src/deb/for-download/tools/imapsync/create-mail-sync.sh
@@ -0,0 +1,87 @@
+#!/bin/bash
+
+##################################
+# usage: ./create-mail-sync.sh SRCHOST EMAIL PASSWORD-ON-REMOTE-SERVER [PASSWORD-ON-THIS-SERVER] [TEST]
+##################################
+
+if [ $# -lt 3 ]; then
+    echo "usage: ./create-mail-sync.sh SRCHOST EMAIL PASSWORD-ON-REMOTE-SERVER [PASSWORD-ON-THIS-SERVER] [TEST]"
+    exit 1
+fi
+
+if [ $# -eq 3 ]; then
+SRCHOST=$1
+EMAIL=$2
+PASS=$3
+PASS2=$3
+TEST=1
+fi
+
+if [ $# -eq 4 ]; then
+SRCHOST=$1
+EMAIL=$2
+PASS=$3
+PASS2=$4
+TEST=1
+fi
+
+if [ $# -eq 5 ]; then
+SRCHOST=$1
+EMAIL=$2
+PASS=$3
+PASS2=$4
+TEST=$5
+fi
+
+TESTOPT=""
+if [[ $TEST -eq 1 ]]; then
+	TESTOPT="--justlogin"
+fi
+
+if [ ! -d "accounts" ]; then
+    mkdir accounts
+fi
+if [ -f "accounts/$EMAIL" ]; then
+	echo "********* $EMAIL ALREADY EXISTS !!! ************"
+    exit 1;
+    exit
+fi
+
+echo "Writing to: accounts/$EMAIL"
+echo "#!/bin/bash
+
+# --- 
+# SRCHOST = $SRCHOST
+# email   = $EMAIL
+# pass    = $PASS
+# pass2   = $PASS2
+# test    = $TEST
+# ---
+
+/root/imapsync/imapsync --host1  $SRCHOST   --user1 $EMAIL   --password1 '$PASS' --ssl1 --host2 localhost   --user2 $EMAIL   --password2 '$PASS2' $TESTOPT --addheader  --automap \"\$@\"
+
+exit;
+# ---
+" > accounts/$EMAIL
+
+chmod a=rwx accounts/$EMAIL
+
+if [[ $TEST -eq 0 ]]; then
+	exit 0;
+fi
+
+accounts/$EMAIL
+RET=$?
+
+if [ $RET -eq 0 ]; then
+	# echo "./create-mail-sync.sh $EMAIL $PASS $PASS2 $TEST"
+	sed -i "s/--justlogin//g" accounts/$EMAIL
+	echo "--- OK! ---"
+	echo "./create-mail-sync.sh '$SRCHOST' '$EMAIL' '$PASS' '$PASS2' $TEST" >> accounts.log
+else
+	echo "********* $EMAIL ERROR !!! [ret: $RET ] ************"
+	echo "********* $EMAIL ERROR !!! [ret: $RET ] ************"
+	echo "********* $EMAIL ERROR !!! [ret: $RET ] ************"
+	rm accounts/$EMAIL
+fi
+exit $RET;

From 06ebea1a8b7c79f68a3fe228a4d77782d2da9a33 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 14 Nov 2022 14:45:59 +0100
Subject: [PATCH 1756/2300] Update fix-fpm-poold.sh

---
 src/deb/for-download/tools/patches/fix-fpm-poold.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/for-download/tools/patches/fix-fpm-poold.sh b/src/deb/for-download/tools/patches/fix-fpm-poold.sh
index f9b562a9..d853114a 100644
--- a/src/deb/for-download/tools/patches/fix-fpm-poold.sh
+++ b/src/deb/for-download/tools/patches/fix-fpm-poold.sh
@@ -35,6 +35,6 @@ if [ -d "/etc/php" ]; then
 fi
 
 if [ -f "/etc/apache2/mods-enabled/mpm_event.conf" ]; then
-    sed -i "s#MaxRequestWorkers.*#MaxRequestWorkers        600#g" /etc/apache2/mods-enabled/mpm_event.conf
+    sed -i "s#MaxRequestWorkers.*#MaxRequestWorkers        400#g" /etc/apache2/mods-enabled/mpm_event.conf
     systemctl restart apache2
 fi

From e134202224757c32f97fb817ba03ee5105104432 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 22 Nov 2022 09:07:25 +0100
Subject: [PATCH 1757/2300] Skipping forward proxy while renewing LetsEncrypt

---
 bin/v-update-letsencrypt-ssl | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/bin/v-update-letsencrypt-ssl b/bin/v-update-letsencrypt-ssl
index ac3e2eda..eacbfa05 100755
--- a/bin/v-update-letsencrypt-ssl
+++ b/bin/v-update-letsencrypt-ssl
@@ -36,6 +36,12 @@ for user in $($BIN/v-list-users plain |cut -f 1); do
         limit_check=1
         fail_counter=$(get_web_counter "$user" "$domain" 'LETSENCRYPT_FAIL_COUNT')
 
+        proxy_tpl=$(/usr/local/vesta/bin/v-list-web-domain "$user" "$domain" "shell" | grep 'PROXY:' | cut -d ' ' -f11-)
+        if [ "$proxy_tpl" = "forward" ]; then
+            echo "[$(date)] : $domain is using forward proxy, skipping" >> /usr/local/vesta/log/letsencrypt_cron.log
+            continue;
+        fi
+
         if [[ "$hostname" = "$domain" ]]; then
             if [[ "$fail_counter" -eq 7 ]]; then
                 limit_check=0

From 8563303fbef5975ea2ad6242ed005902de44dbbf Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 23 Nov 2022 14:25:56 +0100
Subject: [PATCH 1758/2300] Rollback of previous commit

---
 bin/v-update-letsencrypt-ssl | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/bin/v-update-letsencrypt-ssl b/bin/v-update-letsencrypt-ssl
index eacbfa05..819e9846 100755
--- a/bin/v-update-letsencrypt-ssl
+++ b/bin/v-update-letsencrypt-ssl
@@ -36,11 +36,11 @@ for user in $($BIN/v-list-users plain |cut -f 1); do
         limit_check=1
         fail_counter=$(get_web_counter "$user" "$domain" 'LETSENCRYPT_FAIL_COUNT')
 
-        proxy_tpl=$(/usr/local/vesta/bin/v-list-web-domain "$user" "$domain" "shell" | grep 'PROXY:' | cut -d ' ' -f11-)
-        if [ "$proxy_tpl" = "forward" ]; then
-            echo "[$(date)] : $domain is using forward proxy, skipping" >> /usr/local/vesta/log/letsencrypt_cron.log
-            continue;
-        fi
+        # proxy_tpl=$(/usr/local/vesta/bin/v-list-web-domain "$user" "$domain" "shell" | grep 'PROXY:' | cut -d ' ' -f11-)
+        # if [ "$proxy_tpl" = "forward" ]; then
+        #     echo "[$(date)] : $domain is using forward proxy, skipping" >> /usr/local/vesta/log/letsencrypt_cron.log
+        #     continue;
+        # fi
 
         if [[ "$hostname" = "$domain" ]]; then
             if [[ "$fail_counter" -eq 7 ]]; then

From 8e34db9a712be57fc81d05c9abc2bd137a88faf7 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 23 Nov 2022 14:28:32 +0100
Subject: [PATCH 1759/2300] Replacing utf8mb4_0900_ai_ci

---
 bin/v-import-cpanel-backup | 1 +
 1 file changed, 1 insertion(+)

diff --git a/bin/v-import-cpanel-backup b/bin/v-import-cpanel-backup
index a4d40226..d8fdac11 100644
--- a/bin/v-import-cpanel-backup
+++ b/bin/v-import-cpanel-backup
@@ -157,6 +157,7 @@ for sk_dbr in $sk_db_list
 			echo " Create and restore ${sk_dbr} "
 			mysql < mysql/${sk_dbr}.create
 			sed -i "s/utf8mb4_unicode_520_ci/utf8mb4_unicode_ci/g" mysql/${sk_dbr}.sql
+			sed -i "s/utf8mb4_0900_ai_ci/utf8mb4_unicode_ci/g" mysql/${sk_dbr}.sql
 			mysql ${sk_dbr} < mysql/${sk_dbr}.sql
 		else
 			echo "Error: Cant restore database $sk_dbr alredy exists in mysql server"

From 93b4b1e466aac7ad0ebea41b3132279757045049 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 26 Nov 2022 15:37:51 +0100
Subject: [PATCH 1760/2300] Update v-fix-user-permissions

---
 bin/v-fix-user-permissions | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/bin/v-fix-user-permissions b/bin/v-fix-user-permissions
index fa902ec3..ae798992 100644
--- a/bin/v-fix-user-permissions
+++ b/bin/v-fix-user-permissions
@@ -36,9 +36,15 @@ is_object_valid 'user' 'USER' "$user"
 find /home/$user/conf/mail/ -type d -exec chown Debian-exim:mail {} \;
 find /home/$user/conf/mail/*/ -type f -exec chown Debian-exim:mail {} \;
 find /home/$user/conf/mail/*/ -name "passwd" -type f -exec chown dovecot:mail {} \;
+
 find /home/$user/mail/ -type d -exec chown $user:mail {} \;
 find /home/$user/mail/*/ -type d -exec chown $user:mail {} \;
 find /home/$user/mail/*/ -type f -exec chown $user:mail {} \;
+find /home/$user/mail/*/ -type d -exec chmod u+rwx {} \;
+find /home/$user/mail/*/ -type d -exec chmod g+rwx {} \;
+find /home/$user/mail/*/ -type f -exec chmod u+rw {} \;
+find /home/$user/mail/*/ -type f -exec chmod g+rw {} \;
+
 
 find /home/$user/conf/dns/ -type f -exec chown root:bind {} \;
 find /home/$user/conf/ -type d -exec chown root:root {} \;

From 343a4deb73bf1d0d7584e9428495880b695b6cda Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 26 Nov 2022 21:42:09 +0100
Subject: [PATCH 1761/2300] Additional fix for utf8mb4_0900_ai_ci

---
 bin/v-import-cpanel-backup | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/bin/v-import-cpanel-backup b/bin/v-import-cpanel-backup
index d8fdac11..02383018 100644
--- a/bin/v-import-cpanel-backup
+++ b/bin/v-import-cpanel-backup
@@ -155,6 +155,8 @@ for sk_dbr in $sk_db_list
 		grep -w $sk_dbr server_dbs	
 		if [ $? == "1" ]; then
 			echo " Create and restore ${sk_dbr} "
+			sed -i "s/utf8mb4_unicode_520_ci/utf8mb4_unicode_ci/g" mysql/${sk_dbr}.create
+			sed -i "s/utf8mb4_0900_ai_ci/utf8mb4_unicode_ci/g" mysql/${sk_dbr}.create
 			mysql < mysql/${sk_dbr}.create
 			sed -i "s/utf8mb4_unicode_520_ci/utf8mb4_unicode_ci/g" mysql/${sk_dbr}.sql
 			sed -i "s/utf8mb4_0900_ai_ci/utf8mb4_unicode_ci/g" mysql/${sk_dbr}.sql

From d0f5d1a355f67e3c7c0e772536b3a27ffd3f2f06 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 8 Dec 2022 14:13:42 +0100
Subject: [PATCH 1762/2300] Update fix-fpm-poold.sh

---
 src/deb/for-download/tools/patches/fix-fpm-poold.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/for-download/tools/patches/fix-fpm-poold.sh b/src/deb/for-download/tools/patches/fix-fpm-poold.sh
index d853114a..88534bfd 100644
--- a/src/deb/for-download/tools/patches/fix-fpm-poold.sh
+++ b/src/deb/for-download/tools/patches/fix-fpm-poold.sh
@@ -35,6 +35,6 @@ if [ -d "/etc/php" ]; then
 fi
 
 if [ -f "/etc/apache2/mods-enabled/mpm_event.conf" ]; then
-    sed -i "s#MaxRequestWorkers.*#MaxRequestWorkers        400#g" /etc/apache2/mods-enabled/mpm_event.conf
+    sed -i "s#MaxRequestWorkers.*#MaxRequestWorkers        200#g" /etc/apache2/mods-enabled/mpm_event.conf
     systemctl restart apache2
 fi

From cab6df399a781727f31102fc56729c341248e6a7 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 29 Dec 2022 12:57:17 +0100
Subject: [PATCH 1763/2300] Create v-move-folder-and-make-symlink

---
 bin/v-move-folder-and-make-symlink | 85 ++++++++++++++++++++++++++++++
 1 file changed, 85 insertions(+)
 create mode 100644 bin/v-move-folder-and-make-symlink

diff --git a/bin/v-move-folder-and-make-symlink b/bin/v-move-folder-and-make-symlink
new file mode 100644
index 00000000..f543ff65
--- /dev/null
+++ b/bin/v-move-folder-and-make-symlink
@@ -0,0 +1,85 @@
+#!/bin/bash
+
+# info:
+# This script will move a folder to the new destination and make a symlink from the old path to the new destination
+
+# options: FROMFOLDER TOFOLDER
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+whoami=$(whoami)
+if [ "$whoami" != "root" ] && [ "$whoami" != "admin" ] ; then
+    echo "You must be root or admin to execute this script";
+    exit 1;
+fi
+
+# Argument definition
+FROMFOLDER=$1
+TOFOLDER=$2
+
+# Includes
+source $VESTA/func/main.sh
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+# Trimming the ending slash, just in case
+FROMFOLDER=$(echo "$FROMFOLDER" | sed 's:/*$::')
+TOFOLDER=$(echo "$TOFOLDER" | sed 's:/*$::')
+
+if [ ! -d "$FROMFOLDER" ]; then
+    echo "Folder $FROMFOLDER does not exists, aborting"
+    exit 1
+fi
+
+USER=$(stat -c '%U' "$FROMFOLDER")
+GROUP=$(stat -c '%G' "$FROMFOLDER")
+PARENTFOLDER=$(dirname "$TOFOLDER")
+
+if [ ! -d "$PARENTFOLDER" ]; then
+    PUSER=$(stat -c '%U' "$PARENTFOLDER")
+    PGROUP=$(stat -c '%G' "$PARENTFOLDER")
+    echo "= Creating parent folder..."
+    mkdir -p $PARENTFOLDER
+    chown $PUSER:$PGROUP $PARENTFOLDER
+fi
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+rsync -a "$FROMFOLDER/" "$TOFOLDER/"
+# with slashes on the end of the path of both folders
+if [ "$?" -ne 0 ]; then
+    echo "Error happened, aborting"
+    exit 1
+fi
+
+if [ "$FROMFOLDER" = "/home/$USER" ] && [ -d "$FROMFOLDER/conf" ]; then
+    # if we are moving myVesta home folder, we must remove immutable attribute from conf/ files
+    chattr -R -i "$FROMFOLDER/conf/" > /dev/null 2>&1
+    # with slashes on the end of the path of the folder
+fi
+
+rm -rf "$FROMFOLDER"
+# without slash on the end of the path of the folder
+
+ln -s "$TOFOLDER" "$FROMFOLDER"
+# without slashes on the end of the path of both folders
+
+chown -h $USER:$GROUP $FROMFOLDER
+# without slash on the end of the path of the folder
+
+#----------------------------------------------------------#
+#             Log and print result                         #
+#----------------------------------------------------------#
+
+echo "Done, folder $FROMFOLDER moved to $TOFOLDER and symlinked"
+
+# Logging
+log_event "$OK" "$ARGUMENTS"
+
+exit

From 5b0056b193a32f312cb3d4c93b8e751a7e4f901c Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 29 Dec 2022 13:18:44 +0100
Subject: [PATCH 1764/2300] Update v-move-folder-and-make-symlink

---
 bin/v-move-folder-and-make-symlink | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/bin/v-move-folder-and-make-symlink b/bin/v-move-folder-and-make-symlink
index f543ff65..b17f6465 100644
--- a/bin/v-move-folder-and-make-symlink
+++ b/bin/v-move-folder-and-make-symlink
@@ -43,8 +43,8 @@ if [ ! -d "$PARENTFOLDER" ]; then
     PUSER=$(stat -c '%U' "$PARENTFOLDER")
     PGROUP=$(stat -c '%G' "$PARENTFOLDER")
     echo "= Creating parent folder..."
-    mkdir -p $PARENTFOLDER
-    chown $PUSER:$PGROUP $PARENTFOLDER
+    mkdir -p "$PARENTFOLDER"
+    chown $PUSER:$PGROUP "$PARENTFOLDER"
 fi
 
 #----------------------------------------------------------#

From 75e7d7c5e04feeb40d5ecea15eb26f852215f221 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 29 Dec 2022 13:44:40 +0100
Subject: [PATCH 1765/2300] Update v-move-folder-and-make-symlink

---
 bin/v-move-folder-and-make-symlink | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/bin/v-move-folder-and-make-symlink b/bin/v-move-folder-and-make-symlink
index b17f6465..6cedcbe0 100644
--- a/bin/v-move-folder-and-make-symlink
+++ b/bin/v-move-folder-and-make-symlink
@@ -35,6 +35,16 @@ if [ ! -d "$FROMFOLDER" ]; then
     exit 1
 fi
 
+if [ -L "$FROMFOLDER" ]; then
+    echo "Folder $FROMFOLDER is already symlink, aborting"
+    exit 1
+fi
+
+if [ -d "$TOFOLDER" ]; then
+    echo "Folder $TOFOLDER already exists, aborting"
+    exit 1
+fi
+
 USER=$(stat -c '%U' "$FROMFOLDER")
 GROUP=$(stat -c '%G' "$FROMFOLDER")
 PARENTFOLDER=$(dirname "$TOFOLDER")

From 0db48dcdaadd2e03469a9b67dea43e65de3bdb31 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 29 Dec 2022 15:12:58 +0100
Subject: [PATCH 1766/2300] Update v-move-folder-and-make-symlink

---
 bin/v-move-folder-and-make-symlink | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/bin/v-move-folder-and-make-symlink b/bin/v-move-folder-and-make-symlink
index 6cedcbe0..81561a97 100644
--- a/bin/v-move-folder-and-make-symlink
+++ b/bin/v-move-folder-and-make-symlink
@@ -45,6 +45,11 @@ if [ -d "$TOFOLDER" ]; then
     exit 1
 fi
 
+if [ -L "$TOFOLDER" ]; then
+    echo "Folder $TOFOLDER already exists (as symlink), aborting"
+    exit 1
+fi
+
 USER=$(stat -c '%U' "$FROMFOLDER")
 GROUP=$(stat -c '%G' "$FROMFOLDER")
 PARENTFOLDER=$(dirname "$TOFOLDER")

From fab56e1b708a00bdfa9a1b3d88d8ef1aba3631b3 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 12 Jan 2023 17:59:49 +0100
Subject: [PATCH 1767/2300] Another attempt to fix wildcard letsencrypt

---
 bin/v-add-letsencrypt-domain | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-add-letsencrypt-domain b/bin/v-add-letsencrypt-domain
index 2940bbb6..faa51f8c 100755
--- a/bin/v-add-letsencrypt-domain
+++ b/bin/v-add-letsencrypt-domain
@@ -200,7 +200,7 @@ for auth in $authz; do
             echo "[$(date)] : EXIT=DNS _acme-challenge record wasn't created" >> /usr/local/vesta/log/letsencrypt.log
         fi
         check_result $exitstatus "DNS _acme-challenge record wasn't created"
-        $BIN/v-restart-dns
+        systemctl restart bind9
     else
         if [ "$WEB_SYSTEM" = 'nginx' ] || [ ! -z "$PROXY_SYSTEM" ]; then
             if [ -f "/usr/local/vesta/web/inc/nginx_proxy" ]; then

From 171a42a65ebfcd4d8055a2686ccd04d8cc9600a3 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 14 Jan 2023 15:49:46 +0100
Subject: [PATCH 1768/2300] Update vst-install-debian.sh

---
 install/vst-install-debian.sh | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index aa1d043c..5ca3690e 100755
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1627,6 +1627,10 @@ echo "== Get main ip"
 ip=$(ip addr|grep 'inet '|grep global|head -n1|awk '{print $2}'|cut -f1 -d/)
 local_ip=$ip
 
+echo "== Writing '$ip $servername' to /etc/hosts"
+sed -i "/$servername/d" /etc/hosts
+echo "$ip $servername" >> /etc/hosts
+
 # Firewall configuration
 if [ "$iptables" = 'yes' ]; then
     echo "== Firewall configuration"

From d0a77cf3f652a3dc9cb9b11b26b499f9b386f099 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 14 Jan 2023 16:44:27 +0100
Subject: [PATCH 1769/2300] Writing '$ip $servername' to /etc/hosts

---
 install/vst-install-debian.sh | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 5ca3690e..ffb036dd 100755
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -524,6 +524,8 @@ if ! [[ "$servername" =~ ^${mask1}${mask2}$ ]]; then
     fi
     echo "127.0.0.1 $servername" >> /etc/hosts
 fi
+echo "$servername" > /etc/hostname
+hostname $servername
 
 # Set email if it wasn't set
 if [ -z "$email" ]; then
@@ -1627,9 +1629,15 @@ echo "== Get main ip"
 ip=$(ip addr|grep 'inet '|grep global|head -n1|awk '{print $2}'|cut -f1 -d/)
 local_ip=$ip
 
+# Writing '$ip $servername' to /etc/hosts
 echo "== Writing '$ip $servername' to /etc/hosts"
 sed -i "/$servername/d" /etc/hosts
-echo "$ip $servername" >> /etc/hosts
+subdomain=$(echo "$servername" | cut -d . -f-1)
+if [ "servername" != "$subdomain" ]; then
+    echo "$ip $servername $subdomain" >> /etc/hosts
+else
+    echo "$ip $servername" >> /etc/hosts
+fi
 
 # Firewall configuration
 if [ "$iptables" = 'yes' ]; then

From ae81474f8e902821ede90216124a8c54a9994d90 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 14 Jan 2023 17:15:36 +0100
Subject: [PATCH 1770/2300] Update vst-install-debian.sh

---
 install/vst-install-debian.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index ffb036dd..b5fda479 100755
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1633,7 +1633,7 @@ local_ip=$ip
 echo "== Writing '$ip $servername' to /etc/hosts"
 sed -i "/$servername/d" /etc/hosts
 subdomain=$(echo "$servername" | cut -d . -f-1)
-if [ "servername" != "$subdomain" ]; then
+if [ "$servername" != "$subdomain" ]; then
     echo "$ip $servername $subdomain" >> /etc/hosts
 else
     echo "$ip $servername" >> /etc/hosts

From 2df6bfbb0bea7fa5ad7871c51da112260d94b55d Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 15 Jan 2023 17:37:32 +0100
Subject: [PATCH 1771/2300] New roundcube version

---
 src/deb/for-download/tools/install-new-roundcube.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/for-download/tools/install-new-roundcube.sh b/src/deb/for-download/tools/install-new-roundcube.sh
index a746ff59..6311563e 100644
--- a/src/deb/for-download/tools/install-new-roundcube.sh
+++ b/src/deb/for-download/tools/install-new-roundcube.sh
@@ -3,7 +3,7 @@
 USER='webmail'
 DOMAIN='' # enter domain or subdomain
 
-VERSION='1.5.2'
+VERSION='1.6.0'
 DOWNLOAD="https://github.com/roundcube/roundcubemail/releases/download/$VERSION/roundcubemail-$VERSION-complete.tar.gz"
 
 LOGINMESSAGE1='Click here for NEW Webmail'

From 479805c52cedc5e310704bc7e93c98ed5c0e9c60 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 15 Jan 2023 22:01:43 +0100
Subject: [PATCH 1772/2300] Cleaning fail2ban database

---
 bin/v-clean-garbage | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/bin/v-clean-garbage b/bin/v-clean-garbage
index 62bb39c8..15b1a5ae 100644
--- a/bin/v-clean-garbage
+++ b/bin/v-clean-garbage
@@ -34,4 +34,15 @@ find /home/*/web/*/public_html/ -type f -name "error_log" -exec truncate -s 0 {}
 find /home/*/web/*/public_html/ -type f -name "error_log.txt" -exec truncate -s 0 {} \;
 find /home/ -type f -name "*.log" -exec truncate -s 0 {} \;
 
+fail2ban_running=$(/usr/local/vesta/bin/v-list-sys-services | grep 'fail2ban' | grep -c 'running')
+if [ $fail2ban_running -eq 1 ]; then
+    systemctl stop fail2ban
+fi
+if [ -f "/var/lib/fail2ban/fail2ban.sqlite3" ]; then
+    rm /var/lib/fail2ban/fail2ban.sqlite3
+fi
+if [ $fail2ban_running -eq 1 ]; then
+    systemctl start fail2ban
+fi
+
 echo "=== Garbage cleaned ==="

From caee59c0152431ca15b03d6a806ac99877200d5c Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 19 Jan 2023 17:43:42 +0100
Subject: [PATCH 1773/2300] Update v-install-wordpress

---
 bin/v-install-wordpress | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-install-wordpress b/bin/v-install-wordpress
index bdf56f72..ba69c22d 100644
--- a/bin/v-install-wordpress
+++ b/bin/v-install-wordpress
@@ -1,6 +1,6 @@
 #!/bin/bash
 # info: WordPress installer in one command line
-# options: DOMAIN USER
+# options: DOMAIN
 #
 # Credits to Luka Paunović for wp-cli implememtation
 

From efc2be9f717a049da63527ed5a8994cd8a3b5266 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 19 Jan 2023 17:55:44 +0100
Subject: [PATCH 1774/2300] Lock WordPress files if they are potentially
 infected

---
 bin/v-lock-wordpress | 70 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 70 insertions(+)
 create mode 100644 bin/v-lock-wordpress

diff --git a/bin/v-lock-wordpress b/bin/v-lock-wordpress
new file mode 100644
index 00000000..e722abaa
--- /dev/null
+++ b/bin/v-lock-wordpress
@@ -0,0 +1,70 @@
+#!/bin/bash
+# info: Lock WordPress files if they are potentially infected (somewhere) by PHP malware, in order to stop further infection
+# options: DOMAIN
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+whoami=$(whoami)
+if [ "$whoami" != "root" ]; then
+    echo "You must be root to execute this script"
+    exit 1
+fi
+
+# Argument definition
+domain=$1
+
+user=$(/usr/local/vesta/bin/v-search-domain-owner $domain)
+if [ -z "$user" ]; then
+    check_result $E_NOTEXIST "domain $domain doesn't exist"
+fi
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '1' "$#" 'DOMAIN'
+is_format_valid 'domain'
+is_object_valid 'user' 'USER' "$user"
+is_object_unsuspended 'user' 'USER' "$user"
+
+if [ ! -d "/home/$user" ]; then
+    echo "User doesn't exist";
+    exit 1;
+fi
+
+if [ ! -d "/home/$user/web/$domain/public_html" ]; then
+    echo "Domain doesn't exist";
+    exit 1;
+fi
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+cd /home/$user/web/$domain/public_html
+
+# lock files
+chown -R www-data:www-data public_html/
+
+# unlock /wp-content/uploads/ for uploading
+chown -R $user:$user public_html/wp-content/uploads/
+
+# block .php execution inside /wp-content/uploads/
+cat <public_html/wp-content/uploads/.htaccess
+RewriteEngine on
+RewriteRule ^.*\.(?:php[1-6]?|pht|phtml?)$ - [NC,F]
+EOF
+
+chown root:root public_html/wp-content/uploads/.htaccess
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+echo "v-lock-wordpress: Done."
+
+log_event "$OK" "$ARGUMENTS"
+
+exit

From c9c29ce7a95cdf3cd73325a446f495db8ed913cb Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 19 Jan 2023 18:02:56 +0100
Subject: [PATCH 1775/2300] Create v-unlock-wordpress

---
 bin/v-unlock-wordpress | 67 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 67 insertions(+)
 create mode 100644 bin/v-unlock-wordpress

diff --git a/bin/v-unlock-wordpress b/bin/v-unlock-wordpress
new file mode 100644
index 00000000..faadbdde
--- /dev/null
+++ b/bin/v-unlock-wordpress
@@ -0,0 +1,67 @@
+#!/bin/bash
+# info: Unlock previously locked WordPress files if they were potentially infected (somewhere) by PHP malware, in order to stop further infection
+# options: DOMAIN
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+whoami=$(whoami)
+if [ "$whoami" != "root" ]; then
+    echo "You must be root to execute this script"
+    exit 1
+fi
+
+# Importing system environment
+source /etc/profile
+
+# Includes
+source /usr/local/vesta/func/main.sh
+
+# Argument definition
+domain=$1
+
+user=$(/usr/local/vesta/bin/v-search-domain-owner $domain)
+if [ -z "$user" ]; then
+    check_result $E_NOTEXIST "domain $domain doesn't exist"
+fi
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '1' "$#" 'DOMAIN'
+is_format_valid 'domain'
+is_object_valid 'user' 'USER' "$user"
+is_object_unsuspended 'user' 'USER' "$user"
+
+if [ ! -d "/home/$user" ]; then
+    echo "User doesn't exist";
+    exit 1;
+fi
+
+if [ ! -d "/home/$user/web/$domain/public_html" ]; then
+    echo "Domain doesn't exist";
+    exit 1;
+fi
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+cd /home/$user/web/$domain/public_html
+
+# lock files
+chown -R $user:$user public_html/
+
+rm public_html/wp-content/uploads/.htaccess
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+echo "v-unlock-wordpress: Done."
+
+log_event "$OK" "$ARGUMENTS"
+
+exit

From 8b756993777b792fd83bdaf8b65bebe5051c98a6 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 19 Jan 2023 18:03:40 +0100
Subject: [PATCH 1776/2300] Update v-lock-wordpress

---
 bin/v-lock-wordpress | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/bin/v-lock-wordpress b/bin/v-lock-wordpress
index e722abaa..e56f42eb 100644
--- a/bin/v-lock-wordpress
+++ b/bin/v-lock-wordpress
@@ -12,6 +12,12 @@ if [ "$whoami" != "root" ]; then
     exit 1
 fi
 
+# Importing system environment
+source /etc/profile
+
+# Includes
+source /usr/local/vesta/func/main.sh
+
 # Argument definition
 domain=$1
 
@@ -43,7 +49,7 @@ fi
 #                       Action                             #
 #----------------------------------------------------------#
 
-cd /home/$user/web/$domain/public_html
+cd /home/$user/web/$domain
 
 # lock files
 chown -R www-data:www-data public_html/

From f397454364a17e7bead2bc1dfd281ac4096e65ce Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 19 Jan 2023 18:04:45 +0100
Subject: [PATCH 1777/2300] Update v-install-wordpress

---
 bin/v-install-wordpress | 15 +++++++--------
 1 file changed, 7 insertions(+), 8 deletions(-)

diff --git a/bin/v-install-wordpress b/bin/v-install-wordpress
index ba69c22d..08abb8a3 100644
--- a/bin/v-install-wordpress
+++ b/bin/v-install-wordpress
@@ -14,14 +14,6 @@ if [ "$whoami" != "root" ]; then
     exit 1
 fi
 
-# Argument definition
-domain=$1
-
-user=$(/usr/local/vesta/bin/v-search-domain-owner $domain)
-if [ -z "$user" ]; then
-    check_result $E_NOTEXIST "domain $domain doesn't exist"
-fi
-
 # Importing system environment
 source /etc/profile
 
@@ -29,6 +21,13 @@ source /etc/profile
 source /usr/local/vesta/func/main.sh
 source /usr/local/vesta/func/db.sh
 
+# Argument definition
+domain=$1
+
+user=$(/usr/local/vesta/bin/v-search-domain-owner $domain)
+if [ -z "$user" ]; then
+    check_result $E_NOTEXIST "domain $domain doesn't exist"
+fi
 
 if [[ $(is_package_full 'DATABASES') = *reached* ]]; then
         echo "Database limit is reached. Delete database or upgrade user package."

From 0fc6fd5fa54f22a504a1dfb06d7646a8bde3de6d Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 19 Jan 2023 18:05:56 +0100
Subject: [PATCH 1778/2300] Update v-install-wordpress

---
 bin/v-install-wordpress | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-install-wordpress b/bin/v-install-wordpress
index 08abb8a3..e0509fed 100644
--- a/bin/v-install-wordpress
+++ b/bin/v-install-wordpress
@@ -1,6 +1,6 @@
 #!/bin/bash
 # info: WordPress installer in one command line
-# options: DOMAIN
+# options: DOMAIN [DB_NAME] [EMAIL]
 #
 # Credits to Luka Paunović for wp-cli implememtation
 

From a65f008f9a9a5f3c5f66d3f392ad0fec9f570ed6 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 19 Jan 2023 18:06:44 +0100
Subject: [PATCH 1779/2300] Update v-unlock-wordpress

---
 bin/v-unlock-wordpress | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-unlock-wordpress b/bin/v-unlock-wordpress
index faadbdde..f54348a1 100644
--- a/bin/v-unlock-wordpress
+++ b/bin/v-unlock-wordpress
@@ -1,5 +1,5 @@
 #!/bin/bash
-# info: Unlock previously locked WordPress files if they were potentially infected (somewhere) by PHP malware, in order to stop further infection
+# info: Unlock previously locked WordPress files if they were potentially infected (somewhere) by PHP malware
 # options: DOMAIN
 
 #----------------------------------------------------------#

From 0a78d937ddbf8ac03551ee2d5ce2a13bf17b1141 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 19 Jan 2023 18:07:43 +0100
Subject: [PATCH 1780/2300] Update v-unlock-wordpress

---
 bin/v-unlock-wordpress | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-unlock-wordpress b/bin/v-unlock-wordpress
index f54348a1..22b891b1 100644
--- a/bin/v-unlock-wordpress
+++ b/bin/v-unlock-wordpress
@@ -49,7 +49,7 @@ fi
 #                       Action                             #
 #----------------------------------------------------------#
 
-cd /home/$user/web/$domain/public_html
+cd /home/$user/web/$domain
 
 # lock files
 chown -R $user:$user public_html/

From ee5df22828c7acc7614834d1fe588cf887fc2cf5 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 20 Jan 2023 13:06:34 +0100
Subject: [PATCH 1781/2300] Update v-lock-wordpress

---
 bin/v-lock-wordpress | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/bin/v-lock-wordpress b/bin/v-lock-wordpress
index e56f42eb..156d1a5e 100644
--- a/bin/v-lock-wordpress
+++ b/bin/v-lock-wordpress
@@ -15,13 +15,15 @@ fi
 # Importing system environment
 source /etc/profile
 
-# Includes
-source /usr/local/vesta/func/main.sh
-
 # Argument definition
 domain=$1
 
 user=$(/usr/local/vesta/bin/v-search-domain-owner $domain)
+USER=$user
+
+# Includes
+source /usr/local/vesta/func/main.sh
+
 if [ -z "$user" ]; then
     check_result $E_NOTEXIST "domain $domain doesn't exist"
 fi

From bdfe17490feab7b1b78fd98a239fe2ec603a3ae9 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 20 Jan 2023 13:07:16 +0100
Subject: [PATCH 1782/2300] Update v-unlock-wordpress

---
 bin/v-unlock-wordpress | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/bin/v-unlock-wordpress b/bin/v-unlock-wordpress
index 22b891b1..1e2cccc6 100644
--- a/bin/v-unlock-wordpress
+++ b/bin/v-unlock-wordpress
@@ -15,13 +15,15 @@ fi
 # Importing system environment
 source /etc/profile
 
-# Includes
-source /usr/local/vesta/func/main.sh
-
 # Argument definition
 domain=$1
 
 user=$(/usr/local/vesta/bin/v-search-domain-owner $domain)
+USER=$user
+
+# Includes
+source /usr/local/vesta/func/main.sh
+
 if [ -z "$user" ]; then
     check_result $E_NOTEXIST "domain $domain doesn't exist"
 fi

From 7cdd65baf2b7ebab874082a5fd2507133d56e6fa Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 20 Jan 2023 13:09:23 +0100
Subject: [PATCH 1783/2300] Update v-install-wordpress

---
 bin/v-install-wordpress | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/bin/v-install-wordpress b/bin/v-install-wordpress
index e0509fed..91bbdf0a 100644
--- a/bin/v-install-wordpress
+++ b/bin/v-install-wordpress
@@ -17,14 +17,16 @@ fi
 # Importing system environment
 source /etc/profile
 
-# Includes
-source /usr/local/vesta/func/main.sh
-source /usr/local/vesta/func/db.sh
-
 # Argument definition
 domain=$1
 
 user=$(/usr/local/vesta/bin/v-search-domain-owner $domain)
+USER=$user
+
+# Includes
+source /usr/local/vesta/func/main.sh
+source /usr/local/vesta/func/db.sh
+
 if [ -z "$user" ]; then
     check_result $E_NOTEXIST "domain $domain doesn't exist"
 fi

From cdbcf84b2cafbb526213fb5b288d1573b6bde9cd Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 22 Jan 2023 16:35:59 +0100
Subject: [PATCH 1784/2300] unlock /wp-content/cache/ for caching

---
 bin/v-lock-wordpress | 27 +++++++++++++++++++--------
 1 file changed, 19 insertions(+), 8 deletions(-)

diff --git a/bin/v-lock-wordpress b/bin/v-lock-wordpress
index 156d1a5e..ea7b2978 100644
--- a/bin/v-lock-wordpress
+++ b/bin/v-lock-wordpress
@@ -28,6 +28,18 @@ if [ -z "$user" ]; then
     check_result $E_NOTEXIST "domain $domain doesn't exist"
 fi
 
+unlock_folder() {
+    chown -R $user:$user $1/
+
+    # block .php execution inside folder
+    cat <$1/.htaccess
+RewriteEngine on
+RewriteRule ^.*\.(?:php[1-6]?|pht|phtml?)$ - [NC,F]
+EOF
+
+    chown root:root $1/.htaccess
+}
+
 #----------------------------------------------------------#
 #                    Verifications                         #
 #----------------------------------------------------------#
@@ -57,15 +69,14 @@ cd /home/$user/web/$domain
 chown -R www-data:www-data public_html/
 
 # unlock /wp-content/uploads/ for uploading
-chown -R $user:$user public_html/wp-content/uploads/
+if [ -d "/home/$user/web/$domain/public_html/wp-content/uploads" ]; then
+    unlock_folder "public_html/wp-content/uploads"
+fi
 
-# block .php execution inside /wp-content/uploads/
-cat <public_html/wp-content/uploads/.htaccess
-RewriteEngine on
-RewriteRule ^.*\.(?:php[1-6]?|pht|phtml?)$ - [NC,F]
-EOF
-
-chown root:root public_html/wp-content/uploads/.htaccess
+# unlock /wp-content/cache/ for caching
+if [ -d "/home/$user/web/$domain/public_html/wp-content/cache" ]; then
+    unlock_folder "public_html/wp-content/cache"
+fi
 
 #----------------------------------------------------------#
 #                       Vesta                              #

From a39b192d308a8ea916a1d2ab72409883790ffe27 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 23 Jan 2023 12:47:49 +0100
Subject: [PATCH 1785/2300] v-lock-wordpress - set correct chmod just in case

---
 bin/v-lock-wordpress | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/bin/v-lock-wordpress b/bin/v-lock-wordpress
index ea7b2978..36852781 100644
--- a/bin/v-lock-wordpress
+++ b/bin/v-lock-wordpress
@@ -68,6 +68,10 @@ cd /home/$user/web/$domain
 # lock files
 chown -R www-data:www-data public_html/
 
+# set correct chmod just in case
+find public_html/ -type d -exec chmod 755 {} +
+find public_html/ -type f -exec chmod 644 {} +
+
 # unlock /wp-content/uploads/ for uploading
 if [ -d "/home/$user/web/$domain/public_html/wp-content/uploads" ]; then
     unlock_folder "public_html/wp-content/uploads"

From 8409e19fac8df17eb719da45aa695181cc808946 Mon Sep 17 00:00:00 2001
From: isscbta <53144593+isscbta@users.noreply.github.com>
Date: Mon, 30 Jan 2023 13:42:03 +0100
Subject: [PATCH 1786/2300] Added install-rocket-nginx.sh and the following
 nginx templates

---
 .../tools/install-rocket-nginx.sh             | 23 +++++++++++
 .../wprocket-force-htpps.stpl                 | 41 +++++++++++++++++++
 .../wprocket-force-htpps.tpl                  |  9 ++++
 .../wprocket-hosting.stpl                     | 39 ++++++++++++++++++
 .../wprocket-hosting.tpl                      | 36 ++++++++++++++++
 5 files changed, 148 insertions(+)
 create mode 100644 src/deb/for-download/tools/install-rocket-nginx.sh
 create mode 100644 src/deb/for-download/tools/rocket-nginx-templates/wprocket-force-htpps.stpl
 create mode 100644 src/deb/for-download/tools/rocket-nginx-templates/wprocket-force-htpps.tpl
 create mode 100644 src/deb/for-download/tools/rocket-nginx-templates/wprocket-hosting.stpl
 create mode 100644 src/deb/for-download/tools/rocket-nginx-templates/wprocket-hosting.tpl

diff --git a/src/deb/for-download/tools/install-rocket-nginx.sh b/src/deb/for-download/tools/install-rocket-nginx.sh
new file mode 100644
index 00000000..0fb5d86d
--- /dev/null
+++ b/src/deb/for-download/tools/install-rocket-nginx.sh
@@ -0,0 +1,23 @@
+#!/bin/bash
+
+echo "Updating apt, please wait..."
+apt-get update > /dev/null 2>&1
+
+apt-get -y install git > /dev/null 2>&1
+
+if [ ! -d "/etc/nginx/rocket-nginx" ]; then
+    cd /etc/nginx
+    git clone https://github.com/satellitewp/rocket-nginx.git
+else
+    cd /etc/nginx/rocket-nginx
+    git pull
+    cd ..
+fi
+
+cd rocket-nginx
+cp rocket-nginx.ini.disabled rocket-nginx.ini
+php rocket-parser.php
+wget -nv -O /usr/local/vesta/data/templates/web/nginx/wprocket-force-htpps.tpl https://c.myvestacp.com/tools/rocket-nginx-templates/wprocket-force-htpps.tpl
+wget -nv -O /usr/local/vesta/data/templates/web/nginx/wprocket-force-htpps.stpl https://c.myvestacp.com/tools/rocket-nginx-templates/wprocket-force-htpps.stpl
+wget -nv -O /usr/local/vesta/data/templates/web/nginx/wprocket-hosting.tpl https://c.myvestacp.com/tools/rocket-nginx-templates/wprocket-hosting.tpl
+wget -nv -O /usr/local/vesta/data/templates/web/nginx/wprocket-hosting.stpl https://c.myvestacp.com/tools/rocket-nginx-templates/wprocket-hosting.stpl
diff --git a/src/deb/for-download/tools/rocket-nginx-templates/wprocket-force-htpps.stpl b/src/deb/for-download/tools/rocket-nginx-templates/wprocket-force-htpps.stpl
new file mode 100644
index 00000000..05ba994a
--- /dev/null
+++ b/src/deb/for-download/tools/rocket-nginx-templates/wprocket-force-htpps.stpl
@@ -0,0 +1,41 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+    include %home%/%user%/conf/web/s%proxy_system%.%domain%.conf*;
+    include rocket-nginx/conf.d/default.conf;
+}
diff --git a/src/deb/for-download/tools/rocket-nginx-templates/wprocket-force-htpps.tpl b/src/deb/for-download/tools/rocket-nginx-templates/wprocket-force-htpps.tpl
new file mode 100644
index 00000000..0c877632
--- /dev/null
+++ b/src/deb/for-download/tools/rocket-nginx-templates/wprocket-force-htpps.tpl
@@ -0,0 +1,9 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    location / {
+        rewrite ^(.*) https://%domain_idn%$1 permanent;
+    }
+include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+include rocket-nginx/conf.d/default.conf;
+}
diff --git a/src/deb/for-download/tools/rocket-nginx-templates/wprocket-hosting.stpl b/src/deb/for-download/tools/rocket-nginx-templates/wprocket-hosting.stpl
new file mode 100644
index 00000000..2610efc4
--- /dev/null
+++ b/src/deb/for-download/tools/rocket-nginx-templates/wprocket-hosting.stpl
@@ -0,0 +1,39 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+    include rocket-nginx/conf.d/default.conf;
+}
diff --git a/src/deb/for-download/tools/rocket-nginx-templates/wprocket-hosting.tpl b/src/deb/for-download/tools/rocket-nginx-templates/wprocket-hosting.tpl
new file mode 100644
index 00000000..521348ae
--- /dev/null
+++ b/src/deb/for-download/tools/rocket-nginx-templates/wprocket-hosting.tpl
@@ -0,0 +1,36 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %docroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/nginx.%domain%.conf*;
+    include rocket-nginx/conf.d/default.conf;
+}

From ed85dfdac71400c848cbf927ec3bd191b0cde3c3 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 31 Jan 2023 15:03:05 +0100
Subject: [PATCH 1787/2300] Support for PHP 8.2

---
 .../for-download/tools/multi-php-install.sh   | 51 +++++++++++++++----
 1 file changed, 42 insertions(+), 9 deletions(-)

diff --git a/src/deb/for-download/tools/multi-php-install.sh b/src/deb/for-download/tools/multi-php-install.sh
index e847df17..58ec502d 100644
--- a/src/deb/for-download/tools/multi-php-install.sh
+++ b/src/deb/for-download/tools/multi-php-install.sh
@@ -12,6 +12,7 @@ inst_73=0
 inst_74=0
 inst_80=0
 inst_81=0
+inst_82=0
 
 #######################################################################
 
@@ -52,8 +53,11 @@ fi
 if [ $# -gt 8 ]; then
     inst_81=$9
 fi
+if [ $# -gt 9 ]; then
+    inst_82=$10
+fi
 
-if [ $inst_56 -eq 1 ] || [ $inst_70 -eq 1 ] || [ $inst_71 -eq 1 ] || [ $inst_72 -eq 1 ] || [ $inst_73 -eq 1 ] || [ $inst_74 -eq 1 ] || [ $inst_80 -eq 1 ] || [ $inst_81 -eq 1 ]; then
+if [ $inst_56 -eq 1 ] || [ $inst_70 -eq 1 ] || [ $inst_71 -eq 1 ] || [ $inst_72 -eq 1 ] || [ $inst_73 -eq 1 ] || [ $inst_74 -eq 1 ] || [ $inst_80 -eq 1 ] || [ $inst_81 -eq 1 ] || [ $inst_82 -eq 1 ]; then
     inst_repo=1
 fi
 
@@ -82,6 +86,7 @@ echo "inst_73=$inst_73"
 echo "inst_74=$inst_74"
 echo "inst_80=$inst_80"
 echo "inst_81=$inst_81"
+echo "inst_82=$inst_82"
 echo "wait_to_press_enter=$wait_to_press_enter"
 
 press_enter "=== Press enter to continue ==============================================================================="
@@ -115,7 +120,7 @@ service apache2 restart
 
 if [ "$inst_56" -eq 1 ]; then
     press_enter "=== Press enter to install PHP 5.6 ==============================================================================="
-    apt -y install php5.6-mbstring php5.6-bcmath php5.6-cli php5.6-curl php5.6-fpm php5.6-gd php5.6-intl php5.6-mcrypt php5.6-mysql php5.6-soap php5.6-xml php5.6-zip php5.6-memcache php5.6-memcached
+    apt -y install php5.6-mbstring php5.6-bcmath php5.6-cli php5.6-curl php5.6-fpm php5.6-gd php5.6-intl php5.6-mcrypt php5.6-mysql php5.6-soap php5.6-xml php5.6-zip php5.6-memcache php5.6-memcached php5.6-imagick
     update-rc.d php5.6-fpm defaults
     a2enconf php5.6-fpm
     systemctl restart apache2
@@ -134,7 +139,7 @@ fi
 
 if [ "$inst_70" -eq 1 ]; then
     press_enter "=== Press enter to install PHP 7.0 ==============================================================================="
-    apt -y install php7.0-mbstring php7.0-bcmath php7.0-cli php7.0-curl php7.0-fpm php7.0-gd php7.0-intl php7.0-mcrypt php7.0-mysql php7.0-soap php7.0-xml php7.0-zip php7.0-memcache php7.0-memcached
+    apt -y install php7.0-mbstring php7.0-bcmath php7.0-cli php7.0-curl php7.0-fpm php7.0-gd php7.0-intl php7.0-mcrypt php7.0-mysql php7.0-soap php7.0-xml php7.0-zip php7.0-memcache php7.0-memcached php7.0-imagick
     update-rc.d php7.0-fpm defaults
     a2enconf php7.0-fpm
     systemctl restart apache2
@@ -158,7 +163,7 @@ fi
 
 if [ "$inst_71" -eq 1 ]; then
     press_enter "=== Press enter to install PHP 7.1 ==============================================================================="
-    apt -y install php7.1-mbstring php7.1-bcmath php7.1-cli php7.1-curl php7.1-fpm php7.1-gd php7.1-intl php7.1-mcrypt php7.1-mysql php7.1-soap php7.1-xml php7.1-zip php7.1-memcache php7.1-memcached
+    apt -y install php7.1-mbstring php7.1-bcmath php7.1-cli php7.1-curl php7.1-fpm php7.1-gd php7.1-intl php7.1-mcrypt php7.1-mysql php7.1-soap php7.1-xml php7.1-zip php7.1-memcache php7.1-memcached php7.1-imagick
     update-rc.d php7.1-fpm defaults
     a2enconf php7.1-fpm
     systemctl restart apache2
@@ -182,7 +187,7 @@ fi
 
 if [ "$inst_72" -eq 1 ]; then
     press_enter "=== Press enter to install PHP 7.2 ==============================================================================="
-    apt -y install php7.2-mbstring php7.2-bcmath php7.2-cli php7.2-curl php7.2-fpm php7.2-gd php7.2-intl php7.2-mysql php7.2-soap php7.2-xml php7.2-zip php7.2-memcache php7.2-memcached
+    apt -y install php7.2-mbstring php7.2-bcmath php7.2-cli php7.2-curl php7.2-fpm php7.2-gd php7.2-intl php7.2-mysql php7.2-soap php7.2-xml php7.2-zip php7.2-memcache php7.2-memcached php7.2-imagick
     update-rc.d php7.2-fpm defaults
     a2enconf php7.2-fpm
     systemctl restart apache2
@@ -206,7 +211,7 @@ fi
 
 if [ "$inst_73" -eq 1 ]; then
     press_enter "=== Press enter to install PHP 7.3 ==============================================================================="
-    apt -y install php7.3-mbstring php7.3-bcmath php7.3-cli php7.3-curl php7.3-fpm php7.3-gd php7.3-intl php7.3-mysql php7.3-soap php7.3-xml php7.3-zip php7.3-memcache php7.3-memcached
+    apt -y install php7.3-mbstring php7.3-bcmath php7.3-cli php7.3-curl php7.3-fpm php7.3-gd php7.3-intl php7.3-mysql php7.3-soap php7.3-xml php7.3-zip php7.3-memcache php7.3-memcached php7.3-imagick
     update-rc.d php7.3-fpm defaults
     a2enconf php7.3-fpm
     systemctl restart apache2
@@ -231,7 +236,7 @@ fi
 
 if [ "$inst_74" -eq 1 ]; then
     press_enter "=== Press enter to install PHP 7.4 ==============================================================================="
-    apt -y install php7.4-mbstring php7.4-bcmath php7.4-cli php7.4-curl php7.4-fpm php7.4-gd php7.4-intl php7.4-mysql php7.4-soap php7.4-xml php7.4-zip php7.4-memcache php7.4-memcached
+    apt -y install php7.4-mbstring php7.4-bcmath php7.4-cli php7.4-curl php7.4-fpm php7.4-gd php7.4-intl php7.4-mysql php7.4-soap php7.4-xml php7.4-zip php7.4-memcache php7.4-memcached php7.4-imagick
     update-rc.d php7.4-fpm defaults
     a2enconf php7.4-fpm
     apt-get -y remove libapache2-mod-php7.4
@@ -257,7 +262,7 @@ fi
 
 if [ "$inst_80" -eq 1 ]; then
     press_enter "=== Press enter to install PHP 8.0 ==============================================================================="
-    apt -y install php8.0-mbstring php8.0-bcmath php8.0-cli php8.0-curl php8.0-fpm php8.0-gd php8.0-intl php8.0-mysql php8.0-soap php8.0-xml php8.0-zip php8.0-memcache php8.0-memcached
+    apt -y install php8.0-mbstring php8.0-bcmath php8.0-cli php8.0-curl php8.0-fpm php8.0-gd php8.0-intl php8.0-mysql php8.0-soap php8.0-xml php8.0-zip php8.0-memcache php8.0-memcached php8.0-imagick
     update-rc.d php8.0-fpm defaults
     a2enconf php8.0-fpm
     a2dismod php8.0
@@ -284,7 +289,7 @@ fi
 
 if [ "$inst_81" -eq 1 ]; then
     press_enter "=== Press enter to install PHP 8.1 ==============================================================================="
-    apt -y install php8.1-mbstring php8.1-bcmath php8.1-cli php8.1-curl php8.1-fpm php8.1-gd php8.1-intl php8.1-mysql php8.1-soap php8.1-xml php8.1-zip php8.1-memcache php8.1-memcached
+    apt -y install php8.1-mbstring php8.1-bcmath php8.1-cli php8.1-curl php8.1-fpm php8.1-gd php8.1-intl php8.1-mysql php8.1-soap php8.1-xml php8.1-zip php8.1-memcache php8.1-memcached php8.1-imagick
     update-rc.d php8.1-fpm defaults
     a2enconf php8.1-fpm
     a2dismod php8.1
@@ -309,6 +314,33 @@ if [ "$inst_81" -eq 1 ]; then
     press_enter "=== PHP 8.1 installed, press enter to continue ==============================================================================="
 fi
 
+if [ "$inst_82" -eq 1 ]; then
+    press_enter "=== Press enter to install PHP 8.2 ==============================================================================="
+    apt -y install php8.2-mbstring php8.2-bcmath php8.2-cli php8.2-curl php8.2-fpm php8.2-gd php8.2-intl php8.2-mysql php8.2-soap php8.2-xml php8.2-zip php8.2-memcache php8.2-memcached php8.2-imagick
+    update-rc.d php8.2-fpm defaults
+    a2enconf php8.2-fpm
+    a2dismod php8.2
+    apt-get -y remove libapache2-mod-php8.2
+    systemctl restart apache2
+    cp -r /etc/php/8.2/ /root/vst_install_backups/php8.2/
+    wget -nv https://c.myvestacp.com/tools/apache-fpm-tpl/PHP-FPM-82.stpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-82.stpl
+    wget -nv https://c.myvestacp.com/tools/apache-fpm-tpl/PHP-FPM-82.tpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-82.tpl
+    wget -nv https://c.myvestacp.com/tools/apache-fpm-tpl/PHP-FPM-82.sh -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-82.sh
+    wget -nv https://c.myvestacp.com/tools/apache-fpm-tpl/PHP-FPM-82-public.stpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-82-public.stpl
+    wget -nv https://c.myvestacp.com/tools/apache-fpm-tpl/PHP-FPM-82-public.tpl -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-82-public.tpl
+    wget -nv https://c.myvestacp.com/tools/apache-fpm-tpl/PHP-FPM-82-public.sh -O /usr/local/vesta/data/templates/web/apache2/PHP-FPM-82-public.sh
+    chmod a+x /usr/local/vesta/data/templates/web/apache2/PHP-FPM-82.sh
+    chmod a+x /usr/local/vesta/data/templates/web/apache2/PHP-FPM-82-public.sh
+    echo "=== Patching php.ini for php8.2"
+    wget -nv https://c.myvestacp.com/tools/patches/php8.1.patch -O /root/php8.1.patch
+    patch /etc/php/8.2/fpm/php.ini < /root/php8.1.patch
+    if [ $memory -gt 9999999 ]; then
+        sed -i "s|opcache.memory_consumption=512|opcache.memory_consumption=2048|g" /etc/php/8.2/fpm/php.ini
+    fi
+    service php8.2-fpm restart
+    press_enter "=== PHP 8.2 installed, press enter to continue ==============================================================================="
+fi
+
 
 apt update > /dev/null 2>&1
 apt upgrade -y > /dev/null 2>&1
@@ -324,6 +356,7 @@ if [ $debian_version -ge 10 ]; then
     a2dismod php7.4 > /dev/null 2>&1
     a2dismod php8.0 > /dev/null 2>&1
     a2dismod php8.1 > /dev/null 2>&1
+    a2dismod php8.2 > /dev/null 2>&1
     a2dismod mpm_prefork > /dev/null 2>&1
     a2enmod mpm_event > /dev/null 2>&1
     apt-get -y remove libapache2-mod-php* > /dev/null 2>&1

From 2db5a6404a023b2a117831f457ddb9dcaaf40aa3 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 31 Jan 2023 15:20:33 +0100
Subject: [PATCH 1788/2300] PHP 8.2 apache templates

---
 .../tools/apache-fpm-tpl/PHP-FPM-82-public.sh | 119 ++++++++++++++++++
 .../apache-fpm-tpl/PHP-FPM-82-public.stpl     |  36 ++++++
 .../apache-fpm-tpl/PHP-FPM-82-public.tpl      |  30 +++++
 .../tools/apache-fpm-tpl/PHP-FPM-82.sh        | 119 ++++++++++++++++++
 .../tools/apache-fpm-tpl/PHP-FPM-82.stpl      |  36 ++++++
 .../tools/apache-fpm-tpl/PHP-FPM-82.tpl       |  30 +++++
 6 files changed, 370 insertions(+)
 create mode 100644 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-82-public.sh
 create mode 100644 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-82-public.stpl
 create mode 100644 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-82-public.tpl
 create mode 100644 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-82.sh
 create mode 100644 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-82.stpl
 create mode 100644 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-82.tpl

diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-82-public.sh b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-82-public.sh
new file mode 100644
index 00000000..a4deb752
--- /dev/null
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-82-public.sh
@@ -0,0 +1,119 @@
+#!/bin/bash
+# Adding php pool conf
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+pool_conf="[$2]
+
+listen = /run/php/php8.2-fpm-$2.sock
+listen.owner = $1
+listen.group = $1
+listen.mode = 0666
+
+user = $1
+group = $1
+
+pm = ondemand
+pm.max_children = 8
+request_terminate_timeout = 360s
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/$1/tmp
+php_admin_value[session.save_path] = /home/$1/tmp
+php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
+php_admin_value[upload_max_filesize] = 800M
+php_admin_value[max_execution_time] = 300
+php_admin_value[post_max_size] = 800M
+php_admin_value[memory_limit] = 512M
+php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
+php_admin_flag[mysql.allow_persistent] = off
+php_admin_flag[safe_mode] = off
+
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/$1/tmp
+env[TMPDIR] = /home/$1/tmp
+env[TEMP] = /home/$1/tmp
+"
+
+pool_file_56="/etc/php/5.6/fpm/pool.d/$2.conf"
+pool_file_70="/etc/php/7.0/fpm/pool.d/$2.conf"
+pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
+pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
+pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
+pool_file_74="/etc/php/7.4/fpm/pool.d/$2.conf"
+pool_file_80="/etc/php/8.0/fpm/pool.d/$2.conf"
+pool_file_81="/etc/php/8.1/fpm/pool.d/$2.conf"
+pool_file_82="/etc/php/8.2/fpm/pool.d/$2.conf"
+
+if [ -f "$pool_file_56" ]; then
+    rm $pool_file_56
+    systemctl reset-failed php5.6-fpm
+    systemctl restart php5.6-fpm
+fi
+
+if [ -f "$pool_file_70" ]; then
+    rm $pool_file_70
+    systemctl reset-failed php7.0-fpm
+    systemctl restart php7.0-fpm
+fi
+
+if [ -f "$pool_file_71" ]; then
+    rm $pool_file_71
+    systemctl reset-failed php7.1-fpm
+    systemctl restart php7.1-fpm
+fi
+
+if [ -f "$pool_file_72" ]; then
+    rm $pool_file_72
+    systemctl reset-failed php7.2-fpm
+    systemctl restart php7.2-fpm
+fi
+
+if [ -f "$pool_file_73" ]; then
+    rm $pool_file_73
+    systemctl reset-failed php7.3-fpm
+    systemctl restart php7.3-fpm
+fi
+
+if [ -f "$pool_file_74" ]; then
+    rm $pool_file_74
+    systemctl reset-failed php7.4-fpm
+    systemctl restart php7.4-fpm
+fi
+
+if [ -f "$pool_file_80" ]; then
+    rm $pool_file_80
+    systemctl reset-failed php8.0-fpm
+    systemctl restart php8.0-fpm
+fi
+
+if [ -f "$pool_file_81" ]; then
+    rm $pool_file_81
+    systemctl reset-failed php8.1-fpm
+    systemctl restart php8.1-fpm
+fi
+
+write_file=0
+if [ ! -f "$pool_file_82" ]; then
+  write_file=1
+else
+  user_count=$(grep -c "/home/$1/" $pool_file_82)
+  if [ $user_count -eq 0 ]; then
+    write_file=1
+  fi
+fi
+if [ $write_file -eq 1 ]; then
+    echo "$pool_conf" > $pool_file_82
+    systemctl reset-failed php8.2-fpm
+    systemctl restart php8.2-fpm
+fi
+if [ -f "/etc/php/8.2/fpm/pool.d/www.conf" ]; then
+    rm /etc/php/8.2/fpm/pool.d/www.conf
+fi
+
+exit 0
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-82-public.stpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-82-public.stpl
new file mode 100644
index 00000000..6afebb6e
--- /dev/null
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-82-public.stpl
@@ -0,0 +1,36 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %sdocroot%/public
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+    
+    
+        AllowOverride All
+        SSLRequireSSL
+        Options +Includes -Indexes +ExecCGI
+	
+    SSLEngine on
+    SSLVerifyClient none
+    SSLCertificateFile %ssl_crt%
+    SSLCertificateKeyFile %ssl_key%
+    %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+
+    
+        SetHandler "proxy:unix:/run/php/php8.2-fpm-%domain%.sock|fcgi://localhost/"
+    
+    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
+
+    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-82-public.tpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-82-public.tpl
new file mode 100644
index 00000000..03e67a3d
--- /dev/null
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-82-public.tpl
@@ -0,0 +1,30 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %docroot%/public
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+    
+    
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+    
+
+    
+        SetHandler "proxy:unix:/run/php/php8.2-fpm-%domain%.sock|fcgi://localhost/"
+    
+    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
+
+    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-82.sh b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-82.sh
new file mode 100644
index 00000000..a4deb752
--- /dev/null
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-82.sh
@@ -0,0 +1,119 @@
+#!/bin/bash
+# Adding php pool conf
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+pool_conf="[$2]
+
+listen = /run/php/php8.2-fpm-$2.sock
+listen.owner = $1
+listen.group = $1
+listen.mode = 0666
+
+user = $1
+group = $1
+
+pm = ondemand
+pm.max_children = 8
+request_terminate_timeout = 360s
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/$1/tmp
+php_admin_value[session.save_path] = /home/$1/tmp
+php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
+php_admin_value[upload_max_filesize] = 800M
+php_admin_value[max_execution_time] = 300
+php_admin_value[post_max_size] = 800M
+php_admin_value[memory_limit] = 512M
+php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
+php_admin_flag[mysql.allow_persistent] = off
+php_admin_flag[safe_mode] = off
+
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/$1/tmp
+env[TMPDIR] = /home/$1/tmp
+env[TEMP] = /home/$1/tmp
+"
+
+pool_file_56="/etc/php/5.6/fpm/pool.d/$2.conf"
+pool_file_70="/etc/php/7.0/fpm/pool.d/$2.conf"
+pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
+pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
+pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
+pool_file_74="/etc/php/7.4/fpm/pool.d/$2.conf"
+pool_file_80="/etc/php/8.0/fpm/pool.d/$2.conf"
+pool_file_81="/etc/php/8.1/fpm/pool.d/$2.conf"
+pool_file_82="/etc/php/8.2/fpm/pool.d/$2.conf"
+
+if [ -f "$pool_file_56" ]; then
+    rm $pool_file_56
+    systemctl reset-failed php5.6-fpm
+    systemctl restart php5.6-fpm
+fi
+
+if [ -f "$pool_file_70" ]; then
+    rm $pool_file_70
+    systemctl reset-failed php7.0-fpm
+    systemctl restart php7.0-fpm
+fi
+
+if [ -f "$pool_file_71" ]; then
+    rm $pool_file_71
+    systemctl reset-failed php7.1-fpm
+    systemctl restart php7.1-fpm
+fi
+
+if [ -f "$pool_file_72" ]; then
+    rm $pool_file_72
+    systemctl reset-failed php7.2-fpm
+    systemctl restart php7.2-fpm
+fi
+
+if [ -f "$pool_file_73" ]; then
+    rm $pool_file_73
+    systemctl reset-failed php7.3-fpm
+    systemctl restart php7.3-fpm
+fi
+
+if [ -f "$pool_file_74" ]; then
+    rm $pool_file_74
+    systemctl reset-failed php7.4-fpm
+    systemctl restart php7.4-fpm
+fi
+
+if [ -f "$pool_file_80" ]; then
+    rm $pool_file_80
+    systemctl reset-failed php8.0-fpm
+    systemctl restart php8.0-fpm
+fi
+
+if [ -f "$pool_file_81" ]; then
+    rm $pool_file_81
+    systemctl reset-failed php8.1-fpm
+    systemctl restart php8.1-fpm
+fi
+
+write_file=0
+if [ ! -f "$pool_file_82" ]; then
+  write_file=1
+else
+  user_count=$(grep -c "/home/$1/" $pool_file_82)
+  if [ $user_count -eq 0 ]; then
+    write_file=1
+  fi
+fi
+if [ $write_file -eq 1 ]; then
+    echo "$pool_conf" > $pool_file_82
+    systemctl reset-failed php8.2-fpm
+    systemctl restart php8.2-fpm
+fi
+if [ -f "/etc/php/8.2/fpm/pool.d/www.conf" ]; then
+    rm /etc/php/8.2/fpm/pool.d/www.conf
+fi
+
+exit 0
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-82.stpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-82.stpl
new file mode 100644
index 00000000..ed39fad4
--- /dev/null
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-82.stpl
@@ -0,0 +1,36 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %sdocroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+    
+    
+        AllowOverride All
+        SSLRequireSSL
+        Options +Includes -Indexes +ExecCGI
+	
+    SSLEngine on
+    SSLVerifyClient none
+    SSLCertificateFile %ssl_crt%
+    SSLCertificateKeyFile %ssl_key%
+    %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+
+    
+        SetHandler "proxy:unix:/run/php/php8.2-fpm-%domain%.sock|fcgi://localhost/"
+    
+    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
+
+    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-82.tpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-82.tpl
new file mode 100644
index 00000000..789ee9d3
--- /dev/null
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-82.tpl
@@ -0,0 +1,30 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %docroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+    
+    
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+    
+
+    
+        SetHandler "proxy:unix:/run/php/php8.2-fpm-%domain%.sock|fcgi://localhost/"
+    
+    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
+
+    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+

From 91ac345b3e191739ea9f2f96b24a6356856b0006 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 31 Jan 2023 15:26:38 +0100
Subject: [PATCH 1789/2300] default php 8.2 www.conf

---
 .../tools/default-pool.d/8.2/www.conf         | 484 ++++++++++++++++++
 1 file changed, 484 insertions(+)
 create mode 100644 src/deb/for-download/tools/default-pool.d/8.2/www.conf

diff --git a/src/deb/for-download/tools/default-pool.d/8.2/www.conf b/src/deb/for-download/tools/default-pool.d/8.2/www.conf
new file mode 100644
index 00000000..ffdd57b7
--- /dev/null
+++ b/src/deb/for-download/tools/default-pool.d/8.2/www.conf
@@ -0,0 +1,484 @@
+; Start a new pool named 'www'.
+; the variable $pool can be used in any directive and will be replaced by the
+; pool name ('www' here)
+[www]
+
+; Per pool prefix
+; It only applies on the following directives:
+; - 'access.log'
+; - 'slowlog'
+; - 'listen' (unixsocket)
+; - 'chroot'
+; - 'chdir'
+; - 'php_values'
+; - 'php_admin_values'
+; When not set, the global prefix (or /usr) applies instead.
+; Note: This directive can also be relative to the global prefix.
+; Default Value: none
+;prefix = /path/to/pools/$pool
+
+; Unix user/group of processes
+; Note: The user is mandatory. If the group is not set, the default user's group
+;       will be used.
+user = www-data
+group = www-data
+
+; The address on which to accept FastCGI requests.
+; Valid syntaxes are:
+;   'ip.add.re.ss:port'    - to listen on a TCP socket to a specific IPv4 address on
+;                            a specific port;
+;   '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
+;                            a specific port;
+;   'port'                 - to listen on a TCP socket to all addresses
+;                            (IPv6 and IPv4-mapped) on a specific port;
+;   '/path/to/unix/socket' - to listen on a unix socket.
+; Note: This value is mandatory.
+listen = /run/php/php8.2-fpm.sock
+
+; Set listen(2) backlog.
+; Default Value: 511 (-1 on Linux, FreeBSD and OpenBSD)
+;listen.backlog = 511
+
+; Set permissions for unix socket, if one is used. In Linux, read/write
+; permissions must be set in order to allow connections from a web server. Many
+; BSD-derived systems allow connections regardless of permissions. The owner
+; and group can be specified either by name or by their numeric IDs.
+; Default Values: user and group are set as the running user
+;                 mode is set to 0660
+listen.owner = www-data
+listen.group = www-data
+;listen.mode = 0660
+; When POSIX Access Control Lists are supported you can set them using
+; these options, value is a comma separated list of user/group names.
+; When set, listen.owner and listen.group are ignored
+;listen.acl_users =
+;listen.acl_groups =
+
+; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect.
+; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
+; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
+; must be separated by a comma. If this value is left blank, connections will be
+; accepted from any ip address.
+; Default Value: any
+;listen.allowed_clients = 127.0.0.1
+
+; Set the associated the route table (FIB). FreeBSD only
+; Default Value: -1
+;listen.setfib = 1
+
+; Specify the nice(2) priority to apply to the pool processes (only if set)
+; The value can vary from -19 (highest priority) to 20 (lower priority)
+; Note: - It will only work if the FPM master process is launched as root
+;       - The pool processes will inherit the master process priority
+;         unless it specified otherwise
+; Default Value: no set
+; process.priority = -19
+
+; Set the process dumpable flag (PR_SET_DUMPABLE prctl for Linux or
+; PROC_TRACE_CTL procctl for FreeBSD) even if the process user
+; or group is different than the master process user. It allows to create process
+; core dump and ptrace the process for the pool user.
+; Default Value: no
+; process.dumpable = yes
+
+; Choose how the process manager will control the number of child processes.
+; Possible Values:
+;   static  - a fixed number (pm.max_children) of child processes;
+;   dynamic - the number of child processes are set dynamically based on the
+;             following directives. With this process management, there will be
+;             always at least 1 children.
+;             pm.max_children      - the maximum number of children that can
+;                                    be alive at the same time.
+;             pm.start_servers     - the number of children created on startup.
+;             pm.min_spare_servers - the minimum number of children in 'idle'
+;                                    state (waiting to process). If the number
+;                                    of 'idle' processes is less than this
+;                                    number then some children will be created.
+;             pm.max_spare_servers - the maximum number of children in 'idle'
+;                                    state (waiting to process). If the number
+;                                    of 'idle' processes is greater than this
+;                                    number then some children will be killed.
+;             pm.max_spawn_rate    - the maximum number of rate to spawn child
+;                                    processes at once.
+;  ondemand - no children are created at startup. Children will be forked when
+;             new requests will connect. The following parameter are used:
+;             pm.max_children           - the maximum number of children that
+;                                         can be alive at the same time.
+;             pm.process_idle_timeout   - The number of seconds after which
+;                                         an idle process will be killed.
+; Note: This value is mandatory.
+pm = dynamic
+
+; The number of child processes to be created when pm is set to 'static' and the
+; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'.
+; This value sets the limit on the number of simultaneous requests that will be
+; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.
+; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP
+; CGI. The below defaults are based on a server without much resources. Don't
+; forget to tweak pm.* to fit your needs.
+; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand'
+; Note: This value is mandatory.
+pm.max_children = 5
+
+; The number of child processes created on startup.
+; Note: Used only when pm is set to 'dynamic'
+; Default Value: (min_spare_servers + max_spare_servers) / 2
+pm.start_servers = 2
+
+; The desired minimum number of idle server processes.
+; Note: Used only when pm is set to 'dynamic'
+; Note: Mandatory when pm is set to 'dynamic'
+pm.min_spare_servers = 1
+
+; The desired maximum number of idle server processes.
+; Note: Used only when pm is set to 'dynamic'
+; Note: Mandatory when pm is set to 'dynamic'
+pm.max_spare_servers = 3
+
+; The number of rate to spawn child processes at once.
+; Note: Used only when pm is set to 'dynamic'
+; Note: Mandatory when pm is set to 'dynamic'
+; Default Value: 32
+;pm.max_spawn_rate = 32
+
+; The number of seconds after which an idle process will be killed.
+; Note: Used only when pm is set to 'ondemand'
+; Default Value: 10s
+;pm.process_idle_timeout = 10s;
+
+; The number of requests each child process should execute before respawning.
+; This can be useful to work around memory leaks in 3rd party libraries. For
+; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
+; Default Value: 0
+;pm.max_requests = 500
+
+; The URI to view the FPM status page. If this value is not set, no URI will be
+; recognized as a status page. It shows the following information:
+;   pool                 - the name of the pool;
+;   process manager      - static, dynamic or ondemand;
+;   start time           - the date and time FPM has started;
+;   start since          - number of seconds since FPM has started;
+;   accepted conn        - the number of request accepted by the pool;
+;   listen queue         - the number of request in the queue of pending
+;                          connections (see backlog in listen(2));
+;   max listen queue     - the maximum number of requests in the queue
+;                          of pending connections since FPM has started;
+;   listen queue len     - the size of the socket queue of pending connections;
+;   idle processes       - the number of idle processes;
+;   active processes     - the number of active processes;
+;   total processes      - the number of idle + active processes;
+;   max active processes - the maximum number of active processes since FPM
+;                          has started;
+;   max children reached - number of times, the process limit has been reached,
+;                          when pm tries to start more children (works only for
+;                          pm 'dynamic' and 'ondemand');
+; Value are updated in real time.
+; Example output:
+;   pool:                 www
+;   process manager:      static
+;   start time:           01/Jul/2011:17:53:49 +0200
+;   start since:          62636
+;   accepted conn:        190460
+;   listen queue:         0
+;   max listen queue:     1
+;   listen queue len:     42
+;   idle processes:       4
+;   active processes:     11
+;   total processes:      15
+;   max active processes: 12
+;   max children reached: 0
+;
+; By default the status page output is formatted as text/plain. Passing either
+; 'html', 'xml' or 'json' in the query string will return the corresponding
+; output syntax. Example:
+;   http://www.foo.bar/status
+;   http://www.foo.bar/status?json
+;   http://www.foo.bar/status?html
+;   http://www.foo.bar/status?xml
+;
+; By default the status page only outputs short status. Passing 'full' in the
+; query string will also return status for each pool process.
+; Example:
+;   http://www.foo.bar/status?full
+;   http://www.foo.bar/status?json&full
+;   http://www.foo.bar/status?html&full
+;   http://www.foo.bar/status?xml&full
+; The Full status returns for each process:
+;   pid                  - the PID of the process;
+;   state                - the state of the process (Idle, Running, ...);
+;   start time           - the date and time the process has started;
+;   start since          - the number of seconds since the process has started;
+;   requests             - the number of requests the process has served;
+;   request duration     - the duration in µs of the requests;
+;   request method       - the request method (GET, POST, ...);
+;   request URI          - the request URI with the query string;
+;   content length       - the content length of the request (only with POST);
+;   user                 - the user (PHP_AUTH_USER) (or '-' if not set);
+;   script               - the main script called (or '-' if not set);
+;   last request cpu     - the %cpu the last request consumed
+;                          it's always 0 if the process is not in Idle state
+;                          because CPU calculation is done when the request
+;                          processing has terminated;
+;   last request memory  - the max amount of memory the last request consumed
+;                          it's always 0 if the process is not in Idle state
+;                          because memory calculation is done when the request
+;                          processing has terminated;
+; If the process is in Idle state, then informations are related to the
+; last request the process has served. Otherwise informations are related to
+; the current request being served.
+; Example output:
+;   ************************
+;   pid:                  31330
+;   state:                Running
+;   start time:           01/Jul/2011:17:53:49 +0200
+;   start since:          63087
+;   requests:             12808
+;   request duration:     1250261
+;   request method:       GET
+;   request URI:          /test_mem.php?N=10000
+;   content length:       0
+;   user:                 -
+;   script:               /home/fat/web/docs/php/test_mem.php
+;   last request cpu:     0.00
+;   last request memory:  0
+;
+; Note: There is a real-time FPM status monitoring sample web page available
+;       It's available in: /usr/share/php/8.2/fpm/status.html
+;
+; Note: The value must start with a leading slash (/). The value can be
+;       anything, but it may not be a good idea to use the .php extension or it
+;       may conflict with a real PHP file.
+; Default Value: not set
+;pm.status_path = /status
+
+; The address on which to accept FastCGI status request. This creates a new
+; invisible pool that can handle requests independently. This is useful
+; if the main pool is busy with long running requests because it is still possible
+; to get the status before finishing the long running requests.
+;
+; Valid syntaxes are:
+;   'ip.add.re.ss:port'    - to listen on a TCP socket to a specific IPv4 address on
+;                            a specific port;
+;   '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
+;                            a specific port;
+;   'port'                 - to listen on a TCP socket to all addresses
+;                            (IPv6 and IPv4-mapped) on a specific port;
+;   '/path/to/unix/socket' - to listen on a unix socket.
+; Default Value: value of the listen option
+;pm.status_listen = 127.0.0.1:9001
+
+; The ping URI to call the monitoring page of FPM. If this value is not set, no
+; URI will be recognized as a ping page. This could be used to test from outside
+; that FPM is alive and responding, or to
+; - create a graph of FPM availability (rrd or such);
+; - remove a server from a group if it is not responding (load balancing);
+; - trigger alerts for the operating team (24/7).
+; Note: The value must start with a leading slash (/). The value can be
+;       anything, but it may not be a good idea to use the .php extension or it
+;       may conflict with a real PHP file.
+; Default Value: not set
+;ping.path = /ping
+
+; This directive may be used to customize the response of a ping request. The
+; response is formatted as text/plain with a 200 response code.
+; Default Value: pong
+;ping.response = pong
+
+; The access log file
+; Default: not set
+;access.log = log/$pool.access.log
+
+; The access log format.
+; The following syntax is allowed
+;  %%: the '%' character
+;  %C: %CPU used by the request
+;      it can accept the following format:
+;      - %{user}C for user CPU only
+;      - %{system}C for system CPU only
+;      - %{total}C  for user + system CPU (default)
+;  %d: time taken to serve the request
+;      it can accept the following format:
+;      - %{seconds}d (default)
+;      - %{milliseconds}d
+;      - %{milli}d
+;      - %{microseconds}d
+;      - %{micro}d
+;  %e: an environment variable (same as $_ENV or $_SERVER)
+;      it must be associated with embraces to specify the name of the env
+;      variable. Some examples:
+;      - server specifics like: %{REQUEST_METHOD}e or %{SERVER_PROTOCOL}e
+;      - HTTP headers like: %{HTTP_HOST}e or %{HTTP_USER_AGENT}e
+;  %f: script filename
+;  %l: content-length of the request (for POST request only)
+;  %m: request method
+;  %M: peak of memory allocated by PHP
+;      it can accept the following format:
+;      - %{bytes}M (default)
+;      - %{kilobytes}M
+;      - %{kilo}M
+;      - %{megabytes}M
+;      - %{mega}M
+;  %n: pool name
+;  %o: output header
+;      it must be associated with embraces to specify the name of the header:
+;      - %{Content-Type}o
+;      - %{X-Powered-By}o
+;      - %{Transfert-Encoding}o
+;      - ....
+;  %p: PID of the child that serviced the request
+;  %P: PID of the parent of the child that serviced the request
+;  %q: the query string
+;  %Q: the '?' character if query string exists
+;  %r: the request URI (without the query string, see %q and %Q)
+;  %R: remote IP address
+;  %s: status (response code)
+;  %t: server time the request was received
+;      it can accept a strftime(3) format:
+;      %d/%b/%Y:%H:%M:%S %z (default)
+;      The strftime(3) format must be encapsulated in a %{}t tag
+;      e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
+;  %T: time the log has been written (the request has finished)
+;      it can accept a strftime(3) format:
+;      %d/%b/%Y:%H:%M:%S %z (default)
+;      The strftime(3) format must be encapsulated in a %{}t tag
+;      e.g. for a ISO8601 formatted timestring, use: %{%Y-%m-%dT%H:%M:%S%z}t
+;  %u: remote user
+;
+; Default: "%R - %u %t \"%m %r\" %s"
+;access.format = "%R - %u %t \"%m %r%Q%q\" %s %f %{milli}d %{kilo}M %C%%"
+
+; A list of request_uri values which should be filtered from the access log.
+;
+; As a security precuation, this setting will be ignored if:
+;     - the request method is not GET or HEAD; or
+;     - there is a request body; or
+;     - there are query parameters; or
+;     - the response code is outwith the successful range of 200 to 299
+;
+; Note: The paths are matched against the output of the access.format tag "%r".
+;       On common configurations, this may look more like SCRIPT_NAME than the
+;       expected pre-rewrite URI.
+;
+; Default Value: not set
+;access.suppress_path[] = /ping
+;access.suppress_path[] = /health_check.php
+
+; The log file for slow requests
+; Default Value: not set
+; Note: slowlog is mandatory if request_slowlog_timeout is set
+;slowlog = log/$pool.log.slow
+
+; The timeout for serving a single request after which a PHP backtrace will be
+; dumped to the 'slowlog' file. A value of '0s' means 'off'.
+; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
+; Default Value: 0
+;request_slowlog_timeout = 0
+
+; Depth of slow log stack trace.
+; Default Value: 20
+;request_slowlog_trace_depth = 20
+
+; The timeout for serving a single request after which the worker process will
+; be killed. This option should be used when the 'max_execution_time' ini option
+; does not stop script execution for some reason. A value of '0' means 'off'.
+; Available units: s(econds)(default), m(inutes), h(ours), or d(ays)
+; Default Value: 0
+;request_terminate_timeout = 0
+
+; The timeout set by 'request_terminate_timeout' ini option is not engaged after
+; application calls 'fastcgi_finish_request' or when application has finished and
+; shutdown functions are being called (registered via register_shutdown_function).
+; This option will enable timeout limit to be applied unconditionally
+; even in such cases.
+; Default Value: no
+;request_terminate_timeout_track_finished = no
+
+; Set open file descriptor rlimit.
+; Default Value: system defined value
+;rlimit_files = 1024
+
+; Set max core size rlimit.
+; Possible Values: 'unlimited' or an integer greater or equal to 0
+; Default Value: system defined value
+;rlimit_core = 0
+
+; Chroot to this directory at the start. This value must be defined as an
+; absolute path. When this value is not set, chroot is not used.
+; Note: you can prefix with '$prefix' to chroot to the pool prefix or one
+; of its subdirectories. If the pool prefix is not set, the global prefix
+; will be used instead.
+; Note: chrooting is a great security feature and should be used whenever
+;       possible. However, all PHP paths will be relative to the chroot
+;       (error_log, sessions.save_path, ...).
+; Default Value: not set
+;chroot =
+
+; Chdir to this directory at the start.
+; Note: relative path can be used.
+; Default Value: current directory or / when chroot
+;chdir = /var/www
+
+; Redirect worker stdout and stderr into main error log. If not set, stdout and
+; stderr will be redirected to /dev/null according to FastCGI specs.
+; Note: on highloaded environment, this can cause some delay in the page
+; process time (several ms).
+; Default Value: no
+;catch_workers_output = yes
+
+; Decorate worker output with prefix and suffix containing information about
+; the child that writes to the log and if stdout or stderr is used as well as
+; log level and time. This options is used only if catch_workers_output is yes.
+; Settings to "no" will output data as written to the stdout or stderr.
+; Default value: yes
+;decorate_workers_output = no
+
+; Clear environment in FPM workers
+; Prevents arbitrary environment variables from reaching FPM worker processes
+; by clearing the environment in workers before env vars specified in this
+; pool configuration are added.
+; Setting to "no" will make all environment variables available to PHP code
+; via getenv(), $_ENV and $_SERVER.
+; Default Value: yes
+;clear_env = no
+
+; Limits the extensions of the main script FPM will allow to parse. This can
+; prevent configuration mistakes on the web server side. You should only limit
+; FPM to .php extensions to prevent malicious users to use other extensions to
+; execute php code.
+; Note: set an empty value to allow all extensions.
+; Default Value: .php
+;security.limit_extensions = .php .php3 .php4 .php5 .php7
+
+; Pass environment variables like LD_LIBRARY_PATH. All $VARIABLEs are taken from
+; the current environment.
+; Default Value: clean env
+;env[HOSTNAME] = $HOSTNAME
+;env[PATH] = /usr/local/bin:/usr/bin:/bin
+;env[TMP] = /tmp
+;env[TMPDIR] = /tmp
+;env[TEMP] = /tmp
+
+; Additional php.ini defines, specific to this pool of workers. These settings
+; overwrite the values previously defined in the php.ini. The directives are the
+; same as the PHP SAPI:
+;   php_value/php_flag             - you can set classic ini defines which can
+;                                    be overwritten from PHP call 'ini_set'.
+;   php_admin_value/php_admin_flag - these directives won't be overwritten by
+;                                     PHP call 'ini_set'
+; For php_*flag, valid values are on, off, 1, 0, true, false, yes or no.
+
+; Defining 'extension' will load the corresponding shared extension from
+; extension_dir. Defining 'disable_functions' or 'disable_classes' will not
+; overwrite previously defined php.ini values, but will append the new value
+; instead.
+
+; Note: path INI options can be relative and will be expanded with the prefix
+; (pool, global or /usr)
+
+; Default Value: nothing is defined by default except the values in php.ini and
+;                specified at startup with the -d argument
+;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f www@my.domain.com
+;php_flag[display_errors] = off
+;php_admin_value[error_log] = /var/log/fpm-php.www.log
+;php_admin_flag[log_errors] = on
+;php_admin_value[memory_limit] = 32M

From 66162375fd1b6b84864a4b6744babd8c4d05ad43 Mon Sep 17 00:00:00 2001
From: isscbta <53144593+isscbta@users.noreply.github.com>
Date: Tue, 31 Jan 2023 16:23:15 +0100
Subject: [PATCH 1790/2300] Minor fix for install-rocket-nginx.sh

---
 .../tools/rocket-nginx-templates/wprocket-force-htpps.stpl  | 5 +++--
 .../tools/rocket-nginx-templates/wprocket-force-htpps.tpl   | 1 -
 .../tools/rocket-nginx-templates/wprocket-hosting.stpl      | 5 ++++-
 .../tools/rocket-nginx-templates/wprocket-hosting.tpl       | 6 ++++--
 4 files changed, 11 insertions(+), 6 deletions(-)

diff --git a/src/deb/for-download/tools/rocket-nginx-templates/wprocket-force-htpps.stpl b/src/deb/for-download/tools/rocket-nginx-templates/wprocket-force-htpps.stpl
index 05ba994a..f82368cb 100644
--- a/src/deb/for-download/tools/rocket-nginx-templates/wprocket-force-htpps.stpl
+++ b/src/deb/for-download/tools/rocket-nginx-templates/wprocket-force-htpps.stpl
@@ -6,11 +6,13 @@ server {
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;
 
+    root           %sdocroot%;
+    # Rocket-Nginx configuration
+    include rocket-nginx/conf.d/default.conf;
 
     location / {
         proxy_pass      https://%ip%:%web_ssl_port%;
         location ~* ^.+\.(%proxy_extentions%)$ {
-            root           %sdocroot%;
             access_log     /var/log/%web_system%/domains/%domain%.log combined;
             access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
             expires        max;
@@ -37,5 +39,4 @@ server {
 
     include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
     include %home%/%user%/conf/web/s%proxy_system%.%domain%.conf*;
-    include rocket-nginx/conf.d/default.conf;
 }
diff --git a/src/deb/for-download/tools/rocket-nginx-templates/wprocket-force-htpps.tpl b/src/deb/for-download/tools/rocket-nginx-templates/wprocket-force-htpps.tpl
index 0c877632..851ac0dc 100644
--- a/src/deb/for-download/tools/rocket-nginx-templates/wprocket-force-htpps.tpl
+++ b/src/deb/for-download/tools/rocket-nginx-templates/wprocket-force-htpps.tpl
@@ -5,5 +5,4 @@ server {
         rewrite ^(.*) https://%domain_idn%$1 permanent;
     }
 include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
-include rocket-nginx/conf.d/default.conf;
 }
diff --git a/src/deb/for-download/tools/rocket-nginx-templates/wprocket-hosting.stpl b/src/deb/for-download/tools/rocket-nginx-templates/wprocket-hosting.stpl
index 2610efc4..51c4fffc 100644
--- a/src/deb/for-download/tools/rocket-nginx-templates/wprocket-hosting.stpl
+++ b/src/deb/for-download/tools/rocket-nginx-templates/wprocket-hosting.stpl
@@ -6,10 +6,13 @@ server {
     ssl_certificate_key  %ssl_key%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;
 
+    root           %sdocroot%;
+    # Rocket-Nginx configuration
+    include rocket-nginx/conf.d/default.conf;
+
     location / {
         proxy_pass      https://%ip%:%web_ssl_port%;
         location ~* ^.+\.(%proxy_extentions%)$ {
-            root           %sdocroot%;
             access_log     /var/log/%web_system%/domains/%domain%.log combined;
             access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
             expires        max;
diff --git a/src/deb/for-download/tools/rocket-nginx-templates/wprocket-hosting.tpl b/src/deb/for-download/tools/rocket-nginx-templates/wprocket-hosting.tpl
index 521348ae..8840c051 100644
--- a/src/deb/for-download/tools/rocket-nginx-templates/wprocket-hosting.tpl
+++ b/src/deb/for-download/tools/rocket-nginx-templates/wprocket-hosting.tpl
@@ -3,10 +3,13 @@ server {
     server_name %domain_idn% %alias_idn%;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;
 
+    root           %docroot%;
+    # Rocket-Nginx configuration
+    include rocket-nginx/conf.d/default.conf;
+
     location / {
         proxy_pass      http://%ip%:%web_port%;
         location ~* ^.+\.(%proxy_extentions%)$ {
-            root           %docroot%;
             access_log     /var/log/%web_system%/domains/%domain%.log combined;
             access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
             expires        max;
@@ -32,5 +35,4 @@ server {
     disable_symlinks if_not_owner from=%docroot%;
 
     include %home%/%user%/conf/web/nginx.%domain%.conf*;
-    include rocket-nginx/conf.d/default.conf;
 }

From 290600dfcd3bef1aa9edfb5ec8e9f4d9337073ec Mon Sep 17 00:00:00 2001
From: isscbta <53144593+isscbta@users.noreply.github.com>
Date: Tue, 31 Jan 2023 16:27:52 +0100
Subject: [PATCH 1791/2300] Minor fix for install-rocket-nginx.sh

---
 .../tools/rocket-nginx-templates/wprocket-force-htpps.stpl       | 1 +
 .../tools/rocket-nginx-templates/wprocket-hosting.stpl           | 1 +
 2 files changed, 2 insertions(+)

diff --git a/src/deb/for-download/tools/rocket-nginx-templates/wprocket-force-htpps.stpl b/src/deb/for-download/tools/rocket-nginx-templates/wprocket-force-htpps.stpl
index f82368cb..6e1be1fd 100644
--- a/src/deb/for-download/tools/rocket-nginx-templates/wprocket-force-htpps.stpl
+++ b/src/deb/for-download/tools/rocket-nginx-templates/wprocket-force-htpps.stpl
@@ -13,6 +13,7 @@ server {
     location / {
         proxy_pass      https://%ip%:%web_ssl_port%;
         location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
             access_log     /var/log/%web_system%/domains/%domain%.log combined;
             access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
             expires        max;
diff --git a/src/deb/for-download/tools/rocket-nginx-templates/wprocket-hosting.stpl b/src/deb/for-download/tools/rocket-nginx-templates/wprocket-hosting.stpl
index 51c4fffc..c216d6d8 100644
--- a/src/deb/for-download/tools/rocket-nginx-templates/wprocket-hosting.stpl
+++ b/src/deb/for-download/tools/rocket-nginx-templates/wprocket-hosting.stpl
@@ -13,6 +13,7 @@ server {
     location / {
         proxy_pass      https://%ip%:%web_ssl_port%;
         location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
             access_log     /var/log/%web_system%/domains/%domain%.log combined;
             access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
             expires        max;

From 1d67c6ae542de4680f545c1a1abbbc7c1019e80d Mon Sep 17 00:00:00 2001
From: isscbta <53144593+isscbta@users.noreply.github.com>
Date: Tue, 31 Jan 2023 16:31:02 +0100
Subject: [PATCH 1792/2300] Update wprocket-hosting.tpl

---
 .../tools/rocket-nginx-templates/wprocket-hosting.tpl            | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/deb/for-download/tools/rocket-nginx-templates/wprocket-hosting.tpl b/src/deb/for-download/tools/rocket-nginx-templates/wprocket-hosting.tpl
index 8840c051..3b162038 100644
--- a/src/deb/for-download/tools/rocket-nginx-templates/wprocket-hosting.tpl
+++ b/src/deb/for-download/tools/rocket-nginx-templates/wprocket-hosting.tpl
@@ -10,6 +10,7 @@ server {
     location / {
         proxy_pass      http://%ip%:%web_port%;
         location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %docroot%;
             access_log     /var/log/%web_system%/domains/%domain%.log combined;
             access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
             expires        max;

From 4bc0ecc46eeeff619cf4075182a511a915e881e1 Mon Sep 17 00:00:00 2001
From: isscbta <53144593+isscbta@users.noreply.github.com>
Date: Tue, 31 Jan 2023 16:34:10 +0100
Subject: [PATCH 1793/2300] Update wprocket-hosting.stpl

---
 .../tools/rocket-nginx-templates/wprocket-hosting.stpl           | 1 -
 1 file changed, 1 deletion(-)

diff --git a/src/deb/for-download/tools/rocket-nginx-templates/wprocket-hosting.stpl b/src/deb/for-download/tools/rocket-nginx-templates/wprocket-hosting.stpl
index c216d6d8..d7d6905f 100644
--- a/src/deb/for-download/tools/rocket-nginx-templates/wprocket-hosting.stpl
+++ b/src/deb/for-download/tools/rocket-nginx-templates/wprocket-hosting.stpl
@@ -39,5 +39,4 @@ server {
     disable_symlinks if_not_owner from=%docroot%;
 
     include %home%/%user%/conf/web/snginx.%domain%.conf*;
-    include rocket-nginx/conf.d/default.conf;
 }

From ac96d9f9b376fe3309e7c17b60c4e8601d5cecee Mon Sep 17 00:00:00 2001
From: isscbta <53144593+isscbta@users.noreply.github.com>
Date: Tue, 31 Jan 2023 17:48:45 +0100
Subject: [PATCH 1794/2300] Fix filename

---
 .../{wprocket-force-htpps.stpl => wprocket-force-https.stpl}      | 0
 .../{wprocket-force-htpps.tpl => wprocket-force-https.tpl}        | 0
 2 files changed, 0 insertions(+), 0 deletions(-)
 rename src/deb/for-download/tools/rocket-nginx-templates/{wprocket-force-htpps.stpl => wprocket-force-https.stpl} (100%)
 rename src/deb/for-download/tools/rocket-nginx-templates/{wprocket-force-htpps.tpl => wprocket-force-https.tpl} (100%)

diff --git a/src/deb/for-download/tools/rocket-nginx-templates/wprocket-force-htpps.stpl b/src/deb/for-download/tools/rocket-nginx-templates/wprocket-force-https.stpl
similarity index 100%
rename from src/deb/for-download/tools/rocket-nginx-templates/wprocket-force-htpps.stpl
rename to src/deb/for-download/tools/rocket-nginx-templates/wprocket-force-https.stpl
diff --git a/src/deb/for-download/tools/rocket-nginx-templates/wprocket-force-htpps.tpl b/src/deb/for-download/tools/rocket-nginx-templates/wprocket-force-https.tpl
similarity index 100%
rename from src/deb/for-download/tools/rocket-nginx-templates/wprocket-force-htpps.tpl
rename to src/deb/for-download/tools/rocket-nginx-templates/wprocket-force-https.tpl

From e7543afbd329bd16c3c787037b7fab569d846043 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 31 Jan 2023 17:54:25 +0100
Subject: [PATCH 1795/2300] Update install-rocket-nginx.sh

---
 src/deb/for-download/tools/install-rocket-nginx.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/deb/for-download/tools/install-rocket-nginx.sh b/src/deb/for-download/tools/install-rocket-nginx.sh
index 0fb5d86d..3e298c7d 100644
--- a/src/deb/for-download/tools/install-rocket-nginx.sh
+++ b/src/deb/for-download/tools/install-rocket-nginx.sh
@@ -17,7 +17,7 @@ fi
 cd rocket-nginx
 cp rocket-nginx.ini.disabled rocket-nginx.ini
 php rocket-parser.php
-wget -nv -O /usr/local/vesta/data/templates/web/nginx/wprocket-force-htpps.tpl https://c.myvestacp.com/tools/rocket-nginx-templates/wprocket-force-htpps.tpl
-wget -nv -O /usr/local/vesta/data/templates/web/nginx/wprocket-force-htpps.stpl https://c.myvestacp.com/tools/rocket-nginx-templates/wprocket-force-htpps.stpl
+wget -nv -O /usr/local/vesta/data/templates/web/nginx/wprocket-force-https.tpl https://c.myvestacp.com/tools/rocket-nginx-templates/wprocket-force-https.tpl
+wget -nv -O /usr/local/vesta/data/templates/web/nginx/wprocket-force-https.stpl https://c.myvestacp.com/tools/rocket-nginx-templates/wprocket-force-https.stpl
 wget -nv -O /usr/local/vesta/data/templates/web/nginx/wprocket-hosting.tpl https://c.myvestacp.com/tools/rocket-nginx-templates/wprocket-hosting.tpl
 wget -nv -O /usr/local/vesta/data/templates/web/nginx/wprocket-hosting.stpl https://c.myvestacp.com/tools/rocket-nginx-templates/wprocket-hosting.stpl

From 08146520a0d43c44b863dacdb27a4295bac3d487 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 31 Jan 2023 18:01:56 +0100
Subject: [PATCH 1796/2300] default user/pass for private-hosting.tpl

---
 install/vst-install-debian.sh | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index b5fda479..650fa241 100755
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -1071,6 +1071,10 @@ if [ "$nginx" = 'yes' ]; then
     cp -f $vestacp/nginx/phppgadmin.inc /etc/nginx/conf.d/
     cp -f $vestacp/nginx/webmail.inc /etc/nginx/conf.d/
     cp -f $vestacp/logrotate/nginx /etc/logrotate.d/
+    
+    # default user/pass for private-hosting.tpl: private / folder
+    echo 'private:$apr1$0MYnchM5$yVi/OTfp7o3lGNst/a8.90' > /etc/nginx/.htpasswd
+    
     echo > /etc/nginx/conf.d/vesta.conf
     mkdir -p /var/log/nginx/domains
     #update-rc.d nginx defaults

From f5cc5d75c288b6455e9b1e69769f449484d4b844 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 31 Jan 2023 20:10:19 +0100
Subject: [PATCH 1797/2300] Update PHP-FPM-74.sh

---
 install/debian/11/templates/web/apache2/PHP-FPM-74.sh | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/install/debian/11/templates/web/apache2/PHP-FPM-74.sh b/install/debian/11/templates/web/apache2/PHP-FPM-74.sh
index 0ff7b21b..e72bb003 100755
--- a/install/debian/11/templates/web/apache2/PHP-FPM-74.sh
+++ b/install/debian/11/templates/web/apache2/PHP-FPM-74.sh
@@ -18,7 +18,7 @@ group = $1
 
 pm = ondemand
 pm.max_children = 8
-request_terminate_timeout = 90s
+request_terminate_timeout = 360s
 pm.max_requests = 4000
 pm.process_idle_timeout = 10s
 pm.status_path = /status
@@ -26,10 +26,10 @@ pm.status_path = /status
 php_admin_value[upload_tmp_dir] = /home/$1/tmp
 php_admin_value[session.save_path] = /home/$1/tmp
 php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
-php_admin_value[upload_max_filesize] = 80M
-php_admin_value[max_execution_time] = 30
-php_admin_value[post_max_size] = 80M
-php_admin_value[memory_limit] = 256M
+php_admin_value[upload_max_filesize] = 800M
+php_admin_value[max_execution_time] = 300
+php_admin_value[post_max_size] = 800M
+php_admin_value[memory_limit] = 512M
 php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
 php_admin_flag[mysql.allow_persistent] = off
 php_admin_flag[safe_mode] = off

From 13b310d115fa570ed039203b9dc5ca89a7ca68aa Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 31 Jan 2023 20:11:12 +0100
Subject: [PATCH 1798/2300] Update PHP-FPM-74-public.sh

---
 .../11/templates/web/apache2/PHP-FPM-74-public.sh      | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/install/debian/11/templates/web/apache2/PHP-FPM-74-public.sh b/install/debian/11/templates/web/apache2/PHP-FPM-74-public.sh
index 0ff7b21b..e72bb003 100755
--- a/install/debian/11/templates/web/apache2/PHP-FPM-74-public.sh
+++ b/install/debian/11/templates/web/apache2/PHP-FPM-74-public.sh
@@ -18,7 +18,7 @@ group = $1
 
 pm = ondemand
 pm.max_children = 8
-request_terminate_timeout = 90s
+request_terminate_timeout = 360s
 pm.max_requests = 4000
 pm.process_idle_timeout = 10s
 pm.status_path = /status
@@ -26,10 +26,10 @@ pm.status_path = /status
 php_admin_value[upload_tmp_dir] = /home/$1/tmp
 php_admin_value[session.save_path] = /home/$1/tmp
 php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
-php_admin_value[upload_max_filesize] = 80M
-php_admin_value[max_execution_time] = 30
-php_admin_value[post_max_size] = 80M
-php_admin_value[memory_limit] = 256M
+php_admin_value[upload_max_filesize] = 800M
+php_admin_value[max_execution_time] = 300
+php_admin_value[post_max_size] = 800M
+php_admin_value[memory_limit] = 512M
 php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
 php_admin_flag[mysql.allow_persistent] = off
 php_admin_flag[safe_mode] = off

From 60dbae21b15a216e7feecaf634fca83c0fa7e512 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 31 Jan 2023 20:12:40 +0100
Subject: [PATCH 1799/2300] Update PHP-FPM-73.sh

---
 install/debian/10/templates/web/apache2/PHP-FPM-73.sh | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/install/debian/10/templates/web/apache2/PHP-FPM-73.sh b/install/debian/10/templates/web/apache2/PHP-FPM-73.sh
index 57b10863..a2fea927 100755
--- a/install/debian/10/templates/web/apache2/PHP-FPM-73.sh
+++ b/install/debian/10/templates/web/apache2/PHP-FPM-73.sh
@@ -18,7 +18,7 @@ group = $1
 
 pm = ondemand
 pm.max_children = 8
-request_terminate_timeout = 90s
+request_terminate_timeout = 360s
 pm.max_requests = 4000
 pm.process_idle_timeout = 10s
 pm.status_path = /status
@@ -26,10 +26,10 @@ pm.status_path = /status
 php_admin_value[upload_tmp_dir] = /home/$1/tmp
 php_admin_value[session.save_path] = /home/$1/tmp
 php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
-php_admin_value[upload_max_filesize] = 80M
-php_admin_value[max_execution_time] = 30
-php_admin_value[post_max_size] = 80M
-php_admin_value[memory_limit] = 256M
+php_admin_value[upload_max_filesize] = 800M
+php_admin_value[max_execution_time] = 300
+php_admin_value[post_max_size] = 800M
+php_admin_value[memory_limit] = 512M
 php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
 php_admin_flag[mysql.allow_persistent] = off
 php_admin_flag[safe_mode] = off

From 780f63732517846b4575b9bfdfe79c399b224e89 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 31 Jan 2023 20:13:31 +0100
Subject: [PATCH 1800/2300] Update PHP-FPM-73-public.sh

---
 .../10/templates/web/apache2/PHP-FPM-73-public.sh      | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/install/debian/10/templates/web/apache2/PHP-FPM-73-public.sh b/install/debian/10/templates/web/apache2/PHP-FPM-73-public.sh
index 57b10863..a2fea927 100755
--- a/install/debian/10/templates/web/apache2/PHP-FPM-73-public.sh
+++ b/install/debian/10/templates/web/apache2/PHP-FPM-73-public.sh
@@ -18,7 +18,7 @@ group = $1
 
 pm = ondemand
 pm.max_children = 8
-request_terminate_timeout = 90s
+request_terminate_timeout = 360s
 pm.max_requests = 4000
 pm.process_idle_timeout = 10s
 pm.status_path = /status
@@ -26,10 +26,10 @@ pm.status_path = /status
 php_admin_value[upload_tmp_dir] = /home/$1/tmp
 php_admin_value[session.save_path] = /home/$1/tmp
 php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
-php_admin_value[upload_max_filesize] = 80M
-php_admin_value[max_execution_time] = 30
-php_admin_value[post_max_size] = 80M
-php_admin_value[memory_limit] = 256M
+php_admin_value[upload_max_filesize] = 800M
+php_admin_value[max_execution_time] = 300
+php_admin_value[post_max_size] = 800M
+php_admin_value[memory_limit] = 512M
 php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
 php_admin_flag[mysql.allow_persistent] = off
 php_admin_flag[safe_mode] = off

From bfd822092c00efe3bed25028cad32bdcf51b0e21 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 31 Jan 2023 20:22:44 +0100
Subject: [PATCH 1801/2300] Creating /etc/nginx/.htpasswd if it does not exist

---
 src/deb/vesta/postinst | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index cc798224..975d12cd 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -31,6 +31,11 @@ if [ "$release" -eq 11 ]; then
     sed -i "s/yescrypt/sha512/g" /etc/pam.d/common-password
 fi
 
+# Creating /etc/nginx/.htpasswd if it does not exist
+if [ ! -f "/etc/nginx/.htpasswd" ]; then
+    echo 'private:$apr1$0MYnchM5$yVi/OTfp7o3lGNst/a8.90' > /etc/nginx/.htpasswd
+fi
+
 # Fixing Gmail hosts_try_fastopen in Exim4
 if [ "$release" -eq 11 ]; then
 	if [ -f "/etc/exim4/exim4.conf.template" ]; then 

From 151159f9d307d16e66183704e67339e76a2665c1 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 31 Jan 2023 21:51:19 +0100
Subject: [PATCH 1802/2300] fpm pool.d conf tweak

---
 .../for-download/tools/apache-fpm-tpl/PHP-FPM-56.sh    | 10 +++++-----
 .../for-download/tools/apache-fpm-tpl/PHP-FPM-70.sh    | 10 +++++-----
 .../for-download/tools/apache-fpm-tpl/PHP-FPM-71.sh    | 10 +++++-----
 .../for-download/tools/apache-fpm-tpl/PHP-FPM-72.sh    | 10 +++++-----
 .../tools/apache-fpm-tpl/PHP-FPM-73-public.sh          | 10 +++++-----
 .../for-download/tools/apache-fpm-tpl/PHP-FPM-73.sh    | 10 +++++-----
 .../tools/apache-fpm-tpl/PHP-FPM-74-public.sh          | 10 +++++-----
 .../for-download/tools/apache-fpm-tpl/PHP-FPM-74.sh    | 10 +++++-----
 .../tools/apache-fpm-tpl/PHP-FPM-80-public.sh          | 10 +++++-----
 .../for-download/tools/apache-fpm-tpl/PHP-FPM-80.sh    | 10 +++++-----
 .../tools/apache-fpm-tpl/PHP-FPM-81-public.sh          | 10 +++++-----
 .../for-download/tools/apache-fpm-tpl/PHP-FPM-81.sh    | 10 +++++-----
 12 files changed, 60 insertions(+), 60 deletions(-)

diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-56.sh b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-56.sh
index b9137821..081aaf19 100755
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-56.sh
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-56.sh
@@ -18,7 +18,7 @@ group = $1
 
 pm = ondemand
 pm.max_children = 8
-request_terminate_timeout = 90s
+request_terminate_timeout = 360s
 pm.max_requests = 4000
 pm.process_idle_timeout = 10s
 pm.status_path = /status
@@ -26,10 +26,10 @@ pm.status_path = /status
 php_admin_value[upload_tmp_dir] = /home/$1/tmp
 php_admin_value[session.save_path] = /home/$1/tmp
 php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
-php_admin_value[upload_max_filesize] = 80M
-php_admin_value[max_execution_time] = 30
-php_admin_value[post_max_size] = 80M
-php_admin_value[memory_limit] = 256M
+php_admin_value[upload_max_filesize] = 800M
+php_admin_value[max_execution_time] = 300
+php_admin_value[post_max_size] = 800M
+php_admin_value[memory_limit] = 512M
 php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
 php_admin_flag[mysql.allow_persistent] = off
 php_admin_flag[safe_mode] = off
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-70.sh b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-70.sh
index 0e742ad8..10c58c57 100755
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-70.sh
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-70.sh
@@ -18,7 +18,7 @@ group = $1
 
 pm = ondemand
 pm.max_children = 8
-request_terminate_timeout = 90s
+request_terminate_timeout = 360s
 pm.max_requests = 4000
 pm.process_idle_timeout = 10s
 pm.status_path = /status
@@ -26,10 +26,10 @@ pm.status_path = /status
 php_admin_value[upload_tmp_dir] = /home/$1/tmp
 php_admin_value[session.save_path] = /home/$1/tmp
 php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
-php_admin_value[upload_max_filesize] = 80M
-php_admin_value[max_execution_time] = 30
-php_admin_value[post_max_size] = 80M
-php_admin_value[memory_limit] = 256M
+php_admin_value[upload_max_filesize] = 800M
+php_admin_value[max_execution_time] = 300
+php_admin_value[post_max_size] = 800M
+php_admin_value[memory_limit] = 512M
 php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
 php_admin_flag[mysql.allow_persistent] = off
 php_admin_flag[safe_mode] = off
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-71.sh b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-71.sh
index 6110e898..90230674 100755
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-71.sh
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-71.sh
@@ -18,7 +18,7 @@ group = $1
 
 pm = ondemand
 pm.max_children = 8
-request_terminate_timeout = 90s
+request_terminate_timeout = 360s
 pm.max_requests = 4000
 pm.process_idle_timeout = 10s
 pm.status_path = /status
@@ -26,10 +26,10 @@ pm.status_path = /status
 php_admin_value[upload_tmp_dir] = /home/$1/tmp
 php_admin_value[session.save_path] = /home/$1/tmp
 php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
-php_admin_value[upload_max_filesize] = 80M
-php_admin_value[max_execution_time] = 30
-php_admin_value[post_max_size] = 80M
-php_admin_value[memory_limit] = 256M
+php_admin_value[upload_max_filesize] = 800M
+php_admin_value[max_execution_time] = 300
+php_admin_value[post_max_size] = 800M
+php_admin_value[memory_limit] = 512M
 php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
 php_admin_flag[mysql.allow_persistent] = off
 php_admin_flag[safe_mode] = off
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-72.sh b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-72.sh
index 6541a0dc..cc76256e 100755
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-72.sh
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-72.sh
@@ -18,7 +18,7 @@ group = $1
 
 pm = ondemand
 pm.max_children = 8
-request_terminate_timeout = 90s
+request_terminate_timeout = 360s
 pm.max_requests = 4000
 pm.process_idle_timeout = 10s
 pm.status_path = /status
@@ -26,10 +26,10 @@ pm.status_path = /status
 php_admin_value[upload_tmp_dir] = /home/$1/tmp
 php_admin_value[session.save_path] = /home/$1/tmp
 php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
-php_admin_value[upload_max_filesize] = 80M
-php_admin_value[max_execution_time] = 30
-php_admin_value[post_max_size] = 80M
-php_admin_value[memory_limit] = 256M
+php_admin_value[upload_max_filesize] = 800M
+php_admin_value[max_execution_time] = 300
+php_admin_value[post_max_size] = 800M
+php_admin_value[memory_limit] = 512M
 php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
 php_admin_flag[mysql.allow_persistent] = off
 php_admin_flag[safe_mode] = off
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73-public.sh b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73-public.sh
index 57b10863..a2fea927 100755
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73-public.sh
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73-public.sh
@@ -18,7 +18,7 @@ group = $1
 
 pm = ondemand
 pm.max_children = 8
-request_terminate_timeout = 90s
+request_terminate_timeout = 360s
 pm.max_requests = 4000
 pm.process_idle_timeout = 10s
 pm.status_path = /status
@@ -26,10 +26,10 @@ pm.status_path = /status
 php_admin_value[upload_tmp_dir] = /home/$1/tmp
 php_admin_value[session.save_path] = /home/$1/tmp
 php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
-php_admin_value[upload_max_filesize] = 80M
-php_admin_value[max_execution_time] = 30
-php_admin_value[post_max_size] = 80M
-php_admin_value[memory_limit] = 256M
+php_admin_value[upload_max_filesize] = 800M
+php_admin_value[max_execution_time] = 300
+php_admin_value[post_max_size] = 800M
+php_admin_value[memory_limit] = 512M
 php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
 php_admin_flag[mysql.allow_persistent] = off
 php_admin_flag[safe_mode] = off
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73.sh b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73.sh
index 57b10863..a2fea927 100755
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73.sh
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73.sh
@@ -18,7 +18,7 @@ group = $1
 
 pm = ondemand
 pm.max_children = 8
-request_terminate_timeout = 90s
+request_terminate_timeout = 360s
 pm.max_requests = 4000
 pm.process_idle_timeout = 10s
 pm.status_path = /status
@@ -26,10 +26,10 @@ pm.status_path = /status
 php_admin_value[upload_tmp_dir] = /home/$1/tmp
 php_admin_value[session.save_path] = /home/$1/tmp
 php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
-php_admin_value[upload_max_filesize] = 80M
-php_admin_value[max_execution_time] = 30
-php_admin_value[post_max_size] = 80M
-php_admin_value[memory_limit] = 256M
+php_admin_value[upload_max_filesize] = 800M
+php_admin_value[max_execution_time] = 300
+php_admin_value[post_max_size] = 800M
+php_admin_value[memory_limit] = 512M
 php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
 php_admin_flag[mysql.allow_persistent] = off
 php_admin_flag[safe_mode] = off
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74-public.sh b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74-public.sh
index 0ff7b21b..e72bb003 100755
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74-public.sh
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74-public.sh
@@ -18,7 +18,7 @@ group = $1
 
 pm = ondemand
 pm.max_children = 8
-request_terminate_timeout = 90s
+request_terminate_timeout = 360s
 pm.max_requests = 4000
 pm.process_idle_timeout = 10s
 pm.status_path = /status
@@ -26,10 +26,10 @@ pm.status_path = /status
 php_admin_value[upload_tmp_dir] = /home/$1/tmp
 php_admin_value[session.save_path] = /home/$1/tmp
 php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
-php_admin_value[upload_max_filesize] = 80M
-php_admin_value[max_execution_time] = 30
-php_admin_value[post_max_size] = 80M
-php_admin_value[memory_limit] = 256M
+php_admin_value[upload_max_filesize] = 800M
+php_admin_value[max_execution_time] = 300
+php_admin_value[post_max_size] = 800M
+php_admin_value[memory_limit] = 512M
 php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
 php_admin_flag[mysql.allow_persistent] = off
 php_admin_flag[safe_mode] = off
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74.sh b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74.sh
index 0ff7b21b..e72bb003 100755
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74.sh
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74.sh
@@ -18,7 +18,7 @@ group = $1
 
 pm = ondemand
 pm.max_children = 8
-request_terminate_timeout = 90s
+request_terminate_timeout = 360s
 pm.max_requests = 4000
 pm.process_idle_timeout = 10s
 pm.status_path = /status
@@ -26,10 +26,10 @@ pm.status_path = /status
 php_admin_value[upload_tmp_dir] = /home/$1/tmp
 php_admin_value[session.save_path] = /home/$1/tmp
 php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
-php_admin_value[upload_max_filesize] = 80M
-php_admin_value[max_execution_time] = 30
-php_admin_value[post_max_size] = 80M
-php_admin_value[memory_limit] = 256M
+php_admin_value[upload_max_filesize] = 800M
+php_admin_value[max_execution_time] = 300
+php_admin_value[post_max_size] = 800M
+php_admin_value[memory_limit] = 512M
 php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
 php_admin_flag[mysql.allow_persistent] = off
 php_admin_flag[safe_mode] = off
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-80-public.sh b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-80-public.sh
index 343392c2..a4842ac9 100644
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-80-public.sh
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-80-public.sh
@@ -18,7 +18,7 @@ group = $1
 
 pm = ondemand
 pm.max_children = 8
-request_terminate_timeout = 90s
+request_terminate_timeout = 360s
 pm.max_requests = 4000
 pm.process_idle_timeout = 10s
 pm.status_path = /status
@@ -26,10 +26,10 @@ pm.status_path = /status
 php_admin_value[upload_tmp_dir] = /home/$1/tmp
 php_admin_value[session.save_path] = /home/$1/tmp
 php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
-php_admin_value[upload_max_filesize] = 80M
-php_admin_value[max_execution_time] = 30
-php_admin_value[post_max_size] = 80M
-php_admin_value[memory_limit] = 256M
+php_admin_value[upload_max_filesize] = 800M
+php_admin_value[max_execution_time] = 300
+php_admin_value[post_max_size] = 800M
+php_admin_value[memory_limit] = 512M
 php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
 php_admin_flag[mysql.allow_persistent] = off
 php_admin_flag[safe_mode] = off
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-80.sh b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-80.sh
index 343392c2..a4842ac9 100644
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-80.sh
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-80.sh
@@ -18,7 +18,7 @@ group = $1
 
 pm = ondemand
 pm.max_children = 8
-request_terminate_timeout = 90s
+request_terminate_timeout = 360s
 pm.max_requests = 4000
 pm.process_idle_timeout = 10s
 pm.status_path = /status
@@ -26,10 +26,10 @@ pm.status_path = /status
 php_admin_value[upload_tmp_dir] = /home/$1/tmp
 php_admin_value[session.save_path] = /home/$1/tmp
 php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
-php_admin_value[upload_max_filesize] = 80M
-php_admin_value[max_execution_time] = 30
-php_admin_value[post_max_size] = 80M
-php_admin_value[memory_limit] = 256M
+php_admin_value[upload_max_filesize] = 800M
+php_admin_value[max_execution_time] = 300
+php_admin_value[post_max_size] = 800M
+php_admin_value[memory_limit] = 512M
 php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
 php_admin_flag[mysql.allow_persistent] = off
 php_admin_flag[safe_mode] = off
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81-public.sh b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81-public.sh
index 67c8ccfb..4b4f9d78 100644
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81-public.sh
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81-public.sh
@@ -18,7 +18,7 @@ group = $1
 
 pm = ondemand
 pm.max_children = 8
-request_terminate_timeout = 90s
+request_terminate_timeout = 360s
 pm.max_requests = 4000
 pm.process_idle_timeout = 10s
 pm.status_path = /status
@@ -26,10 +26,10 @@ pm.status_path = /status
 php_admin_value[upload_tmp_dir] = /home/$1/tmp
 php_admin_value[session.save_path] = /home/$1/tmp
 php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
-php_admin_value[upload_max_filesize] = 80M
-php_admin_value[max_execution_time] = 30
-php_admin_value[post_max_size] = 80M
-php_admin_value[memory_limit] = 256M
+php_admin_value[upload_max_filesize] = 800M
+php_admin_value[max_execution_time] = 300
+php_admin_value[post_max_size] = 800M
+php_admin_value[memory_limit] = 512M
 php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
 php_admin_flag[mysql.allow_persistent] = off
 php_admin_flag[safe_mode] = off
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81.sh b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81.sh
index 67c8ccfb..4b4f9d78 100644
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81.sh
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81.sh
@@ -18,7 +18,7 @@ group = $1
 
 pm = ondemand
 pm.max_children = 8
-request_terminate_timeout = 90s
+request_terminate_timeout = 360s
 pm.max_requests = 4000
 pm.process_idle_timeout = 10s
 pm.status_path = /status
@@ -26,10 +26,10 @@ pm.status_path = /status
 php_admin_value[upload_tmp_dir] = /home/$1/tmp
 php_admin_value[session.save_path] = /home/$1/tmp
 php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
-php_admin_value[upload_max_filesize] = 80M
-php_admin_value[max_execution_time] = 30
-php_admin_value[post_max_size] = 80M
-php_admin_value[memory_limit] = 256M
+php_admin_value[upload_max_filesize] = 800M
+php_admin_value[max_execution_time] = 300
+php_admin_value[post_max_size] = 800M
+php_admin_value[memory_limit] = 512M
 php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
 php_admin_flag[mysql.allow_persistent] = off
 php_admin_flag[safe_mode] = off

From e8b9545a9d439682a7730eb50f2ce42e025a49fc Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 31 Jan 2023 21:56:18 +0100
Subject: [PATCH 1803/2300] CRLF to LF EOL

---
 .../wprocket-force-https.stpl                 | 86 +++++++++----------
 .../wprocket-hosting.stpl                     | 84 +++++++++---------
 2 files changed, 85 insertions(+), 85 deletions(-)

diff --git a/src/deb/for-download/tools/rocket-nginx-templates/wprocket-force-https.stpl b/src/deb/for-download/tools/rocket-nginx-templates/wprocket-force-https.stpl
index 6e1be1fd..58f1e9fa 100644
--- a/src/deb/for-download/tools/rocket-nginx-templates/wprocket-force-https.stpl
+++ b/src/deb/for-download/tools/rocket-nginx-templates/wprocket-force-https.stpl
@@ -1,43 +1,43 @@
-server {
-    listen      %ip%:%proxy_ssl_port% ssl http2;
-    server_name %domain_idn% %alias_idn%;
-
-    ssl_certificate      %ssl_pem%;
-    ssl_certificate_key  %ssl_key%;
-    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
-
-    root           %sdocroot%;
-    # Rocket-Nginx configuration
-    include rocket-nginx/conf.d/default.conf;
-
-    location / {
-        proxy_pass      https://%ip%:%web_ssl_port%;
-        location ~* ^.+\.(%proxy_extentions%)$ {
-            root           %sdocroot%;
-            access_log     /var/log/%web_system%/domains/%domain%.log combined;
-            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
-            expires        max;
-            # try_files      $uri @fallback;
-        }
-    }
-
-    location /error/ {
-        alias   %home%/%user%/web/%domain%/document_errors/;
-    }
-
-    location @fallback {
-        proxy_pass      https://%ip%:%web_ssl_port%;
-    }
-
-    location ~ /\.ht    {return 404;}
-    location ~ /\.env   {return 404;}
-    location ~ /\.svn/  {return 404;}
-    location ~ /\.git/  {return 404;}
-    location ~ /\.hg/   {return 404;}
-    location ~ /\.bzr/  {return 404;}
-
-    disable_symlinks if_not_owner from=%docroot%;
-
-    include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
-    include %home%/%user%/conf/web/s%proxy_system%.%domain%.conf*;
-}
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    root           %sdocroot%;
+    # Rocket-Nginx configuration
+    include rocket-nginx/conf.d/default.conf;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+    include %home%/%user%/conf/web/s%proxy_system%.%domain%.conf*;
+}
diff --git a/src/deb/for-download/tools/rocket-nginx-templates/wprocket-hosting.stpl b/src/deb/for-download/tools/rocket-nginx-templates/wprocket-hosting.stpl
index d7d6905f..d4eaeed8 100644
--- a/src/deb/for-download/tools/rocket-nginx-templates/wprocket-hosting.stpl
+++ b/src/deb/for-download/tools/rocket-nginx-templates/wprocket-hosting.stpl
@@ -1,42 +1,42 @@
-server {
-    listen      %ip%:%proxy_ssl_port% ssl http2;
-    server_name %domain_idn% %alias_idn%;
-
-    ssl_certificate      %ssl_pem%;
-    ssl_certificate_key  %ssl_key%;
-    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
-
-    root           %sdocroot%;
-    # Rocket-Nginx configuration
-    include rocket-nginx/conf.d/default.conf;
-
-    location / {
-        proxy_pass      https://%ip%:%web_ssl_port%;
-        location ~* ^.+\.(%proxy_extentions%)$ {
-            root           %sdocroot%;
-            access_log     /var/log/%web_system%/domains/%domain%.log combined;
-            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
-            expires        max;
-            # try_files      $uri @fallback;
-        }
-    }
-
-    location /error/ {
-        alias   %home%/%user%/web/%domain%/document_errors/;
-    }
-
-    location @fallback {
-        proxy_pass      https://%ip%:%web_ssl_port%;
-    }
-
-    location ~ /\.ht    {return 404;}
-    location ~ /\.env   {return 404;}
-    location ~ /\.svn/  {return 404;}
-    location ~ /\.git/  {return 404;}
-    location ~ /\.hg/   {return 404;}
-    location ~ /\.bzr/  {return 404;}
-
-    disable_symlinks if_not_owner from=%docroot%;
-
-    include %home%/%user%/conf/web/snginx.%domain%.conf*;
-}
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    root           %sdocroot%;
+    # Rocket-Nginx configuration
+    include rocket-nginx/conf.d/default.conf;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}

From fa94c7a2104e0fde015c4764c75ccc818419b491 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 31 Jan 2023 23:24:37 +0100
Subject: [PATCH 1804/2300] Update Changelog.md

---
 Changelog.md | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/Changelog.md b/Changelog.md
index b7e52d49..887ec04f 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -1,3 +1,10 @@
+Version 0.9.8-26-59 [01-Feb-2023]
+==================================================
+* Support for PHP 8.2
+* New script: v-move-folder-and-make-symlink
+* New script: v-lock-wordpress (to prevent PHP malware) and v-unlock-wordpress
+* Many minor bugfixes
+
 Version 0.9.8-26-58 [12-Jul-2022]
 ==================================================
 * [Security] hash_equals() in /reset/mail/ (credits to @divinity76 )

From 0e9a5304a5a1be6ce7f3befc43980830e5598ffd Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 31 Jan 2023 23:34:10 +0100
Subject: [PATCH 1805/2300] Installing WordPress to user_domain_com database

---
 bin/v-install-wordpress | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-install-wordpress b/bin/v-install-wordpress
index 91bbdf0a..0e24f847 100644
--- a/bin/v-install-wordpress
+++ b/bin/v-install-wordpress
@@ -49,7 +49,7 @@ is_object_unsuspended 'user' 'USER' "$user"
 source /usr/local/vesta/func/handle_parameters.sh
 
 if [ -z "$database" ]; then
-    database="wp"
+    database=$(echo "$domain" | sed 's#\.#_#g')
 fi
 
 if [ -z "$email" ]; then

From 1325a73661b12a2fd2cb1572de6b10efdfd8e1a9 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 31 Jan 2023 23:43:47 +0100
Subject: [PATCH 1806/2300] Update Changelog.md

---
 Changelog.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Changelog.md b/Changelog.md
index 887ec04f..f49b75e4 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -3,6 +3,7 @@ Version 0.9.8-26-59 [01-Feb-2023]
 * Support for PHP 8.2
 * New script: v-move-folder-and-make-symlink
 * New script: v-lock-wordpress (to prevent PHP malware) and v-unlock-wordpress
+* v-install-wordpress: Installing WordPress to user_domain_com database instead of installing to user_wp database
 * Many minor bugfixes
 
 Version 0.9.8-26-58 [12-Jul-2022]

From 0a17e3759b5d4cc77d2b71e92374eb65300308d2 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 31 Jan 2023 23:49:12 +0100
Subject: [PATCH 1807/2300] Version 0.9.8-26-59

---
 src/deb/latest.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/latest.txt b/src/deb/latest.txt
index 5a056019..44148247 100644
--- a/src/deb/latest.txt
+++ b/src/deb/latest.txt
@@ -1 +1 @@
-vesta-0.9.8-26-58
+vesta-0.9.8-26-59

From 8eb0b19a0bf78c5e2b0d0c4eb2fe1843c573267a Mon Sep 17 00:00:00 2001
From: isscbta <53144593+isscbta@users.noreply.github.com>
Date: Wed, 1 Feb 2023 19:37:14 +0100
Subject: [PATCH 1808/2300] Automatic installation of rocket-nginx for a given
 domain

---
 bin/v-activate-rocket-nginx.sh | 116 +++++++++++++++++++++++++++++++++
 1 file changed, 116 insertions(+)
 create mode 100644 bin/v-activate-rocket-nginx.sh

diff --git a/bin/v-activate-rocket-nginx.sh b/bin/v-activate-rocket-nginx.sh
new file mode 100644
index 00000000..36c6d768
--- /dev/null
+++ b/bin/v-activate-rocket-nginx.sh
@@ -0,0 +1,116 @@
+#!/bin/bash
+# info: Install rocket-nginx extension for certain domain
+# options: DOMAIN 
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+whoami=$(whoami)
+if [ "$whoami" != "root" ]; then
+    echo "You must be root to execute this script"
+    exit 1
+fi
+
+# Importing system environment
+source /etc/profile
+
+# Argument definition
+domain=$1
+
+user=$(/usr/local/vesta/bin/v-search-domain-owner $domain)
+USER=$user
+
+# Includes
+source /usr/local/vesta/func/main.sh
+source /usr/local/vesta/func/domain.sh
+
+if [ -z "$user" ]; then
+    check_result $E_NOTEXIST "domain $domain doesn't exist"
+fi
+
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '1' "$#" 'DOMAIN'
+is_format_valid 'domain'
+is_object_valid 'user' 'USER' "$user"
+is_object_unsuspended 'user' 'USER' "$user"
+
+if [ ! -d "/home/$user" ]; then
+    echo "User doesn't exist";
+    exit 1;
+fi
+
+if [ ! -d "/home/$user/web/$domain/public_html" ]; then
+    echo "Domain doesn't exist";
+    exit 1;
+fi
+
+if [ ! -d "/etc/nginx/rocket-nginx" ]; then
+    echo "rocket-nginx is not installed";
+    echo "Do you want to install it now (y/n)?"
+    read answer
+    if [ "$answer" == "y" ]; then
+        echo "Installing rocket-nginx..."
+        curl -sL https://c.myvestacp.com/tools/install-rocket-nginx.sh | bash -
+    else
+        echo "Exiting script"
+        exit 1;
+    fi
+fi
+
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Chaning Proxy Template
+echo "Do you want to force-https in your Proxy Template or not (y/n):"
+read answer
+if [ "$answer" == "y" ]; then
+    /usr/local/vesta/bin/v-change-web-domain-proxy-tpl "$user" "$domain" "wprocket-force-https"
+else
+    /usr/local/vesta/bin/v-change-web-domain-proxy-tpl "$user" "$domain" "wprocket-hosting"
+fi
+echo "Proxy Template is ready"
+
+# Checking if the website is WordPress
+if [ ! -f "/home/$user/web/$domain/public_html/wp-config.php" ]; then
+    echo 'Please install WordPress first.'
+    exit 1;
+fi
+
+# Disabling wp-cron in wp-config.php
+echo "Disabling WP-Cron in your wp-config.php..."
+string="define( 'DISABLE_WP_CRON', true );"
+line="define( 'DB_COLLATE', '' );"
+file="/home/$user/web/$domain/public_html/wp-config.php"
+sed -i "/$line/a $string" $file
+
+# Adding cron job
+echo "Adding cron job..."
+
+TPL=$(/usr/local/vesta/bin/v-list-web-domain $user $domain shell | grep 'TEMPLATE:' | awk '{print $2}')
+if [[ $TPL == "PHP-FPM-"* ]]; then
+    fpm_tpl_ver=${TPL:8:2}
+    fpm_ver="${TPL:8:1}.${TPL:9:1}"
+fi
+
+touch /home/$user/web/$domain/cron.log
+chown $user:$user /home/$user/web/$domain/cron.log
+
+case $fpm_ver in
+    5.6 | 7.0 | 7.1 | 7.2 | 7.3 | 7.4 | 8.0 | 8.1 | 8.2) 
+    /usr/local/vesta/bin/v-add-cron-job "$user" "*/15" "*" "*" "*" "*" "cd /home/$user/web/$domain/public_html; /usr/bin/php$fpm_ver wp-cron.php >/home/$user/web/$domain/cron.log 2>&1"
+    ;;
+esac
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+echo "Installation is completed."
+
+exit

From c263c3322c5cf0c493bbfedd6361243b06975948 Mon Sep 17 00:00:00 2001
From: isscbta <53144593+isscbta@users.noreply.github.com>
Date: Wed, 1 Feb 2023 19:40:01 +0100
Subject: [PATCH 1809/2300] Update v-activate-rocket-nginx.sh

---
 bin/v-activate-rocket-nginx.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-activate-rocket-nginx.sh b/bin/v-activate-rocket-nginx.sh
index 36c6d768..93deab0a 100644
--- a/bin/v-activate-rocket-nginx.sh
+++ b/bin/v-activate-rocket-nginx.sh
@@ -67,7 +67,7 @@ fi
 #                       Action                             #
 #----------------------------------------------------------#
 
-# Chaning Proxy Template
+# Changing Proxy Template
 echo "Do you want to force-https in your Proxy Template or not (y/n):"
 read answer
 if [ "$answer" == "y" ]; then

From 2d8fc21ba7565b8e6fe4834cbace520be6e82c9c Mon Sep 17 00:00:00 2001
From: isscbta <53144593+isscbta@users.noreply.github.com>
Date: Wed, 1 Feb 2023 20:07:07 +0100
Subject: [PATCH 1810/2300] Update v-activate-rocket-nginx.sh

---
 bin/v-activate-rocket-nginx.sh | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/bin/v-activate-rocket-nginx.sh b/bin/v-activate-rocket-nginx.sh
index 93deab0a..b2f7b682 100644
--- a/bin/v-activate-rocket-nginx.sh
+++ b/bin/v-activate-rocket-nginx.sh
@@ -112,5 +112,7 @@ esac
 #                       Vesta                              #
 #----------------------------------------------------------#
 echo "Installation is completed."
+echo "Checking RESPONSE HEADERS (You should see x-rocket-nginx-serving-static if the WP Rocket plugin is activated):"
+curl -I https://$domain
 
 exit

From 1c33f9cfd25e2cbf448d0913866200a7ee8f387b Mon Sep 17 00:00:00 2001
From: isscbta <53144593+isscbta@users.noreply.github.com>
Date: Thu, 2 Feb 2023 11:37:42 +0100
Subject: [PATCH 1811/2300] Update v-activate-rocket-nginx.sh

---
 bin/v-activate-rocket-nginx.sh | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/bin/v-activate-rocket-nginx.sh b/bin/v-activate-rocket-nginx.sh
index b2f7b682..1b8561c3 100644
--- a/bin/v-activate-rocket-nginx.sh
+++ b/bin/v-activate-rocket-nginx.sh
@@ -49,6 +49,11 @@ if [ ! -d "/home/$user/web/$domain/public_html" ]; then
     exit 1;
 fi
 
+if [ ! -f "/home/$user/web/$domain/public_html/wp-config.php" ]; then
+    echo 'Please install WordPress first.'
+    exit 1;
+fi
+
 if [ ! -d "/etc/nginx/rocket-nginx" ]; then
     echo "rocket-nginx is not installed";
     echo "Do you want to install it now (y/n)?"
@@ -77,12 +82,6 @@ else
 fi
 echo "Proxy Template is ready"
 
-# Checking if the website is WordPress
-if [ ! -f "/home/$user/web/$domain/public_html/wp-config.php" ]; then
-    echo 'Please install WordPress first.'
-    exit 1;
-fi
-
 # Disabling wp-cron in wp-config.php
 echo "Disabling WP-Cron in your wp-config.php..."
 string="define( 'DISABLE_WP_CRON', true );"

From d940389c153cb476df3c54ad7bec91a9f215708a Mon Sep 17 00:00:00 2001
From: isscbta <53144593+isscbta@users.noreply.github.com>
Date: Thu, 2 Feb 2023 13:44:29 +0100
Subject: [PATCH 1812/2300] Script to determine which PHP version a given
 domain is using

---
 bin/v-get-php-version-of-domain.sh | 69 ++++++++++++++++++++++++++++++
 1 file changed, 69 insertions(+)
 create mode 100644 bin/v-get-php-version-of-domain.sh

diff --git a/bin/v-get-php-version-of-domain.sh b/bin/v-get-php-version-of-domain.sh
new file mode 100644
index 00000000..bd0e7a51
--- /dev/null
+++ b/bin/v-get-php-version-of-domain.sh
@@ -0,0 +1,69 @@
+#!/bin/bash
+# info: Check PHP version used for certain domain
+# options: DOMAIN 
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+whoami=$(whoami)
+if [ "$whoami" != "root" ]; then
+    echo "You must be root to execute this script"
+    exit 1
+fi
+
+# Importing system environment
+source /etc/profile
+
+# Argument definition
+domain=$1
+
+user=$(/usr/local/vesta/bin/v-search-domain-owner $domain)
+USER=$user
+
+# Includes
+source /usr/local/vesta/func/main.sh
+source /usr/local/vesta/func/domain.sh
+
+if [ -z "$user" ]; then
+    check_result $E_NOTEXIST "domain $domain doesn't exist"
+fi
+
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '1' "$#" 'DOMAIN'
+is_format_valid 'domain'
+is_object_valid 'user' 'USER' "$user"
+is_object_unsuspended 'user' 'USER' "$user"
+
+if [ ! -d "/home/$user" ]; then
+    echo "User doesn't exist";
+    exit 1;
+fi
+
+if [ ! -d "/home/$user/web/$domain/public_html" ]; then
+    echo "Domain doesn't exist";
+    exit 1;
+fi
+
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+
+TPL=$(/usr/local/vesta/bin/v-list-web-domain $user $domain shell | grep 'TEMPLATE:' | awk '{print $2}')
+if [[ $TPL == "PHP-FPM-"* ]]; then
+    fpm_tpl_ver=${TPL:8:2}
+    fpm_ver="${TPL:8:1}.${TPL:9:1}"
+fi
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+echo "PHP-FPM version running on given domain is: $fpm_ver"
+
+exit

From 15e5f3bc81d9e36d8e63c920eb9636d241a7c250 Mon Sep 17 00:00:00 2001
From: isscbta <53144593+isscbta@users.noreply.github.com>
Date: Thu, 2 Feb 2023 13:49:00 +0100
Subject: [PATCH 1813/2300] Rename v-get-php-version-of-domain.sh to
 v-get-php-version-of-domain

---
 ...v-get-php-version-of-domain.sh => v-get-php-version-of-domain} | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 rename bin/{v-get-php-version-of-domain.sh => v-get-php-version-of-domain} (100%)

diff --git a/bin/v-get-php-version-of-domain.sh b/bin/v-get-php-version-of-domain
similarity index 100%
rename from bin/v-get-php-version-of-domain.sh
rename to bin/v-get-php-version-of-domain

From ab0b8c53c4c028a5e76f79d96b47ef761106b6aa Mon Sep 17 00:00:00 2001
From: isscbta <53144593+isscbta@users.noreply.github.com>
Date: Thu, 2 Feb 2023 14:28:37 +0100
Subject: [PATCH 1814/2300] Rename v-activate-rocket-nginx.sh to
 v-activate-rocket-nginx

---
 bin/{v-activate-rocket-nginx.sh => v-activate-rocket-nginx} | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 rename bin/{v-activate-rocket-nginx.sh => v-activate-rocket-nginx} (100%)

diff --git a/bin/v-activate-rocket-nginx.sh b/bin/v-activate-rocket-nginx
similarity index 100%
rename from bin/v-activate-rocket-nginx.sh
rename to bin/v-activate-rocket-nginx

From 1ecd2277851cdf6813658640b08b2ff2466edcce Mon Sep 17 00:00:00 2001
From: Umut Korkmaz 
Date: Sat, 4 Feb 2023 01:58:49 +0300
Subject: [PATCH 1815/2300] Untranslated fields translated, typos fixed

---
 web/inc/i18n/tr.php | 151 ++++++++++++++++++++++----------------------
 1 file changed, 76 insertions(+), 75 deletions(-)

diff --git a/web/inc/i18n/tr.php b/web/inc/i18n/tr.php
index a7fadc43..7aac0098 100644
--- a/web/inc/i18n/tr.php
+++ b/web/inc/i18n/tr.php
@@ -3,6 +3,7 @@
  * Vesta turkish language file
  * 2014.11.01 Özgür Bozkurt (info@ozgurbozkurt.com/ozgur@forum.vestacp.com)
  * 2016.06.27 Selim Can CABA (info@selimcancaba.com)
+ * 2023.02.04 Umut Korkmaz (umutkorkmaaz@gmail.com)
  */
 
 $LANG['tr'] = array(
@@ -26,22 +27,22 @@ $LANG['tr'] = array(
     'CRON'  => 'CRON',
     'BACKUP'  => 'YEDEK',
 
-    'LOGIN'  => 'LOGIN',
-    'RESET PASSWORD'  => 'RESET PASSWORD',
-    'SEARCH'  => 'SEARCH',
-    'PACKAGE'  => 'PACKAGE',
+    'LOGIN'  => 'GİRİŞ',
+    'RESET PASSWORD'  => 'PAROLAYI SIFIRLA',
+    'SEARCH'  => 'ARA',
+    'PACKAGE'  => 'PAKET',
     'RRD'  => 'RRD',
-    'STATS'  => 'STATS',
+    'STATS'  => 'ISTATISTIKLER',
     'LOG'  => 'LOG',
-    'UPDATES'  => 'UPDATES',
-    'FIREWALL'  => 'FIREWALL',
-    'SERVER'  => 'SERVER',
-    'MEMORY'  => 'MEMORY',
+    'UPDATES'  => 'GÜNCELLEMELER',
+    'FIREWALL'  => 'GÜVENLİK DUVARI',
+    'SERVER'  => 'SUNUCU',
+    'MEMORY'  => 'BELLEK',
     'DISK'  => 'DISK',
-    'NETWORK'  => 'NETWORK',
+    'NETWORK'  => 'AĞ',
     'Web Log Manager'  => 'Web Log Manager',
 
-    'no notifications'  => 'no notifications',
+    'no notifications'  => 'bildirim yok',
 
     'Add User'  => 'Kullanıcı Ekle',
     'Add Domain'  => 'Alan Adı Ekle',
@@ -84,7 +85,7 @@ $LANG['tr'] = array(
     'unsuspend'  => 'devam ettir',
     'delete'  => 'sil',
     'show per user'  => 'kullanıcı başına göster',
-    'login as'  => 'giriş yapıldı:',
+    'login as'  => 'giriş yap:',
     'logout'  => 'oturumu kapat',
     'edit'  => 'düzenle',
     'open webstats'  => 'webstats aç',
@@ -110,7 +111,7 @@ $LANG['tr'] = array(
     'disable autoupdate' => 'otomatik güncellemeyi pasif hale getir',
     'turn on notifications' => 'duyuruları aç',
     'turn off notifications' => 'duyuruları kapat',
-    'configure' => 'configure',
+    'configure' => 'yapılandır',
 
     'Adding User'  => 'Kullanıcı Ekleme',
     'Editing User'  => 'Kullanıcı Düzenleme',
@@ -186,22 +187,22 @@ $LANG['tr'] = array(
     'Mail Accounts'  => 'Posta Hesapları',
     'Cron Jobs'  => 'Zamanlanmış Görevler',
     'SSH Access'  => 'SSH Erişimi',
-    'IP Address'  => 'IP Address',
+    'IP Address'  => 'IP Adresi',
     'IP Addresses'  => 'IP Adresleri',
     'Backups'  => 'Yedekler',
     'Backup System'  => 'Yedekleme Sistemi',
     'backup exclusions' => 'yedekleme istisnaları',
     'template'  => 'template',
-    'SSL Support'  => 'SSL Support',
-    'SSL Home Directory'  => 'SSL Home',
-    'Lets Encrypt Support'  => 'Lets Encrypt Support',
+    'SSL Support'  => 'SSL Desteği',
+    'SSL Home Directory'  => 'SSL Dizini',
+    'Lets Encrypt Support'  => 'Lets Encrypt Desteği',
     'Lets Encrypt'  => 'Lets Encrypt',
-    'Your certificate will be automatically issued in 5 minutes' => 'Your certificate will be automatically issued in 5 minutes',
+    'Your certificate will be automatically issued in 5 minutes' => 'Sertifikanız 5 dakika içinde otomatik olarak verilecektir.',
     'Proxy Support'  => 'Proxy Desteği',
     'Proxy Extensions'  => 'Proxy Uzantıları',
     'Web Statistics'  => 'Web İstatistikleri',
     'Additional FTP Account'  => 'İlave FTP Hesabı',
-    'Path'  => 'Path',
+    'Path'  => 'Ana dizin',
     'SOA'  => 'SOA',
     'TTL'  => 'TTL',
     'Expire'  => 'Sonlanış',
@@ -216,19 +217,19 @@ $LANG['tr'] = array(
     'Autoreply'  => 'Otomatik Cevap',
     'Forward to'  => 'Şuraya yönlendir',
     'Do not store forwarded mail' => 'Yönlendirilmiş postaları depolama',
-    'IMAP hostname'  => 'IMAP hostname',
+    'IMAP hostname'  => 'IMAP sunucusu',
     'IMAP port'  => 'IMAP port',
-    'IMAP security'  => 'IMAP security',
-    'IMAP auth method'  => 'IMAP auth method',
-    'SMTP hostname'  => 'SMTP hostname',
+    'IMAP security'  => 'IMAP güvenliği',
+    'IMAP auth method'  => 'IMAP giriş metodu',
+    'SMTP hostname'  => 'SMTP sunucusu',
     'SMTP port'  => 'SMTP port',
-    'SMTP security'  => 'SMTP security',
-    'SMTP auth method'  => 'SMTP auth method',
+    'SMTP security'  => 'SMTP güvenliği',
+    'SMTP auth method'  => 'SMTP giriş metodu',
     'STARTTLS'  => 'STARTTLS',
-    'Normal password'  => 'Normal password',
+    'Normal password'  => 'Normal parola',
     'database'  => 'veritabanı',
     'User'  => 'Kullanıcı',
-    'Host'  => 'Host',
+    'Host'  => 'Sunucu',
     'Charset'  => 'Karakter Seti',
     'Min'  => 'Dak',
     'Hour'  => 'Saat',
@@ -247,14 +248,14 @@ $LANG['tr'] = array(
     'Users'  => 'Kullanıcılar',
     'Load Average'  => 'Sistem Yükü',
     'Memory Usage'  => 'Hafıza Kullanımı',
-    'APACHE2 Usage'  => 'APACHE2 Usage',
+    'APACHE2 Usage'  => 'APACHE2 Kullanımı',
     'HTTPD Usage'  => 'HTTPD Kullanımı',
     'NGINX Usage'  => 'NGINX Kullanımı',
     'MySQL Usage on localhost'  => 'Localhost Üzerindeki MySQL Kullanımı',
     'PostgreSQL Usage on localhost'  => 'Localhost Üzerindeki PostgreSQL Kullanımı',
     'Bandwidth Usage eth0'  => 'eth0 Trafik Kullanımı',
     'Bandwidth Usage eth1'  => 'eth1 Trafik Kullanımı',
-    'Exim Usage'  => 'Exim Usage',
+    'Exim Usage'  => 'Exim Kullanımı',
     'FTP Usage'  => 'FTP Kullanımı',
     'SSH Usage'  => 'SSH Kullanımı',
     'reverse proxy'  => 'reverse proxy',
@@ -293,7 +294,7 @@ $LANG['tr'] = array(
     'DNS Support'  => 'DNS Desteği',
     'Mail Support'  => 'Mail Desteği',
     'Advanced options'  => 'Gelişmiş seçenekler',
-    'Basic options'  => 'Basic options',
+    'Basic options'  => 'Basit seçenekler',
     'Aliases'  => 'Takma adlar (Alias)',
     'SSL Certificate'  => 'SSL Sertifikası',
     'SSL Key'  => 'SSL Anahtarı (Key)',
@@ -397,7 +398,7 @@ $LANG['tr'] = array(
     'SSH' => 'SSH',
     'FTP' => 'FTP',
     'VESTA' => 'VESTA',
-    'Add one more Name Server' => 'Add one more Name Server',
+    'Add one more Name Server' => 'Bir Name Server daha ekle',
 
     'web domain' => 'web domain',
     'dns domain' => 'dns domain',
@@ -449,17 +450,17 @@ $LANG['tr'] = array(
     'MAIL_ACCOUNT_CREATED_OK'  => '%s@%s mail hesabı başarıyla oluşturuldu',
     'DATABASE_CREATED_OK'  => '%s veritabanı başarıyla oluşturuldu.',
     'CRON_CREATED_OK'  => 'Zamanlanmış görev başarıyla oluşturuldu.',
-    'IP_CREATED_OK'  => '%s ip adresi başarıyla oluşturuldu.',
+    'IP_CREATED_OK'  => '%s IP adresi başarıyla oluşturuldu.',
     'PACKAGE_CREATED_OK'  => '%s paketi başarıyla oluşturuldu.',
     'SSL_GENERATED_OK' => 'Sertifika başarıyla oluşturuldu.',
     'RULE_CREATED_OK' => 'Kural başarıyla oluşturuldu.',
-    'BANLIST_CREATED_OK' => 'IP address has been banned successfully',
+    'BANLIST_CREATED_OK' => 'IP adresi başarıyla engellendi',
     'Autoupdate has been successfully enabled' => 'Otomatik güncelleme başarıyla aktifleştirildi',
     'Autoupdate has been successfully disabled' => 'Otomatik güncelleme başarıyla pasifleştirildi',
     'Cronjob email reporting has been successfully enabled' => 'Zamanlanmış görev e-posta raporlama başarıyla aktif hale getirildi',
     'Cronjob email reporting has been successfully disabled' => 'Zamanlanmış görev e-posta raporlama başarıyla pasif hale getirildi',
     'Changes has been saved.'  => 'Değişiklikler kaydedildi.',
-    'Confirmation'  => 'Onaylama',
+    'Confirmation'  => 'Onayla',
     'DELETE_USER_CONFIRMATION' => '%s kullanıcısını silmek istediğinize emin misiniz?',
     'SUSPEND_USER_CONFIRMATION' => '%s kullanıcısını askıya almak istediğinize emin misiniz?',
     'UNSUSPEND_USER_CONFIRMATION' => '%s kullanıcısını devam ettirmek istediğinize emin misiniz?',
@@ -488,7 +489,7 @@ $LANG['tr'] = array(
     'LEAVE_PAGE_CONFIRMATION' => 'Leave Page?',
     'RESTART_CONFIRMATION' => '%s yeniden başlatılacak. Onaylıyor musunuz?',
     'Welcome'  => 'Hoşgeldiniz',
-    'LOGGED_IN_AS'  => '%s kullanıcısı olarak oturum aç',
+    'LOGGED_IN_AS'  => '%s kullanıcısı olarak oturum açıldı',
     'Error'  => 'Hata',
     'Invalid username or password'  => 'Geçersiz kullanıcı adı veya şifre',
     'Invalid username or code'  => 'Geçersiz kullanıcı adı veya kod',
@@ -548,30 +549,30 @@ $LANG['tr'] = array(
     'Dec' => 'Ara',
 
     'Configuring Server' => 'Sunucu Yapılandırma',
-    'Hostname' => 'Hostadı',
+    'Hostname' => 'Sunucu Adı',
     'Time Zone' => 'Zaman Dilimi',
     'Default Language' => 'Varsayılan Dil',
-    'Proxy Server' => 'Proxy Server',
-    'Web Server' => 'Web Server',
-    'Backend Server' => 'Backend Server',
+    'Proxy Server' => 'Proxy Sunucusu',
+    'Web Server' => 'Web Sunucusu',
+    'Backend Server' => 'Backend Sunucusu',
     'Backend Pool Mode' => 'Backend Pool Mode',
-    'DNS Server' => 'DNS Server',
+    'DNS Server' => 'DNS Sunucusu',
     'DNS Cluster' => 'DNS Cluster',
-    'MAIL Server' => 'MAIL Server',
+    'MAIL Server' => 'MAIL Sunucusu',
     'Antivirus' => 'Antivirus',
     'AntiSpam' => 'AntiSpam',
-    'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate',
+    'Use Web Domain SSL Certificate' => 'Web Alan Adının SSL Sertifikasını Kullan',
     'Webmail URL' => 'Webmail URL',
-    'MySQL Support' => 'MySQL Support',
+    'MySQL Support' => 'MySQL Desteği',
     'phpMyAdmin URL' => 'phpMyAdmin URL',
-    'PostgreSQL Support' => 'PostgreSQL Support',
+    'PostgreSQL Support' => 'PostgreSQL Desteği',
     'phpPgAdmin URL' => 'phpPgAdmin URL',
-    'Maximum Number Of Databases' => 'Maximum Number Of Databases',
-    'Current Number Of Databases' => 'Current Number Of Databases',
-    'Local backup' => 'Local backup',
-    'Compression level' => 'Compression level',
-    'Directory' => 'Directory',
-    'Remote backup' => 'Remote backup',
+    'Maximum Number Of Databases' => 'Maksimum Veritabanı Sayısı',
+    'Current Number Of Databases' => 'Mevcut Veritabanı Sayısı',
+    'Local backup' => 'Yerel Yedek',
+    'Compression level' => 'Sıkıştırma seviyesi',
+    'Directory' => 'Dizin',
+    'Remote backup' => 'Uzak Yedek',
     'ftp' => 'FTP',
     'sftp' => 'SFTP',
     'SFTP Chroot' => 'SFTP Chroot',
@@ -590,7 +591,7 @@ $LANG['tr'] = array(
     'Starred' => 'Yıldızlı',
     'Name' => 'İsim',
 
-    'save to favorites' => 'save to favorites',
+    'save to favorites' => 'favorilere kaydet',
 
     'File Manager' => 'Dosya Yöneticisi',
     'size' => 'boyut',
@@ -602,13 +603,13 @@ $LANG['tr'] = array(
     'NEW DIR' => 'YENİ KLASÖR',
     'DELETE' => 'SİL',
     'RENAME' => 'YENİDEN ADLANDIR',
-    'MOVE' => 'MOVE',
-    'RIGHTS' => 'RIGHTS',
+    'MOVE' => 'TAŞI',
+    'RIGHTS' => 'IZINLER',
     'COPY' => 'KOPYALA',
     'ARCHIVE' => 'ARŞİVLE',
     'EXTRACT' => 'ÇIKART',
     'DOWNLOAD' => 'İNDİR',
-    'Are you sure?' => 'Are you sure?',
+    'Are you sure?' => 'Emin misin?',
     'Hit' => 'Hit',
     'to reload the page' => 'sayfayı yenilemek için',
     'Directory name cannot be empty' => 'Dizin adı boş olamaz',
@@ -623,20 +624,20 @@ $LANG['tr'] = array(
     'Copy' => 'Kopyala',
     'Cancel' => 'Vazgeç',
     'Rename' => 'Yeniden Adlandır',
-    'Move' => 'Move',
-    'Change Rights' => 'Change Rights',
+    'Move' => 'Taşı',
+    'Change Rights' => 'İzinleri Değiştir',
     'Delete' => 'Sil',
     'Extract' => 'Çıkart',
     'Create' => 'Oluştur',
     'Compress' => 'Sıkıştır',
     'OK' => 'TAMAM',
-    'YOU ARE COPYING' => 'YOU ARE COPYING',
-    'YOU ARE REMOVING' => 'YOU ARE REMOVING',
-    'Delete items' => 'Delete items',
-    'Copy files' => 'Copy files',
-    'Move files' => 'Move files',
+    'YOU ARE COPYING' => 'KOPYALAMA YAPIYORSUNUZ',
+    'YOU ARE REMOVING' => 'SİLME İŞLEMİ YAPIYORSUNUZ',
+    'Delete items' => 'Öğeleri sil',
+    'Copy files' => 'Dosyaları kopyala',
+    'Move files' => 'Dosyaları taşı',
     'Are you sure you want to copy' => 'Kopyalamak istediğinizden emin misiniz',
-    'Are you sure you want to move' => 'Are you sure you want to move',
+    'Are you sure you want to move' => 'Taşımak istediğinizden emin misiniz',
     'Are you sure you want to delete' => 'Silmek istediğinizden emin misiniz',
     'into' => 'into',
     'existing files will be replaced' => 'varolan dosyalar değiştirilir',
@@ -655,7 +656,7 @@ $LANG['tr'] = array(
     'write by others' => 'write by others',
     'execute/search by others' => 'execute/search by others',
 
-    'Shortcuts' => 'Shortcuts',
+    'Shortcuts' => 'Kısayollar',
     'Add New object' => 'Yeni Nesne Ekle',
     'Save Form' => 'Formu Kaydet',
     'Cancel saving form' => 'Formu kaydetmekten vazgeç',
@@ -671,8 +672,8 @@ $LANG['tr'] = array(
     'Move backward through top menu' => 'Üst menüden arasında geriye doğru git',
     'Move forward through top menu' => 'Üst menüden arasında ileriye doğru git',
     'Enter focused element' => 'Odaklanmış elemanı gir',
-    'Move up through elements list' => 'Move up through elements list',
-    'Move down through elements list' => 'Move down through elements list',
+    'Move up through elements list' => 'Öğeler listesinde yukarı git',
+    'Move down through elements list' => 'Öğeler listesinde aşağı git',
 
     'Upload' => 'Yükle',
     'New File' => 'Yeni Dosya',
@@ -689,7 +690,7 @@ $LANG['tr'] = array(
     'Go to the Top of the File List' => 'Dosya Listesinin Tepesine git',
     'Go to the Last File' => 'Son Dosyaya git',
     'Open File / Enter Directory' => 'Dosya Aç/Dizin Gir',
-    'Edit File' => 'Edit File',
+    'Edit File' => 'Dosya düzenle',
     'Go to Parent Directory' => 'Üst Dizine Git',
     'Select Current File' => 'Şuanki Dosyayı Seç',
     'Select Bunch of Files' => 'Dosya Demetini Seç',
@@ -732,7 +733,7 @@ $LANG['tr'] = array(
     'every minute' => 'her dakika',
     'every two minutes' => 'her iki dakikada bir',
     'every' => 'her',
-    'Generate' => 'Generate',
+    'Generate' => 'Oluştur',
 
     'webalizer' => 'webalizer',
     'awstats' => 'awstats',
@@ -746,14 +747,14 @@ $LANG['tr'] = array(
     'PUB_KEY' => 'PUB_KEY',
     'ISSUER' => 'ISSUER',
 
-    'Use server hostname' => 'Use server hostname',
-    'Use domain hostname' => 'Use domain hostname',
-    'Use STARTTLS' => 'Use STARTTLS',
-    'Use SSL / TLS' => 'Use SSL / TLS',
-    'No encryption' => 'No encryption',
-    'Do not use encryption' => 'Do not use encryption',
+    'Use server hostname' => 'Sunucu adını kullan',
+    'Use domain hostname' => 'Alan adını kullan',
+    'Use STARTTLS' => 'STARTTLS Kullan',
+    'Use SSL / TLS' => 'SSL / TLS Kullan',
+    'No encryption' => 'Şifreleme yok',
+    'Do not use encryption' => 'Şifreleme kullanma',
 
-    'maximum characters length, including prefix' => 'maximum %s characters length, including prefix',
+    'maximum characters length, including prefix' => 'önek dahil maksimum %s karakter uzunluğu',
 
-    'Email Credentials' => 'Email Credentials',
+    'Email Credentials' => 'E-posta Kimlik Bilgileri',
 );

From 164ea90d53a92253ffd1b569292fefd6726f3a6c Mon Sep 17 00:00:00 2001
From: Umut Korkmaz 
Date: Sat, 4 Feb 2023 02:45:31 +0300
Subject: [PATCH 1816/2300] Added missing fields

---
 web/inc/i18n/ar.php    | 1 +
 web/inc/i18n/az.php    | 1 +
 web/inc/i18n/bg.php    | 7 ++++++-
 web/inc/i18n/bs.php    | 1 +
 web/inc/i18n/cn.php    | 1 +
 web/inc/i18n/cz.php    | 1 +
 web/inc/i18n/da.php    | 1 +
 web/inc/i18n/de.php    | 1 +
 web/inc/i18n/el.php    | 1 +
 web/inc/i18n/en.php    | 1 +
 web/inc/i18n/es.php    | 1 +
 web/inc/i18n/fa.php    | 1 +
 web/inc/i18n/fi.php    | 1 +
 web/inc/i18n/fr.php    | 1 +
 web/inc/i18n/hu.php    | 1 +
 web/inc/i18n/id.php    | 1 +
 web/inc/i18n/it.php    | 1 +
 web/inc/i18n/ja.php    | 1 +
 web/inc/i18n/ka.php    | 1 +
 web/inc/i18n/ko.php    | 1 +
 web/inc/i18n/nl.php    | 1 +
 web/inc/i18n/no.php    | 1 +
 web/inc/i18n/pl.php    | 1 +
 web/inc/i18n/pt-BR.php | 1 +
 web/inc/i18n/pt.php    | 1 +
 web/inc/i18n/ro.php    | 1 +
 web/inc/i18n/ru.php    | 1 +
 web/inc/i18n/se.php    | 1 +
 web/inc/i18n/sr.php    | 1 +
 web/inc/i18n/th.php    | 3 ++-
 web/inc/i18n/tr.php    | 1 +
 web/inc/i18n/tw.php    | 1 +
 web/inc/i18n/ua.php    | 1 +
 web/inc/i18n/ur.php    | 5 ++++-
 web/inc/i18n/vi.php    | 1 +
 35 files changed, 44 insertions(+), 3 deletions(-)

diff --git a/web/inc/i18n/ar.php b/web/inc/i18n/ar.php
index e50cfec7..927f9576 100644
--- a/web/inc/i18n/ar.php
+++ b/web/inc/i18n/ar.php
@@ -196,6 +196,7 @@ $LANG['ar'] = array(
     'SSL Home Directory'  => 'المجلد الرئيسي لـ SSL',
     'Lets Encrypt Support'  => 'دعم Lets Encrypt',
     'Lets Encrypt'  => 'Lets Encrypt',
+    'You can add LetsEncrypt after adding domain, just EDIT this domain later' => 'You can add LetsEncrypt after adding domain, just EDIT this domain later',
     'Your certificate will be automatically issued in 5 minutes' => 'سوف يتم اصدار الترخيص الخاص بك خلال 5 دقائق',
     'Proxy Support'  => 'دغم بروكسي',
     'Proxy Extensions'  => 'توسعات بروكسي',
diff --git a/web/inc/i18n/az.php b/web/inc/i18n/az.php
index 715043a0..929d5d29 100644
--- a/web/inc/i18n/az.php
+++ b/web/inc/i18n/az.php
@@ -187,6 +187,7 @@ $LANG['az'] = array(
     'SSL Home Directory'  => 'SSL Ana qovluğu',
     'Lets Encrypt Support'  => 'Lets Encrypt dəstəyi',
     'Lets Encrypt'  => 'Şifrələ',
+    'You can add LetsEncrypt after adding domain, just EDIT this domain later' => 'You can add LetsEncrypt after adding domain, just EDIT this domain later',
     'Your certificate will be automatically issued in 5 minutes' => 'Sənədiniz avtomatik olaraq 5 dəqiqə ərzində veriləcək',
     'Proxy Support'  => 'Proxy dəstəyi',
     'Proxy Extensions'  => 'Proxy əlavələri',
diff --git a/web/inc/i18n/bg.php b/web/inc/i18n/bg.php
index 642e6cfa..4baf8f2f 100644
--- a/web/inc/i18n/bg.php
+++ b/web/inc/i18n/bg.php
@@ -40,6 +40,8 @@ $LANG['bg'] = array(
     'NETWORK'  => 'МРЕЖА',
     'Web Log Manager'  => 'МЕНИДЖЪР НА УЕБ ЛОГОВЕ',
 
+    'no notifications'  => 'no notifications',
+
     'Add User'  => 'Добави потребител',
     'Add Domain'  => 'Добави домейн',
     'Add Web Domain'  => 'Добави уеб домейн',
@@ -107,6 +109,7 @@ $LANG['bg'] = array(
     'disable autoupdate' => 'забрани автоматичното обновяване',
     'turn on notifications' => 'включи известията',
     'turn off notifications' => 'изключи известията',
+    'configure' => 'configure',
 
     'Adding User'  => 'Добавяне на потребител',
     'Editing User'  => 'Редактиране на потребител',
@@ -191,6 +194,8 @@ $LANG['bg'] = array(
     'SSL Home Directory'  => 'SSL начало',
     'Lets Encrypt Support'  => 'Lets Encrypt поддръжка',
     'Lets Encrypt'  => 'Lets Encrypt',
+    'You can add LetsEncrypt after adding domain, just EDIT this domain later' => 'You can add LetsEncrypt after adding domain, just EDIT this domain later',
+    'Your certificate will be automatically issued in 5 minutes' => 'Your certificate will be automatically issued in 5 minutes',
     'Proxy Support'  => 'Прокси поддръжка',
     'Proxy Extensions'  => 'Прокси разширения',
     'Web Statistics'  => 'Уеб статистики',
@@ -688,7 +693,7 @@ $LANG['bg'] = array(
     'Select Bunch of Files' => 'Избери няколко файла',
     'Add File to the Current Selection' => 'Добави файла към текущата селекция',
     'Select All Files' => 'Избери всички файлове',
-    'shortcuts are inspired by magnificent GNU Midnight Commander файлов мениджър' =>
+    'shortcuts are inspired by magnificent GNU Midnight Commander file manager' =>
     'преките пътища са вдъхновени от великолепният GNU Midnight Commander файлов мениджър',
     'Licence Key' => 'Лицензен ключ',
     'Enter License Key' => 'Въведете лицензен ключ',
diff --git a/web/inc/i18n/bs.php b/web/inc/i18n/bs.php
index 4e2f32e1..8f515153 100644
--- a/web/inc/i18n/bs.php
+++ b/web/inc/i18n/bs.php
@@ -195,6 +195,7 @@ $LANG['bs'] = array(
     'SSL Home Directory'  => 'SSL direktorij',
     'Lets Encrypt Support'  => 'Lets Encrypt Support',
     'Lets Encrypt'  => 'Lets Encrypt',
+    'You can add LetsEncrypt after adding domain, just EDIT this domain later' => 'You can add LetsEncrypt after adding domain, just EDIT this domain later',
     'Your certificate will be automatically issued in 5 minutes' => 'Your certificate will be automatically issued in 5 minutes',
     'Proxy Support'  => 'Proxy podrška',
     'Proxy Extensions'  => 'Proxy ekstenzije',
diff --git a/web/inc/i18n/cn.php b/web/inc/i18n/cn.php
index 389e8c1e..9276cd83 100644
--- a/web/inc/i18n/cn.php
+++ b/web/inc/i18n/cn.php
@@ -201,6 +201,7 @@ $LANG['cn'] = array(
     'SSL Home Directory' => 'SSL主目录',
     'Lets Encrypt Support' => '采用 Let's Encrypt',
     'Lets Encrypt' => 'Let's Encrypt',
+    'You can add LetsEncrypt after adding domain, just EDIT this domain later' => 'You can add LetsEncrypt after adding domain, just EDIT this domain later',
     'Your certificate will be automatically issued in 5 minutes' => '证书将在5分钟内自动完成签发',
     'Proxy Support' => '反向代理',
     'Proxy Extensions' => '需代理的文件扩展名',
diff --git a/web/inc/i18n/cz.php b/web/inc/i18n/cz.php
index 9a0cac79..9237444e 100644
--- a/web/inc/i18n/cz.php
+++ b/web/inc/i18n/cz.php
@@ -196,6 +196,7 @@ $LANG['cz'] = array(
     'SSL Home Directory'  => 'SSL home adresář',
     'Lets Encrypt Support'  => 'Lets Encrypt Support',
     'Lets Encrypt'  => 'Lets Encrypt',
+    'You can add LetsEncrypt after adding domain, just EDIT this domain later' => 'You can add LetsEncrypt after adding domain, just EDIT this domain later',
     'Your certificate will be automatically issued in 5 minutes' => 'Your certificate will be automatically issued in 5 minutes',
     'Proxy Support'  => 'Proxy podpora',
     'Proxy Extensions'  => 'Proxy rozšíření',
diff --git a/web/inc/i18n/da.php b/web/inc/i18n/da.php
index 6e0fab72..92f1ee78 100644
--- a/web/inc/i18n/da.php
+++ b/web/inc/i18n/da.php
@@ -197,6 +197,7 @@ $LANG['da'] = array(
     'SSL Home Directory'  => 'SSL Home',
     'Lets Encrypt Support'  => 'Lets Encrypt Support',
     'Lets Encrypt'  => 'Lets Encrypt',
+    'You can add LetsEncrypt after adding domain, just EDIT this domain later' => 'You can add LetsEncrypt after adding domain, just EDIT this domain later',
     'Your certificate will be automatically issued in 5 minutes' => 'Your certificate will be automatically issued in 5 minutes',
     'Proxy Support'  => 'Proxy Support',
     'Proxy Extensions'  => 'Proxy Tilføjelser',
diff --git a/web/inc/i18n/de.php b/web/inc/i18n/de.php
index 17d1101f..2e6cf9f3 100644
--- a/web/inc/i18n/de.php
+++ b/web/inc/i18n/de.php
@@ -195,6 +195,7 @@ $LANG['de'] = array(
     'SSL Home Directory'  => 'SSL Homeverzeichnis',
     'Lets Encrypt Support'  => 'Lets Encrypt Support',
     'Lets Encrypt'  => 'Lets Encrypt',
+    'You can add LetsEncrypt after adding domain, just EDIT this domain later' => 'You can add LetsEncrypt after adding domain, just EDIT this domain later',
     'Your certificate will be automatically issued in 5 minutes' => 'Your certificate will be automatically issued in 5 minutes',
     'Proxy Support'  => 'Proxy Unterstützung',
     'Proxy Extensions'  => 'Proxy Erweiterungen',
diff --git a/web/inc/i18n/el.php b/web/inc/i18n/el.php
index bef89086..66b6532a 100644
--- a/web/inc/i18n/el.php
+++ b/web/inc/i18n/el.php
@@ -197,6 +197,7 @@ $LANG['el'] = array(
     'SSL Home Directory'  => 'Αρχικός Κατάλογος SSL',
     'Lets Encrypt Support'  => 'Lets Encrypt Support',
     'Lets Encrypt'  => 'Lets Encrypt',
+    'You can add LetsEncrypt after adding domain, just EDIT this domain later' => 'You can add LetsEncrypt after adding domain, just EDIT this domain later',
     'Your certificate will be automatically issued in 5 minutes' => 'Your certificate will be automatically issued in 5 minutes',
     'Proxy Support'  => 'Υποστήριξη Proxy',
     'Proxy Extensions'  => 'Πρόσθετα Proxy',
diff --git a/web/inc/i18n/en.php b/web/inc/i18n/en.php
index d7ae290d..39c3bfff 100644
--- a/web/inc/i18n/en.php
+++ b/web/inc/i18n/en.php
@@ -195,6 +195,7 @@ $LANG['en'] = array(
     'SSL Home Directory'  => 'SSL Home',
     'Lets Encrypt Support'  => 'Lets Encrypt Support',
     'Lets Encrypt'  => 'Lets Encrypt',
+    'You can add LetsEncrypt after adding domain, just EDIT this domain later' => 'You can add LetsEncrypt after adding domain, just EDIT this domain later',
     'Your certificate will be automatically issued in 5 minutes' => 'Your certificate will be automatically issued in 5 minutes',
     'Proxy Support'  => 'Proxy Support',
     'Proxy Extensions'  => 'Proxy Extensions',
diff --git a/web/inc/i18n/es.php b/web/inc/i18n/es.php
index 6e5ce352..3a8ae573 100644
--- a/web/inc/i18n/es.php
+++ b/web/inc/i18n/es.php
@@ -203,6 +203,7 @@ $LANG['es'] = array(
     'SSL Home Directory'  => 'Directorio local del SSL',
     'Lets Encrypt Support'  => 'Soportar Lets Encrypt',
     'Lets Encrypt'  => 'Lets Encrypt',
+    'You can add LetsEncrypt after adding domain, just EDIT this domain later' => 'You can add LetsEncrypt after adding domain, just EDIT this domain later',
     'Your certificate will be automatically issued in 5 minutes' => 'Tu certificado será emitido automáticamente en 5 minutos',
     'Proxy Support'  => 'Soportar Proxy',
     'Proxy Extensions'  => 'Extensiones Proxy',
diff --git a/web/inc/i18n/fa.php b/web/inc/i18n/fa.php
index 8355691a..1778b5b8 100644
--- a/web/inc/i18n/fa.php
+++ b/web/inc/i18n/fa.php
@@ -190,6 +190,7 @@ $LANG['fa'] = array(
     'SSL Home Directory' => 'پوشه خانه SSL',
     'Lets Encrypt Support'  => 'پشتیبانی از Lets Encrypt',
     'Lets Encrypt'  => 'Lets Encrypt',
+    'You can add LetsEncrypt after adding domain, just EDIT this domain later' => 'You can add LetsEncrypt after adding domain, just EDIT this domain later',
     'Your certificate will be automatically issued in 5 minutes' => 'گواهینامه شما به صورت خودکار در طی 5 دقیقه صادر خواهد شد',
     'Proxy Support' => 'پشتیبانی پراکسی',
     'Proxy Extensions' => 'فرمت های پراکسی',
diff --git a/web/inc/i18n/fi.php b/web/inc/i18n/fi.php
index 951f8da3..8b7d33e2 100644
--- a/web/inc/i18n/fi.php
+++ b/web/inc/i18n/fi.php
@@ -197,6 +197,7 @@ $LANG['fi'] = array(
     'SSL Home Directory' => 'SSL-kotihakemisto',
     'Lets Encrypt Support'  => 'Lets Encrypt Tuki',
     'Lets Encrypt'  => 'Lets Encrypt',
+    'You can add LetsEncrypt after adding domain, just EDIT this domain later' => 'You can add LetsEncrypt after adding domain, just EDIT this domain later',
     'Your certificate will be automatically issued in 5 minutes' => 'Sertifikaattisi käsitellään viiden minuutin sisään',
     'Proxy Support' => 'Proxy-tuki',
     'Proxy Extensions' => 'Proxy-laajennukset',
diff --git a/web/inc/i18n/fr.php b/web/inc/i18n/fr.php
index 4e2e3144..5a68a58a 100644
--- a/web/inc/i18n/fr.php
+++ b/web/inc/i18n/fr.php
@@ -195,6 +195,7 @@ $LANG['fr'] = array(
     'SSL Home Directory'  => 'Racine SSL',
     'Lets Encrypt Support'  => 'Lets Encrypt Support',
     'Lets Encrypt'  => 'Lets Encrypt',
+    'You can add LetsEncrypt after adding domain, just EDIT this domain later' => 'You can add LetsEncrypt after adding domain, just EDIT this domain later',
     'Your certificate will be automatically issued in 5 minutes' => 'Your certificate will be automatically issued in 5 minutes',
     'Proxy Support'  => 'Support Proxy',
     'Proxy Extensions'  => 'Extensions Proxy',
diff --git a/web/inc/i18n/hu.php b/web/inc/i18n/hu.php
index 1c37f93f..c0ac0a41 100644
--- a/web/inc/i18n/hu.php
+++ b/web/inc/i18n/hu.php
@@ -199,6 +199,7 @@ $LANG['hu'] = array(
     'SSL Home Directory'  => 'SSL kezdőlap',
     'Lets Encrypt Support'  => 'Lets Encrypt Support',
     'Lets Encrypt'  => 'Lets Encrypt',
+    'You can add LetsEncrypt after adding domain, just EDIT this domain later' => 'You can add LetsEncrypt after adding domain, just EDIT this domain later',
     'Your certificate will be automatically issued in 5 minutes' => 'Your certificate will be automatically issued in 5 minutes',
     'Proxy Support'  => 'Proxy támogatás',
     'Proxy Extensions'  => 'Proxy kiterjesztések',
diff --git a/web/inc/i18n/id.php b/web/inc/i18n/id.php
index dd870f0d..7b43c044 100644
--- a/web/inc/i18n/id.php
+++ b/web/inc/i18n/id.php
@@ -196,6 +196,7 @@ $LANG['id'] = array(
     'SSL Home Directory'  => 'Direktori Home SSL',
     'Lets Encrypt Support'  => 'Dukungan Lets Encrypt',
     'Lets Encrypt'  => 'Lets Encrypt',
+    'You can add LetsEncrypt after adding domain, just EDIT this domain later' => 'You can add LetsEncrypt after adding domain, just EDIT this domain later',
     'Your certificate will be automatically issued in 5 minutes' => 'Sertifikat anda akan otomatis diterbitkan dalam 5 menit',
     'Proxy Support'  => 'Dukungan Proxy',
     'Proxy Extensions'  => 'Ekstensi Proxy',
diff --git a/web/inc/i18n/it.php b/web/inc/i18n/it.php
index 1e104c51..91296d8b 100644
--- a/web/inc/i18n/it.php
+++ b/web/inc/i18n/it.php
@@ -196,6 +196,7 @@ $LANG['it'] = array(
     'SSL Home Directory'  => 'SSL Home',
     'Lets Encrypt Support'  => 'Lets Encrypt Support',
     'Lets Encrypt'  => 'Lets Encrypt',
+    'You can add LetsEncrypt after adding domain, just EDIT this domain later' => 'You can add LetsEncrypt after adding domain, just EDIT this domain later',
     'Your certificate will be automatically issued in 5 minutes' => 'Your certificate will be automatically issued in 5 minutes',
     'Proxy Support'  => 'Supporto Proxy',
     'Proxy Extensions'  => 'Estensioni Proxy',
diff --git a/web/inc/i18n/ja.php b/web/inc/i18n/ja.php
index a592fd7b..c0e9e541 100644
--- a/web/inc/i18n/ja.php
+++ b/web/inc/i18n/ja.php
@@ -195,6 +195,7 @@ $LANG['ja'] = array(
     'SSL Home Directory'  => 'SSLホームディレクトリ',
     'Lets Encrypt Support'  => "Let's Encryptのサポート",
     'Lets Encrypt'  => "Let's Encrypt",
+    'You can add LetsEncrypt after adding domain, just EDIT this domain later' => 'You can add LetsEncrypt after adding domain, just EDIT this domain later',
     'Your certificate will be automatically issued in 5 minutes' => '証明書は5分以内に自動的に発行されます',
     'Proxy Support'  => 'プロキシのサポート',
     'Proxy Extensions'  => 'プロキシ対象拡張子',
diff --git a/web/inc/i18n/ka.php b/web/inc/i18n/ka.php
index 1512e06c..f82e2305 100644
--- a/web/inc/i18n/ka.php
+++ b/web/inc/i18n/ka.php
@@ -195,6 +195,7 @@ $LANG['ka'] = array(
     'SSL Home Directory'  => 'SSL მთავარი დირექტორია',
     'Lets Encrypt Support'  => 'Lets Encrypt Support',
     'Lets Encrypt'  => 'Lets Encrypt',
+    'You can add LetsEncrypt after adding domain, just EDIT this domain later' => 'You can add LetsEncrypt after adding domain, just EDIT this domain later',
     'Your certificate will be automatically issued in 5 minutes' => 'Your certificate will be automatically issued in 5 minutes',
     'Proxy Support'  => 'პროქსის მხარდაჭერა',
     'Proxy Extensions'  => 'პროქსის გაფართოებები',
diff --git a/web/inc/i18n/ko.php b/web/inc/i18n/ko.php
index 1b09de25..e81ab4b0 100644
--- a/web/inc/i18n/ko.php
+++ b/web/inc/i18n/ko.php
@@ -195,6 +195,7 @@ $LANG['ko'] = array(
     'SSL Home Directory'  => 'SSL 홈 디렉토리',
     'Lets Encrypt Support'  => 'Lets Encrypt 지원',
     'Lets Encrypt'  => 'Lets Encrypt',
+    'You can add LetsEncrypt after adding domain, just EDIT this domain later' => 'You can add LetsEncrypt after adding domain, just EDIT this domain later',
     'Your certificate will be automatically issued in 5 minutes' => '인증서는 5분 안에 자동으로 발급될 것입니다',
     'Proxy Support'  => '프록시 지원',
     'Proxy Extensions'  => '프록시 확장',
diff --git a/web/inc/i18n/nl.php b/web/inc/i18n/nl.php
index b5d68ec4..3b4fde10 100644
--- a/web/inc/i18n/nl.php
+++ b/web/inc/i18n/nl.php
@@ -198,6 +198,7 @@ $LANG['nl'] = array(
     'SSL Home Directory'  => 'SSL Map',
     'Lets Encrypt Support'  => 'Lets Encrypt Ondersteuning',
     'Lets Encrypt'  => 'Lets Encrypt',
+    'You can add LetsEncrypt after adding domain, just EDIT this domain later' => 'You can add LetsEncrypt after adding domain, just EDIT this domain later',
     'Your certificate will be automatically issued in 5 minutes' => 'Het certificaat wordt automatisch aangemaakt in 5 minuten',
     'Proxy Support'  => 'Proxy Ondersteuning',
     'Proxy Extensions'  => 'Proxy Extensies',
diff --git a/web/inc/i18n/no.php b/web/inc/i18n/no.php
index fe026f39..30cc9306 100644
--- a/web/inc/i18n/no.php
+++ b/web/inc/i18n/no.php
@@ -196,6 +196,7 @@ $LANG['no'] = array(
     'SSL Home Directory'  => 'SSL Hjem',
     'Lets Encrypt Support'  => 'Lets Encrypt Support',
     'Lets Encrypt'  => 'Lets Encrypt',
+    'You can add LetsEncrypt after adding domain, just EDIT this domain later' => 'You can add LetsEncrypt after adding domain, just EDIT this domain later',
     'Your certificate will be automatically issued in 5 minutes' => 'Your certificate will be automatically issued in 5 minutes',
     'Proxy Support'  => 'Proxy Støtte',
     'Proxy Extensions'  => 'Proxy Utvidelser',
diff --git a/web/inc/i18n/pl.php b/web/inc/i18n/pl.php
index e649a22c..a6376c1f 100644
--- a/web/inc/i18n/pl.php
+++ b/web/inc/i18n/pl.php
@@ -196,6 +196,7 @@ $LANG['pl'] = array(
     'SSL Home Directory'  => 'Folder główny SSL',
     'Lets Encrypt Support'  => 'Lets Encrypt Support',
     'Lets Encrypt'  => 'Lets Encrypt',
+    'You can add LetsEncrypt after adding domain, just EDIT this domain later' => 'You can add LetsEncrypt after adding domain, just EDIT this domain later',
     'Your certificate will be automatically issued in 5 minutes' => 'Your certificate will be automatically issued in 5 minutes',
     'Proxy Support'  => 'Wsparcie dla Proxy',
     'Proxy Extensions'  => 'Rozszerzenia Proxy',
diff --git a/web/inc/i18n/pt-BR.php b/web/inc/i18n/pt-BR.php
index 303ae53f..b6716ef0 100644
--- a/web/inc/i18n/pt-BR.php
+++ b/web/inc/i18n/pt-BR.php
@@ -195,6 +195,7 @@ $LANG['pt-BR'] = array(
     'SSL Home Directory'  => 'Diretório Home SSL',
     'Lets Encrypt Support'  => 'Suporte Lets Encrypt',
     'Lets Encrypt'  => 'Lets Encrypt',
+    'You can add LetsEncrypt after adding domain, just EDIT this domain later' => 'You can add LetsEncrypt after adding domain, just EDIT this domain later',
     'Your certificate will be automatically issued in 5 minutes' => 'Seu certificado será gerado automaticamente em 5 minutos',
     'Proxy Support'  => 'Suporte ao Proxy',
     'Proxy Extensions'  => 'Extensões do Proxy',
diff --git a/web/inc/i18n/pt.php b/web/inc/i18n/pt.php
index 02d3bf51..57366dbc 100644
--- a/web/inc/i18n/pt.php
+++ b/web/inc/i18n/pt.php
@@ -195,6 +195,7 @@ $LANG['pt'] = array(
     'SSL Home Directory'  => 'Diretório Home SSL',
     'Lets Encrypt Support'  => 'Lets Encrypt Support',
     'Lets Encrypt'  => 'Lets Encrypt',
+    'You can add LetsEncrypt after adding domain, just EDIT this domain later' => 'You can add LetsEncrypt after adding domain, just EDIT this domain later',
     'Your certificate will be automatically issued in 5 minutes' => 'Your certificate will be automatically issued in 5 minutes',
     'Proxy Support'  => 'Suporte ao Proxy',
     'Proxy Extensions'  => 'Extenções do Proxy',
diff --git a/web/inc/i18n/ro.php b/web/inc/i18n/ro.php
index 5b70f5d5..4b4104bd 100644
--- a/web/inc/i18n/ro.php
+++ b/web/inc/i18n/ro.php
@@ -197,6 +197,7 @@ $LANG['ro'] = array(
     'SSL Home Directory' => 'Director SSL',
     'Lets Encrypt Support'  => 'Lets Encrypt Support',
     'Lets Encrypt'  => 'Lets Encrypt',
+    'You can add LetsEncrypt after adding domain, just EDIT this domain later' => 'You can add LetsEncrypt after adding domain, just EDIT this domain later',
     'Your certificate will be automatically issued in 5 minutes' => 'Your certificate will be automatically issued in 5 minutes',
     'Proxy Support' => 'Suport Proxy',
     'Proxy Extensions' => 'Extensii Proxy',
diff --git a/web/inc/i18n/ru.php b/web/inc/i18n/ru.php
index 58829fad..5b634db3 100644
--- a/web/inc/i18n/ru.php
+++ b/web/inc/i18n/ru.php
@@ -197,6 +197,7 @@ $LANG['ru'] = array(
     'SSL Home Directory' => 'Директория SSL',
     'Lets Encrypt Support'  => 'Поддержка Lets Encrypt',
     'Lets Encrypt'  => 'Lets Encrypt',
+    'You can add LetsEncrypt after adding domain, just EDIT this domain later' => 'You can add LetsEncrypt after adding domain, just EDIT this domain later',
     'Your certificate will be automatically issued in 5 minutes' => 'Сертификат будет автоматически создан в течение 5-ти минут',
     'Proxy Support' => 'Поддержка Proxy',
     'Proxy Extensions' => 'Обработка Proxy',
diff --git a/web/inc/i18n/se.php b/web/inc/i18n/se.php
index 96c5af9c..fc70440e 100644
--- a/web/inc/i18n/se.php
+++ b/web/inc/i18n/se.php
@@ -195,6 +195,7 @@ $LANG['se'] = array(
     'SSL Home Directory'  => 'Hemmakatalog för SSL',
     'Lets Encrypt Support'  => 'Lets Encrypt Support',
     'Lets Encrypt'  => 'Lets Encrypt',
+    'You can add LetsEncrypt after adding domain, just EDIT this domain later' => 'You can add LetsEncrypt after adding domain, just EDIT this domain later',
     'Your certificate will be automatically issued in 5 minutes' => 'Your certificate will be automatically issued in 5 minutes',
     'Proxy Support'  => 'Nginx-stöd',
     'Proxy Extensions'  => 'Nginx-tillägg',
diff --git a/web/inc/i18n/sr.php b/web/inc/i18n/sr.php
index dc215f26..3dfcc0f5 100644
--- a/web/inc/i18n/sr.php
+++ b/web/inc/i18n/sr.php
@@ -195,6 +195,7 @@ $LANG['sr'] = array(
     'SSL Home Directory'  => 'SSL direktorijum',
     'Lets Encrypt Support'  => 'Lets Encrypt podrška',
     'Lets Encrypt'  => 'Lets Encrypt',
+    'You can add LetsEncrypt after adding domain, just EDIT this domain later' => 'You can add LetsEncrypt after adding domain, just EDIT this domain later',
     'Your certificate will be automatically issued in 5 minutes' => 'Vaš sertifikat će biti automatski generisan za 5 minuta',
     'Proxy Support'  => 'Proxy podrška',
     'Proxy Extensions'  => 'Proxy ekstenzije',
diff --git a/web/inc/i18n/th.php b/web/inc/i18n/th.php
index 2878192f..63350f02 100644
--- a/web/inc/i18n/th.php
+++ b/web/inc/i18n/th.php
@@ -198,6 +198,7 @@ $LANG['th'] = array(
     'SSL Home Directory'  => 'ไดเร็กทอรี่หลักของ SSL',
     'Lets Encrypt Support'  => 'สนับสนุน Lets Encrypt',
     'Lets Encrypt'  => 'Lets Encrypt',
+    'You can add LetsEncrypt after adding domain, just EDIT this domain later' => 'You can add LetsEncrypt after adding domain, just EDIT this domain later',
     'Your certificate will be automatically issued in 5 minutes' => 'ใบรับรองของคุณจะได้รับการออกโดยอัตโนมัติภายใน 5 นาที',
     'Proxy Support'  => 'สนับสนุน Proxy',
     'Proxy Extensions'  => 'ส่วนขยาย Proxy',
@@ -704,7 +705,7 @@ $LANG['th'] = array(
     'Enter License Key' => 'กรอก License Key',
     'Buy Licence' => 'ซื้อ License',
     'Buy Lifetime License' => 'ซื้อ License แบบถาวร',
-    'Disable and Cancel License' => 'ปิดการใช้งาน และยกเลิก License',
+    'Disable and Cancel Licence' => 'ปิดการใช้งาน และยกเลิก License',
     'Licence Activated' => 'เปิดใช้งาน License แล้ว',
     'Licence Deactivated' => 'ปิดการใช้งาน License แล้ว',
     'Restrict users so that they cannot use SSH and access only their home directory.' => 'จำกัดผู้ใช้เพื่อไม่ให้ใช้ SSH และเข้าถึงไดเร็กทอรี่ของตนเองเท่านั้น',
diff --git a/web/inc/i18n/tr.php b/web/inc/i18n/tr.php
index 7aac0098..4b1ff8a4 100644
--- a/web/inc/i18n/tr.php
+++ b/web/inc/i18n/tr.php
@@ -197,6 +197,7 @@ $LANG['tr'] = array(
     'SSL Home Directory'  => 'SSL Dizini',
     'Lets Encrypt Support'  => 'Lets Encrypt Desteği',
     'Lets Encrypt'  => 'Lets Encrypt',
+    'You can add LetsEncrypt after adding domain, just EDIT this domain later' => 'You can add LetsEncrypt after adding domain, just EDIT this domain later',
     'Your certificate will be automatically issued in 5 minutes' => 'Sertifikanız 5 dakika içinde otomatik olarak verilecektir.',
     'Proxy Support'  => 'Proxy Desteği',
     'Proxy Extensions'  => 'Proxy Uzantıları',
diff --git a/web/inc/i18n/tw.php b/web/inc/i18n/tw.php
index 163bee62..145f465d 100644
--- a/web/inc/i18n/tw.php
+++ b/web/inc/i18n/tw.php
@@ -197,6 +197,7 @@ $LANG['tw'] = array(
     'SSL Home Directory'  => 'SSL 主目錄',
     'Lets Encrypt Support'  => 'Lets Encrypt 支援',
     'Lets Encrypt'  => 'Lets Encrypt',
+    'You can add LetsEncrypt after adding domain, just EDIT this domain later' => 'You can add LetsEncrypt after adding domain, just EDIT this domain later',
     'Your certificate will be automatically issued in 5 minutes' => '您的憑證會在五分鐘內完成簽發',
     'Proxy Support'  => 'Proxy 支援',
     'Proxy Extensions'  => 'Proxy 副檔名',
diff --git a/web/inc/i18n/ua.php b/web/inc/i18n/ua.php
index 136cc73f..d552b3f8 100644
--- a/web/inc/i18n/ua.php
+++ b/web/inc/i18n/ua.php
@@ -196,6 +196,7 @@ $LANG['ua'] = array(
     'SSL Home Directory' => 'Домашня тека SSL',
     'Lets Encrypt Support'  => 'Підтримка Lets Encrypt',
     'Lets Encrypt'  => 'Lets Encrypt',
+    'You can add LetsEncrypt after adding domain, just EDIT this domain later' => 'You can add LetsEncrypt after adding domain, just EDIT this domain later',
     'Your certificate will be automatically issued in 5 minutes' => 'Ваш сертифікат буде автоматично виданий протягом 5-ти хвилин',
     'Proxy Support' => 'Підтримка Proxy',
     'Proxy Extensions' => 'Розширення Proxy',
diff --git a/web/inc/i18n/ur.php b/web/inc/i18n/ur.php
index 2c95e821..87c11ed3 100644
--- a/web/inc/i18n/ur.php
+++ b/web/inc/i18n/ur.php
@@ -108,6 +108,8 @@ $LANG['ur'] = array(
     'reread IP'  => 'IP پھر سے پڑھنا',
     'enable autoupdate'  => 'آٹو اپ ڈیٹ کو چالو',
     'disable autoupdate'  => 'غیر فعال آٹو اپ ڈیٹ',
+    'turn on notifications' => 'turn on notifications',
+    'turn off notifications' => 'turn off notifications',
     'configure'  => 'ترتیب دے',
     
     'Adding User'   => 'شامل کرنے صارف',
@@ -194,6 +196,7 @@ $LANG['ur'] = array(
     'SSL Home Directory'   => 'SSL ہوم',
     'Lets Encrypt Support'   => 'ینکریپٹ سپورٹ کی اجازت دیتا ہے',
     'Lets Encrypt'   => 'ینکریپٹ کی اجازت دیتا ہے',
+    'You can add LetsEncrypt after adding domain, just EDIT this domain later' => 'You can add LetsEncrypt after adding domain, just EDIT this domain later',
     'Your certificate will be automatically issued in 5 minutes'  => 'آپ کے سرٹیفکیٹ خود بخود 5 منٹ میں جاری کیا جائے گا',
     'Proxy Support'   => 'پراکسی سپورٹ',
     'Proxy Extensions'   => 'پراکسی ایکسٹنشن',
@@ -747,7 +750,7 @@ $LANG['ur'] = array(
     'Use server hostname'  => 'سرور استعمال میزبان نام',
     'Use domain hostname'  => 'ڈومین کا استعمال میزبان نام',
     'Use STARTTLS'  => 'STARTTLS استعمال',
-    'Use SSL'  => 'SSL استعمال کریں',
+    'Use SSL / TLS'  => 'SSL استعمال کریں',
     'No encryption'  => 'کوئی خفیہ کاری',
     'Do not use encryption'  => 'خفیہ کاری کا استعمال نہ کریں',
     
diff --git a/web/inc/i18n/vi.php b/web/inc/i18n/vi.php
index 2de145b4..303bf8ac 100644
--- a/web/inc/i18n/vi.php
+++ b/web/inc/i18n/vi.php
@@ -198,6 +198,7 @@ $LANG['vi'] = array(
     'SSL Home Directory'  => 'Trang chủ SSL',
     'Lets Encrypt Support'  => 'Hỗ trợ Lets Encrypt',
     'Lets Encrypt'  => 'Lets Encrypt',
+    'You can add LetsEncrypt after adding domain, just EDIT this domain later' => 'You can add LetsEncrypt after adding domain, just EDIT this domain later',
     'Your certificate will be automatically issued in 5 minutes' => 'Chứng chỉ của bạn sẽ được tự động cấp phát trong 5 phút',
     'Proxy Support'  => 'Hỗ trợ Nginx',
     'Proxy Extensions'  => 'Phần mở rộng Nginx',

From 87b821681284e7d9912aa50f195b880241184054 Mon Sep 17 00:00:00 2001
From: Umut Korkmaz 
Date: Sat, 4 Feb 2023 02:47:43 +0300
Subject: [PATCH 1817/2300] Duplicated fields removed

---
 web/inc/i18n/bg.php | 3 ---
 web/inc/i18n/ru.php | 1 -
 2 files changed, 4 deletions(-)

diff --git a/web/inc/i18n/bg.php b/web/inc/i18n/bg.php
index 4baf8f2f..746963d3 100644
--- a/web/inc/i18n/bg.php
+++ b/web/inc/i18n/bg.php
@@ -707,9 +707,6 @@ $LANG['bg'] = array(
     'This is a commercial module, you would need to purchace license key to enable it.' => 'Това е комерсиален модул, за чиито ползване е нужно да поръчате лицензионен ключ.',
     'Minutes' => 'Минути',
     'Hourly' => 'Всеки час',
-    'Daily' => 'Всеки ден ',
-    'Weekly' => 'Всяка седмица',
-    'Monthly' => 'Всеки месец',
     'Run Command' => 'Изпълни команда',
     'every month' => 'всеки месец',
     'every odd month' => 'всеки нечетен месец',
diff --git a/web/inc/i18n/ru.php b/web/inc/i18n/ru.php
index 5b634db3..ed8f116d 100644
--- a/web/inc/i18n/ru.php
+++ b/web/inc/i18n/ru.php
@@ -581,7 +581,6 @@ $LANG['ru'] = array(
     'Vesta Control Panel Plugins' => 'Плагины Vesta Control Panel',
     'preview' => 'предпросмотр',
     'Reseller Role' => 'Реселлер',
-    'Reseller Role' => 'Реселлер',
     'Web Config Editor' => 'Веб Редактор Конфигов',
     'Template Manager' => 'Менеджер Шаблонов',
     'Backup Migration Manager' => 'Менеджер Миграции Бэкапов',

From 71daf552e5c8ad0f59ac7246ee287d1d022a8edf Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 5 Feb 2023 15:52:13 +0100
Subject: [PATCH 1818/2300] Cleaning /hdd/home

---
 bin/v-clean-garbage | 26 +++++++++++++++++---------
 1 file changed, 17 insertions(+), 9 deletions(-)

diff --git a/bin/v-clean-garbage b/bin/v-clean-garbage
index 15b1a5ae..873c8450 100644
--- a/bin/v-clean-garbage
+++ b/bin/v-clean-garbage
@@ -24,15 +24,23 @@ find /usr/local/vesta/log/ -type f -name "*.log" -exec truncate -s 0 {} \;
 find /usr/local/vesta/log/ -type f -not -name "*.log" -delete
 find /var/log/exim4/ -type f -exec truncate -s 0 {} \;
 
-find /home/*/web/*/public_html/wp-content/aiowps_backups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
-find /home/*/web/*/public_html/wp-content/envato-backups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
-find /home/*/web/*/public_html/wp-content/ai1wm-backups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
-find /home/*/web/*/public_html/wp-content/wpvividbackups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
-find /home/*/web/*/public_html/wp-content/updraft/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
-find /home/*/web/*/public_html/ -type f -name "*.wpress" -delete
-find /home/*/web/*/public_html/ -type f -name "error_log" -exec truncate -s 0 {} \;
-find /home/*/web/*/public_html/ -type f -name "error_log.txt" -exec truncate -s 0 {} \;
-find /home/ -type f -name "*.log" -exec truncate -s 0 {} \;
+clean_home() {
+    find $1/*/web/*/public_html/wp-content/aiowps_backups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
+    find $1/*/web/*/public_html/wp-content/envato-backups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
+    find $1/*/web/*/public_html/wp-content/ai1wm-backups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
+    find $1/*/web/*/public_html/wp-content/wpvividbackups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
+    find $1/*/web/*/public_html/wp-content/updraft/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
+    find $1/*/web/*/public_html/wp-content/ezpz-one-click-backup/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
+    find $1/*/web/*/public_html/ -type f -name "*.wpress" -delete
+    find $1/*/web/*/public_html/ -type f -name "error_log" -exec truncate -s 0 {} \;
+    find $1/*/web/*/public_html/ -type f -name "error_log.txt" -exec truncate -s 0 {} \;
+    find $1/ -type f -name "*.log" -exec truncate -s 0 {} \;
+}
+
+clean_home "/home"
+if [ -d "/hdd/home" ]; then
+    clean_home "/hdd/home"
+fi
 
 fail2ban_running=$(/usr/local/vesta/bin/v-list-sys-services | grep 'fail2ban' | grep -c 'running')
 if [ $fail2ban_running -eq 1 ]; then

From 6d9c6d473490f422de56e71ba0bddf78f8c90e9f Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 5 Feb 2023 16:05:00 +0100
Subject: [PATCH 1819/2300] Update v-clean-garbage

---
 bin/v-clean-garbage | 37 ++++++++++++++++++++++++++++++++-----
 1 file changed, 32 insertions(+), 5 deletions(-)

diff --git a/bin/v-clean-garbage b/bin/v-clean-garbage
index 873c8450..92c5e840 100644
--- a/bin/v-clean-garbage
+++ b/bin/v-clean-garbage
@@ -1,7 +1,23 @@
 #!/bin/bash
+# info: Clean all unnecessary files like logs
+# options: NONE
+#
+# The function is cleaning all unnecessary files like logs
 
-nice -n 19 ionice -c 3 find /home/*/tmp/ -type f -delete
-find /home/ -name '.wp-cli' -type d -exec rm -rf {} \;
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+whoami=$(whoami)
+if [ "$whoami" != "root" ]; then
+    echo "You must be root to execute this script"
+    exit 1
+fi
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
 
 rm /var/backups/*
 rm /var/cache/apt/archives/*
@@ -25,6 +41,8 @@ find /usr/local/vesta/log/ -type f -not -name "*.log" -delete
 find /var/log/exim4/ -type f -exec truncate -s 0 {} \;
 
 clean_home() {
+    nice -n 19 ionice -c 3 find $1/*/tmp/ -type f -delete
+    find $1/ -name '.wp-cli' -type d -exec rm -rf {} \;
     find $1/*/web/*/public_html/wp-content/aiowps_backups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
     find $1/*/web/*/public_html/wp-content/envato-backups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
     find $1/*/web/*/public_html/wp-content/ai1wm-backups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
@@ -32,9 +50,9 @@ clean_home() {
     find $1/*/web/*/public_html/wp-content/updraft/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
     find $1/*/web/*/public_html/wp-content/ezpz-one-click-backup/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
     find $1/*/web/*/public_html/ -type f -name "*.wpress" -delete
-    find $1/*/web/*/public_html/ -type f -name "error_log" -exec truncate -s 0 {} \;
-    find $1/*/web/*/public_html/ -type f -name "error_log.txt" -exec truncate -s 0 {} \;
-    find $1/ -type f -name "*.log" -exec truncate -s 0 {} \;
+    nice -n 19 ionice -c 3 find $1/*/web/*/public_html/ -type f -name "error_log" -exec truncate -s 0 {} \;
+    nice -n 19 ionice -c 3 find $1/*/web/*/public_html/ -type f -name "error_log.txt" -exec truncate -s 0 {} \;
+    nice -n 19 ionice -c 3 find $1/ -type f -name "*.log" -exec truncate -s 0 {} \;
 }
 
 clean_home "/home"
@@ -42,6 +60,7 @@ if [ -d "/hdd/home" ]; then
     clean_home "/hdd/home"
 fi
 
+# Cleaning fail2ban database
 fail2ban_running=$(/usr/local/vesta/bin/v-list-sys-services | grep 'fail2ban' | grep -c 'running')
 if [ $fail2ban_running -eq 1 ]; then
     systemctl stop fail2ban
@@ -53,4 +72,12 @@ if [ $fail2ban_running -eq 1 ]; then
     systemctl start fail2ban
 fi
 
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
 echo "=== Garbage cleaned ==="
+
+log_event "$OK" "$ARGUMENTS"
+
+exit

From a10f82af3064dc8639989314d36f4d45cbb198ab Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 5 Feb 2023 16:11:15 +0100
Subject: [PATCH 1820/2300] Create v-update-myvesta

---
 bin/v-update-myvesta | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)
 create mode 100644 bin/v-update-myvesta

diff --git a/bin/v-update-myvesta b/bin/v-update-myvesta
new file mode 100644
index 00000000..9df80894
--- /dev/null
+++ b/bin/v-update-myvesta
@@ -0,0 +1,33 @@
+#!/bin/bash
+# info: Get the very latest build of myVesta
+# options: NONE
+#
+# The function is downloading the very latest build of myVesta
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+whoami=$(whoami)
+if [ "$whoami" != "root" ]; then
+    echo "You must be root to execute this script"
+    exit 1
+fi
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+rm /var/cache/apt/archives/vesta_* > /dev/null 2>&1
+apt-get update
+apt-get install --reinstall vesta
+
+#----------------------------------------------------------#
+#                       Vesta                              #
+#----------------------------------------------------------#
+
+echo "=== myVesta updated ==="
+
+log_event "$OK" "$ARGUMENTS"
+
+exit

From 5007cc2edfe84d450b4104ff95baaca3b80d48a9 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 5 Feb 2023 16:17:46 +0100
Subject: [PATCH 1821/2300] Update v-update-myvesta

---
 bin/v-update-myvesta | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/bin/v-update-myvesta b/bin/v-update-myvesta
index 9df80894..50ea49a0 100644
--- a/bin/v-update-myvesta
+++ b/bin/v-update-myvesta
@@ -5,7 +5,7 @@
 # The function is downloading the very latest build of myVesta
 
 #----------------------------------------------------------#
-#                    Verifications                         #
+#           Verifications & Variable & Function            #
 #----------------------------------------------------------#
 
 whoami=$(whoami)
@@ -14,6 +14,9 @@ if [ "$whoami" != "root" ]; then
     exit 1
 fi
 
+# Includes
+source /usr/local/vesta/func/main.sh
+
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#

From 43ebf79c34d32efaafe850aaa1ab8d5f915147ce Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 5 Feb 2023 16:19:10 +0100
Subject: [PATCH 1822/2300] Update v-clean-garbage

---
 bin/v-clean-garbage | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/bin/v-clean-garbage b/bin/v-clean-garbage
index 92c5e840..b53b2509 100644
--- a/bin/v-clean-garbage
+++ b/bin/v-clean-garbage
@@ -4,9 +4,8 @@
 #
 # The function is cleaning all unnecessary files like logs
 
-
 #----------------------------------------------------------#
-#                    Verifications                         #
+#           Verifications & Variable & Function            #
 #----------------------------------------------------------#
 
 whoami=$(whoami)
@@ -15,6 +14,9 @@ if [ "$whoami" != "root" ]; then
     exit 1
 fi
 
+# Includes
+source /usr/local/vesta/func/main.sh
+
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#

From cf5b5325d6b014a2320793ab8f9facaec6f41bee Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 5 Feb 2023 16:32:14 +0100
Subject: [PATCH 1823/2300] Update v-clean-garbage

---
 bin/v-clean-garbage | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/bin/v-clean-garbage b/bin/v-clean-garbage
index b53b2509..d4c47267 100644
--- a/bin/v-clean-garbage
+++ b/bin/v-clean-garbage
@@ -22,7 +22,7 @@ source /usr/local/vesta/func/main.sh
 #----------------------------------------------------------#
 
 rm /var/backups/*
-rm /var/cache/apt/archives/*
+rm /var/cache/apt/archives/* > /dev/null 2>&1
 cd /var/log
 truncate -s 0 xferlog lastlog faillog btmp syslog;
 find /var/log/ -name "*.log" -not -path "/var/log/apt/*" -type f -exec truncate -s 0 {} \;
@@ -44,13 +44,13 @@ find /var/log/exim4/ -type f -exec truncate -s 0 {} \;
 
 clean_home() {
     nice -n 19 ionice -c 3 find $1/*/tmp/ -type f -delete
-    find $1/ -name '.wp-cli' -type d -exec rm -rf {} \;
+    find $1/ -name '.wp-cli' -type d -exec rm -rf {} \; > /dev/null 2>&1
     find $1/*/web/*/public_html/wp-content/aiowps_backups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
     find $1/*/web/*/public_html/wp-content/envato-backups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
     find $1/*/web/*/public_html/wp-content/ai1wm-backups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
     find $1/*/web/*/public_html/wp-content/wpvividbackups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
     find $1/*/web/*/public_html/wp-content/updraft/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
-    find $1/*/web/*/public_html/wp-content/ezpz-one-click-backup/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
+    find $1/*/web/*/public_html/wp-content/ezpz-one-click-backup/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete > /dev/null 2>&1
     find $1/*/web/*/public_html/ -type f -name "*.wpress" -delete
     nice -n 19 ionice -c 3 find $1/*/web/*/public_html/ -type f -name "error_log" -exec truncate -s 0 {} \;
     nice -n 19 ionice -c 3 find $1/*/web/*/public_html/ -type f -name "error_log.txt" -exec truncate -s 0 {} \;

From 65f626eda7b7a4a2707f42ce330ea5c8f02c603f Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 5 Feb 2023 16:36:12 +0100
Subject: [PATCH 1824/2300] Update v-clean-garbage

---
 bin/v-clean-garbage | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-clean-garbage b/bin/v-clean-garbage
index d4c47267..c6d41ab9 100644
--- a/bin/v-clean-garbage
+++ b/bin/v-clean-garbage
@@ -50,7 +50,7 @@ clean_home() {
     find $1/*/web/*/public_html/wp-content/ai1wm-backups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
     find $1/*/web/*/public_html/wp-content/wpvividbackups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
     find $1/*/web/*/public_html/wp-content/updraft/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
-    find $1/*/web/*/public_html/wp-content/ezpz-one-click-backup/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete > /dev/null 2>&1
+    find $1/*/web/*/public_html/wp-content/plugins/ezpz-one-click-backup/backups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete > /dev/null 2>&1
     find $1/*/web/*/public_html/ -type f -name "*.wpress" -delete
     nice -n 19 ionice -c 3 find $1/*/web/*/public_html/ -type f -name "error_log" -exec truncate -s 0 {} \;
     nice -n 19 ionice -c 3 find $1/*/web/*/public_html/ -type f -name "error_log.txt" -exec truncate -s 0 {} \;

From d6a84f37d2db6bd44383f5e9bab75f18aea68696 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 5 Feb 2023 16:40:24 +0100
Subject: [PATCH 1825/2300] Update v-update-myvesta

---
 bin/v-update-myvesta | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-update-myvesta b/bin/v-update-myvesta
index 50ea49a0..c3eaf337 100644
--- a/bin/v-update-myvesta
+++ b/bin/v-update-myvesta
@@ -22,7 +22,7 @@ source /usr/local/vesta/func/main.sh
 #----------------------------------------------------------#
 
 rm /var/cache/apt/archives/vesta_* > /dev/null 2>&1
-apt-get update
+apt-get update -o Dir::Etc::sourcelist="sources.list.d/vesta.list" -o Dir::Etc::sourceparts="-" -o APT::Get::List-Cleanup="0"  > /usr/local/vesta/log/update-$package.log 2>&1
 apt-get install --reinstall vesta
 
 #----------------------------------------------------------#

From 94770a5f1220cbc75b4cd626222160fbcaf27e16 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 5 Feb 2023 16:43:14 +0100
Subject: [PATCH 1826/2300] Update v-clean-garbage

---
 bin/v-clean-garbage | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-clean-garbage b/bin/v-clean-garbage
index c6d41ab9..5b402653 100644
--- a/bin/v-clean-garbage
+++ b/bin/v-clean-garbage
@@ -21,7 +21,7 @@ source /usr/local/vesta/func/main.sh
 #                       Action                             #
 #----------------------------------------------------------#
 
-rm /var/backups/*
+rm /var/backups/* > /dev/null 2>&1
 rm /var/cache/apt/archives/* > /dev/null 2>&1
 cd /var/log
 truncate -s 0 xferlog lastlog faillog btmp syslog;

From 33d0e6df9c100ae9edef9cfa607beaba9eadefeb Mon Sep 17 00:00:00 2001
From: isscbta <53144593+isscbta@users.noreply.github.com>
Date: Mon, 6 Feb 2023 15:57:07 +0100
Subject: [PATCH 1827/2300] Update v-activate-rocket-nginx

---
 bin/v-activate-rocket-nginx | 19 +++++++++++++++----
 1 file changed, 15 insertions(+), 4 deletions(-)

diff --git a/bin/v-activate-rocket-nginx b/bin/v-activate-rocket-nginx
index 1b8561c3..08ff2ad8 100644
--- a/bin/v-activate-rocket-nginx
+++ b/bin/v-activate-rocket-nginx
@@ -83,11 +83,22 @@ fi
 echo "Proxy Template is ready"
 
 # Disabling wp-cron in wp-config.php
-echo "Disabling WP-Cron in your wp-config.php..."
-string="define( 'DISABLE_WP_CRON', true );"
-line="define( 'DB_COLLATE', '' );"
+string_disable="define( 'DISABLE_WP_CRON', true );"
+string_enable="define( 'DISABLE_WP_CRON', false );"
+line="
Date: Mon, 6 Feb 2023 18:34:10 +0100
Subject: [PATCH 1828/2300] Update v-activate-rocket-nginx

---
 bin/v-activate-rocket-nginx | 16 +++++++++-------
 1 file changed, 9 insertions(+), 7 deletions(-)

diff --git a/bin/v-activate-rocket-nginx b/bin/v-activate-rocket-nginx
index 08ff2ad8..f6957975 100644
--- a/bin/v-activate-rocket-nginx
+++ b/bin/v-activate-rocket-nginx
@@ -83,23 +83,25 @@ fi
 echo "Proxy Template is ready"
 
 # Disabling wp-cron in wp-config.php
+checkstring_disable="define('DISABLE_WP_CRON', true)"
+checkstring_enable="define('DISABLE_WP_CRON', false)"
 string_disable="define( 'DISABLE_WP_CRON', true );"
-string_enable="define( 'DISABLE_WP_CRON', false );"
 line="
Date: Fri, 10 Feb 2023 17:40:20 +0100
Subject: [PATCH 1829/2300] Update v-move-domain-and-database-to-account

---
 bin/v-move-domain-and-database-to-account | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/bin/v-move-domain-and-database-to-account b/bin/v-move-domain-and-database-to-account
index d055e361..6a97383d 100644
--- a/bin/v-move-domain-and-database-to-account
+++ b/bin/v-move-domain-and-database-to-account
@@ -42,6 +42,11 @@ fi
 
 USER_TO=$user
 
+if [ ! -d "/backup" ]; then
+  echo "There is no /backup folder, creating it now..."
+  mkdir /backup
+fi
+
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#

From 6770d3bc4c619155e25698ff8373566a3b813bf4 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 10 Feb 2023 19:37:45 +0100
Subject: [PATCH 1830/2300] Fix for /backup

---
 bin/v-change-database-owner               | 4 ++++
 bin/v-move-domain-and-database-to-account | 5 -----
 install/vst-install-debian.sh             | 2 ++
 3 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/bin/v-change-database-owner b/bin/v-change-database-owner
index d84d8eb2..983f7cb1 100755
--- a/bin/v-change-database-owner
+++ b/bin/v-change-database-owner
@@ -60,6 +60,10 @@ if [ ! -z "$check_db" ]; then
     exit $E_EXISTS
 fi
 
+if [ ! -d "/backup" ]; then
+  echo "There is no /backup folder, creating it now..."
+  mkdir /backup
+fi
 
 #----------------------------------------------------------#
 #                       Action                             #
diff --git a/bin/v-move-domain-and-database-to-account b/bin/v-move-domain-and-database-to-account
index 6a97383d..d055e361 100644
--- a/bin/v-move-domain-and-database-to-account
+++ b/bin/v-move-domain-and-database-to-account
@@ -42,11 +42,6 @@ fi
 
 USER_TO=$user
 
-if [ ! -d "/backup" ]; then
-  echo "There is no /backup folder, creating it now..."
-  mkdir /backup
-fi
-
 #----------------------------------------------------------#
 #                       Action                             #
 #----------------------------------------------------------#
diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 650fa241..4349a56d 100755
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -595,6 +595,8 @@ fi
 #                         Backup                           #
 #----------------------------------------------------------#
 
+mkdir /backup
+
 echo "=== Creating backup directory tree"
 mkdir -p $vst_backups
 cd $vst_backups

From a28436e6e8bdec0b0cd58de574365eb1b6a96086 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 11 Feb 2023 19:20:03 +0100
Subject: [PATCH 1831/2300] Update multi-php-install.sh

---
 src/deb/for-download/tools/multi-php-install.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/for-download/tools/multi-php-install.sh b/src/deb/for-download/tools/multi-php-install.sh
index 58ec502d..14253444 100644
--- a/src/deb/for-download/tools/multi-php-install.sh
+++ b/src/deb/for-download/tools/multi-php-install.sh
@@ -54,7 +54,7 @@ if [ $# -gt 8 ]; then
     inst_81=$9
 fi
 if [ $# -gt 9 ]; then
-    inst_82=$10
+    inst_82=${10}
 fi
 
 if [ $inst_56 -eq 1 ] || [ $inst_70 -eq 1 ] || [ $inst_71 -eq 1 ] || [ $inst_72 -eq 1 ] || [ $inst_73 -eq 1 ] || [ $inst_74 -eq 1 ] || [ $inst_80 -eq 1 ] || [ $inst_81 -eq 1 ] || [ $inst_82 -eq 1 ]; then

From e0b90ef9d65c7e7a3756920f0f8f9bfa50204c7b Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 11 Feb 2023 19:43:58 +0100
Subject: [PATCH 1832/2300] v-install-wordpress: Check if MariaDB allows long
 database name

---
 bin/v-install-wordpress | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/bin/v-install-wordpress b/bin/v-install-wordpress
index 0e24f847..4bf82c5f 100644
--- a/bin/v-install-wordpress
+++ b/bin/v-install-wordpress
@@ -26,6 +26,7 @@ USER=$user
 # Includes
 source /usr/local/vesta/func/main.sh
 source /usr/local/vesta/func/db.sh
+source /usr/local/vesta/conf/vesta.conf
 
 if [ -z "$user" ]; then
     check_result $E_NOTEXIST "domain $domain doesn't exist"
@@ -49,7 +50,11 @@ is_object_unsuspended 'user' 'USER' "$user"
 source /usr/local/vesta/func/handle_parameters.sh
 
 if [ -z "$database" ]; then
-    database=$(echo "$domain" | sed 's#\.#_#g')
+    if [ ! -z "$MAX_DBUSER_LEN" ] && [ "$MAX_DBUSER_LEN" -ge 80  ]; then
+        database=$(echo "$domain" | sed 's#\.#_#g')
+    else
+       database="wp"
+    fi
 fi
 
 if [ -z "$email" ]; then

From 7fe91ca4c98e1731f084977674c20f455706244d Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 11 Feb 2023 20:29:14 +0100
Subject: [PATCH 1833/2300] v-clone-website: By default cloning to DB:
 user_domain_com

instead of cloning to database: user_old_db_migrated
---
 bin/v-clone-website | 66 ++++++++++++++++++++++++++-------------------
 1 file changed, 39 insertions(+), 27 deletions(-)

diff --git a/bin/v-clone-website b/bin/v-clone-website
index 2c38eef9..262d1a15 100644
--- a/bin/v-clone-website
+++ b/bin/v-clone-website
@@ -9,7 +9,7 @@
 if [ $# -lt 2 ]; then
     echo "USAGE: v-clone-website FROM_DOMAIN TO_DOMAIN"
     echo "Available parameters:"
-    echo "--DATABASE_SUFIX=... (default is '_migrated')"
+    echo "--DATABASE_SUFIX=... (will be added to database name)"
     echo "--TO_DATABASE=... (this will override --TO_DATABASE_NAME, --TO_DATABASE_USERNAME and --DATABASE_SUFIX)"
     echo "--FROM_DATABASE_NAME=..."
     echo "--FROM_DATABASE_USERNAME=..."
@@ -42,6 +42,7 @@ source /etc/profile
 # Includes
 source /usr/local/vesta/func/main.sh
 source /usr/local/vesta/func/db.sh
+source /usr/local/vesta/conf/vesta.conf
 
 FROM_DATABASE_NAME=''
 FROM_DATABASE_USERNAME=''
@@ -55,6 +56,10 @@ SITE_SUBFOLDER=''
 SEARCH_FOR_CONFIGS_DATABASE_NAME=''
 SEARCH_FOR_CONFIGS_DATABASE_USERNAME=''
 
+if [ ! -z "$MAX_DBUSER_LEN" ] && [ "$MAX_DBUSER_LEN" -ge 80  ]; then
+    DATABASE_SUFIX=''
+fi
+
 #----------------------------------------------------------#
 #                    Verifications                         #
 #----------------------------------------------------------#
@@ -174,33 +179,40 @@ fi
 
 TO_CONFIG_FILE_FULL_PATH="$TO_FOLDER/$FROM_CONFIG_FILE"
 
-LENGTH_OF_DATABASE_SUFIX=${#DATABASE_SUFIX}
-if [ -z "$TO_DATABASE_NAME" ]; then
-    LENGTH_OF_TO_DATABASE_NAME=${#FROM_DATABASE_NAME}
-    START_FROM=$((LENGTH_OF_TO_DATABASE_NAME-LENGTH_OF_DATABASE_SUFIX))
-    CHECK_PREFIX=${FROM_DATABASE_NAME:START_FROM}
-    if [ "$CHECK_PREFIX" = "${DATABASE_SUFIX}" ]; then
-        TO_DATABASE_NAME="${TO_USER}_${FROM_DATABASE_NAME_WITHOUT_PREFIX}"
-        LENGTH_OF_TO_DATABASE_NAME=${#TO_DATABASE_NAME}
-        CUT_TO=$((LENGTH_OF_TO_DATABASE_NAME-LENGTH_OF_DATABASE_SUFIX))
-        TO_DATABASE_NAME=${TO_DATABASE_NAME:0:CUT_TO}
-    else
-        TO_DATABASE_NAME="${TO_USER}_${FROM_DATABASE_NAME_WITHOUT_PREFIX}${DATABASE_SUFIX}"
-    fi
-fi
-if [ -z "$TO_DATABASE_USERNAME" ]; then
-    LENGTH_OF_TO_DATABASE_USERNAME=${#FROM_DATABASE_USERNAME}
-    START_FROM=$((LENGTH_OF_TO_DATABASE_USERNAME-LENGTH_OF_DATABASE_SUFIX))
-    CHECK_PREFIX=${FROM_DATABASE_USERNAME:START_FROM}
-    if [ "$CHECK_PREFIX" = "${DATABASE_SUFIX}" ]; then
-        TO_DATABASE_USERNAME="${TO_USER}_${FROM_DATABASE_USERNAME_WITHOUT_PREFIX}"
-        LENGTH_OF_TO_DATABASE_USERNAME=${#TO_DATABASE_USERNAME}
-        CUT_TO=$((LENGTH_OF_TO_DATABASE_USERNAME-LENGTH_OF_DATABASE_SUFIX))
-        TO_DATABASE_USERNAME=${TO_DATABASE_USERNAME:0:CUT_TO}
-    else
-        TO_DATABASE_USERNAME="${TO_USER}_${FROM_DATABASE_USERNAME_WITHOUT_PREFIX}${DATABASE_SUFIX}"
+if [ ! -z "$MAX_DBUSER_LEN" ] && [ "$MAX_DBUSER_LEN" -ge 80  ] && [ -z "$DATABASE_SUFIX" ]; then
+    TO_DATABASE_NAME=$(echo "$TO_DOMAIN" | sed 's#\.#_#g')
+    TO_DATABASE_NAME="${TO_USER}_$TO_DATABASE_NAME"
+    TO_DATABASE_USERNAME=$TO_DATABASE_NAME
+else
+    LENGTH_OF_DATABASE_SUFIX=${#DATABASE_SUFIX}
+    if [ -z "$TO_DATABASE_NAME" ]; then
+        LENGTH_OF_TO_DATABASE_NAME=${#FROM_DATABASE_NAME}
+        START_FROM=$((LENGTH_OF_TO_DATABASE_NAME-LENGTH_OF_DATABASE_SUFIX))
+        CHECK_PREFIX=${FROM_DATABASE_NAME:START_FROM}
+        if [ "$CHECK_PREFIX" = "${DATABASE_SUFIX}" ]; then
+            TO_DATABASE_NAME="${TO_USER}_${FROM_DATABASE_NAME_WITHOUT_PREFIX}"
+            LENGTH_OF_TO_DATABASE_NAME=${#TO_DATABASE_NAME}
+            CUT_TO=$((LENGTH_OF_TO_DATABASE_NAME-LENGTH_OF_DATABASE_SUFIX))
+            TO_DATABASE_NAME=${TO_DATABASE_NAME:0:CUT_TO}
+        else
+            TO_DATABASE_NAME="${TO_USER}_${FROM_DATABASE_NAME_WITHOUT_PREFIX}${DATABASE_SUFIX}"
+        fi
+    fi
+    if [ -z "$TO_DATABASE_USERNAME" ]; then
+        LENGTH_OF_TO_DATABASE_USERNAME=${#FROM_DATABASE_USERNAME}
+        START_FROM=$((LENGTH_OF_TO_DATABASE_USERNAME-LENGTH_OF_DATABASE_SUFIX))
+        CHECK_PREFIX=${FROM_DATABASE_USERNAME:START_FROM}
+        if [ "$CHECK_PREFIX" = "${DATABASE_SUFIX}" ]; then
+            TO_DATABASE_USERNAME="${TO_USER}_${FROM_DATABASE_USERNAME_WITHOUT_PREFIX}"
+            LENGTH_OF_TO_DATABASE_USERNAME=${#TO_DATABASE_USERNAME}
+            CUT_TO=$((LENGTH_OF_TO_DATABASE_USERNAME-LENGTH_OF_DATABASE_SUFIX))
+            TO_DATABASE_USERNAME=${TO_DATABASE_USERNAME:0:CUT_TO}
+        else
+            TO_DATABASE_USERNAME="${TO_USER}_${FROM_DATABASE_USERNAME_WITHOUT_PREFIX}${DATABASE_SUFIX}"
+        fi
     fi
 fi
+
 if [ ! -z "$TO_DATABASE" ]; then
     TO_DATABASE_USERNAME=$TO_DATABASE
     TO_DATABASE_NAME=$TO_DATABASE
@@ -304,7 +316,7 @@ read -p "=== Press Enter to continue ==="
 if [ $CREATE_TO_USER -eq 1 ]; then
     pass=$(vesta_generate_pass 10)
     echo "=== Create user $TO_USER, pass=$pass"
-    /usr/local/vesta/bin/v-add-user "$TO_USER" "$pass" "info@$TO_DOMAIN" "default" "Migrated" "site"
+    /usr/local/vesta/bin/v-add-user "$TO_USER" "$pass" "info@$TO_DOMAIN" "default" "cloned" "site"
 fi
 
 if [ $CREATE_TO_DOMAIN -eq 1 ]; then

From 5dedc1e8131e2491c578138d38f4c91fa6186e5f Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 11 Feb 2023 20:35:00 +0100
Subject: [PATCH 1834/2300] Checking for $CREATE_TO_DATABASE in v-clone-website

---
 bin/v-clone-website | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/bin/v-clone-website b/bin/v-clone-website
index 262d1a15..df98c6db 100644
--- a/bin/v-clone-website
+++ b/bin/v-clone-website
@@ -271,6 +271,12 @@ else
     fi
 fi
 
+CREATE_TO_DATABASE=0
+object=$(grep "DB='$TO_DATABASE_NAME'" $VESTA/data/users/$TO_USER/db.conf)
+if [ -z "$object" ]; then
+    CREATE_TO_DATABASE=1
+fi
+
 # ----------- PRINT -------------
 
 echo "==============================================================================="
@@ -299,6 +305,7 @@ echo "TO_DATABASE_USERNAME_WITHOUT_PREFIX   = $TO_DATABASE_USERNAME_WITHOUT_PREF
 echo "DATABASE_SUFIX        = $DATABASE_SUFIX"
 echo "CREATE_TO_USER        = $CREATE_TO_USER"
 echo "CREATE_TO_DOMAIN      = $CREATE_TO_DOMAIN"
+echo "CREATE_TO_DATABASE    = $CREATE_TO_DATABASE"
 echo "SHOULD_INSTALL_SSL    = $SHOULD_INSTALL_SSL"
 echo "FROM_DOMAIN_TPL       = $FROM_DOMAIN_TPL"
 echo "FROM_FPM_VER          = $FROM_FPM_VER"
@@ -316,7 +323,7 @@ read -p "=== Press Enter to continue ==="
 if [ $CREATE_TO_USER -eq 1 ]; then
     pass=$(vesta_generate_pass 10)
     echo "=== Create user $TO_USER, pass=$pass"
-    /usr/local/vesta/bin/v-add-user "$TO_USER" "$pass" "info@$TO_DOMAIN" "default" "cloned" "site"
+    /usr/local/vesta/bin/v-add-user "$TO_USER" "$pass" "info@$TO_DOMAIN" "default" "Cloned" "site"
 fi
 
 if [ $CREATE_TO_DOMAIN -eq 1 ]; then
@@ -352,8 +359,7 @@ if [ ! -z "$FROM_DOMAIN_PROXY_TPL" ]; then
     /usr/local/vesta/bin/v-change-web-domain-proxy-tpl "$TO_USER" "$TO_DOMAIN" "$FROM_DOMAIN_PROXY_TPL" "$FROM_DOMAIN_PROXY_EXT" "yes"
 fi
 
-object=$(grep "DB='$TO_DATABASE_NAME'" $VESTA/data/users/$TO_USER/db.conf)
-if [ -z "$object" ]; then
+if [ $CREATE_TO_DATABASE -eq 1 ]; then
     echo "=== Create database $TO_DATABASE_NAME"
     /usr/local/vesta/bin/v-add-database "$TO_USER" "$TO_DATABASE_NAME_WITHOUT_PREFIX" "$TO_DATABASE_USERNAME_WITHOUT_PREFIX" "$TO_DATABASE_PASSWORD" 'mysql' 'localhost' 'utf8'
 fi

From 0ab6925adb4c63abc3618b3a8cc069d675873468 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 12 Feb 2023 15:59:45 +0100
Subject: [PATCH 1835/2300] Create v-commander

---
 bin/v-commander | 515 ++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 515 insertions(+)
 create mode 100644 bin/v-commander

diff --git a/bin/v-commander b/bin/v-commander
new file mode 100644
index 00000000..6fe05286
--- /dev/null
+++ b/bin/v-commander
@@ -0,0 +1,515 @@
+#!/bin/bash
+
+numargs=$#
+
+SHOWHEADER=0
+if [ $numargs -eq 0 ]; then
+    SHOWHEADER=1
+fi
+if [ $numargs -eq 1 ] && [ "$1" = "q" ]; then
+    SHOWHEADER=1
+fi
+
+
+source /etc/profile
+PATH=$PATH:/usr/local/vesta/bin && export PATH
+echo "======================= mvVesta-commander ================================"
+
+if [ -f /root/kernelupdate ]; then
+    rm /root/kernelupdate
+fi
+apt_upgraded=0
+quit_on_empty=0
+
+if [ $SHOWHEADER -eq 1 ]; then
+    hostname
+    if [ -f "/root/current-status.txt" ]; then
+        echo "------------------ WAS LONG TIME AGO ------------------"
+        cat /root/current-status.txt
+        truncate -s 0 /root/current-status.txt
+    fi
+    echo -n 'Debian ' >> /root/current-status.txt && cat /etc/debian_version >> /root/current-status.txt
+    php -v | grep '^PHP' >> /root/current-status.txt
+    /usr/local/vesta/bin/v-list-sys-services >> /root/current-status.txt
+    /usr/local/vesta/bin/v-list-sys-web-status | grep "Server MPM:" >> /root/current-status.txt
+    w | grep 'load average' >> /root/current-status.txt
+    df -h | grep "/$" >> /root/current-status.txt
+
+    echo "------------------------ NOW ------------------------"
+    cat /root/current-status.txt
+    echo "-----------------------------------------------------"
+    echo "(press 'h' for help)"
+    echo ""
+fi
+
+check_status() {
+    echo "=============================================================="
+    hostname
+    echo "------------------------ WAS ------------------------"
+    cat /root/current-status.txt
+    echo "------------------------ NOW ------------------------"
+    hostname
+    echo -n 'Debian ' && cat /etc/debian_version
+    php -v | grep '^PHP'
+    /usr/local/vesta/bin/v-list-sys-services
+    /usr/local/vesta/bin/v-list-sys-web-status | grep "Server MPM:"
+    w | grep 'load average'
+    df -h | grep "/$"
+    echo "-----------------------------------------------------"
+}
+
+myhelp() {
+    echo "---------- Press: -----------"
+    echo "u  = apt-get update"
+    echo "g  = apt-get upgrade"
+    echo "c  = check status"
+    echo "e  = make sure Apache is in mpm_event"
+    echo "s  = download sury.org apt-get key"
+    echo "m  = install php-memcached"
+    echo "p  = set version of php as default"
+    echo "v  = update myVesta"
+    echo "vo = update myVesta without 'apt-get update'"
+    echo "t  = clean the trash"
+    echo "w  = w"
+    echo "d  = df -h"
+    echo "f  = free -h"
+    echo "b  = bash"
+    echo "r  = reboot"
+    echo "q  = quit"
+    echo "h  = help"
+    echo "-----------------------------"
+    echo "inst v   = install myVesta"
+    echo "inst p   = install multi-php"
+    echo "inst pgw = install php-gate"
+    echo "inst r   = install new Roundcube"
+    echo "dis fb   = stop and disable fail2ban"
+    echo "dis dove = stop and disable dovecot"
+    echo "dis spam = stop and disable spam"
+    echo "dis clam = stop and disable clamav"
+    echo "p 7.0    = set default php 7.0"
+    echo "p 7.3    = set default php 7.3"
+    echo "p 7.4    = set default php 7.4"
+    echo "p def    = set proper default php"
+    echo "e def    = set mpm_event if needed"
+    echo "m def    = install php-memcached if needed"
+    echo "check fc = check if FreshClam is up"
+    echo "-----------------------------"
+    echo "enable-ssh-root-password-login = Allow root password authentication via SSH and set the root password to match the password for the admin account"
+    echo "-----------------------------"
+}
+
+COUNTER=0
+
+while true
+do
+
+    COUNTER=$((COUNTER + 1))
+    if [ $COUNTER -le $numargs ]; then
+        answer=$1
+        shift
+    else
+        read -p 'What to do: ' answer
+    fi
+
+    if [ "$answer" = 'prompt' ] || [ "$answer" = 'PROMPT' ]; then
+        echo "============================="
+        echo "hostname: $HOSTNAME"
+        read -p 'What to do [or press Enter to continue]: ' answer
+    fi
+    
+    if [ "$answer" = '' ] && [ $quit_on_empty -eq 1 ]; then
+        answer='q'
+    fi
+
+    if [ "$answer" = 'quit-on-empty' ]; then
+        echo "== the script will quit on next enter"
+        quit_on_empty=1
+    fi
+
+    if [ "$answer" = 'u' ] || [ "$answer" = 'U' ]; then
+        echo "============================="
+        echo "== running: apt-get update"
+        release=$(cat /etc/debian_version | tr "." "\n" | head -n1)
+        if [ "$release" -lt 10 ]; then
+            apt-get update
+        else
+            apt-get update --allow-releaseinfo-change
+        fi
+    fi
+
+    if [ "$answer" = 'g' ] || [ "$answer" = 'G' ]; then
+        echo "============================="
+        echo "== running: apt-get upgrade"
+        
+        if [ $apt_upgraded -eq 0 ]; then
+            cp /var/log/apt/history.log /var/log/apt/history-`date +"%Y%m%d%H%M%S"`.log
+            truncate -s 0 /var/log/apt/history.log
+        fi
+        
+        apt-get -y --with-new-pkgs upgrade
+        apt-get -y dist-upgrade
+        apt_upgraded=1
+        
+        kernelupdate=$(grep -c 'linux-image-' /var/log/apt/history.log)
+        if [ $kernelupdate -gt 0 ]; then
+            touch /root/kernelupdate
+            echo "== kernel is updated"
+        else
+            echo "== kernel is not updated"
+        fi
+    fi
+
+    if [ "$answer" = 'c' ] || [ "$answer" = 'C' ]; then
+        check_status
+    fi
+
+    if [ "$answer" = 's' ] || [ "$answer" = 'S' ]; then
+        if [ -f "/etc/apt/trusted.gpg.d/php.gpg" ]; then
+            echo "============================="
+            echo "== renewing sury.org gpg key"
+            wget -nv -O /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg
+        fi
+    fi
+
+    if [ "$answer" = 'e def' ] || [ "$answer" = 'E DEF' ]; then
+        release=$(cat /etc/debian_version | tr "." "\n" | head -n1)
+        echo "============================="
+        echo "== checking if we need mpm_event mode"
+        echo "== detected Debian $release"
+        if [ "$release" -eq 10 ] || [ "$release" -eq 11 ] || [ -f "/root/switch-apache-to-event-mode.sh" ]; then
+            isevent=$(/usr/local/vesta/bin/v-list-sys-web-status | grep -c "Server MPM: event")
+            if [ $isevent -eq 0 ]; then
+                echo "== Apache should be switched to mpm_event mode"
+                answer='e'
+            else
+                echo "== Apache is already in mpm_event mode"
+            fi
+        fi
+        
+    fi
+    if [ "$answer" = 'e' ] || [ "$answer" = 'E' ]; then
+        echo "============================="
+        echo "== switching to mpm_event mode"
+        apt-get -y remove libapache2-mod-php*
+        a2dismod ruid2
+        a2dismod suexec
+        a2dismod php5.6
+        a2dismod php7.0
+        a2dismod php7.1
+        a2dismod php7.2
+        a2dismod php7.3
+        a2dismod php7.4
+        a2dismod php8.0
+        a2dismod php8.1
+        a2dismod php8.2
+        a2dismod mpm_prefork
+        a2enmod mpm_event
+        systemctl restart apache2
+    fi
+
+    if [ "$answer" = 'dis fb' ] || [ "$answer" = 'DIS FB' ]; then
+        echo "============================="
+        echo "== disabling fail2ban"
+        systemctl stop fail2ban
+        systemctl disable fail2ban
+        systemctl status fail2ban
+    fi
+
+    if [ "$answer" = 'dis dove' ] || [ "$answer" = 'DIS DOVE' ]; then
+        echo "============================="
+        echo "== disabling dovecot"
+        systemctl stop dovecot.service
+        systemctl stop dovecot.socket
+        systemctl disable dovecot.service
+    fi
+
+    if [ "$answer" = 'dis clam' ] || [ "$answer" = 'DIS CLAM' ]; then
+        echo "============================="
+        echo "== disabling ClamAV"
+        systemctl stop clamav-daemon.service
+        systemctl disable clamav-daemon.service
+
+        systemctl stop clamav-freshclam.service
+        systemctl disable clamav-freshclam.service
+
+        sed -i "s/^CLAMD =/#CLAMD =/g" /etc/exim4/exim4.conf.template
+        systemctl restart exim4
+    fi
+
+    if [ "$answer" = 'dis spam' ] || [ "$answer" = 'DIS SPAM' ]; then
+        echo "============================="
+        echo "== disabling SpamAssassin"
+        systemctl stop spamassassin.service
+        systemctl disable spamassassin.service
+
+        sed -i "s/^SPAMASSASSIN =/#SPAMASSASSIN =/g" /etc/exim4/exim4.conf.template
+        sed -i "s/^SPAM_SCORE =/#SPAM_SCORE =/g" /etc/exim4/exim4.conf.template
+        systemctl restart exim4
+    fi
+
+    if [ "$answer" = 'p' ] || [ "$answer" = 'P' ]; then
+        echo "============================="
+        echo "== changing default php version"
+        update-alternatives --config php
+        echo "--- NEW ---"
+        php -v | grep '^PHP'
+    fi
+
+    if [ "$answer" = 'p 7.0' ] || [ "$answer" = 'P 7.0' ]; then
+        echo "============================="
+        echo "== changing default php version to 7.0"
+        update-alternatives --set php /usr/bin/php7.0
+        echo "--- NEW ---"
+        php -v | grep '^PHP'
+    fi
+
+    if [ "$answer" = 'p 7.3' ] || [ "$answer" = 'P 7.3' ]; then
+        echo "============================="
+        echo "== changing default php version to 7.3"
+        update-alternatives --set php /usr/bin/php7.3
+        echo "--- NEW ---"
+        php -v | grep '^PHP'
+    fi
+
+    if [ "$answer" = 'p 7.4' ] || [ "$answer" = 'P 7.4' ]; then
+        echo "============================="
+        echo "== changing default php version to 7.4"
+        update-alternatives --set php /usr/bin/php7.4
+        echo "--- NEW ---"
+        php -v | grep '^PHP'
+    fi
+
+    if [ "$answer" = 'p def' ] || [ "$answer" = 'P DEF' ]; then
+        echo "============================="
+        echo "== checking if we need to change default php version"
+        automode=$(update-alternatives --display php | grep -c 'auto mode')
+        echo "============================="
+        if [ $automode -ge 1 ]; then
+            echo "=== php auto mode detected"
+            release=$(cat /etc/debian_version | tr "." "\n" | head -n1)
+            echo "== detected Debian $release"
+            if [ "$release" -eq 8 ]; then
+                echo "== set default php 5"
+                update-alternatives --set php /usr/bin/php5
+            fi
+            if [ "$release" -eq 9 ]; then
+                echo "== set default php 7.0"
+                update-alternatives --set php /usr/bin/php7.0
+            fi
+            if [ "$release" -eq 10 ]; then
+                echo "== set default php 7.3"
+                update-alternatives --set php /usr/bin/php7.3
+            fi
+            if [ "$release" -eq 11 ]; then
+                echo "== set default php 7.4"
+                update-alternatives --set php /usr/bin/php7.4
+            fi
+            echo "--- NEW ---"
+            php -v | grep '^PHP'
+        else
+            echo "== php is already in manual mode"
+            php -v | grep '^PHP'
+        fi
+    fi
+
+
+    if [ "$answer" = 'v' ] || [ "$answer" = 'V' ]; then
+        echo "============================="
+        echo "== updating myVesta"
+        if [ -f "/usr/local/vesta/bin/v-update-myvesta" ]; then
+            /usr/local/vesta/bin/v-update-myvesta
+        else
+            number_of_files=$(ls /var/cache/apt/archives/vesta_.* 2>/dev/null | wc -l)
+            if [ $number_of_files -gt 0 ]; then
+                rm /var/cache/apt/archives/vesta_* > /dev/null 2>&1
+            fi
+            apt-get update -o Dir::Etc::sourcelist="sources.list.d/vesta.list" -o Dir::Etc::sourceparts="-" -o APT::Get::List-Cleanup="0"  > /usr/local/vesta/log/update-$package.log 2>&1
+            apt-get install --reinstall vesta
+        fi
+    fi
+
+    if [ "$answer" = 'vo' ] || [ "$answer" = 'VO' ]; then
+        echo "============================="
+        echo "== updating myVesta (without 'apt-get update')"
+        number_of_files=$(ls /var/cache/apt/archives/vesta_.* 2>/dev/null | wc -l)
+        if [ $number_of_files -gt 0 ]; then
+            rm /var/cache/apt/archives/vesta_* > /dev/null 2>&1
+        fi
+        apt-get install --reinstall vesta
+    fi
+
+    if [ "$answer" = 'vor' ] || [ "$answer" = 'VOR' ]; then
+        echo "============================="
+        echo "== updating myVesta (without apt-get update and without reinstall)"
+        number_of_files=$(ls /var/cache/apt/archives/vesta_.* 2>/dev/null | wc -l)
+        if [ $number_of_files -gt 0 ]; then
+            rm /var/cache/apt/archives/vesta_* > /dev/null 2>&1
+        fi
+        apt-get install vesta
+    fi
+
+    if [ "$answer" = 't' ] || [ "$answer" = 'T' ]; then
+        echo "============================="
+        echo "== cleaning trash"
+        df -m
+        ps -Af | grep tailf | grep -v "grep tailf"
+        if [ -f "/usr/local/bin/tailf_apache_error.php" ]; then
+            kill $(ps aux | grep 'tailf_apache_error' | grep -v "grep tailf_apache_error" | awk '{print $2}')
+        fi
+        if [ -f "/usr/local/bin/tailf_exim.php" ]; then
+            kill $(ps aux | grep 'tailf_exim' | grep -v "grep tailf_exim" | awk '{print $2}')
+        fi
+        echo "------"
+        ps -Af | grep tailf | grep -v "grep tailf"
+        echo "------"
+        sleep 2
+        truncate -s 0 /*.log
+        rm /panic-*.log
+        rm /var/log/panic-*.log
+        /usr/local/vesta/bin/v-clean-garbage
+        sleep 2
+        if [ -f "/usr/local/bin/tailf_apache_error.php" ]; then
+            nohup php /usr/local/bin/tailf_apache_error.php > /var/log/tailf_apache_error.log &
+        fi
+        if [ -f "/usr/local/bin/tailf_exim.php" ]; then
+            nohup php /usr/local/bin/tailf_exim.php > /var/log/tailf_exim.log &
+        fi
+        echo "--------------"
+        df -m
+        echo "--------------"
+        sleep 2
+        ps -Af | grep tailf | grep -v "grep tailf"
+    fi
+
+    if [ "$answer" = 'm def' ] || [ "$answer" = 'M DEF' ]; then
+        phpupdate=$(grep -c 'php' /var/log/apt/history.log)
+        if [ $phpupdate -gt 0 ]; then
+            answer='m'
+        fi
+    fi
+
+    if [ "$answer" = 'm' ] || [ "$answer" = 'M' ]; then
+        echo "============================="
+        echo "== installing php-memcache modules"
+        apt-get install -y $(systemctl --full --type service --all | grep "php...-fpm" | awk '{print $1}' | cut -c1-6 | xargs -n 1 printf "%s-memcache ")
+        apt-get install -y $(systemctl --full --type service --all | grep "php...-fpm" | awk '{print $1}' | cut -c1-6 | xargs -n 1 printf "%s-memcached ")
+    fi
+
+    if [ "$answer" = 'd' ] || [ "$answer" = 'D' ]; then
+        echo "============================="
+        echo "== running: df -h"
+        df -h
+    fi
+
+    if [ "$answer" = 'f' ] || [ "$answer" = 'F' ]; then
+        echo "============================="
+        echo "== running: free -h"
+        free -h
+    fi
+
+    if [ "$answer" = 'w' ] || [ "$answer" = 'W' ]; then
+        echo "== running: free -h"
+        w
+    fi
+
+    if [ "$answer" = 'inst p' ] || [ "$answer" = 'INST P' ]; then
+        echo "============================="
+        echo "== installing new PHP versions"
+        cd /root
+        wget -nv -O /root/vesta-inst-php.sh https://c.myvestacp.com/tools/multi-php-install.sh
+        chmod u+x ./vesta-inst-php.sh
+        mcedit ./vesta-inst-php.sh
+        sudo ./vesta-inst-php.sh
+    fi
+
+    if [ "$answer" = 'inst pgw' ] || [ "$answer" = 'INST PGW' ]; then
+        echo "============================="
+        echo "== Installing phpgate"
+        wget -nv http://dl.myvestacp.com/vesta/install-phpgate.sh -O /root/install-phpgate.sh
+        chmod u+x /root/install-phpgate.sh
+        /root/install-phpgate.sh
+    fi
+
+    if [ "$answer" = 'check fc' ] || [ "$answer" = 'CHECK FC' ]; then
+        echo "== Checking if FreshClam is up"
+        clamavup=$(/usr/local/vesta/bin/v-list-sys-services | grep 'clamav-daemon' | grep -c 'running')
+        freshclamdown=$(/usr/local/vesta/bin/v-list-sys-services | grep 'clamav-freshclam' | grep -c 'off')
+        if [ $clamavup -eq 1 ] && [ $freshclamdown -eq 1 ]; then
+            echo "== Starting FreshClam"
+            systemctl enable clamav-freshclam.service
+            systemctl start clamav-freshclam.service
+        fi
+    fi
+    
+    if [ "$answer" = 'enable-ssh-root-password-login' ] || [ "$answer" = 'ENABLE-SSH-ROOT-PASSWORD-LOGIN' ]; then
+        sed -i "s|^PermitRootLogin .*|PermitRootLogin yes|g" /etc/ssh/sshd_config
+        sed -i "s|^#PermitRootLogin .*|PermitRootLogin yes|g" /etc/ssh/sshd_config
+        systemctl restart sshd
+        echo "--- New settings ---"
+        grep '^PermitRoot' /etc/ssh/sshd_config
+        echo "--------------------"
+        adminline=$(grep '^admin:' /etc/shadow)
+        adminline=${adminline:6}
+        adminline="root:$adminline"
+        sed -i "s#^root:.*#$adminline#" /etc/shadow
+        echo "root password is now the same as admin password."
+        echo "--------------------"
+        grep '^root:' /etc/shadow
+        grep '^admin:' /etc/shadow
+        echo "--------------------"
+        echo "Port 22 opened in Firewall for all IP addresses."
+        /usr/local/vesta/bin/v-unsuspend-firewall-rule "11"
+        echo "--------------------"
+    fi
+
+
+    if [ "$answer" = 'r' ] || [ "$answer" = 'R' ]; then
+        echo "============================="
+        echo "== Rebooting the server"
+        reboot
+    fi
+
+    if [ "$answer" = 'b' ] || [ "$answer" = 'B' ]; then
+        echo "============================="
+        echo "== Running bash"
+        bash
+    fi
+
+    if [ "$answer" = 'q' ] || [ "$answer" = 'Q' ]; then
+        echo "============================="
+        echo "== Exiting... bye bye :)"
+        exit 0
+    fi
+
+    if [ "$answer" = 'h' ] || [ "$answer" = 'H' ]; then
+        myhelp
+    fi
+
+    if [ "$answer" = 'inst v' ] || [ "$answer" = 'INST V' ]; then
+        echo "============================="
+        echo "== installing myVesta"
+        release=$(cat /etc/debian_version | tr "." "\n" | head -n1)
+        if [ "$release" -lt 10 ]; then
+            apt-get update
+        else
+            apt-get update --allow-releaseinfo-change
+        fi
+        apt-get -y --with-new-pkgs upgrade && apt-get -y dist-upgrade
+        apt-get -y install curl wget mc git sudo dnsutils screen
+        cd ~
+        curl -O http://c.myvestacp.com/vst-install-debian.sh
+        sudo bash vst-install-debian.sh
+        source /etc/profile
+        PATH=$PATH:/usr/local/vesta/bin && export PATH
+    fi
+
+    if [ "$answer" = 'inst r' ] || [ "$answer" = 'INST R' ]; then
+        echo "============================="
+        echo "== Installing new Roundcube"
+        wget -nv https://c.myvestacp.com/tools/install-new-roundcube.sh -O /root/install-new-roundcube.sh
+        chmod u+x /root/install-new-roundcube.sh
+        mcedit /root/install-new-roundcube.sh
+        /root/install-new-roundcube.sh
+    fi
+
+done

From df9e5508e09ed9b500971ec91eb4f9579a1ecccb Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 12 Feb 2023 16:21:32 +0100
Subject: [PATCH 1836/2300] Update Changelog.md

---
 Changelog.md | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/Changelog.md b/Changelog.md
index f49b75e4..9af9791b 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -1,3 +1,11 @@
+Version 0.9.8-26-60 [12-Feb-2023]
+==================================================
+* New script: v-commander (useful for maintaining the server)
+* New script: v-activate-rocket-nginx (serve WP-Rocket cache directly from nginx)
+* New script: v-update-myvesta (get the very latest build of myVesta)
+* v-clone-website: By default cloning to database: user_domain_com (instead of cloning to database: user_old_db_migrated)
+* Many minor bugfixes
+
 Version 0.9.8-26-59 [01-Feb-2023]
 ==================================================
 * Support for PHP 8.2

From 1e201598474a912074d9af3157dd6fc41a9a7b38 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 12 Feb 2023 16:22:53 +0100
Subject: [PATCH 1837/2300] Version 0.9.8-26-60

---
 src/deb/latest.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/latest.txt b/src/deb/latest.txt
index 44148247..68750920 100644
--- a/src/deb/latest.txt
+++ b/src/deb/latest.txt
@@ -1 +1 @@
-vesta-0.9.8-26-59
+vesta-0.9.8-26-60

From 7c9dfd4c05bd2b0afda9bb47836fc05d7970b274 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 15 Feb 2023 14:00:04 +0100
Subject: [PATCH 1838/2300] Update v-activate-rocket-nginx

---
 bin/v-activate-rocket-nginx | 1 +
 1 file changed, 1 insertion(+)

diff --git a/bin/v-activate-rocket-nginx b/bin/v-activate-rocket-nginx
index f6957975..8e5d8ee1 100644
--- a/bin/v-activate-rocket-nginx
+++ b/bin/v-activate-rocket-nginx
@@ -83,6 +83,7 @@ fi
 echo "Proxy Template is ready"
 
 # Disabling wp-cron in wp-config.php
+cd /home/$user/web/$domain/public_html
 checkstring_disable="define('DISABLE_WP_CRON', true)"
 checkstring_enable="define('DISABLE_WP_CRON', false)"
 string_disable="define( 'DISABLE_WP_CRON', true );"

From a997f6f59c7bc134a00f5ad4b97e76d0aef54128 Mon Sep 17 00:00:00 2001
From: isscbta <53144593+isscbta@users.noreply.github.com>
Date: Thu, 16 Feb 2023 20:50:57 +0100
Subject: [PATCH 1839/2300] Update v-activate-rocket-nginx

---
 bin/v-activate-rocket-nginx | 38 ++++++++++++++++++++++---------------
 1 file changed, 23 insertions(+), 15 deletions(-)

diff --git a/bin/v-activate-rocket-nginx b/bin/v-activate-rocket-nginx
index 8e5d8ee1..770cb866 100644
--- a/bin/v-activate-rocket-nginx
+++ b/bin/v-activate-rocket-nginx
@@ -104,23 +104,31 @@ fi
 
 
 # Adding cron job
-echo "Adding cron job..."
-
-TPL=$(/usr/local/vesta/bin/v-list-web-domain $user $domain shell | grep 'TEMPLATE:' | awk '{print $2}')
-if [[ $TPL == "PHP-FPM-"* ]]; then
-    fpm_tpl_ver=${TPL:8:2}
-    fpm_ver="${TPL:8:1}.${TPL:9:1}"
+# Check if a cron job already exists for any of the specified PHP-FPM versions
+existing_cron=$(crontab -l -u $user | grep "*/15.*wp-cron.php.*php[5-8].[6-9]\|8.[0-2]" | grep -v "grep")
+
+if [ ! -z "$existing_cron" ]; then
+    echo "There is already a cron job added for user $user and domain $domain."
+else
+    echo "Adding cron job..."
+
+    # Add the cron job
+    TPL=$(/usr/local/vesta/bin/v-list-web-domain $user $domain shell | grep 'TEMPLATE:' | awk '{print $2}')
+    if [[ $TPL == "PHP-FPM-"* ]]; then
+        fpm_tpl_ver=${TPL:8:2}
+        fpm_ver="${TPL:8:1}.${TPL:9:1}"
+    fi
+
+    touch /home/$user/web/$domain/cron.log
+    chown $user:$user /home/$user/web/$domain/cron.log
+
+    case $fpm_ver in
+        5.6 | 7.0 | 7.1 | 7.2 | 7.3 | 7.4 | 8.0 | 8.1 | 8.2) 
+            /usr/local/vesta/bin/v-add-cron-job "$user" "*/15" "*" "*" "*" "*" "cd /home/$user/web/$domain/public_html; /usr/bin/php$fpm_ver wp-cron.php >/home/$user/web/$domain/cron.log 2>&1"
+            ;;
+    esac
 fi
 
-touch /home/$user/web/$domain/cron.log
-chown $user:$user /home/$user/web/$domain/cron.log
-
-case $fpm_ver in
-    5.6 | 7.0 | 7.1 | 7.2 | 7.3 | 7.4 | 8.0 | 8.1 | 8.2) 
-    /usr/local/vesta/bin/v-add-cron-job "$user" "*/15" "*" "*" "*" "*" "cd /home/$user/web/$domain/public_html; /usr/bin/php$fpm_ver wp-cron.php >/home/$user/web/$domain/cron.log 2>&1"
-    ;;
-esac
-
 #----------------------------------------------------------#
 #                       Vesta                              #
 #----------------------------------------------------------#

From 38ec1b872f73fa4f531f14c3c943e58ca3d836c2 Mon Sep 17 00:00:00 2001
From: isscbta <53144593+isscbta@users.noreply.github.com>
Date: Thu, 16 Feb 2023 21:04:20 +0100
Subject: [PATCH 1840/2300] Update v-activate-rocket-nginx

---
 bin/v-activate-rocket-nginx | 22 ++++++++++++++++------
 1 file changed, 16 insertions(+), 6 deletions(-)

diff --git a/bin/v-activate-rocket-nginx b/bin/v-activate-rocket-nginx
index 770cb866..f42a1fc3 100644
--- a/bin/v-activate-rocket-nginx
+++ b/bin/v-activate-rocket-nginx
@@ -73,14 +73,24 @@ fi
 #----------------------------------------------------------#
 
 # Changing Proxy Template
-echo "Do you want to force-https in your Proxy Template or not (y/n):"
-read answer
-if [ "$answer" == "y" ]; then
-    /usr/local/vesta/bin/v-change-web-domain-proxy-tpl "$user" "$domain" "wprocket-force-https"
+# Check if the proxy template is already set correctly
+current_template=$(/usr/local/vesta/bin/v-list-web-domain $user $domain | grep 'PROXY:' | awk '{print $2}')
+if [ "$current_template" == "wprocket-force-https" ] || [ "$current_template" == "wprocket-hosting" ]; then
+    echo "Proxy Template is already set up correctly"
 else
-    /usr/local/vesta/bin/v-change-web-domain-proxy-tpl "$user" "$domain" "wprocket-hosting"
+    # Prompt the user to choose whether to force HTTPS or not
+    echo "Do you want to force-https in your Proxy Template or not (y/n):"
+    read answer
+
+    # Change the proxy template based on the user's choice
+    if [ "$answer" == "y" ]; then
+        /usr/local/vesta/bin/v-change-web-domain-proxy-tpl "$user" "$domain" "wprocket-force-https"
+    else
+        /usr/local/vesta/bin/v-change-web-domain-proxy-tpl "$user" "$domain" "wprocket-hosting"
+    fi
+
+    echo "Proxy Template is ready"
 fi
-echo "Proxy Template is ready"
 
 # Disabling wp-cron in wp-config.php
 cd /home/$user/web/$domain/public_html

From 72e659ac187e5ff1d8a5048c12ca15648939847b Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 16 Feb 2023 21:20:11 +0100
Subject: [PATCH 1841/2300] Update v-get-php-version-of-domain

---
 bin/v-get-php-version-of-domain | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/bin/v-get-php-version-of-domain b/bin/v-get-php-version-of-domain
index bd0e7a51..b3b320fc 100644
--- a/bin/v-get-php-version-of-domain
+++ b/bin/v-get-php-version-of-domain
@@ -40,12 +40,12 @@ is_object_valid 'user' 'USER' "$user"
 is_object_unsuspended 'user' 'USER' "$user"
 
 if [ ! -d "/home/$user" ]; then
-    echo "User doesn't exist";
+    # echo "User doesn't exist";
     exit 1;
 fi
 
 if [ ! -d "/home/$user/web/$domain/public_html" ]; then
-    echo "Domain doesn't exist";
+    # echo "Domain doesn't exist";
     exit 1;
 fi
 
@@ -59,11 +59,12 @@ TPL=$(/usr/local/vesta/bin/v-list-web-domain $user $domain shell | grep 'TEMPLAT
 if [[ $TPL == "PHP-FPM-"* ]]; then
     fpm_tpl_ver=${TPL:8:2}
     fpm_ver="${TPL:8:1}.${TPL:9:1}"
+    echo "$fpm_ver"
+    exit 0;
 fi
 
 #----------------------------------------------------------#
 #                       Vesta                              #
 #----------------------------------------------------------#
-echo "PHP-FPM version running on given domain is: $fpm_ver"
 
-exit
+exit 1;

From d267a3deaa08552cf03373a7b2d1de9b0064d4f7 Mon Sep 17 00:00:00 2001
From: isscbta <53144593+isscbta@users.noreply.github.com>
Date: Thu, 16 Feb 2023 21:28:28 +0100
Subject: [PATCH 1842/2300] Update v-activate-rocket-nginx

---
 bin/v-activate-rocket-nginx | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/bin/v-activate-rocket-nginx b/bin/v-activate-rocket-nginx
index f42a1fc3..0c491c68 100644
--- a/bin/v-activate-rocket-nginx
+++ b/bin/v-activate-rocket-nginx
@@ -112,10 +112,9 @@ else
 fi
 
 
-
 # Adding cron job
 # Check if a cron job already exists for any of the specified PHP-FPM versions
-existing_cron=$(crontab -l -u $user | grep "*/15.*wp-cron.php.*php[5-8].[6-9]\|8.[0-2]" | grep -v "grep")
+existing_cron=$(crontab -l -u $user | grep -o "wp-cron.php >/home/$user/web/$domain/cron.log" | grep -v "grep")
 
 if [ ! -z "$existing_cron" ]; then
     echo "There is already a cron job added for user $user and domain $domain."

From ca4abdb864c2b7965edd030c469104ab17b05c27 Mon Sep 17 00:00:00 2001
From: isscbta <53144593+isscbta@users.noreply.github.com>
Date: Thu, 16 Feb 2023 21:38:17 +0100
Subject: [PATCH 1843/2300] Update v-activate-rocket-nginx

---
 bin/v-activate-rocket-nginx | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/bin/v-activate-rocket-nginx b/bin/v-activate-rocket-nginx
index 0c491c68..c142f122 100644
--- a/bin/v-activate-rocket-nginx
+++ b/bin/v-activate-rocket-nginx
@@ -122,11 +122,7 @@ else
     echo "Adding cron job..."
 
     # Add the cron job
-    TPL=$(/usr/local/vesta/bin/v-list-web-domain $user $domain shell | grep 'TEMPLATE:' | awk '{print $2}')
-    if [[ $TPL == "PHP-FPM-"* ]]; then
-        fpm_tpl_ver=${TPL:8:2}
-        fpm_ver="${TPL:8:1}.${TPL:9:1}"
-    fi
+    fpm_ver=$(/usr/local/vesta/bin/v-get-php-version-of-domain "$domain")
 
     touch /home/$user/web/$domain/cron.log
     chown $user:$user /home/$user/web/$domain/cron.log

From 84cf1269fbe5e8066766afa936ff2c4c2bbe6a7f Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 20 Feb 2023 11:16:08 +0100
Subject: [PATCH 1844/2300] Update sr.php

---
 web/inc/i18n/sr.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/inc/i18n/sr.php b/web/inc/i18n/sr.php
index 3dfcc0f5..8c437ab9 100644
--- a/web/inc/i18n/sr.php
+++ b/web/inc/i18n/sr.php
@@ -119,7 +119,7 @@ $LANG['sr'] = array(
     'Editing DNS Domain'  => 'Izmena DNS-a za domen',
     'Adding DNS Record'  => 'Dodavanje DNS zapisa (DNS record)',
     'Editing DNS Record'  => 'Izmena DNS zapisa (DNS record)',
-    'Adding Mail Domain'  => 'Dodavanje Mail-a za domee',
+    'Adding Mail Domain'  => 'Dodavanje Mail-a za domene',
     'Editing Mail Domain'  => 'Izmena Mail-a za domen',
     'Adding Mail Account'  => 'Dodavanje Mail naloga',
     'Editing Mail Account'  => 'Izmena Mail naloga',

From d0bba785bee13c7cf3f8746ce0aef02029998be0 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 21 Feb 2023 20:29:16 +0100
Subject: [PATCH 1845/2300] Update v-activate-rocket-nginx

---
 bin/v-activate-rocket-nginx | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/bin/v-activate-rocket-nginx b/bin/v-activate-rocket-nginx
index c142f122..bd4145cc 100644
--- a/bin/v-activate-rocket-nginx
+++ b/bin/v-activate-rocket-nginx
@@ -115,18 +115,16 @@ fi
 # Adding cron job
 # Check if a cron job already exists for any of the specified PHP-FPM versions
 existing_cron=$(crontab -l -u $user | grep -o "wp-cron.php >/home/$user/web/$domain/cron.log" | grep -v "grep")
-
+
 if [ ! -z "$existing_cron" ]; then
     echo "There is already a cron job added for user $user and domain $domain."
 else
     echo "Adding cron job..."
-
     # Add the cron job
     fpm_ver=$(/usr/local/vesta/bin/v-get-php-version-of-domain "$domain")
-
     touch /home/$user/web/$domain/cron.log
     chown $user:$user /home/$user/web/$domain/cron.log
-
+
     case $fpm_ver in
         5.6 | 7.0 | 7.1 | 7.2 | 7.3 | 7.4 | 8.0 | 8.1 | 8.2) 
             /usr/local/vesta/bin/v-add-cron-job "$user" "*/15" "*" "*" "*" "*" "cd /home/$user/web/$domain/public_html; /usr/bin/php$fpm_ver wp-cron.php >/home/$user/web/$domain/cron.log 2>&1"

From f8a3f209c4c0c6c7dd593c0011d43588f323eabb Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 23 Feb 2023 14:55:45 +0100
Subject: [PATCH 1846/2300] Update fix-fpm-poold.sh

---
 src/deb/for-download/tools/patches/fix-fpm-poold.sh | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/deb/for-download/tools/patches/fix-fpm-poold.sh b/src/deb/for-download/tools/patches/fix-fpm-poold.sh
index 88534bfd..25cd7f84 100644
--- a/src/deb/for-download/tools/patches/fix-fpm-poold.sh
+++ b/src/deb/for-download/tools/patches/fix-fpm-poold.sh
@@ -35,6 +35,8 @@ if [ -d "/etc/php" ]; then
 fi
 
 if [ -f "/etc/apache2/mods-enabled/mpm_event.conf" ]; then
+    rm /etc/apache2/mods-enabled/mpm_event.conf
+    ln -s /etc/apache2/mods-available/mpm_event.conf /etc/apache2/mods-enabled/mpm_event.conf
     sed -i "s#MaxRequestWorkers.*#MaxRequestWorkers        200#g" /etc/apache2/mods-enabled/mpm_event.conf
     systemctl restart apache2
 fi

From db554bacb7bf026d58e9d965fbfb4ff562df51b2 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 23 Feb 2023 14:57:37 +0100
Subject: [PATCH 1847/2300] Update fix-fpm-poold.sh

---
 src/deb/for-download/tools/patches/fix-fpm-poold.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/for-download/tools/patches/fix-fpm-poold.sh b/src/deb/for-download/tools/patches/fix-fpm-poold.sh
index 25cd7f84..94566768 100644
--- a/src/deb/for-download/tools/patches/fix-fpm-poold.sh
+++ b/src/deb/for-download/tools/patches/fix-fpm-poold.sh
@@ -37,6 +37,6 @@ fi
 if [ -f "/etc/apache2/mods-enabled/mpm_event.conf" ]; then
     rm /etc/apache2/mods-enabled/mpm_event.conf
     ln -s /etc/apache2/mods-available/mpm_event.conf /etc/apache2/mods-enabled/mpm_event.conf
-    sed -i "s#MaxRequestWorkers.*#MaxRequestWorkers        200#g" /etc/apache2/mods-enabled/mpm_event.conf
+    sed -i "s#MaxRequestWorkers.*#MaxRequestWorkers        200#g" /etc/apache2/mods-available/mpm_event.conf
     systemctl restart apache2
 fi

From 8dcbafcc73dd45a892f14cf02b21e1ab71a5263a Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 23 Feb 2023 15:47:30 +0100
Subject: [PATCH 1848/2300] Update v-get-php-version-of-domain

---
 bin/v-get-php-version-of-domain | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/bin/v-get-php-version-of-domain b/bin/v-get-php-version-of-domain
index b3b320fc..c87b4e4c 100644
--- a/bin/v-get-php-version-of-domain
+++ b/bin/v-get-php-version-of-domain
@@ -15,6 +15,8 @@ fi
 # Importing system environment
 source /etc/profile
 
+SILENT_MODE=1
+
 # Argument definition
 domain=$1
 

From 0fae1613e31e74fa081d84d65bcb000edc3b57d6 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 23 Feb 2023 15:58:00 +0100
Subject: [PATCH 1849/2300] Update main.sh

---
 func/main.sh | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/func/main.sh b/func/main.sh
index c4169b01..10de469a 100644
--- a/func/main.sh
+++ b/func/main.sh
@@ -86,7 +86,9 @@ log_history() {
 # Result checker
 check_result() {
     if [ $1 -ne 0 ]; then
-        echo "Error: $2"
+        if [ -z "$SILENT_MODE" ]; then
+            echo "Error: $2"
+        fi
         if [ ! -z "$3" ]; then
             log_event "$3" "$ARGUMENTS"
             exit $3
@@ -100,7 +102,9 @@ check_result() {
 # Argument list checker
 check_args() {
     if [ "$1" -gt "$2" ]; then
-        echo "Usage: $(basename $0) $3"
+        if [ -z "$SILENT_MODE" ]; then
+            echo "Usage: $(basename $0) $3"
+        fi
         check_result $E_ARGS "not enought arguments" >/dev/null
     fi
 }

From 33911259254493c9e7b2a81da3d1e869eb7a15aa Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 23 Feb 2023 16:18:31 +0100
Subject: [PATCH 1850/2300] SILENT_MODE in v-search-domain-owner

---
 bin/v-search-domain-owner | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/bin/v-search-domain-owner b/bin/v-search-domain-owner
index 5b88f495..f807ebd2 100755
--- a/bin/v-search-domain-owner
+++ b/bin/v-search-domain-owner
@@ -9,6 +9,8 @@
 #                    Variable&Function                     #
 #----------------------------------------------------------#
 
+SILENT_MODE=1
+
 # Argument definition
 domain=$(idn -t --quiet -u "$1" )
 type=${2-any}

From 91c6ff09ab96df883fa739bf5c7c785b5ec5f42a Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 23 Feb 2023 20:45:28 +0100
Subject: [PATCH 1851/2300] Revert "Include "hidden" files to backup"

---
 bin/v-backup-user | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-backup-user b/bin/v-backup-user
index 8bd0bb25..e2d7cac9 100755
--- a/bin/v-backup-user
+++ b/bin/v-backup-user
@@ -265,7 +265,7 @@ if [ ! -z "$WEB_SYSTEM" ] && [ "$WEB" != '*' ]; then
         set +f
 
         # Backup files
-        tar --anchored -cpf- ${fargs[@]} --exclude={'./','../'} . |gzip -$BACKUP_GZIP - > $tmpdir/web/$domain/domain_data.tar.gz
+        tar --anchored -cpf- ${fargs[@]} * |gzip -$BACKUP_GZIP - > $tmpdir/web/$domain/domain_data.tar.gz
     done
 
     # Print total

From 47d55cff76206530588a10321106fb7ea3b6c5ba Mon Sep 17 00:00:00 2001
From: N1ebieski 
Date: Fri, 24 Feb 2023 11:52:37 +0100
Subject: [PATCH 1852/2300] Update v-backup-user

Include "hidden" files to backup with support for exclusions in old pattern
---
 bin/v-backup-user | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/bin/v-backup-user b/bin/v-backup-user
index e2d7cac9..0db5d376 100755
--- a/bin/v-backup-user
+++ b/bin/v-backup-user
@@ -251,6 +251,11 @@ if [ ! -z "$WEB_SYSTEM" ] && [ "$WEB" != '*' ]; then
         if [ ! -z "$exlusion" ]; then
             xdirs="$(echo -e "$exlusion" |tr ':' '\n' |grep -v $domain)"
             for xpath in $xdirs; do
+                # Add ./ at the beginning of the path if the path is in old pattern
+                if [[ $xpath != ./* ]]; then
+                    xpath=(./$xpath)
+                fi
+            
                 if [ -d "$xpath" ]; then
                     fargs+=(--exclude=$xpath/*)
                     echo "$(date "+%F %T") excluding directory $xpath"
@@ -265,7 +270,7 @@ if [ ! -z "$WEB_SYSTEM" ] && [ "$WEB" != '*' ]; then
         set +f
 
         # Backup files
-        tar --anchored -cpf- ${fargs[@]} * |gzip -$BACKUP_GZIP - > $tmpdir/web/$domain/domain_data.tar.gz
+        tar --anchored -cpf- ${fargs[@]} --exclude={'./','../'} . |gzip -$BACKUP_GZIP - > $tmpdir/web/$domain/domain_data.tar.gz
     done
 
     # Print total

From 6db5f28ae53cb6379d8b2d12ca88b081290ecbaa Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 2 Mar 2023 15:29:26 +0100
Subject: [PATCH 1853/2300] Update v-commander

---
 bin/v-commander | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/bin/v-commander b/bin/v-commander
index 6fe05286..f6b24612 100644
--- a/bin/v-commander
+++ b/bin/v-commander
@@ -391,8 +391,8 @@ do
     if [ "$answer" = 'm' ] || [ "$answer" = 'M' ]; then
         echo "============================="
         echo "== installing php-memcache modules"
-        apt-get install -y $(systemctl --full --type service --all | grep "php...-fpm" | awk '{print $1}' | cut -c1-6 | xargs -n 1 printf "%s-memcache ")
-        apt-get install -y $(systemctl --full --type service --all | grep "php...-fpm" | awk '{print $1}' | cut -c1-6 | xargs -n 1 printf "%s-memcached ")
+        apt-get install -y $(systemctl --full --type service --all | grep "php...-fpm" | sed 's#●##g' | awk '{print $1}' | cut -c1-6 | xargs -n 1 printf "%s-memcache ")
+        apt-get install -y $(systemctl --full --type service --all | grep "php...-fpm" | sed 's#●##g' | awk '{print $1}' | cut -c1-6 | xargs -n 1 printf "%s-memcached ")
     fi
 
     if [ "$answer" = 'd' ] || [ "$answer" = 'D' ]; then

From 38137b3ba9c125f2ffb4554a0997f233f8b351b8 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 3 Mar 2023 10:47:25 +0100
Subject: [PATCH 1854/2300] Do not delete ssl.$domain*

---
 bin/v-delete-web-domain-ssl | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/bin/v-delete-web-domain-ssl b/bin/v-delete-web-domain-ssl
index 05e8c940..30272928 100755
--- a/bin/v-delete-web-domain-ssl
+++ b/bin/v-delete-web-domain-ssl
@@ -57,8 +57,14 @@ fi
 
 # Deleting old certificate
 tmpdir=$(mktemp -p $HOMEDIR/$user/web/$domain/private -d)
-rm -f $HOMEDIR/$user/conf/web/ssl.$domain.*
-mv $USER_DATA/ssl/$domain.* $tmpdir
+rm -f $HOMEDIR/$user/conf/web/ssl.$domain.ca
+rm -f $HOMEDIR/$user/conf/web/ssl.$domain.crt
+rm -f $HOMEDIR/$user/conf/web/ssl.$domain.key
+rm -f $HOMEDIR/$user/conf/web/ssl.$domain.pem
+mv $USER_DATA/ssl/$domain.ca $tmpdir
+mv $USER_DATA/ssl/$domain.crt $tmpdir
+mv $USER_DATA/ssl/$domain.key $tmpdir
+mv $USER_DATA/ssl/$domain.pem $tmpdir
 chown -R $user:$user $tmpdir
 
 

From 16e1000f1cac5f4b0fefcb94badbbf6188c5450c Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 11 Mar 2023 10:40:40 +0100
Subject: [PATCH 1855/2300] str_get_between PHP function

---
 func/string.php | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)

diff --git a/func/string.php b/func/string.php
index c94f85a2..111c57eb 100644
--- a/func/string.php
+++ b/func/string.php
@@ -11,3 +11,33 @@ function myvesta_replace_in_file($find, $replace, $file) {
     $r=file_put_contents($file, $buf);
     return $r;
 }
+
+function myvesta_str_get_between (&$text, $left_substring, $right_substring, $start=0, $do_not_return_left_substring=1, $do_not_return_right_substring=1, $left_substring_necessary=1, $right_substring_necessary=1)
+{
+	$from_null=0;
+	$pos1=strpos($text, $left_substring, $start);
+	if ($pos1===FALSE)
+	{
+		if ($left_substring_necessary==1) return "";
+		$pos1=$start;
+		$from_null=1;
+	}
+
+	if ($do_not_return_left_substring==1)
+	{
+		if ($from_null==0) $pos1=$pos1+strlen($left_substring);
+	}
+	$pos2=strpos($text, $right_substring, $pos1+1);
+	if ($pos2===FALSE)
+	{
+		if ($right_substring_necessary==1) return "";
+		$pos2=strlen($text);
+	}
+	if ($do_not_return_right_substring==1) $len=$pos2-$pos1;
+	else $len=($pos2-$pos1)+strlen($right_substring);
+	
+	$slen=strlen($text);
+	if ($pos1+$len>$slen) $len=$slen-$pos1;
+	
+	return substr($text, $pos1, $len);
+}

From 8ae36f7df53c174eef34fbf945ca241705b8d715 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 11 Mar 2023 14:50:11 +0100
Subject: [PATCH 1856/2300] Update string.php

---
 func/string.php | 102 ++++++++++++++++++++++++++++++++++++------------
 1 file changed, 76 insertions(+), 26 deletions(-)

diff --git a/func/string.php b/func/string.php
index 111c57eb..8677af04 100644
--- a/func/string.php
+++ b/func/string.php
@@ -12,32 +12,82 @@ function myvesta_replace_in_file($find, $replace, $file) {
     return $r;
 }
 
-function myvesta_str_get_between (&$text, $left_substring, $right_substring, $start=0, $do_not_return_left_substring=1, $do_not_return_right_substring=1, $left_substring_necessary=1, $right_substring_necessary=1)
+function myvesta_str_get_between (&$text, $left_substring, $right_substring, $start=0, $return_left_substring=0, $return_right_substring=0, $left_substring_necessary=1, $right_substring_necessary=1)
 {
-	$from_null=0;
-	$pos1=strpos($text, $left_substring, $start);
-	if ($pos1===FALSE)
-	{
-		if ($left_substring_necessary==1) return "";
-		$pos1=$start;
-		$from_null=1;
-	}
+    global $myvesta_str_found_at, $myvesta_str_end_at;
+    $myvesta_str_found_at=0;
+    $myvesta_str_end_at=0;
+    $from_null=0;
+    $pos1=strpos($text, $left_substring, $start);
+    if ($pos1===FALSE)
+    {
+        if ($left_substring_necessary==1) return "";
+        $pos1=$start;
+        $from_null=1;
+    }
 
-	if ($do_not_return_left_substring==1)
-	{
-		if ($from_null==0) $pos1=$pos1+strlen($left_substring);
-	}
-	$pos2=strpos($text, $right_substring, $pos1+1);
-	if ($pos2===FALSE)
-	{
-		if ($right_substring_necessary==1) return "";
-		$pos2=strlen($text);
-	}
-	if ($do_not_return_right_substring==1) $len=$pos2-$pos1;
-	else $len=($pos2-$pos1)+strlen($right_substring);
-	
-	$slen=strlen($text);
-	if ($pos1+$len>$slen) $len=$slen-$pos1;
-	
-	return substr($text, $pos1, $len);
+    if ($return_left_substring==0)
+    {
+        if ($from_null==0) $pos1=$pos1+strlen($left_substring);
+    }
+    $pos2=strpos($text, $right_substring, $pos1+1);
+    if ($pos2===FALSE)
+    {
+        if ($right_substring_necessary==1) return "";
+        $pos2=strlen($text);
+    }
+    if ($return_right_substring==0) $len=$pos2-$pos1;
+    else $len=($pos2-$pos1)+strlen($right_substring);
+    
+    $slen=strlen($text);
+    if ($pos1+$len>$slen) $len=$slen-$pos1;
+    
+    $myvesta_str_found_at=$pos1;
+    $myvesta_str_end_at=$pos1+$len;
+    
+    return substr($text, $pos1, $len);
+}
+
+function myvesta_str_replace_once_between_including_borders(&$text, $left, $right, $replace_with) {
+    $pos1=strpos($text, $left);
+    if ($pos1===false) return $text;
+    $pos2=strpos($text, $right, $left+strlen($left));
+    if ($pos2===false) return $text;
+    return substr($text, 0, $pos1).$replace_with.substr($text, $pos2+strlen($right));
+}
+
+function myvesta_str_strip_once_between_including_borders(&$text, $left, $right) {
+    $pos1=strpos($text, $left);
+    if ($pos1===false) return $text;
+    $pos2=strpos($text, $right, $left+strlen($left));
+    if ($pos2===false) return $text;
+    return substr($text, 0, $pos1).substr($text, $pos2+strlen($right));
+}
+
+
+function myvesta_str_replace_between_including_borders($text, $left, $right, $replace_with) {
+    $start=0;
+    $left_len=strlen($left);
+    $right_len=strlen($right);
+    while (true) {
+        $pos1=strpos($text, $left);
+        if ($pos1===false) break;
+        $pos2=strpos($text, $right, $left+$left_len);
+        if ($pos2===false) break;
+        $text=substr($text, 0, $pos1).$replace_with.substr($text, $pos2+$right_len);
+    }
+    return $text;
+}
+
+function myvesta_str_strip_between_including_borders($text, $left, $right) {
+    $left_len=strlen($left);
+    $right_len=strlen($right);
+    while (true) {
+        $pos1=strpos($text, $left);
+        if ($pos1===false) break;
+        $pos2=strpos($text, $right, $left+$left_len);
+        if ($pos2===false) break;
+        $text=substr($text, 0, $pos1).substr($text, $pos2+$right_len);
+    }
+    return $text;
 }

From bdc75152d20e183b4f5d0a4fc9d5dc91c4f78a07 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 21 Mar 2023 17:49:08 +0100
Subject: [PATCH 1857/2300] php8.2.patch

---
 .../for-download/tools/patches/php8.2.patch   | 81 +++++++++++++++++++
 1 file changed, 81 insertions(+)
 create mode 100644 src/deb/for-download/tools/patches/php8.2.patch

diff --git a/src/deb/for-download/tools/patches/php8.2.patch b/src/deb/for-download/tools/patches/php8.2.patch
new file mode 100644
index 00000000..1083a720
--- /dev/null
+++ b/src/deb/for-download/tools/patches/php8.2.patch
@@ -0,0 +1,81 @@
+--- /etc/php/8.2/fpm/php.ini.orig	2023-03-21 14:35:10.000000000 +0100
++++ /etc/php/8.2/fpm/php.ini	2023-03-21 14:43:42.000000000 +0100
+@@ -320,7 +320,7 @@
+ ; This directive allows you to disable certain functions.
+ ; It receives a comma-delimited list of function names.
+ ; https://php.net/disable-functions
+-disable_functions = 
++ disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,exec,system,passthru,shell_exec,proc_open,popen
+ 
+ ; This directive allows you to disable certain classes.
+ ; It receives a comma-delimited list of class names.
+@@ -423,7 +423,7 @@
+ ;max_input_nesting_level = 64
+ 
+ ; How many GET/POST/COOKIE input variables may be accepted
+-;max_input_vars = 1000
++max_input_vars = 6000
+ 
+ ; How many multipart body parts (combined input variable and file uploads) may
+ ; be accepted.
+@@ -432,7 +432,7 @@
+ 
+ ; Maximum amount of memory a script may consume
+ ; https://php.net/memory-limit
+-memory_limit = 128M
++memory_limit = 256M
+ 
+ ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+ ; Error handling and logging ;
+@@ -700,7 +700,7 @@
+ ; Its value may be 0 to disable the limit. It is ignored if POST data reading
+ ; is disabled through enable_post_data_reading.
+ ; https://php.net/post-max-size
+-post_max_size = 8M
++post_max_size = 80M
+ 
+ ; Automatically add files before PHP document.
+ ; https://php.net/auto-prepend-file
+@@ -852,7 +852,7 @@
+ 
+ ; Maximum allowed size for uploaded files.
+ ; https://php.net/upload-max-filesize
+-upload_max_filesize = 2M
++upload_max_filesize = 80M
+ 
+ ; Maximum number of files that can be uploaded via a single request
+ max_file_uploads = 20
+@@ -1108,7 +1108,7 @@
+ 
+ ; The path to a log file that will log all mail() calls. Log entries include
+ ; the full path of the script, line number, To address and headers.
+-;mail.log =
++mail.log = /var/log/php-mail.log
+ ; Log mail to syslog (Event Log on Windows).
+ ;mail.log = syslog
+ 
+@@ -1786,20 +1786,20 @@
+ 
+ [opcache]
+ ; Determines if Zend OPCache is enabled
+-;opcache.enable=1
++opcache.enable=1
+ 
+ ; Determines if Zend OPCache is enabled for the CLI version of PHP
+-;opcache.enable_cli=0
++opcache.enable_cli=0
+ 
+ ; The OPcache shared memory storage size.
+-;opcache.memory_consumption=128
++opcache.memory_consumption=512
+ 
+ ; The amount of memory for interned strings in Mbytes.
+ ;opcache.interned_strings_buffer=8
+ 
+ ; The maximum number of keys (scripts) in the OPcache hash table.
+ ; Only numbers between 200 and 1000000 are allowed.
+-;opcache.max_accelerated_files=10000
++opcache.max_accelerated_files=100000
+ 
+ ; The maximum percentage of "wasted" memory until a restart is scheduled.
+ ;opcache.max_wasted_percentage=5

From afa72dc25836775e01e6183dfdfd34dde71e1ab4 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 21 Mar 2023 17:50:14 +0100
Subject: [PATCH 1858/2300] Update multi-php-install.sh

---
 src/deb/for-download/tools/multi-php-install.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/deb/for-download/tools/multi-php-install.sh b/src/deb/for-download/tools/multi-php-install.sh
index 14253444..764f56cf 100644
--- a/src/deb/for-download/tools/multi-php-install.sh
+++ b/src/deb/for-download/tools/multi-php-install.sh
@@ -332,8 +332,8 @@ if [ "$inst_82" -eq 1 ]; then
     chmod a+x /usr/local/vesta/data/templates/web/apache2/PHP-FPM-82.sh
     chmod a+x /usr/local/vesta/data/templates/web/apache2/PHP-FPM-82-public.sh
     echo "=== Patching php.ini for php8.2"
-    wget -nv https://c.myvestacp.com/tools/patches/php8.1.patch -O /root/php8.1.patch
-    patch /etc/php/8.2/fpm/php.ini < /root/php8.1.patch
+    wget -nv https://c.myvestacp.com/tools/patches/php8.2.patch -O /root/php8.2.patch
+    patch /etc/php/8.2/fpm/php.ini < /root/php8.2.patch
     if [ $memory -gt 9999999 ]; then
         sed -i "s|opcache.memory_consumption=512|opcache.memory_consumption=2048|g" /etc/php/8.2/fpm/php.ini
     fi

From 172d66b4d2b9eba11cbcfb3920d09f692c81a826 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 22 Mar 2023 15:02:22 +0100
Subject: [PATCH 1859/2300] Add files via upload

---
 .../for-download/tools/patches/php8.1.patch    | 18 +++++++++++-------
 1 file changed, 11 insertions(+), 7 deletions(-)

diff --git a/src/deb/for-download/tools/patches/php8.1.patch b/src/deb/for-download/tools/patches/php8.1.patch
index 479af689..9e1648ab 100644
--- a/src/deb/for-download/tools/patches/php8.1.patch
+++ b/src/deb/for-download/tools/patches/php8.1.patch
@@ -1,5 +1,5 @@
---- /etc/php/8.1/fpm/php.ini.orig	2021-11-25 21:48:52.000000000 +0100
-+++ /etc/php/8.1/fpm/php.ini	2021-12-12 20:25:01.000000000 +0100
+--- /etc/php/8.1/fpm/php.ini.orig	2023-03-16 15:37:38.000000000 +0100
++++ /etc/php/8.1/fpm/php.ini	2023-03-22 14:58:38.000000000 +0100
 @@ -320,7 +320,7 @@
  ; This directive allows you to disable certain functions.
  ; It receives a comma-delimited list of function names.
@@ -9,13 +9,17 @@
  
  ; This directive allows you to disable certain classes.
  ; It receives a comma-delimited list of class names.
-@@ -423,11 +423,11 @@
+@@ -423,7 +423,7 @@
  ;max_input_nesting_level = 64
  
  ; How many GET/POST/COOKIE input variables may be accepted
 -;max_input_vars = 1000
 +max_input_vars = 6000
  
+ ; How many multipart body parts (combined input variable and file uploads) may
+ ; be accepted.
+@@ -432,7 +432,7 @@
+ 
  ; Maximum amount of memory a script may consume
  ; https://php.net/memory-limit
 -memory_limit = 128M
@@ -23,7 +27,7 @@
  
  ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
  ; Error handling and logging ;
-@@ -695,7 +695,7 @@
+@@ -700,7 +700,7 @@
  ; Its value may be 0 to disable the limit. It is ignored if POST data reading
  ; is disabled through enable_post_data_reading.
  ; https://php.net/post-max-size
@@ -32,7 +36,7 @@
  
  ; Automatically add files before PHP document.
  ; https://php.net/auto-prepend-file
-@@ -847,7 +847,7 @@
+@@ -852,7 +852,7 @@
  
  ; Maximum allowed size for uploaded files.
  ; https://php.net/upload-max-filesize
@@ -41,7 +45,7 @@
  
  ; Maximum number of files that can be uploaded via a single request
  max_file_uploads = 20
-@@ -1093,7 +1093,7 @@
+@@ -1103,7 +1103,7 @@
  
  ; The path to a log file that will log all mail() calls. Log entries include
  ; the full path of the script, line number, To address and headers.
@@ -50,7 +54,7 @@
  ; Log mail to syslog (Event Log on Windows).
  ;mail.log = syslog
  
-@@ -1764,20 +1764,20 @@
+@@ -1774,20 +1774,20 @@
  
  [opcache]
  ; Determines if Zend OPCache is enabled

From e9ca648f12c7a772a12dfd48127b89105e5ed6dd Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 23 Mar 2023 14:14:40 +0100
Subject: [PATCH 1860/2300] v-commander: inst-memchached and inst-redis

---
 bin/v-commander | 42 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 42 insertions(+)

diff --git a/bin/v-commander b/bin/v-commander
index f6b24612..06a5f737 100644
--- a/bin/v-commander
+++ b/bin/v-commander
@@ -82,6 +82,8 @@ myhelp() {
     echo "inst p   = install multi-php"
     echo "inst pgw = install php-gate"
     echo "inst r   = install new Roundcube"
+    echo "inst memcached = install memcached"
+    echo "inst redis     = install Redis"
     echo "dis fb   = stop and disable fail2ban"
     echo "dis dove = stop and disable dovecot"
     echo "dis spam = stop and disable spam"
@@ -430,6 +432,46 @@ do
         /root/install-phpgate.sh
     fi
 
+    if [ "$answer" = 'inst memcache' ] || [ "$answer" = 'inst memcached' ] || [ "$answer" = 'INST MEMCACHE' ] || [ "$answer" = 'INST MEMCACHED' ]; then
+        echo "============================="
+        echo "== Installing memcached"
+        memory=$(grep 'MemTotal' /proc/meminfo |tr ' ' '\n' |grep [0-9])
+        apt-get update
+        apt-get -y install memcached 
+        apt-get install $(systemctl --full --type service --all | grep "php...-fpm" | sed 's#●##g' | awk '{print $1}' | cut -c1-6 | xargs -n 1 printf "%s-memcache ")
+        apt-get install $(systemctl --full --type service --all | grep "php...-fpm" | sed 's#●##g' | awk '{print $1}' | cut -c1-6 | xargs -n 1 printf "%s-memcached ")
+        if [ $memory -lt 15000000 ]; then
+            sed -i "s/-m 64/-m 256/" /etc/memcached.conf
+        else
+            sed -i "s/-m 64/-m 1024/" /etc/memcached.conf
+        fi
+        systemctl restart memcached
+        echo "== memcached installed."
+        echo "-----------------------"
+    fi
+
+    if [ "$answer" = 'inst redis' ] || [ "$answer" = 'INST REDIS' ]; then
+        echo "============================="
+        echo "== Installing Redis"
+        memory=$(grep 'MemTotal' /proc/meminfo |tr ' ' '\n' |grep [0-9])
+        apt-get update
+        apt-get install -y redis-server
+        apt-get install $(systemctl --full --type service --all | grep "php...-fpm" | sed 's#●##g' | awk '{print $1}' | cut -c1-6 | xargs -n 1 printf "%s-redis ")
+
+        sed -i "s|^supervised no|supervised systemd|g" /etc/redis/redis.conf
+        sed -i "s|^save |# save |g" /etc/redis/redis.conf
+        if [ $memory -lt 15000000 ]; then
+            sed -i "s|^# maxmemory .*|maxmemory 256m|g" /etc/redis/redis.conf
+        else
+            sed -i "s|^# maxmemory .*|maxmemory 1g|g" /etc/redis/redis.conf
+        fi
+        sed -i "s|^# maxmemory-policy .*|maxmemory-policy allkeys-lru|g" /etc/redis/redis.conf
+        systemctl restart redis
+        redis-cli info memory
+        echo "== Redis installed."
+        echo "-------------------"
+    fi
+
     if [ "$answer" = 'check fc' ] || [ "$answer" = 'CHECK FC' ]; then
         echo "== Checking if FreshClam is up"
         clamavup=$(/usr/local/vesta/bin/v-list-sys-services | grep 'clamav-daemon' | grep -c 'running')

From cd5cc2eda4e685490f2638969fc5b1345f1b9575 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 24 Mar 2023 20:36:20 +0100
Subject: [PATCH 1861/2300] Forward from primary ip, not from secondary

---
 install/debian/11/exim/exim4.conf.template-RC | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/install/debian/11/exim/exim4.conf.template-RC b/install/debian/11/exim/exim4.conf.template-RC
index 605d848a..36ba2a0d 100644
--- a/install/debian/11/exim/exim4.conf.template-RC
+++ b/install/debian/11/exim/exim4.conf.template-RC
@@ -140,6 +140,11 @@ acl_check_rcpt:
 
   warn    set acl_m3    = no
   
+  warn    !authenticated = *
+          hosts          = !+relay_from_hosts
+          condition     = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}{true}{false}}
+          set acl_m3    = yes
+
   deny    message       = Restricted characters in address
           domains       = +local_domains
           local_parts   = ^[.] : ^.*[@%!/|]

From a235ba63847464e7b1e4e63efd69799e45a3a3f0 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 24 Mar 2023 23:15:17 +0100
Subject: [PATCH 1862/2300] exim_forwarding.patch

---
 .../tools/patches/exim_forwarding.patch            | 14 ++++++++++++++
 1 file changed, 14 insertions(+)
 create mode 100644 src/deb/for-download/tools/patches/exim_forwarding.patch

diff --git a/src/deb/for-download/tools/patches/exim_forwarding.patch b/src/deb/for-download/tools/patches/exim_forwarding.patch
new file mode 100644
index 00000000..78b7ef69
--- /dev/null
+++ b/src/deb/for-download/tools/patches/exim_forwarding.patch
@@ -0,0 +1,14 @@
+--- old	2023-03-23 14:17:42.536656160 +0100
++++ new	2023-03-24 23:07:08.186018906 +0100
+@@ -140,6 +140,11 @@
+ 
+   warn    set acl_m3    = no
+   
++  warn    !authenticated = *
++          hosts          = !+relay_from_hosts
++          condition     = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}{true}{false}}
++          set acl_m3    = yes
++
+   deny    message       = Restricted characters in address
+           domains       = +local_domains
+           local_parts   = ^[.] : ^.*[@%!/|]

From 77857f92f016df78420d1eaa167c2b491c071ad9 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 25 Mar 2023 15:39:57 +0100
Subject: [PATCH 1863/2300] https redirect to the same host

---
 install/debian/10/templates/web/nginx/force-https-legacy.tpl    | 2 +-
 install/debian/10/templates/web/nginx/force-https-public.tpl    | 2 +-
 .../10/templates/web/nginx/force-https-webmail-phpmyadmin.tpl   | 2 +-
 install/debian/10/templates/web/nginx/force-https.tpl           | 2 +-
 install/debian/10/templates/web/nginx/private-force-https.tpl   | 2 +-
 install/debian/11/templates/web/nginx/force-https-legacy.tpl    | 2 +-
 install/debian/11/templates/web/nginx/force-https-public.tpl    | 2 +-
 .../11/templates/web/nginx/force-https-webmail-phpmyadmin.tpl   | 2 +-
 install/debian/11/templates/web/nginx/force-https.tpl           | 2 +-
 install/debian/11/templates/web/nginx/private-force-https.tpl   | 2 +-
 10 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/install/debian/10/templates/web/nginx/force-https-legacy.tpl b/install/debian/10/templates/web/nginx/force-https-legacy.tpl
index 851ac0dc..8bdbea42 100644
--- a/install/debian/10/templates/web/nginx/force-https-legacy.tpl
+++ b/install/debian/10/templates/web/nginx/force-https-legacy.tpl
@@ -2,7 +2,7 @@ server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
     location / {
-        rewrite ^(.*) https://%domain_idn%$1 permanent;
+        rewrite ^(.*) https://$host%$1 permanent;
     }
 include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
 }
diff --git a/install/debian/10/templates/web/nginx/force-https-public.tpl b/install/debian/10/templates/web/nginx/force-https-public.tpl
index 851ac0dc..8bdbea42 100644
--- a/install/debian/10/templates/web/nginx/force-https-public.tpl
+++ b/install/debian/10/templates/web/nginx/force-https-public.tpl
@@ -2,7 +2,7 @@ server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
     location / {
-        rewrite ^(.*) https://%domain_idn%$1 permanent;
+        rewrite ^(.*) https://$host%$1 permanent;
     }
 include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
 }
diff --git a/install/debian/10/templates/web/nginx/force-https-webmail-phpmyadmin.tpl b/install/debian/10/templates/web/nginx/force-https-webmail-phpmyadmin.tpl
index 851ac0dc..8bdbea42 100644
--- a/install/debian/10/templates/web/nginx/force-https-webmail-phpmyadmin.tpl
+++ b/install/debian/10/templates/web/nginx/force-https-webmail-phpmyadmin.tpl
@@ -2,7 +2,7 @@ server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
     location / {
-        rewrite ^(.*) https://%domain_idn%$1 permanent;
+        rewrite ^(.*) https://$host%$1 permanent;
     }
 include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
 }
diff --git a/install/debian/10/templates/web/nginx/force-https.tpl b/install/debian/10/templates/web/nginx/force-https.tpl
index 851ac0dc..8bdbea42 100644
--- a/install/debian/10/templates/web/nginx/force-https.tpl
+++ b/install/debian/10/templates/web/nginx/force-https.tpl
@@ -2,7 +2,7 @@ server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
     location / {
-        rewrite ^(.*) https://%domain_idn%$1 permanent;
+        rewrite ^(.*) https://$host%$1 permanent;
     }
 include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
 }
diff --git a/install/debian/10/templates/web/nginx/private-force-https.tpl b/install/debian/10/templates/web/nginx/private-force-https.tpl
index 851ac0dc..8bdbea42 100644
--- a/install/debian/10/templates/web/nginx/private-force-https.tpl
+++ b/install/debian/10/templates/web/nginx/private-force-https.tpl
@@ -2,7 +2,7 @@ server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
     location / {
-        rewrite ^(.*) https://%domain_idn%$1 permanent;
+        rewrite ^(.*) https://$host%$1 permanent;
     }
 include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
 }
diff --git a/install/debian/11/templates/web/nginx/force-https-legacy.tpl b/install/debian/11/templates/web/nginx/force-https-legacy.tpl
index 851ac0dc..8bdbea42 100644
--- a/install/debian/11/templates/web/nginx/force-https-legacy.tpl
+++ b/install/debian/11/templates/web/nginx/force-https-legacy.tpl
@@ -2,7 +2,7 @@ server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
     location / {
-        rewrite ^(.*) https://%domain_idn%$1 permanent;
+        rewrite ^(.*) https://$host%$1 permanent;
     }
 include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
 }
diff --git a/install/debian/11/templates/web/nginx/force-https-public.tpl b/install/debian/11/templates/web/nginx/force-https-public.tpl
index 851ac0dc..8bdbea42 100644
--- a/install/debian/11/templates/web/nginx/force-https-public.tpl
+++ b/install/debian/11/templates/web/nginx/force-https-public.tpl
@@ -2,7 +2,7 @@ server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
     location / {
-        rewrite ^(.*) https://%domain_idn%$1 permanent;
+        rewrite ^(.*) https://$host%$1 permanent;
     }
 include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
 }
diff --git a/install/debian/11/templates/web/nginx/force-https-webmail-phpmyadmin.tpl b/install/debian/11/templates/web/nginx/force-https-webmail-phpmyadmin.tpl
index 851ac0dc..8bdbea42 100644
--- a/install/debian/11/templates/web/nginx/force-https-webmail-phpmyadmin.tpl
+++ b/install/debian/11/templates/web/nginx/force-https-webmail-phpmyadmin.tpl
@@ -2,7 +2,7 @@ server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
     location / {
-        rewrite ^(.*) https://%domain_idn%$1 permanent;
+        rewrite ^(.*) https://$host%$1 permanent;
     }
 include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
 }
diff --git a/install/debian/11/templates/web/nginx/force-https.tpl b/install/debian/11/templates/web/nginx/force-https.tpl
index 851ac0dc..8bdbea42 100644
--- a/install/debian/11/templates/web/nginx/force-https.tpl
+++ b/install/debian/11/templates/web/nginx/force-https.tpl
@@ -2,7 +2,7 @@ server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
     location / {
-        rewrite ^(.*) https://%domain_idn%$1 permanent;
+        rewrite ^(.*) https://$host%$1 permanent;
     }
 include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
 }
diff --git a/install/debian/11/templates/web/nginx/private-force-https.tpl b/install/debian/11/templates/web/nginx/private-force-https.tpl
index 851ac0dc..8bdbea42 100644
--- a/install/debian/11/templates/web/nginx/private-force-https.tpl
+++ b/install/debian/11/templates/web/nginx/private-force-https.tpl
@@ -2,7 +2,7 @@ server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
     location / {
-        rewrite ^(.*) https://%domain_idn%$1 permanent;
+        rewrite ^(.*) https://$host%$1 permanent;
     }
 include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
 }

From ce7f31121dbf800f5e738749303dcef7ed39c6b2 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 25 Mar 2023 16:10:09 +0100
Subject: [PATCH 1864/2300] https redirect to the same host (deb9)

---
 .../web/nginx/force-https-legacy.stpl         | 39 ++++++++++++
 .../web/nginx/force-https-legacy.tpl          |  8 +++
 .../web/nginx/force-https-public.stpl         | 39 ++++++++++++
 .../web/nginx/force-https-public.tpl          |  8 +++
 .../nginx/force-https-webmail-phpmyadmin.stpl | 63 +++++++++++++++++++
 .../nginx/force-https-webmail-phpmyadmin.tpl  |  8 +++
 .../8/templates/web/nginx/force-https.stpl    | 39 ++++++++++++
 .../8/templates/web/nginx/force-https.tpl     |  8 +++
 .../web/nginx/private-force-https.stpl        | 39 ++++++++++++
 9 files changed, 251 insertions(+)
 create mode 100644 install/debian/8/templates/web/nginx/force-https-legacy.stpl
 create mode 100644 install/debian/8/templates/web/nginx/force-https-legacy.tpl
 create mode 100644 install/debian/8/templates/web/nginx/force-https-public.stpl
 create mode 100644 install/debian/8/templates/web/nginx/force-https-public.tpl
 create mode 100644 install/debian/8/templates/web/nginx/force-https-webmail-phpmyadmin.stpl
 create mode 100644 install/debian/8/templates/web/nginx/force-https-webmail-phpmyadmin.tpl
 create mode 100644 install/debian/8/templates/web/nginx/force-https.stpl
 create mode 100644 install/debian/8/templates/web/nginx/force-https.tpl
 create mode 100644 install/debian/8/templates/web/nginx/private-force-https.stpl

diff --git a/install/debian/8/templates/web/nginx/force-https-legacy.stpl b/install/debian/8/templates/web/nginx/force-https-legacy.stpl
new file mode 100644
index 00000000..79e55a26
--- /dev/null
+++ b/install/debian/8/templates/web/nginx/force-https-legacy.stpl
@@ -0,0 +1,39 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+    include %home%/%user%/conf/web/s%proxy_system%.%domain%.conf*;
+}
diff --git a/install/debian/8/templates/web/nginx/force-https-legacy.tpl b/install/debian/8/templates/web/nginx/force-https-legacy.tpl
new file mode 100644
index 00000000..8bdbea42
--- /dev/null
+++ b/install/debian/8/templates/web/nginx/force-https-legacy.tpl
@@ -0,0 +1,8 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    location / {
+        rewrite ^(.*) https://$host%$1 permanent;
+    }
+include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+}
diff --git a/install/debian/8/templates/web/nginx/force-https-public.stpl b/install/debian/8/templates/web/nginx/force-https-public.stpl
new file mode 100644
index 00000000..ac422df6
--- /dev/null
+++ b/install/debian/8/templates/web/nginx/force-https-public.stpl
@@ -0,0 +1,39 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%/public;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%/public;
+
+    include %home%/%user%/conf/web/snginx.%domain_idn%.conf*;
+}
+
diff --git a/install/debian/8/templates/web/nginx/force-https-public.tpl b/install/debian/8/templates/web/nginx/force-https-public.tpl
new file mode 100644
index 00000000..8bdbea42
--- /dev/null
+++ b/install/debian/8/templates/web/nginx/force-https-public.tpl
@@ -0,0 +1,8 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    location / {
+        rewrite ^(.*) https://$host%$1 permanent;
+    }
+include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+}
diff --git a/install/debian/8/templates/web/nginx/force-https-webmail-phpmyadmin.stpl b/install/debian/8/templates/web/nginx/force-https-webmail-phpmyadmin.stpl
new file mode 100644
index 00000000..7e0e71d1
--- /dev/null
+++ b/install/debian/8/templates/web/nginx/force-https-webmail-phpmyadmin.stpl
@@ -0,0 +1,63 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /webmail {
+        disable_symlinks off;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           /var/lib/roundcube;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /phpmyadmin {
+        disable_symlinks off;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           /usr/share;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/install/debian/8/templates/web/nginx/force-https-webmail-phpmyadmin.tpl b/install/debian/8/templates/web/nginx/force-https-webmail-phpmyadmin.tpl
new file mode 100644
index 00000000..8bdbea42
--- /dev/null
+++ b/install/debian/8/templates/web/nginx/force-https-webmail-phpmyadmin.tpl
@@ -0,0 +1,8 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    location / {
+        rewrite ^(.*) https://$host%$1 permanent;
+    }
+include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+}
diff --git a/install/debian/8/templates/web/nginx/force-https.stpl b/install/debian/8/templates/web/nginx/force-https.stpl
new file mode 100644
index 00000000..33fab443
--- /dev/null
+++ b/install/debian/8/templates/web/nginx/force-https.stpl
@@ -0,0 +1,39 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+    include %home%/%user%/conf/web/s%proxy_system%.%domain%.conf*;
+}
diff --git a/install/debian/8/templates/web/nginx/force-https.tpl b/install/debian/8/templates/web/nginx/force-https.tpl
new file mode 100644
index 00000000..8bdbea42
--- /dev/null
+++ b/install/debian/8/templates/web/nginx/force-https.tpl
@@ -0,0 +1,8 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    location / {
+        rewrite ^(.*) https://$host%$1 permanent;
+    }
+include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+}
diff --git a/install/debian/8/templates/web/nginx/private-force-https.stpl b/install/debian/8/templates/web/nginx/private-force-https.stpl
new file mode 100644
index 00000000..64094fb8
--- /dev/null
+++ b/install/debian/8/templates/web/nginx/private-force-https.stpl
@@ -0,0 +1,39 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        auth_basic           "Restricted area";
+        auth_basic_user_file /etc/nginx/.htpasswd;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+    include %home%/%user%/conf/web/s%proxy_system%.%domain%.conf*;
+}

From fdd8350fef054a18d55d5a848d4c51566a6068ff Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 25 Mar 2023 16:12:44 +0100
Subject: [PATCH 1865/2300] https redirect to the same host (deb9)

---
 .../web/nginx/force-https-legacy.stpl         | 39 ++++++++++++
 .../web/nginx/force-https-legacy.tpl          |  8 +++
 .../web/nginx/force-https-public.stpl         | 39 ++++++++++++
 .../web/nginx/force-https-public.tpl          |  8 +++
 .../nginx/force-https-webmail-phpmyadmin.stpl | 63 +++++++++++++++++++
 .../nginx/force-https-webmail-phpmyadmin.tpl  |  8 +++
 .../9/templates/web/nginx/force-https.stpl    | 39 ++++++++++++
 .../9/templates/web/nginx/force-https.tpl     |  8 +++
 .../web/nginx/private-force-https.stpl        | 39 ++++++++++++
 9 files changed, 251 insertions(+)
 create mode 100644 install/debian/9/templates/web/nginx/force-https-legacy.stpl
 create mode 100644 install/debian/9/templates/web/nginx/force-https-legacy.tpl
 create mode 100644 install/debian/9/templates/web/nginx/force-https-public.stpl
 create mode 100644 install/debian/9/templates/web/nginx/force-https-public.tpl
 create mode 100644 install/debian/9/templates/web/nginx/force-https-webmail-phpmyadmin.stpl
 create mode 100644 install/debian/9/templates/web/nginx/force-https-webmail-phpmyadmin.tpl
 create mode 100644 install/debian/9/templates/web/nginx/force-https.stpl
 create mode 100644 install/debian/9/templates/web/nginx/force-https.tpl
 create mode 100644 install/debian/9/templates/web/nginx/private-force-https.stpl

diff --git a/install/debian/9/templates/web/nginx/force-https-legacy.stpl b/install/debian/9/templates/web/nginx/force-https-legacy.stpl
new file mode 100644
index 00000000..79e55a26
--- /dev/null
+++ b/install/debian/9/templates/web/nginx/force-https-legacy.stpl
@@ -0,0 +1,39 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+    include %home%/%user%/conf/web/s%proxy_system%.%domain%.conf*;
+}
diff --git a/install/debian/9/templates/web/nginx/force-https-legacy.tpl b/install/debian/9/templates/web/nginx/force-https-legacy.tpl
new file mode 100644
index 00000000..8bdbea42
--- /dev/null
+++ b/install/debian/9/templates/web/nginx/force-https-legacy.tpl
@@ -0,0 +1,8 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    location / {
+        rewrite ^(.*) https://$host%$1 permanent;
+    }
+include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+}
diff --git a/install/debian/9/templates/web/nginx/force-https-public.stpl b/install/debian/9/templates/web/nginx/force-https-public.stpl
new file mode 100644
index 00000000..ac422df6
--- /dev/null
+++ b/install/debian/9/templates/web/nginx/force-https-public.stpl
@@ -0,0 +1,39 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%/public;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%/public;
+
+    include %home%/%user%/conf/web/snginx.%domain_idn%.conf*;
+}
+
diff --git a/install/debian/9/templates/web/nginx/force-https-public.tpl b/install/debian/9/templates/web/nginx/force-https-public.tpl
new file mode 100644
index 00000000..8bdbea42
--- /dev/null
+++ b/install/debian/9/templates/web/nginx/force-https-public.tpl
@@ -0,0 +1,8 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    location / {
+        rewrite ^(.*) https://$host%$1 permanent;
+    }
+include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+}
diff --git a/install/debian/9/templates/web/nginx/force-https-webmail-phpmyadmin.stpl b/install/debian/9/templates/web/nginx/force-https-webmail-phpmyadmin.stpl
new file mode 100644
index 00000000..7e0e71d1
--- /dev/null
+++ b/install/debian/9/templates/web/nginx/force-https-webmail-phpmyadmin.stpl
@@ -0,0 +1,63 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /webmail {
+        disable_symlinks off;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           /var/lib/roundcube;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /phpmyadmin {
+        disable_symlinks off;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           /usr/share;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/install/debian/9/templates/web/nginx/force-https-webmail-phpmyadmin.tpl b/install/debian/9/templates/web/nginx/force-https-webmail-phpmyadmin.tpl
new file mode 100644
index 00000000..8bdbea42
--- /dev/null
+++ b/install/debian/9/templates/web/nginx/force-https-webmail-phpmyadmin.tpl
@@ -0,0 +1,8 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    location / {
+        rewrite ^(.*) https://$host%$1 permanent;
+    }
+include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+}
diff --git a/install/debian/9/templates/web/nginx/force-https.stpl b/install/debian/9/templates/web/nginx/force-https.stpl
new file mode 100644
index 00000000..33fab443
--- /dev/null
+++ b/install/debian/9/templates/web/nginx/force-https.stpl
@@ -0,0 +1,39 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+    include %home%/%user%/conf/web/s%proxy_system%.%domain%.conf*;
+}
diff --git a/install/debian/9/templates/web/nginx/force-https.tpl b/install/debian/9/templates/web/nginx/force-https.tpl
new file mode 100644
index 00000000..8bdbea42
--- /dev/null
+++ b/install/debian/9/templates/web/nginx/force-https.tpl
@@ -0,0 +1,8 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    location / {
+        rewrite ^(.*) https://$host%$1 permanent;
+    }
+include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+}
diff --git a/install/debian/9/templates/web/nginx/private-force-https.stpl b/install/debian/9/templates/web/nginx/private-force-https.stpl
new file mode 100644
index 00000000..64094fb8
--- /dev/null
+++ b/install/debian/9/templates/web/nginx/private-force-https.stpl
@@ -0,0 +1,39 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        auth_basic           "Restricted area";
+        auth_basic_user_file /etc/nginx/.htpasswd;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+    include %home%/%user%/conf/web/s%proxy_system%.%domain%.conf*;
+}

From 66097392bf6fe30edabb679615211f3b16a04980 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 25 Mar 2023 16:22:49 +0100
Subject: [PATCH 1866/2300] deb8 ttp2->ssl fix

---
 .../debian/8/templates/web/nginx/force-https-legacy.stpl  | 2 +-
 .../debian/8/templates/web/nginx/force-https-public.stpl  | 2 +-
 .../web/nginx/force-https-webmail-phpmyadmin.stpl         | 2 +-
 install/debian/8/templates/web/nginx/force-https.stpl     | 2 +-
 .../debian/8/templates/web/nginx/private-force-https.stpl | 2 +-
 .../debian/8/templates/web/nginx/private-force-https.tpl  | 8 ++++++++
 6 files changed, 13 insertions(+), 5 deletions(-)
 create mode 100644 install/debian/8/templates/web/nginx/private-force-https.tpl

diff --git a/install/debian/8/templates/web/nginx/force-https-legacy.stpl b/install/debian/8/templates/web/nginx/force-https-legacy.stpl
index 79e55a26..4e51748d 100644
--- a/install/debian/8/templates/web/nginx/force-https-legacy.stpl
+++ b/install/debian/8/templates/web/nginx/force-https-legacy.stpl
@@ -1,5 +1,5 @@
 server {
-    listen      %ip%:%proxy_ssl_port% ssl http2;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
 
     ssl_certificate      %ssl_pem%;
diff --git a/install/debian/8/templates/web/nginx/force-https-public.stpl b/install/debian/8/templates/web/nginx/force-https-public.stpl
index ac422df6..9522313b 100644
--- a/install/debian/8/templates/web/nginx/force-https-public.stpl
+++ b/install/debian/8/templates/web/nginx/force-https-public.stpl
@@ -1,5 +1,5 @@
 server {
-    listen      %ip%:%proxy_ssl_port% ssl http2;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
 
     ssl_certificate      %ssl_pem%;
diff --git a/install/debian/8/templates/web/nginx/force-https-webmail-phpmyadmin.stpl b/install/debian/8/templates/web/nginx/force-https-webmail-phpmyadmin.stpl
index 7e0e71d1..2d62e72b 100644
--- a/install/debian/8/templates/web/nginx/force-https-webmail-phpmyadmin.stpl
+++ b/install/debian/8/templates/web/nginx/force-https-webmail-phpmyadmin.stpl
@@ -1,5 +1,5 @@
 server {
-    listen      %ip%:%proxy_ssl_port% ssl http2;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
 
     ssl_certificate      %ssl_pem%;
diff --git a/install/debian/8/templates/web/nginx/force-https.stpl b/install/debian/8/templates/web/nginx/force-https.stpl
index 33fab443..d138ea63 100644
--- a/install/debian/8/templates/web/nginx/force-https.stpl
+++ b/install/debian/8/templates/web/nginx/force-https.stpl
@@ -1,5 +1,5 @@
 server {
-    listen      %ip%:%proxy_ssl_port% ssl http2;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
 
     ssl_certificate      %ssl_pem%;
diff --git a/install/debian/8/templates/web/nginx/private-force-https.stpl b/install/debian/8/templates/web/nginx/private-force-https.stpl
index 64094fb8..c77baf91 100644
--- a/install/debian/8/templates/web/nginx/private-force-https.stpl
+++ b/install/debian/8/templates/web/nginx/private-force-https.stpl
@@ -1,5 +1,5 @@
 server {
-    listen      %ip%:%proxy_ssl_port% ssl http2;
+    listen      %ip%:%proxy_ssl_port% ssl;
     server_name %domain_idn% %alias_idn%;
 
     ssl_certificate      %ssl_pem%;
diff --git a/install/debian/8/templates/web/nginx/private-force-https.tpl b/install/debian/8/templates/web/nginx/private-force-https.tpl
new file mode 100644
index 00000000..8bdbea42
--- /dev/null
+++ b/install/debian/8/templates/web/nginx/private-force-https.tpl
@@ -0,0 +1,8 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    location / {
+        rewrite ^(.*) https://$host%$1 permanent;
+    }
+include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+}

From 71f91ba16dbbe713d78c632b2dc94ce7827ae826 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 25 Mar 2023 16:24:20 +0100
Subject: [PATCH 1867/2300] deb9 private-force-https.tpl

---
 .../debian/9/templates/web/nginx/private-force-https.tpl  | 8 ++++++++
 1 file changed, 8 insertions(+)
 create mode 100644 install/debian/9/templates/web/nginx/private-force-https.tpl

diff --git a/install/debian/9/templates/web/nginx/private-force-https.tpl b/install/debian/9/templates/web/nginx/private-force-https.tpl
new file mode 100644
index 00000000..8bdbea42
--- /dev/null
+++ b/install/debian/9/templates/web/nginx/private-force-https.tpl
@@ -0,0 +1,8 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    location / {
+        rewrite ^(.*) https://$host%$1 permanent;
+    }
+include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+}

From 797ae8e515f72987234130326225144b671c9191 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 25 Mar 2023 18:19:29 +0100
Subject: [PATCH 1868/2300] force-https.patch

---
 src/deb/for-download/tools/patches/force-https.patch | 11 +++++++++++
 1 file changed, 11 insertions(+)
 create mode 100644 src/deb/for-download/tools/patches/force-https.patch

diff --git a/src/deb/for-download/tools/patches/force-https.patch b/src/deb/for-download/tools/patches/force-https.patch
new file mode 100644
index 00000000..8de3c241
--- /dev/null
+++ b/src/deb/for-download/tools/patches/force-https.patch
@@ -0,0 +1,11 @@
+--- force-https.tpl.orig	2023-03-25 18:15:15.577555584 +0100
++++ force-https.tpl	2023-03-25 16:51:48.044997322 +0100
+@@ -2,7 +2,7 @@
+     listen      %ip%:%proxy_port%;
+     server_name %domain_idn% %alias_idn%;
+     location / {
+-        rewrite ^(.*) https://%domain_idn%$1 permanent;
++        rewrite ^(.*) https://$host%$1 permanent;
+     }
+ include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+ }

From 505c4085f5f8b0ef7894dd03d7220b9f26b47113 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 25 Mar 2023 18:30:41 +0100
Subject: [PATCH 1869/2300] Update force-https.patch

---
 src/deb/for-download/tools/patches/force-https.patch | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/for-download/tools/patches/force-https.patch b/src/deb/for-download/tools/patches/force-https.patch
index 8de3c241..05c2004d 100644
--- a/src/deb/for-download/tools/patches/force-https.patch
+++ b/src/deb/for-download/tools/patches/force-https.patch
@@ -5,7 +5,7 @@
      server_name %domain_idn% %alias_idn%;
      location / {
 -        rewrite ^(.*) https://%domain_idn%$1 permanent;
-+        rewrite ^(.*) https://$host%$1 permanent;
++        rewrite ^(.*) https://$host$1 permanent;
      }
  include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
  }

From d84a021354d4f8bf317e558b1225c6cdd6acb728 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 25 Mar 2023 23:59:28 +0100
Subject: [PATCH 1870/2300] force-https fix

---
 install/debian/10/templates/web/nginx/force-https-legacy.tpl    | 2 +-
 install/debian/10/templates/web/nginx/force-https-public.tpl    | 2 +-
 .../10/templates/web/nginx/force-https-webmail-phpmyadmin.tpl   | 2 +-
 install/debian/10/templates/web/nginx/force-https.tpl           | 2 +-
 install/debian/10/templates/web/nginx/private-force-https.tpl   | 2 +-
 install/debian/11/templates/web/nginx/force-https-legacy.tpl    | 2 +-
 install/debian/11/templates/web/nginx/force-https-public.tpl    | 2 +-
 .../11/templates/web/nginx/force-https-webmail-phpmyadmin.tpl   | 2 +-
 install/debian/11/templates/web/nginx/force-https.tpl           | 2 +-
 install/debian/11/templates/web/nginx/private-force-https.tpl   | 2 +-
 install/debian/8/templates/web/nginx/force-https-legacy.tpl     | 2 +-
 install/debian/8/templates/web/nginx/force-https-public.tpl     | 2 +-
 .../8/templates/web/nginx/force-https-webmail-phpmyadmin.tpl    | 2 +-
 install/debian/8/templates/web/nginx/force-https.tpl            | 2 +-
 install/debian/8/templates/web/nginx/private-force-https.tpl    | 2 +-
 install/debian/9/templates/web/nginx/force-https-legacy.tpl     | 2 +-
 install/debian/9/templates/web/nginx/force-https-public.tpl     | 2 +-
 .../9/templates/web/nginx/force-https-webmail-phpmyadmin.tpl    | 2 +-
 install/debian/9/templates/web/nginx/force-https.tpl            | 2 +-
 install/debian/9/templates/web/nginx/private-force-https.tpl    | 2 +-
 .../nodejs-nginx-templates/node-app-3000-pass-to-https.tpl      | 2 +-
 .../for-download/tools/nodejs-nginx-templates/node-app-3000.tpl | 2 +-
 .../nodejs-nginx-templates/node-app-4000-and-websocket-6001.tpl | 2 +-
 .../force-https-firewall-burst-2-speed-2-conn-4.tpl             | 2 +-
 .../rate-limit-tpl/force-https-firewall-burst-2-speed-2.tpl     | 2 +-
 .../tools/rate-limit-tpl/force-https-firewall-burst-2.tpl       | 2 +-
 .../for-download/tools/rate-limit-tpl/force-https-firewall.tpl  | 2 +-
 .../tools/rocket-nginx-templates/wprocket-force-https.tpl       | 2 +-
 28 files changed, 28 insertions(+), 28 deletions(-)

diff --git a/install/debian/10/templates/web/nginx/force-https-legacy.tpl b/install/debian/10/templates/web/nginx/force-https-legacy.tpl
index 8bdbea42..5a463370 100644
--- a/install/debian/10/templates/web/nginx/force-https-legacy.tpl
+++ b/install/debian/10/templates/web/nginx/force-https-legacy.tpl
@@ -2,7 +2,7 @@ server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
     location / {
-        rewrite ^(.*) https://$host%$1 permanent;
+        rewrite ^(.*) https://$host$1 permanent;
     }
 include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
 }
diff --git a/install/debian/10/templates/web/nginx/force-https-public.tpl b/install/debian/10/templates/web/nginx/force-https-public.tpl
index 8bdbea42..5a463370 100644
--- a/install/debian/10/templates/web/nginx/force-https-public.tpl
+++ b/install/debian/10/templates/web/nginx/force-https-public.tpl
@@ -2,7 +2,7 @@ server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
     location / {
-        rewrite ^(.*) https://$host%$1 permanent;
+        rewrite ^(.*) https://$host$1 permanent;
     }
 include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
 }
diff --git a/install/debian/10/templates/web/nginx/force-https-webmail-phpmyadmin.tpl b/install/debian/10/templates/web/nginx/force-https-webmail-phpmyadmin.tpl
index 8bdbea42..5a463370 100644
--- a/install/debian/10/templates/web/nginx/force-https-webmail-phpmyadmin.tpl
+++ b/install/debian/10/templates/web/nginx/force-https-webmail-phpmyadmin.tpl
@@ -2,7 +2,7 @@ server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
     location / {
-        rewrite ^(.*) https://$host%$1 permanent;
+        rewrite ^(.*) https://$host$1 permanent;
     }
 include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
 }
diff --git a/install/debian/10/templates/web/nginx/force-https.tpl b/install/debian/10/templates/web/nginx/force-https.tpl
index 8bdbea42..5a463370 100644
--- a/install/debian/10/templates/web/nginx/force-https.tpl
+++ b/install/debian/10/templates/web/nginx/force-https.tpl
@@ -2,7 +2,7 @@ server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
     location / {
-        rewrite ^(.*) https://$host%$1 permanent;
+        rewrite ^(.*) https://$host$1 permanent;
     }
 include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
 }
diff --git a/install/debian/10/templates/web/nginx/private-force-https.tpl b/install/debian/10/templates/web/nginx/private-force-https.tpl
index 8bdbea42..5a463370 100644
--- a/install/debian/10/templates/web/nginx/private-force-https.tpl
+++ b/install/debian/10/templates/web/nginx/private-force-https.tpl
@@ -2,7 +2,7 @@ server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
     location / {
-        rewrite ^(.*) https://$host%$1 permanent;
+        rewrite ^(.*) https://$host$1 permanent;
     }
 include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
 }
diff --git a/install/debian/11/templates/web/nginx/force-https-legacy.tpl b/install/debian/11/templates/web/nginx/force-https-legacy.tpl
index 8bdbea42..5a463370 100644
--- a/install/debian/11/templates/web/nginx/force-https-legacy.tpl
+++ b/install/debian/11/templates/web/nginx/force-https-legacy.tpl
@@ -2,7 +2,7 @@ server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
     location / {
-        rewrite ^(.*) https://$host%$1 permanent;
+        rewrite ^(.*) https://$host$1 permanent;
     }
 include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
 }
diff --git a/install/debian/11/templates/web/nginx/force-https-public.tpl b/install/debian/11/templates/web/nginx/force-https-public.tpl
index 8bdbea42..5a463370 100644
--- a/install/debian/11/templates/web/nginx/force-https-public.tpl
+++ b/install/debian/11/templates/web/nginx/force-https-public.tpl
@@ -2,7 +2,7 @@ server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
     location / {
-        rewrite ^(.*) https://$host%$1 permanent;
+        rewrite ^(.*) https://$host$1 permanent;
     }
 include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
 }
diff --git a/install/debian/11/templates/web/nginx/force-https-webmail-phpmyadmin.tpl b/install/debian/11/templates/web/nginx/force-https-webmail-phpmyadmin.tpl
index 8bdbea42..5a463370 100644
--- a/install/debian/11/templates/web/nginx/force-https-webmail-phpmyadmin.tpl
+++ b/install/debian/11/templates/web/nginx/force-https-webmail-phpmyadmin.tpl
@@ -2,7 +2,7 @@ server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
     location / {
-        rewrite ^(.*) https://$host%$1 permanent;
+        rewrite ^(.*) https://$host$1 permanent;
     }
 include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
 }
diff --git a/install/debian/11/templates/web/nginx/force-https.tpl b/install/debian/11/templates/web/nginx/force-https.tpl
index 8bdbea42..5a463370 100644
--- a/install/debian/11/templates/web/nginx/force-https.tpl
+++ b/install/debian/11/templates/web/nginx/force-https.tpl
@@ -2,7 +2,7 @@ server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
     location / {
-        rewrite ^(.*) https://$host%$1 permanent;
+        rewrite ^(.*) https://$host$1 permanent;
     }
 include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
 }
diff --git a/install/debian/11/templates/web/nginx/private-force-https.tpl b/install/debian/11/templates/web/nginx/private-force-https.tpl
index 8bdbea42..5a463370 100644
--- a/install/debian/11/templates/web/nginx/private-force-https.tpl
+++ b/install/debian/11/templates/web/nginx/private-force-https.tpl
@@ -2,7 +2,7 @@ server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
     location / {
-        rewrite ^(.*) https://$host%$1 permanent;
+        rewrite ^(.*) https://$host$1 permanent;
     }
 include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
 }
diff --git a/install/debian/8/templates/web/nginx/force-https-legacy.tpl b/install/debian/8/templates/web/nginx/force-https-legacy.tpl
index 8bdbea42..5a463370 100644
--- a/install/debian/8/templates/web/nginx/force-https-legacy.tpl
+++ b/install/debian/8/templates/web/nginx/force-https-legacy.tpl
@@ -2,7 +2,7 @@ server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
     location / {
-        rewrite ^(.*) https://$host%$1 permanent;
+        rewrite ^(.*) https://$host$1 permanent;
     }
 include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
 }
diff --git a/install/debian/8/templates/web/nginx/force-https-public.tpl b/install/debian/8/templates/web/nginx/force-https-public.tpl
index 8bdbea42..5a463370 100644
--- a/install/debian/8/templates/web/nginx/force-https-public.tpl
+++ b/install/debian/8/templates/web/nginx/force-https-public.tpl
@@ -2,7 +2,7 @@ server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
     location / {
-        rewrite ^(.*) https://$host%$1 permanent;
+        rewrite ^(.*) https://$host$1 permanent;
     }
 include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
 }
diff --git a/install/debian/8/templates/web/nginx/force-https-webmail-phpmyadmin.tpl b/install/debian/8/templates/web/nginx/force-https-webmail-phpmyadmin.tpl
index 8bdbea42..5a463370 100644
--- a/install/debian/8/templates/web/nginx/force-https-webmail-phpmyadmin.tpl
+++ b/install/debian/8/templates/web/nginx/force-https-webmail-phpmyadmin.tpl
@@ -2,7 +2,7 @@ server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
     location / {
-        rewrite ^(.*) https://$host%$1 permanent;
+        rewrite ^(.*) https://$host$1 permanent;
     }
 include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
 }
diff --git a/install/debian/8/templates/web/nginx/force-https.tpl b/install/debian/8/templates/web/nginx/force-https.tpl
index 8bdbea42..5a463370 100644
--- a/install/debian/8/templates/web/nginx/force-https.tpl
+++ b/install/debian/8/templates/web/nginx/force-https.tpl
@@ -2,7 +2,7 @@ server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
     location / {
-        rewrite ^(.*) https://$host%$1 permanent;
+        rewrite ^(.*) https://$host$1 permanent;
     }
 include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
 }
diff --git a/install/debian/8/templates/web/nginx/private-force-https.tpl b/install/debian/8/templates/web/nginx/private-force-https.tpl
index 8bdbea42..5a463370 100644
--- a/install/debian/8/templates/web/nginx/private-force-https.tpl
+++ b/install/debian/8/templates/web/nginx/private-force-https.tpl
@@ -2,7 +2,7 @@ server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
     location / {
-        rewrite ^(.*) https://$host%$1 permanent;
+        rewrite ^(.*) https://$host$1 permanent;
     }
 include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
 }
diff --git a/install/debian/9/templates/web/nginx/force-https-legacy.tpl b/install/debian/9/templates/web/nginx/force-https-legacy.tpl
index 8bdbea42..5a463370 100644
--- a/install/debian/9/templates/web/nginx/force-https-legacy.tpl
+++ b/install/debian/9/templates/web/nginx/force-https-legacy.tpl
@@ -2,7 +2,7 @@ server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
     location / {
-        rewrite ^(.*) https://$host%$1 permanent;
+        rewrite ^(.*) https://$host$1 permanent;
     }
 include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
 }
diff --git a/install/debian/9/templates/web/nginx/force-https-public.tpl b/install/debian/9/templates/web/nginx/force-https-public.tpl
index 8bdbea42..5a463370 100644
--- a/install/debian/9/templates/web/nginx/force-https-public.tpl
+++ b/install/debian/9/templates/web/nginx/force-https-public.tpl
@@ -2,7 +2,7 @@ server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
     location / {
-        rewrite ^(.*) https://$host%$1 permanent;
+        rewrite ^(.*) https://$host$1 permanent;
     }
 include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
 }
diff --git a/install/debian/9/templates/web/nginx/force-https-webmail-phpmyadmin.tpl b/install/debian/9/templates/web/nginx/force-https-webmail-phpmyadmin.tpl
index 8bdbea42..5a463370 100644
--- a/install/debian/9/templates/web/nginx/force-https-webmail-phpmyadmin.tpl
+++ b/install/debian/9/templates/web/nginx/force-https-webmail-phpmyadmin.tpl
@@ -2,7 +2,7 @@ server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
     location / {
-        rewrite ^(.*) https://$host%$1 permanent;
+        rewrite ^(.*) https://$host$1 permanent;
     }
 include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
 }
diff --git a/install/debian/9/templates/web/nginx/force-https.tpl b/install/debian/9/templates/web/nginx/force-https.tpl
index 8bdbea42..5a463370 100644
--- a/install/debian/9/templates/web/nginx/force-https.tpl
+++ b/install/debian/9/templates/web/nginx/force-https.tpl
@@ -2,7 +2,7 @@ server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
     location / {
-        rewrite ^(.*) https://$host%$1 permanent;
+        rewrite ^(.*) https://$host$1 permanent;
     }
 include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
 }
diff --git a/install/debian/9/templates/web/nginx/private-force-https.tpl b/install/debian/9/templates/web/nginx/private-force-https.tpl
index 8bdbea42..5a463370 100644
--- a/install/debian/9/templates/web/nginx/private-force-https.tpl
+++ b/install/debian/9/templates/web/nginx/private-force-https.tpl
@@ -2,7 +2,7 @@ server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
     location / {
-        rewrite ^(.*) https://$host%$1 permanent;
+        rewrite ^(.*) https://$host$1 permanent;
     }
 include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
 }
diff --git a/src/deb/for-download/tools/nodejs-nginx-templates/node-app-3000-pass-to-https.tpl b/src/deb/for-download/tools/nodejs-nginx-templates/node-app-3000-pass-to-https.tpl
index 851ac0dc..5a463370 100644
--- a/src/deb/for-download/tools/nodejs-nginx-templates/node-app-3000-pass-to-https.tpl
+++ b/src/deb/for-download/tools/nodejs-nginx-templates/node-app-3000-pass-to-https.tpl
@@ -2,7 +2,7 @@ server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
     location / {
-        rewrite ^(.*) https://%domain_idn%$1 permanent;
+        rewrite ^(.*) https://$host$1 permanent;
     }
 include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
 }
diff --git a/src/deb/for-download/tools/nodejs-nginx-templates/node-app-3000.tpl b/src/deb/for-download/tools/nodejs-nginx-templates/node-app-3000.tpl
index 851ac0dc..5a463370 100644
--- a/src/deb/for-download/tools/nodejs-nginx-templates/node-app-3000.tpl
+++ b/src/deb/for-download/tools/nodejs-nginx-templates/node-app-3000.tpl
@@ -2,7 +2,7 @@ server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
     location / {
-        rewrite ^(.*) https://%domain_idn%$1 permanent;
+        rewrite ^(.*) https://$host$1 permanent;
     }
 include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
 }
diff --git a/src/deb/for-download/tools/nodejs-nginx-templates/node-app-4000-and-websocket-6001.tpl b/src/deb/for-download/tools/nodejs-nginx-templates/node-app-4000-and-websocket-6001.tpl
index 958b2594..ee8db90e 100644
--- a/src/deb/for-download/tools/nodejs-nginx-templates/node-app-4000-and-websocket-6001.tpl
+++ b/src/deb/for-download/tools/nodejs-nginx-templates/node-app-4000-and-websocket-6001.tpl
@@ -2,7 +2,7 @@ server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
     location / {
-        rewrite ^(.*) https://%domain_idn%$1 permanent;
+        rewrite ^(.*) https://$host$1 permanent;
     }
 
     location /app {
diff --git a/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2-conn-4.tpl b/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2-conn-4.tpl
index 851ac0dc..5a463370 100644
--- a/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2-conn-4.tpl
+++ b/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2-conn-4.tpl
@@ -2,7 +2,7 @@ server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
     location / {
-        rewrite ^(.*) https://%domain_idn%$1 permanent;
+        rewrite ^(.*) https://$host$1 permanent;
     }
 include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
 }
diff --git a/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2.tpl b/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2.tpl
index 851ac0dc..5a463370 100644
--- a/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2.tpl
+++ b/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2-speed-2.tpl
@@ -2,7 +2,7 @@ server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
     location / {
-        rewrite ^(.*) https://%domain_idn%$1 permanent;
+        rewrite ^(.*) https://$host$1 permanent;
     }
 include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
 }
diff --git a/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2.tpl b/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2.tpl
index 851ac0dc..5a463370 100644
--- a/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2.tpl
+++ b/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall-burst-2.tpl
@@ -2,7 +2,7 @@ server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
     location / {
-        rewrite ^(.*) https://%domain_idn%$1 permanent;
+        rewrite ^(.*) https://$host$1 permanent;
     }
 include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
 }
diff --git a/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall.tpl b/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall.tpl
index 851ac0dc..5a463370 100644
--- a/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall.tpl
+++ b/src/deb/for-download/tools/rate-limit-tpl/force-https-firewall.tpl
@@ -2,7 +2,7 @@ server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
     location / {
-        rewrite ^(.*) https://%domain_idn%$1 permanent;
+        rewrite ^(.*) https://$host$1 permanent;
     }
 include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
 }
diff --git a/src/deb/for-download/tools/rocket-nginx-templates/wprocket-force-https.tpl b/src/deb/for-download/tools/rocket-nginx-templates/wprocket-force-https.tpl
index 851ac0dc..5a463370 100644
--- a/src/deb/for-download/tools/rocket-nginx-templates/wprocket-force-https.tpl
+++ b/src/deb/for-download/tools/rocket-nginx-templates/wprocket-force-https.tpl
@@ -2,7 +2,7 @@ server {
     listen      %ip%:%proxy_port%;
     server_name %domain_idn% %alias_idn%;
     location / {
-        rewrite ^(.*) https://%domain_idn%$1 permanent;
+        rewrite ^(.*) https://$host$1 permanent;
     }
 include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
 }

From 09dcc123be70b17f53d1b72bed77285d95a1b023 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 26 Mar 2023 03:40:33 +0200
Subject: [PATCH 1871/2300] Interpreter for calling myVesta PHP functions

---
 bin/v-php-func                   | 11 ++++++++
 func/bash-to-php-interpreter.php | 21 ++++++++++++++
 func/main.php                    | 21 ++++++++++++--
 func/string.php                  | 48 +++++++++++++++++++++++++++++---
 4 files changed, 95 insertions(+), 6 deletions(-)
 create mode 100644 bin/v-php-func
 create mode 100644 func/bash-to-php-interpreter.php

diff --git a/bin/v-php-func b/bin/v-php-func
new file mode 100644
index 00000000..dd75df43
--- /dev/null
+++ b/bin/v-php-func
@@ -0,0 +1,11 @@
+#!/bin/bash
+# info: calling myVesta PHP functions
+# options: FUNCTION
+#
+# The function is calling myVesta PHP functions.
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+php /usr/local/vesta/func/bash-to-php-interpreter.php "$@"
diff --git a/func/bash-to-php-interpreter.php b/func/bash-to-php-interpreter.php
new file mode 100644
index 00000000..6f06dae2
--- /dev/null
+++ b/func/bash-to-php-interpreter.php
@@ -0,0 +1,21 @@
+
Date: Sun, 26 Mar 2023 03:49:38 +0200
Subject: [PATCH 1872/2300] Update bash-to-php-interpreter.php

---
 func/bash-to-php-interpreter.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/func/bash-to-php-interpreter.php b/func/bash-to-php-interpreter.php
index 6f06dae2..f47e7f9c 100644
--- a/func/bash-to-php-interpreter.php
+++ b/func/bash-to-php-interpreter.php
@@ -6,7 +6,7 @@ include ("/usr/local/vesta/func/main.php");
 include ("/usr/local/vesta/func/string.php");
 
 $counter=count($argv);
-if ($counter<1) myvesta_throw_error(2, 'Function is missing');
+if ($counter<2) myvesta_throw_error(2, 'Function is missing');
 
 $func="myvesta_".$argv[1];
 if (!function_exists($func)) myvesta_throw_error(2, 'Function does not exists');

From beccead3889bd42459f8933ad55cdd6a17dc5a6d Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 26 Mar 2023 14:58:10 +0200
Subject: [PATCH 1873/2300] php-func fix

---
 bin/v-php-func                   |  1 +
 func/bash-to-php-interpreter.php | 21 +++++++++++++++++----
 func/main.php                    |  1 +
 func/string.php                  | 25 +++++++++++++++----------
 4 files changed, 34 insertions(+), 14 deletions(-)

diff --git a/bin/v-php-func b/bin/v-php-func
index dd75df43..f6192c33 100644
--- a/bin/v-php-func
+++ b/bin/v-php-func
@@ -9,3 +9,4 @@
 #----------------------------------------------------------#
 
 php /usr/local/vesta/func/bash-to-php-interpreter.php "$@"
+exit $?
diff --git a/func/bash-to-php-interpreter.php b/func/bash-to-php-interpreter.php
index f47e7f9c..6c1c2fa0 100644
--- a/func/bash-to-php-interpreter.php
+++ b/func/bash-to-php-interpreter.php
@@ -1,6 +1,6 @@
 
Date: Sun, 26 Mar 2023 15:01:52 +0200
Subject: [PATCH 1874/2300] tabs fix

---
 func/bash-to-php-interpreter.php | 22 +++++++++++-----------
 func/main.php                    | 22 +++++++++++-----------
 func/string.php                  | 20 ++++++++++----------
 3 files changed, 32 insertions(+), 32 deletions(-)

diff --git a/func/bash-to-php-interpreter.php b/func/bash-to-php-interpreter.php
index 6c1c2fa0..9c67ab55 100644
--- a/func/bash-to-php-interpreter.php
+++ b/func/bash-to-php-interpreter.php
@@ -10,25 +10,25 @@ if ($counter<2) myvesta_throw_error(2, 'Function is missing');
 
 $func=$argv[1];
 if (!function_exists($func)) {
-	$func="myvesta_".$argv[1];	
-	if (!function_exists($func)) myvesta_throw_error(2, 'Function does not exists');
+    $func="myvesta_".$argv[1];    
+    if (!function_exists($func)) myvesta_throw_error(2, 'Function does not exists');
 }
 
 $params=array();
 
 for ($i=2; $i<$counter; $i++) {
-	$argv[$i]=myvesta_fix_backslashes($argv[$i]);
-	$params[]=$argv[$i];
+    $argv[$i]=myvesta_fix_backslashes($argv[$i]);
+    $params[]=$argv[$i];
 }
 
 $r=call_user_func_array($func, $params);
 if (is_bool($r)) {
-	if ($r) {
-		exit(0);
-	} else {
-		exit(MYVESTA_ERROR_GENERAL);
-	}
+    if ($r) {
+        exit(0);
+    } else {
+        exit(MYVESTA_ERROR_GENERAL);
+    }
 } else {
-	echo $r;
-	exit(0);
+    echo $r;
+    exit(0);
 }
diff --git a/func/main.php b/func/main.php
index d09a6bd8..1a932fa7 100644
--- a/func/main.php
+++ b/func/main.php
@@ -18,10 +18,10 @@ function myvesta_throw_error($code, $message) {
 }
 
 function myvesta_fix_backslashes($s) {
-	$s=str_replace("\\n", "\n", $s);
-	$s=str_replace("\\r", "\r", $s);
-	$s=str_replace("\\t", "\t", $s);
-	return $s;
+    $s=str_replace("\\n", "\n", $s);
+    $s=str_replace("\\r", "\r", $s);
+    $s=str_replace("\\t", "\t", $s);
+    return $s;
 }
 
 function myvesta_check_args ($requried_arguments, $arguments) {
@@ -45,11 +45,11 @@ function myvesta_check_args ($requried_arguments, $arguments) {
 
 function myvesta_fix_args() {
     global $argv;
-	$i=0;
+    $i=0;
     foreach ($argv as $argument) {
-		if ($i==0) {$i++; continue;}
+        if ($i==0) {$i++; continue;}
         $argv[$i]=myvesta_fix_backslashes($argv[$i]);
-		$i++;
+        $i++;
     }
 }
 
@@ -60,8 +60,8 @@ function myvesta_exit($code) {
 }
 
 function myvesta_test_func () {
-	$args=func_get_args();
-	echo "You said: ";
-	print_r ($args);
-	echo "\n";
+    $args=func_get_args();
+    echo "You said: ";
+    print_r ($args);
+    echo "\n";
 }
diff --git a/func/string.php b/func/string.php
index 0fa284cf..3882c069 100644
--- a/func/string.php
+++ b/func/string.php
@@ -11,49 +11,49 @@ function myvesta_replace_in_file($file, $find, $replace) {
 
     $buf=str_replace($find, $replace, $buf);
     $r=file_put_contents($file, $buf);
-	if ($r===false) return false;
+    if ($r===false) return false;
     return true;
 }
 
 function myvesta_get_between_in_file($file, $left_substring, $right_substring, $start=0, $return_left_substring=0, $return_right_substring=0, $left_substring_necessary=1, $right_substring_necessary=1) {
     if (!file_exists($file)) return myvesta_throw_error (MYVESTA_ERROR_FILE_DOES_NOT_EXISTS, "File '$file' not found");
     $text=file_get_contents($file);
-	return myvesta_str_get_between ($text, $left_substring, $right_substring, $start, $return_left_substring, $return_right_substring, $left_substring_necessary, $right_substring_necessary);
+    return myvesta_str_get_between ($text, $left_substring, $right_substring, $start, $return_left_substring, $return_right_substring, $left_substring_necessary, $right_substring_necessary);
 }
 
 function myvesta_replace_in_file_once_between_including_borders($file, $left, $right, $replace_with) {
     if (!file_exists($file)) return myvesta_throw_error (MYVESTA_ERROR_FILE_DOES_NOT_EXISTS, "File '$file' not found");
     $text=file_get_contents($file);
-	$buf=myvesta_str_replace_once_between_including_borders($text, $left, $right, $replace_with);
+    $buf=myvesta_str_replace_once_between_including_borders($text, $left, $right, $replace_with);
     $r=file_put_contents($file, $buf);
-	if ($r===false) return false;
+    if ($r===false) return false;
     return true;
 }
 
 function myvesta_strip_once_in_file_between_including_borders($file, $left, $right) {
     if (!file_exists($file)) return myvesta_throw_error (MYVESTA_ERROR_FILE_DOES_NOT_EXISTS, "File '$file' not found");
     $text=file_get_contents($file);
-	$buf=myvesta_str_strip_once_between_including_borders($text, $left, $right);
+    $buf=myvesta_str_strip_once_between_including_borders($text, $left, $right);
     $r=file_put_contents($file, $buf);
-	if ($r===false) return false;
+    if ($r===false) return false;
     return true;
 }
 
 function myvesta_replace_in_file_between_including_borders($file, $left, $right, $replace_with) {
     if (!file_exists($file)) return myvesta_throw_error (MYVESTA_ERROR_FILE_DOES_NOT_EXISTS, "File '$file' not found");
     $text=file_get_contents($file);
-	$buf=myvesta_str_replace_between_including_borders($text, $left, $right, $replace_with);
+    $buf=myvesta_str_replace_between_including_borders($text, $left, $right, $replace_with);
     $r=file_put_contents($file, $buf);
-	if ($r===false) return false;
+    if ($r===false) return false;
     return true;
 }
 
 function myvesta_strip_in_file_between_including_borders($file, $left, $right) {
     if (!file_exists($file)) return myvesta_throw_error (MYVESTA_ERROR_FILE_DOES_NOT_EXISTS, "File '$file' not found");
     $text=file_get_contents($file);
-	$buf=myvesta_str_strip_between_including_borders($text, $left, $right);
+    $buf=myvesta_str_strip_between_including_borders($text, $left, $right);
     $r=file_put_contents($file, $buf);
-	if ($r===false) return false;
+    if ($r===false) return false;
     return true;
 }
 

From 201cdad4b30f0b36e6cfe975fedd9170872960b9 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 26 Mar 2023 15:06:22 +0200
Subject: [PATCH 1875/2300] exit with brackets fix

---
 func/bash-to-php-interpreter.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/func/bash-to-php-interpreter.php b/func/bash-to-php-interpreter.php
index 9c67ab55..6ed31455 100644
--- a/func/bash-to-php-interpreter.php
+++ b/func/bash-to-php-interpreter.php
@@ -1,6 +1,6 @@
 
Date: Sun, 26 Mar 2023 15:11:50 +0200
Subject: [PATCH 1876/2300] Strip 'BROWSER MEDIA CACHE' block in rocket-nginx
 conf

---
 src/deb/for-download/tools/install-rocket-nginx.sh | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/deb/for-download/tools/install-rocket-nginx.sh b/src/deb/for-download/tools/install-rocket-nginx.sh
index 3e298c7d..20364f80 100644
--- a/src/deb/for-download/tools/install-rocket-nginx.sh
+++ b/src/deb/for-download/tools/install-rocket-nginx.sh
@@ -17,6 +17,8 @@ fi
 cd rocket-nginx
 cp rocket-nginx.ini.disabled rocket-nginx.ini
 php rocket-parser.php
+/usr/local/vesta/bin/v-php-func 'strip_once_in_file_between_including_borders' '/etc/nginx/rocket-nginx/conf.d/default.conf' '# BROWSER MEDIA CACHE' '}'
+
 wget -nv -O /usr/local/vesta/data/templates/web/nginx/wprocket-force-https.tpl https://c.myvestacp.com/tools/rocket-nginx-templates/wprocket-force-https.tpl
 wget -nv -O /usr/local/vesta/data/templates/web/nginx/wprocket-force-https.stpl https://c.myvestacp.com/tools/rocket-nginx-templates/wprocket-force-https.stpl
 wget -nv -O /usr/local/vesta/data/templates/web/nginx/wprocket-hosting.tpl https://c.myvestacp.com/tools/rocket-nginx-templates/wprocket-hosting.tpl

From da136faf08b8cc83b8532cd04fe3fae53bb3b6ef Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 26 Mar 2023 19:04:45 +0200
Subject: [PATCH 1877/2300] php function "find_in_file"

---
 func/main.php   |  2 +-
 func/string.php | 11 +++++++++++
 2 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/func/main.php b/func/main.php
index 1a932fa7..cf13f3f0 100644
--- a/func/main.php
+++ b/func/main.php
@@ -12,7 +12,7 @@ define('MYVESTA_ERROR_GENERAL', 5);
 
 function myvesta_throw_error($code, $message) {
     global $myvesta_exit_on_error;
-    echo "ERROR: ".$message."\n";
+    if ($message!=='') echo "ERROR: ".$message."\n";
     if ($myvesta_exit_on_error) myvesta_exit($code);
     return $code;
 }
diff --git a/func/string.php b/func/string.php
index 3882c069..2b6a63d9 100644
--- a/func/string.php
+++ b/func/string.php
@@ -2,6 +2,17 @@
 
 // --- file functions ---
 
+function myvesta_find_in_file($file, $find) {
+    if (!file_exists($file)) return myvesta_throw_error (MYVESTA_ERROR_FILE_DOES_NOT_EXISTS, "File '$file' not found");
+
+    $buf=file_get_contents($file);
+
+    $pos=strpos($buf, $find);
+    if ($pos===false) return myvesta_throw_error (MYVESTA_ERROR_STRING_NOT_FOUND, "");
+
+    return $pos;
+}
+
 function myvesta_replace_in_file($file, $find, $replace) {
     if (!file_exists($file)) return myvesta_throw_error (MYVESTA_ERROR_FILE_DOES_NOT_EXISTS, "File '$file' not found");
 

From b1a3b88877efe2dd8f22bc2a2e5454ee825c0635 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 28 Mar 2023 10:39:38 +0200
Subject: [PATCH 1878/2300] new line on the output end if v-php-func called
 directly from shell

---
 func/bash-to-php-interpreter.php | 6 ++++++
 func/main.php                    | 5 ++---
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/func/bash-to-php-interpreter.php b/func/bash-to-php-interpreter.php
index 6ed31455..cd849d6c 100644
--- a/func/bash-to-php-interpreter.php
+++ b/func/bash-to-php-interpreter.php
@@ -1,5 +1,8 @@
 
Date: Tue, 28 Mar 2023 17:07:52 +0200
Subject: [PATCH 1879/2300] Security Improvements

---
 bin/v-install-wordpress | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/bin/v-install-wordpress b/bin/v-install-wordpress
index 4bf82c5f..70f3fc7b 100644
--- a/bin/v-install-wordpress
+++ b/bin/v-install-wordpress
@@ -128,7 +128,9 @@ sudo -H -u$user wp core config --dbname=$DBUSER --dbuser=$DBUSER --dbpass=$PASSW
 
 password=$(LC_CTYPE=C tr -dc A-Za-z0-9_\!\@\#\$\%\^\&\*\(\)-+= < /dev/urandom | head -c 12)
 
-sudo -H -u$user wp core install --url="$domain" --title="$domain" --admin_user="admin" --admin_password="$password" --admin_email="$email" --path=$WORKINGDIR
+wpadmin=$(echo "$domain" | sed 's#\.#_#g')_4dm1n
+
+sudo -H -u$user wp core install --url="$domain" --title="$domain" --admin_user="$wpadmin" --admin_password="$password" --admin_email="$email" --path=$WORKINGDIR
 
 mysql -u$DBUSER -p$PASSWDDB -e "USE $DBUSER; update wp_options set option_value = '$PROTOCOL://$domain' where option_name = 'siteurl'; update wp_options set option_value = '$PROTOCOL://$domain' where option_name = 'home';"
 
@@ -138,7 +140,7 @@ echo ""
 echo "Site: $PROTOCOL://$domain/"
 echo ""
 echo "Login: $PROTOCOL://$domain/wp-admin/"
-echo "Username: admin"
+echo "Username: $wpadmin"
 echo "Password: $password"
 echo ""
 echo "================================================================="

From 551df0b5a6cea7d8bce07053f5add474fd1cc30d Mon Sep 17 00:00:00 2001
From: isscbta <53144593+isscbta@users.noreply.github.com>
Date: Wed, 29 Mar 2023 15:45:36 +0200
Subject: [PATCH 1880/2300] Update v-clean-garbage

---
 bin/v-clean-garbage | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/bin/v-clean-garbage b/bin/v-clean-garbage
index 5b402653..72e8560e 100644
--- a/bin/v-clean-garbage
+++ b/bin/v-clean-garbage
@@ -45,13 +45,13 @@ find /var/log/exim4/ -type f -exec truncate -s 0 {} \;
 clean_home() {
     nice -n 19 ionice -c 3 find $1/*/tmp/ -type f -delete
     find $1/ -name '.wp-cli' -type d -exec rm -rf {} \; > /dev/null 2>&1
-    find $1/*/web/*/public_html/wp-content/aiowps_backups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
-    find $1/*/web/*/public_html/wp-content/envato-backups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
-    find $1/*/web/*/public_html/wp-content/ai1wm-backups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
-    find $1/*/web/*/public_html/wp-content/wpvividbackups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
-    find $1/*/web/*/public_html/wp-content/updraft/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete
+    find $1/*/web/*/public_html/wp-content/aiowps_backups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete > /dev/null 2>&1
+    find $1/*/web/*/public_html/wp-content/envato-backups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete > /dev/null 2>&1
+    find $1/*/web/*/public_html/wp-content/ai1wm-backups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete > /dev/null 2>&1
+    find $1/*/web/*/public_html/wp-content/wpvividbackups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete > /dev/null 2>&1
+    find $1/*/web/*/public_html/wp-content/updraft/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete > /dev/null 2>&1
     find $1/*/web/*/public_html/wp-content/plugins/ezpz-one-click-backup/backups/ -type f -not -name ".htaccess" -not -name "index.php" -not -name "index.html" -not -name "web.config" -delete > /dev/null 2>&1
-    find $1/*/web/*/public_html/ -type f -name "*.wpress" -delete
+    find $1/*/web/*/public_html/ -type f -name "*.wpress" -delete > /dev/null 2>&1
     nice -n 19 ionice -c 3 find $1/*/web/*/public_html/ -type f -name "error_log" -exec truncate -s 0 {} \;
     nice -n 19 ionice -c 3 find $1/*/web/*/public_html/ -type f -name "error_log.txt" -exec truncate -s 0 {} \;
     nice -n 19 ionice -c 3 find $1/ -type f -name "*.log" -exec truncate -s 0 {} \;

From a47603156d5da0b7c7fa1cdb640aaf63fc7f97c6 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 29 Mar 2023 15:48:42 +0200
Subject: [PATCH 1881/2300] Update exim_forwarding.patch

---
 src/deb/for-download/tools/patches/exim_forwarding.patch | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/deb/for-download/tools/patches/exim_forwarding.patch b/src/deb/for-download/tools/patches/exim_forwarding.patch
index 78b7ef69..1fa6d408 100644
--- a/src/deb/for-download/tools/patches/exim_forwarding.patch
+++ b/src/deb/for-download/tools/patches/exim_forwarding.patch
@@ -1,9 +1,9 @@
 --- old	2023-03-23 14:17:42.536656160 +0100
 +++ new	2023-03-24 23:07:08.186018906 +0100
 @@ -140,6 +140,11 @@
- 
+
    warn    set acl_m3    = no
-   
+  
 +  warn    !authenticated = *
 +          hosts          = !+relay_from_hosts
 +          condition     = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}{true}{false}}

From 3bafc5b064fdbbe1e31da69eef801548b4514985 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 1 Apr 2023 23:29:35 +0200
Subject: [PATCH 1882/2300] myvesta_echo php function

---
 func/bash-to-php-interpreter.php | 13 ++++++-----
 func/main.php                    | 37 +++++++++++++++++++++-----------
 2 files changed, 30 insertions(+), 20 deletions(-)

diff --git a/func/bash-to-php-interpreter.php b/func/bash-to-php-interpreter.php
index cd849d6c..13995e1c 100644
--- a/func/bash-to-php-interpreter.php
+++ b/func/bash-to-php-interpreter.php
@@ -1,5 +1,7 @@
 
Date: Wed, 5 Apr 2023 21:07:11 +0200
Subject: [PATCH 1883/2300] LetsEncrypt check if 'certificate' is empty on step
 6

---
 bin/v-add-letsencrypt-domain | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/bin/v-add-letsencrypt-domain b/bin/v-add-letsencrypt-domain
index faa51f8c..9d9b7cbe 100755
--- a/bin/v-add-letsencrypt-domain
+++ b/bin/v-add-letsencrypt-domain
@@ -323,6 +323,14 @@ if [[ "$status" -ne 200 ]]; then
     echo "[$(date)] : EXIT=Let's Encrypt finalize bad status $status" >> /usr/local/vesta/log/letsencrypt.log
     check_result $E_CONNECT "Let's Encrypt finalize bad status $status"
 fi
+if [ "$certificate" = "" ]; then
+    echo "[$(date)] : EXIT=Let's Encrypt 'certificate' is empty on step 6" >> /usr/local/vesta/log/letsencrypt.log
+    check_result $E_CONNECT "Let's Encrypt 'certificate' is empty on step 6"
+fi
+if [ "$nonce" = "" ]; then
+    echo "[$(date)] : EXIT=Let's Encrypt 'nonce' is empty on step 6" >> /usr/local/vesta/log/letsencrypt.log
+    check_result $E_CONNECT "Let's Encrypt 'nonce' is empty on step 6"
+fi
 
 # Downloading signed certificate / STEP 7
 echo "[$(date)] : --- Downloading signed certificate / STEP 7 ---" >> /usr/local/vesta/log/letsencrypt.log

From cdde300f80ce8abe9d5fa21ab5c711923715e4d3 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 5 Apr 2023 21:08:38 +0200
Subject: [PATCH 1884/2300] Version 0.9.8-26-61

---
 src/deb/latest.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/latest.txt b/src/deb/latest.txt
index 68750920..4ee18f6a 100644
--- a/src/deb/latest.txt
+++ b/src/deb/latest.txt
@@ -1 +1 @@
-vesta-0.9.8-26-60
+vesta-0.9.8-26-61

From a098a9831c8760cfc15c1d58470cfcc184d4a2d8 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 5 Apr 2023 21:10:28 +0200
Subject: [PATCH 1885/2300] Update Changelog.md

---
 Changelog.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/Changelog.md b/Changelog.md
index 9af9791b..e4938183 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -1,3 +1,7 @@
+Version 0.9.8-26-61 [05-Apr-2023]
+==================================================
+* Many bugfixes
+
 Version 0.9.8-26-60 [12-Feb-2023]
 ==================================================
 * New script: v-commander (useful for maintaining the server)

From f5132329c8500cccb48fcfc2e3657822071ebed5 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 5 Apr 2023 23:13:38 +0200
Subject: [PATCH 1886/2300] Update Changelog.md

---
 Changelog.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Changelog.md b/Changelog.md
index e4938183..28f5cd6c 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -1,6 +1,7 @@
 Version 0.9.8-26-61 [05-Apr-2023]
 ==================================================
 * Many bugfixes
+* Hotfix for LetsEncrypt to prevent Apache falling 
 
 Version 0.9.8-26-60 [12-Feb-2023]
 ==================================================

From 4771d2502c9f523a5d29bd25211ee443897af849 Mon Sep 17 00:00:00 2001
From: Jaap Marcus <9754650+jaapmarcus@users.noreply.github.com>
Date: Thu, 6 Apr 2023 01:23:10 +0200
Subject: [PATCH 1887/2300] Fix: Changes in Certificate request Lets Encrypt
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

See: https://community.letsencrypt.org/t/myvesta-hestiacp-vestacp-fail-issuance-with-async-finalization/195923

And https://github.com/hestiacp/hestiacp/pull/3442

Not tested on Vesta CP
❤️
---
 bin/v-add-letsencrypt-domain | 30 +++++++++++++++++++++++++-----
 1 file changed, 25 insertions(+), 5 deletions(-)

diff --git a/bin/v-add-letsencrypt-domain b/bin/v-add-letsencrypt-domain
index 9d9b7cbe..c37492b7 100755
--- a/bin/v-add-letsencrypt-domain
+++ b/bin/v-add-letsencrypt-domain
@@ -56,7 +56,7 @@ query_le_v2() {
     # Save http response to file passed as "$4" arg or print to stdout if not provided
     # http response headers are always sent to stdout
     local save_to_file=${4:-"/dev/stdout"}
-    curl --silent --dump-header /dev/stdout --data "$post_data" "$1" --header "$content" --output "$save_to_file"
+    curl --location --user-agent "MyVestaCP" --insecure --retry 5 --retry-connrefused --silent --dump-header /dev/stdout --data "$post_data" "$1" --header "$content" --output "$save_to_file"
 }
 
 
@@ -154,6 +154,8 @@ authz=$(echo "$answer" |grep "acme/authz" |cut -f2 -d '"')
 echo "[$(date)] : authz=$authz" >> /usr/local/vesta/log/letsencrypt.log
 finalize=$(echo "$answer" |grep 'finalize":' |cut -f4 -d '"')
 echo "[$(date)] : finalize=$finalize" >> /usr/local/vesta/log/letsencrypt.log
+order=$(echo -e "$answer" | grep -i location | cut -f2 -d \  | tr -d '\r\n')
+echo "[$(date)] : order=$order" >> /usr/local/vesta/log/letsencrypt.log
 status=$(echo "$answer" |grep HTTP/ |tail -n1 |cut -f2 -d ' ')
 echo "[$(date)] : status=$status" >> /usr/local/vesta/log/letsencrypt.log
 if [[ "$status" -ne 201 ]]; then
@@ -324,16 +326,34 @@ if [[ "$status" -ne 200 ]]; then
     check_result $E_CONNECT "Let's Encrypt finalize bad status $status"
 fi
 if [ "$certificate" = "" ]; then
-    echo "[$(date)] : EXIT=Let's Encrypt 'certificate' is empty on step 6" >> /usr/local/vesta/log/letsencrypt.log
-    check_result $E_CONNECT "Let's Encrypt 'certificate' is empty on step 6"
+    validation="processing"
+	i=1
+	while [ "$validation" = "processing" ]; do
+        echo "[$(date)] : --- Polling server waiting for Certificate / STEP 7 ---" >> /usr/local/vesta/log/letsencrypt.log
+		answer=$(query_le_v2 "$order" "" "$nonce")
+		i=$((i + 1))
+
+		nonce=$(echo "$answer" | grep -i nonce | cut -f2 -d \  | tr -d '\r\n')
+        echo "[$(date)] : answer=$answer" >> /usr/local/vesta/log/letsencrypt.log
+		status=$(echo "$answer" | grep HTTP/ | tail -n1 | cut -f 2 -d ' ')
+        echo "[$(date)] : status=$status" >> /usr/local/vesta/log/letsencrypt.log
+		validation=$(echo "$answer" | grep 'status":' | cut -f4 -d '"')
+        echo "[$(date)] : validation=$validation" >> /usr/local/vesta/log/letsencrypt.log
+		certificate=$(echo "$answer" | grep 'certificate":' | cut -f4 -d '"')
+        echo "[$(date)] : certificate=$certificate" >> /usr/local/vesta/log/letsencrypt.log
+		sleep $((i * 2)) # Sleep for 2s, 4s, 6s, 8s
+		if [ $i -gt 10 ]; then
+			check_result "$E_CONNECT" "Certificate processing timeout ($domain)"
+		fi
+	done
 fi
 if [ "$nonce" = "" ]; then
     echo "[$(date)] : EXIT=Let's Encrypt 'nonce' is empty on step 6" >> /usr/local/vesta/log/letsencrypt.log
     check_result $E_CONNECT "Let's Encrypt 'nonce' is empty on step 6"
 fi
 
-# Downloading signed certificate / STEP 7
-echo "[$(date)] : --- Downloading signed certificate / STEP 7 ---" >> /usr/local/vesta/log/letsencrypt.log
+# Downloading signed certificate / STEP 8
+echo "[$(date)] : --- Downloading signed certificate / STEP 8 ---" >> /usr/local/vesta/log/letsencrypt.log
 echo "[$(date)] : query_le_v2 \"$certificate\" \"\" \"$nonce\"" >> /usr/local/vesta/log/letsencrypt.log
 answer=$(query_le_v2 "$certificate" "" "$nonce" "$ssl_dir/$domain.pem")
 echo "[$(date)] : answer=$answer" >> /usr/local/vesta/log/letsencrypt.log

From 2f395f0a5e09c18ac3b75e364964b8ed40777da5 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 6 Apr 2023 09:06:03 +0200
Subject: [PATCH 1888/2300] Add staging

---
 bin/v-add-letsencrypt-domain | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/bin/v-add-letsencrypt-domain b/bin/v-add-letsencrypt-domain
index c37492b7..117d3eff 100755
--- a/bin/v-add-letsencrypt-domain
+++ b/bin/v-add-letsencrypt-domain
@@ -17,6 +17,10 @@ aliases=$3
 # LE API
 API='https://acme-v02.api.letsencrypt.org'
 
+if [[ "$LE_STAGING" = 'yes' ]]; then
+	LE_API='https://acme-staging-v02.api.letsencrypt.org'
+fi
+
 # Includes
 source $VESTA/func/main.sh
 source $VESTA/func/domain.sh

From f50a785fffcfd1cdd1e8c94bf0af38207d24a763 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 6 Apr 2023 09:10:50 +0200
Subject: [PATCH 1889/2300] Changing user-agent in v-add-letsencrypt-domain

---
 bin/v-add-letsencrypt-domain | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/bin/v-add-letsencrypt-domain b/bin/v-add-letsencrypt-domain
index 117d3eff..305589e6 100755
--- a/bin/v-add-letsencrypt-domain
+++ b/bin/v-add-letsencrypt-domain
@@ -60,8 +60,8 @@ query_le_v2() {
     # Save http response to file passed as "$4" arg or print to stdout if not provided
     # http response headers are always sent to stdout
     local save_to_file=${4:-"/dev/stdout"}
-    curl --location --user-agent "MyVestaCP" --insecure --retry 5 --retry-connrefused --silent --dump-header /dev/stdout --data "$post_data" "$1" --header "$content" --output "$save_to_file"
-}
+    curl --location --user-agent "myVesta" --insecure --retry 5 --retry-connrefused --silent --dump-header /dev/stdout --data "$post_data" "$1" --header "$content" --output "$save_to_file"
+ }
 
 
 
@@ -127,7 +127,7 @@ fi
 # Requesting nonce / STEP 1
 echo "[$(date)] : --- Requesting nonce / STEP 1 ---" >> /usr/local/vesta/log/letsencrypt.log
 echo "[$(date)] : curl -s -I \"$API/directory\"" >> /usr/local/vesta/log/letsencrypt.log
-answer=$(curl -s -I "$API/directory")
+answer=$(curl --user-agent "myVesta" -s -I "$API/directory")
 echo "[$(date)] : answer=$answer" >> /usr/local/vesta/log/letsencrypt.log
 nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n')
 echo "[$(date)] : nonce=$nonce" >> /usr/local/vesta/log/letsencrypt.log
@@ -294,7 +294,7 @@ for auth in $authz; do
             check_result $E_CONNECT "Let's Encrypt domain validation timeout"
         fi
         echo "[$(date)] : curl: $url2 :" >> /usr/local/vesta/log/letsencrypt.log
-        get_answer=$(curl --silent -S "$url2")
+        get_answer=$(curl --user-agent "myVesta" --silent -S "$url2")
         echo "[$(date)] : get_answer=$get_answer" >> /usr/local/vesta/log/letsencrypt.log
         sleeping=$((i*2))
         echo "[$(date)] : sleep $sleeping (i=$i)" >> /usr/local/vesta/log/letsencrypt.log

From a18ee316a220265faf5d0cb329fee2c5b6c13b92 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 6 Apr 2023 09:56:18 +0200
Subject: [PATCH 1890/2300] $LE_API to $API

---
 bin/v-add-letsencrypt-domain | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-add-letsencrypt-domain b/bin/v-add-letsencrypt-domain
index 305589e6..457557f0 100755
--- a/bin/v-add-letsencrypt-domain
+++ b/bin/v-add-letsencrypt-domain
@@ -18,7 +18,7 @@ aliases=$3
 API='https://acme-v02.api.letsencrypt.org'
 
 if [[ "$LE_STAGING" = 'yes' ]]; then
-	LE_API='https://acme-staging-v02.api.letsencrypt.org'
+	API='https://acme-staging-v02.api.letsencrypt.org'
 fi
 
 # Includes

From 1056cd624bc8319e1bc51de674a7a9da50329bf1 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 6 Apr 2023 10:00:57 +0200
Subject: [PATCH 1891/2300] Adding LE_STAGING to v-add-letsencrypt-user

---
 bin/v-add-letsencrypt-user | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/bin/v-add-letsencrypt-user b/bin/v-add-letsencrypt-user
index 11aec113..9c7181c0 100755
--- a/bin/v-add-letsencrypt-user
+++ b/bin/v-add-letsencrypt-user
@@ -15,6 +15,10 @@ user=$1
 # LE API
 API='https://acme-v02.api.letsencrypt.org'
 
+if [[ "$LE_STAGING" = 'yes' ]]; then
+	API='https://acme-staging-v02.api.letsencrypt.org'
+fi
+
 # Includes
 source $VESTA/func/main.sh
 source $VESTA/conf/vesta.conf

From fbf1d3390a97da4dfd2f0619644b3f0ad52e58ea Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 6 Apr 2023 10:24:54 +0200
Subject: [PATCH 1892/2300] Checking for $nonce before step 7, and check for
 $certificate after step 7

---
 bin/v-add-letsencrypt-domain | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/bin/v-add-letsencrypt-domain b/bin/v-add-letsencrypt-domain
index 457557f0..7a306ab3 100755
--- a/bin/v-add-letsencrypt-domain
+++ b/bin/v-add-letsencrypt-domain
@@ -329,6 +329,12 @@ if [[ "$status" -ne 200 ]]; then
     echo "[$(date)] : EXIT=Let's Encrypt finalize bad status $status" >> /usr/local/vesta/log/letsencrypt.log
     check_result $E_CONNECT "Let's Encrypt finalize bad status $status"
 fi
+
+if [ "$nonce" = "" ]; then
+    echo "[$(date)] : EXIT=Let's Encrypt 'nonce' is empty after step 6" >> /usr/local/vesta/log/letsencrypt.log
+    check_result $E_CONNECT "Let's Encrypt 'nonce' is empty after step 6"
+fi
+
 if [ "$certificate" = "" ]; then
     validation="processing"
 	i=1
@@ -351,9 +357,10 @@ if [ "$certificate" = "" ]; then
 		fi
 	done
 fi
-if [ "$nonce" = "" ]; then
-    echo "[$(date)] : EXIT=Let's Encrypt 'nonce' is empty on step 6" >> /usr/local/vesta/log/letsencrypt.log
-    check_result $E_CONNECT "Let's Encrypt 'nonce' is empty on step 6"
+
+if [ "$certificate" = "" ]; then
+    echo "[$(date)] : EXIT=Let's Encrypt 'certificate' is empty after step 7" >> /usr/local/vesta/log/letsencrypt.log
+    check_result $E_CONNECT "Let's Encrypt 'certificate' is empty after step 7"
 fi
 
 # Downloading signed certificate / STEP 8

From b21efb09b6ca5441f157597ae6ef146df95782c2 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 6 Apr 2023 10:28:44 +0200
Subject: [PATCH 1893/2300] Adding user-agent in v-add-letsencrypt-user

---
 bin/v-add-letsencrypt-user | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/v-add-letsencrypt-user b/bin/v-add-letsencrypt-user
index 9c7181c0..d2338e82 100755
--- a/bin/v-add-letsencrypt-user
+++ b/bin/v-add-letsencrypt-user
@@ -45,7 +45,7 @@ query_le_v2() {
     post_data=$post_data'"payload":"'"$payload_"'",'
     post_data=$post_data'"signature":"'"$signature_"'"}'
 
-    curl -s -i -d "$post_data" "$1" -H "$content"
+    curl --user-agent "myVesta" -s -i -d "$post_data" "$1" -H "$content"
 }
 
 

From 7a3fc4fcea84ab4c902936807d2bd36feb166f0b Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 6 Apr 2023 11:13:17 +0200
Subject: [PATCH 1894/2300] Update Changelog.md

---
 Changelog.md | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/Changelog.md b/Changelog.md
index 28f5cd6c..87f48b62 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -1,4 +1,8 @@
-Version 0.9.8-26-61 [05-Apr-2023]
+Version 0.9.8-26-62 [05-Apr-2023]
+==================================================
+* Fix for LetsEncrypt Asynchronous Order Finalization (in collaboration with @HestiaCP )
+
+Version 0.9.8-26-61 [04-Apr-2023]
 ==================================================
 * Many bugfixes
 * Hotfix for LetsEncrypt to prevent Apache falling 

From 0b7b8cef857ef9d335f59b98b907cf88d967f877 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Thu, 6 Apr 2023 11:14:44 +0200
Subject: [PATCH 1895/2300] Version 0.9.8-26-62

---
 src/deb/latest.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/latest.txt b/src/deb/latest.txt
index 4ee18f6a..5e8393bb 100644
--- a/src/deb/latest.txt
+++ b/src/deb/latest.txt
@@ -1 +1 @@
-vesta-0.9.8-26-61
+vesta-0.9.8-26-62

From 863f3e2aa5f3b06bbf53eb465ca1834653cb8dec Mon Sep 17 00:00:00 2001
From: isscbta <53144593+isscbta@users.noreply.github.com>
Date: Fri, 7 Apr 2023 13:40:23 +0200
Subject: [PATCH 1896/2300] Update README.md

---
 README.md | 87 ++++++++++++++++++++++++++++++++++++++++++++++++-------
 1 file changed, 77 insertions(+), 10 deletions(-)

diff --git a/README.md b/README.md
index c34d496b..6dfe1024 100644
--- a/README.md
+++ b/README.md
@@ -1,14 +1,81 @@
-myVesta
-==================================================
 
-Visit our homepage:
-- https://www.myvestacp.com/
+myVesta
 
-Forum:
-- https://forum.myvestacp.com/
+
+
+[![Screenshot of myVesta](https://www.myvestacp.com/screenshot1.png)](https://www.myvestacp.com/)
+
+
+
+About
+
+myVesta is a security and stability-focused fork of VestaCP, exclusively supporting Debian in order to maintain a streamlined ecosystem. Boasting a clean, clutter-free interface and the latest innovative technologies, our project is committed to staying synchronized with official VestaCP commits. We work independently to enhance security and develop new features, driven by our passion for contributing to the open-source community rather than monetary gain. As such, we will offer all features built for myVesta to the official VestaCP project through pull requests, without interfering with their development milestones.
+
+Latest stable release: Version 1.7.0 | View Changelog
+
+
+Links
+
+  Visit our homepage.
+  Check out our forum for discussions and support.
+  For more information, take a look at our knowledge base.
+
+
+Features of myVesta
+
+    Support for Debian 10 and 11 (Debian 11 is recommended, but previous Debian releases are also supported)
+    Support for MySQL 8
+    nginx templates that can prevent denial-of-service on your server
+    Support for multi-PHP versions
+    You can host NodeJS apps
+    You can limit the maximum number of sent emails (per hour) per mail account and per hosting account, preventing hijacking of email accounts and preventing PHP malware scripts to send spam.
+    
+      You can completely "lock" myVesta so it can be accessed only via secret URL, for example https://serverhost:8083/?MY-SECRET-URL
+      
+        During installation you will be asked to choose a secret URL for your hosting panel
+        Literally no PHP scripts will be alive on your hosting panel (won't be able to get executed), unless you access the hosting panel with secret URL parameter. Thus, when it happens that, let's say, some zero-day exploit pops up - attackers won't be able to access it without knowing your secret URL - PHP scripts from VestaCP will be simply dead - no one will be able to interact with your panel unless they have the secret URL.
+        You can see for yourself how this mechanism was built by looking at:
+        
+          src/deb/for-download/php/php.ini
+          web/inc/secure_login.php
+        
+        If you didn't set the secret URL during installation, you can do it anytime. Just execute in shell: echo " /usr/local/vesta/web/inc/login_url.php
+      
+    
+  We disabled dangerous PHP functions in php.ini, so even if, for example, your customer's CMS gets compromised, hacker will not be able to execute shell scripts from within PHP.
+  Apache is fully switched to mpm_event mode, while PHP is running in PHP-FPM mode, which is the most stable PHP-stack solution
+    OPCache is turned on by default
+    
Auto-generating LetsEncrypt SSL for server hostname (signed SSL for Vesta 8083 port, for dovecot (IMAP & POP3) and for Exim (SMTP))
+    You can change Vesta port during installation or later using one command line: v-change-vesta-port [number]
+    ClamAV is configured to block zip/rar/7z archives that contains executable files (just like GMail)
+    Backup will run with lowest priority (to avoid load on server), and can be configured to run only by night (and to stop on the morning and continue next night) 
+    
+    You can compile Vesta binaries by yourself - src/deb/vesta_compile.sh
+You can even create your own APT repository in a minute
+We are using latest nginx version for vesta-nginx package
+With your own APT infrastructure you can take security of Vesta-installer infrastructure in your own hands. You will have full control of your Vesta code (this way you can rest assured that there's 0% chance that you'll install malicious packages from repositories that may get hacked)
+Binaries that you compile are 100% compatible with official VestaCP from vestacp.com, so you can run official VestaCP code with your own binaries (in case you don't want the source code from this fork)
+
+    
+  
+  
+  
+How to install
+Download the installation script:
+
+```shell
+curl -O http://c.myvestacp.com/vst-install-debian.sh
+```
+
+Then run it:
+
+```shell
+bash vst-install-debian.sh
+```
+
+Or use our installer generator.
+
+Licence
+myVesta is licensed under GPL v3 license.
 
-Knowledge base:
-- https://wiki.myvestacp.com/
 
-Changelog:
-- https://github.com/myvesta/vesta/blob/master/Changelog.md

From 5eabdd4784ca09356e865361b86ce6ac1ce8ca2f Mon Sep 17 00:00:00 2001
From: isscbta <53144593+isscbta@users.noreply.github.com>
Date: Fri, 7 Apr 2023 13:41:06 +0200
Subject: [PATCH 1897/2300] Update README.md

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 6dfe1024..55b6c2c8 100644
--- a/README.md
+++ b/README.md
@@ -11,7 +11,7 @@
 
 myVesta is a security and stability-focused fork of VestaCP, exclusively supporting Debian in order to maintain a streamlined ecosystem. Boasting a clean, clutter-free interface and the latest innovative technologies, our project is committed to staying synchronized with official VestaCP commits. We work independently to enhance security and develop new features, driven by our passion for contributing to the open-source community rather than monetary gain. As such, we will offer all features built for myVesta to the official VestaCP project through pull requests, without interfering with their development milestones.
 
-Latest stable release: Version 1.7.0 | View Changelog
+
Latest stable release: Version 0.9.8-26-62 | View Changelog
 

 
 Links

From e86585568d4baefb50b81f25ed9d692ddb3522a4 Mon Sep 17 00:00:00 2001
From: isscbta <53144593+isscbta@users.noreply.github.com>
Date: Fri, 7 Apr 2023 13:44:53 +0200
Subject: [PATCH 1898/2300] Update README.md

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 55b6c2c8..cc5d56d4 100644
--- a/README.md
+++ b/README.md
@@ -11,7 +11,7 @@
 
 myVesta is a security and stability-focused fork of VestaCP, exclusively supporting Debian in order to maintain a streamlined ecosystem. Boasting a clean, clutter-free interface and the latest innovative technologies, our project is committed to staying synchronized with official VestaCP commits. We work independently to enhance security and develop new features, driven by our passion for contributing to the open-source community rather than monetary gain. As such, we will offer all features built for myVesta to the official VestaCP project through pull requests, without interfering with their development milestones.
 
-Latest stable release: Version 0.9.8-26-62 | View Changelog
+
View Changelog
 

 
 Links

From f0a82f02d3ca34f8a0e4d03a81e5bf414b0c9775 Mon Sep 17 00:00:00 2001
From: isscbta <53144593+isscbta@users.noreply.github.com>
Date: Fri, 7 Apr 2023 13:50:02 +0200
Subject: [PATCH 1899/2300] Update README.md

---
 README.md | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/README.md b/README.md
index cc5d56d4..62207405 100644
--- a/README.md
+++ b/README.md
@@ -75,6 +75,20 @@ bash vst-install-debian.sh
 
 Or use our installer generator.
 
+UUseful scripts
+
+  How to move accounts from one (my)Vesta server to another myVesta server
+  WordPress installer in one second (v-install-wordpress)
+  Cloning script that will copy the whole site from one (sub)domain to another (sub)domain (v-clone-website)
+  Script that will migrate your site from http to https, replacing http to https URLs in database (v-migrate-site-to-https)
+  Script for importing cPanel backups to Vesta (thanks to Maks Usmanov - Skamasle)  (v-import-cpanel-backup)
+  Script that will install multiple PHP versions on your server
+  How to host NodeJS apps
+  Script that will install nginx templates that can prevent denial-of-service on your server
+  Official VestaCP Softaculous installer
+
+
+
 Licence
 myVesta is licensed under GPL v3 license.
 

From 0e16d8d59c8f9276a3bf3de9cd21ab7c2ec16ca9 Mon Sep 17 00:00:00 2001
From: isscbta <53144593+isscbta@users.noreply.github.com>
Date: Fri, 7 Apr 2023 13:50:17 +0200
Subject: [PATCH 1900/2300] Update README.md

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 62207405..1848be5d 100644
--- a/README.md
+++ b/README.md
@@ -75,7 +75,7 @@ bash vst-install-debian.sh
 
 Or use our installer generator.
 
-UUseful scripts
+Useful scripts
 
   How to move accounts from one (my)Vesta server to another myVesta server
   WordPress installer in one second (v-install-wordpress)

From 8dbfa3e2103790411c43084024db3fbd832ca06e Mon Sep 17 00:00:00 2001
From: isscbta <53144593+isscbta@users.noreply.github.com>
Date: Fri, 7 Apr 2023 13:53:10 +0200
Subject: [PATCH 1901/2300] Update README.md

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 1848be5d..44d414b8 100644
--- a/README.md
+++ b/README.md
@@ -36,7 +36,7 @@
         Literally no PHP scripts will be alive on your hosting panel (won't be able to get executed), unless you access the hosting panel with secret URL parameter. Thus, when it happens that, let's say, some zero-day exploit pops up - attackers won't be able to access it without knowing your secret URL - PHP scripts from VestaCP will be simply dead - no one will be able to interact with your panel unless they have the secret URL.
         You can see for yourself how this mechanism was built by looking at:
         
-          src/deb/for-download/php/php.ini
+          src/deb/for-download/php/php.ini
           web/inc/secure_login.php
         
         If you didn't set the secret URL during installation, you can do it anytime. Just execute in shell: echo " /usr/local/vesta/web/inc/login_url.php

From e2fcade5bb91ab978d6ffb59574d632858386e8b Mon Sep 17 00:00:00 2001
From: isscbta <53144593+isscbta@users.noreply.github.com>
Date: Sun, 9 Apr 2023 00:17:27 +0200
Subject: [PATCH 1902/2300] Update v-clone-website

---
 bin/v-clone-website | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/bin/v-clone-website b/bin/v-clone-website
index df98c6db..57749f74 100644
--- a/bin/v-clone-website
+++ b/bin/v-clone-website
@@ -434,6 +434,9 @@ else
         sudo -H -u$TO_USER wp search-replace "/home/$FROM_USER/" "/home/$TO_USER/" --precise --all-tables --skip-columns=guid
     fi
     sudo -H -u$TO_USER wp cache flush
+    cd $TO_FOLDER
+    sudo -H -u$TO_USER wp config shuffle-salts WP_CACHE_KEY_SALT --force
+    sudo -H -u$TO_USER wp config shuffle-salts
 fi
 
 echo "===== DONE ===="

From 2fae00ae7dcce79657f54c3e8c057694a3451566 Mon Sep 17 00:00:00 2001
From: isscbta <53144593+isscbta@users.noreply.github.com>
Date: Sun, 9 Apr 2023 00:22:04 +0200
Subject: [PATCH 1903/2300] Update v-clone-website

---
 bin/v-clone-website | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/bin/v-clone-website b/bin/v-clone-website
index 57749f74..74de3271 100644
--- a/bin/v-clone-website
+++ b/bin/v-clone-website
@@ -420,12 +420,6 @@ if [ $IT_IS_WP -eq 0 ]; then
     fi
 else
     cd $TO_FOLDER
-    if [ -d "wp-content/plugins/w3-total-cache" ]; then
-        rm -f wp-content/object-cache.php
-        rm -f wp-content/db.php
-        rm -f wp-content/advanced-cache.php
-        rm -rf wp-content/w3tc-config
-        rm -rf wp-content/plugins/w3-total-cache
     fi
     echo "=== Replacing $FROM_DOMAIN to $TO_DOMAIN in database $TO_DATABASE_NAME"
     sudo -H -u$TO_USER wp search-replace "$FROM_DOMAIN" "$TO_DOMAIN" --precise --all-tables --skip-columns=guid

From 706e365a5e031f9d6d90630954d03cfabc1f0489 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 9 Apr 2023 14:01:18 +0200
Subject: [PATCH 1904/2300] syntax fix

---
 bin/v-clone-website | 2 --
 1 file changed, 2 deletions(-)

diff --git a/bin/v-clone-website b/bin/v-clone-website
index 74de3271..46623db4 100644
--- a/bin/v-clone-website
+++ b/bin/v-clone-website
@@ -420,7 +420,6 @@ if [ $IT_IS_WP -eq 0 ]; then
     fi
 else
     cd $TO_FOLDER
-    fi
     echo "=== Replacing $FROM_DOMAIN to $TO_DOMAIN in database $TO_DATABASE_NAME"
     sudo -H -u$TO_USER wp search-replace "$FROM_DOMAIN" "$TO_DOMAIN" --precise --all-tables --skip-columns=guid
     if [ "$FROM_USER" != "$TO_USER" ]; then
@@ -428,7 +427,6 @@ else
         sudo -H -u$TO_USER wp search-replace "/home/$FROM_USER/" "/home/$TO_USER/" --precise --all-tables --skip-columns=guid
     fi
     sudo -H -u$TO_USER wp cache flush
-    cd $TO_FOLDER
     sudo -H -u$TO_USER wp config shuffle-salts WP_CACHE_KEY_SALT --force
     sudo -H -u$TO_USER wp config shuffle-salts
 fi

From 77467eeebddd6853c04f462be8117a24f3603c53 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 12 Apr 2023 19:58:32 +0200
Subject: [PATCH 1905/2300] exim4 HELO authenticated patch

---
 install/debian/10/exim/exim4.conf.template         | 10 ++++++----
 install/debian/11/exim/exim4.conf.template         | 10 ++++++----
 install/debian/11/exim/exim4.conf.template-RC      | 10 ++++++----
 install/debian/8/exim/exim4.conf.template          | 10 ++++++----
 install/debian/9/exim/exim4.conf.template          | 10 ++++++----
 .../tools/patches/exim_helo_authenticated.patch    | 14 ++++++++++++++
 6 files changed, 44 insertions(+), 20 deletions(-)
 create mode 100644 src/deb/for-download/tools/patches/exim_helo_authenticated.patch

diff --git a/install/debian/10/exim/exim4.conf.template b/install/debian/10/exim/exim4.conf.template
index 70577b6e..0e5afaac 100644
--- a/install/debian/10/exim/exim4.conf.template
+++ b/install/debian/10/exim/exim4.conf.template
@@ -91,16 +91,18 @@ acl_check_mail:
   deny    condition     = ${if eq{$sender_helo_name}{}}
           message       = HELO required before MAIL
 
-  drop    message       = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid
+  drop    !authenticated = *
+          message       = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid
           condition     = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}}
-          condition     = ${if match{${lc:$sender_host_name}}{.telenor.rs}{false}{true}}
           condition     = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}}
           delay         = 45s
 
-  drop    condition     = ${if isip{$sender_helo_name}}
+  drop    !authenticated = *
+          condition     = ${if isip{$sender_helo_name}}
           message       = Access denied - Invalid HELO name (See RFC2821 4.1.3)
 
-  drop    condition     = ${if eq{[$interface_address]}{$sender_helo_name}}
+  drop    !authenticated = *
+          condition     = ${if eq{[$interface_address]}{$sender_helo_name}}
           message       = $interface_address is _my_ address
 
   accept
diff --git a/install/debian/11/exim/exim4.conf.template b/install/debian/11/exim/exim4.conf.template
index 4b3c0dd9..72e3f668 100644
--- a/install/debian/11/exim/exim4.conf.template
+++ b/install/debian/11/exim/exim4.conf.template
@@ -91,16 +91,18 @@ acl_check_mail:
   deny    condition     = ${if eq{$sender_helo_name}{}}
           message       = HELO required before MAIL
 
-  drop    message       = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid
+  drop    !authenticated = *
+          message       = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid
           condition     = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}}
-          condition     = ${if match{${lc:$sender_host_name}}{.telenor.rs}{false}{true}}
           condition     = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}}
           delay         = 45s
 
-  drop    condition     = ${if isip{$sender_helo_name}}
+  drop    !authenticated = *
+          condition     = ${if isip{$sender_helo_name}}
           message       = Access denied - Invalid HELO name (See RFC2821 4.1.3)
 
-  drop    condition     = ${if eq{[$interface_address]}{$sender_helo_name}}
+  drop    !authenticated = *
+          condition     = ${if eq{[$interface_address]}{$sender_helo_name}}
           message       = $interface_address is _my_ address
 
   accept
diff --git a/install/debian/11/exim/exim4.conf.template-RC b/install/debian/11/exim/exim4.conf.template-RC
index 36ba2a0d..e5ba36ab 100644
--- a/install/debian/11/exim/exim4.conf.template-RC
+++ b/install/debian/11/exim/exim4.conf.template-RC
@@ -108,16 +108,18 @@ acl_check_mail:
   deny    condition     = ${if eq{$sender_helo_name}{}}
           message       = HELO required before MAIL
 
-  drop    message       = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid
+  drop    !authenticated = *
+          message       = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid
           condition     = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}}
-          condition     = ${if match{${lc:$sender_host_name}}{.telenor.rs}{false}{true}}
           condition     = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}}
           delay         = 45s
 
-  drop    condition     = ${if isip{$sender_helo_name}}
+  drop    !authenticated = *
+          condition     = ${if isip{$sender_helo_name}}
           message       = Access denied - Invalid HELO name (See RFC2821 4.1.3)
 
-  drop    condition     = ${if eq{[$interface_address]}{$sender_helo_name}}
+  drop    !authenticated = *
+          condition     = ${if eq{[$interface_address]}{$sender_helo_name}}
           message       = $interface_address is _my_ address
 
   accept
diff --git a/install/debian/8/exim/exim4.conf.template b/install/debian/8/exim/exim4.conf.template
index e49bbf4e..261947d2 100644
--- a/install/debian/8/exim/exim4.conf.template
+++ b/install/debian/8/exim/exim4.conf.template
@@ -87,16 +87,18 @@ acl_check_mail:
   deny    condition     = ${if eq{$sender_helo_name}{}}
           message       = HELO required before MAIL
 
-  drop    message       = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid
+  drop    !authenticated = *
+          message       = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid
           condition     = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}}
-          condition     = ${if match{${lc:$sender_host_name}}{.telenor.rs}{false}{true}}
           condition     = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}}
           delay         = 45s
 
-  drop    condition     = ${if isip{$sender_helo_name}}
+  drop    !authenticated = *
+          condition     = ${if isip{$sender_helo_name}}
           message       = Access denied - Invalid HELO name (See RFC2821 4.1.3)
 
-  drop    condition     = ${if eq{[$interface_address]}{$sender_helo_name}}
+  drop    !authenticated = *
+          condition     = ${if eq{[$interface_address]}{$sender_helo_name}}
           message       = $interface_address is _my_ address
 
   accept
diff --git a/install/debian/9/exim/exim4.conf.template b/install/debian/9/exim/exim4.conf.template
index e49bbf4e..261947d2 100644
--- a/install/debian/9/exim/exim4.conf.template
+++ b/install/debian/9/exim/exim4.conf.template
@@ -87,16 +87,18 @@ acl_check_mail:
   deny    condition     = ${if eq{$sender_helo_name}{}}
           message       = HELO required before MAIL
 
-  drop    message       = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid
+  drop    !authenticated = *
+          message       = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid
           condition     = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}}
-          condition     = ${if match{${lc:$sender_host_name}}{.telenor.rs}{false}{true}}
           condition     = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}}
           delay         = 45s
 
-  drop    condition     = ${if isip{$sender_helo_name}}
+  drop    !authenticated = *
+          condition     = ${if isip{$sender_helo_name}}
           message       = Access denied - Invalid HELO name (See RFC2821 4.1.3)
 
-  drop    condition     = ${if eq{[$interface_address]}{$sender_helo_name}}
+  drop    !authenticated = *
+          condition     = ${if eq{[$interface_address]}{$sender_helo_name}}
           message       = $interface_address is _my_ address
 
   accept
diff --git a/src/deb/for-download/tools/patches/exim_helo_authenticated.patch b/src/deb/for-download/tools/patches/exim_helo_authenticated.patch
new file mode 100644
index 00000000..9dd8dbad
--- /dev/null
+++ b/src/deb/for-download/tools/patches/exim_helo_authenticated.patch
@@ -0,0 +1,14 @@
+--- /etc/exim4/exim4.conf.template.orig	2023-04-12 19:05:20.745847763 +0200
++++ /etc/exim4/exim4.conf.template	2023-04-12 19:34:29.000000000 +0200
+@@ -94 +94,2 @@
+-  drop    message       = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid
++  drop    !authenticated = *
++          message       = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid
+@@ -100 +101,2 @@
+-  drop    condition     = ${if isip{$sender_helo_name}}
++  drop    !authenticated = *
++          condition     = ${if isip{$sender_helo_name}}
+@@ -103 +105,2 @@
+-  drop    condition     = ${if eq{[$interface_address]}{$sender_helo_name}}
++  drop    !authenticated = *
++          condition     = ${if eq{[$interface_address]}{$sender_helo_name}}

From 4dd6d22f077370e88ff049fc7ee9aab487008efb Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 14 Apr 2023 15:39:33 +0200
Subject: [PATCH 1906/2300] myvesta-php-func support for stdin

---
 bin/v-php-func                   |   9 +++
 func/bash-to-php-interpreter.php |   8 +++
 func/main.php                    |   2 +
 func/string.php                  | 113 +++++++++++++++++++++++++++++--
 4 files changed, 126 insertions(+), 6 deletions(-)

diff --git a/bin/v-php-func b/bin/v-php-func
index f6192c33..f7a73385 100644
--- a/bin/v-php-func
+++ b/bin/v-php-func
@@ -8,5 +8,14 @@
 #                       Action                             #
 #----------------------------------------------------------#
 
+
+if [ -p /dev/stdin ]; then
+    STDIN=$(cat -)
+    if [ ! -z "$STDIN" ]; then
+        echo "$STDIN" | php /usr/local/vesta/func/bash-to-php-interpreter.php "$@"
+        exit $?
+    fi
+fi
+
 php /usr/local/vesta/func/bash-to-php-interpreter.php "$@"
 exit $?
diff --git a/func/bash-to-php-interpreter.php b/func/bash-to-php-interpreter.php
index 13995e1c..e780d41c 100644
--- a/func/bash-to-php-interpreter.php
+++ b/func/bash-to-php-interpreter.php
@@ -7,6 +7,14 @@ else $SHLVL=3;
 
 if (!isset($argv)) exit(5);
 
+stream_set_blocking(STDIN, false);
+$myvesta_stdin='';
+$myvesta_f = fopen( 'php://stdin', 'r' );
+while( $myvesta_line = fgets( $myvesta_f ) ) {
+  $myvesta_stdin .= $myvesta_line;
+}
+fclose( $myvesta_f );
+
 include ("/usr/local/vesta/func/main.php");
 include ("/usr/local/vesta/func/string.php");
 
diff --git a/func/main.php b/func/main.php
index fcc96610..03a501a1 100644
--- a/func/main.php
+++ b/func/main.php
@@ -71,7 +71,9 @@ function myvesta_fix_args() {
 }
 
 function myvesta_test_func () {
+    global $myvesta_stdin;
     $args=func_get_args();
+    if ($myvesta_stdin!='') array_splice( $args, 0, 0, array($myvesta_stdin) );
     myvesta_echo ("You said: ");
     myvesta_echo (trim(print_r ($args, true)));
 }
diff --git a/func/string.php b/func/string.php
index 2b6a63d9..a38e068e 100644
--- a/func/string.php
+++ b/func/string.php
@@ -70,8 +70,23 @@ function myvesta_strip_in_file_between_including_borders($file, $left, $right) {
 
 // --- string functions ---
 
-function myvesta_str_get_between (&$text, $left_substring, $right_substring, $start=0, $return_left_substring=0, $return_right_substring=0, $left_substring_necessary=1, $right_substring_necessary=1) {
-    global $myvesta_str_found_at, $myvesta_str_end_at;
+function myvesta_str_get_between () {
+    global $myvesta_stdin, $myvesta_str_found_at, $myvesta_str_end_at;
+    $args=func_get_args();
+    $args_i=-1;
+    if ($myvesta_stdin!='') {
+        $text=$myvesta_stdin;
+    } else {
+        $args_i++; $text=$args[$args_i];
+    }
+    $args_i++; $left_substring=$args[$args_i];
+    $args_i++; $right_substring=$args[$args_i]; 
+    $args_i++; $start=0; if (!empty($args[$args_i])) $start=intval($args[$args_i]);
+    $args_i++; $return_left_substring=0; if (!empty($args[$args_i])) $return_left_substring=intval($args[$args_i]);
+    $args_i++; $return_right_substring=0; if (!empty($args[$args_i])) $return_right_substring=intval($args[$args_i]);
+    $args_i++; $left_substring_necessary=1; if (!empty($args[$args_i])) $left_substring_necessary=intval($args[$args_i]);
+    $args_i++; $right_substring_necessary=1; if (!empty($args[$args_i])) $right_substring_necessary=intval($args[$args_i]);
+
     $myvesta_str_found_at=0;
     $myvesta_str_end_at=0;
     $from_null=0;
@@ -105,7 +120,19 @@ function myvesta_str_get_between (&$text, $left_substring, $right_substring, $st
     return substr($text, $pos1, $len);
 }
 
-function myvesta_str_replace_once_between_including_borders(&$text, $left, $right, $replace_with) {
+function myvesta_str_replace_once_between_including_borders() {
+    global $myvesta_stdin;
+    $args=func_get_args();
+    $args_i=-1;
+    if ($myvesta_stdin!='') {
+        $text=$myvesta_stdin;
+    } else {
+        $args_i++; $text=$args[$args_i];
+    }
+    $args_i++; $left=$args[$args_i];
+    $args_i++; $right=$args[$args_i];
+    $args_i++; $replace_with=$args[$args_i];
+
     $pos1=strpos($text, $left);
     if ($pos1===false) return $text;
     $pos2=strpos($text, $right, $pos1+strlen($left));
@@ -113,7 +140,18 @@ function myvesta_str_replace_once_between_including_borders(&$text, $left, $righ
     return substr($text, 0, $pos1).$replace_with.substr($text, $pos2+strlen($right));
 }
 
-function myvesta_str_strip_once_between_including_borders(&$text, $left, $right) {
+function myvesta_str_strip_once_between_including_borders() {
+    global $myvesta_stdin;
+    $args=func_get_args();
+    $args_i=-1;
+    if ($myvesta_stdin!='') {
+        $text=$myvesta_stdin;
+    } else {
+        $args_i++; $text=$args[$args_i];
+    }
+    $args_i++; $left=$args[$args_i];
+    $args_i++; $right=$args[$args_i];
+
     $pos1=strpos($text, $left);
     if ($pos1===false) return $text;
     $pos2=strpos($text, $right, $pos1+strlen($left));
@@ -121,7 +159,19 @@ function myvesta_str_strip_once_between_including_borders(&$text, $left, $right)
     return substr($text, 0, $pos1).substr($text, $pos2+strlen($right));
 }
 
-function myvesta_str_replace_between_including_borders($text, $left, $right, $replace_with) {
+function myvesta_str_replace_between_including_borders() {
+    global $myvesta_stdin;
+    $args=func_get_args();
+    $args_i=-1;
+    if ($myvesta_stdin!='') {
+        $text=$myvesta_stdin;
+    } else {
+        $args_i++; $text=$args[$args_i];
+    }
+    $args_i++; $left=$args[$args_i];
+    $args_i++; $right=$args[$args_i];
+    $args_i++; $replace_with=$args[$args_i];
+
     $start=0;
     $left_len=strlen($left);
     $right_len=strlen($right);
@@ -135,7 +185,18 @@ function myvesta_str_replace_between_including_borders($text, $left, $right, $re
     return $text;
 }
 
-function myvesta_str_strip_between_including_borders($text, $left, $right) {
+function myvesta_str_strip_between_including_borders() {
+    global $myvesta_stdin;
+    $args=func_get_args();
+    $args_i=-1;
+    if ($myvesta_stdin!='') {
+        $text=$myvesta_stdin;
+    } else {
+        $args_i++; $text=$args[$args_i];
+    }
+    $args_i++; $left=$args[$args_i];
+    $args_i++; $right=$args[$args_i];
+
     $left_len=strlen($left);
     $right_len=strlen($right);
     while (true) {
@@ -147,3 +208,43 @@ function myvesta_str_strip_between_including_borders($text, $left, $right) {
     }
     return $text;
 }
+
+function myvesta_str_find() {
+    global $myvesta_stdin;
+    $args=func_get_args();
+    $args_i=-1;
+    if ($myvesta_stdin!='') {
+        $text=$myvesta_stdin;
+    } else {
+        $args_i++; $text=$args[$args_i];
+    }
+    $args_i++; $find=$args[$args_i];
+
+    $pos=strpos($text, $find);
+    if ($pos===false) return myvesta_throw_error (MYVESTA_ERROR_STRING_NOT_FOUND, "");
+    return $pos;
+}
+
+function myvesta_str_uppercase() {
+    global $myvesta_stdin;
+    $args=func_get_args();
+    $args_i=-1;
+    if ($myvesta_stdin!='') {
+        $text=$myvesta_stdin;
+    } else {
+        $args_i++; $text=$args[$args_i];
+    }
+    return strtoupper($text);
+}
+
+function myvesta_str_lowercase() {
+    global $myvesta_stdin;
+    $args=func_get_args();
+    $args_i=-1;
+    if ($myvesta_stdin!='') {
+        $text=$myvesta_stdin;
+    } else {
+        $args_i++; $text=$args[$args_i];
+    }
+    return strtolower($text);
+}

From 452f8a81d94380d02f163d110ab3ba4f2c22ea24 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 14 Apr 2023 16:21:00 +0200
Subject: [PATCH 1907/2300] php myvesta_str_substring

---
 func/string.php | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/func/string.php b/func/string.php
index a38e068e..9e531fb8 100644
--- a/func/string.php
+++ b/func/string.php
@@ -248,3 +248,19 @@ function myvesta_str_lowercase() {
     }
     return strtolower($text);
 }
+
+function myvesta_str_substring() {
+    global $myvesta_stdin;
+    $args=func_get_args();
+    $args_i=-1;
+    if ($myvesta_stdin!='') {
+        $text=$myvesta_stdin;
+    } else {
+        $args_i++; $text=$args[$args_i];
+    }
+    $args_i++; $start=$args[$args_i];
+    $args_i++; $length=null; if (!empty($args[$args_i])) $length=intval($args[$args_i]);
+    
+    if ($length===null) return substr($text, $start);
+    if ($length!==null) return substr($text, $start, $length);
+}

From c5144bcbae09a3e332ce934127800b85cc1526df Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 14 Apr 2023 16:47:42 +0200
Subject: [PATCH 1908/2300] v-php-func str_find quiet

---
 func/string.php | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/func/string.php b/func/string.php
index 9e531fb8..ffc7bf68 100644
--- a/func/string.php
+++ b/func/string.php
@@ -2,14 +2,18 @@
 
 // --- file functions ---
 
-function myvesta_find_in_file($file, $find) {
-    if (!file_exists($file)) return myvesta_throw_error (MYVESTA_ERROR_FILE_DOES_NOT_EXISTS, "File '$file' not found");
-
+function myvesta_find_in_file($file, $find, $quiet=false) {
+    if (!file_exists($file)) {
+        if ($quiet) return false;
+        return myvesta_throw_error (MYVESTA_ERROR_FILE_DOES_NOT_EXISTS, "File '$file' not found");
+    }
+    
     $buf=file_get_contents($file);
 
     $pos=strpos($buf, $find);
+    
     if ($pos===false) return myvesta_throw_error (MYVESTA_ERROR_STRING_NOT_FOUND, "");
-
+    if ($quiet) return true;
     return $pos;
 }
 
@@ -219,9 +223,11 @@ function myvesta_str_find() {
         $args_i++; $text=$args[$args_i];
     }
     $args_i++; $find=$args[$args_i];
+    $args_i++; $quiet=false; if (!empty($args[$args_i])) $quiet=boolval($args[$args_i]);
 
     $pos=strpos($text, $find);
     if ($pos===false) return myvesta_throw_error (MYVESTA_ERROR_STRING_NOT_FOUND, "");
+    if ($quiet) return true;
     return $pos;
 }
 

From 2f371245455db8e982ddf853c37c820d6b447d54 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Fri, 14 Apr 2023 19:01:07 +0200
Subject: [PATCH 1909/2300] simplifying php str functions

---
 func/bash-to-php-interpreter.php |   1 +
 func/string.php                  | 110 ++++---------------------------
 2 files changed, 12 insertions(+), 99 deletions(-)

diff --git a/func/bash-to-php-interpreter.php b/func/bash-to-php-interpreter.php
index e780d41c..461c1af0 100644
--- a/func/bash-to-php-interpreter.php
+++ b/func/bash-to-php-interpreter.php
@@ -29,6 +29,7 @@ if (!function_exists($func)) {
 
 $params=array();
 
+if ($myvesta_stdin!='') $params[]=$myvesta_stdin;
 for ($i=2; $i<$counter; $i++) {
     $argv[$i]=myvesta_fix_backslashes($argv[$i]);
     $params[]=$argv[$i];
diff --git a/func/string.php b/func/string.php
index ffc7bf68..69881c8f 100644
--- a/func/string.php
+++ b/func/string.php
@@ -7,7 +7,7 @@ function myvesta_find_in_file($file, $find, $quiet=false) {
         if ($quiet) return false;
         return myvesta_throw_error (MYVESTA_ERROR_FILE_DOES_NOT_EXISTS, "File '$file' not found");
     }
-    
+
     $buf=file_get_contents($file);
 
     $pos=strpos($buf, $find);
@@ -74,23 +74,8 @@ function myvesta_strip_in_file_between_including_borders($file, $left, $right) {
 
 // --- string functions ---
 
-function myvesta_str_get_between () {
-    global $myvesta_stdin, $myvesta_str_found_at, $myvesta_str_end_at;
-    $args=func_get_args();
-    $args_i=-1;
-    if ($myvesta_stdin!='') {
-        $text=$myvesta_stdin;
-    } else {
-        $args_i++; $text=$args[$args_i];
-    }
-    $args_i++; $left_substring=$args[$args_i];
-    $args_i++; $right_substring=$args[$args_i]; 
-    $args_i++; $start=0; if (!empty($args[$args_i])) $start=intval($args[$args_i]);
-    $args_i++; $return_left_substring=0; if (!empty($args[$args_i])) $return_left_substring=intval($args[$args_i]);
-    $args_i++; $return_right_substring=0; if (!empty($args[$args_i])) $return_right_substring=intval($args[$args_i]);
-    $args_i++; $left_substring_necessary=1; if (!empty($args[$args_i])) $left_substring_necessary=intval($args[$args_i]);
-    $args_i++; $right_substring_necessary=1; if (!empty($args[$args_i])) $right_substring_necessary=intval($args[$args_i]);
-
+function myvesta_str_get_between (&$text, $left_substring, $right_substring, $start=0, $return_left_substring=0, $return_right_substring=0, $left_substring_necessary=1, $right_substring_necessary=1) {
+    global $myvesta_str_found_at, $myvesta_str_end_at;
     $myvesta_str_found_at=0;
     $myvesta_str_end_at=0;
     $from_null=0;
@@ -124,19 +109,7 @@ function myvesta_str_get_between () {
     return substr($text, $pos1, $len);
 }
 
-function myvesta_str_replace_once_between_including_borders() {
-    global $myvesta_stdin;
-    $args=func_get_args();
-    $args_i=-1;
-    if ($myvesta_stdin!='') {
-        $text=$myvesta_stdin;
-    } else {
-        $args_i++; $text=$args[$args_i];
-    }
-    $args_i++; $left=$args[$args_i];
-    $args_i++; $right=$args[$args_i];
-    $args_i++; $replace_with=$args[$args_i];
-
+function myvesta_str_replace_once_between_including_borders(&$text, $left, $right, $replace_with) {
     $pos1=strpos($text, $left);
     if ($pos1===false) return $text;
     $pos2=strpos($text, $right, $pos1+strlen($left));
@@ -144,18 +117,7 @@ function myvesta_str_replace_once_between_including_borders() {
     return substr($text, 0, $pos1).$replace_with.substr($text, $pos2+strlen($right));
 }
 
-function myvesta_str_strip_once_between_including_borders() {
-    global $myvesta_stdin;
-    $args=func_get_args();
-    $args_i=-1;
-    if ($myvesta_stdin!='') {
-        $text=$myvesta_stdin;
-    } else {
-        $args_i++; $text=$args[$args_i];
-    }
-    $args_i++; $left=$args[$args_i];
-    $args_i++; $right=$args[$args_i];
-
+function myvesta_str_strip_once_between_including_borders(&$text, $left, $right) {
     $pos1=strpos($text, $left);
     if ($pos1===false) return $text;
     $pos2=strpos($text, $right, $pos1+strlen($left));
@@ -163,19 +125,7 @@ function myvesta_str_strip_once_between_including_borders() {
     return substr($text, 0, $pos1).substr($text, $pos2+strlen($right));
 }
 
-function myvesta_str_replace_between_including_borders() {
-    global $myvesta_stdin;
-    $args=func_get_args();
-    $args_i=-1;
-    if ($myvesta_stdin!='') {
-        $text=$myvesta_stdin;
-    } else {
-        $args_i++; $text=$args[$args_i];
-    }
-    $args_i++; $left=$args[$args_i];
-    $args_i++; $right=$args[$args_i];
-    $args_i++; $replace_with=$args[$args_i];
-
+function myvesta_str_replace_between_including_borders($text, $left, $right, $replace_with) {
     $start=0;
     $left_len=strlen($left);
     $right_len=strlen($right);
@@ -189,7 +139,7 @@ function myvesta_str_replace_between_including_borders() {
     return $text;
 }
 
-function myvesta_str_strip_between_including_borders() {
+function myvesta_str_strip_between_including_borders($text, $left, $right) {
     global $myvesta_stdin;
     $args=func_get_args();
     $args_i=-1;
@@ -213,60 +163,22 @@ function myvesta_str_strip_between_including_borders() {
     return $text;
 }
 
-function myvesta_str_find() {
-    global $myvesta_stdin;
-    $args=func_get_args();
-    $args_i=-1;
-    if ($myvesta_stdin!='') {
-        $text=$myvesta_stdin;
-    } else {
-        $args_i++; $text=$args[$args_i];
-    }
-    $args_i++; $find=$args[$args_i];
-    $args_i++; $quiet=false; if (!empty($args[$args_i])) $quiet=boolval($args[$args_i]);
-
+function myvesta_str_find($text, $find, $quiet=false) {
     $pos=strpos($text, $find);
     if ($pos===false) return myvesta_throw_error (MYVESTA_ERROR_STRING_NOT_FOUND, "");
     if ($quiet) return true;
     return $pos;
 }
 
-function myvesta_str_uppercase() {
-    global $myvesta_stdin;
-    $args=func_get_args();
-    $args_i=-1;
-    if ($myvesta_stdin!='') {
-        $text=$myvesta_stdin;
-    } else {
-        $args_i++; $text=$args[$args_i];
-    }
+function myvesta_str_uppercase($text) {
     return strtoupper($text);
 }
 
-function myvesta_str_lowercase() {
-    global $myvesta_stdin;
-    $args=func_get_args();
-    $args_i=-1;
-    if ($myvesta_stdin!='') {
-        $text=$myvesta_stdin;
-    } else {
-        $args_i++; $text=$args[$args_i];
-    }
+function myvesta_str_lowercase($text) {
     return strtolower($text);
 }
 
-function myvesta_str_substring() {
-    global $myvesta_stdin;
-    $args=func_get_args();
-    $args_i=-1;
-    if ($myvesta_stdin!='') {
-        $text=$myvesta_stdin;
-    } else {
-        $args_i++; $text=$args[$args_i];
-    }
-    $args_i++; $start=$args[$args_i];
-    $args_i++; $length=null; if (!empty($args[$args_i])) $length=intval($args[$args_i]);
-    
+function myvesta_str_substring($text, $start, $length=null) {
     if ($length===null) return substr($text, $start);
     if ($length!==null) return substr($text, $start, $length);
 }

From 888db2bc72a9951b53051ab32ac25a6eb7341ca8 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 15 Apr 2023 15:50:27 +0200
Subject: [PATCH 1910/2300] myvesta php replacement for gnu 'grep' (but without
 regular expression)

---
 bin/v-php-func                   |  2 +-
 func/bash-to-php-interpreter.php | 27 ++++++++++-
 func/main.php                    | 83 ++++++++++++++++++++++++++++++--
 func/string.php                  | 34 +++++++++++++
 4 files changed, 140 insertions(+), 6 deletions(-)

diff --git a/bin/v-php-func b/bin/v-php-func
index f7a73385..0c789863 100644
--- a/bin/v-php-func
+++ b/bin/v-php-func
@@ -2,7 +2,7 @@
 # info: calling myVesta PHP functions
 # options: FUNCTION
 #
-# The function is calling myVesta PHP functions.
+# The function is calling myVesta or standard PHP functions directly from bash
 
 #----------------------------------------------------------#
 #                       Action                             #
diff --git a/func/bash-to-php-interpreter.php b/func/bash-to-php-interpreter.php
index 461c1af0..baf9475e 100644
--- a/func/bash-to-php-interpreter.php
+++ b/func/bash-to-php-interpreter.php
@@ -11,7 +11,7 @@ stream_set_blocking(STDIN, false);
 $myvesta_stdin='';
 $myvesta_f = fopen( 'php://stdin', 'r' );
 while( $myvesta_line = fgets( $myvesta_f ) ) {
-  $myvesta_stdin .= $myvesta_line;
+    $myvesta_stdin .= $myvesta_line;
 }
 fclose( $myvesta_f );
 
@@ -27,13 +27,36 @@ if (!function_exists($func)) {
     if (!function_exists($func)) myvesta_throw_error(2, 'Function does not exists');
 }
 
+$insert_stdin_at_position=false;
+if ($func=="myvesta_grep") $insert_stdin_at_position=1;
+
 $params=array();
 
-if ($myvesta_stdin!='') $params[]=$myvesta_stdin;
+$added=0;
+$stdin_content='';
+ $myvesta_stdin_return_not_found=false;
+if ($myvesta_stdin!='' && $insert_stdin_at_position===false) {$params[]=$myvesta_stdin; $added++;}
+
 for ($i=2; $i<$counter; $i++) {
     $argv[$i]=myvesta_fix_backslashes($argv[$i]);
+    if ($insert_stdin_at_position!==false && $myvesta_stdin=='') if ($insert_stdin_at_position==$added) {$stdin_content=$argv[$i]; $added++; continue;}
     $params[]=$argv[$i];
+    $added++;
 }
+if ($insert_stdin_at_position!=false) {
+    if ($myvesta_stdin=='') {
+        $file_or_stdin=$stdin_content;
+        if (!file_exists($file_or_stdin)) {
+            $myvesta_stdin_return_not_found=true;
+            $myvesta_stdin='';
+        } else {
+            $myvesta_stdin=file_get_contents($file_or_stdin);
+        }
+    }
+    if (isset($params[$insert_stdin_at_position])) array_splice($params, $insert_stdin_at_position, 0, array($myvesta_stdin));
+    else $params[$insert_stdin_at_position]=$myvesta_stdin;
+}
+//print_r($params); exit;
 
 $r=call_user_func_array($func, $params);
 if (is_bool($r)) {
diff --git a/func/main.php b/func/main.php
index 03a501a1..650f52ef 100644
--- a/func/main.php
+++ b/func/main.php
@@ -14,9 +14,88 @@ function myvesta_echo($str) {
     echo $str;
 }
 
-function myvesta_exit($code) {
+function myvesta_exit($code, $echo='') {
     global $SHLVL, $myvesta_echo_done, $myvesta_last_echo;
     // myvesta_echo ("==================== ".$argv[0].": ".$code." ====================\n");
+    if ($echo!='') myvesta_echo($echo);
+    if ($SHLVL<3 && $myvesta_echo_done==true) {
+        $last_char=substr($myvesta_last_echo, -1, 1);
+        if ($last_char!="\n") echo "\n";
+    }
+    exit($code);
+}
+
+$myvesta_current_user=exec('whoami', $myvesta_output, $myvesta_return_var);
+if ($myvesta_current_user != 'root') {myvesta_echo ("ERROR: You must be root to execute this script"); myvesta_exit(1);}
+
+function myvesta_throw_error($code, $message) {
+    global $myvesta_exit_on_error;
+    if ($message!=='') myvesta_echo ("ERROR: ".$message);
+    if ($myvesta_exit_on_error) myvesta_exit($code);
+    return $code;
+}
+
+function myvesta_fix_backslashes($s) {
+    $s=str_replace("\\n", "\n", $s);
+    $s=str_replace("\\r", "\r", $s);
+    $s=str_replace("\\t", "\t", $s);
+    return $s;
+}
+
+function myvesta_check_args ($requried_arguments, $arguments) {
+    global $argv;
+    $argument_counter=count($argv);
+    $argument_counter--;
+    $argv[0]=str_replace('/usr/local/vesta/bin/', '', $argv[0]);
+    // myvesta_echo ( "-------------------- ".$argv[0]." --------------------\n");
+    if ($argument_counter<$requried_arguments) {
+        $arguments=str_replace(" ", "' '", $arguments);
+        $arguments="'".$arguments."'";
+        return myvesta_throw_error(MYVESTA_ERROR_MISSING_ARGUMENTS, "Usage: $command $arguments");
+    }
+    $argument_arr=explode(" ", $arguments);
+    $i=1;
+    foreach ($argument_arr as $argument) {
+        $GLOBALS[$argument]=myvesta_fix_backslashes($argv[$i]);
+        $i++;
+    }
+}
+
+function myvesta_fix_args() {
+    global $argv;
+    $i=0;
+    foreach ($argv as $argument) {
+        if ($i==0) {$i++; continue;}
+        $argv[$i]=myvesta_fix_backslashes($argv[$i]);
+        $i++;
+    }
+}
+
+function myvesta_test_func () {
+    $args=func_get_args();
+    myvesta_echo ("You said: ");
+    myvesta_echo (trim(print_r ($args, true)));
+}
+
Date: Sat, 15 Apr 2023 15:53:21 +0200
Subject: [PATCH 1911/2300] correction for main.php

---
 func/main.php | 78 ---------------------------------------------------
 1 file changed, 78 deletions(-)

diff --git a/func/main.php b/func/main.php
index 650f52ef..b521ea2e 100644
--- a/func/main.php
+++ b/func/main.php
@@ -76,81 +76,3 @@ function myvesta_test_func () {
     myvesta_echo ("You said: ");
     myvesta_echo (trim(print_r ($args, true)));
 }
-
Date: Sat, 15 Apr 2023 16:38:53 +0200
Subject: [PATCH 1912/2300] myvesta php replacement for gnu 'sed' (but without
 regular expression)

---
 func/bash-to-php-interpreter.php |  3 +++
 func/main.php                    | 20 ++++++++++++--------
 func/string.php                  | 26 +++++++++++++++++++++++---
 3 files changed, 38 insertions(+), 11 deletions(-)

diff --git a/func/bash-to-php-interpreter.php b/func/bash-to-php-interpreter.php
index baf9475e..09c9c499 100644
--- a/func/bash-to-php-interpreter.php
+++ b/func/bash-to-php-interpreter.php
@@ -29,11 +29,13 @@ if (!function_exists($func)) {
 
 $insert_stdin_at_position=false;
 if ($func=="myvesta_grep") $insert_stdin_at_position=1;
+if ($func=="myvesta_sed") $insert_stdin_at_position=2;
 
 $params=array();
 
 $added=0;
 $stdin_content='';
+$myvesta_stdin_from_file='';
  $myvesta_stdin_return_not_found=false;
 if ($myvesta_stdin!='' && $insert_stdin_at_position===false) {$params[]=$myvesta_stdin; $added++;}
 
@@ -51,6 +53,7 @@ if ($insert_stdin_at_position!=false) {
             $myvesta_stdin='';
         } else {
             $myvesta_stdin=file_get_contents($file_or_stdin);
+            $myvesta_stdin_from_file=$file_or_stdin;
         }
     }
     if (isset($params[$insert_stdin_at_position])) array_splice($params, $insert_stdin_at_position, 0, array($myvesta_stdin));
diff --git a/func/main.php b/func/main.php
index b521ea2e..967fb8fb 100644
--- a/func/main.php
+++ b/func/main.php
@@ -1,6 +1,7 @@
 
Date: Sat, 15 Apr 2023 18:51:15 +0200
Subject: [PATCH 1913/2300] MYVESTA_QUIET as export variable

---
 func/main.php   | 2 ++
 func/string.php | 6 +++---
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/func/main.php b/func/main.php
index 967fb8fb..22834d42 100644
--- a/func/main.php
+++ b/func/main.php
@@ -2,6 +2,8 @@
 
 $myvesta_exit_on_error=true;
 $myvesta_quiet_mode=0;
+if (isset($_SERVER['MYVESTA_QUIET'])) $myvesta_quiet_mode=intval($_SERVER['MYVESTA_QUIET']);
+
 define('MYVESTA_ERROR_PERMISSION_DENIED', 1);
 define('MYVESTA_ERROR_MISSING_ARGUMENTS', 2);
 define('MYVESTA_ERROR_FILE_DOES_NOT_EXISTS', 3);
diff --git a/func/string.php b/func/string.php
index e4ba2a5f..371c643c 100644
--- a/func/string.php
+++ b/func/string.php
@@ -81,8 +81,8 @@ function myvesta_grep($find, $file_or_stdin, $count=0, $quiet=0) {
     $myvesta_quiet_mode=$quiet;
     //echo "find          = " . $find."\n"; echo "file_or_stdin = " . $file_or_stdin."\n"; echo "count         = " . $count."\n"; echo "quiet         = " . $quiet."\n"; exit;
     if ($myvesta_stdin_return_not_found==true) {
-        if ($count==1) return myvesta_throw_error (MYVESTA_ERROR_STRING_NOT_FOUND, "0");
-        return myvesta_throw_error (MYVESTA_ERROR_STRING_NOT_FOUND, "");
+        if ($count==1) return myvesta_throw_error (MYVESTA_ERROR_FILE_DOES_NOT_EXISTS, "0");
+        return myvesta_throw_error (MYVESTA_ERROR_FILE_DOES_NOT_EXISTS, "");
     }
     
     $arr=explode("\n", $file_or_stdin);
@@ -111,7 +111,7 @@ function myvesta_sed($find, $replace, $file_or_stdin) {
     global $myvesta_stdin, $myvesta_stdin_return_not_found, $myvesta_stdin_from_file;
     //echo "find            = " . $find."\n"; echo "replace         = " . $replace."\n"; echo "file_or_stdin   = " . $file_or_stdin."\n"; echo "stdin_from_file = " . $myvesta_stdin_from_file."\n"; exit;
     if ($myvesta_stdin_return_not_found==true) {
-        return myvesta_throw_error (MYVESTA_ERROR_STRING_NOT_FOUND, "File not found");
+        return myvesta_throw_error (MYVESTA_ERROR_FILE_DOES_NOT_EXISTS, "File not found");
     }
 
     if (strpos($file_or_stdin, $find)===false) return myvesta_throw_error (MYVESTA_ERROR_STRING_NOT_FOUND, "String '$find' not found");

From 502acb44c01a21fe4435d93ed59e1fe605441ac9 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 15 Apr 2023 19:03:11 +0200
Subject: [PATCH 1914/2300] v-grep and v-sed

---
 bin/v-grep | 21 +++++++++++++++++++++
 bin/v-sed  | 21 +++++++++++++++++++++
 2 files changed, 42 insertions(+)
 create mode 100644 bin/v-grep
 create mode 100644 bin/v-sed

diff --git a/bin/v-grep b/bin/v-grep
new file mode 100644
index 00000000..3e467129
--- /dev/null
+++ b/bin/v-grep
@@ -0,0 +1,21 @@
+#!/bin/bash
+# info: calling myvesta_grep PHP function
+# options: PARAMETERS
+#
+# The function is calling myVesta PHP replacement for GNU 'grep' command (but without regular expression)
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+
+if [ -p /dev/stdin ]; then
+    STDIN=$(cat -)
+    if [ ! -z "$STDIN" ]; then
+        echo "$STDIN" | php /usr/local/vesta/func/bash-to-php-interpreter.php 'myvesta_grep' "$@"
+        exit $?
+    fi
+fi
+
+php /usr/local/vesta/func/bash-to-php-interpreter.php 'myvesta_grep' "$@"
+exit $?
diff --git a/bin/v-sed b/bin/v-sed
new file mode 100644
index 00000000..9d1a82ee
--- /dev/null
+++ b/bin/v-sed
@@ -0,0 +1,21 @@
+#!/bin/bash
+# info: calling myvesta_sed PHP function
+# options: PARAMETERS
+#
+# The function is calling myVesta PHP replacement for GNU 'sed' command (but without regular expression)
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+
+if [ -p /dev/stdin ]; then
+    STDIN=$(cat -)
+    if [ ! -z "$STDIN" ]; then
+        echo "$STDIN" | php /usr/local/vesta/func/bash-to-php-interpreter.php 'myvesta_sed' "$@"
+        exit $?
+    fi
+fi
+
+php /usr/local/vesta/func/bash-to-php-interpreter.php 'myvesta_sed' "$@"
+exit $?

From ae45e4a57198557a47a31ddf5e847dc0579d060b Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 16 Apr 2023 00:10:54 +0200
Subject: [PATCH 1915/2300] simplifying php code

---
 func/bash-to-php-interpreter.php | 11 +++++++----
 func/string.php                  | 26 +++++++++++++-------------
 2 files changed, 20 insertions(+), 17 deletions(-)

diff --git a/func/bash-to-php-interpreter.php b/func/bash-to-php-interpreter.php
index 09c9c499..4c1e9dc5 100644
--- a/func/bash-to-php-interpreter.php
+++ b/func/bash-to-php-interpreter.php
@@ -41,13 +41,15 @@ if ($myvesta_stdin!='' && $insert_stdin_at_position===false) {$params[]=$myvesta
 
 for ($i=2; $i<$counter; $i++) {
     $argv[$i]=myvesta_fix_backslashes($argv[$i]);
-    if ($insert_stdin_at_position!==false && $myvesta_stdin=='') if ($insert_stdin_at_position==$added) {$stdin_content=$argv[$i]; $added++; continue;}
+    //if ($insert_stdin_at_position!==false && $myvesta_stdin=='') if ($insert_stdin_at_position==$added) {$stdin_content=$argv[$i]; $added++; continue;}
     $params[]=$argv[$i];
     $added++;
 }
+//print_r($params); exit;
+
 if ($insert_stdin_at_position!=false) {
     if ($myvesta_stdin=='') {
-        $file_or_stdin=$stdin_content;
+        $file_or_stdin=$params[$insert_stdin_at_position];
         if (!file_exists($file_or_stdin)) {
             $myvesta_stdin_return_not_found=true;
             $myvesta_stdin='';
@@ -55,9 +57,10 @@ if ($insert_stdin_at_position!=false) {
             $myvesta_stdin=file_get_contents($file_or_stdin);
             $myvesta_stdin_from_file=$file_or_stdin;
         }
+        $params[$insert_stdin_at_position]=$myvesta_stdin;
+    } else {
+        array_splice($params, $insert_stdin_at_position, 0, array($myvesta_stdin));
     }
-    if (isset($params[$insert_stdin_at_position])) array_splice($params, $insert_stdin_at_position, 0, array($myvesta_stdin));
-    else $params[$insert_stdin_at_position]=$myvesta_stdin;
 }
 //print_r($params); exit;
 
diff --git a/func/string.php b/func/string.php
index 371c643c..7ada2546 100644
--- a/func/string.php
+++ b/func/string.php
@@ -74,25 +74,25 @@ function myvesta_strip_in_file_between_including_borders($file, $left, $right) {
 
 // --- mixed functions ---
 
-function myvesta_grep($find, $file_or_stdin, $count=0, $quiet=0) {
+function myvesta_grep($find, $content, $count=0, $quiet=0) {
     global $myvesta_stdin, $myvesta_stdin_return_not_found, $myvesta_quiet_mode;
     if ($count==='-c') {$count=1; $quiet=0;}
     if ($count==='-q') {$count=0; $quiet=1;}
-    $myvesta_quiet_mode=$quiet;
-    //echo "find          = " . $find."\n"; echo "file_or_stdin = " . $file_or_stdin."\n"; echo "count         = " . $count."\n"; echo "quiet         = " . $quiet."\n"; exit;
+    if ($myvesta_quiet_mode==0) $myvesta_quiet_mode=$quiet;
+    //echo "find          = " . $find."\n"; echo "file_or_stdin = " . $content."\n"; echo "count         = " . $count."\n"; echo "quiet         = " . $quiet."\n"; exit;
     if ($myvesta_stdin_return_not_found==true) {
         if ($count==1) return myvesta_throw_error (MYVESTA_ERROR_FILE_DOES_NOT_EXISTS, "0");
         return myvesta_throw_error (MYVESTA_ERROR_FILE_DOES_NOT_EXISTS, "");
     }
     
-    $arr=explode("\n", $file_or_stdin);
+    $arr=explode("\n", $content);
 
-    $buf='';
+    $buffer='';
     $hits=0;
     foreach ($arr as $line) {
         if (strpos($line, $find)!==false) {
             $hits++;
-            if ($quiet==false && $count==false) $buf.=$line."\n";
+            if ($quiet==false && $count==false) $buffer.=$line."\n";
         }
     }
     if ($count==1) {
@@ -104,24 +104,24 @@ function myvesta_grep($find, $file_or_stdin, $count=0, $quiet=0) {
         return true;
     }
     if ($hits==0) return myvesta_exit (MYVESTA_ERROR_STRING_NOT_FOUND, "");
-    return $buf;
+    return $buffer;
 }
 
-function myvesta_sed($find, $replace, $file_or_stdin) {
+function myvesta_sed($find, $replace, $content) {
     global $myvesta_stdin, $myvesta_stdin_return_not_found, $myvesta_stdin_from_file;
-    //echo "find            = " . $find."\n"; echo "replace         = " . $replace."\n"; echo "file_or_stdin   = " . $file_or_stdin."\n"; echo "stdin_from_file = " . $myvesta_stdin_from_file."\n"; exit;
+    //echo "find            = " . $find."\n"; echo "replace         = " . $replace."\n"; echo "file_or_stdin   = " . $content."\n"; echo "stdin_from_file = " . $myvesta_stdin_from_file."\n"; exit;
     if ($myvesta_stdin_return_not_found==true) {
         return myvesta_throw_error (MYVESTA_ERROR_FILE_DOES_NOT_EXISTS, "File not found");
     }
 
-    if (strpos($file_or_stdin, $find)===false) return myvesta_throw_error (MYVESTA_ERROR_STRING_NOT_FOUND, "String '$find' not found");
+    if (strpos($content, $find)===false) return myvesta_throw_error (MYVESTA_ERROR_STRING_NOT_FOUND, "String '$find' not found");
 
-    $file_or_stdin=str_replace($find, $replace, $file_or_stdin);
+    $content=str_replace($find, $replace, $content);
     if ($myvesta_stdin_from_file!='') {
-        $r=file_put_contents($myvesta_stdin_from_file, $file_or_stdin);
+        $r=file_put_contents($myvesta_stdin_from_file, $content);
         if ($r===false) return false;
     } else {
-        myvesta_echo ($file_or_stdin);
+        myvesta_echo ($content);
     }
     return true;
 }

From 22d524cfceb793cf9c1a1f337fa2c58e0a70004e Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 30 Apr 2023 15:15:43 +0200
Subject: [PATCH 1916/2300] apache templates -FollowSymLinks
 +SymLinksIfOwnerMatch

---
 install/debian/10/templates/web/apache2/PHP-FPM-73-public.stpl  | 2 +-
 install/debian/10/templates/web/apache2/PHP-FPM-73-public.tpl   | 2 +-
 install/debian/10/templates/web/apache2/PHP-FPM-73.stpl         | 2 +-
 install/debian/10/templates/web/apache2/PHP-FPM-73.tpl          | 2 +-
 install/debian/11/templates/web/apache2/PHP-FPM-74-public.stpl  | 2 +-
 install/debian/11/templates/web/apache2/PHP-FPM-74-public.tpl   | 2 +-
 install/debian/11/templates/web/apache2/PHP-FPM-74.stpl         | 2 +-
 install/debian/11/templates/web/apache2/PHP-FPM-74.tpl          | 2 +-
 install/debian/8/templates/web/apache2/basedir.stpl             | 2 +-
 install/debian/8/templates/web/apache2/basedir.tpl              | 2 +-
 install/debian/8/templates/web/apache2/default.stpl             | 2 +-
 install/debian/8/templates/web/apache2/default.tpl              | 2 +-
 install/debian/8/templates/web/apache2/hosting.stpl             | 2 +-
 install/debian/8/templates/web/apache2/hosting.tpl              | 2 +-
 install/debian/8/templates/web/apache2/phpcgi.stpl              | 2 +-
 install/debian/8/templates/web/apache2/phpcgi.tpl               | 2 +-
 install/debian/8/templates/web/apache2/phpfcgid.stpl            | 2 +-
 install/debian/8/templates/web/apache2/phpfcgid.tpl             | 2 +-
 install/debian/9/templates/web/apache2/basedir.stpl             | 2 +-
 install/debian/9/templates/web/apache2/basedir.tpl              | 2 +-
 install/debian/9/templates/web/apache2/default.stpl             | 2 +-
 install/debian/9/templates/web/apache2/default.tpl              | 2 +-
 install/debian/9/templates/web/apache2/hosting.stpl             | 2 +-
 install/debian/9/templates/web/apache2/hosting.tpl              | 2 +-
 install/debian/9/templates/web/apache2/phpcgi.stpl              | 2 +-
 install/debian/9/templates/web/apache2/phpcgi.tpl               | 2 +-
 install/debian/9/templates/web/apache2/phpfcgid.stpl            | 2 +-
 install/debian/9/templates/web/apache2/phpfcgid.tpl             | 2 +-
 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-56.stpl       | 2 +-
 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-56.tpl        | 2 +-
 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-70.stpl       | 2 +-
 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-70.tpl        | 2 +-
 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-71.stpl       | 2 +-
 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-71.tpl        | 2 +-
 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-72.stpl       | 2 +-
 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-72.tpl        | 2 +-
 .../for-download/tools/apache-fpm-tpl/PHP-FPM-73-public.stpl    | 2 +-
 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73-public.tpl | 2 +-
 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73.stpl       | 2 +-
 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73.tpl        | 2 +-
 .../for-download/tools/apache-fpm-tpl/PHP-FPM-74-public.stpl    | 2 +-
 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74-public.tpl | 2 +-
 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74.stpl       | 2 +-
 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74.tpl        | 2 +-
 .../for-download/tools/apache-fpm-tpl/PHP-FPM-80-public.stpl    | 2 +-
 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-80-public.tpl | 2 +-
 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-80.stpl       | 2 +-
 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-80.tpl        | 2 +-
 .../for-download/tools/apache-fpm-tpl/PHP-FPM-81-public.stpl    | 2 +-
 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81-public.tpl | 2 +-
 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81.stpl       | 2 +-
 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81.tpl        | 2 +-
 .../for-download/tools/apache-fpm-tpl/PHP-FPM-82-public.stpl    | 2 +-
 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-82-public.tpl | 2 +-
 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-82.stpl       | 2 +-
 src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-82.tpl        | 2 +-
 56 files changed, 56 insertions(+), 56 deletions(-)

diff --git a/install/debian/10/templates/web/apache2/PHP-FPM-73-public.stpl b/install/debian/10/templates/web/apache2/PHP-FPM-73-public.stpl
index 9660c234..39777224 100644
--- a/install/debian/10/templates/web/apache2/PHP-FPM-73-public.stpl
+++ b/install/debian/10/templates/web/apache2/PHP-FPM-73-public.stpl
@@ -17,7 +17,7 @@
     
         AllowOverride All
         SSLRequireSSL
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
 	
     SSLEngine on
     SSLVerifyClient none
diff --git a/install/debian/10/templates/web/apache2/PHP-FPM-73-public.tpl b/install/debian/10/templates/web/apache2/PHP-FPM-73-public.tpl
index 892c0d1f..b6e306d7 100644
--- a/install/debian/10/templates/web/apache2/PHP-FPM-73-public.tpl
+++ b/install/debian/10/templates/web/apache2/PHP-FPM-73-public.tpl
@@ -16,7 +16,7 @@
     
     
         AllowOverride All
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
     
 #    
 #        RMode config
diff --git a/install/debian/10/templates/web/apache2/PHP-FPM-73.stpl b/install/debian/10/templates/web/apache2/PHP-FPM-73.stpl
index 28224413..902d647a 100644
--- a/install/debian/10/templates/web/apache2/PHP-FPM-73.stpl
+++ b/install/debian/10/templates/web/apache2/PHP-FPM-73.stpl
@@ -17,7 +17,7 @@
     
         AllowOverride All
         SSLRequireSSL
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
 	
     SSLEngine on
     SSLVerifyClient none
diff --git a/install/debian/10/templates/web/apache2/PHP-FPM-73.tpl b/install/debian/10/templates/web/apache2/PHP-FPM-73.tpl
index 7bec5e73..40df2629 100644
--- a/install/debian/10/templates/web/apache2/PHP-FPM-73.tpl
+++ b/install/debian/10/templates/web/apache2/PHP-FPM-73.tpl
@@ -16,7 +16,7 @@
     
     
         AllowOverride All
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
     
 #    
 #        RMode config
diff --git a/install/debian/11/templates/web/apache2/PHP-FPM-74-public.stpl b/install/debian/11/templates/web/apache2/PHP-FPM-74-public.stpl
index fdbc26f9..739cb48d 100644
--- a/install/debian/11/templates/web/apache2/PHP-FPM-74-public.stpl
+++ b/install/debian/11/templates/web/apache2/PHP-FPM-74-public.stpl
@@ -17,7 +17,7 @@
     
         AllowOverride All
         SSLRequireSSL
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
 	
     SSLEngine on
     SSLVerifyClient none
diff --git a/install/debian/11/templates/web/apache2/PHP-FPM-74-public.tpl b/install/debian/11/templates/web/apache2/PHP-FPM-74-public.tpl
index 614f20c3..f31ed5a8 100644
--- a/install/debian/11/templates/web/apache2/PHP-FPM-74-public.tpl
+++ b/install/debian/11/templates/web/apache2/PHP-FPM-74-public.tpl
@@ -16,7 +16,7 @@
     
     
         AllowOverride All
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
     
 #    
 #        RMode config
diff --git a/install/debian/11/templates/web/apache2/PHP-FPM-74.stpl b/install/debian/11/templates/web/apache2/PHP-FPM-74.stpl
index df607247..fbc1d9c6 100644
--- a/install/debian/11/templates/web/apache2/PHP-FPM-74.stpl
+++ b/install/debian/11/templates/web/apache2/PHP-FPM-74.stpl
@@ -17,7 +17,7 @@
     
         AllowOverride All
         SSLRequireSSL
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
 	
     SSLEngine on
     SSLVerifyClient none
diff --git a/install/debian/11/templates/web/apache2/PHP-FPM-74.tpl b/install/debian/11/templates/web/apache2/PHP-FPM-74.tpl
index 7b6e2cb5..aaf8f62c 100644
--- a/install/debian/11/templates/web/apache2/PHP-FPM-74.tpl
+++ b/install/debian/11/templates/web/apache2/PHP-FPM-74.tpl
@@ -16,7 +16,7 @@
     
     
         AllowOverride All
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
     
 #    
 #        RMode config
diff --git a/install/debian/8/templates/web/apache2/basedir.stpl b/install/debian/8/templates/web/apache2/basedir.stpl
index 2db1d52c..60a8f7fd 100644
--- a/install/debian/8/templates/web/apache2/basedir.stpl
+++ b/install/debian/8/templates/web/apache2/basedir.stpl
@@ -14,7 +14,7 @@
     
         AllowOverride All
         SSLRequireSSL
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
         php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
         php_admin_value upload_tmp_dir %home%/%user%/tmp
         php_admin_value session.save_path %home%/%user%/tmp
diff --git a/install/debian/8/templates/web/apache2/basedir.tpl b/install/debian/8/templates/web/apache2/basedir.tpl
index 96c94a1b..3b8f875a 100644
--- a/install/debian/8/templates/web/apache2/basedir.tpl
+++ b/install/debian/8/templates/web/apache2/basedir.tpl
@@ -13,7 +13,7 @@
     ErrorLog /var/log/%web_system%/domains/%domain%.error.log
     
         AllowOverride All
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
         php_admin_value open_basedir %docroot%:%home%/%user%/tmp
         php_admin_value upload_tmp_dir %home%/%user%/tmp
         php_admin_value session.save_path %home%/%user%/tmp
diff --git a/install/debian/8/templates/web/apache2/default.stpl b/install/debian/8/templates/web/apache2/default.stpl
index ec34c279..3fc7e160 100644
--- a/install/debian/8/templates/web/apache2/default.stpl
+++ b/install/debian/8/templates/web/apache2/default.stpl
@@ -14,7 +14,7 @@
     
         AllowOverride All
         SSLRequireSSL
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
         php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
         php_admin_value upload_tmp_dir %home%/%user%/tmp
         php_admin_value session.save_path %home%/%user%/tmp
diff --git a/install/debian/8/templates/web/apache2/default.tpl b/install/debian/8/templates/web/apache2/default.tpl
index 3a227015..464257ec 100644
--- a/install/debian/8/templates/web/apache2/default.tpl
+++ b/install/debian/8/templates/web/apache2/default.tpl
@@ -13,7 +13,7 @@
     ErrorLog /var/log/%web_system%/domains/%domain%.error.log
     
         AllowOverride All
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
         php_admin_value open_basedir %docroot%:%home%/%user%/tmp
         php_admin_value upload_tmp_dir %home%/%user%/tmp
         php_admin_value session.save_path %home%/%user%/tmp
diff --git a/install/debian/8/templates/web/apache2/hosting.stpl b/install/debian/8/templates/web/apache2/hosting.stpl
index c9c19512..b17014cd 100644
--- a/install/debian/8/templates/web/apache2/hosting.stpl
+++ b/install/debian/8/templates/web/apache2/hosting.stpl
@@ -14,7 +14,7 @@
     
         AllowOverride All
         SSLRequireSSL
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
         php_admin_value upload_max_filesize 10M
         php_admin_value max_execution_time 20
         php_admin_value post_max_size  8M
diff --git a/install/debian/8/templates/web/apache2/hosting.tpl b/install/debian/8/templates/web/apache2/hosting.tpl
index 1eb26910..34f55b29 100644
--- a/install/debian/8/templates/web/apache2/hosting.tpl
+++ b/install/debian/8/templates/web/apache2/hosting.tpl
@@ -13,7 +13,7 @@
     ErrorLog /var/log/%web_system%/domains/%domain%.error.log
     
         AllowOverride All
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
         php_admin_value upload_max_filesize 10M
         php_admin_value max_execution_time 20
         php_admin_value post_max_size  8M
diff --git a/install/debian/8/templates/web/apache2/phpcgi.stpl b/install/debian/8/templates/web/apache2/phpcgi.stpl
index ae560dbe..7c1248d4 100644
--- a/install/debian/8/templates/web/apache2/phpcgi.stpl
+++ b/install/debian/8/templates/web/apache2/phpcgi.stpl
@@ -14,7 +14,7 @@
     
         SSLRequireSSL
         AllowOverride All
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
         php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
         php_admin_value upload_tmp_dir %home%/%user%/tmp
         php_admin_value session.save_path %home%/%user%/tmp
diff --git a/install/debian/8/templates/web/apache2/phpcgi.tpl b/install/debian/8/templates/web/apache2/phpcgi.tpl
index c6796d29..603ea8b9 100644
--- a/install/debian/8/templates/web/apache2/phpcgi.tpl
+++ b/install/debian/8/templates/web/apache2/phpcgi.tpl
@@ -13,7 +13,7 @@
     ErrorLog /var/log/%web_system%/domains/%domain%.error.log
     
         AllowOverride All
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
         php_admin_value open_basedir %docroot%:%home%/%user%/tmp
         php_admin_value upload_tmp_dir %home%/%user%/tmp
         php_admin_value session.save_path %home%/%user%/tmp
diff --git a/install/debian/8/templates/web/apache2/phpfcgid.stpl b/install/debian/8/templates/web/apache2/phpfcgid.stpl
index bc3688d9..98304f2a 100644
--- a/install/debian/8/templates/web/apache2/phpfcgid.stpl
+++ b/install/debian/8/templates/web/apache2/phpfcgid.stpl
@@ -14,7 +14,7 @@
     
         SSLRequireSSL
         AllowOverride All
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
         php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
         php_admin_value upload_tmp_dir %home%/%user%/tmp
         php_admin_value session.save_path %home%/%user%/tmp
diff --git a/install/debian/8/templates/web/apache2/phpfcgid.tpl b/install/debian/8/templates/web/apache2/phpfcgid.tpl
index a4c01269..525b1f53 100644
--- a/install/debian/8/templates/web/apache2/phpfcgid.tpl
+++ b/install/debian/8/templates/web/apache2/phpfcgid.tpl
@@ -13,7 +13,7 @@
     ErrorLog /var/log/%web_system%/domains/%domain%.error.log
     
         AllowOverride All
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
         php_admin_value open_basedir %docroot%:%home%/%user%/tmp
         php_admin_value upload_tmp_dir %home%/%user%/tmp
         php_admin_value session.save_path %home%/%user%/tmp
diff --git a/install/debian/9/templates/web/apache2/basedir.stpl b/install/debian/9/templates/web/apache2/basedir.stpl
index 2db1d52c..60a8f7fd 100644
--- a/install/debian/9/templates/web/apache2/basedir.stpl
+++ b/install/debian/9/templates/web/apache2/basedir.stpl
@@ -14,7 +14,7 @@
     
         AllowOverride All
         SSLRequireSSL
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
         php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
         php_admin_value upload_tmp_dir %home%/%user%/tmp
         php_admin_value session.save_path %home%/%user%/tmp
diff --git a/install/debian/9/templates/web/apache2/basedir.tpl b/install/debian/9/templates/web/apache2/basedir.tpl
index 96c94a1b..3b8f875a 100644
--- a/install/debian/9/templates/web/apache2/basedir.tpl
+++ b/install/debian/9/templates/web/apache2/basedir.tpl
@@ -13,7 +13,7 @@
     ErrorLog /var/log/%web_system%/domains/%domain%.error.log
     
         AllowOverride All
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
         php_admin_value open_basedir %docroot%:%home%/%user%/tmp
         php_admin_value upload_tmp_dir %home%/%user%/tmp
         php_admin_value session.save_path %home%/%user%/tmp
diff --git a/install/debian/9/templates/web/apache2/default.stpl b/install/debian/9/templates/web/apache2/default.stpl
index ec34c279..3fc7e160 100644
--- a/install/debian/9/templates/web/apache2/default.stpl
+++ b/install/debian/9/templates/web/apache2/default.stpl
@@ -14,7 +14,7 @@
     
         AllowOverride All
         SSLRequireSSL
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
         php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
         php_admin_value upload_tmp_dir %home%/%user%/tmp
         php_admin_value session.save_path %home%/%user%/tmp
diff --git a/install/debian/9/templates/web/apache2/default.tpl b/install/debian/9/templates/web/apache2/default.tpl
index 3a227015..464257ec 100644
--- a/install/debian/9/templates/web/apache2/default.tpl
+++ b/install/debian/9/templates/web/apache2/default.tpl
@@ -13,7 +13,7 @@
     ErrorLog /var/log/%web_system%/domains/%domain%.error.log
     
         AllowOverride All
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
         php_admin_value open_basedir %docroot%:%home%/%user%/tmp
         php_admin_value upload_tmp_dir %home%/%user%/tmp
         php_admin_value session.save_path %home%/%user%/tmp
diff --git a/install/debian/9/templates/web/apache2/hosting.stpl b/install/debian/9/templates/web/apache2/hosting.stpl
index c9c19512..b17014cd 100644
--- a/install/debian/9/templates/web/apache2/hosting.stpl
+++ b/install/debian/9/templates/web/apache2/hosting.stpl
@@ -14,7 +14,7 @@
     
         AllowOverride All
         SSLRequireSSL
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
         php_admin_value upload_max_filesize 10M
         php_admin_value max_execution_time 20
         php_admin_value post_max_size  8M
diff --git a/install/debian/9/templates/web/apache2/hosting.tpl b/install/debian/9/templates/web/apache2/hosting.tpl
index 1eb26910..34f55b29 100644
--- a/install/debian/9/templates/web/apache2/hosting.tpl
+++ b/install/debian/9/templates/web/apache2/hosting.tpl
@@ -13,7 +13,7 @@
     ErrorLog /var/log/%web_system%/domains/%domain%.error.log
     
         AllowOverride All
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
         php_admin_value upload_max_filesize 10M
         php_admin_value max_execution_time 20
         php_admin_value post_max_size  8M
diff --git a/install/debian/9/templates/web/apache2/phpcgi.stpl b/install/debian/9/templates/web/apache2/phpcgi.stpl
index ae560dbe..7c1248d4 100644
--- a/install/debian/9/templates/web/apache2/phpcgi.stpl
+++ b/install/debian/9/templates/web/apache2/phpcgi.stpl
@@ -14,7 +14,7 @@
     
         SSLRequireSSL
         AllowOverride All
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
         php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
         php_admin_value upload_tmp_dir %home%/%user%/tmp
         php_admin_value session.save_path %home%/%user%/tmp
diff --git a/install/debian/9/templates/web/apache2/phpcgi.tpl b/install/debian/9/templates/web/apache2/phpcgi.tpl
index c6796d29..603ea8b9 100644
--- a/install/debian/9/templates/web/apache2/phpcgi.tpl
+++ b/install/debian/9/templates/web/apache2/phpcgi.tpl
@@ -13,7 +13,7 @@
     ErrorLog /var/log/%web_system%/domains/%domain%.error.log
     
         AllowOverride All
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
         php_admin_value open_basedir %docroot%:%home%/%user%/tmp
         php_admin_value upload_tmp_dir %home%/%user%/tmp
         php_admin_value session.save_path %home%/%user%/tmp
diff --git a/install/debian/9/templates/web/apache2/phpfcgid.stpl b/install/debian/9/templates/web/apache2/phpfcgid.stpl
index bc3688d9..98304f2a 100644
--- a/install/debian/9/templates/web/apache2/phpfcgid.stpl
+++ b/install/debian/9/templates/web/apache2/phpfcgid.stpl
@@ -14,7 +14,7 @@
     
         SSLRequireSSL
         AllowOverride All
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
         php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
         php_admin_value upload_tmp_dir %home%/%user%/tmp
         php_admin_value session.save_path %home%/%user%/tmp
diff --git a/install/debian/9/templates/web/apache2/phpfcgid.tpl b/install/debian/9/templates/web/apache2/phpfcgid.tpl
index a4c01269..525b1f53 100644
--- a/install/debian/9/templates/web/apache2/phpfcgid.tpl
+++ b/install/debian/9/templates/web/apache2/phpfcgid.tpl
@@ -13,7 +13,7 @@
     ErrorLog /var/log/%web_system%/domains/%domain%.error.log
     
         AllowOverride All
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
         php_admin_value open_basedir %docroot%:%home%/%user%/tmp
         php_admin_value upload_tmp_dir %home%/%user%/tmp
         php_admin_value session.save_path %home%/%user%/tmp
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-56.stpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-56.stpl
index eb5631db..a24b368f 100644
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-56.stpl
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-56.stpl
@@ -17,7 +17,7 @@
     
         AllowOverride All
         SSLRequireSSL
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
 	
     SSLEngine on
     SSLVerifyClient none
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-56.tpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-56.tpl
index cd4e797d..55bc8233 100644
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-56.tpl
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-56.tpl
@@ -16,7 +16,7 @@
     
     
         AllowOverride All
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
     
 #    
 #        RMode config
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-70.stpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-70.stpl
index 38285302..5d944c0f 100644
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-70.stpl
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-70.stpl
@@ -17,7 +17,7 @@
     
         AllowOverride All
         SSLRequireSSL
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
 	
     SSLEngine on
     SSLVerifyClient none
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-70.tpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-70.tpl
index 7d30d39c..c9378152 100644
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-70.tpl
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-70.tpl
@@ -16,7 +16,7 @@
     
     
         AllowOverride All
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
     
 #    
 #        RMode config
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-71.stpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-71.stpl
index c5d284f7..a718b21f 100644
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-71.stpl
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-71.stpl
@@ -17,7 +17,7 @@
     
         AllowOverride All
         SSLRequireSSL
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
 	
     SSLEngine on
     SSLVerifyClient none
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-71.tpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-71.tpl
index 695b9937..9f0cf8a7 100644
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-71.tpl
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-71.tpl
@@ -16,7 +16,7 @@
     
     
         AllowOverride All
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
     
 #    
 #        RMode config
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-72.stpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-72.stpl
index 2b4363b4..20792e92 100644
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-72.stpl
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-72.stpl
@@ -17,7 +17,7 @@
     
         AllowOverride All
         SSLRequireSSL
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
 	
     SSLEngine on
     SSLVerifyClient none
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-72.tpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-72.tpl
index be2ca7ae..89b19147 100644
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-72.tpl
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-72.tpl
@@ -16,7 +16,7 @@
     
     
         AllowOverride All
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
     
 #    
 #        RMode config
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73-public.stpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73-public.stpl
index 9660c234..39777224 100644
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73-public.stpl
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73-public.stpl
@@ -17,7 +17,7 @@
     
         AllowOverride All
         SSLRequireSSL
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
 	
     SSLEngine on
     SSLVerifyClient none
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73-public.tpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73-public.tpl
index 892c0d1f..b6e306d7 100644
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73-public.tpl
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73-public.tpl
@@ -16,7 +16,7 @@
     
     
         AllowOverride All
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
     
 #    
 #        RMode config
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73.stpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73.stpl
index 28224413..902d647a 100644
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73.stpl
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73.stpl
@@ -17,7 +17,7 @@
     
         AllowOverride All
         SSLRequireSSL
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
 	
     SSLEngine on
     SSLVerifyClient none
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73.tpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73.tpl
index 7bec5e73..40df2629 100644
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73.tpl
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-73.tpl
@@ -16,7 +16,7 @@
     
     
         AllowOverride All
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
     
 #    
 #        RMode config
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74-public.stpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74-public.stpl
index fdbc26f9..739cb48d 100644
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74-public.stpl
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74-public.stpl
@@ -17,7 +17,7 @@
     
         AllowOverride All
         SSLRequireSSL
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
 	
     SSLEngine on
     SSLVerifyClient none
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74-public.tpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74-public.tpl
index 614f20c3..f31ed5a8 100644
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74-public.tpl
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74-public.tpl
@@ -16,7 +16,7 @@
     
     
         AllowOverride All
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
     
 #    
 #        RMode config
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74.stpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74.stpl
index df607247..fbc1d9c6 100644
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74.stpl
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74.stpl
@@ -17,7 +17,7 @@
     
         AllowOverride All
         SSLRequireSSL
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
 	
     SSLEngine on
     SSLVerifyClient none
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74.tpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74.tpl
index 7b6e2cb5..aaf8f62c 100644
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74.tpl
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-74.tpl
@@ -16,7 +16,7 @@
     
     
         AllowOverride All
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
     
 #    
 #        RMode config
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-80-public.stpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-80-public.stpl
index 4ce4b993..b1335a44 100644
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-80-public.stpl
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-80-public.stpl
@@ -17,7 +17,7 @@
     
         AllowOverride All
         SSLRequireSSL
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
 	
     SSLEngine on
     SSLVerifyClient none
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-80-public.tpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-80-public.tpl
index 41a5d506..1b0a610c 100644
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-80-public.tpl
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-80-public.tpl
@@ -16,7 +16,7 @@
     
     
         AllowOverride All
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
     
 #    
 #        RMode config
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-80.stpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-80.stpl
index f39e9631..fae336fc 100644
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-80.stpl
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-80.stpl
@@ -17,7 +17,7 @@
     
         AllowOverride All
         SSLRequireSSL
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
 	
     SSLEngine on
     SSLVerifyClient none
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-80.tpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-80.tpl
index b9e32f14..64699c22 100644
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-80.tpl
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-80.tpl
@@ -16,7 +16,7 @@
     
     
         AllowOverride All
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
     
 #    
 #        RMode config
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81-public.stpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81-public.stpl
index 0d6404ec..4116fd42 100644
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81-public.stpl
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81-public.stpl
@@ -17,7 +17,7 @@
     
         AllowOverride All
         SSLRequireSSL
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
 	
     SSLEngine on
     SSLVerifyClient none
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81-public.tpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81-public.tpl
index f2814063..ee319a20 100644
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81-public.tpl
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81-public.tpl
@@ -16,7 +16,7 @@
     
     
         AllowOverride All
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
     
 #    
 #        RMode config
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81.stpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81.stpl
index fb191d03..5822a27a 100644
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81.stpl
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81.stpl
@@ -17,7 +17,7 @@
     
         AllowOverride All
         SSLRequireSSL
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
 	
     SSLEngine on
     SSLVerifyClient none
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81.tpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81.tpl
index 1a02ec15..7864b3a4 100644
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81.tpl
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-81.tpl
@@ -16,7 +16,7 @@
     
     
         AllowOverride All
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
     
 #    
 #        RMode config
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-82-public.stpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-82-public.stpl
index 6afebb6e..809e7f33 100644
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-82-public.stpl
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-82-public.stpl
@@ -17,7 +17,7 @@
     
         AllowOverride All
         SSLRequireSSL
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
 	
     SSLEngine on
     SSLVerifyClient none
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-82-public.tpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-82-public.tpl
index 03e67a3d..679d1409 100644
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-82-public.tpl
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-82-public.tpl
@@ -16,7 +16,7 @@
     
     
         AllowOverride All
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
     
 
     
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-82.stpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-82.stpl
index ed39fad4..e0d04794 100644
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-82.stpl
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-82.stpl
@@ -17,7 +17,7 @@
     
         AllowOverride All
         SSLRequireSSL
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
 	
     SSLEngine on
     SSLVerifyClient none
diff --git a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-82.tpl b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-82.tpl
index 789ee9d3..eba95935 100644
--- a/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-82.tpl
+++ b/src/deb/for-download/tools/apache-fpm-tpl/PHP-FPM-82.tpl
@@ -16,7 +16,7 @@
     
     
         AllowOverride All
-        Options +Includes -Indexes +ExecCGI
+        Options +Includes -Indexes -FollowSymLinks +SymLinksIfOwnerMatch
     
 
     

From c2511876c2a73489a5885efd5ff38af97babb662 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Tue, 2 May 2023 12:59:16 +0200
Subject: [PATCH 1917/2300] --retry-connrefused exception for Debian8

---
 bin/v-add-letsencrypt-domain | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/bin/v-add-letsencrypt-domain b/bin/v-add-letsencrypt-domain
index 7a306ab3..1f1f5a6e 100755
--- a/bin/v-add-letsencrypt-domain
+++ b/bin/v-add-letsencrypt-domain
@@ -21,6 +21,8 @@ if [[ "$LE_STAGING" = 'yes' ]]; then
 	API='https://acme-staging-v02.api.letsencrypt.org'
 fi
 
+deb_release=$(cat /etc/debian_version | tr "." "\n" | head -n1)
+
 # Includes
 source $VESTA/func/main.sh
 source $VESTA/func/domain.sh
@@ -60,7 +62,11 @@ query_le_v2() {
     # Save http response to file passed as "$4" arg or print to stdout if not provided
     # http response headers are always sent to stdout
     local save_to_file=${4:-"/dev/stdout"}
-    curl --location --user-agent "myVesta" --insecure --retry 5 --retry-connrefused --silent --dump-header /dev/stdout --data "$post_data" "$1" --header "$content" --output "$save_to_file"
+    if [ "$deb_release" -gt 8 ]; then
+        curl --location --user-agent "myVesta" --insecure --retry 5 --retry-connrefused --silent --dump-header /dev/stdout --data "$post_data" "$1" --header "$content" --output "$save_to_file"
+    else
+        curl --location --user-agent "myVesta" --insecure --retry 5 --silent --dump-header /dev/stdout --data "$post_data" "$1" --header "$content" --output "$save_to_file"
+    fi
  }
 
 

From ec8e1741588dc9554d07a0d6b2f3a764d461d9d4 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 27 May 2023 19:03:41 +0200
Subject: [PATCH 1918/2300] Update README.md, fixing < char

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 44d414b8..71d9f5a9 100644
--- a/README.md
+++ b/README.md
@@ -39,7 +39,7 @@
           src/deb/for-download/php/php.ini
           web/inc/secure_login.php
         
-        If you didn't set the secret URL during installation, you can do it anytime. Just execute in shell: echo " /usr/local/vesta/web/inc/login_url.php
+        If you didn't set the secret URL during installation, you can do it anytime. Just execute in shell: echo "<?php \$login_url='MY-SECRET-URL';" > /usr/local/vesta/web/inc/login_url.php
       
     
   We disabled dangerous PHP functions in php.ini, so even if, for example, your customer's CMS gets compromised, hacker will not be able to execute shell scripts from within PHP.

From 2afbc2cddfbbc57f296640cb28d89fb29b2526c2 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 4 Jun 2023 16:41:08 +0200
Subject: [PATCH 1919/2300] Patching exim4.conf for: smtputf8_advertise_hosts

---
 install/debian/10/exim/exim4.conf.template |  1 +
 install/debian/11/exim/exim4.conf.template |  1 +
 install/debian/9/exim/exim4.conf.template  |  1 +
 src/deb/vesta/postinst                     | 20 ++++++++++++++++++++
 4 files changed, 23 insertions(+)

diff --git a/install/debian/10/exim/exim4.conf.template b/install/debian/10/exim/exim4.conf.template
index 0e5afaac..8fa12c2d 100644
--- a/install/debian/10/exim/exim4.conf.template
+++ b/install/debian/10/exim/exim4.conf.template
@@ -11,6 +11,7 @@
 disable_ipv6=true
 add_environment=<; PATH=/bin:/usr/bin
 keep_environment=
+smtputf8_advertise_hosts =
 
 domainlist local_domains = dsearch;/etc/exim4/domains/
 domainlist relay_to_domains = dsearch;/etc/exim4/domains/
diff --git a/install/debian/11/exim/exim4.conf.template b/install/debian/11/exim/exim4.conf.template
index 72e3f668..cbc2e75f 100644
--- a/install/debian/11/exim/exim4.conf.template
+++ b/install/debian/11/exim/exim4.conf.template
@@ -11,6 +11,7 @@
 disable_ipv6=true
 add_environment=<; PATH=/bin:/usr/bin
 keep_environment=
+smtputf8_advertise_hosts =
 
 domainlist local_domains = dsearch;/etc/exim4/domains/
 domainlist relay_to_domains = dsearch;/etc/exim4/domains/
diff --git a/install/debian/9/exim/exim4.conf.template b/install/debian/9/exim/exim4.conf.template
index 261947d2..c9344903 100644
--- a/install/debian/9/exim/exim4.conf.template
+++ b/install/debian/9/exim/exim4.conf.template
@@ -11,6 +11,7 @@
 disable_ipv6=true
 add_environment=<; PATH=/bin:/usr/bin
 keep_environment=
+smtputf8_advertise_hosts =
 
 domainlist local_domains = dsearch;/etc/exim4/domains/
 domainlist relay_to_domains = dsearch;/etc/exim4/domains/
diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index 975d12cd..97df816e 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -25,6 +25,26 @@ fi
 echo "1" > /usr/local/vesta/data/upgrades/show_changelog
 chmod a=rw /usr/local/vesta/data/upgrades/show_changelog
 
+# Patching exim4.conf for: smtputf8_advertise_hosts
+if [ "$release" -gt 8 ]; then
+    if [ -f "/etc/exim4/exim4.conf.template" ]; then
+        if ! grep -q 'smtputf8_advertise_hosts' /etc/exim4/exim4.conf.template; then
+            echo 'Patching exim4.conf for: smtputf8_advertise_hosts'
+            sed -i  "/^domainlist local_domains = dsearch;\/etc\/exim4\/domains\//i smtputf8_advertise_hosts =" /etc/exim4/exim4.conf.template
+            systemctl restart exim4
+        fi
+    fi
+fi
+
+# Patching exim4.conf for: Helo name contains a ip address
+if [ -f "/etc/exim4/exim4.conf.template" ]; then
+    if grep -q 'drop    message       = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid' /etc/exim4/exim4.conf.template; then
+        echo 'Patching exim4.conf for: Helo name contains a ip address'
+        patch /etc/exim4/exim4.conf.template < /usr/local/vesta/src/deb/for-download/tools/patches/exim_helo_authenticated.patch
+        sed -i '/telenor\.rs/d' /etc/exim4/exim4.conf.template
+        systemctl restart exim4
+    fi
+fi
 
 # Making sure yescrypt is disabled
 if [ "$release" -eq 11 ]; then

From c3d0c17c518153a6bcb725b0d6842706206bb814 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 4 Jun 2023 17:56:44 +0200
Subject: [PATCH 1920/2300] Redesign of hosting panel

---
 bin/v-list-user-log                       |    8 +-
 bin/v-update-sys-rrd-la                   |    4 +-
 web/add/user/index.php                    |    2 +-
 web/css/styles.fix.css                    | 1001 ++++++
 web/css/styles.fix.css.map                |    1 +
 web/css/styles.min.css                    | 3491 ++++++++++-----------
 web/images/myvesta-large-white-130.png    |  Bin 0 -> 5284 bytes
 web/images/sprite.png                     |  Bin 57521 -> 35005 bytes
 web/images/vesta_logo.png                 |  Bin 5902 -> 5438 bytes
 web/inc/main.php                          |    5 +-
 web/js/fix.js                             |  157 +
 web/js/init.js                            |   20 +-
 web/templates/admin/list_dns_rec.html     |    2 +-
 web/templates/admin/list_server_info.html |    6 +-
 web/templates/admin/list_user.html        |   19 +-
 web/templates/admin/list_weblog.html      |    6 +-
 web/templates/admin/panel.html            |   25 +-
 web/templates/footer.html                 |    3 -
 web/templates/header.html                 |   15 +-
 web/templates/login.html                  |    2 +-
 web/templates/reset_1.html                |    6 +-
 web/templates/reset_2.html                |    6 +-
 web/templates/reset_3.html                |    6 +-
 web/templates/scripts.html                |  161 +
 web/templates/user/list_dns_rec.html      |    2 +-
 web/templates/user/list_user.html         |    2 +-
 web/templates/user/panel.html             |   23 +-
 27 files changed, 3143 insertions(+), 1830 deletions(-)
 create mode 100644 web/css/styles.fix.css
 create mode 100644 web/css/styles.fix.css.map
 create mode 100644 web/images/myvesta-large-white-130.png
 create mode 100644 web/js/fix.js

diff --git a/bin/v-list-user-log b/bin/v-list-user-log
index ca317f7d..6be9f9ae 100755
--- a/bin/v-list-user-log
+++ b/bin/v-list-user-log
@@ -12,6 +12,7 @@
 # Argument definition
 user=$1
 format=${2-shell}
+limit=${3-300}
 
 # Includes
 source $VESTA/func/main.sh
@@ -34,6 +35,9 @@ json_list() {
         "TIME": "'$TIME'",
         "DATE": "'$DATE'"
     }'
+        if [ "$limit" -gt 0 ] && [ "$i" = "$limit" ]; then
+            break;
+        fi
         if [ "$i" -lt "$objects" ]; then
             echo ','
         else
@@ -83,7 +87,7 @@ csv_list() {
 #                    Verifications                         #
 #----------------------------------------------------------#
 
-check_args '1' "$#" 'USER [FORMAT]'
+check_args '1' "$#" 'USER [FORMAT] [LIMIT]'
 is_format_valid 'user'
 is_object_valid 'user' 'USER' "$user"
 
@@ -93,7 +97,7 @@ is_object_valid 'user' 'USER' "$user"
 #----------------------------------------------------------#
 
 # Parsing history log
-logs=$(tail -n 300 $USER_DATA/history.log 2>/dev/null)
+logs=$(tail -n $limit $USER_DATA/history.log | tac)
 
 case $format in
     json)   json_list ;;
diff --git a/bin/v-update-sys-rrd-la b/bin/v-update-sys-rrd-la
index c8266626..860bdec6 100755
--- a/bin/v-update-sys-rrd-la
+++ b/bin/v-update-sys-rrd-la
@@ -74,7 +74,7 @@ rrdtool graph $RRD/la/$period-la.png \
     -c "SHADEA#ffffff" \
     -c "SHADEB#ffffff" \
     -c "FONT#555555" \
-    -c "CANVAS#302c2d" \
+    -c "CANVAS#F2F2F2" \
     -c "GRID#666666" \
     -c "MGRID#AAAAAA" \
     -c "FRAME#777777" \
@@ -82,7 +82,7 @@ rrdtool graph $RRD/la/$period-la.png \
     DEF:la=$RRD/la/la.rrd:LA:AVERAGE \
     DEF:pr=$RRD/la/la.rrd:PR:AVERAGE \
     COMMENT:'\r' \
-    AREA:la#C8EA2E:"LA * 100"\
+    AREA:la#00CD2E:"LA * 100"\
     GPRINT:la:'LAST: Current\:''%8.0lf'  \
     GPRINT:la:'MIN: Min\:''%8.0lf'  \
     GPRINT:la:'MAX: Max\:''%8.0lf\j'  \
diff --git a/web/add/user/index.php b/web/add/user/index.php
index 1ed521e3..04043484 100644
--- a/web/add/user/index.php
+++ b/web/add/user/index.php
@@ -100,7 +100,7 @@ if (!empty($_POST['ok'])) {
     // Flush field values on success
     if (empty($_SESSION['error_msg'])) {
         $_SESSION['ok_msg'] = __('USER_CREATED_OK',htmlentities($_POST['v_username']),htmlentities($_POST['v_username']));
-        $_SESSION['ok_msg'] .= " / " . __('login as') ." ".htmlentities($_POST['v_username']). "";
+        $_SESSION['ok_msg'] .= " / " . __('login as') ." ".htmlentities($_POST['v_username']). "";
         unset($v_username);
         unset($v_password);
         unset($v_email);
diff --git a/web/css/styles.fix.css b/web/css/styles.fix.css
new file mode 100644
index 00000000..5fbdb6ec
--- /dev/null
+++ b/web/css/styles.fix.css
@@ -0,0 +1,1001 @@
+body {
+  background: #f0f3f5;
+  color: #58666f;
+  font-family: 'Source Sans Pro', sans-serif;
+}
+b, strong {
+  color: #58666f;
+}
+.l-percent {
+  border-bottom: none;
+  margin-top: 1px;
+  width: 200px;
+  background: #e4eaed;
+}
+.l-percent__fill {
+  background-color: #2ac34e;
+  bottom: 0;
+}
+.to-top {
+  z-index: 100;
+  top: unset;
+  bottom: 30px;
+  right: 85px;
+}
+.to-shortcuts {
+  z-index: 100;
+  top: unset;
+  bottom: 30px;
+  right: 130px;
+}
+.shortcuts {
+  right: calc(50% - 400px);
+  bottom: calc(50% - 213px);
+}
+.l-separator {
+  display: none;
+}
+.l-header {
+  position: fixed;
+  width: calc(100% - 40px);
+  z-index: 99;
+  background: #fff;
+  box-shadow: 0 2px 2px rgba(0, 0, 0, 0.05), 0 1px 0 rgba(0, 0, 0, 0.05);
+  color: #58666f;
+  height: 50px;
+  padding: 0 20px;
+  margin-bottom: unset;
+}
+.l-header a {
+  color: #58666f;
+  font-size: 14px;
+}
+.l-header a:hover {
+  color: #58666f;
+}
+.l-header .l-center {
+  max-width: none !important;
+}
+.l-header .l-center .l-logo {
+  background-position: -65px -182px;
+  /* background-position: -125px -478px; */
+  background-repeat: no-repeat;
+  display: block;
+  height: 40px;
+  margin-top: 0;
+  width: 80px;
+  /* width: 42px; */
+  margin-left: 0;
+  background-size: 235px 325px;
+  position: relative;
+  top: 5px;
+  left: 0;
+  float: left;
+  padding-right: 20px;
+}
+.l-header .l-center .l-menu {
+  position: unset;
+  margin-left: unset;
+}
+.l-header .l-center .l-menu .l-menu__item a {
+  line-height: 50px;
+  padding: 0 18px;
+  display: inline-block;
+}
+.l-header .l-center .l-menu .l-menu__item a:hover {
+  background-color: rgba(0, 0, 0, 0.05);
+}
+.l-header .l-center .l-menu .l-menu__item a:active {
+  background-color: rgba(0, 0, 0, 0.05);
+}
+.l-header .l-center .l-menu .l-menu__item.l-menu__item--active a {
+  color: unset;
+  font-size: unset;
+  font-weight: unset;
+  text-transform: unset;
+  background-color: rgba(0, 0, 0, 0.05);
+}
+.l-header .l-center .l-profile .l-profile__notifications {
+  margin-top: 13px;
+}
+.l-header .l-center .l-profile .l-profile__notifications:hover {
+  background-color: rgba(0, 0, 0, 0.05);
+}
+.l-header .l-center .l-profile .l-profile__username {
+  padding: 15px 0 0 10px;
+}
+.l-header .l-center .l-profile .l-profile__logout {
+  padding: 15px 0 0 10px;
+}
+.l-header > .l-center {
+  margin-left: 200px;
+}
+.l-content {
+  position: relative;
+  top: 50px;
+}
+.l-content + div {
+  right: 100px !important;
+  top: unset !important;
+  bottom: 40px !important;
+}
+.l-content + div div {
+  background-color: #e4eaed !important;
+  padding: 10px;
+  border-radius: 5px;
+}
+.l-content .l-center {
+  max-width: none !important;
+}
+.l-content .l-center .l-stat {
+  display: block;
+  position: fixed;
+  z-index: 100;
+  padding-top: 0 !important;
+  width: 200px;
+  height: 100%;
+  top: 0;
+  margin-top: 0;
+  background: #1c2b35;
+  overflow-y: scroll;
+  scrollbar-width: thin;
+  /* Firefox */
+  -ms-overflow-style: scrollbar;
+  /* Internet Explorer 10+ */
+  /* width */
+}
+.l-content .l-center .l-stat::-webkit-scrollbar {
+  display: block;
+  width: 7px;
+  /* Track */
+}
+.l-content .l-center .l-stat::-webkit-scrollbar-track {
+  background: rgba(255, 255, 255, 0);
+  /* Handle */
+}
+.l-content .l-center .l-stat::-webkit-scrollbar-thumb {
+  background: rgba(255, 255, 255, 0.15);
+}
+.l-content .l-center .l-stat:hover {
+  /* Handle on hover */
+}
+.l-content .l-center .l-stat:hover::-webkit-scrollbar-thumb {
+  background: rgba(255, 255, 255, 0.4);
+}
+.l-content .l-center .l-stat .l-stat__col--active ul {
+    display: block !important;
+}
+.l-content .l-center .l-stat .l-stat__col--active {
+  background: #131e27;
+}
+.l-content .l-center .l-stat .l-stat__col--active a {
+  border-bottom: 2px solid #131e27;
+}
+.l-content .l-center .l-stat .l-stat__col--active a .l-stat__col-title {
+  background: #16232d;
+  color: white !important;
+  font-size: 20px;
+  font-weight: 400;
+  margin-top: unset;
+  letter-spacing: unset;
+  margin-right: unset;
+}
+.l-content .l-center .l-stat .l-stat__col--active span {
+    display: none;
+}
+.l-content .l-center .l-stat .focus {
+  background: #5e5e5e;
+}
+.l-content .l-center .l-stat .focus a {
+  border-bottom: 2px solid #131e27;
+}
+.l-content .l-center .l-stat .focus a ul li {
+  color: #c2e5ff !important;
+}
+.l-content .l-center .l-stat .focus a .l-stat__col-title {
+  background: #5e5e5e;
+  color: #c4d0d8;
+  font-size: 20px;
+  font-weight: 400;
+  margin-top: unset;
+  letter-spacing: unset;
+  margin-right: unset;
+}
+.l-content .l-center .l-stat .l-stat__col {
+  display: block;
+  float: unset;
+}
+.l-content .l-center .l-stat .l-stat__col:hover .l-stat__col-title {
+  color: #fff;
+}
+.l-content .l-center .l-stat .l-stat__col:hover .l-stat__col-title:after {
+  color: #fff;
+}
+.l-content .l-center .l-stat .l-stat__col a {
+  height: unset !important;
+  min-height: unset !important;
+  display: block;
+  width: unset;
+  border-bottom: 2px solid #131e27;
+  background-color: transparent;
+  padding-left: unset;
+  padding-bottom: 10px;
+  padding-top: unset;
+  margin-top: unset;
+}
+.l-content .l-center .l-stat .l-stat__col a .l-stat__col-title {
+  min-height: unset !important;
+  color: #869fb2;
+  font-size: 20px;
+  font-weight: 400;
+  padding: 15px 15px 15px 20px;
+  margin-bottom: 0;
+  margin-top: 0 !important;
+}
+.l-content .l-center .l-stat .l-stat__col a .l-stat__col-title:after {
+  font-family: 'Font Awesome 5 Free';
+  font-weight: bold;
+  content: "\f054";
+  float: right;
+  font-size: 10px;
+  color: #5c798f;
+  margin-top: 8px;
+  margin-right: 26px;
+}
+.l-content .l-center .l-stat .l-stat__col a .l-stat__col-title:before {
+  font-family: 'Font Awesome 5 Free';
+  font-weight: bold;
+  content: "\f233";
+  padding-right: 10px;
+  font-size: 17px;
+}
+
+.l-content .l-center .l-stat .l-stat__col--active a .l-stat__col-title:after {
+    margin-right: 26px;
+}
+
+.l-content .l-center .l-stat .l-stat__col a ul {
+  margin: 0;
+  display: none;
+}
+.l-content .l-center .l-stat .l-stat__col a ul li {
+  color: #92adc2;
+  margin-bottom: unset;
+  padding: 10px 20px 10px 20px;
+  font-size: 14px;
+}
+.l-content .l-center .l-stat .l-stat__col a ul li span {
+  float: right;
+  padding: 3px 5px 4px 5px;
+  font-size: 13px;
+  color: #fff;
+  background-color: #27c54e;
+  font-weight: 700;
+  text-shadow: 0 1px 0 rgba(0, 0, 0, 0.2);
+  display: inline-block;
+  min-width: 10px;
+  line-height: 1;
+  text-align: center;
+  white-space: nowrap;
+  vertical-align: baseline;
+  border-radius: 0.25em;
+  left: 140px;
+}
+.l-content .l-center .l-stat .l-stat__col a ul li:first-child span {
+  float: right;
+  padding: 3px 5px 4px 5px;
+  font-size: 13px;
+  color: #fff;
+  background-color: #34b5dd;
+  font-weight: 700;
+  text-shadow: 0 1px 0 rgba(0, 0, 0, 0.2);
+  display: inline-block;
+  min-width: 10px;
+  line-height: 1;
+  text-align: center;
+  white-space: nowrap;
+  vertical-align: baseline;
+  border-radius: 10px;
+}
+.l-content .l-center .l-stat .l-stat__col a ul li:before {
+  font-family: 'Font Awesome 5 Free';
+  font-weight: bold;
+  content: "\f03a";
+  padding-right: 15px;
+}
+.l-content .l-center .l-stat .l-stat__col:nth-of-type(1) a .l-stat__col-title:before {
+  content: "\f500";
+}
+.l-content .l-center .l-stat .l-stat__col:nth-of-type(1) a ul li:nth-of-type(1):before {
+  content: "\f0a0";
+}
+.l-content .l-center .l-stat .l-stat__col:nth-of-type(1) a ul li:nth-of-type(2):before {
+  content: "\f75b";
+}
+.l-content .l-center .l-stat .l-stat__col:nth-of-type(1) a ul li:nth-of-type(3):before {
+  content: "\f05e";
+}
+.l-content .l-center .l-stat .l-stat__col:nth-of-type(2) a .l-stat__col-title:before {
+  content: "\f233";
+}
+.l-content .l-center .l-stat .l-stat__col:nth-of-type(2) a ul li:nth-of-type(1):before {
+  content: "\f0ac";
+}
+.l-content .l-center .l-stat .l-stat__col:nth-of-type(2) a ul li:nth-of-type(2):before {
+  content: "\f0c5";
+}
+.l-content .l-center .l-stat .l-stat__col:nth-of-type(2) a ul li:nth-of-type(3):before {
+  content: "\f05e";
+}
+.l-content .l-center .l-stat .l-stat__col:nth-of-type(3) a .l-stat__col-title:before {
+  content: "\f6ff";
+}
+.l-content .l-center .l-stat .l-stat__col:nth-of-type(3) a ul li:nth-of-type(1):before {
+  content: "\f0ac";
+}
+.l-content .l-center .l-stat .l-stat__col:nth-of-type(3) a ul li:nth-of-type(2):before {
+  content: "\f303";
+}
+.l-content .l-center .l-stat .l-stat__col:nth-of-type(3) a ul li:nth-of-type(3):before {
+  content: "\f05e";
+}
+.l-content .l-center .l-stat .l-stat__col:nth-of-type(4) a .l-stat__col-title:before {
+  content: "\f674";
+}
+.l-content .l-center .l-stat .l-stat__col:nth-of-type(4) a ul li:nth-of-type(1):before {
+  content: "\f0ac";
+}
+.l-content .l-center .l-stat .l-stat__col:nth-of-type(4) a ul li:nth-of-type(2):before {
+  content: "\f2bb";
+}
+.l-content .l-center .l-stat .l-stat__col:nth-of-type(4) a ul li:nth-of-type(3):before {
+  content: "\f05e";
+}
+.l-content .l-center .l-stat .l-stat__col:nth-of-type(5) a .l-stat__col-title:before {
+  content: "\f1c0";
+}
+.l-content .l-center .l-stat .l-stat__col:nth-of-type(5) a ul li:nth-of-type(1):before {
+  content: "\f1c0";
+}
+.l-content .l-center .l-stat .l-stat__col:nth-of-type(5) a ul li:nth-of-type(2):before {
+  content: "\f05e";
+}
+.l-content .l-center .l-stat .l-stat__col:nth-of-type(5) a ul li:nth-of-type(3):before {
+  content: "\f05e";
+}
+.l-content .l-center .l-stat .l-stat__col:nth-of-type(6) a .l-stat__col-title:before {
+  content: "\f120";
+}
+.l-content .l-center .l-stat .l-stat__col:nth-of-type(6) a ul li:nth-of-type(1):before {
+  content: "\f120";
+}
+.l-content .l-center .l-stat .l-stat__col:nth-of-type(6) a ul li:nth-of-type(2):before {
+  content: "\f05e";
+}
+.l-content .l-center .l-stat .l-stat__col:nth-of-type(6) a ul li:nth-of-type(3):before {
+  content: "\f05e";
+}
+.l-content .l-center .l-stat .l-stat__col:nth-of-type(7) a .l-stat__col-title:before {
+  content: "\f019";
+}
+.l-content .l-center .l-stat .l-stat__col:nth-of-type(7) a ul li:nth-of-type(1):before {
+  content: "\f019";
+}
+.l-content .l-center .l-stat .l-stat__col:nth-of-type(7) a ul li:nth-of-type(2):before {
+  content: "\f05e";
+}
+.l-content .l-center .l-stat .l-stat__col:nth-of-type(7) a ul li:nth-of-type(3):before {
+  content: "\f05e";
+}
+.l-content .l-center .l-sort {
+  padding: 0 20px;
+  position: relative;
+  z-index: 98;
+  width: auto;
+  margin-top: unset !important;
+  background-color: #f6f8f8;
+  border-bottom: 1px solid #dee5e8;
+  margin-bottom: 30px;
+}
+.l-content .l-center .l-sort .l-sort__create-btn {
+  bottom: -20px;
+}
+.l-content .l-center .l-sort .context-menu {
+  top: 77px;
+}
+.l-content .l-center .l-sort .l-sort-toolbar {
+  padding: 24px 0 22px 0;
+  color: #98a6ac;
+}
+.l-content .l-center .l-sort .l-sort-toolbar .l-select {
+  border-radius: 3px 0 0 3px;
+  background: #fff;
+  border: 1px solid #dee5e8;
+}
+.l-content .l-center .l-sort .l-sort-toolbar .l-sort-toolbar__filter-apply {
+  border-radius: 0 3px 3px 0;
+}
+.l-content .l-center .l-sort .l-sort-toolbar table tbody tr .l-sort-toolbar__search-box form .search-input {
+  border-radius: 3px 0 0 3px;
+  border: 1px solid #dee5e8;
+}
+.l-content .l-center .l-sort .l-sort-toolbar table tbody tr .l-sort-toolbar__search-box form .l-sort-toolbar__search {
+  border-radius: 0 3px 3px 0;
+}
+.l-content .l-center .l-sort .l-sort-toolbar table tbody tr .sort-by {
+  padding-left: 30px;
+}
+.l-content .l-center .l-unit {
+  padding: 0 0 0 15px;
+  overflow: hidden;
+  margin: 0px 20px 20px 20px;
+  background: #fff;
+  border-radius: 3px;
+  border-bottom: none !important;
+  border-left: none !important;
+  color: #98a6ac;
+  font-size: 14px;
+}
+.l-content .l-center .l-unit.selected {
+  background-color: #e4eaed;
+}
+.l-content .l-center .l-unit--suspended {
+  background-color: #eaeaea !important;
+}
+.l-content .l-center .l-unit.selected .l-percent {
+  border-bottom: none;
+  margin-top: 1px;
+  width: 200px;
+  background: #cbd3d7;
+}
+.l-content .l-center .l-unit .l-unit-toolbar .l-unit-toolbar__col.l-unit-toolbar__col--right {
+  position: relative;
+  top: 20px;
+  right: 20px;
+  display: block;
+}
+.l-content .l-center .l-unit .l-unit-toolbar .l-unit-toolbar__col.l-unit-toolbar__col--right .actions-panel__col {
+  margin-left: 10px;
+  border-radius: 3px;
+  overflow: hidden;
+  border-right: none;
+  background-color: #dde6e8;
+}
+.l-content .l-center .l-unit .l-unit-toolbar .l-unit-toolbar__col.l-unit-toolbar__col--right .actions-panel__col a {
+  font-weight: 500;
+}
+.l-content .l-center .l-unit .l-unit-toolbar .l-unit-toolbar__col .check-label:before {
+  z-index: 97;
+}
+.l-content .l-center .l-unit .l-unit__col .l-unit__name {
+  color: #34b5dd;
+  font-weight: 500;
+  font-size: 24px;
+  margin-bottom: unset;
+}
+.l-content .l-center .l-unit .l-unit__col .l-unit__ip {
+  font-size: 18px;
+}
+.l-content .l-center .l-unit .l-unit__col .l-unit__date {
+  letter-spacing: unset;
+  display: inline-block;
+  border-bottom: solid 10px #ffeb0087;
+  line-height: 3px;
+  padding: 0 0px;
+  margin-bottom: 30px;
+  font-weight: 400;
+  font-size: 16px;
+}
+.l-content .l-center .l-unit .l-unit__col .l-unit__stats td {
+  height: 27px;
+}
+.l-content .l-center .io-box {
+  overflow: hidden;
+  margin: 20px 20px 0px 20px;
+  color: #98a6ac;
+}
+.l-content .l-center .io-box .io-box-left {
+  float: left;
+  width: calc(100% - 800px);
+  min-width: 410px;
+  text-align: center;
+}
+.l-content .l-center .io-box .io-box-left .io-box-left-items {
+  float: left;
+  width: calc(50% - 20px);
+  height: 137px;
+  margin-right: 20px;
+  margin-bottom: 20px;
+  background: #fff;
+  border-radius: 3px;
+}
+.l-content .l-center .io-box .io-box-left .io-box-left-items a {
+  display: block;
+  font-size: 36px;
+  font-weight: 300;
+  margin-top: 32px;
+}
+.l-content .l-center .io-box .io-box-left .io-1-homepage-block {
+  color: #98a6ac;
+}
+.l-content .l-center .io-box .io-box-left .io-1-homepage-block a {
+  color: #34b5dd;
+}
+.l-content .l-center .io-box .io-box-left .io-2-homepage-block {
+  color: #b4efc2;
+  background-color: #27c54e;
+}
+.l-content .l-center .io-box .io-box-left .io-2-homepage-block a {
+  color: #ecfff1;
+}
+.l-content .l-center .io-box .io-box-left .io-3-homepage-block {
+  color: #b0e1f1;
+  background-color: #34b5dd;
+}
+.l-content .l-center .io-box .io-box-left .io-3-homepage-block a {
+  color: #dcf2f8;
+}
+.l-content .l-center .io-box .io-box-left .io-4-homepage-block {
+  color: #98a6ac;
+}
+.l-content .l-center .io-box .io-box-left .io-4-homepage-block a {
+  color: #58666f;
+}
+.l-content .l-center .io-box .io-box-left .io-5-homepage-block {
+  width: calc(100% - 20px);
+  color: #98a6ac;
+  background: #e4eaed;
+}
+.l-content .l-center .io-box .io-box-left .io-5-homepage-block a {
+  color: #27c54e;
+}
+.l-content .l-center .io-box .io-box-left .io-5-homepage-block:before {
+  font-family: 'Font Awesome 5 Free';
+  font-weight: bold;
+  font-size: 32px;
+  background: #dde6e8;
+  height: 121px;
+  width: 115px;
+  line-height: 90px;
+  content: "\f581";
+  color: #fff;
+  float: left;
+  border-radius: 5px 0 0 5px;
+  padding-top: 16px;
+}
+.l-content .l-center .io-box .io-box-right {
+  float: right;
+  width: 800px;
+  background: #fff;
+  height: 450px;
+  overflow: hidden;
+  border-radius: 3px;
+  text-align: center;
+}
+.l-content .l-center .io-box .io-box-right img {
+  margin-top: 8px;
+  width: 767px;
+  height: 433px;
+  position: relative;
+}
+.l-content .l-center .l-unit-ft {
+  padding: 0 0 37px 15px;
+  overflow: hidden;
+  margin: 0px 20px 19px 20px;
+  background: #e4eaed;
+  border-radius: 3px;
+  border-bottom: none !important;
+  border-left: none !important;
+  position: relative;
+  color: #a6b0b4;
+  font-weight: bold;
+  text-transform: uppercase;
+  font-size: 11px;
+}
+.l-content .l-center .l-unit-ft:before {
+  font-family: "Font Awesome 5 Free";
+  font-weight: bold;
+  font-size: 32px;
+  background: #dde6e8;
+  height: 100%;
+  width: 90px;
+  line-height: 108px;
+  content: "\f05a";
+  color: #fff;
+  float: left;
+  border-radius: 5px 0 0 5px;
+  position: absolute;
+  left: 0;
+  text-align: center;
+}
+.l-content .l-center .l-unit-ft .data {
+  margin: 0 0 50px 0;
+}
+.l-content .l-center #vstobjects {
+  padding: 0 0 0 15px;
+  overflow: hidden;
+  margin: 0px 20px 20px 20px;
+  background: #fff;
+  border-radius: 3px;
+  border-bottom: none !important;
+  border-left: none !important;
+  color: #98a6ac;
+  font-size: 14px;
+}
+.l-content .l-center #vstobjects .data-date {
+  color: #98A6AC;
+  letter-spacing: unset;
+  display: inline-block;
+  border-bottom: solid 10px #ffeb0087;
+  line-height: 3px;
+  padding: 0 0px;
+  margin-bottom: 30px;
+  font-weight: 400;
+  font-size: 16px;
+}
+.l-content .l-center .vst-text.step-top.helper-container {
+  margin-bottom: unset;
+  margin-top: 0;
+  float: unset;
+  height: auto;
+  width: auto;
+}
+.l-content .l-center .vst-text.step-top.helper-container #tabs.cron-helper-tabs {
+  padding: 0 0 0 15px;
+  overflow: hidden;
+  margin: 0 20px 20px 20px;
+  background: #fff;
+  border-radius: 3px;
+  border-bottom: none !important;
+  border-left: none !important;
+  color: #98a6ac;
+  font-size: 14px;
+  border: none !important;
+}
+.l-content > .units.l-center::before {
+  content: '';
+  display: block;
+  height: 0;
+}
+.l-content > .l-center {
+  margin-left: 200px;
+  margin-right: 40px;
+}
+.l-content > .l-center:first-child {
+  margin-left: 0;
+}
+.l-content #vstobjects > .l-center {
+  margin-left: 200px;
+  margin-right: 40px;
+  padding-top: 0;
+  padding-bottom: 1px;
+}
+.l-content .io-log {
+  color: #58666f;
+  border-left: 1px solid #dee5e8;
+  width: 240px;
+  position: fixed;
+  display: block;
+  /*overflow-scrolling: auto;*/
+  z-index: 98;
+  top: 50px;
+  right: -200px;
+  background: #fff;
+  word-break: break-word;
+  overflow: hidden;
+  border-right: 10px solid #e3e3e3;
+  box-sizing: border-box;
+  /* Firefox */
+  /* width */
+}
+.l-content .io-log::-webkit-scrollbar {
+  width: 7px;
+  /* Track */
+}
+.l-content .io-log::-webkit-scrollbar-track {
+  background: rgba(255, 255, 255, 0);
+  /* Handle */
+}
+.l-content .io-log::-webkit-scrollbar-thumb {
+  background: rgba(0, 0, 0, 0.15);
+  border-radius: 7px;
+  /* Handle on hover */
+}
+.l-content .io-log::-webkit-scrollbar-thumb:hover {
+  background: rgba(0, 0, 0, 0.4);
+  border-radius: 7px;
+}
+.l-content .io-log > * {
+  margin: 0 20px;
+}
+.l-content .io-log h2 {
+  margin: 0 0 20px 0;
+  padding-left: 20px;
+  font-size: 24px;
+  font-weight: 300;
+  line-height: 60px;
+  color: #98a6ac;
+  border-bottom: 1px solid #dee5e8;
+  cursor: pointer;
+}
+.l-content .io-log h2:before {
+  font-family: "Font Awesome 5 Free";
+  font-weight: bold;
+  content: "\f15c";
+  padding-right: 10px;
+  font-size: 17px;
+}
+.l-content .io-log > div {
+  /* border-left: solid 1px #dee5e8; */
+  padding-left: 15px;
+  position: relative;
+  margin-left: 25px;
+}
+.l-content .io-log > div > div {
+  position: relative;
+  margin-bottom: 25px;
+}
+.l-content .io-log > div > div > div:nth-of-type(2) {
+  color: #98a6ac;
+  font-size: 13px;
+  margin-bottom: 5px;
+}
+.l-content .io-log > div > div > div:nth-of-type(3) {
+  color: #98a6ac;
+  font-size: 13px;
+  margin-bottom: 5px;
+}
+.l-content .io-log > div > div:before {
+  content: '';
+  position: absolute;
+  height: 100%;
+  width: 7px;
+  border-radius: 10px;
+  border: solid 1px #dee5e8;
+  background: #e0fff9;
+  left: -20px;
+}
+.l-content .io-log > div > div:first-child(1n):before {
+  background: #e0fff9;
+}
+.l-content .io-log > div > div:nth-child(2n):before {
+  background: #fbffe0;
+}
+.l-content .io-log > div > div:nth-child(3n):before {
+  background: #fbffe0;
+}
+.l-content .io-log > div > div:nth-child(4n):before {
+  background: #fbffe0;
+}
+.l-content .io-log > div > div:nth-child(5n):before {
+  background: #fbffe0;
+}
+
+
+.l-content .io-log2 {
+  color: #58666f;
+  border-left: 1px solid #dee5e8;
+  border-top: 1px solid #cecece;
+  width: 240px;
+  position: fixed;
+  height: 100%;
+  display: block;
+  /*overflow-scrolling: auto;*/
+  z-index: 98;
+  top: 380px;
+  right: -200px;
+  background: #fff;
+  word-break: break-word;
+  overflow-y: scroll;
+  scrollbar-width: thin;
+  box-sizing: border-box;
+  /* Firefox */
+  /* width */
+}
+.l-content .io-log2::-webkit-scrollbar {
+  width: 7px;
+  /* Track */
+}
+.l-content .io-log2::-webkit-scrollbar-track {
+  background: rgba(255, 255, 255, 0);
+  /* Handle */
+}
+.l-content .io-log2::-webkit-scrollbar-thumb {
+  background: rgba(0, 0, 0, 0.15);
+  border-radius: 7px;
+  /* Handle on hover */
+}
+.l-content .io-log2::-webkit-scrollbar-thumb:hover {
+  background: rgba(0, 0, 0, 0.4);
+  border-radius: 7px;
+}
+.l-content .io-log2 > * {
+  margin: 0 20px;
+}
+.l-content .io-log2 h2 {
+  margin: 0 0 20px 0;
+  padding-left: 20px;
+  font-size: 24px;
+  font-weight: 300;
+  line-height: 60px;
+  color: #98a6ac;
+  border-bottom: 1px solid #dee5e8;
+  cursor: pointer;
+}
+.l-content .io-log2 h2:before {
+  font-family: "Font Awesome 5 Free";
+  font-weight: bold;
+  content: "\f15c";
+  padding-right: 10px;
+  font-size: 17px;
+}
+.l-content .io-log2 > div {
+  border-left: solid 1px #dee5e8;
+  padding-left: 15px;
+  position: relative;
+  margin-left: 25px;
+}
+.l-content .io-log2 > div > div {
+  position: relative;
+  margin-bottom: 25px;
+}
+.l-content .io-log2 > div > div > div:nth-of-type(2) {
+  color: #98a6ac;
+  font-size: 12px;
+  margin-bottom: 5px;
+}
+.l-content .io-log2 > div > div:before {
+  content: '';
+  position: absolute;
+  height: 100%;
+  width: 7px;
+  border-radius: 10px;
+  border: solid 1px #dee5e8;
+  background: #fff;
+  left: -20px;
+}
+.l-content .io-log2 > div > div:nth-child(2n):before {
+  border: solid 1px #27c54e;
+}
+.l-content .io-log2 > div > div:nth-child(3n):before {
+  border: solid 1px #27bbc5;
+}
+.l-content .io-log2 > div > div:nth-child(4n):before {
+  border: solid 1px #275bc5;
+}
+.l-content .io-log2 > div > div:nth-child(5n):before {
+  border: solid 1px #ffcc00;
+}
+
+
+#tooltip {
+  background-color: #34b5dd;
+}
+.l-sort__create-btn.edit:hover #tooltip {
+  background-color: #49c8ef;
+}
+.l-sort__create-btn.edit:active #tooltip {
+  background-color: #00d8ff !important;
+}
+.l-sort__create-btn:active #tooltip {
+  background-color: #00d8ff;
+}
+.body-login, .body-reset {
+  background-color: #f0f3f5;
+}
+.body-login .login, .body-reset .login {
+  font-family: Arial, Helvetica, sans-serif;
+  border: 1px solid #e7ecee;
+  border-radius: 10px;
+  overflow: hidden;
+  position: relative;
+  padding: 35px 35px 10px 35px;
+  display: block;
+  width: 420px;
+  box-shadow: 0 2px 2px rgba(0, 0, 0, 0.05), 0 1px 0 rgba(0, 0, 0, 0.05);
+}
+.body-login .login > tbody > tr > td > table > tbody > tr:nth-of-type(1) > td:nth-of-type(1), .body-reset .login > tbody > tr > td > table > tbody > tr:nth-of-type(1) > td:nth-of-type(1) {
+  position: absolute;
+  text-align: center;
+  width: calc(100% - 46px);
+}
+/*
+.body-login .login > tbody > tr > td > table > tbody > tr:nth-of-type(1) > td:nth-of-type(1) a, .body-reset .login > tbody > tr > td > table > tbody > tr:nth-of-type(1) > td:nth-of-type(1) a {
+  background-image: url(/images/sprite.png?1446554103);
+  background-position: -65px -182px;
+  background-repeat: no-repeat;
+  display: inline-block;
+  height: 40px;
+  margin-top: 0;
+  width: 80px;
+  margin-left: 0;
+  background-size: 235px 325px;
+  position: relative;
+}
+*/
+/*
+.body-login .login > tbody > tr > td > table > tbody > tr:nth-of-type(1) > td:nth-of-type(1) a img, .body-reset .login > tbody > tr > td > table > tbody > tr:nth-of-type(1) > td:nth-of-type(1) a img {
+  display: none;
+}
+*/
+.body-login .login > tbody > tr > td > table > tbody > tr:nth-of-type(1) > td:nth-of-type(2), .body-reset .login > tbody > tr > td > table > tbody > tr:nth-of-type(1) > td:nth-of-type(2) {
+  position: relative;
+  padding: 65px 0 0 0 !important;
+}
+.body-login .login > tbody > tr > td > table > tbody > tr:nth-of-type(1) > td:nth-of-type(2) .vst-input, .body-reset .login > tbody > tr > td > table > tbody > tr:nth-of-type(1) > td:nth-of-type(2) .vst-input {
+  padding: 5px 10px;
+  margin: 0;
+  width: 320px !important;
+  margin-top: 7px;
+  border-radius: 3px;
+  border: solid 1px #d3d9e2;
+}
+.body-login .login > tbody > tr > td > table > tbody > tr:nth-of-type(1) > td:nth-of-type(2) .button, .body-reset .login > tbody > tr > td > table > tbody > tr:nth-of-type(1) > td:nth-of-type(2) .button, .body-login .login > tbody > tr > td > table > tbody > tr:nth-of-type(1) > td:nth-of-type(2) .button:hover, .body-reset .login > tbody > tr > td > table > tbody > tr:nth-of-type(1) > td:nth-of-type(2) .button:hover, .body-login .login > tbody > tr > td > table > tbody > tr:nth-of-type(1) > td:nth-of-type(2) .button:active, .body-reset .login > tbody > tr > td > table > tbody > tr:nth-of-type(1) > td:nth-of-type(2) .button:active {
+  width: 100% !important;
+  border: 1px solid #27c54e;
+  background-color: #27c54e;
+  color: #f4f3f9;
+  margin-bottom: 20px;
+}
+.body-login .login > tbody > tr > td > table > tbody > tr:nth-of-type(2) .login-bottom, .body-reset .login > tbody > tr > td > table > tbody > tr:nth-of-type(2) .login-bottom {
+  width: auto;
+  text-align: center;
+  padding-bottom: unset;
+  padding: 0;
+}
+.body-login .login-box .vst-advanced, .body-reset .login-box .vst-advanced {
+  color: #34b5dd;
+}
+.body-web-log .l-header > .l-center {
+  margin-left: 0;
+}
+.l-stat__col span {
+    padding: 4px 0;
+    font-size: 15px;
+    position: fixed;
+    display: inline-block;
+    left: 159px;
+}
+.l-sort__create-btn2 {
+    background-image: url("/images/sprite.png?1446554103");
+    background-position: -331px -107px;
+    background-repeat: no-repeat;
+    display: inline-block;
+    height: 45px;
+    width: 45px;
+}
+/*
+.ui-resizable-handle {
+    background-color: #333 !important;
+}
+*/
+/*
+div.ui-dialog div {
+    background-color: #333 !important;
+}
+*/
+div.ui-dialog > div {
+    background-color: #333 !important;
+}
+div.ui-dialog > div div {
+    background-color: #333 !important;
+}
+/*
+div.ui-dialog > div > div {
+    background-color: #333 !important;
+}
+div.ui-dialog + div {
+    background-color: #333 !important;
+}
+div.ui-dialog + div div{
+    background-color: #333 !important;
+}
+*/
+/*
+.ui-dialog-titlebar {
+    background-color: #333 !important;
+}
+.ui-dialog-buttonpane {
+    background-color: #333 !important;
+}
+*/
diff --git a/web/css/styles.fix.css.map b/web/css/styles.fix.css.map
new file mode 100644
index 00000000..c6718a78
--- /dev/null
+++ b/web/css/styles.fix.css.map
@@ -0,0 +1 @@
+{"version":3,"sourceRoot":"","sources":["styles.fix.scss"],"names":[],"mappings":";AAAA;EACI;EACA;EACA;;;AAMJ;EACI;;;AAGJ;EACI;EACA;EACA;EACA;;;AAGJ;EACI;EACA;;;AAGJ;EACI;EACA;EACA;EACA;;AAOJ;EACI;EACA;EACA;EACA;;AAOJ;EACI;EACA;;;AAGJ;EACI;;;AAGJ;EACI;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EAEA;;AAEA;EACI;EACA;;AAEA;EACI;;AAMR;EACI;;AAEA;EACI;AACA;EACA;EACA;EACA;EACA;EACA;AACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;;AAGJ;EACI;EACA;;AAII;EACI;EACA;EACA;;AAEA;EACI;;AAEJ;EACI;;AAMJ;EACI;EACA;EACA;EACA;EACA;;AAQZ;EACI;;AAEA;EACI;;AAIR;EACI;;AAGJ;EACI;;AAKZ;EACI;;;AAQR;EACI;EACA;;AAEA;EACI;;AAEA;EACI;EACA;EAGA;EACA;EACA;EACA;EACA;EACA;EACA;EAyCA;EAEA;AAAwB;EACxB;AAAgC;AAEhC;AAMA;AAKA;;AAVA;EACI;EACA;;AAIJ;EACI;;AAIJ;EACI;;AAIJ;AACI;;AACA;EACI;;AAKR;EAEI;EAKA;EACA;EACA;EACA;EACA;EAGA;EACA;;AAIJ;EACI;;AAEA;EACI;;AAEA;EACI;EACA;EACA;EACA;EACA;EACA;EACA;;AAQZ;EACI;EACA;;AAII;EACI;;AAEA;EACI;;AAMZ;EACI;EACA;EAEA;EACA;EACA;EACA;EACA;EACA;EAEA;EACA;;AAEA;EACI;EACA;EACA;EACA;EACA;EACA;EACA;;AAEA;EACI;EACA;EACA;EACA;EACA;EACA;EACA;;AAGJ;EACI;EACA;EACA;EACA;EACA;;AAIR;EACI;;AAEA;EAEI;EACA;EACA;;AAEA;EACI;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EAIA;EAEA;EACA;EACA;EAEA;;AA8BA;EACI;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EAIA;EAEA;EACA;EACA;EAEA;;AAIR;EACI;EACA;EACA;EACA;;AASR;EACI;;AAKA;EACI;;AAEJ;EAEI;;AAEJ;EACI;;AAQR;EACI;;AAKA;EACI;;AAEJ;EACI;;AAEJ;EACI;;AAQR;EACI;;AAKA;EACI;;AAEJ;EACI;;AAEJ;EACI;;AAQR;EACI;;AAKA;EACI;;AAEJ;EACI;;AAEJ;EACI;;AAQR;EACI;;AAKA;EACI;;AAEJ;EACI;;AAEJ;EACI;;AAQR;EACI;;AAKA;EACI;;AAEJ;EACI;;AAEJ;EACI;;AAQR;EACI;;AAKA;EACI;;AAEJ;EACI;;AAEJ;EACI;;AAWxB;EACI;EACA;EACA;EACA;EACA;EACA;EACA;EACA;;AAEA;EACI;;AAGJ;EACI;;AAcJ;EACI;EACA;;AAEA;EACI;EACA;EACA;;AAGJ;EACI;;AAiBgB;EACI;EACA;;AAGJ;EACI;;AAqCZ;EACI;;AAmBxB;EACI;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;;AAEA;EAEI;;AAOI;EACI;EACA;EACA;EACA;;AAEA;EACI;EACA;EACA;EACA;EACA;;AAEA;EACI;;AAUR;EACI;;AAQZ;EACI;EACA;EACA;EACA;EACA;;AAGJ;EACI;;AAGJ;EACI;EACA;EACA;EACA;EACA;EACA;EACA;EACA;;AAOJ;EACI;;AAYZ;EACI;EACA;EACA;;AAEA;EACI;EACA;EACA;;AAEA;EACI;EACA;EACA;EACA;EACA;EACA;EACA;;AAEA;EACI;EACA;EACA;EACA;;AAQR;EACI;;AAEA;EACI;;AAGR;EACI;EAEA;;AAEA;EACI;;AAGR;EACI;EACA;;AAEA;EACI;;AAGR;EACI;;AAEA;EACI;;AAGR;EACI;EACA;EACA;;AAEA;EACI;;AAGJ;EACI;EACA;EACA;EACA;EACA;EACA;EACA;EAEA;EACA;EAEA;EACA;;AAKZ;EACI;EACA;EACA;EACA;EACA;EACA;EACA;;AAEA;EAII;EACA;EACA;;AAKZ;EACI;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;;AAEA;EACI;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;;AAGJ;EACI;;AAIR;EACI;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;;AAEA;EACI;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;;AAIR;EACI;EACA;EACA;EACA;EACA;;AAEA;EACI;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;;AAKZ;EACI;EACA;EACA;;AAEJ;EACI;EACA;;AAEA;EACI;;AAUJ;EACI;EACA;EACA;EACA;;AA0BR;EACI;EACA;EACA;EACA;EACA;EACA;EACA;AACA;EACA;EACA;EACA;EACA;EACA;EAQA;EAEA;AAAwB;AAExB;AAKA;AAKA;AAMA;;AAfA;EACI;;AAIJ;EACI;;AAIJ;EACI;EACA;;AAIJ;EACI;EACA;;AAGJ;EACI;;AAIJ;EACI;EACA;EACA;EACA;EACA;EACA;EACA;EACA;;AAEA;EACI;EACA;EACA;EACA;EACA;;AAKR;EACI;EACA;EACA;EACA;;AAEA;EACI;EACA;;AAEA;EACI;EACA;EACA;;AAGJ;EACI;EACA;EACA;EACA;EACA;EACA;EACA;EACA;;AAIA;EACI;;AAKJ;EACI;;AAKJ;EACI;;AAKJ;EACI;;;AA8CxB;EACI;;;AAGJ;EACI;;;AAEJ;EACI;;;AAGJ;EACI;;;AAIJ;EACI;;AAEA;EACI;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;;AAQwB;EACI;EACA;EACA;;AAEA;EACI;EACA;AACA;EACA;EACA;EACA;EACA;EACA;AACA;EACA;EACA;EACA;;AAEA;EACI;;AAIZ;EACI;EACA;;AAEA;EACI;EACA;EACA;EACA;EACA;EACA;;AAGJ;EACI;EACA;EACA;EACA;EACA;;AAKR;EACI;EACA;EACA;EACA;;AAUhC;EACI;;;AAMJ;EACI","file":"styles.fix.css"}
\ No newline at end of file
diff --git a/web/css/styles.min.css b/web/css/styles.min.css
index edc706d5..5f63b030 100644
--- a/web/css/styles.min.css
+++ b/web/css/styles.min.css
@@ -149,20 +149,20 @@
  *  `em` units.
  */
 html {
-  font-family: sans-serif;
-  /* 1 */
-  -ms-text-size-adjust: 100%;
-  /* 2 */
-  -webkit-text-size-adjust: 100%;
-  /* 2 */
+    font-family: sans-serif;
+    /* 1 */
+    -ms-text-size-adjust: 100%;
+    /* 2 */
+    -webkit-text-size-adjust: 100%;
+    /* 2 */
 }
 
 /**
  * Remove default margin.
  */
 body {
-  margin: 0;
-  background-color: #fff;
+    margin: 0;
+    background-color: #fff;
 }
 
 /* HTML5 display definitions
@@ -173,34 +173,19 @@ body {
  * and Firefox.
  * Correct `block` display not defined for `main` in IE 11.
  */
-article,
-aside,
-details,
-figcaption,
-figure,
-footer,
-header,
-hgroup,
-main,
-menu,
-nav,
-section,
-summary {
-  display: block;
+article, aside, details, figcaption, figure, footer, header, hgroup, main, menu, nav, section, summary {
+    display: block;
 }
 
 /**
  * 1. Correct `inline-block` display not defined in IE 6/7/8/9 and Firefox 3.
  * 2. Normalize vertical alignment of `progress` in Chrome, Firefox, and Opera.
  */
-audio,
-canvas,
-progress,
-video {
-  display: inline-block;
-  /* 1 */
-  vertical-align: baseline;
-  /* 2 */
+audio, canvas, progress, video {
+    display: inline-block;
+    /* 1 */
+    vertical-align: baseline;
+    /* 2 */
 }
 
 /**
@@ -208,61 +193,55 @@ video {
  * Remove excess height in iOS 5 devices.
  */
 audio:not([controls]) {
-  display: none;
-  height: 0;
+    display: none;
+    height: 0;
 }
 
 /**
  * Address `[hidden]` styling not present in IE 8/9/10.
  * Hide the `template` element in IE 8/9/11, Safari, and Firefox < 22.
  */
-[hidden],
-template {
-  display: none;
+[hidden], template, .hidden {
+    display: none;
 }
 
-.hidden {
-  display: none;
-}
 /* Links
    ========================================================================== */
 /**
  * Remove the gray background color from active links in IE 10.
  */
 a {
-  background-color: transparent;
+    background-color: transparent;
+}
+a:active, a:hover {
+    outline: 0;
 }
 
 /**
  * Improve readability when focused and also mouse hovered in all browsers.
  */
-a:active, a:hover {
-  outline: 0;
-}
-
 /* Text-level semantics
    ========================================================================== */
 /**
  * Address styling not present in IE 8/9/10/11, Safari, and Chrome.
  */
 abbr[title] {
-  border-bottom: 1px dotted;
+    border-bottom: 1px dotted;
 }
 
 /**
  * Address style set to `bolder` in Firefox 4+, Safari, and Chrome.
  */
-b,
-strong {
-  font-weight: bold;
-  color: #5f5f5f;
+b, strong {
+    font-weight: bold;
+    color: #5f5f5f;
 }
 
 /**
  * Address styling not present in Safari and Chrome.
  */
 dfn {
-  font-style: italic;
+    font-style: italic;
 }
 
 /**
@@ -270,42 +249,45 @@ dfn {
  * contexts in Firefox 4+, Safari, and Chrome.
  */
 h1 {
-  font-size: 2em;
-  margin: 0.67em 0;
+    font-size: 2em;
+    margin: 0.67em 0;
 }
 
 /**
  * Addresses styling not present in IE 8/9.
  */
 mark {
-  background: #ff0;
-  color: #000;
+    background: #ff0;
+    color: #000;
 }
 
 /**
  * Address inconsistent and variable font size in all browsers.
  */
 small {
-  font-size: 80%;
+    font-size: 80%;
 }
 
 /**
  * Prevent `sub` and `sup` affecting `line-height` in all browsers.
  */
-sub,
-sup {
-  font-size: 75%;
-  line-height: 0;
-  position: relative;
-  vertical-align: baseline;
+sub {
+    font-size: 75%;
+    line-height: 0;
+    position: relative;
+    vertical-align: baseline;
 }
 
 sup {
-  top: -0.5em;
+    font-size: 75%;
+    line-height: 0;
+    position: relative;
+    vertical-align: baseline;
+    top: -0.5em;
 }
 
 sub {
-  bottom: -0.25em;
+    bottom: -0.25em;
 }
 
 /* Embedded content
@@ -315,14 +297,14 @@ sub {
  * 2. Improves image quality when scaled in IE 7.
  */
 img {
-  border: 0;
+    border: 0;
 }
 
 /**
  * Correct overflow not hidden in IE 9/10/11.
  */
 svg:not(:root) {
-  overflow: hidden;
+    overflow: hidden;
 }
 
 /* Grouping content
@@ -331,34 +313,31 @@ svg:not(:root) {
  * Address margin not present in IE 8/9 and Safari.
  */
 figure {
-  margin: 1em 40px;
+    margin: 1em 40px;
 }
 
 /**
  * Address differences between Firefox and other browsers.
  */
 hr {
-  box-sizing: content-box;
-  height: 0;
+    box-sizing: content-box;
+    height: 0;
 }
 
 /**
  * Contain overflow in all browsers.
  */
 pre {
-  overflow: auto;
+    overflow: auto;
 }
 
 /**
  * Address odd `em`-unit font size rendering in all browsers.
  * Correct font family set oddly in IE 6, Safari 4/5, and Chrome.
  */
-code,
-kbd,
-pre,
-samp {
-  font-family: monospace, monospace;
-  font-size: 1em;
+code, kbd, pre, samp {
+    font-family: monospace, monospace;
+    font-size: 1em;
 }
 
 /* Forms
@@ -374,24 +353,23 @@ samp {
  * 3. Address margins set differently in Firefox 4+, Safari, and Chrome.
  * 4. Improves appearance and consistency in all browsers.
  */
-button,
-input,
-optgroup,
-select,
-textarea {
-  color: inherit;
-  /* 1 */
-  font: inherit;
-  /* 2 */
-  margin: 0;
-  /* 3 */
+button, input, optgroup, select, textarea {
+    color: inherit;
+    /* 1 */
+    font: inherit;
+    /* 2 */
+    margin: 0;
+    /* 3 */
 }
 
 /**
  * Address `overflow` set to `hidden` in IE 8/9/10/11.
  */
 button {
-  overflow: visible;
+    overflow: visible;
+    text-transform: none;
+    /*color: transparent !important;*/
+    text-shadow: 0 0 0 #555 !important;
 }
 
 /**
@@ -400,11 +378,10 @@ button {
  * Correct `button` style inheritance in Firefox, IE 8/9/10/11, and Opera.
  * Correct `select` style inheritance in Firefox.
  */
-button,
 select {
-  text-transform: none;
-  /*color: transparent !important;*/
-  text-shadow: 0 0 0 #555 !important;
+    text-transform: none;
+    /*color: transparent !important;*/
+    text-shadow: 0 0 0 #555 !important;
 }
 
 /**
@@ -416,93 +393,92 @@ select {
  * 4. Removes inner spacing in IE 7 without affecting normal text inputs.
  *  Known issue: inner spacing remains in IE 6.
  */
-button,
-html input[type="button"],
-input[type="reset"],
-input[type="submit"] {
-  -webkit-appearance: button;
-  /* 2 */
-  cursor: pointer;
-  /* 3 */
+button, html input[type=button] {
+    -webkit-appearance: button;
+    /* 2 */
+    cursor: pointer;
+    /* 3 */
+}
+
+input[type=reset], input[type=submit] {
+    -webkit-appearance: button;
+    /* 2 */
+    cursor: pointer;
+    /* 3 */
 }
 
 /**
  * Re-set default cursor for disabled elements.
  */
-button[disabled],
-html input[disabled] {
-  cursor: default;
+button[disabled], html input[disabled] {
+    cursor: default;
 }
 
 /**
  * Remove inner padding and border in Firefox 4+.
  */
-button::-moz-focus-inner,
+button::-moz-focus-inner {
+    border: 0;
+    padding: 0;
+}
+
+input {
+    line-height: normal;
+}
 input::-moz-focus-inner {
-  border: 0;
-  padding: 0;
+    border: 0;
+    padding: 0;
+}
+input[type=checkbox], input[type=radio] {
+    box-sizing: border-box;
+    /* 1 */
+    padding: 0;
+    /* 2 */
+}
+input[type=number]::-webkit-inner-spin-button, input[type=number]::-webkit-outer-spin-button {
+    height: auto;
+}
+input[type=search] {
+    -webkit-appearance: textfield;
+    /* 1 */
+    /* 2 */
+    box-sizing: content-box;
+}
+input[type=search]::-webkit-search-cancel-button, input[type=search]::-webkit-search-decoration {
+    -webkit-appearance: none;
 }
 
 /**
  * Address Firefox 4+ setting `line-height` on `input` using `!important` in
  * the UA stylesheet.
  */
-input {
-  line-height: normal;
-}
-
 /**
  * 1. Address box sizing set to `content-box` in IE 8/9/10.
  * 2. Remove excess padding in IE 8/9/10.
  *  Known issue: excess padding remains in IE 6.
  */
-input[type="checkbox"],
-input[type="radio"] {
-  box-sizing: border-box;
-  /* 1 */
-  padding: 0;
-  /* 2 */
-}
-
 /**
  * Fix the cursor style for Chrome's increment/decrement buttons. For certain
  * `font-size` values of the `input`, it causes the cursor style of the
  * decrement button to change from `default` to `text`.
  */
-input[type="number"]::-webkit-inner-spin-button,
-input[type="number"]::-webkit-outer-spin-button {
-  height: auto;
-}
-
 /**
  * 1. Address `appearance` set to `searchfield` in Safari and Chrome.
  * 2. Address `box-sizing` set to `border-box` in Safari and Chrome
  *  (include `-moz` to future-proof).
  */
-input[type="search"] {
-  -webkit-appearance: textfield;
-  /* 1 */
-  /* 2 */
-  box-sizing: content-box;
-}
-
 /**
  * Remove inner padding and search cancel button in Safari and Chrome on OS X.
  * Safari (but not Chrome) clips the cancel button when the search input has
  * padding (and `textfield` appearance).
  */
-input[type="search"]::-webkit-search-cancel-button,
-input[type="search"]::-webkit-search-decoration {
-  -webkit-appearance: none;
-}
-
 /**
  * Define consistent border, margin, and padding.
  */
 fieldset {
-  border: 1px solid #c0c0c0;
-  margin: 0 2px;
-  padding: 0.35em 0.625em 0.75em;
+    border: 1px solid #c0c0c0;
+    margin: 0 2px;
+    padding: 0.35em 0.625em 0.75em;
 }
 
 /**
@@ -512,17 +488,17 @@ fieldset {
  * 4. Corrects alignment displayed oddly in IE 6/7.
  */
 legend {
-  border: 0;
-  /* 1 */
-  padding: 0;
-  /* 2 */
+    border: 0;
+    /* 1 */
+    padding: 0;
+    /* 2 */
 }
 
 /**
  * Remove default vertical scrollbar in IE 8/9/10/11.
  */
 textarea {
-  overflow: auto;
+    overflow: auto;
 }
 
 /**
@@ -530,7 +506,7 @@ textarea {
  * NOTE: the default cannot safely be changed in Chrome and Safari on OS X.
  */
 optgroup {
-  font-weight: bold;
+    font-weight: bold;
 }
 
 /* Tables
@@ -539,2249 +515,2248 @@ optgroup {
  * Remove most spacing between table cells.
  */
 table {
-  border-collapse: collapse;
-  border-spacing: 0;
+    border-collapse: collapse;
+    border-spacing: 0;
 }
 
-td,
-th {
-  padding: 0;
+td, th {
+    padding: 0;
 }
 
 * {
-  -webkit-tap-highlight-color: transparent;
+    -webkit-tap-highlight-color: transparent;
 }
 
 body {
-/*  -webkit-touch-callout: none;
-  -webkit-text-size-adjust: none;
-  -webkit-user-select: none; */
+    /*  -webkit-touch-callout: none;
+      -webkit-text-size-adjust: none;
+      -webkit-user-select: none; */
 }
 
-html,
-input,
-textarea,
-select,
-button {
-  -webkit-font-smoothing: antialiased;
-  -moz-osx-font-smoothing: grayscale;
+html, input, textarea, select, button {
+    -webkit-font-smoothing: antialiased;
+    -moz-osx-font-smoothing: grayscale;
 }
 
 html {
-  height: 100%;
+    height: 100%;
 }
 
 body {
-  font-family: arial;
-  overflow-x: hidden;
-  font-size: 14px;
-  height: 100%;
-  color: #929292;
+    font-family: arial;
+    overflow-x: hidden;
+    font-size: 14px;
+    height: 100%;
+    color: #929292;
 }
 
 .body-login, .body-reset {
-  height: auto;
-  padding-top: 10%;
-  /*background: url(/images/edit_bg.png);*/
-  background-color: #eee;
+    height: auto;
+    padding-top: 10%;
+    /*background: url(/images/edit_bg.png);*/
+    background-color: #eee;
 }
 
 a {
-  text-decoration: none;
-  color: #929292;
+    text-decoration: none;
+    color: #929292;
 }
 
 .disabled {
-  text-decoration: line-through;
+    text-decoration: line-through;
 }
 
-.clearfix:before,
-.clearfix:after {
-  content: '';
-  display: table;
+.clearfix:before {
+    content: "";
+    display: table;
 }
-
 .clearfix:after {
-  clear: both;
+    content: "";
+    display: table;
+    clear: both;
 }
 
 .text-right {
-  text-align: right;
+    text-align: right;
 }
 
 .text-center {
-  text-align: center;
+    text-align: center;
 }
 
 .check-label {
-  display: inline-block;
-  cursor: pointer;
-  position: relative;
-  line-height: 16px;
-  padding-left: 26px;
+    display: inline-block;
+    cursor: pointer;
+    position: relative;
+    line-height: 16px;
+    padding-left: 26px;
 }
-
 .check-label:before {
-  content: '';
-  width: 16px;
-  height: 16px;
-  position: absolute;
-  left: 0;
-  top: 0;
-  display: inline-block;
-  background-image: url("/images/sprite.png?1446554103");
-  background-size: 450px auto;
-  background-repeat: no-repeat;
-  background-position: -232px -9px;
-  z-index: 99;
+    content: "";
+    width: 16px;
+    height: 16px;
+    position: absolute;
+    left: 0;
+    top: 0;
+    display: inline-block;
+    background-image: url("/images/sprite.png?1446554103");
+    background-size: 450px auto;
+    background-repeat: no-repeat;
+    background-position: -232px -9px;
+    z-index: 99;
 }
 
-input[type="checkbox"] {
-  display: none;
+input[type=checkbox] {
+    display: none;
 }
-.clicked-on.check-label:before,
-.selected .check-label:before {
-  content: '';
-  display: inline-block;
-  width: 27px;
-  height: 27px;
-  background-position: -225px -42px;
-  left: -6px;
-  top: -6px;
+
+.clicked-on.check-label:before, .selected .check-label:before {
+    content: "";
+    display: inline-block;
+    width: 27px;
+    height: 27px;
+    background-position: -225px -42px;
+    left: -6px;
+    top: -6px;
 }
 
 .l-center {
-  margin: 0 auto;
-  max-width: 998px;
+    margin: 0 auto;
+    max-width: 998px;
 }
 
 .l-logo {
-  background-image: url("/images/sprite.png?1446554103");
-  background-position: -117px -7px;
-/*  background-position: -125px -478px; */
-  background-repeat: no-repeat;
-  display: inline-block;
-  float: left;
-  height: 22px;
-  margin-top: 4px;
-  width: 73px;
-/*  width: 42px; */
-  margin-left: -2px;
+    background-image: url("/images/sprite.png?1446554103");
+    background-position: -117px -7px;
+    /*  background-position: -125px -478px; */
+    background-repeat: no-repeat;
+    display: inline-block;
+    float: left;
+    height: 22px;
+    margin-top: 4px;
+    width: 73px;
+    /*  width: 42px; */
+    margin-left: -2px;
 }
 
 .l-header {
-  background-color: #5d5d5d;
-  overflow: hidden;
-  margin-bottom: 28px;
-  position: fixed;
-  width: 100%;
-  z-index: 100;
-  height: 34px
+    background-color: #5d5d5d;
+    overflow: hidden;
+    margin-bottom: 28px;
+    position: fixed;
+    width: 100%;
+    z-index: 100;
+    height: 34px;
 }
 .l-header a {
-  font-size: 12px;
-}
-
-.l-menu__item--active {
-  //background-color: #fff;
+    font-size: 12px;
 }
 
 .l-menu__item.l-menu__item--active a {
-  color: #ff6701;
-  font-size: 10px;
-  font-weight: bold;
-  text-transform: uppercase;
-  background-color: #fff;
+    color: #9c8cff;
+    font-size: 10px;
+    font-weight: bold;
+    text-transform: uppercase;
+    background-color: #fff;
 }
 
 .l-menu {
-  float: left;
-  position: fixed;
-  margin-left: 70px;
+    float: left;
+    position: fixed;
+    margin-left: 70px;
 }
+
 .l-menu__item {
-  float: left;
+    float: left;
 }
 .l-menu__item a {
-  color: #f7f7f7;
-  position: relative;
-  line-height: 34px;
-  padding: 11px 18px;
+    color: #f7f7f7;
+    position: relative;
+    line-height: 34px;
+    padding: 11px 18px;
 }
 .l-menu__item a:hover {
-  background-color: #f79b44;
-  color: #fff;
+    background-color: #f79b44;
+    color: #fff;
 }
 .l-menu__item a:active {
-  color: #fff;
-  background-color: #ff6701;
+    color: #fff;
+    background-color: #9c8cff;
 }
 
 .l-menu.active .l-menu__item.focus a {
-  text-decoration: underline;
-  color: #5edad0;
+    text-decoration: underline;
+    color: #5edad0;
 }
 .l-menu.active .l-menu__item.focus a:hover {
-  background-color: #f79b44;
-  color: #fff;
+    background-color: #f79b44;
+    color: #fff;
 }
 
+.lang-ua .l-menu__item a, .lang-nl .l-menu__item a, .lang-fr .l-menu__item a, .lang-ru .l-menu__item a {
+    padding: 11px 18px;
+}
 
-.lang-ua .l-menu__item a,
-.lang-nl .l-menu__item a,
-.lang-fr .l-menu__item a,
-.lang-ru .l-menu__item a {
-  padding: 11px 18px;
-}
-.lang-el .l-menu__item a,
-.lang-tr .l-menu__item a {
-  padding: 11px 15px;
+.lang-el .l-menu__item a, .lang-tr .l-menu__item a {
+    padding: 11px 15px;
 }
+
 .lang-ar .l-menu__item a {
-  padding: 11px 11px;
-}
-.lang-ar .l-menu__item a {
-  line-height: 35px;
+    padding: 11px 11px;
+    line-height: 35px;
 }
 
 .lang-de .l-menu__item a {
-  padding: 11px 12px;
+    padding: 11px 12px;
 }
 
 .lang-tw .l-menu__item a {
-  padding: 13px 18px;
+    padding: 13px 18px;
 }
 
 .l-profile {
-  overflow: hidden;
-  float: right;
+    overflow: hidden;
+    float: right;
 }
+
 .l-profile__username {
-  float: left;
-  color: #a4abad;
-  font-weight: 700;
-  padding: 10px 0 0 10px;
-  margin-right: 12px;
+    float: left;
+    color: #a4abad;
+    font-weight: 700;
+    padding: 10px 0 0 10px;
+    margin-right: 12px;
 }
 .l-profile__username:hover {
-  color: #ffd62e;
+    color: #ffd62e;
 }
 .l-profile__username:active {
-  color: #f79b44;
+    color: #f79b44;
 }
 
-
 .l-profile__logout {
-  float: left;
-  color: #fff;
-/*  margin-left: 40px; */
-  padding: 10px 0 0 10px;
+    float: left;
+    color: #fff;
+    /*  margin-left: 40px; */
+    padding: 10px 0 0 10px;
 }
 .l-profile__logout:hover {
-  color: #C0E60E;
+    color: #C0E60E;
 }
 .l-profile__logout:active {
-  color: #ffd62e;
+    color: #ffd62e;
 }
-.lang-cn .l-profile__logout {
-  padding: 8px 5px;
-}
-.lang-tw .l-profile__logout {
-  padding: 8px 5px;
+
+.lang-cn .l-profile__logout, .lang-tw .l-profile__logout {
+    padding: 8px 5px;
 }
 
 .l-profile__notifications {
-  background: url("/images/sprite.png?1446554103") no-repeat scroll -129px -135px;
-  border-radius: 30px;
-  color: #fff;
-  cursor: pointer;
-  float: left;
-  font-weight: bold;
-  height: 15px;
-  margin-right: 4px;
-  margin-top: 5px;
-  padding: 10px 5px 0;
-  width: 15px;
+    background: url("/images/sprite.png?1446554103") no-repeat scroll -129px -135px;
+    border-radius: 30px;
+    color: #fff;
+    cursor: pointer;
+    float: left;
+    font-weight: bold;
+    height: 15px;
+    margin-right: 4px;
+    margin-top: 5px;
+    padding: 10px 5px 0;
+    width: 15px;
 }
 .l-profile__notifications.active {
-  background-color: #454545;
+    background-color: #454545;
 }
 .l-profile__notifications:hover {
-  background-color: #333;
+    background-color: #333;
 }
 .l-profile__notifications:active {
-  background-color: #c4da5e;
+    background-color: #c4da5e;
 }
 .l-profile__notifications.updates {
-  background-position: -202px -135px;
+    background-position: -202px -135px;
 }
 
 .notification-container {
-  background-color: #454545;
-  box-shadow: 0 2px 7px 0 rgba(0, 0, 0, 0.3);
-  list-style-type: none;
-  margin: 0;
-  overflow: hidden;
-  padding-left: 0;
-  position: fixed;
-  top: 34px;
-  width: 351px;
-  z-index: 200;
-  font-size: 12px;
-  padding: 0;
-  color: #7f7f7f;
+    background-color: #454545;
+    box-shadow: 0 2px 7px 0 rgba(0, 0, 0, 0.3);
+    list-style-type: none;
+    margin: 0;
+    overflow: hidden;
+    padding-left: 0;
+    position: fixed;
+    top: 34px;
+    width: 351px;
+    z-index: 200;
+    font-size: 12px;
+    padding: 0;
+    color: #7f7f7f;
 }
 .notification-container .unseen {
-  color: #ABABAB;
+    color: #ABABAB;
 }
-
-
 .notification-container li {
-  border-bottom: 1px solid #555;
-  padding: 10px 15px 24px;
+    border-bottom: 1px solid #555;
+    padding: 10px 15px 24px;
 }
 .notification-container .mark-seen {
-  background-color: #abc04b;
-  border: 2px solid #454545;
-  border-radius: 10px;
-  cursor: pointer;
-  display: none;
-  float: right;
-  height: 7px;
-  margin-right: -5px;
-  margin-top: 0;
-  width: 7px;
+    background-color: #abc04b;
+    border: 2px solid #454545;
+    border-radius: 10px;
+    cursor: pointer;
+    display: none;
+    float: right;
+    height: 7px;
+    margin-right: -5px;
+    margin-top: 0;
+    width: 7px;
 }
 .notification-container .mark-seen:hover {
-  background-color: #333;
-  border-color: #abc04b;
+    background-color: #333;
+    border-color: #abc04b;
 }
 .notification-container .mark-seen:active {
-  background-color: #777;
-  border-color: #777;
+    background-color: #777;
+    border-color: #777;
 }
-.notification-container .unseen .mark-seen{
-  display: inline-block;
+.notification-container .unseen .mark-seen {
+    display: inline-block;
 }
 .notification-container .title {
-  color: #9e9e9e;
-  font-weight: bold;
-  line-height: 30px;
-  padding: 0;
-  text-transform: none;
-  float: none;
-  display: block;
+    color: #9e9e9e;
+    font-weight: bold;
+    line-height: 30px;
+    padding: 0;
+    text-transform: none;
+    float: none;
+    display: block;
 }
 .notification-container .title a {
-  color: #9e9e9e;
+    color: #9e9e9e;
 }
-
-.notification-container .unseen .title a,
 .notification-container .unseen .title {
-  color: #C4DA5E;
+    color: #C4DA5E;
+}
+.notification-container .unseen .title a {
+    color: #C4DA5E;
 }
 .notification-container .unseen .title a:hover {
-  color: #ffcc00;
+    color: #ffcc00;
 }
 .notification-container .unseen .title a:active {
-  color: #dacf2e;
+    color: #dacf2e;
 }
-
 .notification-container a {
-  color: #5ABDB5;/* #eee;*/
+    color: #5ABDB5;
+    /* #eee;*/
 }
 .notification-container a:hover {
-  color: #2CA99B;
+    color: #2CA99B;
 }
 .notification-container a:active {
-  color: #00C0C0;
+    color: #00C0C0;
 }
-
 .notification-container .icon {
-  display: inline-block;
-  width: 0;
+    display: inline-block;
+    width: 0;
 }
 .notification-container .icon.filemanager {
-  display: inline-block;
-  width: 22px;
-  background: url("/images/flat_icons.png") repeat scroll -31px -100px;
+    display: inline-block;
+    width: 22px;
+    background: url("/images/flat_icons.png") repeat scroll -31px -100px;
 }
 .notification-container .icon.starred {
-  display: inline-block;
-  width: 21px;
-  background: url("/images/sprite.png?1446554103") repeat scroll -184px 556px;
+    display: inline-block;
+    width: 21px;
+    background: url("/images/sprite.png?1446554103") repeat scroll -184px 556px;
 }
 
-
-
 .l-stat {
-  margin: 0 auto;
-  margin: 34px auto;
-  position: fixed;
-  background-color: #fff;
-  z-index: 100;
-  padding-top: 30px;
-  width: 100%;
-  overflow: hidden;
+    margin: 0 auto;
+    margin: 34px auto;
+    position: fixed;
+    background-color: #fff;
+    z-index: 100;
+    padding-top: 30px;
+    width: 100%;
+    overflow: hidden;
 }
+
 .l-stat__col {
-  display: block;
-  vertical-align: top;
-  float: left;
+    display: block;
+    vertical-align: top;
+    float: left;
 }
 .l-stat__col a {
-  display: inline-block;
-  padding-bottom: 36px;
-  min-height: 111px;
-  width: 138px;
-  border-bottom: 3px solid #fff;
-  overflow: hidden;
-  background-color: #fff;
-  padding-top: 3px;
-  margin-top: -3px;
-  padding-left: 5px;
+    display: inline-block;
+    padding-bottom: 36px;
+    min-height: 111px;
+    width: 138px;
+    border-bottom: 3px solid #fff;
+    overflow: hidden;
+    background-color: #fff;
+    padding-top: 3px;
+    margin-top: -3px;
+    padding-left: 5px;
 }
 .l-stat__col a:hover {
-  border-bottom: 3px solid #ff8e61;
+    border-bottom: 3px solid #ff8e61;
 }
 .l-stat__col a:active {
-  border-bottom: 3px solid #f72b44;
+    border-bottom: 3px solid #796cc7;
 }
+
 .l-stat__col--active a {
-  border-bottom: 3px solid #ff6e42;
+    border-bottom: 3px solid #ff6e42;
 }
 
 .l-stat.active .l-stat__col.focus a {
-  border-bottom: 3px solid #5edad0;
+    border-bottom: 3px solid #5edad0;
 }
 .l-stat.active .l-stat__col.focus a .l-stat__col-title {
-  color: #36B3A9;
+    color: #36B3A9;
 }
 
-
-
 .l-stat__col a:hover .l-stat__col-title {
-  color: #ff6701;
+    color: #9c8cff;
 }
 .l-stat__col a:active .l-stat__col-title {
-  color: #f72b44;
+    color: #796cc7;
 }
-
-
 .l-stat__col ul {
-  list-style-type: none;
-  font-size: 12px;
-  padding-left: 0;
+    list-style-type: none;
+    font-size: 12px;
+    padding-left: 0;
 }
 .l-stat__col li {
-  color: #a0a0a0;
-  margin-bottom: 8px;
-  text-transform: lowercase;
+    color: #a0a0a0;
+    margin-bottom: 8px;
+    text-transform: lowercase;
 }
 .l-stat__col span {
-  padding-left: 15px;
-}
-.l-stat__col-title {
-  text-transform: uppercase;
-  font-weight: 700;
-  color: #212134;
-  min-height: 21px;
-}
-.l-stat__col--active .l-stat__col-title {
-  color: #ff6701;
-  font-size: 24px;
-  margin-top: -7px;
-  letter-spacing: -1px;
-  margin-right: -8px;
+    padding-left: 15px;
+}
+
+.l-stat__col-title {
+    text-transform: uppercase;
+    font-weight: 700;
+    color: #212134;
+    min-height: 21px;
+}
+
+.l-stat__col--active .l-stat__col-title {
+    color: #9c8cff;
+    font-size: 24px;
+    margin-top: -7px;
+    letter-spacing: -1px;
+    margin-right: -8px;
 }
 
-.l-separator.selected,
 .l-separator {
-  height: 1px;
-  background-color: #ddd;
+    height: 1px;
+    background-color: #ddd;
+}
+.l-separator.selected {
+    height: 1px;
+    background-color: #ddd;
 }
 
 div.l-content > div.l-separator:nth-of-type(2) {
-  margin-top: 214px;
-  width: 100%;
-  position: fixed;
-  z-index: 120;
+    margin-top: 214px;
+    width: 100%;
+    position: fixed;
+    z-index: 120;
 }
-
 div.l-content > div.l-separator:nth-of-type(4) {
-  margin-top: 259px;
-  width: 100%;
-  position: fixed;
-  z-index: 100;
+    margin-top: 259px;
+    width: 100%;
+    position: fixed;
+    z-index: 100;
 }
 
 .l-sort {
-  position: fixed;
-  width: 998px;
-  background-color: #fff;
-  z-index: 110;
-  margin-top: 215px;
+    position: fixed;
+    width: 998px;
+    background-color: #fff;
+    z-index: 110;
+    margin-top: 215px;
 }
+
 .l-sort__create-btn {
-  background-image: url("/images/sprite.png?1446554103");
-  background-position: -331px -107px;
-  background-repeat: no-repeat;
-  bottom: -23px;
-  display: inline-block;
-  height: 45px;
-  left: 30px;
-  position: absolute;
-  width: 45px;
-  z-index: 3;
+    background-image: url("/images/sprite.png?1446554103");
+    background-position: -331px -107px;
+    background-repeat: no-repeat;
+    bottom: -23px;
+    display: inline-block;
+    height: 45px;
+    left: 30px;
+    position: absolute;
+    width: 45px;
+    z-index: 3;
 }
 .l-sort__create-btn:hover {
-  background-position: -378px -107px;
+    background-position: -378px -107px;
 }
 .l-sort__create-btn:active {
-  background-position: -425px -107px;
+    background-position: -425px -107px;
 }
+
 .l-sort__create-btn--active {
-  background-position: -425px -107px;
+    background-position: -425px -107px;
 }
 
 .l-sort__create-btn.restore {
-  background-position: -331px -250px;
-  bottom: -22px;
+    background-position: -331px -250px;
+    bottom: -22px;
 }
-.l-sort__create-btn.restore:hover {
-  background-position: -331px -250px;
+.l-sort__create-btn.restore:hover, .l-sort__create-btn.restore:active {
+    background-position: -331px -250px;
 }
-.l-sort__create-btn.restore:active {
-  background-position: -331px -250px;
-}
-
 .l-sort__create-btn.edit {
-  background-position: -331px -154px;
-  bottom: -22px;
+    background-position: -331px -154px;
+    bottom: -22px;
 }
 .l-sort__create-btn.edit:hover {
-  background-position: -378px -154px;
+    background-position: -378px -154px;
 }
 .l-sort__create-btn.edit:active {
-  background-position: -425px -154px;
+    background-position: -425px -154px;
 }
 
 .context-menu.sort-order {
-  display: inline-block;
-  position: absolute;
-  z-index: 3;
-  left: 397px;
-  margin: 0;
-  overflow: hidden;
-  top: 42px;
-  width: 201px;
-  background-color: #5c5c5c;
-  list-style-type: none;
-  padding-left: 0;
-  box-shadow: 0 2px 7px 0 rgba(0, 0, 0, 0.3);
+    display: inline-block;
+    position: absolute;
+    z-index: 3;
+    left: 397px;
+    margin: 0;
+    overflow: hidden;
+    top: 42px;
+    width: 201px;
+    background-color: #5c5c5c;
+    list-style-type: none;
+    padding-left: 0;
+    box-shadow: 0 2px 7px 0 rgba(0, 0, 0, 0.3);
 }
 .context-menu.sort-order li {
-  padding: 0;
+    padding: 0;
 }
 .context-menu li {
-  border-bottom: 1px solid #777;
-  color: #fff;
-  cursor: pointer;
-  font-size: 12px;
-  padding: 12px;
+    border-bottom: 1px solid #777;
+    color: #fff;
+    cursor: pointer;
+    font-size: 12px;
+    padding: 12px;
 }
 .context-menu.sort-order span.name {
-  background: url("/images/sprite.png?1446554103") no-repeat scroll -292px -361px rgba(0, 0, 0, 0);
-  display: inline-block;
-  padding: 12px 28px 12px 12px;
-  width: 117px;
-  text-transform: uppercase;
-  font-weight: bold;
+    background: url("/images/sprite.png?1446554103") no-repeat scroll -292px -361px rgba(0, 0, 0, 0);
+    display: inline-block;
+    padding: 12px 28px 12px 12px;
+    width: 117px;
+    text-transform: uppercase;
+    font-weight: bold;
 }
 .context-menu.sort-order span.up {
-  background: url("/images/sprite.png?1446554103") no-repeat scroll -434px -417px rgba(0, 0, 0, 0);
-  display: inline-block;
-  padding: 12px 14px;
-  width: 16px;
+    background: url("/images/sprite.png?1446554103") no-repeat scroll -434px -417px rgba(0, 0, 0, 0);
+    display: inline-block;
+    padding: 12px 14px;
+    width: 16px;
 }
 .context-menu.sort-order span.active {
-  background-color: #FFD437;
-  color: #555;
+    background-color: #FFD437;
+    color: #555;
 }
 .context-menu.sort-order span:hover {
-  background-color: #777;
-  color: #fff;
+    background-color: #777;
+    color: #fff;
 }
 .context-menu.sort-order span:active {
-  background-color: #ffcc00;
+    background-color: #ffcc00;
 }
 
-
-
-
 .l-sort-toolbar {
-  float: right;
-  padding: 7px 0 7px 0;
-  width: 100%;
+    float: right;
+    padding: 7px 0 7px 0;
+    width: 100%;
 }
-.l-sort-toolbar table{
-  float: right;
+.l-sort-toolbar table {
+    float: right;
 }
-
 .l-sort-toolbar td.toggle-all {
-  padding-top: 7px;
-  padding-right: 20px;
+    padding-top: 7px;
+    padding-right: 20px;
 }
-
 .l-sort-toolbar .sort-by {
-  cursor: pointer;
-  padding-top: 7px;
-  padding-left: 40px;
+    cursor: pointer;
+    padding-top: 7px;
+    padding-left: 40px;
 }
 .l-sort-toolbar .sort-by:hover {
-  color: #555;
+    color: #555;
 }
 .l-sort-toolbar .sort-by:hover b {
-  color: #555;
+    color: #555;
 }
 .l-sort-toolbar .sort-by:active {
-  color: #55c9c0;
+    color: #23b7e5;
 }
 .l-sort-toolbar .sort-by:active b {
-  color: #55c9c0;
+    color: #23b7e5;
 }
-
 .l-sort-toolbar .sort-by b {
-  text-transform: uppercase;
-  padding-left: 3px;
-  font-size: 12px;
+    text-transform: uppercase;
+    padding-left: 3px;
+    font-size: 12px;
 }
-
 .l-sort-toolbar .toggle-all:hover {
-  color: #555;
+    color: #555;
 }
 .l-sort-toolbar .toggle-all:active {
-  color: #55c9c0;
+    color: #23b7e5;
 }
-
 .l-sort-toolbar .l-select {
-  float: left;
+    float: left;
 }
 .l-sort-toolbar td {
-  vertical-align: middle;
+    vertical-align: middle;
 }
-
-.l-sort-toolbar.subtitle  {
-  padding-left: 96px;
+.l-sort-toolbar.subtitle {
+    padding-left: 96px;
 }
-
-
 .l-sort-toolbar td:first-of-type {
-  padding-left: 40px;
+    padding-left: 40px;
 }
-
-
 .l-sort-toolbar td.step-right:first-of-type {
-  padding-right: 20px;
+    padding-right: 20px;
 }
-
 .l-sort-toolbar td:nth-of-type(2) {
-/* ///  padding-right: 60px;*/
-  padding-right: 20px;
+    /* ///  padding-right: 60px;*/
+    padding-right: 20px;
 }
 .l-sort-toolbar td:last-of-type {
-/* ///  padding-left: 40px; */
+    /* ///  padding-left: 40px; */
 }
+
 .l-sort-toolbar__filter-apply {
-  float: left;
-  width: 30px;
-  height: 30px;
-  background-image: url("/images/sprite.png?1446554103");
-  background-position: -333px -1px;
-  border: none;
+    float: left;
+    width: 30px;
+    height: 30px;
+    background-image: url("/images/sprite.png?1446554103");
+    background-position: -333px -1px;
+    border: none;
 }
 .l-sort-toolbar__filter-apply:hover {
-  background-position: -368px -1px;
-  border-color: #afafac;
+    background-position: -368px -1px;
+    border-color: #afafac;
 }
 .l-sort-toolbar__filter-apply:active {
-  background-position: -404px -1px;
-  border-color: #afafac;
+    background-position: -404px -1px;
+    border-color: #afafac;
 }
+
 .l-sort-toolbar__filter-apply--active {
-  background-position: -404px -1px;
-  border-color: #50bdb5;
+    background-position: -404px -1px;
+    border-color: #50bdb5;
 }
 
 .l-sort-toolbar__search {
-  float: left;
-  width: 25px;
-  height: 25px;
-  background-image: url("/images/sprite.png?1446554103");
-  background-position: -333px -37px;
-  border: none;
+    float: left;
+    width: 25px;
+    height: 25px;
+    background-image: url("/images/sprite.png?1446554103");
+    background-position: -333px -37px;
+    border: none;
 }
 .l-sort-toolbar__search:hover {
-  background-position: -368px -37px;
-  border-color: #afafac;
+    background-position: -368px -37px;
+    border-color: #afafac;
 }
 .l-sort-toolbar__search:active {
-  background-position: -404px -37px;
-  border-color: #50bdb5;
+    background-position: -404px -37px;
+    border-color: #50bdb5;
 }
+
 .l-sort-toolbar__search--active {
-  background-position: -404px -37px;
-  border-color: #50bdb5;
+    background-position: -404px -37px;
+    border-color: #50bdb5;
 }
+
 .l-sort-toolbar .vst {
-  padding: 0 12px;
-  color: #777;
-  text-transform: uppercase;
-  font-size: 11px;
-  font-weight: bold;
-  line-height: 30px;
+    padding: 0 12px;
+    color: #777;
+    text-transform: uppercase;
+    font-size: 11px;
+    font-weight: bold;
+    line-height: 30px;
 }
 .l-sort-toolbar .vst:hover {
-  color: #ff6701;
+    color: #9c8cff;
 }
 .l-sort-toolbar .vst:active {
-  color: #55C9C0;
+    color: #23b7e5;
 }
 .l-sort-toolbar .vst.selected {
-  color: #ff6701;
-//  color: #92af0b;
+    color: #9c8cff;
 }
 
-
-
 .l-select {
-  width: 178px;
-  height: 28px;
-  border: 1px solid #ddd;
-  border-radius: 0;
-  overflow-x: hidden;
-  position: relative;
-  display: inline-block;
-  border-style: solid none solid solid;
+    width: 178px;
+    height: 28px;
+    border: 1px solid #ddd;
+    border-radius: 0;
+    overflow-x: hidden;
+    position: relative;
+    display: inline-block;
+    border-style: solid none solid solid;
 }
+
 .lang-ru .l-select {
-  width: 199px;
+    width: 199px;
 }
 
 .l-select:after {
-  pointer-events: none;
-  background-image: url("/images/sprite.png?1446554103");
-  background-position: -245px -175px;
-  width: 7px;
-  height: 4px;
-  margin-top: -2px;
-  content: '';
-  position: absolute;
-  right: 10px;
-  top: 50%;
+    pointer-events: none;
+    background-image: url("/images/sprite.png?1446554103");
+    background-position: -245px -175px;
+    width: 7px;
+    height: 4px;
+    margin-top: -2px;
+    content: "";
+    position: absolute;
+    right: 10px;
+    top: 50%;
 }
 .l-select select {
-  border: 0;
-  background-color: transparent;
-  line-height: 28px;
-  height: 28px;
-  min-width: 208px;
-  padding-left: 4px;
-  appearance:none;
-  -moz-appearance:none;
-  -webkit-appearance:none;
-  padding-left: 10px;
+    border: 0;
+    background-color: transparent;
+    line-height: 28px;
+    height: 28px;
+    min-width: 208px;
+    padding-left: 4px;
+    appearance: none;
+    -moz-appearance: none;
+    -webkit-appearance: none;
+    padding-left: 10px;
 }
 .l-select select:focus {
-  border: 0;
-  outline: 0;
+    border: 0;
+    outline: 0;
 }
+
 .lang-ru .l-select select {
-  min-width: 215px;
+    min-width: 215px;
 }
+
 .l-select select option {
-  padding: 7px;
+    padding: 7px;
 }
 
 .l-unit {
-  color: #888;
-  padding: 0 0 0 15px;
-  overflow: hidden;
-  font-size: 13px;
-}
-.units .l-unit {
-  border-bottom: 1px solid #ddd;
-  border-left: 2px solid #fff;
-}
-.units .l-unit.l-unit--starred {
-  border-left: 2px solid #ff6701;
-}
-.units.active .l-unit.focus {
-  border-left: 2px solid #5edad0;
-}
-.units.active .l-unit.focus .l-unit__name {
-  color: #36b3a9;
-}
-.units.active .l-unit.focus .l-unit-toolbar__col--right {
-  display: block;
+    color: #888;
+    padding: 0 0 0 15px;
+    overflow: hidden;
+    font-size: 13px;
 }
 
+.units .l-unit {
+    border-bottom: 1px solid #ddd;
+    border-left: 2px solid #fff;
+}
+.units .l-unit.l-unit--starred {
+    border-left: 2px solid #9c8cff;
+}
+.units.active .l-unit.focus {
+    border-left: 2px solid #5edad0;
+    background: #f4faff;
+}
+.units.active .l-unit.focus .l-unit__name {
+    color: #36b3a9;
+}
+.units.active .l-unit.focus .l-unit-toolbar__col--right {
+    display: block;
+}
 .units > div:last-child {
-  border-bottom: none;
+    border-bottom: none;
 }
 
 .l-unit-ft {
-  color: #929292;
-  padding: 0 0 0 15px;
+    color: #929292;
+    padding: 0 0 0 15px;
 }
 
 .l-unit:hover .l-unit-toolbar__col--right {
-  display: block;
+    display: block;
 }
+
 .l-unit--blue {
-  border-left: 2px solid #55c9c0;
+    border-left: 2px solid #23b7e5;
 }
 
 .l-unit--suspended {
-  background-color: #eaeaea;
-  color: #c0c0c0;
+    background-color: #eaeaea;
+    color: #c0c0c0;
 }
 
-
 .units .l-unit.l-unit--outdated {
-  background-color: #ffcaca;
-  color: #555;
-  border-left: 5px solid #ff6f6f;
-  border-bottom: 1px solid #fff;
+    background-color: #ffcaca;
+    color: #555;
+    border-left: 5px solid #ff6f6f;
+    border-bottom: 1px solid #fff;
 }
 
-.l-unit--suspended .l-unit__name,
-.l-unit--suspended b,
-.l-unit--outdated .l-unit__name,
-.l-unit--outdated b {
-  color: #c0c0c0;
+.l-unit--suspended .l-unit__name, .l-unit--suspended b {
+    color: #c0c0c0;
 }
 
+.l-unit--outdated .l-unit__name, .l-unit--outdated b {
+    color: #c0c0c0;
+}
 .l-unit--outdated .l-unit__name {
-  color: #333;
+    color: #333;
 }
 .l-unit--outdated b {
-  color: #555;
+    color: #555;
 }
 
 .l-unit--suspended .l-percent {
-  border-color: #fff;
+    border-color: #fff;
 }
 .l-unit--suspended .l-percent__fill {
-  background-color: #fff;
+    background-color: #fff;
+}
+.l-unit--suspended .l-unit__name {
+    color: #ADADAD;
 }
-.l-unit--suspended .l-unit__name,
 .l-unit--suspended .l-unit__name span {
-  color: #ADADAD;
+    color: #ADADAD;
 }
-
-.l-unit--suspended.selected .l-unit__name,
-.l-unit--suspended.selected .l-unit__name span {
-  color: #777;
-}
-
 .l-unit--suspended.selected {
-  background-color: #f2eab8 !important;
-  color: #b2ac87 !important;
+    background-color: #f2eab8 !important;
+    color: #b2ac87 !important;
+}
+.l-unit--suspended.selected .l-unit__name {
+    color: #777;
+}
+.l-unit--suspended.selected .l-unit__name span {
+    color: #777;
 }
 
 .l-unit--outdated.selected {
-  background: #765D5D !important;
-  color: #333 !important;
+    background: #765D5D !important;
+    color: #333 !important;
 }
 
+.l-unit--suspended.selected .l-unit__name, .l-unit--suspended.selected b {
+    color: #333 !important;
+}
 
+.l-unit--outdated.selected .l-unit__name, .l-unit--outdated.selected b {
+    color: #333 !important;
+}
 
-.l-unit--suspended.selected .l-unit__name,
-.l-unit--suspended.selected b,
-.l-unit--outdated.selected .l-unit__name,
-.l-unit--outdated.selected b,
-.l-unit--suspended.selected .l-percent,
-.l-unit--suspended.selected .l-percent__fill,
-.l-unit--suspended.selected .l-unit__name,
+.l-unit--suspended.selected .l-percent, .l-unit--suspended.selected .l-percent__fill {
+    color: #333 !important;
+}
+.l-unit--suspended.selected .l-unit__name {
+    color: #333 !important;
+}
 .l-unit--suspended.selected .l-unit__name span {
-  color: #333 !important;
+    color: #333 !important;
 }
 
 .l-unit.selected .l-percent {
-  border-bottom: 1px dotted #777;
+    border-bottom: 1px dotted #777;
 }
 
-
 .l-unit--selected {
-  background-color: #d1eddc;
+    background-color: #d1eddc;
 }
-.l-unit-toolbar{
-  height: 39px;
+
+.l-unit-toolbar {
+    height: 39px;
 }
 
 .l-unit label {
-  margin-bottom: 20px;
+    margin-bottom: 20px;
 }
+
 .l-unit__columns {
-  display: table;
-  width: 100%;
+    display: table;
+    width: 100%;
 }
+
 .l-unit__col {
-  display: table-cell;
-  padding-top: 1px;
-  vertical-align: top;
+    display: table-cell;
+    padding-top: 1px;
+    vertical-align: top;
 }
+
 .l-unit__col--left {
-  width: 124px;
-  padding-right: 10px;
+    width: 124px;
+    padding-right: 10px;
 }
+
 .units.compact .l-unit__col--left {
-  vertical-align: top;
+    vertical-align: top;
 }
 
 .l-unit__col--left.step-left {
-  padding-left: 30px;
+    padding-left: 30px;
 }
 
 .l-unit__col--right.total {
-  padding-left: 16px;
+    padding-left: 16px;
 }
-
 .l-unit__col--right.back {
-  padding-left: 78px
+    padding-left: 78px;
 }
 
 .l-sort-toolbar .step-left {
-  padding-left: 40px;
+    padding-left: 40px;
 }
+
 .step-right {
-  padding-right: 40px;
+    padding-right: 40px;
 }
 
 .l-unit__date {
-  font-size: 12px;
-  letter-spacing: 1px;
-  margin-top: 10px;
-  padding-bottom: 30px;
+    font-size: 12px;
+    letter-spacing: 1px;
+    margin-top: 10px;
+    padding-bottom: 30px;
 }
 
 .l-unit__suspended {
-  display: none;
-  font-size: 11px;
-  font-weight: bold;
-  letter-spacing: 3px;
-  margin-top: 36px;
-  text-transform: uppercase;
-  margin-bottom: 14px;
+    display: none;
+    font-size: 11px;
+    font-weight: bold;
+    letter-spacing: 3px;
+    margin-top: 36px;
+    text-transform: uppercase;
+    margin-bottom: 14px;
 }
 
 .units.compact .l-unit__suspended {
-  margin-top: 1px;
+    margin-top: 1px;
 }
 
-.l-unit--outdated .l-unit__suspended,
-.l-unit--suspended .l-unit__suspended {
-  display: block;
+.l-unit--outdated .l-unit__suspended, .l-unit--suspended .l-unit__suspended {
+    display: block;
+}
+
+.l-unit-ft .subtitle {
+    color: #9c8cff;
+    font-size: 12px;
+    font-weight: bold;
+    margin: 20px 0 18px 129px;
+    text-transform: uppercase;
 }
 
-.l-unit-ft .subtitle,
 .l-unit .subtitle {
-  color: #ff6701;
-  font-size: 12px;
-  font-weight: bold;
-  margin: 20px 0 18px 129px;
-  text-transform: uppercase;
+    color: #9c8cff;
+    font-size: 12px;
+    font-weight: bold;
+    margin: 20px 0 18px 129px;
+    text-transform: uppercase;
 }
-
 .l-unit.l-unit--outdated .l-unit__date {
-  color: #d24c4c;
-  font-size: 10px;
-  letter-spacing: 3px;
-  text-transform: uppercase;
-  font-weight: bold;
+    color: #d24c4c;
+    font-size: 10px;
+    letter-spacing: 3px;
+    text-transform: uppercase;
+    font-weight: bold;
 }
 
 .l-unit__name {
-  color: #111;
-  font-size: 32px;
-  margin-bottom: 10px;
+    color: #111;
+    font-size: 32px;
+    margin-bottom: 10px;
 }
-.l-unit__stats.separate,
+
+.l-unit__stats.separate {
+    padding-bottom: 15px;
+}
+
 .l-unit__name.separate {
-  padding-bottom: 15px;
+    padding-bottom: 15px;
 }
-
 .l-unit__name.small {
-  font-size: 19px;
+    font-size: 19px;
 }
-
 .l-unit__name.small-2 {
-  font-size: 24px;
+    font-size: 24px;
 }
-
-
 .l-unit__name span {
-  color: #999;
-  margin-left: 30px;
-  font-size: 14px;
-  font-style: italic;
+    color: #999;
+    margin-left: 30px;
+    font-size: 14px;
+    font-style: italic;
 }
 .l-unit__name span:first-of-type {
-  margin-left: 39px;
+    margin-left: 39px;
 }
 .l-unit__name b {
-  font-weight: normal;
-  font-style: italic;
+    font-weight: normal;
+    font-style: italic;
 }
 
 .l-unit__ip {
-  margin-bottom: 26px;
-  font-size: 12px;
-  letter-spacing: 1px;
+    margin-bottom: 26px;
+    font-size: 12px;
+    letter-spacing: 1px;
 }
 .l-unit__ip span {
-  padding-left: 3px;
-  padding-right: 3px;
+    padding-left: 3px;
+    padding-right: 3px;
 }
+
 .display-ip {
-  font-size: 12px;
-  letter-spacing: 1px;
+    font-size: 12px;
+    letter-spacing: 1px;
 }
 .display-ip span {
-  padding-left: 3px;
-  padding-right: 3px;
+    padding-left: 3px;
+    padding-right: 3px;
 }
 
 .l-unit__stats {
-  margin-bottom: 50px;
+    margin-bottom: 50px;
 }
 .l-unit__stats table {
-  width: 100%;
-  table-layout: fixed;
+    width: 100%;
+    table-layout: fixed;
 }
 .l-unit__stats td {
-  height: 22px;
-  padding-bottom: 3px;
-  vertical-align: top;
+    height: 22px;
+    padding-bottom: 3px;
+    vertical-align: top;
 }
+
 .l-unit__stat-col--left {
-  float: left;
-  width: 124px;
+    float: left;
+    width: 124px;
 }
 .l-unit__stat-col--left.compact {
-  width: 70px;
+    width: 70px;
 }
 .l-unit__stat-col--left.compact-2 {
-  width: 95px;
+    width: 95px;
 }
 .l-unit__stat-col--left.wide {
-  width: 190px;
+    width: 190px;
 }
 .l-unit__stat-col--left.wide-2 {
-  width: 230px;
+    width: 230px;
 }
 .l-unit__stat-col--left.wide-3 {
-  width: 250px;
+    width: 250px;
 }
 .l-unit__stat-col--left.wide-4 {
-  width: 550px;
+    width: 550px;
 }
-
-
 .l-unit__stat-col--left.small-2 {
-  line-height: 11px;
+    line-height: 11px;
 }
-
 .l-unit__stat-col--left.tiny {
-  font-size: 11px;
+    font-size: 11px;
 }
-
 .l-unit__stat-col--left.tiny b {
-  font-size: 18px;
+    font-size: 18px;
 }
 
-
 .l-unit__stat-col--right {
-  float: left;
-  max-width: 152px;
+    float: left;
+    max-width: 152px;
 }
 
 .l-unit-toolbar__col--left {
-  float: left;
-  margin-left: -15px;
-  margin-top: 0;
-  padding-bottom: 0px;/* 8px */
-  padding-left: 15px;
-  padding-top: 15px;
-  width: 30px;
-  cursor: pointer;
+    float: left;
+    margin-left: -15px;
+    margin-top: 0;
+    padding-bottom: 0px;
+    /* 8px */
+    padding-left: 15px;
+    padding-top: 15px;
+    width: 30px;
+    cursor: pointer;
 }
 
 .l-unit-toolbar__col--right {
-  float: right;
-  display: none;
+    float: right;
+    display: none;
 }
 
 body.mobile .l-unit-toolbar__col--right {
-  display: block;
+    display: block;
 }
 
 .l-unit-toolbar .shortcut {
-  display: none;
+    display: none;
 }
 
 .units.active .l-unit.focus .l-unit-toolbar .shortcut {
-  display: block;
-  background-color: #69a298;
-  border-radius: 13px;
-  color: #fff;
-  cursor: pointer;
-  display: block;
-  font-size: 12px;
-  font-weight: 700;
-  line-height: 25px;
-  padding-left: 7px;
-  padding-right: 9px;
-  position: absolute;
-  right: 3px;
-  top: 3px;
+    display: block;
+    background-color: #69a298;
+    border-radius: 13px;
+    color: #fff;
+    cursor: pointer;
+    display: block;
+    font-size: 12px;
+    font-weight: 700;
+    line-height: 25px;
+    padding-left: 7px;
+    padding-right: 9px;
+    position: absolute;
+    right: 3px;
+    top: 3px;
 }
 .units.active .l-unit.focus .l-unit-toolbar .shortcut.delete {
-  font-size: 10px;
-  padding-left: 2px;
-  padding-right: 5px;
-  text-transform: capitalize;
+    font-size: 10px;
+    padding-left: 2px;
+    padding-right: 5px;
+    text-transform: capitalize;
 }
 .units.active .l-unit.focus .l-unit-toolbar .shortcut.enter {
-  font-size: 17px;
-  padding-left: 1px;
-  padding-right: 7px;
+    font-size: 17px;
+    padding-left: 1px;
+    padding-right: 7px;
 }
 .units.active .l-unit.focus .l-unit-toolbar i {
-  background: none;
+    background: none;
 }
 
 .l-unit__stat-col.volume {
-  font-size: 12px;
-  line-height: 17px;
-  float: right;
+    font-size: 12px;
+    line-height: 17px;
+    float: right;
 }
 
 .actions-panel__col {
-  float: left;
-  min-width: 95px;
-  min-height: 31px;
-  text-transform: uppercase;
-  background-color: #dfdedd;
-  border-right: 1px solid #d8d7d7;
-  position: relative;
+    float: left;
+    min-width: 95px;
+    min-height: 31px;
+    text-transform: uppercase;
+    background-color: #dde6e9;
+    border-right: 1px solid #dde6e9;
+    position: relative;
 }
+
 .selected .actions-panel__col {
-  -webkit-filter: contrast(80%);
-  filter: contrast(80%);
+    -webkit-filter: contrast(80%);
+    filter: contrast(80%);
 }
+
 .actions-panel__col i {
-  background-image: url("/images/sprite.png?1446554103");
-  background-repeat: no-repeat;
-  display: inline-block;
-  float: right;
-  content: '';
-  width: 31px;
-  height: 31px;
-  position: absolute;
-  top: 0;
-  right: 0;
+    background-image: url("/images/sprite.png?1446554103");
+    background-repeat: no-repeat;
+    display: inline-block;
+    float: right;
+    content: "";
+    width: 31px;
+    height: 31px;
+    position: absolute;
+    top: 0;
+    right: 0;
 }
 .actions-panel__col a {
-  line-height: 31px;
-  color: #777;
-  font-weight: 700;
-  font-size: 12px;
-  padding-left: 13px;
-  display: block;
-  cursor: pointer;
-  position: relative;
-  padding-right: 36px;
-}
-.lang-ru .actions-panel__col a {
-  font-size: 11px;
-  padding-top: 1px;
-}
-.lang-tw .actions-panel__col a {
-  font-size: 15px;
-  font-weight: normal;
-  line-height: 29px;
-}
-.lang-ar .actions-panel__col a {
-  font-size: 15px;
-  font-weight: normal;
-  line-height: 31px;
+    line-height: 31px;
+    color: #777;
+    font-weight: 700;
+    font-size: 12px;
+    padding-left: 13px;
+    display: block;
+    cursor: pointer;
+    position: relative;
+    padding-right: 36px;
 }
 
+.lang-ru .actions-panel__col a {
+    font-size: 11px;
+    padding-top: 1px;
+}
+
+.lang-tw .actions-panel__col a {
+    font-size: 15px;
+    font-weight: normal;
+    line-height: 29px;
+}
+
+.lang-ar .actions-panel__col a {
+    font-size: 15px;
+    font-weight: normal;
+    line-height: 31px;
+}
 
 .actions-panel__favorite a {
-  background-color: #afafac;
-  color: #fff;
+    background-color: #afafac;
+    color: #fff;
 }
 .actions-panel__favorite i {
-  background-position: -39px -85px;
+    background-position: -39px -85px;
 }
 
 .actions-panel__edit i {
-  background-position: -1px -169px;
+    background-position: -1px -169px;
 }
 .actions-panel__edit:hover a {
-  background-color: #9fbf0c;
-  color: #fff;
+    background-color: #27c24c;
+    color: #fff;
 }
 .actions-panel__edit:active a {
-  background-color: #c0e60f;
-  color: #555;
+    background-color: #32f360;
+    color: #555;
 }
 .actions-panel__edit:hover a i {
-  background-position: -41px -169px;
+    background-position: -41px -169px;
 }
 .actions-panel__edit:active a i {
-  background-position: -81px -169px;
+    background-position: -81px -169px;
 }
+
 .actions-panel__edit--active a {
-  background-color: #c0e60f;
-  color: #fff;
+    background-color: #32f360;
+    color: #fff;
 }
 .actions-panel__edit--active i {
-  background-position: -78px -169px;
+    background-position: -78px -169px;
 }
 
 .actions-panel__restart i {
-  background-position: -1px -520px;
+    background-position: -1px -520px;
 }
 .actions-panel__restart:hover a {
-  background-color: #9fbf0c;
-  color: #fff;
+    background-color: #27c24c;
+    color: #fff;
 }
 .actions-panel__restart:active a {
-  background-color: #c0e60f;
-  color: #555;
+    background-color: #32f360;
+    color: #555;
 }
 .actions-panel__restart:hover a i {
-  background-position: -41px -520px;
+    background-position: -41px -520px;
 }
 .actions-panel__restart:active a i {
-  background-position: -81px -520px;
+    background-position: -81px -520px;
 }
+
 .actions-panel__restart--active a {
-  background-color: #c0e60f;
-  color: #fff;
+    background-color: #32f360;
+    color: #fff;
 }
 .actions-panel__restart--active i {
-  background-position: -78px -520px;
+    background-position: -78px -520px;
 }
 
 .actions-panel__add i {
-  background-position: -1px -285px;
+    background-position: -1px -285px;
 }
 .actions-panel__add:hover a {
-  background-color: #9fbf0c;
-  color: #fff;
+    background-color: #27c24c;
+    color: #fff;
 }
 .actions-panel__add:active a {
-  background-color: #c0e60f;
-  color: #555;
+    background-color: #32f360;
+    color: #555;
 }
 .actions-panel__add:hover a i {
-  background-position: -41px -285px;
+    background-position: -41px -285px;
 }
 .actions-panel__add:active a i {
-  background-position: -81px -285px;
+    background-position: -81px -285px;
 }
 
 .actions-panel__add--active a {
-  background-color: #c0e60f;
-  color: #fff;
+    background-color: #32f360;
+    color: #fff;
 }
 .actions-panel__add--active i {
-  background-position: -78px -285px;
+    background-position: -78px -285px;
 }
 
 .actions-panel__update i {
-  background-position: -1px -481px;
+    background-position: -1px -481px;
 }
 .actions-panel__update:hover a {
-  background-color: #9fbf0c;
-  color: #fff;
+    background-color: #27c24c;
+    color: #fff;
 }
 .actions-panel__update:active a {
-  background-color: #c0e60f;
-  color: #555;
+    background-color: #32f360;
+    color: #555;
 }
 .actions-panel__update:hover a i {
-  background-position: -41px -481px;
+    background-position: -41px -481px;
 }
 .actions-panel__update:active a i {
-  background-position: -81px -481px;
+    background-position: -81px -481px;
 }
+
 .actions-panel__update--active a {
-  background-color: #c0e60f;
-  color: #fff;
+    background-color: #32f360;
+    color: #fff;
 }
 .actions-panel__update--active i {
-  background-position: -78px -481px;
+    background-position: -78px -481px;
 }
 
 .actions-panel__logs i {
-  background-position: -2px -130px;
+    background-position: -2px -130px;
 }
 .actions-panel__logs:hover a {
-  background-color: #afafac;
-  color: #fff;
+    background-color: #afafac;
+    color: #fff;
 }
 .actions-panel__logs:active a {
-  background-color: #55c9c0;
-  color: #fff;
+    background-color: #23b7e5;
+    color: #fff;
 }
 .actions-panel__logs:hover a i {
-  background-position: -42px -130px;
+    background-position: -42px -130px;
 }
 .actions-panel__logs:active a i {
-  background-position: -82px -130px;
+    background-position: -82px -130px;
 }
+
 .actions-panel__logs--active a {
-  background-color: #55c9c0;
-  color: #fff;
+    background-color: #23b7e5;
+    color: #fff;
 }
 .actions-panel__logs--active i {
-  background-position: -79px -130px;
+    background-position: -79px -130px;
 }
 
 .actions-panel__db i {
-  background-position: -2px -363px;
+    background-position: -2px -363px;
 }
 .actions-panel__db:hover a {
-  background-color: #afafac;
-  color: #fff;
+    background-color: #afafac;
+    color: #fff;
 }
 .actions-panel__db:active a {
-  background-color: #55c9c0;
-  color: #fff;
+    background-color: #23b7e5;
+    color: #fff;
 }
 .actions-panel__db:hover a i {
-  background-position: -42px -363px;
+    background-position: -42px -363px;
 }
 .actions-panel__db:active a i {
-  background-position: -82px -363px;
+    background-position: -82px -363px;
 }
+
 .actions-panel__db--active a {
-  background-color: #55c9c0;
-  color: #fff;
+    background-color: #23b7e5;
+    color: #fff;
 }
 .actions-panel__db--active i {
-  background-position: -79px -362px;
+    background-position: -79px -362px;
 }
 
 .actions-panel__suspend i {
-  background-position: -1px -51px;
+    background-position: -1px -51px;
 }
 .actions-panel__suspend:hover a {
-  background-color: #afafac;
-  color: #fff;
+    background-color: #afafac;
+    color: #fff;
 }
 .actions-panel__suspend:active a {
-  background-color: #55c9c0;
-  color: #fff;
+    background-color: #23b7e5;
+    color: #fff;
 }
 .actions-panel__suspend:hover a i {
-  background-position: -41px -51px;
+    background-position: -41px -51px;
 }
 .actions-panel__suspend:active a i {
-  background-position: -81px -51px;
+    background-position: -81px -51px;
 }
+
 .actions-panel__suspend--active a {
-  background-color: #55c9c0;
-  color: #fff;
+    background-color: #23b7e5;
+    color: #fff;
 }
 .actions-panel__suspend--active i {
-  background-position: -78px -51px;
+    background-position: -78px -51px;
 }
 
 .actions-panel__unsuspend i {
-  background-position: -1px -12px;
+    background-position: -1px -12px;
 }
 .actions-panel__unsuspend:hover a {
-  background-color: #afafac;
-  color: #fff;
+    background-color: #afafac;
+    color: #fff;
 }
 .actions-panel__unsuspend:active a {
-  background-color: #55c9c0;
-  color: #fff;
+    background-color: #23b7e5;
+    color: #fff;
 }
 .actions-panel__unsuspend:hover a i {
-  background-position: -41px -12px;
+    background-position: -41px -12px;
 }
 .actions-panel__unsuspend:active a i {
-  background-position: -81px -12px;
+    background-position: -81px -12px;
 }
+
 .actions-panel__unsuspend--active a {
-  background-color: #55c9c0;
-  color: #fff;
+    background-color: #23b7e5;
+    color: #fff;
 }
 .actions-panel__unsuspend--active i {
-  background-position: -78px -12px;
+    background-position: -78px -12px;
 }
 
-
 .actions-panel__loginas i {
-  background-position: -1px -245px;
+    background-position: -1px -245px;
 }
 .actions-panel__loginas:hover a {
-  background-color: #afafac;
-  color: #fff;
+    background-color: #afafac;
+    color: #fff;
 }
 .actions-panel__loginas:active a {
-  background-color: #55c9c0;
-  color: #fff;
+    background-color: #23b7e5;
+    color: #fff;
 }
 .actions-panel__loginas:hover a i {
-  background-position: -41px -245px;
+    background-position: -41px -245px;
 }
 .actions-panel__loginas:active a i {
-  background-position: -81px -245px;
+    background-position: -81px -245px;
 }
+
 .actions-panel__loginas--active a {
-  background-color: #55c9c0;
-  color: #fff;
+    background-color: #23b7e5;
+    color: #fff;
 }
 .actions-panel__loginas--active i {
-  background-position: -78px -245px;
+    background-position: -78px -245px;
 }
 
 .actions-panel__download i {
-  background-position: -1px -402px;
+    background-position: -1px -402px;
 }
 .actions-panel__download:hover a {
-  background-color: #9fbf0c;
-  color: #fff;
+    background-color: #27c24c;
+    color: #fff;
 }
 .actions-panel__download:active a {
-  background-color: #c0e60f;
-  color: #555;
+    background-color: #32f360;
+    color: #555;
 }
 .actions-panel__download:hover a i {
-  background-position: -41px -402px;
+    background-position: -41px -402px;
 }
 .actions-panel__download:active a i {
-  background-position: -81px -402px;
+    background-position: -81px -402px;
 }
+
 .actions-panel__download--active a {
-  background-color: #c0e60f;
-  color: #fff;
+    background-color: #32f360;
+    color: #fff;
 }
 .actions-panel__download--active i {
-  background-position: -78px -402px;
+    background-position: -78px -402px;
 }
 
 .actions-panel__configure i {
-  background-position: -1px -442px;
+    background-position: -1px -442px;
 }
 .actions-panel__configure:hover a {
-  background-color: #55c9c0;
-  color: #fff;
+    background-color: #23b7e5;
+    color: #fff;
 }
 .actions-panel__configure:active a {
-  background-color: #afafac;
-  color: #fff;
+    background-color: #afafac;
+    color: #fff;
 }
 .actions-panel__configure:hover a i {
-  background-position: -81px -442px;
+    background-position: -81px -442px;
 }
 .actions-panel__configure:active a i {
-  background-position: -41px -442px;
+    background-position: -41px -442px;
 }
+
 .actions-panel__configure--active a {
-  background-color: #55c9c0;
-  color: #fff;
+    background-color: #23b7e5;
+    color: #fff;
 }
 .actions-panel__configure--active i {
-  background-position: -78px -442px;
+    background-position: -78px -442px;
 }
 
 .actions-panel__.l-icon-starmail i {
-  background-position: -1px -324px;
+    background-position: -1px -324px;
 }
+
 .actions-panel__mail:hover a {
-  background-color: #afafac;
-  color: #fff;
+    background-color: #afafac;
+    color: #fff;
 }
 .actions-panel__mail:active a {
-  background-color: #55c9c0;
-  color: #fff;
+    background-color: #23b7e5;
+    color: #fff;
 }
 .actions-panel__mail:hover a i {
-  background-position: -41px -324px;
+    background-position: -41px -324px;
 }
 .actions-panel__mail:active a i {
-  background-position: -81px -324px;
+    background-position: -81px -324px;
 }
+
 .actions-panel__mail--active a {
-  background-color: #55c9c0;
-  color: #fff;
+    background-color: #23b7e5;
+    color: #fff;
 }
 .actions-panel__mail--active i {
-  background-position: -78px -324px;
+    background-position: -78px -324px;
 }
 
 .actions-panel__delete i {
-  background-position: -1px -207px;
+    background-position: -1px -207px;
 }
 .actions-panel__delete:hover a {
-  background-color: #ff3438;
-  color: #fff;
+    background-color: #ff3438;
+    color: #fff;
 }
 .actions-panel__delete:active a {
-  background-color: #ff5f5f;
-  color: #fff;
+    background-color: #ff5f5f;
+    color: #fff;
 }
 .actions-panel__delete:hover a i {
-  background-position: -41px -207px;
+    background-position: -41px -207px;
 }
 .actions-panel__delete:active a i {
-  background-position: -81px -207px;
+    background-position: -81px -207px;
 }
+
 .actions-panel__delete--active a {
-  background-color: #ff5f5f;
-  color: #fff;
+    background-color: #ff5f5f;
+    color: #fff;
 }
 .actions-panel__delete--active i {
-  background-position: -78px -207px;
+    background-position: -78px -207px;
 }
 
 .actions-panel__stop i {
-  background-position: -1px -561px;
+    background-position: -1px -561px;
 }
 .actions-panel__stop:hover a {
-  background-color: #ff3438;
-  color: #fff;
+    background-color: #ff3438;
+    color: #fff;
 }
 .actions-panel__stop:active a {
-  background-color: #ff5f5f;
-  color: #fff;
+    background-color: #ff5f5f;
+    color: #fff;
 }
 .actions-panel__stop:hover a i {
-  background-position: -41px -561px;
+    background-position: -41px -561px;
 }
 .actions-panel__stop:active a i {
-  background-position: -81px -561px;
+    background-position: -81px -561px;
 }
+
 .actions-panel__stop--active a {
-  background-color: #ff5f5f;
-  color: #fff;
+    background-color: #ff5f5f;
+    color: #fff;
 }
 .actions-panel__stop--active i {
-  background-position: -78px -561px;
+    background-position: -78px -561px;
 }
 
 .actions-panel__start i {
-  background-position: -1px -482px;
+    background-position: -1px -482px;
 }
 .actions-panel__start:hover a {
-  background-color: #9fbf0c;
-  color: #fff;
+    background-color: #27c24c;
+    color: #fff;
 }
 .actions-panel__start:active a {
-  background-color: #c0e60f;
-  color: #555;
+    background-color: #32f360;
+    color: #555;
 }
 .actions-panel__start:hover a i {
-  background-position: -41px -482px;
+    background-position: -41px -482px;
 }
 .actions-panel__start:active a i {
-  background-position: -81px -482px;
+    background-position: -81px -482px;
 }
+
 .actions-panel__start--active a {
-  background-color: #c0e60f;
-  color: #fff;
+    background-color: #32f360;
+    color: #fff;
 }
 .actions-panel__start--active i {
-  background-position: -78px -482px;
+    background-position: -78px -482px;
 }
 
-
 .l-icon-up-arrow, .l-icon-down-arrow, .l-icon-star, .l-icon-to-top, .l-icon-shortcuts, .l-icon-star-orange, .l-icon-star-blue {
-  display: inline-block;
-  vertical-align: middle;
-  background-image: url("/images/sprite.png?1446554103");
+    display: inline-block;
+    vertical-align: middle;
+    background-image: url("/images/sprite.png?1446554103");
 }
 
 .l-icon-down-arrow {
-  width: 7px;
-  height: 15px;
-  background-position: -280px -128px;
+    width: 7px;
+    height: 15px;
+    background-position: -280px -128px;
 }
 
 .l-icon-up-arrow {
-  width: 7px;
-  height: 15px;
-  background-position: -299px -129px;
+    width: 7px;
+    height: 15px;
+    background-position: -299px -129px;
 }
 
-
 .l-icon-star {
-  width: 36px;
-  height: 36px;
-  background-position: -216px 560px;
-  cursor: pointer;
-  visibility: hidden;
+    width: 36px;
+    height: 36px;
+    background-position: -216px 560px;
+    cursor: pointer;
+    visibility: hidden;
 }
+
 .l-unit--starred .l-icon-star {
-  background-position: -174px 560px;
-  visibility: visible;
+    background-position: -174px 560px;
+    visibility: visible;
 }
+
 .selected .l-icon-star {
-  filter: contrast(70%);
-  -webkit-filter:  contrast(70%);
+    filter: contrast(70%);
+    -webkit-filter: contrast(70%);
 }
 
 .units.compact .l-icon-star {
-  margin-top: -14px;
+    margin-top: -14px;
 }
 
 .l-icon-star:hover {
-  background-position: 0px 560px;
+    background-position: 0px 560px;
 }
-
 .l-icon-star:active {
-  -background-position: -174px 560px;
-  background-position: -80px 562px;
+    -background-position: -174px 560px;
+    background-position: -80px 562px;
 }
 
 .l-unit:hover .l-icon-star {
-  visibility: visible;
+    visibility: visible;
 }
 
-
 .l-icon-to-top {
-  width: 35px;
-  height: 35px;
-  background-position: -330px -68px;
+    width: 35px;
+    height: 35px;
+    background-position: -330px -68px;
 }
 .l-icon-to-top:hover {
-  background-position: -366px -68px;
+    background-position: -366px -68px;
 }
 .l-icon-to-top:active {
-  background-position: -402px -68px;
+    background-position: -402px -68px;
 }
 
 .l-icon-shortcuts {
-  width: 35px;
-  height: 35px;
-  background-position: -240px -281px;
-  border-radius: 18px;
+    width: 35px;
+    height: 35px;
+    background-position: -240px -281px;
+    border-radius: 18px;
 }
 .l-icon-shortcuts:hover {
-  background-position: -160px -281px;
+    background-position: -160px -281px;
 }
 .l-icon-shortcuts:active {
-  background-position: -198px -281px;
+    background-position: -198px -281px;
 }
 
-body.mobile .l-icon-to-top,
-body.mobile .l-icon-shortcuts {
-  display: none;
+body.mobile .l-icon-to-top, body.mobile .l-icon-shortcuts {
+    display: none;
 }
 
-
 .l-icon-star-orange {
-  width: 13px;
-  height: 13px;
-  background-position: -178px -97px;
+    width: 13px;
+    height: 13px;
+    background-position: -178px -97px;
 }
 
 .l-icon-star-blue {
-  width: 13px;
-  height: 13px;
-  background-position: -134px -97px;
+    width: 13px;
+    height: 13px;
+    background-position: -134px -97px;
 }
 
 .media-top {
-  vertical-align: top;
+    vertical-align: top;
 }
 
 .l-unit__stat-cols {
-  padding-right: 10px;
+    padding-right: 10px;
 }
 .l-unit__stat-cols.last {
-  padding-right: 0;
+    padding-right: 0;
 }
 .l-unit__stat-cols.graph {
-  width: 200px;
+    width: 200px;
 }
 .l-unit__stat-cols.tiny {
-  font-size:11px;
-  line-height: 19px;
+    font-size: 11px;
+    line-height: 19px;
 }
 
 .l-percent {
-  border-bottom: 1px dotted #ccc;
-  margin-top: 1px;
-  width: 200px;
+    border-bottom: 1px dotted #ccc;
+    margin-top: 1px;
+    width: 200px;
 }
+
 .l-percent__fill {
-  background-color: #aacc0d;
-  height: 3px;
-  position: relative;
-  bottom: -1px;
+    background-color: #aacc0d;
+    height: 3px;
+    position: relative;
+    bottom: -1px;
 }
 
 .to-top {
-  display: inline-block;
-  position: fixed;
-  top: 92%;
-  right: 1%;
+    display: inline-block;
+    position: fixed;
+    top: 92%;
+    right: 1%;
 }
 
 .to-shortcuts {
-  display: inline-block;
-  position: fixed;
-  top: 92%;
-  right: 4%;
+    display: inline-block;
+    position: fixed;
+    top: 92%;
+    right: 4%;
 }
 
-
 /*
 #vstobjects {
   margin-top: -1px;
 }
 */
-
 #vstobjects .l-center {
-  padding-top: 20px;
-  padding-bottom: 30px;
-  font-size: 12px;
+    padding-top: 20px;
+    padding-bottom: 30px;
+    font-size: 12px;
 }
 
 .timer-container {
-  margin-top: 4px;
+    margin-top: 4px;
 }
-
 .timer-container .refresh-timer {
-  border: 2px solid #9f9f9f;
-  border-radius: 14px;
-  height: 14px;
-  width: 14px;
-  float: left;
-  margin: 2px 10px 0 0;
+    border: 2px solid #9f9f9f;
+    border-radius: 14px;
+    height: 14px;
+    width: 14px;
+    float: left;
+    margin: 2px 10px 0 0;
 }
 .timer-container .refresh-timer.paused {
-  border: 2px solid #9f9f9f;
+    border: 2px solid #9f9f9f;
 }
-.timer-container .refresh-timer.paused .loader-half.right,
-.timer-container .refresh-timer.paused .loader-half.dark {
-  background-color: #9d9f9f;
+.timer-container .refresh-timer.paused .loader-half.right, .timer-container .refresh-timer.paused .loader-half.dark {
+    background-color: #9d9f9f;
 }
 .timer-container .loader-half {
-  border-radius: 0 14px 14px 0;
-  height: 14px;
-  width: 7px;
-  float: left;
+    border-radius: 0 14px 14px 0;
+    height: 14px;
+    width: 7px;
+    float: left;
 }
 .timer-container .loader-half.left {
-  border-radius: 14px 0 0 14px;
-  background-color: #fff;
+    border-radius: 14px 0 0 14px;
+    background-color: #fff;
 }
 .timer-container .loader-half.right {
-  margin-left: 7px;
-  background-color: #9f9f9f;
+    margin-left: 7px;
+    background-color: #9f9f9f;
 }
 .timer-container .loader-half.dark {
-  background-color: #9f9f9f;
+    background-color: #9f9f9f;
 }
 .timer-container .movement {
-  float: left;
-  width: 14px;
-  height: 14px;
-  position: absolute;
+    float: left;
+    width: 14px;
+    height: 14px;
+    position: absolute;
 }
 .timer-container .movement.left {
-  z-index: 10;
+    z-index: 10;
 }
 .timer-container .movement.right {
-  transform: rotate(180deg);
-  -webkit-transform: rotate(180deg);
+    transform: rotate(180deg);
+    -webkit-transform: rotate(180deg);
 }
 .timer-container .timer-button {
-  cursor: pointer;
-  text-decotation: underline;
-  margin: 7px 0 0 38px;
-  width: 15px;
-  float: left;
-  height: 10px;
+    cursor: pointer;
+    text-decotation: underline;
+    margin: 7px 0 0 38px;
+    width: 15px;
+    float: left;
+    height: 10px;
 }
 .timer-container .timer-button.pause {
-  background: url(/images/pause.png) no-repeat ;
+    background: url(/images/pause.png) no-repeat;
 }
 .timer-container .timer-button.play {
-  background: url(/images/start.png) no-repeat;
+    background: url(/images/start.png) no-repeat;
 }
 
 .uppercase {
-  text-transform: uppercase;
-}
-
-.title b,
-.title {
-  color: #ff6701;
-  font-size: 12px;
-  font-weight: bold;
-  padding: 0 30px 0px 73px;
-  line-height: 30px;
-  text-transform: uppercase;
+    text-transform: uppercase;
 }
 
 .title {
-  display: inline-block;
-  float: left;
+    color: #9c8cff;
+    font-size: 12px;
+    font-weight: bold;
+    padding: 0 30px 0px 73px;
+    line-height: 30px;
+    text-transform: uppercase;
+    display: inline-block;
+    float: left;
+}
+.title b {
+    color: #9c8cff;
+    font-size: 12px;
+    font-weight: bold;
+    padding: 0 30px 0px 73px;
+    line-height: 30px;
+    text-transform: uppercase;
 }
-
-
-
 
 /* form styles */
-
-
-
 .vst-error {
-  color: #BE5ABF;
-  font-weight: bold;
-  display: inline-block;
-  height: 17px;
-  overflow: hidden;
-  padding-top: 6px;
-  width: 593px;
+    color: #BE5ABF;
+    font-weight: bold;
+    display: inline-block;
+    height: 17px;
+    overflow: hidden;
+    padding-top: 6px;
+    width: 593px;
 }
 
 .vst-ok {
-  color: #9fbf0c;
-  font-weight: bold;
-  display: inline-block;
-  height: 17px;
-  overflow: hidden;
-  padding-top: 6px;
-  max-width: 600px;
+    color: #27c24c;
+    font-weight: bold;
+    display: inline-block;
+    height: 17px;
+    overflow: hidden;
+    padding-top: 6px;
+    max-width: 600px;
 }
-
 .vst-ok a {
-  color: #2c9491;
+    color: #27c24c;
 }
 .vst-ok a:hover {
-  color: #ff6701;
+    color: #9c8cff;
 }
 .vst-ok a:active {
-  color: #f72b44;
+    color: #796cc7;
 }
 
-
-
-
 .data {
-  margin: 0 0 90px 0;
+    margin: 0 0 90px 0;
 }
+
 .data-col1 {
-  width: 148px;
+    width: 148px;
 }
-
 .data-col1 td {
-  padding: 10px 0 0 5px;
+    padding: 10px 0 0 5px;
 }
-
 .data-col1 tr:first-child td {
-  padding: 59px 0 0 5px;
+    padding: 59px 0 0 5px;
 }
 
-.login-box td,
-.data td {
-  color: #555;
-  font-size: 15px;
-  padding-bottom: 3px;
-  font-weight: bold;
+.login-box td, .data td {
+    color: #555;
+    font-size: 15px;
+    padding-bottom: 3px;
+    font-weight: bold;
 }
+
 .input-label {
-  padding-top: 20px;
+    padding-top: 20px;
 }
-.data input[type="checkbox"] {
-  display: inline;
-  cursor: pointer;
+
+.data input[type=checkbox] {
+    display: inline;
+    cursor: pointer;
 }
+
 .step-top {
-  padding-top: 42px;
+    padding-top: 42px;
 }
+
 .step-top-small {
-  padding-top: 22px;
+    padding-top: 22px;
 }
+
 .jump-top {
-  margin-top: -60px;
+    margin-top: -60px;
 }
+
 .jump-small-top {
-  margin-top: -12px;
+    margin-top: -12px;
 }
+
 .float-right {
     display: inline-block;
     float: right;
 }
 
 .data a {
-  text-decoration: none;
-}
-label {
-  cursor: pointer;
+    text-decoration: none;
 }
 
+label {
+    cursor: pointer;
+}
 label:hover {
-  color: #333;
+    color: #333;
 }
 
 .vst-input {
-  background-color: #fff;
-  border: 1px solid #cfcfcf;
-  border-radius: 0px;
-  color: #555;
-  font-family: Arial;
-  font-size: 19px;
-  height: 28px;
-  margin: 2px 6px 0 0;
-  padding: 7px 3px 9px 14px;
-  width: 360px;
-  font-weight: normal;
+    background-color: #fff;
+    border: 1px solid #dee5e7;
+    border-radius: 3px;
+    color: #555;
+    font-family: Arial;
+    font-size: 19px;
+    height: 28px;
+    margin: 2px 6px 0 0;
+    padding: 7px 3px 9px 14px;
+    width: 360px;
+    font-weight: normal;
 }
 .vst-input:hover {
-  border: 1px solid #909090;
+    border: 1px solid #909090;
 }
 .vst-input:focus {
-  border: 1px solid #55C9C0;
-  background-color: #D7F9FF;
-  color: #333;
+    border: 1px solid #23b7e5;
+    background-color: #fff;
+    color: #333;
+}
+.vst-input:disabled {
+    background-color: #e0e0e0;
 }
 
-.vst-input:disabled,
 .vst-list:disabled {
-  background-color: #e0e0e0;
+    background-color: #e0e0e0;
 }
+
 .vst-input:focus:disabled {
-  border-color: #f1f1f1;
-  background-color: #f1f1f1;
+    border-color: #f1f1f1;
+    background-color: #f1f1f1;
 }
 .vst-input.long {
-  width: 832px;
+    width: 100%;
 }
 .vst-input.short {
-  width: 200px;
+    width: 200px;
 }
 
 .vst-list {
-  background-color: #fff;
-  border: 1px solid #ccc;
-  border-radius: 0;
-  color: #555;
-  font-family: Arial,Helvetica,sans-serif;
-  font-size: 19px;
-  font-weight: normal;
-  height: 43px;
-  cursor: pointer;
-  margin: 2px 6px 0 0;
-  min-width: 138px;
-  padding: 8px 1px 6px 10px;
-  background-image: url("/images/sprite.png?1446554103");
-  background-position: -185px -604px;
-  width: 270px;
-  appearance:none;
-  -moz-appearance:none;
-  -webkit-appearance:none;
-  text-shadow: 0 0 0 #555;
+    background-color: #fff;
+    border: 1px solid #dee5e7;
+    border-radius: 3px;
+    color: #555;
+    font-family: Arial, Helvetica, sans-serif;
+    font-size: 19px;
+    font-weight: normal;
+    height: 43px;
+    cursor: pointer;
+    margin: 2px 6px 0 0;
+    min-width: 138px;
+    padding: 8px 1px 6px 10px;
+    background-image: url("/images/sprite.png?1446554103");
+    background-position: -185px -604px;
+    width: 270px;
+    appearance: none;
+    -moz-appearance: none;
+    -webkit-appearance: none;
+    text-shadow: 0 0 0 #555;
 }
-
 .vst-list.long-2 {
-  width: 486px;
-  background-position: 502px -604px;
+    width: 486px;
+    background-position: 502px -604px;
 }
 .vst-list option {
-  padding: 6px 1px 6px 15px;
+    padding: 6px 1px 6px 15px;
 }
 .vst-list:hover {
-  border: 1px solid #909090;
+    border: 1px solid #909090;
 }
 .vst-list:focus {
-  border: 1px solid #55C9C0;
-  color: #333;
+    border: 1px solid #23b7e5;
+    color: #333;
 }
-
 .vst-list.flat {
-  border: 1px solid #fff;
-  color: #2c9491;
-  text-transform: uppercase;
-  font-weight: bold;
-  font-size: 11px;
-  margin-left: -14px;
-  background-position: -210px -604px;
-  text-shadow: none !important;
+    border: 1px solid #fff;
+    color: #27c24c;
+    text-transform: uppercase;
+    font-weight: bold;
+    font-size: 11px;
+    margin-left: -14px;
+    background-position: -210px -604px;
+    text-shadow: none !important;
 }
 .vst-list.flat:hover {
-  color: #ff6701;
+    color: #9c8cff;
 }
 .vst-list.flat option {
-  color: #555;
+    color: #555;
 }
 
-a.vst-text,
-a.vst-text b{
-  color: #2c9491;
+a.vst-text {
+    color: #27c24c;
 }
-a.vst-text:hover,
-a.vst-text:hover b{
-  color: #ff6701;
+a.vst-text b {
+    color: #27c24c;
 }
-a.vst-text:active,
-a.vst-text:active b{
-  color: #ff6701;
+a.vst-text:hover, a.vst-text:active {
+    color: #9c8cff;
+}
+a.vst-text:hover b, a.vst-text:active b {
+    color: #9c8cff;
 }
 
 .vst-textinput {
-  background-color: #fff;
-  border: 1px solid #cfcfcf;
-  border-radius: 0px;
-  color: #555;
-  font-size: 19px;
-  padding: 5px;
-  width: 560px;
-  height: 90px;
-  font-family:Arial, Helvetica, sans-serif;
-  padding: 9px 1px 6px 14px;
-  font-weight: normal;
+    background-color: #fff;
+    border: 1px solid #dee5e7;
+    border-radius: 3px;
+    color: #555;
+    font-size: 19px;
+    padding: 5px;
+    width: 560px;
+    height: 90px;
+    font-family: Arial, Helvetica, sans-serif;
+    padding: 9px 1px 6px 14px;
+    font-weight: normal;
 }
 .vst-textinput:hover {
-  border: 1px solid #909090;
+    border: 1px solid #909090;
 }
 .vst-textinput:focus {
-  border: 1px solid #55C9C0;
-  background-color: #D7F9FF;
-  color: #333;
+    border: 1px solid #23b7e5;
+    background-color: #fff;
+    color: #333;
 }
 .vst-textinput:disabled {
-  background-color: #f1f1f1;
+    background-color: #f1f1f1;
 }
-.vst-textinput.console{
-  font-size: 13px;
-  width: 630px;
-  height: 300px;
-  font-family:"Lucida Console", Monaco, monospace;
-  white-space: pre;
+.vst-textinput.console {
+    font-size: 13px;
+    width: 630px;
+    height: 300px;
+    font-family: "Lucida Console", Monaco, monospace;
+    white-space: pre;
 }
 .vst-textinput.short {
-  width: 360px;
+    width: 360px;
 }
-#advanced-options .console{
-  width: 833px;
-  height: 600px;
+
+#advanced-options .console {
+    width: 833px;
+    height: 600px;
 }
+
 .generate {
-  color: #2C9491;
-  text-decoration: underline;
-  cursor: pointer;
-  margin-left: -3px;
-  padding: 0 3px;
+    color: #27c24c;
+    text-decoration: underline;
+    cursor: pointer;
+    margin-left: -3px;
+    padding: 0 3px;
 }
 .generate:hover {
-  background-color: #ff6701;
-  border-color: #ff6701;
-  color: #fff;
+    background-color: #9c8cff;
+    border-color: #9c8cff;
+    color: #fff;
 }
 .generate:active {
-  background-color: #F7D616;
-  border-color: #F7D616;
+    background-color: #F7D616;
+    border-color: #F7D616;
 }
+
 .vst-advanced {
-  border-bottom: 1px solid #2c9491;
-  color: #2c9491;
-  font-size: 11px;
-  letter-spacing: 1px;
-  padding: 2px 2px 0;
-  text-decoration: none;
-  text-transform: uppercase;
+    border-bottom: 1px solid #27c24c;
+    color: #27c24c;
+    font-size: 11px;
+    letter-spacing: 1px;
+    padding: 2px 2px 0;
+    text-decoration: none;
+    text-transform: uppercase;
 }
+
 .login-box .vst-advanced:hover {
-  color: #ff6701;
-  background-color: transparent;
-  border-color: transparent;
+    color: #9c8cff;
+    background-color: transparent;
+    border-color: transparent;
 }
 
 .vst-advanced:hover {
-  color: #fff;
-  background-color: #ff6701;
-  border-color: #ff6701;
+    color: #fff;
+    background-color: #9c8cff;
+    border-color: #9c8cff;
 }
 
-.login-box .vst-advanced:active,
-.vst-advanced:active {
-  color: #fff;
-  background-color: #F7D616;
-  border-color: #F7D616;
+.login-box .vst-advanced:active, .vst-advanced:active {
+    color: #fff;
+    background-color: #F7D616;
+    border-color: #F7D616;
 }
 
 .login-box .vst-advanced {
-  border-bottom: none;
-  color: #2c9491;
-  font-size: 10px;
-  letter-spacing: 1px;
-  padding: 2px 2px 0;
-  text-decoration: none;
-  text-transform: uppercase;
+    border-bottom: none;
+    color: #27c24c;
+    font-size: 10px;
+    letter-spacing: 1px;
+    padding: 2px 2px 0;
+    text-decoration: none;
+    text-transform: uppercase;
 }
+
 .vst-checkbox {
-  font-size: 19px;
-  margin: 2px 6px 0 3px;
-  padding: 5px;
+    font-size: 19px;
+    margin: 2px 6px 0 3px;
+    padding: 5px;
 }
+
 .lets-encrypt-note {
-  color: #89a40a !important;
-  font-style: italic;
-  font-weight: normal !important;
-  height: 30px;
-  padding-top: 10px;
-  vertical-align: top;
+    color: #89a40a !important;
+    font-style: italic;
+    font-weight: normal !important;
+    height: 30px;
+    padding-top: 10px;
+    vertical-align: top;
 }
 
 .additional-control {
-  margin-left: 17px;
-  color: #2C9491;
-  border-bottom: 1px solid #2C9491;
-  font-size: 11px;
-  letter-spacing: 1px;
-  cursor: pointer;
-  text-transform: uppercase;
-  font-weight: bold;
-  padding: 2px 2px 0;
+    margin-left: 17px;
+    color: #27c24c;
+    border-bottom: 1px solid #27c24c;
+    font-size: 11px;
+    letter-spacing: 1px;
+    cursor: pointer;
+    text-transform: uppercase;
+    font-weight: bold;
+    padding: 2px 2px 0;
 }
 .additional-control:hover {
-  background-color: #ff6701;
-  border-color: #ff6701;
-  color: #fff;
+    background-color: #9c8cff;
+    border-color: #9c8cff;
+    color: #fff;
 }
 .additional-control:active {
-  color: #fff;
-  background-color: #aaa;
+    color: #fff;
+    background-color: #aaa;
 }
-
 .additional-control.ftp-remove-user {
-  padding: 2px 0 0 0;
+    padding: 2px 0 0 0;
 }
-
-.additional-control.delete:hover,
-.additional-control.ftp-remove-user:hover {
-  background-color: #FF3438;
-  border-color: #FF3438;
+.additional-control.delete:hover, .additional-control.ftp-remove-user:hover {
+    background-color: #FF3438;
+    border-color: #FF3438;
 }
-.additional-control.delete:active,
-.additional-control.ftp-remove-user:active {
-  background-color: #FF5F5F;
-  border-color: #FF5F5F;
+.additional-control.delete:active, .additional-control.ftp-remove-user:active {
+    background-color: #FF5F5F;
+    border-color: #FF5F5F;
 }
 .additional-control.add:hover {
-  background-color: #9FBF0C;
-  border-color: #9FBF0C;
+    background-color: #27c24c;
+    border-color: #27c24c;
 }
-.additional-control.add:active{
-  background-color: #c0e60f;
-  border-color: #c0e60f;
+.additional-control.add:active {
+    background-color: #32f360;
+    border-color: #32f360;
 }
-
 .additional-control.remove-ns {
-  display: none;
+    display: none;
 }
 
 .data .step-left {
-  padding-left: 50px;
+    padding-left: 50px;
 }
+
 .hide-password {
-  color: #2361a1;
-  margin-left: -36px;
-  padding-left: 3px;
-  z-index: 1;
+    color: #2361a1;
+    margin-left: -36px;
+    padding-left: 3px;
+    z-index: 1;
 }
+
 .toggle-psw-visibility-icon {
-  cursor: pointer;
-  opacity: 1;
+    cursor: pointer;
+    opacity: 1;
 }
+
 .show-passwords-enabled-action {
-  opacity: 0.4;
-}
-.ftp-path-value,
-.hint,
-td.hint {
-  color: #777;
-  font-size: 15px;
-  font-style: italic;
-  font-weight: normal;
-}
-.ftp-path-prefix { padding-top: 7px; }
-
-.ui-button,
-.button {
-  filter:chroma(color=#000);
-  cursor: pointer;
-  border-radius: 3px 3px 3px 3px;
-  font-size: 13px;
-  font-weight: bold;
-  padding: 1px 16px 3px 16px;
-  width: 108px;
-  height: 34px;
-  color: #fafafa;
-  border: 1px solid #9FBF0C;
-  background-color: #9FBF0C;
-}
-.ui-button:hover,
-.button:hover {
-  color: #555;
-  border: 1px solid #C0E60F;
-  background-color: #C0E60F;
-}
-.ui-button:active,
-.button:active {
-  border: 1px solid #D1D70D !important;
-  background-color: #D1D70D !important;
+    opacity: 0.4;
 }
 
-.ui-button:focus,
-.button:focus {
-  border: 1px solid #90AD0D;
-  background-color: #90AD0D;
+.ftp-path-value, .hint, td.hint {
+    color: #777;
+    font-size: 15px;
+    font-style: italic;
+    font-weight: normal;
 }
 
-.ui-button.cancel,
-.button.cancel {
-  color: #777;
-  border: 1px solid #DFDEDD;
-  background-color: #DFDEDD;
+.ftp-path-prefix {
+    padding-top: 7px;
 }
-.ui-button.cancel:hover,
-.button.cancel:hover {
-  color: #fff;
-  border: 1px solid #999;
-  background-color: #999;
+
+.ui-button, .button {
+    filter: chroma(color=#000);
+    cursor: pointer;
+    border-radius: 3px 3px 3px 3px;
+    font-size: 13px;
+    font-weight: bold;
+    padding: 1px 16px 3px 16px;
+    width: 108px;
+    height: 34px;
+    color: #fafafa;
+    border: 1px solid #27c24c;
+    background-color: #27c24c;
 }
-.ui-button.cancel:active,
-.button.cancel:active {
-  border: 1px solid #D1D70D;
-  background-color: #D1D70D;
+
+.ui-button:hover, .button:hover {
+    color: #555;
+    border: 1px solid #32f360;
+    background-color: #32f360;
 }
+
+.ui-button:active, .button:active {
+    border: 1px solid #54ca70 !important;
+    background-color: #54ca70 !important;
+}
+
+.ui-button:focus, .button:focus {
+    border: 1px solid #25af49;
+    background-color: #25af49;
+}
+
+.ui-button.cancel, .button.cancel {
+    color: #777;
+    border: 1px solid #dde6e9;
+    background-color: #dde6e9;
+}
+
+.ui-button.cancel:hover, .button.cancel:hover {
+    color: #fff;
+    border: 1px solid #999;
+    background-color: #999;
+}
+
+.ui-button.cancel:active, .button.cancel:active {
+    border: 1px solid #54ca70;
+    background-color: #54ca70;
+}
+
 a.button.cancel {
-  padding: 8px 38px;
-  text-transform: capitalize;
+    padding: 8px 38px;
+    text-transform: capitalize;
 }
 
-
 .ui-dialog button.cancel {
-  color: #000;
-  border: 1px solid #555;
-  background-color: #555;
+    color: #000;
+    border: 1px solid #555;
+    background-color: #555;
 }
+
 /*
 .ui-dialog button.cancel:hover {
   color: #fff;
@@ -2789,105 +2764,101 @@ a.button.cancel {
   background-color: #999;
 }
 .ui-dialog button.cancel:active {
-  border: 1px solid #D1D70D;
-  background-color: #D1D70D;
+  border: 1px solid #54ca70;
+  background-color: #54ca70;
 }
 */
-
-
-
 .ui-button span {
-  color: #fff;
+    color: #fff;
 }
 .ui-button:hover span {
-  color: #555 !important;
+    color: #555 !important;
 }
 .ui-button:active span {
-  color: #555;
+    color: #555;
 }
 .ui-button.cancel span {
-  color: #777;
+    color: #777;
 }
-.ui-button:hover span {
-  color: #fff;
-}
-.ui-button:active span {
-  color: #fff;
+.ui-button:hover span, .ui-button:active span {
+    color: #fff;
 }
 
 .ui-dialog button.cancel span {
-  color: #ccc;
+    color: #ccc;
 }
 
-
 .unlim-trigger {
-  cursor: pointer;
-  margin-left: -36px;
-  padding-left: 3px;
-  z-index: 1;
+    cursor: pointer;
+    margin-left: -36px;
+    padding-left: 3px;
+    z-index: 1;
 }
+
 .optional {
-  font-size: 12px;
-  padding: 0 0 0 6px;
-  font-weight: normal;
+    font-size: 12px;
+    padding: 0 0 0 6px;
+    font-weight: normal;
 }
+
 .data-active b {
-  color: #9FBF0C;
-  font-size: 11px;
-  letter-spacing: 1px;
-  text-transform: uppercase;
+    color: #27c24c;
+    font-size: 11px;
+    letter-spacing: 1px;
+    text-transform: uppercase;
 }
+
 .data-suspended b {
-  color: #A3A3A3;
-  font-size: 11px;
-  letter-spacing: 3px;
-  font-weight: bold;
-  text-transform: uppercase;
+    color: #A3A3A3;
+    font-size: 11px;
+    letter-spacing: 3px;
+    font-weight: bold;
+    text-transform: uppercase;
 }
+
 .data-date {
-  font-weight: normal;
-  color: #777;
-  font-size: 12px;
-  letter-spacing: 1px;
-  line-height: 23px;
+    font-weight: normal;
+    color: #777;
+    font-size: 12px;
+    letter-spacing: 1px;
+    line-height: 23px;
 }
-.data-dotted {
-  vertical-align: top;
-}
-.mail-infoblock-td {
-  vertical-align: top;
+
+.data-dotted, .mail-infoblock-td {
+    vertical-align: top;
 }
+
 .mail-infoblock {
-  margin-left: -110px;
-  font-size: 12px;
-  color: #777;
-  border: 1px solid #d9d9d9;
-  padding: 0px 5px 12px 20px;
-  margin-top: 64px;
-  width: 334px;
-  overflow: hidden;
+    margin-left: -110px;
+    font-size: 12px;
+    color: #777;
+    border: 1px solid #d9d9d9;
+    padding: 0px 5px 12px 20px;
+    margin-top: 64px;
+    width: 334px;
+    overflow: hidden;
 }
 .mail-infoblock:hover {
-  overflow: visible;
+    overflow: visible;
 }
 .mail-infoblock td {
-  color: #777;
-  font-size: 14px;
-  height: 18px;
-  font-weight: normal;
+    color: #777;
+    font-size: 14px;
+    height: 18px;
+    font-weight: normal;
 }
-.mail-infoblock td:first-child{
-  padding-right: 15px;
+.mail-infoblock td:first-child {
+    padding-right: 15px;
 }
 .mail-infoblock div {
-  width: 190px;
-  white-space: nowrap;
+    width: 190px;
+    white-space: nowrap;
 }
 .mail-infoblock a {
-  color: #2c9491;
+    color: #27c24c;
 }
 .mail-infoblock a:hover {
-  color: #ff6701;
+    color: #9c8cff;
 }
 
 .additional-info {
@@ -2904,489 +2875,467 @@ a.button.cancel {
     padding-left: 20px;
 }
 
+:focus {
+    outline: none;
+}
 
-
-:focus {outline:none;}
-::-moz-focus-inner {border:0;}
+::-moz-focus-inner {
+    border: 0;
+}
 
 .login {
-  background-color: #fff;
-  box-shadow: 0 2px 6px rgba(100, 100, 100, 0.3);
-  font-family: Arial,Helvetica,sans-serif;
-  margin: 0;
-  padding: 0;
-  text-align: left;
-  vertical-align: top;
-  width: 550px;
+    background-color: #fff;
+    box-shadow: 0 2px 6px rgba(100, 100, 100, 0.3);
+    font-family: Arial, Helvetica, sans-serif;
+    margin: 0;
+    padding: 0;
+    text-align: left;
+    vertical-align: top;
+    width: 500px;
+}
+.login a.error {
+    color: #BE5ABF;
 }
 
-.login a.error {
-  color: #BE5ABF;
-}
 .vestacp {
-  color: #505050;
-  font-size: 10px;
-  text-align: right;
+    color: #505050;
+    font-size: 10px;
+    text-align: right;
 }
 .vestacp:hover {
-  color: #2c9491;
+    color: #27c24c;
 }
 .vestacp:active {
-  color: #ff6701;
+    color: #9c8cff;
 }
+
 .login-bottom {
-  height: 50px;
-  margin: 0;
-  padding: 0 26px 0 0;
-  text-align: right;
-  vertical-align: top;
-  width: 520px;
+    height: 50px;
+    margin: 0;
+    padding: 0 26px 0 0;
+    text-align: right;
+    vertical-align: top;
+    width: 474px;
 }
 
 .l-unit.selected {
-  background-color: #feef9a;
-  color: #555;
-  border-bottom: 1px solid #c0b990;
+    background-color: #feef9a;
+    color: #555;
+    border-bottom: 1px solid #c0b990;
 }
-
-.l-unit.selected b,
-.l-unit.selected strong {
-  color: #555;
+.l-unit.selected b, .l-unit.selected strong {
+    color: #555;
 }
 
-
 /* MAIN MENU COLLAPSED */
 .collapsed .l-stat {
-  padding-top: 20px;
+    padding-top: 20px;
 }
-
 .collapsed .l-stat__col a {
-  height: 0;
-  min-height: 0;
-  overflow: hidden;
+    height: 0;
+    min-height: 0;
+    overflow: hidden;
 }
-
 .collapsed .l-stat__col-title {
-  padding-top: 2px;
+    padding-top: 2px;
 }
 
 div.l-content.collapsed > div.l-separator:nth-of-type(2) {
-  margin-top: 93px;
-  position: fixed;
+    margin-top: 93px;
+    position: fixed;
 }
-
 div.l-content.collapsed > div.l-separator:nth-of-type(4) {
-  margin-top: 138px;
-  position: fixed;
+    margin-top: 138px;
+    position: fixed;
 }
-
 div.l-content.collapsed .l-sort {
-  margin-top: 94px;
+    margin-top: 94px;
 }
 
 .l-content > .units.l-center::before {
-  content: '';
-  display: block;
-  height: 260px;
+    content: "";
+    display: block;
+    height: 260px;
 }
 
 form#vstobjects {
-  padding-top: 280px;
+    padding-top: 280px;
 }
-
 form#vstobjects.suspended {
-  background-color: #EAEAEA;
-  padding-bottom: 30px;
+    background-color: #EAEAEA;
+    padding-bottom: 30px;
 }
 
 #add-icon {
-  width: 45px;
-  height: 45px;
-  background-image: url("/images/sprite.png?1446554103");
-  background-position: -378px -107px;
-  background-repeat: no-repeat;
-  display: inline-block;
-  z-index: 3;
+    width: 45px;
+    height: 45px;
+    background-image: url("/images/sprite.png?1446554103");
+    background-position: -378px -107px;
+    background-repeat: no-repeat;
+    display: inline-block;
+    z-index: 3;
 }
+
 .l-sort__create-btn.restore #add-icon {
-  background-position: -378px -250px;
+    background-position: -378px -250px;
 }
 .l-sort__create-btn.edit #add-icon {
-  background-position: -378px -154px;
+    background-position: -378px -154px;
 }
+
 #tooltip {
-  background-color: #aacc0d;
-  border-radius: 15px;
-  bottom: 6px;
-  color: #fff;
-  font-size: 12px;
-  font-weight: bold;
-  height: 26px;
-  left: 12px;
-  letter-spacing: 0;
-  line-height: 25px;
-  margin-left: 12px;
-  margin-top: 7px;
-  padding: 3px 14px 3px 27px;
-  position: absolute;
-  text-transform: uppercase;
-  white-space: nowrap;
-  word-break: keep-all;
-  z-index: -1;
+    background-color: #aacc0d;
+    border-radius: 15px;
+    bottom: 6px;
+    color: #fff;
+    font-size: 12px;
+    font-weight: bold;
+    height: 26px;
+    left: 12px;
+    letter-spacing: 0;
+    line-height: 25px;
+    margin-left: 12px;
+    margin-top: 7px;
+    padding: 3px 14px 3px 27px;
+    position: absolute;
+    text-transform: uppercase;
+    white-space: nowrap;
+    word-break: keep-all;
+    z-index: -1;
 }
 
 .l-sort__create-btn:active #add-icon {
-  background-position: -425px -107px;
+    background-position: -425px -107px;
 }
 .l-sort__create-btn.restore:active #add-icon {
-  background-position: -425px -250px !important;
+    background-position: -425px -250px !important;
 }
-
 .l-sort__create-btn.edit:active #add-icon {
-  background-position: -425px -154px !important;
+    background-position: -425px -154px !important;
 }
-
 .l-sort__create-btn.edit:hover #tooltip {
-  background-color: #55C9C0;
+    background-color: #23b7e5;
 }
 .l-sort__create-btn.edit:active #tooltip {
-  background-color: #3BF0E6 !important;
+    background-color: #3BF0E6 !important;
 }
-
-
-
-
 .l-sort__create-btn:active #tooltip {
-  background-color: #D9F210;
+    background-color: #D9F210;
 }
 
 .noselect {
-  -webkit-touch-callout: none;
-  -webkit-user-select: none;
-  -khtml-user-select: none;
-  -moz-user-select: none;
-  -ms-user-select: none;
-  user-select: none;
+    -webkit-touch-callout: none;
+    -webkit-user-select: none;
+    -khtml-user-select: none;
+    -moz-user-select: none;
+    -ms-user-select: none;
+    user-select: none;
 }
 
 .search-input {
-  background-color: #fff;
-  border: 1px solid #ddd;
-  height: 21px;
-  line-height: 28px;
-  padding-left: 7px;
-  float: left;
-  width: 74px;
-/*  visibility: hidden;*/
-  -webkit-transition: width .2s ease-out;
-  -moz-transition: width .2s ease-out;
-  -o-transition: width .2s ease-out;
-  transition: width .2s ease-out;
-}
-.lang-ru .search-input.activated{
-  width: 70px;
-}
-.search-input.activated{
-  width: 130px;
-  visibility: visible;
-}
-.search-input:focus {
-//  background-color: #e8fcff;
-//  border-color: #75c9c2;
-//  color: #333;
+    background-color: #fff;
+    border: 1px solid #ddd;
+    height: 21px;
+    line-height: 28px;
+    padding-left: 7px;
+    float: left;
+    width: 74px;
+    /*  visibility: hidden;*/
+    -webkit-transition: width 0.2s ease-out;
+    -moz-transition: width 0.2s ease-out;
+    -o-transition: width 0.2s ease-out;
+    transition: width 0.2s ease-out;
 }
 
+.lang-ru .search-input.activated {
+    width: 70px;
+}
+
+.search-input.activated {
+    width: 130px;
+    visibility: visible;
+}
 .float-left {
-  float: left;
+    float: left;
 }
+
 .float-right {
-  float: right;
+    float: right;
 }
+
 .display-inline-block {
-  display: inline-block;
+    display: inline-block;
 }
+
 .width-100p {
-  width: 100%;
+    width: 100%;
 }
 
 .l-sort-toolbar table td {
-  float: left;
+    float: left;
 }
+
 .l-sort-toolbar__search-box {
-  float: right !important;
-  padding-top: 3px;
-  padding-right: 0 !important;
+    float: right !important;
+    padding-top: 3px;
+    padding-right: 0 !important;
 }
+
 .ui-dialog .ui-dialog-buttonpane button:nth-of-type(2) {
-  -background-color: #dfdedd;
+    -background-color: #dde6e9;
 }
 
 .shortcuts {
-  background: rgba(50, 50, 50, 0.9);
-  display: inline-block;
-  position: fixed;
-  left: 50%;
-  bottom: 0;
-  color: #eee;
-  width: 800px;
-  border: 1px solid #333;
-  font-size: 13px;
-  z-index: 120;
-  transform: translate(-50%, 0);
+    background: rgba(50, 50, 50, 0.9);
+    display: inline-block;
+    position: fixed;
+    left: 50%;
+    bottom: 0;
+    color: #eee;
+    width: 800px;
+    border: 1px solid #333;
+    font-size: 13px;
+    z-index: 120;
+    transform: translate(-50%, 0);
 }
 .shortcuts .header {
-  border-bottom: 1px solid #333;
-  height: 43px;
+    border-bottom: 1px solid #333;
+    height: 43px;
 }
 .shortcuts .title {
-  text-transform: uppercase;
-  color: #ffcc00;
-  padding: 7px 0 7px 14px;
-  display: inline-block;
-  float: left;
-  font-size: 11px;
-  letter-spacing: 3px;
+    text-transform: uppercase;
+    color: #ffcc00;
+    padding: 7px 0 7px 14px;
+    display: inline-block;
+    float: left;
+    font-size: 11px;
+    letter-spacing: 3px;
 }
 .shortcuts .close {
-  background: url("/images/sprite.png?1446554103") repeat scroll -408px -469px;
-  cursor: pointer;
-  display: inline-block;
-  float: right;
-  height: 32px;
-  padding-top: 11px;
-  width: 46px;
+    background: url("/images/sprite.png?1446554103") repeat scroll -408px -469px;
+    cursor: pointer;
+    display: inline-block;
+    float: right;
+    height: 32px;
+    padding-top: 11px;
+    width: 46px;
 }
 .shortcuts .close:hover {
-  background-color: #000;
+    background-color: #000;
 }
 .shortcuts .close:active {
-  background-color: #55c9c0;
+    background-color: #23b7e5;
 }
 .shortcuts ul {
-  list-style-type: none;
-  padding: 30px 20px;
-  display: inline-block;
-  float: left;
-  width: 360px;
+    list-style-type: none;
+    padding: 30px 20px;
+    display: inline-block;
+    float: left;
+    width: 360px;
 }
 .shortcuts ul li {
-  padding: 5px 20px;
+    padding: 5px 20px;
 }
 .shortcuts ul li.step-top {
-  padding-top: 30px;
+    padding-top: 30px;
 }
 .shortcuts ul li span {
-  color: #48F4EF;
-  display: inline-block;
-  font-weight: bold;
-  padding: 0 20px 0 0;
-  text-align: right;
-/*  width: 140px;*/
+    color: #48F4EF;
+    display: inline-block;
+    font-weight: bold;
+    padding: 0 20px 0 0;
+    text-align: right;
+    /*  width: 140px;*/
 }
 .shortcuts ul li span.bigger {
-  font-size: 18px;
+    font-size: 18px;
 }
 
 .description {
-  font-weight: normal;
-  line-height: 25px;
-  padding-bottom: 45px;
-  margin-left: 50px;
+    font-weight: normal;
+    line-height: 25px;
+    padding-bottom: 45px;
+    margin-left: 50px;
 }
-.description ul{
-  margin-top: 15px;
-  list-style: none;
-  padding-left: 0;
+.description ul {
+    margin-top: 15px;
+    list-style: none;
+    padding-left: 0;
 }
-
-.description li{
-  margin: 10px 0;
+.description li {
+    margin: 10px 0;
 }
-
 .description a {
-  line-height: 30px;
-  text-decoration: underline;
-  color: #2c9491;
+    line-height: 30px;
+    text-decoration: underline;
+    color: #27c24c;
 }
 .description a.purchase {
-  color: #FFF;
-  background-color: #9fbf0c;
-  border: none;
-  border-radius: 3px;
-  font-size: 13px;
-  font-weight: bold;
-  padding: 7px 15px;;
-  text-transform: capitalize;
-  text-decoration: none;
+    color: #FFF;
+    background-color: #27c24c;
+    border: none;
+    border-radius: 3px;
+    font-size: 13px;
+    font-weight: bold;
+    padding: 7px 15px;
+    text-transform: capitalize;
+    text-decoration: none;
 }
 .description a.purchase:hover {
-  background-color: #c0e60f;
-  color: #555;
+    background-color: #32f360;
+    color: #555;
 }
 .description a.purchase:active {
-  background-color: #D9F210;
-  color: #555;
+    background-color: #D9F210;
+    color: #555;
 }
-
 .description a.cancel {
-  background-color: #999;
-  border: none;
-  border-radius: 3px;
-  color: #fff;
-  font-size: 13px;
-  font-weight: bold;
-  padding: 7px 15px;
-  text-transform: capitalize;
-  text-decoration: none;
+    background-color: #999;
+    border: none;
+    border-radius: 3px;
+    color: #fff;
+    font-size: 13px;
+    font-weight: bold;
+    padding: 7px 15px;
+    text-transform: capitalize;
+    text-decoration: none;
 }
 .description a.cancel:hover {
-  background-color: #2c9491;
+    background-color: #27c24c;
 }
 .description a.cancel:active {
-  background-color: #5f9491;
+    background-color: #5f9491;
 }
-
 .description.cancel-success {
-  color: #8fac0a;
-  font-weight: bold;
+    color: #8fac0a;
+    font-weight: bold;
 }
-
 .description .licence {
-  padding: 20px 0;
-  color: #2c9491;
+    padding: 20px 0;
+    color: #27c24c;
 }
-
 .description .licence input {
-  margin-left: 17px;
-  width: 137px;
+    margin-left: 17px;
+    width: 137px;
 }
-
 .description span {
-  font-style: italic;
-  line-height: 45px;
-  padding-top: 20px;
+    font-style: italic;
+    line-height: 45px;
+    padding-top: 20px;
 }
-
 .description .twoco {
-  font-style: italic;
-  line-height: 15px;
-  font-size: 12px;
+    font-style: italic;
+    line-height: 15px;
+    font-size: 12px;
 }
 
 .ui-dialog .ui-dialog-content {
-  padding: 10px 26px 30px !important;
+    padding: 10px 26px 30px !important;
 }
 
 .helper-container {
-  float: right;
-  height: 293px;
-  margin-bottom: -450px;
-  margin-top: 459px;
-  padding-top: 3px;
-  width: 563px;
+    float: right;
+    height: 293px;
+    margin-bottom: -450px;
+    margin-top: 459px;
+    padding-top: 3px;
+    width: 563px;
 }
 
 .context-helper {
-  text-transform: uppercase;
-#  text-decoration: underline;
-  color: #777;
-  font-size: 11px;
-  cursor: pointer;
-  font-weight: bold;
-  float: right;
+    text-transform: uppercase;
+    color: #777;
+    font-size: 11px;
+    cursor: pointer;
+    font-weight: bold;
+    float: right;
 }
 .context-helper:hover {
-  color: #55C9C0;
+    color: #23b7e5;
 }
 .context-helper:active {
-  color: #ff6701;
+    color: #9c8cff;
 }
 
-
 .cron-helper-tabs {
-/*  margin-top: 30px;*/
-  border: 1px solid #d9d9d9 !important;
+    /*  margin-top: 30px;*/
+    border: 1px solid #d9d9d9 !important;
 }
-
 .cron-helper-tabs a {
-  color: #777;
-  font-size: 11px;
-  font-weight: bold;
-  line-height: 30px;
-  padding: 0 12px;
-  text-transform: uppercase;
+    color: #777;
+    font-size: 11px;
+    font-weight: bold;
+    line-height: 30px;
+    padding: 0 12px;
+    text-transform: uppercase;
 }
-
 .cron-helper-tabs a:hover {
-  color: #ff6701;
+    color: #9c8cff;
 }
 .cron-helper-tabs a:active {
-  color: #55C9C0;
+    color: #23b7e5;
 }
 .cron-helper-tabs .ui-tabs-selected a {
-  color: #ff6701;
+    color: #9c8cff;
 }
-
 .cron-helper-tabs select {
-  font-size: 15px !important;
+    font-size: 15px !important;
 }
 .cron-helper-tabs select.short {
-  background-position: -388px -604px;
-  min-width: 30px;
-  width: 70px;
+    background-position: -388px -604px;
+    min-width: 30px;
+    width: 70px;
 }
-
 .cron-helper-tabs p {
-  color: #777;
-  font-size: 12px;
+    color: #777;
+    font-size: 12px;
 }
-.cron-helper-tabs p span{
-  padding-right: 15px;
-  padding-left: 25px;
+.cron-helper-tabs p span {
+    padding-right: 15px;
+    padding-left: 25px;
 }
-.cron-helper-tabs p span.first{
-  display: inline-block;
-  padding-right: 15px;
-  width: 100px;
-  padding-left: 0;
+.cron-helper-tabs p span.first {
+    display: inline-block;
+    padding-right: 15px;
+    width: 100px;
+    padding-left: 0;
 }
-
 .cron-helper-tabs .button {
-  width: auto;
-  background-color: #55C9C0;
-  border: 1px solid #55C9C0;
-  text-transform: capitalize;
+    width: auto;
+    background-color: #23b7e5;
+    border: 1px solid #23b7e5;
+    text-transform: capitalize;
 }
 .cron-helper-tabs .button:hover {
-  background-color: #5BD8CF;
-  border: 1px solid #5BD8CF;
+    background-color: #00d8ff;
+    border: 1px solid #00d8ff;
 }
 .cron-helper-tabs .button:active {
-  background-color: #4FBCB4;
-  border: 1px solid #4FBCB4;
+    background-color: #49c8ef;
+    border: 1px solid #49c8ef;
 }
 
 .context-helper-close {
-  background: rgba(0, 0, 0, 0) url("/images/sprite.png?1446554103") repeat scroll -408px -469px;
-  cursor: pointer;
-  display: inline-block;
-  float: right;
-  height: 32px;
-  padding-top: 11px;
-  width: 46px;
-  filter: contrast(50%);
+    background: rgba(0, 0, 0, 0) url("/images/sprite.png?1446554103") repeat scroll -408px -469px;
+    cursor: pointer;
+    display: inline-block;
+    float: right;
+    height: 32px;
+    padding-top: 11px;
+    width: 46px;
+    filter: contrast(50%);
 }
 .context-helper-close:hover {
-  background-color: #aaa;
-  filter: none;
+    background-color: #aaa;
+    filter: none;
 }
 .context-helper-close:active {
-  background-color: #999;
-  filter: none;
+    background-color: #999;
+    filter: none;
 }
 
 @media screen and (max-width: 950px) {
-  .helper-container {
-    display: none;
-  }
+    .helper-container {
+        display: none;
+    }
 }
diff --git a/web/images/myvesta-large-white-130.png b/web/images/myvesta-large-white-130.png
new file mode 100644
index 0000000000000000000000000000000000000000..2007b0bcf7cdd0506f97f510834aee84386c42b8
GIT binary patch
literal 5284
zcmZvgcRUo1|Hsd{h_mi|kdZAMcZah_A(EZVg%S~GWMyZTtn4j9_RbdBdy9^;
z_pjgo-#=dO*X#9o|Nr{q8KI}6Mn%p>4gdhCG}KWB{~Z5MXb8!_8%9w4^UsJp4b)Ts
z<->P&{uR(Oq&5-&sEVbyvI76>WFG3Ko&W%K=l_eS*S*jd0AQ5WKp~BMEPj6=OS*$*
z?e()i=_71T+t$dod9aDjlc|UzQ5sydK!`Oc7%mM{0MZ-9nJFvl#erabbh1gRsB+~b
z&2o>W=lr~wAtZ$N+l;gQ)opPBe{J(ZO^v)}!s*_v-|g>ALS{MPqUEBz*z_JInnldI
zE1Zt!e+7g1K37eZlbKI$*+cfLq!CXQ(cAc=zejRe>Hgd_uZpcV
zP%v!LX)?J=PNj2a8c9&O@5pZR0F}ao#4kO}s0csoitSSCW*f5(l`;F^qFB~mwCcYa
z+l5?JT@^NndE{zSYU8Crmj_as+=NvP-Z^MOuZG>Y6)5A*7DW%g_r5X+sqwrNo8*ps
z1VXgyxmqxgrW22u2nPrSw7(XNz703iV6BAx`;!aeLzav)n!5s43s&!Tk&ks>!c_M8
ztT*q`KBc=&l_!BPH@FELI#TJSCU*a^HfVZ?{gYKEHYpBcLSpqQhCX#yZ3Zg+_zw-T
zk7uTXAy-qn&R5M~_}gNi!fF0RIKA2+U6~otyaeCl4V8H6_u}(AZ=$Q}mdPc3QnZ&I2m#nxX<3!-%F=yfK5uqacIHnPrLuRB(|7zaTYp{y-y=B6T(tgh
zPyQ@J{lh`|SzP(`{P=*2R0eHzL+nBrA$X3*0+!hELo%Gg+r4yUi=;McZUHmjb?4y8
z(XLacC{8(kh$&U$35tV;l6Drg;7mlGP
zqy!YWDu)%N}%+7d5Uz+&ab
zOIY4dXCXCwTq+5{*Y`dIUf=_A4kI%5{7ca0zeKEG&QaZxJ+F`@Fd5^YvgTw=n8ea-@L6#NWRhS$==pcu-nQJo^q~;G4t=1~gZj
z7qQOZFNXzrrFf;8aj`sh}peuPF$Ens}0gGX~WeqlL(b{eQ)eN!{vly;Q?nK
zQIMs7*sP77QHehR7w6C_t=a1l94`vRnkXNamWzd(eq^5kv>
zX00vo%ju_HH!Iffx!#hZ%!ycua-p<4IS>fYvWM{ZWpf!CL-^>c1FVG8dd<>BSEE%p
zLN05L<7rSyLl3o1Iu~Ur-5!Mkajl~Dks6mx#w_N>RNGskw3cRkK4$w~hHgqU9Jv8D
zq%@D}vi!2FegQ92b)A*TWxJLn1E_^xv}=wBJ;5i1)slf;fa2kq6!`u_6sKHjB>kJc
zt^F|k*7@ktaZfRWi$G{l*2HkILb*QP^tXt)^hp(g$qs#kus&x=qYP9TF{X6#G&|4{
zPovaisG4NF7MkDp0z}d>bBV*8B*`@d#_ZY859!aw5%dmuMFh$V5hmPz(niAuw=lgG4_JWB^{z-!+K2C
z>zcKQ@bSR&0u`aDG9gIqAe~xo@Q;BAdfuR?MU~}kV4kzvj(P7`umQ9a6BDA_txS(GnUWz0J=F9hqPK5A3@b~&!l
z_sceOG9X?yw@yGg8F@40KvMt7(U)_O6-iy*+tOzzr(>@NfiQVOdNx8hK{F9UOIuhj
z4q%-K9$Nw?-XgCZz?O}$yJ<0yKTvb4kf9Z#Kd47?woB@<
zp-C-rwq`80GA9%fAC4Omz320>*_L^Zs&N#wGW;?SYZ|i#-k<+5rTR!03rsfZs&G-8
z7U;cMKZztR586)9sad+pR~IJw8tCqcOAJA^jT7pcv?M9Qmsid41jXspG
zN%ckHy=hE{4OX~H2ioq>rNSV8ueEsxwdJ|bNVxc?G#dH4Fzvb^d6RzJI}@
z|LhNU;*d|&W5x5HH)hFmIqJIHE{|fKiy>`9nRv!4#RA(EYv`F^`<6jwJnuoN&%P>X
z|8BEa_vCFW3{St*uYsfbyU!m76TH7k9YN7z&@QU_)`HKJ?cGhEv&JpOq#=!YkfgYX
zEFwA*JFNY63{#0MxJkgcd5uHq`{6C9Xf
z@n^Oroq!UUujwn}J@FC6X|UWeWpZVwftT*1Ep(Bfj?=Pz0pkLUwUskp6A!|JQS`J)
zNes*QiW$GBFd?;pvllHgY1{|t^_lU0knjZl(g?wX?s%mK8F`u6QhAZrSWkck1@G+NO_t8aM9_xm*0rGS+{Sp82!s3uuHQlQ*F{oAw1KXZ=GA&uec*w;n<8
zAuU9hJjp8dy=7W$6m07d>zHjL4C~kapuD+3k`S%KAAyhZ$9A(cFLA7X6dCC6FJy*(
zT#1)-DHrCmxMB;UX9XSKC`FKb%0CP(aglQd3KNs1+^rM^{y9GLFn?QizLmXuP{8Oe
zI${!IL&K?8Q-P5$c@Lo!F64YZz2<3Bqdh-Ttmb-Hvi87tDBJO45R}l8Fg0zFpp7mN&$q6
zl~(ld=7L_lzi;APl6NdrZ%*>|qdZX(flOrTzfoDMQ0O4bmc8%Hpu7nv@9ERUg4cfo
zpV%*+v=QX{F}FHzSzIBSA(pdHSb^&_`+qr}B?{1Gz0ui^_om8?0}_NxoWFK#vi+i|OYf_eV|-nP>~A|1D^Z_gUbAD`J4_+B
zW+RzBCVD>j(HRZ_wSTF+jI*q}5^EoQ$zQx>M$Nv#0B~q=-!jrWIuBsiZAEn6cDk)S+uh
z)%3eW8cC+7K->+Pm@VUjUC<=EAcSTpZ6Y0@*`l#eJ<2+^K-OTvI_ANe5UMsp;Hec=
zmp)OoNmxXAj&h~?sH&4HbXC{|fdoI4^|GFq7>8~V;LS9-uEWVg`Ee`vctxT1c+=WlJ)95Bkax}H*DdtZ*
z>e}0IEy)*hKBUspu6};gR;_p`fO)!%xiHD0x_Yw4JZnnf4dkC0wu{>^p^!A&!aF*C
z&7y1m)c5PtK-YM8U%iU!-+nh-OwbQQ=Ag^^L_Ly*Ekq-gO}b|qalhrbI&5z#T%Zgq
z{orS5G|?CPxu(+$XvXW${H80~>~cjfY>)F#?Y1&&%rqx!y#3goCDB*znPsZKQk&Yp
zS?}Z-Uc{W(>;@q0^5lXZ`cyVy#!c}0H*%n#ld@_(_w)m>01*CQ8n>5=rbXzW|+(d;j<
zgt7gjE$w?Mw(1-P(mj_3OgPKB;eoo$T79&urp|ThX@0OsLM20@liI7LB6f+PfiIT0
zuoK~u1lGU%hgK54DODvgX*p%waG$Cb)tz7!3&h+ykgN*j@aEymv9pE*zI{&%}l@wc*U2N~{*C5xAC9IT8|s7=`nVZ);(p*NOEEAM(jHJ`d)
zZId)`Ta*3xre%}={j$<7qFh~_PLREK!o|@LnFNp+p%;3|X;oAWF_ZRaKb<$f74r_5
z2F4KZK0U(!eS!zQ6djYL&8=kV%~7Swi4x_QP4r+2N*eGNi<>QW>Ws2mJlwHtHL4h-
zA$?~oxYO9R7kE*v$Ro%!ZEDoVcgMK(?UWj`B~`VPC{BBJpxjcXLS6dNWPWkcgjne7
zhSV#e=27>4n7xNHn+b8LP)W6m+GsCm`*U0QEJ19Y2^o-np-3l{K8&Z(a>HWvMz%o)oh}uq
z^Do-IRB4}|%!B#UCjO)a6gj#3RB&5lh~OEV)#{>)XG+0_`&>_+PM&f$P}bDl+qJuF
zS^DDh0oZe;?lfFiTWe59e^h|6HF&GR$rv`HFzYqs^v%E>00&OuDRZXL@GAf6OB9|ufm@4ws1dqu|KrO*9)Jkfz2z*_iLWdm-|u&`;#my
z8oty&I-NrR$9e@Md(
zctInt2OelM25HUM{XGI8?-}e=@L|Ewd^Z2JFlc7kpXOsl9rUKKJBJ>_kGI9>^GmKY
zSNR6Loci0aSQ**)zF+ym2%$=wTwI38UApKlAs(QQ_Qi0ztv^R7x4;U0f=WYD@nbE`
z!!yP9q`^5P#~dcNjrcRP%+Up$6VCq!#Yu%JO_%IiQzm$>TS4D2R>i5zb#hjY=vTKY$neYX~}vKe4iz38A=}5OT5xRj0zW2?By+spL?rybDeTW@-;j
z0*((CdPy={-r#!+aT0QJ-;`!s3PPTGWvgM8xg*X(XNHRmK=wK|N#R)liXgkqD?bIO
zEv1#d-!wVfAia|1if_`}W17_4t71;FhE^GE+d5Hllem19<{IDMzpoRR_dg$bYuKNdew|C(eF?Xor4aexH@rff;=&
zO?t&D|Hv>gQ@?}nvQl$HC!QX3tE(FAmSc+s7?2P;yHp={#9Vc|ip7cR6(ZBjo#{a$
zPSuRr0-8OyQ`>atZAW$1O8&geQUVUz0Jzy$(l-Fg+i~WSR$2(+LmBZ!7J?D$n~Y9p
mP`T4y9P)qBx?RT1Qzf^!l)QvJ74?5)5ukzAL6xgm;{OjrI@=up

literal 0
HcmV?d00001

diff --git a/web/images/sprite.png b/web/images/sprite.png
index 456ab6f8d441083a881bcfca34a77bb118374c79..061392c3677cc4e7d9659d877a407891e538dde4 100644
GIT binary patch
literal 35005
zcma&O2UHWy`!*bUmm(dcccc?~5fPClAS8qyML>u&kzPbPB1JHC1w;^&00E>*uhLaa
z=tZg$1nJV>zYlEukrX|M`r==PYZ{J(V
zVAFX)d!3B=731fg2x9>vA<`A$1WNvF(9`FsvX?2nh~zJ)U6T*8K3|;(DN`VE@0b}*T)V6YAY>EC}WgJe#ivl~-K~Rx&Ix2H2p;eSeC!?lJbb1R;tfAFR^)P9PJUXrj8r?$kQXgnZ$ogZ
zA+?HNflHBN^4`mlRIk;NnG})EreDJbPQ~9K{e!B`S
zc>Z}Va8J35PI*S6XPGd>g^#ZW;d62%;F|vP7GA>2My>DS*^OKC#lO4zHJTXK+vIzu
zGnE7LAx8$bI((K#am#bf`N6glxkOZYozJL@GX2iZYWbgd3OlXaV3wUjHCXHKn1+SQ
z@2=gWrWi@DXIDELkHn6%m
zTVs;v+b_O*lz49_wzqq~EG1s1e^I7+P0i=WXUT;HvK@_7?Zb{sm0M4bxfW8MnCA$<
zPrX5?^_}fx!Cwd87|OGm<7J}}E@T3<-!CTBVI;(B#ThHF5oJcV-?=TfW=HPvyS~C6
zZ@_yvvoI+s&FbN?)8+dyAQ60UW^Bhugn#|y*csn`u7#f9Z9lqrAeZq08tAxI6^*{{AGFTPR~%Z!oBJI6s*8U@
z0V_j1i}16dgsrYz(I+w+BE>wQ9ya^y<&$;79UC;zgWYdntK8LGvLvw3{2k$~#H8GA
zUsG)f&z8O0a$09;us_8zLD!ay_q*8~uYTNI)tpsb^$XS2sNMl@((EjJT6}Z*&4LiQ
zmt!Q&c;(6!5Q5f(3|mF{_DO|qO+1k?*)^OROfFE|>7VCAX+b=x%W`4f^^qPFJadp8ftL0Dkn&@PnP1XI{9vtzALcYV7M$*$-Bimzj
zkkuCC6*-&zy<4hx8D4`4+;UaE-v}0`F1?4~HZ}c+(^V!-+b5}i`q^6MJ&w;(LYf{P
zpdHWTk6=<%@F7#6$EacEUuE@+W7gIu-o-17sC6o6n^IY!;m)a5J-r7ZF2&Jk2v+`<
zb<+`9E|RGn0*44b#hq9VJFqE1gSzZJxpL`?9g
zn}P19csAUe-X8tOTnokAv1sKstyfylHp>V3>7tx)}9pW;QdY`
z-Dvh<#EUJ(i(_kWBq&!Be&x!H`2PBYAQS`J$j;wUvT8f(8rP}}+pMqqz?=&tEFQEe5yfS?&+
zeMerwqH^2*T_|sZ_Jw(oT(0s7^tvqe^MHxwm43)q>Bp~YQy_H+INc-|Oa6)lHi2qu
z={IAsL_%1(T$jAfhqpsOIzG-j>iNnrDb;FXMhi|1LD@rEnS=lhD{D$g5vRsTTFpW{
z$?;`JHbK0+7R)f$T~EpXT(6|Um%6}}w5^8PX(xiSCEBP>oB@lCu+NUzt6dHVBtgF1
zYd7i-H8zJ|;kI-968Dzg;m(57Gh#wk
zl~~K;X^QTjyf#9&k3W~Hoc^)i4b9>S`J}%cZksQ4flb6I;MCX^QmEW<{lR687>aMB
z$-KMyymPj*Duj1lzJ6wREb=ulWr=CNw#iIw@PTZ_KK;>}+tQcLMfVMKglg~|5E^a4)3
zJd!?Z88mu5w-r4X(|*k{s*ayl3jMX{GGM~1We&f&DKwSLk7|7be<59Wtynh34cuui
z`EEVCRTZSN?yC#p%8(7Qf*%VsguNz})SkQiLBqdz`kXeXjQmsg(?$ANyH%d;Iz>Kh
zv3y@D^qk`P&1+^JM3^tcuww2A@wOaBnD8xqVa3&3Sio4UeYgK6$iKbBCa(9lq9H(OF@+67>4(@pA2X
zYA<-~&nI0oiT_py3+$Bk@n;Ix2Gx4ywQ9cH1h#>ealLT7;p$~?bTZ3=qfpnG#nirZ
zg9kd)o(4l5NkcMam7b3~HWq9<3ZWjHtUWjNJa#nK79=fZY2%cNfbV&(L5K~%$bzxR5rk7mNVgfY2{VWXWLFAhfdRp00iP<=;0hd*zLE-Kdtc
z@66w{K~@I$QdQm@VNeZ0R%lB)X0}Tx7|&2gt`qva5}s4QU+vy2O`EfP%W29pu%qP~j1dO?oE_HFWoO+oZQn{#@Er^&){0;j6eK+(==|
z(-36M(WonH@1gOJUWBi0XWLP$@F(`rb0e+Iv3*Ib7Uu{5LGEo&I_y~V^g9t)pT41~
z8`dy>m@nXkexCq*7O(qyne(AAjH^ZbPyY+gN&@Ifo@Dpb?TN>C%i+zxkRe^Ox)oO4
z9aAlPc2@lGX0I`lg(Tf$)V&1{?chUK0DP_u5M{+iB897mc&I*+nzYk8wH{hM;R(ht
zG`#^;1O>!KPYQTA-seTka}K?Eq(xY0JF|h)?YtyLldip?%))OASb+v6+>4_8hCeSm
z$Db{A=Z92GoY;A!WH*$M6ZT}J#dSYC8B^N?=jNk-$thSN;HN*)2QT>>?~W|aB7g;T
z%E_gijtJi=t;){ZzMg7ysYhQ{eJKrM#}bwKt#qCp_flebltMnnxM3@qZ9&uq-=8vC
z6IR)Vx^fPoOMX)7Q9%av4Br^jC~h-^=iTJFP5BMZItASw`Eu(Sv4HY%l?sAxV{rwJ
zpQ*s~kzuCS2Np2k`jp%#Yl6Rah9sSq=(dkgcp6~glOYVo-MHtgDK1&gUzEj)u9g9WHYB1GzF
z)s0zi4~@d?MpK*%Khi$<=t2h_z5#&-?~i8Q+*l1CYijGyF6}q02t7M~aojM+0*}ed
z&_-E}Xaz-ATx}V_?j>I1wtn#i)dE2_yxuSTl5@bYK(B~BQ^8iS!k$PUglS<<{TanH
zh_KKBc}t}Fv$F_&gIR{ESM9;FUG6*t$7lTu$LpIhcB{}J2L=p4FQ>+AMcDXw@Xu!Na{sb(NZGrxq@3&EByr0HZSd|}R%64D{4oeFQb0Fd|7=Zm
zd9{7aZ{>qcc5naZr5CMg#)m<_{a&e-L02o~6*+$V=ltT;z6A3_<~}*Se%$Pn8&dOPvb%F=^N3C_kPpUZ=N_XIhbOaYk~UzPefN
zw+{cJU4ec^f|vC@N0oDuWXo5u44$GJ-D&UlmqBF@D%MbPsePxdz86-O3|7c4FrHNW
zbd3t3ZM#9TdsaH8+H&#G*^yw{a>moL2IlYd9pE>u;4y&{o%)-*b&cl%!x!cUB+0Dn
zR)~@ysk|MuM7&$gDM1IDn7%O>l@-YBW6pt=S7!9h7flh6R&#=^h}`4p>MDwVQAv!E
z9zUh$zAvQe{a%{3BD8V9*ZX)z9hzBqG~?=-M6;Cf=7}d8k`*KO+<8$}f*tPnY2(Q}
zpI|qUB>l}hUyn@>8@^7yiZYO&`70yYf7uxwILkZUb5EbityY=aulCg!cIjWFD8H5`
zajp;wE2S>aYnBK?qcv32sbKF|P8B|i{g=V>B}dy(d)|{q1f98?rgbowwLDV@OnCS8
zhBzjHJt{Me2A;&)CV^y)m4ucvjX4Coat+_$gz*OdAd=H)!YOD6&|y|R0?nseJThIw
zUkk$qXfi|i_SQ&7zEW?DpfG~mUgo=R-?VOeiL`dkH`S%iz1A~M5{R6sQn|LI^{t>j
z1^hkYU6S5;lUdj@2!G=oPK3GRR;U)TFTOBXJ^Xuc#G(Ty0poa!+1fgNZ4LM^STMAA
zDiS}hgE9-lu83P>soE>LOKAqGhXL307q*>q-;ghN;$4d|MrRp5TJJ@*6
zm4l|~YdmZ}@ruq}_PKOipt0%h!6h^OC$4?GBr@3q`zA??c-*%C;V;+p$eN-b`D~G#
zP`9?=c0IOd`-i_4wxk4KAF6u!l3|L9)Vp76hIBn+8PMGEon4`Z<+D$T)^1*5i*~t(_6euP{FE^U~<%XnQ*t_8!G>;}x~h562k3DMJz{xwtYB
zdh8^xu7UXf``DTSJ@$>@{5J9A;Y$UpVH?TgI|C7W{a5<+MoeER6)mvy2ls^#Pt{K<
zvyGm+Qni>`cF%iljyXKJ?Rgwo>k*Smc2wh0*S8pM-_nxc7j7!35Co_biOQe*wNDJvFTYOd6Z%EtqH%XBP}>4$)CBfcf4_jK=TuS0pf9&gjzu3lIl3|KRBi>p2d=Tnu@*Pg&C9pkM&p_hF(jzdkf
ztl(k7@C_$T17q52joBv~sAFPGCGvxTO3BB>vj)BgcRrEB#>%JW0rs@NU%tIA0W)=|
zp79ldML1aEPj$y;3WOx{Hm#j96K3ha
zkOXrlEACWRXI-F{AqpZw{47
zu6*3*EqTF~9#RY;iobi<7^jgKYRR*e*SOr_w$#1k;0CtxgSBk%j|i+XjR;S*DkL>!
zO-q)oyuUOsrnzLjWVcW$!3A%w{5VyOhKFtU@sE^8)`Sd{t{S(Y=x)EkBcX5*|N(Yum~CR5J}8t5<1E8F8m
zDCkABYnr^^cBZeG}`9YrqF
zKn(>4iql}LPF&`n1)()(=Y>4X(gN~kc?VWW$)zFOl3h+r&s)FN>LpR1QG93fS8<%$
zw|x`*R`v*Haf{erI>?DG%k!nlr>uAG*7C>PCf38LM2O`8!RnDOFOiw-Sm?rwiPZ=F
zC?i_ff%Zoc_%dTF>iON5i99Tre)gLUKg`=NPRo+1rA@2(3$}fc2@;>7&HG2NkQ0yI
zSM0$<2@*!ZJsf0s`cJ>mA3Q|+J;vOoK+wdr0*@E|=PBkGp%WtqW=4c0&lN
ztpKLy`Cn_rv9pY_Dbx~FPl+v{z6AZY1bAq5r_h&IfI6~6^rU~h;JY>qFn&ry=?T(@ibn?kMDAuT
zpE2M1Bmyt`((0-m_FmjhaPfsn+s&dUGEX+hE$VOfSj1o42gFOvI^+4q+=zQ6^&7ht
zyqfs5YR?oc>XqWUbyEq7PZvEZrUm_`PhH$M*c4N*}NrAJT)5m&`wJ5x3J_
z6ufkTs7pjH`mP!;yAOd80vdcJiAmU_pXkZSZ7%eFrY*$q;&cu!Xlf8>1;p;W9
zupJs&vhehVTR{%s%-i~X?Tw()1#Q+EFiW=O%&$tGqbusGD3Bb}CV1R{=S
zOLHd0&!xXqQFSzg?sIi5b;o(!TpfYAje591Yx?
zB5oO!8~O7B#a$%mX_S~Pdr+6mJ^2ZxFS%&OJK2jN2k1vZtQiybQF=wBI|Js#rrqz?
zkAgn{%I_j0$ZNh9f-j3WlHvGZhc%Ie%N1UX7hu00UKTG(1#9TD(g9OK!^`FyLs!Gz
z?8I!;!|m~;xJ(k+G75mwHN?*`lA4e)ezQs2jU!*hkhgRC8`B=V52SRLGC0zW@`Xmh
z>C{DH2euggSC*KQH9jD6W`$&k^lNvA7d;0L-i3p)<~^J%vRF=b4j`IlCfG-W_5ZP@
z0>VEFo6-V1OrM*CK-uQ5W1AoH^TrUq
zeI8_7_7vF`#2m!h@NSszt@$IiAo6@CLUS~q*sEj{l@u@uwj`%FhX`gdpx9@kAB~sVQ|+evkG{xIFS+{3fO7V@#m5f!uYK
zLZ@zvto!+E-j~cE2!gyN0`2t1)j60|(Ep!O;qGw+=IJrYbI97~43qVB+i!0)<};lFXL
zM#;2F4+s7}R2*X;+_$)6d%im`Ta?(;n$VS*{2)FnB!p|TIYy&R$yfXR;PvCTy&qOz
z-pniv$R!fLPnHg~lj1}AcqP})LZ=9a;iIq^gTyd+0kV{To$4@dnA0dqZ{QAN?7eoobmKujksh`1W
zjTR3lcT4Lk>H;8NTdXAEufBXV$*cRW=kwD^CUHZmh-FJtuGZ8}VHZ`mxdfg{-*2v6
z-pZyjbU|NlJsE~9pHb;_7PrTQz~ri@e+CL7GLZLMI+2yOcg
z`?kT-XkRA6%vsx5%W6Y?7TIDIxhl7m{^?!1%veExcvfinbU^5funN)Gh-+-j7VgYwr^X>!y=czf{crrsz1?Yz#9}nqhgyk$Z2$v
zCB%WdJo4up*f4nwoQh-tq>Bo_=$BXKZM?w|?#!^Hl1Xo0Z>f6DYhY6>kI5`231)SL
z(UjYV)$rmtrf1MvEC@l1Roj`p&cOT`8ueajn%j=1Jl3p+8oK}cH~yBlTwo$k)8pe>
z`xjesfpq2BQ=cDCTx1zO{hm40UNgUTW3WoKp4IME{AI)PwAR}@2}^okn_3>p1XYG=
z#vQO-am}*fW%m#n;gd<*;6F%X8yKtpbh~F(QK;mF>kBr614Hy!b(7OWaW`J{cFmYQ
z8x@qif**!%OC`r>n28%|)W3g#-M&^Vwlyyjg{Xxc!@C&TcVao=nj#~xg=h0Yx^!5z
z%L;!b`H9>vZ4ol&$m^tP9ig4JE+)>56EeG!Xk{zc-D#&zQ@1RA
zXQkY^IT7t+?%TlV(T9x5e}O(Z#dR@QnzU=&N}y2uSzz*o*=}#;-A^ayf=9mC+4X_Z
zhwRv<8FHBQ?o(caBj@iW4&)Nb6ojD`jiFegfvL+5zS&v3lKUMm#qv`4yxNz+k+5%LFY~nhyZA^sd
z0T-%WBNG5~wz+
zGYs>>M-|`8$w6}jo3ZTU4ShKl@cO%l2bQkAT+*pvZRN~Hy^=nm=u;G6&4NCEbmjJt
z@|S|{!(a-sfR`OlCOM#ps9CyHZ7NKvqjY1gy_~q^fOah7L**(hq}fg7irr2eiqY<}
zYZ>bdBMShbl4$TNkp*gZZqx#?K$)X6Kh{5{eyG73zS5F7gpZjCxmBdCua4Q3gnp>?
zr8Y%Yn6)qs*&*F@{eXmySyW=n6Tl2X;t&f@%BkG10Ea=JOGo@}?J`qBmS4jvJx#1r
z=RSikfRIxZ64GC1z@C_^Yo;S{SY~NWZ~2TcD^yu`v}2JNi+W`BMmhY}pdSd;zja2w
zIxS?UECv{0W{my|<(1!hYsq^wF??c|k?VuzH9u?XD+i1#9~7*4Cb0ZTec)*b{mqX^
z36{fMRvt)GUIF1YR5pt)kODL#8f{MZJ!|9nWeQTAiP9xgv^eKmonCh)k@z7$&|4k)
z-r&W!8+9bIbdBoJb*AzJ1f{6=!wW0k1&2sDE0h*W8PGD2PFRTt1$8t{o6GFumzJq^
z9@!4Hoj$C25P!2lbw4hSD2vDv(HcYqU|lC{mEjrpSeMa2OxCeyZu%^5B;Q8~>zuk_
zJ$Pf?^9&Cduf~s@Y)7;ssQ{SNbOLL1HO$j-B2%-WmmEfcXxU<|!a3Da`y8S#YyE7<
ztA-Yr0ma=g8qfoursZCqX?nlajty?UE|n_R)UK$0zdIT2rM7Pp0Pk|QLtf308DhW`0%o`@n+}9;`3wy0V2qW}ou
z3C{ce;5%wTT?9^-dN{bd$(fy>zD*!BWHgvKG&y_
z{10DArGiCeyWQb%sk+iW?s31wz&We0){=CCZQ2x>ErRqBL0^QKp+JnB^EwD2Z%vFa
z>WqLS(fR}7KtO?4{JGJOK+YTf=kANH(A$iaXMcLNwZ44yb9q6LDQzG8Hi^*9(w1ZV
z2{t2p!8@tC3ydYS-o?Yt39V<6dtn@?$FHPYSR0g0>vJNIrvOfaT;ghC_Rsr1M=TkJ
zSx?6&K~x|9zBBG4a!~!Hw_oe%y?Y#;1GW0FtSuRg2>PJvfy7gY4#XbOmnO_Rc)46S
zaj#WQLgnia#OoxLT_M&!$r!&~I$!yy=^qa{bB-bW^h-+k?%90Ju7`D^LOVH;U2|9tuJy|C&e<_de^Mi<~*fOa7pC*@N4Bi^|I(Hf*|`rdc8=b9R&hv
zai5x;U`)}nspC86g?lhx@X)1?g*A!K8&)BW$O~8zyi>Sr-dey<<#Ye;(9`
zXXhSuKQjsdqyp0QKd$>sZL4=(AcnQxy64Qq&{zq?V
z-`m{kL>}2BX1|i3k30>B>{d?ty1<1~d34VB58bwj4nI}+lD%hox=XoD-)EXm|EZT(
z8ur=Ymd4d9r8=%bb97uvd08JQwHqV{vbIypBG26P<~}Az7OD*?`UCd&so9mq!3i<%
zR)avNr)D$klcbpY#Me9*n*UT8{RN~)RHNv8%>j4B>;|_8g8$(O~}A(SR0XkVcizl4&Nqhzi?z@qDPBiuXm&GyLlpB
zn?WQf%U6KyrSh7>e!w9OfcPdY{6(mtXTx(-ZcuNpQfv1!iG%OhMX=#QT9a~D8kGVu
zp`B|9n9gM$PPyy+Y}ZGx)rZ;xJrLpNj=o=+
z?CoF%>E|dHd|!xqscm<>b{*+F`EVetbh>rT-9q-D@X&6cv=9$#8#VGoYYao7xbRbd)f7O*fdm#v++ws7#ksfa0Wv^d&A6tnZ6Dd2uq0eyaWiN;gTlk5MNkz=&
zUMZ=suS4a48@QR3`o{DAhe{*FjCo;~Y{eMl*6j!Wb+SJAddsC$lOwd11Dja&++OKm
z66DSfAL3)N3fH0J0@%Srqc^aBe3+l#n)S(aXy
zef=PSKZgfK|8YqmT%SP^0@+SnVLPPq1^D@>XIylxQnnFa)I
zW*-dCe#~JgB)a{)(#CC158vzQLK-B$aA^yzr~!^AW470Ee3UtNBqp+p+($ipoHDcT
zeYu94VUqNIa#$xs##^=jz+(K7@1N%cdc(Sdzet=t@{w6zJ~W*=
z`Xb!>*o#9dSvD-&LXq@fQmIAB0}UpXomb70-``RxFR{U;iL*rRcCzZVyKQ#2QK{a4!!vD^O?6G3>OhxymTf7jAb
zg$bsEvn2Qabty5oz|Zo|XYtaUeo*<9La(FLtZcpu-mHBk5s)~&#w
zOY-m!+cj8^-}IH$LAcz(p24RGJ(a#I{X-p8n-gqDJ@g5~Z{eB&aXvpB{z9{aaD
zqXWHD`wHH`pSar{#
zhwYmKyugYawRuU8crj}Mbm~3x;g?VU?F%EDI?tKsz(*o~KD}AY!U(|kx?{LH(-ek{
zctaZ2=#`b}<6d2kChRva&Vt9ORvVxYQbPa_3A^Ua&DxlVc=B9Q7o{9y+rP41-hNwU
zq^5W+$rPk=as6E@jL!I<>t%~);PHf&28n-w{Z+TqqrF5*j6g@jm{RliSgvHDM9N;r
zxvz}EM2K$%!W+tEWQ$_LgAVGEm7;x|MdVUGt!`56`r>!@C+{%UJ9=yH{U=ku1M;7B
zg;fvqi~2fJexm)2`~;z*^(>0?i}@AQ2Px|?nErhdOq1pswhx9a;^?7{@b!P@$bdlnun!T+P|c2u1$C7RzPvJ1>RUg8bH+Z}@dUE3
z0&>o>`O9{3Mlt
z3}-!W{>NQUC1_3bJ-=08xLKuUNFA4PX|0o9K;&u++iH}t8%X3Y{P6gVPrlN$I^0Y+Lo
zPx(t3%9ac5#v%taVT*LDl{Z-u;Pa2teXvc1OhC)(9UWC2Y|Wgr0A(B9_Z$uwM@b{?
zfA$waz*qsei4nExhH?_ItESxJy^d2kO(xb5w9YaxKmIFi26*GREFBiYN5#DHmvyaV
zrg=xNEC+h%>|F?2@|eoABar-!gf`ESM%wutDj3I`kC!&LFasdqn;cT-tHfil9GCgG
z@((U;TuS_iD}Z`qIaJ=$=0vGqpL-l-)878~MNjcw1PuyJj(;|lF=tK$ojv=L@#1%(Hq>(P>#9n3$1LRu8^X$a1(~hF*Auc7#JU|7ZGrj1x=cWTXVW
zO(Ou6HS1C9$U3&{$~CiP9V0}*rC@K!grt{@yc4dlKPn?U$UB|F3fa8ve;>oJlwn97
z^M|9H)}px}-1`GoD=XnUqM8Ht9tYQi#!7Zt%9QeQOJV3;?)~As?&mb5Jo|sAE0F|1
zyWB6MP67cXLGcpNBs3w@oA{SZ~iY2WeZCCYgpAxzhCgbNE8_BLJC0upPr$Bo>~_2^faN-
zK_VsIu@hki!&)IlPow1fY@(pn@2h?S^i{BOHZTeUegNd)N(SL)>{(pz{3(Mq^b@q5
z<85M5EZE_o1;XqTep>SZvl?Q2jF%muyO*Jc_OG_ROv2!*rWSgJhss&yjdTAYfe&sY
zZeEZ;3Goy50(W?tbEyrHB+1L}i@PM@&Jn>|j5nlo!3x;qC&%^l8=F`6)(Kblst&%psA5Y+!gROZer+hzca?
zVtO8YrNyKiEx%#NC;+~cI|_xwinGOFNrAd>t7v)S2C-=2QWtV4@oE8a>F)d=T<-|=
z!=0<;nj5E!uZp`bw`tzZs&i&!BW01|GU;IDMpLPX5l`At6!d5NE{sz>7~qa@54ay{
z@O@0Hwb|V;Nf>w>0uV|!`y%JTh=R5qtrzy+;bScX>L%@!MrLpCkj!a)?~;wcds}&P
zIZAriF)X1d0dJzNUyj>4Y0U<4p;}LNwfTHF5OpIiY?S*z1rw+GQ$LZ}-fz+d1VTbA
z5KO}sL(CVtTY$OEZ)*9Xm1{)4Yv7FA`-fU+p`OGWldT=OHtF84-AmwfF+Xs{dUrv~
z#){mS;xE`=p*#ym;Y01|!G5`=
z4=r3OSbi_9%%m=Utd~)utqp&IxioWUBhgdWEJK0=&nV4=GF0vK69QWzx8o3w_N9Ol
z`!7jCL%yZgKHX0v7I$o#yMPNHs@-T7{6p2X0L2Tr^cXd0(~PN8OJ6<~O<;?(%Ut&z
z3chBMZ;VP0cXMgb`p`bU@Jd%kET$^SX&0S~+*!&nex3LM8dHwt-;i
z+yK$4Pum}I;-9A-8}9v7-kX=qO+s(Pv_K!oqn9$ZKFEzBpH9Be%it7_geMBO$(yOm
z_uVP#vVg~S#gi2zE9#lNdoOxHDAY)yr|jgVW6Flv#g``5S|F_>xGDWqKtSe~tgY!P
zpt}!B4#IwB1~BGkKYTiiq4fWWVO3WCx{@LM=bBvTPR=n8VEE?-Y98;qzqgT>0Y
zzMu7B9Ba?BdLVD4bh+-<=PGsKYd8eCo6#4aSOXyC6YU3G;(+Y^#-Ygqp{Z>G?a1zt
zL0EthdQ2fVaxZ-J(*;aYjezWhpjK=v=F;b(p8LP9O0CdBuJDo@fOC|oF^qzdy87og
zO%`=_WJz`CWG>pY0>YPyE136=ae6Z=1!q;T;F|`gEKAmscrtz`qo&`w)~6d>j}J&a
ze|h4w9oM%hDVw1!bnf+t<}fAk8A+r_*~JLt$ia%p>3%`5a{)2Y_MF|>yWtQDNzGQ39@V+$J1sg4-{ye|_u7KTh4q_L
z_$Ppc#VTXRSobMU=@o8VKDy1(lr(yT6twj#YgO~@t4_U=CnKz|pL^&0t$Fh&xywQL
zcEc1`Ar-Iirn#&41yry9xv?$qljpw&o|l?D$7-D{OUqj{n?ryZY%)
z{m&D_ZI-3kHm$RubD^J`9M3YM#iM*xzCY$7-?&Oq^8ZVIZ#TYwa!K(V|B#xscXUoW
z!0yT%24G@VT~?acN)i@(OrzvpFdhw4LgDo*3>?uM&Ts1~J>z4NZraL!+7|*A8uClS}@
z;r@NIuc<`2ZX9M4(+HB%yAeaRO7)Hm9pq-6ps6%5){EE7g%oddntONWR<(n2P0x=d
z4rK42WhT|cWcAZn`0q@jh-sTem?sLCtIzv&znEC^%DK`u>#xua*VAUs-h8I`V;XQW
zn24Y`xh1$15XR
zoJgP$SibnER6_wuRjDFO=OKC9(H)lVJ?(Bx8tv%rJ$^gfw97|(8hR%FP!i0l_JS#@?8UXN>>!=+YdPamSKTr(9AWki&QwaD@z;
z;c{a=u0DP(YPs0?7t`j50Ar%>>P@qR<>2Or4EaqyFEe($aAsbN0;~KIdF&w4c}Kk`
z*QMwe5NDX=jW0r~95N%>scvqf!-HU00cQa$)e+P6xuF9
zWaLg{u-w^v%bIbc|IhAcgriZTT{mUK_2fgo!vg<7Q<7tk2tRWWhG(hI%OJR{&5sD$
zYkA=UA%k2gPdJvcJ?%Ku)A{dV#UDE17d)wk79T83dn#hpYLH=cX)>!K$I^UYpfd3B
zqo5X#4xA??Wu1G(JX2&Z+5UM5DDc6II3hm^-E2ZyOvu{xG@*1rpay`rEE|_l(6Qetc*BL7Sb;M6(Y72
znp+dehEoZ@a=0Y4$V{K&%br3UDoiXhnK2;kL;8DX
zb|AE%gs_ZhRwe+UXLFh~?mBp)IqLJvSn0lqDO+`2xU}%JZEMPPMf2g
z@^5hAR+$bE!WemSCkFadr6?e`41pUwu{jlBfIbcEkF~EY2g7!fM)+(sT@W{|0T~$?
zOezX|TN}lxVcFFt4D}9b*e3pQrcGLO_j8h@x#q8xdkv=!9$akL3RFBZF}|xP64BK?
z@U<){r$j7ArhdN}2Z!Iv1O6388DjYPvu50*hK_;P
zfYg&${b|p1
zWV@R9k5lO7uZMn}<3uw4KmujhXk3@^)WlkINb_fpj+$cbii=u3TrqM-<{a+RH|*q&
zlql-S3wgP-m?3Yq-``mNz;#AVhS;vv&&w2t)f|UDYf>e3&o2j-6dP>S1M-%zDe1!d
zRONpMXlvVp$Bd2#Ds3YXjz0hoqMAq4UhJ1gKWgXIMWj62uG_
z)5kw_lN7odoi%L9j$m!Bu=j9vP$j$K*b3T>;lAis*_=Xbf(>+c
zG#Z?MVi6Y*G+>Oj@AXPQoKZlkl*xJ!5D{BhPybQrQHbj0C{BQn9c1Yet$!nCN*T1R
zuhne0zJg@(dbIc>3RqONBg1!vC6Q=cI^*m0X0}c%eb;6I!wvIZ`r=#7Kcv{d0-)2T
zikg*}e%B3{O10K*d0sb^6-J|b9u_R1ApO2nRNs(BpA78p!Dnq#PVTinYx!
z8^veIbBmxP5G>Nj2JtB;j8+V?>7Ov<>|vl;KG^rrIP~=V^P~lz)s_tU*X!Qf0daQ$
z*eH|~(THfWXDtRZ1(lJ)ZK^Bv8@5=LhNVpszU@Z~WEln8OZXwE3YI^mXmZ0z?0pI#
zb_h^j@f{CA98{wL)@H%X8#Zjg*Z2Y%Su47LzHXlp?ck&BqgE0{FV)fP~Hmm-womaDVR$yM%VRw@Zxsx8S|6O(zhH6uyL{Q$cqY8dzZgc-yedw`kR`C|AEA
zwbmx70({DFZYT{az~NV2xtvmooRd)Yd>(q$N2NJ8Uv5i~MbMt7T2-U%zIx&~*b*h_
zmg42~)s*&qLB@;L#)dwrXU#_=*=!4^MzaShLDm8KXHOwUbU&d)M2cbnf5{UnB^tB%
zt>k-mBAPW2$iZeB1Hbj*8_1tGzH-|s#>d!e=v)L|){jp^j$dY-gxI~jrZXMlUeZ4yl0w6N$+L*c_r{He}Z*-=0Sqn{e>!}>mz&-=>
zdq&o`gSkvBD)w%wTDgiR?#6zDe%dIDsX7
zaJ=*y`J)pCpWJ2R4rFxrg3g_&g;@wLwg^m@Fk@;Z+smgK^GZ^oUc;PJ9PdeSxxOWXp_ad
zZ7a0BrafbGAZ1{fkTM`vQ2&G-RwM;6E29CwP?It{v!jSHZ~gTrA;nA_mxI_TyIM+?9V!o4FE|)_@aR!pWSVUbC%oy%X8eUPqJ&L%*2C(L3Y{_}
z*f-P=&sTEDm67vM-uu&R?w4U}8^~(lkxXey4_jjgB;^3d8tVsf$D5t21S!VR1jE>Y
z{W2|cJVRV3%p0J!uUEvhOk@!;bGyr3PFLF#P_}mhmp$>3Xqy?}d2d
z?tJvim%G2~X#Ep^U>`ky^=(zlCPB!+9GyiGP&Dk6I7;epUgdz0e$#V;NR0j+2mVWJ
zax}5&w>_ASGHMnr=g{}dk@d@;jQ5ak+PiLgAx@RLr@+nD3IZo;(m*cDw;q2C;*o@40&%qDfn4iBH9~H
z{~<{|QG?ycWU2nI?1xm>is}JxAag0=e);->MKpE#KSVi6labtvWSx9Jk|s&)*JnL%
zo-QUgcep0fNECYli8)V)eu1&?CiuR34B>oU2JOoP(gAmkeq9Z@ZU0cRVceoYG{nDx
ze_gtHgcX~A@3C1~dWDhef5>;ZIV4p?DYwvm=?s8RO$2ADOS_uGkq9_AtOS~&;YAXg
z3FZ9--iS{iz*j*Hs-}3-%h$sjs#h)iaE-L=8C{dU)bonM$Fz|(bVT5qTjHu`UI9`}
zR3@+0W8IgP4|!;Xe{&DlkLTKTK7$~Fc#`HGymv)hpU$Fq>dqM`VAmIE&7XD4od`DZ
zZi_&`VPa%iaQkn5RV-#TdboV-Xa{=bsc2*tM(2)xesYJ_EN(G9W5vfiVKbF$G^wRZm>3Tp$ML22b15
zfpcf3jo4vl0as~K%pEYZ$M40waH5fO1(I>#K11+Hv0)pjQgPu2OU_>adgg*tqRX)`2rjfIF40dLPkz}u5SB6dwxh{*HvO?zogIjMmX
zqw=_l{6)yGxA2*sQfLQC;QK#>t9hPopZRbAKdur0T>kTf;H++5
z0+*bXKzpzDC&oe%d_C?@=w{#p;E5XYx$6DS<3deRJ+v{S6&D>V_UL(SFU`NX8KT#o
ztZ6D+v3WBC?MlA*$o0r{B>tm^&k27S`q<g}GawRh^d-)14Um6OPlAPB^|t-@x2Bl5_EEuXp=xYNcJH8_(_vl#j}4usz?Ga{To9
z7t-q%uIw&^xn^u-@j85E*#a>z&HLza4!6*}w
zP!W!hS_G#7A|clBxeM~>)y${iRlQ+-b)x5C8Ppa`!;kwuN3=Sl|1WO`sqW
zBap$QI}gN$d~dTMT3d}(J`&QR+y^Zh{Kkq04s3UwcL*KMMmGAI0-%Zr2aTUU+{0m$
z;%Rinhsq#%6V0Zd@+dhVAmL|V<_Z2~F;Q-({j>v(t8@vdbVWK($#A8VZa4a7PMrg~
zIafGW^7y@^e$kU+G9{3lNpy(4Y;{U-LgrN2lR~V~VQ}>A-7*7z@vmk81Siu4NX5q*
zc>{@5Nu1j`mis_8r{m+4PX-MmXze%aJ2SItt!o635(juY$y<;LCT+rqHLg6;XkY>W
zY)U!uBUc9Xc=Qu|uM#q;{b?MSZFd?0jhLEDP(d{kTVyz7egk?aqF%rGhCGuTdZkMz
z;dl`B-)FeGD_fHiQVfFQ;s1q&NY?ZIkA+D68HmPfHq(>x=>Y+GJ@E%2vBUpt?p=s<
zCbwYoAY`Ojv`^=5vwWpMT&^coih=8HZ-;u<0Q-JXcMs#jJdpH;8?_&#k9qE{g1Am7
zlocfmwL*qd4mt4@i0E%?Ffr2(+!*=G>{2-=jt&7$y_75;{*3_LJbuiRy`qu06cR_m
zK>z(m_NHM~H+CmSFk&b8EIv-#!<6yGSxC5ALalKt+z+m%kU$Mp6SS%zy>Hi)QmXTf
zJ~*#h{XB0FD-1?`BLa19!qScLORQ+v3N?-{(#2&Wl^hBLymqgM3|)d5cZS_PX*Zev
zsryf1YxVHnCK^aCxw-#@Lk;@(rs7jV_&e_=G(qAGC%w7%ZiP_u&$HmSmL5`IqR!y;
ztePm9gWX?>#Ti&GdlRZ=gcR^}VeKvRt_ExkxTO*WCqi8#b1cbl$CY6B9DNH0FK-)&
zIdE+Vp6LdErFQ0CI)PiFk>1sOmu2iiDx1)RW577j9z?O_y-A7SKQjC)dl5iNzizbl
zlW2y0P}*??tMH6jfYDjr)j(KUGSu`EGyx%b;oq`LA44p_Wj|!c8Qx4>^4M#FJt+lR
zUUfxH`(FnxU}O>hNTFf7XBd)TQ|Mg{sOK098$)|8=R%4!wJ}>7NMi1SrNWCpo7;DK
z5-2sX!vZTDg#1UW8vxy5EGmHXeq(O9uB~RXkT}^nLSlucRsszRNZ8`HuEw2xL{m!h
zbnXHS$kBac1GqZQ^vb_e59sZJC7M%yd89sCEG;Wbab`T~Fiz`4qo3Al0zuTjpPjw=
zL)_S+7pd6x0J>JhEFgT-2FjByyc<*X*!$tlRuTpvEcy>JwZ3k&vwqf;qWrLxpqlA@
zr-GnAeYR9vO3lcIAa&{ZXpPHo-whN09l(z-fd(c#ZxV{atVr}cYD%$Yz%O)3PG)6-
zI%3MVFNh_mOs;a6w8S%&Nzx<^ly5UD?a)C7l*Jr|bi4l4q}wQ9
zks)@xM*bkBy2y4~Ia`WcF{QTVDxso@!+t5(*y%%pfRk~?3jKOpBtbT`Y0c(M=gr_P
zQj;{!XI`E^T5s;?#5~mH-WA;y-Q6&E`_SiI6^dt&JL1`#)SSv(dlA0no9Q;F4*BDQ
zI-V%)?A)B$^Q2e3w`EmF+Ix%W6vdxz;ELF2IX*nYq?D>zHEe|&I&^FlM*)aG5(HgP
zfZsB)OwW;9{@g1SLs;5?10ZO${ig%>e$IQ|rIjq6Ikg$Z{gia
znNu&?-I*J_Dw)FqXMTR=GhrFYZm3f6924|#@My-6eQ(c
z#Br+S!|GaqXf!E-t?Fy6A10zXXZ7{EU6hc22Mu!}sIZRn7OVxF$xjM(W^Ue5wrV4J
ztd^3UH}w5Ifu1{L4%v>LxLAYsgXRz>p83W47%X2kv-V;n{yE=QNF4Wmw8QE@oi04g
z)s8RPMsu4WO~?xctelYoT~Egq9y}}uo0*11x2*Dj!)6$Z>qS!*xsO%#|Bf~G%qcty
zYe4<2oU-Qii1t5T?e4dzW4!m`e#TJz%H-L!DG|H)zDHEU$`N$F8n+v29lX3{6zsMd
zLtSY%-_JJog+89}9x$g`8RujiJCusX@`XAS4J%reSawg3`!xli{E_Q>+b{h4X8Zt9
z^;n#t`rV}X<{F@&F3S**%9U8PWqyVGDa^Uu&JtNW^lJEmBD7;|0*OlS9d=5I=o?nK
zjDaUR`+HEEPh5-Gc}X>IjuOqx8mr3IQDGP{{urRNgB*}alHpFY>S|Pw7rOfNsf9>t
zkb@EcRBxTNj~bydp@uO}v$3Y?j@wQf5uoa|BKHP9#M2@x`(3a=C5%jyg&yH6$?BJ
zgvm-F0X%frNBcJogY4C-A?J2R
ztoK_yA~o2d*l_s)a41fu{MMQTntvWTi!T;=S*UxtKD1eb{sZ)3Gn=hAS>4nnp@0$V
z%4vJ)B#=0=*Xk>?Nz7uIY5_=9XZub5*!_+?{V2m-xz=R~PwUXEn*d4FgDPY;Hm~N8
zF!bCzH%me*g3}Zepl9GR&^w<0A}U1B0K9;k%|=O(jAT{E*jj>o)wM!DG?R1kLgz`UNNR{@wUIyz_b3WI
zgYUiD+bnHz3-D}@q0j<{dv=UP#P+2W3P%Q4ZrotEPDbTf+DQY{NTRsh
z)}sEEvFPQW!0`(cO)e9e_@;rGGB;1cHcd9pNIdwh%&n9#D_(Ysil>);^>ZO2%OTVY
zxZyr~nlcDA7d)XzfUno+mbZ{rCG1Ijh0*WJWnc=bGo#L(6n>n}Z?-0zD`Vw%nU+~b
zd-eEsgGNm?@Kc43th{9d=$}_?07~($Ef6D-SK$h<7djd
zk4PJ0Sd~3_Qv$CPgcD3aBMxW{%F|F4)g#YaP-r&${&G*mq4LGDlt3s%jd*d@~Tqm_EbDTqH&^_M+(Z1J63Y
z1D#*YQn5{b<{!Xo9HO#6gf>6P6XpXp&wEj8`CvHeNYh+BEA|WKMp-6=FJLdV@q;4g
z%}-tOr0oE}j||F51mE|bW@vqgGdnz}1k{L|0d20|8b@L@K`?<)UAThP-DgvR+?n2v
z>U?Kc4CLjjfQ9kx%$TMN0^>|L_^yoI5;IKbg)L4z4=6A4?TDW`{fU{2i8$(LhF~@`!b|a_KPyQ7
z>5l;o=x*NKe|#J!ZJR(*hJXH9oL5BI_sU~3GK|BNi=%{Rzqvh($+G~G*0TwLS%RAW
zFPi@Jq?%lRtZN`$TJ|iJn@~Ib-%{ZJw;ewsdI{inth@nu`aMFWA^F4+#Ii6cB1wM#
zxlkqm5F$7y9_QS=sqeD3!3|y6$AlAWPn1#%Hx2!{PI=LYpfA5c*=hsY~Vc>
zMYMWw;9vS|D8~vw8%;X!`Qi50`+W%Ki?@_#0JFJW&4A9gBw=?QE5CWFM|4*I^&?R6
zM-koc&2Cph^NrvIAb`_*Ixi7J`273E?)uuiEjIB^S{xiqpSO-8f&(S~Hw0EKs3`$iOFDs%J6qGuPB5V?#-@{KkmC
zJyAbM&LjP&V633gP1y(76*2kIKOQ2b$3nRoRE($cejWUO
zAapzwQALPPDMo+a^|u@A|ALn(&>H^?Hu&>d0l+2#ex!uYYB@&96RP(9A3SFN7mxba
zTyg)qj^FBCy!Qy8)}`R8TPS4{V2ONM@KXu#baidG%r(hoKWQKi74}=RA;1NID`)&w
zP2uCmY97FLNM}v(77-Jw&z;?sK+MKRxPdiGXXZ~+AQ%_Aa_iNF!;c)rK<#m0kw8(;
z+zY(T2Q5rXt!kh(+r^J}8nc^^0C1)ifRK2+BTrabH%tr(z)MsFgNbG{p>$WapTF5K?JfeZkT;!uvjG%;{T6ia(i%0v`J;4b|1B7(RQf8J
z@Eh0~zluL=j#`#zeAFz>nm_hBC~TAY-1?~=!p!vp_Q)<%`X0jUV5+_8c!~*Ig(~m*
z!9!v1Xvhw|bm|W)sa;T=%QKH8$A%C?jW<*KADfn_tJZt&m|O
zabu@f<33&iwr?~Wtne&T=R6Vo^2Za1+o{1M?@`~&swMN^=1ff{<*si65AWCj)i6u+
zRO>#zDoJb?b>zr*t2Q8+bkM^{!w;VY|bm}G!$`mFpEfUaVi`NT`{nfv;U
z+dE|gcrvenS^MC5;#-WI7aJB|g_dEow)-gxsN02qPVxCHCN2G7@AmtUZl(^@4#wR6
zT@K|&_%8i$9-L}St1MzZp&d^br3T=)nkY1b<$@FYc-qcw8xgCWY=YJZvrI3lW|MU*H#wB|qxm4ZH$YFjP
zTfQ$`tvWv9f7K?t>f62@Ws6sIkUL)3>6Bd>dw+YeVV!YA{=Q-(pOz!(`-|Q|yDY4Z
zp0NS^haT%`ainG=JNdyxIU_Dt0@98>xBI)W@h(^UubkGrFcI@M3-%>5{Z`!0bHcw}
zF_-y%^SW2OU3`Gt^5*5>ESfWq7>
z8}sVz@r}br$-Sblu-B@SHqOn}Y-e=7b$L4?&GFkoG-Ik_k2R2|>+H)4o-~M=+5m4c
zr7fz`7tPU=6q7+@V>fzCG~(bldg|}(W_n*Dc4uB6E3ql1`DRCv=rgtY-m3T5K%jhr
z40V+!Amdf-QjWuJmGExfJR%tt#KnD0QGxG#A7|dGQ2wfRT+}tn1_X^iEWviwAR=Uc6r0_h33|EL;`a0O96CxtaS<<7gSuL`zF31?-=vCm
ztDT~$yC0&iqRM(V5vP#k&?%ag0zz`dBO6M>`{!4CXm+h=pB^7jZ%baQce$pJKjH8o
zc&qQN16@}D)pt)!7)N>3tBZ%_LxN(%!*d#4N$&y*ow)e|zI7}T1@kDMF*OLe-+y{p
z$@Njlf)dHho|VNU|MC|92k@jO>!K5BOYakqi)Y1>!eU6a7am9Pnw#-tCl*`m>4NiJ
z_F);QxuRk->t0d{&$(ffi_uo2jsrjpNb+WGK
z^KP6-P&#_{`^y{DEt+fGfS*L?TPre>GM%MS*Ph2z*x~7#-IJl^)3l={(hnZXcDj@$
z^fsnB(FrYG3%tGEJc_?Ecyd84)NHd@xB)yaxjB*Tg4gj#7whpu;yb`m!x_LX3GOGs=K$>&@B;$^y3u%n^r-D(u)9Z*E2LqC)Rw8$>>ofRr>wdXh
z_tSwodF({7Jl3Xm$_Vwbtv-OI!Tr<(k$h_NbN?K`d<@&VCFmhjyHndA6%<@*+SpV*
zuC0~nq=TnQtd5bQ6VWF+?TZ`OBM0&YbB)o}x~F4IT-7y{K6}A_q`$*v
zenrFb;=8{7W;e>K6#ZBzGLWaetF-OL(zTvvA*XRp(5@$d(TxL3e44zQd7p!k1u@QD
zufkQuzgE4Bzws>Lp@OQvc3LJmU;?2ZlU5E<*jh9BW%;dBw?$p3e~5Ut_^$p`#Xm~4
zo17wwx~WT7DWv!7*b4W#=jGvDGkt{jaitTXMIH~glJT4X?{C|tp$pXMPQx~`9K
zJ7nSH4>g}p8FyDb!!?ST#wOARdYYKcX0v4!ru$CrqNU(zHN|gTqfZ)%5cJ{?&&*8n
zCP4BWIgpk!2ajGX^=W1%`N=ucS3bpizV8;p!3$0C9v_h3Vq`B1YIN6(32QopA0b`A
zHIzmAQ8PylyEohvv)Zc{ehu0QP;x`ipIhe!_?&lBjs7s|e63m+iofdg-T7-=KX%C0
zIXDqMrD3%RNlRM~wga?EimTglLQD8N(My0qnDUumroyQ$OvO(9NK5DE<3sV|-(8|A
z+$WWiS4RST?0Sl|$H%Y9<8rFj8-8OJYVxp!wVO>X*2i%I0_6_ek0!Lj*!3wcffz8#wZ;fmYeb|dZ8xLz)8W#((|Mr>1<`ZYeI
zN0bT*ckcu^)J~Ds%eZp1?nf^BJ53KPIIOb~LQAS=+b=e6!Va0@&=bpv!5w->Y$yuy@r|Rh>_>NomFG$QK8>yqRYWzk1EDzumRBm<^_pwK@>E
z1)oD}pg#3o2n2)WYV*SvwJ+$u$R2UY*kDOry3lP_IR)zX5}qfE^IfqgelJvi+}#}C%=Qq>k|DA;74xQ$-T&sORaY8#U)8%n5fn9aq(!y
z=QZc6>bf?0O9q<`!EzbP!y!p{n_BZ(D&_*4ttR=+qB0>knUZf4JhmV@&5QQe^sjYR@4&(6eJV
z@|h%!pxMO@o5K`?io*hbe+sB|3{`CW*SFqe=@xGIkU27j#gD-i82~E^=$`p<$Pn1R
zQ>Q_NQ+Cpt#ctuZ{Vaae@_l=Oi^6^`tWT0A_d6y1Ru*`FW@n-Cr(<<2JcTeB;@JYk
z=<7H~D@e}6nopRgW$YvjBh||>5KL#(!PR1_Z4Y|dM^CbR!!LV`zMk&5!Q4V}mHEa6
zHzEe_oAe9qJQtdE87?sp8@}m6U+m}%e7=9|f?clh%U|@w?T?EkZ5nvOQa5DeG?ClG
zQdpbBkdpL?jaTKztDF;d8P&p`0{zaMBec?46Vje59xZ!f+CQBuy`MIRZ5Ae|>?P{S
zStht^^hfhyolt%GOs}s}Td6~x
zC>?CNdwnoRpBw`6O=t`2U^kM#dG$S8etTkxkK1rv*8^YFicH0Ul2y=l(m3$yRVW|M
zdP3)ssb}|b<2R99PGL6`%4;uOy%Vnh_Pp9~X|?UAm`p4m)~nB>y?xE)!)VU3Rj-7DaZ_AWf9NhhSa7g_XKWVpz
zeZXzG8dL6V+WEv4u_58O(KNYnQg=k@AmknMOJ?_SBAdbTyS@0>qdoKX73ZDnQ-v;x
zPIm<^|4j~+nI!2ao+DJihi?#(=0cmvulLg3eHP+3#MV1LW@5vK<%|;+i`Ty?psYqg
z3mr@5Fi@m-)z_od{I9;ziDvJluigbdTfnYuF7bH3SArfBZPgt;S=TB+e#vwR7zhnK
z&8l3g;;Z1SRPs$pWYPG82@`dl7NfT|>@8IH-;s&%Au2=nw8QcXqGpWsRl3vW8Xy{w
z)gMfglAHB|qx;NzeW6X%v0^{t?qd3sZ(kw#S6_FQ
z)9CR_ent3nZTRpO+_!fF*<4@sWI5q9XUf+EOuPBCF~{!NsG*s}W_vt~^TB(5M1N-)
z$Ka|MBEK!(04kb!izVmj5*Jdk))w(xEoHUbQ5hO^ql_mnbT}T#CjBJc6FO1|W2ks;
zwwld{8vhluQevC&YHdBCs(+}w`zB0uE6b;5DPl7Di8P}Bi@TPm4m+-DWDGB_V01JQ5#k(BW&+uB{wn?Rg$Spq)OwQW~i0J8Nb5-n;anbV~{okLXji-Ak~ZvL=2e$!TQOCDj;8i3
z;MPyr!uy;*+VRb!_ozwmZ>|0czU7=ZoUn;}^>$#QiglYBY2|iI+p9au?<0q=B=2W+_KP
z*haG&RX3c_R1lIx=hA)XY-F{VBkgKNzk)}2k>$xW{G<Un2~T%-uP?^3Y=
zHB;DW^OSBB&J$jHE1T_g%FS|IAT;ZdVyAW2q!NJ>B}{D)#fQ^ZnMr>re7viHeL+@^
z8q@^S$!T|b)o~y{IAK=lo^?D&I&hafAamCcxKq+rHf}Lqk&cTGuh4w6Tw3cu7Wc*`
zLyNb6{?bP;>uwFf+J5VaOAgaNn?spi-)K>XHhj|*y`MAGdB-TiWB
z-)E!45$qHzsS8Wi*m$H=QRmx(_W1nT2jd-`viYOcl{;FfpY*46PQ#1^Div1E)jd1
zgD*{$@YWY?=yNV^hk~`BtHorm^gE9pf^fy}#ri^qtvjL>WERGsG>D4$++W7pqT6{N
zJ?@n^;+=gpI=bG6_4ndTsI%%$O_{|cl*}e*7j>OX`9(TU->@Ty#C`)XTQqzU55$Xa_doBGa=6@
zL!v7@h|mfV`+2$NZur(^Lp#xraj=S3X;@jCw&#sHSW$Q^EU=SCVzGE$Tadmg!pl~nDZa>-GzJ#k>3*VMjQd_mAb$FcfoEYEH828m^qWp*B
z*iu0ns|HuX*!KyWKKtea+jE(2wOppV)v9r;dk0}$oYsZDEfVcJGG%?mspY2jc^Q*=
zQYd!CjDwhIW0@DA%Mh%uW!T=#iZMG49M^zs@iFY3KHs|HFT9H^=6q3^p;GK_Dn5h6
zyC?XM!<2mNbmqHlXv7P0w%id`ZF>y$n2x1jd4(AHD-O)EI}s?bR8SfHY|I@=QBBils$K`s9|5OFc=j^nGd)XJ0&b&LtLiBurKXAzQ>tkgqayU3)c&|mE
zq}#Vl6Ka`WYnLJIv5RE;ebnV+nJ_XZH+mg`)G9H}rsIU`cm?dcHUJ==?F>h2WoQ`P
z0&U;=gg~@pA^PCe$$^%1csEZU1U_r3uX2pi_ujIWhRJ=$$oyPgWLd@fmsABj=r=3D
z1aQrn{J!Ehv^#U+Gp1XS_au7Kxz7D(U$mEB&Zo^^4I9YOMJgi579)gFo6&#~vbky*
zHrzJUHXJ&P^MP7|w#3~)mV1rP8qhG<(O$B>&7hb5;cqSJ*j2GsBSa3gY}D}l3)Sx1
z;CDALar51R{0R?U%~!0vK^EV{L%}o+stFfx5u?$<>xoge;L4M{7BSb3Y@|PGa=r&m$?+T}U4%^Z{PI=S9KcT~43@E*N1Wx*%*Jml0m2((Ow;<9#h;mu(
z)E2|`UdODizsPgRGc&B$SKHg1bDzLz@gXnjVBdWAjh5ad)+Dl^MOk`wR%BTOiamd0
zp9LHbcZtA)!iPCWcCkITU_}=pp9G@&zzJJdIU$Do>pAEsVQ>QPi|YMWuE*fW{JmK<
zR+in8N0$oGmIljNS_8Ahc7-q3H@}e|KB;5%QO=+I(lNzI^s1W=F`5|Weq7%aM@46G
zDCuI^TPc(_yI7$P4KsqgEE5ox0yi9_zV~>d{q4$nzFpz4PyNmOuLYn!GVZ9owS7%F
z<%vS`%+DE{Ug10C3Ch}fOj~+oe#K&9PSf}zTZx`VFcG8>%Tzd>@G{>%2vg){VOcY0+K51SfF_v5>$}(xcfoL^UMkM8FyuqW%iAl$
zJ*~M57FKM-PT~lnz)J*`ic*m1egr{|hcXdmw+4T_2x*}r8YCzYB8Fcuw|yx@a+N;|
z-Etu%DvCss5Yh7hV^IvG5ClFZT_%rU=0JX5YSy4;>Chy;(4?As9@2Yi`cJ2N<9EomQ%`--ey7Mk6HmD{rK5R5cUqNK
z{%2$!(7#5^BQ5mTyy-ca+dcq~A$m>s-;?c~1I?na5#qX52Ew-YR)r{{q@nU*!ztd^
zz9&%`NvF|7y2ASeZjIufS;j)ZkO(#mP&_kgKw!pr>&$W}u={+1kmM>ucYyk#N-Mi2jE}4!<7%T54s^8l*
zyuW&Z145a9f4A$MQANP18hU-YSvzgS=HQJ(pJjrp`uz)>hw4SA2jy=ztM*PCUCoky
zi4_9_YFV(eJ?yG>V^!LtqlA;*MX;_;HgFeoJb>~wS@uE=HsH^8aSwq%fVMw*6f8kK
zDA6Yv0i0oe@5f)H!(UBWO{gS#Q1@($$}#~Xp(;HqCE4MlMzigqK^FqNU*7k_ZGaM%
zTvK+5hR8`@qowLeJ8W0fwK7oMMAOwqhMQb`{t||k-Rz<8IXmitw&AzyuQ&!i=s^SO
z4*QpFrX7hBs@clY%wc|z=EOrmf?h0vh!j=Mt`E
zmkF&+ZldKOL{D>!*c9ArHTBfUaP=1VE%L|2RjpQcf*FF+orf+*7WGrB(nE+SQZtit
z)10m8w4Mu7_k10$XW3ttSeU+sEkk}a>GieD{HIHu%MwHbs)r_Jnh`_3^Lzx+29SJy
z@IM`&y&aS#NSW?we8`76{WKE=!7gOV6>{-zCH3b5TE&@6PoTYT&!x=q@JTW8kMv(f
z5LpBfSzVr+-jE>NEb-s7_&;`rrGKp9|IJDnFcNzGOwUrzc8FqjiURm7Jn%1YPv}R<
z&n0;bwLmfWY+d*K@<(Sk>)s&>?fvKd$lh?Qj+{HO3cCXXOv#!{&hYRjF<~n3OaU~lT~KWldll97`EYQM__Awir$#0Gu}OA
zyfq;&{EvB6sg=}eISnbvUDatg?p&GZUWBD<^gUL<q=jLEQge?
z-0|<$y^OfaB3Dn+kR)9ydV^oC!&(Thfx1OtHnQ||jdb`;hz&nnOlv*Kv(jgWd-1a!
z+!nHu{z)ExFe|_n#|R+`dU_)Rq5>vtq4p1*W0$+JINK59@VpWb4hNQ2_BMYvDh@UlYZ0(M
z{x-;Jxej{rvca$rS0hB$6OR<41)h9p;q;HDVAXjsPO+AwLBYk(IX`DnN#at*oH8#E
z?)2|vH+5u9O!2#y?7G}rsCW$CrI$MYEbCoCnw2&-tsq~Vid#BCBWN27ClQ`=+4*Tm
zG#`ykYIb(^F3s@CxUUigrTxfud*9o|P$tFOR~zCyXXd)?cYlZ|kxL+v@>MQ1F#KFa
z);V@4l!fD_-fH9cMGuQ}l<+r2!f6Q%7)f}o?N`V=51*Kzrvlcj@hy^sLVYfdDiO(i
ziRMgMd?sdFQ1xQ1>^5R%V6fGGCBu6KP+^Ox;X5a>!v)I~8sBX|Aw^WHAE(R=T`)eI
zU1odxpK3Gfgy}5hBXTW>lQ^i`+0=l{WG=qJ!Lg-5>|`
z(ODB}vt~YVg%j-UZ05D8?5W^o&XHZyx*1SK6wBS&n~+ow^w2r~t3GVF%gy_)izVo}
z2^XC>VuM<>%Y9Q`e-r;b@3uLxfWCZp^DMGxNx3u+@ECCM?T~9d?(sx_DnKcKyxUN!
zN?wG-ZL%K1#i#a_Kht_x072RrX3~mo)~E>^#)Kq&eVYtRE~<4QUi9CPp9n{i+})VJ
z2+;yu$N6Ks8xvy&^dW5ir*&jR4u>&3EUzDIvnv_jrY9z%fO5?|Re|n^U-f#ZOr+TK
zzmeAe%2t+D0i_?xYw`J-$IyXd_-h9Pe!I$+P6zVQnaxb|{f`R5zw*fcK|Ncd5Pjpa
z{v(&5Y)Bwj45naQqf!$;k!BDvXiUj1g1VMS#){E2t}F}=CMK|GpZi#gPx}!GA56i!
z*W1|`S{IPw+Bj7!Ty+=N)QG+))!f&&&1dA-?z?;u!U|X}xa5ZO%z!TORV#C>O4j;v
zL@d|7m@lmm;-Xe^`t7^Ai6Y;oHlZ<@qXcykc^J6@L)-JGUC*YCd54`E`IhX!W6AmZ
z=mCG4=IHZ-iNrpWbCjzSnR08PnoB13hvYZrGeq&J~6dzVU|J@u)S_Ux~JoEXga;o|Ux#-E#{5WJ&miMCp<9el_k
z2}#f_bTnr9n?Jl%zhACmU|Tpk=}?4JzY}&}+}Oh=F=f30Lj@<*d+?8oya16@zli&n
zaf5B){@C6H8N`2a2=FU1Efa~>ElD%7c7WOx8fX=jf)Hij1@ke07=N9W*x}M01@6;D
z_WKohUsxR|x*(-dB#-^HAcx?~)b?o11kMAZ)p3zOFzyX|lKjeuZ>?sm*r;MGm02T7
z!0&qr)+3d}t}KXyseWcDd{+lGIpp*_ts8hSMd}m^rk`4wlnuiAJQlX*
zu$S>-cBh3tC>$J~mLq^OYRI2BsJ}yMNk(KmSNlp(Odoqw(o&erH{$E#iTv@NM7wvZw^;;Ew+n`t85MzW>vT$yEiuuFhhbEyT8mGDi`l
zKA<>Jr2e<&$iJj?{Aa7?zv$*z73ni;3kn#tS}ZLcxkv5b!kHp+fsdQr_Z9*f%a;3n
zce%T>!;HWzl?Sw|ZQbv|O3g%nwOtJkLtlxDX<&vxd(iPyDqQToF@SM1c8_3O@hB23
z9U_wZ|EE9vThU}!b*K7Wpf!r5MEBoMAs3#xK5QL7Pgqxm|B5y8zj#}U4y8PKnqhk%
zHF@6z@czB6{r_}8FQP5G)utq;&pT`JV~T+&P{JDh;iiJiwPNx;oB}0IhJwfV)i{Sqc(tjX@

literal 57521
zcmXtfWmsF!6D}2?Kq>A8in|r}0>Rzgi(7Gr;_k(*1P|^G#T|-!fk3eo4H_Wa{Qmde
z4|!(K+3eY!Gb=OiJ10g>MHUmC6def(2~%DUpn-(+Y8eUXb?iG7#GUWGeu@b3%3VWN
z5~+6P<1ymmt&N1T1QJq162_A`GU6KTo1DHo64Hmk|9-DVT`ImJA??V>10=M3O#bDg
zekWUMxton|4qWLv+k!-LnKhv(@vmaPE*e&$YVKa$FHL)!7I2Q-n>ln)8q7qDYhr@l
zUxE}P&-qGH{yQC4QAah#hY_c(uAUwR?(K)|Z2c++P)W-zQkdw{!gadN8{`KC*=YF=v4^$
zc4((R>^RSTrf7ZLz+Dy2$iY$W3l#%o8sAbdGc$j_JIE|F7KjS+ANRKluuAVZ9Qv}>
z>ohre;8*l5y91x6+KKVg%QXu8P{nd<$D1aKFfkaEx?i}zzr)@#FnQna*V+zMNyXV1
z?QCpJRS~_>Y6!Z&Fkf%5jMDRtDR-^LUSO#UpyY_F?C6NmslFG!xxLLv5*o>Lt=<-Z
z1my62<7{c7G&P0_@wT?)Bng!L9BF8*cb;DP{>Nj8{AXl~1NwMh3C3@l;z<1X;7*Ej
z)3rBP^bdTk)p0W*yW)nwBW{`wg82qZ5`Fd`<)vc%k7pkvvu0W4&`fHC|9ip57!ra%Yim_QeteZ8ijxyjT3
zNh9Lh*$HFmxeKZ6cJNC5_BjQ629_f^%`HuAkKNQOXk9>=<0niutZXtb;+=~JTzPZq
zVO~)NVEaUwna%ZN+0KUjT}(9obWiR&c7AKjDAiAgoOsHMlmhCx_eO-V^X-k!up~|I
z`KqX@<05jJ;XT6iH=_%|FFOv`>sPY2YnmLffl{)nrFFrN&IUL0iXIRCe`s#?pY|dc
zj*0q=RaSzItUF!L(k-_CjNDuw6>}_Pp2LBwD*OG9eX4UIct@?lkDR+6!8X%X*S~ti
z2c;T2K4W62q?YZ3;ALvJ$u5!T>GIaZ5IHmyD0X^n?ZEQxR$23|$$cvc{x#?e{5>C5
ztT9WP9zec%OdmLj4`Qeei}RPp`{paa9NxlB3Vek8`RkM*-J-$srudj>Kqv#5037>V
zSlBGvjRHqW(r277gC+U*DiP#A+Rb^N5k0bZKN-Ll5hL$=yfHmqPBNCC6@jWYPe^I3C3|FSy#3%xN`iLJYXk>eKL<-Jh1%%VY?H~
zbofQN?lE`UY_SXcu+0`yM03y--aY^TGkwSFcP!4!E!YArpNzozBll3$d53!mqy&Wt+J9t&i%lM
zeHn{VjCN=Vg(;XLXv$f$HuA`Z$XF(Qcv#X%{APU;*dc)NpUnfS83f2vu%CU;lY1-h
zLUR~FNGYsu?|KH4&@PAfY|+Iw^EdAr%?CHMjEp2&(ni%8wUpD!7U#Rp9gDo6mw?}y
znmYO_cxCZ;8>(!Nyn$y>Q!91lz{YSX^IrMi6t}L-a!4@~t?2KeXSyoZQl;TrauqdY*poS3JfL2UD
zK5r3#>g7@tNY0$k^~^)cYmSdu#R|lPY!fC`ffU+;ZoOczl|FVyxbg~={6bt%qo#x-
z;O~ddzi)KaBYesLU~FUl#$XFG9NTd0{rPSrbL?Y@NRi*9WMWV>}$_iOr|dghCjBcJsk2cybs#MU0}0m
znMW?<1K@Sr^vmR^wPlm?pO-LcmjAXZFO>0f;da{iY6QhE%>scyFxHREz%bz#>ARr2
zpmk4H!1?2^n&x{l@45QaJ#c>F?qKA?P>j4p>^^O&_hA&p!K90+Ca38W*zh1A&}bq#L6RNow+HMM4yF78S`gv0vXK>K6*o+q65>zs
zn3Bjypxl4N@(gP}y`IG)FA9d+;U?sIg)^gisZalA_d5ulEdfd7dmPKgf2F?Ja`W5Y
z6%uM`44ZiX`}x^CtND38Fg-=9v<2R2`=!4G`P`J-^($x2!<{U#djgw%Pke?Xo+^e1zQ6+n>wH&j!Pj5VN>RHUEo?
z%WBrHf+iC?qh?vW^{%*NlGt_M^^{`W+}LHY-M1SgsNguDIO+)Q5)eknW&m(G-*h-j
zmxEDyNfW#!?^q|$POchTs;vlx<95K0YL#{*czI8KI|T;zY;lU2v)#f}r_M=)P-A2l_VR<@tG
zVE_6!ev-N#R?UUHK^+b&UxNXis!7Ep7d5lFoET~%+^0z0rhsiC6jNyI+YJS-QJ_Wo6TcTS0{y#
zH;DaInJ!>}yv&==vCIpea=z7J`mZg^YmPNX*t@p=&X_lwuR1UnB`HsdfAfk;=p1}E
z=U?ZG#Y-uq;1n>RK+Ets3eFHm=xlcJDPY
z4yMcrONkC=RwNgVwDs=h)zdPQe1ZJ%Rc)htsQy$w2t9
zir8E*3G#_lpGy+Gdbp#73g)YVsr
z{dXCPtBe0#?|z--dPU|?DiK}ZC{WczvXEJ?&$;GEvqh-4=9v$;(yn6LmzMcE6Fum0
zBWh3RpypX0xbo|Ncf>Bh-1xO3XN4`|n%5J34<)a0^d$9g8Z3^cR5wr-K*}eMNB_4PSbfq(~>_?9aw
zOIsgx;nOYe_|61llqcDutV8{}urihgIuotx(Puu|(TAtQ^9z{pkI`kZ+C<*SB@Yje
zEW_Ivd0Pco;wEAAciX$`Ys3u+NxUa>4Y)}Vf5k+)IO%rY9S?6D6~77-1*6Od{Ka#A
zPID){CIcgE%i$$@SJe*+dcn_-s79-vQfiw4q4PS`lmYl~tOMUX8q1eRj@XN07;fa2
zNWEwCLv%mEU}8*TRK@&PZNpBBeiXmw*|dsNTN3SMk2y^5niANkO6e(PB_CEQuZc5GeK{}luXR+I+pLqeah)!wn4AcrMJE0E76Gg?Mx
zJJ%=55sWL87X*Lz>eH06O78*g?NmO_;s&QNApH51ygVNq9VA!j>l2_p@A2LC!ou-5
z5f(V-%IKQ98VMXbMu1Z-g?_S*t%um1bD-<%>j5sgcX0ujk*yd(wkdosPlJxU(K2&W
zk7;bh!{0vQ|LJoWq=kXknSlDM_VB>d7|o+}gey$r53=1@FS?$uQ^k8kgjfEYPbfGQ
zVP-U(v2k(IX6lTek{L;Ok|kx_-TUY+qL&6F_DS!;f70k+rCkVl2y0ohwIMhSabbV8Kje@WR{i|1qdL-yu0ZVCRMbaASX
zNAl7$Gjk2)_t`93)K>d|v5WBWXv72Lu9B*vwS~pl2e>+-jkuJv4LO(Jk0VRWpRq%f
zzsGk(KOf-y7cTA->kh0hdQ2H9&K8BCPPcpwC0z0TGp=PZYqmGC$K6UB+MD!g*mJF*
zWUVgM$6gk8**lh%21e*e8}Yv|Pv#wM_&lavPJ}2wvf(d|>)cM{K+3V5xc7sdEAU|gzbE|IJ~Q+Yyzr2OhwSQnQO>b8abz2`8-Ey*)=viXr|0
z9G#ua_Rp>ZonFRa9PkI)+K_iF7g9!2OiynnDW0y#1GF;h_4w+O*|F!CnU0Q(?M0+`
zkfi{Eex*?llOps${f5G`es1vn8mQ^Pw3}$YS8zUI54Y8372Y3-4qj;}eVx_-RM}8n
z6ALAOFLZEjHR$j{ApH4)bVJ**@9U$07w1t{Z?04JYO368vn7yrZyr=Xy6Z#Ppi_-m
z)an&-d;ZZTa%e&5Lh3qQ36}z`4EavkD4|6)=F(vPan;f>LQ_G8Iwj9T
zkBHF}@t*LeRl8$ZBEhsdg+2tj?}uYr7=rFhTfnaXg$lMJl_wg#vkn&h)eNGY;SpZ1
zIc9+st;rskfz=650@P}R+NJ%`2I-fMOO8H8#1Oohp?7QRtrV!bjS|F`r-P2V^)+UL
z9)d(o`hi_5^}}L!XnaW9)q&@hxwDZRy8#Qm<0yw$e2U-ygG`vKe^s@kByNHlg$VnMkDZW
zK*&H{Ktr_KiiIr73{R$NlRk-_tyoYxCJrcThUQK2>P1jpQ^QN>;k4BYI}c*jz<7Ia
z8tB1Av)bWOgbBi}s9?$`xAnsbN~TIIX!Zg<3b=4mY(?xP@&>1&5ArX&
zJ?A~|4}(4(rWFR%$-qgQdE1wbkb^f{mzXnVWv69{jX$MeK45GD9({Ct`xO*PBQNS83{0;3o;YNLz4(n*Cg9<{%x1%sfhO-eTLmLG0Zgo2;oH@1=s8A88xtl+M_29J2!n}&keP7{mmNC
zjo1#UE&nl(lmJ1gw(|tf<=)`S_@h`Z5m^z+aYYNqDlUA6jKUf~F!LX1lB21m6qE%f
zUqee<#pDyV8asMo*%O8-FS|@W^v2PYQ|EDP8Q&3eCHt4xJU{Y_owB~ukAXe;1)Ga$
zwww#s4}2*go^ZxcbDiU^*H=TTFVNSJZVn$;~;Rf>Ck}Kn_Nk@v&`&0Rvs@zgDc1U8P>A68PH8+g8;gC0{!y!f*<~BB`C@xHl45b
z=2-g2;MXRD2#vJO
zx5Vl8VkxfjJ|1=QcU44~zD)rU)EFptHv~jtN|HJd-Zd!OJcg}OcjjYS>YrYj@Zm>(
zm(Wr*fY*cE;En0p4nPC-;)+`76I^3m!om8)Kp$38%(}Vj3t+{v_OwidnUaJl<0+@z
zJS|lj0@iZ{qW=f*J>H(;0W;#tR*x5E@tZv8VwnX3?m2s)Gct*K4uFMk?Cp+2wp0Z%
zK=coup7ZBzE@h`RY}e9+rhwLGaw|k@K^D`fU8b6vngbmJF!S?85>FJ|Q(ZSxU|bW(
z7_d^9d
zw>9LIDQkf4_odh^)F1$UT$yPylP?nio(2)Tzc!{H_-Az52S|Xr-8%JRE9m(Y(XU!}B#a
zYH2w^1{6(D=YQIAUS4C!-&9}AeMj$pyLR|H8i&U2;YwWH)pZ0Pb%S5@n0lEqKTZ*8
zF7r<#JLdQ&H|ews4!+vrzJH^?Z{zW=6S6*^OXH8H
zs&oC0=-}xlc%v;n5CA?c=GU6Hq^!fmVG-F{rm*&)5)@(7%LM^0>8Xyr2fzFCg^1o5e9$IRu7ju2!y(X3|jaK4*^~(A5=x5i9
zzUuH2<4i_IDB&_5HHK;`;UemYG?8)#tH#&`fjVZ;6I3v@hTQurgwgSsG!WVs6s&t#
zG1w*Zv4)s5=yY+C{b5!-$P-p!>A$F*#=hzBgf_jO>(q<4aGWE};&Nzu`|BA8Mn=Ke
zuw-s|#nrmqSVST~2vJbWdPYGGS4k%p`m3%L@)@;mICAAj#_$u8Is^gr0Vr*IqXS)<
z7wPy+55sPwcQx_hJjI!n!9d6D*1uNnJ!;X4AMEuu)PBRCo%fRmE>#IM`-bTl*dG68
z7VK2@`)KItc>?IE2Z@L*0bx)R;hXt4+wBjsgLOtNd4ys&(|@uq{Jr_8b6!1JFmYHLtab@kyNpCjQ{4!SNTwwC8sB5gB
zrK{zDg~h%ad1d)8tG|
zOGfJsdWOZn);2U`fr&vNDbP_HnnF1{YTXqa7L%6=mb$W~D&6^+{A1`M=X+F=!QiL8
z&-O0-6Qda!8D+6XqO#TEUEe-9*$OF$!*yY0cHa+cw%Rg-?jz^ER)-I2eXfth=Vd}+
zJ&NXK(C_~cBW#AiL-)8{;Sbv3+gSJX#5N9j7hzU?uz6}PG9vRtGu}jlC6aE(FO>ht
z%8dec3JlN5;0uKT`w8oV8$qyqtl+!ovfrA850hB7-!^t5bb~GbqDbROe>?+Y`DKYe
zZRMy;YDMrtZ_f*idEBv|1L*8;!J+RP;_`>LaCH_5RNjK4ytuX0BunX=af*WRfiQQz
zDqj*g^91v?9MGDKTj~pA=NMA({Ay~6Md+2=ydV}=j#!`&xxlwCU!Tif&k7}d
z=ZVIb$LIC1+`hqy?)|gTbH9_mj6f^2I1nTD<-Zl1-uuj9ZrO%s*xE4n%fO^!L6^0QZAS-Sz|L7ez${cIFErEWYoSMSh
z*Us^lHAO8B2~Q(>p|*rFe4Oq6FhSrK05v1-D|OM|%Y+OdB+uEdB;J(Tn?g-Pnd+Gs
zXq`Bqns74c#_GohK;Orlh?K?fm>I5-bQ)2v1zZlsL=lZ^EvLI+|+>xRx
zd}V66il}aLS{s&jPZ-
z+sejJwvj|~MFd!nx2G*ElsFp{5s0n*dwyQBt`F`vPfLN8;y{X)#9%yxJ`zu&$Zb==
zfSY!Ey5VppJwMM#1^QWDo{PYM1qpA9Erc_&#+EWTJ}n67ygM;om?@h8TKMf_SD{`u{vA;l%`U@S`<7IQ(zl$8Zc
zT9VwWK(`22P;5}{vZaX3cb^fo2&Q+Hrex9?PGtQk>?N>wQ~pC5(hZ#{mk3LgoqN1H
z$4fcsI4oeewZUCUO~qw(e0WVkW{@^l_!%D1Q)+Q!?$Tw2U(MeIEAZj9
zrJf4CD;qhhHK_SiQ!IJlBv0T4R#o3w>V5w&r&fd1xMeTBZQ3~X<5kMV4P&@@I2naN
z+if{d&{)ml(gL6l4k6JJZKhK(lCtM$9L1=W)TC0Ysu}Z{kusWV&SlK`2?E8kx9^0;
zgY7L81^oPknoNR)goQQvxQSf%eU`M(Cz)&GopAgurY@@CW@olMr{K`^F@FZ78RlB^
z;;ba6!mAK`ox`CA??$vL+Tcy2r(Oef?QxoniqOM9PdrYJPvn=p8IcJZupw;*Om)`)
zG{qP*+@4fpk&n@kSb}kI|0?bW;Q{o2u@Ftw=MD}j0hA4DYgxSzW7j~71sT}d3IDL)
z>;EFh&%W~1#|+W1K9VmB&Yt?<`W+vQ80Mo>Dj~m%dubKzAD51L3W}V<6`-6}q_?11
zDvgNWn8cjlrImS{P|#D$aX$wl_dE^LXo&hP9o)Ce(JQIF{pT$0h1W8F7()hzyZaEaY3hG!3SbDAQAml3g&8$!F
zAXN$6S#w;0c-B8lPnEpj=Z+-LwYpxBa1Ri*==yNmO1EtPrpI$z;wswAxj0lMAC!&9
zQt}J;cg_`e#MpA5f6c1PsT6R&5mt4qrs-&Ru*j(3@qq(OKa@;tB*f)@r6Hu2C%!;S
ziAKw!jQ;Pofj-m~6!iG|zfx-DEHCE&tY9IErhmJWNfCOP<^NeC9ddY33c#<_Fazo6@zzO_trUMxd`Mh9fn&mZwCx41p
zo@00!@Un$@t)mHI{+>Nf*ueg{lzC=#Hwwi&yeQw1nx-CDELjrCSRQM)mM{WsTzc;^qkww!Lp27S%f@qq}1kE-y6lA#JEOad|yjz
zv_ZBRu->w6ulwS|>}kO^kH{NItG(gmXnNdhX7?j~=BQzm
z?@UlAUe`k54`tAq?s
z=XVdx>Hd!$=v0x!jj>J1%sf$6wUOH&r5_>kaeNJ~|Hf{|n|@n|V>nxcqoqjEZm_k+
zkKM!)hY3h(z4S+}X{vpt#LF+ndUft3iggP0Nm%XU)zFVgj)9`_braqe{s_3JR?(6g
zNKnuL4wF@go+xR#x|i7%>8{G<@YtQPa+*tb1yaSaFc;%Dwp-AniVtZ6sz&1ZKE8%b
z>I>xh#C*#_)^Onq9TxM?0hNsvlR&abM3hRe_QwJ9a{%c%WJg-%
z9G<%a5R-u63rKn}XUU>hoK{HCb~)Z3m|M2v_*_NU2fvZB!1k7wj&OL{mU=I`vwq&9+(w7|Kre=
zlH*D`p>B1l4~#e!b|h+CYAn(xRzEOZwdl{Q^7&{H3t!a|nZBiH-CO%66CUrzSv*WQ
z*S2vu~%-Ho`BFkOg_Yk}H
z>a6Um)}ilnBDFmWh!4>p7pHi;iHcim#8h}NXmA6i97&#XPQS$m{x}t1`!&1D=?cSc
zpmQCLvS}5uTZXm}bbKH!i}w3->t851}km%8%%3IAwAINg(*;_
z%21Yz4kdqdkNLj#xtQe6g3k!V!QW=tpS7y@W^&cpde8w_OF?bsU)1%A-cdx%t~gxG
zO=V*+2ed0Z&0Nb^n?(I64+h2g`q(fEiB65ES0VZlG5oFE->~XPnCQ=WRJNn%$cHg1
zO6;Nejdd+2Lf<g-&-G3{Th%)O}A+g0~z$rNW+~4|g>hQ>h1du8nWk7EC9RW5fbc82EO0mCsq4$OgG_UU3hLbn@JQ^%
zEaMhLexKVee~JK+`P~rMV`Te*vR(+L>vV4YYo%*LEh>6R73$LZkq<3%*TW5i&VODK
zvhUvY?I^vjr9!cv>
z;w6||)|#eQ=6NJjeyRL@6KShux7t)rG-^82Mv6_8=+mIX?S}UoXqHHlB)f7$-#fF|
z#KytKHazWU#xKA!iNDYP^_l_XpiCt_%=^{10fcfg%W+3h{dcx-j&i=4zV}nyUNIpN
z>PgaeJMOaUp1r(P$P_@;o8M_O%a8pZEBHiTude6Tk89S99+9thtQzdMxf#n4*X~ES
z95vIM#jN*<+qJ$aOsoYg?ao5+;{`o))ILdq*&KN?sN-90$`%X7D1$B7hW}{?=5G>w
zoChh;)PgZ%KyL6pIG^SB1};?xhK;apaNBN1$Ii6c$)dgw{MWYKcjAr+qHd_+J5BJb
zmZo8~T&zHM&;3c>5)&
zaW~^LH6wqd0c1R@2Z)JD>?-IDe+&)dJ}mesUms9Ok7R2m`O-O&2ji*HGl^%xua{&k}o|
zXB;?tQm&U}8sK%grdX@r4D-rpDSWc!Jl2fcqn_~?@S`WoDOTU_Ck>0m5I@1C$v$pc
z?MI|1UMnJ!?XyV$G-Tq5r
zsxNp(Bh?+S-{oauN!CIZj4SwPN@5T1{rNDc4B-4NU1$N#yt}3%OsC%EQ9oK2gP8k|?
zzcSx1`#R;2!N)gVnxKUFeMs4s-kS=d_!A}m`oL^VaZ)YIMu0Z;vG*s9zmPYuSI_vE
zoTxaQ2acW=5N63GR?v-D9CKFKyR3w~)w&P-+R%vRKQ`*f?%1!I)TwgH5j@%97_Ulc
z4Ip*DG8l6
z;QP3y;RN?|wMu#4YK&KQa)X1SS?~_Gi;JUR;6h3;DKiVgk86nTUGdSNZ#C-jxoOE!
z`Mmqf*b>WukGxV&-5(tUT|E
zpHJg-y=ecDb=d;D>zz(^`@$loAsr9urwCVPo{=teQy(%cLJUIw5K6b9`0TbHhcm;JoV`HjzGf|v8!3aY8Bp+(0a
zoS&ax;g+sAhvY7xm!0sPZqAR#$vjb-U@GQh-I4FQYsAp|Zr~%r=2AI)xtPzjzHMJ3
zS>;@BWF+FM5Nzw9MMiI+BMv5_b&Tm-TJX%!lXy
zwlFZ^*zWDb3YAMad;(QGc`Y#6{7$!In5)q&QzvohYS&A)h!h>WJ`u%ew7yf)3;F+Dd>AEiF|sUEEmSdYif77L_3}I2g)rvm;wfqiT`{~>
zXJZCpsfr}T3TUutXrr?*Z;7mRwC7CE7CgPep5sQ{(FU2QU98$
z_D?c`&Bp)GSt}en@-6T`hzkZ-8mMUpeZ;iz2(?l-ZaT$!i!t3xnZubr&<)r}|K>De
ziM=xaR=g?1HXBpXykzYTl`$Ydr3Qq1P8nzD`gesaX=SPnnZ5c;Y!!b=y8>;*E7QS$
z7$k*l*t7HV8t$qh&O-zP&U9@3pBxXQNJ7*InzH_IK3of^x6}{aENiZs+JH%4;2&~A
zsJ>`A*jMB|%SVv8DvO9ceEuJefRW$T*$G&yVg1SHNQvMl1fd+b$GBqFR5N|$WhyiO
zk3T5;`K2YV2SAM$U8l8Z27YH4v2Qb#MfDmT8<9Q^Ts}Ck2Gz<`I_@8>*IYMpAV;YgE*4dkW39*fD%g9C`M9^px2M)0*ZHStC=AJ!B-J(yW0iah(IF-
zkQ(!%t6{DvAd^5UjmJO=)sYfdsWatB&0sC?KNIY{7{GWO^4w^3LXdIv!fgJv;htZ8
z35*53fJd6AOTg=?88(l=(;vO3rVYtK0VnShtsmBe=F$?*=P?re?ZCgT9Kk0FdQlgL
zd3w%(6YLpJwrOg+ad1nG;c@)>x|r+M@|+6l?P)po0dR)37MZGA&<;IAjy5$d<_+qH
z=w%LK0B-{$=Fn}+ib*kzY@(WrOPwA}&4__bwo{04;PpB|!f(p9J}L620%CV`;FH%z
zuF%os%ROq#Wl;Cy9DA{q>qf%|`_p3rNRV4eQ<~5!B{85Svv^O>LyXYnd{si$&%Yuw
zX;eK?r-5Vrk9j-++c$JEi|5&8zRgzzxCJ2pCj^Mj)h&>8>d}hkD799tLYNmAwc6U`
z^mQ=2;h3QX@hO1d-^4$^sZBmHyG>Q=H%;*Z%L`kr4V36LRnX(uf&IN_6$xQ1jt^nh
zI>n~iR0+sS_N45X5tX^f5OJMqvt4Bly<=)!!b5@Jpstr_$e#P3`rQN4Iq~hl6(dEI
zz$QByUA8}k0YygllK%o0BSwQ;Ez251sV#+-g(ygPzlw3d^G|Ub1`$rJfAXn$105pW
zWQ4qD_kq>9mcFo_rTSBTJ2gudk#Ia4@P@avy;k5BHL!+1H?UTewb~SHt38R!RF1QP
z=)LEq9j8tpfg
zMWs1h2`P|q+m#xqm{Z=Y0Im+9mQsIYSNl-**SydY+G}#Nk#~qmhDs*p%7B9cZK_B;?Pi?qyR>Iil~}QrzXy#;3rWpg
zSEvcS0TBd{`<29s&~UL8+F)mLF-DtF)b$^~4|Dca5&1UV*BkQXI^v&?7yb3s$n^eh
zX2xmQz5?j0UrReaY24O`4}=PZo}PEZ>@1V&c6cw>X@)WY)Z@H@xlsZ-MuMTnp^SWU
z#G~*pa?@|kdS`?%%vfD9nNCty!PpsGg2G}5y>b5G0veFb5rGX(X(KTh=|S|-|BWJj
zEZqjFONZC#iKOOAe4k`AGe5Lc3b$H4VK6!0M)DZX{yU{n}MFt?ldm
zb=rtfM;3nFDE@bs+Mwelt7DW869oKvZR6>3_`j;7o}QA742|=Y;sc5e9!9!hlIL;W
z318LW!vPULSoRW#nm*x1SVOr)Vqy3TI3BfFoQ@+q5G29#Vhy%&EacLm!as
zPGhT%%&j$_*{Dtr;i#_wl2ESz(Ju;+7v3TgXjnH*KMwmIGOD8n0{K8JH~q7Qzgh`r
zXRR$;&)xschUd7Es-?C#nzOccU0PQRCqApk#>Oj|KCa#}WDe1BJn!aZ$K4lG#ZF<$
zMQfxB133JIAmV0n%DrQU{))5=Y*toQ?Iys8Sw64f^kReex&c`U{|p*HLbs!}?J{eW
ztx@WsziT5D6h1y$>KfhHdN6Ga%9%0qXj;SJIJ^6eQ1(3KPGa{QhtIcdw^3p`i8{uZ
z^S30M9pluvxbhVDl5Kt*7=I<*7YOxpA}$T?NUCPm1kHzfsH8pjRWq#3RpC5<&NI5D
zY;i=r=mQ=PD4k;JGX(TL9cz)Xvo|Y2Ltp$ALHd<4)%~ZGydO{PfUY!THwrTAtVU_j
zSo%wEiqnUUKu1ZBt<_bh$Fum8brHS|cuB00;EChc+(EBGf{4zBy1LK
z6c*XA1V{JPvnJr6Bo9sle0LLrvzeYD%x~d$$uV#Tph2BxI>m7LYNQh7mOjFv|=^qnX+97{t*o$eD|!VGyhr5FxIRn3z-;{Tin)my_g8wo#Hk
zIhO^k^nESlqA2Wug6N2vOpvLo#XMhp0QTq3gs$uxY*buCH6WR>`lzIL4KdPZ&qFkG
z<7mAMtmunuhWV->0I3kdt6|D)Ais>$~DQsyU<2X5YC&IKKdlO-!h!UO$sAap6JycHX-mN4r`P1Tw7=
z6mep*v6q_Dl^#$~D?xdByXQ9>mH(itLHT+A@VFk%QN~MX{-`;q5LqyN`XNUf-x&Cq
z@c^vveG?lSSD9JN@)N|IP({uGL-RTnp{OB(y8BHXu1c5hGX-ycMW$ie0aeu=@J1LI
z8dj8+M$jv98Z5NBY%>GeK=w$U-rfsw9KD}zg@1L^lYJZV3nvPTXY>DY!R2o@g8U?j
zetP0qzU8RC9gLqrhCo@`7L%4edv=}?DvX+&Z*@i!Onb?2Quj3MjhHLH
zV|d$Y{|o6-j|GGHEx`ar(N@!j`LlfSvv_SyYms?+RoTw&U{q6<3hwk`rLE&8dv)cw
zt6&|#JmEr8YrtzD{zSs#?}a)~lXZOuDnH?R!PJZK8tTMqVUG5Bb(|dc3+0B-^?Xw-$2~^ef_^V`WPO{)hyQwr{
z`2fBwG@dbS%xZEYHss&%<9nBxULO^+Uk)WgQkV7*FbN2{qzPt0eCV=sH?XtrVpjp3)EX9W0nI%UB@%
zhc2i77Zd&4Nx`OvPunw9*?~GoT(KH|0&4qi{;qY8oiWT=erzBdYDgE@Gn>BgWM-o7
zms+{L1l95#7qws36>zhLS?t^PsH`Y$%abG>e;Ixg4~(5v`}P-^P38yD?j|mPHwQ-}
zDbsKf|7yuwbs)B(NGcMzaVW6S>WuT6EY8Ul^NSuw*FRBedAs4*z9yfH-@b?Ws*n0l
zrarH@yU0gF+Ue0*dfx-E6ZU(P%3XvK5|JYEL{ID5@P
zn7xqWD9qBI1;C)-dcM8E9h;X&Z6HX>{+EYkEKwTR|un_j7ivTy4P#~ClI_;6VT
zxKWm;atH0roC+jd8%mGhJsfoMFn**Ct|V^Xin558hqp9n`>^_7Tyb1c&)C3)&}R-|
zxh5*N3$}#ptClQ+Gesv5o3zNE!|u;F^kU^16$)=9)6*{Vq+|%ES9m>(j3p+%(8#tZ
zGAkJF`0p%qVty2;?`)Gc3MOn^^qDMK5d>;)5|pa7I&B<)PUgR#*w4N1wz)g&g-@6d
zM$R!3ZsZGl{hlkfrAj~r8>sh#e^KW}(k?maL29ow1dM2NN~mhjd&x{acH_Cr7B*ap
zADKzW{+rsh=z#b1=|Vz6M+3Vw#~oXjhZCqHsz3(PHUtg%6<3#VIgc><=!0$s(Oqk`
zC0+iQ%M4ZP=kG}~Bw$o|kJiiT0q|uMyOhN*A-$xSY(td6NUZWOR0JD2{>egmA3Y^OcJwV$
zCJAKJP7l)iC45HVjq7kVmdY4)ZOp()X9?9)Tysm>+3!9N@B~LDBsJ0-QWC5%ud|OwIJ(
zIJ=bO_3w2}9;CooWbU)8*}go%_-85n)&9P=Juw!ZxYML=tcVim*?)%_*4}o+F2nG>
z{6B`6-0z_mnr?Yg+L_vT+PkEL&7Ar?m(#3&Cf#2k6>~i;J$~bEVyJFhSp2m&m_^@)
zGReZs38Xy(!s5l$O+nAAX1?tTn*m?Dxzt)u-pD%{opu&3akwreRPLpIXr^2kd0?%r
z3}0Gkb`^_Z>HU{SSh39e%u>SqvcJ?mrIp`Yg>NjFpc~fX?%m%Q#r}w17%eXbZSx~A
z?7yGFf#}|Qr|dHn^6Op#KP8=x$6{;uq;i~rNi#I>ji4TXl1LRj=i~%32fqH)#EWCe
znJ|uXpa3j=cX>bX2EZL`;7TxnzIe*g1|87eX!ds1*5rHhh6BN6-6OtDA3)bL!qNUI
zQo&0_{ER=?wtuG?R7=jPmTomog3L@VrxDwH
zX5mcHj&g7F%XFUn@MBDxB==s~wl-cMydunr@+jDkKuaZ|QQ%;hm5Gl+~O1z^R*}_jn;BF
zJhBJ72fxeB8lB1{-m5$-gjcwy{*Ri`fat1!UxFJV)Q8$V-LrA^qn@5V!u`MZB=-#tPrAQD
zC-o*%bcq=?x|<+;AHw@Ghm(01?SNRC{nD4aL=^gIw9t=pZ*VWBTloOuS^Vkp38uaFsJUqNfHJ+$8&}B-Oz&aIACaqAG{jd-
zCRBQ7=Iq!#_prwG^eu2;OfdzF$*HUVa{(*Tn)qC70sVtHyAC|qWAAcDLUHM#G6{XC
zxD8n%g_D2dr@eZSSdg8c5R8~nzCxT!J{wx-B=PmFZQpwtyd;j*9bzO1*eGS;{kRg4tzED^YbdtWBHX|kFW>tdTDZymEDoe^bzTl=GDq%!)+5rq^qihzg
zuWO)F@p(Hb!%hD$$yIvzUyq#T^$rPW5N3=W#QKYRn>@(SCo!H|UA6??+RvuPKJ@RE
zI?im^ZIO%*a6PLpW`tV0`!nQUG0TU1i6WKm7D0vCPU5gPCl})0eQ7S3ERw2RiZGke>jn%K46ZY=&ovvRM{lwTf6qdL0keYF4P{Rm1L
z(UVMcH*w%mGYX{kkr?Yah6Itpx!5weN5wWJ*{*yA}lfdSncjWAFLSZM!_xoDW!&8^xS
zhb5`;78Rj+Jh4hXt{1=hc?w?*?*?67h6aCGUbv8C=U{-tPm{`XXpoL@E<>g)mIh@mz-2muuA1&o~NF)Ea`CIn|(35RAsGGj!U2`OD!
zVgFJlcV|H4x{_^YToZm0BQ<-j%9`+?>bzzx{L(>)Fs8X9FF7
zE`$o7Ng+4OJ>k>im9mkao1MefCGFteqif7R4`gt5Ujg$9Y753rjE~GZZ6+)ZOX7go
zNcdal%Y&;ZGpC#f;)D8oU9g~|2byc^8tK*o6CQ5|P#NC{q!kYW=gRK}8%T9S*
zQ^1hWqR&0qLXB`Xoy7ZP;`x!-xyCWNuTv$zG+wp*yd9~e2d^3%HMYDLe+P%3MAk2F
z*QwI$IGZbA#(w?l~S1ks9~UYeCu
z1+jFzrW$NqsPJU~jgg7H6)E+}wVwX71;QO8L*i6IU3}tHk
z&+Tn*?~{xZz1A?h)_5Vji@FK^GCwZ7X7Tsy#w`R8hlxYyKh>1~;hLIo5YTWG9AgeV
z7u!Zxmy$0dM9aUDEVC5NUklV^tUs2(k(94=Z^=Z%)-MkDnkQOuEWXcVO{H_Ek1!de
zCfrkx>#zjSxP`_v(A*;FZ2wy;FpZA3o6FsVc(vzEqKvc9j%S!1^q$z|&4kLyc){#cDCipAkh@EHb0no?LN>I$DEdAr{@o%8-%rF&e;om$@{N6KRf6v0&E
zy84|Dj@j5Ne4j=0rv!D&C<&);f5}A^w_elMH&8WZ9oc>k|F_30VWQ+uaz8riN?otm
zd6W_8Bf8(6CY4SLZU$6d%jSdom;r%-8QKYgO1gSIy7)IW7=lsE7E_tly1?~Ck$C#k
z3Yq+9&?HAgx4xCdsX^iCb5>AgnND$2_tMEHDz8n&j1#PXbfo;19Oxd7Fz2x3>3x{s
z#KIWQVf0co$K9A$w1}Fv;3#Zc1&D8E^F7I~tSl>dG_~ohGM~C#?LV-R^_QJ3#f;nJ
zJ^#I$B@l-_lLU9!{q;@=W85YHNUZK**`-5V-5XOiEF
zZZwC-^mW7Du<#32!edw!67LAecIyI(DditJ^N~
zvSOEnKG4DdcQ8sZF%VxWB|tnrG3Pwgpxm;k+X1tWbhVL8%H&7ozVqIcSyYZe)j|*K
znh9w)xIQd1`70OJ>2WEcD_@O{KZq2j<{xF!p>q5qUp|q>ZwkX#&b5KpB2+%pvP{+L
zpAlBa2oo3N>{7Xq!>ZyMKMtdLj8-@v!6m7yLIn3q(nzh{we(C7jM;rGkUS)jKPTk?QuqMXbRd(6|kA>MEBKR!^ob3lr?O)Eeu4MRAk8MrJw4!
zf|qO5I~DE{82A`%!nGh;bFeEc@|L!{9^iz5i#JQbcfe6vg@|EHfRgftxFEfU#pplU
zq$$iYGwVX1rMx*962g7{Wz<||PJe8s@jT}lF&~ZgA_Ol-gaVOa`o@c~OeC(tP9g*+
zWJ7&jB&A83!lO}eT=Li!rzO9NJje}>Su95)lJY848Dw&Ae=nK@B5JCF-5<49%h`S~
z&(7VyBdA>0%o}GN`SteoKFb!zhUSLDT1Jxr2#{SDAzi43+e{vtfxgmRFJ61>pn-EQ
zK8Ssy3LNC{0eal+)os@$))y7^0Xft#{p47*DX}@C+o8P
zNIdKxguG*>cOKnvn~r-Pby6TU*I5}}m>?X?N0G)>4#~GeU$F}yhb4n7(ABxr?~o98
zg(libjy`9^*#uznKvPqa+9W$fh4W}{j{t38aImDQ$*8P|?ucSQUf0vluaWnY(o%G2
zvm-`=uaEB31&^MAO0MA3CcX8qpi2d;ZkpkSD6V7D-T@WZsQO9KQSdW()It{s=pgkL
zWKidA2rIaqn{j^PR^U)^PtcZM484k#G5}Pxos?r)!RQU}#4l4|Bg4*XeDCXho<>DA
zGfUZ^Jke^^ALD@d^4IF_SqZWBk-?c4OP#74&>~0JNOM&fCmd{Og=*X_RN09!5$%!?
zPVB9eTSEMp`uruhy3G6+K_APBjkVWqfw#_G7d(I`R3DB*3L$64#@Epx_>M#6^Z;Zn
z`->l6%$7JFo2YhiNj98uog0$Uw!tFBA}hxHb~6PgQi>!39~gDVaMEVnpWkcD^0kUC
zC5W2$WT_b0GqCvJJ5K&IV>TS0fi41%nISc2RGc(FV}OXd)i$SU1J^aa0WYf|
z&({&8SptpxF)lwtoA+$~dS37b`%JrRkz`M8+U1kO
z=(Ia`e{8%-(9^xE4S8H>yFpe_iAgQp@-QA)>0+WRPuSe#Hh)^bjbeGVH~C8XW0$M?
z&Xox`@4@N%DdvBWHeG$`B<6?>rH*y&UplNG
z#FlWAqsswQ2V`|NpZZPF_`I{dFOIo)-w;Zlw5fSw{4=*{(P`6VUKZZBy5Q9bX+h8ruW#eKD(`bRDl#%Rh
zFR_OiN>`%neJr9@KYf_*e8_Xw`2g-pd>g0ucR_le13dc+|5yC+K=8F>a6{Gd7@<=(
zesn{n9Yf>QEU~&oC-OJ3Al{(iF|^&92(gdGBgcLQxcVZs+Tw#Qh{NYga#<2d8b$b5
zt?6e)pU>urC^6{`<*`xUR7>^7;?}O6uM3!}s8}Ou0r*kRvrt&Ckj7pphc27;yyr*icx7O-0e+C(?*Js4PrS|EQuZVHy
z@P4x)XD(kP;dX(FMD$;*`;|>0pXFG9-3zj{9MFi1IrsS`=1K$hkXLKOJ
zU9wwg$Y+Ka~>*`%MiiFz611(sIesp-iT~I*%^-vQhxT8lx1xF)s1bfDOKTqK1
z=JJ-Ip@O^3ZdM=cUR;4R$we7m$Vv&D<~nfhgvz$Q?Yg?~h2L$k;L#j)Qz*iZs*AV1
zGO5dgc4Sc~HG_f_ZB)5XbN_q>S9K*5AU74F5V3DMf52aCtY#qftTWMidXZp&Il`hG
zGQV=M1XRyu3hJm@5llsb{T77A!1VO#9V;&N&?dO$qDZaEI3VvdVFH&y5>;)GI#k#_
zNr62CT5OM>{TcIC<&dp9I#I#|EsYc#&jwC)%N>!L)Cs00nHKOreN7R=v09tA{W4d4
zp=XUq>e;u!bZ({^6(iPJ<`x-Y{X(>0t*Y{Jem>ya7MnuY*Ya4&XG`+iD812f+!3eQ
zKg#BB#B?$TPiNmg8IP`8G)U&cL9^d=_2uwm+OVR?B_XeeyOa`YhDd^z_VptkMVOI2
z4+A?cs(U|S>e9@I3mFEN@pa#(s~dSw_c;?7(QsHMm2dQ5G$^~8&f8blS8t+{%p)dg
zRsX+n(P^c*Z?Q)dZ(n>$2)M}2{T@x;97Gf(m
z!tzo!vvBdoBr=Q)>UDT=$o#vy%H7Cg$o>tVs2I0bclY80wY0d0XGyfOJ_U>L#w`XD-of#EqT1
z=M>S;yj;G7aG|u35skgWL!m~buB577g54cPE~Dr7^#4&Tl@s&IRyl=2&NYmU-w-o>
zyX9ciNu@)Sw+Q}3N0e?9d}2UEGfU-vCzbAlrs;q8>noHID8D2i=WjCDjnB#H`WSKX
zrp5hA7viinbV4GZ%bfWQZ6Xzo322V@m^!|NT;EbLIzG?G1?_8-R#vk(KqYP2AHJcIAGX)*}n3E0^T-FK1j#j7TW!(+xMo
zh;HojG9@M02Vb#hyoWM)f!aI;JHdHh8N0(zQM-)AYT73gLCWD>t7`5e4I(tSd38El
zH+OoMb*gT(mR-#t)x;e+7}pN<>TMTDgs(3z{21)q{-oHXQQ$WeofG4nO#1{;pq@)oQ7q%Ta~BcF)EdWeFN1
z^j+>7@?GqQG(X0c)fpV~_u5pk>~|_(2=#L&kwUT~&p`Yc@ijlTIa>a&UGPrC@s5j}
zch!yrXC?M`k-W^f|05mn^p{b7UO|Q7;Tr4QbIGhuS10yM!yP)|)U%Yqb-a
zjd(TAbvEd&o@ojlAX9RPTAdqPcBfP69ZDqK24@Ag(_#6H4{^c$
z5;Kdx)yw@mDs*v=MI7&Zs54|#%n-8hYS}PXi;5x?wPd)FqxpZEM&tOj8R7AVKf#Nm
zf)n~n1sC!w2n7B7J?CBaXm9D&;Yk7M^p7OxW!{zckvSEGd024kV_1vuI}&#nm(u3V
zm?n+e-d=^3$NjxCy%wSWe1BJe+m$jTo{^byN~IMMJG9vFy}TRD}bLdr^JktTUz4kBkVE$U$4myuh90
z^X-gBC~8FEo^mrQ@+R3tX9O
z?n(ObGX#N!IwYH2o-w%S+u{zK7Y@)(G63NTf7(E667wnSGpv
z0YE`XF1asW(KZ}=s;(kQ4mCdhN7D_Yp1ZfMr*`XN+z=a8s8?RFpH>R&b2Xbi2VbPT
z8Mnyf=M{as-zgu%4Os{S7{VFce}w%5A^Aqv@tmmYIpDt0h%KB!?`qK;S}pbwrhv?f
zP6}z)&XG!m3^@J6gpdluY6h0}f1py<8`Nq;s*CTo?t|s^gSSXe5)luA{~>+5xnp)T
z&m$1tg%7=-$gPa7vDHm~M{ar{rUEmr@ozcR!6Bh9=&8t#3%@%$**injBTA+K-;VrU
ziCpe^GR4wqF3KZTIqQo@gYqLi%(qNL`2J_NXxGQjs$4ukL)N>caNUT{XIh|05*pIU
zGp#vbY-kq62NEq|&U>sdJE;RQK>k0334Q?*$hGXdtnFZzm6f!(ABmZ;HG(4M{Xu7o
zDFL`CfjkQ{JX?`A68yAWM1Bs^G=T4O4r#@$Cp@Y&y*Wwou;#r{zN!{y9+95!
zV^8`?`L^nOw4$$EmUSD8if(4*t?%~{3Q<5=-}|c8SaOMlJL*#Dy6h*1d*R&KE{zIFc^T?!GW6E*r!Wn@^>>fPSbRe0DVd)>&Jv;g9S({*r;&S?@jeT
zq%v1obWP^DFQSN!RstZ-5fi#1F@9Otuc*787FEACDNGjr4yZifYrt@7P_BoV>#lVH0zjunbUliiU<1CXO2
z37~=^feJtEX70-|jO%HHs|6D0(3LEU@6qJ~BXlYXMjziMFK-+zbDV~^2P}ruwxT}O
z{3)~~?Y?C}s67#Yo~-s^eInF$WYcp6m4owNju}PXk1Rgh*Gz0Og6T&~vQ%5ZnfguQ
z5BK3Ef-s1VE5qLX&WZ)^UR3RGQKkkXKwZ}&FU3U(B8d&}@DrJsY)xEY%xS(sAd|;P
zhhbixG{Fvk+0V4D+dOs#){IF%lG}fQO+TC3QtEhB}+)yG*J{xL4!dF2?CnW$%+AO5>pM#+U<(
zG3w~CLl=uVHkvlOnN)qknM?o^JB}o{0
z|5~^PNr5V-gW_NYMMjVtl-Wme!B6rvD?$m28
zyVex!{m0HFJc;~XBy<%72Br!((O8W_FubtZ5_`>Y;P5`MgItGjv9cwX&ByJw(dLR_
zT=^y;SCnslq`8}1!zP;j-J}P*HG|Pb{T&~XB4W6_4;vTWlWaVNc)XLe_(nk_FH_Rm
zCWt%wQ_P#|{?j!nd|)3hq2Wcb+GKvhmSsD-
znh~Ff3!Q*}clnly6@S|SiMKkv7f$ScaGTLr5AAvo{w&kMsN0UnfyWlwMFIDd;TK-a
zi#!}IZobBZFNLeHE%>te-QGYbMxfI%H=RZ^iJ{1C;TDjDCN<
z)V#59w_9#-_&IHb#eow(2}Qv&RfQ58WQG6U@+CN|y!}#^Hn>bk2)V?5_1!;TL{}8<
zk3cuV>px$1Y%=+t+#8-%O|PEQ4BF0(y(`_|515d|`i3)Zatj~Q!{d+P!a|`VOD>rI
zP9`Yb$P(EXf_dr(Mh3PorK=vP7RId@2N;=oWYmsB@0-X>Y3W#j+F6o(N~C{ZLiB0(
zyc9CJH<;+|T+EO6B_fJLPU{5jds~*<5w(Rnk47WSu*VVK6v$4WL#)`xUDPc5x@dKC
zB(lL6n6B-UtSwzbdUzZh|F_E-K`0*?$3y-xzKfGn37)=|vA#Sq8m(WhCz-Z@Dv162
zTX^1wt)|wVfLuiS3$cMrI|MVH`!>cXU5W8F;yA}FmJl+2y4lBbf;V=onV}pi>e0Yk
zW(vU=tNa0-Cr+~PaG`KwyK}S|CoUK#uYnjC*k|Sm5uPAhJHLGS>$**KCwj0F-}m~*
z_61_dJUg4rJ(p=WLWN~NSwRWT1bfV^b6?p$KNZ;0KK`=(YSbIUK1VsZvWJlh9>X~(
zt%|(G+}YcM%#bj|xw|_RH!r9b49S9t5J{hSC}Y%D;oC&r!X9)7VP-x3$-h3^
zVADT2#-e#mdj~GA>T)*xUVTP#PSz0u6zPcixQO~sYxe@$*rv!ld2ClB9YrI?zs;TG
zD(m4q?@?S*#XiXE1x5@@TghkdeXm|G&d(1=I89U}`~)Wuj0)BPix5ps&E+2AU?>f2
z)s0;8#3bNocy!FdFckcB);l~kxu}*zJB<|
zR}!eN-}!ex7nB!$+EMZQyFOO!=iGMU%_r-;cV&6Eq>sr)QIbu&Zs+4u2-iuu=+y7X
z0$!b^c$-7Z(D7LeEh41g3TrYgECh&TZblt~PL^YFS(3Tf9bhsM>ta*6Fgc`9Rn7Bj
zW@z+1Q-$NvqgVGBmEgl%j%6EUGV8#90-S{0*l9rrT&pI8z%ezKlVR8G+)S9xEV=S>H
zcNc_ba`QA?J96xD)-(K~w=wJ-5%{_6f}?ekCVsCwUXUQ4Axj@9b|ggJHc1}vdl1Jq>T#Fuqx?S+#u(G<`mczRq1UoyqAY0
zGeL98T@Y*i2pr}gn#RNcT>etT#6g)>F$nu!EMJmANms1le8{X&(E^z=eJo9jVCTr*
zPz0_JwfWzC!qcY>$4d(n!8vT?fzr~w-<+-J+wTKcKr2$xe`A!-8vKyufnd}T_=r)Y
zEz{2cv=42^0d+B3D{8jUz;zfO4?Y68N9}CR0?|hpyXjRCoX=0`AYwV^!kLG}W_ikj
z3c_)AaHv2M-TPGhQUC!h?m>vN@Gf|tdCiD-!`@MuO}@2d=bb49)q#rprgs=|vqEgl
z*XEz!s`9B^Ou8}q^y73smuz%Tc_Dx@cRq}TCA{>8jO^;XzTMt8@N*0MA3dI2qup1z
zEpAup0G9EoWxqoos_GU5JUO<1y1Y0H2&jmL!~mEiAQ*Vf!ZfK#rGR7?cN*_U4oXYJ
z!(&uHixWfagoLD-^=WYP(p
zB2Bq4To$&3_X1R67xMCXu8L?&#fUGzx4hT{g{^{2XB~md2_rJZDv2i6k1MJtNIiIe
z@l~UI_}?r7<`qLdNc}%;X=uCB$f>=}74h-);jzuro2j@uK~?Y)%61iBZ6zaLfAdRb
zoc_96o1Nm~Y{h~vuQTk+qe+EgUS*DKnq37rEDD=KW0P1xv5i7Io=Lv8YP)cCut-v6
zJrc+=^B3gI$@U*-G@I|lPcZ+&r242vNuEYdfmKic?{ybWKHCkXk7Z`p#E~ylOPfSN
zKW``BqI7pnf(SO)E%mT-OWAdoGMA>LVJj8Tft$4&u^!ze@EN9{Z5Ev;B61=&m;N>-
zfuNwR#qdz(eM-^p90C4gKKCP@){(ojyL;i|{dF?}42|M-$ynC2=GI3Kz=P
zn=HeZC@yz-<+k)F-PuOKfMAI3M}&S4dwVw*os78Bn?m;gD5LhQ_1`QjIp%7_^uyP`
zOd1g+tVV4+eQg2gCf!n!w=_RMg$mSIw1?U0H=ms!^t1)5P*auWelI
zwss0g{lN+&9)g!2Q;Ur#F3o!r9!5%Go1flb%YJfgkgDw&68MvU(tC1+zRnor*_oLwF%@;x
z?$l_)3K3khojK{Dw*1@UEQGmdqt-gpU({T&;^|;Fr6=YeDGGSyVI-IVldUP8z
zZUh2lypY^gcRbSWMp;VRDQsU%QMw~+G(X8}&UaM3?fklKZ*>iE?tp`{`}Joj@>*Dp
zjt8!T4b6t&F*aEr%h9QUgc7RZ$4(xvf#@8swGg@Q|6M8psnGY!_cbyrcVqAr1njQojs}Ruq
zVULNt*4WGbs&q#oVqTTc4bTQ?H{%euUxyDol3XNwH3=KOP>AT!srk|l_elR-;W2;aH)6);Wi(D5PZnhPc7XnrWQ7NFz
z-J`*bI{X%gXR;!QZ#XMp7#t@E7CEuOYTmyjd*Sgp-F$JYs#(rg^DZvuj_4$MN5RUijT(yIb$
zdF59{AW03vSbe9u`DsuEY4=sRBOLRf4yvG+U4ggw{vx|U>U*3d@v<3!gKsohO*{98^j?dIDynvu~`CC`AUSKVD^$uctGgPx+Sr1y$((o3kV%1vxZ?D;
zH=N&{?qSBC_|lzi9HN!rX9ul_8e|aO?C<}Y`5ECiVnsAosCoDL<9T^C6|Q319~+a;
zd=ggYgZSnoRb*v;dF
zuvw1G8>Y^Y(QuhxQuRc>H#_P2{#p+KB@R38#6aZ5bN=5F!K&M^0bq6#p;BvVPiC7NZs|>stn_)<0^D+8P9a&9b36X+_WgIwMcF7cQ^8k
z%X=rgz$9#@&X5Qy=JeX&6{AZm4Etlm7($SHWg4!lQ!QV8QD#M~urwG+BP0}6B!tIQ
z28c}hze^pUF2=s%Y<3#|-4wA+?|rfkwlRzoQ2odnkOE~tzd0Uj?}9sDRoV|caZQ)D
zN)VGMFgOzj6T>~$?;VUpPr=rl-wRp&XvJc(fAWr`GVJkdoA3qJ4iy2oo8u{1!%)pggf@09gHsJZzsIAu-+koU`T+vZO1+6R)JS`SR7Y
z^A5Y=ncrYCY@IAHj}HC&N@Ypex_rB9?i)$)UBPi)B(Wif8LKTJP`4G43%Z)$YB|m+
z^mO5HAELsaZJ!zY;FR;^Q{5!aIMV)xG!pr|vOL!D+1I-ZjnnqK3*RR0W8S`oCVRdG
zuu$ej2E$+HJ9~@DlE;?h59|08^+@{hg$JYc;VW}0ntw=F0O2h|a|93Jhp~v`Shme@
zDw}vITxPQyRRxPWR{&R(FqYr;IXuvitu0N#vT0hyd
zmeu}!bnATF=TWO)pO5b;^az+#&cRI5&L2G70Bqnqm!R4*)~50J{XOLu<$(B@FbZdF
zIkC!Sg09j|A4JUxG~}AudrlP$+&85RYP&sEkUF|lQ37I0{^e!OSeOWIPbU1#rpf}!
zXG&`%&ty;r@hB#N(C~vz#%UGHoF`EFeIvLCA7IMEU0C3R`xdVDMARE9rzqvO=9DbP|mp7m_svMf3t@XF|3m%5(pzHOMxkPBLloqu9#
zV5~51D0CKfvR3;DKVCssZ>iwHj-q$m{A0{NIhM3G52o(C&Hh>JNCP^Us9OGVF6jWn
zE#b`MG5O7p?j($rYerB(z(7jLB7jO>-NJap?eL)J&gS^+xVM48nI^
zLdkom947vfDaI*3W*PuoTw56A1($xy#t_cPQfh{1SOX4On;%1Y(5|+#q{58G#FFVTQrVW1KFH-;14y*L@h=}k5SRVPO9p)?-jL)=|!Rlpy9e!m(UIUg+NMZdZT{d3@!}UTRzJ4oA*3s_iPATpk6Df_4
z{O~wuC2X%3^JJU=UXzyQ2@G|or>rj|9Qcq=Xe}L1tgKue{1-Gb$z&t5qovn{q`igN
z>rCJtemUz}4T%m}*^Zl*;o#XOn=LX)464YrL1CQ_HT(`ZIb2;<@ALiAor=ey0rIdDT}+{hx`?1?K^ckR7?14
zyk_wRBg$(&Q_E*#8)MxuKb;FeC*%dHG|dy&I~_uH;p*J?x+ZzAMil4?hLAdcXyoH%
z_Fjn<5>PZ+{)7^1hsn7{#ZP~uMS4_?yX7itimv)p)j(G2wfY`UqL3u?3k6CvcHGc1
zR6(ja>{nCY@9n;~uf-}2C<2%Gf<8?A{u4w
zBA#u*B+SB?&bca(ukn+~2@CU2bbs@{b70H2h#;nNnT;3#t-Lmk{rb7K{O4dnS~#X73M
zp|??)wMs&$c%%UL1Try$(pZH~N7>=UDm)lHC!KtDVlJ|VE1&>Fd)O@>tfaS5Yf0&$
zl3$gTlha0f$1|RfvF_;QZxlaOgC7@AZ=ZA-yFn+ct)ewfZNEY@;?^?{9|FniDu3x&U7LJPszW|1pfg?m^ts7ZhP12kEc{p74t
zJ)O(=NS#1(j(BkqXT<`QLY|y&hG=y?Sl-7;N`4wCk3>(u)P_Mq7{adC7xOclRf2?4
zf@BtgH(jF*QMQuAUvr#3$cvLH+2za7(|*;&LLeSlUD{H?xhm1etd3i0mj^WR6Kw1H
z{(@F8(G7nQC@l5ohO}g-kxpo3hh`?-0qXFx8`(il&n8dv^}aEp)8vuq|g
zwJzDbf_BsALq-i8yZRWpZ@QoZLBjHd@5~@2dVLD>W#!)Qs@~M$L@RU+4#q5$&aY$`Q=O|)bIDU+uf1jD$e}>$xVbudiHT^O
z{K5whd77|KkK@rtmW1e7X^0MdiC!sAB~MJCiXv?33gycZg!%IPzCmO*kVVW0y{URX
z2fMaGMz$$F!RRo{;;d&Vg#|qvgqZn|;)xAx>3ZGo#fF%Zva1WoU5rK|F;wx4zVUv$
z5FjcbXdmqaf#GD*w&)J16*?|!+BJm}(Xmp~|rwoVvUxLe2>BaJnYR
z4skxw8VikK);G8NJe_W;|E=3-f`}Gu*TwItin_8HeOeFB3KDU+HIn^x|H{?-tvBBd>(aZsI(iY>Guiod}&Ez?X!+R}6xaHd1rvVRGw@n|YzSp6U6nLO)oIF%bU}*^%vdM;2U_3(^b(3f13Vo
z$bR=7KM9noAR`%D;56rjbj*a*DtE}fGG5|ynEh#tmsxq_}gJunZOIw1AHN7
zg_MwQf@*!(uB=np&SYZ&!r!R7`Kic0?bPMd@t50RUKeGImP`PV>YOd@f8ta#?XKgN
zqPa$WL<}(WY|UyrRa6^==;R1C(^3rdh!3F9rORU4$k{n$IFCwtON`Or;NUHN=9A_r
zSyqaO{kcyS|CM;s3+gWKvz~c}by_e5+i#nX391JddHlt*{+dd;Xbtm}$_6Y7X)_9gdA;Y3=0u>rZ51fgLcHKczJA$lAzbza0%ivr(M3%gbAG!OuwbwakwOh$9nKP$TM+;(NCT#Yd<^-FAJ-z3VG#CDRfEb6nIZZaE
zh+ZZ5B>w4b>0m!U0{HqW+(URaD0ft|uhZlYM9}r-H94QPt%_HV)Z57I)n>8n78g*+
zi6rDX_{9iV!shq?Y;Lxn;e_ynB<)nR>cnzft?|8mHR|&@Gel2MY{JJ*!anP>j~`UY
z_kFN0FmQO_yb|WVnYv|fV)WJ_Pc8QnrmY_OBc9V{+#F)1tGz*8We1w+35Lr4e0uF}aiju9U(&XUVJu{@iKJizBj6M6~C9igO
zcj>su3*gDgj9&Es;zW4{eDU`ippPLM{(b`Z%!blFDm6_ekby*b6O-cH+|M|O_v7Mj
zfifkc#l=Cr@v0<-s(QE8j)4+~b4^L$zm)BbBSQ;`1CR#Vt0Rhi$;>?h;rBKHAaiY^
zfTz9d%CoBvp2VL5?yh>If1cNiNk7&?Pf9As
zfP4?kkp+|OO*e)9m2DSK87t&(OtGwwqE_zEC4Pk=@I*(AanXkk@_$WB(dXzbI-O4i
zDZotxeXX*dU*I&Z7V0*mHOlUh)G=N@?pe!}BvM-@vk9O0L(E9xY(DB6D?>npYW
zY#69^_7Ig8`O+duSK&O9U_xw8S0PtMPI>+pE3*lGzse_{D{fCRzTA$go{$F-WG4n6
zKc8ffp80>4dUx@I)3W?No)0$T2tfd)f&y0CD#uOpcnYw)?9HE_aLc;|J-k?+q4=Z|
zXC==HX7ZcqY?6YB&(t;_BKV5dX-L-Bs_$*6HHkFVIr)F*?^LJ!+{U!!VVOb0X?Z?c
zbizuvP)56Hr0VxOA1!ax((MzkK08C(umPr}|R0bAhRO>Y3c;_DDz^kq4z}=`e@l=|({WBs%`TFJH
zLXNtV>&YiGSBv`1#1DTGws|esC`Ac-Zv4x6?maF~Fo%Q!PImi7|4vh&C)uf?KCQ7r
z*nC6F_;$g8UtG}?Cb_{MxiW^*q7Pl~#w;)iOGgm@rPg^-AL!
zRj_J|a;s1xBj)4^lD5brWGR8{ABvi9ozx3FzV8bj?WC=UU`ae@xF`StEfv=@Q~{4Q
zp>csUP`uM@t<%;oqfP0-PT|rVy=MOFYbxt@x7B^Io!T)%PoCEO=%Kw^-F=)kI`W00
zzhy98IOoHOd+4mUEhG91pYfG6$T_{Z2)ab?N%3Z#kon%WJ|h_Hw1FM*GJ=yWoY$9`X3sSdD}0oIM44#V5Iv#T=xC3pu+ftj(c{6
zXs?eC;+dM964zpa7N)+#uM9)urVRjPEgJVWG_gWxNaPX+XqFc6I`@#81)vGABa$9(
z_hWW*-ET6JXuwJ0rA2OnMrAGAR#ui0;jgD7Lss%lfu`*7SeW_K2
zDtck_#D=dqP=tAP7}+}zWPNUuiea-q!}G8tdTsQr#wL0qNNXl#q^x6UAIjbT*PmCo(d~
z6L)E%yyCb+ve2n7#oEO74psc3^?36cey)
zbhv)*T7n^#V+pVpqWqB=7*^vt{o-yDGxcJ9v*gf1BGg4{a<#HlTAjl0At8Z!s-*Fi
z^xnhRQf-*|f|+_^n}NLQe#&7IvCWQS#<(;VEp$`}D0iP&miO3N*A}y%lyy8VF)Va3
zGeRB^99UDn=#4H92~MY_gHl{uC`$eso*HQV8&hgyrJnwX=}lkZNPq(XPTD?q{sisQ
zJyCxCcLI~oX6JnECGYEb3Z67R2K=?;MYaL>P^DnG_Oe8HA9jR@{l#=mU%=jk=E|fh
zJXbM66&K@>tQ{Y`*(+iSMXIdWq@tP^g`iL^;%vL<_j=}UGc{;V1ta8o*&L&tr_{P*
z6mG>gw1BsFdbrv?oMp&pdPVAbDnzrnass1q#Gt0-Ae#k10lMppeNGh>RJ1V-)x?f1c-kuWN=URJF={traHG9?&exuSGDF{AH$`*
zmYWZ?Is6Im8b-X)eyi%pE+0XwTQNkTudS9&fSlvy6*kjr+bLC?Q?a(hVXF(kprthpN&ML^!Y(TKBwfqsM4GL<>CG9Z4HKB9Pt?f
z+eTdxA-M90+v~Edorqh?Ww`>(9Fzh(FQ`FZQ3Y+kaosr|CSo*k$pNs4LzE0o}J(0!IBUO9>FsW(vcN?oyUHaWApen2urHv4KYEefYU?j7Yw?e
zZaqHD&#jJ~+(-Vz;M_f9=d4*J@|xY)SyD3N2#N-?Yh`;0y-RI3$x
zo!GDwb5!~l2h|j!kH@sH@abMB=Hs6c-w&9S7JJKFI^Z_qCxzE5McbpE6xT_;b6R8RYk8Al&O>$Hc-|%3Liy2Wc5ASP~VWa
z0*6-oikW)Y
zn6)?Il}=CuYWADZQd)$20=No;fASXvmzkce=Tg;Pp=V9BT@FsHOgKGSh;%?ai)q`L
zqj`?*&lEL1bEzbxzL1Ld#I4J+!(+D}$u8Qk*W9HdCd*}qH@2$d0UMxUS{DQ_IQvDo
z#29@!W~ibUukpj^Io*QU&Kt}D5e))ONr>AC=I;B4S?_1_TfgwJ3uoyE96ITnqZy`x
zIW`NiroK{m?V5re+|kZ$eyK`MFwHPaX~x)yTRW)PL{Q`m5DZJ!o3H#NHW&^vOJNM#
zXgCZ-QFN7?U|Hx@J=fz|@?CHxpP-NBLP49KxjXVL>fMb4~M@m2okMl3tNg!DC!`i!e6HO3Vl9=1O(q>rz5-
z6^`k6qeF5YpC6A@lG-QW19PYQ`-QI#iWL_vj}i_Bz08k+@IT@G-=}@7#=n@sAJ=|}
zvYoVII;|(Ktz)w`QoD+y4qP0LaXidl_KvUvwAcokV|V@TgdS0Q%R3xxpTu0`Ppqd4
zK>A!ve0>914GK+%Jz39FirsuegJt@qIgnk~$b$q#niqv9ec&n*v_cg=-!b3-vW{Q+
zAR!xqa7(d-r0hCrwr4i-@d@LaeP$#*vNG$u$dAB-aIsVSy&5^l!{nv!QAwY5NSZcY
zQiz>!tE}bBkPNxM{@{F%K-4&F^U>8l`RYX|P4EXWK-kaM`r9C?>uyEB#u_p5OZIbb
zZ&vIzy3d~iUH2bhYgQ4`vVFgaxqq6wKmGCzne>3;;?0vNZSd=5z~P)h@UEZ0H4W=NovW$4QmRoT3CR{+sEHgXr}2iVRf2u#6FGD=`h4Vx|my|
zb2^{K=VN7c9j%r(5w{%OYA0Q_u|=0->|f88q@
zXoOoFsi9sE7DKAfTnO=+2E(sT$LK*}HtNbb=)8zq(jNx^x!&T)s*HHpqxzrcKmsi<
zSA=m15qy+y*&Fcss)AksF%bWLYJpNwZCIoclT%_5jTIK?17gp*Y09~hdes(HO+nuMqBdLUsq*m?gK5@bff5u
zUmK%HW&j+4DLDs*{ry({B#zba^{Viq4eK!C-=edG+PA!j1cW0j^>ETT9ORlVZiyoO
zPwl8ceF5NL7#$i>Uq{w+LY|8JHS>LVyK3%55xJVKAp}%oej3UbmgbYZ#y3wGt84S-j
zqNueAEOPr;j@YF%zqFs^ftR5XfR!D*$g(G;!K&1d^Q8t7ICHtcgGLyqaz9yMw}tDv
z?`f9bec6s(o`Vl($wH0YpRZ+m4}bBZ9o4T|4rD2`_N(^Q!E!tlL%^~nMDl5T=H+yJ
zyr?Xznc?>ddm}!}*%89)aRKYb-uWx$Qiq-#5`Z91b=*Eo%{t{(AcKgn
zgPThU9loWlG^XRC{DS_syA?;9o2EM(LWce)C^0XXe+SZtzOma
zTtJ_rId?eRiU$@f&s);=J!5Txp^6YNG*Aqyq#%fXbB9^GaLM1{MnD3R|w;u=~$xa%zrTrGMNLAx^P4~@UNe}0RgmXfg^b1)K{;+
z_8|;y$RE4=9cAi9xw38#
z&gpq&G!kJ?gD{A8Cu3lRhyR~@?+baOCxMT~SE%1h`1*E@K|Kq;+kIxu&sg!!%EZ&f
z^YUAuu;wQ{DAQOHMlE)?MDnc+6!*S@pIiYLSmg@5q^zYUz?f6Bv>)3bkVAfl}<
zc}@}KpA=$PT9Ae8^$B~gH~M)T*JnTUKq{;PQ7_EmoJ__t(l&u4u2!HM)zqlz>nH1!
z78mCfGL2LR1A%6P#S^o$jMD@C{rQcJpkmKfZR3bChiD~JJ=kjDN40B$KGvt?%{wRX
z@$I{LT(rV_RC#+9Jn!=5b#$31CiE)gmO$|f^I)g;d?xNusyhS%9Zg!V(i$oU<@S1q
zW#OBF%8}ptEU&w|&Z0@|a{&EBa1^r_?li!|AGIlMvbV<$>@fBi@np-R!d&gTqANC#
zi5km{D;i?;F}`q^q$LDWM1Ynh=X2$FT5e*^2Sp?q
zDCuG*V}kbne6MwN5xw}QOVhnk>j?Ma
zmV%f(-yL2+B>QN!Z}5VkvU!8OU+LM?`dwAy~^X>Gu(4yw}O;tq|8miwy?N>0`v
zsXa>Q4w0q@
zOk=Oqjv@JrV5
zHLRH|sWd)Bp%1JD=~|=G8Z*8)`h_m<(C$G4A)3izlmM4WK|8r?e5a@kL~K|LfQXS}
z_8OuYDs|vMfXH_|ZQ!;u+Hr0;hKBs5ID(ct?_agOr(m;uC-e`R?rPOjhsXwsB%PiP
zgjrjLg_QBjOIk*wIYsOnRa-hJFOLw*vvqRwIQ3B(AgEJ4^{j;~>jx<>LPd`N>sQMr
z_DJ6fN6eqVOtI|EBjmF*#r5v-bvD?L?CN0{Q6O07F@MKdB4pPgK&A+tIR-6RM
z^x3GiuU`2%ON>S{OJc8X5fIgVq^T1dyLWg=uH}L<#DC7t<=M{(7z>9NcF7d8i2;jF
zdq9n~h$MG3_Im9oQpfaI&hzEWpQ{CFJ|B|QzKhkpGeCoEdw)8%utJb21KbwvdVH9y?O0e<%(?uTT`xK8!Pd>fPe!bLp$8l
z3)q=FX)&!>FO&;mJp#@{KwJvIjNI&`%Q(dWO9#ZxlJE9Ip=EkpF2&h5Zl$?P`N`L<
zr_{v+4fDPq_4N;UYEz=wjjOjpiZhy0YwLG?xdW$a0c1-f7uqHQ@F-&6%~!IXYv$zp
zd2s`{vDWPayDZ+NYaZ63mLvgzeH7iy(dp{%Ku#mk&29Z-j^*U#Zw8fmPq*=DiS%qY
z48u+S0>-kUT0HGbhA^rdP%a=DL{IoQcdhSnwjREvNH7geGZ*ks$y-WmCuHC<;^p#5
zerP-~nX7noo19Rr@=cg#@8rg@gLG57O(ZQ^jAz!!1RUCxEZt$8^|N+O2|aZYaS5){
zm+c1~j~Th_DN4Tj_e9qFe8OH*o4XApPU|f;t;_8f`#eEV#IEi|%+a+{WmDsO479yt
zbDP@LLQ9VqB=K1Jt&#kQE|=wpsA7xDC+gr*KfpiR0yBB#GZnwOL;f^Iue2uUF3+1$
z<^z;lZlN{;=KOLPws!Mpu9XU7BEiFk!>8mUdg=x7Qi`gE!}zRQ(uT0
z6+U;V*`4&7oJJDFXdZ!xb>J~ENi!sctx4FiNJoWDUZ}}s*KH?C+;UmlI30L8p^Sx;
zGX;tlcq_AXAxmrIpMG5#K-^D)s58GRwBOloz3eY^?g4#Ej3Vz2d+i5Ys*|mLi7?JR
zw^%%LM~sMllCh7xu3hGX>%zqz`u?9lc5b(}(P$=3495e{nqE!K?19;`y-LTp)p-tW
z&A`IK(7?rom2bAu%y(5ArkVgRd1&!zkJTsHku>~d!_fcx$}19-9HNJFC4!bt4bPFCH~E}zwxNLtjTD#aEI6&!$ZxM=AF4peobwH
zS5xM(Iw(A>lVj1?R?gT(BE^@!qO4FqEvbaTYST#)LcZisGSg2f!UU-=gAR>N49>I(
zca)0u9OUNIH3;DBBxdgxpanD6FInD9yCHnMp{T{U!^+a)D!NI^Sk(k|bbZVgFS**!
zRdgfcsIZ1Y@|(F!^niqfqwN>nOOrne)ehFdHkozXXn-Ug#bZt~5wP3f&kV#j=?_O@
zc~*1KdyPS4Qm&yXg{%I_|G49Qp(b^7;9U^f6}~yD^fh${S)QPi%M$j&(kH?rLMysR6J{RFXC3&Q|~Yw=S)O
zVn`+PC)WFAL;`=}oo$0bnMIcglI8VjnK-Ni=X-n|S3z
zMNg;g7*@aP8A$ixiTtD~ManrVxex^_xS6vCqGp>bkMLEVb59dr`LsS
zjIQ<+>|isRWxXN|%C;-HJb@qDXqn*DGla);2&$>MFR1<6H8(y4@&^OhKoz8EE&IY!RM%osp=^jtZ}cCYzX>
z-+0MZ*t%sSm0p`eaV$H*ITXe9_`vdjeoHRarDfUPm8$#;sUEt}-M#t4P5+*$q=dyr
zn(EhKhvO4)ly!CYjym7%3t(*ZDO)>WPrZ84R5!`C~78@>;L^^~Tclv{Ykn;vW+C!|ySF6ZBs$ap}V?GkYlcNi%ok<9>$Ffwj&)U&)#^
zLkrNZtvA;kGSIPMKExRyvs=cO$NY>x{Xw#b01Hy3Y6H#I
zL=#lC$!Uu4o%v{wWF%ce|6105{Okx}?Da>U@Q@H6i4wp3#i_tWcIn8H{D~||E}@Zf
z+6n>6hE!@pGS&~xXW8{;?oyU)M#Y;euz4KaE9kh|1IY+4M>F#76$)-wh0`rh`B}(e
zd;KS+A|1ApQXKiHE4JcF8RFBc=8BQiYQb#T31x%;{GjyHS
z4r{`{5t~#)OPwSlr=>YRF08cqmZ_LzdFfBj=M6uUUFAnLIkWY&QWD_%TG6YJVIR!T
zcv|dd
zlbbT_oCCmWmyf++5dhB#5y<~LE2*ijPP7?r{jJ5rvi1XMx!PzyI;2k8
zxvXIT1V&ym+FX`os?^sJd2V#q?s~q^q;ss1i&xptx&I|E{Pz7yl)zz*$Iz*s>(!rf42cAG`5#GBMGrq<=XrF|x29u#nIxarSN
zv0)mw6GDUxVg7Pssz1m(A%cHt$tiida17DMg6hF`JoH{v+X*65j~{yQwK$rt2&s_cZM&dr&EH91ypOVD>M5zS+ANsJfkjUR?U&c6MrKuEG(qBibPUe?SlyEGFu)k;Opx*!xMo9PeWE&_%LDhH$IC~P_S<3OpB1BQT^?OG2w-aH^_I$4?
z8k3*y8(Qh_gk8gy!8t6TzZV{1IN|40$I?!E`E9=VkEKQ)2I%s-wB_9h*0-50ZZhkT
zfOqrfBX(MjZV5`aZj>fqEg~lQ8pm#7tql9GJ8yhzs%X>htPNz3g)CAq_8(Taa2sXy
z)iu|a^#hP5Fx%ts?}SJuw2l&jA%@v>7N}YK`?}2RVtAC1hA46IYEI|Rz~R1@^}Z7}
zax^guD^{=wTBr->FwVSd0RCreZ9qF%XZ0qq?jrF2|5YxZ8V4GD3v~@Rr+fgxKIPFO
zJFSzH{aC*~U>@5vW#R>M(u#!?K^b(5NTl@UYfh<5vBLqluq<;o`p;r~7N9qMh%ya?
zDJ6M@>C^&xmfvAFbO4d>=J3#o?tlOCSVvr&vjW5`iJgX+id}b+ZW*EY`1tNERWAOl
zK5AJOC4_smu$|mo#sQY@EHbY2D*lTwJVjST+Pl
z35|yo0STw?8Wfdz$4DM;YU+B(tvaUw8t(5!$og;TqFVlBZ~8!(Ilfk_>Tc6rV#RdJ
zxjcv{7HLpm_n||gXp<={zWUG8O8Qr%=}(umE}Yzj3$J1y;91pwX-$5=j2SDG9LGGC
z(h;*wFTzy|DFU)hO>RM{Kg9uhs}|P$=1u^jQ#EaIoTpLo!QNgcxN^GfTnwZhX`t9s
z8muMMDZ^)~&J9ra?Z}wXxJlE7TI}u=wLXLwDb*l8JrUiLy0RST#Xo8zFP|ue^=`qZ
zgUfG#)Nq2#5@om;!xg7lYSC~B>|{541c-JUAa5b!E=4l{e&Fb%`xKg!{=fRlaArY^tG#qyC$rVNWIpb_BHxlBVzQ;fJ6c627rem4
z)%uh!Zcp4iu#+7FE2|5O;h)VHue5ffc`lee4NNyz3wfou@k^7dtpxB_sLm-3KS$*I
zsXMK!L&TVOoLmM0KgP-*AbpzsNy`~tm|cl*G|~in@AROUyj@y`PzwOOH;TXFrr33+PzwDrP9+Iae>b92D0*Cg1ikb7w{0?Ha9^jOA7_FYe~
zgP@Js=hvG`Px{cqAC`TMkpQ}2T!vyP&MIoAtYGA1dk{=uM}4TfqvO@WfJhdS*C;2C
zt_3jG#Mc&?HKS<9jqfMJPHIW70yY2>pc^9K^~;5ANb2~>I{{`41j5xFMzs{Y8#E?3
z`_MF3iZtkWNw(f;sxv7xSQ@iX)6-+NbWpK_5fFLQP{b!1wdxtI&yDRb^o&c(y$kR4
zk%$oojhz)SQ*rW}t}}*8j<+Cd==h;I4JAI6oy2L3gwZvXK&OMu63)zaWraj74cfhK
zkcuUS@v)F`!gwYp8gwiu~LeZ|hh
zqG#3{X5?vN?r>pc2mqg0{i$f~ymnO5kRtYW;&7raNKRuTsj1-UIQ>k8hoGvY$429U`YW57y19ZEi0K)ZGafZaMV2FI0uSP;p;HL3PWucui0RIg5TXL29A3z`A)5QLVI1i+Nhx}jP+5ahKhN<01Pp@Cg+`cY5
zJ3H0G!(*`I2OnFz$md?Hn#_%OK>(B_KQuJ7p(Ra9xFXV2m^A!G#nirTZOAm(>J>$Y
zLN8#-1ZGWNTa>32;t=*&HT2YeyS7
zsTc!<20uIjws93(k4jUscQWog*N=Q|qR^SQ_v7in%I0q&0~cK502D5-JCX-GQhILg
z$$Ew(=eNf2m9d@h7T}AGEeSOg6je?vB>%wDATa)*J;4QLucFj(+TYsB0K~7y2G}1J
z8{Gt6i+O8(sO6=^!Bhi{$#{$i+E^X85Wh#Yz0bTCS4r5P6(d7wev&$;iD~cF)OtrX
z3eaB09=tu*5D9j%3_^${`S8WUnMD!nO}dt64MTBtiY1&W^RZT(0e;RWQ=3YxnZuR_
zN@%DKvUSJqnaDgZEs8Y@V4DMMMUKZ@3y`8Bd1RJOydW3B#FjcNZO5x4W6Clt^*7UY
z<_|B~pnpmr)MwY#4k5_XIFk}WiyPUAey~-(r$&@hc0^N5fTf-+VRh3R2SW%cFc6EN
zC0s?tYMTR0T~F36U{EvmgrVOk&d=@9vvs|<9Q{Pus9$5tb4eifF4)b#+uV~UWP1Gbx;!oMq`VTEe2
z3UN}IX&wHBC*QBvr#bLBr~B9^TYhSbHJ#+-B+J_iyA7=mD62^cPQ_U3H#Z4`C7(??
zx!Kormib^&&6TdXb@)-V&_=qaR-STHwzZ5|7r2aq=R@4vK>Vy5-Jr$<$9X9|2ak!fchHAIyZ3
zN1=w-9{e|*(5YH3#aCH5)pEXt;g)d!^{9vxKpqbL+qqe+t&K!m9G~wKJLD0yT)~f{
zEz^$bPoPbw1S58{b=xy)U42RdXkBIc_o6B1BU571#RSmh4kxX5Nr2^hV5p@1#e?zq
zH*wm|hroVRxCqciqTM^D97+BYr-xwT)11a)W7#x^~fUO2*`-PlLgk17K=@`!6ULXp@gwgWfA68->6TU;r#d#CZye2$lR&
zLG@G>Ph;Y-9cfWiX9R9F=h)ZC(9@A&$;~=(_&N{=11v&$-{Om=JE}M2zheG(Xzhi3+D!3MY%3{|R2Gt|vc^}{Pp;z(VpI>=7^D;c
zG+KfsSBYowShg=^ja`QOsEe^CyTU^azjiG|2S!szY|8t^!2s-H&N4MXd@K+P@F23O
zGEhajy}x0uZ99%ohaeEZk;j?5WF`-soxAAj-
zAF5s`cRMtEQp1jm1-4yZB$}5l0k@lmfdQ+vYo4fdag0wC5I2!>)$TFCDtXv!V-L$t
z#GJri@35>T=D9@d8AXDt^#!PI#Cr}y$rVJBoigj8#^uF*}7@H(bSws<@0+F%miRoPAMs=RVY6^#n9|fD3~Atd4S&%
z;ew$sBgwhG^!9fhJ}K>*%neoHAN4iBiCky8-0b}|l=$?#IT({-7_S8IL?A{|X{Ef*
zmW~4Q+3?-cqGcs@SllrrtE-9?YEbaQ$;wv)n)WJ~^J{B^laiAQfC;Ij!)r35
zzFs7@)mAz`S)kVXh`fQ3;IL0+WkU0IO_J2Hkpq*-FQWF`_g-
zhc}80LSgGO??ofnELkipSyb*-W{ccJfO@bhbOpIoo3&aSV!c!-cq7`9{Ivk67RQ5P
zg9e^WRnz7r-hOz5+jVUmr5+N{e$G5erHc88r~pmxAaQX%<|2Uj{->3Xxio(ZcS?z%
z8cT#%Ta=3uA|=%&&esz`qO6{mMs5KFIqcw0Wy?gVByQWVy&1{+`m?KwiWI{6a&j~U
z5aSFQTU*;}^pgn4_x}?AA$97##apx)8C9h8J*Q>mE|pi_${unUO)Vp-5x!OL@9=WrW)l*n$#ojlR|n
z|4SQjA6`ZB0HnT*wBMYjlWcH`alK;B?c%yQxZa58ZRXl`uKzkH30xW(g>`bfs2d`&*Dky?52)Tb
zrJB=luO{{^%|;7F#fUn3R$XP$P#T%RPn>M67*3NtsHzBC5{mGiFmLx_SWbYrIhaFK
z9gAw_?d|I^U)0gyBxn@=?a`a0&~V)?rojgV#R)*jS4ib?n9LG1INFj_5QQIwZfY!)
zPEk8L+ajx9_Ha(m#QxhH`t?P$HB<^;mAbbYw!Z6)U4lT8#S}e*BqsS&RHMb1jcg6Z
zI1?r-1`*amW=!%a`_U!+L?fJld@AzA|GZ-wA0>SJ`)03BX^v`vpp~MSMV+t
zxUF?vCI=rny_bRp5|^jx3opQri`O}oGQ}upNx7Q_bx@q}8^atC9;DJX+}(
z5~`y#I&3iQ!5B*iG>PAWm8Hki+;QYy!=|sn*s?E8!ao1vux*(2Y29G>G9*V~Lj|a`
z*jupO=-~EIL7fD_V?9YB{k&)^Cx30tN7}=vZu4P(IeqBaBXrzx17CS4H`du-z0u>E
znnEwI0pzo#{19Kel-sL-#hRB0OGF#o4k3NN=)+H!UIJ@kSLBa6tg816$>-!PW?&j<
zWRgE6AGP$4oaZlIhKOSqD5*%6yW4J!8Us0$JCcDJNrBj@!$~fTib-6$TyDD2HY{&;
z!+OjI`NB5_>lPMBlvRe>*S(B&xvC?fM8bM_VX~Uf5KIk5N{AF{m4#EG6bT;4A=C5n
z(HPn3^V;v^BbFz*$7IY8xOf}Y1*)eBfet<>Ar=C-U`ES~JH9a4zco4x*J73|p)d1z21{L)LA6=k7RR
zo9$)H^tqF%ydxC1+&?MFuSN+Ed3`ifdb`!OQyLn&5nG_HjO*4n`$ov)b*gJplh{dl
zbdmO>{Tl=38&v?|I5Q9wkz@5@U(tBO^Y2YA`wAKtFX(+sxw1x^)UT*fqU@w0*3AsB
zOo}Yj&)4mLqSw)ApMUG5qQU9%-(N6)JJ+h(8HQ^%bF^m4Jhm4uxT@nwl^I_q)sZx{
zq31e?7z`7fE}5^Hxxjp}JRU5;DDE#jB9qc!8tjP
zzrT3h<#Jci#m`Xk&Fd#`55phXruQ=fIwGm3>Dd|tsvq-7exMAbDmY{GUtJ!pyRAu1
ztzJ4r02n_$Q5
zW`!Z#1z*|E_K`6w^-6-p*>3|MG?AG^18IwN0?gv`vz|S6M>w2@I*7dQ*i`1Cuacq8
z^2PT@RY7cLA~4o1&IicdEjqQ~!-Q&i@dTg{-z$lS*^|R*`!hXwtd>Sw#O6U3$BTV#
zhaUfvKr?llAy$WllweDIBpgTbziJDjz)ebc{>(fS*PxBD6_uofcx_VT=X+)Cl
z^W6ZN>_R3}Jh1HP?fQt_#KxcA^7_FL4#`gguNc=*OXiu2Kt9tYDrFn7f{La?foS`L-c5&ounDTo&30
z@=Ox!a9-kFmS;7%=(3wMprEcE^rTp!x5@kaf#gkMd2fHJuy=hOJ?~#&P^MjLQpIYg
z1xBTN@}55V^0&kangN+A-+URgRPzI7T2ypbZU}qI0{0v*a>{H0yzf>wc%Sfx=(V_r
zBtD22Vex$(QlCT!F<23(GCBFW$e+N}*YT?i0a)U1@vag>DGL)V?A_OXCD?PqD>y$z
zUebN~b`n?zMfuSzU6u5={>lqDG4Zq)-0PAKl~l8Ie~K)dBDt3a$*}QgH~RTwyY`b_
zT%H8}{!2+=h6t?RED_>?W{#5{fG_KGF5Q9!k2#k7exC>;C2F6|Ke4jri)9~lsS11V
zFB|*4bv?$bsWi^P82pkX^l!iup%2(VjInpR93gxl~R
z5M$P0aHWD?jI6?cy9Fe6Xa`{u^AgPC<{=h|`o{BGJcJ~x7Lb7Jz|(FZQHEAxZ9_REWYWRv`X|DDLfcPytq)>eB4BFRRt=}GF95LQc&bG7y%PSqeT;HEU~x538z##Q=k|*xLi>{1`K$C&
zD&X}OgAj2lMrVZNt%Vm(iel%2JE(IlD0xAseIh;8{uWWTUk-f(*o#TJaitbVDy^M*
zvN^Z5dp#{jU)?1(Tmkd=$o0%r1PO20akeWWw08a3{w@m;X7VbgC((hdsWjbozDDt^
zCGu@ZYHKaxS*F0w-m4D`^HY16%j|m^W%xDC=m1ibKMe#}IDcy!pqqmZ1{&
zpr~ZA%ln;IpS24|M_?|yT1h;1dfgm3MUM|3?oZm%C-g}o`qeZ0InMkrhjOEQ4@|ix
ze;>lJU6(HpN7%9-A67Cn7fX#EACSH{3Hy@2cUsPR8ML5s>^*h_E9ElloXNgXk0qk_{9X;=Z)0uoa
zLExz5lfbng#f&JQvuqUC%6-czd!n|XL)*+3P2A3Fti0oa77AJAzw*W+P93u3%@y*v
z9k@pQ6mUoKTIGOlu;i(^Y|-G@9cZ$=)mH6&Yu|YMrF;ZKsh_a<LXB2PhVUV|g;qOTxl?`uwI{9PAT9s36v|~;o_15G4
zs`lB8L;UCwi*LGYW&-;U$&2yuktWGaL#|)uLv;b&m|HmshN2FEl3z@y12tF4fNEXR
zII{o`@!Jm&3SV4xaQQym@p)byZw|_EuI2prL$oF3Mmq4{MLNY
zls>xrP}k-arc&R~jTDaG
z(~svI^|z7p@979~vyKJ`FG7T;!p1tbe^jbeiRUsyVg7Tjhq;=iJa3evWtCI_OX^+Q
z)2m|fnFLivC7cB2{Yd?oe)pGt&30*OGdT*DFIHKOWeMMQ
zvL5ESlyZ*>-eM$;#L6mtczVzdpiO9g6kG(^wvoE3cC)XfGE6r!5n
zC5`VFsE7f(Tj{&vsg^TH$$S>0l2WB%AVow8p?SN&>$ks|YVY`x^xMSZp~9u;va)8;
zvb|_Z0v@->heZdGiFw8-k%ud(`RzWrOTqW2aOpBV`=)(@!~-o%S|~BS9+n4E(;texfa#ysrt}{D`lgm5wtHOuk-WH?{Y-cN#>&Y3#62&?
zJx}6d@ybb;+hP4^UE406m12&i<%8qs<(iaeX2xlZud|`vk1n2I%*e;gz4V6w&#E$5
zE&Jf-qXnz&WQJdH5$I}7SL)1G@jAEd3R{f<{ua3=cD5kX8d$vZ+nKYEc1l(_C#^yuh=TimfMmKK;_@Iq)xG;Na~~}a0y*(fCS=gi@~_US
z7`MF<@h0V-Ui?&3&I}m?t$<_v#h;NVs_sSku+yP5BM&O9j(!M|2ChfFhtW++y!4
z1?%5h-nPHXvZmHS-bZ^5`uXdVW`GT!JQWB$v+?e~LvN;b&6k_8L<>dR^fWbTrNX@!
zDh+wYdHwU-s|!|K8JTsj#4akv^=2D4B756iq^|eXQgqyX&bb8#wT@PjvU!4y=Llco
zYm&5yTLQP3diZH7{gZZyJy#U`GpaWF)W!y8-+FTG??=W{GU!mmW&hB8`n&&*DIeY^
zE;MhV%uYKyEOofJtP52%J*duBoA`D+PKlnAW9s3oSX%{_X_XizcL4A7sV>eZfSVOq
zZY!kZU%TVd*D~}`g?VJ^ZEI9*rlwc*baxM4dj;7nA0@x%Upx#L9}aJyLYs=K7Bn*{
zG#W;4v>M*z1O?||^qmcUn~XhxF@Ty>SeXlctsE;=7WiXm1I;+DhX3_^^Sk`~IpprA
ziVa6XolZ+TsB%2d39`1?J+AwtNeo^4dPUmZydrVpJYZ+FvLlB+)gtI#gj-Cgm23@D
z`mretl7V2#$sdvd2kXAxuF+|n2Y>&2xFUX;1zaWE4nw5YSo62BWB
zm98|^GQHYrf@PcTzpEsY^AWxx`^M`
z^x^Q@YU=kPejO9gP^{zPT16fG{55lfiY&@i&bL|;4js=~2ny4-`|g5^WHxX1RvI{i
z3iIA}Olc)c*a>6~(Vs9B^7vP=Bcf{m`J`E}lBAgLk%bJm6`#VDg6)vHKm|7C8G9Y8
z%R~Cc#Ti6^m)u&a(pK2$xW8pN!lWT|jRB`<@zU4I-05?JJye`u6a#nXxI$brl*yCa
z3$8Bo6*)h2Zk|V$KCkyElIA5Zf8LHlR{T*yP5afY_son&G5mt0D
zweaacn+|nY|9*0TmPL5iJO>0@>@dzftNSF$tw_X5h))-PQvy|c5vW%(j)j2KIoxp^
zKEHn8Js?+Bn6V<@I}rEp=i8OJWx-v~@PPEGChTIw=|YY$9)Hy)s8&%GyQE+F(cMxO
zm&RjJ!zHUlTcLk|jW7}l+zS;4ibOfj6MQ4YljeIaSJdsr+ob)^NyUgSH!Oeqbj_a8
zgBEWw;3+SQs6ZXM6~GHhmbfRkV~dtCBx&>FH4oWwX}SpH3V8OKT|>k)GRAXxCF%6v
zp8g(GX$7_{=qaNBLK&i~uz&2haF6PuydJc2;$hbi@+jV{j8FLYU)ezHQyVJDa)0ae
zrg;48f6_0D;ZE&Z-->%LdTIByswLF^&;JqX|Hd=EZTAZQ=ep1KJ`N5`SG~t`!rnLf
zc5y4|LE(xCs%~K&zr#Eb^V!Na=!qoz1>~k~Rv{AQJ3N~J4P!EQTTI3BQpYRQniU~AI)!pQU|-_+783Y=r{Pri|@Z*nkG@X
zv#jGT0-xE+RW*51+4Jg79F$iz9s|#GIWreDGw9$ty?_g2{2H4|f4LXlbB9?+fl`|-
zR5yZaN9_){@MbH_$$}m0k?UnrJ7MC*YW7c!wzyO?P*Tp{rjRV
z43i7J)=N7A=$8g{UudV8P!kEE5(mPrnT5z&&qOK5-rbKJ2qz$jC@7a9JVR9!W}12g
zniaLq^JirtpOBulQl*)mJID$3pgt=L55s@R<{lDrB_t!Lsf|qGGyjmJe(=#jJejtCmir?*nxjG>e#6>9f=#T9x`l!
zEdRRUekN*s)WkFcx^O9)I4wH9XXqfMVY6f$4fDqPm!nb^8O^1ui4f&(A>9k
zwoq586aoeQXKO12Wqy48{nw4e^nuY)mHg{#1N@Z6z2su0W#YYrqIh^>xy5G>y~0Jz
zric0e*V}bRHI@APt1hyr5tT((kRphMt`KPpxGK^F6i7e_MG*o)IsxfeP^7LPAkw7>
zNeEp61R@~42@*mNMTjI2lo$dM;9b;xfBepQf4pg7eHqS?GIn+;%+&O04Su=u<%_4SOmnU-6+FZA
zlWshiNAZIPmiuqr-e*7qzI+y5nHrN@>D-`=mz?fV
zXGtPX!Ow)_EY${H#dm$7^+>#4W
zsAFrU-6kFCqedujN?n``$v}j#@x%yh^>@x_R{|$+djovKoz5M(-)n5#-Yin=L_|8~
zj#sVkt2m4YZm4p37(_BDF)@*OHp9Omv}K3DsKWCRy0d
z{l?JkRu$W609&4e`lpwcft8m_s(X76nkE4@TybsR&=!ZPlJ@33Byyd|3aPIj_&DL#
zDovRNzqdPF5rDy9#&4=G2fH%70%l_=J(hFoh^)WJ?iX#c^YF#iw^xgZN$(_$^Ecl=
z^Y5NNiP$B+#pQ7&3E+A!(jUhU=%VJW8-idcv5R${raj*q`Fd
zU~0L=`7aVi7tP#82JRhIG*VBRj#d!$eF)wB_*5Bz&i9m`e*T-CGriUx?|d&k?ef|Db43pSH}?IBIaWt*MANwoGzRQIToi=5ljMSH*;l
zQ@Z}^LOlZ%hL-7r_D-f*?h?P#AOkOkqsb+c+L|jv)0IJm>O-_EY*(RD2L}hH#f2`N
zISiRTIG9%x_B~fjGu4kD)~5Zv-)tVt5gpOc<~KLWG{*+U!?Mga#~YCY%pAI9-vUM1
z{umZKC`tx+Z<5{TK;CD3r6cGHmHphcyJ3!Pms&3^Ba>ElH~1V&nsP%B3%;)Kf-@P^
zr+H+35xM(R3|EF$BupbT(T_6u)@t01lT3wZ;F+PW;IP4pz^s799NvEdCk;ioc`geU@K{)H
z)aA_6BCt9xtTB?C&(u1|l?3^u;XtHSp*`$vGk7jLVoAg;hlW%`6!T!qPvC#sY0HP%
zi$&iWa&4Q~@PgLZ-oE%QHe&=i+k0f42b6URMjDoJKT*b1nPJsnCsM+I~*~KwQ?~
zBnS@@JMeL~e`x4!pGaE^i4ZhaOscBD${)rDjOpE
z&D(Y&)o(us1_wo9T?N!9gEm#e^U
z@8Ko3av~xk`{Q;^JqnK^lcZo}S}VH#-CNWBx#b@<;WkMhy_eD~4EwTeXX?LeK_4EZeHvbI2VgGP;kpc9&
zhK9z+R)aQkEO3u-mC$ff-?0u;TJg&M#XqDb6qfENL*~~n<5bZB!RcZw*f-P{*%RJaM43Zs(W0)v=omW|X
z`{Bh_VHICpIA@D+o78TtDrqAT@E|Dz9i518s1!b+R90#yv$SU^T^Nbb7DqsbmXgX7
ztT<;wQC+LGx%ZD}$R^U_@A<_iFfrS48b{7CmtM>?RyYy8W?O4^ng)_BH8lN2x^|fD
zH6e@64ij$ei0=X5cK%-vXJPoVBdW)RDYzsyL#2IXu4_W+t9KVZt0RLVmMlXFo75Cg
zsDm%2Xv$DukdrtB&ZOjmrp^QsISrx;WW?gKk|=ygucZDxWe
zbyeo>{aN*jg+GC&mmGwvY%|on;}#eRY#E{J?}i2k3CP)8T%IxBb?YtP@O&!>7hiAQ
z95^*b7frx2IBl4Rnkwd!9{$B(w<=L&R8`(`p4t#*aDU%m862-Z)aC}fE8uyh^IjfN
zjOda(Cztdj37c2u6jw=@-)Cc8NzC`r1dq2v+s_RyS|C$RBonhZ3$M
zxZvs<5fVe;#YN8EeXUQAm0G)sC9KRi)BL}g=cbF`{Nmro)Tu}JsIo;-bW4lfK|Lq`
zB5NWYo0Sw^8nppa7Rhc92LZg=t&qH3b)i=h2Pq|ybGy$#hBZpU48a=#mp!Hmg-=LQ
zN&=Nu!j0-F^jNdyoL*8ErjZT>*D2xh127ZWCa9;tmQl)^k`oyo14UNG8T5oQkWFGR
z-hEC|OZ=oo3CPf#V%|V_or>)NQ0JpF2}+y1X|PH!D|<`1|0Gq
z>gr&9{0OoaIo&v-qxzTY#>SnWKNoJ0KO0?VcXjE42G#bAbU<|w>AFc&OzgF-J-z82
z3!!TFzl8?S^OpujS%nAqdpk#%2ePJ<&x|TwR)LUPv<}L%y@Y`^@d_cFZT9Ln-#TQ%
z%n`g$p|P61YiX2%nUcRDLP{u9T&Wz}Q^(#t1J;
z8bXOOKuX-|R&Xv|%|x7elv0>|tXz+91P2@{d&jY4pMRB|a)_N!7D^mmyqA5wv-3-(
z0H(13$*hSxXlP8cs3`ARSMuc#jtcx+0I}OroQxHY0x{3>&Tifv{R?8A{Q{pLF3J<~6a>h8DG+$mKoMTi=tP*m6Z%*N
zkQI4g!Gk>V_WNMCUtSBGF!?jQKo`*JGRc{a0I
zCvsRvKx8*;1OUscpxU%Q40h;OjfZjnQ{o>4mMOS^4-U#Ef;-J{t|x?E9iN&C2VS$*HNmf+<(kJzi9d(=em<_
z?bc;mmrVywd&-SQtMtMoH#EQgm6j!DYPT}N(4uf@I$gxi2f!yJTIiQxiCPcxVpT#F;%&(O4KX|m`r-ELffD_lB*TZN(
z*_`6GVKy>*kNz_Zjg@*$r|fMk*kbuLt7%SL->zcgLQ&<}bw9W70!YK&<$NU#$C=kv!tr>Niz8F#~wHRpWfufc-%pD8lz{{l;?J+>c+Ou;>>!r{6XtBz=fZ4r+n
zP3`OytgGD(tp(HdPTk%74)GyflOLokg2;OH%$vR4ssipzZ_%mDoy)S
zrl0^uDnCDJPa9g#bb4>Ftj>oFL21>7BAM{r5Z;>piro8)x@&0vKmkJXHZ`~1W!kiJURyrwzRFfIRrhm
zT;=5LKJ@`X2=v9#D$801^GeLeLaI;$JZ>@{WIvvzD%xD(9n`r
z(@@pX+q-?vIzAr=hE#R5ToS5e!OWk%NX|EE5m-|jTA4XL
zGVz5wPPd12w`At9kDB#(kUn#f|FlAMOl`gTx%cCCg13&9@MIbT!}i=cReY^4Q^z%v~H#M*6{^V+nFoN@k-s($)y$9j>GC|dLtA)2>
z^2pBgT$S28s$))q`yc;Uw!wwQK*j=Mv0MZ1yEF0fXu?Uv6&~zBC#;zqgeT_;F5Zci
zywGt7pYssrLb8WYYFFx+sd+86=N-YEe4s3}%(iDcp9MFi>UjVDvD&J2S>Swx>t`@6
zy15JE-+9+N5Y*m%L{EqaPSj24CX8samuj+gBvg7QQEDexa~_g&Z)2hpn)LWATpQ{A
zEqb+Q&&9m(tU8Lz%z1EJjUvEJ(dV<+S;U;AER%{s=;5J6Pf)B~Yl3Yj
z8ry4W1-Cv0iFK)g0B059k6?%K(}zHFXc+e|s%Cr6o!T+X4}yaqaSn8-fB&g9|5Ag%
zbqG(c5O!a>-4XDw%H5~?x_Ie*R^4oR*NWt<1|S-vOYhvn$^o0JP5j@HGu8>&F7$iL~ih
zm5dpYIH{I>CiqdIH|tfZV<`z&c3|z|boD8>bw&ZTPGyMY^AP&4Uj1L9+JE9752}f@
zu+qbHzP;qOTq{X!Qkf28+f6h|;5Q33zQ_d&Y>9E-iO9}0Y>YopP@d)ukDSBZ5fKtf
z7#SgiDE9EkV+y~9!E)utv%4Ke)AanOArCT{Kb{bIesLc0t%p2}&xPHpCy!sXZ6c>;
z9e~vEZhewMphIhUE`b#jc~FOPl>dZ^L(e`sD=(k?>XnfGseuhS)h3llPiIBcCDe_*
zH(}R0pN_Eh4~jQ=O{UsW+9R+3mQGz6Fm=JGyY{q?^}=I4X%c%2ocoS>D+jq*#!*2LT1ULlwS!dY2^h9qh?!@HFB*Vs{CflRERi!BrK5~nW
zw}DHQ-YZO_pHp?Zb3{Ys-^u)DdGu#H|Hw=yfzsv2%(q-wasM~7US(C)l24nOil(OA
zm6WZ))G#kjtM1m+{(v-UsS@dm!`3{f-?gM?jN6*Aj*gA5(><1Uc){P#C#_9`P|lYLd9jC$N@A0?E=P*LAdNqE{X-7p)cF%CLPW$1yCOur_!JksuV
z@2M8h5#WFpQ^X8J71`>JF1{*|Nq@os01mYfChAzU8D#BM1gN{#YL(GalsV?KIux?^=HIIQShUQ0+AMBkzffz=qN}DV1Ph?
z5YpSUd%x#B_hy((W+qHP-9Pf=cjmmO%)NK+d)|6ZIJ?h~(|@N0qk0mhm~l-CkDqUm
z55B2ovJ`{%b+ik`#5(+{(5Ur&0hrnVpT|*FqkIWw?m}O4Cfj~Q`wZ%A`QWs{>U1U_
zTXnXhQ5q>E-;R$Bn72-83qVz~hZNEdNH5Km$qs+V;}`s__Sd17@QShW
zp&9jp8}6ta2IWhKEX8l@r;9kHVc@}`=fk{{@tkmhI#ctS3-~ScZIA&ZQ-p~8m88cm;#29
zw80Cu4S#{%eUQnPMPSwd^!cFt5#I4SCYkp`YPX<21?6L=F^uEg-hKj((;CcylvY8V
zBXy6sD^-jT<#{j#juMMP2@#zF{16zEz$7bFtK3QLG@+21_7^R8;F_Ue_OUgJ|is_OK;qxIqr4EU@+`%(W1rbci(-tOnku&
zYJX%b>|<9j;2=oHxrkHw8A$3fNNEeqLY(Rmc_m_u7I0WBD?u=}$n%;$Blw
zccvK%_(Is*>1v}2UU}t}rpJ#T&y;0Z6BHCQCM6~1V|Bn_IhmD}bzXD=V9Z(cz3;9-Wv{1sCX;Cy
z7Ld3H)bkhZ+qZADbLY<10|pETkBEr)n^vn8?+Ft9R7gljL#X+w&IKkQmw)CEaE;9_
z<}A(0$$1{vAZ^BQ&0;K`#ckWRof;e*{3*G8LspYIAx-CU^Ejo;$Dte
zSB7-)f8i-t@c4yi#55<29e+Ev^Xb#4gUQRU3&jI`<3N5R_t;FKx!@ITp0Fpuv*ilX|JQfm|jM{lYfRS=G#?IEn
zR01S82Mgg3pjMy>TT75%Mu9WMCqU94Mu*BEc`_Ev2|N$=RRfrM6fgP;(U4lV>Uhtd
zJ)MZDM8jt86rElGs(-OHF_i!bN_S=|0gPCslB5-A@z)A47cgDoJ_j9{O6c0P>nD{`
zPg48ptFKbzQ4Q`@u`E4b9#y
z1@bG<6fIHPHwyp*muwE1q9G3>K>4+_`fuf3F7{
z%k8#61?-1xVv-FWvP_`~z^_8`dNZzvwAC8Up$xStYo*$3JKV;$kd!Z|hD0^Hc=2Mq
z=yU=?6JcL5=YMO2B+l2a5s{IRD#aL>)?(A9P1VfU>#x6_1Fw4m78{k>YPVOwHH@&U
zernSt^78U1ZR-)97>n?O?^7FKDxZzF0`=*b=anNN*%x{ITt!FK3VZ=RDy5y$i}Mh-
z;=%b`wU3Ymkz1?7oHHE4j49USbuX#l7xCgI6|2+uYr4z6DNKr
z!laI{pMN3xe#2}w8?aDas#kB|fw2^0R;K#+9;VSQM%!0u+d-?=b0VS!Kpme#^&lux
z$&e&DT26l>jA?zqSiVq964ENet9Ff*D_54m&h8}|t36S4Ishs<5salVDKQb{szHMWjhj1nu7`K{`@!Wy$?4Oy_(V)eFI@EWh6T$6~7;$j}9^Ga;V;Pc&bmr
z$@#Bhu>>j1U!R7nCKd=87oWI@adE$fyhU*xFqbwU1Tr%-ds{3P(tiXbxm!i2mw=S26k@P#+m1A7&>#*m){~a@3QA*YyF4
zeMKhS_>RrGvA)B;+%r`I`w3eULWgaLed*baot}IzeS*sb$gs~_bsWAS_N^C^yMI3*
zI=E&YK2;Sja?s-t4yA)8$BJ+ZbDl>ZWx?3u?_bbeE;{@3xx77TmkTaYSSA4XpUelT
z$v@4RGbe~>#J0kjs$ai;&epA4tA!5)iff~yq8@QqA|fJalfsS-8#d&nq@;{()22-a
zsOL?U87C|#4MLP@u)k}u&}z-xN`F8zG=Lp{(7E9ExlJWj!h^JNa%5C>ERV&q{R#5(
z3uw`kV^aOZ(
zLenMT?GnPn!@s_A<;pww;rjji_xFV4q#QeTOh_-JfD$V%0mj?{vks`uy9OL8(jZTd
z967SAUkXe3DDPW$6_^8vQkTS|kETu5ZuPs@lj=O|DcV+b
zJrL^9A8K-Zk=1nCA}f32Gb0ja{=%REz7G8h)9*VNDV)ix5_Nmi*abpMs@;>V5O
z`e;Cr`PK(AlQafR$PEqm5ebK@=HebyJE0tUL7!TpINT2zVp*8p->zLWTnl}mJi4#8
zag{_0)Gg7Y}~l*YtQ&v*De_1^2#5{ePD#t}Axd4t^41c;JSq
zDC44q($kD31Vl?%RQ6Mh&4W5Ov`D3bmROlWsK5^=r;F5BIHdI@qM>S2mn>Q0abx;^
zVD;+NC!s-vA3(^<%X8X;_6~6Rj%?hxv5#}XJx-`o+`=tmdAEgo@JX4bWol0x;#+c}
zq%xZ#tup>5UVmE0HW%-uogemMNT1WIn+>?xBq;if4yuwEuhSaXOWS(2D7M^~qTzaT
zpdsk5Eet^~wloF{`~8zSLt7zPDaA)23WX&f;ueSUEM-G!oR&`^XHUU#q74Iq16e7p
z=Z238rtYRj9
zYj{${#N0G|s&;}7eanylKI)RGzonNR*%f636T5>FsUcVzPR2{=LCo&
zbUK~ggu!EW&bR+&@W@yNB0uZ^xl2;s-YOChu8ClyA|A%Y#0rhXMMp;Kf<^3jvGB;L
zV#}q0j~Y9&KA|z>7|}LhPd`XB^Ps;Wch?i=A-y7E3uhard8P)JZ8Qw_F5-y?H>O0
zXN~`Pwe-M7IAFq&A_pomuw@mAB?JZr?to+odjZGE<;J_W!1X>;Ny;|Om^g9bqiR!N
z>C&azUgTPkBvrHvL^O{viYP;1d`RztMm~bic7*7B*BUfILfU*~d9cJJIxa)!pp4~`
z4Hr{{^tvT;^wXa;J%6?Mrz>UF>ystfZ1;{0+OXTrLt7Q7O*_`CS(6KuNC)ujUVpMD
z6ciM6hwc2>L-|W=Z0x6yTH(z>5(CeiIkUH4zkX{54jedh(4awY@7%fbaB*?5I59z+
z4WXf-bneS*K-VExWhxkf)0Gou*S
zHHKZLb2z6T3u(z-4IRW@3K_t9g@4BU6XPGCpE5MWd|Lfy6a62|LJg_>nQgv#Cn@Bo
z(ODslg0r%0}uK(kklQ%zP<&BC7sSt
zRR?S+C0WRByDN_@TC}JXPS_Jr?Lw81WFl4_3D0*B5Z;LGOfa<+8h>L1Vq3AW
zelK{rG`LWU4+J!1vm-{Z`H_RgphZU6sJkh`z9Q5(9~~VXhilIQ^G<@v
zWptVXUbqR1=py=(pn@ORv15nZ(-R>fAv+Q8CR4%U6UiMXSRx}M4>xPp>?n$>aXMjn
zhQ^yTX+po>Wn$SYe_TE^BNAROIVPksDWo7yh@7kn%I^+C_gkQ2L4U7dI^!~Ct)K&N
zv(QJ*(f^?abL9m3!fi_#yIh`E8spbsSD?-Zjt4)5vFFBSrxu%SrWeX>d7**&u;fpk
zI$^ibDvuAs4Pk&8#9cW1hr)jt>
z{(*|(9Qtp%$EaTgWq*^%4z&|40lox`B2U=Uy{a&mK3{;SRjE(wg{%5}0ra1?rb0&UFNx?ssG=LHr}M6H_@IK2x$Bn1FWWNeO{*
zTROFy|IM>5PiCCUIh6=|8)Vcqyi~_j_qa#*i&QS3sWR#v)PJ-^mMwtWZz>bj{o7OM3T%S)gR*Kl7
ztAlHJt%_@coIVZAkSWhhDMNU_d>p)=D7d$i(XR!)ipMW>>oLy!I#Hi-`(#>)B{N>j
z>)CvD!7D?JO@H_2o3g`9wvv}kwwp~g+*fKA82|A5iQhPH(APo5eP`_bz>M94L(knl
zwyn&1#l=w*4GZyUGjq)|rz!PV2RFF)NcdO4yxw2lZW9{UtG=PlB7-K>{;!dGO>lXz
zPwUs(g+EZo)Ee+#DY1^2vv;^LtMFX&5JQU~Un4*FRv)j;)iO@+dV
zGVGQ}@z;iA_RJFH1SP7<(Y9B2JXow;8QW+^V=&aBn_`>$fmUfg{2SHVXL{+n3n+!v}
ze?x4uDezqd!Q2jZg0#vZ)FlwoDPsDLfI!iNF3Q;e4L$;wPIu1%9JLYut`S29;am%S
zK9Gp>C$xR3k2e*~f^9MyH^sh^kVMm4i)ly2$aq{V^MB&l5kQqfxa-7Jr;3;qY?UZ`
zIu4uw?L6DF9lGBt{2Zfl{81|bI4gU^X
zrDCR?0yF$91bd=;5HrtFPr+p8NysXfZIu*Qz1hDJg1vNM^g?VR^46NN13VY>UOp9m
z13;X2ECp
zT?zAiuK3J_@V9@HcA@^DB(n>DMSqwkZ2>u;ZNa|azR(Y(P}zS2$Vl9qf=#6dTA2R>
z$AOt3kMS)%ZRU8=8vGTc@RP5zza%I~3iS`MZG!joMz;mX=eY%>CDE|@^yw4Z6v-K!
zc?PufA(&qZ4Ed&!hSTRtwCY-z;7_F7v?X8-fff%$cQ=5d5S4lzeb-{AHGj4Xq1g}O
zyq!AVb#Df37not@z{Y4W2m9YcxOZbLUd8d>Alg0|uLAQf-63e6vINf#6YISLxP6=a
zeO0sqJDf-~fgH#^;2U5nUqek{TGd_ex&7V-F9F+tyzmzw&F!WJ_)(1POAWdP_Px4
zdaXECF|_ztoKlQqpGp}1GhkeXTd?m|nC&bvtlAJenrAj
zZ{d|;32IG?Ml5(5IJ=yI)?|?W$Ayi!3g+AkUnrBNK;I|#QXdUYzTa+
zN|4uj4fIU-9Plq7?@v&G7l9K&4mQuDcJn#CH}imT($}H|V0^%d#tD}UPS(dkx&opA
zwiHqt@!bNUjfAER#aNz)BX2|7
z?m@saK}WM2*R7PoHAS-Vn}xD*?WZ8-YnaM7NX04ug>u(y5CAF~ms>
z1*^q~?h+?l0)JEcHqLt;ti&Vk!u5BG9k@b%O$OhMCfoBnRCiXu4iq%AG54b<6@#Q?aDZtlzXLgusKt7q
z4-h<;0U8ko`QFL+7W4wUEKmm`uEs{&oeGVd0G}5v#z;6i7@9r}*Fi94jTO`XC<3*sF^MqSjh%R+
z-Z0A}aIdM79vCO>TLnQOtr&q4a4G0L6$MM*mI%J27g(_$XE(LrKtav(z_pB@0e$4!FrV{`thUP&3`zK13iDpG>82U1`K%UrwImL^rxxP
z7-|+=nr5P@{!!ryR+$?hbD9npN+De_w#s2cpTdA6k25bupK`R{gurQ{R5(>2=Kle3
z<8DUCoMqUFqe^UpeusfqEtF9zm7ypIPnSg3*U;nQCX{UV#7G0&d3k1Pt_d(4NboHFyosG)@vr4U(*y00={O
zfb4;PqV_CIl8^pfh&>Opf@4uZ)s|u0$DWC5A}0_nKvSA
zN>zwv@OVU{Fm38{DGUDt!A=F{WtFzxoS(W@Y=*_(PJsxa4uVH!z6alZBO+_~aJ317
z6dBaFqnP%q2)3re^t;+wQ=3nk;eSL6
z;eo4O8DtSJQBg4wv43KHZFTtM$ObN9{E~Re3Gmb)DdNi0TErU0S
zRlNop^W>|g%l77Mct|cTnp$<|_BoF1*c$=mpy^nBFqwMdemyaX?h)mG5EG{ta@~=5
ztp4z^2tcgAiRtSjZPE=8o-JL5XMZlbJtu3C8lJVNFwlDo^IVo6354Og>O-6iGM6M+
z!=-g-2oz3Z^uRQSxhua2Neskj@>v-|&abtY_357!&*S=)Ur}8+O!!$-j5$RUuNz)8u@JusEEu+F;^4&N9?|EqoWhAE?0<*trzPaD
z43>+7T;0JB|1o|A!JadDNB-G48y_~V+58Njr4w90U&#mcscK(1Or^w
zsuSrgq|||lf#ZXIuFau_1Ao({mdKswbcFW&DZ>o8gAb$`u%jjdL2&q{X`G!?Il%5w
zIm0mJHt%>szd7i0JziS}GT8oo?l+UiV>lSlxHr}Rs=}GYOM;6kR_i6HqR1{;Shk9v
z+H94!K?Mql^F6H;Gd;rM0gDy90tc1>6U{Kw9PYE7W|;j_f##grM}I%s5V=mAydXjI
z&cZvZR$RJFoH#V^)LxbWSx-JxV7`7g$jVtF>(q!nnB!h7-v*QTAbj0q1TM=k6w@VC
zJVgTLDKL}6!pin)l+roSu2|ZK&7Ad9?x%oa&2gY@D2^jWbvbVSUMOM58vp`ceA
zrs-@f&EdI>(i@_8?Nnftd>6>E_$TOT2XO^R!5>N-33B2l(u*tVzzqtj?L8P^1{a->
zVq7TIZEirQfxt=0mPqYjW||PaL;kF51tCb&=E3yKa)|$m3EO*$qPHVyp|giO)e#WB8Jnfu5$&
zDlnh?Awgj-0$IPF1bRUl#}@HI+}9rpFs5LNm&k2kJ-C7mnghkOE`eF@01e^b+$E;+
zL&(#2L^HTIIsfn6owyF$`^ArOYhC%H!~iXSKDmk;66B43t%lAsx6
zL7eZ!0cV(AO!>XGD_Er%`O$0<
ztPE{|y<8hl_W}6Yz&quu7=^k}^1%G;o9Dqd#u{posIAJ7=icgaGxFBD{VMEgFCekS
zbe4S=+2a+v<%A$yhr5!qR{RhUy*!8(_iGLhv43`e0aUVPdY`Hs3Q(}uf{b=a`cztn
zRG@jRaW^&MG0Kk#SFq9QrD8kxiLG9QRJd9I8vX9vI`>|E9N1;+tVg50)#}SPJKg%Q
z_=-bdtknhNaV(~?HoFi+QU1|m#xGdB*??*9mSwf@a!%P}BWQEfN4V!K%$lcthUG0!
zVShdu-{WLxxHA*St3U)|lOMx%6E$`T+cn)unY`MUnef*tpYQ#tOXiaBCNX|GFRV+V+`9`BQO^#Aa9A`q>r+uG%>5zBr^
zqOB)LS&QQ^w6*JtiGh`pX*e!Jh6OFyfq&6Q_*$`eu2C4?Wg{vcE8(ge;cHJi+~3Np
z6iHEd*CMIedz(~OZpbZqq}%XKkG$ngmO7}0#RCg2aJ=YOOF8z-{e4BW`-8-^ir@!+
z^~MHZO2U;LnqY!~4bA0`4p(D67)EcTI43|j0eX-$D_Aed9@?_^#_pkCoQ-~eM1P)p
zn}q!L1`S_5%|P2H`JHYqlQjQ*Qq^WOZq+|z)}~wV-B}W;+=`9?G0kfb5ywqdsZ-T`
ze90@v4BtBKc4f=QaZQE4*1rHoc!jipVt91@sps38lI9S&wD3<+D5Qos03;TGUi3{T
z^=FW|Di`?~ckpY5`$2vs!s`-T1b_b-2sVm=F;s1v(kW0JJ~5Y#X*+l|9vl7>&u-Fc
z8iNL;9a|^zGnG+(eb&&O;xq4s&~8S={Qx4L&IrKbYnrQTHn$wJ<3&WU5Ui+hrmuEA
zx}fr#KI^J?eu3cZ0ry^7kW=Zebq4@0yBzKVrZ~pB6(%l7r&p&>FC
zr9Y*{J_CAVLhHj?GQVnIp@5&)(5iTm30(mruF#Wk*PBtT1qOH|Z#28531pj#7?_UTQ*i;@TMTcEiRD6Go936Fds0(bj^(>D
zkK{2NBPA%F1M67P{1MJIyKO3Smaesn+HaegkOM?K|V0uXr@_aF_%p#x4#ohl}pe+4H`LGPZR!Kj&0un^UE(J7#L+>e&3t7IdiD{9K1QB_~4SXEY5V@fjF7H#89&>qmG?9UVMEqSn74AooKt1pzAOa|o~vwmU#em%}yE$9#mg9-@5XFydSSdpqbCaU2Wh{K_vShHsk0bjM4hp2^=k
zxqb_CgK>>&RlX^~5h6q%%iK%70jA<*cuV+_LH27#-tW9Z1pV
z&M!Qj<-}$*07JdbZ>aZyOtY<22mRtV+ll3y0pZmCNrmGelsC%J#)WM_6{0QAT_l&m
zZWBzCa<-uDmvO-=XP4OFOEDRWW|u9^o>lzOY_xxAm~!R(>p1xcco=|e%KdIi+;^gHDN`D_>c#Ur-k>!yr)bLkI4558&;eD+ulctz
z&DaMFwRk`NR|Tdz3jXpU_{VIq)e4Aloml2S5PvkepMEN}8&Z1{9fx89xOHV+^L20&
z8_}JQe;HSd^WKnvpDBS3GKQ~zfQ#|<)@_r4E3L|}$gLMNHKRTZ^^)*eQOh7sP`KAe^4}rpdFAZCriwLUz|#&1r=h3g5tA|
zLZaY}W$_^yxmzbONV*)tWtq=iba&130_8~FYsEv}({0UY1S0\n' +
+    '          \n' +
+    '            myVesta\n' +
+    '            website\n' +
+    '          \n' +
+    '          \n' +
+    '            Forum\n' +
+    '            Ask the questions on our forum\n' +
+    '          \n' +
+    '          \n' +
+    '            Git\n' +
+    '            Become our code contributor\n' +
+    '          \n' +
+    '          \n' +
+    '            Donate\n' +
+    '            Buy us a coffe\n' +
+    '          \n' +
+    '          \n' +
+    '            Wiki\n' +
+    '            Find solution in our documentation\n' +
+    '          \n' +
+    '        
\n' +
+    '        \n' +
+    '          \n' +
+    '        \n' +
+    '      
';
+
+$(document).ready(function(){
+    var sys_height=$(".io-log").height();
+    $(".io-log2").css("top", sys_height+50);
+    setTimeout(function() {
+        iolog = getCookie("iolog");
+        //console.log('cookie: "'+iolog+'"');
+        if (iolog === '1') {
+            showIoLog(0);
+            return 1;
+        }
+        if (iolog === '0') {
+            //setCookie("iolog", 0, 365);
+            hideIoLog(0);
+            return 0;
+        }
+        if (iolog == '') {
+            //console.log('cookie is empty');
+            //setCookie("iolog", 1, 365);
+            showIoLog(0);
+            return '';
+        }
+    }, 1);
+
+    if (GLOBAL.CURRENT_USER_FINAL == 'admin') $(".body-user .l-content > .l-center.units").first().prepend( iohtml );
+
+    $(".io-log").on("click", function() {
+        var showlog=checkCookie();
+        //console.log('cookie = "'+iolog+'"');
+        if (showlog===1 || showlog=='') {
+            //console.log('cookie is active or empty, calling hidelog()');
+            setCookie("iolog", 0, 365);
+            hideIoLog(1);
+        }
+        if (showlog===0) {
+            //console.log('cookie is inactive, calling showlog()');
+            setCookie("iolog", 1, 365);
+            showIoLog(1);
+        }
+
+    });
+});
+
diff --git a/web/js/init.js b/web/js/init.js
index 6c60ff85..4da9422f 100644
--- a/web/js/init.js
+++ b/web/js/init.js
@@ -32,15 +32,17 @@ $(document).ready(function(){
 
 
             // CREATE BUTTON
-              
-            $('.l-sort__create-btn').hover(function(){
-              $(".l-sort__create-btn").append("");
-              $(".l-sort__create-btn").append(""+$('.l-sort__create-btn').attr('title').replace(' ',' ')+"");
-            }, function(){
-              $("#add-icon").remove();
-              $("#tooltip").remove();
-            });
-            
+            if ($(".l-sort__create-btn").length>0) {
+                $(".l-sort__create-btn").append("");
+                $(".l-sort__create-btn").append(""+$('.l-sort__create-btn').attr('title').replace(' ',' ')+"");
+                $('.l-sort__create-btn').hover(function(){
+                    $("#tooltip").css('background-color', '#1ca2cc');
+                }, function() {
+                    $("#tooltip").css('background-color', '#34b5dd');
+                      //$("#add-icon").remove();
+                      //$("#tooltip").remove();
+                });
+            }
               
             // SEARCH BOX
                 
diff --git a/web/templates/admin/list_dns_rec.html b/web/templates/admin/list_dns_rec.html
index 24f28103..f84b504f 100644
--- a/web/templates/admin/list_dns_rec.html
+++ b/web/templates/admin/list_dns_rec.html
@@ -105,7 +105,7 @@ v_unit_id="" v_section="dns_rec">
              12 ) echo '...'; ?>
             
              
-            
+            
           

           
         

diff --git a/web/templates/admin/list_server_info.html b/web/templates/admin/list_server_info.html
index 7a131572..7ff5feec 100644
--- a/web/templates/admin/list_server_info.html
+++ b/web/templates/admin/list_server_info.html
@@ -5,6 +5,10 @@
   
   Vesta - <?=__($TAB)?>
   
+  
+  
+  
+  
 
   
   
@@ -12,7 +16,7 @@
   
   
 
-
+
   
     
   
diff --git a/web/templates/admin/list_user.html b/web/templates/admin/list_user.html
index 4ad3daec..1e5a67cc 100644
--- a/web/templates/admin/list_user.html
+++ b/web/templates/admin/list_user.html
@@ -1,9 +1,9 @@
     
       
         ';
-          } else {
+          if ($user != 'admin') {
+            //echo '';
+          //} else {
             echo '';
           }
         ?>
@@ -61,12 +61,15 @@
     
     
 
-
     
       
".__("What's new:")."

".$changelog."
".__("This only admin see after myVesta upgrade, and will dissapear on next refresh.")." ".__("If you missed an update, see our previous")." ".__("change logs").".
".__("Check out our")." ".__("new site, forum and knowledge base").".

";
-        
+        if ($user == 'admin') {
+            echo '';
+        }
+        if (isset($changelog)) {
+          echo "

".__("What's new:")."

".$changelog."
".__("This only admin see after myVesta upgrade, and will dissapear on next refresh.")." ".__("If you missed an update, see our previous")." ".__("change logs").".
".__("Check out our")." ".__("new site, forum and knowledge base").".

";
+        }
+
         foreach ($data as $key => $value) {
           ++$i;
           if ($data[$key]['SUSPENDED'] == 'yes') {
@@ -176,7 +179,7 @@ sort-bandwidth="" sort-disk="
                 
                   
-                    :
+                    :
                     
                       
                     
diff --git a/web/templates/admin/list_weblog.html b/web/templates/admin/list_weblog.html
index b46e7979..08fea512 100644
--- a/web/templates/admin/list_weblog.html
+++ b/web/templates/admin/list_weblog.html
@@ -5,6 +5,10 @@
   
   Vesta - <?=__('Web Log Manager')?> 
   
+  
+  
+  
+  
 
   
   
@@ -12,7 +16,7 @@
   
   
 
-
+
   
     
   
diff --git a/web/templates/admin/panel.html b/web/templates/admin/panel.html
index b4534ccd..4c1fdaf7 100644
--- a/web/templates/admin/panel.html
+++ b/web/templates/admin/panel.html
@@ -40,9 +40,10 @@
   
     
       
+        
         
           
-            
+            
             
               : 
               : 
@@ -52,7 +53,7 @@
 		
 	        
 	          
-	            
+	            
 	            
 	              : 
 	              : 
@@ -64,7 +65,7 @@
 		
 	        
 	          
-	            
+	            
 	            
 	              : 
 	              : 
@@ -76,7 +77,7 @@
 		
 	        
 	          
-	            
+	            
 	            
 	              : 
 	              : 
@@ -88,7 +89,7 @@
 		
 	        
 	          
-	            
+	            
 	            
 	              : 
 	              : 
@@ -99,7 +100,7 @@
 		
 	        
 	          
-	            
+	            
 	            
 	              : 
 	              : 
@@ -110,13 +111,23 @@
 		
 	        
 	          
-	            
+	            
 	            
 	              : 
 	            
 	          
 	        
 		
+
+        
+            myVesta 

+            Build date: 

+            Debian  

+        
       
       
     
diff --git a/web/templates/footer.html b/web/templates/footer.html
index 9aab9af7..a4930810 100644
--- a/web/templates/footer.html
+++ b/web/templates/footer.html
@@ -1,8 +1,5 @@
   
 
-  
-  myVesta 
Build date: 
-  
 
   
     
diff --git a/web/templates/header.html b/web/templates/header.html
index f0529c3a..a4bd95cc 100644
--- a/web/templates/header.html
+++ b/web/templates/header.html
@@ -4,16 +4,27 @@
   
   
   myVesta - <?=__($TAB)?>
-  
-  
+  
+  
+  
+  
+  
+  
   
 
diff --git a/web/templates/login.html b/web/templates/login.html
index 1fd923fb..d9685864 100644
--- a/web/templates/login.html
+++ b/web/templates/login.html
@@ -4,7 +4,7 @@
                     
                         
-                                
                             
+                                
                                     
                                 
                                 
diff --git a/web/templates/reset_1.html b/web/templates/reset_1.html
index 87c9235a..ad14d07d 100644
--- a/web/templates/reset_1.html
+++ b/web/templates/reset_1.html
@@ -4,10 +4,10 @@
                     
                         
-                                
-                                
                             
-                                    
+                                
+                                    
                                 
+                                
                                     
                                         
diff --git a/web/templates/reset_2.html b/web/templates/reset_2.html
index 94fd9fea..5fe8bf40 100644
--- a/web/templates/reset_2.html
+++ b/web/templates/reset_2.html
@@ -4,10 +4,10 @@
                     
                                             
                         
-                                
-                                
                             
-                                    
+                                
+                                    
                                 
+                                
                                     
                                         
diff --git a/web/templates/reset_3.html b/web/templates/reset_3.html
index 3d5ebb9d..d4b65ea6 100644
--- a/web/templates/reset_3.html
+++ b/web/templates/reset_3.html
@@ -4,10 +4,10 @@
                     
                                             
                         
-                                
-                                
                             
-                                    
+                                
+                                    
                                 
+                                
                                     
                                         
diff --git a/web/templates/scripts.html b/web/templates/scripts.html
index 7c1e551e..46ab09d4 100644
--- a/web/templates/scripts.html
+++ b/web/templates/scripts.html
@@ -1,3 +1,160 @@
+
+  
+    
+  
+    
+
+
+      
+        
+          
+          
+          
+            
+            
+          
+        
+        
+          
+            
+          
+          
+            
+          
+        
+        
+          
+                    
+          
+        
+      
+
+      
+        
+          
+          
+          
+            
+            
+          
+        
+        
+          
+            
+          
+          
+            
+          
+        
+        
+          
+            
+          
+        
+      
+
+      
+        
+          
+          
+          
+            
+            
+          
+        
+        
+          
+            
+          
+          
+
+          
+        
+        
+          
+            
+          
+        
+      
+
+
+
+
+
+
+  
+    Log System
+  
+    
+ $value) {
+    ++$i;
+?>
+
+      
+        
+          
+          
+          
+            
+            
+          
+        
+        
+          
+            
+          
+          
+            
+          
+        
+        
+          
+            
+          
+        
+      
+
+
+
   
   
   
@@ -8,10 +165,14 @@
   
   
   
+  
 
   
 
diff --git a/web/templates/user/list_dns_rec.html b/web/templates/user/list_dns_rec.html
index d3749234..0b62187f 100644
--- a/web/templates/user/list_dns_rec.html
+++ b/web/templates/user/list_dns_rec.html
@@ -103,7 +103,7 @@
              14 ) echo '..'; ?>
             
              
-            
+            
           
diff --git a/web/templates/user/list_user.html b/web/templates/user/list_user.html
index e6645900..5fbd287d 100644
--- a/web/templates/user/list_user.html
+++ b/web/templates/user/list_user.html
@@ -161,7 +161,7 @@ sort-disk="" sort-star="
                                             
           
         
                 
                   
-                    :
+                    :
                     
                       
                     
diff --git a/web/templates/user/panel.html b/web/templates/user/panel.html
index 81cd8358..3f55f306 100644
--- a/web/templates/user/panel.html
+++ b/web/templates/user/panel.html
@@ -33,6 +33,7 @@
   
     
       
+        
         
           
             
@@ -45,7 +46,7 @@
 		
 	        
 	          
-	            
+	            
 	            
 	              : 
 	              : 
@@ -57,7 +58,7 @@
 		
 	        
 	          
-	            
+	            
 	            
 	              : 
 	              : 
@@ -69,7 +70,7 @@
 		
 	        
 	          
-	            
+	            
 	            
 	              : 
 	              : 
@@ -81,7 +82,7 @@
 		
 	        
 	          
-	            
+	            
 	            
 	              : 
 	              : 
@@ -92,7 +93,7 @@
 		
 	        
 	          
-	            
+	            
 	            
 	              : 
 	              : 
@@ -103,13 +104,23 @@
 		
 	        
 	          
-	            
+	            
 	            
 	              : 
 	            
 	          
 	        
 		
+
+        
+            myVesta 

+            Build date: 

+            Debian  

+        
       
       
     

From 8bead4afaadf79e95249f3ba9dbfabf5639075b4 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 4 Jun 2023 19:50:39 +0200
Subject: [PATCH 1921/2300] Update styles.fix.css

---
 web/css/styles.fix.css | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/css/styles.fix.css b/web/css/styles.fix.css
index 5fbdb6ec..f5f11a38 100644
--- a/web/css/styles.fix.css
+++ b/web/css/styles.fix.css
@@ -497,7 +497,7 @@ b, strong {
 .l-content .l-center .io-box .io-box-left {
   float: left;
   width: calc(100% - 800px);
-  min-width: 410px;
+  min-width: 283px;
   text-align: center;
 }
 .l-content .l-center .io-box .io-box-left .io-box-left-items {

From 2a3de783ae658be84bfadb225c357e23132c9587 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 4 Jun 2023 19:57:07 +0200
Subject: [PATCH 1922/2300] Update scripts.html, correcting 'Log' label

---
 web/templates/scripts.html | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/web/templates/scripts.html b/web/templates/scripts.html
index 46ab09d4..7cf6223a 100644
--- a/web/templates/scripts.html
+++ b/web/templates/scripts.html
@@ -117,7 +117,7 @@
 
 
   
-    Log System
+    
   
     
 
\ No newline at end of file
+?>

From ff61a26f69c90caa9dd06cadeebd48cd7d44a05c Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 4 Jun 2023 20:25:37 +0200
Subject: [PATCH 1923/2300] Update styles.fix.css

---
 web/css/styles.fix.css | 19 ++++++++++++++++++-
 1 file changed, 18 insertions(+), 1 deletion(-)

diff --git a/web/css/styles.fix.css b/web/css/styles.fix.css
index f5f11a38..35b498da 100644
--- a/web/css/styles.fix.css
+++ b/web/css/styles.fix.css
@@ -497,7 +497,7 @@ b, strong {
 .l-content .l-center .io-box .io-box-left {
   float: left;
   width: calc(100% - 800px);
-  min-width: 283px;
+  /*min-width: 283px;*/
   text-align: center;
 }
 .l-content .l-center .io-box .io-box-left .io-box-left-items {
@@ -508,6 +508,7 @@ b, strong {
   margin-bottom: 20px;
   background: #fff;
   border-radius: 3px;
+  min-width: 125px;
 }
 .l-content .l-center .io-box .io-box-left .io-box-left-items a {
   display: block;
@@ -541,6 +542,22 @@ b, strong {
 .l-content .l-center .io-box .io-box-left .io-4-homepage-block a {
   color: #58666f;
 }
+.l-content .l-center .io-box .io-box-left .io-1-homepage-block span {
+  padding: 5px;
+}
+.l-content .l-center .io-box .io-box-left .io-2-homepage-block span {
+  padding: 5px;
+}
+.l-content .l-center .io-box .io-box-left .io-3-homepage-block span {
+  padding: 5px;
+}
+.l-content .l-center .io-box .io-box-left .io-4-homepage-block span {
+  padding: 5px;
+}
+.l-content .l-center .io-box .io-box-left .io-5-homepage-block span {
+  padding: 5px;
+}
+
 .l-content .l-center .io-box .io-box-left .io-5-homepage-block {
   width: calc(100% - 20px);
   color: #98a6ac;

From 524a3a592bc2f7a5e05da6234831a4a1490543f4 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 4 Jun 2023 20:36:32 +0200
Subject: [PATCH 1924/2300] Update styles.fix.css

---
 web/css/styles.fix.css | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/css/styles.fix.css b/web/css/styles.fix.css
index 35b498da..c5723b15 100644
--- a/web/css/styles.fix.css
+++ b/web/css/styles.fix.css
@@ -279,7 +279,7 @@ b, strong {
   white-space: nowrap;
   vertical-align: baseline;
   border-radius: 0.25em;
-  left: 140px;
+  left: 130px;
 }
 .l-content .l-center .l-stat .l-stat__col a ul li:first-child span {
   float: right;

From cd6c58564148d717e53e7c7d57a730cf2d0f4039 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 4 Jun 2023 20:45:13 +0200
Subject: [PATCH 1925/2300] Update styles.fix.css

---
 web/css/styles.fix.css | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/css/styles.fix.css b/web/css/styles.fix.css
index c5723b15..6c7a54c4 100644
--- a/web/css/styles.fix.css
+++ b/web/css/styles.fix.css
@@ -279,7 +279,7 @@ b, strong {
   white-space: nowrap;
   vertical-align: baseline;
   border-radius: 0.25em;
-  left: 130px;
+  left: 133px;
 }
 .l-content .l-center .l-stat .l-stat__col a ul li:first-child span {
   float: right;

From ecb988d2ebf0b0ae3bfaba2fdb4a44fdcbabb483 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 4 Jun 2023 21:10:05 +0200
Subject: [PATCH 1926/2300] sprite.png fix

---
 web/images/sprite.png | Bin 35005 -> 47705 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)

diff --git a/web/images/sprite.png b/web/images/sprite.png
index 061392c3677cc4e7d9659d877a407891e538dde4..c0ac73f38c2abcc11a9a2da69fba71024159a89a 100644
GIT binary patch
literal 47705
zcmY&$z%Mq{8MEML2Q6%nTw
z?izBENY#HRcM%m7YYAluB&50o><2ScL><#bUe6r~37hcW=LJ$$4k;2++mV8_1kl^~
zFc-4`=y5qPmfKR>i!6a6Ee@nL6o2g%JWarc+Cr>3{$><#o^Md9TdJL9W2aYYYRkq9
zCMzLM6pASb5&wD+6LRvGrc=QEdHcTO`qkTWtEFrqcWa;H05Olw{e@dz=dHkF!Jcy=
zF**>wq`ZsnQ8MC0j^pc*d04$g=yw&lMCT>)`^2k-sF+hz)yAZfGd#>wVvgYvvT?|U
zF9Rc$#GorKlrm#Nbbkqge!`#wphMchjvj4JzA`C&-tsGCtMDm6R?{`bv@)5H$4S1Qc0_ji#1q}{n_&S
z5HMaK(YxTGffpEfK69~)4}i%LJEuhrvyb|sSsKxAQEeV4%8?;|lWtaMy701o|#rkd<3X)x^UD!H(2P|P!&
zkolOVGd#R6)NW186s&`FKb8NqQO)l_3mKqvkL}n@5Om*)#Nw!|Es4rs7M2FA?Ine^
zT5&?~wIVC!h}Xy?YbAkn)zo^C930$9P*=}%WjEWgOE=FM<;i+Rb7>D)wUw1%t$D|6
z(A`t^=C8-*_8MA{C9*V;`QGdOpIa1>tiPri;Gvu-`0A16auD?S@xt2ouUE2#f!9*Ht31AABZ>57#|4WJ&Xis{b;n|&egwD$g|l$_m_;ui?+8TuWaQb
zI!Hhx!|HAv@Lf-$U+C~g@0_CA`hfDq=`%&cQ{NIFA)1pqL0YK(K@!cS9+R`P9gAw!
zfqA@NqtmixpzpKl#v=VPRoj1T{r%0Q-?C{%V}~n{*)0f@pMF?
zYA&HzsMoj0Gl_D(UmKXTVpJdR(Y!>QE$_0&_}=7ruzpB;(+dqISw+-FMB%;#wN`SR
zW{WkQbD*yVY2k6TN3YTcd*vQgTNv0Ys+37d3r#TWy#T;Sjw_QXzp6Gg<4_Cgw5I%r
zoob2_*b%PVb{AfD0E@p5$p3kbd-$zt4;P8i8NlZf<~0&nYklpj*RHYwr>IVBG4YcT
z)idGT_IC#z=wFumH@ZX#mMI=TO?JVkGjAs}8jRX(WBdayyetF1?ycQ42CB|xV7YN+cfWXJV!f9x6;uhI0@lx8olS*x6}^m3_%W8k
zGsB(2jIq(@XZUBn=XKOAZ&sq@m_V1N1=j(pe%YY&{WG}1@nGp5-0g65X1GNzKubUK
zE#|3meTHp6vJ|#N+9M=5`Lme)iskH>K2S}Ug7>_+nRkhe;M+j0in6l$87sa*=OQIE2<{YACz(KQJ;Z(`
zkT%Ya=G5V+ZLXwxVzb$reXiZV0TCCXcW-Yeqf|mRCtsP(7E8u5mc|)Xd|r%hwi0tg
z`Td(-qf6k;xmXr=?yG}0CK@#!i)Hqfy;|dncyZhAfm`YIY;)|_VP|=O
z984nE^t<=!s6=qt5h0Vtw~wX9`Flb_`q_`@2Q8X1t`VK5)9E9gKIe9V=7Z!u*SAZP
zuAkfFJ8E~`MOG8z2y6jK9yA}8@1h@br6WXyhCiPcmDG1Q1PQjQa_jLt6Q(Wz8`FAU
z2`N=&EBN0HYxbn*JfBy8*_~Csvfsw^bcC+Pot=yYT7f)%R(Kp4OOjLnyCGS1R6Xo{
zC@RhHbh^pA@JsXW1}(^+e|-HOXV&%iLzf~)+u=!ke=YSpQag8#V}7fEfa2*lc+~Y0
zTMv~H4$BJ~P=5M=cmwV<_VuuiN=xg{?z39dyz6>m&bA7z?2N-YTJrl>9h)HaKPMSf
zshjn-huig^6-%Nwt!^!!Bpbv8H_tAejp)U0j!4UE$6F|p#zgOxOsr$5JSE4=|F+tG
zhv?RgF47mTN~kL!H${553P(QyLKwfF`=T|VkwP}Ex
zTLYEGq%i$Jf+0J}g0LLD+4g>YLw%++eYWMq15>^Gyr*6ZyC}KWO%%(p;C7D1!AK1?
z{kfPS?Y)PfG}q0Q58qAk+s)Vpm6R$9f#LYv^0P=xTgpbZMXwmnVsHqY*O9Fe9P&4*
zHckO3p$)w|%AP7I3P5kOJ5cVgjSuL97Dikp<@%ln9ySG$_kO$rV5d_W(%E}y4G->C
z#+p&xhoG#QUepx*o~-VQA85CS2bR7htOwy4OdEdu>!)R{Sg
zvR+11e^Nc|&z@xkU+3ANdcChY`fO7du);Gfd*A=Vv6Nn$WvWAkXL#S&&4%uMEhXQZw4N@e-)dyu>bgmiqY#Q!eRG5*g~YIDG**A|
zoc=3ASFu8pEz=C5$Onf&*tvfSIo6o_iqAM%QLL_P4yXOr5?HWoeoH(4Tk%ANt~52(
zVB|gYXYNOjv>B6pyZ_%Xb5xNOW{}G*2>lr<)U1|duT^m+Hw`|C`TFd0D>_)Bf>GyRy^7S$k$IJ&N0*?f&$_{cS
zNR2C8-&0uaWBTDYkNp<;g)w~-Ac1?HS8i>`_g{w75OiZI8z`t>b8_5h6yuLmifCZa
zdB)DdeVnxfZE8Bt#O-A61dVk7~=V2BYOw8a6
zStk31S8Yt2bIzVyC?IC@7`EVbQx68egnZBAxijyXeRS7+!VkMe5A>^RJX&FV(^L&k
z4n=oJZc@CuBni6?q-Llk+Z&tv{O$`8qjb1+|YTm@K&SA&qVNzn%1TR1Ec?u02iNPKFV5MvmNaBMOj*^
zAe~}@Tg&9D&cAvMOK<f#G$^#T0NNZ
zO)n?G@q~daby}tM(>{bmdw5sKYwx))Sl3&rhc((5Ia2o;`*;`lCtG6x6rLx
z=4raN3Iv)zc?4Kda0xA&NIpkii*1dpSG%u+GfdOb%C|1e9?HAMqT@0h3#+AHz{
zrxImaYWuM~^z0{K!tPY=?r8X{MS+spP9K`VXh43ufh}R=z{kCU=70T@TXHik^F(b;
zbRY9>vn|iqm!*`~^6bWfYP<=CqEkuYoz?gk6kdxbq*B`lpwL5l|ByPRO_?W$L@Vf$
zv`T%wyB34Kk>JJT;6sx*@D{+b4=kun4v)pMUkv@}E=>j1PrQ2f$xLMR8=ckdQTE#r
z0-}^!F1`A{Z!99_5Jg|x8&ahs3A0f=1U8W$M=3hP-VSnr=8>1
zl6v_XPN`8-t8%xFE5*o|YHq;LmsV%4XL0#?{i50Pmx0{AEPj5jg@c
zN#)2V_Ky~eEsRS+#=k`APQ}&gYllVelcuKUna}UF&z_ICzAl@}!IzA5-l;=i5no8Z
zBEUWxtNf@I9So*7z)GdAPFIr-(`KjSeqWqd84JuV3NfG~`007nHM1P_H7h#9lVOTa
z&zrM)_5Ly~(=`HLG9(nbmw?6&5isUXi`A*iDUK^CJj{g_P?vA?2TPt1l6EPb>?#81MQLty~tYXO2DouC
znWCBal4saqO}xl-GJ^t?>aIZAtmaddi1P97;?nzR$->mTd@_Rify&kjHYPafjD0Rk
z^O00Zz3x0q&WW1HN*6RHEd8F&bNXk}(b=)xlEW(unw}~&Jb>9+`%XppwV$f;yz@QnB`TbDMe1i_M)-D(g;X!O<42>%9N^I811(m11egkz1*~&e34YWy|y)e3=#u*Ck@{BGj%QGs<4J*
zn)A%=VIez=^{YMu_Pjx6LhTVAeEU2e6UdcN(~aPhdJiw2DEI%_n1EH$Aedv$!KA|G1bZuAZ>PV<=QT<5oc6B6L
zGd9BS+{Qgte)4O+xe6HkqPG}CWfP&@5T(#@)J7Q0W6HG06d&~-ML
z)9=4-6LikoFMvl-91}fw%{%x!G;GJ3b$teh8T$MXI6G>S99hi`X%iAlA`$4Z!r32{
z8r@iUWn%j-j{^iyjp{QWiX=*6vbU%|$ND^RC6kiw!hoBt#&f64@hcujeTtA$=)SB$
zXy0c${8P#NiIDYkZ?om^bCv{NvyF4-+|!>I==bU&#z9H(2^6=IF0r
zb)4ahv;Pe7pNixFy~#&(IX=kXcn0UtVS91E4Zrki8RK8u!*rG^`zgkhJpFfB%&O5h
zZHK|*6Im7t^ZG}&aPEpx1=vWzec%-a=h#*&@id37}>*c5)56Bu~`-F`38b&E=(6x=}
zQBg00UC(7$b!4!}x|vtQBFY9Cyjet{xh^!tv9FI-0JrYwAkA;G_
z38?F6Afl798k1d5R&(c+uPJsv+Y-2V%i&%+_*dsB&+QuZTB~#F`J(Vq=g;Gcj%uLu
zJo5J=hv)vUHC_-~uE*i4K|%!i=BOwNl*2PNpOG*B@@UPHS+Tz(@R&D80~6jm(+w&@
z!?Vqrb7|_bizugqL>1jdRB&n{U+7vyVm@z$D8k%5?B!D|8P9cJZv{w+XuKJ_--)O<
zMeokK7hju9c?`0;T1Wf^n|1Ufe$ELLBWFkaJ*laF7i}NVE2_UW-(&F{sObaYE?-S2vhUI9<)#j3z=l1QZ$+`k`xJdLS5ub}tI%2FB@qT6uQGQe
zeF;vFege9zOQio|Vl#WJUK$*l;%@U(;R;Uw=r{1PA@4&c+CGVwn`~3z7{AF6MVTOW
zQaD$jH!ggv!lfe9cl+HJR)}(N?a)cCldz7^JJoax6wSUUk)u{7=j%3~NynbO)7xY}
z*mtU+ee9Obvvmc5gk|ReW=&f2J*v>B#{}2V_6iXZkA;GuowIL2OZ+=#BAz)|M?DM1
zzLqbg9FjoaFp?`yhU59C?_`28FTNMu1ak9RYKQ|@PkjTL>sCHS6?fF|1_z!QV$p!I
z=~i)CgEpn7B7DvJkluD~4RJqClfp#`MI=OKbSFjuLHBF?QxRClM7{Pah0xj~%)@m3
zt9Zgi!}EN{<4jSYcNwWMG9Dn@L)FIhjrJD`b|N_Q57cEpmrc~=0Mm@<0!{S4vC2)9
z+}fyKgCR44jD?BrBS^<^@8pcDQJ%HxS%&b0?8gZAK+z7|W|&{sLjA&Arw$JEoom$8
zzzas!RAycb){OG-wRz=VN6PD8vWtm9Qp%kEk3|DESQ44x+OYx
z*D%zz`a(b8WzA*1>QSU`3BE4r$(@nN#OP&)ws#d?brAbrs-$UGU8QkPB}@C#lOb}=
zWhS?A6v9*8`JiIvcrU8DrKb=osvY!h@K!g)Y|Dnf;V)<)Mr-XewuO@Ir|@O|d%V2@
z<7)Fx^{{IxZlP8>i$}Bg4($ib4
z&5?2+&+Ce60PFg6;A4l!aqn`~^6ThFqEB`%&s4Z`ugeB`vUvy1VuR&I
z0D=7JPLA4tTt2#zf8eG>tioI>K;0zZH<-9Q@TKqGV8BtvfKhgQ$`td4@a2M
z)$-$nV1HYGyhRm565BRmu0>9zj`+*zq`_}3QGa;<@Ox6)Q$;B$8Pmtb)Q?#K-xI4l
ze*IxFN*cL)!@X#p)>=M8SMejtEcu6cQY5;z%9oa$h#dcm7G`7_`fG+8s2`|VrpGED1o>2
zu&|G*;Jz4svSLQ(MuKc==eyk@3ZZCD$6v2>GI!U0K`$I}-(Drt!H+3`+Ag`v{2;$)
z&x;$IR+1qF41P(Q7kuht_ok5ill32cQpU=|O^%-|vpP3Ib6B`*9gFK3?pq12KnU
zAtLZFY|%8paE?!<-<2rv?ot&}eiZXV1n#u>>YGaLmB2oQKp>a>3^Nr;Dp#-{q|D2f
zDfHUCKV|g6yrr{_TE(J&dbdu+_bdW$FTb-4i=A0iE-BLWF8PIdA)h9Od#yP$WlMZ*
z9Q&sXkgzUwzGmsOV|DYQLz!xueX#ZiXZfZOm_?tiMH#gbmADe&z20-%DJNOSiKrI`
zrzp_uvz1Fy3VMRpw1x7$oMZxwj>9YrtP*%cX1fG^9bU26@p)Q+>$mK`orlQ1x&dl#
z7z}*OrJ=3O)nL_?9@mNhkN7Y@bk8(LmRc$C34Hr2QiFZh&HYk4*$7TT#@C
z{6YD$q>jDXI4P3i%e*39>{!q9W6t_T5358Zw5%?4sk`zDoqt3k)xk7RAO*Ld+%T33
zi=Acl;|DRVLQH=iL|6d@%$P^KoRN$t*A6>(Tqu`?xA@AYx9
zK#D$0sD#$?SD*-Fl%nWE7TAi6
zNGY7?XQ--v?Bhl^II#$ttg4P`+e1RfmTKCIk3>ah}Jsq*S*tvKUr
z%ibTG?|J1SGGPrG>FrMC;&TSD3kX>Gn@e$7-dkfCZ4nv3y4n!YrTHa!MF-D_%{tMj
zoGxj>0o8&-8EueT=NVg_6XEY}!$P!#Ca#a=J|WokdyLK~1%b}F3QBdBE9Ec0VB<^j
zF*2A{E!6AfJuEsGSJ<`eS_d5bH2Fv4u9E&?BdXGGN-mUAO*uQ`n;P@&C+q$9|Ne*f
za^h6n+)Zg$$gU?4tWvbkzUujbJH7Jwh^mzvv+EcWx}XtI9v*n0y294h}MLE{bcng0;(j@7pk&sk#9Va0ra9hw2{
zbfoMRl;AA9>Otxb2pR73!!~Si52&5-Oy~A1{A0kS;PXy!0zRQ
zO7BvuRys!49fKE((Z*-)SeoLkVs2!^@GR^mu`ur~i;T11&fzCB1%pC*MDE-y`hL$l
z_t-*o+pM;HEd+nYL)3nLx%)(y9EjDHUCiti#ae5vLP~NDF6zA-KJt7+N=RXEnmpGs
z?J^oOz4G&wx+00v_}^Ldmh95Gh=~6W
zni0Hr_LQ#9ziW`Nmt7FN&(S$1M@b;2TW2Fw>9_;)J_k0YN3;F%-j8%`81w%Zbp2j$
zkb8E`Rsz>;#&gVNW((bYdJXU6$>^z|Tiv0t8~OqIMp}XFTBY4f^E;b!``E6m+=s9b
znNcx!4buO5P|8e-+$jae3*%Mih(olm%MpxneEYD5A(ZO;m(O}|mmt<_yNFdf!k(sd
z;{1!~bNp;6E)!qBxkI0|#18kRyp9>+G*3S#v6G6N78d!JZGu`_hkV+QZ|Mw_hQhNy
zq8iz7$%ZjkBeB?`CBa}>2X8@!zGig~g+EWb2Y=YJ{tqSZsmXk-zh=1Eh
zK6+3!JlEPRs9O&YbG4WgpwYW4IP>L>wsQezXoDBan+*jf97CR5Fv3~Lk)-Bp4!vFi`+gSWQAO|0cPy{8D0XKcEuF^bznJMlBMQrN44G1PERjCHeFGSGR7m
zX+O9>8bB2Nb@OFPClTg%+FzuYVayq|Je}H#N5UTP@$+*gXR4l!9)V@o
zi5rEz&A=~%S*pzsPa_mT9QurLM
zBm6^>@&Re$Yb#V3kBb9H+TfJHQ5)PS7sk7P)%ub`-p@@z78-q8fpP8|erS1*h1y?9
zKeA8OoN~xP^j6@I&&+s?ClEl~!~Fw8JgP)M^=*8UhGbIRUX^x5Ry@Voko|SVcr;Z~
z2hGD{#`-J0hT4IwS6%M||E~Xi-J;U&s9H0Y-pGxqLvs+Qh*q9*&ki4J-w&eq~kRE6JthjmfwuZhQU-d@5OO>oiI52*?MV<)BGHA$Op>NKv;C0(?ji8
z$5=+3vn!Ym{f~?6pc4&b#{^^U^(!zwR1vpP#J8*H5Bkc%`zM?6hIysCb-Y}SFi+{O
zndIngRcd!AXsV`dEu+tw`*yZrrsnaqF9G;RWaB2OY&78WahzuVA^FpkV2}E07o@c9
zf_t7pRbKa1Gw1Di{YIs4YIV?@$-(0%r4OV5-+$~|1i%~)*9G|>@M$6P<{=sM^SF;8
zWfff|Xd0JwYiw27vjlB&hr~^-JyNCbE=098bb&~#J`(TTR%PN${3kiO_dF_*wi-oL
zDcxFXuE76_Ei~R*Czm70w29e-wzMBguvk9G&{!(5Qofgo9?QFYIIepZnhFxQ0jZX1
z9n`TcUr*IFru|hb?q>M`^G`+T%nMSc1-Re2(Iun@`
zB}g{gJU0oF638%-Lz3U_aOO6qS1YP_|QF>Kvhm-a6IXy1tg
zoey~DBKJ~E?rclfuzp7OUTO!lpcnZr1)A^{`AVfLz6H$aAG&sFEguGhuj~Q~8r9TA
ziazHn^)+exVWIw$q)iTZ^%SyHAXHiQ^>cIG^XpL+|Fl~2e!}XPgOY}i)6`>Z|Fmri
z`4=p8YUVPqeSj!B+%IJfGHcOMS#nrCL&OOW81`{j?mI93OF(g!xOwX|Hv9*zlxZ@`7VLmg4mZ*
z%x~$*gCA2tu|f-ci|+0wdIVnj4%EwS-i|#109qIa$d!3%s6uI3=X)NSF=2><1MPS2h$Ai+-U?>C3-xIdVFqdcQD8&63S8q9Xm0mmU6NcC)WlDg!^3W^lC5=wF0sP<*W=
z)=GVWczSITGJq&SF!ML!C<|@EFn}dbwMRHsr2@W&`Xwyy7jI=06pN2^=A%>?tWiz|
zrsGF20Aa@B7&JB9#{ptNVRAq-n+5zio|pDl
z_>x#5SQJOL2Dw$8nu?9UztI&U><%)pJW2JkT11DJglHI$*(nsY*T2MVi}Morh3W_V
z<9&@lN!bfhSadSKyuEg@iK4}y_c{#3zFglh!|oB&{U0ZCr$cgNymfS{TyUtT-qe3l
z1cbSp1a7_bExOmB};BZ#AVHQ!RmHtn?;%Xze7+L{M
zcQzG)LW~Y{SyFK}OU9kO0{)Jj_<+O}w7egfQw~`K^wa6|3%TT?k41bzHTL*Yf
zj}tfQ?h)oxuP^#!wDtCjHYVNeFRC-XiP_(R3`V@FQ9>I`&WEmj!c0er>77jjfb$|c
z6v^ToxQNt8-Rdfx)Hod7Vi+
zbz4THz!8ct9`KJs(a&^tK;xR@(I;)mv)Fx^HGzDN(^iRPe{!|ZwN)28|2;&XC^dDjmkl&I9&kXe;Om|fEk1LNwuce8_PY6;yf0%|3BpO}iS}f^)gDD5r%h=ooon#QqrR`Y
z0%vTMh_Kh%Hp%rh+OV^i#IQj0Fnb#a^AibGs4KX(>5lSZ5yYLoB54Rd{2%!P#ZnKr
zKYVWYdrLnny?tYDnYt+4YJtswAXO@@KQ`=I%X0%}LU59`%>s-_demG4dS^8sz_nTL
zD_e;@vbA)Tg|rMQMywU(HJOWxu*?QC{wad6n!J{Of7}qE)lpE2pn}i5p{uR^`jb#w
zJ67~B*&<4C*k=h9(VjcRT4zL3n>`wj_BGlr)TRM(xOc#`-TQI>`xB|KL|Ch&WdkF=
znGLKW^~=6z!Nq}3?Zt7BbWVo({kYV9hQ&X8yKLXR3$F*N98Z3drJB~R-kqXTQK}PZ
z_X-n)*BHH>y50*7!KhqYyioO$X{N(>Y~ZNx`_!0QJxCxKO{v%=ZMjiuMA_puY^B%Z
zRJE&9wQv^JdB25o9Xa^Is6(OWNiORN&ed)_(H*+nJ)`L7wNEL)#g?LWf?%SYK~18G
zBk$a|`~vTcQo=$`Enf@i`E)G^)i%6_-~H95N;23E+$vkXMDW$V+rqv2edne|l;7dT
zxchZW)09mLb~}W>?#lYcuPfGeD@Vij{IpIlU@BK#1RDP0jQ(*(xmR<*%!h@ye3zRf
z>(T%RwV%0HcR+WX$7+02g#5>KH2XUEV4-bl@zdz@Q_F{W%hFf`c$L-bsGLKXre>Mm
zZYJMP=jr$va$fc0(PDjwx7eZh<;gp)Hn)H;W*{k#)4djJdNaFCuG%R2Qr_w}sdv$F
z=lSx-J`V(3{ydc2cciU-Q>`9l#xJi?p=d~>*Qv+M#ZhsVUT0W%RoPo$2*Ob
z({^9@u6GkABR1+iR>^?d{3?~Qi5;J;ib)C7VBM)?6#Vb8G4U_rqW9W=dU_GFP*ik>
z?bXHV()-h+Sx=^E#nJO$NmHf?ENYNU?b{;`td7VcVUv!>t|#GbL{XjO!O4xmLnnUG
zySy0EY;jPYo}Tj8Gge-g_Y!m^Gvlde`Mt`fg9LCX8pOR%?D(v9r@y3@4>?&J*b8)@##&HrRx|29~{M(j8{IDsMuYKRO=U
zcUfLpemz#Jl{0!QBfF^bMY%&i;R}3C9v-Q!eKdS-Gh6?(QTT4?uav{S)dRf(CVjih
zem7=dN7Ebk8UNRVQ)zg6d+QwVr=IZ1t?--KWKy6S?>$lJieYv5C#gUX=8wvdTCSOW
z;T^0m#%dB&72(Ym#z#tXuXx`&&g?IgrzMb0Q4-I7hn-}uFU7K}1};%-ukmY+@Vivu
z{KyqyFca725r;b?W>7|~X~OT(A*o-s_!&H=gUUWWnGoI6a;5wy=k-GKs9($&Z{pE|
zMHPxhyZ24Z2bB?IS!SnQw&B?o`Ff%8*_D19f{|gUUDW^9Ze6NOmuJ`If|RG5SQV|L
zl>jswk(~PPa4r%@f~mbjgA)Dv#oRh8wXn74@iscXBnHb=RYxt(?1+UGNXlE>Yfu#$+5e`vW3(6(BwP^HUU&$qdA}33
z9$^H2FF%vykNldoJ-cUqfZVa+vNfPkf1+vj&?2tc{co)qNd@52T9FcXvr_(ZxR=i+
zR({t{+!XoRSPNk(Je0t&qqn(72}l^S)5S}ZxeC2A5yshoRu1r&wH+rB8!Je$cGi?(
zM%q^dPPfOyB&rbH9a#V8i=+x|p6ib~S15LA
zU9vPh`~2#sGnF79So#)tz=Mem;-{fix0#+MoU>lOl6fyper?QM$Uajr+FM+swcQ0L
zgcsq5TT1S~MEXN8r5H}Mah*QA&(9NM78tXi
zB%u2x(TAhJY0J{Mfsc_=Q_f+e%3DU(ZyVxybB{wZJDB)K#x27{w%xH@#xST5%Wx@7
zV!5FX6IpZzFBgVDpfag+rjl6b!f8sKRfb=A8v;AWzAb6LApI_xZ_Io~Pl5Ng??imX
zwQRohLo(CahB7G-NRi9aYNqF}z*jw&god|!Ps9h3l24J9!J*dV3NNulj+US1xL`ML
z9U$S0&5HdJM*YX6PIv^Vu|!+Ij?>Jew_cD0Eg)Z(0|#G+|KWt%?F!|0iSJ?YD!Qcn
z5^FfV3w`TQnY%NqWxfl$T1JtRvWsx9WLzg08|WK-uAkxqku`+5G2{3iGSlHyBfZkZ
zE@I`Eyy&{fYU;lukUWd<4RaB;3wwSD*|Yzbwbb-w%SI*iW7q(o1~MNg-jHbMs}=*!
ztv8Wn(j_ccJ+b!*4;0kR_CaJWc}h@Ri(ma};w-QAZGA}!=Go!T{>B5wSJCOkbN!~z
zoXxFix_8cO-3Xy`sII;=h`zRLoG>K~u1LVzjP)(k5mO9QJ5U!(f^6
zc174p+sb+D;aLBB96UPG8^`iE;P8AbKPb_6=ngI4A{nbPnpm>06&>()h(@1y_C^4p
zxok%dnCsuMHmIrf1+%KSqP}-D8$ai4O0pwDBLOH}^r*O?x`XGC_%T><=6Sr!C}pMO
zlUBonV{Xy#G?c@Q4vMfen(F8pMef8cK9LhhVwBSWv@c3f`4*4^Dz0B095|H=)I&6=
z^>R)}OrsiSBFt?pZ72i?e{0?DgNkHpocd~
znHS-68
zUwrS*%TjMMPwivz*j>&&g`zdPwub^Xy>$|*4~p=r&IN`&)@A;1Z-Ea^=9+og(3tZC
z20>k9@nmAyn-9)#lZ8jxk9wCt_wJ2TNzX17!|B$%%{-zPEuhbh3OKiSOzZe{9FR^-
zLP-oZtLUmvK)ZzzQw03R&CzSH8qF2)Yd#z}A-~@A*_^e`AN}|Ob;m=tax~!Sc6+|9
zLw=npacJRO(q!0s4hQu*Pe$>?yHvW%PPnc
zNs*l%^F4tDby@niZ?T;xQ0$hhP(kJtH69yH?R#qx+`krqWv42$QJw0d-O%XljI1Ja7J
z?b{_1jd6&lCm;H=`EWN69O4{!o=qc5pTv86rkfhBA;Ohe+wT`F6YX0$B)T4s|0=#Y
z36U6S%VYRuLWW}z#yWJhnHWy1!ePxq6yaivu?G4bFl2+_m=GxNpBzbMcHP#W+rvVC
zz5&;k@u{)MW#-usqiij~yk4XeuR(OWw(F+;>lyQTR{xO=+k?OwnzWl3APR`E6pkzn7ra=Q5cnVxuLo-5?w
zj&l4ZuN1HKzIueLcM}q6PwspL@2!2}#~Ju)RDK^n!^DO(CVZ}h=f(f2J^&XLz~#+c
ze)lrqwfL1Yy+?F67D+t%Bn#EQnrm-pa^j`*HtpAgWy@bpxzJDK4B+WxUA9IEB3kEI
zQ|}Rzr?d331?Ag)lV@KbD^b??j~Jn8mX~2jg_B?A0FmOTBcF6GG^b`l1Y+0}V&bBl
z=8G)fK!(#fQ-5;?gSgxz%T(?aE44FcT1WU184WyrZ3-%12eRbr0~qoA@8_5EBF*^n
zTKDd5{E0mVQJq@(@oV_S`%4GW;(GzLe|;Kbf;R|rW~?CkyaCSR#Eoq6vFzLuz-PWw
zOu+(s0kRJ}A7*Qv;`|u%%&c+Jw>b4%4QyY_Z!$&hDX`?SBa$pE`=U2B)RX*;*HE#y
z6g@7D5!>l6%R5oj0}!zCZA#w;Y`(-~-tAgmxJR#Z);W@OJ2jo!?||2vY;hWH>;cn4
zeGUV^LQT4*-CrlYcccZ7m<@9@?j{{jW*_>
zj(#cnUmv+7+>+)jz4T&+xqIF$3$*JWs=w$PJrc1V{#tg^^RY5aF09AYTupwZtpe9!
zFwgD{yCueR$-eC-fqz~UUb07#WcczR?jLQ5;OztMcZ)MnWH(+*0S1(ucmAXLKc8&s
z5z++BFwzypFVXs5O)xv>ia7N#{^R^$-wK8K^V0#E_*+;FHS6FqBV1FNF+Fb|oyMPs
zks#`ZYFj`8!KR^p50CWyAq50uQ^&*nkU*;{)*Q#;z=*wL(eE#@5W->skh~-vkE55&
z63ri=+sz*myO&>t@o}`wl*xU^ARybP)ErXd+>x#uc*eUzro+=RZCg-^hF$#yPJDX_(AdBr(tOL}3ov;6R
z?8D_}s?po!)-pvOmr-{uE}2DTVG1why#J>z|Gb~gA=qxe{zGsp;;
z|2|(0xVF?G0n2`A9vLBNqv#^pXgKD^M{wB&#`gAi#L!}D4+#?WB9G{BM)D-W^D
zJKq!Cne+qW4beiw_RqD;Iy8CH!WDJ&CXYKE*h|KA=tl*Toq=HM9ZWLeJ~nm;$)6tzljR5jrJof4xZrSJ0T=VhW6TIvd!Ocdf#E0EWvx8(_LS$MX*b?jj2X(bYVgZfEvqis
zjcN%1ljM!oPomva#oEhvCf8h7Pqkw!{>^SWUt8nxY+k~F}jHBKyR
z!G!`a%HVMdA$NLp(w*lkSdl
zJC83{-+~P2^pWO`3o*ae)p5}N{$q7oVEkqdv$FE=94L*f0LJ+Y@GyUN}65Dr4Yh(ftCjQYn)9>cEi&u+PsT}!yyIq29+Z0rKt9J^33%_nvz+>
zL`^IpYgDAGFMdTAw>1u4cB~&J8A<&*ubR3Fe&$
zYD)9QyLaZeVjLO)j@QX)ony<21pkk&ua1kVdHbeBnkA(>q){ZKQ|a8LLt0`<3F&U6
zy99})ySqV3x?80?UBdTp-@oU1`yW1g&d$u4!=9NrbA98IS{6&}(4-010y^>pkaRfo
z6GHq|lZIQXi;(T$B*$m*j};gE`i!VV8ff_PlyImJhIyCa_XE`oZQ{k9UEfJN5-Nl#
zM5xQs+WhyXq38d;KFR9twj&ziS+t+EeN*fnqe8liee6Ic#ZjlW^AG#F^aTko)tOfe
zsdZ=|5CKE__A^KpRn&$stgA`W=#)tjjTR9J7lQ4KqM|XPnTpWHk$9LB;aDD^)$4-NPh8UO~CH31G^2*ezJ>_3i={K$lyYJpTn|4(sZyXxvMG%JT^USrS@IVZ*{<*LM
z_$Q4#+UMVxD=S5NcNRwmEqNIByhbFr+%}FbC^&}JA8<*m{B8nnbc>qQpAacb@JeiE
zf{O8Z*O<2xU$zaR^lWdK$-tH_iP{xROFyzhP!V|ugYyf^NBvYHMcKz6>tfRATVUB(
z=<>)(ECms-`@&nL5P9S%a?0OArtWdkv7Vgp>IXmCx8GK-1hieF0jiL=3=yr;<;g55
z@hCxR9?o=rLGS@f-cf%S3X!H_ObS(`?PXD6mTaP_ovNcuA03VdKY;v@{*k?wOUbRc
z$>a>at}!Kj+A|te^E~L~wjXLAe_AGdKlvhTm&a6Et==9Wg>EnLJKXK&S+B3~5&Wr=
zmi?lJCq;t4ITZC4Q1tFC6HlWHDH^sb%^ml6J&-17%4*B7+r*qCK79Wft66ZIJTxBKurx02C`fU6-L~Lv6-IM2s@9o~m
z8x#2M1}D>HH4>z#gj&7
z6$k&=p0uPwQcUjOIM{rZaF5OXnL6ORSG9=aQyaehraj$f&sjHYN
zlIO;8rZp*m#`dD!fz|4E`Pu9T;=_H
z2&-07Pf$^>pLAPh{`0tSUCmh5(=xj%oAWW>@978F+rC2;bJQuQR%~(uLd8w9jRLe3
znTq$`S}f^xb}`k8w`1o9HJ^%D6UEd;2ygA~xcG#U(NDoU;AZkY0x12zkhIoT%=;Qu
z?!N2z#`*6lMn<$+6Z%~CWtB&Z12}_ca<6I6A5;0{`^P|Y%|`_S&XH-j2|x65=`;P`sH(!
z$*N1z;m5~TQH{_?@{AjGbzpnv8u(NcfO2<{MR(~iv#l4f9_H5N%O
z(mdirwI|$MYu2;*xyC4D6V7IMvWPh5C8ty~A#ijm6rUIy7R10%Ht00+Zg3--Zsl%(
zGY)fpmRPH8tu}CECF=^f#vn5DQU$uVDESF&@@YQKO987XRX)2ypEn51afp!WUcmpdvL
zbLw?FD`W~kh|tjbHBFb;$^6o4#B(anJ^>|Fp#=s+(oB;ZD`tZNdEJ269t9;-l-sN0
z<9A4>4zvSSlk=}l(8>NpQ
z^T-Ho+zL1^5+r=B4U0=#rttqh6z|0+-5jZDxfHyW@IH*RC9o?3c+Eqqm4wg6z7e_8
zlq8#D&ptd}P#|x7XREwdUG^jYf~OT$a;(s~>p}kwN-0B!W1Hr)QVp7cF!We9&EvYi
z98GVDkiJE`nZpiU22HuE;d#rxFvZ{~p?b9?*ijtD8nQ^^73m18{-klH$d0q=xP(}~
z!uvcZy1i^mX4$J5GTd{*vtr)8?WbGhs^bmj_gookpsdXr?e+!+BaziBHBu`Kw|SBMHdM1E0Tv6faW-A~^S-8F{FB1rW!l#m*!mwgY2W
zw1dDS4m<5KE3xr#!`+@R;PXhK`%{~Dg3aWdAWH_`KW3$(C?tD0VC|xg`@GRC5e@j2
znB+U}Z92C~E+^Kqe*^#kz5IM4+J1N;_@>#@J5Iy6y?v47ZKEx$&5%dIuEJwx^#H)<
zrsrR=B>oJ^HNf1zC8i*ni?RrjV@gMOC2H83Lq~rk2`(qi7;bY*Qj75
zQ1W}!3}ct(*9jx(b%=d+_=0G5>4lz|<)vz@;u}P`9&HV1)r{5zt5;&6O2qxPHbBQbvm_lXt1ml%*qk}J2anEeW@|V#M
zXg05DU;^1C>qI7*cAJkRdF#>QK}2*d_tOPaZT%fZ=_dGEVY}f+&xab)DUY+ao{k(D
zjpCu#9aZT4NwHf}&oKGjjqL8)k#8z_jEgyGS{f;{`+k*VfVWQWayJ@!r*dYQ@WMDF
zF76nr8t&4b4(w2aZvzQ5Rlx5J+~cr>Oq*Kg5${S}EeQwEuvEZa_`K^h
z!}Isuc(d$MM=^8VV6c%>!_;>6-=jC1h8tJqg=9{FRb2Q_vdITKmBdo1e-=v#u4P5f3L|)YrnS^!NamMgatw
zkm`TD>BSrsq|JACsD(~bwII>NgQgddK-n)2s@px*vnaMA1$#tgh-O&etoi~SQ;YJr
zVGMnQ3Ng~%D|l;-*k>}7#yNQyv5p2WidiEHQ0UNKMN_`6W!$8XCQ=RK+DE%1gn;I+
zqk?#oV4T1%x9x83GLHyyS?UAGLS)!VEE92(UzuA1Dhd{#eFA@vMMHvDk_S3@KP(U=
z3-;ZsS>e{EwWa
zlT-Qt;@Ps$Wp_C_T=tv~A+sp#B|8847Va@N`c)>W7b>f4wciUhIn&@5P|+`0`=o2U
zzjI6Uq4D
z+Y!`zwnIxa`w@NIL&wbWO|rmy{gOQ01LFa=m+rkSycXddGuQ`nB|nt8B2Fvc|D97N
zk3I5q&yb4xN-T9d|IKJ94G-PBSi7^%R(dkj_ei$b$FVFfSzF53Vi_m;TAJuX=fYg#
zdAtMe>ff&wrE|IsP`#0A6{U~Z>qDa8p^dk{yiEcbx@^ey$_hg@O)^pO;jTz_u6PLQ$BsaxngSeYe0{j8*0@Y1hAn>Dvh3I*UuLGPl4o1_hXN=Sl(z8UI>;322}xCXIH&d*>kKwW6XwS5
z!DZF_-^qDv11Qu@gIvzvqZ1WO|FoID!zpIWOBPWUnb1{9gvS^fGiJq-@QP%4q@ip7
z;-EXSz7A?*`RZj3iQoEq*rIbx7B16Y4?;>xf_V_i>hrvS#Po#QWaVKXl@n1Qy#4P#
z@3eE$lXWH|?R^(cSPU30__9>(30rI0-UxrNS7JfozxI0Y-x{%F3@SL3U#=O@u|Tp@
z`2>xU8#%~dX7Eg(G*yx-bP3{N_&;Mj7@;4`4Dv9xqyye?aKd2|yY}7-Ze*iGv-t!V
zt;6yJ6mj)M+PSAc_QT5RBzaRxu+f6eK7O`RQsG_2DRoazdwFd>oiv75gg7sNyNkgXkZ|>eqEu@37wUCcODKr+1~G
z2n5&TN&ZH4AVW9-G?NHii{b`=-7Nvz=h}($`jE96h7A
zHSws(fDOlc5v}{e4a96ySCr?{_L*!OZzX^;kCWG5L-BHtOd+a{M=MoBX(w77A5VyK
z*Q;4!^(V$GUk8_@!=>dfF-g{6V5rrX4UxDPa+m3ubmkWhUh8~zZq4FkT5eDb+*8=L
zqhT#UyAtO%=1K~&j!$OM=+3GLVJ!D20q~>_d0ydII%BRdeWWmaAB9tOXQmSIVEbS)
z6xP#*9WWR%XyVLp^YdK^XA+V=a<3KYEgnQXW|lg7z*OdzzhnK4{N-`D**6ggZJ154
zZry%3G!!3hk|nBTpi`WO5qBl|9qoq1Udu>qsUeQ(B5u4F8XyzRD*&CQ!5VK+6Av~nrRquj<;W3~pjjNLWZ1;2=k6fiX`a+jIZxO0
ziiXB(+E;B+Ap6>>Qxf-*1x_fjzqWmOMf_v~WeE{e#FYa%f%&|TUw8kiL2vJfU_Hb-
z7-3ewrDU@;%Jp7_gMNU5rb(i_w^~#Z=ba7}xavULm(OpRaKYk$L+=+=@=)r+@Pby)eZo#5c=AkFNizO3)a1H4
z+9qAF0B@v)YFN#qrh)PCVMH(02ah1VBH?7hNBl3j-pwUleWyUFOF*^#ykKdFJxob6
zqtcbc^>%~bI=sgtc}ZpV3!h%G|JO}n_bQMknn8oDT41ba51gl-TBwwzdxzxitJ)JA
z`by)nGai+uOh+Y;gaI@s_BfcvE|PrWb;)R!)#s6O@m)`v#!t`YI!Ha#`{r|9n!m|C
zdY?x*uzoThOWm$DZF~RFkc{=U6L0
z8O?Y-Z{qqI=;ebp1^ZLztB2m{O}cV<{Puoa^Tz#$#3Xkvf8T2)M{joa#rw;;F@Z-~
zK4VfNhMtHVQN8@bw_fs~o4wD0`_&=V1s6qZwl29RdThdFedg4mlJQAZDMtL5wVb1B
z2PUpzUSEHsTd;o7kV0ET&Sphv0dr_-pEZ}cY962*-2}P#@-jdv?Hee#d9nI@i^<@6
zcYxmxN3z~*EG1Y=r;UDv@m3!j7pYi$=*8b`x0x2>P)x~H`_f#cz*&<>#Eo^&_$A5O
zB!u8uv5M5KR{s^0lYwlUTjeynWF*{1iDIcv=->_Ybvy=CVyVI;BG>mLKRc(j=JSuG
z)7KrE15$q@L`qrr
z>|MQn*SxB{lS{BAFVyGjHLTX!Pxe9e$jD*@@x(cjOtOm#HEgLNED$F|B#AC+Kk5g4QVK>o3&(4Dw
zGqJ}c!eYrX$^xu=!MbWFCcTz5b-=fr43Y7Xg*0f&U
z2I`hQ?@+_Oi|zaA7}3f=iU5R*ak*jg$>rRL?t1Pd>HqI=@k_MoA;StAceG(mFk;24
zZvAN%zBoR>n?|wbyF9A|(Yp}tFK_Hdi+Nw?QGK(XF)&%iJz9i9AqjrAHUcIS+y&SK
zgB60yJBQ^p4JD~KpD?8r=Ut;_O;vO>Z(s6WCGPVvs*%vD7mLIAt_8lM&;DA4BRanv
z(ER*Ivb;icI%TzBuwytVFt@f9MfQvQH3DKK1+8_=!aRr?cDl(QysI#3&&K^P*(wn9
zMF4zzO7o@RIV~*w>k+}F2vcbRd9qTD3}1`NDL3eLCvPKtdgVqI6Ywe;P{NPs?NQ`O
zrgFxV=|iH`99jI^R$V3+7UFj^m#FMNbnxfnItc@Bu1NwJD}TY8&zBz==(>ezGK-}#
z)~s!FOk>wr2Z}v%brE755^B>4gIxdOnMz=?QPBz0lr3k@3Y?Y^2^A7oqT9y*DhxPK
z0w5(rfvxV7XF#;kB_5mAbr&PxSIg1wZmD&y)CSX~Cg5Q~HEB(8>es$790$9&1nA*g
z<-f7y->fn{rtnni5&%pKHl26nl5hV>Bt<8ATQew%2M({akJqI-9LOVyuG<*EO&c
z3ce-MrbpZUN@chBpp~2w#0)deo)=W|7a!0hlmA_9!md}gvBg_WWdXV$H1MFYLY_@D
zDV2(Q=NCaH&7#v^?q!VfZaMCpDF@>TEcpL0&;avQ`u*}2@5EQyM4qd$tosNjmn*Cr`GFs46MBAZi5csz*W!?J+daa@fcHR8TtNZA!0dc@)~%Tv++?Y$J(
zv|R=5K-`iSVb+g$DH_GyWhL@?
zjZv!*$Mmn1kD|RYe0k7jS)7Xz*+!1~uT^}K>Wt_T;%cs-HMSt)JNCHjWR7hGcG5hc
zH?a`sM2~3=#dlSv8Z!ye7JmhgdIJ46!7}4Q}$bD&vglUd#|o4O`0$w
z_+~6qV4uIjylWo$u(W+4M?2Qlax(eGNHL5A_G~Y(T-tX&$?ZXj{9dtM?p+ZHO?MLY
zBKr?!*=1}!^+kTi3tff?U%`3IW={BZu7!$h4rtrv2I-0>bl?l-Sb;Hn`CWrr+gZIy
z=(_`C@k32cLmmjDUnHkFHLe^gh_nXief>vF$!qi?q+pi)>n6$x?nW7=*QTHH=7C|74?YRM
z1n2fpd-_Ez`iVetUs)IW67e~PM{{mVRzbuEPTlCy1D
zVeCSkptolajjc`BJ?Bb?H8v_($4*^oI3&$o)sMRW=Av7IB`QDMBiLQGoak{R#EwI4
z^EGInkV>l!33`V(hLjKoM-kJxk=LZq|6O6GqQ4B-6vq+lG}h8HPD2V6pNsVrS3kf=
zTm$3%hfv@Bk*xP;ZPAN9{oPH6pH8CJhIH_2?C8weB)A9uOo`+mf>zMs({%k(z}{8q
zz;$JwpSR$)R_ToDU888}LE&lj(l6`OWX`nIZy-_OuM0?b%?Je;YR})MN!-hM0B}xO
z%5-a8e36QvD!l%paA*wUUrM0rzcAJ&{n8L^xgx(}1D5J$rNU+0HxS8-y2+y7R8Ihw
zo7ww+Iv@K9u0}KiYgY(%r9#mX8FmfNHm|@MR$!#H$m&I4~snLK4+|WA{M6IiI;oo@_89m&KYLh
z!~Olk*jUA7#PopmgdxiZ41QY!wQ1JE@|`#a#b?E?B;e7Hr+crQR*qFP`UzXKN~B4i
zc=zIYrl-3X=J_&P{H$In``|72ogp%AXF^_(V00}sMv3nbb&VB2RCo#XOK&ex3=F5w)gj^lr7sV3ib7L2?wx$!LQ3;C>e
zLrf4esQ%LU>b8}v$0>ZIUOr2=wRxY-j3RdoX-J7d>6rV3XW0Mt2vox^~z!J;Er#o~p-1sALUBswy|)uh#cvX@0I?3MN++Bf5c)V$?R^6Go~S=E&-
zDpc62N6i*-8p=NUJg~D7#xu`;i{c1yxX(mZ=~3jWf%W2@@6cb_<0*uD_2LUvD4n=1
zyHWpm@89Y9i^Le-!DL(h_sjQ%hit~QBc|j}@yV~Bk@k=z?2s}ERAMSF5@T8nb_Zgx
zC_7zm5L7jx9&gUdbZw;{^5DF=r&93SB7>T0=5B0S=GX)g2JDCLqZbjX^*4APJO6tq
zjYZCm&jjN^rwx9RlCtijq6BJ$(b9$wk2;t5-l~obX*)u=rbnjQr-=_dD!KS5r@7SL
z-_+w*oBuv_Irpo$o(;??l?hF=#jSr!p))i=`Djr4Fk9f8prQFlaFLXU_&$%MvqHw^
zneUH3?ruttw>K}o7#J96&}FlfpHg4NvYFltrpL3cWQ=fgOSYn&d1$U{Ffm!IZIqGy
zIE^}y&3Eqtk(u4YtJ91QlY{kcQs*sMo_@=t44#l5G~4qrW6Qc63T}c)(@07mOTI05
zzvd1?CGGS%j5eTij{RGSf=4_quPx{Jttag#CVDPJA}Y~mp-jdM;k9#CZ1wCk+pDnL
zw;m?&z#*xreuIQ~d>2lR=I+%t09wsyK5+W+yI^8$`EOI}4wXaRLW6<#%)m`Z`{y5N
zFv)zbxbwe9^M56vBN%l%<$)dN(Msi6Bm31azRUOG+rVR{D?9%1+bIeEPKzJq>F3VS
z$FyO;LT8JR>KpIIh?60gLw>&4@x*>!HVJ;y6~ttOb+V#pCsLPWA4xQY&_A1U6K%V`
z(+Y3YrXADPUme{5ENLD}vy1jWSD>N4z}_{w5{67T%g8oqi~lXzDfY-_lk7n>p3Tlv
z3LeTnzKmL`v23j8rKq-q%`a;7vvJ-dIrdkP@M6UjPhaW>adofAN+0(}V5~`TJsj<_
zbb38Z?fwXIfwqi@;k;ePI$Ef-o+gl*|LfU88BTg`(q>iUdJ5Mxc>lK5?B=K3;3L7N
z&BVCiO`rl88a-&eTtj=UUB&|Xv0%)PaED*yf*FsyQZTq@{SqlIf@ihh`9LDR9F_?j#%`7B`MAV+h#fy;;om@h*`!C7<{^H_`(H;lFpeXEp$I1v1
zDjQGg65d19pEbTjG%Wi@t18}`HW
zd7QmhI^KkH)ojH!%=28;ia4FbXLXEWJ`1GeZCGh=c)!vSwQIw8*O-s;Q1GJS!rt&D
ziR~m)PHxP4_1*mkAZZGzofPRNx(z#MmOVb@aBWp^FudJ+)RDB2i?ys;9L%F)SX2J?
zWU$fxa(8rj=bwV32`RQVTYa$&!>cRruezS$mROQG6Ew1wtCAQ;;*O*TFCDE?%HN(Z
zC8gFtRhmBKGd5t9$+1UZ=(6u*iru|}h=ZwLd$}yGKRW)(yc
zf{(4TLv_#juVG*EDD;>Fb)N^tpn}Pr1OMtu7ju+tIYh&4V~de9J24j^PU1Z5vFYp%
z3(xv9BtOZ_+)e$W*Y}jZ8O)LFTe{h8+`3qzM9$l`7Sv5-X248vsQrVpGLIl+Ie*`>
z_msL4j{i6pT6*+a@0IqDrcDo)6BF-*PWkFG&dJMfIMz0EwIB$$Es!3^kw4`LByt^(
z|4<>)RDiXz=T{-+wKf*c?Ah0sJHA}{
zusoMs^Lt7e+Z;V^BS^YPXc=sO^ntUO0^H1gANaOY0P`8uhw@T4{b{F@FImUNR@IiF
z-sem673Dag+=JFJTG>L^@HvRySmjB5;QMz3$-3YZT@y|AJ)iMlo^>|dVWzN>257?C
zl2Q|?^mp^57fZ_5VvKWAV`iz?(uXr|*okKzmDs1gv@+H-_>_lOZ3A8JiS*TCRb%Xz
zxW^U~M2b{K2cnY#bn5@R-F)g}^QOOa;7aw*pJgsvZ9Qcuo{gl&p}
z?ziX0xGT{^<$qZgiN_qWgocXwTQ+0e)k_Q-7el?;3Y#hL!(}h+rY*je+0FGNgPA(1
z355=sQsflEKOkIHX3l!(z(U6V{!QgjAN?tvi9|e`v|rAIne$sZGk_4n2x$^zhT^J%
zB`#YfjG?Rya%T7=>FW43AzkT7A)c^s%jCosqegf3Wh!fF-Vmx~QC@VpU$c;dj<%X>
zhuoZrrY)=Xjd=)(%IA&xNa~~-)mCj>_;czNHs%TsDV&uCuUc)!mp{2n{{CHCh1IwR
zP{x(g(`hZuIt?i#d}%+QEs9ws;|XyY&si66Jy}~#o-vPLhWWs?&SOqyNnN_j(pYB(_c5t5h4&WV7~Hb82bNitn1t1S?zt0nqCcLeqlX7y
znMy#28Jt`+0{Q)IKL)k(7yqHHhPt#f%ii4Ajoa*dmwotAI&!*No;4Ip8-sI92eALq
zb5gjsAHSOlv37rlFb_!R=7aHfKGLhL6Fl}44XF?gQ^Z1{a=y=qw=UsRoKAJi4i|RSB9RlE@q{i&r5WE
z6>MJrV%$ur!VOn~zu6RpEF~o`Y(t|$Aq5(0!ImC@KGh+`RbP7e;AYXG``5$!^k0t496hlklp{=XJPdqNc
zHu6lRa(Rn!@wgC0&td^O&ILo6Yt*Kr;?bJukMAa5>=D%0BmKgrg^}2l&bKNk#q6=k
z|77zRFK4Zo$l`I*w735Yyrc_CXpK6MFDHw6+*$qM!7mWSJMCXG*cF^06P_uYt`L9r
zJwuRFL9-<RuTZ$u%i@SJyu)m+Mten$%~{XwB%~+uG!%yAxN$Ikx=OAezT4f34$j
z{j7E;+xziQt1LEw;_HjG8qdi4*Vnvt_au%EcifS%(M;pA2DVLpeR8cX?vCbESrY$P
z{FO!|C8`npIz}?2Yaqm;MyztwK_n-$OYWl7Npbd2h`LPn;kT+wZ_}w+X>aZ%Z`>5^
ze!JZy)Kf)i?;MCn9mE}#mK2FCr5@}yU>KK!KbL+<`(&8rbvWhg%KMB^5z%**SNz6T
zDdm?(J5*Df)8lA;@L1N1lH=yx7WW_IaqI51+&taJ!51nmlF7JK>eVq8Gjrh@!7QpV
zLJ9*d(1^gEr6B(%&O4Px(yA$oI0mZHGn}jEBwS5+LT@-JB;4m0D{q#wW#28e3cV3M
z)3pQ+-u{
zXi?>%8Uf3Zl>&ALH}#V1@LP}BzE_TL(>EGp{hy0Ks#n&roYZ%OMm7{|R!!PkUx5{Y
zVYj;6D*pcj@kub49NB%o4ax_Fh&`yp;Le);sY52P7^*Hx?PD(0M6)#n&^L4ei}A)o
zN04p=s}%;UY4av_;)gX&9tL>j$F+DZ^Z>EfyM_R=fkuAJ^+&N!vPTzS2SkWc<|4Y6
z`TtCR{!DnT|Jx|I@a<03v}WJu#&N@`RF+Ph{w7)08E2U$G^!8d7A9&A&eX+ux;ta5
zTy|$@mqxz#O1WQzxmrft=w28p_Lj3GCo9$b*=z?#siVzn&
z_slujo*a>e5$*P*+yxdR2&K^jUWtC>;w56O@^2Jz06s)2l0xd*Ll?&>f&hHwE8K_V
zCH!Z>Z~`+Ch9WjFNWYG2HPzZZ5!lY~
zsBq}*t7=&ic;xGAy?fIXx%x$lvCHMv)iO(Dh?mu~vD2{6xIC^ybLc}@I+
zD-ZZ1ATW)rII8&vMYK+db=yY5fO4a05BH&%tdm+K8Z*Pa65BE7WQ{TK97oBDAxD)yxHl=bV9
zf@GAHPS4a3F(KI7lr8DE+bJ`H-#2MtAK}y-ftr7LtgejziNFtuJp9!X@;?O%S?6I^
zPdOoD{Zu!l7Vw-8j7i_T%fA$%sggi@Pr>R1D~?*
zUt`D-=O2jLYNHe9^0Fx}uf1AYv+Q=pU?ieUs{3JyH=)BiT+xtd=#xIyGXixQeS7>h
z9Z_*@m(<5KWVwca1P!1$FF()$OxzlStA=(81pY5QeMk8C1I7W6pDVGs*0M$Ku4z9c
zW3&cH9#uOUTNdmBBy(wH$HVb`1HNrIno_wr%P5>h2L0U#q(ST*?b_mL&<+qcpul}NVU0_?$Uth+UD
z=N3i4Z1<+D2k|VE|0GbLw?hi|i2h0A<*B);-CC-9oYu)QP6PXfTM-NJ^<5|Eg5IEj
z!Eu=h_Qpt{zEt?L9k7TQB{Qj(mEOzq$f6wq@1k%~;R~K^TDjC`t)GRMa-a!bPES1C}~^
zHe*Ua(+n&&S4>z4EV7aEjFDw11Fg(*X$&F
zvN={-1`h|%_tOr{e;2MkQE&DCfiwE65^deNvtp|vNZQIIL(~%DDt^#=8L;E>AV7L{3fDH(~3Ru|$FJF^MAx+Z}&G65iBr2>u)#9dQXe5+E6Tn;fnGnK6@ZUZIG0SII
z&U$8aJnxu2$|>x&ad8@H^TWS&es(VzlI3`(xhwKDrPUBqt1W^Bi(;e=V8>GLR?J((
zMMuc@zbyNZcUhl@i^>k##3c@+d8+p(%I@@EZ>BA~UxZOm8QMR(u&OQpE;qDRmtsaC
zYp>P)*99pNHs>BgfV}3{9~|UHF1$s2SAM7W1sFD9cdzxJNnf(%%6*+`KL>l0b!+iF
zGPGT>=p(JGDA3f0t}>PmKiK15zMb4R$Xgn#fwBlzX%>1lZ$PT?8qkKgsVK`);TW22
zuP4UA#*b;wz1J%*m4X{y!561mfm!#BV{aGfY9ZjP!ebyoBEN%OK7uE;Voui~GrR3)
zLHnd&Ilu5J{}roQqS;IjA?LBX>o%v0aU=fR-a7PZY&ENy7B2qJM0GiQi+bXJw)Yar
zSt$nxu;4~aHDFG=wah{nt}-Y-GvpG11)rHYivv+?z=FX;VbHU^GGTl8x8Fai2~fOf
z{Q$eg_uVz3W-MH0g1jZ!vM-FUvm7jF;$&+7dXu
zy>F?D(tA%G09k}8>8P5!z|y;?HHR>jA}BNgU9E)MM)Rkzu>Sk%JKJH1d+L*rL`L!p
zP>nHkb2HO(-9I>V^&csIP^<~le`NNf(F#vjpfld8k#D{|s+Wj@s_>!TV7a9cFqJRU
zKM6w$eLCh>2|zB2FR2JS7ua8aEEqaL_F#UxbiRsm8?$1QKiOss`x*tvSnDUfZF9ThGJ0pp|6(Y_+
zph-}O6@l$Zcb=i*HXQTfIJQ72u#_}4FW>kpE=G=Kr2bjj5NWB*Z*a3vE%U$kp0Dy@
zi}1q&e_Rrv*ia^(!BWh0BED9ltiUNdk_h!S4f|hp@|Hx&qY^+_@K(;1lmt#sNBGaO
zBg9be1U#szvbFlN@byKglVZ&x^!&AfOpAjnxulZy;?a)tm_;MJRJbi@530dWNh~AwdSN2+#KX^1Mc?Zj8)@2@CQh6?QokyjwG`D}p
z6#yK%Nz76o>eF8xhS>aHK4E;>wuth{2)(r5SxpVJ%*}Fa1)Dj~bM|LN(|>CyI8?zP
zAqt3EhVk#W)m7)_=CBCQXU?pT#VTCcLy89XbJul*1)lMlDk5M_uS-6l%PX&b@S^s<
zs{akT;7-u)175OX-m#UzMY>*GOVt15xh;C`GvoG*wF+|#mnGKq8Ap|eGe#M-8DG2o
z&vSrSU@Lswi-A%?Vt3ASd6IBl=U``MUQr8iIQ1hv$|*~c;T!LFYawX@%hb>HDr&A_
zTT#GZTZOIq92ps0-1Cl=DI%Ch;>*7bxj-upx*wp^${NDiCsIW0?R0Fk=2kQXkKnq#oI
z(x(Otq$N>+w=gVDBK$)<5%bxaP(g~4F|-GEyE%}dR%k#LV4+d$q?fmHTnbij5
z-h}-683){RB;M4%{O-*985gd5celh;z}bt2y*o4Z2)ib}9q7!>aFPSREWqzb+u^B8
zuLt{~f+Ksy9kaPQ|6SyJ|K|!mas>%sm
z#%p}Jrz)=*^vT1r$=W`z>;{5Z!tn9)HwxyovR<-*FEwGb=XmbR2AkuQ-sOAN?%aMm
zN3AVjd#CGRte>OBOZN$t7uiCg7cA)ri^i$HVQt?5k%p
zTpbSA>uoth-dUMTUqzX@sTd#1mX6d{I>zgkP&eCvOz-shshXJ1ngM{IH9-N_+IYWw
z?YFP`u9}C2{1P8-ValE@(w5Mm!i_gm2=ihT$urrIRl{dXTR_$W6O2OhmSHSLIK)d?9
z@!KFdo95$+NoKY1MzEN=dJfFP>}3TJ3tZ;_s^y)xAD7#tIWsw-Yq`8n0EuDmtEY?h
zne!0qgah^wQjX;x#Mo%>(4@8H&b|c@r~XsdkUBJw$3`hDpRI(7G{VNKm9SBTg>f(9
z$xT_e6iUVV(I2qF2-!-n0q&U>m|j8!?Yn$ro|=m;7`EbWu_K=oCrn=L5{UJsf-3P=&nlJzx(E5Z5~AI|jebpFbavhOx@-JWM~{GC0_xUtVha&~#lrt5KH-ou
zriy-P@8)hSnV-wy1z@Q%i@l)LD(n~>>mg;0FjqYR)MyE!J!<&8)ncr|AefK(f%5J(
z2on3{;~)6Fu%iL6={EcnI)hMVngb+g0YX_OX!$X-Y?iw`$O5Eq0jHJkr0`J$<#)<(
z?RKXSQ69epHA`x?AD#T_@!n%W0UeqX&R4Pxl~hzyogBXv6~FL!12p*D%GnEjk@%z1
z(9ryxw2@bgy;*z9Q+DKVU6F}d`o)en?oXkh1KW&28cR5zQ4Y05?c%XV1=aBNY_HVQ
zD{v_=E{KrMv}s{LZsKvjuc$O7Z;=DY{9uKc19SyPtA1uk`x@XgpEJ`a>+M#9VU(F7
zSm8A1Mk#a{a&Lc^^jedp_HwbQmqIB}eH0
zv)nHefa6AN$gduD%kkq;Fl-29`f)BSeRgesVd<~uy!bU5sq1y54nB-%0EWA(%=$Y?
zG9kjb!ZFo){b-5IT)w(Bkb{%cTE!>HE|#Is%lAQk8nG9AuTd0bt%3P~BrJPL*1&sc
zk$?p4uLWy~vM*q(#(Xq&U_oC}*a_iahE5-#(*Eb;%z-)>z4-b6=*%P!J^3B%#ScGN_0M-DHp?p=ppTc~1Mi-^~5)
zeV#jaW}Z9#z^<<9s&lGp?{m)HYp+Et81<0@F7beLPD30H1aDx`oVEQ7_|)d0#ICbW
z+u$lmohP*IBbX!O&_B9)0F7!$OYPGDhIEaK_n&_X=6vA?dGiD_vc4+vpEfnf_nX-F
z=mzgLIsBOg>w{Ua^Y0cbQLk)bi0<^yJ0Seb&|rWkCgRCeP@{+~xuG*9Kev6iajPqS
zt!j^FlqLUXsDj{_{*G(&#ZYw)E3ml+Z9K6^aBJ*Gv1hTJ2JOiXx@n?+{X4iv(lnsb
zgaOO5@SNcf`5OCG!+n1~@hd4vGtx$Dl@!2IPsk34Qm}svv-9ZT0iqI|YfwlgtWY}N|mMZJ@tjm~^=PaTb
z(B)dXcuirv3h`V4-+U_0l9hRJo4g4Kjm5T@D7@Ur_J`t)RTv<0gMsKc&Z+(y)_`p&dX@9qb+P2;d3_%j+3Bqt&xW
zLP|jf48`PaWV*No?$CFNfq@naK+{w@(>nQ-R~7X>H1US$X3~P+Rt#M!kom<1*ix1=
zu?k-q!d47B(F0Jxu%C`Mb@=-3{9Rkma?^?#&f}H3TNQ;?pGBL@d#O3lH5JkvV683G
zP_kz0=My6Z)R{H9IXE3+=n_(IdjOW;``v96QxS2j?8Ca@T~EF9{sKFEE-&If195Ft
z>^?vVH2~Pj9D5q{Kf0@F{I*1d{q#SVqB1+A=-a!0IhMMRz(H_?ZVzpKkPXU?Nq+b&%Zi*|l*
zfAe&9C_f5oGzDwE-8F0Idy5;lV7xb0uKmdz;79RRLZ)kk?*AD~2-!*T%^pNPcQ-(y
zUEc&gz?$6mcYLOL$S41q*$D+()ZP0Fu%;E258i=;6vIC)9`IX|7C+k~D1OEX%%Asf
z5ApwM$^QixfK%^D4j#;lop89n>+nlZV%%u8!}RSy@s9x1O5(?#P8c8nRa#Qw)38_y
zhra}-7T6F@IS~#A*cm|(T5hr05t^wt2>^guZBvQQBD9lD*Tyo!wWxIuuQ?|
zG`@XUwsw?&VLqC@jAHy@hL+DBkt!h5{bESuB_CCyZ2iJQpcCsFt*i~s6%gX)E{jbr
zn>D7GIbjo%7C<1KCE?9JWL4(_F8rz=OX;?<;=E-l8+K&+hqUiAT~sI>1UJ8%3NuWX
zaelB7zP9$K9ZkFDat28E$o?>Ln+uDh+3kM+A#?M2;FO@n+o0hjOaX7+_i+_E-uP$RTc-8B
zrm+^j=wkr49h}|83YC0cbF1sJG&>ZDn;z4%nd~49Y
zf%T=}YYsFUn8~0e{3^}U`nf$YB6;7Op~gppj+3=V<0vy0firUJyUlWcWkfa?+`$`mK?wP-(pgJsr+`JaFtVA?^
zW}wWi5*Ycq{m^q(VqE$_iSsLXqgg8(U94My90(<X+3g=84ak`H<($pzoO$NSHy3sMq$N=wk0*Kr^
zudBX1o&9+jSt<81C&EO%#`#qQ8oJ?ieqru;(7_weY$>==(!7Z>YZXcxkl7Mvx%`#O
zd?HP2U0z7+c^8JsEbNi~9^v`GKdkRn()R%(cAXUKL`XfL-h4Z8_~3KS&if@b=`$0p
z><(em@?v9}k&YUX@SAC*RF&mS4
zMI6^dc58T!$1-JUd@EZa_jt)8mMU?(&5ij4n`SjQ;nbu~!7?3GUe=x>P2;x+s`Mzb
ze^xg>VUW#+#J_&|I-;ZX0A)2On862?$0v<6s(3rezFR-F0GSJd2^pWpwX4_p#o1CX
z6@J6t@7*_3kqm2_VnRfsoAv_Z_b9~sKYH!Uxpv)aLwUg05SAN@LSn6}?2z9D2D$#t
zQ^s<7tmcI5G0`9b$-@ahyeUzaal=%h)O7ovv0oc8pV!aEXX-u4XUb(`*E~lS;~eAK
z-`fftb`<1K=?bB7X!XxsN@F+$4?g1a^Gn@gyg+nSX${RK!r95a5%aCbj}Ag|jUD7Z
z$ypZ8ZF(ciVa8dRo2jHN?bTmll5Ty~#9xk^UzNmu+gXL!9rf@sKrb=_cOElF2edH8
z;-70^^br9e_c5X{@==yH7FCQiB5~}t{ZxT#lVZ4nL6|k>4x*~$Tu1mt#6xSe`bqoJ
zft~hOZXk^wuydd6KIr+47V69I0EY&jX;AW79v2m0qvq0W1
za5sWA?sU#mXe*Q`ckBsF|4_RsIUKQ)~+YCA<6k+x&cH891ZywwJs?Zz()q^ldPRXKN
zn_dHgamxQi&gW19B7Qa+Q^V|b8{KcG$HB;(82IB!!#3o#fK%quIatoX9D%cXd||^L
z3smU7sEMlDMa7|nT>X8uU8e(&?TqR(i-zE4DvC71zUAmG@WwX2jJ|kRg%(W9au2-Z
zhAOAGkF%dtY?k`@)!Qx^o_0tCeMG*fwj3(gj;BEH2=Hm1N(3s%sy(fvCWpw*v|Oqx$sUCJb6Y$06|>nDZH5v5|w7sbw1unyI(qmA~Cl4lZX>_X*n
zBUfnR6%A<~-myk#1qX<4|8%gh;WB=HPy2U8!`$Q4j`E+O@%<%%fu`+4-1LCnAkNM_VA%3^v2yrnR+6d*R4_hgOZ3&|Z^La}b6SPEX-J*b#obotn?
zlOF%C2B$5IJ>U0?=Z#x*=eL6p(*fuBVoyashP|yMzjEdY((%8SI1&7_ZHfn4a)pFm
zhZMR8@|a%e4;~^5y0RZ{OYN9v_Ai}dQL0@H<-yQ4A-j__vCRt;RH|K@1L-lMX~fD^
zw)%dMSEM2yUAJ#UQBLV7IkAOb!TNO~4$M}FQ(0jV~@xXH!#@I0whsm?W0$rZTZ
z{%yumej~Xln8>n)^D9#mpDehem$UV^
zz1~)Ee2C@SzmK2L^PwvzP_yZLp4EnL!L-B3K}MCM9-4Q!;)pqKw}nL!mxcLDB$yZV
zH6pYXFE$q5u
zE-!v*#T)C<2!^L8>>EKn(i46WP33HZdVyQ%8f-U%(rO{CQv2`w7NA~)*TT+|Sxbe3
zP46yV5gX2qE8*1SC!>`PCnH31Sd+5H>E%58wt$#RqWV?&V(9y&f|$t2^#%WA0-gfJ
zkOd*-o`|D9YA);D#t31ycTaar2j>PPDn#Zl6XcfSViyokoFc~tNf
zTrK7`ti~cENAXZc?Wnf*#^vK?jMD1xZ?qeDoZ)WetEbT~H``RYhP+YUKXp!Q9cU*R
ziKc@!&^O2}ot}>5Q!N}5zKRjpLXW|lP2M|Y|x;-+v3;)@9n{i)x
zWklmvL!bf`Vnfv~_}Q(#@&%)hGZ7&Q(Jo8h_Slwf`+QZ03qvC{k*$UibXqz8gT?%oqXi
zGr^rlMc$!#s#^GK5mj40@zKgd`)zvZa#oPgZ~>+eZ!R(^c6V1HH*Zib3ZV?cA?WNq
zp8TubXn*wa`PeOegL1K?`_uJio>A@yRWP3m;Xm<(!(5X1$_|BDb|KcM_+G3w#+dAB
z7sozw?Zc#OU8B6P2e6LrH_V5&2lO4~kK-61?XKa2D-yiqRtVUS2_21bLD;p?{fnPOr%!Nb-yd8IaO^J$$oZ}Q*
za5Zkdv+o?Y?vGf}3_WeL5UAt}EAgx;=VCh6Xj^hE$Y;`&9sG;nwd7_WA>!7^@Y4&E
z?XYAA{+oah!$)3rICso}6R9j<`gwoG71`?XaKGU~AJYIm3rE1^>A(^?u1kyL@MdP*
z!(jhthttHu$2^C!pb|!J!ysS(!fRA!Jp_Kz@y(VW{Sr~^_4W|W;20Ch7Zj4wzDi7M
zm}W!}+z>1KE8kp!+UqU3(K3S8eC
zQKgyfBB7;;bUdJE4f92xPTvndxqke!EH3zRxptM)v?DjXsm=bc
zZ`E`~%q6HH3$Z1&1?FO$@ycNmfv@x~{+Ux%NJlw0E{8nP@6-a73dSlhM`aCauq0*b
zGL3-{oa{0&F|3O;=uGFatkgM&$=^NCp5|<^iqJ>+HA-#d;{*%ik|`G-{(MdC{4|V@
zOl~!=HYY>Nj3T#szJoG7zP-p!rTBLAvACt3Y0B>;0{P4SbwdnYB5HX!t2h(y#WB)gJ467S>u`56PhqK7}&Jj;kB^s;%(Q
zxHg)ST6EUT2?_}3*&Ufpk$Hb{Ph~0?m*YYOKX*IA
zbL851Ig>C_XH{n?5|d6{--_H+kfFQRjVjyF+3h<#cJLgBu1|b%XR_T6Eu?~2Jd0+b
zN&M(bc(bpTgCvPve4;NRI;xF>Jf7_h$+rJP=EJA$b2oV*-!Kp{n)VKB3=6`1;eH6i
z92x^)alA}4^i^TSjL&l%F+5_2+f;_Qpc9?aE15TYK5S8cj!@({JQYw&(cTj#*9u*G
zRHNK|G_@dlWV~)M=a$&EypamcRftn;Zh61fes|X7T33DZHcs$eEiNwJM3ZxZ_-MP)
zqnVOLDVzDr3%dG_ZPJvq8-^@WZ911bhK_9xh!((AuBoU{F0qN9pD6zBj7@Q^zTH9G
zMBsS~`u6q|;+vCpfNvb5d}2pgZ~dO37@>FSy8uoWCdVPP8Ba6~J+a`Vx=BbaG1K!f
zGOB55yRyTUPMXL1B0-)AGb#N7l@jDsRmaf;ciB6_7@pqi1Sui+$xIA-;X(+$v~LC+
z&I;eE92C+gY0K0*q&GIkZNHuKwiFM%%OI#qE!&tk=RN;~R?)%l8sp2~4o#w9pm~2J
zs}|Br|M>Y`V{1>u<(k08@5$}4tIv#f9y-W)LP%Kp3s={t#&R?SZ&%UssJ4RL@p%;9F(10
zt2}4r_TqF8-n%^2C`fD{e}s5aP_S$c%e^z-2CWDz0t;f!al%4Hrt(aH
zow0e;j;ZI86yuIbTH84*-DmGF^`B*AE?4)jOLvYgNlcr(lIrs@ESLXY(fXvU4yg{=
zd~}(2GUl7-^6qhlr2Dhr_Q|UL7o@d2G0?XaW4DZ2I>Gv4T|tHgCK7I5RT2toF8M-J
z(BEu0@1zM|Zx{Q@uB?%lSN$9|Auei1DUL@;+k!CUXmnGbbdURd+2$nw!H3zSssDi9
zof2I!mGR(g_0ekwvYzU@)+^k&G2Aqvk%0#;RTHgDb8wj{Tq_Re5z)ur?2{OD@Tp!=
z$r+K@od~d{FdCa(t*WrP#m(!N4D{u}sJF$T
z)n)LbxaX*mi|<1V%s06lJIc3@lgbXM3r*uC$TzzN6CpHLjdp~;N8;SP-`5HC>--Jg>-&gaL#m6IG2<0gsdshE3F9|Sw`OTFG=2+Aww%UMeZUX6<-Tg7_1q*(;#~dE
zqor4RWjvPy4$qfHQllTXuF!ZX9#&DC2W8N^ybygqP7ZxL;UM=z8-kF}exWDNpyGJH
zB((Q9&75ZSm|B@pB#IE-;{EluDLfnyG4>^-1Kz?UTGEWb0`t6X6Q<9|0yWKAOEt2u
z9{$U_@?x
z5=Kxuhp^QX%G6&Y;HFB5eb8_}=%}fE*E`O>F_}5T!axrx-t9_K=41QTo_xO+3d>$6
zsl5tylQO~Eu?n2f{93x3m6ZugV(h*w?!Rq%pdm)%C8>0DZta=GSb6<6kyK22DvvT-
zmvr#qDQNrkmN#y2bE$@alA8Ry`!Rzbj$jfVcX4^ON~7mGT9;Ds1a4xIf}$x92wl0-
zUI*XTRqWGKzBX}pCA8euTm`Zep6d_FIjTc}y=`;T4?dQ2pR&Fiz|g4TBN-!hLd1@
zSGa*#OuSGR+rArh^vtsBQeP!6mLKw~>@7ps8~y#$J?l*`wK>uh
zo<;|kl$fS#yUhf6Vw8n*ZpcK-oAYvQ;NQQj8hy$#u#Cs7JvD$lg*oqhL)kIH^8vFm
ztw?z-wDD$l5U$ZXwMq6co^z*D-bl)6V%E`C*L;1(ec_+w(YcB3ma_px2qWWwk!15!
z_&qDqimuz)uxmbO{2V`<8`%Z>)rLV6I~K|pu%vdKxYVBb3^W4=QxdyKAZe{q`R%Jx#Oei3
zBYrVZ9qZE|L^<+DX+9IzMFqWjf)mAQ|5)XSKkvFI?IWwrupSr6{>SxQdzEO}=#I9f
z#IaVrw-nD^abB;T)exkiIsA~Md}dj+QegX_lh0MqukQ<7@bk*U{Jl&o$K}|8$(D$R
zAjghWT^+2p>)6t8L!EijwxNESdJ65j^H+o#AHFm$5utm|ynr-x+)j0I?l4N(m-*={
z?6_?_(x#-$%^Y|=Ub7z
z!2|UD9lq?emRJ&huleYs0U25%&xw*M%@a2L`A{emOW-~J2Pu(1D}nIXgT5}1I%>G*
zy}%{ML+rkJCl{9o4%ELt*E8~#z2bw{^oLWus;)PAJ6SY!jVea$@Risu
z{g)Ku&7JmJ8Pi)8G>b(dc#&!Cesk=>Wes8VPt
zxX+$du#h|QrT+SmAr)hJ{;~Vy!~#C;m|bb=T;A$@e$M*RM(KUE5qtJQ*KH$1qw{C3
z4ee4vJqf2(3^fNkW>oH1!+K2os4UXU7O4T;_<52_XANM@Ex9i8+_vq`(Fbpw>v;VM
zk2stZn)K#Mzi60W`^UC~nOsp<0u#+VE(@`4Pfid_kYBLFs&`kwq`|MILZqjD-mufZ
z)o^w6X~`9l@0gtCj>1V-Az7m~r0xj7?ff4vpY
zTU0VSu9~R(D!NE}**5qENC3vdpJ&SYs^tnOc0g_bc2phP-5y$4*_HD$i>CsF_d*A$
z&Gt)i_RC$^%h*=Ch&L~jF+7HTQP4a&E|17}qRqx~NCnLSt{ugLc70^H30FW7akY`z
z#Ms%h88#fV)_rudYhwErEx*X=N9i4w7t2e!v9{hM)>SX>xy6IaN5Q?iDD(;WamB6}
zkTMbS0VWH8xxgpGrBNnUB2_friw)fPjria+>}1HPkXB(btfi?cH}Y$EOdF=|*-pIX
z-CNeK(z_o)Yd)K?0_jNCxtaSx7xqgmt*v2Q>c~PRQtUIe$vel;yqsWiS<_%M&;3^s
zZg)y0!Qdj6)>trkvZE@NAsG@I-ShZIbm>sj^dml**s
zAp9nsHm{z}w1*K)Z+&n0qXZI7p%xR6!&}Az)+F|NLGp#j0Q-LeF}3
z<$UWRADgWMIhP;tCdcO3AKdS<
zY;yKD){uZ(IrRi?Z5|DYCkxxvkHP5@Oe-waV(RkqL2jMohdGc&%RW#Zsc?2P);L87
zODsy4h25-u=7iNrLxUDFvb4K4MEPI~aZ1akgb4yLJc5p@G}Dq~_W=<*mXgNeNC{Ot
ztthD{yJO5RBJ$$Xr%#fU74R9yth}S9tL{J19Gl6$`c}SyIxrh
z6TF0SNI~X^!zRBjewF-F_V#LJ1Dm#S8|tO>uRxqx$l`-!Gwb4YL7M6E?yW57*NyZ!
z0J8+iSbmV}bzxPd#Q}Nrf`tV^npU6Aeo+jfl!t_5m?m!?$ZetI1Vk|hr6cWTgy@e-
z{S2K4N`S8c3+WJntrJq?$GQ>^2cGOlwy3L}94T;29T7X&)GQitHp&kO(1b%XP5nR#
z$={~~^*U%4TK_NTu$V?&+qPN4N^(#jibbcOc}VW4v6j(oscA?8<%H8FcU?P=l?;)Y
zinA;K*b!6RM};n2l&$Izvs2U`iQ9+?8|i2KJT-gTYW!xrLanq#4fG-JhqgI;!8HQX
z3=;Cef(nWn3o%f3yO8Rd#duHhH*w2F;W+GXTOn5WmcuMF
zQ9Q2)m-eq6B4}5IXX-@?bif%Me#i*Yv&|${i~Kck2mm;6y9N}O$kqLph_L+?msws5
zSG;S{VU&k>6qBG_=~WLmy`@8F>JS61Eo3+FgH~J)j2EbL+b(7mTEM*cdv}{74R>k;gU;T|Tdt6y#?=J$1
z=JZP-ACE_2aU+Qh*h0Lw!$It{y%fOQj8xywAiV4f^PID8o9JdvxicTq?OAPI{bT8o
zIlXpt^Kz1_}*6`j7rGjrnibWliB7Td`Gb|MSa%KVK4J2G+}$lAW)pbb@rX
zJqUt^b;Yxb(f3Pl3U&{P59k|T>!tomE0~e(3(pPTt(nAUNPxTx`NuKD+sG$Qpmwxi
z;W;AsNe$eVu#tX8G=>uA*8STV$m>^u)~4I<+a4Og>HS~evHl&3HS+AiB8{M&CjQndo_oz@8p+EHG~Y5`(kc3!U6!8%qu${R8}f$T>WPm
zES9)CfCb%4XXjy6FDwj!6gYEnOlxaB)N?BhyLWW9t`{kAf-4OQU#`iac*s-(f1xV;
zmY#F_&3|y-eSdkbhwnKjWEal<0UD?w?(wuiq`o0Fi)?o3%Pr5Jwm`{=Fa{An`k-yh
z0gW2WYqqTndNuWw^ycz8L!l@P+SGaht(CMgl{OE0`)dd${)p?AljLS~cM=kz3;aAY
z03Q}x%c17Bn$^`BLCp2NzqVC|_V$8$lNH%e#xP~MOUgZW)C1|@Eg?a($_Gv0M>V@Cq~6`~Midlq
zZKU&9#bL{(c-EdYr&pRU%Dw@k5DBqhS|}~;E?OS;aQ*3!-;Z?dl~g77!ttwCD{*u~
z!NVGh6#~xgZ(7?%bgyX@WK
zh}%pyO=Xb^h^cdL<1KBltcSKo2YKJMnTODd^N8r%>83Mx0z6&(|IbT?|IKzw=1R-0kk2#p7lS*+MXJB@21w{!OpFWZV8z)lnpiiv19s6kLgFK18wF5
zEvNC8AdGv2x8dtfV!XP~g$c$OZ8uWgjH8BRd7wJ~wE$+RVM?VP~!G8_<
zI|*Nwj}}!rPBSZBbX$E9MGsvZC0lGY%tyEok&6W}kroZQEM?{6c-krVb~}ZIbZVGm(|H@T1q%oaK$m^-V9S
zkM1!Imd&Av$yl?Ec-Kv7Su=Po8!kK7BS)aaP2Ve4uKz2+S^G~lZV>=GmIZAG9o-=3
zt!HJ6l!3O+Ot>f2343C;gjtdW*F}cw=y}J}?btjkOt7ncPGpAdc3;GKS*`oLH&LC3mw%PHm^R-=Nm8q7KZz?CSB
zL#ikyKy+jsT!XE|>67|Eu8IAy@Xd`aVcA3!3){^G40Ra1%EH7E<#ej=G@eGZNgMa;
z5yIhpK;)9AlR0lRMaLL-8A~r$WfZpvJD2Ri3SFYOY*OkkJ@U4qN8Q~7vC@N>p*|Xu
z5Xt%~q*V$=MQ2klrW)GI4&bMR-ziN}94W^?MyKDCZ+%QzO`Z`bak`&)6QlCXrr#$!
zD~mBhgew|Xt2uvT;poho;#IY2-8NhIu)JBj+=*YUtp~hviY-_uRQ1;B?;z}EyvNIy
zqX((1n-}SDC3ED+q>4>>Zzm1P!p7
zcCf9&Zky)VvD&S@qn~iuen}K&m%hEp!Yg8`7YvT#qhFwX_Devp6SOXc*-Hg@i?{G-
zgzGlY&>#aWev}iAOK*kulHSQzhd;({od3dU(!e`dXnT?L@dnOxWs3|>jsQvc$$If_
z$EDQkwixGHj;>2$P^up`9sPD%Vppcg|Je+^rP5C(2<9V
zRl=?{qa}x2=$JofJrNtphFs&I)rb2zx(7fvxz
z=S%VRt`@=PDAU%za;(J1gc>GgoRtq09(K){4FzTSOi5yI4g(Q-*ICJCh4V4_}=AQPldgvp;=5)9zl!C+tp#
zhcPq82PN=l9sx&V*Rd-V;v{c}nBtS=?Fi1H?1of8$|#7D*`(GXtdJ_2+xV#T#Cd|D
zdzRDf1){o3<$QW%$+;X_5PY$nCOH!QZIQkexr(|pVlkKRlzT1?)NEvtu9itgDFK;h
z;lsEVPLW$IBZr!Tp+(%un3r_r#h<&wc$?I}$70t^czs7YAz*p(?5{3r3@E5ydIrT;
zipe~|jAXiUltuleFM>;xvnG?imsI^{2XtM%0lUM;c3pp|bPk@gcDjJqck{p_d-I;{
z26@n>0JQ;_pc&%+zG3=QK$Qk3i}276)b(hltX${fQ&MGr7jJ(V%9^AD6|z$_9xr*S
ztVkWzXj|uQ{oM)s8sIa;kfxnm*44}VfqUw
za=pqECp^A2!NPjj7I}<2I-bQI^$_ne{}|~9q`7#OTW&M49;(d?JkJ!39@PFbLuBbs
zAlBwd<7XEN$JXk!qezH6m;_}_xkR~RV}@UaHm$o4rGD(I$?y8!1P+rIIyVH-z@D%9WXLz{d5j^-{*-06U;Ipr=
z|5x8Yq3oxH+N;5TP;qRIaRSKRLks`86z}=9&7V%B^wU`bKoO3RpXwY
z;TsTPIB#vfc3DsJuHlB+FaKH&@$aVJe>Vi{?I*XIMf7nU
z+blCHXP2)aj8DTIkG4=!x|`tcd@g|%5#o9*aP%8u_ToH;LKWI!@6}yV@-$I@RhTcB
zm%%QoE8?-jqrlX-oB(RKlgQnRP}ki5+8?_o@$ULRZPMS-lYfoF{M{GFrqB6>SI3Bx
z8_U(Mx`QRazj*zBHwgUy*rZX&XyF1qOvvbGjSNq`CGe)Az}VKemliX7@R-Uk6WjR_
z$LYiI0E2Z8WWHevdEoeUGC6F3i1hLN`Bt#HMTVG-nUkCuXPKF8=t|sHQ0Je%y4~h_
z>OO+4>;}a!Zu*UjC+!IvzP&tU;Eez6ojz7xzPy^uxlG%N`yk^A_@}9+t6HgS|M-6Z
DSPNdE

literal 35005
zcma&O2UHWy`!*bUmm(dcccc?~5fPClAS8qyML>u&kzPbPB1JHC1w;^&00E>*uhLaa
z=tZg$1nJV>zYlEukrX|M`r==PYZ{J(V
zVAFX)d!3B=731fg2x9>vA<`A$1WNvF(9`FsvX?2nh~zJ)U6T*8K3|;(DN`VE@0b}*T)V6YAY>EC}WgJe#ivl~-K~Rx&Ix2H2p;eSeC!?lJbb1R;tfAFR^)P9PJUXrj8r?$kQXgnZ$ogZ
zA+?HNflHBN^4`mlRIk;NnG})EreDJbPQ~9K{e!B`S
zc>Z}Va8J35PI*S6XPGd>g^#ZW;d62%;F|vP7GA>2My>DS*^OKC#lO4zHJTXK+vIzu
zGnE7LAx8$bI((K#am#bf`N6glxkOZYozJL@GX2iZYWbgd3OlXaV3wUjHCXHKn1+SQ
z@2=gWrWi@DXIDELkHn6%m
zTVs;v+b_O*lz49_wzqq~EG1s1e^I7+P0i=WXUT;HvK@_7?Zb{sm0M4bxfW8MnCA$<
zPrX5?^_}fx!Cwd87|OGm<7J}}E@T3<-!CTBVI;(B#ThHF5oJcV-?=TfW=HPvyS~C6
zZ@_yvvoI+s&FbN?)8+dyAQ60UW^Bhugn#|y*csn`u7#f9Z9lqrAeZq08tAxI6^*{{AGFTPR~%Z!oBJI6s*8U@
z0V_j1i}16dgsrYz(I+w+BE>wQ9ya^y<&$;79UC;zgWYdntK8LGvLvw3{2k$~#H8GA
zUsG)f&z8O0a$09;us_8zLD!ay_q*8~uYTNI)tpsb^$XS2sNMl@((EjJT6}Z*&4LiQ
zmt!Q&c;(6!5Q5f(3|mF{_DO|qO+1k?*)^OROfFE|>7VCAX+b=x%W`4f^^qPFJadp8ftL0Dkn&@PnP1XI{9vtzALcYV7M$*$-Bimzj
zkkuCC6*-&zy<4hx8D4`4+;UaE-v}0`F1?4~HZ}c+(^V!-+b5}i`q^6MJ&w;(LYf{P
zpdHWTk6=<%@F7#6$EacEUuE@+W7gIu-o-17sC6o6n^IY!;m)a5J-r7ZF2&Jk2v+`<
zb<+`9E|RGn0*44b#hq9VJFqE1gSzZJxpL`?9g
zn}P19csAUe-X8tOTnokAv1sKstyfylHp>V3>7tx)}9pW;QdY`
z-Dvh<#EUJ(i(_kWBq&!Be&x!H`2PBYAQS`J$j;wUvT8f(8rP}}+pMqqz?=&tEFQEe5yfS?&+
zeMerwqH^2*T_|sZ_Jw(oT(0s7^tvqe^MHxwm43)q>Bp~YQy_H+INc-|Oa6)lHi2qu
z={IAsL_%1(T$jAfhqpsOIzG-j>iNnrDb;FXMhi|1LD@rEnS=lhD{D$g5vRsTTFpW{
z$?;`JHbK0+7R)f$T~EpXT(6|Um%6}}w5^8PX(xiSCEBP>oB@lCu+NUzt6dHVBtgF1
zYd7i-H8zJ|;kI-968Dzg;m(57Gh#wk
zl~~K;X^QTjyf#9&k3W~Hoc^)i4b9>S`J}%cZksQ4flb6I;MCX^QmEW<{lR687>aMB
z$-KMyymPj*Duj1lzJ6wREb=ulWr=CNw#iIw@PTZ_KK;>}+tQcLMfVMKglg~|5E^a4)3
zJd!?Z88mu5w-r4X(|*k{s*ayl3jMX{GGM~1We&f&DKwSLk7|7be<59Wtynh34cuui
z`EEVCRTZSN?yC#p%8(7Qf*%VsguNz})SkQiLBqdz`kXeXjQmsg(?$ANyH%d;Iz>Kh
zv3y@D^qk`P&1+^JM3^tcuww2A@wOaBnD8xqVa3&3Sio4UeYgK6$iKbBCa(9lq9H(OF@+67>4(@pA2X
zYA<-~&nI0oiT_py3+$Bk@n;Ix2Gx4ywQ9cH1h#>ealLT7;p$~?bTZ3=qfpnG#nirZ
zg9kd)o(4l5NkcMam7b3~HWq9<3ZWjHtUWjNJa#nK79=fZY2%cNfbV&(L5K~%$bzxR5rk7mNVgfY2{VWXWLFAhfdRp00iP<=;0hd*zLE-Kdtc
z@66w{K~@I$QdQm@VNeZ0R%lB)X0}Tx7|&2gt`qva5}s4QU+vy2O`EfP%W29pu%qP~j1dO?oE_HFWoO+oZQn{#@Er^&){0;j6eK+(==|
z(-36M(WonH@1gOJUWBi0XWLP$@F(`rb0e+Iv3*Ib7Uu{5LGEo&I_y~V^g9t)pT41~
z8`dy>m@nXkexCq*7O(qyne(AAjH^ZbPyY+gN&@Ifo@Dpb?TN>C%i+zxkRe^Ox)oO4
z9aAlPc2@lGX0I`lg(Tf$)V&1{?chUK0DP_u5M{+iB897mc&I*+nzYk8wH{hM;R(ht
zG`#^;1O>!KPYQTA-seTka}K?Eq(xY0JF|h)?YtyLldip?%))OASb+v6+>4_8hCeSm
z$Db{A=Z92GoY;A!WH*$M6ZT}J#dSYC8B^N?=jNk-$thSN;HN*)2QT>>?~W|aB7g;T
z%E_gijtJi=t;){ZzMg7ysYhQ{eJKrM#}bwKt#qCp_flebltMnnxM3@qZ9&uq-=8vC
z6IR)Vx^fPoOMX)7Q9%av4Br^jC~h-^=iTJFP5BMZItASw`Eu(Sv4HY%l?sAxV{rwJ
zpQ*s~kzuCS2Np2k`jp%#Yl6Rah9sSq=(dkgcp6~glOYVo-MHtgDK1&gUzEj)u9g9WHYB1GzF
z)s0zi4~@d?MpK*%Khi$<=t2h_z5#&-?~i8Q+*l1CYijGyF6}q02t7M~aojM+0*}ed
z&_-E}Xaz-ATx}V_?j>I1wtn#i)dE2_yxuSTl5@bYK(B~BQ^8iS!k$PUglS<<{TanH
zh_KKBc}t}Fv$F_&gIR{ESM9;FUG6*t$7lTu$LpIhcB{}J2L=p4FQ>+AMcDXw@Xu!Na{sb(NZGrxq@3&EByr0HZSd|}R%64D{4oeFQb0Fd|7=Zm
zd9{7aZ{>qcc5naZr5CMg#)m<_{a&e-L02o~6*+$V=ltT;z6A3_<~}*Se%$Pn8&dOPvb%F=^N3C_kPpUZ=N_XIhbOaYk~UzPefN
zw+{cJU4ec^f|vC@N0oDuWXo5u44$GJ-D&UlmqBF@D%MbPsePxdz86-O3|7c4FrHNW
zbd3t3ZM#9TdsaH8+H&#G*^yw{a>moL2IlYd9pE>u;4y&{o%)-*b&cl%!x!cUB+0Dn
zR)~@ysk|MuM7&$gDM1IDn7%O>l@-YBW6pt=S7!9h7flh6R&#=^h}`4p>MDwVQAv!E
z9zUh$zAvQe{a%{3BD8V9*ZX)z9hzBqG~?=-M6;Cf=7}d8k`*KO+<8$}f*tPnY2(Q}
zpI|qUB>l}hUyn@>8@^7yiZYO&`70yYf7uxwILkZUb5EbityY=aulCg!cIjWFD8H5`
zajp;wE2S>aYnBK?qcv32sbKF|P8B|i{g=V>B}dy(d)|{q1f98?rgbowwLDV@OnCS8
zhBzjHJt{Me2A;&)CV^y)m4ucvjX4Coat+_$gz*OdAd=H)!YOD6&|y|R0?nseJThIw
zUkk$qXfi|i_SQ&7zEW?DpfG~mUgo=R-?VOeiL`dkH`S%iz1A~M5{R6sQn|LI^{t>j
z1^hkYU6S5;lUdj@2!G=oPK3GRR;U)TFTOBXJ^Xuc#G(Ty0poa!+1fgNZ4LM^STMAA
zDiS}hgE9-lu83P>soE>LOKAqGhXL307q*>q-;ghN;$4d|MrRp5TJJ@*6
zm4l|~YdmZ}@ruq}_PKOipt0%h!6h^OC$4?GBr@3q`zA??c-*%C;V;+p$eN-b`D~G#
zP`9?=c0IOd`-i_4wxk4KAF6u!l3|L9)Vp76hIBn+8PMGEon4`Z<+D$T)^1*5i*~t(_6euP{FE^U~<%XnQ*t_8!G>;}x~h562k3DMJz{xwtYB
zdh8^xu7UXf``DTSJ@$>@{5J9A;Y$UpVH?TgI|C7W{a5<+MoeER6)mvy2ls^#Pt{K<
zvyGm+Qni>`cF%iljyXKJ?Rgwo>k*Smc2wh0*S8pM-_nxc7j7!35Co_biOQe*wNDJvFTYOd6Z%EtqH%XBP}>4$)CBfcf4_jK=TuS0pf9&gjzu3lIl3|KRBi>p2d=Tnu@*Pg&C9pkM&p_hF(jzdkf
ztl(k7@C_$T17q52joBv~sAFPGCGvxTO3BB>vj)BgcRrEB#>%JW0rs@NU%tIA0W)=|
zp79ldML1aEPj$y;3WOx{Hm#j96K3ha
zkOXrlEACWRXI-F{AqpZw{47
zu6*3*EqTF~9#RY;iobi<7^jgKYRR*e*SOr_w$#1k;0CtxgSBk%j|i+XjR;S*DkL>!
zO-q)oyuUOsrnzLjWVcW$!3A%w{5VyOhKFtU@sE^8)`Sd{t{S(Y=x)EkBcX5*|N(Yum~CR5J}8t5<1E8F8m
zDCkABYnr^^cBZeG}`9YrqF
zKn(>4iql}LPF&`n1)()(=Y>4X(gN~kc?VWW$)zFOl3h+r&s)FN>LpR1QG93fS8<%$
zw|x`*R`v*Haf{erI>?DG%k!nlr>uAG*7C>PCf38LM2O`8!RnDOFOiw-Sm?rwiPZ=F
zC?i_ff%Zoc_%dTF>iON5i99Tre)gLUKg`=NPRo+1rA@2(3$}fc2@;>7&HG2NkQ0yI
zSM0$<2@*!ZJsf0s`cJ>mA3Q|+J;vOoK+wdr0*@E|=PBkGp%WtqW=4c0&lN
ztpKLy`Cn_rv9pY_Dbx~FPl+v{z6AZY1bAq5r_h&IfI6~6^rU~h;JY>qFn&ry=?T(@ibn?kMDAuT
zpE2M1Bmyt`((0-m_FmjhaPfsn+s&dUGEX+hE$VOfSj1o42gFOvI^+4q+=zQ6^&7ht
zyqfs5YR?oc>XqWUbyEq7PZvEZrUm_`PhH$M*c4N*}NrAJT)5m&`wJ5x3J_
z6ufkTs7pjH`mP!;yAOd80vdcJiAmU_pXkZSZ7%eFrY*$q;&cu!Xlf8>1;p;W9
zupJs&vhehVTR{%s%-i~X?Tw()1#Q+EFiW=O%&$tGqbusGD3Bb}CV1R{=S
zOLHd0&!xXqQFSzg?sIi5b;o(!TpfYAje591Yx?
zB5oO!8~O7B#a$%mX_S~Pdr+6mJ^2ZxFS%&OJK2jN2k1vZtQiybQF=wBI|Js#rrqz?
zkAgn{%I_j0$ZNh9f-j3WlHvGZhc%Ie%N1UX7hu00UKTG(1#9TD(g9OK!^`FyLs!Gz
z?8I!;!|m~;xJ(k+G75mwHN?*`lA4e)ezQs2jU!*hkhgRC8`B=V52SRLGC0zW@`Xmh
z>C{DH2euggSC*KQH9jD6W`$&k^lNvA7d;0L-i3p)<~^J%vRF=b4j`IlCfG-W_5ZP@
z0>VEFo6-V1OrM*CK-uQ5W1AoH^TrUq
zeI8_7_7vF`#2m!h@NSszt@$IiAo6@CLUS~q*sEj{l@u@uwj`%FhX`gdpx9@kAB~sVQ|+evkG{xIFS+{3fO7V@#m5f!uYK
zLZ@zvto!+E-j~cE2!gyN0`2t1)j60|(Ep!O;qGw+=IJrYbI97~43qVB+i!0)<};lFXL
zM#;2F4+s7}R2*X;+_$)6d%im`Ta?(;n$VS*{2)FnB!p|TIYy&R$yfXR;PvCTy&qOz
z-pniv$R!fLPnHg~lj1}AcqP})LZ=9a;iIq^gTyd+0kV{To$4@dnA0dqZ{QAN?7eoobmKujksh`1W
zjTR3lcT4Lk>H;8NTdXAEufBXV$*cRW=kwD^CUHZmh-FJtuGZ8}VHZ`mxdfg{-*2v6
z-pZyjbU|NlJsE~9pHb;_7PrTQz~ri@e+CL7GLZLMI+2yOcg
z`?kT-XkRA6%vsx5%W6Y?7TIDIxhl7m{^?!1%veExcvfinbU^5funN)Gh-+-j7VgYwr^X>!y=czf{crrsz1?Yz#9}nqhgyk$Z2$v
zCB%WdJo4up*f4nwoQh-tq>Bo_=$BXKZM?w|?#!^Hl1Xo0Z>f6DYhY6>kI5`231)SL
z(UjYV)$rmtrf1MvEC@l1Roj`p&cOT`8ueajn%j=1Jl3p+8oK}cH~yBlTwo$k)8pe>
z`xjesfpq2BQ=cDCTx1zO{hm40UNgUTW3WoKp4IME{AI)PwAR}@2}^okn_3>p1XYG=
z#vQO-am}*fW%m#n;gd<*;6F%X8yKtpbh~F(QK;mF>kBr614Hy!b(7OWaW`J{cFmYQ
z8x@qif**!%OC`r>n28%|)W3g#-M&^Vwlyyjg{Xxc!@C&TcVao=nj#~xg=h0Yx^!5z
z%L;!b`H9>vZ4ol&$m^tP9ig4JE+)>56EeG!Xk{zc-D#&zQ@1RA
zXQkY^IT7t+?%TlV(T9x5e}O(Z#dR@QnzU=&N}y2uSzz*o*=}#;-A^ayf=9mC+4X_Z
zhwRv<8FHBQ?o(caBj@iW4&)Nb6ojD`jiFegfvL+5zS&v3lKUMm#qv`4yxNz+k+5%LFY~nhyZA^sd
z0T-%WBNG5~wz+
zGYs>>M-|`8$w6}jo3ZTU4ShKl@cO%l2bQkAT+*pvZRN~Hy^=nm=u;G6&4NCEbmjJt
z@|S|{!(a-sfR`OlCOM#ps9CyHZ7NKvqjY1gy_~q^fOah7L**(hq}fg7irr2eiqY<}
zYZ>bdBMShbl4$TNkp*gZZqx#?K$)X6Kh{5{eyG73zS5F7gpZjCxmBdCua4Q3gnp>?
zr8Y%Yn6)qs*&*F@{eXmySyW=n6Tl2X;t&f@%BkG10Ea=JOGo@}?J`qBmS4jvJx#1r
z=RSikfRIxZ64GC1z@C_^Yo;S{SY~NWZ~2TcD^yu`v}2JNi+W`BMmhY}pdSd;zja2w
zIxS?UECv{0W{my|<(1!hYsq^wF??c|k?VuzH9u?XD+i1#9~7*4Cb0ZTec)*b{mqX^
z36{fMRvt)GUIF1YR5pt)kODL#8f{MZJ!|9nWeQTAiP9xgv^eKmonCh)k@z7$&|4k)
z-r&W!8+9bIbdBoJb*AzJ1f{6=!wW0k1&2sDE0h*W8PGD2PFRTt1$8t{o6GFumzJq^
z9@!4Hoj$C25P!2lbw4hSD2vDv(HcYqU|lC{mEjrpSeMa2OxCeyZu%^5B;Q8~>zuk_
zJ$Pf?^9&Cduf~s@Y)7;ssQ{SNbOLL1HO$j-B2%-WmmEfcXxU<|!a3Da`y8S#YyE7<
ztA-Yr0ma=g8qfoursZCqX?nlajty?UE|n_R)UK$0zdIT2rM7Pp0Pk|QLtf308DhW`0%o`@n+}9;`3wy0V2qW}ou
z3C{ce;5%wTT?9^-dN{bd$(fy>zD*!BWHgvKG&y_
z{10DArGiCeyWQb%sk+iW?s31wz&We0){=CCZQ2x>ErRqBL0^QKp+JnB^EwD2Z%vFa
z>WqLS(fR}7KtO?4{JGJOK+YTf=kANH(A$iaXMcLNwZ44yb9q6LDQzG8Hi^*9(w1ZV
z2{t2p!8@tC3ydYS-o?Yt39V<6dtn@?$FHPYSR0g0>vJNIrvOfaT;ghC_Rsr1M=TkJ
zSx?6&K~x|9zBBG4a!~!Hw_oe%y?Y#;1GW0FtSuRg2>PJvfy7gY4#XbOmnO_Rc)46S
zaj#WQLgnia#OoxLT_M&!$r!&~I$!yy=^qa{bB-bW^h-+k?%90Ju7`D^LOVH;U2|9tuJy|C&e<_de^Mi<~*fOa7pC*@N4Bi^|I(Hf*|`rdc8=b9R&hv
zai5x;U`)}nspC86g?lhx@X)1?g*A!K8&)BW$O~8zyi>Sr-dey<<#Ye;(9`
zXXhSuKQjsdqyp0QKd$>sZL4=(AcnQxy64Qq&{zq?V
z-`m{kL>}2BX1|i3k30>B>{d?ty1<1~d34VB58bwj4nI}+lD%hox=XoD-)EXm|EZT(
z8ur=Ymd4d9r8=%bb97uvd08JQwHqV{vbIypBG26P<~}Az7OD*?`UCd&so9mq!3i<%
zR)avNr)D$klcbpY#Me9*n*UT8{RN~)RHNv8%>j4B>;|_8g8$(O~}A(SR0XkVcizl4&Nqhzi?z@qDPBiuXm&GyLlpB
zn?WQf%U6KyrSh7>e!w9OfcPdY{6(mtXTx(-ZcuNpQfv1!iG%OhMX=#QT9a~D8kGVu
zp`B|9n9gM$PPyy+Y}ZGx)rZ;xJrLpNj=o=+
z?CoF%>E|dHd|!xqscm<>b{*+F`EVetbh>rT-9q-D@X&6cv=9$#8#VGoYYao7xbRbd)f7O*fdm#v++ws7#ksfa0Wv^d&A6tnZ6Dd2uq0eyaWiN;gTlk5MNkz=&
zUMZ=suS4a48@QR3`o{DAhe{*FjCo;~Y{eMl*6j!Wb+SJAddsC$lOwd11Dja&++OKm
z66DSfAL3)N3fH0J0@%Srqc^aBe3+l#n)S(aXy
zef=PSKZgfK|8YqmT%SP^0@+SnVLPPq1^D@>XIylxQnnFa)I
zW*-dCe#~JgB)a{)(#CC158vzQLK-B$aA^yzr~!^AW470Ee3UtNBqp+p+($ipoHDcT
zeYu94VUqNIa#$xs##^=jz+(K7@1N%cdc(Sdzet=t@{w6zJ~W*=
z`Xb!>*o#9dSvD-&LXq@fQmIAB0}UpXomb70-``RxFR{U;iL*rRcCzZVyKQ#2QK{a4!!vD^O?6G3>OhxymTf7jAb
zg$bsEvn2Qabty5oz|Zo|XYtaUeo*<9La(FLtZcpu-mHBk5s)~&#w
zOY-m!+cj8^-}IH$LAcz(p24RGJ(a#I{X-p8n-gqDJ@g5~Z{eB&aXvpB{z9{aaD
zqXWHD`wHH`pSar{#
zhwYmKyugYawRuU8crj}Mbm~3x;g?VU?F%EDI?tKsz(*o~KD}AY!U(|kx?{LH(-ek{
zctaZ2=#`b}<6d2kChRva&Vt9ORvVxYQbPa_3A^Ua&DxlVc=B9Q7o{9y+rP41-hNwU
zq^5W+$rPk=as6E@jL!I<>t%~);PHf&28n-w{Z+TqqrF5*j6g@jm{RliSgvHDM9N;r
zxvz}EM2K$%!W+tEWQ$_LgAVGEm7;x|MdVUGt!`56`r>!@C+{%UJ9=yH{U=ku1M;7B
zg;fvqi~2fJexm)2`~;z*^(>0?i}@AQ2Px|?nErhdOq1pswhx9a;^?7{@b!P@$bdlnun!T+P|c2u1$C7RzPvJ1>RUg8bH+Z}@dUE3
z0&>o>`O9{3Mlt
z3}-!W{>NQUC1_3bJ-=08xLKuUNFA4PX|0o9K;&u++iH}t8%X3Y{P6gVPrlN$I^0Y+Lo
zPx(t3%9ac5#v%taVT*LDl{Z-u;Pa2teXvc1OhC)(9UWC2Y|Wgr0A(B9_Z$uwM@b{?
zfA$waz*qsei4nExhH?_ItESxJy^d2kO(xb5w9YaxKmIFi26*GREFBiYN5#DHmvyaV
zrg=xNEC+h%>|F?2@|eoABar-!gf`ESM%wutDj3I`kC!&LFasdqn;cT-tHfil9GCgG
z@((U;TuS_iD}Z`qIaJ=$=0vGqpL-l-)878~MNjcw1PuyJj(;|lF=tK$ojv=L@#1%(Hq>(P>#9n3$1LRu8^X$a1(~hF*Auc7#JU|7ZGrj1x=cWTXVW
zO(Ou6HS1C9$U3&{$~CiP9V0}*rC@K!grt{@yc4dlKPn?U$UB|F3fa8ve;>oJlwn97
z^M|9H)}px}-1`GoD=XnUqM8Ht9tYQi#!7Zt%9QeQOJV3;?)~As?&mb5Jo|sAE0F|1
zyWB6MP67cXLGcpNBs3w@oA{SZ~iY2WeZCCYgpAxzhCgbNE8_BLJC0upPr$Bo>~_2^faN-
zK_VsIu@hki!&)IlPow1fY@(pn@2h?S^i{BOHZTeUegNd)N(SL)>{(pz{3(Mq^b@q5
z<85M5EZE_o1;XqTep>SZvl?Q2jF%muyO*Jc_OG_ROv2!*rWSgJhss&yjdTAYfe&sY
zZeEZ;3Goy50(W?tbEyrHB+1L}i@PM@&Jn>|j5nlo!3x;qC&%^l8=F`6)(Kblst&%psA5Y+!gROZer+hzca?
zVtO8YrNyKiEx%#NC;+~cI|_xwinGOFNrAd>t7v)S2C-=2QWtV4@oE8a>F)d=T<-|=
z!=0<;nj5E!uZp`bw`tzZs&i&!BW01|GU;IDMpLPX5l`At6!d5NE{sz>7~qa@54ay{
z@O@0Hwb|V;Nf>w>0uV|!`y%JTh=R5qtrzy+;bScX>L%@!MrLpCkj!a)?~;wcds}&P
zIZAriF)X1d0dJzNUyj>4Y0U<4p;}LNwfTHF5OpIiY?S*z1rw+GQ$LZ}-fz+d1VTbA
z5KO}sL(CVtTY$OEZ)*9Xm1{)4Yv7FA`-fU+p`OGWldT=OHtF84-AmwfF+Xs{dUrv~
z#){mS;xE`=p*#ym;Y01|!G5`=
z4=r3OSbi_9%%m=Utd~)utqp&IxioWUBhgdWEJK0=&nV4=GF0vK69QWzx8o3w_N9Ol
z`!7jCL%yZgKHX0v7I$o#yMPNHs@-T7{6p2X0L2Tr^cXd0(~PN8OJ6<~O<;?(%Ut&z
z3chBMZ;VP0cXMgb`p`bU@Jd%kET$^SX&0S~+*!&nex3LM8dHwt-;i
z+yK$4Pum}I;-9A-8}9v7-kX=qO+s(Pv_K!oqn9$ZKFEzBpH9Be%it7_geMBO$(yOm
z_uVP#vVg~S#gi2zE9#lNdoOxHDAY)yr|jgVW6Flv#g``5S|F_>xGDWqKtSe~tgY!P
zpt}!B4#IwB1~BGkKYTiiq4fWWVO3WCx{@LM=bBvTPR=n8VEE?-Y98;qzqgT>0Y
zzMu7B9Ba?BdLVD4bh+-<=PGsKYd8eCo6#4aSOXyC6YU3G;(+Y^#-Ygqp{Z>G?a1zt
zL0EthdQ2fVaxZ-J(*;aYjezWhpjK=v=F;b(p8LP9O0CdBuJDo@fOC|oF^qzdy87og
zO%`=_WJz`CWG>pY0>YPyE136=ae6Z=1!q;T;F|`gEKAmscrtz`qo&`w)~6d>j}J&a
ze|h4w9oM%hDVw1!bnf+t<}fAk8A+r_*~JLt$ia%p>3%`5a{)2Y_MF|>yWtQDNzGQ39@V+$J1sg4-{ye|_u7KTh4q_L
z_$Ppc#VTXRSobMU=@o8VKDy1(lr(yT6twj#YgO~@t4_U=CnKz|pL^&0t$Fh&xywQL
zcEc1`Ar-Iirn#&41yry9xv?$qljpw&o|l?D$7-D{OUqj{n?ryZY%)
z{m&D_ZI-3kHm$RubD^J`9M3YM#iM*xzCY$7-?&Oq^8ZVIZ#TYwa!K(V|B#xscXUoW
z!0yT%24G@VT~?acN)i@(OrzvpFdhw4LgDo*3>?uM&Ts1~J>z4NZraL!+7|*A8uClS}@
z;r@NIuc<`2ZX9M4(+HB%yAeaRO7)Hm9pq-6ps6%5){EE7g%oddntONWR<(n2P0x=d
z4rK42WhT|cWcAZn`0q@jh-sTem?sLCtIzv&znEC^%DK`u>#xua*VAUs-h8I`V;XQW
zn24Y`xh1$15XR
zoJgP$SibnER6_wuRjDFO=OKC9(H)lVJ?(Bx8tv%rJ$^gfw97|(8hR%FP!i0l_JS#@?8UXN>>!=+YdPamSKTr(9AWki&QwaD@z;
z;c{a=u0DP(YPs0?7t`j50Ar%>>P@qR<>2Or4EaqyFEe($aAsbN0;~KIdF&w4c}Kk`
z*QMwe5NDX=jW0r~95N%>scvqf!-HU00cQa$)e+P6xuF9
zWaLg{u-w^v%bIbc|IhAcgriZTT{mUK_2fgo!vg<7Q<7tk2tRWWhG(hI%OJR{&5sD$
zYkA=UA%k2gPdJvcJ?%Ku)A{dV#UDE17d)wk79T83dn#hpYLH=cX)>!K$I^UYpfd3B
zqo5X#4xA??Wu1G(JX2&Z+5UM5DDc6II3hm^-E2ZyOvu{xG@*1rpay`rEE|_l(6Qetc*BL7Sb;M6(Y72
znp+dehEoZ@a=0Y4$V{K&%br3UDoiXhnK2;kL;8DX
zb|AE%gs_ZhRwe+UXLFh~?mBp)IqLJvSn0lqDO+`2xU}%JZEMPPMf2g
z@^5hAR+$bE!WemSCkFadr6?e`41pUwu{jlBfIbcEkF~EY2g7!fM)+(sT@W{|0T~$?
zOezX|TN}lxVcFFt4D}9b*e3pQrcGLO_j8h@x#q8xdkv=!9$akL3RFBZF}|xP64BK?
z@U<){r$j7ArhdN}2Z!Iv1O6388DjYPvu50*hK_;P
zfYg&${b|p1
zWV@R9k5lO7uZMn}<3uw4KmujhXk3@^)WlkINb_fpj+$cbii=u3TrqM-<{a+RH|*q&
zlql-S3wgP-m?3Yq-``mNz;#AVhS;vv&&w2t)f|UDYf>e3&o2j-6dP>S1M-%zDe1!d
zRONpMXlvVp$Bd2#Ds3YXjz0hoqMAq4UhJ1gKWgXIMWj62uG_
z)5kw_lN7odoi%L9j$m!Bu=j9vP$j$K*b3T>;lAis*_=Xbf(>+c
zG#Z?MVi6Y*G+>Oj@AXPQoKZlkl*xJ!5D{BhPybQrQHbj0C{BQn9c1Yet$!nCN*T1R
zuhne0zJg@(dbIc>3RqONBg1!vC6Q=cI^*m0X0}c%eb;6I!wvIZ`r=#7Kcv{d0-)2T
zikg*}e%B3{O10K*d0sb^6-J|b9u_R1ApO2nRNs(BpA78p!Dnq#PVTinYx!
z8^veIbBmxP5G>Nj2JtB;j8+V?>7Ov<>|vl;KG^rrIP~=V^P~lz)s_tU*X!Qf0daQ$
z*eH|~(THfWXDtRZ1(lJ)ZK^Bv8@5=LhNVpszU@Z~WEln8OZXwE3YI^mXmZ0z?0pI#
zb_h^j@f{CA98{wL)@H%X8#Zjg*Z2Y%Su47LzHXlp?ck&BqgE0{FV)fP~Hmm-womaDVR$yM%VRw@Zxsx8S|6O(zhH6uyL{Q$cqY8dzZgc-yedw`kR`C|AEA
zwbmx70({DFZYT{az~NV2xtvmooRd)Yd>(q$N2NJ8Uv5i~MbMt7T2-U%zIx&~*b*h_
zmg42~)s*&qLB@;L#)dwrXU#_=*=!4^MzaShLDm8KXHOwUbU&d)M2cbnf5{UnB^tB%
zt>k-mBAPW2$iZeB1Hbj*8_1tGzH-|s#>d!e=v)L|){jp^j$dY-gxI~jrZXMlUeZ4yl0w6N$+L*c_r{He}Z*-=0Sqn{e>!}>mz&-=>
zdq&o`gSkvBD)w%wTDgiR?#6zDe%dIDsX7
zaJ=*y`J)pCpWJ2R4rFxrg3g_&g;@wLwg^m@Fk@;Z+smgK^GZ^oUc;PJ9PdeSxxOWXp_ad
zZ7a0BrafbGAZ1{fkTM`vQ2&G-RwM;6E29CwP?It{v!jSHZ~gTrA;nA_mxI_TyIM+?9V!o4FE|)_@aR!pWSVUbC%oy%X8eUPqJ&L%*2C(L3Y{_}
z*f-P=&sTEDm67vM-uu&R?w4U}8^~(lkxXey4_jjgB;^3d8tVsf$D5t21S!VR1jE>Y
z{W2|cJVRV3%p0J!uUEvhOk@!;bGyr3PFLF#P_}mhmp$>3Xqy?}d2d
z?tJvim%G2~X#Ep^U>`ky^=(zlCPB!+9GyiGP&Dk6I7;epUgdz0e$#V;NR0j+2mVWJ
zax}5&w>_ASGHMnr=g{}dk@d@;jQ5ak+PiLgAx@RLr@+nD3IZo;(m*cDw;q2C;*o@40&%qDfn4iBH9~H
z{~<{|QG?ycWU2nI?1xm>is}JxAag0=e);->MKpE#KSVi6labtvWSx9Jk|s&)*JnL%
zo-QUgcep0fNECYli8)V)eu1&?CiuR34B>oU2JOoP(gAmkeq9Z@ZU0cRVceoYG{nDx
ze_gtHgcX~A@3C1~dWDhef5>;ZIV4p?DYwvm=?s8RO$2ADOS_uGkq9_AtOS~&;YAXg
z3FZ9--iS{iz*j*Hs-}3-%h$sjs#h)iaE-L=8C{dU)bonM$Fz|(bVT5qTjHu`UI9`}
zR3@+0W8IgP4|!;Xe{&DlkLTKTK7$~Fc#`HGymv)hpU$Fq>dqM`VAmIE&7XD4od`DZ
zZi_&`VPa%iaQkn5RV-#TdboV-Xa{=bsc2*tM(2)xesYJ_EN(G9W5vfiVKbF$G^wRZm>3Tp$ML22b15
zfpcf3jo4vl0as~K%pEYZ$M40waH5fO1(I>#K11+Hv0)pjQgPu2OU_>adgg*tqRX)`2rjfIF40dLPkz}u5SB6dwxh{*HvO?zogIjMmX
zqw=_l{6)yGxA2*sQfLQC;QK#>t9hPopZRbAKdur0T>kTf;H++5
z0+*bXKzpzDC&oe%d_C?@=w{#p;E5XYx$6DS<3deRJ+v{S6&D>V_UL(SFU`NX8KT#o
ztZ6D+v3WBC?MlA*$o0r{B>tm^&k27S`q<g}GawRh^d-)14Um6OPlAPB^|t-@x2Bl5_EEuXp=xYNcJH8_(_vl#j}4usz?Ga{To9
z7t-q%uIw&^xn^u-@j85E*#a>z&HLza4!6*}w
zP!W!hS_G#7A|clBxeM~>)y${iRlQ+-b)x5C8Ppa`!;kwuN3=Sl|1WO`sqW
zBap$QI}gN$d~dTMT3d}(J`&QR+y^Zh{Kkq04s3UwcL*KMMmGAI0-%Zr2aTUU+{0m$
z;%Rinhsq#%6V0Zd@+dhVAmL|V<_Z2~F;Q-({j>v(t8@vdbVWK($#A8VZa4a7PMrg~
zIafGW^7y@^e$kU+G9{3lNpy(4Y;{U-LgrN2lR~V~VQ}>A-7*7z@vmk81Siu4NX5q*
zc>{@5Nu1j`mis_8r{m+4PX-MmXze%aJ2SItt!o635(juY$y<;LCT+rqHLg6;XkY>W
zY)U!uBUc9Xc=Qu|uM#q;{b?MSZFd?0jhLEDP(d{kTVyz7egk?aqF%rGhCGuTdZkMz
z;dl`B-)FeGD_fHiQVfFQ;s1q&NY?ZIkA+D68HmPfHq(>x=>Y+GJ@E%2vBUpt?p=s<
zCbwYoAY`Ojv`^=5vwWpMT&^coih=8HZ-;u<0Q-JXcMs#jJdpH;8?_&#k9qE{g1Am7
zlocfmwL*qd4mt4@i0E%?Ffr2(+!*=G>{2-=jt&7$y_75;{*3_LJbuiRy`qu06cR_m
zK>z(m_NHM~H+CmSFk&b8EIv-#!<6yGSxC5ALalKt+z+m%kU$Mp6SS%zy>Hi)QmXTf
zJ~*#h{XB0FD-1?`BLa19!qScLORQ+v3N?-{(#2&Wl^hBLymqgM3|)d5cZS_PX*Zev
zsryf1YxVHnCK^aCxw-#@Lk;@(rs7jV_&e_=G(qAGC%w7%ZiP_u&$HmSmL5`IqR!y;
ztePm9gWX?>#Ti&GdlRZ=gcR^}VeKvRt_ExkxTO*WCqi8#b1cbl$CY6B9DNH0FK-)&
zIdE+Vp6LdErFQ0CI)PiFk>1sOmu2iiDx1)RW577j9z?O_y-A7SKQjC)dl5iNzizbl
zlW2y0P}*??tMH6jfYDjr)j(KUGSu`EGyx%b;oq`LA44p_Wj|!c8Qx4>^4M#FJt+lR
zUUfxH`(FnxU}O>hNTFf7XBd)TQ|Mg{sOK098$)|8=R%4!wJ}>7NMi1SrNWCpo7;DK
z5-2sX!vZTDg#1UW8vxy5EGmHXeq(O9uB~RXkT}^nLSlucRsszRNZ8`HuEw2xL{m!h
zbnXHS$kBac1GqZQ^vb_e59sZJC7M%yd89sCEG;Wbab`T~Fiz`4qo3Al0zuTjpPjw=
zL)_S+7pd6x0J>JhEFgT-2FjByyc<*X*!$tlRuTpvEcy>JwZ3k&vwqf;qWrLxpqlA@
zr-GnAeYR9vO3lcIAa&{ZXpPHo-whN09l(z-fd(c#ZxV{atVr}cYD%$Yz%O)3PG)6-
zI%3MVFNh_mOs;a6w8S%&Nzx<^ly5UD?a)C7l*Jr|bi4l4q}wQ9
zks)@xM*bkBy2y4~Ia`WcF{QTVDxso@!+t5(*y%%pfRk~?3jKOpBtbT`Y0c(M=gr_P
zQj;{!XI`E^T5s;?#5~mH-WA;y-Q6&E`_SiI6^dt&JL1`#)SSv(dlA0no9Q;F4*BDQ
zI-V%)?A)B$^Q2e3w`EmF+Ix%W6vdxz;ELF2IX*nYq?D>zHEe|&I&^FlM*)aG5(HgP
zfZsB)OwW;9{@g1SLs;5?10ZO${ig%>e$IQ|rIjq6Ikg$Z{gia
znNu&?-I*J_Dw)FqXMTR=GhrFYZm3f6924|#@My-6eQ(c
z#Br+S!|GaqXf!E-t?Fy6A10zXXZ7{EU6hc22Mu!}sIZRn7OVxF$xjM(W^Ue5wrV4J
ztd^3UH}w5Ifu1{L4%v>LxLAYsgXRz>p83W47%X2kv-V;n{yE=QNF4Wmw8QE@oi04g
z)s8RPMsu4WO~?xctelYoT~Egq9y}}uo0*11x2*Dj!)6$Z>qS!*xsO%#|Bf~G%qcty
zYe4<2oU-Qii1t5T?e4dzW4!m`e#TJz%H-L!DG|H)zDHEU$`N$F8n+v29lX3{6zsMd
zLtSY%-_JJog+89}9x$g`8RujiJCusX@`XAS4J%reSawg3`!xli{E_Q>+b{h4X8Zt9
z^;n#t`rV}X<{F@&F3S**%9U8PWqyVGDa^Uu&JtNW^lJEmBD7;|0*OlS9d=5I=o?nK
zjDaUR`+HEEPh5-Gc}X>IjuOqx8mr3IQDGP{{urRNgB*}alHpFY>S|Pw7rOfNsf9>t
zkb@EcRBxTNj~bydp@uO}v$3Y?j@wQf5uoa|BKHP9#M2@x`(3a=C5%jyg&yH6$?BJ
zgvm-F0X%frNBcJogY4C-A?J2R
ztoK_yA~o2d*l_s)a41fu{MMQTntvWTi!T;=S*UxtKD1eb{sZ)3Gn=hAS>4nnp@0$V
z%4vJ)B#=0=*Xk>?Nz7uIY5_=9XZub5*!_+?{V2m-xz=R~PwUXEn*d4FgDPY;Hm~N8
zF!bCzH%me*g3}Zepl9GR&^w<0A}U1B0K9;k%|=O(jAT{E*jj>o)wM!DG?R1kLgz`UNNR{@wUIyz_b3WI
zgYUiD+bnHz3-D}@q0j<{dv=UP#P+2W3P%Q4ZrotEPDbTf+DQY{NTRsh
z)}sEEvFPQW!0`(cO)e9e_@;rGGB;1cHcd9pNIdwh%&n9#D_(Ysil>);^>ZO2%OTVY
zxZyr~nlcDA7d)XzfUno+mbZ{rCG1Ijh0*WJWnc=bGo#L(6n>n}Z?-0zD`Vw%nU+~b
zd-eEsgGNm?@Kc43th{9d=$}_?07~($Ef6D-SK$h<7djd
zk4PJ0Sd~3_Qv$CPgcD3aBMxW{%F|F4)g#YaP-r&${&G*mq4LGDlt3s%jd*d@~Tqm_EbDTqH&^_M+(Z1J63Y
z1D#*YQn5{b<{!Xo9HO#6gf>6P6XpXp&wEj8`CvHeNYh+BEA|WKMp-6=FJLdV@q;4g
z%}-tOr0oE}j||F51mE|bW@vqgGdnz}1k{L|0d20|8b@L@K`?<)UAThP-DgvR+?n2v
z>U?Kc4CLjjfQ9kx%$TMN0^>|L_^yoI5;IKbg)L4z4=6A4?TDW`{fU{2i8$(LhF~@`!b|a_KPyQ7
z>5l;o=x*NKe|#J!ZJR(*hJXH9oL5BI_sU~3GK|BNi=%{Rzqvh($+G~G*0TwLS%RAW
zFPi@Jq?%lRtZN`$TJ|iJn@~Ib-%{ZJw;ewsdI{inth@nu`aMFWA^F4+#Ii6cB1wM#
zxlkqm5F$7y9_QS=sqeD3!3|y6$AlAWPn1#%Hx2!{PI=LYpfA5c*=hsY~Vc>
zMYMWw;9vS|D8~vw8%;X!`Qi50`+W%Ki?@_#0JFJW&4A9gBw=?QE5CWFM|4*I^&?R6
zM-koc&2Cph^NrvIAb`_*Ixi7J`273E?)uuiEjIB^S{xiqpSO-8f&(S~Hw0EKs3`$iOFDs%J6qGuPB5V?#-@{KkmC
zJyAbM&LjP&V633gP1y(76*2kIKOQ2b$3nRoRE($cejWUO
zAapzwQALPPDMo+a^|u@A|ALn(&>H^?Hu&>d0l+2#ex!uYYB@&96RP(9A3SFN7mxba
zTyg)qj^FBCy!Qy8)}`R8TPS4{V2ONM@KXu#baidG%r(hoKWQKi74}=RA;1NID`)&w
zP2uCmY97FLNM}v(77-Jw&z;?sK+MKRxPdiGXXZ~+AQ%_Aa_iNF!;c)rK<#m0kw8(;
z+zY(T2Q5rXt!kh(+r^J}8nc^^0C1)ifRK2+BTrabH%tr(z)MsFgNbG{p>$WapTF5K?JfeZkT;!uvjG%;{T6ia(i%0v`J;4b|1B7(RQf8J
z@Eh0~zluL=j#`#zeAFz>nm_hBC~TAY-1?~=!p!vp_Q)<%`X0jUV5+_8c!~*Ig(~m*
z!9!v1Xvhw|bm|W)sa;T=%QKH8$A%C?jW<*KADfn_tJZt&m|O
zabu@f<33&iwr?~Wtne&T=R6Vo^2Za1+o{1M?@`~&swMN^=1ff{<*si65AWCj)i6u+
zRO>#zDoJb?b>zr*t2Q8+bkM^{!w;VY|bm}G!$`mFpEfUaVi`NT`{nfv;U
z+dE|gcrvenS^MC5;#-WI7aJB|g_dEow)-gxsN02qPVxCHCN2G7@AmtUZl(^@4#wR6
zT@K|&_%8i$9-L}St1MzZp&d^br3T=)nkY1b<$@FYc-qcw8xgCWY=YJZvrI3lW|MU*H#wB|qxm4ZH$YFjP
zTfQ$`tvWv9f7K?t>f62@Ws6sIkUL)3>6Bd>dw+YeVV!YA{=Q-(pOz!(`-|Q|yDY4Z
zp0NS^haT%`ainG=JNdyxIU_Dt0@98>xBI)W@h(^UubkGrFcI@M3-%>5{Z`!0bHcw}
zF_-y%^SW2OU3`Gt^5*5>ESfWq7>
z8}sVz@r}br$-Sblu-B@SHqOn}Y-e=7b$L4?&GFkoG-Ik_k2R2|>+H)4o-~M=+5m4c
zr7fz`7tPU=6q7+@V>fzCG~(bldg|}(W_n*Dc4uB6E3ql1`DRCv=rgtY-m3T5K%jhr
z40V+!Amdf-QjWuJmGExfJR%tt#KnD0QGxG#A7|dGQ2wfRT+}tn1_X^iEWviwAR=Uc6r0_h33|EL;`a0O96CxtaS<<7gSuL`zF31?-=vCm
ztDT~$yC0&iqRM(V5vP#k&?%ag0zz`dBO6M>`{!4CXm+h=pB^7jZ%baQce$pJKjH8o
zc&qQN16@}D)pt)!7)N>3tBZ%_LxN(%!*d#4N$&y*ow)e|zI7}T1@kDMF*OLe-+y{p
z$@Njlf)dHho|VNU|MC|92k@jO>!K5BOYakqi)Y1>!eU6a7am9Pnw#-tCl*`m>4NiJ
z_F);QxuRk->t0d{&$(ffi_uo2jsrjpNb+WGK
z^KP6-P&#_{`^y{DEt+fGfS*L?TPre>GM%MS*Ph2z*x~7#-IJl^)3l={(hnZXcDj@$
z^fsnB(FrYG3%tGEJc_?Ecyd84)NHd@xB)yaxjB*Tg4gj#7whpu;yb`m!x_LX3GOGs=K$>&@B;$^y3u%n^r-D(u)9Z*E2LqC)Rw8$>>ofRr>wdXh
z_tSwodF({7Jl3Xm$_Vwbtv-OI!Tr<(k$h_NbN?K`d<@&VCFmhjyHndA6%<@*+SpV*
zuC0~nq=TnQtd5bQ6VWF+?TZ`OBM0&YbB)o}x~F4IT-7y{K6}A_q`$*v
zenrFb;=8{7W;e>K6#ZBzGLWaetF-OL(zTvvA*XRp(5@$d(TxL3e44zQd7p!k1u@QD
zufkQuzgE4Bzws>Lp@OQvc3LJmU;?2ZlU5E<*jh9BW%;dBw?$p3e~5Ut_^$p`#Xm~4
zo17wwx~WT7DWv!7*b4W#=jGvDGkt{jaitTXMIH~glJT4X?{C|tp$pXMPQx~`9K
zJ7nSH4>g}p8FyDb!!?ST#wOARdYYKcX0v4!ru$CrqNU(zHN|gTqfZ)%5cJ{?&&*8n
zCP4BWIgpk!2ajGX^=W1%`N=ucS3bpizV8;p!3$0C9v_h3Vq`B1YIN6(32QopA0b`A
zHIzmAQ8PylyEohvv)Zc{ehu0QP;x`ipIhe!_?&lBjs7s|e63m+iofdg-T7-=KX%C0
zIXDqMrD3%RNlRM~wga?EimTglLQD8N(My0qnDUumroyQ$OvO(9NK5DE<3sV|-(8|A
z+$WWiS4RST?0Sl|$H%Y9<8rFj8-8OJYVxp!wVO>X*2i%I0_6_ek0!Lj*!3wcffz8#wZ;fmYeb|dZ8xLz)8W#((|Mr>1<`ZYeI
zN0bT*ckcu^)J~Ds%eZp1?nf^BJ53KPIIOb~LQAS=+b=e6!Va0@&=bpv!5w->Y$yuy@r|Rh>_>NomFG$QK8>yqRYWzk1EDzumRBm<^_pwK@>E
z1)oD}pg#3o2n2)WYV*SvwJ+$u$R2UY*kDOry3lP_IR)zX5}qfE^IfqgelJvi+}#}C%=Qq>k|DA;74xQ$-T&sORaY8#U)8%n5fn9aq(!y
z=QZc6>bf?0O9q<`!EzbP!y!p{n_BZ(D&_*4ttR=+qB0>knUZf4JhmV@&5QQe^sjYR@4&(6eJV
z@|h%!pxMO@o5K`?io*hbe+sB|3{`CW*SFqe=@xGIkU27j#gD-i82~E^=$`p<$Pn1R
zQ>Q_NQ+Cpt#ctuZ{Vaae@_l=Oi^6^`tWT0A_d6y1Ru*`FW@n-Cr(<<2JcTeB;@JYk
z=<7H~D@e}6nopRgW$YvjBh||>5KL#(!PR1_Z4Y|dM^CbR!!LV`zMk&5!Q4V}mHEa6
zHzEe_oAe9qJQtdE87?sp8@}m6U+m}%e7=9|f?clh%U|@w?T?EkZ5nvOQa5DeG?ClG
zQdpbBkdpL?jaTKztDF;d8P&p`0{zaMBec?46Vje59xZ!f+CQBuy`MIRZ5Ae|>?P{S
zStht^^hfhyolt%GOs}s}Td6~x
zC>?CNdwnoRpBw`6O=t`2U^kM#dG$S8etTkxkK1rv*8^YFicH0Ul2y=l(m3$yRVW|M
zdP3)ssb}|b<2R99PGL6`%4;uOy%Vnh_Pp9~X|?UAm`p4m)~nB>y?xE)!)VU3Rj-7DaZ_AWf9NhhSa7g_XKWVpz
zeZXzG8dL6V+WEv4u_58O(KNYnQg=k@AmknMOJ?_SBAdbTyS@0>qdoKX73ZDnQ-v;x
zPIm<^|4j~+nI!2ao+DJihi?#(=0cmvulLg3eHP+3#MV1LW@5vK<%|;+i`Ty?psYqg
z3mr@5Fi@m-)z_od{I9;ziDvJluigbdTfnYuF7bH3SArfBZPgt;S=TB+e#vwR7zhnK
z&8l3g;;Z1SRPs$pWYPG82@`dl7NfT|>@8IH-;s&%Au2=nw8QcXqGpWsRl3vW8Xy{w
z)gMfglAHB|qx;NzeW6X%v0^{t?qd3sZ(kw#S6_FQ
z)9CR_ent3nZTRpO+_!fF*<4@sWI5q9XUf+EOuPBCF~{!NsG*s}W_vt~^TB(5M1N-)
z$Ka|MBEK!(04kb!izVmj5*Jdk))w(xEoHUbQ5hO^ql_mnbT}T#CjBJc6FO1|W2ks;
zwwld{8vhluQevC&YHdBCs(+}w`zB0uE6b;5DPl7Di8P}Bi@TPm4m+-DWDGB_V01JQ5#k(BW&+uB{wn?Rg$Spq)OwQW~i0J8Nb5-n;anbV~{okLXji-Ak~ZvL=2e$!TQOCDj;8i3
z;MPyr!uy;*+VRb!_ozwmZ>|0czU7=ZoUn;}^>$#QiglYBY2|iI+p9au?<0q=B=2W+_KP
z*haG&RX3c_R1lIx=hA)XY-F{VBkgKNzk)}2k>$xW{G<Un2~T%-uP?^3Y=
zHB;DW^OSBB&J$jHE1T_g%FS|IAT;ZdVyAW2q!NJ>B}{D)#fQ^ZnMr>re7viHeL+@^
z8q@^S$!T|b)o~y{IAK=lo^?D&I&hafAamCcxKq+rHf}Lqk&cTGuh4w6Tw3cu7Wc*`
zLyNb6{?bP;>uwFf+J5VaOAgaNn?spi-)K>XHhj|*y`MAGdB-TiWB
z-)E!45$qHzsS8Wi*m$H=QRmx(_W1nT2jd-`viYOcl{;FfpY*46PQ#1^Div1E)jd1
zgD*{$@YWY?=yNV^hk~`BtHorm^gE9pf^fy}#ri^qtvjL>WERGsG>D4$++W7pqT6{N
zJ?@n^;+=gpI=bG6_4ndTsI%%$O_{|cl*}e*7j>OX`9(TU->@Ty#C`)XTQqzU55$Xa_doBGa=6@
zL!v7@h|mfV`+2$NZur(^Lp#xraj=S3X;@jCw&#sHSW$Q^EU=SCVzGE$Tadmg!pl~nDZa>-GzJ#k>3*VMjQd_mAb$FcfoEYEH828m^qWp*B
z*iu0ns|HuX*!KyWKKtea+jE(2wOppV)v9r;dk0}$oYsZDEfVcJGG%?mspY2jc^Q*=
zQYd!CjDwhIW0@DA%Mh%uW!T=#iZMG49M^zs@iFY3KHs|HFT9H^=6q3^p;GK_Dn5h6
zyC?XM!<2mNbmqHlXv7P0w%id`ZF>y$n2x1jd4(AHD-O)EI}s?bR8SfHY|I@=QBBils$K`s9|5OFc=j^nGd)XJ0&b&LtLiBurKXAzQ>tkgqayU3)c&|mE
zq}#Vl6Ka`WYnLJIv5RE;ebnV+nJ_XZH+mg`)G9H}rsIU`cm?dcHUJ==?F>h2WoQ`P
z0&U;=gg~@pA^PCe$$^%1csEZU1U_r3uX2pi_ujIWhRJ=$$oyPgWLd@fmsABj=r=3D
z1aQrn{J!Ehv^#U+Gp1XS_au7Kxz7D(U$mEB&Zo^^4I9YOMJgi579)gFo6&#~vbky*
zHrzJUHXJ&P^MP7|w#3~)mV1rP8qhG<(O$B>&7hb5;cqSJ*j2GsBSa3gY}D}l3)Sx1
z;CDALar51R{0R?U%~!0vK^EV{L%}o+stFfx5u?$<>xoge;L4M{7BSb3Y@|PGa=r&m$?+T}U4%^Z{PI=S9KcT~43@E*N1Wx*%*Jml0m2((Ow;<9#h;mu(
z)E2|`UdODizsPgRGc&B$SKHg1bDzLz@gXnjVBdWAjh5ad)+Dl^MOk`wR%BTOiamd0
zp9LHbcZtA)!iPCWcCkITU_}=pp9G@&zzJJdIU$Do>pAEsVQ>QPi|YMWuE*fW{JmK<
zR+in8N0$oGmIljNS_8Ahc7-q3H@}e|KB;5%QO=+I(lNzI^s1W=F`5|Weq7%aM@46G
zDCuI^TPc(_yI7$P4KsqgEE5ox0yi9_zV~>d{q4$nzFpz4PyNmOuLYn!GVZ9owS7%F
z<%vS`%+DE{Ug10C3Ch}fOj~+oe#K&9PSf}zTZx`VFcG8>%Tzd>@G{>%2vg){VOcY0+K51SfF_v5>$}(xcfoL^UMkM8FyuqW%iAl$
zJ*~M57FKM-PT~lnz)J*`ic*m1egr{|hcXdmw+4T_2x*}r8YCzYB8Fcuw|yx@a+N;|
z-Etu%DvCss5Yh7hV^IvG5ClFZT_%rU=0JX5YSy4;>Chy;(4?As9@2Yi`cJ2N<9EomQ%`--ey7Mk6HmD{rK5R5cUqNK
z{%2$!(7#5^BQ5mTyy-ca+dcq~A$m>s-;?c~1I?na5#qX52Ew-YR)r{{q@nU*!ztd^
zz9&%`NvF|7y2ASeZjIufS;j)ZkO(#mP&_kgKw!pr>&$W}u={+1kmM>ucYyk#N-Mi2jE}4!<7%T54s^8l*
zyuW&Z145a9f4A$MQANP18hU-YSvzgS=HQJ(pJjrp`uz)>hw4SA2jy=ztM*PCUCoky
zi4_9_YFV(eJ?yG>V^!LtqlA;*MX;_;HgFeoJb>~wS@uE=HsH^8aSwq%fVMw*6f8kK
zDA6Yv0i0oe@5f)H!(UBWO{gS#Q1@($$}#~Xp(;HqCE4MlMzigqK^FqNU*7k_ZGaM%
zTvK+5hR8`@qowLeJ8W0fwK7oMMAOwqhMQb`{t||k-Rz<8IXmitw&AzyuQ&!i=s^SO
z4*QpFrX7hBs@clY%wc|z=EOrmf?h0vh!j=Mt`E
zmkF&+ZldKOL{D>!*c9ArHTBfUaP=1VE%L|2RjpQcf*FF+orf+*7WGrB(nE+SQZtit
z)10m8w4Mu7_k10$XW3ttSeU+sEkk}a>GieD{HIHu%MwHbs)r_Jnh`_3^Lzx+29SJy
z@IM`&y&aS#NSW?we8`76{WKE=!7gOV6>{-zCH3b5TE&@6PoTYT&!x=q@JTW8kMv(f
z5LpBfSzVr+-jE>NEb-s7_&;`rrGKp9|IJDnFcNzGOwUrzc8FqjiURm7Jn%1YPv}R<
z&n0;bwLmfWY+d*K@<(Sk>)s&>?fvKd$lh?Qj+{HO3cCXXOv#!{&hYRjF<~n3OaU~lT~KWldll97`EYQM__Awir$#0Gu}OA
zyfq;&{EvB6sg=}eISnbvUDatg?p&GZUWBD<^gUL<q=jLEQge?
z-0|<$y^OfaB3Dn+kR)9ydV^oC!&(Thfx1OtHnQ||jdb`;hz&nnOlv*Kv(jgWd-1a!
z+!nHu{z)ExFe|_n#|R+`dU_)Rq5>vtq4p1*W0$+JINK59@VpWb4hNQ2_BMYvDh@UlYZ0(M
z{x-;Jxej{rvca$rS0hB$6OR<41)h9p;q;HDVAXjsPO+AwLBYk(IX`DnN#at*oH8#E
z?)2|vH+5u9O!2#y?7G}rsCW$CrI$MYEbCoCnw2&-tsq~Vid#BCBWN27ClQ`=+4*Tm
zG#`ykYIb(^F3s@CxUUigrTxfud*9o|P$tFOR~zCyXXd)?cYlZ|kxL+v@>MQ1F#KFa
z);V@4l!fD_-fH9cMGuQ}l<+r2!f6Q%7)f}o?N`V=51*Kzrvlcj@hy^sLVYfdDiO(i
ziRMgMd?sdFQ1xQ1>^5R%V6fGGCBu6KP+^Ox;X5a>!v)I~8sBX|Aw^WHAE(R=T`)eI
zU1odxpK3Gfgy}5hBXTW>lQ^i`+0=l{WG=qJ!Lg-5>|`
z(ODB}vt~YVg%j-UZ05D8?5W^o&XHZyx*1SK6wBS&n~+ow^w2r~t3GVF%gy_)izVo}
z2^XC>VuM<>%Y9Q`e-r;b@3uLxfWCZp^DMGxNx3u+@ECCM?T~9d?(sx_DnKcKyxUN!
zN?wG-ZL%K1#i#a_Kht_x072RrX3~mo)~E>^#)Kq&eVYtRE~<4QUi9CPp9n{i+})VJ
z2+;yu$N6Ks8xvy&^dW5ir*&jR4u>&3EUzDIvnv_jrY9z%fO5?|Re|n^U-f#ZOr+TK
zzmeAe%2t+D0i_?xYw`J-$IyXd_-h9Pe!I$+P6zVQnaxb|{f`R5zw*fcK|Ncd5Pjpa
z{v(&5Y)Bwj45naQqf!$;k!BDvXiUj1g1VMS#){E2t}F}=CMK|GpZi#gPx}!GA56i!
z*W1|`S{IPw+Bj7!Ty+=N)QG+))!f&&&1dA-?z?;u!U|X}xa5ZO%z!TORV#C>O4j;v
zL@d|7m@lmm;-Xe^`t7^Ai6Y;oHlZ<@qXcykc^J6@L)-JGUC*YCd54`E`IhX!W6AmZ
z=mCG4=IHZ-iNrpWbCjzSnR08PnoB13hvYZrGeq&J~6dzVU|J@u)S_Ux~JoEXga;o|Ux#-E#{5WJ&miMCp<9el_k
z2}#f_bTnr9n?Jl%zhACmU|Tpk=}?4JzY}&}+}Oh=F=f30Lj@<*d+?8oya16@zli&n
zaf5B){@C6H8N`2a2=FU1Efa~>ElD%7c7WOx8fX=jf)Hij1@ke07=N9W*x}M01@6;D
z_WKohUsxR|x*(-dB#-^HAcx?~)b?o11kMAZ)p3zOFzyX|lKjeuZ>?sm*r;MGm02T7
z!0&qr)+3d}t}KXyseWcDd{+lGIpp*_ts8hSMd}m^rk`4wlnuiAJQlX*
zu$S>-cBh3tC>$J~mLq^OYRI2BsJ}yMNk(KmSNlp(Odoqw(o&erH{$E#iTv@NM7wvZw^;;Ew+n`t85MzW>vT$yEiuuFhhbEyT8mGDi`l
zKA<>Jr2e<&$iJj?{Aa7?zv$*z73ni;3kn#tS}ZLcxkv5b!kHp+fsdQr_Z9*f%a;3n
zce%T>!;HWzl?Sw|ZQbv|O3g%nwOtJkLtlxDX<&vxd(iPyDqQToF@SM1c8_3O@hB23
z9U_wZ|EE9vThU}!b*K7Wpf!r5MEBoMAs3#xK5QL7Pgqxm|B5y8zj#}U4y8PKnqhk%
zHF@6z@czB6{r_}8FQP5G)utq;&pT`JV~T+&P{JDh;iiJiwPNx;oB}0IhJwfV)i{Sqc(tjX@


From 39745fd25af17fa28d79ae7dae2b282a2155e29f Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 4 Jun 2023 21:54:20 +0200
Subject: [PATCH 1927/2300] Update styles.min.css, new sprite.png query number

---
 web/css/styles.min.css | 32 ++++++++++++++++----------------
 1 file changed, 16 insertions(+), 16 deletions(-)

diff --git a/web/css/styles.min.css b/web/css/styles.min.css
index 5f63b030..99026f65 100644
--- a/web/css/styles.min.css
+++ b/web/css/styles.min.css
@@ -599,7 +599,7 @@ a {
     left: 0;
     top: 0;
     display: inline-block;
-    background-image: url("/images/sprite.png?1446554103");
+    background-image: url("/images/sprite.png?1446554104");
     background-size: 450px auto;
     background-repeat: no-repeat;
     background-position: -232px -9px;
@@ -626,7 +626,7 @@ input[type=checkbox] {
 }
 
 .l-logo {
-    background-image: url("/images/sprite.png?1446554103");
+    background-image: url("/images/sprite.png?1446554104");
     background-position: -117px -7px;
     /*  background-position: -125px -478px; */
     background-repeat: no-repeat;
@@ -751,7 +751,7 @@ input[type=checkbox] {
 }
 
 .l-profile__notifications {
-    background: url("/images/sprite.png?1446554103") no-repeat scroll -129px -135px;
+    background: url("/images/sprite.png?1446554104") no-repeat scroll -129px -135px;
     border-radius: 30px;
     color: #fff;
     cursor: pointer;
@@ -867,7 +867,7 @@ input[type=checkbox] {
 .notification-container .icon.starred {
     display: inline-block;
     width: 21px;
-    background: url("/images/sprite.png?1446554103") repeat scroll -184px 556px;
+    background: url("/images/sprite.png?1446554104") repeat scroll -184px 556px;
 }
 
 .l-stat {
@@ -982,7 +982,7 @@ div.l-content > div.l-separator:nth-of-type(4) {
 }
 
 .l-sort__create-btn {
-    background-image: url("/images/sprite.png?1446554103");
+    background-image: url("/images/sprite.png?1446554104");
     background-position: -331px -107px;
     background-repeat: no-repeat;
     bottom: -23px;
@@ -1047,7 +1047,7 @@ div.l-content > div.l-separator:nth-of-type(4) {
     padding: 12px;
 }
 .context-menu.sort-order span.name {
-    background: url("/images/sprite.png?1446554103") no-repeat scroll -292px -361px rgba(0, 0, 0, 0);
+    background: url("/images/sprite.png?1446554104") no-repeat scroll -292px -361px rgba(0, 0, 0, 0);
     display: inline-block;
     padding: 12px 28px 12px 12px;
     width: 117px;
@@ -1055,7 +1055,7 @@ div.l-content > div.l-separator:nth-of-type(4) {
     font-weight: bold;
 }
 .context-menu.sort-order span.up {
-    background: url("/images/sprite.png?1446554103") no-repeat scroll -434px -417px rgba(0, 0, 0, 0);
+    background: url("/images/sprite.png?1446554104") no-repeat scroll -434px -417px rgba(0, 0, 0, 0);
     display: inline-block;
     padding: 12px 14px;
     width: 16px;
@@ -1139,7 +1139,7 @@ div.l-content > div.l-separator:nth-of-type(4) {
     float: left;
     width: 30px;
     height: 30px;
-    background-image: url("/images/sprite.png?1446554103");
+    background-image: url("/images/sprite.png?1446554104");
     background-position: -333px -1px;
     border: none;
 }
@@ -1161,7 +1161,7 @@ div.l-content > div.l-separator:nth-of-type(4) {
     float: left;
     width: 25px;
     height: 25px;
-    background-image: url("/images/sprite.png?1446554103");
+    background-image: url("/images/sprite.png?1446554104");
     background-position: -333px -37px;
     border: none;
 }
@@ -1214,7 +1214,7 @@ div.l-content > div.l-separator:nth-of-type(4) {
 
 .l-select:after {
     pointer-events: none;
-    background-image: url("/images/sprite.png?1446554103");
+    background-image: url("/images/sprite.png?1446554104");
     background-position: -245px -175px;
     width: 7px;
     height: 4px;
@@ -1645,7 +1645,7 @@ body.mobile .l-unit-toolbar__col--right {
 }
 
 .actions-panel__col i {
-    background-image: url("/images/sprite.png?1446554103");
+    background-image: url("/images/sprite.png?1446554104");
     background-repeat: no-repeat;
     display: inline-block;
     float: right;
@@ -2087,7 +2087,7 @@ body.mobile .l-unit-toolbar__col--right {
 .l-icon-up-arrow, .l-icon-down-arrow, .l-icon-star, .l-icon-to-top, .l-icon-shortcuts, .l-icon-star-orange, .l-icon-star-blue {
     display: inline-block;
     vertical-align: middle;
-    background-image: url("/images/sprite.png?1446554103");
+    background-image: url("/images/sprite.png?1446554104");
 }
 
 .l-icon-down-arrow {
@@ -2463,7 +2463,7 @@ label:hover {
     margin: 2px 6px 0 0;
     min-width: 138px;
     padding: 8px 1px 6px 10px;
-    background-image: url("/images/sprite.png?1446554103");
+    background-image: url("/images/sprite.png?1446554104");
     background-position: -185px -604px;
     width: 270px;
     appearance: none;
@@ -2969,7 +2969,7 @@ form#vstobjects.suspended {
 #add-icon {
     width: 45px;
     height: 45px;
-    background-image: url("/images/sprite.png?1446554103");
+    background-image: url("/images/sprite.png?1446554104");
     background-position: -378px -107px;
     background-repeat: no-repeat;
     display: inline-block;
@@ -3112,7 +3112,7 @@ form#vstobjects.suspended {
     letter-spacing: 3px;
 }
 .shortcuts .close {
-    background: url("/images/sprite.png?1446554103") repeat scroll -408px -469px;
+    background: url("/images/sprite.png?1446554104") repeat scroll -408px -469px;
     cursor: pointer;
     display: inline-block;
     float: right;
@@ -3316,7 +3316,7 @@ form#vstobjects.suspended {
 }
 
 .context-helper-close {
-    background: rgba(0, 0, 0, 0) url("/images/sprite.png?1446554103") repeat scroll -408px -469px;
+    background: rgba(0, 0, 0, 0) url("/images/sprite.png?1446554104") repeat scroll -408px -469px;
     cursor: pointer;
     display: inline-block;
     float: right;

From bf56cdc40f268118853631c32ff2b0f6165079bf Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 4 Jun 2023 22:03:41 +0200
Subject: [PATCH 1928/2300] smtputf8_advertise_hosts patch fix

---
 src/deb/vesta/postinst | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index 97df816e..28222d48 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -30,7 +30,7 @@ if [ "$release" -gt 8 ]; then
     if [ -f "/etc/exim4/exim4.conf.template" ]; then
         if ! grep -q 'smtputf8_advertise_hosts' /etc/exim4/exim4.conf.template; then
             echo 'Patching exim4.conf for: smtputf8_advertise_hosts'
-            sed -i  "/^domainlist local_domains = dsearch;\/etc\/exim4\/domains\//i smtputf8_advertise_hosts =" /etc/exim4/exim4.conf.template
+            sed -i  "/^domainlist local_domains/i smtputf8_advertise_hosts =" /etc/exim4/exim4.conf.template
             systemctl restart exim4
         fi
     fi

From fcdd2a552c37957004262f3e98a3c2f52004fb83 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 4 Jun 2023 22:12:08 +0200
Subject: [PATCH 1929/2300] smtputf8_advertise_hosts patch fix 2

---
 src/deb/vesta/postinst | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/vesta/postinst b/src/deb/vesta/postinst
index 28222d48..2f15e60f 100755
--- a/src/deb/vesta/postinst
+++ b/src/deb/vesta/postinst
@@ -26,7 +26,7 @@ echo "1" > /usr/local/vesta/data/upgrades/show_changelog
 chmod a=rw /usr/local/vesta/data/upgrades/show_changelog
 
 # Patching exim4.conf for: smtputf8_advertise_hosts
-if [ "$release" -gt 8 ]; then
+if [ "$release" -gt 10 ]; then
     if [ -f "/etc/exim4/exim4.conf.template" ]; then
         if ! grep -q 'smtputf8_advertise_hosts' /etc/exim4/exim4.conf.template; then
             echo 'Patching exim4.conf for: smtputf8_advertise_hosts'

From b670feea43464f55754628a8a675ce6f71ffe898 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 4 Jun 2023 22:21:06 +0200
Subject: [PATCH 1930/2300] Removing smtputf8_advertise_hosts from Deb 9 and 10

---
 install/debian/10/exim/exim4.conf.template    | 1 -
 install/debian/11/exim/exim4.conf.template-RC | 1 +
 install/debian/9/exim/exim4.conf.template     | 1 -
 3 files changed, 1 insertion(+), 2 deletions(-)

diff --git a/install/debian/10/exim/exim4.conf.template b/install/debian/10/exim/exim4.conf.template
index 8fa12c2d..0e5afaac 100644
--- a/install/debian/10/exim/exim4.conf.template
+++ b/install/debian/10/exim/exim4.conf.template
@@ -11,7 +11,6 @@
 disable_ipv6=true
 add_environment=<; PATH=/bin:/usr/bin
 keep_environment=
-smtputf8_advertise_hosts =
 
 domainlist local_domains = dsearch;/etc/exim4/domains/
 domainlist relay_to_domains = dsearch;/etc/exim4/domains/
diff --git a/install/debian/11/exim/exim4.conf.template-RC b/install/debian/11/exim/exim4.conf.template-RC
index e5ba36ab..e16099bd 100644
--- a/install/debian/11/exim/exim4.conf.template-RC
+++ b/install/debian/11/exim/exim4.conf.template-RC
@@ -11,6 +11,7 @@
 disable_ipv6=true
 add_environment=<; PATH=/bin:/usr/bin
 keep_environment=
+smtputf8_advertise_hosts =
 
 #local_interfaces =  0.0.0.0
 #smtp_active_hostname = ${lookup{$interface_address}lsearch{/etc/exim4/virtual/helo_data}{$value}}
diff --git a/install/debian/9/exim/exim4.conf.template b/install/debian/9/exim/exim4.conf.template
index c9344903..261947d2 100644
--- a/install/debian/9/exim/exim4.conf.template
+++ b/install/debian/9/exim/exim4.conf.template
@@ -11,7 +11,6 @@
 disable_ipv6=true
 add_environment=<; PATH=/bin:/usr/bin
 keep_environment=
-smtputf8_advertise_hosts =
 
 domainlist local_domains = dsearch;/etc/exim4/domains/
 domainlist relay_to_domains = dsearch;/etc/exim4/domains/

From 4683c08e1b7190be57d68d0c799f052c74d20b19 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 4 Jun 2023 23:17:38 +0200
Subject: [PATCH 1931/2300] Update Changelog.md

---
 Changelog.md | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/Changelog.md b/Changelog.md
index 87f48b62..b2dae100 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -1,3 +1,10 @@
+Version 0.9.9-0 [05-Jun-2023]
+==================================================
+* Redesign of hosting panel
+* Fix for WP_CACHE_KEY_SALTs in v-clone-website command
+* Fix for "Helo name contains a ip address" in Exim4
+* Fix for Exim4 for punycode domains (in collaboration with @HestiaCP )
+
 Version 0.9.8-26-62 [05-Apr-2023]
 ==================================================
 * Fix for LetsEncrypt Asynchronous Order Finalization (in collaboration with @HestiaCP )

From 1120629026f6455ea9601ec695b3a66c66072ccc Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 4 Jun 2023 23:20:13 +0200
Subject: [PATCH 1932/2300] Update latest.txt - version 0.9.9-0

---
 src/deb/latest.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/latest.txt b/src/deb/latest.txt
index 5e8393bb..d9d5584e 100644
--- a/src/deb/latest.txt
+++ b/src/deb/latest.txt
@@ -1 +1 @@
-vesta-0.9.8-26-62
+vesta-0.9.9-0

From eccd4a99ba22460816a4de48b6837953d1675531 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sun, 4 Jun 2023 23:28:07 +0200
Subject: [PATCH 1933/2300] Update styles.fix.css

---
 web/css/styles.fix.css | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/css/styles.fix.css b/web/css/styles.fix.css
index 6c7a54c4..b00d7365 100644
--- a/web/css/styles.fix.css
+++ b/web/css/styles.fix.css
@@ -700,7 +700,7 @@ b, strong {
   background: #fff;
   word-break: break-word;
   overflow: hidden;
-  border-right: 10px solid #e3e3e3;
+  border-right: 8px solid #e3e3e3;
   box-sizing: border-box;
   /* Firefox */
   /* width */

From b41131f7ba080ddcf557e4017271a3f83d90921a Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 5 Jun 2023 10:04:25 +0200
Subject: [PATCH 1934/2300] backup details css fix

---
 web/templates/admin/list_backup_detail.html | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/web/templates/admin/list_backup_detail.html b/web/templates/admin/list_backup_detail.html
index b2f378d0..cc0a9311 100644
--- a/web/templates/admin/list_backup_detail.html
+++ b/web/templates/admin/list_backup_detail.html
@@ -6,7 +6,7 @@ input[type="checkbox"] {
 
 


 
-    
+    
       
         
         
@@ -34,7 +34,7 @@ input[type="checkbox"] {
     
 
 
-    
+    
     
         
       :
@@ -50,7 +50,7 @@ input[type="checkbox"] {
 
       
         
-          
+          
             
             
           
@@ -101,7 +101,7 @@ input[type="checkbox"] {
 
       
         
-          
+          
             
             
           
@@ -149,7 +149,7 @@ input[type="checkbox"] {
 
       
         
-          
+          
             
             
           
@@ -196,7 +196,7 @@ input[type="checkbox"] {
 
       
         
-          
+          
             
             
           
@@ -244,7 +244,7 @@ input[type="checkbox"] {
 
       
         
-          
+          
             
             
           
@@ -292,7 +292,7 @@ input[type="checkbox"] {
 
       
         
-          
+          
             
             
           
@@ -331,7 +331,7 @@ input[type="checkbox"] {
 
       
         
-          
+          
             
             
           

From 0a5faad911299d87f8de23614fdce3f217d78541 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 5 Jun 2023 10:05:18 +0200
Subject: [PATCH 1935/2300] Update latest.txt

---
 src/deb/latest.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/deb/latest.txt b/src/deb/latest.txt
index d9d5584e..208690c9 100644
--- a/src/deb/latest.txt
+++ b/src/deb/latest.txt
@@ -1 +1 @@
-vesta-0.9.9-0
+vesta-0.9.9-0-1

From 7875aaf58ec9b96ca75a686969d7b342418e8489 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 5 Jun 2023 10:24:27 +0200
Subject: [PATCH 1936/2300] Update list_backup_detail.html

---
 web/templates/admin/list_backup_detail.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/templates/admin/list_backup_detail.html b/web/templates/admin/list_backup_detail.html
index cc0a9311..30e41642 100644
--- a/web/templates/admin/list_backup_detail.html
+++ b/web/templates/admin/list_backup_detail.html
@@ -34,7 +34,7 @@ input[type="checkbox"] {
     
 
 
-    
+    
     
         
       :

From d9a68455a8303f38a161ea3dbeb9660125387639 Mon Sep 17 00:00:00 2001
From: Jaap Marcus <9754650+jaapmarcus@users.noreply.github.com>
Date: Wed, 7 Jun 2023 22:59:31 +0200
Subject: [PATCH 1937/2300] Update urls due to moved download locations

Update names


Fix pcre url


Please not configs are not tested


Revert changes
---
 install/debian/12/apache2/apache2.conf        |  95 ++
 install/debian/12/apache2/status.conf         |   8 +
 install/debian/12/bind/named.conf             |  12 +
 install/debian/12/clamav/clamd.conf           |  61 ++
 install/debian/12/deb_signing.key             |  41 +
 install/debian/12/dovecot/conf.d/10-auth.conf |   4 +
 .../debian/12/dovecot/conf.d/10-logging.conf  |   1 +
 install/debian/12/dovecot/conf.d/10-mail.conf |   4 +
 .../debian/12/dovecot/conf.d/10-master.conf   |  29 +
 install/debian/12/dovecot/conf.d/10-ssl.conf  |   3 +
 .../12/dovecot/conf.d/15-mailboxes.conf       |  30 +
 install/debian/12/dovecot/conf.d/20-imap.conf |  58 ++
 install/debian/12/dovecot/conf.d/20-pop3.conf |  91 ++
 .../dovecot/conf.d/auth-passwdfile.conf.ext   |   9 +
 install/debian/12/dovecot/dovecot.conf        |   4 +
 install/debian/12/exim/deny_senders           |   1 +
 install/debian/12/exim/dnsbl.conf             |   2 +
 install/debian/12/exim/exim4.conf.template    | 415 +++++++++
 install/debian/12/exim/exim4.conf.template-RC | 446 +++++++++
 install/debian/12/exim/spam-blocks.conf       |   0
 .../debian/12/fail2ban/action.d/vesta.conf    |   9 +
 .../debian/12/fail2ban/filter.d/vesta.conf    |  10 +
 install/debian/12/fail2ban/jail.local         |  39 +
 install/debian/12/firewall/ports.conf         |  17 +
 install/debian/12/firewall/rules.conf         |  11 +
 install/debian/12/logrotate/apache2           |  19 +
 install/debian/12/logrotate/dovecot           |  12 +
 install/debian/12/logrotate/nginx             |  13 +
 install/debian/12/logrotate/vesta             |   7 +
 install/debian/12/mysql/my-large.cnf          |  51 ++
 install/debian/12/mysql/my-medium.cnf         |  49 +
 install/debian/12/mysql/my-small.cnf          |  49 +
 install/debian/12/nginx/nginx.conf            | 140 +++
 install/debian/12/nginx/phpmyadmin.inc        |  18 +
 install/debian/12/nginx/phppgadmin.inc        |  11 +
 install/debian/12/nginx/status.conf           |   9 +
 install/debian/12/nginx/webmail.inc           |  15 +
 install/debian/12/packages/default.pkg        |  18 +
 install/debian/12/pga/config.inc.php          | 159 ++++
 install/debian/12/pga/phppgadmin.conf         |  31 +
 install/debian/12/php-fpm/www.conf            |  11 +
 install/debian/12/php/php7.3-dedi.patch       |  78 ++
 install/debian/12/php/php7.3-vps.patch        |  78 ++
 install/debian/12/php/php7.4-dedi.patch       |  78 ++
 install/debian/12/php/php7.4-vps.patch        |  78 ++
 install/debian/12/pma/apache.conf             |  42 +
 install/debian/12/pma/config.inc.php          | 146 +++
 install/debian/12/pma/create_tables.sql       | 385 ++++++++
 install/debian/12/pma/pma.sh                  | 167 ++++
 install/debian/12/postgresql/pg_hba.conf      |  11 +
 install/debian/12/proftpd/proftpd.conf        |  38 +
 install/debian/12/proftpd/tls.conf            |  63 ++
 install/debian/12/roundcube/apache.conf       |  40 +
 install/debian/12/roundcube/config.inc.php    |  33 +
 install/debian/12/roundcube/db.inc.php        |  66 ++
 install/debian/12/roundcube/main.inc.php      | 850 ++++++++++++++++++
 install/debian/12/roundcube/vesta.php         |  73 ++
 install/debian/12/sudo/admin                  |   8 +
 install/debian/12/templates/dns/child-ns.tpl  |  14 +
 install/debian/12/templates/dns/default.tpl   |  18 +
 install/debian/12/templates/dns/gmail.tpl     |  12 +
 install/debian/12/templates/dns/office365.tpl |  22 +
 install/debian/12/templates/dns/yandex.tpl    |  16 +
 .../web/apache2/PHP-FPM-74-public.sh          | 105 +++
 .../web/apache2/PHP-FPM-74-public.stpl        |  44 +
 .../web/apache2/PHP-FPM-74-public.tpl         |  38 +
 .../12/templates/web/apache2/PHP-FPM-74.sh    | 105 +++
 .../12/templates/web/apache2/PHP-FPM-74.stpl  |  44 +
 .../12/templates/web/apache2/PHP-FPM-74.tpl   |  38 +
 .../12/templates/web/awstats/awstats.tpl      | 133 +++
 .../debian/12/templates/web/awstats/index.tpl |  10 +
 .../debian/12/templates/web/awstats/nav.tpl   |  23 +
 .../debian/12/templates/web/nginx/caching.sh  |  19 +
 .../12/templates/web/nginx/caching.stpl       |  44 +
 .../debian/12/templates/web/nginx/caching.tpl |  42 +
 .../web/nginx/force-https-legacy.stpl         |  39 +
 .../web/nginx/force-https-legacy.tpl          |   8 +
 .../web/nginx/force-https-public.stpl         |  39 +
 .../web/nginx/force-https-public.tpl          |   8 +
 .../nginx/force-https-webmail-phpmyadmin.stpl |  63 ++
 .../nginx/force-https-webmail-phpmyadmin.tpl  |   8 +
 .../12/templates/web/nginx/force-https.stpl   |  39 +
 .../12/templates/web/nginx/force-https.tpl    |   8 +
 .../12/templates/web/nginx/hosting-legacy.sh  |  11 +
 .../templates/web/nginx/hosting-legacy.stpl   |  39 +
 .../12/templates/web/nginx/hosting-legacy.tpl |  36 +
 .../templates/web/nginx/hosting-public.stpl   |  39 +
 .../12/templates/web/nginx/hosting-public.tpl |  36 +
 .../web/nginx/hosting-webmail-phpmyadmin.stpl |  63 ++
 .../web/nginx/hosting-webmail-phpmyadmin.tpl  |  60 ++
 .../debian/12/templates/web/nginx/hosting.sh  |  11 +
 .../12/templates/web/nginx/hosting.stpl       |  39 +
 .../debian/12/templates/web/nginx/hosting.tpl |  36 +
 .../web/nginx/php-fpm/cms_made_simple.stpl    |  55 ++
 .../web/nginx/php-fpm/cms_made_simple.tpl     |  52 ++
 .../web/nginx/php-fpm/codeigniter2.stpl       |  60 ++
 .../web/nginx/php-fpm/codeigniter2.tpl        |  57 ++
 .../web/nginx/php-fpm/codeigniter3.stpl       |  55 ++
 .../web/nginx/php-fpm/codeigniter3.tpl        |  52 ++
 .../web/nginx/php-fpm/datalife_engine.stpl    | 126 +++
 .../web/nginx/php-fpm/datalife_engine.tpl     | 123 +++
 .../templates/web/nginx/php-fpm/default.stpl  |  54 ++
 .../templates/web/nginx/php-fpm/default.tpl   |  51 ++
 .../templates/web/nginx/php-fpm/dokuwiki.stpl |  71 ++
 .../templates/web/nginx/php-fpm/dokuwiki.tpl  |  67 ++
 .../templates/web/nginx/php-fpm/drupal6.stpl  |  94 ++
 .../templates/web/nginx/php-fpm/drupal6.tpl   |  91 ++
 .../templates/web/nginx/php-fpm/drupal7.stpl  |  94 ++
 .../templates/web/nginx/php-fpm/drupal7.tpl   |  91 ++
 .../templates/web/nginx/php-fpm/drupal8.stpl  |  94 ++
 .../templates/web/nginx/php-fpm/drupal8.tpl   |  91 ++
 .../templates/web/nginx/php-fpm/joomla.stpl   |  62 ++
 .../12/templates/web/nginx/php-fpm/joomla.tpl |  59 ++
 .../templates/web/nginx/php-fpm/laravel.stpl  |  54 ++
 .../templates/web/nginx/php-fpm/laravel.tpl   |  50 ++
 .../templates/web/nginx/php-fpm/magento.stpl  | 197 ++++
 .../templates/web/nginx/php-fpm/magento.tpl   | 194 ++++
 .../12/templates/web/nginx/php-fpm/modx.stpl  |  68 ++
 .../12/templates/web/nginx/php-fpm/modx.tpl   |  65 ++
 .../templates/web/nginx/php-fpm/moodle.stpl   |  89 ++
 .../12/templates/web/nginx/php-fpm/moodle.tpl |  87 ++
 .../templates/web/nginx/php-fpm/no-php.stpl   |  46 +
 .../12/templates/web/nginx/php-fpm/no-php.tpl |  43 +
 .../12/templates/web/nginx/php-fpm/odoo.stpl  |  69 ++
 .../12/templates/web/nginx/php-fpm/odoo.tpl   |  66 ++
 .../templates/web/nginx/php-fpm/opencart.stpl |  58 ++
 .../templates/web/nginx/php-fpm/opencart.tpl  |  54 ++
 .../templates/web/nginx/php-fpm/owncloud.stpl |  84 ++
 .../templates/web/nginx/php-fpm/owncloud.tpl  |  81 ++
 .../12/templates/web/nginx/php-fpm/piwik.stpl |  72 ++
 .../12/templates/web/nginx/php-fpm/piwik.tpl  |  69 ++
 .../templates/web/nginx/php-fpm/pyrocms.stpl  |  65 ++
 .../templates/web/nginx/php-fpm/pyrocms.tpl   |  62 ++
 .../12/templates/web/nginx/php-fpm/sendy.stpl |  88 ++
 .../12/templates/web/nginx/php-fpm/sendy.tpl  |  86 ++
 .../web/nginx/php-fpm/wordpress.stpl          |  54 ++
 .../templates/web/nginx/php-fpm/wordpress.tpl |  51 ++
 .../web/nginx/php-fpm/wordpress2.stpl         |  66 ++
 .../web/nginx/php-fpm/wordpress2.tpl          |  63 ++
 .../web/nginx/php-fpm/wordpress2_rewrite.stpl |  71 ++
 .../web/nginx/php-fpm/wordpress2_rewrite.tpl  |  67 ++
 .../web/nginx/private-force-https.stpl        |  39 +
 .../web/nginx/private-force-https.tpl         |   8 +
 .../12/templates/web/nginx/private-hosting.sh |  11 +
 .../templates/web/nginx/private-hosting.stpl  |  41 +
 .../templates/web/nginx/private-hosting.tpl   |  38 +
 .../12/templates/web/nginx/proxy_ip.tpl       |   9 +
 .../12/templates/web/php-fpm/default.tpl      |  21 +
 .../12/templates/web/php-fpm/no-php.tpl       |  20 +
 .../12/templates/web/php-fpm/socket.tpl       |  24 +
 .../web/skel/document_errors/403.html         |  29 +
 .../web/skel/document_errors/404.html         |  28 +
 .../web/skel/document_errors/50x.html         |  29 +
 .../templates/web/skel/public_html/index.html |  26 +
 .../templates/web/skel/public_html/robots.txt |   3 +
 .../web/skel/public_shtml/index.html          |  26 +
 .../web/skel/public_shtml/robots.txt          |   3 +
 .../debian/12/templates/web/suspend/.htaccess |   2 +
 .../12/templates/web/suspend/index.html       |  25 +
 .../12/templates/web/webalizer/webalizer.tpl  | 110 +++
 install/debian/12/vsftpd/vsftpd.conf          |  26 +
 src/deb/vesta_compile.sh                      |  44 +-
 162 files changed, 9729 insertions(+), 6 deletions(-)
 create mode 100644 install/debian/12/apache2/apache2.conf
 create mode 100644 install/debian/12/apache2/status.conf
 create mode 100644 install/debian/12/bind/named.conf
 create mode 100644 install/debian/12/clamav/clamd.conf
 create mode 100644 install/debian/12/deb_signing.key
 create mode 100644 install/debian/12/dovecot/conf.d/10-auth.conf
 create mode 100644 install/debian/12/dovecot/conf.d/10-logging.conf
 create mode 100644 install/debian/12/dovecot/conf.d/10-mail.conf
 create mode 100644 install/debian/12/dovecot/conf.d/10-master.conf
 create mode 100644 install/debian/12/dovecot/conf.d/10-ssl.conf
 create mode 100644 install/debian/12/dovecot/conf.d/15-mailboxes.conf
 create mode 100644 install/debian/12/dovecot/conf.d/20-imap.conf
 create mode 100644 install/debian/12/dovecot/conf.d/20-pop3.conf
 create mode 100644 install/debian/12/dovecot/conf.d/auth-passwdfile.conf.ext
 create mode 100644 install/debian/12/dovecot/dovecot.conf
 create mode 100644 install/debian/12/exim/deny_senders
 create mode 100644 install/debian/12/exim/dnsbl.conf
 create mode 100644 install/debian/12/exim/exim4.conf.template
 create mode 100644 install/debian/12/exim/exim4.conf.template-RC
 create mode 100644 install/debian/12/exim/spam-blocks.conf
 create mode 100644 install/debian/12/fail2ban/action.d/vesta.conf
 create mode 100644 install/debian/12/fail2ban/filter.d/vesta.conf
 create mode 100644 install/debian/12/fail2ban/jail.local
 create mode 100644 install/debian/12/firewall/ports.conf
 create mode 100644 install/debian/12/firewall/rules.conf
 create mode 100644 install/debian/12/logrotate/apache2
 create mode 100644 install/debian/12/logrotate/dovecot
 create mode 100644 install/debian/12/logrotate/nginx
 create mode 100644 install/debian/12/logrotate/vesta
 create mode 100644 install/debian/12/mysql/my-large.cnf
 create mode 100644 install/debian/12/mysql/my-medium.cnf
 create mode 100644 install/debian/12/mysql/my-small.cnf
 create mode 100644 install/debian/12/nginx/nginx.conf
 create mode 100644 install/debian/12/nginx/phpmyadmin.inc
 create mode 100644 install/debian/12/nginx/phppgadmin.inc
 create mode 100644 install/debian/12/nginx/status.conf
 create mode 100644 install/debian/12/nginx/webmail.inc
 create mode 100644 install/debian/12/packages/default.pkg
 create mode 100644 install/debian/12/pga/config.inc.php
 create mode 100644 install/debian/12/pga/phppgadmin.conf
 create mode 100644 install/debian/12/php-fpm/www.conf
 create mode 100644 install/debian/12/php/php7.3-dedi.patch
 create mode 100644 install/debian/12/php/php7.3-vps.patch
 create mode 100644 install/debian/12/php/php7.4-dedi.patch
 create mode 100644 install/debian/12/php/php7.4-vps.patch
 create mode 100644 install/debian/12/pma/apache.conf
 create mode 100644 install/debian/12/pma/config.inc.php
 create mode 100644 install/debian/12/pma/create_tables.sql
 create mode 100644 install/debian/12/pma/pma.sh
 create mode 100644 install/debian/12/postgresql/pg_hba.conf
 create mode 100644 install/debian/12/proftpd/proftpd.conf
 create mode 100644 install/debian/12/proftpd/tls.conf
 create mode 100644 install/debian/12/roundcube/apache.conf
 create mode 100644 install/debian/12/roundcube/config.inc.php
 create mode 100644 install/debian/12/roundcube/db.inc.php
 create mode 100644 install/debian/12/roundcube/main.inc.php
 create mode 100644 install/debian/12/roundcube/vesta.php
 create mode 100644 install/debian/12/sudo/admin
 create mode 100755 install/debian/12/templates/dns/child-ns.tpl
 create mode 100755 install/debian/12/templates/dns/default.tpl
 create mode 100755 install/debian/12/templates/dns/gmail.tpl
 create mode 100644 install/debian/12/templates/dns/office365.tpl
 create mode 100644 install/debian/12/templates/dns/yandex.tpl
 create mode 100755 install/debian/12/templates/web/apache2/PHP-FPM-74-public.sh
 create mode 100644 install/debian/12/templates/web/apache2/PHP-FPM-74-public.stpl
 create mode 100644 install/debian/12/templates/web/apache2/PHP-FPM-74-public.tpl
 create mode 100755 install/debian/12/templates/web/apache2/PHP-FPM-74.sh
 create mode 100644 install/debian/12/templates/web/apache2/PHP-FPM-74.stpl
 create mode 100644 install/debian/12/templates/web/apache2/PHP-FPM-74.tpl
 create mode 100755 install/debian/12/templates/web/awstats/awstats.tpl
 create mode 100755 install/debian/12/templates/web/awstats/index.tpl
 create mode 100755 install/debian/12/templates/web/awstats/nav.tpl
 create mode 100755 install/debian/12/templates/web/nginx/caching.sh
 create mode 100644 install/debian/12/templates/web/nginx/caching.stpl
 create mode 100644 install/debian/12/templates/web/nginx/caching.tpl
 create mode 100644 install/debian/12/templates/web/nginx/force-https-legacy.stpl
 create mode 100644 install/debian/12/templates/web/nginx/force-https-legacy.tpl
 create mode 100644 install/debian/12/templates/web/nginx/force-https-public.stpl
 create mode 100644 install/debian/12/templates/web/nginx/force-https-public.tpl
 create mode 100644 install/debian/12/templates/web/nginx/force-https-webmail-phpmyadmin.stpl
 create mode 100644 install/debian/12/templates/web/nginx/force-https-webmail-phpmyadmin.tpl
 create mode 100644 install/debian/12/templates/web/nginx/force-https.stpl
 create mode 100644 install/debian/12/templates/web/nginx/force-https.tpl
 create mode 100755 install/debian/12/templates/web/nginx/hosting-legacy.sh
 create mode 100644 install/debian/12/templates/web/nginx/hosting-legacy.stpl
 create mode 100644 install/debian/12/templates/web/nginx/hosting-legacy.tpl
 create mode 100644 install/debian/12/templates/web/nginx/hosting-public.stpl
 create mode 100644 install/debian/12/templates/web/nginx/hosting-public.tpl
 create mode 100644 install/debian/12/templates/web/nginx/hosting-webmail-phpmyadmin.stpl
 create mode 100644 install/debian/12/templates/web/nginx/hosting-webmail-phpmyadmin.tpl
 create mode 100755 install/debian/12/templates/web/nginx/hosting.sh
 create mode 100644 install/debian/12/templates/web/nginx/hosting.stpl
 create mode 100644 install/debian/12/templates/web/nginx/hosting.tpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/cms_made_simple.stpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/cms_made_simple.tpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/codeigniter2.stpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/codeigniter2.tpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/codeigniter3.stpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/codeigniter3.tpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/datalife_engine.stpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/datalife_engine.tpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/default.stpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/default.tpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/dokuwiki.stpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/dokuwiki.tpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/drupal6.stpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/drupal6.tpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/drupal7.stpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/drupal7.tpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/drupal8.stpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/drupal8.tpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/joomla.stpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/joomla.tpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/laravel.stpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/laravel.tpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/magento.stpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/magento.tpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/modx.stpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/modx.tpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/moodle.stpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/moodle.tpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/no-php.stpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/no-php.tpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/odoo.stpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/odoo.tpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/opencart.stpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/opencart.tpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/owncloud.stpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/owncloud.tpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/piwik.stpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/piwik.tpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/pyrocms.stpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/pyrocms.tpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/sendy.stpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/sendy.tpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/wordpress.stpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/wordpress.tpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/wordpress2.stpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/wordpress2.tpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl
 create mode 100644 install/debian/12/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl
 create mode 100644 install/debian/12/templates/web/nginx/private-force-https.stpl
 create mode 100644 install/debian/12/templates/web/nginx/private-force-https.tpl
 create mode 100755 install/debian/12/templates/web/nginx/private-hosting.sh
 create mode 100644 install/debian/12/templates/web/nginx/private-hosting.stpl
 create mode 100644 install/debian/12/templates/web/nginx/private-hosting.tpl
 create mode 100644 install/debian/12/templates/web/nginx/proxy_ip.tpl
 create mode 100644 install/debian/12/templates/web/php-fpm/default.tpl
 create mode 100644 install/debian/12/templates/web/php-fpm/no-php.tpl
 create mode 100644 install/debian/12/templates/web/php-fpm/socket.tpl
 create mode 100755 install/debian/12/templates/web/skel/document_errors/403.html
 create mode 100755 install/debian/12/templates/web/skel/document_errors/404.html
 create mode 100755 install/debian/12/templates/web/skel/document_errors/50x.html
 create mode 100755 install/debian/12/templates/web/skel/public_html/index.html
 create mode 100755 install/debian/12/templates/web/skel/public_html/robots.txt
 create mode 100755 install/debian/12/templates/web/skel/public_shtml/index.html
 create mode 100755 install/debian/12/templates/web/skel/public_shtml/robots.txt
 create mode 100755 install/debian/12/templates/web/suspend/.htaccess
 create mode 100755 install/debian/12/templates/web/suspend/index.html
 create mode 100755 install/debian/12/templates/web/webalizer/webalizer.tpl
 create mode 100644 install/debian/12/vsftpd/vsftpd.conf

diff --git a/install/debian/12/apache2/apache2.conf b/install/debian/12/apache2/apache2.conf
new file mode 100644
index 00000000..2be3e50d
--- /dev/null
+++ b/install/debian/12/apache2/apache2.conf
@@ -0,0 +1,95 @@
+# It is split into several files forming the configuration hierarchy outlined
+# below, all located in the /etc/apache2/ directory:
+#
+#	/etc/apache2/
+#	|-- apache2.conf
+#	|	`--  ports.conf
+#	|-- mods-enabled
+#	|	|-- *.load
+#	|	`-- *.conf
+#	|-- conf.d
+#	|	`-- *
+
+# Global configuration
+PidFile ${APACHE_PID_FILE}
+Timeout 900
+ProxyTimeout 900
+KeepAlive Off
+MaxKeepAliveRequests 100
+KeepAliveTimeout 10
+
+
+    StartServers          8
+    MinSpareServers       5
+    MaxSpareServers      20
+    ServerLimit         256
+    MaxClients          200
+    MaxRequestsPerChild 4000
+
+
+
+    StartServers          2
+    MinSpareThreads      25
+    MaxSpareThreads      75 
+    ThreadLimit          64
+    ThreadsPerChild      25
+    MaxClients          200
+    MaxRequestsPerChild 4000
+
+
+
+    StartServers          2
+    MinSpareThreads      25
+    MaxSpareThreads      75 
+    ThreadLimit          64
+    ThreadsPerChild      25
+    MaxClients          200
+    MaxRequestsPerChild 4000
+
+
+# These need to be set in /etc/apache2/envvars
+User ${APACHE_RUN_USER}
+Group ${APACHE_RUN_GROUP}
+#User www-data
+#Group www-data
+
+AccessFileName .htaccess
+
+
+    Order allow,deny
+    Deny from all
+    Satisfy all
+
+
+DefaultType None
+HostnameLookups Off
+
+ErrorLog ${APACHE_LOG_DIR}/error.log
+LogLevel warn
+
+# Include module configuration:
+Include mods-enabled/*.load
+Include mods-enabled/*.conf
+
+# Include list of ports to listen on and which to use for name based vhosts
+Include ports.conf
+
+LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
+LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
+LogFormat "%h %l %u %t \"%r\" %>s %O" common
+LogFormat "%{Referer}i -> %U" referer
+LogFormat "%{User-agent}i" agent
+LogFormat "%b" bytes
+
+Include conf.d/
+
+# Include the virtual host configurations:
+#Include sites-enabled/
+
+ErrorDocument 403 /error/403.html
+ErrorDocument 404 /error/404.html
+ErrorDocument 500 /error/50x.html
+ErrorDocument 501 /error/50x.html
+ErrorDocument 502 /error/50x.html
+ErrorDocument 503 /error/50x.html
+ErrorDocument 506 /error/50x.html
diff --git a/install/debian/12/apache2/status.conf b/install/debian/12/apache2/status.conf
new file mode 100644
index 00000000..0d82a356
--- /dev/null
+++ b/install/debian/12/apache2/status.conf
@@ -0,0 +1,8 @@
+Listen 127.0.0.1:8081
+
+    SetHandler server-status
+    Order deny,allow
+    Deny from all
+    Allow from 127.0.0.1
+    # Allow from all
+
diff --git a/install/debian/12/bind/named.conf b/install/debian/12/bind/named.conf
new file mode 100644
index 00000000..ed6ece88
--- /dev/null
+++ b/install/debian/12/bind/named.conf
@@ -0,0 +1,12 @@
+// This is the primary configuration file for the BIND DNS server named.
+//
+// Please read /usr/share/doc/bind9/README.Debian.gz for information on the 
+// structure of BIND configuration files in Debian, *BEFORE* you customize 
+// this configuration file.
+//
+// If you are just adding zones, please do that in /etc/bind/named.conf.local
+
+include "/etc/bind/named.conf.options";
+include "/etc/bind/named.conf.local";
+include "/etc/bind/named.conf.default-zones";
+
diff --git a/install/debian/12/clamav/clamd.conf b/install/debian/12/clamav/clamd.conf
new file mode 100644
index 00000000..c636b6d3
--- /dev/null
+++ b/install/debian/12/clamav/clamd.conf
@@ -0,0 +1,61 @@
+#Automatically Generated by clamav-base postinst
+#To reconfigure clamd run #dpkg-reconfigure clamav-base
+#Please read /usr/share/doc/clamav-base/README.Debian.gz for details
+LocalSocket /var/run/clamav/clamd.ctl
+FixStaleSocket true
+LocalSocketGroup clamav
+LocalSocketMode 666
+# TemporaryDirectory is not set to its default /tmp here to make overriding
+# the default with environment variables TMPDIR/TMP/TEMP possible
+User clamav
+# AllowSupplementaryGroups true
+ScanMail true
+ScanArchive true
+ArchiveBlockEncrypted false
+MaxDirectoryRecursion 15
+FollowDirectorySymlinks false
+FollowFileSymlinks false
+ReadTimeout 180
+MaxThreads 12
+MaxConnectionQueueLength 15
+LogSyslog false
+LogFacility LOG_LOCAL6
+LogClean true
+LogVerbose true
+PidFile /var/run/clamav/clamd.pid
+DatabaseDirectory /var/lib/clamav
+SelfCheck 3600
+Foreground false
+Debug false
+ScanPE true
+ScanOLE2 true
+ScanHTML true
+ExitOnOOM false
+LeaveTemporaryFiles false
+AlgorithmicDetection true
+ScanELF true
+IdleTimeout 30
+PhishingSignatures true
+PhishingScanURLs true
+PhishingAlwaysBlockSSLMismatch false
+PhishingAlwaysBlockCloak false
+DetectPUA false
+ScanPartialMessages false
+HeuristicScanPrecedence false
+StructuredDataDetection false
+CommandReadTimeout 5
+SendBufTimeout 200
+MaxQueue 100
+ExtendedDetectionInfo true
+OLE2BlockMacros false
+StreamMaxLength 2M
+MaxFileSize 2M
+LogFile /var/log/clamav/clamav.log
+LogTime true
+LogFileUnlock false
+LogFileMaxSize 0
+Bytecode true
+BytecodeSecurity TrustSigned
+BytecodeTimeout 60000
+OfficialDatabaseOnly false
+CrossFilesystems true
diff --git a/install/debian/12/deb_signing.key b/install/debian/12/deb_signing.key
new file mode 100644
index 00000000..d279abbd
--- /dev/null
+++ b/install/debian/12/deb_signing.key
@@ -0,0 +1,41 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQGNBGDsPogBDADT7jiPewIuavqJZJMZ18c+kEC8N+/EK15k9zdBvcluxZ7gb5D6
+sKT3fVmLWD49mux+OoFs8DJH1LkpFe2Ax58NVMgDwCNUtcqeR8eB6nEWpZLjzJhZ
+RD5+ZpUaX/emXrr7mxJ1SvT8PgWWerl2ZuPSlpPm4Ls6JO53AvPAsUVgMTHkfHNj
+4/GqKtORkanzBwimC0bcB3BBRLH/kiW/TNi3hQnR5GYIaKWrc8oGpHHqX5BNw72O
+JTSqTj8OZXKG7US6cXgBQuLN68sKd9TIy2HZdTKlqR1yQyc2BiPwVYDrJemM72VT
+kuW0qbsOwji7rG2B6Pg1yggWXpB8Znczzi8AfzoFgXeOTi/hzcaf3YnAxfeL1Ofq
+aOW+ReqsF1wxpgVwNj0DVquPTqzd4uCIGNNGGHhlIR434FyA4YNfxK63YxZS5SAR
+leQGTUtBRdh1SOKPDZMcSlJ3wEfHKbp72qmnLdqUkGl//FZsCDdPFxx3wDCPPS2e
+++g3ImqeaQ553nUAEQEAAbQhbXlWZXN0YSB0ZWFtIDxpbmZvQG15dmVzdGFjcC5j
+b20+iQHOBBMBCgA4FiEEDcdTLoRXCPbKaPuqiIB9SyIhM4wFAmDsPogCGwMFCwkI
+BwIGFQoJCAsCBBYCAwECHgECF4AACgkQiIB9SyIhM4yADAv+M62/6N+uFx9Izbj5
+HxZCzLEgvlQzdQcLJPDwFWYByVRiQRkRJWt5kqwNpndWoDo5zEtyKn3Yulbj6zyy
+UqYhN0ctXyaFjKFIHIqrrz9P9AF2uGr17rTWbnRpjlMSkDSmUGXNEKO7gMtKiTo3
+olWldDELuM0MQddwMGgnqZPb3/Z+om68U1/6NS8A5hAHL+HuwcKGFZpFRJYXSOLY
+lIpHyicifvkRAMkPp025Y3Who3EZMWq3Bpo78djtxfA4CoUn+OH64Hn0llkJ3vU6
+bM+KuC2ZrkHrzcqZbPbYnmEmVD1rkxVoOgzqE76fAY2I6YFY09uhdg0FbZeeMjA+
+DReBwINRFYsk6/maY7Zc82clfc7+vr3xmR+f+KEiUCU4mI72PnlU9LT9RuoCkKbo
+znUZo+Xj6ezM6lCKGnOmqhvQmWR+hdsn1zX1ufxPA5uQyeFfR5VpAjvDOFykPA93
+3Et0ZdrKB2U6jjlGzWhsCkYphF7M0DVIRPOm1xLUJvLx+zB+uQGNBGDsPogBDADG
+rJuQBsLJ6MWAGLydwaIBttwG3GOysSsQ1P09mbeOqiyCaWfEladePorTpKsbOHA/
+USAfjN8Eik81Un1Kik6rYU8ieGERKpCMiBkcNLQH/DnYyCNT5oaGqXtIQ+5GNn71
+mt7sLmf0yL3C320RJa8KSP+rAaey4ttLyl7rM1q8RPmlsRSxVjeiMw01i6cXmA1G
+EJDuRbXdzDuo5utHDBMHgN0T0g8kgoTX9G2uwUTnJm9qzW2Lg3d4xoe2+H5/86Qm
+0lVl5vLSMEPl01NcoTVgQpGO/yR3nJ4ubMkkbzCM0e0MByHqOKJ2LfW77BcvcoXg
+coa7tF+6DZBB4UGyb1VuSZJoVOYN2tnSj2/taPk0yHJf/tLvNm/hVHEvXNXk09hy
+fne0FZmHKwwp0TGSC8tzsHPRSbIOazifIC8pdN4fPTQyfI9tKxi26opCIAHHkcTr
+7VOUvUNyAGVB9TU/nmzpvkv8BLCKSQM1FxUQ0owgFtrtIoMVxkYG5hb6EjAHyUcA
+EQEAAYkBtgQYAQoAIBYhBA3HUy6EVwj2ymj7qoiAfUsiITOMBQJg7D6IAhsMAAoJ
+EIiAfUsiITOMR40MALn5sqKFZ9FMe7982XMamanjPqO3Odi5/9rUXYKbJGjsaSof
+lSC3OtqnRTVGE6KEuYErCKCpAk2ZvEf5eQHi264fC255zuxWihdcEQpiPK1DdlN3
+m9JNp/4Pns38Nn/zG3cFQuDEvDsC75xmxN7pi+ZkokodwA0PgaiMVh5mSos+Mc/G
+fLcEes21xVk2DQ3Vw6p1P/39uujBPZ3J2unWBqv0rCFEpwgXm/d80Y0x31tq0ToZ
+hf1r/GcoB6rC3sSAtUykrTZUaRv57BouvnAP9zfFlFSrYpJZ5L9/IawBH+O9yUu2
+N1jGq9eJ/RwHG1lKUBJd6wCWz1ZKzxnaoH9CfRC/aG9vRQWLSjiHCl2cnNDxElKx
+JOT7RUjxlri4zvxdum49Vr8iEpjUFXzhRYq79SsmqkLuXZYQnccNFAdde8ZcPpKA
+zhfavTutAPNJRyg9hbwxQYUH6N1i5J7ZZsqHB/GIBaSReXroacHjFYcU6uiBt/da
+qiC8NLvRaE3PVkma9Q==
+=RAbI
+-----END PGP PUBLIC KEY BLOCK-----
diff --git a/install/debian/12/dovecot/conf.d/10-auth.conf b/install/debian/12/dovecot/conf.d/10-auth.conf
new file mode 100644
index 00000000..dfcc8311
--- /dev/null
+++ b/install/debian/12/dovecot/conf.d/10-auth.conf
@@ -0,0 +1,4 @@
+disable_plaintext_auth = no
+auth_verbose = yes
+auth_mechanisms = plain login
+!include auth-passwdfile.conf.ext
diff --git a/install/debian/12/dovecot/conf.d/10-logging.conf b/install/debian/12/dovecot/conf.d/10-logging.conf
new file mode 100644
index 00000000..a5f207d5
--- /dev/null
+++ b/install/debian/12/dovecot/conf.d/10-logging.conf
@@ -0,0 +1 @@
+log_path = /var/log/dovecot.log
diff --git a/install/debian/12/dovecot/conf.d/10-mail.conf b/install/debian/12/dovecot/conf.d/10-mail.conf
new file mode 100644
index 00000000..55313419
--- /dev/null
+++ b/install/debian/12/dovecot/conf.d/10-mail.conf
@@ -0,0 +1,4 @@
+mail_privileged_group = mail
+mail_access_groups = mail
+mail_location = maildir:%h/mail/%d/%n
+pop3_uidl_format = %08Xu%08Xv
diff --git a/install/debian/12/dovecot/conf.d/10-master.conf b/install/debian/12/dovecot/conf.d/10-master.conf
new file mode 100644
index 00000000..a75a9aaa
--- /dev/null
+++ b/install/debian/12/dovecot/conf.d/10-master.conf
@@ -0,0 +1,29 @@
+service imap-login {
+  inet_listener imap {
+  }
+  inet_listener imaps {
+  }
+}
+
+service pop3-login {
+  inet_listener pop3 {
+  }
+  inet_listener pop3s {
+  }
+}
+
+
+service imap {
+}
+
+service pop3 {
+}
+
+service auth {
+  unix_listener auth-client {
+    group = mail
+    mode = 0660
+    user = dovecot
+  }
+  user = dovecot
+}
diff --git a/install/debian/12/dovecot/conf.d/10-ssl.conf b/install/debian/12/dovecot/conf.d/10-ssl.conf
new file mode 100644
index 00000000..3aaff6ee
--- /dev/null
+++ b/install/debian/12/dovecot/conf.d/10-ssl.conf
@@ -0,0 +1,3 @@
+ssl = yes
+ssl_cert = = 2.1.4)    : %v.%u
+  #  Dovecot v0.99.x     : %v.%u
+  #  tpop3d              : %Mf
+  #
+  # Note that Outlook 2003 seems to have problems with %v.%u format which was
+  # Dovecot's default, so if you're building a new server it would be a good
+  # idea to change this. %08Xu%08Xv should be pretty fail-safe.
+  #
+  #pop3_uidl_format = %08Xu%08Xv
+
+  # Permanently save UIDLs sent to POP3 clients, so pop3_uidl_format changes
+  # won't change those UIDLs. Currently this works only with Maildir.
+  #pop3_save_uidl = no
+
+  # What to do about duplicate UIDLs if they exist?
+  #   allow: Show duplicates to clients.
+  #   rename: Append a temporary -2, -3, etc. counter after the UIDL.
+  #pop3_uidl_duplicates = allow
+
+  # POP3 logout format string:
+  #  %i - total number of bytes read from client
+  #  %o - total number of bytes sent to client
+  #  %t - number of TOP commands
+  #  %p - number of bytes sent to client as a result of TOP command
+  #  %r - number of RETR commands
+  #  %b - number of bytes sent to client as a result of RETR command
+  #  %d - number of deleted messages
+  #  %m - number of messages (before deletion)
+  #  %s - mailbox size in bytes (before deletion)
+  #  %u - old/new UIDL hash. may help finding out if UIDLs changed unexpectedly
+  #pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s
+
+  # Maximum number of POP3 connections allowed for a user from each IP address.
+  # NOTE: The username is compared case-sensitively.
+  mail_max_userip_connections = 50
+
+  # Space separated list of plugins to load (default is global mail_plugins).
+  #mail_plugins = $mail_plugins
+
+  # Workarounds for various client bugs:
+  #   outlook-no-nuls:
+  #     Outlook and Outlook Express hang if mails contain NUL characters.
+  #     This setting replaces them with 0x80 character.
+  #   oe-ns-eoh:
+  #     Outlook Express and Netscape Mail breaks if end of headers-line is
+  #     missing. This option simply sends it if it's missing.
+  # The list is space-separated.
+  #pop3_client_workarounds = 
+}
diff --git a/install/debian/12/dovecot/conf.d/auth-passwdfile.conf.ext b/install/debian/12/dovecot/conf.d/auth-passwdfile.conf.ext
new file mode 100644
index 00000000..75e6e115
--- /dev/null
+++ b/install/debian/12/dovecot/conf.d/auth-passwdfile.conf.ext
@@ -0,0 +1,9 @@
+passdb {
+  driver = passwd-file
+  args = scheme=MD5-CRYPT username_format=%n /etc/exim4/domains/%d/passwd
+}
+
+userdb {
+  driver = passwd-file
+  args = username_format=%n /etc/exim4/domains/%d/passwd
+}
diff --git a/install/debian/12/dovecot/dovecot.conf b/install/debian/12/dovecot/dovecot.conf
new file mode 100644
index 00000000..0a855351
--- /dev/null
+++ b/install/debian/12/dovecot/dovecot.conf
@@ -0,0 +1,4 @@
+protocols = imap pop3
+listen = *, ::
+base_dir = /var/run/dovecot/
+!include conf.d/*.conf
diff --git a/install/debian/12/exim/deny_senders b/install/debian/12/exim/deny_senders
new file mode 100644
index 00000000..8b137891
--- /dev/null
+++ b/install/debian/12/exim/deny_senders
@@ -0,0 +1 @@
+
diff --git a/install/debian/12/exim/dnsbl.conf b/install/debian/12/exim/dnsbl.conf
new file mode 100644
index 00000000..5166b255
--- /dev/null
+++ b/install/debian/12/exim/dnsbl.conf
@@ -0,0 +1,2 @@
+bl.spamcop.net
+zen.spamhaus.org
diff --git a/install/debian/12/exim/exim4.conf.template b/install/debian/12/exim/exim4.conf.template
new file mode 100644
index 00000000..4b3c0dd9
--- /dev/null
+++ b/install/debian/12/exim/exim4.conf.template
@@ -0,0 +1,415 @@
+######################################################################
+#                                                                    #
+#          Exim configuration file for Vesta Control Panel           #
+#                                                                    #
+######################################################################
+
+#SPAMASSASSIN = yes
+#SPAM_SCORE = 50
+#CLAMD =  yes
+
+disable_ipv6=true
+add_environment=<; PATH=/bin:/usr/bin
+keep_environment=
+
+domainlist local_domains = dsearch;/etc/exim4/domains/
+domainlist relay_to_domains = dsearch;/etc/exim4/domains/
+hostlist relay_from_hosts = 127.0.0.1
+hostlist whitelist = net-iplsearch;/etc/exim4/white-blocks.conf
+hostlist spammers = net-iplsearch;/etc/exim4/spam-blocks.conf
+no_local_from_check
+untrusted_set_sender = *
+acl_smtp_connect = acl_check_spammers
+acl_smtp_mail = acl_check_mail
+acl_smtp_rcpt = acl_check_rcpt
+acl_smtp_data = acl_check_data
+acl_smtp_mime = acl_check_mime
+
+recipients_max = 15
+recipients_max_reject = true
+
+# log_selector = +smtp_connection
+smtp_accept_max = 50
+smtp_accept_max_per_host = 4
+
+.ifdef SPAMASSASSIN
+spamd_address = 127.0.0.1 783
+.endif
+
+.ifdef CLAMD
+av_scanner = clamd: /var/run/clamav/clamd.ctl
+.endif
+
+tls_advertise_hosts = *
+tls_certificate = /usr/local/vesta/ssl/certificate.crt
+tls_privatekey = /usr/local/vesta/ssl/certificate.key
+
+daemon_smtp_ports = 25 : 465 : 587 : 2525
+tls_on_connect_ports = 465
+never_users = root
+host_lookup = *
+rfc1413_hosts = *
+rfc1413_query_timeout = 0s
+ignore_bounce_errors_after = 2d
+timeout_frozen_after = 7d
+
+DKIM_DOMAIN = ${lc:${domain:$h_from:}}
+DKIM_FILE = /etc/exim4/domains/${lookup{${lc:${domain:$h_from:}}}dsearch{/etc/exim4/domains/}}/dkim.pem
+DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}
+
+
+
+######################################################################
+#                       ACL CONFIGURATION                            #
+#         Specifies access control lists for incoming SMTP mail      #
+######################################################################
+
+acl_not_smtp = acl_not_smtp
+
+begin acl
+
+acl_not_smtp:
+  deny message = Web site is sending too much emails [limitlog]: deny / account / $authenticated_id / $sender_rate / $sender_rate_period
+  ratelimit = 40 / 1h / $authenticated_id
+
+  warn ratelimit = 0 / 1h / strict / $authenticated_id
+  log_message = Sender rate [limitlog]: log / account / $authenticated_id / $sender_rate / $sender_rate_period
+
+  accept
+
+acl_check_spammers:
+  accept  hosts         = +whitelist
+
+  drop    message       = Your host in blacklist on this server.
+          log_message   = Host in blacklist
+          hosts         = +spammers
+
+  accept
+
+
+acl_check_mail:
+  deny    condition     = ${if eq{$sender_helo_name}{}}
+          message       = HELO required before MAIL
+
+  drop    message       = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid
+          condition     = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}}
+          condition     = ${if match{${lc:$sender_host_name}}{.telenor.rs}{false}{true}}
+          condition     = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}}
+          delay         = 45s
+
+  drop    condition     = ${if isip{$sender_helo_name}}
+          message       = Access denied - Invalid HELO name (See RFC2821 4.1.3)
+
+  drop    condition     = ${if eq{[$interface_address]}{$sender_helo_name}}
+          message       = $interface_address is _my_ address
+
+  accept
+
+
+acl_check_rcpt:
+  accept  hosts         = :
+
+  deny message = Email account is sending too much emails [limitlog]: deny / email / $authenticated_id / $sender_rate / $sender_rate_period
+  ratelimit = 40 / 1h / $authenticated_id
+
+  warn ratelimit = 0 / 1h / strict / $authenticated_id
+  log_message = Sender rate [limitlog]: log / email / $authenticated_id / $sender_rate / $sender_rate_period
+
+  deny    message       = Restricted characters in address
+          domains       = +local_domains
+          local_parts   = ^[.] : ^.*[@%!/|]
+
+  deny    message       = Restricted characters in address
+          domains       = !+local_domains
+          local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
+
+  require verify        = sender
+
+  accept  hosts         = +relay_from_hosts
+          control       = submission
+
+  accept  authenticated = *
+          control       = submission/domain=
+
+  deny    message       = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
+          hosts         = !+whitelist
+          dnslists      = ${readfile {/etc/exim4/dnsbl.conf}{:}}
+
+  require message       = relay not permitted
+          domains       = +local_domains : +relay_to_domains
+
+  deny    message       = smtp auth requried
+         sender_domains = +local_domains
+         !authenticated = *
+
+  require verify        = recipient
+
+.ifdef CLAMD
+  warn    set acl_m0    = no
+
+  warn    condition     = ${if exists {/etc/exim4/domains/$domain/antivirus}{yes}{no}}
+          set acl_m0    = yes
+.endif
+
+.ifdef SPAMASSASSIN
+  warn    set acl_m1    = no
+
+  warn    condition     = ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}}
+          set acl_m1    = yes
+.endif
+
+  accept
+
+
+acl_check_data:
+
+  deny senders = /etc/exim4/deny_senders
+
+.ifdef CLAMD
+  deny   message        = Message contains a virus ($malware_name) and has been rejected
+         malware        = */defer_ok
+         condition      = ${if eq{$acl_m0}{yes}{yes}{no}}
+.endif
+
+.ifdef SPAMASSASSIN
+  warn   !authenticated = *
+         hosts          = !+relay_from_hosts
+         condition      = ${if < {$message_size}{600K}}
+         condition      = ${if eq{$acl_m1}{yes}{yes}{no}}
+         spam           = nobody:true/defer_ok
+         add_header     = X-Spam-Score: $spam_score_int
+         add_header     = X-Spam-Bar: $spam_bar
+         add_header     = X-Spam-Report: $spam_report
+         set acl_m2     = $spam_score_int
+
+  warn   condition      = ${if !eq{$acl_m2}{} {yes}{no}}
+         condition      = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}}
+         add_header     = X-Spam-Status: Yes
+         message        = SpamAssassin detected spam (from $sender_address to $recipients).
+.endif
+
+  accept
+
+
+acl_check_mime:
+  deny   message        = Blacklisted file extension detected
+         condition      = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh|\.jar)$\N}{1}{0}}
+
+  accept
+
+
+
+######################################################################
+#                   AUTHENTICATION CONFIGURATION                     #
+######################################################################
+begin authenticators
+
+dovecot_plain:
+  driver = dovecot
+  public_name = PLAIN
+  server_socket = /var/run/dovecot/auth-client
+  server_set_id = $auth1
+
+dovecot_login:
+  driver = dovecot
+  public_name = LOGIN
+  server_socket = /var/run/dovecot/auth-client
+  server_set_id = $auth1
+
+
+
+######################################################################
+#                      ROUTERS CONFIGURATION                         #
+#               Specifies how addresses are handled                  #
+######################################################################
+begin routers
+
+#smarthost:
+#  driver = manualroute
+#  domains = ! +local_domains
+#  transport = remote_smtp
+#  route_list = * smartrelay.vestacp.com
+#  no_more
+#  no_verify
+
+dnslookup:
+  driver = dnslookup
+  domains = !+local_domains
+  transport = remote_smtp
+  no_more
+
+localuser_spam:
+  driver = accept
+  transport = local_spam_delivery
+  condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}{yes}{no_such_user}}}}
+
+userforward:
+  driver = redirect
+  check_local_user
+  file = $home/.forward
+  require_files = ${local_part}:+${home}/.forward
+  domains = +local_domains
+  allow_filter
+  no_verify
+  no_expn
+  check_ancestor
+  file_transport = address_file
+  pipe_transport = address_pipe
+  reply_transport = address_reply
+
+procmail:
+  driver = accept
+  check_local_user
+  require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail
+  transport = procmail
+  no_verify
+
+autoreplay:
+  driver = accept
+  require_files = /etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/autoreply.${local_part}.msg
+  condition = ${if exists{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/autoreply.${local_part}.msg}{yes}{no}}
+  retry_use_local_part
+  transport = userautoreply
+  unseen
+
+aliases:
+  driver = redirect
+  headers_add = X-redirected: yes
+  data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/aliases}}}}
+  require_files = /etc/exim4/domains/$domain/aliases
+  redirect_router = dnslookup
+  pipe_transport = address_pipe
+  unseen
+
+localuser_fwd_only:
+  driver = accept
+  transport = devnull
+  condition = ${if exists{/etc/exim4/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/fwd_only}{true}{false}}}}
+
+localuser:
+  driver = accept
+  transport = local_delivery
+  condition = ${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}{true}{false}}
+
+catchall:
+  driver = redirect
+  headers_add = X-redirected: yes
+  require_files = /etc/exim4/domains/$domain/aliases
+  data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/aliases}}}}
+  file_transport = local_delivery
+  redirect_router = dnslookup
+
+terminate_alias:
+  driver = accept
+  transport = devnull
+  condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/aliases}{true}{false}}
+
+
+
+######################################################################
+#                      TRANSPORTS CONFIGURATION                      #
+######################################################################
+begin transports
+
+remote_smtp:
+  driver = smtp
+  #helo_data = $sender_address_domain
+  dkim_domain = DKIM_DOMAIN
+  dkim_selector = mail
+  dkim_private_key = DKIM_PRIVATE_KEY
+  dkim_canon = relaxed
+  dkim_strict = 0
+  hosts_try_fastopen = !*.l.google.com
+  hosts_try_chunking = !93.188.3.0/24
+
+procmail:
+  driver = pipe
+  command = "/usr/bin/procmail -d $local_part"
+  return_path_add
+  delivery_date_add
+  envelope_to_add
+  user = $local_part
+  initgroups
+  return_output
+
+local_delivery:
+  driver = appendfile
+  maildir_format
+  maildir_use_size_file
+  user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}
+  group = mail
+  create_directory
+  directory_mode = 770
+  mode = 660
+  use_lockfile = no
+  delivery_date_add
+  envelope_to_add
+  return_path_add
+  directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim4/domains/}}/${lookup{$local_part}dsearch{${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim4/domains/}}}}"
+  quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}M
+  quota_warn_threshold = 75%
+
+local_spam_delivery:
+  driver = appendfile
+  maildir_format
+  maildir_use_size_file
+  user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}
+  group = mail
+  create_directory
+  directory_mode = 770
+  mode = 660
+  use_lockfile = no
+  delivery_date_add
+  envelope_to_add
+  return_path_add
+  directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim4/domains/}}/${lookup{$local_part}dsearch{${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim4/domains/}}}}/.Spam"
+  quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}M
+  quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim4/domains/}}/${lookup{$local_part}dsearch{${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim4/domains/}}}}"
+  quota_warn_threshold = 75%
+
+address_pipe:
+  driver = pipe
+  return_output
+
+address_file:
+  driver = appendfile
+  delivery_date_add
+  envelope_to_add
+  return_path_add
+
+address_reply:
+  driver = autoreply
+
+userautoreply:
+  driver = autoreply
+  file = /etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/autoreply.${extract{1}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/accounts}}}}.msg
+  from = "${extract{1}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/accounts}}}}@${lookup{$domain}dsearch{/etc/exim4/domains/}}"
+  headers = Content-Type: text/plain; charset=utf-8;\nContent-Transfer-Encoding: 8bit
+  subject = "${if def:h_Subject: {Autoreply: \"${rfc2047:$h_Subject:}\"} {Autoreply Message}}"
+  to = "${sender_address}"
+
+devnull:
+  driver = appendfile
+  file = /dev/null
+
+
+
+######################################################################
+#                      RETRY CONFIGURATION                           #
+######################################################################
+begin retry
+
+# Address or Domain    Error       Retries
+# -----------------    -----       -------
+*                      *           F,2h,15m; G,16h,1h,1.5; F,4d,6h
+
+
+
+######################################################################
+#                      REWRITE CONFIGURATION                         #
+######################################################################
+begin rewrite
+
+
+
+######################################################################
diff --git a/install/debian/12/exim/exim4.conf.template-RC b/install/debian/12/exim/exim4.conf.template-RC
new file mode 100644
index 00000000..36ba2a0d
--- /dev/null
+++ b/install/debian/12/exim/exim4.conf.template-RC
@@ -0,0 +1,446 @@
+######################################################################
+#                                                                    #
+#          Exim configuration file for Vesta Control Panel           #
+#                                                                    #
+######################################################################
+
+#SPAMASSASSIN = yes
+#SPAM_SCORE = 50
+#CLAMD =  yes
+
+disable_ipv6=true
+add_environment=<; PATH=/bin:/usr/bin
+keep_environment=
+
+#local_interfaces =  0.0.0.0
+#smtp_active_hostname = ${lookup{$interface_address}lsearch{/etc/exim4/virtual/helo_data}{$value}}
+#smtp_banner = "$smtp_active_hostname ESMTP $tod_full"
+
+domainlist local_domains = dsearch;/etc/exim4/domains/
+domainlist relay_to_domains = dsearch;/etc/exim4/domains/
+hostlist relay_from_hosts = 127.0.0.1
+hostlist whitelist = net-iplsearch;/etc/exim4/white-blocks.conf
+hostlist spammers = net-iplsearch;/etc/exim4/spam-blocks.conf
+no_local_from_check
+untrusted_set_sender = *
+acl_smtp_connect = acl_check_spammers
+acl_smtp_mail = acl_check_mail
+acl_smtp_rcpt = acl_check_rcpt
+acl_smtp_data = acl_check_data
+acl_smtp_mime = acl_check_mime
+
+LIMIT_PER_EMAIL_ACCOUNT_MAX_RECIPIENTS = 15
+LIMIT_PER_HOSTING_ACCOUNT_MAX_RECIPIENTS = 5
+LIMIT_PER_EMAIL_ACCOUNT_MAX_SENT_EMAILS_PER_HOUR = 40
+LIMIT_PER_HOSTING_ACCOUNT_MAX_SENT_EMAILS_PER_HOUR = 40
+
+recipients_max = 150
+recipients_max_reject = true
+
+# log_selector = +smtp_connection
+smtp_accept_max = 50
+smtp_accept_max_per_host = 4
+
+.ifdef SPAMASSASSIN
+spamd_address = 127.0.0.1 783
+.endif
+
+.ifdef CLAMD
+av_scanner = clamd: /var/run/clamav/clamd.ctl
+.endif
+
+tls_advertise_hosts = *
+tls_certificate = /usr/local/vesta/ssl/$received_ip_address.crt
+tls_privatekey = /usr/local/vesta/ssl/$received_ip_address.key
+
+daemon_smtp_ports = 25 : 465 : 587 : 2525
+tls_on_connect_ports = 465
+never_users = root
+host_lookup = *
+rfc1413_hosts = *
+rfc1413_query_timeout = 0s
+ignore_bounce_errors_after = 2d
+timeout_frozen_after = 7d
+
+DKIM_DOMAIN = ${lc:${domain:$h_from:}}
+DKIM_FILE = /etc/exim4/domains/${lookup{${lc:${domain:$h_from:}}}dsearch{/etc/exim4/domains/}}/dkim.pem
+DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}
+
+
+
+######################################################################
+#                       ACL CONFIGURATION                            #
+#         Specifies access control lists for incoming SMTP mail      #
+######################################################################
+
+acl_not_smtp = acl_not_smtp
+
+begin acl
+
+acl_not_smtp:
+  deny message = Too many recipients, limit is $acl_c_max_recipients recipients
+  set acl_c_max_recipients=${lookup{$authenticated_id}lsearch{/etc/exim4/limit_per_hosting_account_max_recipients}{$value}{LIMIT_PER_HOSTING_ACCOUNT_MAX_RECIPIENTS}}
+  condition = ${if >{$rcpt_count}{$acl_c_max_recipients}}
+
+  deny message = Hosting account is sending too much emails [limitlog]: deny / account / $authenticated_id / $sender_rate / $sender_rate_period [limit=$acl_c_limit_per_hour]
+  set acl_c_limit_per_hour=${lookup{$authenticated_id}lsearch{/etc/exim4/limit_per_hosting_account_max_sent_emails_per_hour}{$value}{LIMIT_PER_HOSTING_ACCOUNT_MAX_SENT_EMAILS_PER_HOUR}}
+  ratelimit = $acl_c_limit_per_hour / 1h / $authenticated_id
+
+  warn ratelimit = 0 / 1h / strict / $authenticated_id
+  set acl_c_limit_per_hour=${lookup{$authenticated_id}lsearch{/etc/exim4/limit_per_hosting_account_max_sent_emails_per_hour}{$value}{LIMIT_PER_HOSTING_ACCOUNT_MAX_SENT_EMAILS_PER_HOUR}}
+  log_message = Sender rate [limitlog]: log / account / $authenticated_id / $sender_rate / $sender_rate_period [limit=$acl_c_limit_per_hour]
+
+  warn    set acl_m3    = yes
+
+  accept
+
+acl_check_spammers:
+  accept  hosts         = +whitelist
+
+  drop    message       = Your host in blacklist on this server.
+          log_message   = Host in blacklist
+          hosts         = +spammers
+
+  accept
+
+
+acl_check_mail:
+  deny    condition     = ${if eq{$sender_helo_name}{}}
+          message       = HELO required before MAIL
+
+  drop    message       = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid
+          condition     = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}}
+          condition     = ${if match{${lc:$sender_host_name}}{.telenor.rs}{false}{true}}
+          condition     = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}}
+          delay         = 45s
+
+  drop    condition     = ${if isip{$sender_helo_name}}
+          message       = Access denied - Invalid HELO name (See RFC2821 4.1.3)
+
+  drop    condition     = ${if eq{[$interface_address]}{$sender_helo_name}}
+          message       = $interface_address is _my_ address
+
+  accept
+
+
+acl_check_rcpt:
+  accept  hosts         = :
+
+  deny message = Too many recipients, limit is $acl_c_max_recipients recipients
+  set acl_c_max_recipients=${lookup{$authenticated_id}lsearch{/etc/exim4/limit_per_email_account_max_recipients}{$value}{LIMIT_PER_EMAIL_ACCOUNT_MAX_RECIPIENTS}}
+  condition = ${if >{$rcpt_count}{$acl_c_max_recipients}}
+
+  deny message = Email account is sending too much emails [limitlog]: deny / email / $authenticated_id / $sender_rate / $sender_rate_period [limit=$acl_c_limit_per_hour]
+  set acl_c_limit_per_hour=${lookup{$authenticated_id}lsearch{/etc/exim4/limit_per_email_account_max_sent_emails_per_hour}{$value}{LIMIT_PER_EMAIL_ACCOUNT_MAX_SENT_EMAILS_PER_HOUR}}
+  ratelimit = $acl_c_limit_per_hour / 1h / $authenticated_id
+
+  warn ratelimit = 0 / 1h / strict / $authenticated_id
+  set acl_c_limit_per_hour=${lookup{$authenticated_id}lsearch{/etc/exim4/limit_per_email_account_max_sent_emails_per_hour}{$value}{LIMIT_PER_EMAIL_ACCOUNT_MAX_SENT_EMAILS_PER_HOUR}}
+  log_message = Sender rate [limitlog]: log / email / $authenticated_id / $sender_rate / $sender_rate_period [limit=$acl_c_limit_per_hour]
+
+  warn    set acl_m3    = no
+  
+  warn    !authenticated = *
+          hosts          = !+relay_from_hosts
+          condition     = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}{true}{false}}
+          set acl_m3    = yes
+
+  deny    message       = Restricted characters in address
+          domains       = +local_domains
+          local_parts   = ^[.] : ^.*[@%!/|]
+
+  deny    message       = Restricted characters in address
+          domains       = !+local_domains
+          local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
+
+  require verify        = sender
+
+  accept  hosts         = +relay_from_hosts
+          control       = submission
+
+  accept  authenticated = *
+          control       = submission/domain=
+
+  deny    message       = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
+          hosts         = !+whitelist
+          dnslists      = ${readfile {/etc/exim4/dnsbl.conf}{:}}
+
+  require message       = relay not permitted
+          domains       = +local_domains : +relay_to_domains
+
+  deny    message       = smtp auth requried
+         sender_domains = +local_domains
+         !authenticated = *
+
+  require verify        = recipient
+
+.ifdef CLAMD
+  warn    set acl_m0    = no
+
+  warn    condition     = ${if exists {/etc/exim4/domains/$domain/antivirus}{yes}{no}}
+          set acl_m0    = yes
+.endif
+
+.ifdef SPAMASSASSIN
+  warn    set acl_m1    = no
+
+  warn    condition     = ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}}
+          set acl_m1    = yes
+.endif
+
+  accept
+
+
+acl_check_data:
+
+  deny senders = /etc/exim4/deny_senders
+
+.ifdef CLAMD
+  deny   message        = Message contains a virus ($malware_name) and has been rejected
+         malware        = */defer_ok
+         condition      = ${if eq{$acl_m0}{yes}{yes}{no}}
+.endif
+
+.ifdef SPAMASSASSIN
+  warn   !authenticated = *
+         hosts          = !+relay_from_hosts
+         condition      = ${if < {$message_size}{600K}}
+         condition      = ${if eq{$acl_m1}{yes}{yes}{no}}
+         spam           = nobody:true/defer_ok
+         add_header     = X-Spam-Score: $spam_score_int
+         add_header     = X-Spam-Bar: $spam_bar
+         add_header     = X-Spam-Report: $spam_report
+         set acl_m2     = $spam_score_int
+
+  warn   condition      = ${if !eq{$acl_m2}{} {yes}{no}}
+         condition      = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}}
+         add_header     = X-Spam-Status: Yes
+         message        = SpamAssassin detected spam (from $sender_address to $recipients).
+.endif
+
+  accept
+
+
+acl_check_mime:
+  deny   message        = Blacklisted file extension detected
+         condition      = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh|\.jar)$\N}{1}{0}}
+
+  accept
+
+
+
+######################################################################
+#                   AUTHENTICATION CONFIGURATION                     #
+######################################################################
+begin authenticators
+
+dovecot_plain:
+  driver = dovecot
+  public_name = PLAIN
+  server_socket = /var/run/dovecot/auth-client
+  server_set_id = $auth1
+
+dovecot_login:
+  driver = dovecot
+  public_name = LOGIN
+  server_socket = /var/run/dovecot/auth-client
+  server_set_id = $auth1
+
+
+
+######################################################################
+#                      ROUTERS CONFIGURATION                         #
+#               Specifies how addresses are handled                  #
+######################################################################
+begin routers
+
+#smarthost:
+#  driver = manualroute
+#  domains = ! +local_domains
+#  transport = remote_smtp
+#  route_list = * smartrelay.vestacp.com
+#  no_more
+#  no_verify
+
+dnslookup:
+  driver = dnslookup
+  domains = !+local_domains
+  transport = remote_smtp
+  no_more
+
+localuser_spam:
+  driver = accept
+  transport = local_spam_delivery
+  condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}{yes}{no_such_user}}}}
+
+userforward:
+  driver = redirect
+  check_local_user
+  file = $home/.forward
+  require_files = ${local_part}:+${home}/.forward
+  domains = +local_domains
+  allow_filter
+  no_verify
+  no_expn
+  check_ancestor
+  file_transport = address_file
+  pipe_transport = address_pipe
+  reply_transport = address_reply
+
+procmail:
+  driver = accept
+  check_local_user
+  require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail
+  transport = procmail
+  no_verify
+
+autoreplay:
+  driver = accept
+  require_files = /etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/autoreply.${local_part}.msg
+  condition = ${if exists{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/autoreply.${local_part}.msg}{yes}{no}}
+  retry_use_local_part
+  transport = userautoreply
+  unseen
+
+aliases:
+  driver = redirect
+  headers_add = X-redirected: yes
+  data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/aliases}}}}
+  require_files = /etc/exim4/domains/$domain/aliases
+  redirect_router = dnslookup
+  pipe_transport = address_pipe
+  unseen
+
+localuser_fwd_only:
+  driver = accept
+  transport = devnull
+  condition = ${if exists{/etc/exim4/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/fwd_only}{true}{false}}}}
+
+localuser:
+  driver = accept
+  transport = local_delivery
+  condition = ${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}{true}{false}}
+
+catchall:
+  driver = redirect
+  headers_add = X-redirected: yes
+  require_files = /etc/exim4/domains/$domain/aliases
+  data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/aliases}}}}
+  file_transport = local_delivery
+  redirect_router = dnslookup
+
+terminate_alias:
+  driver = accept
+  transport = devnull
+  condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/aliases}{true}{false}}
+
+
+
+######################################################################
+#                      TRANSPORTS CONFIGURATION                      #
+######################################################################
+begin transports
+
+remote_smtp:
+  driver = smtp
+  #interface = ${if eq{$acl_m3}{yes}{FIRSTIP}{${lookup{$sender_address_domain}lsearch{/etc/exim4/virtual/interfaces} {$value}{SECONDIP}}}}
+  #helo_data = "${if eq{$acl_m3}{yes}{FIRSTHOST}{${lookup{$sending_ip_address}lsearch{/etc/exim4/virtual/helo_data}{$value}{SECONDHOST}}}}"
+  dkim_domain = DKIM_DOMAIN
+  dkim_selector = mail
+  dkim_private_key = DKIM_PRIVATE_KEY
+  dkim_canon = relaxed
+  dkim_strict = 0
+  hosts_try_fastopen = !*.l.google.com
+  hosts_try_chunking = !93.188.3.0/24
+
+procmail:
+  driver = pipe
+  command = "/usr/bin/procmail -d $local_part"
+  return_path_add
+  delivery_date_add
+  envelope_to_add
+  user = $local_part
+  initgroups
+  return_output
+
+local_delivery:
+  driver = appendfile
+  maildir_format
+  maildir_use_size_file
+  user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}
+  group = mail
+  create_directory
+  directory_mode = 770
+  mode = 660
+  use_lockfile = no
+  delivery_date_add
+  envelope_to_add
+  return_path_add
+  directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim4/domains/}}/${lookup{$local_part}dsearch{${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim4/domains/}}}}"
+  quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}M
+  quota_warn_threshold = 75%
+
+local_spam_delivery:
+  driver = appendfile
+  maildir_format
+  maildir_use_size_file
+  user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}
+  group = mail
+  create_directory
+  directory_mode = 770
+  mode = 660
+  use_lockfile = no
+  delivery_date_add
+  envelope_to_add
+  return_path_add
+  directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim4/domains/}}/${lookup{$local_part}dsearch{${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim4/domains/}}}}/.Spam"
+  quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}M
+  quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim4/domains/}}/${lookup{$local_part}dsearch{${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/passwd}}}}/mail/${lookup{$domain}dsearch{/etc/exim4/domains/}}}}"
+  quota_warn_threshold = 75%
+
+address_pipe:
+  driver = pipe
+  return_output
+
+address_file:
+  driver = appendfile
+  delivery_date_add
+  envelope_to_add
+  return_path_add
+
+address_reply:
+  driver = autoreply
+
+userautoreply:
+  driver = autoreply
+  file = /etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/autoreply.${extract{1}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/accounts}}}}.msg
+  from = "${extract{1}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/${lookup{$domain}dsearch{/etc/exim4/domains/}}/accounts}}}}@${lookup{$domain}dsearch{/etc/exim4/domains/}}"
+  headers = Content-Type: text/plain; charset=utf-8;\nContent-Transfer-Encoding: 8bit
+  subject = "${if def:h_Subject: {Autoreply: \"${rfc2047:$h_Subject:}\"} {Autoreply Message}}"
+  to = "${sender_address}"
+
+devnull:
+  driver = appendfile
+  file = /dev/null
+
+
+
+######################################################################
+#                      RETRY CONFIGURATION                           #
+######################################################################
+begin retry
+
+# Address or Domain    Error       Retries
+# -----------------    -----       -------
+*                      *           F,2h,15m; G,16h,1h,1.5; F,4d,6h
+
+
+
+######################################################################
+#                      REWRITE CONFIGURATION                         #
+######################################################################
+begin rewrite
+
+
+
+######################################################################
diff --git a/install/debian/12/exim/spam-blocks.conf b/install/debian/12/exim/spam-blocks.conf
new file mode 100644
index 00000000..e69de29b
diff --git a/install/debian/12/fail2ban/action.d/vesta.conf b/install/debian/12/fail2ban/action.d/vesta.conf
new file mode 100644
index 00000000..0edfc349
--- /dev/null
+++ b/install/debian/12/fail2ban/action.d/vesta.conf
@@ -0,0 +1,9 @@
+# Fail2Ban configuration file for vesta
+
+[Definition]
+
+actionstart = /usr/local/vesta/bin/v-add-firewall-chain 
+actionstop = /usr/local/vesta/bin/v-delete-firewall-chain 
+actioncheck = iptables -n -L INPUT | grep -q 'fail2ban-[ \t]'
+actionban = /usr/local/vesta/bin/v-add-firewall-ban  
+actionunban = /usr/local/vesta/bin/v-delete-firewall-ban  
diff --git a/install/debian/12/fail2ban/filter.d/vesta.conf b/install/debian/12/fail2ban/filter.d/vesta.conf
new file mode 100644
index 00000000..36ec1001
--- /dev/null
+++ b/install/debian/12/fail2ban/filter.d/vesta.conf
@@ -0,0 +1,10 @@
+# Fail2Ban filter for unsuccessful Vesta authentication attempts
+#
+
+[INCLUDES]
+before = common.conf
+
+[Definition]
+failregex =  .*  failed to login
+ignoreregex =
+
diff --git a/install/debian/12/fail2ban/jail.local b/install/debian/12/fail2ban/jail.local
new file mode 100644
index 00000000..eccea068
--- /dev/null
+++ b/install/debian/12/fail2ban/jail.local
@@ -0,0 +1,39 @@
+[ssh-iptables]
+enabled  = true
+filter   = sshd
+action   = vesta[name=SSH]
+logpath  = /var/log/auth.log
+maxretry = 5
+
+[vsftpd-iptables]
+enabled  = false
+filter   = vsftpd
+action   = vesta[name=FTP]
+logpath  = /var/log/vsftpd.log
+maxretry = 5
+
+[exim-iptables]
+enabled = true
+filter  = exim
+action  = vesta[name=MAIL]
+logpath = /var/log/exim4/mainlog
+
+[dovecot-iptables]
+enabled = true
+filter  = dovecot
+action  = vesta[name=MAIL]
+logpath = /var/log/dovecot.log
+
+[mysqld-iptables]
+enabled  = false
+filter   = mysqld-auth
+action   = vesta[name=DB]
+logpath  = /var/log/mysql.log
+maxretry = 5
+
+[vesta-iptables]
+enabled = true
+filter  = vesta
+action  = vesta[name=VESTA]
+logpath = /var/log/vesta/auth.log
+maxretry = 5
diff --git a/install/debian/12/firewall/ports.conf b/install/debian/12/firewall/ports.conf
new file mode 100644
index 00000000..b730d012
--- /dev/null
+++ b/install/debian/12/firewall/ports.conf
@@ -0,0 +1,17 @@
+PROTOCOL='TCP' PORT='20'
+PROTOCOL='TCP' PORT='21'
+PROTOCOL='TCP' PORT='22'
+PROTOCOL='TCP' PORT='25'
+PROTOCOL='TCP' PORT='53'
+PROTOCOL='UDP' PORT='53'
+PROTOCOL='TCP' PORT='80'
+PROTOCOL='TCP' PORT='443'
+PROTOCOL='TCP' PORT='110'
+PROTOCOL='UDP' PORT='123'
+PROTOCOL='TCP' PORT='143'
+PROTOCOL='TCP' PORT='3306'
+PROTOCOL='TCP' PORT='5432'
+PROTOCOL='TCP' PORT='8080'
+PROTOCOL='TCP' PORT='8433'
+PROTOCOL='TCP' PORT='8083'
+PROTOCOL='TCP' PORT='12000:12100'
diff --git a/install/debian/12/firewall/rules.conf b/install/debian/12/firewall/rules.conf
new file mode 100644
index 00000000..6da5a1c4
--- /dev/null
+++ b/install/debian/12/firewall/rules.conf
@@ -0,0 +1,11 @@
+RULE='1' ACTION='ACCEPT' PROTOCOL='ICMP' PORT='0' IP='0.0.0.0/0' COMMENT='PING' SUSPENDED='no' TIME='17:13:48' DATE='2014-09-16'
+RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='0.0.0.0/0' COMMENT='VESTA' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT='DB' SUSPENDED='yes' TIME='07:40:16' DATE='2014-05-25'
+RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='7' ACTION='ACCEPT' PROTOCOL='TCP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='8' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP='0.0.0.0/0' COMMENT='FTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='17:04:27' DATE='2014-09-24'
+RULE='11' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='0.0.0.0/0' COMMENT='SSH' SUSPENDED='no' TIME='17:14:41' DATE='2014-09-16'
diff --git a/install/debian/12/logrotate/apache2 b/install/debian/12/logrotate/apache2
new file mode 100644
index 00000000..27629d0d
--- /dev/null
+++ b/install/debian/12/logrotate/apache2
@@ -0,0 +1,19 @@
+/var/log/apache2/*.log /var/log/apache2/domains/*log {
+        weekly
+        missingok
+        rotate 52
+        compress
+        delaycompress
+        notifempty
+        create 640 root adm
+        sharedscripts
+        postrotate
+                /etc/init.d/apache2 reload > /dev/null || true
+                [ ! -f /var/run/nginx.pid ] || kill -USR1 `cat /var/run/nginx.pid`
+        endscript
+        prerotate
+                if [ -d /etc/logrotate.d/httpd-prerotate ]; then \
+                        run-parts /etc/logrotate.d/httpd-prerotate; \
+                fi; \
+        endscript
+}
diff --git a/install/debian/12/logrotate/dovecot b/install/debian/12/logrotate/dovecot
new file mode 100644
index 00000000..ac4fd6e9
--- /dev/null
+++ b/install/debian/12/logrotate/dovecot
@@ -0,0 +1,12 @@
+/var/log/dovecot*.log {
+  weekly
+  rotate 4
+  missingok
+  notifempty
+  compress
+  delaycompress
+  sharedscripts
+  postrotate
+    doveadm log reopen
+  endscript
+}
diff --git a/install/debian/12/logrotate/nginx b/install/debian/12/logrotate/nginx
new file mode 100644
index 00000000..d667f213
--- /dev/null
+++ b/install/debian/12/logrotate/nginx
@@ -0,0 +1,13 @@
+/var/log/nginx/*log /var/log/nginx/domains/*log {
+        daily
+        missingok
+        rotate 52
+        compress
+        delaycompress
+        notifempty
+        create 640 nginx adm
+        sharedscripts
+        postrotate
+                [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid`
+        endscript
+}
diff --git a/install/debian/12/logrotate/vesta b/install/debian/12/logrotate/vesta
new file mode 100644
index 00000000..027a3439
--- /dev/null
+++ b/install/debian/12/logrotate/vesta
@@ -0,0 +1,7 @@
+/usr/local/vesta/log/*.log {
+    missingok
+    notifempty
+    size 30k
+    yearly
+    create 0600 root root
+}
diff --git a/install/debian/12/mysql/my-large.cnf b/install/debian/12/mysql/my-large.cnf
new file mode 100644
index 00000000..b056c316
--- /dev/null
+++ b/install/debian/12/mysql/my-large.cnf
@@ -0,0 +1,51 @@
+[client]
+default-character-set=utf8mb4
+port=3306
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld_safe]
+socket=/var/run/mysqld/mysqld.sock
+
+[mysql]
+default-character-set=utf8mb4
+
+[mysqld]
+collation-server = utf8mb4_unicode_520_ci
+init-connect='SET NAMES utf8mb4'
+character-set-server = utf8mb4
+user=mysql
+pid-file=/var/run/mysqld/mysqld.pid
+socket=/var/run/mysqld/mysqld.sock
+port=3306
+basedir=/usr
+datadir=/var/lib/mysql
+tmpdir=/tmp
+lc-messages-dir=/usr/share/mysql
+log_error=/var/log/mysql/error.log
+
+symbolic-links=0
+
+skip-external-locking
+key_buffer_size = 256M
+max_allowed_packet = 32M
+table_open_cache = 256
+sort_buffer_size = 1M
+read_buffer_size = 1M
+read_rnd_buffer_size = 4M
+myisam_sort_buffer_size = 64M
+thread_cache_size = 8
+query_cache_size= 16M
+thread_concurrency = 8
+
+#innodb_use_native_aio = 0
+innodb_file_per_table
+
+max_connections=200
+max_user_connections=50
+wait_timeout=10
+interactive_timeout=50
+long_query_time=5
+
+sql_mode=ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION
+
+!includedir /etc/mysql/conf.d/
diff --git a/install/debian/12/mysql/my-medium.cnf b/install/debian/12/mysql/my-medium.cnf
new file mode 100644
index 00000000..33aa04c2
--- /dev/null
+++ b/install/debian/12/mysql/my-medium.cnf
@@ -0,0 +1,49 @@
+[client]
+default-character-set=utf8mb4
+port=3306
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld_safe]
+socket=/var/run/mysqld/mysqld.sock
+
+[mysql]
+default-character-set=utf8mb4
+
+[mysqld]
+collation-server = utf8mb4_unicode_520_ci
+init-connect='SET NAMES utf8mb4'
+character-set-server = utf8mb4
+user=mysql
+pid-file=/var/run/mysqld/mysqld.pid
+socket=/var/run/mysqld/mysqld.sock
+port=3306
+basedir=/usr
+datadir=/var/lib/mysql
+tmpdir=/tmp
+lc-messages-dir=/usr/share/mysql
+log_error=/var/log/mysql/error.log
+
+symbolic-links=0
+  
+skip-external-locking
+key_buffer_size = 16M
+max_allowed_packet = 16M
+table_open_cache = 64
+sort_buffer_size = 512K
+net_buffer_length = 8K
+read_buffer_size = 256K
+read_rnd_buffer_size = 512K
+myisam_sort_buffer_size = 8M
+
+#innodb_use_native_aio = 0
+innodb_file_per_table
+
+max_connections=70
+max_user_connections=30
+wait_timeout=10
+interactive_timeout=50
+long_query_time=5
+
+sql_mode=ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION
+
+!includedir /etc/mysql/conf.d/
diff --git a/install/debian/12/mysql/my-small.cnf b/install/debian/12/mysql/my-small.cnf
new file mode 100644
index 00000000..857f48ce
--- /dev/null
+++ b/install/debian/12/mysql/my-small.cnf
@@ -0,0 +1,49 @@
+[client]
+default-character-set=utf8mb4
+port=3306
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld_safe]
+socket=/var/run/mysqld/mysqld.sock
+
+[mysql]
+default-character-set=utf8mb4
+
+[mysqld]
+collation-server = utf8mb4_unicode_520_ci
+init-connect='SET NAMES utf8mb4'
+character-set-server = utf8mb4
+user=mysql
+pid-file=/var/run/mysqld/mysqld.pid
+socket=/var/run/mysqld/mysqld.sock
+port=3306
+basedir=/usr
+datadir=/var/lib/mysql
+tmpdir=/tmp
+lc-messages-dir=/usr/share/mysql
+log_error=/var/log/mysql/error.log
+
+symbolic-links=0
+
+skip-external-locking
+key_buffer_size = 16K
+max_allowed_packet = 1M
+table_open_cache = 4
+sort_buffer_size = 64K
+read_buffer_size = 256K
+read_rnd_buffer_size = 256K
+net_buffer_length = 2K
+thread_stack = 240K
+
+#innodb_use_native_aio = 0
+innodb_file_per_table
+
+max_connections=30
+max_user_connections=20
+wait_timeout=10
+interactive_timeout=50
+long_query_time=5
+
+sql_mode=ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION
+
+!includedir /etc/mysql/conf.d/
diff --git a/install/debian/12/nginx/nginx.conf b/install/debian/12/nginx/nginx.conf
new file mode 100644
index 00000000..6d5e36ba
--- /dev/null
+++ b/install/debian/12/nginx/nginx.conf
@@ -0,0 +1,140 @@
+# Server globals
+user                    www-data;
+worker_processes        auto;
+worker_rlimit_nofile    65535;
+timer_resolution         50ms; #In order to free some CPU cycles
+error_log               /var/log/nginx/error.log crit;
+pid                     /var/run/nginx.pid;
+
+
+# Worker config
+events {
+        worker_connections  1024;
+        use                 epoll;
+        multi_accept        on;
+}
+
+
+http {
+    # Main settings
+    sendfile                        on;
+    tcp_nopush                      on;
+    tcp_nodelay                     on;
+    client_header_timeout           1m;
+    client_body_timeout             1m;
+    client_header_buffer_size       2k;
+    client_body_buffer_size         256k;
+    client_max_body_size            256m;
+    large_client_header_buffers     4   8k;
+    send_timeout                    30;
+    keepalive_timeout               60 60;
+    reset_timedout_connection       on;
+    server_tokens                   off;
+    server_name_in_redirect         off;
+    server_names_hash_max_size      512;
+    server_names_hash_bucket_size   512;
+
+
+    # Log format
+    log_format  main    '$remote_addr - $remote_user [$time_local] $request '
+                        '"$status" $body_bytes_sent "$http_referer" '
+                        '"$http_user_agent" "$http_x_forwarded_for"';
+    log_format  bytes   '$body_bytes_sent';
+    #access_log          /var/log/nginx/access.log main;
+    access_log off;
+
+
+    # Mime settings
+    include             /etc/nginx/mime.types;
+    default_type        application/octet-stream;
+
+
+    # Compression
+    gzip                on;
+    gzip_comp_level     9;
+    gzip_min_length     512;
+    gzip_buffers        8 64k;
+    gzip_types          text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype;
+    gzip_proxied        any;
+    gzip_disable        "MSIE [1-6]\.";
+
+    # Proxy settings
+    proxy_redirect      off;
+    proxy_set_header    Host            $host;
+    proxy_set_header    X-Real-IP       $remote_addr;
+    proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_pass_header   Set-Cookie;
+    proxy_connect_timeout   900;
+    proxy_send_timeout  900;
+    proxy_read_timeout  900;
+    proxy_buffer_size   128k;
+    proxy_buffers   4 256k;
+    proxy_busy_buffers_size   256k;
+
+
+    # Cloudflare https://www.cloudflare.com/ips
+    set_real_ip_from 173.245.48.0/20;
+    set_real_ip_from 103.21.244.0/22;
+    set_real_ip_from 103.22.200.0/22;
+    set_real_ip_from 103.31.4.0/22;
+    set_real_ip_from 104.16.0.0/13;
+    set_real_ip_from 104.24.0.0/14;
+    set_real_ip_from 141.101.64.0/18;
+    set_real_ip_from 108.162.192.0/18;
+    set_real_ip_from 190.93.240.0/20;
+    set_real_ip_from 188.114.96.0/20;
+    set_real_ip_from 197.234.240.0/22;
+    set_real_ip_from 198.41.128.0/17;
+    set_real_ip_from 162.158.0.0/15;
+    set_real_ip_from 172.64.0.0/13;
+    set_real_ip_from 131.0.72.0/22;
+    set_real_ip_from 2400:cb00::/32;
+    set_real_ip_from 2606:4700::/32;
+    set_real_ip_from 2803:f800::/32;
+    set_real_ip_from 2405:b500::/32;
+    set_real_ip_from 2405:8100::/32;
+    set_real_ip_from 2a06:98c0::/29;
+    set_real_ip_from 2c0f:f248::/32;
+    real_ip_header     CF-Connecting-IP;
+
+
+    # SSL PCI Compliance
+    ssl_session_cache   shared:SSL:10m;
+    ssl_protocols       TLSv1.1 TLSv1.2;
+    ssl_prefer_server_ciphers on;
+    ssl_ciphers        "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
+
+
+    # Error pages
+    error_page          403          /error/403.html;
+    error_page          404          /error/404.html;
+    error_page          502 503 504  /error/50x.html;
+
+
+    # Cache settings
+    proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m;
+    proxy_cache_key "$host$request_uri $cookie_user";
+    proxy_temp_path  /var/cache/nginx/temp;
+    proxy_ignore_headers Expires Cache-Control;
+    proxy_cache_use_stale error timeout invalid_header http_502;
+    proxy_cache_valid any 1d;
+
+
+    # Cache bypass
+    map $http_cookie $no_cache {
+        default 0;
+        ~SESS 1;
+        ~wordpress_logged_in 1;
+    }
+
+
+    # File cache settings
+    open_file_cache          max=10000 inactive=30s;
+    open_file_cache_valid    60s;
+    open_file_cache_min_uses 2;
+    open_file_cache_errors   off;
+
+
+    # Wildcard include
+    include             /etc/nginx/conf.d/*.conf;
+}
diff --git a/install/debian/12/nginx/phpmyadmin.inc b/install/debian/12/nginx/phpmyadmin.inc
new file mode 100644
index 00000000..cdfc93c4
--- /dev/null
+++ b/install/debian/12/nginx/phpmyadmin.inc
@@ -0,0 +1,18 @@
+location /phpmyadmin {
+    alias /usr/share/phpmyadmin;
+
+    location ~ /(libraries|setup) {
+        return 404;
+    }
+
+    location ~ ^/phpmyadmin/(.*\.php)$ {
+        alias /usr/share/phpmyadmin/$1;
+        fastcgi_pass 127.0.0.1:9000;
+        fastcgi_index index.php;
+        include fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME $request_filename;
+    }
+    location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
+        root /usr/share/;
+    }
+}
diff --git a/install/debian/12/nginx/phppgadmin.inc b/install/debian/12/nginx/phppgadmin.inc
new file mode 100644
index 00000000..47cfcf4e
--- /dev/null
+++ b/install/debian/12/nginx/phppgadmin.inc
@@ -0,0 +1,11 @@
+location /phppgadmin {
+    alias /usr/share/phppgadmin;
+
+    location ~ ^/phppgadmin/(.*\.php)$ {
+        alias /usr/share/phppgadmin/$1;
+        fastcgi_pass 127.0.0.1:9000;
+        fastcgi_index index.php;
+        include fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME $request_filename;
+    }
+}
diff --git a/install/debian/12/nginx/status.conf b/install/debian/12/nginx/status.conf
new file mode 100644
index 00000000..c0bcd069
--- /dev/null
+++ b/install/debian/12/nginx/status.conf
@@ -0,0 +1,9 @@
+server {
+    listen       127.0.0.1:8084 default;
+    server_name  _;
+    server_name_in_redirect  off;
+    location / {
+        stub_status on;
+        access_log   off;
+   }
+}
diff --git a/install/debian/12/nginx/webmail.inc b/install/debian/12/nginx/webmail.inc
new file mode 100644
index 00000000..768c9049
--- /dev/null
+++ b/install/debian/12/nginx/webmail.inc
@@ -0,0 +1,15 @@
+location /webmail {
+    alias /var/lib/roundcube;
+
+    location ~ /(config|temp|logs) {
+        return 404;
+    }
+
+    location ~ ^/webmail/(.*\.php)$ {
+        alias /var/lib/roundcube/$1;
+        fastcgi_pass 127.0.0.1:9000;
+        fastcgi_index index.php;
+        include fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME $request_filename;
+    }
+}
diff --git a/install/debian/12/packages/default.pkg b/install/debian/12/packages/default.pkg
new file mode 100644
index 00000000..45a34c96
--- /dev/null
+++ b/install/debian/12/packages/default.pkg
@@ -0,0 +1,18 @@
+WEB_TEMPLATE='PHP-FPM-74'
+PROXY_TEMPLATE='hosting'
+DNS_TEMPLATE='default'
+WEB_DOMAINS='unlimited'
+WEB_ALIASES='unlimited'
+DNS_DOMAINS='unlimited'
+DNS_RECORDS='unlimited'
+MAIL_DOMAINS='unlimited'
+MAIL_ACCOUNTS='unlimited'
+DATABASES='unlimited'
+CRON_JOBS='unlimited'
+DISK_QUOTA='unlimited'
+BANDWIDTH='unlimited'
+NS='YOURHOSTNAME1,YOURHOSTNAME2'
+SHELL='nologin'
+BACKUPS='2'
+TIME='18:00:00'
+DATE='2017-12-28'
diff --git a/install/debian/12/pga/config.inc.php b/install/debian/12/pga/config.inc.php
new file mode 100644
index 00000000..1eec9776
--- /dev/null
+++ b/install/debian/12/pga/config.inc.php
@@ -0,0 +1,159 @@
+
diff --git a/install/debian/12/pga/phppgadmin.conf b/install/debian/12/pga/phppgadmin.conf
new file mode 100644
index 00000000..f39247d6
--- /dev/null
+++ b/install/debian/12/pga/phppgadmin.conf
@@ -0,0 +1,31 @@
+Alias /phppgadmin /usr/share/phppgadmin
+
+
+
+DirectoryIndex index.php
+AllowOverride None
+
+order deny,allow
+deny from all
+allow from 127.0.0.0/255.0.0.0 ::1/128
+allow from all
+
+
+  php_flag magic_quotes_gpc Off
+  php_flag track_vars On
+  php_value include_path .
+
+
+  
+    
+      AddType application/x-httpd-php .php
+      Action application/x-httpd-php /cgi-bin/php
+    
+    
+      AddType application/x-httpd-php .php
+      Action application/x-httpd-php /cgi-bin/php
+    
+  
+
+
+
diff --git a/install/debian/12/php-fpm/www.conf b/install/debian/12/php-fpm/www.conf
new file mode 100644
index 00000000..3c87f33c
--- /dev/null
+++ b/install/debian/12/php-fpm/www.conf
@@ -0,0 +1,11 @@
+[www]
+listen = 127.0.0.1:9000
+listen.allowed_clients = 127.0.0.1
+
+user = www-data
+group = www-data
+
+pm = ondemand
+pm.max_children = 2
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
diff --git a/install/debian/12/php/php7.3-dedi.patch b/install/debian/12/php/php7.3-dedi.patch
new file mode 100644
index 00000000..c044e002
--- /dev/null
+++ b/install/debian/12/php/php7.3-dedi.patch
@@ -0,0 +1,78 @@
+--- /etc/php/7.3/fpm/php.ini.orig	2019-07-18 16:11:18.856589963 +0200
++++ /etc/php/7.3/fpm/php.ini	2019-07-18 17:45:51.000000000 +0200
+@@ -312,7 +312,8 @@
+ ; This directive allows you to disable certain functions for security reasons.
+ ; It receives a comma-delimited list of function names.
+ ; http://php.net/disable-functions
+-disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,
++; disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,
++disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,exec,system,passthru,shell_exec,proc_open,popen
+ 
+ ; This directive allows you to disable certain classes for security reasons.
+ ; It receives a comma-delimited list of class names.
+@@ -399,11 +400,11 @@
+ ;max_input_nesting_level = 64
+ 
+ ; How many GET/POST/COOKIE input variables may be accepted
+-;max_input_vars = 1000
++max_input_vars = 6000
+ 
+ ; Maximum amount of memory a script may consume (128MB)
+ ; http://php.net/memory-limit
+-memory_limit = 128M
++memory_limit = 256M
+ 
+ ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+ ; Error handling and logging ;
+@@ -690,7 +691,7 @@
+ ; Its value may be 0 to disable the limit. It is ignored if POST data reading
+ ; is disabled through enable_post_data_reading.
+ ; http://php.net/post-max-size
+-post_max_size = 8M
++post_max_size = 60M
+ 
+ ; Automatically add files before PHP document.
+ ; http://php.net/auto-prepend-file
+@@ -842,7 +843,7 @@
+ 
+ ; Maximum allowed size for uploaded files.
+ ; http://php.net/upload-max-filesize
+-upload_max_filesize = 2M
++upload_max_filesize = 50M
+ 
+ ; Maximum number of files that can be uploaded via a single request
+ max_file_uploads = 20
+@@ -1087,7 +1088,7 @@
+ 
+ ; The path to a log file that will log all mail() calls. Log entries include
+ ; the full path of the script, line number, To address and headers.
+-;mail.log =
++mail.log = /var/log/php-mail.log
+ ; Log mail to syslog (Event Log on Windows).
+ ;mail.log = syslog
+ 
+@@ -1791,20 +1792,20 @@
+ 
+ [opcache]
+ ; Determines if Zend OPCache is enabled
+-;opcache.enable=1
++opcache.enable=1
+ 
+ ; Determines if Zend OPCache is enabled for the CLI version of PHP
+-;opcache.enable_cli=0
++opcache.enable_cli=0
+ 
+ ; The OPcache shared memory storage size.
+-;opcache.memory_consumption=128
++opcache.memory_consumption=2048
+ 
+ ; The amount of memory for interned strings in Mbytes.
+ ;opcache.interned_strings_buffer=8
+ 
+ ; The maximum number of keys (scripts) in the OPcache hash table.
+ ; Only numbers between 200 and 1000000 are allowed.
+-;opcache.max_accelerated_files=10000
++opcache.max_accelerated_files=100000
+ 
+ ; The maximum percentage of "wasted" memory until a restart is scheduled.
+ ;opcache.max_wasted_percentage=5
diff --git a/install/debian/12/php/php7.3-vps.patch b/install/debian/12/php/php7.3-vps.patch
new file mode 100644
index 00000000..803b93e8
--- /dev/null
+++ b/install/debian/12/php/php7.3-vps.patch
@@ -0,0 +1,78 @@
+--- /etc/php/7.3/fpm/php.ini.orig	2019-07-18 16:11:18.856589963 +0200
++++ /etc/php/7.3/fpm/php.ini	2019-07-18 17:45:51.000000000 +0200
+@@ -312,7 +312,8 @@
+ ; This directive allows you to disable certain functions for security reasons.
+ ; It receives a comma-delimited list of function names.
+ ; http://php.net/disable-functions
+-disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,
++; disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,
++disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,exec,system,passthru,shell_exec,proc_open,popen
+ 
+ ; This directive allows you to disable certain classes for security reasons.
+ ; It receives a comma-delimited list of class names.
+@@ -399,11 +400,11 @@
+ ;max_input_nesting_level = 64
+ 
+ ; How many GET/POST/COOKIE input variables may be accepted
+-;max_input_vars = 1000
++max_input_vars = 6000
+ 
+ ; Maximum amount of memory a script may consume (128MB)
+ ; http://php.net/memory-limit
+-memory_limit = 128M
++memory_limit = 256M
+ 
+ ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+ ; Error handling and logging ;
+@@ -690,7 +691,7 @@
+ ; Its value may be 0 to disable the limit. It is ignored if POST data reading
+ ; is disabled through enable_post_data_reading.
+ ; http://php.net/post-max-size
+-post_max_size = 8M
++post_max_size = 60M
+ 
+ ; Automatically add files before PHP document.
+ ; http://php.net/auto-prepend-file
+@@ -842,7 +843,7 @@
+ 
+ ; Maximum allowed size for uploaded files.
+ ; http://php.net/upload-max-filesize
+-upload_max_filesize = 2M
++upload_max_filesize = 50M
+ 
+ ; Maximum number of files that can be uploaded via a single request
+ max_file_uploads = 20
+@@ -1087,7 +1088,7 @@
+ 
+ ; The path to a log file that will log all mail() calls. Log entries include
+ ; the full path of the script, line number, To address and headers.
+-;mail.log =
++mail.log = /var/log/php-mail.log
+ ; Log mail to syslog (Event Log on Windows).
+ ;mail.log = syslog
+ 
+@@ -1791,20 +1792,20 @@
+ 
+ [opcache]
+ ; Determines if Zend OPCache is enabled
+-;opcache.enable=1
++opcache.enable=1
+ 
+ ; Determines if Zend OPCache is enabled for the CLI version of PHP
+-;opcache.enable_cli=0
++opcache.enable_cli=0
+ 
+ ; The OPcache shared memory storage size.
+-;opcache.memory_consumption=128
++opcache.memory_consumption=512
+ 
+ ; The amount of memory for interned strings in Mbytes.
+ ;opcache.interned_strings_buffer=8
+ 
+ ; The maximum number of keys (scripts) in the OPcache hash table.
+ ; Only numbers between 200 and 1000000 are allowed.
+-;opcache.max_accelerated_files=10000
++opcache.max_accelerated_files=100000
+ 
+ ; The maximum percentage of "wasted" memory until a restart is scheduled.
+ ;opcache.max_wasted_percentage=5
diff --git a/install/debian/12/php/php7.4-dedi.patch b/install/debian/12/php/php7.4-dedi.patch
new file mode 100644
index 00000000..3e5bd2fb
--- /dev/null
+++ b/install/debian/12/php/php7.4-dedi.patch
@@ -0,0 +1,78 @@
+--- /etc/php/7.4/fpm/php.ini.orig	2021-07-16 16:12:30.027464762 +0200
++++ /etc/php/7.4/fpm/php.ini	2021-07-16 16:25:15.000000000 +0200
+@@ -309,7 +309,8 @@
+ ; This directive allows you to disable certain functions.
+ ; It receives a comma-delimited list of function names.
+ ; http://php.net/disable-functions
+-disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
++; disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
++disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,exec,system,passthru,shell_exec,proc_open,popen
+ 
+ ; This directive allows you to disable certain classes.
+ ; It receives a comma-delimited list of class names.
+@@ -402,11 +403,11 @@
+ ;max_input_nesting_level = 64
+ 
+ ; How many GET/POST/COOKIE input variables may be accepted
+-;max_input_vars = 1000
++max_input_vars = 6000
+ 
+ ; Maximum amount of memory a script may consume
+ ; http://php.net/memory-limit
+-memory_limit = 128M
++memory_limit = 256M
+ 
+ ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+ ; Error handling and logging ;
+@@ -691,7 +692,7 @@
+ ; Its value may be 0 to disable the limit. It is ignored if POST data reading
+ ; is disabled through enable_post_data_reading.
+ ; http://php.net/post-max-size
+-post_max_size = 8M
++post_max_size = 60M
+ 
+ ; Automatically add files before PHP document.
+ ; http://php.net/auto-prepend-file
+@@ -843,7 +844,7 @@
+ 
+ ; Maximum allowed size for uploaded files.
+ ; http://php.net/upload-max-filesize
+-upload_max_filesize = 2M
++upload_max_filesize = 50M
+ 
+ ; Maximum number of files that can be uploaded via a single request
+ max_file_uploads = 20
+@@ -1089,7 +1090,7 @@
+ 
+ ; The path to a log file that will log all mail() calls. Log entries include
+ ; the full path of the script, line number, To address and headers.
+-;mail.log =
++mail.log = /var/log/php-mail.log
+ ; Log mail to syslog (Event Log on Windows).
+ ;mail.log = syslog
+ 
+@@ -1766,20 +1767,20 @@
+ 
+ [opcache]
+ ; Determines if Zend OPCache is enabled
+-;opcache.enable=1
++opcache.enable=1
+ 
+ ; Determines if Zend OPCache is enabled for the CLI version of PHP
+-;opcache.enable_cli=0
++opcache.enable_cli=0
+ 
+ ; The OPcache shared memory storage size.
+-;opcache.memory_consumption=128
++opcache.memory_consumption=2048
+ 
+ ; The amount of memory for interned strings in Mbytes.
+ ;opcache.interned_strings_buffer=8
+ 
+ ; The maximum number of keys (scripts) in the OPcache hash table.
+ ; Only numbers between 200 and 1000000 are allowed.
+-;opcache.max_accelerated_files=10000
++opcache.max_accelerated_files=100000
+ 
+ ; The maximum percentage of "wasted" memory until a restart is scheduled.
+ ;opcache.max_wasted_percentage=5
diff --git a/install/debian/12/php/php7.4-vps.patch b/install/debian/12/php/php7.4-vps.patch
new file mode 100644
index 00000000..7c52d402
--- /dev/null
+++ b/install/debian/12/php/php7.4-vps.patch
@@ -0,0 +1,78 @@
+--- /etc/php/7.4/fpm/php.ini.orig	2021-07-16 16:12:30.027464762 +0200
++++ /etc/php/7.4/fpm/php.ini	2021-07-16 16:24:26.000000000 +0200
+@@ -309,7 +309,8 @@
+ ; This directive allows you to disable certain functions.
+ ; It receives a comma-delimited list of function names.
+ ; http://php.net/disable-functions
+-disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
++; disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
++disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,exec,system,passthru,shell_exec,proc_open,popen
+ 
+ ; This directive allows you to disable certain classes.
+ ; It receives a comma-delimited list of class names.
+@@ -402,11 +403,11 @@
+ ;max_input_nesting_level = 64
+ 
+ ; How many GET/POST/COOKIE input variables may be accepted
+-;max_input_vars = 1000
++max_input_vars = 6000
+ 
+ ; Maximum amount of memory a script may consume
+ ; http://php.net/memory-limit
+-memory_limit = 128M
++memory_limit = 256M
+ 
+ ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+ ; Error handling and logging ;
+@@ -691,7 +692,7 @@
+ ; Its value may be 0 to disable the limit. It is ignored if POST data reading
+ ; is disabled through enable_post_data_reading.
+ ; http://php.net/post-max-size
+-post_max_size = 8M
++post_max_size = 60M
+ 
+ ; Automatically add files before PHP document.
+ ; http://php.net/auto-prepend-file
+@@ -843,7 +844,7 @@
+ 
+ ; Maximum allowed size for uploaded files.
+ ; http://php.net/upload-max-filesize
+-upload_max_filesize = 2M
++upload_max_filesize = 50M
+ 
+ ; Maximum number of files that can be uploaded via a single request
+ max_file_uploads = 20
+@@ -1089,7 +1090,7 @@
+ 
+ ; The path to a log file that will log all mail() calls. Log entries include
+ ; the full path of the script, line number, To address and headers.
+-;mail.log =
++mail.log = /var/log/php-mail.log
+ ; Log mail to syslog (Event Log on Windows).
+ ;mail.log = syslog
+ 
+@@ -1766,20 +1767,20 @@
+ 
+ [opcache]
+ ; Determines if Zend OPCache is enabled
+-;opcache.enable=1
++opcache.enable=1
+ 
+ ; Determines if Zend OPCache is enabled for the CLI version of PHP
+-;opcache.enable_cli=0
++opcache.enable_cli=0
+ 
+ ; The OPcache shared memory storage size.
+-;opcache.memory_consumption=128
++opcache.memory_consumption=512
+ 
+ ; The amount of memory for interned strings in Mbytes.
+ ;opcache.interned_strings_buffer=8
+ 
+ ; The maximum number of keys (scripts) in the OPcache hash table.
+ ; Only numbers between 200 and 1000000 are allowed.
+-;opcache.max_accelerated_files=10000
++opcache.max_accelerated_files=100000
+ 
+ ; The maximum percentage of "wasted" memory until a restart is scheduled.
+ ;opcache.max_wasted_percentage=5
diff --git a/install/debian/12/pma/apache.conf b/install/debian/12/pma/apache.conf
new file mode 100644
index 00000000..2a8f69e2
--- /dev/null
+++ b/install/debian/12/pma/apache.conf
@@ -0,0 +1,42 @@
+# phpMyAdmin default Apache configuration
+
+Alias /phpmyadmin /usr/share/phpmyadmin
+
+
+	Options FollowSymLinks
+	DirectoryIndex index.php
+
+	
+		AddType application/x-httpd-php .php
+
+		php_flag magic_quotes_gpc Off
+		php_flag track_vars On
+		php_flag register_globals Off
+		php_admin_flag allow_url_fopen Off
+		php_value include_path .
+		php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
+		php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext
+	
+
+
+
+# Authorize for setup
+
+    
+    AuthType Basic
+    AuthName "phpMyAdmin Setup"
+    AuthUserFile /etc/phpmyadmin/htpasswd.setup
+    
+    Require valid-user
+
+
+# Disallow web access to directories that don't need it
+
+    Order Deny,Allow
+    Deny from All
+
+
+    Order Deny,Allow
+    Deny from All
+
+
diff --git a/install/debian/12/pma/config.inc.php b/install/debian/12/pma/config.inc.php
new file mode 100644
index 00000000..eafc6d67
--- /dev/null
+++ b/install/debian/12/pma/config.inc.php
@@ -0,0 +1,146 @@
+> $pmapath1
+sed -i '/savedsearches/d' $pmapath1
+sed -i '/navigationhiding/d' $pmapath1
+sed -i '/users/d' $pmapath1
+sed -i '/controlpass/d' $pmapath1
+sed -i '/favorite/d' $pmapath1
+sed -i '/usergroups/d' $pmapath1
+sed -i '/central_columns/d' $pmapath1
+sed -i '/designer_settings/d' $pmapath1
+sed -i '/export_templates/d' $pmapath1
+echo "\$cfg['Servers'][\$i]['favorite'] = 'pma__favorite';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['usergroups'] = 'pma__usergroups';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['central_columns'] = 'pma__central_columns';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['designer_settings'] = 'pma__designer_settings';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['export_templates'] = 'pma__export_templates';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['savedsearches'] = 'pma__savedsearches';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['navigationhiding'] = 'pma__navigationhiding';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['users'] = 'pma__users';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['usergroups'] = 'pma__usergroups';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['pmadb'] = 'phpmyadmin';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['controluser'] = 'pma';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['controlpass'] = '$PASS';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['bookmarktable'] = 'pma__bookmark';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['relation'] = 'pma__relation';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['userconfig'] = 'pma__userconfig';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['table_info'] = 'pma__table_info';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['column_info'] = 'pma__column_info';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['history'] = 'pma__history';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['recent'] = 'pma__recent';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['table_uiprefs'] = 'pma__table_uiprefs';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['tracking'] = 'pma__tracking';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['table_coords'] = 'pma__table_coords';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['pdf_pages'] = 'pma__pdf_pages';" >> $pmapath1
+echo "\$cfg['Servers'][\$i]['designer_coords'] = 'pma__designer_coords';" >> $pmapath1
+
+sed -i '/pmadb/d' $pmapath2
+sed -i '/controluser/d' $pmapath2
+sed -i '/bookmarktable/d' $pmapath2
+sed -i '/relation/d' $pmapath2
+sed -i '/userconfig/d' $pmapath2
+sed -i '/table_info/d' $pmapath2
+sed -i '/column_info/d' $pmapath2
+sed -i '/history/d' $pmapath2
+sed -i '/recent/d' $pmapath2
+sed -i '/table_uiprefs/d' $pmapath2
+sed -i '/tracking/d' $pmapath2
+sed -i '/table_coords/d' $pmapath2
+sed -i '/pdf_pages/d' $pmapath2
+sed -i '/designer_coords/d' $pmapath2
+sed -i '/controlpass/d' $pmapath2
+sed -i '/savedsearches/d' $pmapath2
+sed -i '/navigationhiding/d' $pmapath2
+sed -i '/users/d' $pmapath2
+sed -i '/controlpass/d' $pmapath2
+sed -i '/favorite/d' $pmapath2
+sed -i '/usergroups/d' $pmapath2
+sed -i '/central_columns/d' $pmapath2
+sed -i '/designer_settings/d' $pmapath2
+sed -i '/export_templates/d' $pmapath2
+echo "\$cfg['Servers'][\$i]['favorite'] = 'pma__favorite';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['usergroups'] = 'pma__usergroups';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['central_columns'] = 'pma__central_columns';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['designer_settings'] = 'pma__designer_settings';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['export_templates'] = 'pma__export_templates';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['savedsearches'] = 'pma__savedsearches';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['navigationhiding'] = 'pma__navigationhiding';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['users'] = 'pma__users';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['usergroups'] = 'pma__usergroups';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['pmadb'] = 'phpmyadmin';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['controluser'] = 'pma';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['controlpass'] = '$PASS';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['bookmarktable'] = 'pma__bookmark';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['relation'] = 'pma__relation';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['userconfig'] = 'pma__userconfig';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['table_info'] = 'pma__table_info';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['column_info'] = 'pma__column_info';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['history'] = 'pma__history';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['recent'] = 'pma__recent';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['table_uiprefs'] = 'pma__table_uiprefs';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['tracking'] = 'pma__tracking';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['table_coords'] = 'pma__table_coords';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['pdf_pages'] = 'pma__pdf_pages';" >> $pmapath2
+echo "\$cfg['Servers'][\$i]['designer_coords'] = 'pma__designer_coords';" >> $pmapath2
+
+#SOME WORK with DATABASE (table / user)
+PMADB=phpmyadmin
+PMAUSER=pma
+
+#DROP USER and TABLE
+mysql -uroot <
+    VRootEngine                 on
+    VRootAlias                  /etc/security/pam_env.conf etc/security/pam_env.conf
+
+
+AuthPAMConfig                   proftpd
+AuthOrder                       mod_auth_pam.c* mod_auth_unix.c
+UseReverseDNS                   off
+User                            proftpd
+Group                           nogroup
+MaxInstances                    100
+UseSendfile                     off
+LogFormat                       default "%h %l %u %t \"%r\" %s %b"
+LogFormat                       auth    "%v [%P] %h %t \"%r\" %s"
+ListOptions                     -a
+RequireValidShell               off
+PassivePorts                    12000 12100
+TransferLog                     /var/log/proftpd/xferlog
+SystemLog                       /var/log/proftpd/proftpd.log
+
+
+  Umask                         002
+  
+    IdentLookups                  off
+  
+  AllowOverwrite                yes
+  
+    AllowAll
+  
+
diff --git a/install/debian/12/proftpd/tls.conf b/install/debian/12/proftpd/tls.conf
new file mode 100644
index 00000000..9da0017b
--- /dev/null
+++ b/install/debian/12/proftpd/tls.conf
@@ -0,0 +1,63 @@
+#
+# Proftpd sample configuration for FTPS connections.
+#
+# Note that FTPS impose some limitations in NAT traversing.
+# See http://www.castaglia.org/proftpd/doc/contrib/ProFTPD-mini-HOWTO-TLS.html
+# for more information.
+#
+
+    # If mod_tls was built as a shared/DSO module, load it
+    LoadModule mod_tls.c
+
+
+TLSEngine                               on
+TLSLog                                  /var/log/proftpd/tls.log
+# this is an example of protocols, proftp works witl all, but use only the most secure ones like TLSv1.1 and TLSv1.2
+TLSProtocol                             TLSv1.1 TLSv1.2
+#
+# Server SSL certificate. You can generate a self-signed certificate using
+# a command like:
+#
+# openssl req -x509 -newkey rsa:1024 \
+#          -keyout /etc/ssl/private/proftpd.key -out /etc/ssl/certs/proftpd.crt \
+#          -nodes -days 365
+#
+# The proftpd.key file must be readable by root only. The other file can be
+# readable by anyone.
+#
+# chmod 0600 /etc/ssl/private/proftpd.key
+# chmod 0640 /etc/ssl/private/proftpd.key
+#
+TLSRSACertificateFile                   /usr/local/vesta/ssl/certificate.crt
+TLSRSACertificateKeyFile                /usr/local/vesta/ssl/certificate.key
+#
+# CA the server trusts...
+#TLSCACertificateFile                    /etc/ssl/certs/CA.pem
+# ...or avoid CA cert and be verbose
+#TLSOptions                      NoCertRequest EnableDiags
+# ... or the same with relaxed session use for some clients (e.g. FireFtp)
+#TLSOptions                      NoCertRequest EnableDiags NoSessionReuseRequired
+#
+#
+# Per default drop connection if client tries to start a renegotiate
+# This is a fix for CVE-2009-3555 but could break some clients.
+#
+#TLSOptions                                                     AllowClientRenegotiations
+#
+TLSOptions                       NoSessionReuseRequired AllowClientRenegotiations
+# Authenticate clients that want to use FTP over TLS?
+#
+#TLSVerifyClient                         off
+#
+# Are clients required to use FTP over TLS when talking to this server?
+#
+TLSRequired                             off
+#
+# Allow SSL/TLS renegotiations when the client requests them, but
+# do not force the renegotations.  Some clients do not support
+# SSL/TLS renegotiations; when mod_tls forces a renegotiation, these
+# clients will close the data connection, or there will be a timeout
+# on an idle data connection.
+#
+TLSRenegotiate                          required off
+
diff --git a/install/debian/12/roundcube/apache.conf b/install/debian/12/roundcube/apache.conf
new file mode 100644
index 00000000..a0c87bcc
--- /dev/null
+++ b/install/debian/12/roundcube/apache.conf
@@ -0,0 +1,40 @@
+Alias /roundcube/program/js/tiny_mce/ /usr/share/tinymce/www/
+Alias /roundcube /var/lib/roundcube
+Alias /webmail /var/lib/roundcube
+
+# Access to tinymce files
+
+      Options Indexes MultiViews FollowSymLinks
+      AllowOverride None
+      Order allow,deny
+      allow from all
+
+
+
+  Options +FollowSymLinks
+  # This is needed to parse /var/lib/roundcube/.htaccess. See its
+  # content before setting AllowOverride to None.
+  AllowOverride All
+  order allow,deny
+  allow from all
+
+
+# Protecting basic directories:
+
+        Options -FollowSymLinks
+        AllowOverride None
+
+
+
+        Options -FollowSymLinks
+        AllowOverride None
+	Order allow,deny
+	Deny from all
+
+
+
+        Options -FollowSymLinks
+        AllowOverride None
+	Order allow,deny
+	Deny from all
+
diff --git a/install/debian/12/roundcube/config.inc.php b/install/debian/12/roundcube/config.inc.php
new file mode 100644
index 00000000..0c82b1bc
--- /dev/null
+++ b/install/debian/12/roundcube/config.inc.php
@@ -0,0 +1,33 @@
+
diff --git a/install/debian/12/roundcube/main.inc.php b/install/debian/12/roundcube/main.inc.php
new file mode 100644
index 00000000..91f32000
--- /dev/null
+++ b/install/debian/12/roundcube/main.inc.php
@@ -0,0 +1,850 @@
+/sendmail or to syslog
+$rcmail_config['smtp_log'] = true;
+
+// Log successful logins to /userlogins or to syslog
+$rcmail_config['log_logins'] = false;
+
+// Log session authentication errors to /session or to syslog
+$rcmail_config['log_session'] = false;
+
+// Log SQL queries to /sql or to syslog
+$rcmail_config['sql_debug'] = false;
+
+// Log IMAP conversation to /imap or to syslog
+$rcmail_config['imap_debug'] = false;
+
+// Log LDAP conversation to /ldap or to syslog
+$rcmail_config['ldap_debug'] = false;
+
+// Log SMTP conversation to /smtp or to syslog
+$rcmail_config['smtp_debug'] = false;
+
+// ----------------------------------
+// IMAP
+// ----------------------------------
+
+// the mail host chosen to perform the log-in
+// leave blank to show a textbox at login, give a list of hosts
+// to display a pulldown menu or set one host as string.
+// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls://
+// Supported replacement variables:
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %s - domain name after the '@' from e-mail address provided at login screen
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['default_host'] = 'localhost';
+
+// TCP port used for IMAP connections
+$rcmail_config['default_port'] = 143;
+
+// IMAP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use
+// best server supported one)
+$rcmail_config['imap_auth_type'] = null;
+
+// If you know your imap's folder delimiter, you can specify it here.
+// Otherwise it will be determined automatically
+$rcmail_config['imap_delimiter'] = null;
+
+// If IMAP server doesn't support NAMESPACE extension, but you're
+// using shared folders or personal root folder is non-empty, you'll need to
+// set these options. All can be strings or arrays of strings.
+// Folders need to be ended with directory separator, e.g. "INBOX."
+// (special directory "~" is an exception to this rule)
+// These can be used also to overwrite server's namespaces
+$rcmail_config['imap_ns_personal'] = null;
+$rcmail_config['imap_ns_other']    = null;
+$rcmail_config['imap_ns_shared']   = null;
+
+// By default IMAP capabilities are readed after connection to IMAP server
+// In some cases, e.g. when using IMAP proxy, there's a need to refresh the list
+// after login. Set to True if you've got this case.
+$rcmail_config['imap_force_caps'] = false;
+
+// By default list of subscribed folders is determined using LIST-EXTENDED
+// extension if available. Some servers (dovecot 1.x) returns wrong results
+// for shared namespaces in this case. http://trac.roundcube.net/ticket/1486225
+// Enable this option to force LSUB command usage instead.
+$rcmail_config['imap_force_lsub'] = false;
+
+// Some server configurations (e.g. Courier) doesn't list folders in all namespaces
+// Enable this option to force listing of folders in all namespaces
+$rcmail_config['imap_force_ns'] = false;
+
+// IMAP connection timeout, in seconds. Default: 0 (no limit)
+$rcmail_config['imap_timeout'] = 0;
+
+// Optional IMAP authentication identifier to be used as authorization proxy
+$rcmail_config['imap_auth_cid'] = null;
+
+// Optional IMAP authentication password to be used for imap_auth_cid
+$rcmail_config['imap_auth_pw'] = null;
+
+// Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'.
+$rcmail_config['imap_cache'] = null;
+
+// Enables messages cache. Only 'db' cache is supported.
+$rcmail_config['messages_cache'] = false;
+
+
+// ----------------------------------
+// SMTP
+// ----------------------------------
+
+// SMTP server host (for sending mails).
+// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls://
+// If left blank, the PHP mail() function is used
+// Supported replacement variables:
+// %h - user's IMAP hostname
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %z - IMAP domain (IMAP hostname without the first part)
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['smtp_server'] = '';
+
+// SMTP port (default is 25; use 587 for STARTTLS or 465 for the
+// deprecated SSL over SMTP (aka SMTPS))
+$rcmail_config['smtp_port'] = 25;
+
+// SMTP username (if required) if you use %u as the username Roundcube
+// will use the current username for login
+$rcmail_config['smtp_user'] = '';
+
+// SMTP password (if required) if you use %p as the password Roundcube
+// will use the current user's password for login
+$rcmail_config['smtp_pass'] = '';
+
+// SMTP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use
+// best server supported one)
+$rcmail_config['smtp_auth_type'] = '';
+
+// Optional SMTP authentication identifier to be used as authorization proxy
+$rcmail_config['smtp_auth_cid'] = null;
+
+// Optional SMTP authentication password to be used for smtp_auth_cid
+$rcmail_config['smtp_auth_pw'] = null;
+
+// SMTP HELO host 
+// Hostname to give to the remote server for SMTP 'HELO' or 'EHLO' messages 
+// Leave this blank and you will get the server variable 'server_name' or 
+// localhost if that isn't defined. 
+$rcmail_config['smtp_helo_host'] = '';
+
+// SMTP connection timeout, in seconds. Default: 0 (no limit)
+$rcmail_config['smtp_timeout'] = 0;
+
+// ----------------------------------
+// SYSTEM
+// ----------------------------------
+include_once("/etc/roundcube/debian-db-roundcube.php");
+
+
+// THIS OPTION WILL ALLOW THE INSTALLER TO RUN AND CAN EXPOSE SENSITIVE CONFIG DATA.
+// ONLY ENABLE IT IF YOU'RE REALLY SURE WHAT YOU'RE DOING!
+$rcmail_config['enable_installer'] = false;
+
+// provide an URL where a user can get support for this Roundcube installation
+// PLEASE DO NOT LINK TO THE ROUNDCUBE.NET WEBSITE HERE!
+$rcmail_config['support_url'] = '';
+
+// replace Roundcube logo with this image
+// specify an URL relative to the document root of this Roundcube installation
+$rcmail_config['skin_logo'] = null;
+
+// automatically create a new Roundcube user when log-in the first time.
+// a new user will be created once the IMAP login succeeds.
+// set to false if only registered users can use this service
+$rcmail_config['auto_create_user'] = true;
+
+// use this folder to store log files (must be writeable for apache user)
+// This is used by the 'file' log driver.
+$rcmail_config['log_dir'] = '/var/log/roundcubemail/';
+
+// use this folder to store temp files (must be writeable for apache user)
+$rcmail_config['temp_dir'] = '/tmp';
+
+// lifetime of message cache
+// possible units: s, m, h, d, w
+$rcmail_config['message_cache_lifetime'] = '10d';
+
+// enforce connections over https
+// with this option enabled, all non-secure connections will be redirected.
+// set the port for the ssl connection as value of this option if it differs from the default 443
+$rcmail_config['force_https'] = true;
+
+// tell PHP that it should work as under secure connection
+// even if it doesn't recognize it as secure ($_SERVER['HTTPS'] is not set)
+// e.g. when you're running Roundcube behind a https proxy
+// this option is mutually exclusive to 'force_https' and only either one of them should be set to true.
+$rcmail_config['use_https'] = false;
+
+// Allow browser-autocompletion on login form.
+// 0 - disabled, 1 - username and host only, 2 - username, host, password
+$rcmail_config['login_autocomplete'] = 0;
+
+// Forces conversion of logins to lower case.
+// 0 - disabled, 1 - only domain part, 2 - domain and local part.
+// If users authentication is not case-sensitive this must be enabled.
+// After enabling it all user records need to be updated, e.g. with query:
+// UPDATE users SET username = LOWER(username);
+$rcmail_config['login_lc'] = 0;
+
+// Includes should be interpreted as PHP files
+$rcmail_config['skin_include_php'] = false;
+
+// display software version on login screen
+$rcmail_config['display_version'] = false;
+
+// Session lifetime in minutes
+// must be greater than 'keep_alive'/60
+$rcmail_config['session_lifetime'] = 10;
+
+// session domain: .example.org
+$rcmail_config['session_domain'] = '';
+
+// session name. Default: 'roundcube_sessid'
+$rcmail_config['session_name'] = null;
+
+// Backend to use for session storage. Can either be 'db' (default) or 'memcache'
+// If set to memcache, a list of servers need to be specified in 'memcache_hosts'
+// Make sure the Memcache extension (http://pecl.php.net/package/memcache) version >= 2.0.0 is installed
+$rcmail_config['session_storage'] = 'db';
+
+// Use these hosts for accessing memcached
+// Define any number of hosts in the form of hostname:port or unix:///path/to/sock.file
+$rcmail_config['memcache_hosts'] = null; // e.g. array( 'localhost:11211', '192.168.1.12:11211', 'unix:///var/tmp/memcached.sock' );
+
+// check client IP in session athorization
+$rcmail_config['ip_check'] = false;
+
+// check referer of incoming requests
+$rcmail_config['referer_check'] = false;
+
+// X-Frame-Options HTTP header value sent to prevent from Clickjacking.
+// Possible values: sameorigin|deny. Set to false in order to disable sending them
+$rcmail_config['x_frame_options'] = 'sameorigin';
+
+// this key is used to encrypt the users imap password which is stored
+// in the session record (and the client cookie if remember password is enabled).
+// please provide a string of exactly 24 chars.
+$rcmail_config['des_key'] = 'vtIOjLZo9kffJoqzpSbm5r1r';
+
+// Automatically add this domain to user names for login
+// Only for IMAP servers that require full e-mail addresses for login
+// Specify an array with 'host' => 'domain' values to support multiple hosts
+// Supported replacement variables:
+// %h - user's IMAP hostname
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %z - IMAP domain (IMAP hostname without the first part)
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['username_domain'] = '';
+
+// This domain will be used to form e-mail addresses of new users
+// Specify an array with 'host' => 'domain' values to support multiple hosts
+// Supported replacement variables:
+// %h - user's IMAP hostname
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %z - IMAP domain (IMAP hostname without the first part)
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['mail_domain'] = '';
+
+// Password charset.
+// Use it if your authentication backend doesn't support UTF-8.
+// Defaults to ISO-8859-1 for backward compatibility
+$rcmail_config['password_charset'] = 'ISO-8859-1';
+
+// How many seconds must pass between emails sent by a user
+$rcmail_config['sendmail_delay'] = 0;
+
+// Maximum number of recipients per message. Default: 0 (no limit)
+$rcmail_config['max_recipients'] = 0; 
+
+// Maximum allowednumber of members of an address group. Default: 0 (no limit)
+// If 'max_recipients' is set this value should be less or equal
+$rcmail_config['max_group_members'] = 0; 
+
+// add this user-agent to message headers when sending
+$rcmail_config['useragent'] = 'Roundcube Webmail/'.RCMAIL_VERSION;
+
+// use this name to compose page titles
+$rcmail_config['product_name'] = 'Roundcube Webmail';
+
+// try to load host-specific configuration
+// see http://trac.roundcube.net/wiki/Howto_Config for more details
+$rcmail_config['include_host_config'] = false;
+
+// path to a text file which will be added to each sent message
+// paths are relative to the Roundcube root folder
+$rcmail_config['generic_message_footer'] = '';
+
+// path to a text file which will be added to each sent HTML message
+// paths are relative to the Roundcube root folder
+$rcmail_config['generic_message_footer_html'] = '';
+
+// add a received header to outgoing mails containing the creators IP and hostname
+$rcmail_config['http_received_header'] = false;
+
+// Whether or not to encrypt the IP address and the host name
+// these could, in some circles, be considered as sensitive information;
+// however, for the administrator, these could be invaluable help
+// when tracking down issues.
+$rcmail_config['http_received_header_encrypt'] = false;
+
+// This string is used as a delimiter for message headers when sending
+// a message via mail() function. Leave empty for auto-detection
+$rcmail_config['mail_header_delimiter'] = NULL;
+
+// number of chars allowed for line when wrapping text.
+// text wrapping is done when composing/sending messages
+$rcmail_config['line_length'] = 72;
+
+// send plaintext messages as format=flowed
+$rcmail_config['send_format_flowed'] = true;
+
+// don't allow these settings to be overriden by the user
+$rcmail_config['dont_override'] = array();
+
+// Set identities access level:
+// 0 - many identities with possibility to edit all params
+// 1 - many identities with possibility to edit all params but not email address
+// 2 - one identity with possibility to edit all params
+// 3 - one identity with possibility to edit all params but not email address
+$rcmail_config['identities_level'] = 0;
+
+// Mimetypes supported by the browser.
+// attachments of these types will open in a preview window
+// either a comma-separated list or an array: 'text/plain,text/html,text/xml,image/jpeg,image/gif,image/png,application/pdf'
+$rcmail_config['client_mimetypes'] = null;  # null == default
+
+// mime magic database
+$rcmail_config['mime_magic'] = null;
+
+// path to imagemagick identify binary
+$rcmail_config['im_identify_path'] = null;
+
+// path to imagemagick convert binary
+$rcmail_config['im_convert_path'] = null;
+
+// maximum size of uploaded contact photos in pixel
+$rcmail_config['contact_photo_size'] = 160;
+
+// Enable DNS checking for e-mail address validation
+$rcmail_config['email_dns_check'] = false;
+
+// ----------------------------------
+// PLUGINS
+// ----------------------------------
+
+// List of active plugins (in plugins/ directory)
+$rcmail_config['plugins'] = array('password');
+
+// ----------------------------------
+// USER INTERFACE
+// ----------------------------------
+
+// default messages sort column. Use empty value for default server's sorting, 
+// or 'arrival', 'date', 'subject', 'from', 'to', 'fromto', 'size', 'cc'
+$rcmail_config['message_sort_col'] = '';
+
+// default messages sort order
+$rcmail_config['message_sort_order'] = 'DESC';
+
+// These cols are shown in the message list. Available cols are:
+// subject, from, to, fromto, cc, replyto, date, size, status, flag, attachment, 'priority'
+$rcmail_config['list_cols'] = array('subject', 'status', 'fromto', 'date', 'size', 'flag', 'attachment');
+
+// the default locale setting (leave empty for auto-detection)
+// RFC1766 formatted language name like en_US, de_DE, de_CH, fr_FR, pt_BR
+$rcmail_config['language'] = null;
+
+// use this format for date display (date or strftime format)
+$rcmail_config['date_format'] = 'Y-m-d';
+
+// give this choice of date formats to the user to select from
+$rcmail_config['date_formats'] = array('Y-m-d', 'd-m-Y', 'Y/m/d', 'm/d/Y', 'd/m/Y', 'd.m.Y', 'j.n.Y');
+
+// use this format for time display (date or strftime format)
+$rcmail_config['time_format'] = 'H:i';
+
+// give this choice of time formats to the user to select from
+$rcmail_config['time_formats'] = array('G:i', 'H:i', 'g:i a', 'h:i A');
+
+// use this format for short date display (derived from date_format and time_format)
+$rcmail_config['date_short'] = 'D H:i';
+
+// use this format for detailed date/time formatting (derived from date_format and time_format)
+$rcmail_config['date_long'] = 'Y-m-d H:i';
+
+// store draft message is this mailbox
+// leave blank if draft messages should not be stored
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['drafts_mbox'] = 'Drafts';
+
+// store spam messages in this mailbox
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['junk_mbox'] = 'Spam';
+
+// store sent message is this mailbox
+// leave blank if sent messages should not be stored
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['sent_mbox'] = 'Sent';
+
+// move messages to this folder when deleting them
+// leave blank if they should be deleted directly
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['trash_mbox'] = 'Trash';
+
+// display these folders separately in the mailbox list.
+// these folders will also be displayed with localized names
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['default_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash');
+$rcmail_config['default_imap_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash');
+
+// automatically create the above listed default folders on first login
+$rcmail_config['create_default_folders'] = true;
+
+// protect the default folders from renames, deletes, and subscription changes
+$rcmail_config['protect_default_folders'] = true;
+
+// if in your system 0 quota means no limit set this option to true 
+$rcmail_config['quota_zero_as_unlimited'] = false;
+
+// Make use of the built-in spell checker. It is based on GoogieSpell.
+// Since Google only accepts connections over https your PHP installatation
+// requires to be compiled with Open SSL support
+$rcmail_config['enable_spellcheck'] = true;
+
+// Enables spellchecker exceptions dictionary.
+// Setting it to 'shared' will make the dictionary shared by all users.
+$rcmail_config['spellcheck_dictionary'] = false;
+
+// Set the spell checking engine. 'googie' is the default. 'pspell' is also available,
+// but requires the Pspell extensions. When using Nox Spell Server, also set 'googie' here.
+$rcmail_config['spellcheck_engine'] = 'googie';
+
+// For a locally installed Nox Spell Server, please specify the URI to call it.
+// Get Nox Spell Server from http://orangoo.com/labs/?page_id=72
+// Leave empty to use the Google spell checking service, what means
+// that the message content will be sent to Google in order to check spelling
+$rcmail_config['spellcheck_uri'] = '';
+
+// These languages can be selected for spell checking.
+// Configure as a PHP style hash array: array('en'=>'English', 'de'=>'Deutsch');
+// Leave empty for default set of available language.
+$rcmail_config['spellcheck_languages'] = NULL;
+
+// Makes that words with all letters capitalized will be ignored (e.g. GOOGLE)
+$rcmail_config['spellcheck_ignore_caps'] = false;
+
+// Makes that words with numbers will be ignored (e.g. g00gle)
+$rcmail_config['spellcheck_ignore_nums'] = false;
+
+// Makes that words with symbols will be ignored (e.g. g@@gle)
+$rcmail_config['spellcheck_ignore_syms'] = false;
+
+// Use this char/string to separate recipients when composing a new message
+$rcmail_config['recipients_separator'] = ',';
+
+// don't let users set pagesize to more than this value if set
+$rcmail_config['max_pagesize'] = 200;
+
+// Minimal value of user's 'keep_alive' setting (in seconds)
+// Must be less than 'session_lifetime'
+$rcmail_config['min_keep_alive'] = 60;
+
+// Enables files upload indicator. Requires APC installed and enabled apc.rfc1867 option.
+// By default refresh time is set to 1 second. You can set this value to true
+// or any integer value indicating number of seconds.
+$rcmail_config['upload_progress'] = false;
+
+// Specifies for how many seconds the Undo button will be available
+// after object delete action. Currently used with supporting address book sources.
+// Setting it to 0, disables the feature.
+$rcmail_config['undo_timeout'] = 0;
+
+// ----------------------------------
+// ADDRESSBOOK SETTINGS
+// ----------------------------------
+
+// This indicates which type of address book to use. Possible choises:
+// 'sql' (default) and 'ldap'.
+// If set to 'ldap' then it will look at using the first writable LDAP
+// address book as the primary address book and it will not display the
+// SQL address book in the 'Address Book' view.
+$rcmail_config['address_book_type'] = 'sql';
+
+// In order to enable public ldap search, configure an array like the Verisign
+// example further below. if you would like to test, simply uncomment the example.
+// Array key must contain only safe characters, ie. a-zA-Z0-9_
+$rcmail_config['ldap_public'] = array();
+
+// If you are going to use LDAP for individual address books, you will need to 
+// set 'user_specific' to true and use the variables to generate the appropriate DNs to access it.
+//
+// The recommended directory structure for LDAP is to store all the address book entries
+// under the users main entry, e.g.:
+//
+//  o=root
+//   ou=people
+//    uid=user@domain
+//  mail=contact@contactdomain
+//
+// So the base_dn would be uid=%fu,ou=people,o=root
+// The bind_dn would be the same as based_dn or some super user login.
+/* 
+ * example config for Verisign directory
+ *
+$rcmail_config['ldap_public']['Verisign'] = array(
+  'name'          => 'Verisign.com',
+  // Replacement variables supported in host names:
+  // %h - user's IMAP hostname
+  // %n - http hostname ($_SERVER['SERVER_NAME'])
+  // %d - domain (http hostname without the first part)
+  // %z - IMAP domain (IMAP hostname without the first part)
+  // For example %n = mail.domain.tld, %d = domain.tld
+  'hosts'         => array('directory.verisign.com'),
+  'port'          => 389,
+  'use_tls'	      => false,
+  'ldap_version'  => 3,       // using LDAPv3
+  'user_specific' => false,   // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login.
+  // %fu - The full username provided, assumes the username is an email
+  //       address, uses the username_domain value if not an email address.
+  // %u  - The username prior to the '@'.
+  // %d  - The domain name after the '@'.
+  // %dc - The domain name hierarchal string e.g. "dc=test,dc=domain,dc=com"
+  // %dn - DN found by ldap search when search_filter/search_base_dn are used
+  'base_dn'       => '',
+  'bind_dn'       => '',
+  'bind_pass'     => '',
+  // It's possible to bind for an individual address book
+  // The login name is used to search for the DN to bind with
+  'search_base_dn' => '',
+  'search_filter'  => '',   // e.g. '(&(objectClass=posixAccount)(uid=%u))'
+  // DN and password to bind as before searching for bind DN, if anonymous search is not allowed
+  'search_bind_dn' => '',
+  'search_bind_pw' => '',
+  // Default for %dn variable if search doesn't return DN value
+  'search_dn_default' => '',
+  // Optional authentication identifier to be used as SASL authorization proxy
+  // bind_dn need to be empty
+  'auth_cid'       => '',
+  // SASL authentication method (for proxy auth), e.g. DIGEST-MD5
+  'auth_method'    => '',
+  // Indicates if the addressbook shall be hidden from the list.
+  // With this option enabled you can still search/view contacts.
+  'hidden'        => false,
+  // Indicates if the addressbook shall not list contacts but only allows searching.
+  'searchonly'    => false,
+  // Indicates if we can write to the LDAP directory or not.
+  // If writable is true then these fields need to be populated:
+  // LDAP_Object_Classes, required_fields, LDAP_rdn
+  'writable'       => false,
+  // To create a new contact these are the object classes to specify
+  // (or any other classes you wish to use).
+  'LDAP_Object_Classes' => array('top', 'inetOrgPerson'),
+  // The RDN field that is used for new entries, this field needs
+  // to be one of the search_fields, the base of base_dn is appended
+  // to the RDN to insert into the LDAP directory.
+  'LDAP_rdn'       => 'cn',
+  // The required fields needed to build a new contact as required by
+  // the object classes (can include additional fields not required by the object classes).
+  'required_fields' => array('cn', 'sn', 'mail'),
+  'search_fields'   => array('mail', 'cn'),  // fields to search in
+  // mapping of contact fields to directory attributes
+  //   for every attribute one can specify the number of values (limit) allowed.
+  //   default is 1, a wildcard * means unlimited
+  'fieldmap' => array(
+    // Roundcube  => LDAP:limit
+    'name'        => 'cn',
+    'surname'     => 'sn',
+    'firstname'   => 'givenName',
+    'title'       => 'title',
+    'email'       => 'mail:*',
+    'phone:home'  => 'homePhone',
+    'phone:work'  => 'telephoneNumber',
+    'phone:mobile' => 'mobile',
+    'phone:pager' => 'pager',
+    'street'      => 'street',
+    'zipcode'     => 'postalCode',
+    'region'      => 'st',
+    'locality'    => 'l',
+// if you uncomment country, you need to modify 'sub_fields' above
+//    'country'     => 'c',
+    'department'  => 'departmentNumber',
+    'notes'       => 'description',
+// these currently don't work:
+//    'phone:workfax' => 'facsimileTelephoneNumber',
+//    'photo'        => 'jpegPhoto',
+//    'organization' => 'o',
+//    'manager'      => 'manager',
+//    'assistant'    => 'secretary',
+  ),
+  // Map of contact sub-objects (attribute name => objectClass(es)), e.g. 'c' => 'country'
+  'sub_fields' => array(),
+  'sort'          => 'cn',    // The field to sort the listing by.
+  'scope'         => 'sub',   // search mode: sub|base|list
+  'filter'        => '(objectClass=inetOrgPerson)',      // used for basic listing (if not empty) and will be &'d with search queries. example: status=act
+  'fuzzy_search'  => true,    // server allows wildcard search
+  'vlv'           => false,   // Enable Virtual List View to more efficiently fetch paginated data (if server supports it)
+  'numsub_filter' => '(objectClass=organizationalUnit)',   // with VLV, we also use numSubOrdinates to query the total number of records. Set this filter to get all numSubOrdinates attributes for counting
+  'sizelimit'     => '0',     // Enables you to limit the count of entries fetched. Setting this to 0 means no limit.
+  'timelimit'     => '0',     // Sets the number of seconds how long is spend on the search. Setting this to 0 means no limit.
+  'referrals'     => true|false,  // Sets the LDAP_OPT_REFERRALS option. Mostly used in multi-domain Active Directory setups
+
+  // definition for contact groups (uncomment if no groups are supported)
+  // for the groups base_dn, the user replacements %fu, %u, $d and %dc work as for base_dn (see above)
+  // if the groups base_dn is empty, the contact base_dn is used for the groups as well
+  // -> in this case, assure that groups and contacts are separated due to the concernig filters! 
+  'groups'        => array(
+    'base_dn'     => '',
+    'scope'       => 'sub',   // search mode: sub|base|list
+    'filter'      => '(objectClass=groupOfNames)',
+    'object_classes' => array("top", "groupOfNames"),
+    'member_attr'  => 'member',   // name of the member attribute, e.g. uniqueMember
+    'name_attr'    => 'cn',       // attribute to be used as group name
+  ),
+);
+*/
+
+// An ordered array of the ids of the addressbooks that should be searched
+// when populating address autocomplete fields server-side. ex: array('sql','Verisign');
+$rcmail_config['autocomplete_addressbooks'] = array('sql');
+
+// The minimum number of characters required to be typed in an autocomplete field
+// before address books will be searched. Most useful for LDAP directories that
+// may need to do lengthy results building given overly-broad searches
+$rcmail_config['autocomplete_min_length'] = 1;
+
+// Number of parallel autocomplete requests.
+// If there's more than one address book, n parallel (async) requests will be created,
+// where each request will search in one address book. By default (0), all address
+// books are searched in one request.
+$rcmail_config['autocomplete_threads'] = 0;
+
+// Max. numer of entries in autocomplete popup. Default: 15.
+$rcmail_config['autocomplete_max'] = 15;
+
+// show address fields in this order
+// available placeholders: {street}, {locality}, {zipcode}, {country}, {region}
+$rcmail_config['address_template'] = '{street}
{locality} {zipcode}
{country} {region}';
+
+// Matching mode for addressbook search (including autocompletion)
+// 0 - partial (*abc*), default
+// 1 - strict (abc)
+// 2 - prefix (abc*)
+// Note: For LDAP sources fuzzy_search must be enabled to use 'partial' or 'prefix' mode
+$rcmail_config['addressbook_search_mode'] = 0;
+
+// ----------------------------------
+// USER PREFERENCES
+// ----------------------------------
+
+// Use this charset as fallback for message decoding
+//$rcmail_config['default_charset'] = 'ISO-8859-1';
+$rcmail_config['default_charset'] = 'UTF-8';
+
+// skin name: folder from skins/
+$rcmail_config['skin'] = 'elastic';
+
+// show up to X items in messages list view
+$rcmail_config['mail_pagesize'] = 50;
+
+// show up to X items in contacts list view
+$rcmail_config['addressbook_pagesize'] = 50;
+
+// sort contacts by this col (preferably either one of name, firstname, surname)
+$rcmail_config['addressbook_sort_col'] = 'surname';
+
+// the way how contact names are displayed in the list
+// 0: display name
+// 1: (prefix) firstname middlename surname (suffix)
+// 2: (prefix) surname firstname middlename (suffix)
+// 3: (prefix) surname, firstname middlename (suffix)
+$rcmail_config['addressbook_name_listing'] = 0;
+
+// use this timezone to display date/time
+// valid timezone identifers are listed here: php.net/manual/en/timezones.php
+// 'auto' will use the browser's timezone settings
+$rcmail_config['timezone'] = 'auto';
+
+// prefer displaying HTML messages
+$rcmail_config['prefer_html'] = true;
+
+// display remote inline images
+// 0 - Never, always ask
+// 1 - Ask if sender is not in address book
+// 2 - Always show inline images
+$rcmail_config['show_images'] = 0;
+
+// compose html formatted messages by default
+// 0 - never, 1 - always, 2 - on reply to HTML message only 
+$rcmail_config['htmleditor'] = 0;
+
+// show pretty dates as standard
+$rcmail_config['prettydate'] = true;
+
+// save compose message every 300 seconds (5min)
+$rcmail_config['draft_autosave'] = 300;
+
+// default setting if preview pane is enabled
+$rcmail_config['preview_pane'] = false;
+
+// Mark as read when viewed in preview pane (delay in seconds)
+// Set to -1 if messages in preview pane should not be marked as read
+$rcmail_config['preview_pane_mark_read'] = 0;
+
+// Clear Trash on logout
+$rcmail_config['logout_purge'] = false;
+
+// Compact INBOX on logout
+$rcmail_config['logout_expunge'] = false;
+
+// Display attached images below the message body 
+$rcmail_config['inline_images'] = true;
+
+// Encoding of long/non-ascii attachment names:
+// 0 - Full RFC 2231 compatible
+// 1 - RFC 2047 for 'name' and RFC 2231 for 'filename' parameter (Thunderbird's default)
+// 2 - Full 2047 compatible
+$rcmail_config['mime_param_folding'] = 1;
+
+// Set true if deleted messages should not be displayed
+// This will make the application run slower
+$rcmail_config['skip_deleted'] = false;
+
+// Set true to Mark deleted messages as read as well as deleted
+// False means that a message's read status is not affected by marking it as deleted
+$rcmail_config['read_when_deleted'] = true;
+
+// Set to true to never delete messages immediately
+// Use 'Purge' to remove messages marked as deleted
+$rcmail_config['flag_for_deletion'] = false;
+
+// Default interval for keep-alive/check-recent requests (in seconds)
+// Must be greater than or equal to 'min_keep_alive' and less than 'session_lifetime'
+$rcmail_config['keep_alive'] = 60;
+
+// If true all folders will be checked for recent messages
+$rcmail_config['check_all_folders'] = false;
+
+// If true, after message delete/move, the next message will be displayed
+$rcmail_config['display_next'] = false;
+
+// 0 - Do not expand threads 
+// 1 - Expand all threads automatically 
+// 2 - Expand only threads with unread messages 
+$rcmail_config['autoexpand_threads'] = 0;
+
+// When replying place cursor above original message (top posting)
+$rcmail_config['top_posting'] = false;
+
+// When replying strip original signature from message
+$rcmail_config['strip_existing_sig'] = true;
+
+// Show signature:
+// 0 - Never
+// 1 - Always
+// 2 - New messages only
+// 3 - Forwards and Replies only
+$rcmail_config['show_sig'] = 1;
+
+// When replying or forwarding place sender's signature above existing message
+$rcmail_config['sig_above'] = false;
+
+// Use MIME encoding (quoted-printable) for 8bit characters in message body
+$rcmail_config['force_7bit'] = false;
+
+// Defaults of the search field configuration.
+// The array can contain a per-folder list of header fields which should be considered when searching
+// The entry with key '*' stands for all folders which do not have a specific list set.
+// Please note that folder names should to be in sync with $rcmail_config['default_folders']
+$rcmail_config['search_mods'] = null;  // Example: array('*' => array('subject'=>1, 'from'=>1), 'Sent' => array('subject'=>1, 'to'=>1));
+
+// Defaults of the addressbook search field configuration.
+$rcmail_config['addressbook_search_mods'] = null;  // Example: array('name'=>1, 'firstname'=>1, 'surname'=>1, 'email'=>1, '*'=>1);
+
+// 'Delete always'
+// This setting reflects if mail should be always deleted
+// when moving to Trash fails. This is necessary in some setups
+// when user is over quota and Trash is included in the quota.
+$rcmail_config['delete_always'] = false;
+
+// Directly delete messages in Junk instead of moving to Trash
+$rcmail_config['delete_junk'] = true;
+
+// Behavior if a received message requests a message delivery notification (read receipt)
+// 0 = ask the user, 1 = send automatically, 2 = ignore (never send or ask)
+// 3 = send automatically if sender is in addressbook, otherwise ask the user
+// 4 = send automatically if sender is in addressbook, otherwise ignore
+$rcmail_config['mdn_requests'] = 0;
+
+// Return receipt checkbox default state
+$rcmail_config['mdn_default'] = 0;
+
+// Delivery Status Notification checkbox default state
+$rcmail_config['dsn_default'] = 0;
+
+// Place replies in the folder of the message being replied to
+$rcmail_config['reply_same_folder'] = false;
+
+// Sets default mode of Forward feature to "forward as attachment"
+$rcmail_config['forward_attachment'] = false;
+
+// Defines address book (internal index) to which new contacts will be added
+// By default it is the first writeable addressbook.
+// Note: Use '0' for built-in address book.
+$rcmail_config['default_addressbook'] = null;
+
+// Enables spell checking before sending a message.
+$rcmail_config['spellcheck_before_send'] = false;
+
+// Skip alternative email addresses in autocompletion (show one address per contact)
+$rcmail_config['autocomplete_single'] = false;
+
+// Default font for composed HTML message.
+// Supported values: Andale Mono, Arial, Arial Black, Book Antiqua, Courier New,
+// Georgia, Helvetica, Impact, Tahoma, Terminal, Times New Roman, Trebuchet MS, Verdana
+$rcmail_config['default_font'] = '';
+
+// end of config file
diff --git a/install/debian/12/roundcube/vesta.php b/install/debian/12/roundcube/vesta.php
new file mode 100644
index 00000000..b3dd167f
--- /dev/null
+++ b/install/debian/12/roundcube/vesta.php
@@ -0,0 +1,73 @@
+
+ */
+class rcube_vesta_password {
+    function save($curpass, $passwd)
+    {
+        $rcmail = rcmail::get_instance();
+        $vesta_host = $rcmail->config->get('password_vesta_host');
+
+        if (empty($vesta_host))
+        {
+            $vesta_host = 'localhost';
+        }
+
+        $vesta_port = $rcmail->config->get('password_vesta_port');
+        if (empty($vesta_port))
+        {
+            $vesta_port = '8083';
+        }
+
+        $postvars = array(
+          'email' => $_SESSION['username'],
+          'password' => $curpass,
+          'new' => $passwd
+        );
+
+        $postdata = http_build_query($postvars);
+
+        $send  = 'POST /reset/mail/ HTTP/1.1' . PHP_EOL;
+        $send .= 'Host: ' . $vesta_host . PHP_EOL;
+        $send .= 'User-Agent: PHP Script' . PHP_EOL;
+        $send .= 'Content-length: ' . strlen($postdata) . PHP_EOL;
+        $send .= 'Content-type: application/x-www-form-urlencoded' . PHP_EOL;
+        $send .= 'Connection: close' . PHP_EOL;
+        $send .= PHP_EOL;
+        $send .= $postdata . PHP_EOL . PHP_EOL;
+
+        //$fp = fsockopen('ssl://' . $vesta_host, $vesta_port);
+        $errno = "";
+        $errstr = "";
+        $context = stream_context_create();
+
+        $result = stream_context_set_option($context, 'ssl', 'verify_peer', false);
+        $result = stream_context_set_option($context, 'ssl', 'verify_peer_name', false);
+        $result = stream_context_set_option($context, 'ssl', 'verify_host', false);
+        $result = stream_context_set_option($context, 'ssl', 'allow_self_signed', true);
+
+        $fp = stream_socket_client('ssl://' . $vesta_host . ':'.$vesta_port, $errno, $errstr, 60, STREAM_CLIENT_CONNECT, $context);
+        fputs($fp, $send);
+        $result = fread($fp, 2048);
+        fclose($fp);
+
+        $fp = fopen("/tmp/roundcube.log", 'w');
+        fwrite($fp, "test ok");
+        fwrite($fp, "\n");
+        fclose($fp);
+
+
+        if(strpos($result, 'ok') && !strpos($result, 'error'))
+        {
+            return PASSWORD_SUCCESS;
+        }
+        else {
+            return PASSWORD_ERROR;
+        }
+
+    }
+}
diff --git a/install/debian/12/sudo/admin b/install/debian/12/sudo/admin
new file mode 100644
index 00000000..331fa1f2
--- /dev/null
+++ b/install/debian/12/sudo/admin
@@ -0,0 +1,8 @@
+# Created by vesta installer
+Defaults env_keep="VESTA"
+Defaults:admin !syslog
+Defaults:admin !requiretty
+Defaults:root !requiretty
+
+# sudo is limited to vesta scripts
+admin   ALL=NOPASSWD:/usr/local/vesta/bin/*
diff --git a/install/debian/12/templates/dns/child-ns.tpl b/install/debian/12/templates/dns/child-ns.tpl
new file mode 100755
index 00000000..42c046e4
--- /dev/null
+++ b/install/debian/12/templates/dns/child-ns.tpl
@@ -0,0 +1,14 @@
+ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns1.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns2.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='4' RECORD='ns1' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='5' RECORD='ns2' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='7' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='8' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='9' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='10' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='11' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='12' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='13' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='14' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%'
diff --git a/install/debian/12/templates/dns/default.tpl b/install/debian/12/templates/dns/default.tpl
new file mode 100755
index 00000000..e0a37e62
--- /dev/null
+++ b/install/debian/12/templates/dns/default.tpl
@@ -0,0 +1,18 @@
+ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='3' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns3%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='4' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns4%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='5' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns5%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='6' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns6%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='7' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns7%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='8' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns8%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='9' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='10' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='11' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='12' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='13' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='14' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='15' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='16' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='17' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='18' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%'
diff --git a/install/debian/12/templates/dns/gmail.tpl b/install/debian/12/templates/dns/gmail.tpl
new file mode 100755
index 00000000..219c9d24
--- /dev/null
+++ b/install/debian/12/templates/dns/gmail.tpl
@@ -0,0 +1,12 @@
+ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='4' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='5' RECORD='localhost' TYPE='A' PRIORITY='' VALUE='127.0.0.1' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='7' RECORD='@' TYPE='MX' PRIORITY='1' VALUE='ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='8' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT1.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='9' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT2.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='10' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT3.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='11' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT4.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='12' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% include:_spf.google.com ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
diff --git a/install/debian/12/templates/dns/office365.tpl b/install/debian/12/templates/dns/office365.tpl
new file mode 100644
index 00000000..dcf556e1
--- /dev/null
+++ b/install/debian/12/templates/dns/office365.tpl
@@ -0,0 +1,22 @@
+ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='3' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns3%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='4' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns4%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='5' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns5%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='6' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns6%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='7' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns7%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='8' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns8%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='9' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='10' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='11' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='12' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% include:spf.protection.outlook.com -all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='13' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='14' RECORD='@' TYPE='MX' PRIORITY='0' VALUE='XXXXXXX.mail.protection.outlook.com.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='15' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"MS=msXXXX"' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='16' RECORD='autodiscover' TYPE='CNAME' PRIORITY='' VALUE='autodiscover.outlook.com.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='17' RECORD='sip' TYPE='CNAME' PRIORITY='' VALUE='sipdir.online.lync.com.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='18' RECORD='lyncdiscover' TYPE='CNAME' PRIORITY='' VALUE='webdir.online.lync.com.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='19' RECORD='enterpriseregistration' TYPE='CNAME' PRIORITY='' VALUE='enterpriseregistration.windows.net.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='20' RECORD='enterpriseenrollment' TYPE='CNAME' PRIORITY='' VALUE='enterpriseenrollment.manage.microsoft.com.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='21' RECORD='_sip._tls' TYPE='SRV' PRIORITY='100 1 443' VALUE='sipdir.online.lync.com.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='22' RECORD='_sipfederationtls._tcp' TYPE='SRV' PRIORITY='100 1 5061' VALUE='sipfed.online.lync.com.' SUSPENDED='no' TIME='%time%' DATE='%date%'
diff --git a/install/debian/12/templates/dns/yandex.tpl b/install/debian/12/templates/dns/yandex.tpl
new file mode 100644
index 00000000..4ce768fe
--- /dev/null
+++ b/install/debian/12/templates/dns/yandex.tpl
@@ -0,0 +1,16 @@
+ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='3' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns3%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='4' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns4%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='5' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns5%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='6' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns6%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='7' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns7%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='8' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns8%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='9' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='10' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='11' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='12' RECORD='mail' TYPE='CNAME' PRIORITY='' VALUE='domain.mail.yandex.net.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='13' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mx.yandex.net.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='14' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% include:_spf.yandex.net ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='15' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='16' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"yandex-verification: XXXXXXXXXXXXXXX"' SUSPENDED='no' TIME='%time%' DATE='%date%'
diff --git a/install/debian/12/templates/web/apache2/PHP-FPM-74-public.sh b/install/debian/12/templates/web/apache2/PHP-FPM-74-public.sh
new file mode 100755
index 00000000..e72bb003
--- /dev/null
+++ b/install/debian/12/templates/web/apache2/PHP-FPM-74-public.sh
@@ -0,0 +1,105 @@
+#!/bin/bash
+# Adding php pool conf
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+pool_conf="[$2]
+
+listen = /run/php/php7.4-fpm-$2.sock
+listen.owner = $1
+listen.group = $1
+listen.mode = 0666
+
+user = $1
+group = $1
+
+pm = ondemand
+pm.max_children = 8
+request_terminate_timeout = 360s
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/$1/tmp
+php_admin_value[session.save_path] = /home/$1/tmp
+php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
+php_admin_value[upload_max_filesize] = 800M
+php_admin_value[max_execution_time] = 300
+php_admin_value[post_max_size] = 800M
+php_admin_value[memory_limit] = 512M
+php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
+php_admin_flag[mysql.allow_persistent] = off
+php_admin_flag[safe_mode] = off
+
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/$1/tmp
+env[TMPDIR] = /home/$1/tmp
+env[TEMP] = /home/$1/tmp
+"
+
+pool_file_56="/etc/php/5.6/fpm/pool.d/$2.conf"
+pool_file_70="/etc/php/7.0/fpm/pool.d/$2.conf"
+pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
+pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
+pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
+pool_file_74="/etc/php/7.4/fpm/pool.d/$2.conf"
+pool_file_80="/etc/php/8.0/fpm/pool.d/$2.conf"
+
+if [ -f "$pool_file_56" ]; then
+    rm $pool_file_56
+    systemctl reset-failed php5.6-fpm
+    systemctl restart php5.6-fpm
+fi
+
+if [ -f "$pool_file_70" ]; then
+    rm $pool_file_70
+    systemctl reset-failed php7.0-fpm
+    systemctl restart php7.0-fpm
+fi
+
+if [ -f "$pool_file_71" ]; then
+    rm $pool_file_71
+    systemctl reset-failed php7.1-fpm
+    systemctl restart php7.1-fpm
+fi
+
+if [ -f "$pool_file_72" ]; then
+    rm $pool_file_72
+    systemctl reset-failed php7.2-fpm
+    systemctl restart php7.2-fpm
+fi
+
+if [ -f "$pool_file_73" ]; then
+    rm $pool_file_73
+    systemctl reset-failed php7.3-fpm
+    systemctl restart php7.3-fpm
+fi
+
+write_file=0
+if [ ! -f "$pool_file_74" ]; then
+  write_file=1
+else
+  user_count=$(grep -c "/home/$1/" $pool_file_74)
+  if [ $user_count -eq 0 ]; then
+    write_file=1
+  fi
+fi
+if [ $write_file -eq 1 ]; then
+    echo "$pool_conf" > $pool_file_74
+    systemctl reset-failed php7.4-fpm
+    systemctl restart php7.4-fpm
+fi
+if [ -f "/etc/php/7.4/fpm/pool.d/www.conf" ]; then
+    rm /etc/php/7.4/fpm/pool.d/www.conf
+fi
+
+if [ -f "$pool_file_80" ]; then
+    rm $pool_file_80
+    systemctl reset-failed php8.0-fpm
+    systemctl restart php8.0-fpm
+fi
+
+exit 0
diff --git a/install/debian/12/templates/web/apache2/PHP-FPM-74-public.stpl b/install/debian/12/templates/web/apache2/PHP-FPM-74-public.stpl
new file mode 100644
index 00000000..fdbc26f9
--- /dev/null
+++ b/install/debian/12/templates/web/apache2/PHP-FPM-74-public.stpl
@@ -0,0 +1,44 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %sdocroot%/public
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+    
+    
+        AllowOverride All
+        SSLRequireSSL
+        Options +Includes -Indexes +ExecCGI
+	
+    SSLEngine on
+    SSLVerifyClient none
+    SSLCertificateFile %ssl_crt%
+    SSLCertificateKeyFile %ssl_key%
+    %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+#    
+#        RMode config
+#        RUidGid %user% %group%
+#        RGroups www-data
+#    
+#    
+#        AssignUserID %user% %group%
+#    
+
+    
+        SetHandler "proxy:unix:/run/php/php7.4-fpm-%domain%.sock|fcgi://localhost/"
+    
+    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
+
+    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/install/debian/12/templates/web/apache2/PHP-FPM-74-public.tpl b/install/debian/12/templates/web/apache2/PHP-FPM-74-public.tpl
new file mode 100644
index 00000000..614f20c3
--- /dev/null
+++ b/install/debian/12/templates/web/apache2/PHP-FPM-74-public.tpl
@@ -0,0 +1,38 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %docroot%/public
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+    
+    
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+    
+#    
+#        RMode config
+#        RUidGid %user% %group%
+#        RGroups www-data
+#    
+#    
+#        AssignUserID %user% %group%
+#    
+
+    
+        SetHandler "proxy:unix:/run/php/php7.4-fpm-%domain%.sock|fcgi://localhost/"
+    
+    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
+
+    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/install/debian/12/templates/web/apache2/PHP-FPM-74.sh b/install/debian/12/templates/web/apache2/PHP-FPM-74.sh
new file mode 100755
index 00000000..e72bb003
--- /dev/null
+++ b/install/debian/12/templates/web/apache2/PHP-FPM-74.sh
@@ -0,0 +1,105 @@
+#!/bin/bash
+# Adding php pool conf
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+pool_conf="[$2]
+
+listen = /run/php/php7.4-fpm-$2.sock
+listen.owner = $1
+listen.group = $1
+listen.mode = 0666
+
+user = $1
+group = $1
+
+pm = ondemand
+pm.max_children = 8
+request_terminate_timeout = 360s
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/$1/tmp
+php_admin_value[session.save_path] = /home/$1/tmp
+php_admin_value[open_basedir] = $5:/home/$1/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcube:/var/log/roundcube:/var/lib/roundcube
+php_admin_value[upload_max_filesize] = 800M
+php_admin_value[max_execution_time] = 300
+php_admin_value[post_max_size] = 800M
+php_admin_value[memory_limit] = 512M
+php_admin_value[sendmail_path] = \"/usr/sbin/sendmail -t -i -f info@$2\"
+php_admin_flag[mysql.allow_persistent] = off
+php_admin_flag[safe_mode] = off
+
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/$1/tmp
+env[TMPDIR] = /home/$1/tmp
+env[TEMP] = /home/$1/tmp
+"
+
+pool_file_56="/etc/php/5.6/fpm/pool.d/$2.conf"
+pool_file_70="/etc/php/7.0/fpm/pool.d/$2.conf"
+pool_file_71="/etc/php/7.1/fpm/pool.d/$2.conf"
+pool_file_72="/etc/php/7.2/fpm/pool.d/$2.conf"
+pool_file_73="/etc/php/7.3/fpm/pool.d/$2.conf"
+pool_file_74="/etc/php/7.4/fpm/pool.d/$2.conf"
+pool_file_80="/etc/php/8.0/fpm/pool.d/$2.conf"
+
+if [ -f "$pool_file_56" ]; then
+    rm $pool_file_56
+    systemctl reset-failed php5.6-fpm
+    systemctl restart php5.6-fpm
+fi
+
+if [ -f "$pool_file_70" ]; then
+    rm $pool_file_70
+    systemctl reset-failed php7.0-fpm
+    systemctl restart php7.0-fpm
+fi
+
+if [ -f "$pool_file_71" ]; then
+    rm $pool_file_71
+    systemctl reset-failed php7.1-fpm
+    systemctl restart php7.1-fpm
+fi
+
+if [ -f "$pool_file_72" ]; then
+    rm $pool_file_72
+    systemctl reset-failed php7.2-fpm
+    systemctl restart php7.2-fpm
+fi
+
+if [ -f "$pool_file_73" ]; then
+    rm $pool_file_73
+    systemctl reset-failed php7.3-fpm
+    systemctl restart php7.3-fpm
+fi
+
+write_file=0
+if [ ! -f "$pool_file_74" ]; then
+  write_file=1
+else
+  user_count=$(grep -c "/home/$1/" $pool_file_74)
+  if [ $user_count -eq 0 ]; then
+    write_file=1
+  fi
+fi
+if [ $write_file -eq 1 ]; then
+    echo "$pool_conf" > $pool_file_74
+    systemctl reset-failed php7.4-fpm
+    systemctl restart php7.4-fpm
+fi
+if [ -f "/etc/php/7.4/fpm/pool.d/www.conf" ]; then
+    rm /etc/php/7.4/fpm/pool.d/www.conf
+fi
+
+if [ -f "$pool_file_80" ]; then
+    rm $pool_file_80
+    systemctl reset-failed php8.0-fpm
+    systemctl restart php8.0-fpm
+fi
+
+exit 0
diff --git a/install/debian/12/templates/web/apache2/PHP-FPM-74.stpl b/install/debian/12/templates/web/apache2/PHP-FPM-74.stpl
new file mode 100644
index 00000000..df607247
--- /dev/null
+++ b/install/debian/12/templates/web/apache2/PHP-FPM-74.stpl
@@ -0,0 +1,44 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %sdocroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+    
+    
+        AllowOverride All
+        SSLRequireSSL
+        Options +Includes -Indexes +ExecCGI
+	
+    SSLEngine on
+    SSLVerifyClient none
+    SSLCertificateFile %ssl_crt%
+    SSLCertificateKeyFile %ssl_key%
+    %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+#    
+#        RMode config
+#        RUidGid %user% %group%
+#        RGroups www-data
+#    
+#    
+#        AssignUserID %user% %group%
+#    
+
+    
+        SetHandler "proxy:unix:/run/php/php7.4-fpm-%domain%.sock|fcgi://localhost/"
+    
+    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
+
+    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/install/debian/12/templates/web/apache2/PHP-FPM-74.tpl b/install/debian/12/templates/web/apache2/PHP-FPM-74.tpl
new file mode 100644
index 00000000..7b6e2cb5
--- /dev/null
+++ b/install/debian/12/templates/web/apache2/PHP-FPM-74.tpl
@@ -0,0 +1,38 @@
+
+
+    ServerName %domain_idn%
+    %alias_string%
+    ServerAdmin %email%
+    DocumentRoot %docroot%
+    ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+    Alias /vstats/ %home%/%user%/web/%domain%/stats/
+    Alias /error/ %home%/%user%/web/%domain%/document_errors/
+    #SuexecUserGroup %user% %group%
+    CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+    CustomLog /var/log/%web_system%/domains/%domain%.log combined
+    ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+    
+        AllowOverride All
+    
+    
+        AllowOverride All
+        Options +Includes -Indexes +ExecCGI
+    
+#    
+#        RMode config
+#        RUidGid %user% %group%
+#        RGroups www-data
+#    
+#    
+#        AssignUserID %user% %group%
+#    
+
+    
+        SetHandler "proxy:unix:/run/php/php7.4-fpm-%domain%.sock|fcgi://localhost/"
+    
+    SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
+
+    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/install/debian/12/templates/web/awstats/awstats.tpl b/install/debian/12/templates/web/awstats/awstats.tpl
new file mode 100755
index 00000000..9a92e0fd
--- /dev/null
+++ b/install/debian/12/templates/web/awstats/awstats.tpl
@@ -0,0 +1,133 @@
+LogFile="/var/log/%web_system%/domains/%domain%.log"
+LogType=W
+LogFormat=1
+LogSeparator=" "
+SiteDomain="%domain_idn%"
+HostAliases="%alias_idn%"
+DirData="%home%/%user%/web/%domain%/stats"
+DirCgi="/vstats"
+DirIcons="/vstats/icon"
+AllowToUpdateStatsFromBrowser=0
+AllowFullYearView=2
+EnableLockForUpdate=1
+DNSStaticCacheFile="dnscache.txt"
+DNSLastUpdateCacheFile="dnscachelastupdate.txt"
+SkipDNSLookupFor=""
+AllowAccessFromWebToAuthenticatedUsersOnly=0
+AllowAccessFromWebToFollowingAuthenticatedUsers=""
+AllowAccessFromWebToFollowingIPAddresses=""
+CreateDirDataIfNotExists=0
+BuildHistoryFormat=text
+BuildReportFormat=html
+SaveDatabaseFilesWithPermissionsForEveryone=0
+PurgeLogFile=0
+ArchiveLogRecords=0
+KeepBackupOfHistoricFiles=1
+DefaultFile="index.php index.html"
+SkipHosts="127.0.0.1
+SkipUserAgents=""
+SkipFiles=""
+SkipReferrersBlackList=""
+OnlyHosts=""
+OnlyUserAgents=""
+OnlyUsers=""
+OnlyFiles=""
+NotPageList="css js class gif jpg jpeg png bmp ico rss xml swf"
+ValidHTTPCodes="200 304"
+ValidSMTPCodes="1 250"
+AuthenticatedUsersNotCaseSensitive=0
+URLNotCaseSensitive=0
+URLWithAnchor=0
+URLQuerySeparators="?;"
+URLWithQuery=0
+URLWithQueryWithOnlyFollowingParameters=""
+URLWithQueryWithoutFollowingParameters=""
+URLReferrerWithQuery=0
+WarningMessages=1
+ErrorMessages=""
+DebugMessages=0
+NbOfLinesForCorruptedLog=50
+WrapperScript=""
+DecodeUA=0
+MiscTrackerUrl="/js/awstats_misc_tracker.js"
+UseFramesWhenCGI=1
+DetailedReportsOnNewWindows=1
+Expires=3600
+MaxRowsInHTMLOutput=1000
+Lang="auto"
+DirLang="./lang"
+ShowMenu=1
+ShowSummary=UVPHB
+ShowMonthStats=UVPHB
+ShowDaysOfMonthStats=VPHB
+ShowDaysOfWeekStats=PHB
+ShowHoursStats=PHB
+ShowDomainsStats=PHB
+ShowHostsStats=PHBL
+ShowAuthenticatedUsers=0
+ShowRobotsStats=HBL
+ShowWormsStats=0
+ShowEMailSenders=0
+ShowEMailReceivers=0
+ShowSessionsStats=1
+ShowPagesStats=PBEX
+ShowFileTypesStats=HB
+ShowFileSizesStats=0
+ShowDownloadsStats=HB
+ShowOSStats=1
+ShowBrowsersStats=1
+ShowScreenSizeStats=0
+ShowOriginStats=PH
+ShowKeyphrasesStats=1
+ShowKeywordsStats=1
+ShowMiscStats=a
+ShowHTTPErrorsStats=1
+ShowSMTPErrorsStats=0
+ShowClusterStats=0
+AddDataArrayMonthStats=1
+AddDataArrayShowDaysOfMonthStats=1
+AddDataArrayShowDaysOfWeekStats=1
+AddDataArrayShowHoursStats=1
+IncludeInternalLinksInOriginSection=0
+MaxNbOfDomain = 10
+MinHitDomain  = 1
+MaxNbOfHostsShown = 10
+MinHitHost    = 1
+MaxNbOfLoginShown = 10
+MinHitLogin   = 1
+MaxNbOfRobotShown = 10
+MinHitRobot   = 1
+MaxNbOfDownloadsShown = 10
+MinHitDownloads = 1
+MaxNbOfPageShown = 10
+MinHitFile    = 1
+MaxNbOfOsShown = 10
+MinHitOs      = 1
+MaxNbOfBrowsersShown = 10
+MinHitBrowser = 1
+MaxNbOfScreenSizesShown = 5
+MinHitScreenSize = 1
+MaxNbOfWindowSizesShown = 5
+MinHitWindowSize = 1
+MaxNbOfRefererShown = 10
+MinHitRefer   = 1
+MaxNbOfKeyphrasesShown = 10
+MinHitKeyphrase = 1
+MaxNbOfKeywordsShown = 10
+MinHitKeyword = 1
+MaxNbOfEMailsShown = 20
+MinHitEMail   = 1
+FirstDayOfWeek=0
+ShowFlagLinks=""
+ShowLinksOnUrl=1
+UseHTTPSLinkForUrl=""
+MaxLengthOfShownURL=64
+HTMLHeadSection=""
+HTMLEndSection=""
+MetaRobot=0
+Logo="awstats_logo6.png"
+LogoLink="http://awstats.sourceforge.net"
+BarWidth   = 260
+BarHeight  = 90
+StyleSheet=""
+ExtraTrackedRowsLimit=500
diff --git a/install/debian/12/templates/web/awstats/index.tpl b/install/debian/12/templates/web/awstats/index.tpl
new file mode 100755
index 00000000..9df9bb5c
--- /dev/null
+++ b/install/debian/12/templates/web/awstats/index.tpl
@@ -0,0 +1,10 @@
+
+
+    
+    Awstats log analyzer 
+
+
+    
+    
+
+
diff --git a/install/debian/12/templates/web/awstats/nav.tpl b/install/debian/12/templates/web/awstats/nav.tpl
new file mode 100755
index 00000000..f29bed68
--- /dev/null
+++ b/install/debian/12/templates/web/awstats/nav.tpl
@@ -0,0 +1,23 @@
+
+
+    Awstats navigation
+    
+
+
+
+
+    
+    
+
+ 
+        
+    
+    
+
+
diff --git a/install/debian/12/templates/web/nginx/caching.sh b/install/debian/12/templates/web/nginx/caching.sh
new file mode 100755
index 00000000..09d8efe7
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/caching.sh
@@ -0,0 +1,19 @@
+#!/bin/bash
+
+user=$1
+domain=$2
+ip=$3
+home=$4
+docroot=$5
+
+str="proxy_cache_path /var/cache/nginx/$domain levels=2" 
+str="$str keys_zone=$domain:10m inactive=60m max_size=512m;" 
+conf='/etc/nginx/conf.d/01_caching_pool.conf'
+if [ -e "$conf" ]; then
+    if [ -z "$(grep "=${domain}:" $conf)" ]; then
+        echo "$str" >> $conf
+    fi
+else
+    echo "$str" >> $conf
+fi
+
diff --git a/install/debian/12/templates/web/nginx/caching.stpl b/install/debian/12/templates/web/nginx/caching.stpl
new file mode 100644
index 00000000..f5c9740f
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/caching.stpl
@@ -0,0 +1,44 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+
+        proxy_cache cache;
+        proxy_cache_valid 15m;
+        proxy_cache_valid 404 1m;
+        proxy_no_cache $no_cache;
+        proxy_cache_bypass $no_cache;
+        proxy_cache_bypass $cookie_session $http_x_update;
+
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            proxy_cache    off;
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/caching.tpl b/install/debian/12/templates/web/nginx/caching.tpl
new file mode 100644
index 00000000..73de28d5
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/caching.tpl
@@ -0,0 +1,42 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      http://%ip%:%web_port%;
+
+        proxy_cache cache;
+        proxy_cache_valid 15m;
+        proxy_cache_valid 404 1m;
+        proxy_no_cache $no_cache;
+        proxy_cache_bypass $no_cache;
+        proxy_cache_bypass $cookie_session $http_x_update;
+
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            proxy_cache    off;
+            root           %docroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/force-https-legacy.stpl b/install/debian/12/templates/web/nginx/force-https-legacy.stpl
new file mode 100644
index 00000000..79e55a26
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/force-https-legacy.stpl
@@ -0,0 +1,39 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+    include %home%/%user%/conf/web/s%proxy_system%.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/force-https-legacy.tpl b/install/debian/12/templates/web/nginx/force-https-legacy.tpl
new file mode 100644
index 00000000..5a463370
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/force-https-legacy.tpl
@@ -0,0 +1,8 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    location / {
+        rewrite ^(.*) https://$host$1 permanent;
+    }
+include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+}
diff --git a/install/debian/12/templates/web/nginx/force-https-public.stpl b/install/debian/12/templates/web/nginx/force-https-public.stpl
new file mode 100644
index 00000000..ac422df6
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/force-https-public.stpl
@@ -0,0 +1,39 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%/public;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%/public;
+
+    include %home%/%user%/conf/web/snginx.%domain_idn%.conf*;
+}
+
diff --git a/install/debian/12/templates/web/nginx/force-https-public.tpl b/install/debian/12/templates/web/nginx/force-https-public.tpl
new file mode 100644
index 00000000..5a463370
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/force-https-public.tpl
@@ -0,0 +1,8 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    location / {
+        rewrite ^(.*) https://$host$1 permanent;
+    }
+include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+}
diff --git a/install/debian/12/templates/web/nginx/force-https-webmail-phpmyadmin.stpl b/install/debian/12/templates/web/nginx/force-https-webmail-phpmyadmin.stpl
new file mode 100644
index 00000000..7e0e71d1
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/force-https-webmail-phpmyadmin.stpl
@@ -0,0 +1,63 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /webmail {
+        disable_symlinks off;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           /var/lib/roundcube;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /phpmyadmin {
+        disable_symlinks off;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           /usr/share;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/install/debian/12/templates/web/nginx/force-https-webmail-phpmyadmin.tpl b/install/debian/12/templates/web/nginx/force-https-webmail-phpmyadmin.tpl
new file mode 100644
index 00000000..5a463370
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/force-https-webmail-phpmyadmin.tpl
@@ -0,0 +1,8 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    location / {
+        rewrite ^(.*) https://$host$1 permanent;
+    }
+include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+}
diff --git a/install/debian/12/templates/web/nginx/force-https.stpl b/install/debian/12/templates/web/nginx/force-https.stpl
new file mode 100644
index 00000000..33fab443
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/force-https.stpl
@@ -0,0 +1,39 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+    include %home%/%user%/conf/web/s%proxy_system%.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/force-https.tpl b/install/debian/12/templates/web/nginx/force-https.tpl
new file mode 100644
index 00000000..5a463370
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/force-https.tpl
@@ -0,0 +1,8 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    location / {
+        rewrite ^(.*) https://$host$1 permanent;
+    }
+include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+}
diff --git a/install/debian/12/templates/web/nginx/hosting-legacy.sh b/install/debian/12/templates/web/nginx/hosting-legacy.sh
new file mode 100755
index 00000000..eeed37ef
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/hosting-legacy.sh
@@ -0,0 +1,11 @@
+#!/bin/bash
+# Changing public_html permission
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+chmod 755 $docroot
+
+exit 0
diff --git a/install/debian/12/templates/web/nginx/hosting-legacy.stpl b/install/debian/12/templates/web/nginx/hosting-legacy.stpl
new file mode 100644
index 00000000..a34b4bf1
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/hosting-legacy.stpl
@@ -0,0 +1,39 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/install/debian/12/templates/web/nginx/hosting-legacy.tpl b/install/debian/12/templates/web/nginx/hosting-legacy.tpl
new file mode 100644
index 00000000..a41d4054
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/hosting-legacy.tpl
@@ -0,0 +1,36 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %docroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
+
diff --git a/install/debian/12/templates/web/nginx/hosting-public.stpl b/install/debian/12/templates/web/nginx/hosting-public.stpl
new file mode 100644
index 00000000..ac422df6
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/hosting-public.stpl
@@ -0,0 +1,39 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%/public;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%/public;
+
+    include %home%/%user%/conf/web/snginx.%domain_idn%.conf*;
+}
+
diff --git a/install/debian/12/templates/web/nginx/hosting-public.tpl b/install/debian/12/templates/web/nginx/hosting-public.tpl
new file mode 100644
index 00000000..f5d8b327
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/hosting-public.tpl
@@ -0,0 +1,36 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %docroot%/public;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%/public;
+
+    include %home%/%user%/conf/web/nginx.%domain_idn%.conf*;
+}
+
diff --git a/install/debian/12/templates/web/nginx/hosting-webmail-phpmyadmin.stpl b/install/debian/12/templates/web/nginx/hosting-webmail-phpmyadmin.stpl
new file mode 100644
index 00000000..7e0e71d1
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/hosting-webmail-phpmyadmin.stpl
@@ -0,0 +1,63 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /webmail {
+        disable_symlinks off;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           /var/lib/roundcube;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /phpmyadmin {
+        disable_symlinks off;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           /usr/share;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/install/debian/12/templates/web/nginx/hosting-webmail-phpmyadmin.tpl b/install/debian/12/templates/web/nginx/hosting-webmail-phpmyadmin.tpl
new file mode 100644
index 00000000..f84f4781
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/hosting-webmail-phpmyadmin.tpl
@@ -0,0 +1,60 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %docroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /webmail {
+        disable_symlinks off;
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           /var/lib/roundcube;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /phpmyadmin {
+        disable_symlinks off;
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           /usr/share;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
+
diff --git a/install/debian/12/templates/web/nginx/hosting.sh b/install/debian/12/templates/web/nginx/hosting.sh
new file mode 100755
index 00000000..eeed37ef
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/hosting.sh
@@ -0,0 +1,11 @@
+#!/bin/bash
+# Changing public_html permission
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+chmod 755 $docroot
+
+exit 0
diff --git a/install/debian/12/templates/web/nginx/hosting.stpl b/install/debian/12/templates/web/nginx/hosting.stpl
new file mode 100644
index 00000000..755caadf
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/hosting.stpl
@@ -0,0 +1,39 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/install/debian/12/templates/web/nginx/hosting.tpl b/install/debian/12/templates/web/nginx/hosting.tpl
new file mode 100644
index 00000000..61469ad2
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/hosting.tpl
@@ -0,0 +1,36 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %docroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
+
diff --git a/install/debian/12/templates/web/nginx/php-fpm/cms_made_simple.stpl b/install/debian/12/templates/web/nginx/php-fpm/cms_made_simple.stpl
new file mode 100644
index 00000000..cf8fad56
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/cms_made_simple.stpl
@@ -0,0 +1,55 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ /index.php?page=$request_uri;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/cms_made_simple.tpl b/install/debian/12/templates/web/nginx/php-fpm/cms_made_simple.tpl
new file mode 100644
index 00000000..f9e90393
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/cms_made_simple.tpl
@@ -0,0 +1,52 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        try_files $uri $uri/ /index.php?page=$request_uri;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/codeigniter2.stpl b/install/debian/12/templates/web/nginx/php-fpm/codeigniter2.stpl
new file mode 100644
index 00000000..5931f617
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/codeigniter2.stpl
@@ -0,0 +1,60 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location = /index.php {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param  SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location ~ \.php$ {
+        return 444;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/codeigniter2.tpl b/install/debian/12/templates/web/nginx/php-fpm/codeigniter2.tpl
new file mode 100644
index 00000000..d2422be2
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/codeigniter2.tpl
@@ -0,0 +1,57 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location = /index.php {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param  SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location ~ \.php$ {
+        return 444;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/codeigniter3.stpl b/install/debian/12/templates/web/nginx/php-fpm/codeigniter3.stpl
new file mode 100644
index 00000000..3c2793d1
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/codeigniter3.stpl
@@ -0,0 +1,55 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/codeigniter3.tpl b/install/debian/12/templates/web/nginx/php-fpm/codeigniter3.tpl
new file mode 100644
index 00000000..54f81b99
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/codeigniter3.tpl
@@ -0,0 +1,52 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/datalife_engine.stpl b/install/debian/12/templates/web/nginx/php-fpm/datalife_engine.stpl
new file mode 100644
index 00000000..bb9a727b
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/datalife_engine.stpl
@@ -0,0 +1,126 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+    
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last;
+
+        rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last;
+        rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last;
+        rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last;
+        rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last;
+
+        rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last;
+        rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last;
+        rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last;
+        rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last;
+
+        rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last;
+        rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last;
+
+        rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last;
+        rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last;
+
+        rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last;
+        rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last;
+
+        rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last;
+        rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last;
+        rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last;
+        rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last;
+        rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last;
+        rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last;
+
+        rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last;
+        rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last;
+
+        rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last;
+        rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last;
+        rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last;
+
+        rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last;
+        rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last;
+
+        rewrite "^/favorites(/?)+$" /index.php?do=favorites last;
+        rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last;
+
+        rewrite "^/rules.html$" /index.php?do=rules last;
+        rewrite "^/statistics.html$" /index.php?do=stats last;
+        rewrite "^/addnews.html$" /index.php?do=addnews last;
+        rewrite "^/rss.xml$" /engine/rss.php last;
+        rewrite "^/sitemap.xml$" /uploads/sitemap.xml last;
+
+        if (!-d $request_filename) {
+                rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last;
+                rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last;
+        }
+
+        if (!-f $request_filename) {
+                rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last;
+                rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last;
+                rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last;
+        }
+
+        if (!-f $request_filename) {
+                rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/datalife_engine.tpl b/install/debian/12/templates/web/nginx/php-fpm/datalife_engine.tpl
new file mode 100644
index 00000000..3ea45347
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/datalife_engine.tpl
@@ -0,0 +1,123 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last;
+
+        rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last;
+        rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last;
+        rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last;
+        rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last;
+
+        rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last;
+        rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last;
+        rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last;
+        rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last;
+
+        rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last;
+        rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last;
+
+        rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last;
+        rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last;
+
+        rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last;
+        rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last;
+
+        rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last;
+        rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last;
+        rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last;
+        rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last;
+        rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last;
+        rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last;
+
+        rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last;
+        rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last;
+
+        rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last;
+        rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last;
+        rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last;
+
+        rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last;
+        rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last;
+
+        rewrite "^/favorites(/?)+$" /index.php?do=favorites last;
+        rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last;
+
+        rewrite "^/rules.html$" /index.php?do=rules last;
+        rewrite "^/statistics.html$" /index.php?do=stats last;
+        rewrite "^/addnews.html$" /index.php?do=addnews last;
+        rewrite "^/rss.xml$" /engine/rss.php last;
+        rewrite "^/sitemap.xml$" /uploads/sitemap.xml last;
+
+        if (!-d $request_filename) {
+                rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last;
+                rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last;
+        }
+
+        if (!-f $request_filename) {
+                rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last;
+                rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last;
+                rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last;
+        }
+
+        if (!-f $request_filename) {
+                rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/default.stpl b/install/debian/12/templates/web/nginx/php-fpm/default.stpl
new file mode 100644
index 00000000..f9c01e40
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/default.stpl
@@ -0,0 +1,54 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/default.tpl b/install/debian/12/templates/web/nginx/php-fpm/default.tpl
new file mode 100644
index 00000000..a8909efb
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/default.tpl
@@ -0,0 +1,51 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/dokuwiki.stpl b/install/debian/12/templates/web/nginx/php-fpm/dokuwiki.stpl
new file mode 100644
index 00000000..a7564705
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/dokuwiki.stpl
@@ -0,0 +1,71 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        index doku.php;
+        try_files $uri $uri/ @dokuwiki;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location ~ ^/lib.*\.(gif|png|ico|jpg)$ {
+        expires 30d;
+    }
+
+    location ^~ /conf/ { return 403; }
+    location ^~ /data/ { return 403; }
+
+    location @dokuwiki {
+        rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last;
+        rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last;
+        rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last;
+        rewrite ^/(.*) /doku.php?id=$1 last;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/dokuwiki.tpl b/install/debian/12/templates/web/nginx/php-fpm/dokuwiki.tpl
new file mode 100644
index 00000000..0a9a75ed
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/dokuwiki.tpl
@@ -0,0 +1,67 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        index doku.php;
+        try_files $uri $uri/ @dokuwiki;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location ~ ^/lib.*\.(gif|png|ico|jpg)$ {
+        expires 30d;
+    }
+
+    location ^~ /conf/ { return 403; }
+    location ^~ /data/ { return 403; }
+    location @dokuwiki {
+        rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last;
+        rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last;
+        rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last;
+        rewrite ^/(.*) /doku.php?id=$1 last;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/drupal6.stpl b/install/debian/12/templates/web/nginx/php-fpm/drupal6.stpl
new file mode 100644
index 00000000..6e67a4e0
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/drupal6.stpl
@@ -0,0 +1,94 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+    }
+
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
+    location / {
+        try_files $uri @rewrite;
+    }
+
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
+
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }    
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/drupal6.tpl b/install/debian/12/templates/web/nginx/php-fpm/drupal6.tpl
new file mode 100644
index 00000000..d1096bff
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/drupal6.tpl
@@ -0,0 +1,91 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+        }
+
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+
+    location / {
+        try_files $uri @rewrite;
+    }
+
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
+
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }
+        
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/drupal7.stpl b/install/debian/12/templates/web/nginx/php-fpm/drupal7.stpl
new file mode 100644
index 00000000..32f01a6f
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/drupal7.stpl
@@ -0,0 +1,94 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+    }
+
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
+    location / {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
+
+    location ~ ^/sites/.*/files/styles/ {
+        try_files $uri @rewrite;
+    }
+
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/drupal7.tpl b/install/debian/12/templates/web/nginx/php-fpm/drupal7.tpl
new file mode 100644
index 00000000..c9729795
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/drupal7.tpl
@@ -0,0 +1,91 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+        }
+
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
+    location / {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
+
+    location ~ ^/sites/.*/files/styles/ {
+        try_files $uri @rewrite;
+    }
+
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/drupal8.stpl b/install/debian/12/templates/web/nginx/php-fpm/drupal8.stpl
new file mode 100644
index 00000000..32f01a6f
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/drupal8.stpl
@@ -0,0 +1,94 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+    }
+
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
+    location / {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
+
+    location ~ ^/sites/.*/files/styles/ {
+        try_files $uri @rewrite;
+    }
+
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/drupal8.tpl b/install/debian/12/templates/web/nginx/php-fpm/drupal8.tpl
new file mode 100644
index 00000000..c9729795
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/drupal8.tpl
@@ -0,0 +1,91 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+        }
+
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
+    location / {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
+
+    location ~ ^/sites/.*/files/styles/ {
+        try_files $uri @rewrite;
+    }
+
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/joomla.stpl b/install/debian/12/templates/web/nginx/php-fpm/joomla.stpl
new file mode 100644
index 00000000..d4f96ee3
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/joomla.stpl
@@ -0,0 +1,62 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        # deny running scripts inside writable directories
+        location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ {
+            return 403;
+            error_page 403 /403_error.html;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/joomla.tpl b/install/debian/12/templates/web/nginx/php-fpm/joomla.tpl
new file mode 100644
index 00000000..91b7a8f1
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/joomla.tpl
@@ -0,0 +1,59 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        # deny running scripts inside writable directories
+        location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ {
+            return 403;
+            error_page 403 /403_error.html;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/laravel.stpl b/install/debian/12/templates/web/nginx/php-fpm/laravel.stpl
new file mode 100644
index 00000000..db0b4dde
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/laravel.stpl
@@ -0,0 +1,54 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%/public;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    
+    location / {
+        try_files $uri $uri/ /index.php?$query_string;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/laravel.tpl b/install/debian/12/templates/web/nginx/php-fpm/laravel.tpl
new file mode 100644
index 00000000..d14b0173
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/laravel.tpl
@@ -0,0 +1,50 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%/public;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+    location / {
+        try_files $uri $uri/ /index.php?$query_string;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/magento.stpl b/install/debian/12/templates/web/nginx/php-fpm/magento.stpl
new file mode 100644
index 00000000..f8ac30c9
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/magento.stpl
@@ -0,0 +1,197 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+
+    root        %sdocroot%/pub;
+    index       index.php;
+    autoindex   off;
+    charset     UTF-8;
+    error_page  404 403 = /errors/404.php;
+    add_header  "X-UA-Compatible" "IE=Edge";
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    # PHP entry point for setup application
+    location ~* ^/setup($|/) {
+        root %sdocroot%;
+
+        location ~ ^/setup/index.php {
+            fastcgi_pass   %backend_lsnr%;
+            fastcgi_index  index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            include        /etc/nginx/fastcgi_params;
+        }
+
+        location ~ ^/setup/(?!pub/). {
+            deny all;
+        }
+
+        location ~ ^/setup/pub/ {
+            add_header X-Frame-Options "SAMEORIGIN";
+        }
+    }
+
+    # PHP entry point for update application
+    location ~* ^/update($|/) {
+        root %sdocroot%;
+
+        location ~ ^/update/index.php {
+            fastcgi_split_path_info ^(/update/index.php)(/.+)$;
+            fastcgi_pass   %backend_lsnr%;
+            fastcgi_index  index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            fastcgi_param  PATH_INFO        $fastcgi_path_info;
+            include        /etc/nginx/fastcgi_params;
+        }
+
+        # Deny everything but index.php
+        location ~ ^/update/(?!pub/). {
+            deny all;
+        }
+
+        location ~ ^/update/pub/ {
+            add_header X-Frame-Options "SAMEORIGIN";
+        }
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+    }
+
+    location /pub/ {
+        location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) {
+            deny all;
+        }
+
+        alias %sdocroot%/pub/;
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /static/ {
+        # Uncomment the following line in production mode
+        # expires max;
+
+        # Remove signature of the static files that is used to overcome the browser cache
+        location ~ ^/static/version {
+            rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last;
+        }
+
+        location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+            add_header Cache-Control "public";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires +1y;
+
+            if (!-f $request_filename) {
+                rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+            }
+        }
+
+        location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+            add_header Cache-Control "no-store";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires    off;
+
+            if (!-f $request_filename) {
+                rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+            }
+        }
+
+        if (!-f $request_filename) {
+            rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+        }
+
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /media/ {
+        try_files $uri $uri/ /get.php?$args;
+
+        location ~ ^/media/theme_customization/.*\.xml {
+            deny all;
+        }
+
+        location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+            add_header Cache-Control "public";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires +1y;
+            try_files $uri $uri/ /get.php?$args;
+        }
+
+        location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+            add_header Cache-Control "no-store";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires    off;
+            try_files $uri $uri/ /get.php?$args;
+        }
+
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /media/customer/ {
+        deny all;
+    }
+
+    location /media/downloadable/ {
+        deny all;
+    }
+
+    location /media/import/ {
+        deny all;
+    }
+
+    # PHP entry point for main application
+    location ~ (index|get|static|report|404|503)\.php$ {
+        try_files $uri =404;
+
+        fastcgi_pass   %backend_lsnr%;
+        fastcgi_buffers 1024 4k;
+        fastcgi_read_timeout 600s;
+        fastcgi_connect_timeout 600s;
+
+        fastcgi_index  index.php;
+        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+        include        /etc/nginx/fastcgi_params;
+    }
+
+    gzip on;
+    gzip_disable "msie6";
+
+    gzip_comp_level 6;
+    gzip_min_length 1100;
+    gzip_buffers 16 8k;
+    gzip_proxied any;
+    gzip_types
+        text/plain
+        text/css
+        text/js
+        text/xml
+        text/javascript
+        application/javascript
+        application/x-javascript
+        application/json
+        application/xml
+        application/xml+rss
+        image/svg+xml;
+    gzip_vary on;
+
+    # Banned locations (only reached if the earlier PHP entry point regexes don't match)
+    location ~* (\.php$|\.htaccess$|\.git) {
+        deny all;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/magento.tpl b/install/debian/12/templates/web/nginx/php-fpm/magento.tpl
new file mode 100644
index 00000000..3f292fff
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/magento.tpl
@@ -0,0 +1,194 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+
+    root        %docroot%/pub;
+    index       index.php;
+    autoindex   off;
+    charset     UTF-8;
+    error_page  404 403 = /errors/404.php;
+    add_header  "X-UA-Compatible" "IE=Edge";
+
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    # PHP entry point for setup application
+    location ~* ^/setup($|/) {
+        root %docroot%;
+
+        location ~ ^/setup/index.php {
+            fastcgi_pass   %backend_lsnr%;
+            fastcgi_index  index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            include        /etc/nginx/fastcgi_params;
+        }
+
+        location ~ ^/setup/(?!pub/). {
+            deny all;
+        }
+
+        location ~ ^/setup/pub/ {
+            add_header X-Frame-Options "SAMEORIGIN";
+        }
+    }
+
+    # PHP entry point for update application
+    location ~* ^/update($|/) {
+        root %docroot%;
+
+        location ~ ^/update/index.php {
+            fastcgi_split_path_info ^(/update/index.php)(/.+)$;
+            fastcgi_pass   %backend_lsnr%;
+            fastcgi_index  index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            fastcgi_param  PATH_INFO        $fastcgi_path_info;
+            include        /etc/nginx/fastcgi_params;
+        }
+
+        # Deny everything but index.php
+        location ~ ^/update/(?!pub/). {
+            deny all;
+        }
+
+        location ~ ^/update/pub/ {
+            add_header X-Frame-Options "SAMEORIGIN";
+        }
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+    }
+
+    location /pub/ {
+        location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) {
+            deny all;
+        }
+
+        alias %docroot%/pub/;
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /static/ {
+        # Uncomment the following line in production mode
+        # expires max;
+
+        # Remove signature of the static files that is used to overcome the browser cache
+        location ~ ^/static/version {
+            rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last;
+        }
+
+        location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+            add_header Cache-Control "public";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires +1y;
+
+            if (!-f $request_filename) {
+                rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+            }
+        }
+
+        location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+            add_header Cache-Control "no-store";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires    off;
+
+            if (!-f $request_filename) {
+                rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+            }
+        }
+
+        if (!-f $request_filename) {
+            rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+        }
+
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /media/ {
+        try_files $uri $uri/ /get.php?$args;
+
+        location ~ ^/media/theme_customization/.*\.xml {
+            deny all;
+        }
+
+        location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+            add_header Cache-Control "public";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires +1y;
+            try_files $uri $uri/ /get.php?$args;
+        }
+
+        location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+            add_header Cache-Control "no-store";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires    off;
+            try_files $uri $uri/ /get.php?$args;
+        }
+
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /media/customer/ {
+        deny all;
+    }
+
+    location /media/downloadable/ {
+        deny all;
+    }
+
+    location /media/import/ {
+        deny all;
+    }
+
+    # PHP entry point for main application
+    location ~ (index|get|static|report|404|503)\.php$ {
+        try_files $uri =404;
+
+        fastcgi_pass   %backend_lsnr%;
+        fastcgi_buffers 1024 4k;
+        fastcgi_read_timeout 600s;
+        fastcgi_connect_timeout 600s;
+
+        fastcgi_index  index.php;
+        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+        include        /etc/nginx/fastcgi_params;
+    }
+
+    gzip on;
+    gzip_disable "msie6";
+
+    gzip_comp_level 6;
+    gzip_min_length 1100;
+    gzip_buffers 16 8k;
+    gzip_proxied any;
+    gzip_types
+        text/plain
+        text/css
+        text/js
+        text/xml
+        text/javascript
+        application/javascript
+        application/x-javascript
+        application/json
+        application/xml
+        application/xml+rss
+        image/svg+xml;
+    gzip_vary on;
+
+    # Banned locations (only reached if the earlier PHP entry point regexes don't match)
+    location ~* (\.php$|\.htaccess$|\.git) {
+        deny all;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/modx.stpl b/install/debian/12/templates/web/nginx/php-fpm/modx.stpl
new file mode 100644
index 00000000..420aeb9e
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/modx.stpl
@@ -0,0 +1,68 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+    
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+#   if you need to rewrite www to non-www uncomment bellow
+#   if ($host != '%domain%' ) {
+#       rewrite      ^/(.*)$  https://%domain%/$1  permanent;
+#    }
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ @rewrite;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+    }
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
+    location ~ \.php$ {
+        try_files $uri =404;
+        fastcgi_pass %backend_lsnr%;
+        fastcgi_index index.php;
+        fastcgi_param SCRIPT_FILENAME $request_filename;
+        include /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/modx.tpl b/install/debian/12/templates/web/nginx/php-fpm/modx.tpl
new file mode 100644
index 00000000..342d3ecf
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/modx.tpl
@@ -0,0 +1,65 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+#   if you need to rewrite www to non-www uncomment bellow
+#   if ($host != '%domain%' ) {
+#       rewrite      ^/(.*)$  http://%domain%/$1  permanent;
+#    }
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ @rewrite;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+    }
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
+    location ~ \.php$ {
+        try_files $uri =404;
+        fastcgi_pass %backend_lsnr%;
+        fastcgi_index index.php;
+        fastcgi_param SCRIPT_FILENAME $request_filename;
+        include /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/moodle.stpl b/install/debian/12/templates/web/nginx/php-fpm/moodle.stpl
new file mode 100644
index 00000000..8594ec94
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/moodle.stpl
@@ -0,0 +1,89 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+    }
+
+    # No no for private
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    # Block access to "hidden" files and directories whose names begin with a
+    # period. This includes directories used by version control systems such
+    # as Subversion or Git to store control files.
+    location ~ (^|/)\. {
+            return 403;
+        }
+
+    location / {
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $request_filename;
+            fastcgi_intercept_errors on;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/moodle.tpl b/install/debian/12/templates/web/nginx/php-fpm/moodle.tpl
new file mode 100644
index 00000000..c20ba648
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/moodle.tpl
@@ -0,0 +1,87 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    # Very rarely should these ever be accessed outside of your lan
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+        }
+
+    # No no for private
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    # Block access to "hidden" files and directories whose names begin with a
+    # period. This includes directories used by version control systems such
+    # as Subversion or Git to store control files.
+    location ~ (^|/)\. {
+        return 403;
+    }
+
+    location / {
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $request_filename;
+            fastcgi_intercept_errors on;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/no-php.stpl b/install/debian/12/templates/web/nginx/php-fpm/no-php.stpl
new file mode 100644
index 00000000..4bb50383
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/no-php.stpl
@@ -0,0 +1,46 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    types {
+            text/html   html htm shtml php php5;
+    }
+
+    location / {
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/no-php.tpl b/install/debian/12/templates/web/nginx/php-fpm/no-php.tpl
new file mode 100644
index 00000000..7ff8aa1d
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/no-php.tpl
@@ -0,0 +1,43 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    types {
+            text/html   html htm shtml php php5;
+    }
+
+    location / {
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/odoo.stpl b/install/debian/12/templates/web/nginx/php-fpm/odoo.stpl
new file mode 100644
index 00000000..e28afcfc
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/odoo.stpl
@@ -0,0 +1,69 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
+    proxy_redirect          off;
+
+    proxy_set_header X-Forwarded-Host $host;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_set_header X-Real-IP $remote_addr;
+
+    proxy_connect_timeout   720;
+    proxy_send_timeout      720;
+    proxy_read_timeout      720;
+    send_timeout            720;
+
+    # Allow "Well-Known URIs" as per RFC 5785
+    location ~* ^/.well-known/ {
+        allow all;
+    }
+
+    location / {
+        proxy_pass http://127.0.0.1:8069;
+    }
+
+    location /longpolling {
+        proxy_pass http://127.0.0.1:8072;
+    }
+    
+    location ~* /web/static/ {
+        proxy_cache_valid 200 60m;
+        proxy_buffering on;
+        expires 864000;
+        proxy_pass http://127.0.0.1:8069;
+    }
+    
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/odoo.tpl b/install/debian/12/templates/web/nginx/php-fpm/odoo.tpl
new file mode 100644
index 00000000..b1240aae
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/odoo.tpl
@@ -0,0 +1,66 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+    
+    proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
+    proxy_redirect          off;
+
+    proxy_set_header X-Forwarded-Host $host;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_set_header X-Real-IP $remote_addr;
+
+    proxy_connect_timeout   720;
+    proxy_send_timeout      720;
+    proxy_read_timeout      720;
+    send_timeout            720;
+
+    # Allow "Well-Known URIs" as per RFC 5785
+    location ~* ^/.well-known/ {
+        allow all;
+    }
+
+    location / {
+        proxy_pass http://127.0.0.1:8069;
+    }
+
+    location /longpolling {
+        proxy_pass http://127.0.0.1:8072;
+    }
+    
+    location ~* /web/static/ {
+        proxy_cache_valid 200 60m;
+        proxy_buffering on;
+        expires 864000;
+        proxy_pass http://127.0.0.1:8069;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/opencart.stpl b/install/debian/12/templates/web/nginx/php-fpm/opencart.stpl
new file mode 100644
index 00000000..52706d21
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/opencart.stpl
@@ -0,0 +1,58 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ @opencart;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location @opencart {
+        rewrite ^/(.+)$ /index.php?_route_=$1 last;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/opencart.tpl b/install/debian/12/templates/web/nginx/php-fpm/opencart.tpl
new file mode 100644
index 00000000..d0a9060b
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/opencart.tpl
@@ -0,0 +1,54 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+    location / {
+        try_files $uri $uri/ @opencart;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location @opencart {
+        rewrite ^/(.+)$ /index.php?_route_=$1 last;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/owncloud.stpl b/install/debian/12/templates/web/nginx/php-fpm/owncloud.stpl
new file mode 100644
index 00000000..1b803f97
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/owncloud.stpl
@@ -0,0 +1,84 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
+    rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
+    rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
+
+    error_page 403 = /core/templates/403.php;
+    error_page 404 = /core/templates/404.php;
+
+    location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){
+        deny all;
+    }
+
+    location / {
+        # The following 2 rules are only needed with webfinger
+        rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
+        rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
+        rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
+        rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
+        rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
+        try_files $uri $uri/ /index.php;
+
+        location ~ \.php(?:$|/) {
+            fastcgi_split_path_info ^(.+\.php)(/.+)$;
+            include         /etc/nginx/fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_param PATH_INFO $fastcgi_path_info;
+            #fastcgi_param HTTPS on;
+            fastcgi_pass    %backend_lsnr%;
+        }
+    }
+
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        expires     max;
+        # Some basic cache-control for static files to be sent to the browser
+        add_header Pragma public;
+        add_header Cache-Control "public, must-revalidate, proxy-revalidate";
+    }
+
+    #error_page  403 /error/404.html;
+    #error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/owncloud.tpl b/install/debian/12/templates/web/nginx/php-fpm/owncloud.tpl
new file mode 100644
index 00000000..e3ec31de
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/owncloud.tpl
@@ -0,0 +1,81 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+            access_log off;
+    }
+
+    rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
+    rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
+    rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
+
+    error_page 403 = /core/templates/403.php;
+    error_page 404 = /core/templates/404.php;
+
+    location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){
+        deny all;
+    }
+
+    location / {
+        # The following 2 rules are only needed with webfinger
+        rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
+        rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
+        rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
+        rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
+        rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
+        try_files $uri $uri/ /index.php;
+
+        location ~ \.php(?:$|/) {
+            fastcgi_split_path_info ^(.+\.php)(/.+)$;
+            include         /etc/nginx/fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_param PATH_INFO $fastcgi_path_info;
+            #fastcgi_param HTTPS on;
+            fastcgi_pass    %backend_lsnr%;
+        }
+    }
+
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        expires     max;
+        # Some basic cache-control for static files to be sent to the browser
+        add_header Pragma public;
+        add_header Cache-Control "public, must-revalidate, proxy-revalidate";
+    }
+
+    #error_page  403 /error/404.html;
+    #error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/piwik.stpl b/install/debian/12/templates/web/nginx/php-fpm/piwik.stpl
new file mode 100644
index 00000000..1b299343
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/piwik.stpl
@@ -0,0 +1,72 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        try_files /favicon.ico =204;
+    }
+
+    location / {
+        try_files $uri /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            valid_referers none blocked %domain_idn% %alias_idn%;
+            if ($invalid_referer)  {
+                return 444;
+            }
+            expires     max;
+        }
+
+        location ~* ^/(?:index|piwik)\.php$ {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return 404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    # Any other attempt to access PHP files returns a 404.
+    location ~* ^.+\.php$ {
+        return 404; 
+    }
+
+    # Return a 404 for all text files.
+    location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ {
+            return 404;
+        }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/piwik.tpl b/install/debian/12/templates/web/nginx/php-fpm/piwik.tpl
new file mode 100644
index 00000000..f94fb7de
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/piwik.tpl
@@ -0,0 +1,69 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        try_files /favicon.ico =204;
+    }
+
+    location / {
+        try_files $uri /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            valid_referers none blocked %domain_idn% %alias_idn%;
+            if ($invalid_referer)  {
+                return 444;
+            }
+            expires     max;
+        }
+
+        location ~* ^/(?:index|piwik)\.php$ {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return 404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    # Any other attempt to access PHP files returns a 404.
+    location ~* ^.+\.php$ {
+            return 404; 
+    }
+
+    # Return a 404 for all text files.
+    location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ {
+            return 404;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/pyrocms.stpl b/install/debian/12/templates/web/nginx/php-fpm/pyrocms.stpl
new file mode 100644
index 00000000..d26ed9f4
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/pyrocms.stpl
@@ -0,0 +1,65 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%/public;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location /installer {
+            try_files $uri $uri/ /installer/index.php?$query_string;
+        }
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location = /robots.txt  { access_log off; log_not_found off; }
+    location = /favicon.ico { access_log off; log_not_found off; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
+    location ~ ~$           { access_log off; log_not_found off; deny all; }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/pyrocms.tpl b/install/debian/12/templates/web/nginx/php-fpm/pyrocms.tpl
new file mode 100644
index 00000000..b92861b0
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/pyrocms.tpl
@@ -0,0 +1,62 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%/public;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location /installer {
+            try_files $uri $uri/ /installer/index.php?$query_string;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location = /robots.txt  { access_log off; log_not_found off; }
+    location = /favicon.ico { access_log off; log_not_found off; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
+    location ~ ~$           { access_log off; log_not_found off; deny all; }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/sendy.stpl b/install/debian/12/templates/web/nginx/php-fpm/sendy.stpl
new file mode 100644
index 00000000..0b351000
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/sendy.stpl
@@ -0,0 +1,88 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+     location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" {
+        deny all;
+    }
+
+    location ~ /(readme.html|license.txt) {
+        deny all;
+    }
+
+    if (!-f $request_filename){
+        rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+        location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ {
+            expires 1d;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            try_files $uri =404;
+            fastcgi_pass %backend_lsnr%;
+            fastcgi_index index.php;
+            include /etc/nginx/fastcgi_params;
+        }
+
+        location /l/ {
+            rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last;
+        }
+
+        location /t/ {
+            rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last;
+        }
+
+        location /w/ {
+            rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last;
+        }
+
+        location /unsubscribe/ {
+            rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last;
+        }
+
+        location /subscribe/ {
+            rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/sendy.tpl b/install/debian/12/templates/web/nginx/php-fpm/sendy.tpl
new file mode 100644
index 00000000..b27b427d
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/sendy.tpl
@@ -0,0 +1,86 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" {
+        deny all;
+    }
+
+    location ~ /(readme.html|license.txt) {
+        deny all;
+    }
+
+    if (!-f $request_filename){
+        rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+        location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ {
+            expires 1d;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            try_files $uri =404;
+            fastcgi_pass %backend_lsnr%;
+            fastcgi_index index.php;
+            include /etc/nginx/fastcgi_params;
+        }
+
+        location /l/ {
+            rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last;
+        }
+
+        location /t/ {
+            rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last;
+        }
+
+        location /w/ {
+            rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last;
+        }
+
+        location /unsubscribe/ {
+            rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last;
+        }
+
+        location /subscribe/ {
+            rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/wordpress.stpl b/install/debian/12/templates/web/nginx/php-fpm/wordpress.stpl
new file mode 100644
index 00000000..f9c01e40
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/wordpress.stpl
@@ -0,0 +1,54 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/wordpress.tpl b/install/debian/12/templates/web/nginx/php-fpm/wordpress.tpl
new file mode 100644
index 00000000..a8909efb
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/wordpress.tpl
@@ -0,0 +1,51 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/wordpress2.stpl b/install/debian/12/templates/web/nginx/php-fpm/wordpress2.stpl
new file mode 100644
index 00000000..01dfee5b
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/wordpress2.stpl
@@ -0,0 +1,66 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/wordpress2.tpl b/install/debian/12/templates/web/nginx/php-fpm/wordpress2.tpl
new file mode 100644
index 00000000..bccb8b3d
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/wordpress2.tpl
@@ -0,0 +1,63 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/debian/12/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl
new file mode 100644
index 00000000..a5fc46fb
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl
@@ -0,0 +1,71 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        if (!-e $request_filename)
+        {
+            rewrite ^(.+)$ /index.php?q=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain_idn%.conf*;
+} 
diff --git a/install/debian/12/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl b/install/debian/12/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl
new file mode 100644
index 00000000..39e366b7
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl
@@ -0,0 +1,67 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+        
+        if (!-e $request_filename)
+        {
+            rewrite ^(.+)$ /index.php?q=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain_idn%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/private-force-https.stpl b/install/debian/12/templates/web/nginx/private-force-https.stpl
new file mode 100644
index 00000000..64094fb8
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/private-force-https.stpl
@@ -0,0 +1,39 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        auth_basic           "Restricted area";
+        auth_basic_user_file /etc/nginx/.htpasswd;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+    include %home%/%user%/conf/web/s%proxy_system%.%domain%.conf*;
+}
diff --git a/install/debian/12/templates/web/nginx/private-force-https.tpl b/install/debian/12/templates/web/nginx/private-force-https.tpl
new file mode 100644
index 00000000..5a463370
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/private-force-https.tpl
@@ -0,0 +1,8 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    location / {
+        rewrite ^(.*) https://$host$1 permanent;
+    }
+include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+}
diff --git a/install/debian/12/templates/web/nginx/private-hosting.sh b/install/debian/12/templates/web/nginx/private-hosting.sh
new file mode 100755
index 00000000..abc9155d
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/private-hosting.sh
@@ -0,0 +1,11 @@
+#!/bin/bash
+# Changing public_html permission
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+chmod 755 $docroot
+
+exit 0
diff --git a/install/debian/12/templates/web/nginx/private-hosting.stpl b/install/debian/12/templates/web/nginx/private-hosting.stpl
new file mode 100644
index 00000000..fd9471bd
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/private-hosting.stpl
@@ -0,0 +1,41 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        auth_basic           "Restricted area";
+        auth_basic_user_file /etc/nginx/.htpasswd;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/snginx.%domain_idn%.conf*;
+}
+
diff --git a/install/debian/12/templates/web/nginx/private-hosting.tpl b/install/debian/12/templates/web/nginx/private-hosting.tpl
new file mode 100644
index 00000000..a8ee840e
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/private-hosting.tpl
@@ -0,0 +1,38 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        auth_basic           "Restricted area";
+        auth_basic_user_file /etc/nginx/.htpasswd;
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %docroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/nginx.%domain_idn%.conf*;
+}
+
diff --git a/install/debian/12/templates/web/nginx/proxy_ip.tpl b/install/debian/12/templates/web/nginx/proxy_ip.tpl
new file mode 100644
index 00000000..ae195617
--- /dev/null
+++ b/install/debian/12/templates/web/nginx/proxy_ip.tpl
@@ -0,0 +1,9 @@
+server {
+    listen       %ip%:%proxy_port% default;
+    server_name  _;
+    #access_log  /var/log/nginx/%ip%.log main;
+    location / {
+        proxy_pass  http://%ip%:%web_port%;
+   }
+}
+
diff --git a/install/debian/12/templates/web/php-fpm/default.tpl b/install/debian/12/templates/web/php-fpm/default.tpl
new file mode 100644
index 00000000..209e1e43
--- /dev/null
+++ b/install/debian/12/templates/web/php-fpm/default.tpl
@@ -0,0 +1,21 @@
+[%backend%]
+listen = 127.0.0.1:%backend_port%
+listen.allowed_clients = 127.0.0.1
+
+user = %user%
+group = %user%
+
+pm = ondemand
+pm.max_children = 4
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/%user%/tmp
+php_admin_value[session.save_path] = /home/%user%/tmp
+
+env[HOSTNAME] = $HOSTNAME
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/%user%/tmp
+env[TMPDIR] = /home/%user%/tmp
+env[TEMP] = /home/%user%/tmp
diff --git a/install/debian/12/templates/web/php-fpm/no-php.tpl b/install/debian/12/templates/web/php-fpm/no-php.tpl
new file mode 100644
index 00000000..047c33ed
--- /dev/null
+++ b/install/debian/12/templates/web/php-fpm/no-php.tpl
@@ -0,0 +1,20 @@
+;[%backend%]
+;listen = /dev/null
+
+;user = %user%
+;group = %user%
+
+;listen.owner = %user%
+;listen.group = www-data
+
+;pm = ondemand
+;pm.max_children = 4
+;pm.max_requests = 4000
+;pm.process_idle_timeout = 10s
+;pm.status_path = /status
+
+;env[HOSTNAME] = $HOSTNAME
+;env[PATH] = /usr/local/bin:/usr/bin:/bin
+;env[TMP] = /home/%user%/tmp
+;env[TMPDIR] = /home/%user%/tmp
+;env[TEMP] = /home/%user%/tmp
diff --git a/install/debian/12/templates/web/php-fpm/socket.tpl b/install/debian/12/templates/web/php-fpm/socket.tpl
new file mode 100644
index 00000000..a0151084
--- /dev/null
+++ b/install/debian/12/templates/web/php-fpm/socket.tpl
@@ -0,0 +1,24 @@
+[%backend%]
+listen = /var/run/php/%backend%.sock
+listen.allowed_clients = 127.0.0.1
+
+user = %user%
+group = %user%
+
+listen.owner = %user%
+listen.group = www-data
+
+pm = ondemand
+pm.max_children = 4
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/%user%/tmp
+php_admin_value[session.save_path] = /home/%user%/tmp
+
+env[HOSTNAME] = $HOSTNAME
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/%user%/tmp
+env[TMPDIR] = /home/%user%/tmp
+env[TEMP] = /home/%user%/tmp
diff --git a/install/debian/12/templates/web/skel/document_errors/403.html b/install/debian/12/templates/web/skel/document_errors/403.html
new file mode 100755
index 00000000..9c3f6baa
--- /dev/null
+++ b/install/debian/12/templates/web/skel/document_errors/403.html
@@ -0,0 +1,29 @@
+
+
+    403 — Forbidden
+    
+    
+    
+
+
+
+    %domain%
+
+    403
+    Forbidden
+    
+        Unfortunately, you do not have permission to view this
+    
+
+
+
diff --git a/install/debian/12/templates/web/skel/document_errors/404.html b/install/debian/12/templates/web/skel/document_errors/404.html
new file mode 100755
index 00000000..2cee7708
--- /dev/null
+++ b/install/debian/12/templates/web/skel/document_errors/404.html
@@ -0,0 +1,28 @@
+
+
+    404 — Not Found
+    
+    
+    
+
+
+
+    %domain%
+    404
+    Page Not Found
+    
+        It seems that the page you were trying to reach does not exist anymore, or maybe it has just moved.
+        You can start again from the home or go back to previous page.
+    
+
+
diff --git a/install/debian/12/templates/web/skel/document_errors/50x.html b/install/debian/12/templates/web/skel/document_errors/50x.html
new file mode 100755
index 00000000..85ba648b
--- /dev/null
+++ b/install/debian/12/templates/web/skel/document_errors/50x.html
@@ -0,0 +1,29 @@
+
+
+    500 — Internal Sever Error
+    
+    
+    
+
+
+
+    %domain%
+
+    500
+    Internal Server Error
+    
+        Sorry, something went wrong :(
+    
+
+
+
diff --git a/install/debian/12/templates/web/skel/public_html/index.html b/install/debian/12/templates/web/skel/public_html/index.html
new file mode 100755
index 00000000..c2895cf2
--- /dev/null
+++ b/install/debian/12/templates/web/skel/public_html/index.html
@@ -0,0 +1,26 @@
+
+
+    %domain% — Coming Soon
+    
+    
+    
+
+
+
+    %domain%
+    
+        Powered by myVesta
+    
+
+
+
+
diff --git a/install/debian/12/templates/web/skel/public_html/robots.txt b/install/debian/12/templates/web/skel/public_html/robots.txt
new file mode 100755
index 00000000..00ee83dc
--- /dev/null
+++ b/install/debian/12/templates/web/skel/public_html/robots.txt
@@ -0,0 +1,3 @@
+# vestacp autogenerated robots.txt
+User-agent: *
+Crawl-delay: 10
diff --git a/install/debian/12/templates/web/skel/public_shtml/index.html b/install/debian/12/templates/web/skel/public_shtml/index.html
new file mode 100755
index 00000000..c2895cf2
--- /dev/null
+++ b/install/debian/12/templates/web/skel/public_shtml/index.html
@@ -0,0 +1,26 @@
+
+
+    %domain% — Coming Soon
+    
+    
+    
+
+
+
+    %domain%
+    
+        Powered by myVesta
+    
+
+
+
+
diff --git a/install/debian/12/templates/web/skel/public_shtml/robots.txt b/install/debian/12/templates/web/skel/public_shtml/robots.txt
new file mode 100755
index 00000000..00ee83dc
--- /dev/null
+++ b/install/debian/12/templates/web/skel/public_shtml/robots.txt
@@ -0,0 +1,3 @@
+# vestacp autogenerated robots.txt
+User-agent: *
+Crawl-delay: 10
diff --git a/install/debian/12/templates/web/suspend/.htaccess b/install/debian/12/templates/web/suspend/.htaccess
new file mode 100755
index 00000000..5a6df83f
--- /dev/null
+++ b/install/debian/12/templates/web/suspend/.htaccess
@@ -0,0 +1,2 @@
+ErrorDocument 403 /index.html
+ErrorDocument 404 /index.html
diff --git a/install/debian/12/templates/web/suspend/index.html b/install/debian/12/templates/web/suspend/index.html
new file mode 100755
index 00000000..3815354d
--- /dev/null
+++ b/install/debian/12/templates/web/suspend/index.html
@@ -0,0 +1,25 @@
+
+
+    Website Suspended
+    
+    
+    
+
+
+    Temporary under construction
+    This website is temporary under construction.
+    
+        We will back again soon.
+    
+
+
diff --git a/install/debian/12/templates/web/webalizer/webalizer.tpl b/install/debian/12/templates/web/webalizer/webalizer.tpl
new file mode 100755
index 00000000..068adcfb
--- /dev/null
+++ b/install/debian/12/templates/web/webalizer/webalizer.tpl
@@ -0,0 +1,110 @@
+HostName         %domain_idn%
+LogFile          /var/log/%web_system%/domains/%domain%.log
+OutputDir        %home%/%user%/web/%domain%/stats
+HistoryName      %home%/%user%/web/%domain%/stats/%domain%.hist
+Incremental      yes
+IncrementalName  %home%/%user%/web/%domain%/stats/%domain%.current
+PageType         htm*
+PageType         cgi
+PageType         php
+PageType         shtml
+DNSCache         /var/lib/webalizer/dns_cache.db
+DNSChildren      10
+Quiet            yes
+FoldSeqErr       yes
+IndexAlias       index.php
+HideURL          *.gif
+HideURL          *.GIF
+HideURL          *.jpg
+HideURL          *.JPG
+HideURL          *.png
+HideURL          *.PNG
+HideURL          *.ra
+SearchEngine     abcsearch.          terms=
+SearchEngine     alexa.              q=
+SearchEngine     alltheweb.          q=
+SearchEngine     alltheweb.          query=
+SearchEngine     alot.               q=
+SearchEngine     altavista.          q=
+SearchEngine     aolsearch.          query=
+SearchEngine     aport.ru            r=
+SearchEngine     ask.                q=
+SearchEngine     atlas.cz            q=
+SearchEngine     bbc.                q=
+SearchEngine     bing.               q=
+SearchEngine     blingo.             q=
+SearchEngine     blogs.yandex.ru     text=
+SearchEngine     btopenworld         query=
+SearchEngine     buscador.ya.com     q=
+SearchEngine     busca.              q=
+SearchEngine     business.           query=
+SearchEngine     centrum.cz          q=
+SearchEngine     chiff.              q=
+SearchEngine     clusty.             query=
+SearchEngine     comcast.            q=
+SearchEngine     crawler.            q=
+SearchEngine     cuil.               q=
+SearchEngine     dmoz.               search=
+SearchEngine     dogpile.com         q=
+SearchEngine     dpxml               qkw=
+SearchEngine     eureka.             searchword=
+SearchEngine     euroseek.           string=
+SearchEngine     exalead.            q=
+SearchEngine     excite              search=
+SearchEngine     ezilon.             q=
+SearchEngine     fastbrowsersearch.  q=
+SearchEngine     feedster.com        q=
+SearchEngine     fireball.de         q=
+SearchEngine     fireball.           keyword=
+SearchEngine     freeserve.          q=
+SearchEngine     gigablast.          q=
+SearchEngine     gogo.ru             q=
+SearchEngine     go.mail.ru          q=
+SearchEngine     google.             q=
+SearchEngine     hakia.              q=
+SearchEngine     hotbot.             query=
+SearchEngine     infoseek.           qt=
+SearchEngine     iwon                searchfor=
+SearchEngine     ixquick.com         query=
+SearchEngine     joeant.             keywords=
+SearchEngine     jyxo.cz             s=
+SearchEngine     looksmart.          key=
+SearchEngine     lycos.              query=
+SearchEngine     mamma.              q=
+SearchEngine     metacrawler         q=
+SearchEngine     msn.                MT=
+SearchEngine     msxml               qkw=
+SearchEngine     mysearch.           searchfor=
+SearchEngine     mywebsearch.        searchfor=
+SearchEngine     netscape.           q=
+SearchEngine     nigma.ru            q=
+SearchEngine     northernlight.      qr=
+SearchEngine     ntlworld.           q=
+SearchEngine     orange.             q=
+SearchEngine     overture.           Keywords=
+SearchEngine     punto.ru            text=
+SearchEngine     rambler.            keyword=
+SearchEngine     search.aol.         q=
+SearchEngine     search.babylon.     q=
+SearchEngine     search.centrum.     phrase=
+SearchEngine     search.conduit.     q=
+SearchEngine     search.earthlink    q=
+SearchEngine     search.icq.         q=
+SearchEngine     search.live.com     q=
+SearchEngine     search.rambler.ru   words=
+SearchEngine     search.winamp.      q=
+SearchEngine     searchy.            q=
+SearchEngine     seznam.cz           w=
+SearchEngine     snap.               query=
+SearchEngine     teoma.              q=
+SearchEngine     teradex.com         q=
+SearchEngine     ukplus              key=
+SearchEngine     verizon.            q=
+SearchEngine     virginmedia.        q=
+SearchEngine     voila.              rdata=
+SearchEngine     webcrawler          searchText=
+SearchEngine     web.search.naver.   query=
+SearchEngine     wisenut             q=
+SearchEngine     yahoo.              p=
+SearchEngine     yandex.             text=
+SearchEngine     yodao.              q=
diff --git a/install/debian/12/vsftpd/vsftpd.conf b/install/debian/12/vsftpd/vsftpd.conf
new file mode 100644
index 00000000..1ca1a992
--- /dev/null
+++ b/install/debian/12/vsftpd/vsftpd.conf
@@ -0,0 +1,26 @@
+anonymous_enable=NO
+local_enable=YES
+write_enable=YES
+local_umask=022
+anon_umask=022
+anon_upload_enable=NO
+dirmessage_enable=YES
+xferlog_enable=YES
+connect_from_port_20=YES
+xferlog_std_format=YES
+dual_log_enable=YES
+chroot_local_user=YES
+listen=YES
+pam_service_name=vsftpd
+userlist_enable=NO
+tcp_wrappers=YES
+force_dot_files=YES
+ascii_upload_enable=YES
+ascii_download_enable=YES
+#allow_writable_chroot=YES
+allow_writeable_chroot=YES
+seccomp_sandbox=NO
+pasv_enable=YES
+pasv_max_port=12100
+pasv_min_port=12000
+use_localtime=YES
diff --git a/src/deb/vesta_compile.sh b/src/deb/vesta_compile.sh
index c8308d7f..8b1bd1f1 100644
--- a/src/deb/vesta_compile.sh
+++ b/src/deb/vesta_compile.sh
@@ -7,8 +7,8 @@
 build_deb_package=1
 add_deb_to_apt_repo=0
 
-TARGET_DEB_NAME='bullseye'
-TARGET_DEB_VER='11'
+TARGET_DEB_NAME='bookworm'
+TARGET_DEB_VER='12'
 
 run_apt_update_and_install=1
 wait_to_press_enter=1
@@ -31,8 +31,8 @@ fi
 
 MAINTAINER_EMAIL='info@myvestacp.com'
 
-TARGET_DEB_NAME_MAIN='bullseye'
-TARGET_DEB_VER_MAIN='11'
+TARGET_DEB_NAME_MAIN='bookworm'
+TARGET_DEB_VER_MAIN='12'
 
 # Set compiling directory
 BUILD_DIR="/usr/src/$TARGET_DEB_NAME"
@@ -67,8 +67,12 @@ PHP_V='5.6.40'
 # Generate Links for sourcecode
 NGINX='https://nginx.org/download/nginx-'$NGINX_V'.tar.gz'
 OPENSSL='https://www.openssl.org/source/openssl-'$OPENSSL_V'.tar.gz'
-PCRE='https://ftp.pcre.org/pub/pcre/pcre-'$PCRE_V'.tar.gz'
-ZLIB='https://www.zlib.net/zlib-'$ZLIB_V'.tar.gz'
+# PRCE got moved to sourceforce.net
+# PRCE2 in the feature use 
+# PCRE='https://github.com/PCRE2Project/pcre2/releases/download/pcre2-'$PCRE_V'/pcre2-'$PCRE_V'.tar.gz'
+PCRE='https://sourceforge.net/projects/pcre/files/pcre/'$PCRE_V'/pcre-'$PCRE_V'.tar.gz/download'
+# Zlib moved archives to Github
+ZLIB='https://github.com/madler/zlib/archive/refs/tags/v'$ZLIB_V'.tar.gz'
 PHP='http://de2.php.net/distributions/php-'$PHP_V'.tar.gz'
 
 # Set package dependencies for compiling
@@ -409,6 +413,34 @@ if [ "$CWEB_B" = true ]; then
   tar -czf dovecot.tar.gz dovecot/
   echo "=== All done for Debian11"
   ##########
+  cd $PATH_OF_C_WEB_FOLDER_ROOT/debian/12
+  
+  if [ -f "packages.tar.gz" ]; then
+    rm packages.tar.gz
+  fi
+  tar -czf packages.tar.gz packages/
+  
+  if [ -f "templates.tar.gz" ]; then
+    rm templates.tar.gz
+  fi
+  tar -czf templates.tar.gz templates/
+  
+  if [ -f "firewall.tar.gz" ]; then
+    rm firewall.tar.gz
+  fi
+  tar -czf firewall.tar.gz firewall/
+  
+  if [ -f "fail2ban.tar.gz" ]; then
+    rm fail2ban.tar.gz
+  fi
+  tar -czf fail2ban.tar.gz fail2ban/
+  
+  if [ -f "dovecot.tar.gz" ]; then
+    rm dovecot.tar.gz
+  fi
+  tar -czf dovecot.tar.gz dovecot/
+  echo "=== All done for Debian12"
+  ##########
   
   cp /root/vesta/install/vst-install-debian.sh $PATH_OF_C_WEB_FOLDER_ROOT/vst-install-debian.sh
 

From bae14b2180653d68435cb886d14fa6ff92db4b60 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Sat, 10 Jun 2023 17:25:51 +0200
Subject: [PATCH 1938/2300] Frontend UI performance fix

---
 web/css/styles.fix.css             | 10 ++++-----
 web/js/fix.js                      | 35 +++++-------------------------
 web/templates/admin/list_user.html | 31 +++++++++++++++++++++++++-
 web/templates/admin/panel.html     |  3 +++
 web/templates/header.html          |  2 +-
 web/templates/scripts.html         |  4 ++--
 6 files changed, 46 insertions(+), 39 deletions(-)

diff --git a/web/css/styles.fix.css b/web/css/styles.fix.css
index b00d7365..dd7ead5b 100644
--- a/web/css/styles.fix.css
+++ b/web/css/styles.fix.css
@@ -20,13 +20,13 @@ b, strong {
   z-index: 100;
   top: unset;
   bottom: 30px;
-  right: 85px;
+  right: 285px;
 }
 .to-shortcuts {
   z-index: 100;
   top: unset;
   bottom: 30px;
-  right: 130px;
+  right: 330px;
 }
 .shortcuts {
   right: calc(50% - 400px);
@@ -676,7 +676,7 @@ b, strong {
 }
 .l-content > .l-center {
   margin-left: 200px;
-  margin-right: 40px;
+  margin-right: 240px;
 }
 .l-content > .l-center:first-child {
   margin-left: 0;
@@ -696,7 +696,7 @@ b, strong {
   /*overflow-scrolling: auto;*/
   z-index: 98;
   top: 50px;
-  right: -200px;
+  right: 0px;
   background: #fff;
   word-break: break-word;
   overflow: hidden;
@@ -800,7 +800,7 @@ b, strong {
   /*overflow-scrolling: auto;*/
   z-index: 98;
   top: 380px;
-  right: -200px;
+  right: 0px;
   background: #fff;
   word-break: break-word;
   overflow-y: scroll;
diff --git a/web/js/fix.js b/web/js/fix.js
index 24842fed..2a87abc4 100644
--- a/web/js/fix.js
+++ b/web/js/fix.js
@@ -86,31 +86,6 @@ function checkCookie() {
 // }
 // var randomnumber=getRandomInt(100000000);
 var iohtml = '\n' +
-    '        \n' +
-    '          \n' +
-    '            myVesta\n' +
-    '            website\n' +
-    '          \n' +
-    '          \n' +
-    '            Forum\n' +
-    '            Ask the questions on our forum\n' +
-    '          \n' +
-    '          \n' +
-    '            Git\n' +
-    '            Become our code contributor\n' +
-    '          \n' +
-    '          \n' +
-    '            Donate\n' +
-    '            Buy us a coffe\n' +
-    '          \n' +
-    '          \n' +
-    '            Wiki\n' +
-    '            Find solution in our documentation\n' +
-    '          \n' +
-    '        \n' +
-    '        \n' +
-    '          \n' +
-    '        \n' +
     '      ';
 
 $(document).ready(function(){
@@ -118,25 +93,25 @@ $(document).ready(function(){
     $(".io-log2").css("top", sys_height+50);
     setTimeout(function() {
         iolog = getCookie("iolog");
-        //console.log('cookie: "'+iolog+'"');
+        /* //console.log('cookie: "'+iolog+'"');
         if (iolog === '1') {
             showIoLog(0);
             return 1;
-        }
+        }*/
         if (iolog === '0') {
             //setCookie("iolog", 0, 365);
             hideIoLog(0);
             return 0;
         }
-        if (iolog == '') {
+        /*if (iolog == '') {
             //console.log('cookie is empty');
             //setCookie("iolog", 1, 365);
             showIoLog(0);
             return '';
-        }
+        }*/
     }, 1);
 
-    if (GLOBAL.CURRENT_USER_FINAL == 'admin') $(".body-user .l-content > .l-center.units").first().prepend( iohtml );
+    //if (GLOBAL.CURRENT_USER_FINAL == 'admin') $(".body-user .l-content > .l-center.units").first().prepend( iohtml );
 
     $(".io-log").on("click", function() {
         var showlog=checkCookie();
diff --git a/web/templates/admin/list_user.html b/web/templates/admin/list_user.html
index 1e5a67cc..dacd71e3 100644
--- a/web/templates/admin/list_user.html
+++ b/web/templates/admin/list_user.html
@@ -62,8 +62,37 @@
     
 
     
-      
+        
+            
+              
+                myVesta
+                website
+              
+              
+                Forum
+                Ask the questions on our forum
+              
+              
+                Git
+                Become our code contributor
+              
+              
+                Donate
+                Buy us a coffe
+              
+              
+                Wiki
+                Find solution in our documentation
+              
+            
+            
+              
+            
+        
+      ';
         }
         if (isset($changelog)) {
diff --git a/web/templates/admin/panel.html b/web/templates/admin/panel.html
index 4c1fdaf7..d204671a 100644
--- a/web/templates/admin/panel.html
+++ b/web/templates/admin/panel.html
@@ -128,6 +128,9 @@ $debian_ver=file_get_contents('/etc/debian_version');
             Build date: 

             Debian  

         
+        
+            Need emergency help?
+        
       
       
     
diff --git a/web/templates/header.html b/web/templates/header.html
index a4bd95cc..57273c59 100644
--- a/web/templates/header.html
+++ b/web/templates/header.html
@@ -9,7 +9,7 @@
   
   
   
-  
+  
   
   
   
-  
+  
 
   
@@ -165,7 +167,7 @@ foreach ($data as $key => $value) {
   
   
   
-  
+  
 
   
   
   
diff --git a/web/templates/user/panel.html b/web/templates/user/panel.html
index 3f55f306..8ac8ea51 100644
--- a/web/templates/user/panel.html
+++ b/web/templates/user/panel.html
@@ -124,5 +124,9 @@ $debian_ver=file_get_contents('/etc/debian_version');
       
       
     
+
+    
     
     

From 83e24f738aade71913de56a39ada38ed184297d2 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 12 Jun 2023 00:03:27 +0200
Subject: [PATCH 1943/2300] Update list_backup_detail.html

---
 web/templates/admin/list_backup_detail.html | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/web/templates/admin/list_backup_detail.html b/web/templates/admin/list_backup_detail.html
index 30e41642..0280900f 100644
--- a/web/templates/admin/list_backup_detail.html
+++ b/web/templates/admin/list_backup_detail.html
@@ -6,7 +6,7 @@ input[type="checkbox"] {
 
 


 
-    
+    
       
         
         
@@ -34,7 +34,7 @@ input[type="checkbox"] {
     
 
 
-    
+    
     
         
       :

From 83649defc92cc1d3d6ee81c6ef2dbbd2b9d7e814 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 12 Jun 2023 00:11:44 +0200
Subject: [PATCH 1944/2300] deleting styles.fix.css it's merged with
 styles.min.css

---
 web/css/styles.fix.css | 1026 ----------------------------------------
 1 file changed, 1026 deletions(-)
 delete mode 100644 web/css/styles.fix.css

diff --git a/web/css/styles.fix.css b/web/css/styles.fix.css
deleted file mode 100644
index fae5492f..00000000
--- a/web/css/styles.fix.css
+++ /dev/null
@@ -1,1026 +0,0 @@
-body {
-  background: #f0f3f5;
-  color: #58666f;
-  font-family: 'Source Sans Pro', sans-serif;
-}
-b, strong {
-  color: #58666f;
-}
-.l-percent {
-  border-bottom: none;
-  margin-top: 1px;
-  width: 200px;
-  background: #e4eaed;
-}
-.l-percent__fill {
-  background-color: #2ac34e;
-  bottom: 0;
-}
-.to-top {
-  z-index: 100;
-  top: unset;
-  bottom: 30px;
-  right: 285px;
-}
-.to-shortcuts {
-  z-index: 100;
-  top: unset;
-  bottom: 30px;
-  right: 330px;
-}
-.shortcuts {
-  right: calc(50% - 400px);
-  bottom: calc(50% - 213px);
-}
-.l-separator {
-  display: none;
-}
-.l-header {
-  position: fixed;
-  width: calc(100% - 40px);
-  z-index: 99;
-  background: #fff;
-  box-shadow: 0 2px 2px rgba(0, 0, 0, 0.05), 0 1px 0 rgba(0, 0, 0, 0.05);
-  color: #58666f;
-  height: 50px;
-  padding: 0 20px;
-  margin-bottom: unset;
-}
-.l-header a {
-  color: #58666f;
-  font-size: 14px;
-}
-.l-header a:hover {
-  color: #58666f;
-}
-.l-header .l-center {
-  max-width: none !important;
-}
-.l-header .l-center .l-logo {
-  background-position: -65px -182px;
-  /* background-position: -125px -478px; */
-  background-repeat: no-repeat;
-  display: block;
-  height: 40px;
-  margin-top: 0;
-  width: 80px;
-  /* width: 42px; */
-  margin-left: 0;
-  background-size: 235px 325px;
-  position: relative;
-  top: 5px;
-  left: 0;
-  float: left;
-  padding-right: 20px;
-}
-.l-header .l-center .l-menu {
-  position: unset;
-  margin-left: unset;
-}
-.l-header .l-center .l-menu .l-menu__item a {
-  line-height: 50px;
-  padding: 0 18px;
-  display: inline-block;
-}
-.l-header .l-center .l-menu .l-menu__item a:hover {
-  background-color: rgba(0, 0, 0, 0.05);
-}
-.l-header .l-center .l-menu .l-menu__item a:active {
-  background-color: rgba(0, 0, 0, 0.05);
-}
-.l-header .l-center .l-menu .l-menu__item.l-menu__item--active a {
-  color: unset;
-  font-size: unset;
-  font-weight: unset;
-  text-transform: unset;
-  background-color: rgba(0, 0, 0, 0.05);
-}
-.l-header .l-center .l-profile .l-profile__notifications {
-  margin-top: 13px;
-}
-.l-header .l-center .l-profile .l-profile__notifications:hover {
-  background-color: rgba(0, 0, 0, 0.05);
-}
-.l-header .l-center .l-profile .l-profile__username {
-  padding: 15px 0 0 10px;
-}
-.l-header .l-center .l-profile .l-profile__logout {
-  padding: 15px 0 0 10px;
-}
-.l-header > .l-center {
-  margin-left: 200px;
-}
-.l-content {
-  position: relative;
-  top: 50px;
-}
-.l-content + div {
-  right: 100px !important;
-  top: unset !important;
-  bottom: 40px !important;
-}
-.l-content + div div {
-  background-color: #e4eaed !important;
-  padding: 10px;
-  border-radius: 5px;
-}
-.l-content .l-center {
-  max-width: none !important;
-}
-.l-content .l-center .l-stat {
-  display: block;
-  position: fixed;
-  z-index: 100;
-  padding-top: 0 !important;
-  width: 200px;
-  height: 100%;
-  top: 0;
-  margin-top: 0;
-  background: #1c2b35;
-  overflow-y: scroll;
-  scrollbar-width: thin;
-  /* Firefox */
-  -ms-overflow-style: scrollbar;
-  /* Internet Explorer 10+ */
-  /* width */
-}
-.l-content .l-center .l-stat::-webkit-scrollbar {
-  display: block;
-  width: 7px;
-  /* Track */
-}
-.l-content .l-center .l-stat::-webkit-scrollbar-track {
-  background: rgba(255, 255, 255, 0);
-  /* Handle */
-}
-.l-content .l-center .l-stat::-webkit-scrollbar-thumb {
-  background: rgba(255, 255, 255, 0.15);
-}
-.l-content .l-center .l-stat:hover {
-  /* Handle on hover */
-}
-.l-content .l-center .l-stat:hover::-webkit-scrollbar-thumb {
-  background: rgba(255, 255, 255, 0.4);
-}
-.l-content .l-center .l-stat .l-stat__col--active ul {
-    display: block !important;
-}
-.l-content .l-center .l-stat .l-stat__col--active {
-  background: #131e27;
-}
-.l-content .l-center .l-stat .l-stat__col--active a {
-  border-bottom: 2px solid #131e27;
-}
-.l-content .l-center .l-stat .l-stat__col--active a .l-stat__col-title {
-  background: #16232d;
-  color: white !important;
-  font-size: 20px;
-  font-weight: 400;
-  margin-top: unset;
-  letter-spacing: unset;
-  margin-right: unset;
-}
-.l-content .l-center .l-stat .l-stat__col--active span {
-    display: none;
-}
-.l-content .l-center .l-stat .focus {
-  background: #5e5e5e;
-}
-.l-content .l-center .l-stat .focus a {
-  border-bottom: 2px solid #131e27;
-}
-.l-content .l-center .l-stat .focus a ul li {
-  color: #c2e5ff !important;
-}
-.l-content .l-center .l-stat .focus a .l-stat__col-title {
-  background: #5e5e5e;
-  color: #c4d0d8;
-  font-size: 20px;
-  font-weight: 400;
-  margin-top: unset;
-  letter-spacing: unset;
-  margin-right: unset;
-}
-.l-content .l-center .l-stat .l-stat__col {
-  display: block;
-  float: unset;
-}
-.l-content .l-center .l-stat .l-stat__col:hover .l-stat__col-title {
-  color: #fff;
-}
-.l-content .l-center .l-stat .l-stat__col:hover .l-stat__col-title:after {
-  color: #fff;
-}
-.l-content .l-center .l-stat .l-stat__col a {
-  height: unset !important;
-  min-height: unset !important;
-  display: block;
-  width: unset;
-  border-bottom: 2px solid #131e27;
-  background-color: transparent;
-  padding-left: unset;
-  padding-bottom: 10px;
-  padding-top: unset;
-  margin-top: unset;
-}
-.l-content .l-center .l-stat .l-stat__col a .l-stat__col-title {
-  min-height: unset !important;
-  color: #869fb2;
-  font-size: 20px;
-  font-weight: 400;
-  padding: 15px 15px 15px 20px;
-  margin-bottom: 0;
-  margin-top: 0 !important;
-}
-.l-content .l-center .l-stat .l-stat__col a .l-stat__col-title:after {
-  font-family: 'Font Awesome 5 Free';
-  font-weight: bold;
-  content: "\f054";
-  float: right;
-  font-size: 10px;
-  color: #5c798f;
-  margin-top: 8px;
-  margin-right: 26px;
-}
-.l-content .l-center .l-stat .l-stat__col a .l-stat__col-title:before {
-  font-family: 'Font Awesome 5 Free';
-  font-weight: bold;
-  content: "\f233";
-  padding-right: 10px;
-  font-size: 17px;
-}
-
-.l-content .l-center .l-stat .l-stat__col--active a .l-stat__col-title:after {
-    margin-right: 26px;
-}
-
-.l-content .l-center .l-stat .l-stat__col a ul {
-  margin: 0;
-  display: none;
-}
-.l-content .l-center .l-stat .l-stat__col a ul li {
-  color: #92adc2;
-  margin-bottom: unset;
-  padding: 10px 20px 10px 20px;
-  font-size: 14px;
-}
-.l-content .l-center .l-stat .l-stat__col a ul li span {
-  float: right;
-  padding: 3px 5px 4px 5px;
-  font-size: 13px;
-  color: #fff;
-  background-color: #27c54e;
-  font-weight: 700;
-  text-shadow: 0 1px 0 rgba(0, 0, 0, 0.2);
-  display: inline-block;
-  min-width: 10px;
-  line-height: 1;
-  text-align: center;
-  white-space: nowrap;
-  vertical-align: baseline;
-  border-radius: 0.25em;
-  left: 133px;
-}
-.l-content .l-center .l-stat .l-stat__col a ul li:first-child span {
-  float: right;
-  padding: 3px 5px 4px 5px;
-  font-size: 13px;
-  color: #fff;
-  background-color: #34b5dd;
-  font-weight: 700;
-  text-shadow: 0 1px 0 rgba(0, 0, 0, 0.2);
-  display: inline-block;
-  min-width: 10px;
-  line-height: 1;
-  text-align: center;
-  white-space: nowrap;
-  vertical-align: baseline;
-  border-radius: 10px;
-}
-.l-content .l-center .l-stat .l-stat__col a ul li:before {
-  font-family: 'Font Awesome 5 Free';
-  font-weight: bold;
-  content: "\f03a";
-  padding-right: 15px;
-}
-.l-content .l-center .l-stat .l-stat__col:nth-of-type(1) a .l-stat__col-title:before {
-  content: "\f500";
-}
-.l-content .l-center .l-stat .l-stat__col:nth-of-type(1) a ul li:nth-of-type(1):before {
-  content: "\f0a0";
-}
-.l-content .l-center .l-stat .l-stat__col:nth-of-type(1) a ul li:nth-of-type(2):before {
-  content: "\f75b";
-}
-.l-content .l-center .l-stat .l-stat__col:nth-of-type(1) a ul li:nth-of-type(3):before {
-  content: "\f05e";
-}
-.l-content .l-center .l-stat .l-stat__col:nth-of-type(2) a .l-stat__col-title:before {
-  content: "\f233";
-}
-.l-content .l-center .l-stat .l-stat__col:nth-of-type(2) a ul li:nth-of-type(1):before {
-  content: "\f0ac";
-}
-.l-content .l-center .l-stat .l-stat__col:nth-of-type(2) a ul li:nth-of-type(2):before {
-  content: "\f0c5";
-}
-.l-content .l-center .l-stat .l-stat__col:nth-of-type(2) a ul li:nth-of-type(3):before {
-  content: "\f05e";
-}
-.l-content .l-center .l-stat .l-stat__col:nth-of-type(3) a .l-stat__col-title:before {
-  content: "\f6ff";
-}
-.l-content .l-center .l-stat .l-stat__col:nth-of-type(3) a ul li:nth-of-type(1):before {
-  content: "\f0ac";
-}
-.l-content .l-center .l-stat .l-stat__col:nth-of-type(3) a ul li:nth-of-type(2):before {
-  content: "\f303";
-}
-.l-content .l-center .l-stat .l-stat__col:nth-of-type(3) a ul li:nth-of-type(3):before {
-  content: "\f05e";
-}
-.l-content .l-center .l-stat .l-stat__col:nth-of-type(4) a .l-stat__col-title:before {
-  content: "\f674";
-}
-.l-content .l-center .l-stat .l-stat__col:nth-of-type(4) a ul li:nth-of-type(1):before {
-  content: "\f0ac";
-}
-.l-content .l-center .l-stat .l-stat__col:nth-of-type(4) a ul li:nth-of-type(2):before {
-  content: "\f2bb";
-}
-.l-content .l-center .l-stat .l-stat__col:nth-of-type(4) a ul li:nth-of-type(3):before {
-  content: "\f05e";
-}
-.l-content .l-center .l-stat .l-stat__col:nth-of-type(5) a .l-stat__col-title:before {
-  content: "\f1c0";
-}
-.l-content .l-center .l-stat .l-stat__col:nth-of-type(5) a ul li:nth-of-type(1):before {
-  content: "\f1c0";
-}
-.l-content .l-center .l-stat .l-stat__col:nth-of-type(5) a ul li:nth-of-type(2):before {
-  content: "\f05e";
-}
-.l-content .l-center .l-stat .l-stat__col:nth-of-type(5) a ul li:nth-of-type(3):before {
-  content: "\f05e";
-}
-.l-content .l-center .l-stat .l-stat__col:nth-of-type(6) a .l-stat__col-title:before {
-  content: "\f120";
-}
-.l-content .l-center .l-stat .l-stat__col:nth-of-type(6) a ul li:nth-of-type(1):before {
-  content: "\f120";
-}
-.l-content .l-center .l-stat .l-stat__col:nth-of-type(6) a ul li:nth-of-type(2):before {
-  content: "\f05e";
-}
-.l-content .l-center .l-stat .l-stat__col:nth-of-type(6) a ul li:nth-of-type(3):before {
-  content: "\f05e";
-}
-.l-content .l-center .l-stat .l-stat__col:nth-of-type(7) a .l-stat__col-title:before {
-  content: "\f019";
-}
-.l-content .l-center .l-stat .l-stat__col:nth-of-type(7) a ul li:nth-of-type(1):before {
-  content: "\f019";
-}
-.l-content .l-center .l-stat .l-stat__col:nth-of-type(7) a ul li:nth-of-type(2):before {
-  content: "\f05e";
-}
-.l-content .l-center .l-stat .l-stat__col:nth-of-type(7) a ul li:nth-of-type(3):before {
-  content: "\f05e";
-}
-.l-content .l-center .l-sort {
-  padding: 0 20px;
-  position: relative;
-  z-index: 98;
-  width: auto;
-  margin-top: unset !important;
-  background-color: #f6f8f8;
-  border-bottom: 1px solid #dee5e8;
-  margin-bottom: 30px;
-}
-.l-content .l-center .l-sort .l-sort__create-btn {
-  bottom: -20px;
-}
-.l-content .l-center .l-sort .context-menu {
-  top: 77px;
-}
-.l-content .l-center .l-sort .l-sort-toolbar {
-  padding: 24px 0 22px 0;
-  color: #98a6ac;
-}
-.l-content .l-center .l-sort .l-sort-toolbar .l-select {
-  border-radius: 3px 0 0 3px;
-  background: #fff;
-  border: 1px solid #dee5e8;
-}
-.l-content .l-center .l-sort .l-sort-toolbar .l-sort-toolbar__filter-apply {
-  border-radius: 0 3px 3px 0;
-}
-.l-content .l-center .l-sort .l-sort-toolbar table tbody tr .l-sort-toolbar__search-box form .search-input {
-  border-radius: 3px 0 0 3px;
-  border: 1px solid #dee5e8;
-}
-.l-content .l-center .l-sort .l-sort-toolbar table tbody tr .l-sort-toolbar__search-box form .l-sort-toolbar__search {
-  border-radius: 0 3px 3px 0;
-}
-.l-content .l-center .l-sort .l-sort-toolbar table tbody tr .sort-by {
-  padding-left: 30px;
-}
-.l-content .l-center .l-unit {
-  padding: 0 0 0 15px;
-  overflow: hidden;
-  margin: 0px 20px 20px 20px;
-  background: #fff;
-  border-radius: 3px;
-  border-bottom: none !important;
-  border-left: none !important;
-  color: #98a6ac;
-  font-size: 14px;
-}
-.l-content .l-center .l-unit.selected {
-  background-color: #e4eaed;
-}
-.l-content .l-center .l-unit--suspended {
-  background-color: #eaeaea !important;
-}
-.l-content .l-center .l-unit.selected .l-percent {
-  border-bottom: none;
-  margin-top: 1px;
-  width: 200px;
-  background: #cbd3d7;
-}
-.l-content .l-center .l-unit .l-unit-toolbar .l-unit-toolbar__col.l-unit-toolbar__col--right {
-  position: relative;
-  top: 20px;
-  right: 20px;
-  display: block;
-}
-.l-content .l-center .l-unit .l-unit-toolbar .l-unit-toolbar__col.l-unit-toolbar__col--right .actions-panel__col {
-  margin-left: 10px;
-  border-radius: 3px;
-  overflow: hidden;
-  border-right: none;
-  background-color: #dde6e8;
-}
-.l-content .l-center .l-unit .l-unit-toolbar .l-unit-toolbar__col.l-unit-toolbar__col--right .actions-panel__col a {
-  font-weight: 500;
-}
-.l-content .l-center .l-unit .l-unit-toolbar .l-unit-toolbar__col .check-label:before {
-  z-index: 97;
-}
-.l-content .l-center .l-unit .l-unit__col .l-unit__name {
-  color: #34b5dd;
-  font-weight: 500;
-  font-size: 24px;
-  margin-bottom: unset;
-}
-.l-content .l-center .l-unit .l-unit__col .l-unit__ip {
-  font-size: 18px;
-}
-.l-content .l-center .l-unit .l-unit__col .l-unit__date {
-  letter-spacing: unset;
-  display: inline-block;
-  border-bottom: solid 10px #ffeb0087;
-  line-height: 3px;
-  padding: 0 0px;
-  margin-bottom: 30px;
-  font-weight: 400;
-  font-size: 16px;
-}
-.l-content .l-center .l-unit .l-unit__col .l-unit__stats td {
-  height: 27px;
-}
-.l-content .l-center .io-box {
-  overflow: hidden;
-  margin: 20px 20px 0px 20px;
-  color: #98a6ac;
-}
-.l-content .l-center .io-box .io-box-left {
-  float: left;
-  width: calc(100% - 800px);
-  /*min-width: 283px;*/
-  text-align: center;
-}
-.l-content .l-center .io-box .io-box-left .io-box-left-items {
-  float: left;
-  width: calc(50% - 20px);
-  height: 137px;
-  margin-right: 20px;
-  margin-bottom: 20px;
-  background: #fff;
-  border-radius: 3px;
-  min-width: 125px;
-}
-.l-content .l-center .io-box .io-box-left .io-box-left-items a {
-  display: block;
-  font-size: 36px;
-  font-weight: 300;
-  margin-top: 32px;
-}
-.l-content .l-center .io-box .io-box-left .io-1-homepage-block {
-  color: #98a6ac;
-}
-.l-content .l-center .io-box .io-box-left .io-1-homepage-block a {
-  color: #34b5dd;
-}
-.l-content .l-center .io-box .io-box-left .io-2-homepage-block {
-  color: #b4efc2;
-  background-color: #27c54e;
-}
-.l-content .l-center .io-box .io-box-left .io-2-homepage-block a {
-  color: #ecfff1;
-}
-.l-content .l-center .io-box .io-box-left .io-3-homepage-block {
-  color: #b0e1f1;
-  background-color: #34b5dd;
-}
-.l-content .l-center .io-box .io-box-left .io-3-homepage-block a {
-  color: #dcf2f8;
-}
-.l-content .l-center .io-box .io-box-left .io-4-homepage-block {
-  color: #98a6ac;
-}
-.l-content .l-center .io-box .io-box-left .io-4-homepage-block a {
-  color: #58666f;
-}
-.l-content .l-center .io-box .io-box-left .io-1-homepage-block span {
-  padding: 5px;
-}
-.l-content .l-center .io-box .io-box-left .io-2-homepage-block span {
-  padding: 5px;
-}
-.l-content .l-center .io-box .io-box-left .io-3-homepage-block span {
-  padding: 5px;
-}
-.l-content .l-center .io-box .io-box-left .io-4-homepage-block span {
-  padding: 5px;
-}
-.l-content .l-center .io-box .io-box-left .io-5-homepage-block span {
-  padding: 5px;
-}
-
-.l-content .l-center .io-box .io-box-left .io-5-homepage-block {
-  width: calc(100% - 20px);
-  color: #98a6ac;
-  background: #e4eaed;
-}
-.l-content .l-center .io-box .io-box-left .io-5-homepage-block a {
-  color: #27c54e;
-}
-.l-content .l-center .io-box .io-box-left .io-5-homepage-block:before {
-  font-family: 'Font Awesome 5 Free';
-  font-weight: bold;
-  font-size: 32px;
-  background: #dde6e8;
-  height: 121px;
-  width: 115px;
-  line-height: 90px;
-  content: "\f581";
-  color: #fff;
-  float: left;
-  border-radius: 5px 0 0 5px;
-  padding-top: 16px;
-}
-.l-content .l-center .io-box .io-box-right {
-  float: right;
-  width: 800px;
-  background: #fff;
-  height: 450px;
-  overflow: hidden;
-  border-radius: 3px;
-  text-align: center;
-}
-.l-content .l-center .io-box .io-box-right img {
-  margin-top: 8px;
-  width: 767px;
-  height: 433px;
-  position: relative;
-}
-.l-content .l-center .l-unit-ft {
-  padding: 0 0 37px 15px;
-  overflow: hidden;
-  margin: 0px 20px 19px 20px;
-  background: #e4eaed;
-  border-radius: 3px;
-  border-bottom: none !important;
-  border-left: none !important;
-  position: relative;
-  color: #a6b0b4;
-  font-weight: bold;
-  text-transform: uppercase;
-  font-size: 11px;
-}
-.l-content .l-center .l-unit-ft:before {
-  font-family: "Font Awesome 5 Free";
-  font-weight: bold;
-  font-size: 32px;
-  background: #dde6e8;
-  height: 100%;
-  width: 90px;
-  line-height: 108px;
-  content: "\f05a";
-  color: #fff;
-  float: left;
-  border-radius: 5px 0 0 5px;
-  position: absolute;
-  left: 0;
-  text-align: center;
-}
-.l-content .l-center .l-unit-ft .data {
-  margin: 0 0 50px 0;
-}
-.l-content .l-center #vstobjects {
-  padding: 0 0 0 15px;
-  overflow: hidden;
-  margin: 0px 20px 20px 20px;
-  background: #fff;
-  border-radius: 3px;
-  border-bottom: none !important;
-  border-left: none !important;
-  color: #98a6ac;
-  font-size: 14px;
-}
-.l-content .l-center #vstobjects .data-date {
-  color: #98A6AC;
-  letter-spacing: unset;
-  display: inline-block;
-  border-bottom: solid 10px #ffeb0087;
-  line-height: 3px;
-  padding: 0 0px;
-  margin-bottom: 30px;
-  font-weight: 400;
-  font-size: 16px;
-}
-.l-content .l-center .vst-text.step-top.helper-container {
-  margin-bottom: unset;
-  margin-top: 0;
-  float: unset;
-  height: auto;
-  width: auto;
-}
-.l-content .l-center .vst-text.step-top.helper-container #tabs.cron-helper-tabs {
-  padding: 0 0 0 15px;
-  overflow: hidden;
-  margin: 0 20px 20px 20px;
-  background: #fff;
-  border-radius: 3px;
-  border-bottom: none !important;
-  border-left: none !important;
-  color: #98a6ac;
-  font-size: 14px;
-  border: none !important;
-}
-.l-content > .units.l-center::before {
-  content: '';
-  display: block;
-  height: 0;
-}
-.l-content > .l-center {
-  margin-left: 200px;
-  margin-right: 240px;
-}
-.l-content > .l-center:first-child {
-  margin-left: 0;
-}
-.l-content #vstobjects > .l-center {
-  margin-left: 200px;
-  margin-right: 240px;
-  padding-top: 0;
-  padding-bottom: 1px;
-}
-
-.l-content .right_sidebar {
-  width: 240px;
-  position: fixed;
-  display: block;
-  /*overflow-scrolling: auto;*/
-  z-index: 98;
-  top: 50px;
-  right: 0px;
-  box-sizing: border-box;
-  height: 100%;
-  background: #fff;
-}
-.l-content .io-log {
-  color: #58666f;
-  border-left: 1px solid #dee5e8;
-  width: 240px;
-  position: relative;
-  display: block;
-  /*overflow-scrolling: auto;*/
-  z-index: 99;
-  top: 0px;
-  right: 0px;
-  background: #fff;
-  word-break: break-word;
-  overflow: hidden;
-  border-right: 8px solid #e3e3e3;
-  box-sizing: border-box;
-}
-.l-content .io-log::-webkit-scrollbar {
-  width: 7px;
-  /* Track */
-}
-.l-content .io-log::-webkit-scrollbar-track {
-  background: rgba(255, 255, 255, 0);
-  /* Handle */
-}
-.l-content .io-log::-webkit-scrollbar-thumb {
-  background: rgba(0, 0, 0, 0.15);
-  border-radius: 7px;
-  /* Handle on hover */
-}
-.l-content .io-log::-webkit-scrollbar-thumb:hover {
-  background: rgba(0, 0, 0, 0.4);
-  border-radius: 7px;
-}
-.l-content .io-log > * {
-  margin: 0 20px;
-}
-.l-content .io-log h2 {
-  margin: 0 0 20px 0;
-  padding-left: 20px;
-  font-size: 24px;
-  font-weight: 300;
-  line-height: 60px;
-  color: #98a6ac;
-  border-bottom: 1px solid #dee5e8;
-  cursor: pointer;
-}
-.l-content .io-log h2:before {
-  font-family: "Font Awesome 5 Free";
-  font-weight: bold;
-  content: "\f15c";
-  padding-right: 10px;
-  font-size: 17px;
-}
-.l-content .io-log > div {
-  /* border-left: solid 1px #dee5e8; */
-  padding-left: 15px;
-  position: relative;
-  margin-left: 25px;
-}
-.l-content .io-log > div > div {
-  position: relative;
-  margin-bottom: 25px;
-}
-.l-content .io-log > div > div > div:nth-of-type(2) {
-  color: #98a6ac;
-  font-size: 13px;
-  margin-bottom: 5px;
-}
-.l-content .io-log > div > div > div:nth-of-type(3) {
-  color: #98a6ac;
-  font-size: 13px;
-  margin-bottom: 5px;
-}
-.l-content .io-log > div > div:before {
-  content: '';
-  position: absolute;
-  height: 100%;
-  width: 7px;
-  border-radius: 10px;
-  border: solid 1px #dee5e8;
-  background: #e0fff9;
-  left: -20px;
-}
-.l-content .io-log > div > div:first-child(1n):before {
-  background: #e0fff9;
-}
-.l-content .io-log > div > div:nth-child(2n):before {
-  background: #fbffe0;
-}
-.l-content .io-log > div > div:nth-child(3n):before {
-  background: #fbffe0;
-}
-.l-content .io-log > div > div:nth-child(4n):before {
-  background: #fbffe0;
-}
-.l-content .io-log > div > div:nth-child(5n):before {
-  background: #fbffe0;
-}
-
-.l-content .io-log2 {
-  color: #58666f;
-  border-left: 1px solid #dee5e8;
-  border-top: 1px solid #cecece;
-  width: 240px;
-  position: relative;
-  height: 100%;
-  display: block;
-  /*overflow-scrolling: auto;*/
-  z-index: 99;
-  top: 0px;
-  right: 0px;
-  background: #fff;
-  word-break: break-word;
-  overflow-y: scroll;
-  scrollbar-width: thin;
-  box-sizing: border-box;
-}
-.l-content .io-log2::-webkit-scrollbar {
-  width: 7px;
-  /* Track */
-}
-.l-content .io-log2::-webkit-scrollbar-track {
-  background: rgba(255, 255, 255, 0);
-  /* Handle */
-}
-.l-content .io-log2::-webkit-scrollbar-thumb {
-  background: rgba(0, 0, 0, 0.15);
-  border-radius: 7px;
-  /* Handle on hover */
-}
-.l-content .io-log2::-webkit-scrollbar-thumb:hover {
-  background: rgba(0, 0, 0, 0.4);
-  border-radius: 7px;
-}
-.l-content .io-log2 > * {
-  margin: 0 20px;
-}
-.l-content .io-log2 h2 {
-  margin: 0 0 20px 0;
-  padding-left: 20px;
-  font-size: 24px;
-  font-weight: 300;
-  line-height: 60px;
-  color: #98a6ac;
-  border-bottom: 1px solid #dee5e8;
-  cursor: pointer;
-}
-.l-content .io-log2 h2:before {
-  font-family: "Font Awesome 5 Free";
-  font-weight: bold;
-  content: "\f15c";
-  padding-right: 10px;
-  font-size: 17px;
-}
-.l-content .io-log2 > div {
-  border-left: solid 1px #dee5e8;
-  padding-left: 15px;
-  position: relative;
-  margin-left: 25px;
-}
-.l-content .io-log2 > div > div {
-  position: relative;
-  margin-bottom: 25px;
-}
-.l-content .io-log2 > div > div > div:nth-of-type(2) {
-  color: #98a6ac;
-  font-size: 12px;
-  margin-bottom: 5px;
-}
-.l-content .io-log2 > div > div:before {
-  content: '';
-  position: absolute;
-  height: 100%;
-  width: 7px;
-  border-radius: 10px;
-  border: solid 1px #dee5e8;
-  background: #fff;
-  left: -20px;
-}
-.l-content .io-log2 > div > div:nth-child(2n):before {
-  border: solid 1px #27c54e;
-}
-.l-content .io-log2 > div > div:nth-child(3n):before {
-  border: solid 1px #27bbc5;
-}
-.l-content .io-log2 > div > div:nth-child(4n):before {
-  border: solid 1px #275bc5;
-}
-.l-content .io-log2 > div > div:nth-child(5n):before {
-  border: solid 1px #ffcc00;
-}
-
-
-#tooltip {
-  background-color: #34b5dd;
-}
-.l-sort__create-btn.edit:hover #tooltip {
-  background-color: #49c8ef;
-}
-.l-sort__create-btn.edit:active #tooltip {
-  background-color: #00d8ff !important;
-}
-.l-sort__create-btn:active #tooltip {
-  background-color: #00d8ff;
-}
-.body-login, .body-reset {
-  background-color: #f0f3f5;
-}
-.body-login .login, .body-reset .login {
-  font-family: Arial, Helvetica, sans-serif;
-  border: 1px solid #e7ecee;
-  border-radius: 10px;
-  overflow: hidden;
-  position: relative;
-  padding: 35px 35px 10px 35px;
-  display: block;
-  width: 420px;
-  box-shadow: 0 2px 2px rgba(0, 0, 0, 0.05), 0 1px 0 rgba(0, 0, 0, 0.05);
-}
-.body-login .login > tbody > tr > td > table > tbody > tr:nth-of-type(1) > td:nth-of-type(1), .body-reset .login > tbody > tr > td > table > tbody > tr:nth-of-type(1) > td:nth-of-type(1) {
-  position: absolute;
-  text-align: center;
-  width: calc(100% - 46px);
-}
-/*
-.body-login .login > tbody > tr > td > table > tbody > tr:nth-of-type(1) > td:nth-of-type(1) a, .body-reset .login > tbody > tr > td > table > tbody > tr:nth-of-type(1) > td:nth-of-type(1) a {
-  background-image: url(/images/sprite.png?1446554103);
-  background-position: -65px -182px;
-  background-repeat: no-repeat;
-  display: inline-block;
-  height: 40px;
-  margin-top: 0;
-  width: 80px;
-  margin-left: 0;
-  background-size: 235px 325px;
-  position: relative;
-}
-*/
-/*
-.body-login .login > tbody > tr > td > table > tbody > tr:nth-of-type(1) > td:nth-of-type(1) a img, .body-reset .login > tbody > tr > td > table > tbody > tr:nth-of-type(1) > td:nth-of-type(1) a img {
-  display: none;
-}
-*/
-.body-login .login > tbody > tr > td > table > tbody > tr:nth-of-type(1) > td:nth-of-type(2), .body-reset .login > tbody > tr > td > table > tbody > tr:nth-of-type(1) > td:nth-of-type(2) {
-  position: relative;
-  padding: 65px 0 0 0 !important;
-}
-.body-login .login > tbody > tr > td > table > tbody > tr:nth-of-type(1) > td:nth-of-type(2) .vst-input, .body-reset .login > tbody > tr > td > table > tbody > tr:nth-of-type(1) > td:nth-of-type(2) .vst-input {
-  padding: 5px 10px;
-  margin: 0;
-  width: 320px !important;
-  margin-top: 7px;
-  border-radius: 3px;
-  border: solid 1px #d3d9e2;
-}
-.body-login .login > tbody > tr > td > table > tbody > tr:nth-of-type(1) > td:nth-of-type(2) .button, .body-reset .login > tbody > tr > td > table > tbody > tr:nth-of-type(1) > td:nth-of-type(2) .button, .body-login .login > tbody > tr > td > table > tbody > tr:nth-of-type(1) > td:nth-of-type(2) .button:hover, .body-reset .login > tbody > tr > td > table > tbody > tr:nth-of-type(1) > td:nth-of-type(2) .button:hover, .body-login .login > tbody > tr > td > table > tbody > tr:nth-of-type(1) > td:nth-of-type(2) .button:active, .body-reset .login > tbody > tr > td > table > tbody > tr:nth-of-type(1) > td:nth-of-type(2) .button:active {
-  width: 100% !important;
-  border: 1px solid #27c54e;
-  background-color: #27c54e;
-  color: #f4f3f9;
-  margin-bottom: 20px;
-}
-.body-login .login > tbody > tr > td > table > tbody > tr:nth-of-type(2) .login-bottom, .body-reset .login > tbody > tr > td > table > tbody > tr:nth-of-type(2) .login-bottom {
-  width: auto;
-  text-align: center;
-  padding-bottom: unset;
-  padding: 0;
-}
-.body-login .login-box .vst-advanced, .body-reset .login-box .vst-advanced {
-  color: #34b5dd;
-}
-.body-web-log .l-header > .l-center {
-  margin-left: 0;
-}
-.l-stat__col span {
-    padding: 4px 0;
-    font-size: 15px;
-    position: fixed;
-    display: inline-block;
-    left: 159px;
-}
-.l-sort__create-btn2 {
-    background-image: url("/images/sprite.png?1446554103");
-    background-position: -331px -107px;
-    background-repeat: no-repeat;
-    display: inline-block;
-    height: 45px;
-    width: 45px;
-}
-/*
-.ui-resizable-handle {
-    background-color: #333 !important;
-}
-*/
-/*
-div.ui-dialog div {
-    background-color: #333 !important;
-}
-*/
-div.ui-dialog > div {
-    background-color: #333 !important;
-}
-div.ui-dialog > div div {
-    background-color: #333 !important;
-}
-/*
-div.ui-dialog > div > div {
-    background-color: #333 !important;
-}
-div.ui-dialog + div {
-    background-color: #333 !important;
-}
-div.ui-dialog + div div{
-    background-color: #333 !important;
-}
-*/
-/*
-.ui-dialog-titlebar {
-    background-color: #333 !important;
-}
-.ui-dialog-buttonpane {
-    background-color: #333 !important;
-}
-*/

From 83acec3ec1b757045a45a3912dc7d66b79320c84 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 12 Jun 2023 10:04:56 +0200
Subject: [PATCH 1945/2300] UI performance fix 4

---
 web/css/styles.min.css                        |  6 ++-
 web/inc/main.php                              |  2 +-
 web/js/init.js                                |  6 ++-
 web/templates/admin/list_backup.html          |  2 +-
 web/templates/admin/list_backup_detail.html   |  2 +-
 .../admin/list_backup_exclusions.html         |  2 +-
 web/templates/admin/list_cron.html            |  2 +-
 web/templates/admin/list_db.html              |  2 +-
 web/templates/admin/list_dns.html             |  2 +-
 web/templates/admin/list_dns_rec.html         |  2 +-
 web/templates/admin/list_firewall.html        |  2 +-
 .../admin/list_firewall_banlist.html          |  2 +-
 web/templates/admin/list_ip.html              |  2 +-
 web/templates/admin/list_mail.html            |  2 +-
 web/templates/admin/list_mail_acc.html        |  2 +-
 web/templates/admin/list_packages.html        |  2 +-
 web/templates/admin/list_services.html        |  2 +-
 web/templates/admin/list_user.html            |  5 +-
 web/templates/admin/list_web.html             |  2 +-
 web/templates/header.html                     |  2 +-
 web/templates/user/list_cron.html             |  2 +-
 web/templates/user/list_db.html               |  2 +-
 web/templates/user/list_dns.html              | 52 ++++++++++++++-----
 web/templates/user/list_dns_rec.html          |  2 +-
 web/templates/user/list_mail.html             |  2 +-
 web/templates/user/list_mail_acc.html         |  2 +-
 web/templates/user/list_user.html             |  6 +--
 web/templates/user/list_web.html              |  2 +-
 28 files changed, 75 insertions(+), 46 deletions(-)

diff --git a/web/css/styles.min.css b/web/css/styles.min.css
index 04306929..b3636cf2 100644
--- a/web/css/styles.min.css
+++ b/web/css/styles.min.css
@@ -4089,8 +4089,12 @@ b, strong {
 
 
 #tooltip {
-  background-color: #34b5dd;
+  background-color: #3AB5DD;
 }
+#tooltip:hover {
+  background-color: #1ca2cc;
+}
+
 .l-sort__create-btn.edit:hover #tooltip {
   background-color: #49c8ef;
 }
diff --git a/web/inc/main.php b/web/inc/main.php
index 880b962d..34483025 100644
--- a/web/inc/main.php
+++ b/web/inc/main.php
@@ -8,7 +8,7 @@ if (file_exists("/usr/local/vesta/web/inc/switch_to_vesta_port") && isset($_SERV
 session_start();
 
 define('VESTA_CMD', '/usr/bin/sudo /usr/local/vesta/bin/');
-define('JS_LATEST_UPDATE', '1491697869');
+define('JS_LATEST_UPDATE', '1491697870');
 
 $i = 0;
 
diff --git a/web/js/init.js b/web/js/init.js
index 4da9422f..06ecc750 100644
--- a/web/js/init.js
+++ b/web/js/init.js
@@ -31,10 +31,11 @@ $(document).ready(function(){
             });
 
 
+            /*
             // CREATE BUTTON
             if ($(".l-sort__create-btn").length>0) {
-                $(".l-sort__create-btn").append("");
-                $(".l-sort__create-btn").append(""+$('.l-sort__create-btn').attr('title').replace(' ',' ')+"");
+                //$(".l-sort__create-btn").append("");
+                //$(".l-sort__create-btn").append(""+$('.l-sort__create-btn').attr('title').replace(' ',' ')+"");
                 $('.l-sort__create-btn').hover(function(){
                     $("#tooltip").css('background-color', '#1ca2cc');
                 }, function() {
@@ -43,6 +44,7 @@ $(document).ready(function(){
                       //$("#tooltip").remove();
                 });
             }
+            */
               
             // SEARCH BOX
                 
diff --git a/web/templates/admin/list_backup.html b/web/templates/admin/list_backup.html
index 87876cde..0ed5dd18 100644
--- a/web/templates/admin/list_backup.html
+++ b/web/templates/admin/list_backup.html
@@ -1,6 +1,6 @@
     
       
-        
+        

         
           
diff --git a/web/templates/admin/list_backup_detail.html b/web/templates/admin/list_backup_detail.html
index 0280900f..289d9b2f 100644
--- a/web/templates/admin/list_backup_detail.html
+++ b/web/templates/admin/list_backup_detail.html
@@ -8,7 +8,7 @@ input[type="checkbox"] {
 
       
-        
+        

         
           

             
     
diff --git a/web/templates/admin/list_backup_exclusions.html b/web/templates/admin/list_backup_exclusions.html
index efaaa450..2093278f 100644
--- a/web/templates/admin/list_backup_exclusions.html
+++ b/web/templates/admin/list_backup_exclusions.html
@@ -1,6 +1,6 @@
     
       
-        
+        

         
           

             
diff --git a/web/templates/admin/list_cron.html b/web/templates/admin/list_cron.html
index 4bea20c0..e6bec6b6 100644
--- a/web/templates/admin/list_cron.html
+++ b/web/templates/admin/list_cron.html
@@ -1,6 +1,6 @@
     
       
-        
+        

         
            
            
diff --git a/web/templates/admin/list_db.html b/web/templates/admin/list_db.html
index cdcac786..72d2a92c 100644
--- a/web/templates/admin/list_db.html
+++ b/web/templates/admin/list_db.html
@@ -1,6 +1,6 @@
     
       
-        
+        

         
            
            
diff --git a/web/templates/admin/list_dns.html b/web/templates/admin/list_dns.html
index 5ce29219..57a0d57e 100644
--- a/web/templates/admin/list_dns.html
+++ b/web/templates/admin/list_dns.html
@@ -1,6 +1,6 @@
     
       
-        
+        

         
            
            
diff --git a/web/templates/admin/list_dns_rec.html b/web/templates/admin/list_dns_rec.html
index f84b504f..e42e4f63 100644
--- a/web/templates/admin/list_dns_rec.html
+++ b/web/templates/admin/list_dns_rec.html
@@ -1,6 +1,6 @@
     
       
-        
+        

         
           

             
diff --git a/web/templates/admin/list_firewall.html b/web/templates/admin/list_firewall.html
index a12c9daf..23402a2b 100644
--- a/web/templates/admin/list_firewall.html
+++ b/web/templates/admin/list_firewall.html
@@ -1,6 +1,6 @@
     
       
-        
+        

         
            
            
diff --git a/web/templates/admin/list_firewall_banlist.html b/web/templates/admin/list_firewall_banlist.html
index e5119856..72153940 100644
--- a/web/templates/admin/list_firewall_banlist.html
+++ b/web/templates/admin/list_firewall_banlist.html
@@ -1,6 +1,6 @@
     
       
-        
+        

 
         
           

             
diff --git a/web/templates/admin/list_ip.html b/web/templates/admin/list_ip.html
index 7da9fa2c..006fa74d 100644
--- a/web/templates/admin/list_ip.html
+++ b/web/templates/admin/list_ip.html
@@ -1,6 +1,6 @@
     
       
-        
+        

         
            
            
diff --git a/web/templates/admin/list_mail.html b/web/templates/admin/list_mail.html
index 6bd27cca..13cfa491 100644
--- a/web/templates/admin/list_mail.html
+++ b/web/templates/admin/list_mail.html
@@ -1,6 +1,6 @@
     
       
-        
+        

         
            
            
diff --git a/web/templates/admin/list_mail_acc.html b/web/templates/admin/list_mail_acc.html
index 13495ff6..adfc51c6 100644
--- a/web/templates/admin/list_mail_acc.html
+++ b/web/templates/admin/list_mail_acc.html
@@ -1,6 +1,6 @@
     
       
-        
+        

         
            
            
diff --git a/web/templates/admin/list_packages.html b/web/templates/admin/list_packages.html
index 65a09e4b..6b09a440 100644
--- a/web/templates/admin/list_packages.html
+++ b/web/templates/admin/list_packages.html
@@ -1,6 +1,6 @@
     
       
-        
+        

         
            
            
diff --git a/web/templates/admin/list_services.html b/web/templates/admin/list_services.html
index 45d6b18a..c1f91953 100644
--- a/web/templates/admin/list_services.html
+++ b/web/templates/admin/list_services.html
@@ -1,6 +1,6 @@
     
       
-        
+        

 
         
           

diff --git a/web/templates/admin/list_user.html b/web/templates/admin/list_user.html
index dacd71e3..066513ee 100644
--- a/web/templates/admin/list_user.html
+++ b/web/templates/admin/list_user.html
@@ -4,7 +4,7 @@
           if ($user != 'admin') {
             //echo '';
           //} else {
-            echo '';
+            echo '
'.__('Add Web Domain').'';
           }
         ?>
         
@@ -93,7 +93,8 @@
             
         
       ';
+            //echo '';
+            echo '
'.__('Add User').'';
         }
         if (isset($changelog)) {
           echo "

".__("What's new:")."

".$changelog."
".__("This only admin see after myVesta upgrade, and will dissapear on next refresh.")." ".__("If you missed an update, see our previous")." ".__("change logs").".
".__("Check out our")." ".__("new site, forum and knowledge base").".

";
diff --git a/web/templates/admin/list_web.html b/web/templates/admin/list_web.html
index 72fe1454..5bb2d868 100644
--- a/web/templates/admin/list_web.html
+++ b/web/templates/admin/list_web.html
@@ -1,6 +1,6 @@
     
       
-        
+        

         
            
            
diff --git a/web/templates/header.html b/web/templates/header.html
index 36cf6cdf..848f9a64 100644
--- a/web/templates/header.html
+++ b/web/templates/header.html
@@ -4,7 +4,7 @@
   
   
   myVesta - <?=__($TAB)?>
-  
+  
   
   
   
diff --git a/web/templates/user/list_cron.html b/web/templates/user/list_cron.html
index 1a80dfb4..567b219d 100644
--- a/web/templates/user/list_cron.html
+++ b/web/templates/user/list_cron.html
@@ -1,6 +1,6 @@
     
       
-        
+        

         
            
            
diff --git a/web/templates/user/list_db.html b/web/templates/user/list_db.html
index 63972dba..ae976640 100644
--- a/web/templates/user/list_db.html
+++ b/web/templates/user/list_db.html
@@ -1,6 +1,6 @@
     
       
-        
+        

         
            
            
diff --git a/web/templates/user/list_dns.html b/web/templates/user/list_dns.html
index 36093660..82719b03 100644
--- a/web/templates/user/list_dns.html
+++ b/web/templates/user/list_dns.html
@@ -1,6 +1,6 @@
     
       
-        
+        

         
            
            
@@ -98,28 +98,28 @@ sort-expire="" sort-records="
             
           
-          
+          
           
             
           
+
         
         
         
-          
+          
              ⇢ ".$data[$key]['SRC']."    ";  if($data[$key]['RECORDS']) echo '/ '.$data[$key]['RECORDS'].'';?>
           
-          
-            .', $data[$key]['IP'])?>
-          
+          
           
 
           
             

+               
+               
+                
+                
+                
-              
+
+
+              
                
                 
-                  
-                    
-                    
+                  
+                    .', $data[$key]['IP'])?>
                   
                 
                 
@@ -138,18 +138,44 @@ sort-expire="" sort-records="
                   
                 

+                  
+                    
+                  
+                
+                  
+                    :
+                    
+                      
+                    
+                  
+                
+
+                  
+                    :
+                    
+                      
+                    
+                  
+                
               

             
           
           
@@ -157,7 +183,7 @@ sort-expire="" sort-records="
       
       
-      
+      
       
       
 
diff --git a/web/templates/user/list_dns_rec.html b/web/templates/user/list_dns_rec.html
index 0b62187f..61a8c3ce 100644
--- a/web/templates/user/list_dns_rec.html
+++ b/web/templates/user/list_dns_rec.html
@@ -1,6 +1,6 @@
     
       
-        
+        

         
           
diff --git a/web/templates/user/list_mail.html b/web/templates/user/list_mail.html
index 40284380..1284d095 100644
--- a/web/templates/user/list_mail.html
+++ b/web/templates/user/list_mail.html
@@ -1,6 +1,6 @@
     
       
-        
+        

         
            
            
diff --git a/web/templates/user/list_mail_acc.html b/web/templates/user/list_mail_acc.html
index 8c5ef567..74c71155 100644
--- a/web/templates/user/list_mail_acc.html
+++ b/web/templates/user/list_mail_acc.html
@@ -1,6 +1,6 @@
     
       
-        
+        

         
            
            
diff --git a/web/templates/user/list_user.html b/web/templates/user/list_user.html
index 5fbd287d..e2e0da30 100644
--- a/web/templates/user/list_user.html
+++ b/web/templates/user/list_user.html
@@ -1,11 +1,7 @@
     
       
         ';
-          } else {
-            echo '';
-          }
+            echo '
'.__('Add Web Domain').'';
         ?>
         
            
diff --git a/web/templates/user/list_web.html b/web/templates/user/list_web.html
index 7b4a9db0..41e57687 100644
--- a/web/templates/user/list_web.html
+++ b/web/templates/user/list_web.html
@@ -1,6 +1,6 @@
     
       
-        
+        

         
            
            

From db6360922f5e934fcd621169d6c9a5d69e904382 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Mon, 12 Jun 2023 15:38:39 +0200
Subject: [PATCH 1946/2300] UI performance fix 5

---
 web/inc/main.php                            |  2 +-
 web/js/fix.js                               | 19 ++++--------------
 web/templates/admin/list_backup_detail.html | 20 ++++++++++++-------
 web/templates/admin/panel.html              |  6 ++++--
 web/templates/header.html                   | 22 ++++++++++++++++++++-
 web/templates/right.html                    | 19 +++++++-----------
 web/templates/scripts.html                  |  2 +-
 web/templates/user/panel.html               |  4 ++--
 8 files changed, 53 insertions(+), 41 deletions(-)

diff --git a/web/inc/main.php b/web/inc/main.php
index 34483025..26df863e 100644
--- a/web/inc/main.php
+++ b/web/inc/main.php
@@ -8,7 +8,7 @@ if (file_exists("/usr/local/vesta/web/inc/switch_to_vesta_port") && isset($_SERV
 session_start();
 
 define('VESTA_CMD', '/usr/bin/sudo /usr/local/vesta/bin/');
-define('JS_LATEST_UPDATE', '1491697870');
+define('JS_LATEST_UPDATE', '1491697871');
 
 $i = 0;
 
diff --git a/web/js/fix.js b/web/js/fix.js
index e1bdbb34..aaf0fa05 100644
--- a/web/js/fix.js
+++ b/web/js/fix.js
@@ -54,15 +54,13 @@ function hideIoLog(animate){
         $(".to-top").css("right", 85);
         $(".to-shortcuts").css("right", 130);
         $(".right_sidebar").css("right", -200);
-        //$(".io-log2").css("right", -200);
-        $("#myvesta_float").css("margin-right", 100);
+        //$("#myvesta_float").css("margin-right", 100);
     } else {
         $(".l-content .l-center").animate({"margin-right": 40});
         $(".to-top").animate({"right": 85});
         $(".to-shortcuts").animate({"right": 130});
         $(".right_sidebar").animate({"right": -200});
-        //$(".io-log2").animate({"right": -200});
-        $("#myvesta_float").animate({"margin-right": 100});
+        //$("#myvesta_float").animate({"margin-right": 100});
     }
 }
 
@@ -91,25 +89,16 @@ var iohtml = '\n' +
 $(document).ready(function(){
     //var sys_height=$(".io-log").height();
     //$(".io-log2").css("top", sys_height+50);
+    /*
     setTimeout(function() {
         iolog = getCookie("iolog");
-        /* //console.log('cookie: "'+iolog+'"');
-        if (iolog === '1') {
-            showIoLog(0);
-            return 1;
-        }*/
         if (iolog === '0') {
             //setCookie("iolog", 0, 365);
             hideIoLog(0);
             return 0;
         }
-        /*if (iolog == '') {
-            //console.log('cookie is empty');
-            //setCookie("iolog", 1, 365);
-            showIoLog(0);
-            return '';
-        }*/
     }, 1);
+    */
 
     //if (GLOBAL.CURRENT_USER_FINAL == 'admin') $(".body-user .l-content > .l-center.units").first().prepend( iohtml );
 
diff --git a/web/templates/admin/list_backup_detail.html b/web/templates/admin/list_backup_detail.html
index 289d9b2f..0d583536 100644
--- a/web/templates/admin/list_backup_detail.html
+++ b/web/templates/admin/list_backup_detail.html
@@ -3,6 +3,12 @@ input[type="checkbox"] {
   display: block;
   margin-top: 26px;
 }
+
+.backup-items {
+    background-color: #f8f8f8;
+    margin: 10px 33px;
+    border-radius: 10px;
+}
 
 


 
@@ -48,7 +54,7 @@ input[type="checkbox"] {
             ++$i;
       ?>
 
-      
+      
         
           
             
@@ -99,7 +105,7 @@ input[type="checkbox"] {
           if (!empty($key)) {
       ?>
 
-      
+      
         
           
             
@@ -147,7 +153,7 @@ input[type="checkbox"] {
           if (!empty($key)) {
       ?>
 
-      
+      
         
           
             
@@ -194,7 +200,7 @@ input[type="checkbox"] {
           if (!empty($key)) {
       ?>
 
-      
+      
         
           
             
@@ -242,7 +248,7 @@ input[type="checkbox"] {
           if (!empty($key)) {
       ?>
 
-      
+      
         
           
             
@@ -290,7 +296,7 @@ input[type="checkbox"] {
           if (!empty($key)) {
       ?>
 
-      
+      
         
           
             
@@ -329,7 +335,7 @@ input[type="checkbox"] {
       
       
 
-      
+      
         
           
             
diff --git a/web/templates/admin/panel.html b/web/templates/admin/panel.html
index 7eb5bab1..c181903b 100644
--- a/web/templates/admin/panel.html
+++ b/web/templates/admin/panel.html
@@ -1,8 +1,8 @@
   
-  
+  
     
   
-  
+  
     
   
 
@@ -129,9 +129,11 @@ $debian_ver=file_get_contents('/etc/debian_version');
             Build date: 

             Debian  

         
+        
       
       
     
diff --git a/web/templates/header.html b/web/templates/header.html
index 848f9a64..810657d8 100644
--- a/web/templates/header.html
+++ b/web/templates/header.html
@@ -16,6 +16,23 @@
     
     var GLOBAL = {};
     GLOBAL.FTP_USER_PREFIX  = 'admin_';
@@ -23,8 +40,11 @@
     GLOBAL.DB_DBNAME_PREFIX = 'admin_';
     GLOBAL.CURRENT_USER = '';
     GLOBAL.CURRENT_USER_LOOK = '';
-    GLOBAL.CURRENT_USER_FINAL = '';
+    GLOBAL.CURRENT_USER_FINAL = '';
     GLOBAL.AJAX_URL = '';
   
+  
 
 
diff --git a/web/templates/right.html b/web/templates/right.html
index 2a699668..88e1f5f0 100644
--- a/web/templates/right.html
+++ b/web/templates/right.html
@@ -1,20 +1,15 @@
-
-
-
+
 
   
     
   
     
 
 
             
@@ -80,7 +75,7 @@
       
 
  $value) {
diff --git a/web/templates/scripts.html b/web/templates/scripts.html
index 8082dc93..b1d58e3d 100644
--- a/web/templates/scripts.html
+++ b/web/templates/scripts.html
@@ -8,7 +8,7 @@
   
   
   
-  
+  
 
   
+
+
+

             
+
+    
+    
+
+ 
+        
+    
+    
+
+
diff --git a/install/debian/13/templates/web/nginx/caching.sh b/install/debian/13/templates/web/nginx/caching.sh
new file mode 100644
index 00000000..09d8efe7
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/caching.sh
@@ -0,0 +1,19 @@
+#!/bin/bash
+
+user=$1
+domain=$2
+ip=$3
+home=$4
+docroot=$5
+
+str="proxy_cache_path /var/cache/nginx/$domain levels=2" 
+str="$str keys_zone=$domain:10m inactive=60m max_size=512m;" 
+conf='/etc/nginx/conf.d/01_caching_pool.conf'
+if [ -e "$conf" ]; then
+    if [ -z "$(grep "=${domain}:" $conf)" ]; then
+        echo "$str" >> $conf
+    fi
+else
+    echo "$str" >> $conf
+fi
+
diff --git a/install/debian/13/templates/web/nginx/caching.stpl b/install/debian/13/templates/web/nginx/caching.stpl
new file mode 100644
index 00000000..f5c9740f
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/caching.stpl
@@ -0,0 +1,44 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+
+        proxy_cache cache;
+        proxy_cache_valid 15m;
+        proxy_cache_valid 404 1m;
+        proxy_no_cache $no_cache;
+        proxy_cache_bypass $no_cache;
+        proxy_cache_bypass $cookie_session $http_x_update;
+
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            proxy_cache    off;
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/caching.tpl b/install/debian/13/templates/web/nginx/caching.tpl
new file mode 100644
index 00000000..73de28d5
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/caching.tpl
@@ -0,0 +1,42 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      http://%ip%:%web_port%;
+
+        proxy_cache cache;
+        proxy_cache_valid 15m;
+        proxy_cache_valid 404 1m;
+        proxy_no_cache $no_cache;
+        proxy_cache_bypass $no_cache;
+        proxy_cache_bypass $cookie_session $http_x_update;
+
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            proxy_cache    off;
+            root           %docroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/force-https-legacy.stpl b/install/debian/13/templates/web/nginx/force-https-legacy.stpl
new file mode 100644
index 00000000..8e636db3
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/force-https-legacy.stpl
@@ -0,0 +1,40 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl;
+    http2 on;
+    server_name %domain_idn% %alias_idn%;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+    include %home%/%user%/conf/web/s%proxy_system%.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/force-https-legacy.tpl b/install/debian/13/templates/web/nginx/force-https-legacy.tpl
new file mode 100644
index 00000000..5a463370
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/force-https-legacy.tpl
@@ -0,0 +1,8 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    location / {
+        rewrite ^(.*) https://$host$1 permanent;
+    }
+include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+}
diff --git a/install/debian/13/templates/web/nginx/force-https-public.stpl b/install/debian/13/templates/web/nginx/force-https-public.stpl
new file mode 100644
index 00000000..a7609b13
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/force-https-public.stpl
@@ -0,0 +1,40 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl;
+    http2 on;
+    server_name %domain_idn% %alias_idn%;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%/public;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%/public;
+
+    include %home%/%user%/conf/web/snginx.%domain_idn%.conf*;
+}
+
diff --git a/install/debian/13/templates/web/nginx/force-https-public.tpl b/install/debian/13/templates/web/nginx/force-https-public.tpl
new file mode 100644
index 00000000..5a463370
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/force-https-public.tpl
@@ -0,0 +1,8 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    location / {
+        rewrite ^(.*) https://$host$1 permanent;
+    }
+include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+}
diff --git a/install/debian/13/templates/web/nginx/force-https-webmail-phpmyadmin.stpl b/install/debian/13/templates/web/nginx/force-https-webmail-phpmyadmin.stpl
new file mode 100644
index 00000000..2db9a06e
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/force-https-webmail-phpmyadmin.stpl
@@ -0,0 +1,64 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl;
+    http2 on;
+    server_name %domain_idn% %alias_idn%;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /webmail {
+        disable_symlinks off;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           /var/lib/roundcube;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /phpmyadmin {
+        disable_symlinks off;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           /usr/share;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/install/debian/13/templates/web/nginx/force-https-webmail-phpmyadmin.tpl b/install/debian/13/templates/web/nginx/force-https-webmail-phpmyadmin.tpl
new file mode 100644
index 00000000..5a463370
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/force-https-webmail-phpmyadmin.tpl
@@ -0,0 +1,8 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    location / {
+        rewrite ^(.*) https://$host$1 permanent;
+    }
+include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+}
diff --git a/install/debian/13/templates/web/nginx/force-https.stpl b/install/debian/13/templates/web/nginx/force-https.stpl
new file mode 100644
index 00000000..55f41002
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/force-https.stpl
@@ -0,0 +1,40 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl;
+    http2 on;
+    server_name %domain_idn% %alias_idn%;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+    include %home%/%user%/conf/web/s%proxy_system%.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/force-https.tpl b/install/debian/13/templates/web/nginx/force-https.tpl
new file mode 100644
index 00000000..5a463370
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/force-https.tpl
@@ -0,0 +1,8 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    location / {
+        rewrite ^(.*) https://$host$1 permanent;
+    }
+include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+}
diff --git a/install/debian/13/templates/web/nginx/hosting-legacy.sh b/install/debian/13/templates/web/nginx/hosting-legacy.sh
new file mode 100644
index 00000000..eeed37ef
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/hosting-legacy.sh
@@ -0,0 +1,11 @@
+#!/bin/bash
+# Changing public_html permission
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+chmod 755 $docroot
+
+exit 0
diff --git a/install/debian/13/templates/web/nginx/hosting-legacy.stpl b/install/debian/13/templates/web/nginx/hosting-legacy.stpl
new file mode 100644
index 00000000..efdd3b87
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/hosting-legacy.stpl
@@ -0,0 +1,40 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl;
+    http2 on;
+    server_name %domain_idn% %alias_idn%;
+    
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/install/debian/13/templates/web/nginx/hosting-legacy.tpl b/install/debian/13/templates/web/nginx/hosting-legacy.tpl
new file mode 100644
index 00000000..a41d4054
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/hosting-legacy.tpl
@@ -0,0 +1,36 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %docroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
+
diff --git a/install/debian/13/templates/web/nginx/hosting-public.stpl b/install/debian/13/templates/web/nginx/hosting-public.stpl
new file mode 100644
index 00000000..a7609b13
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/hosting-public.stpl
@@ -0,0 +1,40 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl;
+    http2 on;
+    server_name %domain_idn% %alias_idn%;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%/public;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%/public;
+
+    include %home%/%user%/conf/web/snginx.%domain_idn%.conf*;
+}
+
diff --git a/install/debian/13/templates/web/nginx/hosting-public.tpl b/install/debian/13/templates/web/nginx/hosting-public.tpl
new file mode 100644
index 00000000..f5d8b327
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/hosting-public.tpl
@@ -0,0 +1,36 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %docroot%/public;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%/public;
+
+    include %home%/%user%/conf/web/nginx.%domain_idn%.conf*;
+}
+
diff --git a/install/debian/13/templates/web/nginx/hosting-webmail-phpmyadmin.stpl b/install/debian/13/templates/web/nginx/hosting-webmail-phpmyadmin.stpl
new file mode 100644
index 00000000..2db9a06e
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/hosting-webmail-phpmyadmin.stpl
@@ -0,0 +1,64 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl;
+    http2 on;
+    server_name %domain_idn% %alias_idn%;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /webmail {
+        disable_symlinks off;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           /var/lib/roundcube;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /phpmyadmin {
+        disable_symlinks off;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           /usr/share;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/install/debian/13/templates/web/nginx/hosting-webmail-phpmyadmin.tpl b/install/debian/13/templates/web/nginx/hosting-webmail-phpmyadmin.tpl
new file mode 100644
index 00000000..f84f4781
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/hosting-webmail-phpmyadmin.tpl
@@ -0,0 +1,60 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %docroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /webmail {
+        disable_symlinks off;
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           /var/lib/roundcube;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /phpmyadmin {
+        disable_symlinks off;
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           /usr/share;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
+
diff --git a/install/debian/13/templates/web/nginx/hosting.sh b/install/debian/13/templates/web/nginx/hosting.sh
new file mode 100644
index 00000000..eeed37ef
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/hosting.sh
@@ -0,0 +1,11 @@
+#!/bin/bash
+# Changing public_html permission
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+chmod 755 $docroot
+
+exit 0
diff --git a/install/debian/13/templates/web/nginx/hosting.stpl b/install/debian/13/templates/web/nginx/hosting.stpl
new file mode 100644
index 00000000..5745311e
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/hosting.stpl
@@ -0,0 +1,40 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl;
+    http2 on;
+    server_name %domain_idn% %alias_idn%;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/install/debian/13/templates/web/nginx/hosting.tpl b/install/debian/13/templates/web/nginx/hosting.tpl
new file mode 100644
index 00000000..61469ad2
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/hosting.tpl
@@ -0,0 +1,36 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %docroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
+
diff --git a/install/debian/13/templates/web/nginx/php-fpm/cms_made_simple.stpl b/install/debian/13/templates/web/nginx/php-fpm/cms_made_simple.stpl
new file mode 100644
index 00000000..cf8fad56
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/cms_made_simple.stpl
@@ -0,0 +1,55 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ /index.php?page=$request_uri;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/cms_made_simple.tpl b/install/debian/13/templates/web/nginx/php-fpm/cms_made_simple.tpl
new file mode 100644
index 00000000..f9e90393
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/cms_made_simple.tpl
@@ -0,0 +1,52 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        try_files $uri $uri/ /index.php?page=$request_uri;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/codeigniter2.stpl b/install/debian/13/templates/web/nginx/php-fpm/codeigniter2.stpl
new file mode 100644
index 00000000..5931f617
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/codeigniter2.stpl
@@ -0,0 +1,60 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location = /index.php {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param  SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location ~ \.php$ {
+        return 444;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/codeigniter2.tpl b/install/debian/13/templates/web/nginx/php-fpm/codeigniter2.tpl
new file mode 100644
index 00000000..d2422be2
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/codeigniter2.tpl
@@ -0,0 +1,57 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location = /index.php {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param  SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location ~ \.php$ {
+        return 444;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/codeigniter3.stpl b/install/debian/13/templates/web/nginx/php-fpm/codeigniter3.stpl
new file mode 100644
index 00000000..3c2793d1
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/codeigniter3.stpl
@@ -0,0 +1,55 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/codeigniter3.tpl b/install/debian/13/templates/web/nginx/php-fpm/codeigniter3.tpl
new file mode 100644
index 00000000..54f81b99
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/codeigniter3.tpl
@@ -0,0 +1,52 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/datalife_engine.stpl b/install/debian/13/templates/web/nginx/php-fpm/datalife_engine.stpl
new file mode 100644
index 00000000..bb9a727b
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/datalife_engine.stpl
@@ -0,0 +1,126 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+    
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last;
+
+        rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last;
+        rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last;
+        rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last;
+        rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last;
+
+        rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last;
+        rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last;
+        rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last;
+        rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last;
+
+        rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last;
+        rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last;
+
+        rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last;
+        rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last;
+
+        rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last;
+        rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last;
+
+        rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last;
+        rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last;
+        rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last;
+        rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last;
+        rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last;
+        rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last;
+
+        rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last;
+        rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last;
+
+        rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last;
+        rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last;
+        rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last;
+
+        rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last;
+        rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last;
+
+        rewrite "^/favorites(/?)+$" /index.php?do=favorites last;
+        rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last;
+
+        rewrite "^/rules.html$" /index.php?do=rules last;
+        rewrite "^/statistics.html$" /index.php?do=stats last;
+        rewrite "^/addnews.html$" /index.php?do=addnews last;
+        rewrite "^/rss.xml$" /engine/rss.php last;
+        rewrite "^/sitemap.xml$" /uploads/sitemap.xml last;
+
+        if (!-d $request_filename) {
+                rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last;
+                rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last;
+        }
+
+        if (!-f $request_filename) {
+                rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last;
+                rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last;
+                rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last;
+        }
+
+        if (!-f $request_filename) {
+                rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/datalife_engine.tpl b/install/debian/13/templates/web/nginx/php-fpm/datalife_engine.tpl
new file mode 100644
index 00000000..3ea45347
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/datalife_engine.tpl
@@ -0,0 +1,123 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last;
+
+        rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last;
+        rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last;
+        rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last;
+        rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last;
+
+        rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last;
+        rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last;
+        rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last;
+        rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last;
+
+        rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last;
+        rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last;
+
+        rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last;
+        rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last;
+
+        rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last;
+        rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last;
+
+        rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last;
+        rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last;
+        rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last;
+        rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last;
+        rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last;
+        rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last;
+
+        rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last;
+        rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last;
+
+        rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last;
+        rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last;
+        rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last;
+
+        rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last;
+        rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last;
+
+        rewrite "^/favorites(/?)+$" /index.php?do=favorites last;
+        rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last;
+
+        rewrite "^/rules.html$" /index.php?do=rules last;
+        rewrite "^/statistics.html$" /index.php?do=stats last;
+        rewrite "^/addnews.html$" /index.php?do=addnews last;
+        rewrite "^/rss.xml$" /engine/rss.php last;
+        rewrite "^/sitemap.xml$" /uploads/sitemap.xml last;
+
+        if (!-d $request_filename) {
+                rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last;
+                rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last;
+        }
+
+        if (!-f $request_filename) {
+                rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last;
+                rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last;
+                rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last;
+        }
+
+        if (!-f $request_filename) {
+                rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/default.stpl b/install/debian/13/templates/web/nginx/php-fpm/default.stpl
new file mode 100644
index 00000000..f9c01e40
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/default.stpl
@@ -0,0 +1,54 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/default.tpl b/install/debian/13/templates/web/nginx/php-fpm/default.tpl
new file mode 100644
index 00000000..a8909efb
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/default.tpl
@@ -0,0 +1,51 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/dokuwiki.stpl b/install/debian/13/templates/web/nginx/php-fpm/dokuwiki.stpl
new file mode 100644
index 00000000..a7564705
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/dokuwiki.stpl
@@ -0,0 +1,71 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        index doku.php;
+        try_files $uri $uri/ @dokuwiki;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location ~ ^/lib.*\.(gif|png|ico|jpg)$ {
+        expires 30d;
+    }
+
+    location ^~ /conf/ { return 403; }
+    location ^~ /data/ { return 403; }
+
+    location @dokuwiki {
+        rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last;
+        rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last;
+        rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last;
+        rewrite ^/(.*) /doku.php?id=$1 last;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/dokuwiki.tpl b/install/debian/13/templates/web/nginx/php-fpm/dokuwiki.tpl
new file mode 100644
index 00000000..0a9a75ed
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/dokuwiki.tpl
@@ -0,0 +1,67 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        index doku.php;
+        try_files $uri $uri/ @dokuwiki;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location ~ ^/lib.*\.(gif|png|ico|jpg)$ {
+        expires 30d;
+    }
+
+    location ^~ /conf/ { return 403; }
+    location ^~ /data/ { return 403; }
+    location @dokuwiki {
+        rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last;
+        rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last;
+        rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last;
+        rewrite ^/(.*) /doku.php?id=$1 last;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/drupal6.stpl b/install/debian/13/templates/web/nginx/php-fpm/drupal6.stpl
new file mode 100644
index 00000000..6e67a4e0
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/drupal6.stpl
@@ -0,0 +1,94 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+    }
+
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
+    location / {
+        try_files $uri @rewrite;
+    }
+
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
+
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }    
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/drupal6.tpl b/install/debian/13/templates/web/nginx/php-fpm/drupal6.tpl
new file mode 100644
index 00000000..d1096bff
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/drupal6.tpl
@@ -0,0 +1,91 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+        }
+
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+
+    location / {
+        try_files $uri @rewrite;
+    }
+
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+    
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }    
+
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ ^/sites/.*/files/imagecache/ {
+        try_files $uri @rewrite;
+    }
+        
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;             
+        include /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/drupal7.stpl b/install/debian/13/templates/web/nginx/php-fpm/drupal7.stpl
new file mode 100644
index 00000000..32f01a6f
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/drupal7.stpl
@@ -0,0 +1,94 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+    }
+
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
+    location / {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
+
+    location ~ ^/sites/.*/files/styles/ {
+        try_files $uri @rewrite;
+    }
+
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/drupal7.tpl b/install/debian/13/templates/web/nginx/php-fpm/drupal7.tpl
new file mode 100644
index 00000000..c9729795
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/drupal7.tpl
@@ -0,0 +1,91 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+        }
+
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
+    location / {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
+
+    location ~ ^/sites/.*/files/styles/ {
+        try_files $uri @rewrite;
+    }
+
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/drupal8.stpl b/install/debian/13/templates/web/nginx/php-fpm/drupal8.stpl
new file mode 100644
index 00000000..32f01a6f
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/drupal8.stpl
@@ -0,0 +1,94 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+    }
+
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
+    location / {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
+
+    location ~ ^/sites/.*/files/styles/ {
+        try_files $uri @rewrite;
+    }
+
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+    
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/drupal8.tpl b/install/debian/13/templates/web/nginx/php-fpm/drupal8.tpl
new file mode 100644
index 00000000..c9729795
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/drupal8.tpl
@@ -0,0 +1,91 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+        }
+
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+    
+    location ~ ^/sites/[^/]+/files/.*\.php$ {
+        deny all;
+    }
+    
+    location / {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~ /vendor/.*\.php$ {
+        deny all;
+        return 404;
+    }        
+
+    location ~ ^/sites/.*/files/styles/ {
+        try_files $uri @rewrite;
+    }
+
+    location ~ ^(/[a-z\-]+)?/system/files/ {
+        try_files $uri /index.php?$query_string;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
+        try_files $uri @rewrite;
+        expires max;
+        log_not_found off;
+    }
+
+    location ~ '\.php$|^/update.php' {
+        fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_pass %backend_lsnr%;
+        include         /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/joomla.stpl b/install/debian/13/templates/web/nginx/php-fpm/joomla.stpl
new file mode 100644
index 00000000..d4f96ee3
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/joomla.stpl
@@ -0,0 +1,62 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        # deny running scripts inside writable directories
+        location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ {
+            return 403;
+            error_page 403 /403_error.html;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/joomla.tpl b/install/debian/13/templates/web/nginx/php-fpm/joomla.tpl
new file mode 100644
index 00000000..91b7a8f1
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/joomla.tpl
@@ -0,0 +1,59 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        # deny running scripts inside writable directories
+        location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ {
+            return 403;
+            error_page 403 /403_error.html;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/laravel.stpl b/install/debian/13/templates/web/nginx/php-fpm/laravel.stpl
new file mode 100644
index 00000000..db0b4dde
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/laravel.stpl
@@ -0,0 +1,54 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%/public;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    
+    location / {
+        try_files $uri $uri/ /index.php?$query_string;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/laravel.tpl b/install/debian/13/templates/web/nginx/php-fpm/laravel.tpl
new file mode 100644
index 00000000..d14b0173
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/laravel.tpl
@@ -0,0 +1,50 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%/public;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+    location / {
+        try_files $uri $uri/ /index.php?$query_string;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/magento.stpl b/install/debian/13/templates/web/nginx/php-fpm/magento.stpl
new file mode 100644
index 00000000..f8ac30c9
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/magento.stpl
@@ -0,0 +1,197 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+
+    root        %sdocroot%/pub;
+    index       index.php;
+    autoindex   off;
+    charset     UTF-8;
+    error_page  404 403 = /errors/404.php;
+    add_header  "X-UA-Compatible" "IE=Edge";
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    # PHP entry point for setup application
+    location ~* ^/setup($|/) {
+        root %sdocroot%;
+
+        location ~ ^/setup/index.php {
+            fastcgi_pass   %backend_lsnr%;
+            fastcgi_index  index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            include        /etc/nginx/fastcgi_params;
+        }
+
+        location ~ ^/setup/(?!pub/). {
+            deny all;
+        }
+
+        location ~ ^/setup/pub/ {
+            add_header X-Frame-Options "SAMEORIGIN";
+        }
+    }
+
+    # PHP entry point for update application
+    location ~* ^/update($|/) {
+        root %sdocroot%;
+
+        location ~ ^/update/index.php {
+            fastcgi_split_path_info ^(/update/index.php)(/.+)$;
+            fastcgi_pass   %backend_lsnr%;
+            fastcgi_index  index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            fastcgi_param  PATH_INFO        $fastcgi_path_info;
+            include        /etc/nginx/fastcgi_params;
+        }
+
+        # Deny everything but index.php
+        location ~ ^/update/(?!pub/). {
+            deny all;
+        }
+
+        location ~ ^/update/pub/ {
+            add_header X-Frame-Options "SAMEORIGIN";
+        }
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+    }
+
+    location /pub/ {
+        location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) {
+            deny all;
+        }
+
+        alias %sdocroot%/pub/;
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /static/ {
+        # Uncomment the following line in production mode
+        # expires max;
+
+        # Remove signature of the static files that is used to overcome the browser cache
+        location ~ ^/static/version {
+            rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last;
+        }
+
+        location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+            add_header Cache-Control "public";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires +1y;
+
+            if (!-f $request_filename) {
+                rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+            }
+        }
+
+        location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+            add_header Cache-Control "no-store";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires    off;
+
+            if (!-f $request_filename) {
+                rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+            }
+        }
+
+        if (!-f $request_filename) {
+            rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+        }
+
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /media/ {
+        try_files $uri $uri/ /get.php?$args;
+
+        location ~ ^/media/theme_customization/.*\.xml {
+            deny all;
+        }
+
+        location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+            add_header Cache-Control "public";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires +1y;
+            try_files $uri $uri/ /get.php?$args;
+        }
+
+        location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+            add_header Cache-Control "no-store";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires    off;
+            try_files $uri $uri/ /get.php?$args;
+        }
+
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /media/customer/ {
+        deny all;
+    }
+
+    location /media/downloadable/ {
+        deny all;
+    }
+
+    location /media/import/ {
+        deny all;
+    }
+
+    # PHP entry point for main application
+    location ~ (index|get|static|report|404|503)\.php$ {
+        try_files $uri =404;
+
+        fastcgi_pass   %backend_lsnr%;
+        fastcgi_buffers 1024 4k;
+        fastcgi_read_timeout 600s;
+        fastcgi_connect_timeout 600s;
+
+        fastcgi_index  index.php;
+        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+        include        /etc/nginx/fastcgi_params;
+    }
+
+    gzip on;
+    gzip_disable "msie6";
+
+    gzip_comp_level 6;
+    gzip_min_length 1100;
+    gzip_buffers 16 8k;
+    gzip_proxied any;
+    gzip_types
+        text/plain
+        text/css
+        text/js
+        text/xml
+        text/javascript
+        application/javascript
+        application/x-javascript
+        application/json
+        application/xml
+        application/xml+rss
+        image/svg+xml;
+    gzip_vary on;
+
+    # Banned locations (only reached if the earlier PHP entry point regexes don't match)
+    location ~* (\.php$|\.htaccess$|\.git) {
+        deny all;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/magento.tpl b/install/debian/13/templates/web/nginx/php-fpm/magento.tpl
new file mode 100644
index 00000000..3f292fff
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/magento.tpl
@@ -0,0 +1,194 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+
+    root        %docroot%/pub;
+    index       index.php;
+    autoindex   off;
+    charset     UTF-8;
+    error_page  404 403 = /errors/404.php;
+    add_header  "X-UA-Compatible" "IE=Edge";
+
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    # PHP entry point for setup application
+    location ~* ^/setup($|/) {
+        root %docroot%;
+
+        location ~ ^/setup/index.php {
+            fastcgi_pass   %backend_lsnr%;
+            fastcgi_index  index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            include        /etc/nginx/fastcgi_params;
+        }
+
+        location ~ ^/setup/(?!pub/). {
+            deny all;
+        }
+
+        location ~ ^/setup/pub/ {
+            add_header X-Frame-Options "SAMEORIGIN";
+        }
+    }
+
+    # PHP entry point for update application
+    location ~* ^/update($|/) {
+        root %docroot%;
+
+        location ~ ^/update/index.php {
+            fastcgi_split_path_info ^(/update/index.php)(/.+)$;
+            fastcgi_pass   %backend_lsnr%;
+            fastcgi_index  index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            fastcgi_param  PATH_INFO        $fastcgi_path_info;
+            include        /etc/nginx/fastcgi_params;
+        }
+
+        # Deny everything but index.php
+        location ~ ^/update/(?!pub/). {
+            deny all;
+        }
+
+        location ~ ^/update/pub/ {
+            add_header X-Frame-Options "SAMEORIGIN";
+        }
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+    }
+
+    location /pub/ {
+        location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) {
+            deny all;
+        }
+
+        alias %docroot%/pub/;
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /static/ {
+        # Uncomment the following line in production mode
+        # expires max;
+
+        # Remove signature of the static files that is used to overcome the browser cache
+        location ~ ^/static/version {
+            rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last;
+        }
+
+        location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+            add_header Cache-Control "public";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires +1y;
+
+            if (!-f $request_filename) {
+                rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+            }
+        }
+
+        location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+            add_header Cache-Control "no-store";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires    off;
+
+            if (!-f $request_filename) {
+                rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+            }
+        }
+
+        if (!-f $request_filename) {
+            rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+        }
+
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /media/ {
+        try_files $uri $uri/ /get.php?$args;
+
+        location ~ ^/media/theme_customization/.*\.xml {
+            deny all;
+        }
+
+        location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+            add_header Cache-Control "public";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires +1y;
+            try_files $uri $uri/ /get.php?$args;
+        }
+
+        location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+            add_header Cache-Control "no-store";
+            add_header X-Frame-Options "SAMEORIGIN";
+            expires    off;
+            try_files $uri $uri/ /get.php?$args;
+        }
+
+        add_header X-Frame-Options "SAMEORIGIN";
+    }
+
+    location /media/customer/ {
+        deny all;
+    }
+
+    location /media/downloadable/ {
+        deny all;
+    }
+
+    location /media/import/ {
+        deny all;
+    }
+
+    # PHP entry point for main application
+    location ~ (index|get|static|report|404|503)\.php$ {
+        try_files $uri =404;
+
+        fastcgi_pass   %backend_lsnr%;
+        fastcgi_buffers 1024 4k;
+        fastcgi_read_timeout 600s;
+        fastcgi_connect_timeout 600s;
+
+        fastcgi_index  index.php;
+        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+        include        /etc/nginx/fastcgi_params;
+    }
+
+    gzip on;
+    gzip_disable "msie6";
+
+    gzip_comp_level 6;
+    gzip_min_length 1100;
+    gzip_buffers 16 8k;
+    gzip_proxied any;
+    gzip_types
+        text/plain
+        text/css
+        text/js
+        text/xml
+        text/javascript
+        application/javascript
+        application/x-javascript
+        application/json
+        application/xml
+        application/xml+rss
+        image/svg+xml;
+    gzip_vary on;
+
+    # Banned locations (only reached if the earlier PHP entry point regexes don't match)
+    location ~* (\.php$|\.htaccess$|\.git) {
+        deny all;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/modx.stpl b/install/debian/13/templates/web/nginx/php-fpm/modx.stpl
new file mode 100644
index 00000000..420aeb9e
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/modx.stpl
@@ -0,0 +1,68 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+    
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+#   if you need to rewrite www to non-www uncomment bellow
+#   if ($host != '%domain%' ) {
+#       rewrite      ^/(.*)$  https://%domain%/$1  permanent;
+#    }
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ @rewrite;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+    }
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
+    location ~ \.php$ {
+        try_files $uri =404;
+        fastcgi_pass %backend_lsnr%;
+        fastcgi_index index.php;
+        fastcgi_param SCRIPT_FILENAME $request_filename;
+        include /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/modx.tpl b/install/debian/13/templates/web/nginx/php-fpm/modx.tpl
new file mode 100644
index 00000000..342d3ecf
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/modx.tpl
@@ -0,0 +1,65 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+#   if you need to rewrite www to non-www uncomment bellow
+#   if ($host != '%domain%' ) {
+#       rewrite      ^/(.*)$  http://%domain%/$1  permanent;
+#    }
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ @rewrite;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+    }
+    location @rewrite {
+        rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
+    location ~ \.php$ {
+        try_files $uri =404;
+        fastcgi_pass %backend_lsnr%;
+        fastcgi_index index.php;
+        fastcgi_param SCRIPT_FILENAME $request_filename;
+        include /etc/nginx/fastcgi_params;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/moodle.stpl b/install/debian/13/templates/web/nginx/php-fpm/moodle.stpl
new file mode 100644
index 00000000..8594ec94
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/moodle.stpl
@@ -0,0 +1,89 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+    }
+
+    # No no for private
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    # Block access to "hidden" files and directories whose names begin with a
+    # period. This includes directories used by version control systems such
+    # as Subversion or Git to store control files.
+    location ~ (^|/)\. {
+            return 403;
+        }
+
+    location / {
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $request_filename;
+            fastcgi_intercept_errors on;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/moodle.tpl b/install/debian/13/templates/web/nginx/php-fpm/moodle.tpl
new file mode 100644
index 00000000..c20ba648
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/moodle.tpl
@@ -0,0 +1,87 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    # Very rarely should these ever be accessed outside of your lan
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+        }
+
+    # No no for private
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    # Block access to "hidden" files and directories whose names begin with a
+    # period. This includes directories used by version control systems such
+    # as Subversion or Git to store control files.
+    location ~ (^|/)\. {
+        return 403;
+    }
+
+    location / {
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $request_filename;
+            fastcgi_intercept_errors on;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/no-php.stpl b/install/debian/13/templates/web/nginx/php-fpm/no-php.stpl
new file mode 100644
index 00000000..4bb50383
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/no-php.stpl
@@ -0,0 +1,46 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    types {
+            text/html   html htm shtml php php5;
+    }
+
+    location / {
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/no-php.tpl b/install/debian/13/templates/web/nginx/php-fpm/no-php.tpl
new file mode 100644
index 00000000..7ff8aa1d
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/no-php.tpl
@@ -0,0 +1,43 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    types {
+            text/html   html htm shtml php php5;
+    }
+
+    location / {
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/odoo.stpl b/install/debian/13/templates/web/nginx/php-fpm/odoo.stpl
new file mode 100644
index 00000000..e28afcfc
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/odoo.stpl
@@ -0,0 +1,69 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
+    proxy_redirect          off;
+
+    proxy_set_header X-Forwarded-Host $host;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_set_header X-Real-IP $remote_addr;
+
+    proxy_connect_timeout   720;
+    proxy_send_timeout      720;
+    proxy_read_timeout      720;
+    send_timeout            720;
+
+    # Allow "Well-Known URIs" as per RFC 5785
+    location ~* ^/.well-known/ {
+        allow all;
+    }
+
+    location / {
+        proxy_pass http://127.0.0.1:8069;
+    }
+
+    location /longpolling {
+        proxy_pass http://127.0.0.1:8072;
+    }
+    
+    location ~* /web/static/ {
+        proxy_cache_valid 200 60m;
+        proxy_buffering on;
+        expires 864000;
+        proxy_pass http://127.0.0.1:8069;
+    }
+    
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/odoo.tpl b/install/debian/13/templates/web/nginx/php-fpm/odoo.tpl
new file mode 100644
index 00000000..b1240aae
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/odoo.tpl
@@ -0,0 +1,66 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+    
+    proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
+    proxy_redirect          off;
+
+    proxy_set_header X-Forwarded-Host $host;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_set_header X-Real-IP $remote_addr;
+
+    proxy_connect_timeout   720;
+    proxy_send_timeout      720;
+    proxy_read_timeout      720;
+    send_timeout            720;
+
+    # Allow "Well-Known URIs" as per RFC 5785
+    location ~* ^/.well-known/ {
+        allow all;
+    }
+
+    location / {
+        proxy_pass http://127.0.0.1:8069;
+    }
+
+    location /longpolling {
+        proxy_pass http://127.0.0.1:8072;
+    }
+    
+    location ~* /web/static/ {
+        proxy_cache_valid 200 60m;
+        proxy_buffering on;
+        expires 864000;
+        proxy_pass http://127.0.0.1:8069;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/opencart.stpl b/install/debian/13/templates/web/nginx/php-fpm/opencart.stpl
new file mode 100644
index 00000000..52706d21
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/opencart.stpl
@@ -0,0 +1,58 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ @opencart;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location @opencart {
+        rewrite ^/(.+)$ /index.php?_route_=$1 last;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/opencart.tpl b/install/debian/13/templates/web/nginx/php-fpm/opencart.tpl
new file mode 100644
index 00000000..d0a9060b
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/opencart.tpl
@@ -0,0 +1,54 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+    location / {
+        try_files $uri $uri/ @opencart;
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location @opencart {
+        rewrite ^/(.+)$ /index.php?_route_=$1 last;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/owncloud.stpl b/install/debian/13/templates/web/nginx/php-fpm/owncloud.stpl
new file mode 100644
index 00000000..1b803f97
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/owncloud.stpl
@@ -0,0 +1,84 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
+    rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
+    rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
+
+    error_page 403 = /core/templates/403.php;
+    error_page 404 = /core/templates/404.php;
+
+    location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){
+        deny all;
+    }
+
+    location / {
+        # The following 2 rules are only needed with webfinger
+        rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
+        rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
+        rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
+        rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
+        rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
+        try_files $uri $uri/ /index.php;
+
+        location ~ \.php(?:$|/) {
+            fastcgi_split_path_info ^(.+\.php)(/.+)$;
+            include         /etc/nginx/fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_param PATH_INFO $fastcgi_path_info;
+            #fastcgi_param HTTPS on;
+            fastcgi_pass    %backend_lsnr%;
+        }
+    }
+
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        expires     max;
+        # Some basic cache-control for static files to be sent to the browser
+        add_header Pragma public;
+        add_header Cache-Control "public, must-revalidate, proxy-revalidate";
+    }
+
+    #error_page  403 /error/404.html;
+    #error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/owncloud.tpl b/install/debian/13/templates/web/nginx/php-fpm/owncloud.tpl
new file mode 100644
index 00000000..e3ec31de
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/owncloud.tpl
@@ -0,0 +1,81 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+            access_log off;
+    }
+
+    rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
+    rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
+    rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
+
+    error_page 403 = /core/templates/403.php;
+    error_page 404 = /core/templates/404.php;
+
+    location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){
+        deny all;
+    }
+
+    location / {
+        # The following 2 rules are only needed with webfinger
+        rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
+        rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
+        rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
+        rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
+        rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
+        try_files $uri $uri/ /index.php;
+
+        location ~ \.php(?:$|/) {
+            fastcgi_split_path_info ^(.+\.php)(/.+)$;
+            include         /etc/nginx/fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_param PATH_INFO $fastcgi_path_info;
+            #fastcgi_param HTTPS on;
+            fastcgi_pass    %backend_lsnr%;
+        }
+    }
+
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        expires     max;
+        # Some basic cache-control for static files to be sent to the browser
+        add_header Pragma public;
+        add_header Cache-Control "public, must-revalidate, proxy-revalidate";
+    }
+
+    #error_page  403 /error/404.html;
+    #error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/piwik.stpl b/install/debian/13/templates/web/nginx/php-fpm/piwik.stpl
new file mode 100644
index 00000000..1b299343
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/piwik.stpl
@@ -0,0 +1,72 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        try_files /favicon.ico =204;
+    }
+
+    location / {
+        try_files $uri /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            valid_referers none blocked %domain_idn% %alias_idn%;
+            if ($invalid_referer)  {
+                return 444;
+            }
+            expires     max;
+        }
+
+        location ~* ^/(?:index|piwik)\.php$ {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return 404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    # Any other attempt to access PHP files returns a 404.
+    location ~* ^.+\.php$ {
+        return 404; 
+    }
+
+    # Return a 404 for all text files.
+    location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ {
+            return 404;
+        }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/piwik.tpl b/install/debian/13/templates/web/nginx/php-fpm/piwik.tpl
new file mode 100644
index 00000000..f94fb7de
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/piwik.tpl
@@ -0,0 +1,69 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        try_files /favicon.ico =204;
+    }
+
+    location / {
+        try_files $uri /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            valid_referers none blocked %domain_idn% %alias_idn%;
+            if ($invalid_referer)  {
+                return 444;
+            }
+            expires     max;
+        }
+
+        location ~* ^/(?:index|piwik)\.php$ {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return 404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    # Any other attempt to access PHP files returns a 404.
+    location ~* ^.+\.php$ {
+            return 404; 
+    }
+
+    # Return a 404 for all text files.
+    location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ {
+            return 404;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/pyrocms.stpl b/install/debian/13/templates/web/nginx/php-fpm/pyrocms.stpl
new file mode 100644
index 00000000..d26ed9f4
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/pyrocms.stpl
@@ -0,0 +1,65 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%/public;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location /installer {
+            try_files $uri $uri/ /installer/index.php?$query_string;
+        }
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location = /robots.txt  { access_log off; log_not_found off; }
+    location = /favicon.ico { access_log off; log_not_found off; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
+    location ~ ~$           { access_log off; log_not_found off; deny all; }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/pyrocms.tpl b/install/debian/13/templates/web/nginx/php-fpm/pyrocms.tpl
new file mode 100644
index 00000000..b92861b0
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/pyrocms.tpl
@@ -0,0 +1,62 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%/public;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location /installer {
+            try_files $uri $uri/ /installer/index.php?$query_string;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location = /robots.txt  { access_log off; log_not_found off; }
+    location = /favicon.ico { access_log off; log_not_found off; }
+    location ~ /\.ht        { access_log off; log_not_found off; deny all; }
+    location ~ ~$           { access_log off; log_not_found off; deny all; }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/sendy.stpl b/install/debian/13/templates/web/nginx/php-fpm/sendy.stpl
new file mode 100644
index 00000000..0b351000
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/sendy.stpl
@@ -0,0 +1,88 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+     location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" {
+        deny all;
+    }
+
+    location ~ /(readme.html|license.txt) {
+        deny all;
+    }
+
+    if (!-f $request_filename){
+        rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+        location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ {
+            expires 1d;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            try_files $uri =404;
+            fastcgi_pass %backend_lsnr%;
+            fastcgi_index index.php;
+            include /etc/nginx/fastcgi_params;
+        }
+
+        location /l/ {
+            rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last;
+        }
+
+        location /t/ {
+            rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last;
+        }
+
+        location /w/ {
+            rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last;
+        }
+
+        location /unsubscribe/ {
+            rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last;
+        }
+
+        location /subscribe/ {
+            rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/sendy.tpl b/install/debian/13/templates/web/nginx/php-fpm/sendy.tpl
new file mode 100644
index 00000000..b27b427d
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/sendy.tpl
@@ -0,0 +1,86 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" {
+        deny all;
+    }
+
+    location ~ /(readme.html|license.txt) {
+        deny all;
+    }
+
+    if (!-f $request_filename){
+        rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+        location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ {
+            expires 1d;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            try_files $uri =404;
+            fastcgi_pass %backend_lsnr%;
+            fastcgi_index index.php;
+            include /etc/nginx/fastcgi_params;
+        }
+
+        location /l/ {
+            rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last;
+        }
+
+        location /t/ {
+            rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last;
+        }
+
+        location /w/ {
+            rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last;
+        }
+
+        location /unsubscribe/ {
+            rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last;
+        }
+
+        location /subscribe/ {
+            rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/wordpress.stpl b/install/debian/13/templates/web/nginx/php-fpm/wordpress.stpl
new file mode 100644
index 00000000..f9c01e40
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/wordpress.stpl
@@ -0,0 +1,54 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/wordpress.tpl b/install/debian/13/templates/web/nginx/php-fpm/wordpress.tpl
new file mode 100644
index 00000000..a8909efb
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/wordpress.tpl
@@ -0,0 +1,51 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/wordpress2.stpl b/install/debian/13/templates/web/nginx/php-fpm/wordpress2.stpl
new file mode 100644
index 00000000..01dfee5b
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/wordpress2.stpl
@@ -0,0 +1,66 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/wordpress2.tpl b/install/debian/13/templates/web/nginx/php-fpm/wordpress2.tpl
new file mode 100644
index 00000000..bccb8b3d
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/wordpress2.tpl
@@ -0,0 +1,63 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/conf/web/%domain%.auth*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/debian/13/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl
new file mode 100644
index 00000000..a5fc46fb
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl
@@ -0,0 +1,71 @@
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        if (!-e $request_filename)
+        {
+            rewrite ^(.+)$ /index.php?q=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain_idn%.conf*;
+} 
diff --git a/install/debian/13/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl b/install/debian/13/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl
new file mode 100644
index 00000000..39e366b7
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl
@@ -0,0 +1,67 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+        
+        if (!-e $request_filename)
+        {
+            rewrite ^(.+)$ /index.php?q=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain_idn%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/private-force-https.stpl b/install/debian/13/templates/web/nginx/private-force-https.stpl
new file mode 100644
index 00000000..bf805683
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/private-force-https.stpl
@@ -0,0 +1,40 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl;
+    http2 on;
+    server_name %domain_idn% %alias_idn%;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        auth_basic           "Restricted area";
+        auth_basic_user_file /etc/nginx/.htpasswd;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+    include %home%/%user%/conf/web/s%proxy_system%.%domain%.conf*;
+}
diff --git a/install/debian/13/templates/web/nginx/private-force-https.tpl b/install/debian/13/templates/web/nginx/private-force-https.tpl
new file mode 100644
index 00000000..5a463370
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/private-force-https.tpl
@@ -0,0 +1,8 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    location / {
+        rewrite ^(.*) https://$host$1 permanent;
+    }
+include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+}
diff --git a/install/debian/13/templates/web/nginx/private-hosting.sh b/install/debian/13/templates/web/nginx/private-hosting.sh
new file mode 100644
index 00000000..eeed37ef
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/private-hosting.sh
@@ -0,0 +1,11 @@
+#!/bin/bash
+# Changing public_html permission
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+chmod 755 $docroot
+
+exit 0
diff --git a/install/debian/13/templates/web/nginx/private-hosting.stpl b/install/debian/13/templates/web/nginx/private-hosting.stpl
new file mode 100644
index 00000000..8e5b3f7b
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/private-hosting.stpl
@@ -0,0 +1,42 @@
+server {
+    listen      %ip%:%proxy_ssl_port% ssl;
+    http2 on;
+    server_name %domain_idn% %alias_idn%;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        auth_basic           "Restricted area";
+        auth_basic_user_file /etc/nginx/.htpasswd;
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/snginx.%domain_idn%.conf*;
+}
+
diff --git a/install/debian/13/templates/web/nginx/private-hosting.tpl b/install/debian/13/templates/web/nginx/private-hosting.tpl
new file mode 100644
index 00000000..a8ee840e
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/private-hosting.tpl
@@ -0,0 +1,38 @@
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    location / {
+        auth_basic           "Restricted area";
+        auth_basic_user_file /etc/nginx/.htpasswd;
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %docroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            # try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.env   {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    disable_symlinks if_not_owner from=%docroot%;
+
+    include %home%/%user%/conf/web/nginx.%domain_idn%.conf*;
+}
+
diff --git a/install/debian/13/templates/web/nginx/proxy_ip.tpl b/install/debian/13/templates/web/nginx/proxy_ip.tpl
new file mode 100644
index 00000000..ae195617
--- /dev/null
+++ b/install/debian/13/templates/web/nginx/proxy_ip.tpl
@@ -0,0 +1,9 @@
+server {
+    listen       %ip%:%proxy_port% default;
+    server_name  _;
+    #access_log  /var/log/nginx/%ip%.log main;
+    location / {
+        proxy_pass  http://%ip%:%web_port%;
+   }
+}
+
diff --git a/install/debian/13/templates/web/php-fpm/default.tpl b/install/debian/13/templates/web/php-fpm/default.tpl
new file mode 100644
index 00000000..209e1e43
--- /dev/null
+++ b/install/debian/13/templates/web/php-fpm/default.tpl
@@ -0,0 +1,21 @@
+[%backend%]
+listen = 127.0.0.1:%backend_port%
+listen.allowed_clients = 127.0.0.1
+
+user = %user%
+group = %user%
+
+pm = ondemand
+pm.max_children = 4
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/%user%/tmp
+php_admin_value[session.save_path] = /home/%user%/tmp
+
+env[HOSTNAME] = $HOSTNAME
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/%user%/tmp
+env[TMPDIR] = /home/%user%/tmp
+env[TEMP] = /home/%user%/tmp
diff --git a/install/debian/13/templates/web/php-fpm/no-php.tpl b/install/debian/13/templates/web/php-fpm/no-php.tpl
new file mode 100644
index 00000000..047c33ed
--- /dev/null
+++ b/install/debian/13/templates/web/php-fpm/no-php.tpl
@@ -0,0 +1,20 @@
+;[%backend%]
+;listen = /dev/null
+
+;user = %user%
+;group = %user%
+
+;listen.owner = %user%
+;listen.group = www-data
+
+;pm = ondemand
+;pm.max_children = 4
+;pm.max_requests = 4000
+;pm.process_idle_timeout = 10s
+;pm.status_path = /status
+
+;env[HOSTNAME] = $HOSTNAME
+;env[PATH] = /usr/local/bin:/usr/bin:/bin
+;env[TMP] = /home/%user%/tmp
+;env[TMPDIR] = /home/%user%/tmp
+;env[TEMP] = /home/%user%/tmp
diff --git a/install/debian/13/templates/web/php-fpm/socket.tpl b/install/debian/13/templates/web/php-fpm/socket.tpl
new file mode 100644
index 00000000..a0151084
--- /dev/null
+++ b/install/debian/13/templates/web/php-fpm/socket.tpl
@@ -0,0 +1,24 @@
+[%backend%]
+listen = /var/run/php/%backend%.sock
+listen.allowed_clients = 127.0.0.1
+
+user = %user%
+group = %user%
+
+listen.owner = %user%
+listen.group = www-data
+
+pm = ondemand
+pm.max_children = 4
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/%user%/tmp
+php_admin_value[session.save_path] = /home/%user%/tmp
+
+env[HOSTNAME] = $HOSTNAME
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/%user%/tmp
+env[TMPDIR] = /home/%user%/tmp
+env[TEMP] = /home/%user%/tmp
diff --git a/install/debian/13/templates/web/skel/document_errors/403.html b/install/debian/13/templates/web/skel/document_errors/403.html
new file mode 100644
index 00000000..9c3f6baa
--- /dev/null
+++ b/install/debian/13/templates/web/skel/document_errors/403.html
@@ -0,0 +1,29 @@
+
+
+    403 — Forbidden
+    
+    
+    
+
+
+
+    %domain%
+
+    403
+    Forbidden
+    
+        Unfortunately, you do not have permission to view this
+    
+
+
+
diff --git a/install/debian/13/templates/web/skel/document_errors/404.html b/install/debian/13/templates/web/skel/document_errors/404.html
new file mode 100644
index 00000000..2cee7708
--- /dev/null
+++ b/install/debian/13/templates/web/skel/document_errors/404.html
@@ -0,0 +1,28 @@
+
+
+    404 — Not Found
+    
+    
+    
+
+
+
+    %domain%
+    404
+    Page Not Found
+    
+        It seems that the page you were trying to reach does not exist anymore, or maybe it has just moved.
+        You can start again from the home or go back to previous page.
+    
+
+
diff --git a/install/debian/13/templates/web/skel/document_errors/50x.html b/install/debian/13/templates/web/skel/document_errors/50x.html
new file mode 100644
index 00000000..85ba648b
--- /dev/null
+++ b/install/debian/13/templates/web/skel/document_errors/50x.html
@@ -0,0 +1,29 @@
+
+
+    500 — Internal Sever Error
+    
+    
+    
+
+
+
+    %domain%
+
+    500
+    Internal Server Error
+    
+        Sorry, something went wrong :(
+    
+
+
+
diff --git a/install/debian/13/templates/web/skel/public_html/index.html b/install/debian/13/templates/web/skel/public_html/index.html
new file mode 100644
index 00000000..c2895cf2
--- /dev/null
+++ b/install/debian/13/templates/web/skel/public_html/index.html
@@ -0,0 +1,26 @@
+
+
+    %domain% — Coming Soon
+    
+    
+    
+
+
+
+    %domain%
+    
+        Powered by myVesta
+    
+
+
+
+
diff --git a/install/debian/13/templates/web/skel/public_html/robots.txt b/install/debian/13/templates/web/skel/public_html/robots.txt
new file mode 100644
index 00000000..00ee83dc
--- /dev/null
+++ b/install/debian/13/templates/web/skel/public_html/robots.txt
@@ -0,0 +1,3 @@
+# vestacp autogenerated robots.txt
+User-agent: *
+Crawl-delay: 10
diff --git a/install/debian/13/templates/web/skel/public_shtml/index.html b/install/debian/13/templates/web/skel/public_shtml/index.html
new file mode 100644
index 00000000..c2895cf2
--- /dev/null
+++ b/install/debian/13/templates/web/skel/public_shtml/index.html
@@ -0,0 +1,26 @@
+
+
+    %domain% — Coming Soon
+    
+    
+    
+
+
+
+    %domain%
+    
+        Powered by myVesta
+    
+
+
+
+
diff --git a/install/debian/13/templates/web/skel/public_shtml/robots.txt b/install/debian/13/templates/web/skel/public_shtml/robots.txt
new file mode 100644
index 00000000..00ee83dc
--- /dev/null
+++ b/install/debian/13/templates/web/skel/public_shtml/robots.txt
@@ -0,0 +1,3 @@
+# vestacp autogenerated robots.txt
+User-agent: *
+Crawl-delay: 10
diff --git a/install/debian/13/templates/web/suspend/.htaccess b/install/debian/13/templates/web/suspend/.htaccess
new file mode 100644
index 00000000..5a6df83f
--- /dev/null
+++ b/install/debian/13/templates/web/suspend/.htaccess
@@ -0,0 +1,2 @@
+ErrorDocument 403 /index.html
+ErrorDocument 404 /index.html
diff --git a/install/debian/13/templates/web/suspend/index.html b/install/debian/13/templates/web/suspend/index.html
new file mode 100644
index 00000000..3815354d
--- /dev/null
+++ b/install/debian/13/templates/web/suspend/index.html
@@ -0,0 +1,25 @@
+
+
+    Website Suspended
+    
+    
+    
+
+
+    Temporary under construction
+    This website is temporary under construction.
+    
+        We will back again soon.
+    
+
+
diff --git a/install/debian/13/templates/web/webalizer/webalizer.tpl b/install/debian/13/templates/web/webalizer/webalizer.tpl
new file mode 100644
index 00000000..068adcfb
--- /dev/null
+++ b/install/debian/13/templates/web/webalizer/webalizer.tpl
@@ -0,0 +1,110 @@
+HostName         %domain_idn%
+LogFile          /var/log/%web_system%/domains/%domain%.log
+OutputDir        %home%/%user%/web/%domain%/stats
+HistoryName      %home%/%user%/web/%domain%/stats/%domain%.hist
+Incremental      yes
+IncrementalName  %home%/%user%/web/%domain%/stats/%domain%.current
+PageType         htm*
+PageType         cgi
+PageType         php
+PageType         shtml
+DNSCache         /var/lib/webalizer/dns_cache.db
+DNSChildren      10
+Quiet            yes
+FoldSeqErr       yes
+IndexAlias       index.php
+HideURL          *.gif
+HideURL          *.GIF
+HideURL          *.jpg
+HideURL          *.JPG
+HideURL          *.png
+HideURL          *.PNG
+HideURL          *.ra
+SearchEngine     abcsearch.          terms=
+SearchEngine     alexa.              q=
+SearchEngine     alltheweb.          q=
+SearchEngine     alltheweb.          query=
+SearchEngine     alot.               q=
+SearchEngine     altavista.          q=
+SearchEngine     aolsearch.          query=
+SearchEngine     aport.ru            r=
+SearchEngine     ask.                q=
+SearchEngine     atlas.cz            q=
+SearchEngine     bbc.                q=
+SearchEngine     bing.               q=
+SearchEngine     blingo.             q=
+SearchEngine     blogs.yandex.ru     text=
+SearchEngine     btopenworld         query=
+SearchEngine     buscador.ya.com     q=
+SearchEngine     busca.              q=
+SearchEngine     business.           query=
+SearchEngine     centrum.cz          q=
+SearchEngine     chiff.              q=
+SearchEngine     clusty.             query=
+SearchEngine     comcast.            q=
+SearchEngine     crawler.            q=
+SearchEngine     cuil.               q=
+SearchEngine     dmoz.               search=
+SearchEngine     dogpile.com         q=
+SearchEngine     dpxml               qkw=
+SearchEngine     eureka.             searchword=
+SearchEngine     euroseek.           string=
+SearchEngine     exalead.            q=
+SearchEngine     excite              search=
+SearchEngine     ezilon.             q=
+SearchEngine     fastbrowsersearch.  q=
+SearchEngine     feedster.com        q=
+SearchEngine     fireball.de         q=
+SearchEngine     fireball.           keyword=
+SearchEngine     freeserve.          q=
+SearchEngine     gigablast.          q=
+SearchEngine     gogo.ru             q=
+SearchEngine     go.mail.ru          q=
+SearchEngine     google.             q=
+SearchEngine     hakia.              q=
+SearchEngine     hotbot.             query=
+SearchEngine     infoseek.           qt=
+SearchEngine     iwon                searchfor=
+SearchEngine     ixquick.com         query=
+SearchEngine     joeant.             keywords=
+SearchEngine     jyxo.cz             s=
+SearchEngine     looksmart.          key=
+SearchEngine     lycos.              query=
+SearchEngine     mamma.              q=
+SearchEngine     metacrawler         q=
+SearchEngine     msn.                MT=
+SearchEngine     msxml               qkw=
+SearchEngine     mysearch.           searchfor=
+SearchEngine     mywebsearch.        searchfor=
+SearchEngine     netscape.           q=
+SearchEngine     nigma.ru            q=
+SearchEngine     northernlight.      qr=
+SearchEngine     ntlworld.           q=
+SearchEngine     orange.             q=
+SearchEngine     overture.           Keywords=
+SearchEngine     punto.ru            text=
+SearchEngine     rambler.            keyword=
+SearchEngine     search.aol.         q=
+SearchEngine     search.babylon.     q=
+SearchEngine     search.centrum.     phrase=
+SearchEngine     search.conduit.     q=
+SearchEngine     search.earthlink    q=
+SearchEngine     search.icq.         q=
+SearchEngine     search.live.com     q=
+SearchEngine     search.rambler.ru   words=
+SearchEngine     search.winamp.      q=
+SearchEngine     searchy.            q=
+SearchEngine     seznam.cz           w=
+SearchEngine     snap.               query=
+SearchEngine     teoma.              q=
+SearchEngine     teradex.com         q=
+SearchEngine     ukplus              key=
+SearchEngine     verizon.            q=
+SearchEngine     virginmedia.        q=
+SearchEngine     voila.              rdata=
+SearchEngine     webcrawler          searchText=
+SearchEngine     web.search.naver.   query=
+SearchEngine     wisenut             q=
+SearchEngine     yahoo.              p=
+SearchEngine     yandex.             text=
+SearchEngine     yodao.              q=
diff --git a/install/debian/13/vsftpd/vsftpd.conf b/install/debian/13/vsftpd/vsftpd.conf
new file mode 100644
index 00000000..1ca1a992
--- /dev/null
+++ b/install/debian/13/vsftpd/vsftpd.conf
@@ -0,0 +1,26 @@
+anonymous_enable=NO
+local_enable=YES
+write_enable=YES
+local_umask=022
+anon_umask=022
+anon_upload_enable=NO
+dirmessage_enable=YES
+xferlog_enable=YES
+connect_from_port_20=YES
+xferlog_std_format=YES
+dual_log_enable=YES
+chroot_local_user=YES
+listen=YES
+pam_service_name=vsftpd
+userlist_enable=NO
+tcp_wrappers=YES
+force_dot_files=YES
+ascii_upload_enable=YES
+ascii_download_enable=YES
+#allow_writable_chroot=YES
+allow_writeable_chroot=YES
+seccomp_sandbox=NO
+pasv_enable=YES
+pasv_max_port=12100
+pasv_min_port=12000
+use_localtime=YES
diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 25364c90..98887225 100755
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -20,7 +20,19 @@ codename="$(cat /etc/os-release |grep VERSION= |cut -f 2 -d \(|cut -f 1 -d \))"
 vestacp="$VESTA/install/$VERSION/$release"
 ARCH="amd64"
 
-if [ "$release" -eq 12 ]; then
+if [ "$release" -eq 13 ]; then
+    software="nginx apache2 apache2-utils
+        libapache2-mod-fcgid php-fpm php
+        php-common php-cgi php-mysql php-curl php-fpm php-pgsql awstats
+        vsftpd proftpd-basic bind9 exim4 exim4-daemon-heavy
+        clamav-daemon spamassassin dovecot-imapd dovecot-pop3d roundcube-core
+        roundcube-mysql roundcube-plugins mariadb-server mariadb-common
+        mariadb-client postgresql postgresql-contrib phpmyadmin mc
+        flex whois git idn zip sudo bc ftp lsof ntpdate rrdtool quota
+        e2fslibs bsdutils e2fsprogs curl imagemagick fail2ban dnsutils
+        bsdmainutils cron vesta vesta-nginx vesta-php expect libmail-dkim-perl
+        unrar-free vim-common net-tools unzip iptables xxd spamd"
+elif [ "$release" -eq 12 ]; then
     software="nginx apache2 apache2-utils
         libapache2-mod-fcgid php-fpm php
         php-common php-cgi php-mysql php-curl php-fpm php-pgsql awstats
@@ -1083,6 +1095,22 @@ if [ "$release" -eq 12 ]; then
     ln  -s /usr/local/vesta/data/templates/web/nginx/php-fpm/default.stpl /usr/local/vesta/data/templates/web/nginx/php-fpm/PHP-FPM-82.stpl
     ln  -s /usr/local/vesta/data/templates/web/nginx/php-fpm/default.tpl /usr/local/vesta/data/templates/web/nginx/php-fpm/PHP-FPM-82.tpl
 fi
+if [ "$release" -eq 13 ]; then
+    echo "== Symlink missing templates"
+    ln -s /usr/local/vesta/data/templates/web/nginx/hosting.sh /usr/local/vesta/data/templates/web/nginx/default.sh
+    ln -s /usr/local/vesta/data/templates/web/nginx/hosting.tpl /usr/local/vesta/data/templates/web/nginx/default.tpl
+    ln -s /usr/local/vesta/data/templates/web/nginx/hosting.stpl /usr/local/vesta/data/templates/web/nginx/default.stpl
+
+    ln -s /usr/local/vesta/data/templates/web/apache2/PHP-FPM-84.sh /usr/local/vesta/data/templates/web/apache2/hosting.sh
+    ln -s /usr/local/vesta/data/templates/web/apache2/PHP-FPM-84.tpl /usr/local/vesta/data/templates/web/apache2/hosting.tpl
+    ln -s /usr/local/vesta/data/templates/web/apache2/PHP-FPM-84.stpl /usr/local/vesta/data/templates/web/apache2/hosting.stpl
+    ln -s /usr/local/vesta/data/templates/web/apache2/PHP-FPM-84.sh /usr/local/vesta/data/templates/web/apache2/default.sh
+    ln -s /usr/local/vesta/data/templates/web/apache2/PHP-FPM-84.tpl /usr/local/vesta/data/templates/web/apache2/default.tpl
+    ln -s /usr/local/vesta/data/templates/web/apache2/PHP-FPM-84.stpl /usr/local/vesta/data/templates/web/apache2/default.stpl
+    
+    ln  -s /usr/local/vesta/data/templates/web/nginx/php-fpm/default.stpl /usr/local/vesta/data/templates/web/nginx/php-fpm/PHP-FPM-84.stpl
+    ln  -s /usr/local/vesta/data/templates/web/nginx/php-fpm/default.tpl /usr/local/vesta/data/templates/web/nginx/php-fpm/PHP-FPM-84.tpl
+fi
 
 echo "== Set nameservers address"
 sed -i "s/YOURHOSTNAME1/ns1.$servername/" /usr/local/vesta/data/packages/default.pkg
@@ -1207,7 +1235,13 @@ fi
 
 if [ "$phpfpm" = 'yes' ]; then
     echo "=== Configure PHP-FPM"
-    if [ "$release" -eq 12 ]; then
+    if [ "$release" -eq 13 ]; then
+        cp -f $vestacp/php-fpm/www.conf /etc/php/8.4/fpm/pool.d/www.conf
+        #update-rc.d php8.4-fpm defaults
+        currentservice='php8.4-fpm'
+        ensure_startup $currentservice
+        ensure_start $currentservice
+    elif [ "$release" -eq 12 ]; then
         cp -f $vestacp/php-fpm/www.conf /etc/php/8.2/fpm/pool.d/www.conf
         #update-rc.d php8.2-fpm defaults
         currentservice='php8.2-fpm'
@@ -1885,6 +1919,20 @@ if [ "$release" -eq 12 ]; then
     /usr/local/vesta/bin/v-change-web-domain-proxy-tpl 'admin' "$servername" 'hosting-webmail-phpmyadmin' 'jpg,jpeg,gif,png,ico,svg,css,zip,tgz,gz,rar,bz2,doc,xls,exe,pdf,ppt,txt,odt,ods,odp,odf,tar,wav,bmp,rtf,js,mp3,avi,mpeg,flv,woff,woff2' 'yes'
   fi
 fi
+if [ "$release" -eq 13 ]; then
+  if [ -f "/etc/php/8.4/fpm/pool.d/$servername.conf" ]; then
+    echo "== FPM pool.d $servername tweaks"
+    sed -i "/^group =/c\group = www-data" /etc/php/8.4/fpm/pool.d/$servername.conf
+    sed -i "/max_execution_time/c\php_admin_value[max_execution_time] = 900" /etc/php/8.4/fpm/pool.d/$servername.conf
+    sed -i "/request_terminate_timeout/c\request_terminate_timeout = 900s" /etc/php/8.4/fpm/pool.d/$servername.conf
+    sed -i "s|80M|800M|g" /etc/php/8.4/fpm/pool.d/$servername.conf
+    sed -i "s|256M|512M|g" /etc/php/8.4/fpm/pool.d/$servername.conf
+    service php8.4-fpm restart
+    ln -s /var/lib/roundcube /var/lib/roundcube/webmail
+    /usr/local/vesta/bin/v-change-web-domain-proxy-tpl 'admin' "$servername" 'hosting-webmail-phpmyadmin' 'jpg,jpeg,gif,png,ico,svg,css,zip,tgz,gz,rar,bz2,doc,xls,exe,pdf,ppt,txt,odt,ods,odp,odf,tar,wav,bmp,rtf,js,mp3,avi,mpeg,flv,woff,woff2' 'yes'
+  fi
+fi
+
 
 echo "== Adding cron jobs"
 command="sudo $VESTA/bin/v-update-sys-queue disk"
@@ -1953,6 +2001,9 @@ fi
 if [ "$release" -eq 12 ]; then
   apt-get -y install php8.2-apcu php8.2-mbstring php8.2-bcmath php8.2-curl php8.2-gd php8.2-intl php8.2-mysql php8.2-mysqlnd php8.2-pdo php8.2-soap php8.2-xml php8.2-zip php8.2-memcache php8.2-memcached php8.2-zip php8.2-imagick php8.2-imap
 fi
+if [ "$release" -eq 13 ]; then
+  apt-get -y install php8.4-apcu php8.4-mbstring php8.4-bcmath php8.4-curl php8.4-gd php8.4-intl php8.4-mysql php8.4-mysqlnd php8.4-pdo php8.4-soap php8.4-xml php8.4-zip php8.4-memcache php8.4-memcached php8.4-zip php8.4-imagick php8.4-imap
+fi
 
 touch /var/log/php-mail.log
 chmod a=rw /var/log/php-mail.log
@@ -2008,6 +2059,13 @@ if [ "$release" -eq 12 ]; then
   service php8.2-fpm restart
 fi
 
+if [ "$release" -eq 13 ]; then
+  echo "=== Patching php8.4"
+  patch /etc/php/8.4/fpm/php.ini < /usr/local/vesta/src/deb/for-download/tools/patches/php8.2.patch
+  update-alternatives --set php /usr/bin/php8.4
+  service php8.4-fpm restart
+fi
+
 # echo "=== Patching rcube_vcard.php"
 # wget -nv https://c.myvestacp.com/tools/patches/rcube_vcard.patch -O /root/rcube_vcard.patch
 # patch /usr/share/roundcube/program/lib/Roundcube/rcube_vcard.php < /root/rcube_vcard.patch

From 177988a6cfcc4686c1662c83db9b04b6d07e29af Mon Sep 17 00:00:00 2001
From: Peca 
Date: Thu, 21 Aug 2025 19:14:02 +0200
Subject: [PATCH 2300/2300] vst-install-debian.sh: replace ntpdate with
 ntpsec-ntpdate in Debian 13 section, and allow rsyslog setup only for Debian
 12

---
 install/vst-install-debian.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh
index 98887225..0d181ec0 100755
--- a/install/vst-install-debian.sh
+++ b/install/vst-install-debian.sh
@@ -28,7 +28,7 @@ if [ "$release" -eq 13 ]; then
         clamav-daemon spamassassin dovecot-imapd dovecot-pop3d roundcube-core
         roundcube-mysql roundcube-plugins mariadb-server mariadb-common
         mariadb-client postgresql postgresql-contrib phpmyadmin mc
-        flex whois git idn zip sudo bc ftp lsof ntpdate rrdtool quota
+        flex whois git idn zip sudo bc ftp lsof ntpsec-ntpdate rrdtool quota
         e2fslibs bsdutils e2fsprogs curl imagemagick fail2ban dnsutils
         bsdmainutils cron vesta vesta-nginx vesta-php expect libmail-dkim-perl
         unrar-free vim-common net-tools unzip iptables xxd spamd"
@@ -866,7 +866,7 @@ fi
 echo "=== Enabling daemon autostart"
 rm -f /usr/sbin/policy-rc.d
 
-if [ "$release" -gt 11 ]; then
+if [ "$release" -eq 12 ]; then
     echo "=== Setting up rsyslog"
     currentservice='rsyslog'
     ensure_startup $currentservice